ITEM 1. BUSINESS
The Company: A heritage of innovation
Founded in 1984, the Company is a leading provider of intelligent security software and services to enterprises, governments and leading OEMs around the world. Its products secure 17 of the G20 governments and enable more than 235 million vehicles. Based in Waterloo, Ontario, the Company has two core divisions, each addressing large and growing market opportunities.
Its Cybersecurity division is a pioneer in the use of artificial intelligence (“AI”) and machine learning to deliver innovative solutions in the areas of cybersecurity and data privacy. It is a leader in endpoint security, endpoint management, secure communications and critical event management.
The Company’s IoT division is a leader in embedded software where the Company believes it is the world’s leading automotive foundational software supplier. Its customers include leading automotive OEMs and Tier 1 suppliers that use its products in vehicles, as well as top medical OEMs. The Company’s solutions are implemented into all the top 10 automotive OEMs, top 7 Tier 1 suppliers, 24 of the 25 top EV OEMs, and 9 of the 10 top medical OEMs.
The Company was incorporated under the Business Corporations Act (Ontario) (“OBCA”) and has amalgamated with several of its wholly-owned subsidiaries, the last occurring through the filing of articles of amalgamation under the OBCA on November 4, 2013. The Company’s common shares trade under the ticker symbol “BB” on the New York Stock Exchange (“NYSE”) and the Toronto Stock Exchange (“TSX”).
Intercorporate Relationships
The Company has four material subsidiaries, all of which are wholly-owned, directly or indirectly, by the Company in each case as at February 29, 2024.
| | | | | | | | |
| Name of Subsidiary | | Jurisdiction of Incorporation or Organization |
| BlackBerry Corporation | | Delaware, U.S.A. |
| BlackBerry UK Limited | | England and Wales |
| Cylance Inc. | | Delaware, U.S.A. |
| Secusmart GmbH | | Duesseldorf, Germany |
| | |
| | |
Industry Background: Large and growing market opportunities
Cybersecurity
As the digital transformation of enterprises continues to advance, workforces are becoming more decentralized, mobile and remote, and data and applications are increasingly migrating to the cloud. As part of this trend, the number of connected endpoints is growing rapidly, as is their complexity and the volume of sensitive data that they process and store. These endpoints, which include smartphones, laptops, desktops, servers, vehicles, industrial equipment and other connected devices in the Internet of Things (“IoT”), increasingly operate beyond the traditional network security perimeter and present an expanding attack surface to cyber adversaries.
At the same time, the threat environment for enterprises and manufacturers has become increasingly hostile as the number of adversaries grows and the scale and sophistication of their attacks, increasingly focused on the endpoint, continue to develop. Today’s malicious actors are often well-trained and well-funded criminal organizations, state-sponsored agents and international hacking collectives with the capability of employing advanced techniques to penetrate endpoints and encrypt, destroy or exfiltrate data. These groups have been responsible for highly publicized breaches that have exposed personal information and intellectual property, disrupted operations and infrastructure, extracted ransoms and caused significant reputational damage to organizations across a broad range of industries.
Against this backdrop, regulators are enacting new measures to ensure that enterprises are held accountable for their management of cybersecurity risk. In particular, changes to data privacy laws in the United States, Europe and other jurisdictions are compounding the challenges faced by organizations by increasing their responsibilities for securing their data as well as that of their customers. At the same time, a shortage of talented cybersecurity professionals means that existing security operations teams struggle to contend with the velocity of cyberattacks and the complexity and demands of many available solutions.
This landscape of growing vulnerability and accountability has created opportunities for secure communications platforms, endpoint cybersecurity and management solutions, embedded systems, enterprise applications, analytic tools and related services that help enterprises to secure their connected endpoints, enhance functional safety, maintain data privacy and demonstrate compliance with applicable regulations.
IoT
The world is rapidly moving to one where everyone and everything can be intelligently connected at the edge. This evolution is being enabled by the proliferation of IoT devices, increasing device sophistication and compute power, and powerful software that can bring these devices to life. Industries of all types, from automotive and manufacturing to healthcare and robotics, are experiencing the profound impact of this evolution, as intelligent edge devices deliver unprecedented capabilities by making immediate, context-aware decisions locally. The Company believes the benefits of the intelligent edge are real and immense, promising enhanced security, reduced latency, and rigorous efficiency, and position the intelligent edge as a technological pillar that it expects will shape the digital landscape of the future.
This rapid evolution can be attributed to increasing connectivity, decreasing sensor and hardware component costs, and continuous innovation that leverages edge data. The associated surge in data generation and computing power at the edge is creating new ways for businesses to provide impactful applications that rely on real-time data processing and insights. As a result, software-defined IoT devices are improving safety, security, and reliability by allowing for dynamic updates, which enables greater flexibility to scale and adapt to evolving customer demands or industry requirements.
While all industries are experiencing the shift toward the intelligent edge, the Company believes these trends are most prevalent in the automotive industry, as evidenced by the growth and complexity of software-defined vehicles (“SDVs”). Powered by continual advancements in IoT hardware such as the move from microcontrollers to microprocessors, modern vehicles increasingly operate on highly sophisticated and interconnected software stacks and the data produced by vehicles is proliferating at a rapid rate. The entire automotive value chain, from OEMs to Tier 1 suppliers, will need foundational software to capture, synthesize, analyze and monetize this massive volume of real-time data to develop innovative solutions that deliver safer, more efficient and more fulfilling driving experiences. These trends are not just present in automotive, but are also being seen in industrial automation, healthcare and robotics. The Company further believes that increased and evolving regulatory requirements as well as consumer expectations will create further demand for high-performance SDVs and other IoT devices.
With increasing compute capabilities and system complexity, there is an imperative for high-performance foundational software that maintains the highest level of functional safety and security of systems at the edge.
Products and Services: Addressing market needs and opportunities
The Company has a rich pedigree in innovation and has developed a range of products and services that assist customers in addressing their needs as their industries evolve, which are structured in three groups: Cybersecurity, IoT (collectively with Cybersecurity, “Software & Services”) and Licensing and Other.
Cybersecurity
The Cybersecurity business consists of Cylance® cybersecurity and BlackBerry unified endpoint management (“UEM”) solutions, collectively known as BlackBerry Spark, SecuSUITE® and BlackBerry® AtHoc®.
BlackBerry’s Cylance cybersecurity solutions include: CylanceENDPOINT™, an integrated endpoint security solution that leverages the Cylance AI model and OneAlert EDR console, to prevent, detect and remediate cyber threats at the endpoint, including on mobile; CylanceGUARD®, a managed detection and response solution that provides 24/7 threat hunting and monitoring, as well as integrated critical event management communications during a cyber incident; CylanceEDGE™, an AI-powered continuous authentication zero trust network access solution that provides secure access to applications and data loss prevention; and CylanceINTELLIGENCE™, a contextual cyber threat intelligence service. The Company also offers incident response, compromise assessment and containment services to assist clients with forensic analysis, state of existing systems and remediation of attacks. These solutions are designed to provide a continuous state of resilience for the Company’s customers and support the outcomes they require by: (i) complementing, extending, or fully managing security capabilities with the Company’s experts and extended technology ecosystem, (ii) enabling the workforce in a way that is fast, easy and satisfying, while providing security visibility, controls and peace of mind; and (iii) reducing complexity and overhead costs associated with security operations.
The Company’s UEM offerings include BlackBerry® UEM, BlackBerry® Dynamics™, BlackBerry® Workspaces, and BlackBerry Messenger (BBM®) Enterprise. BlackBerry UEM employs a containerized approach to manage and secure devices, third party and custom applications, identity, content and endpoints across all leading operating systems, as well as providing regulatory compliance tools. BlackBerry Dynamics offers a best-in-class development platform and secure container for mobile applications, including the Company’s own enterprise applications such as BlackBerry® Work and BlackBerry® Connect for
secure collaboration. BlackBerry Workspaces is a secure Enterprise File Sync and Share (EFSS) solution. BBM Enterprise is an enterprise-grade secure instant messaging solution for messaging, voice and video.
BlackBerry SecuSUITE is a certified, multi-OS voice and text messaging solution with advanced encryption, anti-eavesdropping and continuous authentication capabilities, providing a maximum level of security on conventional mobile devices for government and businesses.
BlackBerry AtHoc is a secure, networked critical event management solution that enables people, devices and organizations to exchange critical information in real time during business continuity and life safety operations. The platform securely connects with a diverse set of endpoints to distribute emergency mass notifications, improve personnel accountability and facilitate the bidirectional collection and sharing of data within and between organizations.
IoT
The IoT business consists of BlackBerry Technology Solutions (“BTS”), BlackBerry Radar® and BlackBerry IVY®.
The principal component of BTS is BlackBerry QNX, a global provider of real-time operating systems, hypervisors, middleware, development tools, and professional services for connected embedded systems in the automotive, medical, industrial automation and other markets. A recognized leader in automotive software, BlackBerry QNX offers a growing portfolio of safety-certified, secure and reliable platform solutions and is focused on achieving design wins with automotive OEMs, Tier 1 vendors and automotive semiconductor suppliers. These solutions include the BlackBerry QNX real-time operating system, QNX® Hypervisor for Safety and QNX® Software Development Platform (SDP), as well as other products designed to alleviate the challenges of compliance with ISO 26262, the automotive industry’s functional safety standard. The QNX pre-certified microkernel operating system is specifically tailored for safety-critical embedded systems and toolchains that are pre-qualified for building these systems. The QNX Hypervisor for Safety prevents safety systems from potential impact of malfunction in other systems. These products help drive a faster time to market and also reduce developer friction.
BlackBerry QNX is also a preferred supplier of embedded systems for companies building medical devices, train-control systems, industrial robots, hardware security modules, building automation systems, green energy solutions, and other mission-critical applications.
The Company believes its close collaboration with customers has provided it with significant industry expertise, enabling it to understand specific customer requirements and more quickly and effectively develop high impact solutions to meet the evolving needs of its customers.
In addition to BlackBerry QNX, BTS includes BlackBerry® Certicom® cryptography and key management products.
BlackBerry Certicom leverages patented elliptic curve cryptography to provide device security, anti-counterfeiting and product authentication solutions. BlackBerry Certicom’s offerings include its managed public key infrastructure (“PKI”) platform, key management and provisioning technology that helps customers to protect the integrity of their silicon chips and devices from the point of manufacturing through the device life cycle. BlackBerry Certicom’s secure key provisioning, code signing and security credential management system services protect next-generation connected cars, critical infrastructure and IoT deployments from product counterfeiting, re-manufacturing and unauthorized network access.
BlackBerry Radar is a family of asset monitoring and telematics solutions for the transportation and logistics industry. The BlackBerry Radar solution includes devices and secure cloud-based dashboards for tracking containers, trailers, chassis, flatbeds and heavy machinery, for reporting locations and sensor data, and for enabling custom alerts and fleet management analytics.
The Company has partnered with Amazon Web Services, Inc. (“AWS”) to develop and market BlackBerry IVY, an intelligent vehicle data platform leveraging BlackBerry QNX’s automotive capabilities. BlackBerry IVY allows automakers to safely access a vehicle’s sensor data, normalize it, and apply machine learning at the edge to generate and share predictive insights and inferences. Automakers and developers will be able to use this information to create responsive in-vehicle applications and services that enhance driver and passenger experiences. BlackBerry IVY supports multiple operating systems and hardware platforms, as well as multi-cloud deployments, in order to ensure compatibility across vehicle models and brands. The Company announced the first design win for BlackBerry IVY in January 2023 and released the platform for general availability in May 2023.
The BlackBerry Cybersecurity and IoT groups are complemented by the enterprise and cybersecurity consulting services offered by the Company’s BlackBerry® Professional Services business. BlackBerry Professional Services provides platform-agnostic strategies to address mobility-based challenges, providing expert deployment support, end-to-end delivery (from system design to user training), application consulting, and experienced project management. The Company’s cybersecurity consulting services and tools, combined with its other security solutions, help customers identify the latest cybersecurity threats, test for vulnerabilities, develop risk-appropriate mitigations, maintain IT security standards and techniques, and defend against the risk of future attacks.
Licensing and Other
Licensing and Other consists primarily of the Company’s patent licensing business and legacy service access fees (“SAF”).
The Company’s Licensing business is responsible for the management and monetization of the Company’s global patent portfolio. The patent portfolio continues to provide a competitive advantage in the Company’s core product areas as well as providing leverage in the development of future technologies and licensing programs in both core and adjacent vertical markets. The Company owns rights to an array of patented and patent pending technologies which include, but are not limited to, operating systems, networking infrastructure, acoustics, messaging, enterprise software, automotive subsystems, cybersecurity, cryptography and wireless communications. As of February 29, 2024, the Company owned approximately 6,200 worldwide patents and applications.
In May 2023, the Company completed the sale of a portfolio of non-core patent assets to Malikie Innovations Limited for $170 million in cash on closing, an additional $30 million in cash by no later than the third anniversary of closing and potential future royalties in the aggregate amount of up to $700 million (the “Malikie Transaction”).
The Company’s Other business generated revenue from SAF charged to subscribers using the Company’s legacy BlackBerry 7 and prior BlackBerry operating systems, for which support and maintenance ceased as of January 4, 2022.
Go to Market
The Company primarily generates revenue from the licensing of enterprise software and sales of associated services, including its endpoint management and cybersecurity solutions, BlackBerry QNX software for the embedded market, technology licensing and professional consulting services. The Company focuses on strategic industries with vertical-specific use cases, including regulated enterprise markets such as financial services, government, healthcare, professional services and transportation, and other markets where embedded software and critical infrastructure are important, such as utilities, mining and manufacturing.
Cybersecurity
The Company licenses its Cybersecurity products, including complementary third-party applications, through a geographically-dispersed direct sales force, value-added resellers, managed security service providers and alliance partners. The Company continues to build its global partner programs to bolster its direct sales and marketing efforts.
IoT
The Company licenses BlackBerry QNX and BlackBerry Certicom technology and provides professional engineering services to OEM customers in the automotive, mobile and other embedded software markets via a direct sales force and indirectly through channel partnerships. The licenses are primarily monetized as royalties on units shipped and through project development seats, tools and maintenance fees.
The Company markets and sells its BlackBerry Radar secure asset monitoring products and services to enterprise users through its internal sales force as well as through third party distribution channels.
Seasonality
The Company experiences seasonal patterns in its revenue, primarily due to Cybersecurity customers placing a higher percentage of renewal orders in the second half of the fiscal year as compared to the first half of the fiscal year. This gives rise, in turn, to similar seasonality in the Company’s operating margin and operating cash flow, the latter of which is also impacted by variable incentive plan payments in the first half of the fiscal year.
Competition and Competitive Strengths
The Company is engaged in markets that are highly competitive and rapidly evolving. Frequent new product introductions and changes to endpoints, operating systems, applications, security threats, industry standards and the overall technology landscape result in continuously evolving customer requirements for mobile solutions. The Company competes with a broad range of vendors in each of its businesses.
Key competitive factors important to the Company across its businesses include product features (including security features), relative price and performance, product quality and reliability, compatibility across ecosystems, service and support, and corporate reputation. The Company believes that it delivers the broadest set of security capabilities and visibility in the market, covering users, devices, networks, apps and data.
Cybersecurity
The Company’s Cybersecurity portfolio includes comprehensive security controls for any connected IoT environment, across all endpoints. The portfolio is differentiated through its use of a zero-trust architecture that uniquely combines intelligent
security with a user experience that requires little to no support from end users or IT administrators, simplifying management and reducing costs.
The Cylance cybersecurity solutions leverage Cylance AI, machine learning and automation to provide improved cyber threat prevention and remediation, and can help users to understand risks, make contextual decisions and dynamically apply policy controls with no user interruption, mitigating risks before they materialize. The Company trains its AI model against data lakes containing billions of files so that it learns to autonomously convict, or not convict, files prior to their execution. Unlike traditional signature-based cybersecurity technology, this prevention-oriented approach is able to protect enterprises from malicious zero-day payloads before they are deployed, and even when protected endpoints are offline. Additionally, detection and response decisions are pushed down to the endpoint, minimizing response latency so that a minor security event can be addressed before it becomes a widespread incident. CylanceENDPOINT’s Endpoint Protection Platform (EPP) has earned Federal Risk and Authorization Management Program (“FedRAMP”) authorization. The Company’s Cylance cybersecurity technology competes with various types of providers, including: traditional signature-based antivirus vendors and identity management; vendors whose business focuses almost solely on EPP; EDR vendors, which primarily focus on continuous monitoring and human response to advanced security threats; companies that provide endpoint systems management; and large network security providers, which have entered the market primarily through acquisition.
BlackBerry UEM endpoint management includes leading unified endpoint management, secure business productivity, application containerization, secure collaboration and digital rights management capabilities. BlackBerry UEM has earned National Information Assurance Partnership (“NIAP”) certification and is an approved mobile device management solution on the U.S. Department of Defense Information Network’s Approved Product List. With the BlackBerry UEM Suite, the Company competes with other MDM and UEM providers.
The Company’s Cybersecurity portfolio is also differentiated by the inclusion of a sophisticated network operations center in its infrastructure. The Company pioneered the use of this architecture to route messages reliably and efficiently to and from mobile devices, and over time has expanded capabilities to enable end-to-end secure communications between endpoints and applications and enterprise networks.
BlackBerry SecuSUITE technology has been certified to be compliant with the Common Criteria protection profile for VoIP applications and SIP servers. It has also earned NIAP certification and NATO Communications and Information Agency security accreditation, and has been placed on the National Security Agency’s Commercial Solutions for Classified Program component list of products certified for use on classified systems.
The BlackBerry AtHoc platform is both mobile and scalable, integrating with legacy systems and supporting on-premise and cloud-based deployments. With available incident management and encrypted end-to-end instant messaging capabilities, the platform offers a suite of secure crisis communication services to meet the growing number of use cases for emergency or mass notifications. BlackBerry AtHoc has received FedRAMP certification and is the leading provider of network-centric, interactive crisis communication to the U.S. Department of Defense and the U.S. Department of Homeland Security, among other governmental bodies. BlackBerry AtHoc helps to protect more than 75% of U.S. government personnel.
IoT
BlackBerry QNX is recognized for attaining the highest levels of security certifications and approvals for many of its embedded products and is the leader in safety-certified, secure and reliable software for the automotive industry. BlackBerry QNX is a trusted supplier of operating systems, hypervisors, development tools and support to automotive OEMs and Tier 1 vendors and to the general embedded market.
The Company recently announced a number of new products that it believes will enable it to maintain its strong market position and open up new potential revenue streams.
The QNX Software Development Platform (SDP) 8.0 is a new, high performance, highly scalable real time operating system. The fifth-generation kernel architecture builds on decades of development and a field-proven safe and secure platform, while maintaining its POSIX API to provide an instantly productive environment for both QNX and Linux® developers. QNX SDP 8.0 adds support for ARM v9 and GCC 12 and delivers near-linear performance scaling with CPU core counts, enabling developers to fully realize the power and opportunities of increasingly advanced processors for generations to come.
The QNX Accelerate portfolio of cloud-based tools, including the QNX RTOS and Hypervisor, enables developers to develop mission-critical embedded systems and applications from anywhere worldwide, accelerating development cycles and reducing time to market for new, innovative solutions. The QNX Accelerate portfolio offers little to no difference between running in the cloud versus on real hardware.
QNX® Sound is an innovative development platform that decouples audio and acoustics software from the vehicle hardware to give audio designers and engineers complete creative freedom to deliver new and exciting in-vehicle sound experiences.
The BlackBerry QNX automotive business competes principally with other providers of embedded foundational software, including Linux open-source operating systems. See Part 1, Item 1A “Risk Factors - The Company faces intense competition”.
Product Design, Engineering and Research and Development
The Company’s research and development (“R&D”) strategy seeks to drive innovation to continuously enhance the Company’s product portfolio and introduce exciting solutions to the market.
The Company dedicates a major portion of its R&D investments to the development of software products and services for its Cybersecurity and IoT solutions. Solutions include leading security capabilities at each level of the platform in order to address the needs of enterprise IT departments and end users for securing devices, applications, content and work data at rest and in transit.
The Company makes significant investments to support its cybersecurity solutions and is committed to hiring and retaining top data scientists and engineers in the areas of artificial intelligence and machine learning. R&D investments at BlackBerry QNX are increasingly focused on software innovations for autonomous and connected vehicles.
The Company’s investment in longer term research is, in part, supported by taking advantage of specific government financial assistance programs where available. For additional information, see Note 10 to the Consolidated Financial Statements.
Third Party Software Developers
The Company offers the BlackBerry Development Platform, an enterprise-grade toolset which enables application developers and ISVs to build secure, powerful and customized solutions for almost every use case and to commercialize them on the BlackBerry® Marketplace for Enterprise Software, which contains over 130 enterprise applications and solutions. The platform includes the BlackBerry Dynamics software development kit (“SDK”), which allows developers to integrate BlackBerry security into their enterprise applications, resulting in a managed application where corporate data is protected. The platform also includes SDKs for BlackBerry UEM, BlackBerry Workspaces, BlackBerry AtHoc and other products.
To support Cylance Cybersecurity products, the Company offers the BlackBerry Endpoint ISV Technology Integration program featuring an application programming interface (“API”) development platform that enables developers and ISVs to develop robust extensible security integrations, creating results-based offerings for targeted use cases. Completed integrations are shared with the user community and promoted to market partners and AWS Marketplace opportunities.
In addition, the Company maintains the BlackBerry AtHoc Development Partner Program, which invites partners to integrate with the BlackBerry AtHoc service and allows them to create alerts based on more event types or to leverage alerting capabilities based on critical events from within other systems.
The primary development platform for BlackBerry QNX-based systems is the QNX Software Development Platform, which includes the QNX Neutrino real-time operating system and the QNX Momentics® Tool Suite. The QNX SDP is complemented by QNX Hypervisor, QNX® OS for Safety, QNX® Hypervisor for Safety, QNX Sound and other QNX products.
Expanding the Company’s automotive product portfolio, the BlackBerry IVY platform includes an in-vehicle runtime for cost-efficient data processing and a set of SDKs which enables developers to process vehicle signals and generate meaningful insights that are used to unlock new use cases on both BlackBerry QNX and Linux-based vehicle platforms.
Intellectual Property
The protection of intellectual property is an important part of the Company’s operations. The policy of the Company is to apply for patents and to acquire or seek other appropriate proprietary or statutory protection when it develops valuable new or improved technology. The Company believes that the rapid pace of technological change in the industries in which the Company operates makes patent and trade secret protection important, and that this protection must be supported by other means including the ability to attract and retain qualified personnel, new product introductions and frequent product enhancements.
The Company believes that its patent portfolio continues to provide a competitive advantage in its core product areas as well as provide leverage in the development of future technologies. The Company does not believe that it is dependent upon a single patent or even a few patents and instead primarily depends upon its extensive know-how, innovative culture, and technical leadership.
The Company protects its technology through a combination of patents, designs, copyrights, trade secrets, confidentiality procedures and contractual arrangements. The Company seeks to patent key concepts, components, protocols, processes and other inventions that it considers to have commercial value or that will likely give the Company a technological advantage. Although the Company applies for patent protection primarily in Canada, Europe and the United States, the Company has filed, and will continue to file, patent applications in other countries where there exists a strategic technological or business reason to do so. To broadly protect the Company’s inventions, the Company has a team of in-house patent attorneys and also consults
with outside patent attorneys who interact with employees, review invention disclosures and prepare patent applications on a broad array of core technologies and competencies. As a result, the Company owns rights to an array of patented and patent pending technologies which include, but are not limited to, cybersecurity, cryptography, machine learning, artificial intelligence, operating systems, acoustics, messaging, enterprise software, automotive subsystems, networking infrastructure and wireless communications. As of February 29, 2024, the Company owned approximately 6,200 worldwide patents and applications. The Company does not expect that the sale of its portfolio of primarily legacy patents under the Malikie Transaction negatively impacted its strategy of protecting its new innovations through patent filings.
It is the Company’s general practice to enter into confidentiality and non-disclosure agreements with its employees, consultants, contract manufacturers, customers, potential customers and others to attempt to limit access to, and distribution of, its proprietary information. In addition, the Company generally enters into agreements with employees that include an assignment to the Company of all intellectual property developed in the course of employment.
The Company does not rely primarily on patents or other intellectual property rights to protect or establish its market position; however, it is prepared to enforce its intellectual property rights in certain technologies when attempts to negotiate mutually agreeable licenses are not successful. The Company also enters into inbound licensing agreements related to technology and intellectual property rights, including agreements to obtain rights that may be necessary to produce and sell products.
Environmental, Social and Governance
The Company observes the highest ethical standards in its operations and has adopted policies and practices that require the same of its business partners. The Company’s business is based on trust, and the Company maintains its position as a global leader in data security and privacy by developing new technologies, complying with established and evolving regulatory frameworks, acting with integrity and adhering to responsible business practices. See also “Ethical Business Conduct and Code of Business Standards and Principles” in this Annual Report on Form 10-K.
The Company is committed to operating in a sustainable way that respects the environment, the Company’s employees and business partners, and the communities in which the Company operates around the world. To honor this commitment, the Company maintains a variety of programs to identify, execute and maintain sustainable initiatives and to reduce its direct and indirect environmental impact. In fiscal 2022, these programs enabled the Company to achieve carbon neutrality across its Scope 1, Scope 2 and calculated Scope 3 greenhouse gas emissions and the Company maintained its carbon neutral status as at the end of fiscal 2024.
In its procurement activities, the Company engages with its suppliers to conduct due diligence into the source of the so-called “conflict minerals” (which currently include the minerals from which gold, tantalum, tin, and tungsten are derived) that are necessary to the functionality or production of the Company’s hardware products, principally for the BlackBerry Radar business. The Company also seeks to make a positive impact in the communities in which it operates by investing in strategic charitable partnerships, supporting charitable endeavours by employees, and building community relationships through local offices.
The Company has formalized a number of policies to reflect its commitment to responsible business practices, including a Privacy Policy, Supplier Code of Conduct, Human Rights Policy, Supplier Diversity Policy, Health and Safety Policy and Environment and Sustainability Policy, and periodically issues an ESG report. Through the report, the Company provides visibility on its environmental, social and governance initiatives such as mitigating its corporate carbon footprint and reducing greenhouse gas emissions, improving water sanitation and fostering diversity. These documents and policies relating to the Company’s corporate responsibility initiatives can be viewed on the Company’s website at https://www.blackberry.com/us/en/company/corporate-responsibility and are not incorporated by reference in this Annual Report on Form 10-K.
Foreign and domestic laws and regulations apply to many aspects of the Company’s business.
The Company collects and uses a wide variety of information for various purposes in its business, including to help ensure the integrity of its services and to provide features and functionality to customers. This aspect of the Company’s business is subject to a broad array of evolving privacy and data protection laws, including the European Union’s General Data Protection Regulation, the proposed Canadian Consumer Privacy Protection Act, regional privacy frameworks such as the Asia-Pacific Economic Cooperation Privacy Framework, and national and state laws within the United States, including the California Privacy Rights Act. These laws impose strict operational requirements and can provide for significant penalties for non-compliance. Elements of these evolving laws and regulations, as well as their interpretation and enforcement, remain unclear and the Company may be required to modify its practices to comply with them in the future.
The Company is also subject to numerous international trade laws and regulations, including, without limitation, tariffs, trade sanctions, export controls and technology transfer restrictions, as well as anti-corruption legislation such as the U.S. Foreign Corrupt Practices Act and Canada’s Corruption of Foreign Public Officials Act.
Additionally, the Company is subject to domestic and international laws relating to environmental protection and the proliferation of hazardous substances. In parts of Europe, North America, Latin America and the Asia-Pacific region, the Company is obligated to comply with substance restrictions, packaging regulations, energy efficiency ratings and certain product take-back and recycling requirements, principally for the BlackBerry Radar business. The U.S. Dodd-Frank Wall Street Reform and Consumer Protection Act also requires the Company to comply with certain due diligence and disclosure obligations with respect to the use of conflict minerals. Furthermore, the Company may be subject to a variety of local laws unknown to the Company in foreign jurisdictions where customers are located.
Any actual or perceived failure to comply with these requirements may result in, among other things, revocation of required licenses or registrations, loss of approved status, private litigation, regulatory or governmental investigations, administrative enforcement actions, sanctions, civil and criminal liability, and constraints on the Company’s operations. It is also possible that current or future laws or regulations could be interpreted or applied in a manner that would prohibit, alter, or impair the Company’s existing or planned products and services, or that could require the Company to undertake costly, time-consuming or otherwise burdensome compliance measures.
Information about our Executive Officers
The Company made two executive officer appointments during fiscal 2024, naming John Giamatteo as Chief Executive Officer and President, Cybersecurity and Jennifer Armstrong-Owen as Senior Vice President and Chief People Officer.
The following table sets forth the name, province or state, and country of residence of each executive officer of the Company and their respective positions and offices held with the Company and their principal occupations during the last five years.
| | | | | | | | | | | | | | |
| Name and Residence | | Current Position with Company | | Principal Occupation During the Last Five Years (other than Current Position with Company) |
| | | | |
| | | | |
Jennifer Armstrong-Owen
Washington, USA
| | Senior Vice President and Chief People Officer | | Senior Vice President, People, OfferUp (2023-2024); Senior Vice President, People, SeekOut (2021-2023); Vice President, People, Chef Software (2018-2020) |
Marjorie Dickman Washington D.C., USA | | Chief Government Affairs and Public Policy Officer | | Global Director and Associate General Counsel, IoT and Automated Driving Policy, Intel (2017-2020) |
Mattias Eriksson Illinois, USA | | President, IoT | | Senior Vice President and Head of Product, HERE Technologies (2019-2020) |
John Giamatteo Texas, USA | | Chief Executive Officer; President, Cybersecurity; Director | | President and Chief Revenue Officer, McAfee (2013-2020) |
| | | | |
Phil Kurtz
Ontario, Canada | | Chief Legal Officer and Corporate Secretary | | Vice President, Deputy General Counsel and Corporate Secretary (2021-2022); Vice President, Deputy General Counsel and Assistant Corporate Secretary (2015-2021) |
Steve Rai
Ontario, Canada | | Chief Financial Officer | | Deputy Chief Financial Officer (2019) |
| | | | |
Human Capital
The Company’s 2,647 regular employees, contract workers and student workers as of February 29, 2024 work as a team in 18 countries worldwide, with approximately 55% in Canada, 19% in the U.S., and 26% outside of North America. None of the Company’s employees in Canada or the United States are represented by a labour union; however, employees of certain foreign subsidiaries in Europe are represented by works councils.
The Company offers employees an equitable and competitive total rewards program, designed to recognize and reward both individual and company performance. The Company provides a range of financial and benefit programs such as its employee share purchase program, employee recognition programs, retirement savings plans, family-friendly leave policies, health and wellness programs, employee and family assistance program, as well as corporate discounts, all designed to support the overall wellness of the Company’s employees and their families.
The Company embraces a diverse and inclusive workplace, providing a welcoming environment in which every individual is valued and respected, regardless of race, gender, sexual orientation, gender identity, religion, age, veteran status, disability status or any other protected element of diversity. The Company recognizes diversity, equity and inclusion as business imperatives and commits to attract, develop, and retain the best and brightest talent. The Company strives to maintain an environment where people are valued, have a sense of belonging, and feel they can bring their authentic selves to work, every day. The Company is committed to maintaining a respectful and productive work environment free from discrimination and harassment, supported by training in unconscious bias and inclusive language. The Company does not tolerate, condone, or
ignore workplace discrimination or harassment or any unlawful behavior and investigates all complaints regarding such conduct in a timely manner.
The Company believes career development is unique and personal for each employee. The Company offers career development and growth in many forms such as job shadowing, job rotation, stretch assignments, enhanced scope or responsibility, networking, lateral movement, promotions, and volunteering. The Company encourages employees to broaden their scope and understanding of the business, and to build additional skills to attain their career aspirations. Employees are supported in their growth and development through the Company’s tuition and educational reimbursement programs, subsidies for professional association memberships, a global mentorship program, career planning resources, and various training programs.
The Company is honored to have the efforts of our talented and dedicated employees recognized through numerous awards, including Forbes Canada’s Best Employers (2022-2023), Best & Brightest Companies to Work for in the Nation (2016-2023), Best & Brightest Companies to Work for in Wellness (2016-2023), Canada’s Top Employers for Young People (2021-2024), and Canada’s Greenest Employers (2016-2023), among others. The Company also takes pride in its award-winning paid co-op and intern student program, through which the Company invests in the personal and professional development of the next generation of BlackBerry talent.
Building upon its culture of teamwork, the Company is a proud and committed civic leader. BlackBerry employees are passionate regarding their involvement in corporate-run community initiatives to actively participate in volunteer activities and environmentally friendly initiatives where they live and work. Together with its team of community-minded employees, the Company believes there is great potential to make lasting local impacts.
Available Information
Our internet address is www.blackberry.com. Our website is included in this Annual Report on Form 10-K as an inactive textual reference only. Information contained on our website is not incorporated by reference in this Annual Report on Form 10-K.
As of March 1, 2020, the Company began reporting with the Securities and Exchange Commission (“SEC”) as a domestic issuer instead of a foreign private issuer. Prior to that date, the Company was a foreign private issuer and, in compliance with SEC regulations, furnished its interim financial statements on Form 6-K and filed its Annual Report on Form 40-F. The Company continues to be a reporting issuer subject to continuous disclosure obligations under applicable Canadian securities laws.
Access to our Annual Reports on Form 10-K and 40-F, Quarterly Reports on Form 10-Q and 6-K, Current Reports on Form 8-K, supplemental financial information, earnings press releases, and amendments to these reports filed with or furnished to the SEC may be obtained free of charge as soon as is reasonably practical after we electronically file or furnish them through the Investors section of our website at www.blackberry.com/ca/en/company/investors. In addition, our filings with the SEC may be accessed through the SEC’s website at www.sec.gov and our filings with the Canadian Securities Administrators (“CSA”) may be accessed through the CSA’s System for Electronic Document Analysis and Retrieval (“SEDAR+”) at www.sedarplus.ca. Except for the documents specifically incorporated by reference in this Annual Report on Form 10-K, information contained on the SEC or CSA websites is not incorporated by reference in this Annual Report on Form 10-K and should not be considered to be a part of the Annual Report. All statements made in any of our securities filings, including all forward-looking statements or information, are made as of the date of the document in which the statement is included, and we do not assume or undertake any obligation to update any of those statements or documents unless we are required to do so by applicable law.
ITEM 1A. RISK FACTORS
Investors in the Company’s securities should carefully consider the following risks, as well as the other information contained in MD&A (as defined below) and elsewhere in this Annual Report on Form 10-K for the fiscal year ended February 29, 2024. Any of the following risks, in whole or in part, could materially and adversely impact the Company’s business, financial condition and operating results. The risks and uncertainties described below are not the only ones the Company faces. Additional risks and uncertainties, including those of which the Company is unaware or the Company currently deems immaterial, may also have a material adverse effect on the Company’s business, financial condition and results of operations.
Risks Related to the Company’s Business
The Company may not be able to maintain or expand its customer base for its software and services offerings to grow revenue or achieve sustained profitability.
The Company has focused its strategy on software and services to grow revenue and generate sustainable profitability. For the Company to increase its software and services revenues, it must continually grow its customer base by attracting new customers or, in the case of existing customers, deploying software and services across more endpoints or attracting additional users in such existing customers’ businesses. The Company also needs to sell additional software and services over time to the same customers, or have customers upgrade their level of service. If the Company is unable to promote a compelling value
proposition to customers and its efforts to sell or upsell software or services as described above are not successful, its results of operations could be materially impacted.
Existing customers that purchase the Company’s software and services have no contractual obligation to renew their subscriptions or purchase additional solutions after the initial subscription or contract period. The Company’s customers’ expansion and renewal rates may decline or fluctuate as a result of a number of factors, including the perceived need for such additional software and services, the level of satisfaction with the Company’s software and services, features or functionality, the reliability of the Company’s software and services, the Company’s customer support, customer budgets and other competitive factors, such as pricing and competitors’ offerings. For smaller or simpler deployments, the switching costs and time are relatively minor compared to traditional enterprise software deployments and as such a customer may more easily decide not to renew with the Company and switch to a competitor’s offerings.
Further, the Company’s future success depends in part on the growth, if any, in the markets for endpoint security software and embedded solutions, including in software-defined vehicles. If the recent growth trends in these markets do not continue due to security incidents, technological challenges, lack of customer acceptance, weakening economic conditions or other reasons, demand for the Company’s products, and those of its competitors, could be negatively affected.
The Company’s sales cycles can be long and unpredictable and its sales efforts require considerable time and expense.
For many customers, licensing the Company’s Cybersecurity or IoT solutions represents a significant strategic decision and, as a result, sales cycles can be long and unpredictable, particularly during times of economic uncertainty. When dealing with automotive, government or large regulated enterprise customers in particular, the Company is subject to risks related to increased customer bargaining power and pricing pressure, extended evaluation periods, regulatory changes, compliance with procurement requirements, complex approval systems, and unanticipated administrative delays. IoT revenue recognition is also subject to delays in the development of embedded software platforms and the manufacture of new vehicles by automotive OEMs.
The Company’s ability to grow software and services revenue is dependent in part on its ability to maintain a qualified direct sales force, which requires significant time and resources, including investment in systems and training. From time to time, the Company may choose to reorganize its go-to-market teams in an effort to better leverage its sales resources and improve customer service. These reorganizations, which may include investments in educating the Company’s sales force, can cause short-term disruptions and may negatively impact sales. There can be no assurance that the Company will be successful in implementing its sales and distribution strategy. See also the Risk Factor entitled “The Company’s success depends on its relationships with resellers and distributors”.
The Company faces intense competition.
The Company is engaged in markets that are highly competitive and rapidly evolving, and has experienced, and expects to continue to experience, intense competition from a number of companies. No technology has been exclusively or commercially adopted as the industry standard for many of the products and services offered by the Company. Accordingly, both the nature of the competition and the scope of the business opportunities afforded by the markets in which the Company competes are uncertain.
The Company’s competitors, including new market entrants, may implement new technologies before the Company does, deliver new products and services earlier, or provide products and services that are disruptive or that are attractively priced or enhanced or better quality compared to those of the Company, making it more difficult for the Company to win or preserve market share.
Some of the Company’s competitors have greater name recognition, larger customer bases and significantly greater financial, technical, marketing, public relations, sales, distribution and other resources than the Company does. In particular, some of the Company’s competitors may be able to leverage their relationships with enterprise customers based on other products or incorporate functionality into existing products to gain business in a manner that discourages users from purchasing the Company’s solutions, including by selling at zero or negative margins, product bundling or offering closed technology platforms. In the automotive sector, some of the Company’s OEM and Tier 1 customers have accelerated internal development of embedded solutions. In addition, competition may intensify as the Company’s competitors enter into business combinations or alliances and established companies in other market segments expand to become competitive with the Company’s business.
The impact of the competition described above could result in fewer customer orders, loss of market share, pressure to reduce prices, commoditization of product and service categories in which the Company participates, reduced revenue and reduced margins. If the Company is unable to compete successfully, there could be a material adverse effect on the Company’s business, results of operations and financial condition.
The Company must obtain and maintain certain product approvals and certifications from governmental authorities, regulated enterprise customers and third-party standards bodies in order to remain competitive, meet contractual requirements and enable
its customers to meet their certification needs. Failure to maintain such approvals or certifications for the Company’s current products or to obtain such approvals or certifications for any new products on a timely basis could have a material adverse effect on the Company’s competitive position. In addition, independent industry analysts often issue reports regarding endpoint security solutions and the perception of the Company’s solutions in the marketplace, especially as compared to those of the Company’s competitors, may be significantly influenced by these reports. If these reports are negative, less frequent or less positive than reports on the Company’s competitors’ products, the Company’s competitive position may be harmed.
The Company may not be able to enhance, develop, introduce or monetize products and services for the enterprise market in a timely manner with competitive pricing, features and performance.
The industries in which the Company competes are characterized by rapid technological change, frequent new product introductions, frequent market price reductions, constant improvements in features and short product life cycles. The Company’s future success depends upon its ability to enhance and integrate its current products and services, to provide for their compatibility with evolving industry standards and operating systems, to address competing technologies and evolving security threats, and to continue to develop and introduce new products and services offering enhanced performance and functionality on a timely basis at competitive prices.
The process of developing new technology is complex and uncertain, and involves time, substantial costs and risks, which are further magnified when the development process involves multiple operating platforms. The development of next-generation technologies that utilize new and advanced features, including artificial intelligence and machine learning, involves making predictions regarding the willingness of the market to adopt such technologies over legacy solutions. The Company may be required to commit significant resources to developing new products, software and services before knowing whether such investment will result in products or services that the market will accept.
The Company’s inability, for technological or other reasons, some of which may be beyond the Company’s control, to enhance, develop, introduce and monetize products and services in a timely manner, or at all, in response to changing market conditions or customer requirements could have a material adverse effect on the Company’s business, results of operations and financial condition or could result in its products and services not achieving market acceptance or becoming obsolete. In addition, if the Company fails to deliver a compelling customer experience or accurately predict emerging technological trends and the changing needs of customers and end users, or if the features of its new products and services do not meet the demands of its customers or are not sufficiently differentiated from those of its competitors, the Company’s business, results of operations and financial condition could be materially harmed.
The occurrence or perception of a breach of the Company’s network cybersecurity measures or an inappropriate disclosure of confidential or personal information could significantly harm its business.
The Company is continuously exposed to cyber threats through the actions of outside parties, such as hacking, viruses, and other malicious software, denial of service attacks, industrial espionage and other methods designed to breach the Company’s network or data security. The Company is also exposed to risk as a result of process, coding or human errors and through attempts by third parties to fraudulently induce employees to provide access to confidential or personal information. Although malicious attempts to gain unauthorized access to such information affect many companies across various industries, the Company is at a relatively greater risk of being specifically targeted because of its reputation for security and the nature of its network operations, and because the Company has been involved in the identification of organized cyber adversaries.
The Company devotes significant resources to network security, encryption and authentication technologies and other measures, including security policies and procedures, vulnerability testing and awareness training, to mitigate cyber risk to its systems, endpoints and data. In addition, the Company engineers novel security and reliability features, deploys software updates to address vulnerabilities, and maintains a security infrastructure that protects the integrity of the Company’s network, products and services. The Company also mitigates risk by actively monitoring external threats, reviewing best practices and implementing appropriate internal controls, including incident response plans. However, the techniques used to obtain unauthorized access or to disable or degrade service are constantly evolving and becoming more sophisticated in nature, and frequently are not recognized or identified until after they have been deployed against a target. The Company may not be able to anticipate these techniques, to implement adequate preventative measures or to identify and respond to them in a timely manner, and the Company’s efforts to do so may have a material adverse impact on the Company’s operating margins, the user experience or compatibility with third party products and services.
Although to date the Company has not experienced any material financial or other losses relating to technology failure, cyberattacks or security breaches, there is no assurance that the Company will not experience material loss or damage in the future. If the network and product security measures implemented by the Company or its partners, including third-party data center operators, cloud service providers and product manufacturers are breached, or perceived to be breached, or if the confidentiality, integrity or availability of the Company’s data, including intellectual property and legally protected personal data, is compromised, the Company could be exposed to significant litigation, service disruptions, investigation and remediation costs, regulatory sanctions, fines and contractual penalties. In addition, any such event could materially damage the
Company’s reputation, which is built in large measure on the security and reliability of BlackBerry products and services, and could result in the loss of investor confidence, channel partners, competitive advantages, revenues and customers, including the Company’s most significant government and regulated enterprise customers. While the Company maintains cybersecurity insurance, the Company’s coverage may be insufficient to cover all losses or types of claims that may arise from cyber incidents, and any incidents may result in the loss of, or increased costs of, the Company’s insurance.
The Company’s business could be negatively affected as a result of its business unit separation and cost reduction initiatives.
The separation of the Company’s IoT and Cybersecurity businesses into standalone divisions and the streamlining of the Company’s centralized functions is intended to enhance operational focus and flexibility for each business, to drive improved profitability, and to increase optionality for the Company to optimize shareholder value. If the separation is not managed effectively, it may not provide these intended benefits and may result in a disruption of the Company’s operations, an inability to retain or recruit key personnel, and the impairment of customer relationships.
Further, if the separation is not conducted in manner or on a timeline that meets investor expectation, the Company may be subject to shareholder activism advocating for governance or strategic changes at the Company. Responding to proxy contests, media campaigns and other tactics by activist shareholders would be costly and time-consuming, disrupt the Company’s operations and divert the attention of the Board and senior management from the pursuit of the Company’s strategies, which could adversely affect the Company’s business. Perceived uncertainties as to the Company’s future direction as a result of shareholder activism could also result in the loss of potential business opportunities and may make it more difficult to attract and retain qualified personnel and partners.
The business separation is expected to result in each division performing corporate functions that have historically been performed on a centralized basis, including certain legal, finance, human resources, marketing and IT functions, which may require each division to increase its investment in these administrative functions. Additionally, the integration of the Cybersecurity and IoT businesses has enabled them to share economies of scope and scale in costs, systems and vendor relationships, and their separation may result in each division paying higher charges for third-party services.
The Company’s success depends on its continuing ability to attract new personnel, retain existing key personnel and manage its staffing effectively.
The Company’s success is largely dependent on its continuing ability to identify, attract, develop, motivate and retain skilled employees, including members of its executive team, top research developers and experienced salespeople with specialized knowledge. Competition for such people is intense, continuous, and increasing in the industries in which the Company participates, and the Company has experienced solicitations of its employees by its competitors.
Competition for highly skilled personnel is intense, especially in the Waterloo and Ottawa, Ontario areas, where the Company has a substantial presence and need for highly skilled personnel. The Company is also substantially dependent on the continued service of its existing engineering personnel because of the complexity and specialization of its products and services. Also, to the extent that the Company hires employees from mature public companies with significant financial resources, the Company may be subject to allegations that such employees have been improperly solicited, or that they have divulged proprietary or other confidential information or that their former employers own such employees’ inventions or other work product.
To attract and retain critical personnel, the Company may experience increased compensation costs that are not offset by increased productivity or higher prices for our products and services. Also, the Company’s financial results and share price performance (particularly for senior employees for whom equity-based compensation is a key element of their total compensation), among other factors, may impact the Company’s ability to attract new, and retain existing, employees. Any failure by the Company to attract and retain key employees could have a material adverse effect on the Company’s business, results of operations and financial condition.
In addition, during periods of internal reorganization, such as the Company’s ongoing business separation, the Company may experience losses of business continuity and accumulated knowledge, internal compliance gaps or other inefficiencies, including litigation claims by terminated employees. If the Company does not maintain appropriate staffing, develop effective business continuity and succession programs, mitigate turnover and effectively utilize employees with the right mix of skills and experience across the functions necessary to meet the current and future needs of its business, the financial and operational performance of the Company could suffer.
A failure or perceived failure of the Company’s solutions to detect or prevent security vulnerabilities could materially adversely affect the Company’s reputation, financial condition and results of operations.
The techniques used by cyber adversaries to breach network and endpoint security measures are sophisticated and change frequently, and the Company’s products and services may not protect users against all cyberattacks. At the same time, the Company’s products and services are highly complex and may contain design defects, bugs or security vulnerabilities that are
difficult to detect and correct. Such internal defects and a variety of external factors, including misconfigurations, errors introduced through collaborations with the Company’s engineering partners or the failure of customers to address risks identified by our platform, could impair the effectiveness of the Company’s solutions and cause them to fail to secure endpoints and prevent attacks or function as intended. In addition, the Company’s solutions may falsely indicate a cyber threat that does not actually exist, which may negatively impact customers’ trust in the Company’s solutions.
Real or perceived defects, errors or vulnerabilities in the Company’s software and services, or the failure of the Company’s platform solutions to detect or prevent cyber incidents, could result in the delay or denial of their market acceptance and may harm the Company’s financial condition, results of operations and reputation as a security solutions vendor. If errors are discovered, correcting them could require significant expenditures by the Company and the Company may not be able to successfully correct them in a timely manner or at all.
The Company’s products and services frequently involve the transmission, processing and storage of data, including proprietary, confidential and personally-identifiable information, and a security compromise, misconfiguration or malfunction involving the Company’s software could result in such information being accessible to attackers or other third parties. Real or perceived security breaches against a customer using the Company’s solutions could cause damage or disruption to the customer and subject the Company to liability, and may result in the customer and the public believing that the Company’s solutions are ineffective, even if they were not implicated in failing to block the attack. Further, a breach of an artificial intelligence and machine learning-based solution offered by another endpoint security provider could cause the market to lose confidence in next-generation security software generally, including the Company’s solutions.
The Company’s success depends on its relationships with resellers and channel partners.
The Company’s ability to maintain and expand its market reach, particularly with small and medium-sized businesses, is increasingly dependent on establishing, developing and maintaining relationships with third party resellers and channel partners, especially in its Cybersecurity business. The Company makes training available to its partners and develops sales programs to incentivize them to promote and deliver the Company’s current and future products and services and to grow its user base.
If the Company is not able to effectively identify and establish new relationships with successful resellers and channel partners, or to maintain or enhance existing relationships without giving rise to conflicts between channels, or if the Company’s partners do not act in a manner that will promote the success of the Company’s products and services, the Company’s business, results of operations and financial condition could be materially adversely affected.
Many resellers and channel partners sell products and services of the Company’s competitors and may terminate their relationships with the Company with limited or no notice and limited or no penalty. If the Company’s competitors offer their products and services to the resellers and channel partners on more favorable contractual or business terms, have more products and services available, or those products and services are, or are perceived to be, in higher demand by end users, or are more lucrative for the resellers and channel partners, there may be continued pressure on the Company to reduce the price of its products and services, or those resellers and channel partners may stop offering the Company’s products or de-emphasize the sale of its products and services in favor of the Company’s competitors, which could have a material adverse effect on the Company’s business, results of operations and financial condition.
Litigation against the Company may result in adverse outcomes.
In the course of its business, the Company is subject to potential litigation claims and enforcement actions arising from its public disclosure. The Company is committed to providing a high level of disclosure and transparency and provides commentary that highlights the trends and uncertainties that the Company anticipates. Given the highly competitive and dynamic industry in which the Company operates and the evolution of the Company’s business strategy over time, the Company’s financial results may not follow any past trends, making it difficult to predict the Company’s financial results. Consequently, actual results may differ materially from those expressed or implied by the Company’s forward-looking statements and may not meet the expectations of analysts or investors, which can contribute to the volatility of the market price of the Company’s common shares.
In addition, the Company receives general commercial claims related to the conduct of its business and the performance of its products and services, including product liability and warranty claims, employment claims, claims for breaches of contractual covenants and other litigation claims, which may potentially include claims relating to improper use of, or access to, personal data. Liability claims related to product defects, bugs or vulnerabilities could give rise to class action litigation or to the withdrawal of certifications, and the Company may be subject to such claims either directly or indirectly through indemnities that it provides to certain of its customers. The Company’s exposure to product liability risk may increase as the Company continues to commercialize its software innovations for autonomous and connected vehicles.
Litigation resulting from these claims and from actions asserted by the Company could be costly and time-consuming and could divert the attention of management and key personnel from the Company’s business operations. The complexity of the
technology involved and the inherent uncertainty of commercial, class action, securities, employment and other litigation increases these risks. In recognition of these considerations, the Company may enter into settlements resulting in material expenditures, the payment of which could have a material adverse effect on the Company’s business, results of operation and financial condition. Similarly, if the Company is unsuccessful in its defense of material litigation claims, the Company may be faced with significant monetary damages or injunctive relief against it that could have a material adverse effect on the Company’s business, BlackBerry brand, results of operations and financial condition. Administrative or regulatory actions against the Company or its employees could also have a material adverse effect on the Company’s business, BlackBerry brand, results of operations and financial condition. See Note 10 to the Consolidated Financial Statements for information regarding certain legal proceedings in which the Company is involved.
Adverse macroeconomic and geopolitical conditions have had and may continue to have a material adverse effect on the Company’s business, results of operations and financial condition.
Challenging macroeconomic conditions, including as a result of geopolitical events, public health crises, automotive labor disruptions, disruptions in global supply chains, increases in inflation and interest rates, have negatively impacted and may in the future negatively impact consumer demand for automobiles and sales cycles and spending on cybersecurity solutions, and in turn have materially affected the Company’s business, results of operations and financial condition in certain periods. Because all components of the Company’s budgeting and forecasting are dependent upon estimates of economic activity in the markets that the Company serves and demand for its products and services, economic uncertainties make it difficult to estimate future income and expenditures.
Network disruptions or other business interruptions could have a material adverse effect on the Company’s business and harm its reputation.
The Company’s operations rely to a significant degree on the efficient and uninterrupted operation of complex technology systems and networks, which are in some cases integrated with those of cloud service providers and third-party data centre operators. The Company’s network operations and technology systems are potentially vulnerable to damage or interruption from a variety of sources, including by fire, earthquake, power loss, telecommunications or computer systems failure, cyberattack, human error, terrorist acts, war, and the threatened or actual suspension of BlackBerry services at the request of a government for alleged non-compliance with local laws or other events. The increased number of third-party applications on the Company’s network may also enhance the risk of network disruption or cyberattack for the Company. There may also be system or network interruptions if new or upgraded systems are defective or not installed properly, or if data centre operators fail to meet agreed service levels.
The Company has experienced network events, including those arising from third-party applications, in the past, none of which had a material impact on us. Any future outage in a network or system or other unanticipated problem that leads to an interruption or disruption of BlackBerry services, however, could have a material adverse effect on the Company’s business, results of operations and financial condition, and could adversely affect the Company’s reputation.
The Company may not be successful in fostering an ecosystem of third-party application developers.
The Company believes decisions by customers to purchase its products, including the BlackBerry IVY platform, depend and will depend in part on the availability and compatibility of software applications and services that are developed and maintained by third-party developers. The Company may not be able to convince third parties to develop and maintain applications for its cybersecurity software and embedded solutions platforms. The loss of, or inability to maintain these developer relationships may materially and adversely affect the desirability of the Company’s products and, hence, the Company’s revenue from the sale of its products.
The Company’s products and services are dependent upon interoperability with rapidly changing systems provided by third parties.
The Company’s platform depends on interoperability with operating systems, such as those provided by Apple, Google and Microsoft, as well as automotive OEMs. Operating systems are upgraded frequently in response to consumer demand and, in order to maintain the interoperability of its platform, the Company may need to release new software updates at a much greater pace than a traditional enterprise software company that supports only a single platform. In addition, the Company typically receives limited advance notice of changes in features and functionality of operating systems and platforms, and therefore the Company may be forced to divert resources from its preexisting product roadmap to accommodate these changes.
If the Company fails to enable IT departments to support operating system upgrades upon release, the Company’s business and reputation could suffer. This could further disrupt the Company’s product roadmap and cause it to delay introduction of planned products and services, features and functionality, which could harm the Company’s business. Furthermore, some of the features and functionality in the Company’s products and services require interoperability with APIs of other operating systems, and if operating system providers decide to restrict the Company’s access to their APIs, that functionality would be lost and the Company’s business could be impaired.
Operating system providers have included, and may continue to include, features and functionality in their operating systems that are comparable to elements of the Company’s products and services, thereby making the Company’s platform less valuable. The inclusion of, or the announcement of an intent to include, functionality perceived to be similar to that offered by the Company’s products and services in mobile or embedded operating systems may have an adverse effect on the Company’s ability to market and sell its products and services.
Risks Related to Intellectual Property and Technology Licensing
Failure to protect the Company’s intellectual property could harm its ability to compete effectively and the Company may not earn the revenues it expects from intellectual property rights.
The Company’s commercial success is highly dependent upon its ability to protect its proprietary technology. The Company relies on a combination of patents, copyrights, trademarks, trade secrets, confidentiality procedures and contractual provisions to protect its proprietary rights, all of which offer only limited protection. Despite the Company’s efforts, the steps taken to protect its proprietary rights may not be adequate to preclude misappropriation of its proprietary information or infringement of its intellectual property rights. Detecting and protecting against the unauthorized use of the Company’s products, technology proprietary rights, and intellectual property rights is expensive, difficult and, in some cases, impossible. Litigation may be necessary in the future to enforce or defend the Company’s intellectual property rights and could result in substantial costs and diversion of management resources, either of which could harm the Company’s business, financial condition and results of operations, and there is no assurance that the Company will be successful. Further, the laws of certain countries in which the Company’s products and services are sold or licensed do not protect intellectual property rights to the same extent as the laws of Canada or the United States.
With respect to patent rights, the Company cannot be certain whether any of its pending patent applications will result in the issuance of patents or whether the examination process will require the Company to narrow its claims. Furthermore, any patents issued could be challenged, invalidated or circumvented and may not provide proprietary protection or a competitive advantage. In addition, a number of the Company’s competitors and other third parties have been issued patents, and may have filed patent applications or may obtain additional patents and proprietary rights, for technologies similar to those that the Company has made or may make in the future. Public awareness of new technologies often lags behind actual discoveries, making it difficult or impossible to know all relevant patent applications at any particular time. Consequently, the Company cannot be certain that it was the first to develop the technology covered by its pending patent applications or that it was the first to file patent applications for the technology. In addition, the disclosure in the Company’s patent applications may not be sufficient to meet the statutory requirements for patentability in all cases. As a result, there can be no assurance that the Company’s patent applications will result in patents being issued.
While the Company enters into confidentiality and non-disclosure agreements with its employees, consultants, contract manufacturers, customers, potential customers and others to attempt to limit access to, and distribution of, proprietary and confidential information, it is possible that:
•some or all of its confidentiality agreements will not be honored;
•third parties will independently develop equivalent technology or misappropriate the Company’s technology or designs;
•disputes will arise with the Company’s strategic partners, customers or others concerning the ownership of intellectual property;
•unauthorized disclosure or use of the Company’s intellectual property, including source code, know-how or trade secrets will occur; or
•contractual provisions may not be enforceable.
In addition, the Company expends significant resources to patent and manage the intellectual property it creates with the expectation that it will generate revenues by incorporating that intellectual property in its products or services. The Company also monetizes its patent assets through outbound licensing. Changes in the law may weaken the Company’s ability to collect royalty revenue for licensing its patents. Similarly, licensees of the Company’s patents may fail to satisfy their obligations to pay royalties, or may contest the scope and extent of their obligations. Finally, the royalties the Company can obtain to monetize its intellectual property may decline because of the evolution of technology, changes in the selling price of products using licensed patents, or the difficulty of discovering infringements.
The consideration payable to the Company from the sale of its non-core patent portfolio in the Malikie Transaction is expected to include potential future royalty payments. The royalties, if any, that may be earned by the Company from the Malikie Transaction in any particular fiscal year or in the aggregate over the term of the royalty arrangement are difficult to predict, particularly given that any such royalties will depend entirely upon the business success of a third party. The aggregate proceeds that the Company ultimately receives from the Malikie Transaction are expected to be less than $900 million.
The Company may not be able to obtain rights to use third-party software and is subject to risks related to the use of open source software.
Many of the Company’s products include intellectual property which must be licensed from third parties. The termination of any of these licenses, or the failure of such third parties to adequately maintain, protect or update their software or intellectual property rights, could delay the Company’s ability to offer its products while the Company seeks to implement alternative technology offered by other sources (which may not be available on commercially reasonable terms) or develop such technology internally (which would require significant unplanned investment on the Company’s part). The use of third-party software in the Company’s products could also expose the Company and its customers to security vulnerabilities.
In addition, certain software that the Company uses may be subject to open source licenses. Use and distribution of open source software may entail greater risks than use of third-party commercial software, as open source licensors generally do not provide warranties or other contractual protections regarding infringement claims or the quality of the code. Some open source licenses contain requirements that the Company make available source code for modifications or derivative works created by the Company based upon the type of open source software used. If the Company combines its proprietary solutions with open source software in a certain manner, the Company could, under certain of the open source licenses, face claims from third parties claiming ownership of or demanding the public release of the source code of the Company’s proprietary solutions, or demanding that the Company offer its solutions to users at no cost. This could allow the Company’s competitors to create similar solutions with lower development effort and time and ultimately could result in a loss of revenue to the Company. The Company could also be subject to litigation by parties claiming that what the Company believes to be licensed open source software infringes their intellectual property rights.
The terms of many open source licenses have not been interpreted by U.S. courts, and there is a risk that such licenses could be construed in a manner that could impose unanticipated conditions or restrictions on the Company’s ability to commercialize its products and services. In such an event, the Company could be exposed to litigation or reputational damage, and could be required to obtain licenses from third parties in order to continue offering its products and services or to re-engineer its products or services, or discontinue their sale in the event re-engineering cannot be accomplished on a timely basis, any of which could materially and adversely affect the Company’s business and operating results.
The Company could be found to have infringed on the intellectual property rights of others.
Companies in the software and technology industries, including some of the Company’s current and potential competitors, own large numbers of patents, copyrights, trademarks and trade secrets and frequently engage in litigation based on allegations of infringement or other violations of intellectual property rights. Although the Company believes that third-party software included in the Company’s products is licensed from the entity holding the intellectual property rights and that its products do not infringe on the rights of third parties, third parties have and are expected to continue to assert infringement claims against the Company in the future. The Company may be subject to these types of claims either directly or indirectly through indemnities that it provides to certain of its customers, partners and suppliers against these claims. As the Company continues to develop software products and expand its portfolio using new technology and innovation, its exposure to threats of infringement may increase.
Many intellectual property infringement claims are brought by entities whose business model is to obtain patent-licensing revenues from operating companies such as the Company. Because such entities do not typically generate their own products or services, the Company cannot deter their claims based on counterclaims that they infringe patents in the Company’s portfolio or by entering into cross-licensing arrangements.
Regardless of whether patent or other intellectual property infringement claims against the Company have any merit, they could:
•adversely affect the Company’s relationships with its customers;
•be time-consuming and expensive to evaluate and defend, including in litigation or other proceedings;
•result in negative publicity for the Company;
•divert management’s attention and resources;
•cause product delays or stoppages;
•subject the Company to significant liabilities;
•require the Company to develop possible workaround solutions that may be costly and disruptive to implement; and
•require the Company to cease certain activities or to cease selling its products and services in certain markets.
In addition, any such claim may require the Company to enter into costly royalty agreements or obtain a license for the intellectual property rights of third parties. Such licenses may not be available or they may not be available on commercially reasonable terms.
Any of the foregoing infringement claims and related litigation could have a significant adverse impact on the Company’s business and operating results, as well as the Company’s ability to generate future revenues and profits. See also “Legal Proceedings” in this Annual Report on Form 10-K.
Risks Related to Assets, Indebtedness and Taxation
The Company has incurred indebtedness, which could adversely affect its operating flexibility and financial condition.
The Company has, and may from time to time in the future have, third-party debt service obligations pursuant to its outstanding indebtedness, which currently includes $200 million aggregate principal amount of 3.00% Senior Convertible Notes maturing on February 15, 2029 (the “Notes”). The degree to which the Company is leveraged could have important consequences, including that:
•the Company’s ability to obtain additional debt financing may be limited;
•a portion of the Company’s cash flow from operations or other capital resources will be dedicated to the payment of the principal of, and/or interest on, indebtedness, thereby reducing funds available for working capital, capital expenditures, strategic initiatives or other business purposes; and
•the Company’s earnings under U.S. GAAP may be negatively affected to the extent that any indebtedness is accounted for by the Company at fair value and includes embedded derivatives which fluctuate in value from period to period.
If the Company cannot maintain an adequate cash balance or positive cash flow from operations, the Company may be unable to pay amounts due under its outstanding indebtedness or to fund other liquidity needs and it may be required to refinance all or part of its then existing indebtedness, sell assets, reduce or delay capital expenditures or seek to raise additional capital, any of which could have a material adverse effect on the Company’s business, results of operations and financial condition. There can be no assurance that the Company would be able to restructure or refinance the Notes on terms as favourable as those currently in place.
The Notes are subject to restrictive and other covenants that may limit the discretion of the Company and its subsidiaries with respect to certain business matters. A breach of any of these covenants could result in a default under the Company’s outstanding indebtedness, which would have a material adverse effect on the Company’s business, results of operations and financial condition.
The Company faces substantial asset risk, including the potential for charges related to its long-lived assets and goodwill.
The Company’s long-lived assets include items such as the Company’s network infrastructure, operating lease right-of-use assets and certain intellectual property. Under United States generally accepted accounting principles (“U.S. GAAP”), the Company reviews its long-lived assets for impairment when events or changes in circumstances indicate the carrying value may not be recoverable. The Company’s ability to generate sufficient cash flows to fully recover the current carrying value of these assets depends on the successful execution of its strategies. If it is determined that sufficient future cash flows do not exist to support the current carrying value, the Company will be required to record an impairment charge for long-lived assets in order to adjust the value of these assets to the newly established estimated value.
Goodwill represents the excess of the acquisition price over the fair value of identifiable net assets acquired. Under U.S. GAAP, the Company tests goodwill for impairment annually, during the fourth quarter, or more frequently if events or changes in circumstances indicate that the asset may be impaired. These events and circumstances may include a significant change in legal factors or in the business climate, a significant decline in the Company’s share price, an adverse action or assessment by a regulator, unanticipated competition, a loss of key personnel, significant disposal activity and the testing of recoverability for a significant asset group. If any such events or circumstances arise, the Company may be required to record an impairment charge in the value of its goodwill.
In the fourth quarter of fiscal 2024, the Company recorded the Fiscal 2024 Goodwill Impairment Charge. For additional information, see Note 3 to the Consolidated Financial Statements.
Tax provision changes, the adoption of new tax legislation or exposure to additional tax liabilities could materially impact the Company’s financial condition.
The Company is subject to income, indirect (such as sales tax, sales and use tax and value-added tax) and other taxes in Canada and numerous foreign jurisdictions. Significant judgment is required in determining its worldwide liability for income, indirect and other taxes, as well as potential penalties and interest. In the ordinary course of the Company’s business, there are many
transactions and calculations where the ultimate tax determination is uncertain. Although the Company believes that its tax estimates are reasonable, there can be no assurance that the final determination of any tax audits will not be materially different from that which is reflected in historical income, indirect and other tax provisions and accruals. Should additional taxes or penalties and interest be assessed as a result of an audit, litigation or changes in tax laws, there could be a material adverse effect on the Company’s current and future results and financial condition. In addition, there is a risk of recoverability of future deferred tax assets.
The Company’s future effective tax rate will depend on the relative profitability of the Company’s domestic and foreign operations, the statutory tax rates and taxation laws of the related tax jurisdictions, the tax treaties between the countries in which the Company operates, the timing of the release, if any, of the valuation allowance, and the relative proportion of research and development incentives to the Company’s profitability.
Canada, together with approximately 140 other countries comprising the Organization for Economic Co-Operation and Development (“OECD”) and the G20 Inclusive Framework on Base Erosion and Profit Shifting (“BEPS”), approved in principle in 2021 certain base erosion tax initiatives, including the introduction of a 15% global minimum tax which is intended to be effective in 2023. In August 2023, the Department of Finance (Canada) released for public comment draft legislative proposals to implement the global minimum tax. The draft legislative proposals are generally intended to apply in respect of fiscal years beginning on or after December 31, 2023. In November 2023, the Department of Finance (Canada) released revised draft legislative proposals which, if enacted, may limit the deductibility of interest and financing expenses for Canadian tax purposes. The revised draft legislative proposals are generally intended to apply in respect of taxation years beginning on or after October 1, 2023. The Company will continue to monitor the BEPS and interest deductibility limitation proposals and any impact on the Company, which may result in an increase in future taxes and an adverse effect on the Company.
Under U.S. federal income tax laws, if a company is, or for any past period was, a passive foreign investment company (“PFIC”), there could be adverse U.S. federal income tax consequences to U.S. shareholders even if the Company is no longer a PFIC. While the Company does not believe that it is currently a PFIC, there can be no assurance that the Company was not a PFIC in the past and will not be a PFIC in the future.
Risks Related to Regulation
The use and management of user data and personal information could give rise to liabilities as a result of legal, customer and other third-party requirements.
User data and personal information is increasingly subject to new and amended legislation and regulations in numerous jurisdictions around the world that are intended to protect the privacy and security of personal information, as well as the collection, storage, transmission, use and disclosure of such information.
The interpretation of privacy and data protection laws and their application to the Internet and mobile communications in a number of jurisdictions is unclear and evolving. There is a risk that these laws may be interpreted and applied in conflicting ways from country to country and in a manner that is not consistent with the Company’s current data protection practices. Complying with these varying international requirements could cause the Company to incur additional costs and change the Company’s business practices. In addition, because the Company’s services are accessible worldwide, certain foreign jurisdictions may claim that the Company is required to comply with their laws, even where the Company has no local entity, employees, or infrastructure. Non-compliance could result in penalties or significant legal liability and the Company’s business, results of operations and financial condition may be adversely affected.
The Company’s customers, partners and members of its ecosystem may also have differing expectations or impose particular requirements for the collection, storage, processing and transmittal of user data or personal information in connection with BlackBerry products and services. Such expectations or requirements could subject the Company to additional costs, liabilities or negative publicity, and limit its future growth. In addition, governmental authorities may require access to limited data stored by the Company through lawful access demands and capabilities, which could subject the Company to legal liability, unforeseen compliance cost and negative publicity. Even a perception that the Company’s products or practices do not adequately protect users’ privacy or data collected by the Company, made available to the Company or stored in or through the Company’s products, or that they are being used by third parties to access personal or consumer data, could impair the Company’s sales or its reputation and brand value.
Government regulations applicable to the Company’s products and services, including products containing encryption capabilities, could negatively impact the Company’s business.
Certain government regulations applicable to the Company’s products and services may provide opportunities for competitors or limit growth. The impact of potential incremental obligations may vary based on the jurisdiction, but regulatory changes could impact whether the Company enters, maintains or expands its presence in a particular market, and whether the Company must dedicate additional resources to comply with these obligations.
Various countries have enacted laws and regulations, adopted controls, license or permit requirements, and restrictions on the export, import, and use of products or services that contain encryption technology. In addition, from time to time, governmental agencies have proposed additional regulations relating to encryption technology, such as requiring certification, notifications, review of source code, or the escrow and governmental recovery of private encryption keys. Governmental regulation of encryption technology, including the regulation of imports or exports, could harm the Company’s sales in one or more jurisdictions and adversely affect the Company’s revenues. Complying with such regulations could also require the Company to devote additional research and development resources to change the Company’s software or services or alter the methods by which the Company makes them available, which could be costly. In addition, failure to comply with such regulations could result in penalties, costs and restrictions on import or export privileges or adversely affect sales to government agencies or government funded projects.
Environmental, social and governance (“ESG”) expectations and standards expose the Company to risks that could adversely affect the Company’s reputation and performance.
Standards for identifying, measuring and reporting ESG matters continue to evolve, including regulatory requirements such as the Securities and Exchange Commission’s recently-published final rules on climate-related disclosures . If the Company’s ESG practices or disclosures do not meet evolving investor or other stakeholder expectations and standards, then the reputation of the Company, its ability to attract or retain employees, and its attractiveness as an investment, business partner, acquiror or service provider could be negatively impacted. Further, the Company’s failure or perceived failure to pursue or fulfill ESG objectives or to satisfy applicable reporting standards on a timely basis, or at all, could have similar negative impacts or expose the Company to government enforcement actions and private litigation.
Failure of the Company’s suppliers, subcontractors, channel partners and representatives to use acceptable ethical business practices or to comply with applicable laws could negatively impact the Company’s business.
The Company expects its suppliers, subcontractors, licensees and other partners to operate in compliance with applicable laws, rules and regulations regarding working conditions, labour and employment practices, environmental compliance, anti-corruption, and patent and trademark licensing, as detailed in the Company’s Supplier Code of Conduct. However, the Company does not directly control their labour and other business practices. If one of the Company’s suppliers or subcontractors violates applicable labour, anti-corruption or other laws, or implements labour or other business practices that are regarded as unethical, or if a supplier or subcontractor fails to comply with procedures designed by the Company to adhere to existing or proposed regulations, the delivery of BlackBerry products could be interrupted, orders could be canceled, relationships could be terminated, the Company’s reputation could be damaged, and the Company may be subject to liability. Any of these events could have a negative impact on the Company’s business, results of operations and financial condition.
General Risk Factors
Acquisitions, divestitures, investments and other business initiatives may negatively affect the Company’s results of operations.
The Company has acquired and continues to seek out opportunities to acquire or invest in, businesses, assets, products, services and technologies that expand, complement or are otherwise related to the Company’s business or provide opportunities for growth. In addition, the Company is increasingly collaborating and partnering with third parties to develop technologies, products and services, as well as seek new revenue through partnering arrangements.
These activities involve significant challenges and risks, including: that they may not advance the Company’s strategic objectives or generate satisfactory synergies or return on investment; that the Company may have difficulty integrating and managing new employees, business systems, development teams and product offerings; the potential loss of key employees of an acquired business; additional demands on the Company’s management, resources, systems, procedures and controls; disruption of the Company’s ongoing business; and diversion of management’s attention from other business concerns. Acquisitions, investments or other strategic collaborations or partnerships may involve significant commitments of financial and other resources of the Company. If these fail to perform as expected, or if the Company fails to enter into and execute the transactions or arrangements needed to succeed, the Company may not be able to bring its products, services or technologies to market successfully or in a timely manner, which would have a material adverse impact on results of operations.
In addition, the acquisitions may involve unanticipated costs and liabilities, including possible litigation and new or increased regulatory exposure, which are not covered by the indemnity or escrow provisions, if any, of the relevant acquisition agreements.
As business circumstances dictate, the Company may also decide to divest itself of assets or businesses. The Company may not be successful in identifying or managing the risks involved in any divestiture, including its ability to obtain a reasonable purchase price for the assets, potential liabilities that may continue to apply to the Company following the divestiture, potential tax implications, employee issues or other matters. The Company’s inability to address these risks could adversely affect the Company’s business, results of operations and financial condition.
The Company’s business is subject to risks inherent in foreign operations, including fluctuations in foreign currencies.
Sales outside of North America account for a significant portion of the Company’s revenue. The Company maintains offices in a number of foreign jurisdictions and intends to continue to pursue growth in select international markets. The Company is subject to a number of risks associated with its foreign operations that may increase liability and costs, lengthen sales cycles and require significant management attention. These risks include:
•compliance with the laws of the United States, Canada and other countries that apply to the Company’s international operations, including import and export legislation, trade sanctions, lawful access, and privacy, anti-corruption and consumer protection laws;
•unexpected changes in foreign regulatory requirements;
•reliance on third parties to establish and maintain foreign operations;
•instability in economic or political conditions;
•foreign exchange controls and cash repatriation restrictions;
•tariffs and other trade barriers;
•increased credit risk and difficulties in collecting accounts receivable;
•potential adverse tax consequences;
•uncertainties of laws and enforcement relating to the protection of intellectual property or secured technology;
•litigation in foreign court systems;
•cultural and language differences; and
•difficulty in managing a geographically dispersed workforce.
In addition, the Company is exposed to foreign exchange risk as a result of transactions in currencies other than its U.S. dollar functional currency. The majority of the Company’s revenue is denominated in U.S. dollars; however, some revenue, and a substantial portion of operating costs and capital expenditures are incurred in other currencies, primarily Canadian dollars, euros and British Pounds. For more details, please refer to the discussion of foreign exchange and income taxes in the Company’s MD&A for the fiscal year ended February 29, 2024.
All of the above factors may have a material adverse effect on the Company’s business, results of operations and financial condition and there can be no assurance that the policies and procedures implemented by the Company to address or mitigate these risks will be successful, that Company personnel will comply with them, or that the Company will not experience these factors in the future.
Environmental events may negatively affect the Company.
The Company has operations in numerous locations around the world that expose the Company to additional diverse environmental risks. A significant natural disaster, such as an earthquake, fire or flood could have a material adverse impact on the Company’s business and operations and could cause the Company to incur costs to repair damages to its facilities, equipment and infrastructure. From time to time, the Company’s offices and remote working locations have historically experienced, and are projected to continue to experience, climate-related events including drought, heat waves, ice storms, power shortages, and wildfires and resultant air quality impacts. The increasing frequency and impact of extreme weather events on the infrastructure of the Company and its suppliers, as well as public infrastructure, have the potential to disrupt the business of the Company, its suppliers and its customers.
Although the Company maintains incident management and disaster response plans, they may prove to be inadequate in the event of a major disruption caused by a natural disaster or geopolitical incident and the Company may be unable to continue its operations and may endure system interruptions, reputational harm, delays in its development activities, lengthy interruptions in service, breaches of data security and loss of critical data, and the Company’s insurance may not cover such events or may be insufficient to compensate the Company for the potentially significant losses it may incur.
The Company expects its quarterly revenue and operating results to fluctuate.
The Company’s revenues can change from one quarter to the next, including due to unexpected developments late in a quarter, such as lower-than-anticipated demand for the Company’s products and services, issues with new product or service
introductions, an internal systems failure, or challenges with one of the Company’s distribution channels or other partners (including licensees and manufacturers).
Gross margins on the Company’s products and services vary across product lines and can change over time as a result of product transitions, pricing and configuration changes, and cost fluctuations. In addition, the Company’s gross margin and operating margin percentages, as well as overall profitability, may be materially adversely impacted as a result of a shift in product/service, geographic or channel mix, component cost increases, price competition, or the introduction of new products and services, including those that have higher cost structures or reduced pricing.
The market price of the Company’s common shares is volatile.
The market price of the Company’s outstanding common shares has been and continues to be volatile. The market price of the Company’s shares may fluctuate significantly in response to the risks described elsewhere in these Risk Factors, as well as numerous other factors, many of which are beyond the Company’s control, including: (i) announcements by the Company or its competitors of new products and services, acquisitions, customer wins or strategic partnerships; (ii) forward-looking financial guidance provided by the Company, any updates to this guidance, or the Company’s failure to meet this guidance; (iii) quarterly and annual variations in operating results, which are difficult to forecast, and the Company’s financial results not meeting the expectations of analysts or investors; (iv) recommendations by securities analysts or changes in earnings estimates; (v) the performance of other technology companies or the increasing market share of such companies; (vi) results of existing or potential litigation; (vii) market rumours; (viii) trading in derivative securities based on the Company’s common shares; or (ix) speculative trading that is not primarily motivated by Company announcements or the condition of the Company’s business. In addition, dilutive share issuances could adversely affect the market price of the Company’s outstanding common shares.
In addition, broad market and industry factors may decrease the market price of the Company’s common shares, regardless of the Company’s operating performance. The stock market in general, and the securities of technology companies in particular, have often experienced extreme price and volume fluctuations. Periods of volatility in the market price of the Company’s securities may prompt securities class action litigation against the Company which, if not resolved swiftly, can result in substantial costs and a diversion of management’s attention and resources. See also the Risk Factor entitled “Litigation against the Company may result in adverse outcomes” and the “Legal Proceedings” section in this Annual Report on Form 10-K.
