WASHINGTON, D. C. 20549
Indicate by check mark if the Registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities
Indicate by check mark if the Registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company” and “emerging growth company” in Rule 12b-2 of the Exchange Act.
The aggregate market value of shares of common stock held by non-affiliates of the registrant was $14,923,423,792,$23,135,517,574, based on the number of shares held by non-affiliates and the last reported sale price of the registrant’s common stock on July 31, 20192020 (the last business day of the registrant’s most recently completed second fiscal quarter).
The number of shares outstanding of the Registrant’s Common Stock as of March 19, 20202021 was 158,619,718163,839,113 shares.
Splunk Inc.
Table of Contents
| | | | | | | | | | | |
| | | Page No. |
| | | |
| | | |
Item 1. | | | |
Item 1A. | | | |
Item 1B. | | | |
Item 2. | | | |
Item 3. | | | |
Item 4. | | | |
| | | |
| | | |
| | | |
| | | Page No. |
Item 5. | | | |
| | | |
Item 1. | | | |
Item 1A. | | | |
Item 1B. | | | |
Item 2. | | | |
Item 3. | | | |
Item 4. | | | |
| | | |
| | | |
| | | |
Item 5. | | | |
Item 6. | | | |
Item 7. | | | |
Item 7A. | | | |
Item 8. | | | |
Item 9. | | | |
Item 9A. | | | |
Item 9B.9A. | | | |
| | | |
| | | |
Item 9B. | | | |
| | | |
| | | |
| | | |
Item 10. | | | |
Item 11. | | | |
Item 12. | | | |
Item 13. | | | |
Item 14. | | | |
| | | |
| | | |
| | | |
Item 15. | | | |
Item 16. | | | |
| | | |
PART I
NOTE REGARDING FORWARD-LOOKING STATEMENTS
This Annual Report on Form 10-K, including but not limited to the sections entitled “Business,” “Risk Factors,” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” contains forward-looking statements that involve risks and uncertainties, as well as assumptions that, if they never materialize or prove incorrect, could cause our results to differ materially from those expressed or implied by such forward-looking statements. Statements that are not purely historical are forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended (the “Exchange Act”). Forward-looking statements are often identified by the use of words such as, but not limited to, “anticipate,” “believe,” “can,” “continue,” “could,” “estimate,” “expect,” “predict,” “intend,” “may,” “might,” “plan,” “project,” “potential,” “seek,” “should,” “target,” “will,” “would” and similar expressions or variations intended to identify forward-looking statements. These forward-looking statements include, but are not limited to, statements concerning the following:
•our future financial and operating results; including trends in and expectations regarding revenues, annual recurring revenue, deferred revenue, billings,remaining performance obligations, gross margins, operating income and the proportion of transactions that will be recognized ratably;
•market opportunity;
•expected benefits to customers and potential customers of our offerings and our user-driven ecosystem;
•investment strategy, business strategy and growth strategy, including our business model transition and the use of acquisitions to expand our business;
•our sales and marketing strategy, including our international sales and channel partner strategy;
•customer product adoption and purchasing patterns, including renewal, expansion and conversion from on-premises to cloud services
•management’s plans, beliefs and objectives for future operations;
•our ability to provide compelling, uninterrupted and secure cloud services to our customers;
•expectations about competition;
•economic and industry trends or trend analysis;
•expectations about the benefits of acquisitions;
•expectations about seasonality;
•revenue mix;
•expected impact of changes in accounting rules or standards;
•use of non-GAAP financial measures;
•operating expenses, including changes in research and development, sales and marketing, facilities and general and administrative expenses;
•sufficiency of cash to meet cash needs for at least the next 12 months;
•exposure to interest rate changes;
•inflation;
•anticipated income tax rates, tax estimates and tax standards;
•capital expenditures, cash flows and liquidity; and
•the impact of natural disasters and actual or threatened public health emergencies, such as COVID-19.
These statements represent the beliefs and assumptions of our management based on information currently available to us. Such forward-looking statements are subject to risks, uncertainties and other important factors that could cause actual results and the timing of certain events to differ materially from future results expressed or implied by such forward-looking statements. Factors that could cause or contribute to such differences include, but are not limited to, those identified below, and those discussed in the section titled “Risk Factors” included under Part I, Item 1A. Furthermore, such forward-looking statements speak only as of the date of this report. Except as required by law, we undertake no obligation to update any forward-looking statements to reflect events or circumstances that occur after the date of this report.
Overview
Splunk provides innovative cloud and software solutionsofferings that ingestdeliver and operationalize insights from data from different sources includinggenerated by digital systems. This data is growing significantly as a direct result of the prevalence and importance of digital systems devicesused by today’s organizations. Decades of investment in digital transformation have integrated the hardware and interactions, and turnsoftware that comprise digital systems into every aspect of how modern organizations operate. The data into meaningful business insights across the organization. Our Data-to-Everything platform enables users to investigate, monitor, analyze and act on data regardless of format or source. Data is producedgenerated by nearly every software application and electronic device across an organization andthese systems contains a comprehensive, real-time record of various activities, such asoperations, interactions, and transactions that our offerings convert into insights that improve technology and business transactions, customer and user behavior, and security threats. Beyond an organization's traditional information technologyoutcomes. Our solutions for Security, Information Technology (“IT”) Operations, and Observability empower users in technology roles, including application development, IT operations, and cyber security, infrastructure, data from the Industrial Internet, including industrial controlto monitor and secure digital systems sensors, supervisory controlmore quickly and data acquisition (“SCADA”) systems, networks, manufacturing systems, smart meters and the Internet of Things (“IoT”), which includes consumer-oriented systems, such as electronic wearables, mobile devices, automobiles and medical devices are also continuously generating data. Our Data-to-Everything platform helps organizations gain the value contained in data by delivering real-time information to enable operational decision making.
Our mission is to make data accessible, usable and valuable to everyone in an organization. Our customersefficiently. Business users leverage our offerings for various use cases,to gain visibility to their digital processes in order to deliver better experiences, improve decisions and drive better results in areas including supply chain, inbound and outbound logistics, manufacturing, sales, and service.
Our offerings provide visibility to our customers’ diverse technology infrastructure including systems deployed on the edge, on premises, and operations management, securityin private and compliance,public cloud environments, running software developmentranging from embedded through monolithic apps to cloud native ones. We also believe our offerings empower operational transformation, helping customers move from reactive, non-scalable and IT operations, applications managementineffective approaches to proactive, automated, and AI-assisted processes that drive better outcomes even as the scale and complexity of their infrastructures continue to grow.
The events of 2020 significantly increased the importance of being a digital, data-driven enterprise. The COVID-19 pandemic is exerting an enormous amount of pressure on organizations of all kinds to support new ways of working, to deliver better experiences and outcomes, and to enable entirely new offerings and business analytics, and to provide insights into data generated by IoT and industrial data, among many others. Our offerings are intended to help users in various roles, including IT, security, application development, manufacturing and business professionals, quickly analyze their data and achieve real-time visibility into and intelligence about their organization’s operations.models. We believe thisthat Splunk enables organizations to improve service levels, reduce operational costs, mitigate security risks, demonstrate and maintain compliance, drive better business decisions, and increase efficiency through data-driven automation. This results inrise to these challenges by leveraging technology to achieve greater efficiency, agility, security, and drive a sustained competitive advantage for our customers.advantage.
OurSplunk Product Offerings
Portfolio Overview
Our portfolio comprises three categories of offerings:
The Splunk Platform A broad set of configurable and extensible capabilities that can acquire and manage data and deliver insights from virtually any technology source.
Splunk EnterpriseSolutions Application offerings that leverage the Splunk Platform to provide deep, pre-built capabilities for Security, IT Operations, and Observability.
Ecosystem Solutions Our flagship productContent built by our field organization, partners, and customers that configures and extends the Splunk Platform and Splunk Solutions, accelerating customer time-to-value for a broad range of use cases.
We believe that the Splunk portfolio offers a unique breadth and depth of capabilities, including:
•Industry analyst-recognized market leadership in our Security, IT Operations, and Observability solutions, which can deliver best-in-class outcomes for customers.
•Creating greater cost efficiencies and better outcomes for customers by reducing data duplication, scaling investments across multiple functions and use cases, and enabling greater collaboration, common visibility, and tighter alignment across functions.
•The scalability, flexibility, and power of the Splunk Platform enables complete solutions for very large and complex technology infrastructures, and is proven across thousands of customers capable of ingesting and analyzing up to petabytes of data per day
•The combination of real-time stream transformation and analytical processing with near-real time and batch-oriented processing of large, complex data sets collected over long time periods. Together these capabilities provide support for a broad range of use cases spanning end-to-end operational processes, from historical analytics, forensic investigation, and machine learning model development to real-time monitoring, analytics, and machine model execution.
•The increasing use of machine learning across the portfolio to drive more sophisticated and valuable insights at ever growing scale. We apply our deep expertise in the Security, IT, and Observability domains to out-of-the-box machine learning analytics in Splunk Enterprise,Solutions to deliver more accurate and actionable insights, proactive monitoring, and prescriptive and automated responses. The Splunk Platform provides pre-built machine learning algorithms and model development capabilities and supports integration with external data science platforms, expanding the use of machine learning to complex, custom use cases.
The Splunk portfolio of offerings is delivered as a mix of cloud service offerings and licensed software (“software offerings”) that customers deploy on their premises or in their own cloud environments. We believe that the unique capabilities, rapid delivery, and streamlined adoption that cloud services enable make them the best delivery model for us and the majority of our customers. Accordingly, we will deliver a growing number of our offerings exclusively as cloud services to take full advantage of cloud capabilities like elastic scalability while maximizing the rate at which new features are adopted and validated. Where there is a need to deliver solutions as software offerings, we generally follow a cloud-first model, under which the most complete feature sets and frequent releases are provided in cloud services offerings, while subsets of cloud-validated features are released on a more measured cadence in software offerings.
The Splunk Platform
The Splunk portfolio of offerings is anchored by the Splunk Platform, a real-time data platform comprised ofcomprising collection, streaming, indexing, search, reporting, analysis, machine learning, alerting, monitoring and data management capabilities. Different combinations of the Splunk Platform capabilities are offered as services in Splunk Cloud, and in our Splunk Enterprise can collect and index petabytes of data daily, irrespective of format or source. Our data platform uses our patented data processing architecture that performs dynamic schema creation at read time, rather than write time, enabling users to run queries on data without having to define or understand the structure of the data prior to collection and indexing. This is in contrast to traditional IT systems that require users to establish the format of their data prior to collection in order to answer a pre-set list of questions. Splunk Enterprise also enables customers to interactively explore, analyze and visualize data stored in data sources such as Hadoop and Amazon S3. Our technology delivers speed, scalability and advanced analytics including machine learning when processing massive amounts of data for anomaly detection, event grouping, prediction and other methods. Our software leverages improvements in the cost and performance of commodity computing and can be deployed in a wide variety of computing environments, from a single laptop to large globally distributed data centers, as well as public, private and hybrid cloud environments.
Splunk Cloud Splunk Cloud delivers the benefits of Splunk Enterprise deployed and managed reliably and scalably as a service. Splunk Cloud is available globally and eliminates the need to purchase, deploy and manage infrastructure. Splunk Cloud can be used to collect, analyze and store data in a public cloud environment or via a hybrid approach that spans cloud and on-premises environments. A single Splunk interface can search data stored in both on-premises Splunk Enterprise instances, as well as Splunk Cloud instances, providing a single point of visibility and analysis across the customer’s entire enterprise.
Premium Solutions
Our premium solutions are purpose-built to address key customer needs. Splunk premium solutions are sold separately and include:
Splunk Enterprise Security (“ES”) Addresses emerging security threats and security information and event management (“SIEM”) use cases through monitoring, alerting, reporting, investigation and forensic analysis.
SignalFx Provides real-time observability and troubleshooting for cloud infrastructure and applications built on modern cloud-native technologies such as containers, Kubernetes, microservices, and serverless functions.
Splunk IT Service Intelligence (“ITSI”) Uses machine learning to monitor the health and key performance indicators of critical IT and business services.
Splunk Phantom Automates and orchestrates incident response workflows to take immediate action the moment an incident is detected.
VictorOps Empowers developer and operations teams by delivering alerts to the right people so they can collaborate and resolve IT incidents.
Splunk Data Stream Processor (“DSP”) Collects unstructured or structured data from multiple sources in real time and can quickly turn large volumes of raw data into rich, contextual data and metrics that can then be stored insoftware offerings. Key Splunk Enterprise, Splunk Cloud, or third-party databases.Platform capabilities include:
Splunk Data Fabric Search (“DFS”)• Enables highly complexExpansive data collection and high-performance searches of massive datasets to provide a comprehensive view of customer behavior, organizational threats and business opportunities.
Apps and Add-on Capabilities
We also complement the capabilities of Splunk Enterprise, Splunk Cloud and our premium solutions with additional content (“apps” and “add-ons”). These apps and add-ons, which are generally available for download from within our offerings, via our Splunkbase website or in our Splunk Cloud environment, provide functionality in the form of pre-built data inputs, workflows, searches, reports, alerts and dashboards that make it easier and faster for our customers to address specific use cases. Splunk, along with a number of third-party developers and customers, has developed hundreds of apps and add-ons for common data sources and valuable use cases in our core and adjacent markets. Many of these apps and add-ons are available as free downloads. Examples of apps that we and our partners have developed include:
Splunk App for Amazon Web Services (“AWS”) Collects and analyzes data from AWS data sources to deliver security, operational and cost management insights via pre-built dashboards, reports and alerts.
Cisco Firepower App for Splunk Delivers critical high value contextual security and network event information when combined with the Cisco eStreamer eNcore add-on. Incorporates advanced visualizations and investigative capabilities for Cisco Firepower and Firepower Management Console. Built, supported, and maintained by Cisco Systems, Inc.
The Splunk data platform can be extended with optional add-on capabilities that enhance the ability to process and transform data in real time. For example:
Splunk Machine Learning Toolkit (“MLTK”) Includes custom visualizations and guided workflows, as well asinstrumentation, including application programming interfaces (“APIs”) for, endpoints, and agents that can acquire data from an extensive set of hardware and software sources. Additionally, Splunk is a leading contributor to OpenTelemetry, a broadly-used open source project hosted by the Cloud Native Computing Foundation.
•Processing and analysis of very large volumes of data, both in real-time while in motion and at rest, in our proprietary, algorithms. It also containshigh-scale indexes and external data stores.
•A comprehensive, domain-specific language called the Search Processing Language (“SPL”), which provides a data prep module to help customers preparebroad set of commands for preparing, exploring, monitoring, analyzing, and clean their data before they createvisualizing complex, time series-based data.
•Extensive machine learning models.
Splunk Connected Experiences Provides access tocapabilities, including out-of-the-box algorithms optimized for common data alerts, and actions throughout an organization on mobile devices and connected devices such as Apple TVs. Utilizes cutting edge approaches such as natural language processing, as well as virtual and augmented reality, to enable more contextual interactions with data.
Splunk apps and add-ons enable us to deliver greater customer value, target new markets, accelerate user adoption and address markets traditionally served by point solutions. Often, customers start with one app before expanding into other appstypes and use cases driving incremental usage, licensing and revenuesinterfaces that allow data scientists to develop and deploy customized algorithms and models against our customers’ data.
•A wide range of interfaces for Splunk Enterpriseadministrators, data engineers, analysts, and Splunk Cloud.end users that includes tools providing a point-and-click experience for data preparation and investigation, highly-configurable dashboards, and a family of solutions purpose-built for mobile devices, smart watches, and Apple TV and Chromecast display devices.
As part of our strategy to offer an open platform, we provide •APIs and software development kits (“SDKs”) in major programming languages and extensions for popular integrated development environments (“IDEs”) like Eclipse and Microsoft Visual Studio. These enable developers to build software that leverages Splunk Enterprise or Splunk Cloud, as well as integrate with other parts of an organizations’ IT infrastructure.
Our online user community websites, Splunkbase and Splunk Answers, provide our customers with an environment to share apps, collaborate on the use of our software and provide community-based support and education. Additionally, our Splunk Dev portal allows developers to download SDKs, access API documentation and see sample code for building applications using our developer environment and tools. We believe this user-driven ecosystem results in greater use of our
offerings and provides cost-effective marketing, increased brand awareness and affinity, as well as viral adoption of our offerings.
Our offerings are designed to deliver rapid return-on-investment for our customers. They generally do not require customization, long deployment cycles or extensive professional services commonly associated with traditional enterprise software applications. Prospective users can get started with our free online sandboxes that enable our customers to immediately try and experience Splunk offerings. Users that prefer to deploy the software on-premises can take advantage of our free 60-day trial of Splunk Enterprise and a 15-day free trial is available to users that prefer the core functionalities of Splunk Enterprise delivered as a cloud service. These users can sign up for Splunk Cloud and avoid the need to provision, deploy and manage internal infrastructure. Alternatively, they can simply download and install the software, typically in a matter of hours, to connect to their relevant data sources. Customers can also provision a compute instance on AWS via a pre-built Amazon Machine Image, which delivers a pre-configured virtual machine instance with our Splunk Enterprise software. We offer free development-test licenses for certain commercial customers, allowing users to explore new data and use cases in a non-production environment without incurring additional fees. We also offer support, training and professional services to our customers to assist in the deployment of our software.
Our Growth Strategy
Our goal is to make Splunk the standard platform for delivering real-time business insights from data. The key elements of our strategy are to:
Extend our technological capabilities. We intend to continue to invest heavily in product development to deliver additional features and performance enhancements, deployment models and solutions that can address new markets and support Splunk software usage across multiple use cases. In particular, we intend to invest in our suite of cloud services to both deliver new capabilities as well as provide a cloud-first experience to our customers including more frequent, automated software updates and making the in-product experience self-service for administrators and users. To support the growth of our Cloud customer base, we will continue to invest in supporting massive ingest and search scale as a service. We will continue to expand into adjacent products, services and technologies that enable organizations to further realize the value of their data across cloud and on-premises environments. Our investments may involve hiring and internal development, acquisitions and licensing of third-party technology.
Continue to expand our direct and indirect sales organization, including our partner relationships, to increase our sales capacity and enable greater market presence. We will continue to increase investments in our sales and marketing organizations to enable the acquisition of new customers, as well as expansion within our current customer base. Our investments will be spread across geographies, customer tiers and industries. We will continue to invest in and foster the growth of our partner relationships, both inside and outside the United States, to enable greater leverage in our go-to-market investments. We will also expand go-to-market channels that enable new ways to consume our offerings.
Further penetrate our existing customer base and drive enterprise-wide adoption. We will continue to drive customer satisfaction and renewals by offering community, standard, enterprise and global support to ensure our customers’ success with our offerings. We will continue to cultivate incremental sales from our existing customers through increased use of our offerings within organizations, as well as consultative services that broaden the customer’s awareness of our product and service capabilities. In particular, we will continue to seek to upsell increased indexing capacity to our existing customers for additional deployments and new use cases. Our recent acquisitions of SignalFx, Omnition, and VictorOps provide us with access to customers and markets that are highly sophisticated in their use of cloud-native technologies and DevOps methodologies. We will continue to develop a SaaS model that allows for high velocity sales, especially to customers where traditional enterprise sales models are not as effective. We believe our existing customer base serves as a strong source of incremental revenues given the horizontal applicability of our offerings and the growing data volumes and use cases our customers experience. Our sales teams are responsible for securing new customers, obtaining renewals of existing contracts and increasing adoption of our software by existing customers.
Enhance our value proposition through a focus on solutions which address core and expanded use cases. We will continue to organize our go-to-market and product strategy around our customer use cases. We have invested in market groups for Security and IT buying centers and, with the acquisition of SignalFx and Omnition in 2019, we have expanded our IT offerings with enhanced capabilities for application development teams. This approach includes offering capabilities, either in the form of platform features or premium solutions, which target both our core use cases and new use cases, as driven by our corporate strategy and customer demand. We believe premium solutions in particular will enable us to increase our market
penetration, expand our addressable market opportunity and make our products a more targeted solution for specific challenges that our customers face across their organizations.
Grow our user communities and partner ecosystem to increase awareness of our brand, target new use cases, drive operational leverage and deliver more targeted, higher value solutions. We believe our user community has the potential to provide significant operating leverage by delivering apps that extend the Splunk platform into new use cases. We will continue to invest in business development initiatives in order to add additional technology alliances, original equipment manufacturer (“OEM”) and strategic relationships to enable new sales channels for our offerings as well as extend our product integrations with third-party products. In addition, once these relationships have been established, we expect that OEM vendors and managed service providers will continue to invest in and create customized application functionality based on our platform.
Continue to deliver a rich developer environment to enable rapid development of enterprise applications that leverage data and the Splunk platform. We intend to continue our investments in SDKs and APIs that help software developers leverage the Splunk platform. Our SDKs enable developers to build solutions that deeply integrate the analytics functionality of our offerings across the enterprise. Through our investments in SDKs and APIs, we intend to promote and extend the capabilities of our offerings to customers who wish to build sophisticated applications and interfaces that leverage our software and services.
Pricing
Splunk provides flexible pricing options for customers of all sizes:
Data Ingestion Pricing. Pricing is based on the amount of data indexed, namely the maximum aggregate volume of uncompressed data indexed on a daily basis, expressed in gigabytes, terabytes or petabytes per day. Once a data ingestion license is purchased, there is no limit or additional costs based on other product usage elements nor the customer’s preferred deployment size or model. For Splunk Cloud customers, ingestion pricing is generally based on an annual subscription fee that takes into consideration the combination of the volume of data indexed per day and the amount of data stored.
Predictive Pricing. We recently introduced the Predictive Pricing Program (“PPP”), a simple, tiered pricing model for private sector organizations that provides more predictability and flexibility as these organizations scale. PPP offers pricing to customers based on predefined volume tiers. Customers can consume data up to the maximum in each tier for a single price and get clear visibility in the cost of the subsequent higher tiers. PPP is available for Splunk Enterprise, Splunk ES, Splunk UBA and Splunk ITSI.
Infrastructure Pricing. Infrastructure pricing is available for customers who want an alternative pricing metric to data ingestion. Pricing is determined by the amount of compute resources Splunk products have access to rather than data volume ingested. Infrastructure pricing is available for Splunk Enterprise, Splunk ES, Splunk ITSI, as well as equivalent offerings in Splunk Cloud, and allows customers to control the amount of product consumption while making explicit choices between search response times and amount of data indexed.
Rapid Adoption Packages. Splunk offers a number of Rapid Adoption Packages for Splunk Enterprise and Splunk Cloud customers which are designed for specific IT and security use cases. These packages may scale up in data volume depending on the use case and additional use cases are purchased separately.
Some of our offerings address markets where other pricing models may be prevalent. For example, the pricing of Splunk Phantom and VictorOps is based on the number of seats that use the products.
Splunk Technology
Key Technologies
We believe our investments in our products and key technologies provide significant competitive differentiation. Our key technologies are architected to support large volumes of data at a massive scale with minimal overhead. Our platform is highly flexible and is able to collect and index large amounts of heterogeneous data formats, from physical, virtual and/or cloud environments.
Schema-on-the-fly. Our products collect and index data irrespective of source and format. Rather than requiring that data be input in a pre-defined structure, our schema-on-the-fly technology creates structure as data is being searched, allowing users to ask new and different questions at any time without having to re-architect a schema as would be required in a relational database. Our technology builds a schema at read time, rather than write time, and does not require pre-defined knowledge about the data it is processing. Using our technology, different users can run a variety of queries, regardless of changes in format of the data being input into the system.
Data platform. Our products enable users to process data from diverse sources no matter the infrastructure topology, from a single system to a globally distributed microservices application. This data platform allows customers to address the complexities of handling massive amounts of real-time, dynamic, heterogeneous data. Our APIs enable users to forward data from our software to other parts of their IT network, creating a data platform across the organization, irrespective of whether the data is used by our products for analysis and reporting or as a conduit to other systems.
Search processing language. Our proprietary search processing language is specifically designed for working with large volumes of data. Our search language supports arithmetic operations to refine searches and conduct calculations with the results of a query in real time. Statistical and reporting commands native to our search language, including machine learning algorithm support, and enable users to perform more robust calculations and analytics. Our software can also learn about the structure of the data through the searches users conduct, allowing users to utilize the data structure and knowledge garnered by previous Splunk searches. Our software includes acceleration technology that delivers high performance for analytical operations across terabytes or petabytes of data, such as identifying rare terms and performing aggregation operations.
Machine Learning. The Splunk platform allows our customers to apply machine learning analytics to better predict and help prevent IT, security and IoT incidents, and can also be used to forecast key business indicators. Machine learning embedded in our software offers customers advanced analytics as an integrated, turnkey part of IT and security use cases.
Real-time cloud and microservices monitoring at scale. Our SignalFx technology enables the collection of cloud infrastructure metrics and traces at a very high scale. It provides full-fidelity monitoring by recording all of the traces generated by monitored applications. Meanwhile, the streaming metrics capabilities provide the ability to collect and analyze metrics at scale. Artificial intelligence is applied to spot anomalies and trends among the billions of data points collected, which allows SignalFx users to quickly triage and resolve problems in their cloud infrastructure and microservices-based applications.
Splunk Enterprise and Splunk Cloud
Features and Functionality
Our Splunk Enterprise platform contains the following features and functionalities and Splunk Cloud delivers the benefits of Splunk Enterprise as a cloud service.
Universally collect, index, store and archive any data, from any source. Splunk Enterprise processes data in real time from any source, format or location. This includes streaming data generated by websites, applications, servers, networks, sensors and mobile devices.
Search and investigate. Splunk Enterprise allows users to search real-time and historical data simultaneously.
User-friendly interface. Splunk Enterprise uses a customizable interface that enables users to understand and adopt the product. The user interface also provides productivity features, such as type-ahead and contextual help to accelerate adoption and usage.
Analytics workspace. Splunk Enterprise provides a drag-and-drop interface that enables non-technical users to monitor, analyze, and visualize metrics and other time-series data without writing code.
Knowledge store. Users can store knowledge about events, fields, transactions, patterns, statistics and key-value pairs so others who utilize the Splunk instance can leverage this information.
Monitor and alert. Users can save searches so they can be run automatically to raise real-time alerts that trigger actions such as sending emails, running scripts, or posting to an RSS feed.
Report and analyze. Users can create ad hoc reports on real-time and historical data to analyze business and IT data trends.
Custom dashboards and views. Splunk Enterprise enables users to create custom dashboards that integrate multiple charts and views of real-time and historical data for different users and roles.
Data models and pivot interface. Splunk Enterprise enables users to build data models that describe relationships in the underlying data, making it more meaningful and usable. Non-technical users can generate charts, visuals and dashboards using the pivot interface, without the need to master the Splunk Search Processing Language.
Workload management. Splunk Enterprise enables users to align resource use with business priorities through a rule-based framework that allocates compute and memory resources to search, indexing, and other resource intensive processes.
Splunk SmartStore. Splunk Enterprise allows users to retain and analyze growing volumes of historical data using remote object stores, such as Amazon S3, to store indexed data to reduce infrastructure costs with the Splunk SmartStore.
Deployment management and monitoring tools. Whether users deploy on premises or in a cloud environment, Splunk Enterprise includes management, monitoring and deployment tools to administer the Platform and maintain a healthy deployment. Additionally, the Splunk Operator for Kubernetes deployment container, available on DockerHub and Red Hat registries, automates deployment of Splunk Enterprise in a cloud environment.
Developer platform. Splunk Enterprise includes a rich developer environment. The Splunk Web Framework enables developers to use the tools and languages they know, such as JavaScript, to build Splunk apps with custom dashboards, a flexible UI and custom data visualizations. SDKs for Java, JavaScript, C# and Python enables rapid integration between Splunk Enterprise to other applications and systems to maximize the value of our customers’ data.
Customizable and third-party applications. Splunk Enterprise enables users to build their own applications or install applications built by Splunk or third-party developers based on an industry use case or unique customer data need.
Role-based access controls. Splunk Enterprise incorporates role-based access controls and authentication, integrated with existing enterprise-wide security policies, to help secure the data stored within our indexes, as well as control users’ activities in our software.
Technology Architecture
The technology architecture of our Splunk platform contains a number of important components:
Collection. Our Splunk platform collects data from many disparate sources across a distributed environment deployed on-premises, or in public and private clouds. This includes servers, network devices, message buses, API endpoints, desktop and laptop computers, mobile devices and various other systems that organizations have deployed to support their operations. Our products act as a recording mechanism, collecting, storing and making available all of the data that they index and store. Splunk offers a Universal Forwarder and other data ingestion tools that can be deployed on various data sources to facilitate the reliable rapid collection of data. Splunk Enterprise features native support for metrics, which are sets of numbers describing a particular process or activity, measured over time. Our Splunk platform uses a custom index type that is optimized for metric storage and retrieval for system metrics such as CPU, memory, disk or information from IoT devices.
Indexing. Our proprietary universal indexing technology enables real-time indexing of any data collected regardless of its source or format and without the use of any specific parsers or data connectors. Our Splunk platform indexes the data and stores the data in a scalable storage format, which can reside on commodity servers and storage devices. In the case of Splunk Cloud, data is stored securely in our cloud service, which is hosted exclusively by third-party providers of cloud infrastructure services.
Search. Our Splunk platform enables users to search massive amounts of data that have been indexed and stored. At its most basic level, the search engine at the core of our Splunk platform allows users to type and search for keywords or data fields that are of interest. This foundational capability forms the basis for deriving business insights from our dashboards and customized views. Users can leverage our search language and functionality to filter through indexed data and refine search results to obtain more precise information. The Splunk platform also provides event pattern detection to allow users to detect meaningful patterns in their data, regardless of data source or type.
Core functions. Our Splunk platform’s core functionality includes alerts, access control, statistics, correlation and predictive capabilities. With our software’s granular, role-based access control, an administrator can manage various aspects of a given user’s search including the data to which the user has access, as well as what portions of the data may be visible in results. Search results and reports can be defined according to a particular user’s business function and level of access. Different users can see completely different views on the same data, depending on what is important to them.
Archive to Hadoop and Amazon S3. Splunk Enterprise customers can archive historical data to Hadoop or Amazon S3 for low-cost storage as a standard feature. Customers can gain new insights with distributed search queries that correlate real-time data from Splunk Enterprise with historical data stored in Hadoop or Amazon S3.
SDKs and APIs. Our SDKs allow third-party software developers to build enterprise applications on top of our software using popular programming languages such as Java, JavaScript, C# and Python. Our APIs allow users to access the data stored withinPython that enable the Splunk platform instance,ecosystem, including Splunk customers and partners, to build applications and integrations that focus the power of the Splunk Platform on specific use cases.
Splunk Solutions
In addition to enabling a wide range of use cases, the Splunk Platform is also the foundation of the application offerings for Security, IT, and Observability.
Splunk Security Solutions
Splunk Security solutions help cybersecurity teams streamline the security operations workflow, accelerate threat detection and response, enhance threat visibility, and scale resources to increase analyst productivity through machine learning and runbook-driven automation. Built on the Splunk Platform, Splunk Security offerings include Splunk Enterprise Security, Splunk User Behavior Analytics and Splunk Phantom, and are available as wella mix of cloud services and software offerings. Customers use the Splunk Security offerings to address a range of use cases including:
Investigation and Forensics Empower security teams to analyze and confirm high priority incidents to determine the circumstances and scope of an incident while appropriately handling incident investigation and response.
Security information and event management and Security Analytics Enable security teams to gain full visibility into their data and make analytics-driven security decisions using pre-built frameworks, workflows and dashboards. Specific use cases include real-time security monitoring, advanced threat detection, and incident investigation for efficient threat management.
Automation and Orchestration Provide security operations centers advanced orchestration, automation and response capabilities by integrating teams, processes and tools. Splunk Mission Control empowers security teams to detect, manage, investigate, hunt, contain and remediate threats from a unified security operations platform.
Splunk IT Solutions
Splunk IT solutions provide IT Operations teams visibility and control across cloud and on-premises environments. With improved visibility, IT Operations teams can predict and find outages, improve decision-making and take a service oriented approach to managing IT infrastructure and applications. Splunk IT offerings, which are built on the Splunk Platform and are available as access oura mix of cloud and software offerings, include Splunk IT Service Intelligence, Splunk On-Call and Splunk Infrastructure Monitoring. Customers use Splunk IT solutions to address a range of use cases including:
IT Investigation and Monitoring Monitor uptime, performance and response time with a unified view of their entire IT environment. Splunk offerings enable IT Operations teams to obtain insight across their data engine functionality from third-party software.centers and cloud services so that they can accelerate outage investigations and reduce mean time to resolution by quickly identifying and resolving problems.
App Development Environment.Event Analytics and Management We provideProactively resolve service issues by using Splunk machine learning capabilities to cluster, filter, and significantly reduce event noise. This results in less time sifting through false positives and the ability to prioritize alerts in terms of impact.
Service Monitoring and Insights Understand how multiple tiers of the service stack interact with each other and impact service degradation. Using machine learning, IT Operations teams can help prevent future outages based on predictive service health scores. IT Operations teams gain visibility across silos to understand high level business service health and performance, while also diving deep into investigations to find the root cause of an incident faster.
Incident Response and Automation Improve the experience of developers and IT Operations through incident response and automation focused on escalating outage and performance incidents to the right people and teams so they can triage and resolve problems most quickly.
AIOps Use big data analytics, machine learning and artificial intelligence to deliver increased accuracy and speed to IT Operations. The Splunk AIOps solution analyzes massive datasets from disparate sources and employs advanced analytics to automate common IT operations and improve data analysis.
Splunk Observability Solutions
The Splunk Observability solutions, offered only as cloud services, focus on application developers, DevOps engineers, site reliability engineers, and cloud operations teams that are responsible for usersbuilding and maintaining modern infrastructure and applications. These teams are responsible for maintaining application uptime and performance, reducing time to recover from outages, gaining visibility into their constantly changing infrastructure and applications, and ensuring positive user experiences. Splunk Observability offerings include Splunk Infrastructure Monitoring, Splunk Application Performance
Monitoring (“APM”), Splunk Synthetic Monitoring and Splunk On-Call. These offerings can be consumed independently or as an integrated offering that provides full-stack visibility and complete service insights.
Customers use the Splunk Observability solutions to address a range of use cases including:
Cloud Infrastructure Monitoring Monitors cloud infrastructure and networks by streaming performance metrics to detect patterns, sending availability and performance alerts and analyzing performance trends. Splunk Infrastructure Monitoring offers infrastructure visibility across on-premises, hybrid-cloud, multi-cloud and cloud-native infrastructures, containers and orchestration systems such as Docker and Kubernetes and network performance using the eBPF (Extended Berkeley Packet Filter) technology.
APM Monitors applications, especially those based on microservices, to identify performance bottlenecks and outages caused by application issues. Splunk APM provides insights into how microservices and a wide range of application code, including Java, are performing.
Digital Experience Monitoring Monitors services by using both real user and synthetic transactions to analyze response time and issues that create bottlenecks in response time.
Log Investigation Helps identify the root cause of outages and issues by isolating log files that indicate a specific problem in a specific location.
Incident Response Incident response is focused on escalating outage and performance incidents to the right people and teams so they can triage and resolve problems quickly, while improving the experience of developers and DevOps teams.
Ecosystem Solutions
The Splunk Platform and Splunk Solutions, including Splunk On-Call, Splunk Infrastructure Monitoring, and Splunk Phantom, provide APIs, SDKs, and other interfaces that enable our ecosystem, including third-party developers, partners and customers, to create apps withbuild content that configures and extends Splunk solutions to accommodate specific use cases. This range of Ecosystem Solutions includes pre-built data inputs, workflows, searches, reports, alerts, custom dashboards, flexible UI components, and custom data visualizations, using freely available components and templates, as well as common development languagesintegration actions and frameworks, such as JavaScript and Python.methods.
Splunk Product Deployments
Splunk EnterpriseEcosystem Solutions content can be deployed on-premises and in publicbuilt for a customer or private clouds. Splunk Cloud delivers the benefits of Splunk Enterprise as a cloud service. Taking Splunk Enterprise and Splunk Cloud together, customers utilizing a hybrid deployment model can have a single centralized view and location-independentpartner’s own internal use, across cloud and on-premises environments.
For Splunk Enterprise deployments, our softwareor it can be deployedmade generally available for download, in a variety of environments rangingfree or premium offerings, from a single serverwithin the Splunk Platform, our Splunk Solutions, and via Splunkbase, an online community and marketplace for developers, partners, and customers to globally distributed enterprise IT environments handling petabytes of data per day. Our customers can deploy Splunk Enterprise on-premises, in the cloud, in virtualized servershare apps and storage environments or in hybrid IT environments. Our customers can use Splunk forwarders, indexers, and search heads to create a data platform that allows for the efficient, secure and real-time collection and indexing of data regardless of network, data center or IT infrastructure topology.
This distributed data processing architecture provides near-linear scalability, resulting in the ability to index and search across massive data volumes. Our Splunk platform can operate in a single data center or across multiple data centers both inside and outside an organization, and all from a single user interface. This architecture also allows for flexible deployment of hardware, as commodity hardware can be added as needed.
Services
While users can easily download, install and deploy Splunk software on their own, certain enterprise customers that have large, highly complex IT environments or deployment requirements may choose to leverage our customer support and professional services organization. Many users leverage the community-based support of Splunkadd-ons. Approximately 2,000 apps and add-ons are currently available on Splunkbase, most of which are built and Splunk Answers before engaging withmaintained by third parties.
We do not receive any material revenues from the sale of apps or add-ons by third-party application providers. Many apps and add-ons posted to Splunkbase are provided at no additional cost to users. Partner apps and add-ons listed on Splunkbase that are not free are primarily licensed directly by the third party to the end user.
Customer Success
While customers can readily consume our cloud services and software offerings, our customer success team has developed scalable offerings that span the customer journey, with the explicit intent of providing the right outcome-focused adoption services that result in customer value. These offerings include adoption and implementation services, education services, and maintenance and customer support services that are appropriately tailored to scale to our customers’ size and maturity.
Adoption and Implementation Services
Our customer success planning includes proven on-boarding and adoption best practices on our offerings for all customers, using an outcome-focused approach. Our prescriptive adoption guidance and success planning are targeted to the specific use cases across Security, IT Operations and Observability, spanning a wide variety of industries. Guided by our
customer success managers and advocacy team, customers have several ways to engage our experts: through OnDemand Subscription Services, Assigned Expert Subscription Services, or services organizations. Sometraditional Project-Based Implementation Services.
Education Services
We offer a robust portfolio of training courses and learning paths to our customers and partners. We have also implemented a comprehensive training certification program to ensure an understanding of our certified partners also provide limited, first level support and professional services before a customer reaches out to our internal Splunk customer support and professional services teams.offerings.
Maintenance and Customer Support
Our customers that purchased perpetual licenses typically purchased one year ofWe offer software maintenance and support with an option to renew their maintenance agreements. Term license purchases includeservices as part of our cloud services and software maintenanceofferings. Maintenance and support for the term of the license. These maintenance agreementsentitlements provide customers the right to receive unspecified software updates, maintenance releases and patches, and access to our technical support services during the term of the agreement.subscription.
We maintain a customer support organization that offers multiple service levels for our customers based on their needs.levels. Standard or Premium support customers receive 24x7x365 access to subject matter experts for critical issues, direct telephone support, access to online support, and software upgrades. Additionally, Premium support provides our best responsemuch faster response/update times and targeted fix Service Level Objectives (SLOs) for all case priorities, and a designated resource to manage the account holistically,
providing proactive support and quarterly reviews of the customer’s mission-critical deployments. Our customer support organization has global coverage capabilities, delivering support with deep expertise in our cloud services and software offerings, complex IT environments and associated third-party infrastructure.
Training ServicesOur Growth Strategy
We offer trainingare focused on providing the right capabilities through our products and services to remove the barriers between data and action. The key elements of our growth strategy are:
Cloud-first Platform and Solutions. We have reached a key milestone in our cloud transformation, where cloud services represent the majority of our total software bookings. Our cloud services customers have accelerated their time to value and achieved lower total cost of ownership. Most importantly, the rate at which new features and capabilities are delivered to and used by customers is accelerated when using cloud services offerings. Given our customers’ success adopting our cloud services offerings, we will continue to invest heavily in differentiated cloud services offerings delivered through a cloud-optimized go-to-market and support model. We will continue to invest in our software offerings to enable both standalone consumption and hybrid Splunk deployments that span customer on-premises and cloud environments. We expect our cloud services offerings will continue to be an important source of growth for Splunk and our customers.
Expand the Splunk value proposition with broader and deeper capabilities. We will continue to focus our product strategy and go-to-market approaches on our Security, IT Operations, and Observability users and we will expand the Splunk Platform and Splunk Solutions offerings that serve them. We intend to deliver new and enhanced capabilities, as well as services that provide faster time-to-value and easier adoption and expansion. We also plan to deliver new features tailored to meet the specific needs of users, including more comprehensive data reach, more powerful analytics, and AI/ML and automation capabilities. While we are focused on extending our industry analyst-recognized leadership across Security, IT Operations and Observability, our customers benefit from even greater value when multiple organizations are generating insight using the Splunk Platform.
Global Expansion. We continue to invest in go-to-market, operations and partners throughinfrastructure to deliver our education and training organization. We have also implemented a comprehensive training certification program to ensure an understanding of our offerings.
Professional Services
We provide consulting and implementation services to customers throughin targeted countries across multiple geographies. Splunk has had success in global expansion as evidenced by our professional services team. They are typically utilized by large enterprises lookingincreased mix of revenues outside of the U.S. and we continue to deploy our software across their large, disparatesee this as a significant growth opportunity.
Research and complex IT infrastructure. We generally provide these services at the time of initial installation to help the customer with configuration and implementation. Given our software’s ease-of-use, our professional services engagements are typically short in duration and last from a few days to up to several weeks.Development
Partner and Developer Ecosystem
We have established relationships with leading technology companiesinvest substantial resources in research and development to enhance our partner ecosystem. These partners work with Splunkofferings, develop new end-market specific solutions and apps, conduct software and quality assurance testing and improve our core technology. Our technical staff monitors and tests our software on a regular basis, and we maintain a regular release process to build technology integrations that provide elevated experiencesrefine, update, and enhance our existing offerings. As we shift our focus to cloud services offerings we will make significant investments in a cloud-
optimized delivery model while continuing to invest in our software offerings, both for our joint customers. Integrations typically consist of building a Splunk app, which allows users to capture datastandalone consumption and gain insights into our partners’ respective products. The majority of Splunk customers leverage multiple appsfor deployment in their deployments, which include those developed by our partners. Many technology providers offer free apps via the Splunkbase website.hybrid environments.
Acquisitions and Investments
We offerenhance and expand our offerings both through our own research and development efforts and through acquisitions and investments. We have made a developernumber of acquisitions in the past and will continue to evaluate acquisition opportunities that can accelerate the delivery of new capabilities, entry into new market segments and our technical expertise.
Intellectual Property
We rely on patent, trademark, copyright and trade secret laws, confidentiality procedures, internal policies and contractual provisions to protect our technology and intellectual property rights. The nature and extent of legal protection of our intellectual property rights depends on, among other things, the type of intellectual property right and the jurisdiction in which such right arises. We believe that our intellectual property rights are valuable and important to our business. We file trademark, patent, and copyright applications to protect our intellectual property.
Generally, we retain ownership of software we develop. All software is licensed to users and primarily provided in object code or as a cloud service pursuant to browser-wrap, embedded or on-line license or service terms, or signed customer agreements. These agreements generally contain restrictions on duplication, disclosure, reverse engineering, transfer and license circumvention.
We use open source software in our offerings and business, including as incorporated into software we receive from third party commercial software vendors or technologies obtained through acquisitions, and expect to continue to use open source software in the future. Additionally, we, including companies that allows third-party developerswe have acquired, have intentionally made certain proprietary software available on an open source basis, both by contributing modifications back to build software using our existing developer frameworkopen source projects, and by making certain internally developed tools available pursuant to open source licenses, and we have published information about our APIsplan to enable developers to build new user interfaces on top of our platform. We are creating additional SDKs based on various programming languages to make our software more extensible and allow developers to build applications and services that extend its functionality.
We have OEM relationships with a select group of third parties who integrate our software into their product offerings to provide additional reporting, monitoring and analytic capabilities within their own products. With respect to our OEM relationships, we provide a limited use license to expose certain data and analytics functionalities in their products, for which they generally pay us a royalty based on units shipped.
We engage with managed service providers, who offer services based on our software, such as for security and IT operations management. These services are typically offered on a subscription basis, for which we are paid license fees typically based on daily indexing volume.
Splunk Communities
Our online communities support our growing active users in three key areas: (1) extension of capabilities with third-party apps and add-ons via Splunkbase, (2) engagement spaces to connect with, learn from, and support one another via Splunk Answers and Splunk User Groups, and (3) development resources to support novel uses and extensions of our platform via Splunk Dev. We also maintain active communities on leading social internet platforms, including Facebook, Twitter, LinkedIn and Slack.
Splunkbase. Users and partners contribute and share custom apps and add-ons that run on our software in an online community marketplace called Splunkbase. Generally, these apps provide pre-built functionality that addresses specific use cases. Currently, we have over 1,800 apps and add-ons available for download on the Splunkbase website, most of which are built and maintained by third parties. We do not receive any revenues from the sale of apps by third-party application providers, and many apps posted to Splunkbase are provided at no additional cost to users. Partner apps listed on Splunkbase that are not free are licensed directly by the third party to the end user.
Splunk Answers and Splunk User Groups. Users ask questions, as well as seek and share best practices, in an online community forum called Splunk Answers. In Splunk Answers, users share best practices about how to build searches, create data visualizations, build implementations to address specific use-cases and configure and deploy our software. While our
product, support, engineering and professional services teams participate in Splunk Answers, the majority of questions appearing on Splunk Answers are answered by other Splunk users, including the SplunkTrust, a peer-nominated group of exceptional Splunk users. Additionally, we continue to supportdo so in the growth of our offline community with local Splunk User Groups worldwide and a growing collection of Splunk-sponsored events, such as our annual user conference, (“.conf “) and regional/local events, such as SplunkLive!
future.
Splunk Dev.
In addition to documentation and resources about the Splunk APIs and SDKs, our developer portal Splunk Dev contains additional resources for building novel apps and integrations that bring new kinds of data into the platform and deliver data-based insights for nearly any team and function. Users can sign up for free developer licenses to explore both Splunk Enterprise and Splunk Cloud, to support both their on-premises and cloud-native application needs. Additional resources made available through Splunk Dev include developer guides, API references, tutorials, downloads, tools and examples.
Sales and Marketing
Our sales and marketing organizations work together closely to driveexpand market awareness, build agenerate sales pipeline, and cultivate customer relationships to drive revenue growth.growth and enablement for adoption and customer success.
Sales
We sell our offerings directly through field sales, and inside sales and indirectly through different routes to market with various partners. We gather prospects through a broad range of marketing campaigns, programs and events. Our sales development teams handle lead qualifications. Large or complex transactions generally are handled by our globally distributed direct field sales teams. Our sales engineers help define customer use cases, and pre-sales qualification and evaluation.
Our field sales teams are organized geographically across the Americas, Europe, Middle East and Africa (“EMEA”) and Asia Pacific (“APAC”). We also have a dedicated sales team focused on government customers, which includes United States federal, state and local government entities.
In addition to acquiring new customers, our sales teams are responsible for securing renewals of existing contracts, as well as increased adoption of our offerings by existing customers. To accomplish this, our field sales and customer success teams work closely with our customers to ensure adoption and overall account health, which ultimately leads tofosters expanded licensesusage through higher capacity or upgrades and additional use cases within existing customers. We intend to invest in our sales organization and partners to drive greater market penetration in these regions.cases.
We maintain an extensive partner ecosystem, of which many types of partners contribute to sourcing, co-selling and fulfilling Splunk sales. These partner types include distributors, resellers, global system integrators and managed service providers. Our partners assist us by identifying new prospects or use cases through their technology and deep customer relationships. They also provide professional services and support to existing customers, upselling for additional use cases and maintenance renewals. Our Splunk Partner+ Program is based on providing a simple and predictable business model for our partners and Splunk. Our partners expand our geographic sales reach worldwide, across all our sales theaters. The Splunk Partner+ Program includes over 2,000 active partners that span our global system integrators, distributors, value-added resellers, technology alliance partners, OEMs, professional services and managed services providers. Historically, the majority of Europe, EMEA, APAC and U.S. Public Sector sales have heavy engagement with our partners, and we expect this trend to continue.
Marketing
We focus our marketing efforts on generating demand to drive pipelineopportunities for our sales force and partners, increasing Splunk’sawareness of the Splunk brand, and awareness, driving viral adoption, and communicating product advantages and business benefits. We market our offerings as a targeted solution for specific use cases and as an enterprise solution for data.a broad range of data and use cases. We
engage with existing and potential customers to provide community-based education and awareness and to promote expanded use of our cloud services and software offerings within these customers. We engage business press, technology press, industry analysts and influential voices to create awareness for Splunk in our target markets. We host a number of events, including the SplunkLive! event series, across our sales regions to engage with both existing customers and new prospects, as well as deliver product training. We host our annual user conference, “.conf” and multiple partner conferences as other ways to support the Splunk community to foster collaboration and help our customers drive further business results from our software.offerings.
Research and DevelopmentPartner Ecosystem
We invest substantial resourcesmaintain an extensive and active partner ecosystem through the Splunk Partner+ Program. Our partners assist us by selling, servicing or building solutions on top of the Splunk Platform. Selling partners identify new prospects or use cases through their technology and customer relationships. Partners offering professional services provide implementation and support to existing customers, up-selling for additional use cases and maintenance renewals. Partners building on top of Splunk create applications, add-ons and connectors that allow customers to leverage broader sets of data in researchSplunk, extending our overall market reach and developmenttotal addressable market.
The Splunk Partner+ Program expands our geographic sales reach worldwide, across all of our sales theaters. Historically, the majority of EMEA, APAC and U.S. Public Sector sales rely heavily on engagement with our partners, and we expect this trend to enhancecontinue.
Splunk has organized its partner ecosystem strategy to align with four partner-centric routes to market:
Cloud service providers (“CSP”) Strong partnerships with CSPs (e.g. Amazon Web Services and Google Cloud) are the cornerstone of our cloud focus. We have several coordinated, ongoing marketing and sales efforts with these key partners, to promote Splunk Cloud running on CSP infrastructure.
Distribution and resellers Splunk has a well-established and mature global network of distribution and resell partners. These partners are enabled to sell both our cloud services and software offerings develop new end market specificand represent an important part of our focus on offering cloud-centric solutions to our customers worldwide. Splunk provides a wide range of support programs to our distribution and reseller partners via the Splunk Partner+ Program.
Global systems integrators, system integrators, and managed services providers Partners can deliver solutions and services to their customers with the Splunk Platform. These partners are independently developing and deploying the Splunk Platform-based solutions to their customers, extending our overall market reach and total addressable market.
Technology and ecosystem partners The Splunk Technology Alliance Partner Program enables and supports an ecosystem of over 750 software vendors who build integrations between Splunk and their products. Some also leverage the Splunk Platform to build data-centric solutions for their customers. Splunk provides a rich set of tools and documentation to help partners build integrations and solutions, adding value to our mutual customers’ investments. Partner integrations and apps conduct softwareare typically made available to customers via our online integration and quality assurance testing and improve our core technology. Our technical staff monitors and tests our software on a regular basis, and we maintain a regular release process to refine, update, and enhance our existing offerings.solution repository, SplunkBase.
Intellectual PropertySplunk Community Engagement
We relyengage with the community of Splunk users, including Splunk employees, partners, and customers, through a variety of online and in-person forums to assist with Splunk skills development and use, empower the development of Ecosystem Solutions, cross-pollinate experiences and best practices, and get feedback on patent, trademark, copyrightcurrent and trade secret laws, confidentiality procedures, internal policiesplanned future offerings and contractual provisionscapabilities.
Our primary online forums include Splunk Answers, Splunk User Groups, and Splunk Ideas. In Splunk Answers, users share best practices about how to protectbuild searches, create data visualizations, build implementations to address specific use-cases and configure and deploy our technologycloud services and intellectual property rights. The naturesoftware offerings. While our product, support, engineering and extentprofessional services teams participate in Splunk Answers, the majority of legal protectionquestions appearing on Splunk Answers are answered by other Splunk users, including the SplunkTrust, a peer-nominated, MVP group of our intellectual property rights dependsSplunk users. Splunk Ideas is a forum through which the community can submit and vote on among other things, its typeideas for new product offerings and the jurisdiction in which it arises. We believe that our intellectual property rights are valuable and importantcapabilities, providing a highly-refined set of inputs to our business.product development efforts. We file patent applicationsalso maintain active communities on leading social internet platforms, including Facebook, Twitter, LinkedIn and Slack.
Comprehensive enablement for Ecosystem Solutions developers is provided on our Splunk Dev portal. Splunk Dev contains resources for building apps, integrations, and other Ecosystem Solutions content that extends the Splunk offerings to protect our intellectual propertynew data, insights, and believe that the duration of our issued patents is sufficient when considering the expected lives of our products.use cases. Developers can sign up for free licenses or access to support both their on-premises and cloud-native application needs. Additional resources made available through Splunk Dev include developer guides, API references, tutorials, downloads, tools and examples to help developers efficiently create new solutions.
We retain ownershipalso continue to support the growth of software we develop. All software is licensed to usersthe Splunk Community, with local Splunk User Groups around the world and primarily provided in object code ora growing collection of Splunk-sponsored events, such as a cloud service pursuant to browser-wrap, embedded or on-line license or service terms, or signed customer agreements. These agreements generally contain restrictions on duplication, disclosure, transfer.conf, and license circumvention. We are currently unable to measure the full extent of unauthorized use of our software. We believe, however, thatregional/local events, such unauthorized use is and can be expected to be a persistent problem that negatively impacts our revenue and financial results.as SplunkLive!
Customers
We have over 19,400 customers in more than 130 countries includingand over 90 of the Fortune 100 companies, as of January 31, 2020. We exclude users of our trial software and users of VictorOps and SignalFx from our customer count.2021. We provide offerings to customers of varying sizes, including enterprises, educational institutions and government agencies.entities. No individual customer represented more than 10% of our total revenues for any of the periods presented. Our current customer base spans numerous industry verticals, including cloud and online services; education;education, financial services; government;services, government, healthcare/pharmaceuticals;pharmaceuticals, industrials/manufacturing;manufacturing, media/entertainment;entertainment, retail/ecommerce;ecommerce, technology, and telecommunications.
Backlog and Seasonality
Our backlog represents non-cancelable orders that have not been recognized as revenue and have not yet been invoiced. We had backlog of approximately $794.9$844.6 million and $379.8$794.9 million as of January 31, 20202021 and 2019,2020, respectively.
For information regarding the seasonality in the sale of our offerings, see Item 7, “Management’s Discussion and Analysis of Financial Condition and Results of Operations - Seasonality, Cyclicality and Quarterly Trends” of this Annual Report on Form 10-K.
Competition
We compete againstOur industry is evolving rapidly and is becoming increasingly competitive. More and more vendors are competing across buying centers, security vendors are attempting to penetrate the IT Operations industry, IT competitors are targeting the security space, APM and Observability competitors are expanding their footprints in log management and machine data, and cloud service providers are extending their native operations and security capabilities across competing cloud environments. Additionally, a number of more domain-focused competitors continue to target specific use cases within the application, IT and security domains in an attempt to drive rapid penetration.
These dynamics position us in competition with a variety of large cloud service providersCSPs and software vendors, as well as smaller specialized companies, open source projects and custom development efforts, which provide solutions in the specific markets we address. Our principal competitors include:
large•Cloud monitoring and APM/Observability vendors;
•Monitoring, troubleshooting, security and analytics services offered (embedded or add-ons) by major public cloud service providers, as well as small, specialized vendors, that provide complementary or competitive solutions in enterpriseproviders;
•Companies targeting the data analytics industry;
•Legacy security, offerings, log aggregationsystems management and management, data warehousing, orchestration, automation, incident responseother IT vendors; and big data technologies that may compete with our offerings;
•IT departments of potential customers which have undertakenthat undertake custom software development efforts to analyze and manage their data;operations data across their public and private cloud landscapes.
companies targetingHuman Capital
At the big data market by commercializing open source software, such as Elastic;
security, systems management and other IT vendors, including BMC Software, IBM, Intel, Micro Focus, Microsoft and VMware;
business intelligence vendors, analytics and visualization vendors, including IBM and Oracle;
cloud monitoring and APM vendors, including Cisco AppDynamics, Datadog and New Relic; and
public cloud providers, including Amazon (Amazon Web Service), Google (Google Cloud Platform) and Microsoft (Microsoft Azure).
The principal competitive factors in our marketscore of Splunk, we are product features, performance and support, product scalability and flexibility, ease of deployment and use, total cost of ownership and time to value.a people-centric company. We believe that we generally compete favorablythe best way to continue to deliver customer success and the best products and services is to focus on attracting the basismost qualified candidates to join our team (based on skills, knowledge and abilities). We also spend time and energy supporting, retaining and developing our high-performing and
innovative employees. Our commitment to diversity and inclusion is central to our premium solutions all contain rich feature setscore values. We strive to embrace each person’s unique individual value and the communities that reduce costly deployment cycles typically associated with enterprise software.
Somematter to them. This commitment is an integral part of our actual and potential competitors have advantages over us, such as longer operating histories, significantly greater financial, technical, marketing or other resources, stronger brand and business user recognition, larger intellectual property portfolios, broader global distribution and presence, competitive pricing and more developed ecosystems of partners and skilled users. In addition, our industry is evolving rapidly and is becoming increasingly competitive. Larger and more established companies may focus on delivering real-time business insights from data and could directly compete with us. Companies may develop open source-based alternatives that, customers may conclude, offer equivalent or superior functionality to our Splunk offerings. Smaller companies could also launch new offerings that we do not offer and that could gain market acceptance quickly.
Employees
Diversity, Equity & Inclusion (“DEI”) strategy. As of January 31, 2021, we employed over 6,500 employees, of which approximately 71.5% were in the United States and 28.5% were in our international locations.
We encourage you to visit our website for more detailed information regarding our human capital programs and initiatives. Nothing on our website shall be deemed incorporated by reference into this Annual Report on Form 10-K.
Diversity and Inclusion
A diverse and inclusive company helps us achieve our mission of bringing data to every question, decision and action to drive positive outcomes for our company, our communities and each other. Our company-wide inclusiveness effort, A Million Data Points, speaks powerfully to our holistic, multi-dimensional approach to diversity, illuminating cultural heritage, intersectionality, experiences and all the unique qualities and talents that each employee possesses. We also cultivate an inclusive culture through several employee resource groups (ERGs). In fiscal 2021, Splunk focused on the hiring, retention and representation rates of women and individuals from underrepresented groups. We provide DEI education and offerings to imbed inclusion and equity in our talent processes. We plan to conduct intersectional employee surveys that look at a combination of factors that include underrepresented groups and gender to check for variances in employee experiences.
We work to help provide access to new careers in technology with skills development and training, promoting a new generation of diverse talent through a global network of universities, community colleges and workforce partners like YearUp and Hire Military. Splunk is regularly recognized as an employer of choice in the technology industry and within the various locations that we operate. In fiscal 2021, we were named one of the Best Places to Work for LGBTQ Equality after earning a score of 100 on the Human Rights Campaign (HRC) Corporate Equality Index, and we were included in Fortune’s Best Workplaces for Women and Millennials and Best Workplaces in Technology. In fiscal 2020, we had over 5,800 employees. Nonewere included in Fortune’s Best Workplaces for Women, Parents, Millennials and Diversity.
Additional information on our diversity and inclusion strategy, diversity metrics and programs can be found in the Diversity Annual Report posted on our website.
Compensation, Benefits and Wellbeing
Splunk provides a comprehensive and competitive compensation and benefits package to attract, retain and engage the talented employees that make our company successful. We provide employees with competitive base salaries, incentive compensation and equity awards in the form of RSUs as well as the opportunity to participate in our Employee Stock Purchase Plan, which allows employees to purchase Splunk stock at a discount.
Our benefits offerings are designed to meet the unique needs of our United Statesemployees. We believe we provide competitive benefits in each local market we operate in to help our employees is represented bycare for themselves and their families. Common offerings are health benefits, retirement benefits, fertility and family planning benefits, paid time off, holidays and leave benefits.
In response to COVID-19, we offer a labor union with respectnumber of additional benefits to hishelp our employees. These benefits include 30 days of paid time off that employees can use for any absence related to the pandemic or her employment with us.a natural disaster, four additional wellbeing paid rest days and reimbursement for certain expenses related to remote working. In addition, we have a global mental health offering through a third party provider who gives our employees and their families access to counseling, personal coaches and a variety of digital wellness resources.
Development
We believe in leadership and learning and invest in the development of all of our employees. Employees in certain European countries havetake advantage of live courses, leadership programs, online training, product training, sales training, technical training, mentor programs, team building events, seminars, conferences, lectures, university programs, peer-to-peer and manager-led training and other learning opportunities across the benefits of collective bargaining arrangements at the national level. We have not experienced any work stoppages.company.
Corporate Information
Our principal executive offices are located at 270 Brannan Street, San Francisco, California 94107, and our telephone number is (415) 848-8400. We were incorporated in California in October 2003 and were reincorporated in Delaware in May 2006.
Our website is located at www.splunk.com and our investor relations website is located at http://investors.splunk.com. The information posted on our website is not incorporated into this Annual Report on Form 10-K. Our Annual Report on Form 10-K, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K and amendments to reports filed or furnished pursuant to Sections 13(a) and 15(d) of the Securities Exchange Act of 1934, as amended, are available free of charge on our investor relations website as soon as reasonably practicable after we electronically file such material with, or furnish it to, the SEC.
We webcast our earnings calls and certain events we participate in or host with members of the investment community on our investor relations website. Additionally, we provide notifications of news or announcements regarding our financial performance, including SEC filings, investor events, press and earnings releases, as part of our investor relations website. The contents of these websites are not intended to be incorporated by reference into this report or in any other report or document we file.
Risk Factor Summary
Our business is subject to numerous risks and uncertainties, including those highlighted in Part I, Item 1A titled “Risk Factors.” These risks include, but are not limited to, the following:
Factors Related to Our Business and Results of Operations
•our business model transition from sales of licenses to cloud subscriptions;
•fluctuations in our operating results from period to period;
•our organic and inorganic growth and the effectiveness of our controls, systems and procedures as we grow;
•our history of losses and the prospect of profitability;
•costly and continuous infrastructure investments required by our cloud services;
•our ability to attract and retain leadership and key personnel, particularly within our industry;
•expansion and integration related to past and future acquisitions;
•our ability to obtain capital on acceptable terms to support our growth;
•our ability to use our net operating losses and tax credits to offset future taxable income and tax; and
•liability related to past or future sales and use, value added or similar taxes.
Factors Related to the Economy and the Markets in which We Operate
•the impact of the COVID-19 pandemic on our business;
•intense competition from large and small providers and vendors in the markets in which we operate;
•market acceptance of our new and existing offerings and product enhancements;
•economic and political conditions and uncertainty, both domestically and internationally, including those specific to industries in which our customers participate; and
•governmental export and import controls related to operation in international markets.
Factors Related to Customers and Sales
•current and future customer demand, use case expansion and satisfaction;
•our reliance on customer purchases, renewals, upgrades and expansions of term licenses, agreements for cloud services and maintenance and support agreements;
•our evolving pricing models and their impacts on our customers’ purchases, renewals, upgrades and expansions;
•the length of time, expense and unpredictability associated with our sales;
•our international sales and operations;
•dependency on and challenges related to sales to federal, state, local and foreign governments; and
•customer dissatisfaction, data loss or corruption arising from incorrect or improper implementation or use of our products.
Factors Related to IT, Privacy and Data Security
•actual or perceived security breaches or unauthorized access to our customers’ data, our data or our cloud services;
•interruptions or performance problems associated with our technology and infrastructure, and reliance on SaaS technologies from third parties;
•actual or perceived errors, failures or bugs in our offerings, including when new offerings, versions or updates are released; and
•legal requirements, contractual obligations and industry standards related to security, data protection and privacy.
Factors Related to Intellectual Property and Other Proprietary Rights
•our ability to protect our trade secrets, trademarks, copyrights, patents, know-how, confidential information, proprietary methods and technologies and other intellectual property and proprietary rights;
•intellectual property rights claims by third parties that may be costly to defend, require us to pay significant damages or limit our ability to use certain technologies;
•maintenance, protection and enhancement of our brand; and
•our use of “open source” software and related potential burdens, restrictions and litigation.
Factors Related to Reliance on Third Parties
•our reliance on third party providers of cloud infrastructure services to deliver our offerings to users on our platform;
•our ability to maintain successful relationships with our partners, such as distributors and resellers, to license, provide professional services and support our offerings;
•our use of our community website, expansion of our developer ecosystem and support from third-party software developers; and
•third-party advice and information that may not be accurate that is provided to others utilizing our community website and our products.
Factors Related to Our Securities
•our debt servicing obligations;
•the dilutive impact of the conversion of the Notes;
•the conditional conversion feature of the Notes;
•the accounting method for convertible debt securities, such as the Notes, including accounting for liability and equity components of convertible debt instruments that may be settled entirely or partially in cash;
•the potential impact on the value of our common stock on the Capped Calls;
•counterparty risk related to the Capped Calls; and
•the volatility of our common stock.
General Factors
•the impact of climate change on our business;
•tax liabilities related to federal, state, local and foreign taxes;
•changes in accounting pronouncements and other financial and nonfinancial reporting standards;
•the strain on resources and diversion of management attention caused by the requirements of being a public company and related complexities; and
•anti-takeover provisions in our charter, bylaws and afforded to us under Delaware law that may have the effect of delaying or preventing a change of control or changes in our management.
Risk Factors
Our operations and financial results are subject to various risks and uncertainties including those described below. The risks and uncertainties described below are not the only ones we face. Additional risks and uncertainties that we are unaware of, or that we currently believe are not material, also may become important factors that affect us. If any of the following risks or others not specified below materialize, our business, financial condition and results of operations could be materially adversely affected. In that case, the trading price of our common stock could decline.
If we fail to successfully manage our business model transition, our operating results could be negatively impacted.
Historically we generated a majority of our revenues from perpetual license agreements,sales of licenses, whereby we generally recognize the license fee portion of the arrangement upfront, assuming all revenue recognition criteria are satisfied. However, our business modelrevenue mix has shifted rapidlyfrom sales of licenses to primarily offering term licenses andsales of cloud subscription agreements, as well as increased annual invoicing and decreased multi-year upfront invoicing,subscriptions and we expect that this transitionit will continue. Accordingly, we discontinued offering new perpetual licenses effective November 1, 2019.continue to shift in favor of cloud subscriptions. Generally, as we shiftshifted our licensing model to term licenses and cloud subscription agreements, along with related shifts in our invoicing practices thereand continue the shift to cloud subscriptions, we have seen and will becontinue to see longer periods over which we collect cash from customers, which haswith a negative impact on our operating cash flows,flows; moreover, as cloud services become a larger percentage of our sales, we expect operating margins and the timing of our recognition of revenue will continue to be impacted. Our shift to cloud subscription agreements has happened faster than we expected, and our ability to predict our revenue and margins has been, and may continue to be, limited. For example, the recent increase in remote work as a result of the COVID-19 pandemic appears to have accelerated our customers’ shift to cloud subscriptions, the continued effects of which are uncertain and unpredictable. Whether our business model transition will prove successful and will accomplish our business and financial objectives is subject to numerous uncertainties, including but not limited to: customer demand, renewal and expansion rates, our ability to further develop and scale infrastructure, tax and accounting implications, pricing, and our costs. In addition, we expect the metrics we use to gauge the status of our business model transition, and evaluate and describe our business, may continue to evolve over the course of thethis transition as significant trends emerge. If we do not successfully execute this transition, our business and future operating results could be adversely affected.
Our future operating results may fluctuate significantly and our operating results may not be a good indication of future performance.
Our revenues, operating margins, cash flows and other operating results could vary significantly from period to period as a result of various factors, many of which are outside of our control. Comparing our revenues and operating results on a period-to-period basis may not be meaningful, and our past results should not be relied upon as an indication of our future performance. For example, we generally recognize term license revenues, in addition to perpetual license revenues upfront and recognize revenues associated with our cloud services ratably over the term of the agreement. At the beginning of each period, we cannot predict the ratio of orders with revenues that will be recognized upfront and those with revenues that will be recognized ratably that we will enter into during the quarter, asdue to the fact that our customers have the ability to choose between a term license and cloud subscription agreement. Our customers may choose shorter duration term licenses ahead of migrating to cloud subscriptions and may choose shorter duration cloud subscriptions when transitioning from on-premises to cloud services. In addition, the size of our licenses and orders varies greatly. A single, large term licensegreatly and can result in a given period could distort our operating results, and a declinefluctuations in larger orders in any given period could adversely affect our revenues and operating results. A portion of revenue recognized in any given quarter is a result of ratably recognized agreements entered into during previous quarters, including agreements for our cloud services and maintenance and support agreements. Consequently, a decline in business from such ratably recognized agreements in any quarter may not be reflected in our revenue results for that quarter. Any such decline, however, will negatively affect our revenues in future quarters. Accordingly, the effect of downturns in sales and market acceptance of our offerings may not be fully reflected in our results of operations until future periods.
We may not be able to accurately predict our future revenues or results of operations. For example, although our shift to a renewablesubscription model generates recurring revenue and cash flows that are expected to be more predictable over time, we may not be able to accurately forecast our revenue, cash flows and other financial results in the near term due to a number of variables, including the timing of our collection of cash, increased annual invoicing, revenue mix, our customers’ willingness to adoptrate of adoption of our cloud services model andas compared to term licenses, overcontract durations, the extent and continued impact of the COVID-19 pandemic on our traditional perpetual licenses,business and overall economic environment and the timing of revenue recognition. We base our current and future expense levels on our operating plans and sales forecasts, and our operating costs are expected to be relatively fixed in the short-term. As a result, we may not be able to reduce our costs sufficiently to compensate for an unexpected shortfall in revenues, and even a small shortfall in revenues could disproportionately and adversely affect our financial results for that quarter.
In addition to other risk factors described elsewhere in this “Risk Factors” section, factors that may cause our financial results to fluctuate from quarter to quarter include:
•the impact of our business model transition on our revenue mix, which may impact our revenue, deferred revenue, cash collections, billings, remaining performance obligations, gross margins and operating income;
•the timing of our sales during the quarter, particularly because a large portion of our sales occur toward the end of the quarter or
•the loss or delay of a few large transactions;
•changes in the mix of our revenues between term licenses and cloud subscriptions, as well as the duration;
•the mix of revenues attributable to larger transactions as opposed to smaller transactions and the impact that a few large transactions or a change in mix may have on our overall financial results as well as the overall average selling price (“ASP”) of our offerings;
•the renewal and usage rates of our customers;
•changes in the competitive dynamics of our market;
•changes in customers’ budgets and in the timing of their purchasing decisions;decisions and in the length of sales cycles;
•changes in our pricing models and practices or those of our competitors;
•changes to our invoicing practices;
•customers delaying purchasing decisions in anticipation of new offerings or software enhancements by us or our competitors;competitors or for other reasons;
•customer acceptance of and willingness to pay for new versions of our offerings or new solutions for specific product and end markets;
•our ability to successfully introduce and monetize new offerings and licensing and service models for our new offerings;
•network outages or actual or perceived security breaches or incidents;
•the availability and performance of our cloud services, including Splunk Cloud;
•our ability to control costs, including our operating expenses;
•changes in laws and regulations that impact our business;
•general economic and political conditions and uncertainty, both domestically and internationally, as well as economic and political conditions and uncertainty specifically affecting industries in which our customers participate;participate, including impacts from the COVID-19 pandemic;
•the amount and timing of our stock-based compensation expenses;
•changes in accounting standards, particularly those related to revenue recognition and sales commissions;
•use of estimates, judgments and assumptions under current accounting standards;
•the timing of satisfying revenue recognition criteria;
•our ability to qualify and successfully compete for government contracts; and
•the collectability of receivables from customers and resellers, which may be hindered or delayed; anddelayed, particularly as the COVID-19 pandemic continues.
the removal of metered license enforcement via our software, which could lead to customers delaying renewal or purchasing decisions.
Many of these factors are outside our control, and the variability and unpredictability of such factors could result in our failing to meet or exceed our financial expectations for a given period. We believe that quarter-to-quarter comparisons of our revenues, operating results and cash flows may not necessarily be indicative of our future performance.
If we fail to effectively manage our growth, our business and operating results could be adversely affected.
Although our business has experienced significant growth, we cannot provide any assurance that our business will continue to grow at the same rate or at all. We have experienced and expect to continue to experience rapid growth in our headcount and operations, including from acquisitions, which has placed and will continue to place significant demands on our management and our operational and financial systems and infrastructure. As of January 31, 2020,2021, approximately 35%24% of our workforce had been employed by us for less than one year. As we continue to grow, we must effectively integrate, develop and motivate a large number of new employees, while maintaining the effectiveness of our business execution and the beneficial aspects of our corporate culture and values.values, the challenges of which may be exacerbated due to remote working conditions associated with the COVID-19 pandemic. In particular, we intend to continue to make directed and substantial investments to expand our
research and development, sales and marketing, and general and administrative organizations, as well as our international operations.
To effectively manage growth, we must continue to improve our operational, financial and management controls, and our reporting systems and procedures by, among other things:
•improving our key business applications, processes and IT infrastructure to support our business needs and appropriately documenting such systems and processes;
•enhancing information and communication systems to ensure that our employees and offices around the world are well-coordinated and can effectively communicate with each other and our growing base of customers and partners; and
•enhancing our internal controls to ensure timely and accurate reporting of all of our operations and financial results.
These systems enhancements and improvements will require significant capital expenditures and allocation of valuable management and employee resources. If we fail to implement these improvements effectively, our ability to manage our expected growth, ensure uninterrupted operation of key business systems and comply with the rules and regulations that are applicable to public reporting companies will be impaired. Additionally, if we do not effectively manage the growth of our business and operations, the quality of our offerings could suffer, which could negatively affect our brand, financial results and overall business.
We have a history of losses, and we may not be profitable in the future.
We have incurred net losses in each year since our inception. As a result, we had an accumulated deficit of $2.47 billion at January 31, 2021. Because our products and offerings, as well as the market for these products and offerings, continues to evolve, it is difficult for us to predict our future operating results. We expect our operating expenses to increase over the next several years as we hire additional personnel, expand and improve the effectiveness of our distribution channels, improve the performance and scalability of our technology architecture, and continue to develop features and functionality for our offerings. In addition, as a public company, we have incurred and will continue to incur significant legal, accounting and other operating expenses. If our revenues do not increase to offset these increases in our operating expenses, we may not be profitable in future periods. Our historical revenue growth has been inconsistent and should not be considered indicative of our future performance, particularly as our business model transitions. Further, in future periods, our revenue growth could slow, or our revenues could decline for a number of reasons, including slowing demand for our offerings, increasing competition, a decrease in the growth of our overall market, changes in our mix of revenues, or our failure, for any reason, to continue to capitalize on growth opportunities. Any failure by us to achieve, sustain or increase profitability on a consistent basis could cause the value of our common stock to decline.
Our cloud services, including Splunk Cloud, require costly and continual infrastructure investments, and market adoption of these cloud services could adversely affect our business.
A cloud-based model of software deployment is one in which a software provider typically licenses an application to customers for use as a service on demand through web browser technologies. Delivering software under a cloud-based model results in higher costs and expenses when compared to sales of software licenses for similar functionality. In recent years, companies have begun to expect that key software, such as customer relationship management and enterprise resource planning systems, be provided through a cloud-based model. Many of our offerings are now made available in the cloud as well as on-premises. Customers can sign up for our cloud services and avoid the need to provision, deploy and manage internal infrastructure. In order to provide our cloud services via a cloud-based deployment, we have made and will continue to make
capital investments and incur substantial costs to implement and maintain this alternative business model. In addition, as we look to deliver new or different cloud services, we are making significant technology investments to deliver new capabilities and advance our software to deliver cloud-native customer experiences. We expect that over time the percentage of our revenue attributable to our cloud services will continue to increase. If our cloud services, in particular Splunk Cloud, do not garner widespread market adoption, or there is a reduction in demand for cloud services caused by a lack of customer acceptance, technological challenges, weakening economic or political conditions, security or privacy concerns, inability to properly manage such services, competing technologies and products, decreases in corporate spending or otherwise, our financial results, business model and competitive position could suffer. If these investments do not yield the expected return, or we are unable to decrease the cost of providing our cloud services, our gross margins, overall financial results, business model and competitive position could suffer. Transitioning to a fully cloud-based model also impacts the way we recognize revenues, which may affect our operating results and could have an adverse effect on our business operations and financial results.
Even with these investments and costs, the cloud-based business model for our cloud services may not be successful, as some customers may desire only software licenses to our offerings. Our cloud services may raise concerns among customers, including concerns regarding changes to pricing models, service availability, scalability, ability to use customer-developed apps, information security of a cloud service and hosted data, and access to data while offline or once a subscription has expired. Market acceptance of our cloud services can be affected by a variety of factors, including but not limited to: security, reliability, performance, terms of service, support terms, customer preference, community engagement, customer concerns with entrusting a third party to store and manage their data, public concerns regarding data privacy or data protection, and the enactment of restrictive laws or regulations in the affected jurisdictions. If we or other providers of cloud services experience security incidents or breaches, loss of customer data, disruptions in delivery of services, network outages, disruptions in availability of the internet, unauthorized access or other problems, the market for cloud services as a whole, including Splunk Cloud, may be negatively affected. Moreover, sales of Splunk Cloud and other cloud services could displace sales of our software licenses. Alternatively, subscriptions to Splunk Cloud and other cloud services that exceed our expectations may unexpectedly increase our costs, lower our margins, lower our profits or increase our losses and otherwise negatively affect our projected financial results.
If we are unable to attract and retain leadership and key personnel, our business could be adversely affected.
We depend on the continued contributions of our leadership, senior management and other key personnel, the loss of whom could adversely affect our business. All of our executive officers and key employees are at-will employees, which means they may terminate their employment relationship with us at any time. We do not maintain a key-person life insurance policy on any of our officers or other employees.
Our future success also depends on our ability to identify, attract and retain highly skilled technical, managerial, finance and other personnel, particularly in our sales and marketing, research and development, general and administrative, and professional service departments. We face intense competition for qualified individuals from numerous software and other technology companies. We may incur significant costs to attract and retain these qualified individuals, and we may lose new employees to our competitors or other technology companies before we realize the benefit of our investment in recruiting and training them. As we move into new geographies, we will need to attract and recruit skilled personnel in those areas. If we are unable to attract and retain suitably qualified individuals who are capable of meeting our growing technical, operational and managerial requirements, on a timely basis or at all, our business will be adversely affected.
We continue to be substantially dependent on our sales force to effectively execute our sales strategies to obtain new customers and to drive additional use cases and adoption among our existing customers. We believe that there is significant competition for sales personnel with the skills and technical knowledge that we require, and further, the restrictions placed on recruiting, training and retention by the COVID-19 pandemic may further exacerbate our efforts to expand our sales force. Our ability to achieve significant revenue growth will depend, in large part, on our success in recruiting, training and retaining sufficient numbers of sales personnel to support our growth. In addition, as we continue to grow rapidly, a large percentage of our sales force is new to the company and our offerings. As our sales strategies evolve and offerings expand, additional training for new hires and our existing team may be required for our sales force to successfully execute on those strategies. We periodically adjust our sales organization and our compensation programs as part of our efforts to optimize our sales operations to grow revenue, drive incremental growth and support our business model transition. If we have not structured our sales organization or compensation for our sales personnel in a way that properly supports our company’s objectives, or if we fail to make changes in a timely fashion or do not effectively manage changes, our revenue growth could be adversely affected. Our growth creates additional challenges and risks with respect to attracting, integrating and retaining qualified employees, particularly sales personnel. If we are unable to hire and train sufficient numbers of effective sales personnel, or the sales personnel are not successful in obtaining new customers or increasing sales to our existing customer base, our business will be adversely affected.
Volatility or lack of performance in our stock price may also affect our ability to attract and retain our key employees. Many of our senior management personnel and other key employees have become, or will soon become, vested in a substantial amount of stock, restricted stock units or stock options. Employees may be more likely to leave us if the shares they own or the shares underlying their vested restricted stock units or options have significantly appreciated in value relative to the original purchase prices of the shares or the exercise prices of the options, or, conversely, if the exercise prices of the options that they hold are significantly above the market price of our common stock. If we are unable to retain our employees, or if we need to increase our compensation expenses to retain our employees, our business, results of operations, financial condition and cash flows would be adversely affected.
We have in the past made and may in the future make acquisitions that could prove difficult to integrate and/or adversely affect our business operations and financial results.
From time to time, we may choose to expand by making acquisitions that could be material to our business, results of operations, financial condition and cash flows. For example, we recently acquired several privately-owned companies, including, OÜ Plumbr, which offers auto-instrumentation, real user monitoring and application performance monitoring capabilities; Rigor, Inc. which offers advanced synthetic monitoring and optimization tools; Flowmill, Inc., a cloud network observability company; SignalFx, Inc., a SaaS provider of real-time monitoring and metrics for cloud infrastructure, microservices and applications; Omnition, which develops a platform for distributed tracing and application monitoring and Streamlio, Inc., which specializes in the design and operation of streaming data solutions. Our ability as an organization to successfully acquire and integrate technologies or businesses is unproven. Acquisitions involve many risks, including the following:
•an acquisition may negatively affect our financial results because it may require us to incur charges or assume substantial debt or other liabilities, may cause adverse tax consequences or unfavorable accounting treatment, may expose us to claims and disputes by third parties, including intellectual property claims and disputes, or may not generate sufficient financial return to offset additional costs and expenses related to the acquisition;
•we may incur potential goodwill impairment charges related to acquisitions;
•we may incur costs and experience potential difficulties associated with the requirement to test and assimilate the internal control processes of the acquired business;
•we may encounter difficulties or unforeseen expenditures in integrating the business, technologies, infrastructure, products, personnel or operations of any company that we acquire, particularly if key personnel of the acquired company decide not to work for us or if we are unable to retain key personnel;
•we may not realize the expected benefits of the acquisition;
•an acquisition may disrupt our ongoing business, divert resources, increase our expenses and distract our management;
•an acquisition may result in a delay or reduction of customer purchases for both us and the company acquired due to customer uncertainty about continuity and effectiveness of service from either company;
•relationships with existing customers, vendors and distributors as business partners may be impacted as a result of us acquiring another company or business that competes with or otherwise is incompatible with those existing relationships;
•our due diligence of an acquired company or business may not identify significant problems or liabilities, or we may underestimate the costs and effects of identified liabilities;
•we may be exposed to litigation or other claims in connection with, or inheritance of claims or litigation risk as a result of, an acquisition, including but not limited to claims from former employees, customers or other third parties, which may differ from or be more significant than the risks our business faces;
•we may encounter difficulties in, or may be unable to, successfully sell any acquired products;
•an acquisition may involve the entry into geographic or business markets in which we have little or no prior experience or where competitors have stronger market positions;
•an acquisition may require us to comply with additional laws and regulations, or to engage in substantial remediation efforts to cause the acquired company to comply with applicable laws or regulations, or result in liabilities resulting from the acquired company’s failure to comply with applicable laws or regulations;
•our use of cash to pay for an acquisition would limit other potential uses for our cash;
•if we incur debt to fund such acquisition, such debt may subject us to material restrictions on our ability to conduct our business as well as financial maintenance covenants; and
•to the extent that we issue a significant amount of equity securities in connection with future acquisitions, existing stockholders may be diluted and earnings per share may decrease.
The recentoccurrence of any of these risks could have a material adverse effect on our business operations and financial results.
We may require additional capital to support business growth, and this capital might not be available on acceptable terms, if at all.
We intend to continue to make investments to support our business growth and may require additional funds to respond to business challenges, including the need to develop new features or enhance our offerings, improve our operating infrastructure or acquire complementary businesses and technologies. If the assumptions underlying our cash flow guidance are incorrect, for example, due to the unknown impacts of the COVID-19 pandemic or a more rapid transition in our business model than we expect, our business may not continue to generate cash flow from operations in the future sufficient to make planned capital expenditures. Accordingly, we have engaged in, and may need to engage in the future, in equity, equity-linked or debt financings to secure additional funds. The significant disruption of global financial markets due to the COVID-19 pandemic could reduce our ability to access capital, which could negatively affect our ability to secure these additional funds. If we raise additional funds through future issuances of equity or convertible debt securities, our existing stockholders could suffer significant dilution, and any new equity securities we issue could have rights, preferences and privileges superior to those of holders of our common stock. For example, if we elect to settle our conversion obligation under the Notes (as defined below) in shares of our common stock or a combination of cash and shares of our common stock, the issuance of such common stock may dilute the ownership interests of our stockholders and sales in the public market could adversely affect prevailing market prices. Any debt financing that we may secure in the future could involve restrictive covenants relating to our capital raising activities and other financial and operational matters, which may make it more difficult for us to obtain additional capital and to pursue business opportunities, including potential acquisitions, or otherwise reduce operational flexibility. We may not be able to obtain additional financing on terms favorable to us, if at all. If we are unable to obtain adequate financing or financing on terms satisfactory to us when we require it, our ability to continue to support our business growth and to respond to business challenges could be significantly impaired, and our business may be adversely affected.
Our ability to use our net operating losses and tax credits to offset future taxable income and tax may be subject to certain limitations.
Our unused net operating losses and tax credits generally carry forward to offset future taxable income and tax. We record an asset for these future tax benefits, with our U.S. federal and state benefits subject to a full valuation allowance. Federal, state and foreign taxing bodies often place limitations on net operating loss and tax credit carryforward benefits. As a result, we may not be able to utilize the net operating and tax credit assets reflected on our balance sheet, even if we attain profitability. Section 382 of the United States Internal Revenue Code of 1986 (the “Code”) is one such example of a limitation. A corporation that undergoes an ownership change is subject to limitations on its ability to utilize its pre-change net operating losses (“NOLs”) to offset future taxable income. Future changes in our stock ownership, some of which are outside of our control, could result in an ownership change under Section 382 of the Code. If our existing NOLs are subject to limitations arising from an ownership change, our ability to utilize NOLs could be limited by Section 382 of the Code, and a certain amount of our prior year NOLs could expire without benefit. Changes in the law may also impact our ability to use our net operating loss and tax credit carryforwards. For example, the legislation commonly referred to as the Tax Cuts and Jobs Act of 2017, as modified by the Coronavirus Aid, Relief, and Economic Security Act, modified certain limitations on the use of our federal NOLs, and California recently enacted legislation limiting the use of our state NOLs for taxable years 2020, 2021, and 2022.
Taxing authorities may successfully assert that we should have collected or in the future should collect sales and use, value added or similar taxes, and we could be subject to liability with respect to past or future sales, which could adversely affect our financial results.
We do not collect sales and use, value added and similar taxes in all jurisdictions in which we have sales, based on our belief that such taxes are not applicable. Certain jurisdictions in which we do not collect such taxes may successfully assert that such taxes are applicable or that our presence in such jurisdictions is sufficient to require us to collect taxes and that could result in tax assessments, penalties, interest and requirement to collect such taxes in the future. Such tax assessments, penalties, interest or future requirements to charge taxes to our customers may adversely affect our financial results.
The near and long-term impact of the global COVID-19 outbreak could harmpandemic on our business, and results of operations.operations and cash flows remain uncertain.
In December 2019, COVID-19 was reported in China, in January 2020 the World Health Organization (“WHO”) declared it a Public Health Emergency of International Concern, and in March 2020 the WHO declared it a pandemic. This contagious disease outbreak has continued to spread across the globe and is materially and adversely impacting worldwide economic activity and financial markets.
The COVID-19 pandemic has affected how we and our customers and partners are operating our businesses, and the duration and extent to which this will impact our business, results of operations and cash flows is uncertain. Related to this uncertainty, certain customers have, and may in the future continue to, decrease or delay their information technology spending, purchase shorter term contracts or request payment concessions, any of which could result in decreased revenue and cash flows for us. We may experience customer losses, including due to bankruptcy or our customers ceasing operations, which may result in an inability to collect receivables from these customers. A decline in revenue or the collectability of our receivables would harm our business. In addition, the COVID-19 pandemic has disrupted and may continue to disrupt the operations of our customers and partners for an indefinite period of time, including as a result of local, state and federal government public health orders, travel restrictions and/or business shutdowns related to the continuance or resurgence of infection rates, all of which could negatively impact our business and results of operations, including cash flows. More generally, the COVID-19 pandemic has adversely affected economies and financial markets globally, and continued uncertainty could potentially lead to an economic downturn, which could decrease technology spending and adversely affect demand for our offerings and harm our business and results of operations.
The nature and extent of the impact of the COVID-19 pandemic on our customers and our customers’ response to the COVID-19 pandemic is difficult to assess or predict, and we may be unable to accurately forecast our revenues or financial results or other performance metrics, especially given that the near and long term impact of the pandemic remains uncertain. Our actual results could be materially above or below our forecasts, which could disappoint analysts and investors and/or cause our stock price to decline.
In light of the uncertain and rapidly evolving situation relating to the spread of COVID-19, we have taken precautionary measures intended to minimize the risk of the virusdisease to our employees, our customers, and the communities in which we operate, which could negatively impact our business. Although we continue to monitor the situation and may adjust our current policies as more information and public health guidance become available, precautionary measures that have been adopted could negatively affect our customer success efforts, employee productivity, sales and marketing efforts, delay and lengthen our sales cycles, or create operational or other challenges, including as a result of travel restrictions, any of which could harm our business and results of operations. In addition, COVID-19 may disrupt the operationsAdditionally, with so many of our customersemployees now working remotely, we are at increased risk of cyber security-related breaches. We continue to take steps to monitor and partners for an indefinite periodenhance the security of time, including as a resultour systems, IT infrastructure, networks, and data; however, the unprecedented scale of travel restrictions and/or business shutdowns,remote work may require additional personnel and resources, which nevertheless cannot be guaranteed to fully safeguard all ofsystems, IT infrastructure networks, and data upon which could negatively impact our business and results of operations, including cash flows. More generally, the outbreak of COVID-19 could adversely affect economies and financial markets globally, potentially leading to an economic downturn, which could decrease technology spending and adversely affect demand for our offerings and harm our business and results of operations. we rely.
It is not possible at this time to estimate the impact that the COVID-19 pandemic could have on our business, as the impact will depend on future developments, including the duration, spread, severity, and potential recurrence of a COVID-19 pandemic, which are highly uncertain and cannot be predicted. Furthermore, due to our shift to a renewablesubscription model, the effect of the COVID-19 pandemic may not be fully reflected in our results of operations until future periods, if at all.periods.
We face intense competition in our markets, and we may be unable to compete effectively against our current and future competitors.
Although our offerings target the new and emerging market for software and cloud services that deliver real-time business insights from data, we compete against a variety of large cloud service providers and software vendors, as well as smaller specialized companies, open source projects and custom development efforts, which provide solutions in the specific markets we address. Our principal competitors include:
large•Cloud monitoring and APM/Observability vendors;
•Monitoring, troubleshooting, security and analytics services offered (embedded or add-ons) by major public cloud service providers, as well as small, specialized vendors, that provide complementary and competitive solutions in enterpriseproviders;
•Companies targeting the data analytics industry;
•Legacy security, offerings, log aggregationsystems management and management, data warehousing, orchestration, automation, incident responseother IT vendors; and big data technologies that may compete with our offerings;
•IT departments of potential customers which have undertakenthat undertake custom software development efforts to analyze and manage their data;operations data across their public and private cloud landscapes.
companies targeting the big data market by commercializing open source software, such as Elastic;
security, systems management and other IT vendors, including BMC Software, IBM, Intel, Micro Focus, Microsoft and VMware;
business intelligence vendors, analytics and visualization vendors, including IBM and Oracle;
cloud monitoring and APM vendors, including Cisco AppDynamics, Datadog and New Relic; and
public cloud providers, including Amazon (Amazon Web Service), Google (Google Cloud Platform) and Microsoft (Microsoft Azure).
The principal competitive factors in our markets include features, performance and support, scalability and flexibility, ease of deployment and use, total cost of ownership and time to value. Some of our current and potential competitors have advantages over us, such as longer operating histories, significantly greater financial, technical, marketing or other resources, stronger brand and business user recognition, larger intellectual property portfolios, broader global distribution networks and presence and more developed ecosystems of partners and skilled users. Further, competitors may be able to offer products or functionality similar to ours at a more attractive price than we can, such as by integrating or bundling their software products with their other product offerings. In addition, our industry is evolving rapidly and is becoming increasingly competitive. Larger and more established companies may focus on delivering real-time business insights from data and could directly compete with us. For example, companies may commercialize open source software such as Elasticsearch, in a manner that competes with our offerings or causes potential customers to believe that such product and our offerings perform the same function. If companies move a greater proportion of their data and computational needs to the cloud, new competitors may emerge that offer services comparable to ours or that are better suited for cloud-based data, and the demand for our offerings may decrease. Smaller companies could also launch new products and services that we do not offer and that could gain market acceptance quickly.
In recent years, there have been significant acquisitions and consolidation by and among our competitors. We anticipate this trend of consolidation will continue, which will present heightened competitive challenges to our business. In particular, consolidation in our industry increases the likelihood of our competitors offering bundled or integrated products, and we believe that it may increase the competitive pressures we face with respect to our offerings. If we are unable to differentiate our offerings from the integrated or bundled products of our competitors, such as by offering enhanced functionality, performance or value, we may see decreased demand for those offerings, which would adversely affect our business operations, financial results and growth prospects. Further, it is possible that continued industry consolidation may impact customers’ perceptions of the viability of smaller or even medium-sized software firms and consequently their willingness to use software solutions from such firms. Similarly, if customers seek to concentrate their software license purchases in the product portfolios of a few large providers, we may be at a competitive disadvantage regardless of the performance and features of our offerings. We believe that in order to remain competitive at the large enterprise level, we will need to develop and expand relationships with resellers and large system integrators that provide a broad range of products and services. If we are unable to anticipate competitive challenges or compete effectively, our business operations and financial results could be materially and adversely affected.
If our new and existing offerings and product enhancements do not achieve sufficient market acceptance, our financial results and competitive position will suffer.
Our business substantially depends on, and we expect our business to continue to substantially depend on, sales of licenses, maintenance and services related to Splunk Enterprise.Enterprise and sales of subscriptions related to Splunk Cloud. As such, the market acceptance of Splunk Enterprise and Splunk Cloud is critical to our continued success. Demand for Splunk Enterprise isand Splunk Cloud are affected by a number of factors beyond our control, including continued market acceptance of Splunk Enterprise and Splunk Cloud by referenceable accounts for existing and new use cases, the timing of development and release of new products by our competitors, technological change, and growth or contraction in our market and the economy in general.
If we are unable to continue to meet customer demands or to achieve more widespread market acceptance of Splunk Enterprise and Splunk Cloud, our business operations, financial results and growth prospects will be materially and adversely affected.
We spend substantial amounts of time and money to research and develop or acquire new offerings and enhanced versions of our existing offerings to incorporate additional features, improve functionality or other enhancements in order to meet our customers’ rapidly evolving demands. In addition, we continue to invest in solutions that can be deployed on top of our platform to target specific use cases and to cultivate our community of application developers and users. When we develop a new or enhanced version of an existing offering, we typically incur expenses and expend resources upfront to market, promote and sell the new offering. Therefore, when we develop or acquire new or enhanced offerings, their introduction must
achieve high levels of market acceptance in order to justify the amount of our investment in developing and bringing them to market. For example, if our cloud servicesrecent product expansions and offerings, such as in Splunk CloudObservability Suite, do not garner widespread market adoption and implementation, our financial results and competitive position could suffer.
Further, we may make changes to our offerings that our customers do not like, find useful or agree with. We may also discontinue certain features, begin to charge for certain features that are currently free or increase fees for any of our features or usage of our offerings.
Our new and existing offerings or product enhancements and changes to our existing offerings could fail to attain sufficient market acceptance for many reasons, including:
•our failure to predict market demand accurately in terms of product functionality and to supply offerings that meet this demand in a timely fashion;
•real or perceived defects, errors or failures;
•negative publicity about their performance or effectiveness;
•delays in releasing to the market our new offerings or enhancements to our existing offerings to the market;
•introduction or anticipated introduction of competing products by our competitors;
•inability to scale and perform to meet customer demands;
•poor business conditions for our end-customers, causing them to delay IT purchases; and
•reluctance of customers to purchase products incorporating open source software.
If our new or existing offerings or enhancements and changes do not achieve adequate acceptance in the market, our competitive position will be impaired, and our revenue, business and financial results will be negatively impacted. The adverse effect on our financial results may be particularly acute because of the significant research, development, marketing, sales and other expenses we will have incurred in connection with the new offerings or enhancements.
Prolonged economic uncertainties or downturns could materially adversely affect our business.
Prolonged economic uncertainties or downturns could adversely affect our business operations or financial results. Negative conditions in the general economy in either the United States or abroad, including conditions resulting from financial and credit market fluctuations, changes in economic policy, trade uncertainty, including changes in tariffs, sanctions, international treaties, and other trade restrictions, the occurrence of a natural disaster, outbreaks of pandemic diseases such as COVID-19, political unrest and social strife, armed conflicts and an act of terrorism on the United States, Europe, Asia Pacific or elsewhere, have caused and could continue to cause a decrease in corporate spending on enterprise software in general and negatively affect the rate of growth of our business.
These conditions could make it extremely difficult for our customers and us to forecast and plan future business activities accurately, and they could cause our customers to reevaluate their decision to purchase our offerings, which could delay and lengthen our sales cycles or result in cancellations of planned purchases. Furthermore, during challenging economic times our customers may face issues in gaining timely access to sufficient credit, which could result in an impairment of their ability to make timely payments to us. If that were to occur, we may be required to increase our allowance for doubtful accounts, which would adversely affect our financial results.
We have a significant number of customers in the business services, energy, financial services, healthcare and pharmaceuticals, technology, manufacturing, media and entertainment, online services, retail, telecommunications and travel and transportation industries. A substantial downturn in any of these industries may cause firms to react to worsening conditions by reducing their capital expenditures in general or by specifically reducing their spending on information technology. Customers in these industries may delay or cancel information technology projects or seek to lower their costs by renegotiating vendor contracts. For example, the impact of the COVID-19 pandemic on the current economic environment has caused, and may in the future cause, customers to request concessions including extended payment terms or better pricing. To the extent purchases of our offerings are perceived by customers and potential customers to be discretionary, our revenues may be disproportionately affected by delays or reductions in general information technology spending. Also, customers may choose to develop in-house software as an alternative to using our offerings. Moreover, competitors may respond to market conditions by lowering prices and attempting to lure away our customers. In addition, the increased pace of consolidation in certain industries may result in reduced overall spending on our offerings.
We cannot predict the timing, strength or duration of any economic slowdown, instability or recovery, generally or within any particular industry or geography. If the economic conditions of the general economy or industries in which we operate worsen from present levels, our business operations and financial results could be adversely affected.
We are subject to governmental export and import controls that could impair our ability to compete in international markets or subject us to liability if we violate the controls.
Our offerings are subject to United States export controls, and we incorporate encryption technology into certain of our offerings. These encryption offerings and the underlying technology may be exported outside of the United States only with the required export authorizations, including by license.
Furthermore, our activities are subject to the U.S. economic sanctions laws and regulations that prohibit the shipment of certain products and services without the required export authorizations or export to countries, governments, and persons targeted by U.S. sanctions. While we take precautions to prevent our offerings from being exported in violation of these laws, including obtaining authorizations for our encryption offerings where appropriate, implementing IP address blocking and screenings against U.S. Government and international lists of restricted and prohibited persons, we cannot guarantee that the precautions we take will prevent violations of export control and sanctions laws. For example, downloads of our free software may have in the past been made in potential violation of the export control and economic sanctions laws.
We also note that if our partners fail to obtain appropriate import, export or re-export licenses or permits, we may also be adversely affected, through reputational harm as well as other negative consequences including government investigations and penalties. We presently incorporate export control compliance requirements in our partner and customer agreements. Complying with export control and sanctions regulations for a particular sale may be time-consuming and may result in the delay or loss of sales opportunities.
Violations of U.S. sanctions or export control laws can result in fines or penalties, including civil penalties of up to $300,000 or twice the value of the transaction, whichever is greater, per violation. In the event of criminal knowing and willful violations of these laws, fines of up to $1 million per violation and possible incarceration for responsible employees and managers could be imposed.
From time to time, as part of our acquisition activity, we have discovered a limited number of instances where certain activity raised concerns about potential violations of U.S. sanctions or export control laws. For example, we previously discovered that the SaaS platform or product of an acquired company was accessed (or attempted to be accessed) from IP addresses potentially located in embargoed countries. As a result, we have submitted and may, in the future, submit voluntary disclosures with the U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”) to alert the agency to these types of potential violations. If we (including the companies we acquire) are found to be in violation of U.S. economic sanctions or export control laws, it could result in fines and penalties. We may also be adversely affected through other penalties, reputational harm, loss of access to certain markets or otherwise.
Also, various countries, in addition to the United States, regulate the import and export of certain encryption and other technology, including import and export permitting and licensing requirements, and have enacted laws that could limit our ability to distribute our offerings or could limit our customers’ ability to implement our offerings in those countries. Changes in our offerings or future changes in export and import regulations may create delays in the introduction of our offerings in international markets, prevent our customers with international operations from deploying our offerings globally or, in some
cases, prevent the export or import of our offerings to certain countries, governments, or persons altogether. Any change in export or import regulations, economic sanctions or related legislation, or change in the countries, governments, persons or technologies targeted by such regulations, could result in decreased use of our offerings by, or in our decreased ability to export or sell our offerings to, existing or potential customers with international operations. Any decreased use of our offerings or limitation on our ability to export or sell our offerings would likely adversely affect our business operations and financial results.
If customers do not expand their use of our offerings beyond the current predominant use cases, our ability to grow our business and operating results may be adversely affected.
Most of our customers currently use our offerings to support application management, IT operations, security and compliance functions. Our ability to grow our business depends in part on our ability to help enable current and future customers to increase their use of our offerings for their existing use cases and expand their use of our offerings to additional use cases, such as facilities management, supply chain management, business analytics, IoT and customer analytics. If we fail to achieve market acceptance of our offerings for these applications, if we fail to predict demand for product functionality or respond to such demand in a timely fashion, if our customers are not satisfied with our offerings, or if a competitor establishes a more widely adopted solution for these applications, our ability to grow our business and financial results will be adversely affected.
Our business and growth depend substantially on customers entering into, renewing, upgrading and expanding their term licenses, agreements for cloud services and maintenance and support agreements with us. Any decline in our customer renewals, upgrades or expansions could adversely affect our future operating results.
We typically enter into term-based agreements for our licensed on-premisessoftware offerings, cloud services, and maintenance and support services, which customers have discretion to renew or terminate at the end of the initial term. In order for us to improve our operating results, it is important that new customers enter into renewable agreements, and our existing customers renew, upgrade and expand their term-based agreements when the initial contract term expires. Our customers have no obligation to renew, upgrade or expand their agreements with us after the terms have expired. Our customers’ renewal, upgrade and expansion rates may decline or fluctuate as a result of a number of factors, including their satisfaction or dissatisfaction with our offerings, our pricing, the effects of general economic conditions, competitive offerings or alterations or reductions in our customers’ spending levels. For example, the impact of the COVID-19 pandemic on the current economic environment has caused, and
may in the future cause, customers to request concessions such as extended payment terms or better pricing.pricing or be unwilling to commit to long-term contracts. If our customers do not renew, upgrade or expand their agreements with us or renew on terms less favorable to us, our revenues may decline.
We employ multiple and evolving pricing models, which subject us to various pricing and licensing challenges that could make it difficult for us to derive value from our customers and may adversely affect our operating results.
We employ multiple and evolving pricing models for our offerings. For example, we generally charge our customers for their use of Splunk Enterprise based on either the estimated daily data indexing capacity or compute resources our customers require. In addition, Splunk Cloud is generally priced based on either the volume of data indexed per day including a fixed amount of data storage, or purchased infrastructure, data storage and bandwidth our customers require, while Splunk Phantom and Splunk On-Call are priced by the number of seats or events used for the products. We offer term licensing options for software offerings and have some remaining perpetual licenses with existing customers, which each have different payment schedules, and depending on the mix of such licenses and cloud subscriptions, our revenues or deferred revenues could be adversely affected. Our pricing models may ultimately result in a higher total cost to our customers generally as data volumes increase over time, or may cause our customers to limit or decrease usage in order to stay within the limits of their existing licenses or cloud subscriptions, or lower their costs, making it more difficult for us to compete in our markets or negatively impacting our financial results. As the amount of data within our customers’ organizations grows, we face downward pressure from our customers regarding our pricing, which could adversely affect our revenues and operating margins. In addition, our pricing models may allow competitors with different pricing models to attract customers unfamiliar or uncomfortable with our pricing models, which would cause us to lose business or modify our pricing models, both of which could adversely affect our revenues and operating margins. We have introduced and expect to continue to introduce variations to our pricing models, including but not limited to, predictive pricing programs, workload-based pricing, data ingestion pricing, “rapid adoption” packages and other pricing programs that provide broader usage and cost predictability as well as tiered pricing based on deployment models, data source types, compute and storage units and customer environments. Any change in pricing models
bears inherent risks as it may provide customers a choice to go for the lower-cost option, therefore putting renewal and customer lifetime value at risk. Although we believe that these pricing models and variations to these models will drive net new customers and increase customer adoption, it is possible that they will not and may potentially cause customers to decline to purchase or renew licenses or cloud subscriptions, or confuse customers and reduce their lifetime value, which could negatively impact our revenue, business and financial results.
Furthermore, while our offerings can measure and limit customer usage for the most part, we removed metered license enforcement via our software under certain circumstances, and in other circumstances, such limitations may be improperly circumvented or otherwise bypassed by users. For those offerings where we are not fully able to track usage, customers may be consuming over their licensed capacity, which may reduce our revenue opportunities. Similarly, we provide our customers with an encrypted license key for enabling their use of our offerings. There is no guarantee that users of our offerings will abide by the terms of these license limitations or encrypted license keys, and if they do not, we may not be able to capture the full value for the use of our offerings. For example, our enterprise license is generally meant for our customers’ internal use only. If our internal use customers improperly make our offerings available to their customers or other third parties, for example, through a cloud or managed service offering not authorized by us, it may displace our end user sales. Additionally, if an internal use customer that has received a volume discount from us improperly makes available our offerings to its end customers, we may experience price erosion and be unable to capture the appropriate value from those end customers.
Our sales cycle is long and unpredictable, particularly with respect to large customers, and our sales efforts require considerable time and expense.
Our operating results may fluctuate, in part, because of the resource intensive nature of our sales efforts, the length and variability of the sales cycle of our offerings and the short-term difficulty in adjusting our operating expenses. Our operating results depend in part on sales to large customers. The length of our sales cycle, from initial evaluation to delivery of and payment for the software license, varies substantially from customer to customer. This variation is due to numerous factors, including in the expansion of our offerings and new pricing models, as well as the potential for different buying centers for the same offering. In addition, the introduction of Splunk Cloud has generated interest from our customers who are also considering purchasing and deploying Splunk Enterprise on-premises. In some cases, our customers may wish to consider a combination of these offerings, potentially further slowing our sales cycle. Our sales cycle can extend to more than a year for certain customers, particularly large customers. It is difficult to predict exactly when, or even if, an existing customer will convert from a perpetual license to term license or to cloud services, we will make a sale with a potential customer, or a user of a trial version of one of our offerings will upgrade to the paid version of that offering. As a result, large individual sales have, in some cases, occurred in quarters subsequent to those we anticipated, or have not occurred at all. The loss or delay of one or more large transactions in a quarter could impact our operating results for that quarter and any future quarters for which revenues from that transaction are lost or delayed. As a result of these factors, it is difficult for us to forecast our revenues accurately in any quarter. Because a substantial portion of our expenses are relatively fixed in the short-term (subject to rising fixed costs in the longer term as discussed above), our operating results will suffer if revenues fall below our expectations in a particular quarter.
Our international sales and operations subject us to additional risks and challenges that can adversely affect our business operations and financial results.
During fiscal 2021, we derived approximately 34% of our total revenues from customers outside the United States, and we are continuing to expand our international operations as part of our growth strategy. This strategy requires us to recruit and retain qualified technical and managerial employees, manage multiple remote locations performing complex software development projects and ensure intellectual property protection outside of the U.S. Additionally, we currently have sales personnel and sales and support operations in the United States and certain countries around the world. To the extent that we experience difficulties in recruiting, training, managing, or retaining non-U.S. staff, and specifically sales management and sales personnel staff, we may experience difficulties in sales productivity in, or market penetration of, non-U.S. markets. Additionally, our sales organization outside the United States is substantially smaller than our sales organization in the United States, and we rely heavily on our indirect sales channel for non-U.S. sales. Our ability to convince customers to expand their use of our offerings or renew their agreements with us is directly correlated to our direct engagement with the customer. To the extent we are unable to engage with non-U.S. customers effectively with our limited sales force, professional services and support capacity or our indirect sales model, we may be unable to grow sales to new or existing customers to the same degree we have experienced in the United States.
Our international operations subject us to a variety of risks and challenges, including:
•increased management, travel, infrastructure and legal compliance costs associated with having multiple international operations;
•reliance on partners, which may have different incentives or may sell competing products, as well as different approaches with respect to compliance with laws and regulations, business practices and other day-to-day activities;
•longer payment cycles and difficulties in collecting accounts receivable or satisfying revenue recognition criteria, especially in emerging markets;
•increased financial accounting and reporting burdens and complexities;
•general economic conditions in each country or region;
•political uncertainty around the world;
•compliance with multiple and changing foreign laws and regulations, including those governing employment, tax, privacy and data protection, data transfer and the risks and costs of non-compliance with such laws and regulations;
•compliance with laws and regulations for foreign operations, including the United States Foreign Corrupt Practices Act, the United Kingdom Bribery Act, import and export control laws, tariffs, trade barriers, economic sanctions and other regulatory or contractual limitations on our ability to sell our offerings in certain foreign markets, and the risks and costs of non-compliance, including as a result of any changes in trade relations, sanctioned parties or other restrictions;
•heightened risks of unfair or corrupt business practices in certain geographies and of improper or fraudulent sales arrangements that may impact financial results and result in restatements of financial statements and irregularities in financial statements;
•fluctuations in currency exchange rates and the related effect on our financial results;
•difficulties in repatriating or transferring funds from, or converting currencies in, certain countries;
•the need for localized software and licensing programs;
•reduced protection for intellectual property rights in some countries and practical difficulties of enforcing intellectual property and contract rights abroad; and
•natural disasters, diseases and pandemics, such as COVID-19, that may disproportionately affect areas in which we do business.
Recent geopolitical events may impact our operations and financial results. For example in December 2020, following a 2016 referendum in which voters in the United Kingdom approved an exit from the European Union (the “EU”) (often referred to as “Brexit”), the United Kingdom left the EU. The political and economic effects of Brexit are still uncertain and will depend, in part, on the Trade and Cooperation Agreement between the European Union and the European Atomic Energy Community, and the United Kingdom of Great Britain and Northern Ireland, signed on December 30, 2020. The departure of the United Kingdom from the EU may cause disruption to our business, including increased friction in our ability to deliver services across the EEA and Switzerland, difficulty in recruiting EU nationals in the United Kingdom due to new immigration requirements, and increased complexities in our relationships with existing and future customers, suppliers, and employees. For example, most of our sales to customers in the EU are transacted through our subsidiary incorporated in the United Kingdom and at this time, we are unable to determine the long-term effects of this arrangement. The economic and legal uncertainty caused by Brexit in the region and globally could also adversely affect the tax, operational, legal and regulatory regimes to which our business is subject in ways we do not yet anticipate.
Any of these risks could adversely affect our international operations, reduce our international revenues or increase our operating costs, adversely affecting our business operations, financial results and growth prospects.
In addition, compliance with laws and regulations applicable to our international operations increases our cost of doing business in foreign jurisdictions. We may be unable to keep current with changes in foreign government requirements and laws as they change from time to time. Failure to comply with these regulations could have adverse effects on our business. In many foreign countries, it is common for others to engage in business practices that are prohibited by our internal policies and procedures or United States regulations applicable to us. In addition, although we have implemented policies and procedures designed to ensure compliance with these laws and policies, there can be no assurance that all of our employees, contractors, partners and agents will comply with these laws and policies. Violations of laws or key control policies by our employees, contractors, partners or agents could result in delays in revenue recognition, financial reporting misstatements, fines, penalties, or the prohibition of the importation or exportation of our offerings and could have a material adverse effect on our business operations and financial results.
Our sales to public sector customers are subject to a number of additional challenges and risks.
We derive a portion of our revenues from contracts with U.S. federal, state and local and foreign governments, and we believe that the success and growth of our business will continue to depend on our successful procurement of government contracts. For our sales to these public sector customers, we must comply with laws and regulations relating to the formation, administration and performance of contracts, which affect how our partners and how we do business with governmental agencies. These laws and regulations provide public sector customers rights, many of which are not typically found in commercial contracts. Such rights may include price protection, the accuracy of information provided to the government, compliance with procurement integrity and government ethics, compliance with specified product certifications restrictions and pre-conditions for access to controlled or classified information, compliance with supply chain requirements, labor regulations and supplier diversity policies, and other terms that are particular to public sector customers. These laws and regulations may impose added costs on our business, and failure to comply with these or other applicable regulations and requirements, including non-compliance in the past, could lead to bid protests, contract cure actions, claims for damages or other relief, penalties, termination of contracts, loss of exclusive rights in our intellectual property, substantial audit or re-procurement costs and temporary suspension or permanent debarment from government contracting. Any such damages, penalties, disruptions or limitations in our ability to do business with the public sector could have a material adverse effect on our business operations and financial results.
In October 2019, we received authorization under the U.S. Federal Risk and Authorization Management Program (“FedRAMP”) that allows U.S. federal government agencies and contractors to have greater integration with our platform if and when they transition to cloud-based computing. At the same time, FedRAMP places an increased compliance burden upon us, which may increase our internal costs to provide services to government agencies. If we cannot adequately comply with FedRAMP compliance requirements, our growth could be adversely impacted, and we could incur significant liability and our reputation and business could be harmed.
Factors that could impede our ability to maintain or increase the amount of revenues derived from government contracts, include:
•changes in fiscal or contracting policies;
•decreases in available government funding;
•restrictions in the award of personal security clearances to our employees;
•ability to adapt to public sector budgetary cycles and funding authorizations, with funding reductions or delays having an adverse impact on public sector demand for our products;
•changes in government programs or applicable requirements;
•changes in government sanctions programs and related policies;
•the adoption of new laws or regulations or changes to existing laws or regulations;
•noncompliance with laws, contract provisions or government procurement or other applicable regulations, or the perception that any such noncompliance has occurred or is likely;
•changes in the political environment and budgeting, including before or after a change of leadership within the government administration, and any resulting uncertainty or changes in policy or priorities and resultant funding;
•ability to maintain the facility clearance required to perform on classified contracts for U.S. federal government agencies, or to maintain security clearances for our employees;
•changes to government certification requirements or approved product lists;
•ability to achieve or maintain one or more government certifications, including our existing FedRAMP certification;
•ability to maintain products on key government acquisition contracts;
•an extended government shutdown or other potential delays or changes in the government appropriations or other funding authorization processes including as a result of events such as war, incidents of terrorism, natural disasters, and public health concerns or epidemics, such as the recent COVID-19 pandemic;
•changes in the duration of our contracts with government customers;
•delays in the payment of our invoices by government payment offices; and
•bid protests by competitors
The occurrence of any of the foregoing could cause governments and governmental agencies to delay or refrain from purchasing licenses of our offerings in the future or otherwise have an adverse effect on our business operations and financial results. To the extent that we become more reliant on contracts with government entities, including foreign government entities, in the future, our exposure to such risks and challenges could increase, which in turn could adversely impact our business.
Incorrect or improper implementation or use of our software could result in customer dissatisfaction, customer data loss or corruption and negatively affect our business, operations, financial results and growth prospects.
Our software is deployed in a wide variety of technology environments. Increasingly, our software has been deployed in large scale, complex technology environments, and we believe our future success will depend on our ability to increase sales of our software licenses for use in such deployments. We often must assist our customers in achieving successful implementations for large, complex deployments. If we or our customers are unable to implement our software successfully, including related to technologies that we have obtained through acquisitions, are unable to do so in a timely manner or if an improper implementation or change in system configuration results in errors or loss of data, customer perceptions of our company may be impaired, our reputation and brand may suffer, and customers may choose not to increase their use of our offerings. In addition, our software imposes server load and index storage requirements for implementation. If our customers do not have the server load capacity or the storage capacity required, they may not be able to effectively implement and use our software and, therefore, may not choose to increase their use of our offerings.
Our customers and third-party partners may need training in the proper use of and the variety of benefits that can be derived from our software to maximize its potential. If our software is not implemented or used correctly or as intended, inadequate performance, errors, data loss or corruption may result. Because our customers rely on our software and maintenance and support services to manage a wide range of operations, the incorrect or improper implementation or use of our software, our failure to train customers on how to efficiently and effectively use our software, or our failure to provide maintenance services to our customers, may result in negative publicity or legal claims against us. Also, as we continue to expand our customer base, any failure by us to properly provide these services will likely result in lost opportunities for follow-on sales of our offerings.
If we or our third-party service providers experience a security breach or unauthorized parties otherwise obtain access to our customers’ data, our data, or our cloud services, our offerings may be perceived as not being secure, our reputation may be harmed, demand for our offerings may be reduced, and we may incur significant liabilities.
Our offerings involve the storage and transmission of data, and security breaches and incidents could result in the loss of this information, litigation, indemnity obligations, fines, penalties and other liability. We may become the target of cyber-attacks by third parties seeking unauthorized access to our data or our customer’s data or to disrupt our ability to provide services. There is also a danger of industrial espionage, misuse, theft of information or assets (including source code), or damage to assets by people who have gained unauthorized access to our facilities, systems or information. Because there are many different techniques used to obtain unauthorized access to systems and data, and such techniques continue to evolve, we may be unable to anticipate attempted security breaches and incidents and proactively implement adequate preventative measures. Additionally, with so many of our employees now working remotely due to the COVID-19 pandemic, we may face an increased risk of attempted security breaches and incidents. While we have taken steps to protect the confidential information that we have access to, including confidential information we may obtain through our customer support services or customer usage of our cloud services, our security measures or those of our third-party service providers could be breached or otherwise fail to prevent unauthorized access to or disclosure, modification, misuse, loss or destruction of such information. Computer malware, viruses, social engineering (phishing attacks), and increasingly sophisticated network attacks have become more prevalent in our industry, particularly against cloud services. In the first quarter of fiscal 2019, we took corrective action against an attacker who utilized compromised credentials to access and delete compute capacity in the Splunk Cloud environment. In addition, we do not directly control content that customers store in our offerings. If customers use our offerings for the transmission or storage of personal information or other sensitive types of information and our security measures are, or are believed to have been breached as a result of third-party action, employee error, malfeasance or otherwise, our reputation could be damaged, our business may suffer, and we could incur significant liability.
We also process, store and transmit our own data as part of our business and operations. This data may include personal, confidential or proprietary information. We make use of third-party technology and systems for a variety of reasons, including, without limitation, encryption and authentication technology, employee email, content delivery to customers, back-office support, credit card processing, human resources services, customer relationship management, enterprise risk planning and other functions. Although we have developed systems and processes that are designed to protect customerour business and proprietary information and prevent data loss and other security breaches and incidents, and to reduce the impact of a security breach or incident at a third-party vendor, such measures cannot provide absolute security. There can be no assurance that any security measures that we or our third-party service providers, including third party providers of cloud infrastructure services (“Cloud Service Providers”), have implemented will be effective against current or future security threats. While we maintain measures designed to protect the integrity, confidentiality and security of our data, our security measures or those of our third-party service providers could fail and result in unauthorized access to or disclosure, modification, misuse, loss or destruction of such data.
Any security breach or other security incident, or the perception that one has occurred, could result in a loss of customer confidence in the security of our offerings and damage to our brand, reduce the demand for our offerings, disrupt normal business operations, require us to spend material resources to investigate or correct the breach and to prevent future security breaches and incidents, expose us to legal liabilities, including litigation, regulatory enforcement, and indemnity obligations, and adversely affect our revenues and operating results. These risks may increase as we continue to grow the number and scale of our cloud services, and process, store, and transmit increasing amounts of data.
Third parties may also conduct attacks designed to deny customers access to our cloud services. A significant disruption in access to, or ability to use, our cloud services could damage our reputation with current and potential customers, expose us to liability, cause us to lose customers or otherwise negatively affect our business.
Additionally, wethe recent attack against SolarWinds, in which hackers inserted malware into a SolarWinds software update, highlights the growing risk from the infection of software while it is under assembly, known as a supply chain attack. We could become a vector for a similar style attack or could become the subject of one through a supply chain compromise.
We cannot be certain that our insurance coverage will be adequate for data security liabilities actually incurred, will cover any indemnification claims against us relating to any incident, that insurance will continue to be available to us on economically reasonable terms, or at all, or that any insurer will not deny coverage as to any future claim. The successful assertion of one or more large claims against us that exceed available insurance coverage, or the occurrence of changes in our insurance policies, including premium increases or the imposition of large deductible or co-insurance requirements, could have a material adverse effect on our business, including our financial condition, operating results, and reputation.
We employ multiple, uniqueInterruptions or performance problems associated with our technology and evolving pricing models, which subject us to various pricinginfrastructure, and licensing challenges that could make it difficult for us to derive valueour reliance on Software-as-a-Service (“SaaS”) technologies from our customers andthird parties, may adversely affect our operatingbusiness operations and financial results.
We employ multiple, unique and evolving pricing models for our offerings. For example, we generally charge our customers for their use of Splunk Enterprise based on either the estimated daily data indexing capacity or compute resources our customers require. In addition, Splunk Cloud is generally priced based on either the volume of data indexed per day including a fixed amount of data storage, or purchased infrastructure and data storage our customers require, while Splunk Phantom and VictorOps are priced by the number of seats that use the products. We offer term licensing options for on-premises offerings and have some remaining perpetual licenses with existing customers, which each have different payment schedules, and depending
Our continued growth depends in part on the mixability of such licensesour existing and cloud subscriptions, our revenues or deferred revenues could be adversely affected. Our pricing models may ultimately result in a higher total cost to our customers generally as data volumes increase over time, or may cause ourpotential customers to limituse and access our cloud services or decrease usageour website in order to staydownload our software or encrypted access keys for our software within the limits of their existing licenses or lower their costs, making it more difficult for us to compete in our markets or negatively impacting our financial results. As thean acceptable amount of data within our customers’ organizations grows, we face downward pressure from our customers regarding our pricing, which could adversely affect our revenues and operating margins.time. In addition, we rely heavily on hosted SaaS technologies from third parties in order to operate critical functions of our unique pricing models may allow competitors with different pricing models to attract customers unfamiliar or uncomfortable with our pricing models, which would cause us to lose business, or modify our pricing models, both of which could adversely affect our revenuesincluding enterprise resource planning services and operating margins.customer relationship management services. We have introducedexperienced and expect to continue to introduce variations to our pricing models, including but not limited to, predictive pricing programs, infrastructure-based pricing, data ingestion pricing, “rapid adoption” packagesmay in the future experience real or perceived website and cloud service disruptions, storage failures, outages and other pricing programs that provide broader usage and cost predictability as well as tiered pricing based on deployment models, data source types, compute and storage units and customer environments. Although we believe that these pricing models and variations to these models will drive net new customers, increase customer adoption and support our transitionperformance problems due to a renewable model, it is possible that they will notvariety of factors, including infrastructure changes, human or software errors, capacity constraints due to an overwhelming number of users accessing our website and may potentially cause customers to decline to purchaseservices simultaneously, unauthorized access, denial of service, security or renew licenses or confuse customers and reduce their lifetime value, which could negatively impact our revenue, business and financial results.
Furthermore, while our offerings can measure and limit customer usage, we removed metered license enforcement via our software under certain circumstances, and in other circumstances, such limitations may be improperly circumvented or otherwise bypassed by users. Similarly, we provide our customers with an encrypted license key for enabling their use of our offerings. There is no guarantee that users of our offerings will abide by the terms of these license limitations or encrypted license keys, and if they do not,ransomware attacks. In some instances, we may not be able to captureidentify the full value for the use of our offerings. For example, our enterprise license is generally meant for our customers’ internal use only. If our internal use customers improperly make our offerings available to their customerscause or other third parties, for example, through a cloud or managed service offering not authorized by us, it may displace our end user sales. Additionally, if an internal use customer that has received a volume discount from us improperly makes available our offerings to its end customers, we may experience price erosion and be unable to capture the appropriate value from those end customers.
We increasingly rely on third-party providers of cloud infrastructure services to deliver our offerings to users on our platform, and any disruption of or interference with our usecauses of these services could adversely affect our business.
Our cloud services, such as Splunk Cloud, are hosted exclusively by third party providerswebsite or service performance problems within an acceptable period of cloud infrastructure services (“Cloud Service Providers”). We do not have control over the operations or the facilities of Cloud Service Providers that we use, and any changes in a Cloud Service Provider’s service levels, which may be less than 100%, may adversely affect our ability to meet the commitments we make to our customers and their requirements. We currently offer a 100% uptime service level agreement (“SLA”) for Splunk Cloud.time. It may become increasingly difficult to maintain and improve our website and service performance, especially during peak usage times and as the usage of our offerings become more complex and our user traffic increases. If any of theour website or cloud services provided by the Cloud Service Providers fail or becomeare unavailable due to extended outages, interruptions or because they are no longer available on commercially reasonable terms or prices, or if weour users are unable to deliver 100% uptime underdownload our SLAs, our revenuessoftware or encrypted access keys within a reasonable amount of time or at all, we could be reduced,suffer damage to our reputation could be damaged, we couldwith current and potential customers, be exposed to legal liability, expenses could increase, our ability to manage our finances could be interrupted and our processes for managing sales of our offerings and supporting ourlose customers, could be impaired until equivalent services, if available, are identified, obtained and implemented, all of which could negatively affect our business. We expect to continue to make significant investments to maintain and improve website and service performance and to enable rapid releases of new features and apps for our offerings. To the extent that we do not effectively address capacity constraints, upgrade our systems as needed and continually develop our technology and network architecture to accommodate actual and anticipated changes in technology, our business and operating results may be adversely affected.
Real or perceived errors, failures or bugs in our offerings could adversely affect our business, financial results and the usagegrowth prospects.
Because our offerings are complex, undetected errors, failures or bugs may occur, especially when new offerings, versions or updates are released, including related to technologies that we have obtained through acquisitions. Our software is often installed and used in large-scale computing environments with different operating systems, system management software, and equipment and networking configurations, which may cause errors or failures of our software or other aspects of the computing environment into which it is deployed. In addition, deployment of our software into complicated, large-scale computing environments may expose undetected errors, failures or bugs in our software. Despite testing by us, errors, failures or bugs may not be found in our offerings until they are released to our customers. In the past, we have discovered errors, failures and bugs in some of our offerings after their introduction. Real or perceived errors, failures or bugs in our offerings could result in negative publicity, loss of or delay in market acceptance of our offerings, loss of competitive position or claims by customers for losses sustained by them. In such an event, we may be required, or may choose, for customer relations or other reasons, to expend additional resources in order to help correct the problem.
In addition, if an actual or perceived failure of our software occurs in a customer’s deployment or in our cloud services, regardless of whether the failure is attributable to our software, the market perception of the effectiveness of our offerings could be adversely affected. Alleviating any of these problems could require significant expenditures of our capital and other resources and could cause interruptions, delays or cessation of our licensing, which could cause us to lose existing or potential customers and could adversely affect our financial results and growth prospects.
We are subject to a number of legal requirements, contractual obligations and industry standards regarding security, data protection, and privacy, and any failure to comply with these requirements, obligations or standards could have an adverse effect on our reputation, business, financial condition and operating results.
Data privacy and security have become significant issues in the United States and in many other countries where we have employees and operations and where we offer licenses or cloud subscriptions to our offerings. If we are unableThe regulatory framework for data privacy and security issues worldwide is rapidly evolving and is likely to renew our agreementsremain uncertain for the foreseeable future. These obligations may be interpreted and applied inconsistently from one jurisdiction to another and may conflict with our Cloud Service Providers on commercially reasonable terms,one another, other regulatory requirements or our agreement is prematurely terminated,internal practices. The U.S. federal and various state and foreign government bodies and agencies have adopted or we needare considering adopting laws and regulations limiting, or laws and regulations regarding the collection, distribution, use, disclosure, storage, and security of certain types of information. For example, on January 1, 2020, the California Consumer Privacy Act (“CCPA”), which requires covered companies to addprovide new Cloud Services Providersdisclosures to increase capacityCalifornia consumers, and uptime, we could experience interruptions, downtime, delays,afford such consumers new abilities to opt-out of certain sales of personal information, became operative. Additionally, the California Privacy Rights Act (“CPRA”) was approved by California voters in the November 3, 2020 election. The CPRA significantly modifies the CCPA, creating obligations relating to consumer data beginning on January 1, 2022, with implementing regulations expected on or before July 1, 2022, and additional expenses related to transferring to and providing support for these new platforms. Anyenforcement beginning July 1, 2023. Aspects of the above circumstancesCCPA, the CPRA, and their interpretation remain unclear. We cannot yet fully predict the impact of the CCPA or eventsCPRA on
our business or operations, but they may harmrequire us to modify our reputationdata processing practices and brand, reducepolicies and to incur substantial costs and expenses in an effort to comply.
Internationally, virtually every jurisdiction in which we operate has established its own data security and privacy or data protection legal framework with which we or our customers must comply. Laws and regulations in these jurisdictions apply broadly to the availabilitycollection, use, storage, disclosure and security of data that identifies or usagemay be used to identify or locate an individual. These laws and regulations often are more restrictive than those in the United States and are rapidly evolving. For example, the EU General Data Protection Regulation (“GDPR”) became effective on May 25, 2018, and, in addition to imposing stringent obligations relating to data protection and security, authorizes fines up to 4% of our platformglobal annual revenue for some violations. We relied in part upon the EU-U.S. Privacy Shield Framework developed by the U.S. Department of Commerce and impair our abilitythe European Commission and the Swiss-U.S. Privacy Shield Framework developed by the U.S. Department of Commerce and the Swiss Administration to attract new users,provide U.S. companies with a valid data transfer mechanism under EU and Swiss law to permit them to transfer personal data from the European Union and Switzerland to the United States. On July 16, 2020, the Court of Justice of the European Union (“CJEU”) invalidated the EU-U.S. Privacy Shield, concluding it did not provide adequate protection for personal data transferred to the U.S. On September 8, 2020, the Swiss Federal Data Protection and Information Commissioner invalidated the Swiss-US Privacy Shield on similar grounds. In its July 16, 2020 opinion, the CJEU imposed additional obligations on companies when relying on standard contractual clauses approved by the European Commission (“SCCs”) to transfer personal data. The CJEU decision may result in European data protection regulators applying differing standards for, and requiring ad hoc verification of, transfers of personal data from Europe to the U.S. In November 2020, the European Commission released a draft of revised SCCs addressing the CJEU concerns. The European Data Protection Board (“EDPB”) also issued recommendations, and in January 2021, the EDPB and the European Data Protection Supervisor issued a joint opinion regarding those revised SCCs. The revised SCCs, the foregoing recommendations and opinions of regulators, and other developments relating to cross-border data transfer, may require us to implement additional contractual and technical safeguards for any personal data transferred out of the European Economic Area (“EEA”), which couldmay increase compliance costs, lead to increased regulatory scrutiny or liability, and which may adversely affectimpact our business, financial condition and resultsoperating results.
The United Kingdom enacted a Data Protection Act in May 2018 that substantially implements the GDPR, and has implemented legislation referred to as the “UK GDPR” that generally provides for the GDPR to be implemented in the UK following Brexit and the transition period that ended on December 31, 2020. While the EU has published draft decisions that the United Kingdom may be deemed an “adequate country” to which personal data could be exported from the EEA, this decision may face challenges in the future, creating uncertainty regarding transfers of personal data to the United Kingdom from the EEA. Our EMEA headquarters is in London, causing this uncertainty to be particularly significant to our operations. Some countries also are considering or have passed legislation requiring local storage and processing of data, or similar requirements, which could increase the cost and complexity of delivering our services.
Complying with the GDPR, the CCPA and the CPRA, or other laws, regulations, or other obligations relating to privacy, data protection, data localization or security in the U.S. or other regions worldwide may cause us to incur substantial operational costs or require us to modify our data handling practices. Non-compliance could result in proceedings against us by governmental entities or others, could result in substantial fines or other liability, and may otherwise adversely impact our business, financial condition and operating results.
Some statutory requirements, both in the United States and abroad, such as the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and numerous state statutes, include obligations of companies to notify individuals of security breaches involving certain types of personal information, which could result from breaches experienced by us or our service providers. Any actual or perceived security breach or incident could impact our reputation, harm our customer confidence, hurt our sales and expansion into new markets or cause us to lose existing customers, and could expose us to potential liability or require us to expend significant resources on data security and in responding to any such actual or perceived breach or incident.
In addition to government regulation, self-regulatory standards and other industry standards may legally or contractually apply to us, be argued to apply to us, or we may elect to comply with such standards or to facilitate our customers’ compliance with such standards. Because privacy, data protection and data security are critical competitive factors in our industry, we may make statements on our website, in marketing materials, or in other settings about our data processing and data security measures and our compliance with, or our ability to facilitate our customers’ compliance with, these standards. We also expect that laws, regulations, industry standards and other obligations relating to privacy, data protection and security will continue to evolve worldwide, and that there will continue to be new, modified, and re-interpreted laws, regulations, standards, and other obligations in these areas. We cannot yet determine the impact such future laws, regulations and standards, or
amendments to or re-interpretations of, existing laws and regulations, industry standards, or other obligations may have on our business. New laws, amendments to or re-interpretations of existing laws and regulations, industry standards, and contractual and other obligations may require us to incur additional costs and restrict our business operations. Because the interpretation and application of laws, standards, contractual obligations and other obligations relating to privacy and data protection are uncertain, these laws, standards, and contractual and other obligations may be interpreted and applied in a manner that is, or is alleged to be, inconsistent with our data management practices, our policies or procedures, or the features of our offerings. If so, in addition to the possibility of fines, lawsuits and other claims, we may find it necessary or appropriate to fundamentally change our business activities and practices, including the establishment of localized data storage or other data processing operations, or modify or cease offering certain offerings either generally or in certain geographic regions, any of which could have an adverse effect on our business. We may be unable to make such changes and modifications in a commercially reasonable manner or at all, and our ability to develop new offerings and features could be limited. Furthermore, the costs of compliance with, and other burdens imposed by, the laws, regulations, and policies that are applicable to the businesses of our customers may limit the use and adoption of, and reduce the overall demand for, our offerings. Any inability to adequately address privacy, data protection or security-related concerns, even if unfounded, or to successfully negotiate privacy, data protection or security-related contractual terms with customers, or to comply with applicable laws, regulations and other obligations relating to privacy, data protection, and security, could result in additional cost and liability to us, damage our reputation, inhibit sales, slow our sales cycles, and adversely affect our business. Privacy and personal security concerns, whether valid or not valid, may inhibit market adoption of our offerings, particularly in certain industries and foreign countries.
Failure to protect our intellectual property rights could adversely affect our business and our brand.
Our success and ability to compete depends, in part, on our ability to protect our trade secrets, trademarks, copyrights, patents, know-how, confidential information, proprietary methods and technologies and other intellectual property and proprietary rights, so that we can prevent others from using our inventions, and proprietary information and property. We generally rely on patent, copyright, trade secret and trademark laws, and confidentiality or license agreements with our employees, consultants, vendors, customers, partners and others, and generally limit access to and distribution of our proprietary information, in order to protect our intellectual property rights and maintain our competitive position. However, we cannot guarantee that the steps we take to protect our intellectual property rights will be effective.
Our issued patents and any patents issued in the future may not provide us with any competitive advantages, and our patent applications may never be granted. Additionally, the process of obtaining patent protection is expensive and time-consuming, and we may not be able to file and prosecute all necessary or desirable patent applications, or we may not be able to do so at a reasonable cost or in a timely manner. Even if issued, there can be no assurance that these patents will adequately protect our intellectual property, as the legal standards relating to the infringement, validity, enforceability and scope of protection of patent and other intellectual property rights are complex and often uncertain. Any patents that are issued, and any of our other intellectual property rights may be challenged by others and invalidated or narrowed through administrative process, litigation, or similar proceedings, allowing other companies to develop offerings that compete with ours, which could adversely affect our competitive business position, business prospects and financial condition. In addition, issuance of a patent does not guarantee that we have a right to practice the patented invention. We cannot be certain that we were the first to use the inventions claimed in our issued patents or pending patent applications or otherwise used in our offerings, that we were the first to file patent applications, or that third parties do not have blocking patents that could be used to prevent us from marketing or practicing our offerings or technology. Effective patent, trademark, copyright and trade secret protection may not be available to us in every country in which our offerings are available. The laws of some foreign countries may not be as protective of intellectual property rights as those in the United States (in particular, some foreign jurisdictions do not permit patent protection for software, and even in the United States, this protection is limited), and mechanisms for enforcement of intellectual property rights may be inadequate. We have filed for patents in the United States and in limited non-U.S. jurisdictions, but such protections may not be available or adequate in all countries in which we operate or in which we seek to enforce our intellectual property rights, or may be difficult to enforce in practice. For example, many foreign countries have compulsory licensing laws under which a patent owner must grant licenses to third parties. In addition, many countries limit the enforceability of patents against certain third parties, including government agencies or government contractors. In these countries, patents may provide limited or no benefit. As we expand our international activities, our exposure to unauthorized copying and use of our products and platform capabilities and proprietary information will likely increase. We are currently unable to measure the full extent of this unauthorized use of our products, platform capabilities, software, and proprietary information. We believe, however, that such unauthorized use is and can be expected to be a persistent problem that negatively impacts our revenue and financial results. Additional uncertainty may result from recent and future changes to intellectual property legislation in the United States and other countries and from interpretations of the intellectual property laws of the United States and other countries by applicable courts and agencies. Further, although we endeavor to enter into non-disclosure agreements with our employees,
licensees and others who may have access to confidential and proprietary information, we cannot assure that these agreements or other steps we have taken will prevent unauthorized use, disclosure or reverse engineering of our technology.
Moreover, third parties may independently develop technologies or products that compete with ours, and we may be unable to prevent this competition.
We might be required to spend significant resources to defend, monitor, and protect our intellectual property rights, such as by initiating claims or litigation against third parties for infringement of our proprietary rights or to establish the validity of our proprietary rights. However, we may not prevail in any lawsuits that we initiate, and the damages or other remedies awarded, if any, may not be adequate to compensate us for the harm suffered. Additionally, we may provoke third parties to assert counterclaims against us. Any litigation, whether or not it is resolved in our favor, could result in significant expense to us and divert the efforts of our technical and management personnel, which may adversely affect our business operations or financial results. For any of these reasons, despite our efforts, we may be unable to prevent third parties from infringing upon or misappropriating our intellectual property. If we fail to protect our intellectual property rights adequately, our competitors might gain access to our technology or use of our brand, and our business might be adversely affected.
We have been, and may in the future be, subject to intellectual property rights claims by third parties, which are extremely costly to defend, could require us to pay significant damages and could limit our ability to use certain technologies.
Companies in the software and technology industries, including some of our current and potential competitors, own large numbers of patents, copyrights, trademarks and trade secrets and frequently enter into litigation based on allegations of infringement or other violations of intellectual property rights. In addition, many of these companies have the capability to dedicate substantially greater resources to enforce their intellectual property rights and to defend claims that may be brought against them. The litigation may involve patent holding companies or other adverse patent owners that have no relevant product revenues and against which our patents may therefore provide little or no deterrence. From time-to-time, third parties, including
certain of these leading companies and non-practicing entities, have asserted and may assert patent, copyright, trademark or other intellectual property rights against us, our partners, our technology partners or our customers. We have received, and may in the future receive, notices that claim we have misappropriated, misused, or infringed other parties’ intellectual property rights, including those obtained through acquisitions of new technologies, and, to the extent we gain greater market visibility, we face a higher risk of being the subject of intellectual property infringement claims, which is not uncommon with respect to the enterprise software market.
There may be third-party intellectual property rights, including issued or pending patents, that cover or claim to cover significant aspects of our technologies or business methods. We may be exposed to increased risk of being the subject of intellectual property infringement claims as a result of acquisitions, as, among other things, we have a lower level of visibility into the development process with respect to such technology or the care taken to safeguard against infringement risks. Any intellectual property claims, with or without merit, could be very time-consuming, could be expensive to settle or litigate and could divert our management’s attention and other resources. These claims could also subject us to significant liability for damages, potentially including treble damages or enhanced statutory damages if we are found to have willfully infringed patents or copyrights. These claims could also result in our having to stop using technology found to be in violation of a third-party’s rights. We might be required to seek a license for the intellectual property, which may not be available on reasonable terms or at all. Even if a license were available, we could be required to pay significant royalties, which would increase our operating expenses. As a result, we may be required to develop alternative non-infringing technology, which could require significant effort and expense. If we cannot license or develop technology for any infringing aspect of our business, we would be forced to limit or stop sales of our offerings and may be unable to compete effectively. Any of these results would adversely affect our business operations and financial results.
We have a history of losses, and we may not be profitable in the future.
We have incurred net losses in each year since our inception. As a result, we had an accumulated deficit of $1.56 billion at January 31, 2020. Because the market for our offerings continues to evolve and has not yet reached widespread adoption, it is difficult for us to predict our future operating results. We expect our operating expenses to increase over the next several years as we hire additional personnel, expand and improve the effectiveness of our distribution channels, improve the performance and scalability of our technology architecture, and continue to develop features and functionality for our offerings. In addition, as a public company, we have incurred and will continue to incur significant legal, accounting and other operating expenses. If our revenues do not increase to offset these increases in our operating expenses, we may not be profitable in future periods. Our historical revenue growth has been inconsistent and should not be considered indicative of our future performance. Further, in future periods, our revenue growth could slow, or our revenues could decline for a number of reasons, including slowing demand for our offerings, increasing competition, a decrease in the growth of our overall market, or our failure, for any reason, to continue to capitalize on growth opportunities. Any failure by us to achieve, sustain or increase profitability on a consistent basis could cause the value of our common stock to decline.
Splunk Cloud, as well as cloud services for other products, require costly and continual infrastructure investments, and market adoption of these cloud services could adversely affect our business.
A cloud-based model of software deployment is one in which a software provider typically licenses an application to customers for use as a service on demand through web browser technologies. Delivering software under a cloud-based model results in higher costs and expenses when compared to sales of on-premises licenses for similar functionality. In recent years, companies have begun to expect that key software, such as customer relationship management and enterprise resource planning systems, be provided through a cloud-based model. Many of our offerings are now made available in the cloud as well as on-premises. Customers can sign up for Splunk Cloud and other services and avoid the need to provision, deploy and manage internal infrastructure. In order to provide Splunk Cloud and other services via a cloud-based deployment, we have made and will continue to make capital investments and incur substantial costs to implement and maintain this alternative business model. In addition, as we look to deliver more cloud services, we are making significant technology investments to deliver new capabilities and advance our software to deliver cloud-native customer experiences. We expect that over time the percentage of our revenue attributable to our cloud services will increase. If our cloud services, in particular Splunk Cloud, do not garner widespread market adoption, or there is a reduction in demand for cloud services caused by a lack of customer acceptance, technological challenges, weakening economic or political conditions, security or privacy concerns, inability to properly manage such services, competing technologies and products, decreases in corporate spending or otherwise, our financial results, business model and competitive position could suffer. If these investments do not yield the expected return, or we are unable to decrease the cost of providing our cloud services, our gross margins, overall financial results, business model and competitive position could suffer. Transitioning to a cloud-based model also impacts the way we recognize revenues, which may affect our operating results and could have an adverse effect on our business operations and financial results.
Even with these investments and costs, the cloud-based business model for Splunk Cloud and other services may not be successful, as some customers may desire only on-premises licenses to our offerings. Our cloud services may raise concerns among customers, including concerns regarding changes to pricing models, service availability, scalability, ability to use customer-developed apps, information security of a cloud service and hosted data, and access to data while offline or once a subscription has expired. Market acceptance of our cloud services can be affected by a variety of factors, including but not limited to: security, reliability, performance, terms of service, support terms, customer preference, community engagement, customer concerns with entrusting a third party to store and manage their data, public concerns regarding data privacy or data protection, and the enactment of restrictive laws or regulations in the affected jurisdictions. If we or other providers of cloud services experience security incidents or breaches, loss of customer data, disruptions in delivery of services, network outages, disruptions in availability of the internet, unauthorized access or other problems, the market for cloud services as a whole, including Splunk Cloud, may be negatively affected. Moreover, sales of Splunk Cloud and other services could displace sales of our on-premises software licenses. Alternatively, subscriptions to Splunk Cloud and other services that exceed our expectations may unexpectedly increase our costs, lower our margins, lower our profits or increase our losses and otherwise negatively affect our projected financial results.
Interruptions or performance problems associated with our technology and infrastructure, and our reliance on Software-as-a-Service (“SaaS”) technologies from third parties, may adversely affect our business operations and financial results.
Our continued growth depends in part on the ability of our existing and potential customers to use and access our cloud services or our website in order to download our on-premises software or encrypted access keys for our software within an acceptable amount of time. In addition, we rely heavily on hosted SaaS technologies from third parties in order to operate critical functions of our business, including enterprise resource planning services and customer relationship management services. We have experienced, or may in the future experience, website and cloud service disruptions, storage failures, outages and other performance problems due to a variety of factors, including infrastructure changes, human or software errors, capacity constraints due to an overwhelming number of users accessing our website and services simultaneously, unauthorized access, denial of service, security or ransomware attacks. In some instances, we may not be able to identify the cause or causes of these website or service performance problems within an acceptable period of time. It may become increasingly difficult to maintain and improve our website and service performance, especially during peak usage times and as our offerings become more complex and our user traffic increases. If our website or cloud services are unavailable or if our users are unable to download our software or encrypted access keys within a reasonable amount of time or at all, we could suffer damage to our reputation with current and potential customers, be exposed to legal liability, and lose customers, all of which could negatively affect our business. We expect to continue to make significant investments to maintain and improve website and service performance and to enable rapid releases of new features and apps for our offerings. To the extent that we do not effectively address capacity constraints, upgrade our systems as needed and continually develop our technology and network architecture to accommodate actual and anticipated changes in technology, our business and operating results may be adversely affected.
Our sales cycle is long and unpredictable, particularly with respect to large customers, and our sales efforts require considerable time and expense.
Our operating results may fluctuate, in part, because of the resource intensive nature of our sales efforts, the length and variability of the sales cycle of our offerings and the short-term difficulty in adjusting our operating expenses. Our operating results depend in part on sales to large customers. The length of our sales cycle, from initial evaluation to delivery of and payment for the software license, varies substantially from customer to customer. This variation is due to numerous factors, including in the expansion of our offerings and new pricing models, as well as the potential for different buying centers for the same offering. In addition, the introduction of Splunk Cloud has generated interest from our customers who are also considering purchasing and deploying Splunk Enterprise on-premises. In some cases, our customers may wish to consider a combination of these offerings, potentially further slowing our sales cycle. Our sales cycle can extend to more than a year for certain customers, particularly large customers. It is difficult to predict exactly when, or even if, an existing customer will convert from a perpetual license to term license or to cloud services, we will make a sale with a potential customer, or a user of a trial version of one of our offerings will upgrade to the paid version of that offering. As a result, large individual sales have, in some cases, occurred in quarters subsequent to those we anticipated, or have not occurred at all. The loss or delay of one or more large transactions in a quarter could impact our operating results for that quarter and any future quarters for which revenues from that transaction is delayed. As a result of these factors, it is difficult for us to forecast our revenues accurately in any quarter. Because a substantial portion of our expenses are relatively fixed in the short-term (subject to rising fixed costs in the longer term as discussed above), our operating results will suffer if revenues fall below our expectations in a particular quarter, which could cause the price of our common stock to decline.
Our international sales and operations subject us to additional risks and challenges that can adversely affect our business operations and financial results.
During the fiscal year ended January 31, 2020, we derived approximately 29% of our total revenues from customers outside the United States, and we are continuing to expand our international operations as part of our growth strategy. We currently have sales personnel and sales and support operations in the United States and certain countries around the world. To the extent that we experience difficulties in recruiting, training, managing, or retaining non-U.S. staff, and specifically sales management and sales personnel staff, we may experience difficulties in sales productivity in, or market penetration of, non-U.S. markets. Additionally, our sales organization outside the United States is substantially smaller than our sales organization in the United States, and we rely heavily on our indirect sales channel for non-U.S. sales. Our ability to convince customers to expand their use of our offerings or renew their maintenance and support agreements with us is directly correlated to our direct engagement with the customer. To the extent we are unable to engage with non-U.S. customers effectively with our limited sales force, professional services and support capacity or our indirect sales model, we may be unable to grow sales to existing customers to the same degree we have experienced in the United States.
Our international operations subject us to a variety of risks and challenges, including:
increased management, travel, infrastructure and legal compliance costs associated with having multiple international operations;
reliance on partners, which may have different incentives or may sell competing products, as well as different approaches with respect to compliance with laws and regulations, business practices and other day-to-day activities;
longer payment cycles and difficulties in collecting accounts receivable or satisfying revenue recognition criteria, especially in emerging markets;
increased financial accounting and reporting burdens and complexities;
general economic conditions in each country or region;
political uncertainty around the world;
compliance with multiple and changing foreign laws and regulations, including those governing employment, tax, privacy and data protection, data transfer and the risks and costs of non-compliance with such laws and regulations;
compliance with laws and regulations for foreign operations, including the United States Foreign Corrupt Practices Act, the United Kingdom Bribery Act, import and export control laws, tariffs, trade barriers, economic sanctions and other regulatory or contractual limitations on our ability to sell our offerings in certain foreign markets, and the risks and costs of non-compliance, including as a result of any changes in trade relations, sanctioned parties or other restrictions;
heightened risks of unfair or corrupt business practices in certain geographies and of improper or fraudulent sales arrangements that may impact financial results and result in restatements of financial statements and irregularities in financial statements;
fluctuations in currency exchange rates and the related effect on our financial results;
difficulties in repatriating or transferring funds from, or converting currencies in, certain countries;
the need for localized software and licensing programs;
reduced protection for intellectual property rights in some countries and practical difficulties of enforcing intellectual property and contract rights abroad; and
natural disasters, diseases and pandemics, such as COVID-19, that may disproportionately affect areas in which we do business.
A number of recent geopolitical events may impact our financial statements and results of operation. Following a referendum in June 2016 in which voters in the United Kingdom approved an exit from the European Union (“EU”) (often referred to as “Brexit”), and on January 31, 2020, the United Kingdom officially left the European Union pursuant to Brexit, with a transitional period during with the United Kingdom remains bound to the EU’s rules, set to end on December 31, 2020. Brexit has created an uncertain political and economic environment in the United Kingdom and other European Union countries. Following the transition period, the United Kingdom will lose access to the EU single market and to EU trade deals negotiated with other jurisdictions, so the long-term effects of Brexit will depend on the agreements or arrangements with the EU for the United Kingdom to retain access to EU markets either during the transitional period or more permanently. Brexit may cause disruption to our business, including affecting relationships with existing and future customers, suppliers, and employees. For example, all our sales to customers based in the EU are transacted through our subsidiary incorporated in the United Kingdom and at this time, we are unable to determine the effects, if any, of Brexit on our sales to these customers. The economic and legal uncertainty caused by Brexit in the region and globally could also adversely affect the tax, operational, legal and regulatory regimes to which our business is subject. Brexit may subject us to new regulatory costs and challenges, in addition to other adverse effects that we are unable effectively to anticipate.
Any of these risks could adversely affect our international operations, reduce our international revenues or increase our operating costs, adversely affecting our business operations, financial results and growth prospects.
In addition, compliance with laws and regulations applicable to our international operations increases our cost of doing business in foreign jurisdictions. We may be unable to keep current with changes in foreign government requirements and laws as they change from time to time. Failure to comply with these regulations could have adverse effects on our business. In many foreign countries, it is common for others to engage in business practices that are prohibited by our internal policies and procedures or United States regulations applicable to us. In addition, although we have implemented policies and procedures designed to ensure compliance with these laws and policies, there can be no assurance that all of our employees, contractors, partners and agents will comply with these laws and policies. Violations of laws or key control policies by our employees, contractors, partners or agents could result in delays in revenue recognition, financial reporting misstatements, fines, penalties, or the prohibition of the importation or exportation of our offerings and could have a material adverse effect on our business operations and financial results.
If we are unable to maintain successful relationships with our partners, and to help our partners enhance their ability to independently sell and deploy our offerings, our business operations, financial results and growth prospects could be adversely affected.
In addition to our direct sales force, we use partners, such as distributors and resellers, to license, provide professional services and support our offerings. Historically, we have relied on a limited number of such partners for a substantial portion of our total sales, particularly in the Europe, Middle East and Africa (“EMEA”) and Asia Pacific (“APAC”) regions, and for sales to government agencies. For example, sales through our top two partners, represented 48% of our revenue in fiscal 2020. We expect that sales through partners in all regions will continue to grow as a portion of our revenues for the foreseeable future. As changes in our partner strategy are implemented, including potentially emphasizing partner-sourced transactions, results from sales through our partners may be adversely affected.
Our agreements with our partners are generally non-exclusive, meaning our partners may offer customers the products of several different companies, including products that compete with ours. If our partners do not effectively market and sell our offerings, choose to use greater efforts to market and sell their own products or those of our competitors, or fail to meet the needs of our customers, our ability to grow our business and sell our offerings may be adversely affected. Our partners may cease marketing our offerings with limited or no notice and with little or no penalty. The loss of a substantial number of our partners or any of our key partners, our possible inability to replace them, or the failure to recruit additional partners could materially and adversely affect our results of operations and could have an impact on the growth rate of our revenue as we work to obtain new partners or replacement relationships. In addition, sales by partners are more likely than direct sales to involve collectability concerns, in particular sales by our partners in developing markets, and accordingly, variations in the mix between revenues attributable to sales by partners and revenues attributable to direct sales may result in fluctuations in our operating results.
As we are transitioning our business model, the manner in which we conduct business with and compensate our partners, as well as the business demands placed upon our partners will likely change, requiring some of our historically effective partners to adapt their sales and marketing techniques to sell cloud services and term licenses. Such changes may lead to shorter duration contracts, which require more frequent customer contact by, and different business terms with, our partners. In some circumstances, new partners may be more effective in adapting to our new business model, particularly when such
partners have experience selling cloud services. Therefore, our expectations for our partners, and our rubric for evaluating compatible partners may change, which may adversely impact our results of operations during the transition.
Our ability to achieve revenue growth in the future will depend in part on our success in maintaining successful relationships with our partners, and to help our partners enhance their ability to independently sell and deploy our offerings. In order to achieve these objectives, we may be required to adjust our incentives, pricing or discount programs for our partners, which could adversely affect our operating results. If we are unable to maintain our relationships with these partners, or otherwise develop and expand our indirect distribution channel, our business, results of operations, financial condition or cash flows could be adversely affected.
Our sales to public sector customers are subject to a number of additional challenges and risks.
We derive a portion of our revenues from contracts with U.S. federal, state and local and foreign governments, and we believe that the success and growth of our business will continue to depend on our successful procurement of government contracts. For our sales to these public sector customers, we must comply with laws and regulations relating to the formation, administration and performance of contracts, which affect how our partners and how we do business with governmental agencies. These laws and regulations provide public sector customers rights, many of which are not typically found in commercial contracts. These may include rights with respect to price protection, the accuracy of information provided to the government, compliance with procurement integrity and government ethics, access to classified information, compliance with supply chain requirements and supplier diversity policies, and other terms that are particular to public sector customers. These laws and regulations may impose added costs on our business, and failure to comply with these or other applicable regulations and requirements, including non-compliance in the past, could lead to claims for damages or other relief, penalties, termination of contracts, loss of exclusive rights in our intellectual property, and temporary suspension or permanent debarment from government contracting. Any such damages, penalties, disruptions or limitations in our ability to do business with the public sector could have a material adverse effect on our business operations and financial results.
In October 2019, we received authorization under the U.S. Federal Risk and Authorization Management Program (“FedRAMP”) that allows U.S. federal government agencies and contractors to have greater integration with our platform if and when they transition to cloud-based computing. At the same time, FedRAMP places an increased compliance burden upon us, which may increase our internal costs to provide services to government agencies. If we cannot adequately comply with FedRAMP compliance requirements, our growth could be adversely impacted, and we could incur significant liability and our reputation and business could be harmed.
Factors that could impede our ability to maintain or increase the amount of revenues derived from government contracts, include:
changes in fiscal or contracting policies;
decreases in available government funding;
restrictions in the award of personal security clearances to our employees;
ability to adapt to public sector budgetary cycles and funding authorizations, with funding reductions or delays having an adverse impact on public sector demand for our products;
changes in government programs or applicable requirements;
changes in government sanctions programs and related policies;
the adoption of new laws or regulations or changes to existing laws or regulations;
noncompliance with laws, contract provisions or government procurement or other applicable regulations, or the perception that any such noncompliance has occurred or is likely;
ability to maintain the facility clearance required to perform on classified contracts for U.S. federal government agencies, or to maintain security clearances for our employees;
changes to government certification requirements;
ability to achieve or maintain one or more government certifications, including our existing FedRAMP certification;
an extended government shutdown or other potential delays or changes in the government appropriations or other funding authorization processes;
changes in the duration of our contracts with government customers; and
delays in the payment of our invoices by government payment offices.
The occurrence of any of the foregoing could cause governments and governmental agencies to delay or refrain from purchasing licenses of our offerings in the future or otherwise have an adverse effect on our business operations and financial results. To the extent that we become more reliant on contracts with government entities, including foreign government entities, in the future, our exposure to such risks and challenges could increase, which in turn could adversely impact our business.
Prolonged economic uncertainties or downturns could materially adversely affect our business.
Prolonged economic uncertainties or downturns could adversely affect our business operations or financial results. Negative conditions in the general economy in either the United States or abroad, including conditions resulting from financial and credit market fluctuations, changes in economic policy, trade uncertainty, including changes in tariffs, sanctions, international treaties, and other trade restrictions, the occurrence of a natural disaster, outbreaks of pandemic diseases such as COVID-19, political unrest and social strife, armed conflicts and an act of terrorism on the United States, Europe, Asia Pacific or elsewhere, could cause a decrease in corporate spending on enterprise software in general and negatively affect the rate of growth of our business.
These conditions could make it extremely difficult for our customers and us to forecast and plan future business activities accurately, and they could cause our customers to reevaluate their decision to purchase our offerings, which could delay and lengthen our sales cycles or result in cancellations of planned purchases. Furthermore, during challenging economic times our customers may face issues in gaining timely access to sufficient credit, which could result in an impairment of their ability to make timely payments to us. If that were to occur, we may be required to increase our allowance for doubtful accounts, which would adversely affect our financial results.
We have a significant number of customers in the business services, energy, financial services, healthcare and pharmaceuticals, technology, manufacturing, media and entertainment, online services, retail, telecommunications and travel and transportation industries. A substantial downturn in any of these industries may cause firms to react to worsening conditions by reducing their capital expenditures in general or by specifically reducing their spending on information technology. Customers in these industries may delay or cancel information technology projects or seek to lower their costs by renegotiating vendor contracts. For example, the impact of COVID-19 on the current economic environment has caused, and may in the future cause, such customers to request concessions including extended payment terms or better pricing. To the extent purchases of our offerings are perceived by customers and potential customers to be discretionary, our revenues may be disproportionately affected by delays or reductions in general information technology spending. Also, customers may choose to develop in-house software as an alternative to using our offerings. Moreover, competitors may respond to market conditions by lowering prices and attempting to lure away our customers. In addition, the increased pace of consolidation in certain industries may result in reduced overall spending on our offerings.
We cannot predict the timing, strength or duration of any economic slowdown, instability or recovery, generally or within any particular industry or geography. If the economic conditions of the general economy or industries in which we operate worsen from present levels, our business operations and financial results could be adversely affected.
Incorrect or improper implementation or use of our software could result in customer dissatisfaction, customer data loss or corruption and negatively affect our business, operations, financial results and growth prospects.
Our software is deployed in a wide variety of technology environments. Increasingly, our software has been deployed in large scale, complex technology environments, and we believe our future success will depend on our ability to increase sales of our software licenses for use in such deployments. We often must assist our customers in achieving successful implementations for large, complex deployments. If we or our customers are unable to implement our software successfully, are unable to do so in a timely manner or if an improper implementation or change in system configuration results in errors or loss of data, customer perceptions of our company may be impaired, our reputation and brand may suffer, and customers may
choose not to increase their use of our offerings. In addition, our software imposes server load and index storage requirements for implementation. If our customers do not have the server load capacity or the storage capacity required, they may not be able to effectively implement and use our software and, therefore, may not choose to increase their use of our offerings.
Our customers and third-party partners may need training in the proper use of and the variety of benefits that can be derived from our software to maximize its potential. If our software is not implemented or used correctly or as intended, inadequate performance, errors, data loss or corruption may result. Because our customers rely on our software and maintenance and support services to manage a wide range of operations, the incorrect or improper implementation or use of our software, our failure to train customers on how to efficiently and effectively use our software, or our failure to provide maintenance services to our customers, may result in negative publicity or legal claims against us. Also, as we continue to expand our customer base, any failure by us to properly provide these services will likely result in lost opportunities for follow-on sales of our offerings.
We are subject to governmental export and import controls that could impair our ability to compete in international markets or subject us to liability if we violate the controls.
Our offerings are subject to United States export controls, and we incorporate encryption technology into certain of our offerings. These encryption offerings and the underlying technology may be exported outside of the United States only with the required export authorizations, including by license.
Furthermore, our activities are subject to the U.S. economic sanctions laws and regulations that prohibit the shipment of certain products and services without the required export authorizations or export to countries, governments, and persons targeted by U.S. sanctions. While we take precautions to prevent our offerings from being exported in violation of these laws, including obtaining authorizations for our encryption offerings where appropriate, implementing IP address blocking and screenings against U.S. Government and international lists of restricted and prohibited persons, we cannot guarantee that the precautions we take will prevent violations of export control and sanctions laws. For example, downloads of our free software may have in the past been made in potential violation of the export control and economic sanctions laws.
We also note that if our partners fail to obtain appropriate import, export or re-export licenses or permits, we may also be adversely affected, through reputational harm as well as other negative consequences including government investigations and penalties. We presently incorporate export control compliance requirements in our partner agreements. Complying with export control and sanctions regulations for a particular sale may be time-consuming and may result in the delay or loss of sales opportunities.
Violations of U.S. sanctions or export control laws can result in fines or penalties, including civil penalties of up to $300,000 or twice the value of the transaction, whichever is greater, per violation. In the event of criminal knowing and willful violations of these laws, fines of up to $1 million per violation and possible incarceration for responsible employees and managers could be imposed.
From time to time, as part of our acquisition activity, we have discovered a limited number of instances where certain activity raised concerns about potential violations of U.S. sanctions or export control laws. For example, we have discovered that the SaaS platform or product of an acquired company was accessed (or attempted to be accessed) from IP addresses potentially located in embargoed countries. As a result, we have submitted and may, in the future, submit voluntary disclosures with the U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”) to alert the agency to these potential violations. If we (including the companies we acquire) are found to be in violation of U.S. economic sanctions or export control laws, it could result in fines and penalties. We may also be adversely affected through other penalties, reputational harm, loss of access to certain markets or otherwise.
Also, various countries, in addition to the United States, regulate the import and export of certain encryption and other technology, including import and export permitting and licensing requirements, and have enacted laws that could limit our ability to distribute our offerings or could limit our customers’ ability to implement our offerings in those countries. Changes in our offerings or future changes in export and import regulations may create delays in the introduction of our offerings in international markets, prevent our customers with international operations from deploying our offerings globally or, in some cases, prevent the export or import of our offerings to certain countries, governments, or persons altogether. Any change in export or import regulations, economic sanctions or related legislation, or change in the countries, governments, persons or technologies targeted by such regulations, could result in decreased use of our offerings by, or in our decreased ability to export or sell our offerings to, existing or potential customers with international operations. Any decreased use of our offerings or
limitation on our ability to export or sell our offerings would likely adversely affect our business operations and financial results.
If we are not able to maintain and enhance our brand, our business and operating results may be adversely affected.
We believe that maintaining and enhancing the “Splunk” brand identity is critical to our relationships with current customers and partners and to our ability to attract new customers and partners. The successful promotion of our brand will depend largely upon our marketing efforts, our ability to continue to offer high-quality offerings and our ability to successfully differentiate our offerings from those of our competitors. For example, in September 2019, we launched the Data-to-Everything Platform marketing campaign to enhance the “Splunk” brand. This marketing campaign, as well as our general brand promotion activities, may not be successful or yield increased revenues. In addition, independent industry analysts often provide reviews of our offerings, as well as those of our competitors, and perception of our offerings in the marketplace may be significantly
influenced by these reviews. If these reviews are negative, or less positive as compared to those of our competitors’ products and services, our brand may be adversely affected.
Moreover, it may be difficult to maintain and enhance our brand in connection with sales through partners. We have and will continue to incur a substantial amount of expenditures in connection with our Data-to-Everything campaigns, and we anticipate that brand promotion expenditures will increase as our market becomes more competitive and as we attempt to grow our business. To the extent that these activities yield increased revenues, these revenues may not offset the increased expenses we incur. If we do not successfully maintain and enhance our brand, our business may not grow, we may have reduced pricing power relative to competitors with stronger brands, and we could lose customers and partners, all of which would adversely affect our business operations and financial results.
Real or perceived errors, failures or bugs in our offerings could adversely affect our financial results and growth prospects.
Because our offerings are complex, undetected errors, failures or bugs may occur, especially when new offerings, versions or updates are released. Our on-premises software is often installed and used in large-scale computing environments with different operating systems, system management software, and equipment and networking configurations, which may cause errors or failures of our software or other aspects of the computing environment into which it is deployed. In addition, deployment of our software into complicated, large-scale computing environments may expose undetected errors, failures or bugs in our software. Despite testing by us, errors, failures or bugs may not be found in our offerings until they are released to our customers. In the past, we have discovered errors, failures and bugs in some of our offerings after their introduction. Real or perceived errors, failures or bugs in our offerings could result in negative publicity, loss of or delay in market acceptance of our offerings, loss of competitive position or claims by customers for losses sustained by them. In such an event, we may be required, or may choose, for customer relations or other reasons, to expend additional resources in order to help correct the problem.
In addition, if an actual or perceived failure of our software occurs in a customer’s deployment or in our cloud services, regardless of whether the failure is attributable to our software, the market perception of the effectiveness of our offerings could be adversely affected. Alleviating any of these problems could require significant expenditures of our capital and other resources and could cause interruptions, delays or cessation of our licensing, which could cause us to lose existing or potential customers and could adversely affect our financial results and growth prospects.
Our future performance depends in part on proper use of our community website, Splunkbase, expansion of our developer ecosystem, and support from third-party software developers.
Our offerings enable third-party software developers to build apps on top of our platform. We operate a community website, Splunkbase, for sharing these third-party apps, including add-ons and extensions. While we expect Splunkbase to support our sales and marketing efforts, it also presents certain risks to our business, including:
third-party developers may not continue developing or supporting the software apps that they share on Splunkbase;
we cannot guarantee that if and as we change the architecture of our products and services, third-party developers will evolve their existing software apps to be compatible or that they will participate in the creation of new apps utilizing the new architecture;
we cannot provide any assurance that these apps meet the same quality and security standards that we apply to our own development efforts, and, to the extent they contain bugs, defects or security vulnerabilities, they may create disruptions in our customers’ use of our offerings or negatively affect our brand;
we do not currently provide support for software apps developed by third-party software developers, and users may be left without support and potentially disappointed by their experience of using our offerings if the third-party software developers do not provide appropriate support for these apps;
these third-party software developers may not possess the appropriate intellectual property rights to develop and share their apps or otherwise may not have assessed legal and compliance risks related to distributing their apps;
some of these apps are hosted in external sites for a fee and are not controlled or reviewed by us, which may lead to a negative experience by customers that may impact our reputation; and
some of these developers may use the insight they gain using our offerings and from documentation publicly available on our website to develop competing products.
Many of these risks are not within our control to prevent, and our brand may be damaged if these apps, add-ons and extensions do not perform to our customers’ satisfaction and that dissatisfaction is attributed to us.
If poor advice or misinformation is spread through our community website, Splunk Answers, users of our offerings may experience unsatisfactory results from using our offerings, which could adversely affect our reputation and our ability to grow our business.
We host Splunk Answers for sharing knowledge about how to perform certain functions with our offerings. Our users are increasingly turning to Splunk Answers for support in connection with their use of our offerings. We do not review or test the information that non-Splunk employees post on Splunk Answers to ensure its accuracy or efficacy in resolving technical issues. Therefore, we cannot ensure that all the information listed on Splunk Answers is accurate or that it will not adversely affect the performance of our offerings. Furthermore, users who post such information on Splunk Answers may not have adequate rights to the information to share it publicly, and we could be the subject of intellectual property claims based on our hosting of such information. If poor advice or misinformation is spread among users of Splunk Answers, our customers or other users of our offerings may experience unsatisfactory results from using our offerings, which could adversely affect our reputation and our ability to grow our business.
Our use of “open source” software could negatively affect our ability to sell our offerings and subject us to possible litigation, and our participation in open source projects may impose unanticipated burdens or restrictions.
We use open source software in our offerings and business, including as incorporated into software we receive from third party commercial software vendors or technologies obtained through acquisitions, and expect to continue to use open source software in the future. Use of open source software may entail greater risks than use of third-party commercial software. The terms of many open source licenses have not been interpreted by U.S. courts, and there is a risk that such licenses could be construed in a manner that imposes unanticipated conditions or restrictions on our ability to market or commercialize our products. We may face claims from others alleging breach of license requirements or infringement of intellectual property rights in what we believe to be licensed open source software. In addition, under the terms of some open source licenses, under certain conditions, we could be required to release our proprietary source code that was developed using, incorporating or linked with such open source software, or apply open source licenses to our proprietary software, including authorizing further modification and redistribution. These claims or requirements, including any change to the applicable license terms, could also result in litigation, require us to purchase a costly license, require us to devote additional research and development resources to change our offerings, or require us to cease offering the implicated products unless and until we can find alternative tools or re-engineer them to avoid infringement or release of our proprietary source code, any of which would have a negative effect on our business and operating results. In addition to risks related to license requirements, usage of open source software can lead to greater risks than use of third-party commercial software, as open source licensors generally do not provide updates, warranties, support, indemnities, assurances of title or controls on origin of the software, or other contractual protections regarding infringement claims or the quality of the code. Likewise, some open source projects have known security and other vulnerabilities and architectural instabilities, or are otherwise subject to security attacks due to their wide availability, and are provided on an “as-is” basis. Additionally, we, including companies that we acquired, have intentionally made certain proprietary software available on an open source basis, both by contributing modifications back to existing open source projects, and by making certain internally developed tools
available pursuant to open source licenses, and we plan to continue to do so in the future. While we have established procedures, including a review process for any such contributions, which is designed to protect any code that may be competitively sensitive, we cannot guarantee that this process has always been applied consistently by us or by companies that we have acquired, prior to the acquisition. Even when applied, because any software source code we contribute to open source projects is publicly available, our ability to protect our intellectual property rights with respect to such software source code may be limited or lost entirely, and we may be unable to prevent our competitors or others from using such contributed software source code for competitive purposes, or for commercial or other purposes beyond what we intended. Many of these risks associated with usage of open source software could be difficult to eliminate or manage, and could, if not properly addressed, negatively affect the performance of our offerings and our business.
We are subjectincreasingly rely on third-party providers of cloud infrastructure services to a number of legal requirements, contractual obligations and industry standards regarding security, data protection, and privacydeliver our offerings to users on our platform, and any failuredisruption of or interference with our use of these services could adversely affect our business.
Our cloud services, such as Splunk Cloud, are hosted exclusively by our Cloud Service Providers. We do not have control over the operations or the facilities of Cloud Service Providers that we use, and any changes in a Cloud Service Provider’s service levels, which may be less than 100%, may adversely affect our ability to comply with these requirements, obligationsmeet the commitments we make to our customers and their requirements. We currently offer a 100% uptime service level agreement (“SLA”) for Splunk Cloud. It may become increasingly difficult to maintain and improve our performance, especially during peak usage times, as the usage of our offerings increases. If any of the services provided by the Cloud Service Providers fail or standardsbecome unavailable due to extended outages, interruptions or because they are no longer available on commercially reasonable terms or prices, or if we are unable to deliver 100% uptime under our SLAs, our revenues could have an adverse effect onbe reduced, our reputation could be damaged, we could be exposed to legal liability, expenses could increase, our ability to manage our finances could be interrupted and our processes for
managing sales of our offerings and supporting our customers could be impaired until equivalent services, if available, are identified, obtained and implemented, all of which could adversely affect our business, financial conditionresults and operating results.
Data privacy and security have become significant issues in the United States and in many other countries where we have employees and operations and where we offer licenses or cloud subscriptions tousage of our offerings. The regulatory frameworkIf we are unable to renew our agreements with our Cloud Service Providers on commercially reasonable terms, or our agreement is prematurely terminated, or we need to add new Cloud Services Providers to increase capacity and uptime, we could experience interruptions, downtime, delays, and additional expenses related to transferring to and providing support for data privacy and security issues worldwide is rapidly evolving and is likely to remain uncertain for the foreseeable future. The U.S. federal and various state and foreign government bodies and agencies have adopted or are considering adopting laws and regulations limiting, or laws and regulations regarding the collection, distribution, use, disclosure, storage, and security of certain types of information. For example, on January 1, 2020, the California Consumer Privacy Act (“CCPA”), which requires covered companies to providethese new disclosures to California consumers, and afford such consumers new abilities to opt-out of certain sales of personal information, became operative. The CCPA is the subject of proposed regulations issued by the California Attorney General in October 2019. Aspectsplatforms. Any of the CCPAabove circumstances or events may harm our reputation and its interpretation remain unclear. We cannot yet fully predictbrand, reduce the impactavailability or usage of the CCPA on our business or operations, but it may require usplatform and impair our ability to modify our data processing practices and policies and to incur substantial costs and expenses in an effort to comply.
Internationally, virtually every jurisdiction in which we operate has established its own data security and privacy or data protection legal framework with which we or our customers must comply. Laws and regulations in these jurisdictions apply broadly to the collection, use, storage, disclosure and securityattract new users, any of data that identifies or may be used to identify or locate an individual. These laws and regulations often are more restrictive than those in the United States and are rapidly evolving. For example, the EU General Data Protection Regulation (“GDPR”) became effective on May 25, 2018, and, in addition to imposing stringent obligations relating to data protection and security, authorizes fines up to 4% of global annual revenue or €20 million, whichever is greater, for some violations. We have self-certified to the EU-U.S. and the Swiss-U.S. Privacy Shield Frameworks developed by the U.S. Department of Commerce and the European Commission to provide U.S. companies with a valid data transfer mechanism under EU and Swiss law to permit them to transfer personal data from the European Union or Switzerland to the United States. The EU-U.S. and Swiss-U.S. Privacy Shield Frameworks are subject to annual review. The EU-U.S. Privacy Shield Framework and model contractual clauses approved by the European Commission, which we also use in our business to address certain cross-border data transfers, each have faced challenges in European courts, and may be further challenged, suspended or invalidated. The United Kingdom enacted a Data Protection Act in May 2018 that substantially implements the GDPR, and this Data Protection Act was amended to further align with the GDPR in 2019. Brexit has, however, created uncertainty with regard to data protection regulation in the United Kingdom and how data transfers to and from the United Kingdom will be regulated post-Brexit. Our EMEA headquarters is in London, causing this uncertainty to be particularly significant to our operations. Some countries also are considering or have passed legislation requiring local storage and processing of data, or similar requirements, which could increase the cost and complexity of delivering our services. Complying with the GDPR or other laws, regulations, or other obligations relating to privacy, data protection, data localization or security may cause us to incur substantial operational costs or require us to modify our data handling practices. Non-compliance could result in proceedings against us by governmental entities or others, could result in substantial fines or other liability, and may otherwise adversely impactaffect our business, financial condition and operating results.results of operations.
Some statutory requirements, both in the United States and abroad, such as the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and numerous state statutes, include obligations of companies to notify individuals of security breaches involving certain types of personal information, which could result from breaches experienced by us or our service providers. Any actual or perceived security breach or incident could impact our reputation, harm our customer confidence, hurt our sales and expansion into new markets or cause us to lose existing customers, and could expose us to potential liability or require us to expend significant resources on data security and in responding to any such actual or perceived breach or incident.
In addition to government regulation, self-regulatory standards and other industry standards may legally or contractually apply to us, be argued to apply to us, or we may elect to comply with such standards or to facilitate our customers’ compliance with such standards. Because privacy, data protection and data security are critical competitive factors in our industry, we may make statements on our website, in marketing materials, or in other settings about our data security measures and our compliance with, or our ability to facilitate our customers’ compliance with, these standards. We also expect that there will continue to be new proposed laws and regulations concerning privacy, data protection and security, and we cannot yet determine the impact such future laws, regulations and standards, or amendments to or re-interpretations of, existing laws and regulations, industry standards, or other obligations may have on our business. New laws, amendments to or re-interpretations of existing laws and regulations, industry standards, and contractual and other obligations may require us to incur additional costs and restrict our business operations. Because the interpretation and application of laws, standards, contractual obligations and other obligations relating to privacy and data protection are uncertain, these laws, standards, and contractual and other obligations may be interpreted and applied in a manner that is, or is alleged to be, inconsistent with our data management practices, our policies or procedures, or the features of our offerings. If so, in addition to the possibility of fines, lawsuits and other claims, we could be required to fundamentally change our business activities and practices or modify our offerings, which could have an adverse effect on our business. We may be unable to make such changes and modifications in a commercially reasonable manner or at all, and our ability to develop new offerings and features could be limited. Furthermore, the costs of compliance with, and other burdens imposed by, the laws, regulations, and policies that are applicable to the businesses of our customers may limit the use and adoption of, and reduce the overall demand for, our offerings. Any inability to adequately address privacy, data protection or security-related concerns, even if unfounded, or to successfully negotiate privacy, data protection or security-related contractual terms with customers, or to comply with applicable laws, regulations and other obligations relating to privacy, data protection, and security, could result in additional cost and liability to us, damage our reputation, inhibit sales, slow our sales cycles, and adversely affect our business. Privacy and personal security concerns, whether valid or not valid, may inhibit market adoption of our offerings particularly in certain industries and foreign countries.
If we are unable to attractmaintain successful relationships with our partners, and retain leadershipto help our partners enhance their ability to independently sell and key personnel,deploy our offerings, our business operations, financial results and growth prospects could be adversely affected.
In addition to our direct sales force, we use partners, such as distributors and resellers, to license, provide professional services and support our offerings. Historically, we have relied on a limited number of such partners for a substantial portion of our total sales, particularly in the Europe, Middle East and Africa (“EMEA”) and Asia Pacific (“APAC”) regions, and for sales to government agencies. For example, sales through our top two partners represented 41% of our revenue in fiscal 2021. We dependexpect that sales through partners in all regions will continue to be a significant portion of our revenues for the foreseeable future. As changes in our partner strategy are implemented, including potentially emphasizing partner-sourced transactions, results from sales through our partners may be adversely affected.
Our agreements with our partners are generally non-exclusive, meaning our partners may offer customers the products of several different companies, including products that compete with ours. If our partners do not effectively market and sell our offerings, choose to use greater efforts to market and sell their own products or those of our competitors, or fail to meet the needs of our customers, our ability to grow our business and sell our offerings may be adversely affected. Our partners may cease marketing our offerings with limited or no notice and with little or no penalty. The loss of a substantial number of our partners or any of our key partners, our possible inability to replace them, or the failure to recruit additional partners could materially and adversely affect our results of operations and could have an impact on the continued contributionsgrowth rate of our leadership, senior managementrevenue as we work to obtain new partners or replacement relationships. In addition, sales by partners are more likely than direct sales to involve collectability and other key personnel,compliance concerns, in particular sales by our partners in developing markets, and accordingly, variations in the lossmix between revenues attributable to sales by partners and revenues attributable to direct sales may result in fluctuations in our operating results.
As we are transitioning our business model, the manner in which we conduct business with and compensate our partners, as well as the business demands placed upon our partners will likely change, requiring some of whomour historically effective partners to adapt their sales and marketing techniques to sell cloud services and term licenses. Such changes may lead to shorter duration contracts, which require more frequent customer contact by, and different business terms with, our partners. In some circumstances, new partners may be more effective in adapting to our new business model, particularly when such partners have experience selling cloud services. Therefore, our expectations for our partners, and our rubric for evaluating compatible partners may change, which may adversely impact our results of operations during the transition.
Our ability to achieve revenue growth in the future will depend in part on our success in maintaining successful relationships with our partners, and to help our partners enhance their ability to independently sell and deploy our offerings. In order to achieve these objectives, we may be required to adjust our incentives, pricing or discount programs for our partners, which could adversely affect our business. All of our executive officers and key employees are at-will employees, which means they may terminate their employment relationship with us at any time. We do not maintain a key-person life insurance policy on any of our officers or other employees.
Our future success also depends on our ability to identify, attract and retain highly skilled technical, managerial, finance and other personnel, particularly in our sales and marketing, research and development, general and administrative, and professional service departments. We face intense competition for qualified individuals from numerous software and other technology companies. We may incur significant costs to attract and retain these qualified individuals, and we may lose new employees to our competitors or other technology companies before we realize the benefit of our investment in recruiting and training them. As we move into new geographies, we will need to attract and recruit skilled personnel in those areas.operating results. If we are unable to attractmaintain our relationships with these partners, or otherwise develop and retain suitably qualified individuals who are capable of meetingexpand our growing technical, operational and managerial requirements, on a timely basis or at all, our business will be adversely affected.
We continue to be substantially dependent on our sales force to effectively execute our sales strategies to obtain new customers and to drive additional use cases and adoption among our existing customers. We believe that there is significant competition for sales personnel with the skills and technical knowledge that we require. Our ability to achieve significant revenue growth will depend, in large part, on our success in recruiting, training and retaining sufficient numbers of sales personnel to support our growth. In addition, as we continue to grow rapidly, a large percentage of our sales force is new to the company and our offerings. As our sales strategies evolve and offerings expand, additional training for new hires and our existing team may be required for our sales force to successfully execute on those strategies. We periodically adjust our sales organization and our compensation programs as part of our efforts to optimize our sales operations to grow revenue and support our business model transition. If we have not structured our sales organization or compensation for our sales personnel in a way that properly supports our company’s objectives, or if we fail to make changes in a timely fashion or do not effectively manage changes, our revenue growth could be adversely affected. Our growth creates additional challenges and risks with respect to attracting, integrating and retaining qualified employees, particularly sales personnel. If we are unable to hire and train sufficient numbers of effective sales personnel, or the sales personnel are not successful in obtaining new customers or increasing sales to our existing customer base, our business will be adversely affected
Volatility or lack of performance in our stock price may also affect our ability to attract and retain our key employees. Many of our senior management personnel and other key employees have become, or will soon become, vested in a substantial amount of stock, restricted stock units or stock options. Employees may be more likely to leave us if the shares they own or the
shares underlying their vested restricted stock units or options have significantly appreciated in value relative to the original purchase prices of the shares or the exercise prices of the options, or, conversely, if the exercise prices of the options that they hold are significantly above the market price of our common stock. If we are unable to retain our employees, or if we need to increase our compensation expenses to retain our employees,indirect distribution channel, our business, results of operations, financial condition andor cash flows wouldcould be adversely affected.
Our future performance depends in part on proper use of our community website, Splunkbase, expansion of our developer ecosystem, and support from third-party software developers.
Our offerings enable third-party software developers to build apps on top of our platform. We have in the past madeoperate a community website, Splunkbase, for sharing these third-party apps, including add-ons and may in the future make acquisitions that could prove difficultextensions. While we expect Splunkbase to integrate and/or adversely affectsupport our business operationssales and financial results.
From time to time, we may choose to expand by making acquisitions that could be materialmarketing efforts, it also presents certain risks to our business, resultsincluding:
•third-party developers may not continue developing or supporting the software apps that they share on Splunkbase;
•we cannot guarantee that if and cash flows. For example,as we recently acquired SignalFx, Inc., a privately held SaaS providerchange the architecture of real-time monitoringour products and metrics for cloud infrastructure, microservices and applications, Omnition, which develops a platform for distributed tracing and application monitoring and Streamlio, Inc., which specializesservices, third-party developers will evolve their existing software apps to be compatible or that they will participate in the designcreation of new apps utilizing the new architecture;
•we cannot provide any assurance that these apps meet the same quality and operationsecurity standards that we apply to our own development efforts, and, to the extent they contain bugs, defects or security vulnerabilities, they may create disruptions in our customers’ use of streaming data solutions. Our ability as an organization to successfully acquire and integrate technologiesour offerings or businesses is unproven. Acquisitions involve many risks, including the following:
an acquisition may negatively affect our financial results because itbrand;
•we do not currently provide support for software apps developed by third-party software developers, and users may require us to incur charges or assume substantial debt or other liabilities,be left without support and potentially disappointed by their experience of using our offerings if the third-party software developers do not provide appropriate support for these apps;
•these third-party software developers may cause adverse tax consequences or unfavorable accounting treatment, may expose us to claims and disputes by third parties, includingnot possess the appropriate intellectual property claimsrights to develop and disputes,share their apps or otherwise may not generate sufficient financial return to offset additional costshave assessed legal and expensescompliance risks related to the acquisition;distributing their apps;
potential goodwill impairment charges related to acquisitions;
costs•some of these apps are hosted in external sites for a fee and potential difficulties associated with the requirement to test and assimilate the internal control processes of the acquired business;
we may encounter difficultiesare not controlled or unforeseen expenditures in integrating the business, technologies, infrastructure, products, personnel or operations of any company that we acquire, particularly if key personnel of the acquired company decide not to work forreviewed by us, or if we are unable to retain key personnel;
we may not realize the expected benefits of the acquisition;
an acquisition may disrupt our ongoing business, divert resources, increase our expenses and distract our management;
an acquisition may result in a delay or reduction of customer purchases for both us and the company acquired due to customer uncertainty about continuity and effectiveness of service from either company;
the potential impact on relationships with existing customers, vendors and distributors as business partners as a result of acquiring another company or business that competes with or otherwise is incompatible with those existing relationships;
the potential that our due diligence of the acquired company or business does not identify significant problems or liabilities, or that we underestimate the costs and effects of identified liabilities;
exposure to litigation or other claims in connection with, or inheritance of claims or litigation risk as a result of, an acquisition, including but not limited to claims from former employees, customers or other third parties, which may differlead to a negative experience by customers that may impact our reputation; and
•some of these developers may use the insight they gain using our offerings and from or be more significant than the risks our business faces;
we may encounter difficulties in, or may be unable to, successfully sell any acquired products;
an acquisition may involve the entry into geographic or business markets in which we have little or no prior experience or where competitors have stronger market positions;
an acquisition may require us to comply with additional laws and regulations, or to engage in substantial remediation efforts to cause the acquired company to comply with applicable laws or regulations, or result in liabilities resulting from the acquired company’s failure to comply with applicable laws or regulations;
our use of cash to pay for an acquisition would limit other potential uses for our cash;
if we incur debt to fund such acquisition, such debt may subject us to material restrictionsdocumentation publicly available on our abilitywebsite to conduct our business as well as financial maintenance covenants; anddevelop competing products.
to the extent that we issue a significant amount of equity securities in connection with future acquisitions, existing stockholders may be diluted and earnings per share may decrease.
The occurrence of anyMany of these risks could have a material adverse effect on our business operations and financial results.
Natural disasters and other events beyondare not within our control could harmto prevent, and our business.
Natural disasters or other catastrophic eventsbrand may cause damage or disruptionbe damaged if these apps, add-ons and extensions do not perform to our operations, international commercecustomers’ satisfaction and the global economy, and thus could have a negative effect onthat dissatisfaction is attributed to us. Our business operations are subject to interruption by natural disasters, flooding, fire, power shortages, pandemics such as the recent
If poor advice or misinformation is spread of COVID-19, terrorism, political unrest, telecommunications failure, vandalism, cyber-attacks, geopolitical instability, war, the effects of climate change (such as drought, wildfires, increased storm severity and sea level rise) and other events beyondthrough our control. Although we maintain crisis management and disaster response plans, such events could make it difficult or impossible for us to deliver our services to our customers, could decrease demand for our services, and could cause us to incur substantial expense. Our insurance may not be sufficient to cover losses or additional expense that we may sustain. The majoritycommunity website, Splunk Answers, users of our research and development activities, corporate offices, and other critical business operations are located near major seismic faults in California. Customer data could be lost, significant recovery time could be required to resume operations andofferings may experience unsatisfactory results from using our financial condition and operating results could be adversely affected in the event of a major natural disaster or catastrophic event.
We may require additional capital to support business growth, and this capital might not be available on acceptable terms, if at all.
We intend to continue to make investments to support our business growth and may require additional funds to respond to business challenges, including the need to develop new features or enhance our offerings, improve our operating infrastructure or acquire complementary businesses and technologies. We recently lowered our cash flow guidance due to the effect of our transition to a renewable business model. If the assumptions underlying our cash flow guidance are incorrect, for example, due to the unknown impacts of COVID-19, our business may not continue to generate cash flow from operations in the future sufficient to make necessary capital expenditures. Accordingly, we have engaged in, and may need to engage in the future, in equity, equity-linked or debt financings to secure additional funds. If we raise additional funds through future issuances of equity or convertible debt securities, our existing stockholders could suffer significant dilution, and any new equity securities we issue could have rights, preferences and privileges superior to those of holders of our common stock. For example, if we elect to settle our conversion obligation under the Notes (as defined below) in shares of our common stock or a combination of cash and shares of our common stock, the issuance of such common stock may dilute the ownership interests of our stockholders and sales in the public market could adversely affect prevailing market prices. Any debt financing that we may secure in the future could involve restrictive covenants relating to our capital raising activities and other financial and operational matters, which may make it more difficult for us to obtain additional capital and to pursue business opportunities, including potential acquisitions, or otherwise reduce operational flexibility. We may not be able to obtain additional financing on terms favorable to us, if at all. If we are unable to obtain adequate financing or financing on terms satisfactory to us when we require it, our ability to continue to support our business growth and to respond to business challenges could be significantly impaired, and our business may be adversely affected.
Our ability to use our net operating losses to offset future taxable income may be subject to certain limitations.
In general, under Section 382 of the United States Internal Revenue Code of 1986 (the “Code”), a corporation that undergoes an ownership change is subject to limitations on its ability to utilize its pre-change net operating losses (“NOLs”) to offset future taxable income. If our existing NOLs are subject to limitations arising from previous ownership changes, our ability to utilize NOLs could be limited by Section 382 of the Code. Future changes in our stock ownership, some of which are outside of our control, could result in an ownership change under Section 382 of the Code. Furthermore, our ability to utilize NOLs of companies that we may acquire in the future may be subject to limitations. There is also a risk that either under prior regulations or other unforeseen reasons, our prior year NOLs could expire or otherwise be unavailable to offset future income tax liabilities. For these reasons, we may not be able to utilize a portion of these NOLs reflected on our balance sheet, even if we attain profitability.
Taxing authorities may successfully assert that we should have collected or in the future should collect sales and use, value added or similar taxes, and we could be subject to liability with respect to past or future sales, which could adversely affect our financial results.reputation and our ability to grow our business.
We host Splunk Answers for sharing knowledge about how to perform certain functions with our offerings. Our users are increasingly turning to Splunk Answers for support in connection with their use of our offerings. We do not collect salesreview or test the information that non-Splunk employees post on Splunk Answers to ensure its accuracy or efficacy in resolving technical issues. Therefore, we cannot ensure that all the information listed on Splunk Answers is accurate or that it will not adversely affect the performance of our offerings. Furthermore, users who post such information on Splunk Answers may not have adequate rights to the information to share it publicly, and use, value added and similar taxes in all jurisdictions in which we have sales,could be the subject of intellectual property claims based on our belief thathosting of such taxes are not applicable. Sales and use, value added and similar tax laws and rates vary greatly by jurisdiction. Certain jurisdictions in which we do not collect such taxes may assert that such taxes are applicableinformation. If poor advice or thatmisinformation is spread among users of Splunk Answers, our presence in such jurisdictions is sufficient to require us to collect taxes, which could result in tax assessments, penalties and interest, and we may be required to collect such taxes in the future. Such tax assessments, penalties and interestcustomers or future requirements may adversely affect our financial results.
We could be subject to additional tax liabilities.
We are subject to federal, state and local taxes in the United States and numerous foreign jurisdictions. Significant judgment is required in evaluating our tax positions and our worldwide provision for taxes. During the ordinary course of business, there are many activities and transactions for which the ultimate tax determination is uncertain. We previously discovered that we have not complied with various tax rules and regulations in certain foreign jurisdictions. We are working to resolve these matters. In addition, our tax obligations and effective tax rates could be adversely affected by changes in the relevant tax, accounting and other laws, regulations, principles and interpretations, including those relating to income tax nexus, by our earnings being lower than anticipated in jurisdictions where we have lower statutory rates and higher than anticipated in jurisdictions where we have higher statutory rates, by challenges to our intercompany relationships and transfer pricing arrangements, by changes in foreign currency exchange rates, or by changes in the valuationusers of our deferred tax assets and liabilities. Many countries and organizations such as the Organization for Economic Cooperation and Development are actively considering changes to existing tax laws or have proposed or enacted new tax laws that could increaseofferings may experience unsatisfactory results from using our tax liabilities in countries where we do business. The relevant taxing authorities may disagree with our determinations as to the income and expenses attributable to specific jurisdictions. If such a disagreement were to occur, and our position were not sustained, we could be required to pay additional taxes, interest and penalties,offerings, which could result in one-time tax charges, higher effective tax rates, reduced cash flows and lower overall profitability of our operations. We believe that our financial statements reflect adequate reserves to cover such a contingency, but there can be no assurances in that regard.
Our financial results may be adversely affected by changes in accounting principles applicable to us.
Generally accepted accounting principles in the United States (“U.S. GAAP”) are subject to interpretation by the Financial Accounting Standards Board (“FASB”), the SEC, and other various bodies formed to promulgate and interpret appropriate accounting principles. A change in accounting principles could adversely affect our financial resultsreputation and could affect the reporting of transactions already completed before the announcement of a change. Any difficulties in implementing these pronouncements could cause usour ability to fail to meetgrow our financial reporting obligations, which could result in regulatory discipline and harm investors’ confidence in us.business.
Servicing our debt requires a significant amount of cash, and we may not have sufficient cash flow from our business to pay our substantial debt.
Our ability to make scheduled payments of the principal of, to pay interest on or to refinance our indebtedness, including the $1.27 billion aggregate principal amount of 1.125% Convertible Senior Notes due 2027 (the “2027 Notes”), $776.7 million aggregate principal amount of 0.50% Convertible Senior Notes due 2023 (the “2023 Notes”) and $862.5 million aggregate principal amount of 1.125% Convertible Senior Notes due 2025 (collectively,(the “2025 Notes” and collectively, the “Notes”) that we issued in June 2020 and September 2018, depends on our future performance, which is subject to economic, financial, competitive and other factors beyond our control. We recently lowered our cash flow guidance due to the effect of our transition to a renewable business model. If the assumptions underlying our cash flow guidance are incorrect, for example, due to the unknown impacts of the COVID-19 pandemic, our business may not continue to generate cash flow from operations in the future sufficient to service our debt, including the Notes, and make necessary capital expenditures. If we are unable to generate such cash flow, we may be required to adopt one or more alternatives, such as selling assets, restructuring debt or issuing additional equity, equity-linked or debt instruments on terms that may be onerous or highly dilutive. Our ability to refinance our indebtedness will depend on the capital markets and our financial condition at such time. We may not be ableIf we are unable to engage in any of these activities or engage in these activities on desirable terms, which could result in a default onwe may be unable to meet our debt obligations, including the Notes.Notes, which would materially and adversely impact our business, financial condition and operating results.
Conversion of the Notes may dilute the ownership interest of our stockholders or may otherwise depress the price of our common stock.
The conversion of some or all of the Notes may dilute the ownership interests of our stockholders. Upon conversion of the Notes, we have the option to pay or deliver, as the case may be, cash, shares of our common stock, or a combination of cash and shares of our common stock. If we elect to settle our conversion obligation in shares of our common stock or a combination of cash and shares of our common stock, any sales in the public market of our common stock issuable upon such conversion could adversely affect prevailing market prices of our common stock. Holders of the Notes may hedge their positions in the Notes by entering into short positions with respect to the underlying common stock. In addition, any anticipated conversion of the Notes into shares of our common stock could depress the price of our common stock.
The conditional conversion feature of the Notes, if triggered, may adversely affect our financial condition and operating results.
In the event the conditional conversion feature of a series of Notes is triggered, holders of such Notes will be entitled under the applicable indenture governing such Notes to convert their Notes at any time during specified periods at their option. If one or more holders of a series of Notes elect to convert theirsuch Notes, unless we elect to satisfy our conversion obligation by delivering solely shares of our common stock, we would be required to settle a portion or all of our conversion obligation through the payment of cash, which could adversely affect our liquidity. In addition, even ifin certain circumstances, such as conversion by holders do not elect to convert their Notes, when these conversion triggers have been satisfied,or redemption, we could be required under applicable accounting rules to reclassify all or a portion of the outstanding principal of the relevant series of Notes as a current rather than long-term liability, which would result in a material reduction of our net working capital.
The accounting method for convertible debt securities that may be settled in cash, such as the Notes, could have a material effect on our reported financial results.
In May 2008, the Financial Accounting Standards Board (“FASB”) issued FASB Staff Position No. APB 14-1, Accounting for Convertible Debt Instruments That May Be Settled in Cash Upon Conversion (Including Partial Cash Settlement), which has subsequently been codified asUnder Accounting Standards Codification 470-20, Debt with Conversion and Other Options (“ASC 470-20”).
Under ASC 470-20,, an entity must separately account for the liability and equity components of the convertible debt instruments (such as the Notes) that may be settled entirely or partially in cash upon conversion in a manner that reflects the issuer’s economic interest cost. The effect of ASC 470-20 on the accounting for the Notes is that the equity component is required to be included in the additional paid-in capital section of stockholders’ equity in our consolidated balance sheet at issuance, and the value of the equity component is treated as original issuea discount for purposes of accounting for the debt component of the Notes. As a result, we are required to record a greater amount of non-cash interest expense in current periods presented as a result of the amortization of the discounted carrying value of the Notes to their respective face amounts over their respective terms. We report larger net losses or lower net income in our financial results because ASC 470-20 requires interest to include both the current period’s amortization of the debt discount and the instrument’s non-convertible coupon interest rate, which could adversely affect our reported or future financial results, the trading price of our common stock and the trading price of the Notes.
In addition, under certain circumstances, convertible debt instruments (such as the Notes) that may be settled entirely or partly in cash are currently accounted for utilizing the treasury stock method for earnings per share purposes, the effect of which is that the shares issuable upon conversion of a series of Notes are not included in the calculation of diluted earnings per share except to the extent that the conversion value of such series of Notes exceeds their principal amount. Under the treasury stock method, for diluted earnings per share purposes, the transaction is accounted for as if the number of shares of common stock that would be necessary to settle such excess, if we elected to settle such excess in shares, are issued.
We cannot be sure that the accounting standards in the future will continue to permit the use of the treasury stock method. For example, the FASB recently published an exposure draft proposing to amend these accounting standards to eliminate the treasury stock method for convertible instruments and instead require application of the “if-converted” method. Under that method, if it is adopted, diluted earnings per share would generally be calculated assuming that all the Notes were converted solely into shares of common stock at the beginning of the reporting period, unless the result would be anti-dilutive. If we are unable or otherwise elect not to use the treasury stock method in accounting for the shares issuable upon conversion of the Notes, then our diluted earnings per share would be negatively affected.
The Capped Calls may affect the value of our common stock.
In connection with the offeringofferings of the Notes, we entered into privately negotiated capped call transactions with certain counterparties (the(collectively, the “Capped Calls”). The Capped Calls relating to the 2023 Notes cover, subject to customary adjustments, the number of shares of our common stock that will initially underlie the 2023 Notes, and the Capped Calls relating to the 2025 Notes cover, subject to customary adjustments, the number of shares of our common stock that will initially underlie the 2025 Notes, and the Capped Calls relating to the 2027 Notes cover, subject to customary adjustments, the number
of shares of our common stock that will initially underlie the 2027 Notes. The Capped Calls are expected generally to offset the potential dilution to our common stock as a result of any conversion of the relevant series of Notes. The counterparties to the Capped Calls may modify their hedge positions by entering into or unwinding various derivatives with respect to our common stock and/or purchasing or selling our common stock or other securities of ours in secondary market transactions prior to the maturity of the Notes (and are likely to do so on each exercise date for the Capped Calls, or following any termination of any portion of the Capped Calls in connection with any repurchase, redemption or early conversion of the Notes), which could increase or decrease the market price of our stock price.common stock. If any such Capped Calls fail to become effective, the counterparties may unwind their hedge positions with respect to our common stock, which could also adversely affect the price of our common stock.
We are subject to counterparty risk with respect to the Capped Calls.
The counterparties to the Capped Calls are financial institutions, and we will be subject to the risk that one or more of the option counterparties may default, fail to perform or exercise their termination rights under the Capped Calls. Our exposure to the credit risk of the option counterparties will not be secured by any collateral. If a counterparty to the Capped Calls becomes subject to insolvency proceedings, we will become an unsecured creditor in those proceedings with a claim equal to our exposure at the time under such transaction. Our exposure will depend on many factors but, generally, our exposure will increase if the market price or the volatility of our common stock increases. In addition, upon a default, failure to perform or a termination of the Capped Calls by a counterparty, we may suffer more dilution than we currently anticipate with respect to our common stock. We can provide no assurances as to the financial stability or viability of the counterparties.
Our stock price has been volatile, may continue to be volatile and may decline regardless of our financial performance.
The trading prices of the securities of technology companies have been highly volatile. The market price of our common stock has fluctuated significantly and may continue to fluctuate significantly in response to numerous factors, many of which are beyond our control, including:
•actual or anticipated fluctuations in our financial results;
•the financial projections we provide to the public, any changes in these projections or our failure to meet or exceed these projections;
•the impact of our businessshift to a subscription model, transition on our revenue mix, as well as increased annual invoicing and decreased multi-year upfront invoicing, which may impact our revenue, deferred revenue, cash collections, billings, remaining performance obligations, gross margin and operating income;
•failure of securities analysts to initiate or maintain coverage of our company, changes in financial estimates by any securities analysts who follow our company, or our failure to meet these estimates or the expectations of investors;
•ratings changes by any securities analysts who follow our company;
•announcements by us or our competitors of significant technical innovations, acquisitions, strategic partnerships, joint ventures or capital commitments;
•changes in operating performance and stock market valuations of other technology companies generally, or those in our industry in particular;
•price and volume fluctuations in certain categories of companies or the overall stock market, including as a result of trends in the global economy;
•public health crises, such as the COVID-19 pandemic, and related measures by private industry and governments to protect the public health;
•general economic and political conditions and uncertainty, both domestically and internationally, as well as economic and political conditions and uncertainty specifically affecting industries in which our customers participate, including impacts from the COVID-19 pandemic;
•any major change in our board of directors or management;
•lawsuits threatened or filed against us;
•actual or perceived security breaches or incidents; and
•other events or factors, including those resulting from war, incidents of terrorism or responses to these events.
In addition, the stock markets, and in particular the market on which our common stock is listed, have experienced extreme price and volume fluctuations that have affected and continue to affect the market prices of equity securities of many technology companies. Stock prices of many technology companies have fluctuated in a manner unrelated or disproportionate to the financial performance of those companies. In the past, stockholders have institutedfollowing periods of market volatility, securities class action litigation following periodsand stockholder derivative litigation have often been instituted. In December 2020, a putative class action lawsuit was filed in the U.S. District Court for the Northern District of market volatility.California against us, our CEO and our CFO alleging violations of the Securities Exchange Act of 1934, as amended (the “Exchange Act”), for allegedly making materially false and misleading statements regarding our financial guidance. On March 16, 2021, the Court appointed lead plaintiff and lead counsel in the case. In February and March 2021, two derivative lawsuits related to the securities class action were filed. These lawsuits could subject us to substantial costs, divert resources and the attention of management from our business and adversely affect our business, results of operations, financial condition and cash flows. If we were to become involved in securitiesadditional litigation in the future, it also could subject us to substantial costs, divert resources and the attention of management from our business and adversely affect our business, results of operations, financial condition and cash flows.
Climate change may have a long-term impact on our business.
The long-term effects of climate change on the global economy and the technology industry in particular are unclear, however we recognize that there are inherent climate related risks wherever business is conducted. Our business operations are subject to interruption by natural disasters, flooding, fire, power shortages, pandemics such as the COVID-19 pandemic, terrorism, political unrest, telecommunications failure, vandalism, cyber-attacks, geopolitical instability, war, the effects of climate change and other events beyond our control. For example, our California corporate offices are located near major seismic faults, and have also historically experienced, and are projected to continue to experience, climate-related events including drought and water scarcity, warmer temperatures, wildfires and air quality impacts and power shut-offs associated with wildfire prevention. Although we maintain crisis management and disaster response plans, such events could make it difficult or impossible for us to deliver our services to our customers, could decrease demand for our services, and could cause us to incur substantial expense. Our insurance may not be sufficient to cover losses or additional expenses that we may sustain. Climate-related events, including the increasing frequency of extreme weather events and their impact on critical infrastructure in the United States and elsewhere, have the potential to disrupt our business, our third-party suppliers, and/or the business of our customers, and may cause us to experience higher attrition, losses and additional costs to maintain and resume operations.
We could be subject to additional tax liabilities.
We are subject to federal, state and local taxes in the United States and numerous foreign jurisdictions. Significant judgment is required in evaluating our tax positions and our worldwide provision for taxes as there are many activities and transactions for which the ultimate tax determination is uncertain. The relevant taxing authorities may disagree with our determinations as to the income and expenses attributable to specific jurisdictions. If such a disagreement were to occur, and our position were not sustained, we could be required to pay additional taxes, interest and penalties, which could result in one-time tax charges, higher effective tax rates, reduced cash flows and lower overall profitability of our operations. At any given time, we are subject to routine inquiries from taxing jurisdictions worldwide and are working to resolve these various routine questions and potential errors. Our financial statements reflect our best judgement of needed reserves to cover known contingencies, but there can be no assurances on the final outcome of any tax assessment. In addition, our tax obligations and effective tax rates could be adversely affected by changes in the relevant tax, accounting and other laws, regulations, principles and interpretations, including those relating to income tax nexus, by our earnings being lower than anticipated in jurisdictions where we have lower statutory rates and higher than anticipated in jurisdictions where we have higher statutory rates, by challenges to our intercompany relationships and transfer pricing arrangements, by changes in foreign currency exchange rates, or by changes in the valuation of our deferred tax assets and liabilities. Many countries and organizations such as the Organization for Economic Cooperation and Development are actively considering changes to existing tax laws or have proposed or enacted new tax laws that could increase our tax liabilities in countries where we do business.
Changes in accounting pronouncements and other financial and nonfinancial reporting standards.
Generally accepted accounting principles in the United States (“U.S. GAAP”) are subject to interpretation by the Financial Accounting Standards Board (“FASB”), the SEC, and other various bodies formed to promulgate and interpret appropriate accounting principles. We regularly monitor our compliance with applicable financial reporting standards and review new pronouncements and interpretations that are relevant to us. As a result of new standards, changes to existing standards and changes in their interpretation, we may be required to change our accounting policies, to alter our operational policies to implement new or enhance existing systems so that they reflect new or amended financial reporting standards, and to adjust our published financial statements. Such changes may have an adverse effect on our business, financial position and operating results, or cause an adverse deviation from our revenue and operating profit targets, which may negatively impact our financial results.
In addition, as we work to align with the recommendations of the Sustainability Accounting Standards Board (“SASB”), and our own ESG materiality assessment, we have expanded and, in the future, may continue to expand our disclosures in these areas. Our failure to report accurately or achieve progress on our metrics on a timely basis, or at all, could adversely affect our reputation, business, financial performance and growth.
The requirements of being a public company and a growing and increasingly complex organization may strain our resources, divert management’s attention and affect our ability to attract and retain executive management and qualified board members.
We are subject to the reporting requirements of the Securities Exchange Act, of 1934 (the “Exchange Act”), the Sarbanes-Oxley Act, the Dodd-Frank Act, the listing requirements of The NASDAQ Stock Market and other applicable securities rules and regulations. Compliance with these rules and regulations has increased and may continue to increase our legal and financial compliance costs, made some activities more difficult, time-consuming or costly and increased and will continue to increase demand on our systems and resources.
In addition, changing laws, regulations, standards and practices relating to corporate governance and public disclosure are creating uncertainty for public companies, increasing legal and financial compliance costs and making some activities more time consuming. These laws, regulations, standards and practices are subject to varying interpretations, in many cases due to their lack of specificity, and, as a result, their application in practice may evolve over time as regulatory and governing bodies provide new guidance or as market practices develop. This could result in continuing uncertainty regarding compliance matters and higher costs necessitated by ongoing revisions to disclosure and governance practices.
From time to time, public companies are subject to campaigns by investors seeking to increase short-term stockholder value through actions such as financial restructuring, increased debt, special dividends, stock repurchases, management changes or sales of assets or the entire company. If stockholders attempt to effect such changes or acquire control over us, responding to such actions would be costly, time-consuming and disruptive, which could adversely affect our results of operations, financial results and the value of our common stock. These factors could also make it more difficult for us to attract and retain qualified employees, executive officers and members of our board of directors.
Anti-takeover provisions in our charter documents and under Delaware law could make an acquisition of our company more difficult, limit attempts by our stockholders to replace or remove our current management and limit the market price of our common stock.
Provisions in our amended and restated certificate of incorporation and amended and restated bylaws may have the effect of delaying or preventing a change of control or changes in our management. Our amended and restated certificate of incorporation and amended and restated bylaws include provisions that:
•authorize our board of directors to issue, without further action by the stockholders, shares of undesignated preferred stock with terms, rights and preferences determined by our board of directors;
•require that any action to be taken by our stockholders be effected at a duly called annual or special meeting and not by written consent;
•specify that special meetings of our stockholders can be called only by our board of directors, the Chairman of our board of directors, or our Chief Executive Officer;
•establish an advance notice procedure for stockholder proposals to be brought before an annual meeting, including proposed nominations of persons for election to our board of directors;
•establish that our board of directors is divided into three classes, Class I, Class II and Class III, with each class serving three-year staggered terms;
•prohibit cumulative voting in the election of directors;
•provide that our directors may be removed only for cause;
•provide that vacancies on our board of directors may be filled only by a majority of directors then in office, even though less than a quorum; and
•require the approval of our board of directors or the holders of a supermajoritysuper majority of our outstanding shares of capital stock to amend our amended and restated bylaws and certain provisions of our amended and restated certificate of incorporation.
These provisions may frustrate or prevent any attempts by our stockholders to replace or remove our current management by making it more difficult for stockholders to replace members of our board of directors, which is responsible for appointing the members of our management. In addition, because we are incorporated in Delaware, we are governed by the provisions of Section 203 of the Delaware General Corporation Law, which generally prohibits a Delaware corporation from engaging in any of a broad range of business combinations with any “interested” stockholder for a period of three years following the date on which the stockholder became an “interested” stockholder.
| | |
|
Item 1B. Unresolved Staff Comments |
None.
Our corporate headquarters at 270 Brannan Street occupy approximately 182,000 square feet under aan office lease thatwherein approximately 50% expires in February 2023 and the balance expires in February 2024. Additionally, we have an office lease for approximately 235,000 square feet located at 3098 Olsen Drive, San Jose, California that expires in August 2027 for our business operations, sales, support and product development. During the fiscal year ended January 31, 2019, we entered into an office lease for approximately 300,000 square feet located at 3060 Olsen Drive, San Jose, California. We lease smaller regional offices for our business operations, sales, support and some product development in various locations throughout the United States. Our foreign subsidiaries lease office space for their operations including local sales, support and some product development. While we believe our facilities are sufficient and suitable for theour current operations, of our business today, we are in the process of adding new facilitiesevaluating future office space needs and expandingconfigurations to support our existing facilities as we add employees and expand into additional markets.growing workforce post COVID-19.
During the fiscal year ended January 31, 2019, we entered into an office lease for approximately 300,000 square feet located at 3060 Olsen Drive, San Jose, California. We expect to occupy the premises at 3060 Olsen Drive during the first half of fiscal 2021.
| | |
|
Item 3. Legal Proceedings |
The information set forth under Legal Proceedings in Note 3 contained in the “Notes to Consolidated Financial Statements” is incorporated herein by reference.
| | |
|
Item 4. Mine Safety Disclosures |
Not applicable.
PART II
| | |
|
Item 5. Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities |
Common Stock
Our common stock, $0.001 par value, began trading on the NASDAQ Global Select Market on April 19, 2012, where its prices are quoted under the symbol “SPLK.” As of January 31, 2020,2021, there were 8359 holders of record of our common stock. Because many of our shares of common stock are held by brokers and other institutions on behalf of stockholders, we are unable to estimate the total number of beneficial holders represented by these record holders, but it is well in excess of the number of record holders.
Stock Performance Graph
This chart compares the cumulative total return on our common stock with that of the NASDAQ Composite index and the NASDAQ Computer index for each of the last five fiscal years ended January 31, 2020,2021, assuming an initial investment of $100. The NASDAQ Computer index utilizes the same methods of presentation and assumptions for the total return calculation as does Splunk and the NASDAQ Composite index.
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
Company/Index | | 1/31/16 | | 1/31/17 | | 1/31/18 | | 1/31/19 | | 1/31/20 | | 1/31/21 |
Splunk Inc. | | $ | 100.00 | | | $ | 124.99 | | | $ | 199.55 | | | $ | 269.69 | | | $ | 335.41 | | | $ | 356.51 | |
NASDAQ Composite | | $ | 100.00 | | | $ | 123.23 | | | $ | 164.43 | | | $ | 163.31 | | | $ | 207.46 | | | $ | 298.92 | |
NASDAQ Computer | | $ | 100.00 | | | $ | 123.65 | | | $ | 174.81 | | | $ | 171.09 | | | $ | 246.18 | | | $ | 359.68 | |
The following discussion and analysis of our financial condition and results of operations should be read in conjunction with our consolidated financial statements and related notes appearing elsewhere in this Annual Report on Form 10-K. This discussion contains forward-looking statements based upon current expectations that involve risks and uncertainties. Our actual results may differ materially from those anticipated in these forward-looking statements as a result of various factors, including those set forth under “Risk Factors” included in Part I, Item 1A or in other parts of this report.
We intend to continue investing for long-term growth. We have invested and intend to continue to invest heavily in product development to deliver additional features and performance enhancements, deployment models and solutions that can address new end markets. For example, during fiscal 2020, we released new versions of existing offerings such as Splunk ITSI and Splunk ES and introduced Splunk Data Fabric Search (“DFS”) and Splunk Data Stream Processor (“DSP”). We also introduced Splunk Business Flow, a process mining solution that enables process improvement and business operations professionals to discover, investigate, and check conformance of any business process. We expect to continue to aggressively expand our sales and marketing organizations to market and sell our software both in the United States and internationally.
We have utilized and expect to continue to utilize acquisitions to contribute to our long-term growth objectives. During fiscal 2020,2021, we completed the acquisitions of SignalFx, Inc. (“SignalFx”), a developer of real-timeacquired companies that expand our observability capabilities, including companies that offer auto-instrumentation, real user monitoring, application performance monitoring, advanced synthetic monitoring, web optimization and metrics for
In December 2019, COVID-19 was reported in China, in January 2020 the World Health Organization (“WHO”) declared it a Public Health Emergency of International Concern, and in March 2020 the WHO declared it a pandemic. The extentThis pandemic has had widespread, rapidly evolving, and unpredictable impacts on global economies, financial markets and business practices, and we anticipate governments and businesses will continue to take additional actions or extend existing actions to respond to the ongoing risks of the COVID-19 pandemic. The pandemic has impacted, and could further impact, our business and that of our customers as a result of quarantines, various local, state and federal government public health orders, and other restrictions. For example, we temporarily closed the majority of our global offices, required most of our employees to work remotely, implemented travel restrictions, and shifted certain of our customer-focused and corporate events to online-only experiences. Macroeconomic uncertainties resulting from the COVID-19 pandemic have also caused some of our customers to delay spending commitments, particularly for certain high-dollar and long-term contracts. The long-term impact of COVID-19 on our operational and financial performance will depend on certain developments, including the duration, spread, severity and spreadpotential recurrence of the outbreak,virus. Our future performance will also depend on the impact of COVID-19 on our customers, partners, employee productivity and our sales cycles, and impact on our partners or employees, allincluding as a result of whichtravel restrictions. These potential developments are uncertain and cannot be predicted. At this point,predicted and as such, the extent to which COVID-19 maywill impact our business, operations, financial condition orand results of operations over the long term is uncertain.unknown. If we experience an increase in curtailed customer demand, reduced customer spend or contract duration, delayed collections, lengthened payment terms, lengthened sales cycles or competition due to changes in terms and conditions and pricing of our competitors’ products and services, our business, results of operations and overall financial performance in future periods could be materially adversely affected. Furthermore, due to our shift to a renewablesubscription model, the effect of COVID-19 may not be fully reflected in our results of operations and overall financial performance until future periods, ifperiods. For additional discussion of the potential impacts of the COVID-19 pandemic on our business, operating results and financial condition, refer to “Risk Factors” in Part I, Item 1A of this Annual Report on Form 10-K.
Our quarterly results reflect seasonality in the sale of our offerings. Historically, a pattern of increased license sales in the fourth fiscal quarter as a result of industry buying patterns has positively impacted sales activity in that period, which can result in lower sequential revenue in the first fiscal quarter. We expect some of this seasonality to continue in fiscal 20212022 and beyond.beyond as license sales activity continues, however we expect the impact of this seasonality to decrease over time as a higher percentage of our revenues come from cloud services. As we continue to expect seasonally higher bookings and billings in the fiscal fourth quarter, with more of our revenue being recognized ratably there will also be a seasonal impact on our remaining performance obligations and deferred revenue. Our gross margins and operating losses have been affected by these historical trends because the majority of our expenses are relatively fixed in the short term. The timing of revenues in relation to our expenses, much of which does not vary directly with revenues, has an impact on the cost of revenues, research and development expense, sales and marketing expense and general and administrative expense as a percentage of revenues in each fiscal quarter during the year. The majority of our expenses are personnel-related and include salaries, stock-based compensation, benefits and incentive-based compensation plan expenses. As a result, we have not experienced significant seasonal fluctuations in the timing of expenses from period to period. Although these seasonal factors are common in the technology industry, historical patterns should not be considered a reliable indicator of our future sales activity or performance.
Our principal sources of liquidity are our cash and cash equivalents, investments and net accounts receivable. As of January 31, 2020,2021, we had $1.79$1.87 billion of cash, cash equivalents and investments of which $85.4$227.4 million was held by foreign subsidiaries. We believe that these funds will be sufficient to meet our anticipated cash needs for at least the next 12 months.
In the event that additional financing is required from outside sources, we may not be able to raise it on terms acceptable to us, if at all. If we are unable to raise additional capital when desired, our business, operating results and financial condition could be adversely affected.
Operating activities consist of our net loss adjusted for certain non-cash items and changes in operating assets and liabilities during the year.
Other than the United States, no country represented 10% or more of our total long-lived assets as of January 31, 20202021 or 2019.2020.
On October 1, 2019, we acquired 100% of the voting equity interest of SignalFx, Inc. (“SignalFx”), a privately-held Delaware corporation that develops real-time monitoring solutions for cloud infrastructure, microservices and applications. This acquisition has been accounted for as a business combination. The total fair value of consideration transferred for this acquisition was $961.4 million, which consisted of $619.1 million in cash, $324.5 million for the fair value of 2,771,482 shares of our common stock issued and $17.8 million in fair value of replacement equity awards attributable to pre-acquisition service. The purchase price was allocated as follows: $173.7 million to identified intangible assets, $62.1 million to net assets acquired and $3.3 million to net deferred tax liabilities, with the excess $728.9 million of the purchase price over the fair value of net tangible and intangible assets acquired recorded as goodwill, allocated to our one operating segment. Goodwill is primarily attributable to the value expected from the synergies of the combination, including combined selling opportunities with our products. This goodwill is not deductible for income tax purposes. The results of operations of SignalFx have been included onin our consolidated financial statements from the date of purchase. Additionally, we recognized $7.0 million of acquisition-related costs in “General and administrative” expense on our consolidated statements of operations.
Per the terms of the merger agreement with SignalFx, certain unvested stock options, restricted stock units and restricted stock awards held by SignalFx employees were canceled and exchanged for replacement equity awards under our 2012 Equity Incentive Plan. Additionally, certain shares of stock issued pursuant to share-based compensation awards held by key employees of SignalFx were canceled and exchanged for replacement equity awards consisting of unregistered restricted shares of our common stock subject to vesting. The portion of the fair value of the replacement equity awards associated with pre-acquisition service of SignalFx’s employees represented a component of the total purchase consideration, as discussed above. The remaining fair value of $104.7 million of these issued awards, which are subject to the recipients’ continued service with us and thus excluded from the purchase price, will be recognized ratably as stock-based compensation expense over the required service period. We are still finalizing the allocation of the purchase price, which may be subject to change as additional information becomes available to us.
The following table sets forth the components of identifiable intangible assets acquired and their estimated useful lives as of the date of acquisition:
We applied significant judgment in determining the fair value of the intangible assets acquired, which involved the use of significant estimates and assumptions with respect to revenue growth rates, royalty rate and technology migration curve.
On September 13, 2019, we acquired 100% of the voting equity interest of Cloud Native Labs, Inc. (“Omnition”), a privately-held Delaware corporation that develops a platform for distributed tracing and application monitoring. This acquisition has been accounted for as a business combination. The total fair value of consideration transferred for this acquisition was $52.5 million, which consisted of $31.6 million in cash, $20.2 million for the fair value of 176,989 shares of our common stock issued and $0.7 million in fair value of replacement equity awards attributable to pre-acquisition service. The purchase price was allocated to $8.0 million of identified intangible assets, with the excess $44.5 million of the purchase price over the fair value of net tangible and intangible assets acquired recorded as goodwill, allocated to our one operating segment. Goodwill is primarily attributable to the value expected from the synergies of the combination, including combined selling opportunities with our products. This goodwill is not deductible for income tax purposes. The results of operations of Omnition which are not material, have been included onin our consolidated financial statements from the date of purchase.
The following table sets forth the components of identifiable intangible assets acquired and their estimated useful lives as of the date of acquisition:
On November 1, 2019, we acquired 100% of the voting equity interest of Streamlio, Inc. (“Streamlio”), a privately-held Delaware corporation that specializes in designing and operating streaming data solutions. This acquisition has been accounted for as a business combination. The total fair value of consideration transferred for this acquisition was $19.8 million, which consisted of $18.7 million in cash and $1.1 million in fair value of replacement equity awards attributable to pre-acquisition service. The purchase price was allocated as follows: $3.6 million to identified intangible assets and $0.1 million to net assets acquired, with the excess $16.1 million of the purchase price over the fair value of net tangible and intangible assets acquired recorded as goodwill, allocated to our one operating segment. Goodwill is primarily attributable to the value expected from the synergies of the combination, including combined selling opportunities with our products. This goodwill is not deductible for income tax purposes. The results of operations of Streamlio have been included onin our consolidated financial statements from the date of purchase.
The following table sets forth the components of identifiable intangible assets acquired and their estimated useful lives as of the date of acquisition:
On April 6, 2018, we acquired 100% of the voting equity interest of Phantom Cyber Corporation (“Phantom”), a privately-held Delaware corporation that develops solutions for security orchestration, automation and response. This acquisition has been accounted for as a business combination. The total fair value of consideration transferred for this acquisition was $303.8 million, which consisted of $291.5 million in cash and $12.3 million in fair value of replacement equity awards attributable to pre-acquisition service. The purchase price was allocated as follows: $44.1 million to identified intangible assets, $10.5 million to net assets acquired, $3.3 million to net deferred tax liability, with the excess $252.5 million of the purchase price over the fair value of net tangible and intangible assets acquired recorded as goodwill, allocated to our one operating segment. Goodwill is primarily attributable to the value expected from the synergies of the combination, including combined selling opportunities with our products. This goodwill is not deductible for income tax purposes. The results of operations of Phantom, which are not material, have been included onin our consolidated financial statements from the date of purchase. Additionally, we recognized $3.3 million of acquisition-related costs in “General and administrative” expense on our consolidated statements of operations.
The following table sets forth the components of identifiable intangible assets acquired and their estimated useful lives as of the date of acquisition:
On June 22, 2018, we acquired 100% of the voting equity interest of VictorOps, Inc. (“VictorOps”), a privately-held Delaware corporation that develops incident management solutions for the IT and DevOps markets. This acquisition has been accounted for as a business combination. The total fair value of consideration transferred for this acquisition
was $112.3 million, which consisted of $108.8 million in cash and $3.5 million in fair value of replacement equity awards attributable to pre-acquisition service. The purchase price was allocated as follows: $21.1 million to identified intangible assets, $1.7 million to net assets acquired, with the excess $89.5 million of the purchase price over the fair value of net tangible and intangible assets acquired recorded as goodwill, allocated to our one operating segment. Goodwill is primarily attributable to the value expected from the synergies of the combination, including combined selling opportunities with our products. This goodwill is not deductible for income tax purposes. The results of operations of VictorOps, which are not material, have been included onin our consolidated financial statements from the date of purchase. Additionally, we recognized $2.7 million of acquisition-related costs in “General and administrative” expense on our consolidated statements of operations.
The following table sets forth the components of identifiable intangible assets acquired and their estimated useful lives as of the date of acquisition:
The following unaudited pro forma information presents the combined results of operations as if the acquisitions of SignalFx, Omnition, VictorOps and Phantom had been completed in the beginning of the applicable comparable prior annual reporting period. The unaudited pro forma results include adjustments primarily related to the following: (i) amortization associated with preliminary estimates for the acquired intangible assets; (ii) recognition of post-acquisition stock-based compensation; (iii) the effect of recording deferred revenue at fair value; (iv) elimination of historical interest expense related to
debt extinguished in the acquisition of SignalFx; (v) the inclusion of acquisition costs as of the earliest period presented; and (iv)(vi) the associated tax impact of the acquisitions and these unaudited pro forma adjustments.
The unaudited pro forma results do not reflect any cost saving synergies from operating efficiencies or the effect of the incremental costs incurred from integrating these companies. Accordingly, these unaudited pro forma results are presented for informational purposes only and are not necessarily indicative of what the actual results of operations of the combined company would have been if the acquisitions had occurred at the beginning of the period presented, nor are they indicative of future results of operations:
The expected future amortization expense for acquired intangible assets as of January 31, 20202021 is as follows:
In September 2018, we issued $1.27 billion aggregate principal amount of 0.50% Convertible Senior Notes due 2023 (the “2023 Notes”), including the exercise in full by the initial purchasers of the 2023 Notes of their option to purchase an
additional $165.0 million principal amount of 2023 Notes, and $862.5 million aggregate principal amount of 1.125% Convertible Senior Notes due 2025 (the “2025 Notes” and, together with the 2023 Notes, the “Notes”), including the exercise in full by the initial purchasers of the 2025 Notes of their option to purchase an additional $112.5 million principal amount of 2025 Notes. The 2023 Notes and the 2025 Notes are general senior, unsecured obligations of Splunk. The total proceeds from the issuance of the 2023 Notes and the 2025 Notes was $2.11 billion, net of initial purchaser discounts and other issuance costs.
The 2023 Notes will mature on September 15, 2023, and the 2025 Notes will mature on September 15, 2025, in each case unless earlier redeemed, repurchased or converted. The 2023 Notes will bear interest from September 21, 2018 at a rate of 0.50% per year and the 2025 Notes will bear interest from September 21, 2018 at a rate of 1.125% per year, in each case payable semiannually in arrears on March 15 and September 15 of each year, beginning on March 15, 2019.
Upon conversion, we may satisfy our conversion obligation by paying and/or delivering, as the case may be, cash, shares of our common stock or a combination of cash and shares of our common stock, at our election, in the manner and subject to the terms and conditions provided in the relevant indenture. ItUpon any conversion of the Notes of a series, it is our current intent to settle the conversionsfirst $1,000 of conversion value of each $1,000 principal amount of thesuch Notes in cash and the remaining conversion value, if any, in shares of common stock. If we undergo a fundamental change (as defined in each indenture)the applicable indenture governing the relevant series of Notes), holders may require us to repurchase for cash all or any portion of their Notes of the relevant series at a fundamental change repurchase price equal to 100% of the principal amount of the relevant series of Notes to be repurchased, plus accrued and unpaid interest to, but excluding, the fundamental change repurchase date. In addition, following certain corporate events that occur prior to the relevant maturity date of a series of Notes or if we deliver a notice of redemption in respect of a series of Notes, we will, in certain circumstances, increase the conversion rate of the relevant series of Notes for a holder of such series who elects to convert its Notes of the applicable series in connection with such corporate event or notice of redemption, as the case may be. During the fiscal yearthree months ended January 31, 2020,2021, the conditions allowing holders of the Notes to convert were not met. The Notes wereare therefore not convertible during the fiscal year ended January 31, 2020 and were classified as long-term debt on our consolidated balance sheets.sheet as of January 31, 2021.
case if the last reported sale price of our common stock has been at least 130% of the conversion price for the relevant series of Notes then in effect for at least 20 trading days (whether or not consecutive) during any 30 consecutive trading day period (including the last trading day of such period) ending on, and including, the trading day immediately preceding the date on which we provide notice of redemption at a redemption price equal to 100% of the principal amount of the relevant series of Notes to be redeemed, plus accrued and unpaid interest to, but excluding, the relevant redemption date.
of the last day of trading for the period. The fair value of the Notes is primarily affected by the trading price of our common stock and market interest rates. The fair value of the Notes is considered a Level 2 measurement as they are not actively traded.
For accounting purposes, the Capped Calls are separate transactions, and not part of the terms of theany series of Notes. As these transactions meet certain accounting criteria, the Capped Calls qualify for a scope exception from derivative accounting for instruments that are recordedboth indexed to the issuer’s own stock and classified in stockholders’ equity and are not accounted for as derivatives. Thein its statement of financial position, the premium paid for the purchase of the Capped Calls in the amount of $274.3 million has been recorded as a reduction to additional“Additional paid-in capitalcapital” and will not be remeasured.
In November 2003, our board adopted the 2003 Equity Incentive Plan (the “2003 Plan”). The 2003 Plan authorizes the granting of common stock options and restricted stock awards to employees, directors and consultants.
In January 2012, our board approved the 2012 Equity Incentive Plan (the “2012 Plan”), which became effective on April 18, 2012. The 2012 Plan provides for the grant of incentive stock options, within the meaning of Section 422 of the Internal Revenue Code, to our employees and any parent and subsidiary corporations’ employees, and for the grant of nonstatutory stock options, restricted stock awards, restricted stock units, stock appreciation rights, performance units and performance shares to our employees, directors and consultants and any parent or subsidiary corporations’ employees and consultants. Upon the effectiveness of the 2012 plan, all shares that were reserved but not issued under the 2003 Plan became available for issuance under the 2012 Plan and 0 further shares will be granted pursuant to the 2003 Plan. Canceled or forfeited equity awards under the 2003 Plan will also become available for issuance under the 2012 Plan. The term of an incentive stock option may not exceed 10 years, except that with respect to any participant who owns more than 10% of the voting power of all classes or our outstanding stock, the term must not exceed 5 years. Options and RSUs generally vest over 4 years.
The 2012 plan provides for annual automatic increases on February 1 to the shares reserved for issuance. The automatic increase of the number of shares available for issuance under the 2012 Plan is equal to the lesser of 10 million shares, 5% of the outstanding shares of common stock as of the last day of our immediately preceding fiscal year or such other amount as our board may determine.
The following table summarizes our RSA activity during the fiscal year ended January 31, 2020:2021:
Our 2012 Employee Stock Purchase Plan (the “ESPP”) allows eligible employees to purchase shares of our common stock at a discount through payroll deductions of up to 15% of their eligible compensation, at not less than 85% of the fair market value, as defined in the ESPP, subject to any plan limitations. The ESPP provides for consecutive 12-month offering periods, starting on the first trading day on or after June 15 and December 15 of each year. The ESPP provides for an automatic increase of the number of shares available for issuance under the ESPP equal to the least of 4 million shares, 2% of the outstanding shares of our common stock on the last day of the immediately preceding fiscal year, or such other amount as may be determined by our board of directors.
The following table summarizes the assumptions used in the Black-Scholes option-pricing model to determine the fair value of our common shares under the ESPP:
The following table presents disaggregated revenues by major product or service type:
Revenues by geography are based on the shipping address of the customer. The following table presents our revenues by geographic region:
Other than the United States, no other individual country exceeded 10% of total revenues during any of the periods presented.
The following table presents revenues by channel partners representing 10% or more of total revenues:
The revenues from these channel partners are comprised of a number of customer transactions, none of which were individually greater than 10% of total revenues during fiscal 2021, 2020 2019 or 2018.2019.
The following table presents total current and non-current accounts receivable by channel partners representing 10% or more of total current and non-current accounts receivable:
Revenue allocated to remaining performance obligations represents contracted revenue that has not yet been recognized, which includes deferred revenue and non-cancelable amounts that will be invoiced and excludes performance obligations that are subject to cancellation terms. Our remaining performance obligations were $1.80$1.99 billion as of January 31, 2020,2021, of which we expect to recognize approximately 55%62% as revenue over the next 12 months and the remainder thereafter.
The reconciliation of federal statutory income tax rate to our effective income tax rate is as follows:
ASC Topic 740, Income Taxes, requires that the tax benefit of net operating losses, temporary differences and credit carryforwards be recorded as an asset to the extent that we assess that realization is more likely than not. Realization of the future tax benefits is dependent on our ability to generate sufficient taxable income within the carryforward period. Due to our history of U.S. operating losses, we believe the recognition of the deferred tax assets arising from the above-mentioned future tax benefits is currently not more likely than not to be realized and, accordingly, have provided a full valuation allowance against net U.S. deferred tax assets. The valuation allowance totaled $643.4$925.8 million and $481.3$643.4 million for fiscal 2021 and 2020, respectively. The valuation allowance on our net deferred tax assets increased by $282.4 million, $162.1 million and $12.3 million during fiscal 2021, 2020 and 2019, respectively.
If certain factors change, we may determine that there is sufficient positive evidence to support a reversal of, or decrease in, the valuation allowance. If we were to reverse all or some part of our valuation allowance, our consolidated financial statements in the period of reversal would likely reflect an increase in assets on our balance sheet and a corresponding tax benefit to our consolidated statements of operations in the amount of the reversal.
Because of certain prior period ownership changes, the utilization of a portion of our U.S. federal and state NOL and tax credit carryforwards may be limited.
We are required to identify, evaluate and measure all uncertain tax positions taken or to be taken on tax returns and to record liabilities for the amount of these positions that may not be sustained, or may only partially be sustained, upon examination by the relevant taxing authorities.
The potential change in unrecognized tax benefits during the next 12 months is not expected to be material.
We accrue interest and penalties related to unrecognized tax benefits as a component of income tax expense. Accrued interest and penalties as of January 31, 20202021 and 20192020 were not material.
Basic net loss per share is computed by dividing the net loss by the weighted-average number of shares of common stock outstanding during the period, less the weighted-average unvested common stock subject to repurchase or forfeiture. Diluted net loss per share is computed by giving effect to all potential shares of common stock, including convertible senior notes, preferred stock, stock options, RSUs, PSUs and RSAs to the extent dilutive.
The following table sets forth the computation of historical basic and diluted net loss per share:
Since we were in a net loss position for all periods presented, basic net loss per share is the same as diluted net loss per share for all periods as the inclusion of all potentially dilutive securities outstanding would have been anti-dilutive. Potentially dilutive securities that were not included in the diluted per share calculations because they would be anti-dilutive were as follows:
None.
Our management, with the participation of our Chief Executive Officer and our Chief Financial Officer, evaluated the effectiveness of our disclosure controls and procedures as of January 31, 2020.2021. The term “disclosure controls and procedures,” as defined in Rules 13a-15(e) and 15d-15(e) under the Exchange Act, means controls and other procedures of a company that are designed to ensure that information required to be disclosed by a company in the reports that it files or submits under the Exchange Act is recorded, processed, summarized and reported, within the time periods specified in the SEC’s rules and forms. Disclosure controls and procedures include, without limitation, controls and procedures designed to ensure that information required to be disclosed by a company in the reports that it files or submits under the Exchange Act is accumulated and communicated to the company’s management, including its principal executive and principal financial officers, as appropriate to allow timely decisions regarding required disclosure. Based on the evaluation of our disclosure controls and procedures as of January 31, 2020,2021, our Chief Executive Officer and Chief Financial Officer concluded that, as of such date, our disclosure controls and procedures were effective at the reasonable assurance level.
The effectiveness of our internal control over financial reporting as of January 31, 20202021 has been audited by PricewaterhouseCoopers LLP, an independent registered public accounting firm, as stated in their report which is included in Item 8 of this Annual Report on Form 10-K.
There was no change in our internal control over financial reporting identified in connection with the evaluation required by Rule 13a-15(d) and 15d-15(d) of the Exchange Act that occurred during the quarter ended January 31, 20202021 that has materially affected, or is reasonably likely to materially affect, our internal control over financial reporting.
Our management, including our Chief Executive Officer and Chief Financial Officer, believes that our disclosure controls and procedures and internal control over financial reporting are designed to provide reasonable assurance of achieving their objectives and are effective at the reasonable assurance level. However, our management does not expect that our disclosure controls and procedures or our internal control over financial reporting will prevent all errors and all fraud. A control system, no matter how well conceived and operated, can provide only reasonable, not absolute, assurance that the objectives of the control system are met. Further, the design of a control system must reflect the fact that there are resource constraints, and the benefits of controls must be considered relative to their costs. Because of the inherent limitations in all control systems, no evaluation of controls can provide absolute assurance that all control issues and instances of fraud, if any, have been detected. These inherent limitations include the realities that judgments in decision-making can be faulty, and that breakdowns can occur because of a simple error or mistake. Additionally, controls can be circumvented by the individual acts of some persons, by collusion of two or more people or by management override of the controls. The design of any system of controls also is based in part upon certain assumptions about the likelihood of future events, and there can be no assurance that any design will succeed in achieving its stated goals under all potential future conditions; over time, controls may become inadequate because of changes in conditions, or the degree of compliance with policies or procedures may deteriorate. Because of the inherent limitations in a cost-effective control system, misstatements due to error or fraud may occur and not be detected.
None.
Information responsive to this item is incorporated herein by reference to our definitive proxy statement with respect to our 20202021 Annual Meeting of Stockholders to be filed with the SEC within 120 days after the end of the fiscal year covered by this annual report on Form 10-K (the “Proxy Statement”).
The information required by this Item is incorporated herein by reference to the sections entitled “Executive Compensation” and “Corporate Governance at Splunk – Non-Employee Director Compensation” in our Proxy Statement.
The information required by this Item is incorporated herein by reference to the sections entitled “Stock Ownership Information – Security Ownership of Certain Beneficial Owners and Management,” and “Executive Compensation –Compensation Tables – Equity Compensation Plan Information” in our Proxy Statement.
The information required by this Item is incorporated herein by reference to the sections entitled “Corporate Governance at Splunk – Related Party and Other Transactions” and “Corporate Governance at Splunk – Director Independence” in our Proxy Statement.
The information required by this Item is incorporated herein by reference to the sections entitled “Audit Committee Matters – Fees Paid to the Independent Registered Public Accounting Firm” and “Audit Committee Matters – Audit Committee Policy on Pre-Approval of Audit and Permissible Non-Audit Services of Independent Registered Public Accounting Firm” in our Proxy Statement.
Not applicable.
Pursuant to the requirements of Section 13 or 15(d) of the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the undersigned, thereunto duly authorized, on March 26, 2020.
KNOW ALL THESE PERSONS BY THESE PRESENTS, that each person whose signature appears below constitutes and appoints Douglas S. Merritt, Jason E. Child and Scott Morgan, and each of them, his or her attorneys-in-fact, each with full power of substitution, for him or her in any and all capacities, to sign any and all amendments to this Annual Report on Form 10-K, and to file the same, with exhibits thereto and other documents in connection therewith, with the Securities and Exchange Commission, hereby ratifying and confirming all that each said attorneys-in-fact or their substitute or substitutes, may do or cause to be done by virtue hereof.
Pursuant to the requirements of the Securities Exchange Act of 1934, this Annual Report on Form 10-K has been signed below by the following persons on behalf of the registrant and in the capacities and on the dates indicated.