SECURITIES AND EXCHANGE COMMISSION
WASHINGTON, D. C. 20549
|☒||ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934|
For the Fiscal Year Ended: January 31, 2022
|☐||TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934|
Commission File Number: 001-35498
(Exact name of registrant as specified in its charter)
|(State or other jurisdiction of|| ||(I.R.S. Employer|
|incorporation or organization)|| ||Identification No.)|
270 Brannan Street
San Francisco, California 94107
(Address of principal executive offices)
(Registrant’s telephone number, including area code)
Securities Registered pursuant to Section 12(b) of the Act:
|Title of each class||Trading Symbol(s)||Name of each exchange on which registered|
|Common Stock, par value $0.001 per share||SPLK||The Nasdaq Stock Market LLC|
Securities registered pursuant to Section 12(g) of the Act: None
Indicate by check mark if the Registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities
Act: Yes ☒ No ☐
Indicate by check mark if the Registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the
Act: Yes ☐ No ☒
Indicate by check mark whether the Registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the Registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes ☒ No ☐
Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T during the preceding 12 months (or for such shorter period that the registrant was required to submit such files). Yes ☒ No ☐
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company” and “emerging growth company” in Rule 12b-2 of the Exchange Act.
|Large Accelerated Filer||☒||Accelerated Filer||☐|
|Non-Accelerated Filer||☐||Smaller Reporting Company||☐|
|Emerging Growth Company||☐|
If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act. ☐
Indicate by check mark whether the registrant has filed a report on and attestation to its management’s assessment of the effectiveness of its internal control over financial reporting under Section 404(b) of the Sarbanes-Oxley Act (15 U.S.C. 7262(b)) by the registered public accounting firm that prepared or issued its audit report. ☒
Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act). Yes ☐ No ☒
The aggregate market value of shares of common stock held by non-affiliates of the registrant was $16.0 billion, based on the number of shares held by non-affiliates and the last reported sale price of the registrant’s common stock on July 31, 2021 (the last business day of the registrant’s most recently completed second fiscal quarter).
The number of shares outstanding of the Registrant’s Common Stock as of March 17, 2022 was 160.7 million shares.
Documents Incorporated by Reference
Portions of the registrant’s definitive Proxy Statement for the 2022 Annual Stockholders’ Meeting are incorporated by reference into Part III of this Annual Report on Form 10-K.
Table of Contents
NOTE REGARDING FORWARD-LOOKING STATEMENTS
This Annual Report on Form 10-K, including but not limited to the sections entitled “Business,” “Risk Factors,” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” contains forward-looking statements that involve risks and uncertainties, as well as assumptions that, if they never materialize or prove incorrect, could cause our results to differ materially from those expressed or implied by such forward-looking statements. Statements that are not purely historical are forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended (the “Exchange Act”). Forward-looking statements are often identified by the use of words such as, but not limited to, “anticipate,” “believe,” “can,” “continue,” “could,” “estimate,” “expect,” “predict,” “intend,” “may,” “might,” “plan,” “project,” “potential,” “seek,” “should,” “target,” “will,” “would” and similar expressions or variations intended to identify forward-looking statements. These forward-looking statements include, but are not limited to, statements concerning the following:
•our future financial and operating results; including trends in and expectations regarding revenues, annual recurring revenue, deferred revenue, remaining performance obligations, gross margins, operating income and the proportion of transactions that will be recognized ratably;
•the effects of the COVID-19 pandemic on our business and operations and those of our customers;
•expected benefits to customers and potential customers of our offerings and our user-driven network;
•investment strategy, business strategy and growth strategy, including our business model transition and the use of acquisitions to expand our business;
•our sales and marketing strategy, including our international sales and channel partner strategy;
•customer product adoption and purchasing patterns, including renewal, expansion and conversion from on-premises to cloud services
•management’s plans, beliefs and objectives for future operations;
•our ability to provide compelling, uninterrupted and secure cloud services to our customers;
•expectations about competition;
•economic and industry trends or trend analysis;
•the impact of geopolitical events, including the war in Ukraine;
•our acquisitions, including the expected impacts of such acquisitions;
•expectations about seasonality;
•expected impact of changes in accounting pronouncements and other financial and non financial reporting standards;
•operating expenses, including changes in research and development, sales and marketing, facilities and general and administrative expenses;
•sufficiency of cash to meet cash needs for at least the next 12 months;
•exposure to interest rate changes;
•anticipated income tax rates, tax estimates and tax standards;
•capital expenditures, cash flows and liquidity; and
•the impact of climate change, natural disasters and actual or threatened public health emergencies.
These statements represent the beliefs and assumptions of our management based on information currently available to us. Such forward-looking statements are subject to risks, uncertainties and other important factors that could cause actual results and the timing of certain events to differ materially from future results expressed or implied by such forward-looking statements. Factors that could cause or contribute to such differences include, but are not limited to, those identified below, and those discussed in the section titled “Risk Factors” included under Part I, Item 1A. Furthermore, such forward-looking statements speak only as of the date of this report. Except as required by law, we undertake no obligation to update any forward-looking statements to reflect events or circumstances that occur after the date of this report.
Splunk provides innovative solutions that use data from digital systems to help organizations identify opportunities for optimization and innovation and to keep those systems secure and performing effectively. This class of data is growing significantly as a direct result of the prevalence and importance of digital systems used by today’s organizations. Decades of investment in digital transformation have integrated the hardware and software that comprise digital systems into every aspect of how modern organizations operate. The data generated by these systems contains a comprehensive, real-time record of operations, interactions, and transactions that our offerings convert into insights and actions that improve technology and business outcomes. Our solutions for cybersecurity (“Security”) and Observability empower users in technology roles, including Development Operations (“DevOps”), IT Operations (“ITOps”), and cyber security, to monitor and secure digital systems more quickly and efficiently. Business users leverage our offerings to gain visibility into their digital processes to deliver better experiences, improve decisions and drive better results.
Our offerings provide visibility to our customers’ diverse technology infrastructure including systems deployed on the edge, on premises, and in private and public cloud environments, running software ranging from monolithic apps to cloud native ones. We also believe our offerings empower operational transformation, helping customers move from reactive, non-scalable and ineffective approaches to proactive, automated, and AI-assisted processes that drive better outcomes even as the scale and complexity of their technology continue to grow.
The COVID-19 pandemic significantly increased the importance of being a digital, data-driven organization and we believe the importance of data-driven innovation will only continue to increase over time. The events of 2020 and 2021 accelerated the adoption of new ways to work and exerted an enormous amount of pressure on organizations of all kinds to deliver better experiences and outcomes, and to enable entirely new offerings and business models. We believe this global shift in the business environment and the related challenges are here to stay and that Splunk enables organizations to rise to these challenges by leveraging technology to achieve greater efficiency, agility, security, and drive a sustained competitive advantage. When organizations use Splunk to improve their security postures and build resilience, they are able to innovate more effectively.
Splunk Product Offerings
Our portfolio comprises three categories of offerings:
The Splunk Platform A broad set of configurable and extensible capabilities that can acquire, manage, and analyze data and deliver insights from virtually any technology source.
Splunk Solutions Application offerings that leverage the Splunk platform to provide deep, pre-built capabilities for Security and Observability.
Customer and Partner Solutions Content built by our field organization, partners, and customers that configures and extends the Splunk platform and Splunk Solutions, accelerating customer time-to-value for a broad range of use cases.
We believe that the Splunk portfolio offers a unique breadth and depth of capabilities, including:
•Industry analyst-recognized market leadership in our Security and Observability solutions, which can deliver best-in-class outcomes for customers.
•Creating greater cost efficiencies and better outcomes for customers by reducing data duplication, scaling investments, and simplifying data reuse across multiple functions and use cases, and enabling common visibility, greater collaboration, and tighter alignment across functions.
•The scalability, flexibility, and power of the Splunk platform enables a wide-range of use-cases for very large and complex technology infrastructures, and is proven across thousands of customers capable of ingesting and analyzing petabytes of data per day.
•The combination of real-time stream transformation and analytical processing with near-real time and batch-oriented processing of large, complex data sets collected over long time periods. Together these capabilities provide support for a broad range of use cases spanning end-to-end operational processes, from historical analytics, forensic investigation, and machine learning model development to real-time monitoring, analytics, and machine model execution.
•The increasing use of machine learning across the portfolio to drive more sophisticated and valuable insights at ever growing scale. We apply our deep expertise in the security and observability domains to out-of-the-box machine learning analytics in Splunk Solutions to deliver more accurate and actionable insights, proactive monitoring, and prescriptive and automated responses. The Splunk platform provides pre-built machine learning algorithms and model development capabilities and supports integration with external data science platforms, expanding the use of machine learning to complex, custom use cases.
The Splunk portfolio of offerings is delivered as a mix of cloud services offerings and on-premise licensed software offerings (“license offerings”) that customers and partners deploy in their own environments. We believe that the unique capabilities, rapid delivery, and streamlined adoption that cloud services enable make them the best delivery model for us and the majority of our customers. Accordingly, we will deliver a growing number of our offerings exclusively as cloud services to take full advantage of cloud capabilities like elastic scalability while maximizing the rate at which new features are adopted and validated. Where our solutions are delivered as license offerings, we generally follow a cloud-first model, under which the most complete feature sets and frequent releases are provided in cloud services offerings, while subsets of cloud-validated features are released on a more measured cadence in license offerings.
The Splunk Platform
The Splunk portfolio of offerings is anchored by the Splunk platform, an extensible real-time data platform comprising collection, streaming, indexing, search, reporting, analysis, machine learning, alerting, monitoring and data management capabilities. Different combinations of the Splunk platform capabilities are offered as services in Splunk Cloud, and in our Splunk Enterprise and Data Stream Processor license offerings. Key Splunk platform capabilities include:
•Expansive data collection and instrumentation, including application programming interfaces (“APIs”), endpoints, and agents that can acquire data from an extensive set of hardware and software sources. Additionally, Splunk is a leading contributor to OpenTelemetry, a broadly-used open source project hosted by the Cloud Native Computing Foundation.
•Processing and analysis of very large volumes of data, both in real-time while in motion and at rest, in our proprietary, high-scale indexes and external data stores.
•A comprehensive, domain-specific language called the Search Processing Language (“SPL”), which provides a broad set of commands for preparing, exploring, monitoring, analyzing, and visualizing complex, time series-based data.
•Extensive machine learning capabilities, including out-of-the-box algorithms optimized for common data types and use cases and interfaces that allow data scientists to develop and deploy customized algorithms and models against our customers’ data.
•A wide range of interfaces for administrators, data engineers, analysts, and end users that includes tools providing a point-and-click experience for data preparation and investigation, highly-configurable dashboards, and a family of solutions purpose-built for mobile devices, smart watches, and Apple TV and Chromecast display devices.
In addition to enabling a wide range of use cases, the Splunk platform is also the foundation of the application offerings for Security and Observability.
Splunk Security Solutions
Splunk Security solutions help cybersecurity teams streamline the security operations workflow, accelerate threat detection and response, enhance threat visibility, and scale resources to increase analyst productivity through machine learning and automation. Built on the Splunk platform, Splunk Security offerings include Splunk Enterprise Security, Splunk User Behavior Analytics and Splunk Security Orchestration and Automation (“Splunk SOAR”), and are available as a mix of cloud services and license offerings. Customers use the Splunk Security offerings to address a range of use cases including:
Investigation and Forensics Empower security teams to analyze and confirm high priority incidents to determine the circumstances and scope of an incident while appropriately handling incident investigation and response.
Security information and event management and Security Analytics Enable security teams to gain full visibility into their data and make analytics-driven security decisions using pre-built frameworks, workflows and dashboards. Specific use cases include real-time security monitoring, advanced threat detection, and incident investigation for efficient threat management.
Automation and Orchestration Provide security operations centers advanced orchestration, automation and response capabilities by integrating teams, processes and tools. Splunk Mission Control empowers security teams to detect, manage, investigate, hunt, contain and remediate threats from a unified security operations platform.
Splunk Observability Solutions
Splunk Observability solutions, which are built on the Splunk platform and are available as a mix of cloud services offerings and license offerings, include Splunk IT Service Intelligence, Splunk On-Call, Splunk Infrastructure Monitoring, Splunk Application Performance Monitoring (“APM”), and Splunk Synthetic Monitoring. These offerings can be consumed independently or as an integrated offering that provides full-stack visibility and complete service insights. Splunk Observability solutions provide ITOps, DevOps and developer teams visibility and control across cloud and on-premises environments. With improved visibility, ITOps teams can predict and find outages, improve decision-making and take a service-oriented approach to managing IT infrastructure and applications. Customers use Splunk IT solutions to address a range of use cases including:
IT Investigation and Monitoring Monitor uptime, performance and response time with a unified view of their entire IT environment. Splunk offerings enable ITOps teams to obtain insight across their data centers and cloud services so that they can accelerate outage investigations and reduce mean time to resolution by quickly identifying and resolving problems.
Event Analytics and Management Proactively resolve service issues by using Splunk machine learning capabilities to cluster, filter, and significantly reduce event noise. This results in less time sifting through false positives and the ability to prioritize alerts in terms of impact.
Service Monitoring and Insights Understand how multiple tiers of the service stack interact with each other and impact service degradation. Using machine learning, ITOps teams can help prevent future outages based on predictive service health scores. ITOps teams gain visibility across silos to understand high level business service health and performance, while also diving deep into investigations to find the root cause of an incident faster.
Incident Response and Automation Improve the experience of developers and ITOps through incident response and automation focused on escalating outage and performance incidents to the right people and teams so they can triage and resolve problems most quickly.
AIOps Use big data analytics, machine learning and artificial intelligence to deliver increased accuracy and speed to ITOps. The Splunk AIOps solution analyzes massive datasets from disparate sources and employs advanced analytics to automate common ITOps and improve data analysis.
Cloud Infrastructure Monitoring Monitors cloud infrastructure and networks by streaming performance metrics to detect patterns, sending availability and performance alerts and analyzing performance trends. Splunk Infrastructure
Monitoring offers infrastructure visibility across on-premises, hybrid-cloud, multi-cloud and cloud-native infrastructures, containers and orchestration systems such as Docker and Kubernetes and network performance using the eBPF (Extended Berkeley Packet Filter) technology.
APM Monitors applications, especially those based on microservices, to identify performance bottlenecks and outages caused by application issues. Splunk APM provides insights into how microservices and a wide range of application code, including Java, are performing.
Digital Experience Monitoring Monitors services by using both real user and synthetic transactions to analyze response time and issues that create bottlenecks in response time.
Log Investigation Helps identify the root cause of outages and issues by isolating log files that indicate a specific problem in a specific location.
Incident Response Incident response is focused on escalating outage and performance incidents to the right people and teams so they can triage and resolve problems quickly, while improving the experience of developers and DevOps teams.
Customer and Partner Solutions
The Splunk platform and Splunk Solutions, including Splunk On-Call, Splunk Infrastructure Monitoring, and Splunk SOAR, provide APIs, SDKs, and other interfaces that enable our network of third-party developers, partners, and customers to build content that configures and extends Splunk solutions to accommodate specific use cases. This range of Customer and Partner solutions includes pre-built data inputs, workflows, searches, reports, alerts, custom dashboards, flexible UI components, custom data visualizations, and integration actions and methods.
Customer and Partner solutions content can be built for a customer or partner’s own internal use, or it can be made generally available for download, in free or premium offerings, from within the Splunk platform, our Splunk Solutions, and via Splunkbase, an online community and marketplace for developers, partners, and customers to share apps and add-ons. Over 2,000 apps and add-ons are currently available on Splunkbase, most of which are built and maintained by third parties.
We do not receive any material revenues from the sale of apps or add-ons by third-party application providers. Many apps and add-ons posted to Splunkbase are provided at no additional cost to users. Partner apps and add-ons listed on Splunkbase that are not free are primarily licensed directly by the third party to the end user.
While customers can readily consume our cloud services offerings and license offerings, our customer success team developed scalable offerings that span the customer journey, with the explicit intent of providing the right outcome-focused adoption services that result in customer value. These offerings include adoption and implementation services, education services, and customer support services that are tailored to scale to our customers’ size and maturity.
Adoption and Implementation Services
Our customer success planning includes proven on-boarding and adoption best practices on our offerings for all customers, using an outcome-focused approach. Our prescriptive adoption guidance and success planning are targeted to the specific use cases across Security and Observability, spanning a wide variety of industries. Guided by our customer success managers and advocacy team, customers have several ways to engage our experts: through a comprehensive catalog of On Demand Services, expert and solution-oriented subscription services, or traditional Project-Based Implementation Services.
We offer a robust portfolio of modularized training courses and learning paths to our customers and partners that we continue to expand. In addition to our extensive course catalog, a comprehensive training certification program is available to ensure an understanding of our offerings and distinguish levels of expertise. Additionally, we have expanded our Authorized Learning Partner network to extend our reach and availability of education services throughout our network.
We offer maintenance and customer support services as part of our cloud services and license offerings. Support entitlements provide customers the right to receive unspecified software updates, maintenance releases and patches, and access to our technical support services during the term of the subscription.
Customers receive 24x7x365 access to subject matter experts for critical issues, direct telephone support, access to online support, and software upgrades. Our customer support organization has global coverage capabilities, delivering support with deep expertise in our cloud services and license offerings, complex IT environments and associated third-party infrastructure.
Our customer support organization offers Standard and Premium service levels. Premium is an upgraded level of support that provides customers with priority response and update times and targeted fix Service Level Objectives for all case priorities, providing proactive support and quarterly reviews of the customer’s mission-critical deployments.
Our Growth Strategy
We are focused on providing the right capabilities through our products and services to remove the barriers between data and action. The key elements of our growth strategy are:
Cloud-first Platform and Solutions. We have reached a key milestone in our cloud transformation, where cloud services represent the majority of our total cloud services and license bookings. Our cloud services customers have accelerated their time to value and achieved lower total cost of ownership. Most importantly, the rate at which new features and capabilities are delivered to and used by customers is accelerated when using cloud services offerings. Given our customers’ success adopting our cloud services offerings, we will continue to invest heavily in differentiated cloud services offerings delivered through a cloud-optimized go-to-market and support model. We will continue to invest in our license offerings to enable both standalone consumption and hybrid Splunk deployments that span customer on-premises and cloud environments. We expect our cloud services offerings will continue to be an important source of growth for Splunk, our customers and our partners.
Expand the Splunk value proposition with broader and deeper capabilities. We will continue to focus our product strategy and go-to-market approaches on our Security and Observability users and we will expand the Splunk platform and Splunk Solutions offerings that serve them. We intend to deliver new and enhanced capabilities, as well as services that provide faster time-to-value and easier adoption and expansion. We also plan to deliver new features tailored to meet the specific needs of users, including more comprehensive data reach, more powerful analytics, and AI/ML and automation capabilities. While we are focused on extending our industry analyst-recognized leadership across Security and Observability, our customers benefit from even greater value when multiple organizations are generating insight using the Splunk platform.
Global Expansion. We continue to invest in go-to-market, operations and infrastructure to deliver our services to customers in targeted countries across multiple geographies. Splunk has had success in global expansion as evidenced by our increased mix of revenues outside of the U.S. and we continue to see this as a significant growth opportunity.
Research and Development
We invest substantial resources in research and development to enhance our offerings, develop new end-market specific solutions and apps, conduct software and quality assurance testing and improve our core technology. Our technical staff monitors and tests our software on a regular basis, and we maintain a regular release process to refine, update, and enhance our existing offerings. As we shift our focus to cloud services offerings we will make significant investments in a cloud-optimized delivery model while continuing to invest in our license offerings, both for standalone consumption and for deployment in hybrid environments.
Acquisitions and Investments
We enhance and expand our offerings both through our own research and development efforts and through acquisitions and investments. We have made a number of acquisitions in the past and will continue to evaluate acquisition opportunities that can accelerate the delivery of new capabilities, entry into new market segments and our technical expertise.
We rely on patent, trademark, copyright and trade secret laws, confidentiality procedures, internal policies and contractual provisions to protect our technology and intellectual property rights. The nature and extent of legal protection of our intellectual property rights depends on, among other things, the type of intellectual property right and the jurisdiction in which such right arises. We believe that our intellectual property rights are valuable and important to our business. We file trademark, patent, and copyright applications to protect our intellectual property.
Generally, we retain ownership of software we develop. All software is licensed to users and primarily provided in object code or as a cloud service pursuant to browser-wrap, embedded or on-line license or service terms, or signed customer agreements. These agreements generally contain restrictions on duplication, disclosure, reverse engineering, transfer and license circumvention.
We use open source software in our offerings and business, including as incorporated into software we receive from third party commercial software vendors or technologies obtained through acquisitions, and expect to continue to use open source software in the future. Additionally, we, including companies that we have acquired, have intentionally made certain proprietary software available on an open source basis, both by contributing modifications back to existing open source projects, and by making certain internally developed tools available pursuant to open source licenses, and we plan to continue to do so in the future.
Sales and Marketing
Our sales and marketing organizations work together closely to expand market awareness, generate sales pipeline, and cultivate customer relationships to drive revenue growth and enablement for adoption and customer success.
We sell our offerings directly through field sales, inside sales and indirectly through different routes to market with a community of partners. These partners include leading, global service integrators, managed services partners, and resellers. We gather prospects through a broad range of marketing campaigns, programs and events. Our sales development teams handle lead qualifications. Large or complex transactions generally are handled by our globally distributed direct field sales teams. Our sales engineers help define customer use cases, pre-sales qualification and evaluation.
Our field sales teams are organized geographically across the Americas, Europe, Middle East and Africa (“EMEA”) and Asia Pacific (“APAC”). We also have a dedicated sales team focused on government customers, which includes United States federal, state and local government entities.
In addition to acquiring new customers, our sales teams are responsible for securing renewals of existing contracts, as well as increased adoption of our offerings by existing customers. To accomplish this, our field sales and customer success teams work closely with our customers to ensure adoption and overall account health, which fosters expanded usage through higher capacity or upgrades and additional use cases.
We focus our marketing efforts on generating opportunities for our sales force and partners, increasing awareness of the Splunk brand, driving viral adoption, and communicating product advantages and business benefits. We market our offerings as a targeted solution for specific use cases and as an enterprise solution for a broad range of data and use cases. We engage with existing and potential customers to provide community-based education and awareness and to promote expanded use of our cloud services and license offerings within these customers. We engage business press, technology press, industry analysts and influential voices to create awareness for Splunk in our target markets. We host a number of events across our sales regions to engage with both existing customers and new prospects, as well as deliver product training. We host our annual user conference, “.conf” and multiple partner forums as other ways to support the Splunk community to foster collaboration and help our customers drive further business results from our offerings.
Our prioritization of cloud services offerings presents an opportunity for Splunk partners to enhance their existing investments and future profitability by expanding their offerings to include services, support, and integration capabilities to accelerate customers’ digital transformations. Splunk’s ideal partner creates cloud solutions focused on customer outcomes and delivering effective, multi-dimensional solutions across industries and theaters. Partners can untap new markets, customers, and data streams with new product innovations. While not every innovation will deliver the same results, we believe establishing a culture of co-innovation that drives repeatability is foundational to making Splunk broadly available. As such, Splunk shifted the focus to partners that deliver value through selling, advising, building, and managing services to drive higher partner and customer adoption across our offerings. The new Splunk Partnerverse program anchors our partner strategy. Splunk Partnerverse builds on Splunk’s global brand, expands our customer base through partners, and reinforces Splunk as both cloud-ready and partner friendly. There are three program objectives:
•Serve all Splunk partners through one program that enables and promotes a cloud-first partner network
•Differentiate partners in the market through the Splunk Partnerverse badging system powered by enablement and training paths to demonstrate proof-points in competency
•Showcase Splunk partners’ validated expertise and their Splunk-based offerings via the Solutions Catalog so that customers can easily find the right partners
Splunk organized its partner strategy to align with all partner types with a focus on two partner-centric routes to market:
Cloud service providers (“CSP”) Strong partnerships with CSPs (e.g. Amazon Web Services and Google Cloud) are the cornerstone of our cloud focus. The online storefront known as a cloud marketplace offers customers an alternate way to conduct transactions. Today our Marketplace business is driven primarily by customer demand and we will meet our customers where and how they want to buy. We are coordinating product development, sales efforts, and ongoing marketing efforts with these key partners to promote Splunk Cloud running on CSP infrastructure.
Global systems integrators and managed services providers These partners support planning, implementation, and management of end-to-end business solutions tailored to specific customers, segments, and industry verticals. We focus on full stack market solutions that partners manage to ensure our customers have access to the best expertise, technology, and solutions for optimal performance, security, and technology operations. We are working with this partner set to develop and deploy Splunk platform-based solutions to their customers, extending our overall market reach and total addressable market. We further intend to establish select core business groups to increase our joint selling opportunities, explore new solutions, and promote Splunk’s strength in Security and Observability.
Splunk Community Engagement
We engage with the community of Splunk users, including Splunk employees, partners, and customers, through a variety of online and in-person forums to assist with Splunk skills development. Additionally, our engagement with users empowers the development of Customer and Partner solutions, drives cross-pollination of experiences and best practices, and provides feedback on current and planned future offerings and capabilities.
Our primary online forums include Splunk Answers, Splunk User Groups, and Splunk Ideas. In Splunk Answers, users share best practices about how to build searches, create data visualizations, build implementations to address specific use-cases and configure and deploy our cloud services and license offerings. While our product, support, engineering and professional services teams participate in Splunk Answers, the majority of questions appearing on Splunk Answers are answered by other Splunk users, including the SplunkTrust, a peer-nominated, MVP group of Splunk users. Splunk Ideas is a forum through which the community can submit and vote on ideas for new product offerings and capabilities, providing a highly-refined set of inputs to our product development efforts. We also maintain active communities on leading social internet platforms, including Facebook, Twitter, LinkedIn and Slack.
Comprehensive enablement for Customer and Partner solutions developers is provided on our Splunk Dev portal. Splunk Dev contains resources for building apps, integrations, and other Customer and Partner solutions content that extends
the Splunk offerings to new data, insights, and use cases. Developers can sign up for free licenses or access to support both their on-premises and cloud-native application needs. Additional resources made available through Splunk Dev include developer guides, API references, tutorials, downloads, tools and examples to help developers efficiently create new solutions.
We also continue to support the growth of the Splunk Community, with local Splunk User Groups around the world and a growing collection of Splunk-sponsored events, such as .conf, and regional/local events.
As of January 31, 2022 we have customers in more than 130 countries and our offerings have been deployed by over 95 of the Fortune 100 companies. We provide offerings to customers of varying sizes, including enterprises, educational institutions and government entities. Our current customer base spans numerous industry verticals, including education, financial services, government, healthcare/pharmaceuticals, industrials/manufacturing, media/entertainment, retail/ecommerce, technology, and telecommunications. Please refer to Note 9 “Revenues, Accounts Receivables, Deferred Revenue and Remaining Performance Obligations” of our accompanying Notes to Consolidated Financial Statements included elsewhere in this Annual Report on Form 10-K for further discussion of our customers and concentration of revenue and receivables.
Our industry is evolving rapidly and is becoming increasingly competitive with an increasing number of vendors competing across product areas. For example, security vendors are attempting to penetrate the observability industry, observability competitors are targeting the security space, competitors across the security and observability siloes are expanding their footprints in log management and machine data space, and CSPs are extending their native operations and security capabilities across competing cloud environments. Additionally, a number of more domain-focused competitors continue to target specific use cases within the application, IT and security domains in an attempt to drive rapid penetration.
These dynamics position us in competition with a variety of large CSPs and software vendors, as well as smaller specialized companies, open source projects and custom development efforts, which provide solutions in the specific markets we address. Our principal competitors include:
•Cloud monitoring and APM/Observability vendors;
•Monitoring, troubleshooting, security and analytics services offered (embedded or add-ons) by major public CSPs;
•Companies targeting the data analytics industry;
•Legacy security, systems management and other IT vendors; and
•IT departments that undertake custom software development efforts to analyze and manage their operations data across their public and private cloud landscapes.
Environmental, Social, and Governance
Three high-level environmental, social and governance (ESG) objectives—advancing our Global Impact Strategy; integrating ESG across the business; and innovating through our climate strategy—form the tactics for maturing and extending our ESG work. Our board of directors works closely with management to oversee ESG, with each of our three board committees dedicated to areas of the program associated with their respective areas of responsibility.
In fiscal 2022, we formally launched our four-pillared Global Impact Strategy that focuses on these areas: Social Impact, Ethical and Inclusive Growth, Data Responsibility and Environmental Sustainability. By leveraging our technology, expertise and talent, we strive to add unique value, drive collaboration, embrace our stakeholders and innovate for impact—four principles that guide our Global Impact Strategy. Through our strategy, we aim to bridge the data divide to find actionable solutions to some of the world’s most pressing challenges and to amplify positive social and environmental impacts in service to humanity. We also published our inaugural Global Impact Report, shared our ESG Position Statement, and released our Bridging the Data Divide: Mobilizing data and the tech ecosystem for everyone white paper and World Economic Forum blog article. Additionally, we announced a suite of science-based climate targets and commitments that aim to achieve net zero greenhouse gas emissions by 2050 as verified by the Science Based Target initiative (SBTi) in a manner consistent with a 1.5°C
ambition level, and we shared our plan to register a second suite of shorter-term five, ten, and fifteen year targets with the SBTi by the end of fiscal 2023.
Human capital management is foundational to the Ethical and Inclusive Growth pillar of our Global Impact Strategy. At the core of Splunk, we are a people-centric company. We believe that the best way to continue to deliver customer success and the best products and services is to focus on attracting the most qualified candidates to join our team (based on skills, knowledge and abilities). We also spend time and energy supporting, retaining and developing our high-performing and innovative employees. Our commitment to diversity and inclusion is central to our core values. We strive to embrace each person’s unique individual value and the communities that matter to them. This commitment is an integral part of our Diversity, Equity & Inclusion (“DEI”) strategy. As of January 31, 2022, we employed over 7,000 employees, of which approximately 71% were in the United States and 29% were in our international locations.
We encourage you to visit our website for more detailed information regarding our human capital programs and initiatives. Nothing on our website shall be deemed incorporated by reference into this Annual Report on Form 10-K.
Diversity, Equity and Inclusion (DEI)
A diverse and inclusive company helps us achieve our mission of bringing data to every question, decision and action to drive positive outcomes for our company, our communities and each other. Our company-wide inclusiveness effort, A Million Data Points, speaks powerfully to our holistic, multi-dimensional approach to diversity, illuminating cultural heritage, intersectionality, experiences and all the unique qualities and talents that each employee possesses. We also cultivate an inclusive culture through several employee resource groups (ERGs). Splunk is focused on the hiring, retention and representation rates of women and individuals from underrepresented groups. We provide DEI education and offerings to imbed inclusion and equity in our talent processes. We plan to conduct intersectional employee surveys that look at a combination of factors that include underrepresented groups and gender to check for variances in employee experiences. Furthermore, to oversee the impact DEI has within Splunk, we have a dedicated DEI at Splunk Council (DISCO) composed of leaders from each function. This team is focused on influencing our DEI strategy, with specific areas of focus around hiring, promotion, retention and attrition, as well as connecting DEI activities to a broader business-driven, results-oriented strategy. We also have an Inclusion Council which plays a pivotal role in embedding engagement, equity, inclusion and belonging within everyday practices, as well as in sharing best and next practices across the enterprise.
We work to help provide access to new careers in technology with skills development and training, promoting a new generation of diverse talent through a global network of universities, community colleges and workforce partners like YearUp and Hire Military. Splunk is regularly recognized as an employer of choice in the technology industry and within the various locations that we operate. In fiscal 2022, Fortune named Splunk one of the 100 Best Companies to Work For, as well as one of the top 10 Best Workplaces in Technology, and a Best Workplace for Parents and Millennials. In addition, we were named one of the Best Places to Work for LGBTQ Equality for the second year in a row, after earning a score of 100 on the Human Rights Campaign (HRC) Corporate Equality Index, and named by People magazine as one of the top Companies That Care. In fiscal 2021, we were included in Fortune’s Best Workplaces for Women, Parents and Millennials.
Additional information on our diversity and inclusion strategy, diversity metrics and programs can be found in the Diversity Annual Report posted on our website.
Compensation, Benefits and Wellbeing
Splunk provides a comprehensive and competitive compensation and benefits package to attract, retain and engage the talented employees that make our company successful. We provide employees with competitive base salaries, incentive compensation and equity awards in the form of RSUs as well as the opportunity to participate in our Employee Stock Purchase Plan, which allows employees to purchase Splunk stock at a discount.
Our benefits offerings are designed to meet the unique needs of our employees. We believe we provide competitive benefits in each local market we operate in to help our employees care for themselves and their families. Common offerings are health benefits, retirement benefits, fertility and family planning benefits, paid time off, holidays and leave benefits.
In response to COVID-19, we offer a number of additional benefits to help our employees. These benefits include 30 days of paid time off that employees can use for any absence related to the pandemic or a natural disaster, four additional well-being paid rest days and reimbursement for certain expenses related to remote working. In addition, we have a global mental health offering through a third-party provider who gives our employees and their families access to counseling, personal coaches and a variety of digital wellness resources.
We believe in leadership and learning and invest in the development of all our employees. Our vision is to further enhance our talent practices and leadership behaviors in order to empower more autonomous decision making, leverage data insights, reinforce open communication and feedback, and set clear rules of engagement to systemically foster increased trust and transparency. We are strongly committed to our responsibility of providing development and growth opportunities to our employees through greater emphasis on internal mobility and fair and equitable talent practices. Employees take advantage of live courses, leadership programs, online training, product training, sales training, technical training, mentor programs, team building events, seminars, conferences, lectures, university programs, peer-to-peer and manager-led training and other learning opportunities across the company.
Our principal executive offices are located at 270 Brannan Street, San Francisco, California 94107, and our telephone number is (415) 848-8400. We were incorporated in California in October 2003 and were reincorporated in Delaware in May 2006.
Our website is located at www.splunk.com and our investor relations website is located at http://investors.splunk.com. The information posted on our website is not incorporated into this Annual Report on Form 10-K. Our Annual Report on Form 10-K, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K and amendments to reports filed or furnished pursuant to Sections 13(a) and 15(d) of the Securities Exchange Act of 1934, as amended, are available free of charge on our investor relations website as soon as reasonably practicable after we electronically file such material with, or furnish it to, the SEC.
We webcast our earnings calls and certain events we participate in or host with members of the investment community on our investor relations website. Additionally, we provide notifications of news or announcements regarding our financial performance, including SEC filings, investor events, press and earnings releases, as part of our investor relations website. The contents of these websites are not intended to be incorporated by reference into this report or in any other report or document we file.
Risk Factor Summary
Our business is subject to numerous risks and uncertainties, including those highlighted in Part I, Item 1A titled “Risk Factors.” These risks include, but are not limited to, the following:
Factors Related to Our Business and Results of Operations
•our business model transition from sales of licenses to the delivery of cloud services;
•fluctuations in our operating results from period to period;
•our organic and inorganic growth and the effectiveness of our controls, systems and procedures as we grow;
•our history of losses and the prospect of profitability;
•costly and continuous infrastructure investments required by our cloud services;
•our ability to attract and retain leadership and key personnel, particularly within our industry;
•expansion and integration related to past and future acquisitions;
•our ability to obtain capital on acceptable terms to support our growth;
•our ability to use our net operating losses and tax credits to offset future taxes; and
•liability related to past or future sales and use, value added, withholding or similar taxes.
Factors Related to the Economy and the Markets in which We Operate
•the impact of the COVID-19 pandemic on our business;
•intense competition from large and small providers and vendors in the markets in which we operate;
•market acceptance of our new and existing offerings and product enhancements;
•economic and political conditions and uncertainty, both domestically and internationally, including those specific to industries in which our customers participate; and
•governmental export and import controls related to operation in international markets.
Factors Related to Customers and Sales
•current and future customer demand, use case expansion and satisfaction;
•our reliance on customer purchases, renewals, upgrades and expansions of term licenses, agreements for cloud services and maintenance and support agreements;
•our evolving pricing models and their impacts on our customers’ purchases, renewals, upgrades and expansions;
•the length of time, expense and unpredictability associated with our sales;
•our international sales and operations;
•dependency on and challenges related to sales to federal, state, local and foreign governments; and
•customer dissatisfaction, data loss or corruption arising from incorrect or improper implementation or use of our products.
Factors Related to IT, Privacy and Data Security
•actual or perceived security breaches or incidents or unauthorized access to our customers’ data, our data or our cloud services;
•interruptions or performance problems associated with our technology and infrastructure, and reliance on SaaS technologies from third parties;
•actual or perceived errors, failures or bugs in our offerings, including when new offerings, versions or updates are released; and
•legal requirements, contractual obligations and industry standards related to security, data protection and privacy.
Factors Related to Intellectual Property and Other Proprietary Rights
•our ability to protect our trade secrets, trademarks, copyrights, patents, know-how, confidential information, proprietary methods and technologies and other intellectual property and proprietary rights;
•intellectual property rights claims by third parties that may be costly to defend, require us to pay significant damages or limit our ability to use certain technologies;
•maintenance, protection and enhancement of our brand; and
•our use of “open source” software and related potential burdens, restrictions and litigation.
Factors Related to Reliance on Third Parties
•our reliance on third-party providers of cloud infrastructure services to deliver our offerings to users on our platform;
•our ability to maintain successful relationships with our partners, such as distributors and resellers, to license, provide professional services and support our offerings;
•our use of our community website, expansion of our developer network and support from third-party software developers; and
•third-party advice and information that may not be accurate that is provided to others utilizing our community website and our products.
Factors Related to Our Securities
•our debt servicing obligations;
•our current and future indebtedness may limit our operating flexibility;
•the dilutive impact of the conversion of the Notes;
•the conditional conversion feature of the Notes;
•the accounting method for convertible debt securities, such as the Notes, including accounting for liability and equity components of convertible debt instruments that may be settled entirely or partially in cash;
•counterparty risk related to the Capped Calls; and
•the volatility of our common stock.
•the impact of climate change on our business;
•tax liabilities related to federal, state, local and foreign taxes;
•changes in accounting pronouncements and other financial and nonfinancial reporting standards;
•the strain on resources and diversion of management attention caused by the requirements of being a public company and related complexities; and
•anti-takeover provisions in our charter, bylaws and afforded to us under Delaware law that may have the effect of delaying or preventing a change of control or changes in our management.
Our operations and financial results are subject to various risks and uncertainties including those described below. The risks and uncertainties described below are not the only ones we face. Additional risks and uncertainties that we are unaware of, or that we currently believe are not material, also may become important factors that affect us. If any of the following risks or others not specified below materialize, our business, financial condition and results of operations could be materially adversely affected. In that case, the trading price of our common stock could decline.
Factors Related to Our Business and Results of Operations
If we fail to successfully manage our business model transition, our operating results could be negatively impacted.
Historically we generated a majority of our revenues from sales of licenses, whereby we generally recognize the license fee portion of the arrangement upfront, assuming all revenue recognition criteria are satisfied. However, our revenue mix has shifted from sales of licenses to the delivery of cloud services and we expect it will continue to shift in favor of cloud services. Our transition to a predominately cloud services delivery model has impacted, and will continue to impact, the timing of our recognition of revenue as an increasing percentage of our sales becomes recognized ratably, and will also impact our operating margins as cloud services become a larger percentage of our sales. Our shift to a cloud services delivery model depends on customer choice, and our ability to predict our revenue and margins in any particular period has been, and may continue to be, limited. We have also shifted from generally invoicing our multi-year contracts upfront to invoicing on an annual basis. Accordingly, we have seen the timing of our cash collections extend over a longer period of time with the transition to an annual billings model than it has historically. Whether our business model transition will prove successful and will accomplish our business and financial objectives is subject to numerous uncertainties, including but not limited to: customer demand, renewal and expansion rates, our ability to further develop and scale infrastructure, tax and accounting implications, pricing, and our costs. In addition, the metrics we use to gauge the status of our business model transition, and evaluate and describe our business, will continue to evolve over the course of this transition as significant trends emerge. If we do not successfully execute this transition, our business and future operating results could be adversely affected.
Our operating results may fluctuate significantly and our past operating results may not be a good indication of future performance.
Our revenues, operating margins, cash flows and other operating results could vary significantly from period to period as a result of various factors, many of which are outside of our control. Comparing our revenues and operating results on a period-to-period basis may not be meaningful, and our past results should not be relied upon as an indication of our future performance. For example, we generally recognize license revenues upfront and recognize revenues associated with our cloud services offerings ratably over the term of the agreement. At the beginning of each period, we cannot predict the ratio of orders with revenues that will be recognized upfront and those with revenues that will be recognized ratably that we will enter into during the quarter, due to the fact that our customers have the ability to choose between a term license and cloud subscription agreement. Our customers may choose shorter duration term licenses ahead of migrating to cloud subscriptions and may choose shorter duration cloud subscriptions when transitioning from on-premises to cloud services. In addition, the size of our licenses and orders varies greatly and can result in fluctuations in our revenues and operating results. A portion of revenue recognized in any given quarter is a result of ratably recognized agreements entered into during previous quarters, including agreements for our cloud services offerings and maintenance and support agreements. Consequently, a decline in business from such ratably recognized agreements in any quarter may not be reflected in our revenue results for that quarter. Any such decline, however, will negatively affect our revenues in future quarters. Accordingly, the effect of downturns in sales and market acceptance of our offerings may not be fully reflected in our results of operations until future periods.
We may not be able to accurately predict our future revenues or results of operations. For example, although our shift to a cloud services delivery model generates recurring revenue and cash flows that are expected to be more predictable over time, we may not be able to accurately forecast our revenue, cash flows and other financial results in the near term due to a number of variables, including the timing of our collection of cash, increased annual invoicing, revenue mix, our customers’ rate of adoption of our cloud services model as compared to term licenses, contract durations, the extent and continued impact of the COVID-19 pandemic on our business and overall economic environment and the timing of revenue recognition. We base our current and future expense levels on our operating plans and sales forecasts, and our operating costs are expected to be relatively fixed in the short-term. As a result, we may not be able to reduce our costs sufficiently to compensate for an unexpected shortfall in revenues, and even a small shortfall in revenues could disproportionately and adversely affect our financial results for that quarter.
In addition to other risk factors described elsewhere in this “Risk Factors” section, factors that may cause our financial results to fluctuate from quarter to quarter include:
•the impact of our business model transition on our revenue mix, which may impact our revenue, deferred revenue, remaining performance obligations, gross margins and operating income;
•the timing of our sales during the quarter, particularly because a large portion of our sales occur toward the end of the quarter;
•the loss or delay of a few large transactions;
•changes in the mix of our revenues from sales of licenses to the delivery of cloud services as well as the duration;
•the mix of revenues attributable to larger transactions as opposed to smaller transactions and the impact that a few large transactions or a change in mix may have on our overall financial results as well as the overall average selling price of our offerings;
•the renewal and usage rates of our customers;
•changes in the competitive dynamics of our market;
•changes in customers’ budgets and in the timing of their purchasing decisions and in the length of sales cycles;
•changes in our pricing models and practices or those of our competitors;
•changes to our invoicing practices;
•customers delaying purchasing decisions in anticipation of new offerings or software enhancements by us or our competitors or for other reasons;
•customer acceptance of and willingness to pay for new versions of our offerings or new solutions for specific product and end markets;
•our ability to successfully introduce and monetize new offerings and licensing and service models for our new offerings;
•network outages or actual or perceived security breaches or incidents;
•the availability and performance of our cloud services offerings, including Splunk Cloud;
•our ability to control costs, including our operating expenses;
•changes in laws and regulations that impact our business;
•general economic and political conditions and uncertainty, both domestically and internationally, as well as economic and political conditions and uncertainty specifically affecting industries in which our customers participate, including the impacts of the COVID-19 pandemic and the war in Ukraine, which can adversely affect our customers’ ability or willingness to renew, upgrade, or expand their agreements, or delay prospective customers’ purchasing decisions, or reduce the value of new contracts;
•the amount and timing of our stock-based compensation expenses;
•changes in accounting standards, particularly those related to revenue recognition and sales commissions;
•use of estimates, judgments and assumptions under current accounting standards;
•the timing of satisfying revenue recognition criteria;
•our ability to qualify and successfully compete for government contracts; and
•the collectability of receivables from customers and resellers, which may be hindered or delayed.
Many of these factors are outside our control, and the variability and unpredictability of such factors could result in our failing to meet or exceed our financial expectations for a given period. We believe that quarter-to-quarter comparisons of our revenues, operating results and cash flows may not necessarily be indicative of our future performance.
If we fail to effectively manage our growth, our business and operating results could be adversely affected.
Although our business has experienced significant growth, we cannot provide any assurance that our business will continue to grow at the same rate or at all. We have experienced and expect to continue to experience growth in our headcount and operations, including from acquisitions, which has placed and will continue to place significant demands on our management and our operational and financial systems and infrastructure. As of January 31, 2022, approximately 33% of our workforce had been employed by us for less than one year. As we continue to grow, we must effectively integrate, develop and motivate a large number of new employees, while maintaining the effectiveness of our business execution and the beneficial aspects of our corporate culture and values, the challenges of which may be exacerbated due to remote working conditions associated with the ongoing COVID-19 pandemic. In particular, we intend to continue to make direct and substantial investments to expand our research and development, sales and marketing, and general and administrative organizations, as well as our international operations.
To effectively manage growth, we must continue to improve our operational, financial and management controls, and our reporting systems and procedures by, among other things:
•improving our key business applications, processes and IT infrastructure to support our business needs and appropriately documenting such systems and processes;
•enhancing information and communication systems to ensure that our employees and offices around the world are well-coordinated and can effectively communicate with each other and our growing base of customers and partners; and
•enhancing our internal controls to ensure timely and accurate reporting of all of our operations and financial results.
These systems enhancements and improvements will require significant capital expenditures and allocation of valuable management and employee resources. If we fail to implement these improvements effectively, our ability to manage our expected growth, ensure uninterrupted operation of key business systems and comply with the rules and regulations that are applicable to public reporting companies will be impaired. Additionally, if we do not effectively manage the growth of our business and operations, the quality of our offerings could suffer, which could negatively affect our brand, financial results and overall business.
We have a history of losses, and we may not be profitable in the future.
We have incurred net losses in each year since our inception. As a result, we had an accumulated deficit of $3.81 billion at January 31, 2022. Because our products and offerings, as well as the market for these products and offerings, continue to evolve, it is difficult for us to predict our future operating results. We expect our operating expenses to increase over the next several years as we hire additional personnel, expand and improve the effectiveness of our distribution channels, improve the performance and scalability of our technology architecture, and continue to develop features and functionality for our offerings. In addition, as a public company, we have incurred and will continue to incur significant legal, accounting and other operating expenses. If our revenues do not increase to offset these increases in our operating expenses, we may not be profitable in future periods. Our historical revenue growth has been inconsistent and should not be considered indicative of our future performance, particularly as our business model transitions. Further, in future periods, our revenue growth could slow, or our revenues could decline for a number of reasons, including slowing demand for our offerings, increasing competition, a decrease in the growth of our overall market, changes in our mix of revenues, or our failure, for any reason, to continue to capitalize on growth opportunities. Any failure by us to achieve, sustain or increase profitability on a consistent basis could cause the value of our common stock to decline.
Our cloud services, including Splunk Cloud, require costly and continual infrastructure investments, and if our transition to a largely cloud-based business model is not successful, our business could be adversely affected.
A cloud-based model of software deployment is one in which a software provider typically licenses an application to customers for use as a service on demand through web browser technologies. Delivering software under a cloud-based model results in higher costs and expenses when compared to sales of licenses for similar functionality. In recent years, companies have begun to expect that key software, such as customer relationship management and enterprise resource planning systems, be provided through a cloud-based model. Many of our offerings are now made available in the cloud as well as on-premises. Customers can sign up for our cloud services offerings and avoid the need to provision, deploy and manage internal infrastructure. In order to deliver our cloud services offerings via a cloud-based deployment, we have made and will continue to make capital investments and incur substantial costs to implement and maintain this alternative business model. In addition, as we look to deliver new or different cloud services, we are making significant technology investments to deliver new capabilities and advance our software to deliver cloud-native customer experiences. We expect that over time the percentage of our revenue attributable to our cloud services offerings will continue to increase. If our cloud services, in particular Splunk Cloud, do not garner widespread market adoption, or there is a reduction in demand for cloud services caused by a lack of customer acceptance, technological challenges, weakening economic or political conditions, security or privacy concerns, inability to properly manage such services, competing technologies and products, decreases in corporate spending or otherwise, our financial results, business model and competitive position could suffer. If these investments do not yield the expected return, or we are unable to decrease the cost of delivering our cloud services, our gross margins, overall financial results, business model and competitive position could suffer. Transitioning to a largely cloud-based model also impacts the way we recognize revenues, which may affect our operating results and could have an adverse effect on our business operations and financial results.
Even with these investments and costs, some customers may desire on-premises deployment of our offerings. Our cloud services offerings may raise concerns among customers, including concerns regarding changes to pricing models, service availability, scalability, ability to use customer-developed apps, information security of a cloud service and hosted data, and access to data while offline or once a subscription has expired. Market acceptance of our cloud services offerings can be affected by a variety of factors, including but not limited to: security, reliability, performance, terms of service, support terms, customer preference, community engagement, customer concerns with entrusting a third-party to store and manage their data, public concerns regarding data privacy or data protection, and the enactment of restrictive laws or regulations in the affected jurisdictions. If we or other providers of cloud services experience security incidents or breaches, loss of customer data, disruptions in delivery of services, network outages, disruptions in availability of the internet, unauthorized access or other problems, the market for cloud services as a whole, including Splunk Cloud, may be negatively affected. Moreover, sales of Splunk Cloud and other cloud services could displace sales of licenses. Alternatively, subscriptions to Splunk Cloud and other cloud services that exceed our expectations may unexpectedly increase our costs, lower our margins, lower our profits or increase our losses and otherwise negatively affect our projected financial results.
If we are unable to attract and retain leadership and key personnel, our business could be adversely affected.
We depend on the continued contributions of our leadership, senior management and other key personnel, the loss of whom could adversely affect our business. All of our executive officers and key employees are at-will employees, which means
they may terminate their employment relationship with us at any time. We do not maintain a key-person life insurance policy on any of our officers or other employees.
In November 2021, we announced that Douglas Merritt, our CEO and a member of our board of directors, would depart the company and Graham Smith, our Chair of the Board, would serve as interim CEO until a permanent CEO was appointed. In March 2022, we announced the appointment of Gary Steele as our new permanent CEO, effective April 11, 2022. We also announced the departure of Teresa Carlson, President and Chief Growth Officer. These changes in our executive management team, and any future changes, resulting from the hiring or departure of executive officers, could disrupt our business, and could impact our ability to preserve our culture, which could negatively affect our ability to recruit and retain personnel. If we are not successful in managing the transition of Mr. Steele into his new role, it could be viewed negatively by our customers, employees or investors and could have an adverse impact on our business. Further, this change also increases our dependency on other members of our executive management team who remain with us. As noted above, because our executive officers are at-will employees, they could terminate their employment with us at any time and any such departure could be particularly disruptive in light of the recent leadership transition. There is intense competition for executive management and it may take an extended period of time to find a candidate that meets our requirements. Accordingly, the loss of one or more of our executive officers or key employees could have an adverse effect on our business.
Our future success also depends on our ability to identify, attract and retain highly skilled technical, managerial, finance and other personnel, particularly in our sales and marketing, research and development, general and administrative, and professional service departments. In fiscal 2022, there has been a dramatic increase in workers leaving their positions throughout our industry that is being referred to as the “great resignation,” and the market to build, retain and replace talent has become even more highly competitive. We face intense competition for qualified individuals from numerous software and other technology companies. In this period of the "great resignation," we have faced and may continue to face higher employee turnover rates. We may incur significant costs to attract and retain these qualified individuals, and we may lose new employees to our competitors or other technology companies before we realize the benefit of our investment in recruiting and training them. As we move into new geographies, we will need to attract and recruit skilled personnel in those areas. Further, our current and future office environments or flexible work policies may not meet the expectations of our employees or prospective employees. If we are unable to attract and retain suitably qualified individuals who are capable of meeting our growing technical, operational and managerial requirements, on a timely basis or at all, our business will be adversely affected.
We continue to be substantially dependent on our sales force to effectively execute our sales strategies to obtain new customers and to drive additional use cases and adoption among our existing customers. We believe that there is significant competition for sales personnel with the skills and technical knowledge that we require, and further, continuing or recurring restrictions placed on recruiting, training and retention by the ongoing COVID-19 pandemic may further exacerbate our efforts to expand our sales force. Our ability to achieve significant revenue growth will depend, in large part, on our success in recruiting, training and retaining sufficient numbers of sales personnel to support our growth. In addition, as we continue to grow rapidly, a large percentage of our sales force is new to the company and our offerings. As our sales strategies evolve and offerings expand, additional training for new hires and our existing team may be required for our sales force to successfully execute on those strategies. We periodically adjust our sales organization and our compensation programs as part of our efforts to optimize our sales operations to grow revenue, drive incremental growth and support our business model transition. If we have not structured our sales organization or compensation for our sales personnel in a way that properly supports our company’s objectives, or if we fail to make changes in a timely fashion or do not effectively manage changes, our revenue growth could be adversely affected. Our growth creates additional challenges and risks with respect to attracting, integrating and retaining qualified employees, particularly sales personnel. If we are unable to hire and train sufficient numbers of effective sales personnel, or the sales personnel are not successful in obtaining new customers or increasing sales to our existing customer base, our business will be adversely affected.
In addition, we rely upon equity compensation to help attract, motivate and retain our employees, executive officers and directors, and to align the interests of our employees, executive officers and directors with our stockholders. Our 2012 Equity Incentive Plan, as amended, expired in March 2022. In January 2022, our board of directors approved the 2022 Inducement Plan (the “Inducement Plan”) in accordance with Listing Rule 5635(c)(4) of the corporate governance rules of The Nasdaq Stock Market LLC, which will become effective on April 1, 2022. The 2022 Plan provides for the grant of nonstatutory stock options, restricted stock awards, restricted stock units, stock appreciation rights, performance units and performance shares to eligible employees in accordance with Listing Rule 5635(c)(4) of the corporate governance rules of the The Nasdaq Stock Market LLC. No awards may be made under the Inducement Plan to current employees or current or future non-employee service providers. Failure to obtain stockholder approval of a new equity incentive plan with a sufficient number of shares reserved for issuance under such plan, will place us at a competitive disadvantage and would significantly hinder our ability to grant equity awards to existing employees and existing and new directors, which could impede our ability to attract, motivate and retain employees, key executives or directors, harm our growth and adversely affect our operating results. The number of shares covered by equity awards that we have issued or may issue under our 2012 Equity Incentive Plan, as amended, prior to its termination or may issue under then Inducement Plan may alter the metrics, such as burn rate and overhang, used to measure the dilutive impact of our equity compensation on our stockholders, which could make our stockholders less likely to approve a new equity incentive plan with the number of shares we need to attract, motivate and retain
current and new employees and non-employee service providers. Volatility or lack of performance in our stock price may also affect our ability to attract and retain our key employees. Many of our senior management personnel and other key employees have become, or will soon become, vested in a substantial amount of stock, restricted stock units or stock options. Employees may be more likely to leave us if the shares they own or the shares underlying their vested restricted stock units or options have significantly appreciated in value relative to the original purchase prices of the shares or the exercise prices of the options, or, conversely, if the exercise prices of the options that they hold are significantly above the market price of our common stock. If we are unable to retain our employees, or if we need to increase our compensation expenses to retain our employees, our business, results of operations, financial condition and cash flows would be adversely affected.
We have in the past made and may in the future make acquisitions that could prove difficult to integrate and/or adversely affect our business operations and financial results.
From time to time, we may make acquisitions that could be material to our business, results of operations, financial condition and cash flows. For example, in May 2021 we acquired TruSTAR, a cloud-native security company providing a data-centric intelligence platform. Our ability as an organization to successfully acquire and integrate technologies or businesses is unproven. Acquisitions involve many risks, including the following:
•an acquisition may negatively affect our financial results because it may require us to incur charges or assume substantial debt or other liabilities, may cause adverse tax consequences or unfavorable accounting treatment, may expose us to claims and disputes by third parties, including intellectual property claims and disputes, or may not generate sufficient financial return to offset additional costs and expenses related to the acquisition;
•we may incur potential goodwill impairment charges related to acquisitions;
•we may incur costs and experience potential difficulties associated with the requirement to test and assimilate the internal control processes of the acquired business;
•we may encounter difficulties or unforeseen expenditures in integrating the business, technologies, infrastructure, products, personnel or operations of any company that we acquire, particularly if key personnel of the acquired company decide not to work for us or if we are unable to retain key personnel;
•we may not realize the expected benefits of the acquisition;
•an acquisition may disrupt our ongoing business, divert resources, increase our expenses and distract our management;
•an acquisition may result in a delay or reduction of customer purchases for both us and the company acquired due to customer uncertainty about continuity and effectiveness of service from either company;
•relationships with existing customers, vendors and distributors as business partners may be impacted as a result of us acquiring another company or business that competes with or otherwise is incompatible with those existing relationships;
•our due diligence of an acquired company or business may not identify significant problems or liabilities, or we may underestimate the costs and effects of identified liabilities;
•we may be exposed to litigation or other claims in connection with, or inheritance of claims or litigation risk as a result of, an acquisition, including but not limited to claims from former employees, customers or other third parties, which may differ from or be more significant than the risks our business faces;
•we may encounter difficulties in, or may be unable to, successfully sell any acquired products;
•an acquisition may involve the entry into geographic or business markets in which we have little or no prior experience or where competitors have stronger market positions;
•an acquisition may require us to comply with additional laws and regulations, or to engage in substantial remediation efforts to cause the acquired company to comply with applicable laws or regulations, or result in liabilities resulting from the acquired company’s failure to comply with applicable laws or regulations;
•our use of cash to pay for an acquisition would limit other potential uses for our cash;
•if we incur debt to fund such acquisition, such debt may subject us to material restrictions on our ability to conduct our business as well as financial maintenance covenants; and
•to the extent that we issue a significant amount of equity securities in connection with future acquisitions, existing stockholders may be diluted and earnings per share may decrease.
The occurrence of any of these risks could have a material adverse effect on our business operations and financial results.
We may require additional capital to support business growth, and this capital might not be available on acceptable terms, if at all.
We intend to continue to make investments to support our business growth and may require additional funds to respond to business challenges, including the need to develop new features or enhance our offerings, improve our operating infrastructure or acquire complementary businesses and technologies. Accordingly, we have engaged in, and may need to engage in the future, in equity, equity-linked or debt financings to secure additional funds. A significant disruption of global financial markets could further reduce our ability to access capital, which could negatively affect our ability to secure these additional funds. If we raise additional funds through future issuances of equity or convertible debt securities, our existing stockholders could suffer significant dilution, and any new equity securities we issue could have rights, preferences and privileges superior to those of holders of our common stock. For example, if we elect to settle our conversion obligation under the Notes (as defined below) in shares of our common stock or a combination of cash and shares of our common stock, the issuance of such common stock may dilute the ownership interests of our stockholders and sales in the public market could adversely affect prevailing market prices. Any debt financing that we may secure in the future could involve restrictive covenants relating to our capital raising activities and other financial and operational matters, which may make it more difficult for us to obtain additional capital and to pursue business opportunities, including potential acquisitions, or otherwise reduce operational flexibility. We may not be able to obtain additional financing on terms favorable to us, if at all. If we are unable to obtain adequate financing or financing on terms satisfactory to us when we require it, our ability to continue to support our business growth and to respond to business challenges could be significantly impaired, and our business may be adversely affected.
Our ability to use our net operating losses and tax credits to offset future taxable income and tax may be subject to certain limitations.
Our unused net operating losses (“NOLs”) and tax credits generally carry forward to offset future taxable income and tax. We record an asset for these future tax benefits, with our U.S. federal and state tax benefits subject to a full valuation allowance. Federal, state and foreign taxing bodies often place limitations on NOLs and tax credit carryforward benefits. As a result, we may not be able to utilize the NOL and tax credit assets reflected on our balance sheet, even if we attain profitability. Section 382 of the United States Internal Revenue Code of 1986, as amended (the “Code”), is one such example of a limitation. A corporation that undergoes an “ownership change” within the meaning of Section 382 of the Code is subject to limitations on its ability to utilize its pre-change NOLs to offset future taxable income. Future changes in our stock ownership, some of which may be outside of our control, could result in an ownership change under Section 382 of the Code. If our existing NOLs are subject to limitations arising from an ownership change, our ability to utilize NOLs could be limited by Section 382 of the Code, and a certain amount of our prior-year NOLs could expire without benefit. Changes in the law may also impact our ability to use our NOL and tax credit carryforwards. For example, the legislation commonly referred to as the Tax Cuts and Jobs Act of 2017, as modified by the Coronavirus Aid, Relief, and Economic Security Act, limited Federal NOL deductions to 80% of taxable income for NOLs incurred in tax years beginning after December 31, 2017. As a result of this limitation, we may face a federal income tax liability even though we have unused NOL carry forwards.
Taxing authorities may successfully assert that we should have collected or in the future should collect sales and use, value added, withholding, or similar taxes, and we could be subject to liability with respect to past or future sales, which could adversely affect our financial results.
We do not collect sales and use, value added, withholding, and similar taxes in all jurisdictions in which we have sales, based on our belief that such taxes are not applicable. Certain jurisdictions in which we do not collect such taxes may successfully assert that such taxes are applicable or that our presence in such jurisdictions is sufficient to require us to collect
taxes and that could result in tax assessments, penalties, interest and requirements to collect such taxes in the future. Such tax assessments, penalties, interest or future requirements to charge taxes to our customers may adversely affect our financial results.
Factors Related to the Economy and the Markets in which We Operate
The extent to which the ongoing COVID-19 pandemic will continue to impact our business, results of operations and cash flows will depend on future developments, which are highly uncertain and difficult to predict.
The COVID-19 pandemic has in the past affected, and may continue to affect, how we and our customers and partners are operating our businesses, and the duration and extent to which this may continue to impact our business, results of operations and cash flows is uncertain. Related to this uncertainty, certain customers in the past have, and may again in the future, decrease or delay their information technology spending, purchase shorter term contracts or request payment concessions, any of which could result in decreased revenue and cash flows for us. We may experience customer losses, including due to bankruptcy or our customers ceasing operations, which may result in an inability to collect receivables from these customers. A decline in revenue or the collectability of our receivables would harm our business. In addition, the ongoing COVID-19 pandemic has in the past disrupted, and may continue to disrupt, the operations of our customers and partners for an indefinite period of time, including as a result of changing public health recommendations, travel restrictions and limitations, the duration, spread, and severity and potential recurrence of the virus and its variants, as well as the efficacy of vaccines and vaccine distribution, and the timing and trajectory of the economic recovery, all of which could negatively impact our business and results of operations, including cash flows. While the global economy is reopening in various parts of the world, some countries and locations are reinstating lockdowns and other restrictions that make a recovery difficult to predict.
The nature and extent of the continued impact of the ongoing COVID-19 pandemic on our customers and our customers’ response to the ongoing COVID-19 pandemic is difficult to assess or predict, and we may be unable to accurately forecast our revenues or financial results or other performance metrics, especially given that the near and long term impact of the pandemic remains uncertain. Our actual results could be materially above or below our forecasts, which could disappoint analysts and investors and/or cause our stock price to decline.
In light of the uncertain and fluid situation relating to the ongoing COVID-19 pandemic, and changing public health recommendations, we continue to take precautionary measures intended to minimize the risk of the disease to our employees, our customers, and the communities in which we operate, which could negatively impact our business. Although we continue to monitor the situation and will adjust our current policies as more information and public health guidance become available, including progress made through vaccinations and changes due to additional variants, precautionary measures that have been adopted could negatively affect our customer success efforts, employee productivity and retention, sales and marketing efforts, delay and lengthen our sales cycles, or create operational or other challenges, including as a result of continuing or recurring travel restrictions and limitations, any of which could harm our business and results of operations. Additionally, we have begun to reopen certain of our offices in a phased approach and to hold in-person or hybrid meetings and events, on a voluntary basis, taking into consideration government restrictions and employee safety. But with many of our employees continuing to work remotely, we are at increased risk of cyber security-related breaches. We continue to take steps to monitor and enhance the security of our systems, IT infrastructure, networks, and data; however, the unprecedented scale of remote work may require additional personnel and resources, which nevertheless cannot be guaranteed to fully safeguard all systems, IT infrastructure networks, and data upon which we rely. The ongoing COVID-19 pandemic may also have long-term effects on the nature of the office environment and remote working, which has and may continue to bring changes to our real estate lease assets.
It is not possible at this time to estimate the continued impact that the COVID-19 pandemic could have on our business, as the impact will depend on future developments, including the duration, spread and severity of the virus and its variants, which are highly uncertain and cannot be predicted. Furthermore, due to our shift to a cloud services delivery model, the effect of the COVID-19 pandemic may not be fully reflected in our results of operations until future periods.
In September 2021, the Biden Administration announced its Path Out of the Pandemic: COVID-19 Action Plan. As part of that plan, the President signed an Executive Order, and related guidance was published that, together, require certain COVID-19 precautions for federal contractors and their subcontractors, including mandatory COVID-19 vaccines for employees (subject to medical and religious exemptions). In October 2021, we announced to our U.S. employees that we would require all of our U.S. employees (subject to the exemptions described above) to be vaccinated by the Biden Administration’s deadline. The Biden Administration’s vaccination requirement is currently stayed across the country as a result of preliminary injunctions that have been entered into by a number of federal courts and our mandatory vaccine policy is similarly currently paused. We continue to evaluate the potential impact of this Executive Order on our business. If the federal vaccine mandate
moves forward, we may experience constraints on our workforce and the workforce of our supply chain, which could require us to adapt our operations, and could have an adverse effect on our business.
We face intense competition in our markets, and we may be unable to compete effectively against our current and future competitors.
Although our offerings target the new and emerging market for cloud and software services that deliver real-time business insights from data, we compete against a variety of large cloud service providers (“CSP”) and software vendors, as well as smaller specialized companies, open source projects and custom development efforts, which provide solutions in the specific markets we address. Our principal competitors include:
•Cloud monitoring and APM/Observability vendors;
•Monitoring, troubleshooting, security and analytics services offered (embedded or add-ons) by major public CSPs;
•Legacy security, systems management and other IT vendors; and
•IT departments that undertake custom software development efforts to analyze and manage their operations data across their public and private cloud landscapes.
The principal competitive factors in our markets include features, performance and support, scalability and flexibility, ease of deployment and use, total cost of ownership and time to value. Some of our current and potential competitors have advantages over us, such as longer operating histories, significantly greater financial, technical, marketing or other resources, stronger brand and business user recognition, larger intellectual property portfolios, broader global distribution networks and presence and more developed networks of partners and skilled users. Further, competitors may be able to offer products or functionality similar to ours at a more attractive price than we can, such as by integrating or bundling their software products with their other product offerings. In addition, our industry is evolving rapidly and is becoming increasingly competitive. Larger and more established companies may focus on delivering real-time business insights from data and could directly compete with us. For example, companies may commercialize open source software in a manner that competes with our offerings or causes potential customers to believe that such products and our offerings perform the same function. If companies move a greater proportion of their data and computational needs to the cloud, new competitors may emerge that offer services comparable to ours or that are better suited for cloud-based data, and the demand for our offerings may decrease. Smaller companies could also launch new products and services that we do not offer and that could gain market acceptance quickly.
In recent years, there have been significant acquisitions and consolidation by and among our competitors. We anticipate this trend of consolidation will continue, which will present heightened competitive challenges to our business. In particular, consolidation in our industry increases the likelihood of our competitors offering bundled or integrated products, and we believe that it may increase the competitive pressures we face with respect to our offerings. If we are unable to differentiate our offerings from the integrated or bundled products of our competitors, such as by offering enhanced functionality, performance or value, we may see decreased demand for those offerings, which would adversely affect our business operations, financial results and growth prospects. Further, it is possible that continued industry consolidation may impact customers’ perceptions of the viability of smaller or even medium-sized software firms and consequently their willingness to use software solutions from such firms. Similarly, if customers seek to concentrate their software license purchases in the product portfolios of a few large providers, we may be at a competitive disadvantage regardless of the performance and features of our offerings. We believe that in order to remain competitive at the large enterprise level, we will need to develop and expand relationships with CSPs, global system integrators and managed service provides that provide a broad range of products and services. If we are unable to anticipate competitive challenges or compete effectively, our business operations and financial results could be materially and adversely affected.
If our new and existing offerings and product enhancements do not achieve sufficient market acceptance, our financial results and competitive position will suffer.
Our business substantially depends on, and we expect our business to continue to substantially depend on, sales of licenses, maintenance and services related to Splunk Enterprise and sales of subscriptions related to Splunk Cloud and other cloud-based offerings. As such, the market acceptance of these offerings is critical to our continued success. Demand for these offerings is affected by a number of factors beyond our control, including continued market acceptance of these products by referenceable accounts for existing and new use cases, the timing of development and release of new products by our competitors, technological change, and growth or contraction in our market and the economy in general. If we are unable to
continue to meet customer demands or to achieve more widespread market acceptance of these platform products, our business operations, financial results and growth prospects will be materially and adversely affected.
We spend substantial amounts of time and money to research and develop or acquire new offerings and enhanced versions of our existing offerings to incorporate additional features, improve functionality or other enhancements in order to meet our customers’ rapidly evolving demands. In addition, we continue to invest in solutions that can be deployed on top of our platform to target specific use cases and to cultivate our community of application developers and users. When we develop a new or enhanced version of an existing offering, we typically incur expenses and expend resources upfront to market, promote and sell the new offering. Therefore, when we develop or acquire new or enhanced offerings, their introduction must achieve high levels of market acceptance in order to justify the amount of our investment in developing and bringing them to market. If our recent product expansions and offerings do not garner widespread market adoption and implementation, our financial results and competitive position could suffer.
Further, we may make changes to our offerings that our customers do not like, find useful or agree with. We may also discontinue certain features, begin to charge for certain features that are currently free or increase fees for any of our features or usage of our offerings.
Our new and existing offerings or product enhancements and changes to our existing offerings could fail to attain sufficient market acceptance for many reasons, including:
•our failure to predict market demand accurately in terms of product functionality and to supply offerings that meet this demand in a timely fashion;
•real or perceived defects, errors or failures;
•negative publicity about their performance or effectiveness;
•delays in releasing to the market our new offerings or enhancements to our existing offerings to the market;
•release of cloud-based offerings that do not, or are perceived to not, fully meet customers’ security and compliance needs;
•introduction or anticipated introduction of competing products by our competitors;
•inability to scale and perform to meet customer demands;
•poor business conditions for our end-customers, causing them to delay IT purchases; and
•reluctance of customers to purchase products incorporating open source software.
If our new or existing offerings or enhancements and changes do not achieve adequate acceptance in the market, our competitive position will be impaired, and our revenue, business and financial results will be negatively impacted. The adverse effect on our financial results may be particularly acute because of the significant research, development, marketing, sales and other expenses we will have incurred in connection with the new offerings or enhancements.
Prolonged economic uncertainties or downturns could materially adversely affect our business.
Prolonged economic uncertainties or downturns could adversely affect our business operations or financial results. Negative conditions in the general economy in either the United States or abroad, including conditions resulting from financial and credit market fluctuations, changes in economic policy, inflation rate fluctuations, trade uncertainty, including changes in tariffs, sanctions, international treaties, and other trade restrictions, the occurrence of a natural disaster, outbreaks of pandemic diseases such as COVID-19, political unrest and social strife, armed conflicts, such as the war in Ukraine, and an act of terrorism on the United States, Europe, Asia Pacific or elsewhere, have caused and could continue to cause a decrease in corporate spending on enterprise software in general and negatively affect the rate of growth of our business.
These conditions, including supply chain disruptions due to the war in Ukraine and any indirect effects, could make it extremely difficult for our customers and us to forecast and plan future business activities accurately, and they could cause our customers to reevaluate their decision to purchase our offerings, which could delay and lengthen our sales cycles or result in
cancellations of planned purchases. Furthermore, during challenging economic times our customers may face issues in gaining timely access to sufficient credit, which could result in an impairment of their ability to make timely payments to us. If that were to occur, we may be required to increase our allowance for doubtful accounts, which would adversely affect our financial results.
We have a significant number of customers in the business services, energy, financial services, healthcare and pharmaceuticals, technology, manufacturing, media and entertainment, online services, retail, telecommunications and travel and transportation industries. A substantial downturn in any of these industries may cause firms to react to worsening conditions by reducing their capital expenditures in general or by specifically reducing their spending on information technology. Customers in these industries may delay or cancel information technology projects or seek to lower their costs by renegotiating vendor contracts. For example, the continued impact of the ongoing COVID-19 pandemic on the current economic environment has caused, and may in the future cause, customers to request concessions including extended payment terms or better pricing. To the extent purchases of our offerings are perceived by customers and potential customers to be discretionary, our revenues may be disproportionately affected by delays or reductions in general information technology spending. Also, customers may choose to develop in-house software as an alternative to using our offerings. Moreover, competitors may respond to market conditions by lowering prices and attempting to lure away our customers. In addition, the increased pace of consolidation in certain industries may result in reduced overall spending on our offerings.
We cannot predict the timing, strength or duration of any economic slowdown, instability or recovery, generally or within any particular industry or geography. If the economic conditions of the general economy or industries in which we operate worsen from present levels, our business operations and financial results could be adversely affected.
We are subject to governmental export and import controls that could impair our ability to compete in international markets or subject us to liability if we violate the controls.
Our offerings are subject to United States export controls, and we incorporate encryption technology into certain of our offerings. These encryption offerings and the underlying technology may be exported outside of the United States only with the required export authorizations, including by license.
Furthermore, our activities are subject to the U.S. economic sanctions laws and regulations that prohibit the shipment of certain products and services without the required export authorizations or export to countries, governments, and persons targeted by U.S. sanctions. While we take precautions to prevent our offerings from being exported in violation of these laws, including obtaining authorizations for our encryption offerings where appropriate, implementing IP address blocking and screenings against U.S. Government and international lists of restricted and prohibited persons, we cannot guarantee that the precautions we take will prevent violations of export control and sanctions laws. For example, downloads of our free software may have in the past been made in potential violation of the export control and economic sanctions laws.
We also note that if our partners fail to obtain appropriate import, export or re-export licenses or permits, we may also be adversely affected, through reputational harm as well as other negative consequences including government investigations and penalties. We presently incorporate export control compliance requirements in our partner and customer agreements. Complying with export control and sanctions regulations for a particular sale may be time-consuming and may result in the delay or loss of sales opportunities.
Violations of U.S. sanctions or export control laws can result in fines or penalties, including civil penalties of up to $300,000 or twice the value of the transaction, whichever is greater, per violation. In the event of criminal knowing and willful violations of these laws, fines of up to $1 million per violation and possible incarceration for responsible employees and managers could be imposed.
From time to time, as part of our acquisition activity, we have discovered a limited number of instances where certain activity raised concerns about potential violations of U.S. sanctions or export control laws. For example, we previously discovered that the SaaS platform or product of an acquired company was accessed (or attempted to be accessed) from IP addresses potentially located in embargoed countries. As a result, we have submitted and may, in the future, submit voluntary disclosures with the U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”) to alert the agency to these types of potential violations. If we (including the companies we acquire) are found to be in violation of U.S. economic sanctions or export control laws, it could result in fines and penalties. We may also be adversely affected through other penalties, reputational harm, loss of access to certain markets or otherwise.
Also, various countries, in addition to the United States, regulate the import and export of certain encryption and other technology, including import and export permitting and licensing requirements, and have enacted laws that could limit our ability to distribute our offerings or could limit our customers’ ability to implement our offerings in those countries. Changes in our offerings or future changes in export and import regulations may create delays in the introduction of our offerings in international markets, prevent our customers with international operations from deploying our offerings globally or, in some cases, prevent the export or import of our offerings to certain countries, governments, or persons altogether. Any change in export or import regulations, economic sanctions or related legislation, including as a result of geopolitical developments following the war in Ukraine, or change in the countries, governments, persons or technologies targeted by such regulations, could result in decreased use of our offerings by, or in our decreased ability to export or sell our offerings to, existing or potential customers with international operations. Any decreased use of our offerings or limitation on our ability to export or sell our offerings would likely adversely affect our business operations and financial results.
Factors Related to Customers and Sales
If customers do not expand their use of our offerings beyond the current predominant use cases, our ability to grow our business and operating results may be adversely affected.
Most of our customers currently use our offerings to support application management, IT operations, security and compliance functions. Our ability to grow our business depends in part on our ability to help enable current and future customers to increase their use of our offerings for their existing use cases and expand their use of our offerings to additional use cases. If we fail to achieve market acceptance of our offerings for these applications, if we fail to predict demand for product functionality or respond to such demand in a timely fashion, if our customers are not satisfied with our offerings, or if a competitor establishes a more widely adopted solution for these applications, our ability to grow our business and financial results will be adversely affected.
Our business and growth depend substantially on customers entering into, renewing, upgrading and expanding their term licenses, agreements for cloud services and maintenance and support agreements with us. Any decline in our customer renewals, upgrades or expansions could adversely affect our future operating results.
We typically enter into agreements for our license offerings, cloud services, and maintenance and support services, which customers have discretion to renew or terminate at the end of the initial term. In order for us to improve our operating results, it is important that new customers enter into renewable agreements, and our existing customers renew, upgrade and expand their agreements when the initial contract term expires. Our customers have no obligation to renew, upgrade or expand their agreements with us after the terms have expired. Our customers’ renewal, upgrade and expansion rates may decline or fluctuate as a result of a number of factors, including their satisfaction or dissatisfaction with our offerings, our pricing, the effects of general economic conditions, competitive offerings or alterations or reductions in our customers’ spending levels. For example, the continued impact of the ongoing COVID-19 pandemic on the current economic environment has caused, and may in the future cause, customers to request concessions such as extended payment terms or better pricing or be unwilling to commit to long-term contracts. If our customers do not renew, upgrade or expand their agreements with us or renew on terms less favorable to us, our revenues may decline.
We employ multiple and evolving pricing models, which subject us to various pricing and licensing challenges that could make it difficult for us to derive value from our customers and may adversely affect our operating results.
We employ multiple and evolving pricing models for our offerings. For example, we generally charge our customers for their use of Splunk Enterprise based on either the estimated daily data indexing capacity or compute power consumed to support our customers’ workload. We are seeing an increasing number of customers shift to workload-based pricing. In addition, Splunk Cloud is generally priced based on either the volume of data indexed per day including a fixed amount of data storage, or purchased infrastructure, data storage and bandwidth our customers require to support the underlying workload, while Splunk SOAR and Splunk On-Call are priced by the number of seats, or events used for the products and suites are subscribed based on the number of hosts. We offer term licensing options for license offerings and have some remaining perpetual licenses with existing customers, which each have different payment schedules, and depending on the mix of such licenses and cloud subscriptions, our revenues or deferred revenues could be adversely affected. Our pricing models may ultimately result in a higher total cost to our customers generally as data volumes or compute usage increase over time, or may cause our customers to limit or decrease usage in order to stay within the limits of their existing licenses or cloud subscriptions, or lower their costs, making it more difficult for us to compete in our markets or negatively impacting our financial results. As
the amount of data and analytic needs within our customers’ organizations grow, we face downward pressure from our customers regarding our pricing, which could adversely affect our revenues and operating margins. In addition, our pricing models may allow competitors with different pricing models to attract customers unfamiliar or uncomfortable with our pricing models, which would cause us to lose business or modify our pricing models, both of which could adversely affect our revenues and operating margins. We have introduced and expect to continue to introduce variations to our pricing models, including but not limited to, predictive pricing programs, workload-based pricing, entity-based pricing, “rapid adoption” packages and other pricing programs that provide broader usage and cost predictability as well as tiered pricing based on deployment models, data source types, compute and storage units and customer environments. Any change in pricing models bears inherent risks as it may provide customers a choice to go for the lower-cost option, therefore putting renewal and customer lifetime value at risk. Although we believe that these pricing models and variations to these models will drive net new customers and increase customer adoption, it is possible that they will not and may potentially cause customers to decline to purchase or renew licenses or cloud subscriptions, or confuse customers and reduce their lifetime value, which could negatively impact our revenue, business and financial results.
Furthermore, while our offerings can measure and limit customer usage for the most part, we removed metered license enforcement via our software under certain circumstances, and in other circumstances, such limitations may be improperly circumvented or otherwise bypassed by users. For those offerings where we are not fully able to track usage, customers may be consuming over their licensed capacity, which may reduce our revenue opportunities. Similarly, we provide our customers with an encrypted license key for enabling their use of our offerings. There is no guarantee that users of our offerings will abide by the terms of these license limitations or encrypted license keys, and if they do not, we may not be able to capture the full value for the use of our offerings. For example, our enterprise license is generally meant for our customers’ internal use only. If our internal use customers improperly make our offerings available to their customers or other third parties, for example, through a cloud or managed service offering not authorized by us, it may displace our end user sales. Additionally, if an internal use customer that has received a volume discount from us improperly makes available our offerings to its end customers, we may experience price erosion and be unable to capture the appropriate value from those end customers.
Our sales cycle is long and unpredictable, particularly with respect to large customers, and our sales efforts require considerable time and expense.
Our operating results may fluctuate, in part, because of the resource intensive nature of our sales efforts, the length and variability of the sales cycle of our offerings and the short-term difficulty in adjusting our operating expenses. Our operating results depend in part on sales to large customers. The length of our sales cycle, from initial evaluation to delivery of and payment for the software license, varies substantially from customer to customer. This variation is due to numerous factors, including in the expansion of our offerings and new pricing models, as well as the potential for different buying centers for the same offering. In addition, Splunk Cloud has generated interest from our customers who are also considering purchasing and deploying Splunk Enterprise on-premises. In some cases, our customers may wish to consider a combination of these offerings, potentially further slowing our sales cycle. Our sales cycle can extend to more than a year for certain customers, particularly large customers. It is difficult to predict exactly when, or even if, an existing customer will convert from a perpetual license to term license or to cloud services, we will make a sale with a potential customer, or a user of a trial version of one of our offerings will upgrade to the paid version of that offering. As a result, large individual sales have, in some cases, occurred in quarters subsequent to those we anticipated, or have not occurred at all. The loss or delay of one or more large transactions in a quarter could impact our operating results for that quarter and any future quarters for which revenues from that transaction are lost or delayed. As a result of these factors, it is difficult for us to forecast our revenues accurately in any quarter. Because a substantial portion of our expenses are relatively fixed in the short-term (subject to rising fixed costs in the longer term as discussed above), our operating results will suffer if revenues fall below our expectations in a particular quarter.
Our international sales and operations subject us to additional risks and challenges that can adversely affect our business operations and financial results.
During fiscal 2022, we derived approximately 31% of our total revenues from customers outside the United States, and we are continuing to expand our international operations as part of our growth strategy. This strategy requires us to recruit and retain qualified technical and managerial employees, manage multiple remote locations performing complex software development projects and ensure intellectual property protection outside of the U.S. Additionally, we currently have sales personnel and sales and support operations in the United States and certain countries around the world. To the extent that we experience difficulties in recruiting, training, managing, or retaining non-U.S. staff, and specifically sales management and sales personnel staff, we may experience difficulties in sales productivity in, or market penetration of, non-U.S. markets. Additionally, our sales organization outside the United States is substantially smaller than our sales organization in the United States, and we rely heavily on our indirect sales channel for non-U.S. sales. Our ability to convince customers to expand their
use of our offerings or renew their agreements with us is directly correlated to our direct engagement with the customer. To the extent we are unable to engage with non-U.S. customers effectively with our limited sales force, professional services and support capacity or our indirect sales model, we may be unable to grow sales to new or existing customers to the same degree we have experienced in the United States.
Our international operations subject us to a variety of risks and challenges, including:
•increased management, travel, infrastructure and legal compliance costs associated with having multiple international operations;
•reliance on partners, which may have different incentives or may sell competing products, as well as different approaches with respect to compliance with laws and regulations, business practices and other day-to-day activities;
•longer payment cycles and difficulties in collecting accounts receivable or satisfying revenue recognition criteria, especially in emerging markets;
•increased financial accounting and reporting burdens and complexities;
•general economic conditions in each country or region;
•political uncertainty and international conflicts around the world;
•compliance with multiple and changing foreign laws and regulations, including those governing employment, tax, privacy and data protection, data transfer, data security, data residency, and industry-specific matters, and the risks and costs of non-compliance with such laws and regulations;
•compliance with laws and regulations for foreign operations, including the United States Foreign Corrupt Practices Act, the United Kingdom Bribery Act, import and export control laws, tariffs, trade barriers, economic sanctions and other regulatory or contractual limitations on our ability to sell our offerings in certain foreign markets, and the risks and costs of non-compliance, including as a result of any changes in trade relations, sanctioned parties or other restrictions;
•heightened risks of unfair or corrupt business practices in certain geographies and of improper or fraudulent sales arrangements that may impact financial results and result in restatements of financial statements and irregularities in financial statements;
•fluctuations in currency exchange rates and the related effect on our financial results;
•difficulties in repatriating or transferring funds from, or converting currencies in, certain countries;
•the need for localized software and licensing programs;
•reduced protection for intellectual property rights in some countries and practical difficulties of enforcing intellectual property and contract rights abroad; and
•natural disasters, diseases and pandemics, such as COVID-19, that may disproportionately affect areas in which we do business.
Recent geopolitical events may impact our operations and financial results. For example in December 2020, following a 2016 referendum in which voters in the United Kingdom approved an exit from the European Union (the “EU”) (often referred to as “Brexit”), the United Kingdom left the EU. The political and economic effects of Brexit are still uncertain and will depend, in part, on the Trade and Cooperation Agreement between the European Union and the European Atomic Energy Community, and the United Kingdom of Great Britain and Northern Ireland, signed on December 30, 2020. The departure of the United Kingdom from the EU may cause disruption to our business, including increased friction in our ability to deliver services across the European Economic Area (“EEA”) and Switzerland, difficulty in recruiting EU nationals in the United Kingdom due to new immigration requirements, and increased complexities in our relationships with existing and future customers, suppliers, and employees. For example, most of our sales to customers in the EU are transacted through our
subsidiary incorporated in the United Kingdom and at this time, we are unable to determine the long-term effects of this arrangement. The economic and legal uncertainty caused by Brexit in the region and globally could also adversely affect the tax, operational, legal and regulatory regimes to which our business is subject in ways we do not yet anticipate.
Any of these risks could adversely affect our international operations, reduce our international revenues or increase our operating costs, adversely affecting our business operations, financial results and growth prospects.
In addition, compliance with laws and regulations applicable to our international operations increases our cost of doing business in foreign jurisdictions. We may be unable to keep current with changes in foreign government requirements and laws as they change from time to time. Failure to comply with these regulations could have adverse effects on our business. In many foreign countries, it is common for others to engage in business practices that are prohibited by our internal policies and procedures or United States regulations applicable to us. In addition, although we have implemented policies and procedures designed to ensure compliance with these laws and policies, there can be no assurance that all of our employees, contractors, partners and agents will comply with these laws and policies. Violations of laws or key control policies by our employees, contractors, partners or agents could result in delays in revenue recognition, financial reporting misstatements, fines, penalties, or the prohibition of the importation or exportation of our offerings and could have a material adverse effect on our business operations and financial results.
Our sales to public sector customers are subject to a number of additional challenges and risks.
We derive a portion of our revenues from contracts with U.S. federal, state and local and foreign governments, and we believe that the success and growth of our business will continue to depend on our successful procurement of government contracts. For our sales to these public sector customers, we must comply with laws and regulations relating to the formation, administration and performance of contracts, which affect how our partners and how we do business with governmental agencies. These laws and regulations provide public sector customers rights, many of which are not typically found in commercial contracts. Such rights may include price protection, the accuracy of information provided to the government, compliance with procurement integrity and government ethics, compliance with specified product certifications restrictions and pre-conditions for access to controlled or classified information, compliance with supply chain requirements, labor regulations and supplier diversity policies, and other terms that are particular to public sector customers. These laws and regulations may impose added costs on our business, and failure to comply with these or other applicable regulations and requirements, including non-compliance in the past, could lead to bid protests, contract cure actions, contract actions grounded in fraud, claims for damages or other relief, penalties, termination of contracts, loss of exclusive rights in our intellectual property, substantial audit or re-procurement costs and temporary suspension or permanent debarment from government contracting. Any such damages, penalties, disruptions or limitations in our ability to do business with the public sector could have a material adverse effect on our business operations and financial results.
In October 2019, Splunk Cloud received authorization under the U.S. Federal Risk and Authorization Management Program (“FedRAMP”) that allows U.S. federal government agencies and contractors to have greater integration with our platform if and when they transition to cloud-based computing. Splunk achieved accreditation against the Protected Level under the Australian Information Security Registered Assessors Program (IRAP) in June 2021. In September 2021, the U.S. Defense Information Systems Agency (DISA) granted Splunk Cloud U.S. Department of Defense (DoD) Impact Level 5 (IL5), which allows U.S. government agencies to use our platform for high sensitivity Controlled Unclassified Information (CUI). Maintaining FedRAMP, IRAP, IL5, and other such restricted cloud environments places an increased compliance burden upon us, which may increase our internal costs to provide services to government agencies. If we cannot adequately comply with these compliance requirements and the complexities of maintaining multiple programs, our growth could be adversely impacted, and we could incur significant liability and our reputation and business could be harmed.
Factors that could impede our ability to maintain or increase the amount of revenues derived from government contracts, include:
•changes in fiscal or contracting policies;
•decreases in available government funding;
•ability to adapt to public sector budgetary cycles and funding authorizations, with funding reductions or delays having an adverse impact on public sector demand for our products;
•changes in government procurement programs or applicable requirements;
•changes in government sanctions programs and related policies;
•the adoption of new laws or regulations or changes to existing laws or regulations;
•noncompliance with laws, contract provisions or government procurement or other applicable regulations, or the perception that any such noncompliance has occurred or is likely;
•changes in the political environment and budgeting, including before or after a change of leadership within the government administration, and any resulting uncertainty or changes in policy or priorities and resultant funding;
•ability to obtain or maintain the facility clearance required to perform on classified contracts for government customers, or to obtain or maintain security clearances for our employees;
•changes to government certification requirements or approved product lists;
•ability to achieve or maintain one or more government certifications, including our existing FedRAMP and IL5 authorizations;
•ability to maintain products on key government acquisition contracts;
•an extended government shutdown or other potential delays or changes in the government appropriations or other funding authorization processes including as a result of events such as war, incidents of terrorism, natural disasters, and public health concerns or epidemics, such as the ongoing COVID-19 pandemic;
•changes in the duration of, and product expansion and offerings in, our contracts and subcontracts with government and prime contractor customers;
•delays in the payment of our invoices by government or prime contractor payment offices; and
•bid protests by competitors
The occurrence of any of the foregoing could cause governments and governmental agencies to delay or refrain from purchasing licenses of our offerings in the future or otherwise have an adverse effect on our business operations and financial results. To the extent that we become more reliant on contracts with government entities, including foreign government entities, in the future, our exposure to such risks and challenges could increase, which in turn could adversely impact our business.
In May 2021, the Biden Administration issued an Executive Order requiring federal agencies to implement additional information technology security measures, including, among other things, requiring agencies to adopt multifactor authentication and encryption for data at rest and in transit to the maximum extent consistent with federal records laws and other applicable laws. The Executive Order will lead to the development of secure software development practices and/or criteria for a consumer software labeling program, the criteria which will reflect a baseline level of secure practices, for software that is developed and sold to the U.S. federal government. Software developers will be required to provide visibility into their software and make security data publicly available. Due to this Executive Order, federal agencies may require us to modify our cybersecurity practices and policies, thereby increasing our compliance costs. If we are unable to meet the requirements of the Executive Order, our ability to work with the U.S. government may be impaired and may result in a loss of revenue.
Incorrect or improper implementation or use of our software could result in customer dissatisfaction, customer data loss or corruption and negatively affect our business, operations, financial results and growth prospects.
Our software is deployed in a wide variety of technology environments. Increasingly, our software has been deployed in large scale, complex technology environments, and we believe our future success will depend on our ability to increase sales of licenses for use in such deployments. We often must assist our customers in achieving successful implementations for large, complex deployments. If we or our customers are unable to implement our software successfully, including related to technologies that we have obtained through acquisitions, are unable to do so in a timely manner or if an improper implementation or change in system configuration results in errors or loss of data, customer perceptions of our company may be impaired, our reputation and brand may suffer, and customers may choose not to increase their use of our offerings. In addition, our software imposes server load and index storage requirements for implementation. If our customers do not have the server
load capacity or the storage capacity required, they may not be able to effectively implement and use our software and, therefore, may not choose to increase their use of our offerings.
Our customers and third-party partners may need training in the proper use of and the variety of benefits that can be derived from our software to maximize its potential. If our software is not implemented or used correctly or as intended, inadequate performance, errors, data loss or corruption may result. Because our customers rely on our software and maintenance and support services to manage a wide range of operations, the incorrect or improper implementation or use of our software, our failure to train customers on how to efficiently and effectively use our software, or our failure to provide maintenance services to our customers, may result in negative publicity or legal claims against us. Also, as we continue to expand our customer base, any failure by us to properly provide these services will likely result in lost opportunities for follow-on sales of our offerings.
Factors Related to IT, Privacy and Data Security
If we or our third-party service providers experience a security breach or incident or unauthorized parties otherwise obtain access to our customers’ data, our data, or our cloud services, our offerings may be perceived as not being secure, our reputation may be harmed, demand for our offerings may be reduced, and we may incur significant liabilities.
Our offerings involve the storage and transmission of data, and security breaches and incidents could result in unauthorized access to, or the loss, destruction, misuse, disclosure, modification, corruption, or unavailability of, this information, litigation, indemnity obligations, fines, penalties and other liability. We may become the target of cyber-attacks by third parties seeking unauthorized access to our data or our customer’s data or to disrupt our ability to provide services. There is also a danger of industrial espionage, misuse, theft of information or assets (including source code), or damage to assets by people who have gained access (authorized or unauthorized) to our facilities, systems or information. Because there are many different techniques used to obtain unauthorized access to systems and data, and such techniques continue to evolve, we may be unable to anticipate attempted security breaches and incidents and proactively implement adequate preventative measures. Additionally, with many of our employees continuing to work remotely due to the ongoing COVID-19 pandemic, we face an increased risk of attempted security breaches and incidents. While we have taken steps to protect the confidential information that we have access to, including confidential information we may obtain through our customer support services or customer usage of our cloud services offerings, our security measures or those of our third-party service providers could be breached or otherwise fail to prevent unauthorized access to or disclosure, modification, misuse, loss or destruction of such information. Computer malware, ransomware, cyber viruses, social engineering (phishing attacks), denial of service or other attacks, employee theft or misuse and increasingly sophisticated network attacks have become more prevalent in our industry, particularly against cloud services. The frequency and sophistication of these malicious attacks has increased, and it appears that cyber crimes and cyber criminal networks, some of which may be state-supported, have been provided substantial resources and may target U.S. enterprises or our customers and their use of our products. Furthermore, the risk of state-supported and geopolitical-related cyber attacks may increase in connection with the war in Ukraine and any related political or economic responses and counter-responses. In the past, we have had to take corrective action against cyber attackers to protect our cloud environment. In addition, we do not directly control content that customers store in our offerings. If customers use our offerings for the transmission or storage of personal information or other sensitive types of information and our security measures are, or are believed to have been breached or otherwise to have failed as a result of third-party action, employee error, malfeasance or otherwise, our reputation could be damaged, our business may suffer, and we could incur significant liability.
We also process, store and transmit our own data as part of our business and operations. This data may include personal, confidential or proprietary information. We make use of third-party technology and systems for a variety of reasons, including, without limitation, encryption and authentication technology, employee email, communication with and content delivery to customers and prospects, back-office support, credit card processing, human resources services, customer relationship management, enterprise risk planning and other functions. Although we have developed systems and processes that are designed to protect our business and proprietary information and prevent data loss and other security breaches and incidents, and to reduce the impact of a security breach or incident at a third-party vendor, such measures cannot provide absolute security. We may expend significant resources, adapt our business activities and practices, or modify our operations or information technology in an effort to protect against security incidents and to mitigate, detect, and remediate vulnerabilities. There can be no assurance that any security measures that we or our third-party service providers, including CSPs, have implemented will be effective against current or future security threats, and we cannot guarantee that our systems and networks or those of our third-party service providers, including CSPs, have not been breached or otherwise compromised, or that they and any software in our or their supply chains do not contain vulnerabilities or compromised trusted code that could result in a
breach of or disruption to our systems and networks or the systems and networks of third parties that support us and our services. Our ability to mitigate these risks may also be impacted by the acquisition of new companies, requiring us to incorporate and secure different or more complex IT environments. While we maintain measures designed to protect the integrity, confidentiality and security of our data and other data we maintain or otherwise process, our security measures or those of our third-party service providers could fail and result in a compromise of our applications or unauthorized access to or disclosure, modification, misuse, loss, corruption, unavailability, or destruction of such data.
Any security breach or other security incident impacting us or any of our third-party service providers, or the perception that one has occurred, could result in a loss of customer confidence in the security of our offerings and damage to our brand, reputation, and market position, result in unauthorized access to or disclosure, modification, misuse, loss, corruption, unavailability, or destruction of our data or our customers’ data, reduce the demand for and negatively impact market acceptance of our offerings, disrupt normal business operations, require us to spend material resources to investigate or correct the breach and to prevent future security breaches and incidents, expose us to legal claims and liabilities, including litigation, regulatory investigations and enforcement actions, and indemnity obligations, and adversely affect our revenues and operating results. These risks may increase as we continue to grow the number and scale of our cloud services offerings, and process, store, and transmit increasing amounts of data. Additionally, we may need to expend significant financial and development resources to analyze, correct, eliminate, or work around errors or defects or to eliminate or otherwise address vulnerabilities, and we and our third-party service providers may face difficulties or delays in identifying or otherwise responding to any potential security breach or incident and otherwise providing services.
Third parties may also conduct attacks designed to deny customers access to our cloud services offerings. A significant disruption in access to, or ability to use, our cloud services offerings could damage our reputation with current and potential customers, expose us to claims and liability, cause us to lose customers, negatively impact market acceptance of our cloud services offerings or other offerings, or otherwise negatively affect our business.
The attack against SolarWinds, in which hackers inserted malware into a SolarWinds software update, highlights the growing risk from the infection of trusted third-party software while it is under assembly, known as a supply chain attack. In addition to software supply chain attacks, third-party vulnerabilities may impact our security posture. We have a threat and vulnerability management program to track, remediate and help mitigate vulnerabilities in our IT environments. Nevertheless, the recent attack on on-premise Microsoft Exchange services and the Log4j vulnerability, which could be exploited to allow unauthorized actors to execute code remotely, highlight the risk that third-party products and open-source software we use may contain vulnerabilities that can be exploited by adversaries.
Further, if a high profile security breach, incident, or disruption occurs with respect to another cloud-based platform or service provider, our customers and potential customers may lose trust in cloud-based offerings generally, which could adversely impact our ability to retain existing customers or attract new ones, potentially causing a negative impact on our business.
We cannot be certain that our insurance coverage will be adequate for data security liabilities incurred and, will cover any indemnification claims against us relating to any incident, that insurance will continue to be available to us on economically reasonable terms, or at all, or that any insurer will not deny coverage as to any future claim. The successful assertion of one or more large claims against us that exceed available insurance coverage, or the occurrence of changes in our insurance policies, including premium increases or the imposition of large deductible or co-insurance requirements, could have a material adverse effect on our business, including our financial condition, operating results, and reputation.
Interruptions or performance problems associated with our technology and infrastructure, and our reliance on Software-as-a-Service (“SaaS”) technologies from third parties, may adversely affect our business operations and financial results.
Our continued growth depends in part on the ability of our existing and potential customers to use and access our cloud services offerings or our website in order to download our software or encrypted access keys for our software within an acceptable amount of time. In addition, we rely heavily on hosted SaaS technologies from third parties in order to operate critical functions of our business, including our cloud services offerings, enterprise resource planning services and customer relationship management services. We have experienced and may in the future experience real or perceived website and cloud service disruptions, storage failures, outages and other performance problems due to a variety of factors, including infrastructure changes, human or software errors, capacity constraints due to an overwhelming number of users accessing our website and services simultaneously, and real or perceived security risks, including unauthorized access to our systems or networks, software vulnerability exploits or cyber security, denial of service or ransomware attacks. In some instances, we may
not be able to identify the cause or causes of these website or service performance problems or provide an effective remediation or patch within an acceptable period of time. It may become increasingly difficult to maintain and improve our website and service performance, especially during peak usage times and as our offerings become more complex and our user traffic increases or where security exploits may have no available patches or mitigations (“zero day” exploits). If our website or cloud services offerings are compromised or unavailable or if our users are unable to download our software or encrypted access keys within a reasonable amount of time or at all, we could suffer damage to our reputation with current and potential customers, be exposed to legal liability, and lose customers, all of which could negatively affect our business. We expect to continue to make significant investments to maintain and improve website and service performance and to enable rapid releases of new features and apps for our offerings. To the extent that we do not effectively address capacity constraints, upgrade our systems as needed and continually develop and secure our technology and network architecture to accommodate actual and anticipated changes in technology and evolving security threats, our business and operating results may be adversely affected.
Real or perceived errors, failures or bugs in our offerings could adversely affect our financial results and growth prospects.
Because our offerings are complex, undetected errors, failures or bugs may occur, especially when new offerings, versions or updates are released, including related to technologies that we have obtained through acquisitions. Our software is often installed and used in large-scale computing environments with different operating systems, system management software, and equipment and networking configurations, which may cause errors or failures of our software or other aspects of the computing environment into which it is deployed. In addition, deployment of our software into complicated, large-scale computing environments may expose undetected errors, failures or bugs in our software. Despite testing by us, errors, failures or bugs may not be found in our offerings until they are released to our customers. In the past, we have discovered errors, failures and bugs in some of our offerings after their introduction. Real or perceived errors, failures or bugs in our offerings could result in negative publicity, loss of or delay in market acceptance of our offerings, loss of competitive position or claims by customers for losses sustained by them. In such an event, we may be required, or may choose, for customer relations or other reasons, to expend additional resources in order to help correct the problem.
In addition, if an actual or perceived failure of our software occurs in a customer’s deployment or in our cloud services, regardless of whether the failure is attributable to our software, the market perception of the effectiveness of our offerings could be adversely affected. Alleviating any of these problems could require significant expenditures of our capital and other resources and could cause interruptions, delays or cessation of our licensing, which could cause us to lose existing or potential customers and could adversely affect our financial results and growth prospects.
We are subject to a number of legal requirements, contractual obligations and industry standards regarding security, data protection, and privacy, and any failure to comply with these requirements, obligations or standards could have an adverse effect on our reputation, business, financial condition and operating results.
Data privacy and security have become significant issues in the United States and in many other countries where we have employees and operations and where we offer licenses or cloud subscriptions to our offerings. The regulatory framework for data privacy and security issues worldwide is rapidly evolving and is likely to remain uncertain for the foreseeable future. These obligations may be interpreted and applied inconsistently from one jurisdiction to another and may conflict with one another, other regulatory requirements, industry standards, or our internal practices. The U.S. federal and various state and foreign government bodies and agencies have adopted or are considering adopting laws and regulations limiting, or laws and regulations regarding the collection, distribution, use, disclosure, storage, and security of certain types of information. For example, on January 1, 2020, the California Consumer Privacy Act (“CCPA”) went into effect. The CCPA requires covered companies to provide new disclosures to California consumers, and afford such consumers new abilities to opt-out of certain sales of personal information. Additionally, the California Privacy Rights Act (“CPRA”), which modifies the CCPA, was approved by California voters in the November 3, 2020 election, creating obligations relating to consumer data beginning on January 1, 2022, with implementing regulations expected on or before July 1, 2022, and enforcement beginning July 1, 2023. Further, in March 2021, Virginia enacted the Virginia Consumer Data Protection Act (“CDPA”), which becomes effective on January 1, 2023, and on June 8, 2021, Colorado enacted the Colorado Privacy Act (“CPA”), which takes effect on July 1, 2023. The CDPA and CPA share similarities with the CCPA, the CPRA, and legislation proposed in other states. Aspects of the CCPA, CPRA, CDPA, and CPA, and their interpretation, remain unclear, and we cannot yet fully predict the impact of these laws or regulations on our business or operations.
Internationally, virtually every jurisdiction in which we operate has established its own data security and privacy or data protection legal framework with which we or our customers must comply. Laws and regulations in these jurisdictions
apply broadly to the collection, use, storage, disclosure and security of data that identifies or may be used to identify or locate an individual. These laws and regulations often are more restrictive than those in the United States and are rapidly evolving. For example, the EU General Data Protection Regulation (“GDPR”) became effective on May 25, 2018, and, in addition to imposing stringent obligations relating to data protection and security, authorizes fines up to 4% of global annual revenue for some violations. We relied in part upon the EU-U.S. Privacy Shield Framework developed by the U.S. Department of Commerce and the European Commission and the Swiss-U.S. Privacy Shield Framework developed by the U.S. Department of Commerce and the Swiss Administration to provide U.S. companies with a valid data transfer mechanism under EU and Swiss law to permit them to transfer personal data from the European Economic Area (“EEA”) and Switzerland to the United States. On July 16, 2020, the Court of Justice of the European Union (“CJEU”) invalidated the EU-U.S. Privacy Shield, concluding it did not provide adequate protection for personal data transferred to the U.S. On September 8, 2020, the Swiss Federal Data Protection and Information Commissioner invalidated the Swiss-US Privacy Shield on similar grounds. In its July 16, 2020 opinion, the CJEU imposed additional obligations on companies when relying on standard contractual clauses approved by the European Commission (“SCCs”) to transfer personal data. The CJEU decision may result in European data protection regulators applying differing standards for, and requiring ad hoc verification of, transfers of personal data from Europe to the U.S. On June 4, 2021, the European Commission published new SCCs that are required to be implemented. The revised SCCs, recommendations and opinions of regulators, and other developments relating to cross-border data transfer, may require us to implement additional contractual and technical safeguards for any personal data transferred out of the EEA and Switzerland, which may increase compliance and related costs, lead to increased regulatory scrutiny or liability, necessitate additional contractual negotiations, and adversely impact our business, financial condition and operating results.
On February 23, 2022, the European Commission proposed new legislation, the Data Act, which imposes obligations related to access, sharing, portability, and international transfer of non-personal data. The Council of the EU and EU Parliament will debate the draft Data Act, and, if adopted, the earliest date of entry into force is in 2024. We expect to incur additional costs to comply with the requirements of the Data Act as it is finalized for implementation.
The United Kingdom enacted a Data Protection Act in May 2018 that substantially implemented the GDPR, and has implemented legislation referred to as the “UK GDPR” that generally provides for implementation of the GDPR in the United Kingdom. On June 28, 2021, the European Commission announced a decision that the United Kingdom is an “adequate country” to which personal data could be exported from the EEA, but this decision must be renewed and may face challenges in the future, creating uncertainty regarding transfers of personal data to the United Kingdom from the EEA. Additionally, we cannot fully predict how the Data Protection Act, the UK GDPR, and other United Kingdom data protection laws or regulations may develop in the medium to longer term nor the effects of divergent laws and guidance regarding how data transfers to and from the United Kingdom will be regulated in the future. Our EMEA headquarters is in London, causing these areas of uncertainty with respect to United Kingdom data protection law and cross-border personal data transfers to be particularly significant to our operations. Some countries also are considering or have enacted legislation requiring local storage and processing of data, or similar requirements, which could increase the cost and complexity of delivering our services outside of the United States.
Complying with the GDPR, CCPA, CPRA, CDPA, CPA, or other laws, regulations, or other obligations relating to privacy, data protection, data localization or security in the U.S. or other regions worldwide, including Australia’s Privacy Act, Canada’s Personal Information Protection and Electronic Documents Act, and Japan’s Act on the Protection of Personal Information, may cause us to incur substantial operational costs or require us to modify our data handling practices and policies, which may compromise our growth strategy, adversely affect our ability to acquire customers, and otherwise adversely affect our business, financial condition and operating results. Further, any actual or alleged non-compliance could result in claims and proceedings against us by governmental entities or others, could result in substantial fines or other liability, and may otherwise adversely impact our business, financial condition and operating results and prevent us from offering certain services where we operate. Some statutory requirements, both in the United States and abroad, such as the Health Insurance Portability and Accountability Act of 1996 and numerous state statutes, include obligations of companies to notify individuals of security breaches involving certain types of personal information, which could result from breaches experienced by us or our service providers. Any actual or perceived security breach or incident could impact our reputation, harm our customer confidence, hurt our sales and expansion into new markets or cause us to lose existing customers, and could expose us to potential liability or require us to expend significant resources on data security and in responding to any such actual or perceived breach or incident.
In addition to government regulation, self-regulatory standards, industry-specific regulation and other industry standards or requirements may legally or contractually apply to us, be argued to apply to us, or we may elect to comply with, or to facilitate our customers’ compliance with, such standards, regulations or requirements. Regulators in certain industries, such as financial services, have adopted and may in the future adopt regulations or interpretive positions regarding the use of cloud computing and other outsourced services. For example, some financial services regulators have imposed guidelines for use of
cloud computing services that mandate specific controls or require financial services enterprises to obtain regulatory approval prior to outsourcing certain functions. If we are unable to comply with these guidelines or controls, or if our customers are unable to obtain regulatory approval to use our services where required, our business may be harmed. In addition, an inability to satisfy the standards of certain government agencies that our customers may expect may have an adverse impact on our business and results. If in the future we are unable to achieve or maintain industry-specific certifications or other requirements or standards relevant to our customers, it may harm our business and adversely affect our results. Furthermore, because privacy, data protection and data security are critical competitive factors in our industry, we may make statements on our website, in marketing materials, or in other settings about our data processing and data security measures and our compliance with, or our ability to facilitate our customers’ compliance with, these standards. We also expect that laws, regulations, industry standards and other obligations relating to privacy, data protection and security will continue to evolve worldwide, and that there will continue to be new, modified, and re-interpreted laws, regulations, standards, and other obligations in these areas. We cannot yet determine the impact such future laws, regulations and standards, or amendments to or re-interpretations of, existing laws and regulations, industry standards, or other obligations may have on our business. New laws, amendments to or re-interpretations of existing laws and regulations, industry standards, and contractual and other obligations, in the U.S. or in multiple jurisdictions, may require us to incur additional costs and restrict our business operations. Because the interpretation and application of laws, standards, contractual obligations and other obligations relating to privacy and data protection are uncertain, these laws, standards, and contractual and other obligations may be interpreted and applied in a manner that is, or is alleged to be, inconsistent with our data management practices, our policies or procedures, or the features of our offerings. If so, in addition to the possibility of fines, lawsuits and other claims, we may find it necessary or appropriate to fundamentally change our business activities and practices, including the establishment of localized data storage or other data processing operations, or modify or cease offering certain offerings either generally or in certain geographic regions, any of which could have an adverse effect on our business. We may be unable to make such changes and modifications in a commercially reasonable manner or at all, and our ability to develop new offerings and features could be limited. Furthermore, the costs of compliance with, and other burdens imposed by, the laws, regulations, and policies that are applicable to the businesses of our customers may limit the use and adoption of, and reduce the overall demand for, our offerings. Compliance with these regulations may also require us to devote greater resources to support certain customers, which may increase costs and lengthen sales cycles. Any inability to adequately address privacy, data protection or security-related concerns, even if unfounded, or to successfully negotiate privacy, data protection or security-related contractual terms with customers, or to comply with applicable laws, regulations, standards, and other actual and alleged obligations relating to privacy, data protection, and security, could result in additional cost and liability to us, damage our reputation, inhibit sales, slow our sales cycles, and adversely affect our business. Privacy and personal security concerns, whether valid or not valid, may inhibit market adoption of our offerings, particularly in certain industries and foreign countries.
Factors Related to Intellectual Property and Other Proprietary Rights
Failure to protect our intellectual property rights could adversely affect our business and our brand.
Our success and ability to compete depends, in part, on our ability to protect our trade secrets, trademarks, copyrights, patents, know-how, confidential information, proprietary methods and technologies and other intellectual property and proprietary rights, so that we can prevent others from using our inventions, proprietary information and property. We generally rely on patent, copyright, trade secret and trademark laws, and confidentiality or license agreements with our employees, consultants, vendors, customers, partners and others, and generally limit access to and distribution of our proprietary information, in order to protect our intellectual property rights and maintain our competitive position. However, we cannot guarantee that the steps we take to protect our intellectual property rights will be effective. For example, with many of our employees continuing to work remotely, we may be unable to prevent theft or misappropriation of our intellectual property by departing employees.
Our issued patents and any patents issued in the future may not provide us with any competitive advantages, and our patent applications may never be granted. Additionally, the process of obtaining patent protection is expensive and time-consuming, and we may not be able to file and prosecute all necessary or desirable patent applications, or we may not be able to do so at a reasonable cost or in a timely manner. Even if issued, there can be no assurance that these patents will adequately protect our intellectual property, as the legal standards relating to the infringement, validity, enforceability and scope of protection of patent and other intellectual property rights are complex and often uncertain. Any patents that are issued, and any of our other intellectual property rights may be challenged by others and invalidated or narrowed through administrative process, litigation, or similar proceedings, allowing other companies to develop offerings that compete with ours, which could adversely affect our competitive business position, business prospects and financial condition. In addition, issuance of a patent does not guarantee that we have a right to practice the patented invention. We cannot be certain that we were the first to use the inventions claimed in our issued patents or pending patent applications or otherwise used in our offerings, that we were the first
to file patent applications, or that third parties do not have blocking patents that could be used to prevent us from marketing or practicing our offerings or technology. Effective patent, trademark, copyright and trade secret protection may not be available to us in every country in which our offerings are available. The laws of some foreign countries may not be as protective of intellectual property rights as those in the United States (in particular, some foreign jurisdictions do not permit patent protection for software, and even in the United States, this protection is limited), and mechanisms for enforcement of intellectual property rights may be inadequate. We have filed for patents in the United States and in limited non-U.S. jurisdictions, but such protections may not be available or adequate in all countries in which we operate or in which we seek to enforce our intellectual property rights, or may be difficult to enforce in practice. For example, many foreign countries have compulsory licensing laws under which a patent owner must grant licenses to third parties. In addition, many countries limit the enforceability of patents against certain third parties, including government agencies or government contractors. In these countries, patents may provide limited or no benefit. As we expand our international activities, our exposure to unauthorized copying and use of our products and platform capabilities and proprietary information will likely increase. We are currently unable to measure the full extent of this unauthorized use of our products, platform capabilities, software, and proprietary information. We believe, however, that such unauthorized use is and can be expected to be a persistent problem that negatively impacts our revenue and financial results. Additional uncertainty may result from recent and future changes to intellectual property legislation in the United States and other countries and from interpretations of the intellectual property laws of the United States and other countries by applicable courts and agencies. Further, although we endeavor to enter into non-disclosure agreements with our employees, licensees and others who may have access to confidential and proprietary information, we cannot assure that these agreements or other steps we have taken will prevent unauthorized use, disclosure or reverse engineering of our technology.
Moreover, third parties may independently develop technologies or products that compete with ours, and we may be unable to prevent this competition.
We might be required to spend significant resources to defend, monitor, and protect our intellectual property rights, such as by initiating claims or litigation against third parties for infringement of our proprietary rights or to establish the validity of our proprietary rights. However, we may not prevail in any lawsuits that we initiate, and the damages or other remedies awarded, if any, may not be adequate to compensate us for the harm suffered. Additionally, we may provoke third parties to assert counterclaims against us. Any litigation, whether or not it is resolved in our favor, could result in significant expense to us and divert the efforts of our technical and management personnel, which may adversely affect our business operations or financial results. For any of these reasons, despite our efforts, we may be unable to prevent third parties from infringing upon or misappropriating our intellectual property. If we fail to protect our intellectual property rights adequately, our competitors might gain access to our technology or use of our brand, and our business might be adversely affected.
We have been, and may in the future be, subject to intellectual property rights claims by third parties, which are extremely costly to defend, could require us to pay significant damages and could limit our ability to use certain technologies.
Companies in the software and technology industries, including some of our current and potential competitors, own large numbers of patents, copyrights, trademarks and trade secrets and frequently enter into litigation based on allegations of infringement or other violations of intellectual property rights. In addition, many of these companies have the capability to dedicate substantially greater resources to enforce their intellectual property rights and to defend claims that may be brought against them. The litigation may involve patent holding companies or other adverse patent owners that have no relevant product revenues and against which our patents may therefore provide little or no deterrence. From time-to-time, third parties, including certain of these leading companies and non-practicing entities, have asserted and may assert patent, copyright, trademark or other intellectual property rights against us, our partners, our technology partners or our customers. We have received, and may in the future receive, notices that claim we have misappropriated, misused, or infringed other parties’ intellectual property rights, including those obtained through acquisitions of new technologies, and, to the extent we gain greater market visibility, we face a higher risk of being the subject of intellectual property infringement claims, which is not uncommon with respect to the enterprise software market.
There may be third-party intellectual property rights, including issued or pending patents, that cover or claim to cover significant aspects of our technologies or business methods. We may be exposed to increased risk of being the subject of intellectual property infringement claims as a result of acquisitions, as, among other things, we have a lower level of visibility into the development process with respect to such technology or the care taken to safeguard against infringement risks. Any intellectual property claims, with or without merit, could be very time-consuming, could be expensive to settle or litigate and could divert our management’s attention and other resources. These claims could also subject us to significant liability for damages, potentially including treble damages or enhanced statutory damages if we are found to have willfully infringed patents or copyrights. These claims could also result in our having to stop using technology found to be in violation of a third-
party’s rights. We might be required to seek a license for the intellectual property, which may not be available on reasonable terms or at all. Even if a license were available, we could be required to pay significant royalties, which would increase our operating expenses. As a result, we may be required to develop alternative non-infringing technology, which could require significant effort and expense. If we cannot license or develop technology for any infringing aspect of our business, we would be forced to limit or stop sales of our offerings and may be unable to compete effectively. Any of these results would adversely affect our business operations and financial results.
If we are not able to maintain and enhance our brand, our business and operating results may be adversely affected.
We believe that maintaining and enhancing the “Splunk” brand identity is critical to our relationships with current customers and partners and to our ability to attract new customers and partners. The successful promotion of our brand will depend largely upon our marketing efforts, our ability to continue to offer high-quality offerings and our ability to successfully differentiate our offerings from those of our competitors. In addition, independent industry analysts often provide reviews of our offerings, as well as those of our competitors, and perception of our offerings in the marketplace may be significantly influenced by these reviews. If these reviews are negative, or less positive as compared to those of our competitors’ products and services, our brand may be adversely affected.
Moreover, it may be difficult to maintain and enhance our brand in connection with sales through partners. We have and will continue to incur a substantial amount of expenditures in connection with our campaigns, and we anticipate that brand promotion expenditures will increase as our market becomes more competitive and as we attempt to grow our business. To the extent that these activities yield increased revenues, these revenues may not offset the increased expenses we incur. If we do not successfully maintain and enhance our brand, our business may not grow, we may have reduced pricing power relative to competitors with stronger brands, and we could lose customers and partners, all of which would adversely affect our business operations and financial results.
Our use of “open source” software could negatively affect our ability to sell our offerings and subject us to possible litigation, and our participation in open source projects may impose unanticipated burdens or restrictions.
We use open source software in our offerings and business, including as incorporated into software we receive from third-party commercial software vendors or technologies obtained through acquisitions, and expect to continue to use open source software in the future. Use of open source software may entail greater risks than use of third-party commercial software. The terms of many open source licenses have not been interpreted by U.S. courts, and there is a risk that such licenses could be construed in a manner that imposes unanticipated conditions or restrictions on our ability to market or commercialize our products. We may face claims from others alleging breach of license requirements or infringement of intellectual property rights in what we believe to be licensed open source software. In addition, under the terms of some open source licenses, under certain conditions, we could be required to release our proprietary source code that was developed using, incorporating or linked with such open source software, or apply open source licenses to our proprietary software, including authorizing further modification and redistribution. These claims or requirements, including any change to the applicable license terms, could also result in litigation, require us to purchase a costly license, require us to devote additional research and development resources to change our offerings, or require us to cease offering the implicated products unless and until we can find alternative tools or re-engineer them to avoid infringement or release of our proprietary source code, any of which would have a negative effect on our business and operating results. In addition to risks related to license requirements, usage of open source software can lead to greater risks than use of third-party commercial software, as open source licensors generally do not provide updates, warranties, support, indemnities, assurances of title or controls on origin of the software, or other contractual protections regarding infringement claims or the quality of the code. Likewise, some open source projects have known security and other vulnerabilities and architectural instabilities, or are otherwise subject to security attacks due to their wide availability, and are provided on an “as-is” basis. Additionally, we, including companies that we acquired, have intentionally made certain proprietary software available on an open source basis, both by contributing modifications back to existing open source projects, and by making certain internally developed tools available pursuant to open source licenses, and we plan to continue to do so in the future. While we have established procedures, including a review process for any such contributions, which is designed to protect any code that may be competitively sensitive, we cannot guarantee that this process has always been applied consistently by us or by companies that we have acquired, prior to the acquisition. Even when applied, because any software source code we contribute to open source projects is publicly available, our ability to protect our intellectual property rights with respect to such software source code may be limited or lost entirely, and we may be unable to prevent our competitors or others from using such contributed software source code for competitive purposes, or for commercial or other purposes beyond
what we intended. Many of these risks associated with usage of open source software could be difficult to eliminate or manage, and could, if not properly addressed, negatively affect the performance of our offerings and our business.
Factors Related to Reliance on Third Parties
We increasingly rely on third-party providers of cloud infrastructure services to deliver our offerings to users on our platform, and any disruption of or interference with our use of these services could adversely affect our business.
Our cloud services offerings, such as Splunk Cloud, are hosted exclusively by our CSPs. We do not have control over the operations or the facilities of CSPs that we use, and any changes in a Cloud Service Provider’s service levels, which may be less than 100%, may adversely affect our ability to meet the commitments we make to our customers and their requirements. We currently offer a 100% uptime service level agreement (“SLA”) for Splunk Cloud. It may become increasingly difficult to maintain and improve our performance, especially during peak usage times, as the usage of our offerings increases. If any of the services provided by the CSPs fail or become unavailable due to extended outages, interruptions or because they are no longer available on commercially reasonable terms or prices, or if we are unable to deliver 100% uptime under our SLAs, our revenues could be reduced, our reputation could be damaged, we could be exposed to legal liability, expenses could increase, our ability to manage our finances could be interrupted and our processes for managing sales of our offerings and supporting our customers could be impaired until equivalent services, if available, are identified, obtained and implemented, all of which could adversely affect our business, financial results and the usage of our offerings. If we are unable to renew our agreements with our Cloud Service Providers on commercially reasonable terms, or our agreements are prematurely terminated, or we need to add new CSPs to increase capacity and uptime, we could experience interruptions, downtime, delays, and additional expenses related to transferring to and providing support for these new platforms. Our customers may require that we provide our cloud services offerings through Infrastructure-as-a-Service (IaaS) Platforms that we do not offer, which could adversely affect our ability to attract new customers or maintain current customers, either of which could negatively affect our financial condition.
Any of the above circumstances or events may harm our reputation and brand, reduce the availability or usage of our platform and impair our ability to attract new users, any of which could adversely affect our business, financial condition and results of operations.
If we are unable to maintain successful relationships with our partners, and to help our partners enhance their ability to independently sell and deploy our offerings, our business operations, financial results and growth prospects could be adversely affected.
In addition to our direct sales force, we use partners, such as distributors and resellers, to license, provide professional services and support our offerings. Historically, we have relied on a limited number of such partners for a substantial portion of our total sales, particularly in the Europe, Middle East and Africa (“EMEA”) and Asia Pacific (“APAC”) regions, and for sales to government agencies. For example, sales through our top two partners represented 43% of our revenue in fiscal 2022. We expect that sales through partners in all regions will continue to be a significant portion of our revenues for the foreseeable future. As changes in our partner strategy are implemented.
Our agreements with our partners are generally non-exclusive, meaning our partners may offer customers the products of several different companies, including products that compete with ours. If our partners do not effectively market and sell our offerings, choose to use greater efforts to market and sell their own products or those of our competitors, or fail to meet the needs of our customers, our ability to grow our business and sell our offerings may be adversely affected. Our partners may cease marketing our offerings with limited or no notice and with little or no penalty. The loss of a substantial number of our partners or any of our key partners, our possible inability to replace them, or the failure to recruit additional partners could materially and adversely affect our results of operations and could have an impact on the growth rate of our revenue as we work to obtain new partners or replacement relationships. In addition, sales by partners are more likely than direct sales to involve collectability and compliance concerns, in particular sales by our partners in developing markets, and accordingly, variations in the mix between revenues attributable to sales by partners and revenues attributable to direct sales may result in fluctuations in our operating results.
As we are transitioning our business model, the manner in which we conduct business with and compensate our partners, as well as the business demands placed upon our partners will likely change, requiring some of our historically effective partners to adapt their sales and marketing techniques to sell cloud services and term licenses. Such changes may lead to shorter duration contracts, which require more frequent customer contact by, and different business terms with, our partners. In some circumstances, new partners may be more effective in adapting to our new business model, particularly when such
partners have experience selling cloud services. Therefore, our expectations for our partners, and our rubric for evaluating compatible partners may change, which may adversely impact our results of operations during the transition.
Our ability to achieve revenue growth in the future will depend in part on our success in maintaining successful relationships with our partners, and to help our partners enhance their ability to independently sell and deploy our offerings. In order to achieve these objectives, we may be required to adjust our incentives, pricing or discount programs for our partners, which could adversely affect our operating results. If we are unable to maintain our relationships with these partners, or otherwise develop and expand our indirect distribution channel, our business, results of operations, financial condition or cash flows could be adversely affected.
Our future performance depends in part on proper use of our community website, Splunkbase, expansion of our developer network, and support from third-party software developers.
Our offerings enable third-party software developers to build apps on top of our platform. We operate a community website, Splunkbase, for sharing these third-party apps, including add-ons and extensions. While we expect Splunkbase to support our sales and marketing efforts, it also presents certain risks to our business, including:
•third-party developers may not continue developing or supporting the software apps that they share on Splunkbase;
•we cannot guarantee that if and as we change the architecture of our products and services, third-party developers will evolve their existing software apps to be compatible or that they will participate in the creation of new apps utilizing the new architecture;
•as we migrate our on-premises based products to cloud-based services, third-party developers may not convert their apps to work in the cloud environment or may not find our expanded developer network to be palatable for their cloud-based apps;
•we cannot provide any assurance that these apps meet the same quality and security standards that we apply to our own development efforts, and, to the extent they contain bugs, defects or security vulnerabilities, they may create disruptions in our customers’ use of our offerings or negatively affect our brand;
•we do not currently provide support for software apps developed by third-party software developers, and users may be left without support and potentially disappointed by their experience of using our offerings if the third-party software developers do not provide appropriate support for these apps;
•these third-party software developers may not possess the appropriate intellectual property rights to develop and share their apps or otherwise may not have assessed legal and compliance risks related to distributing their apps;
•some of these apps are hosted in external sites for a fee and are not controlled or reviewed by us, which may lead to a negative experience by customers that may impact our reputation; and
•some of these developers may use the insight they gain using our offerings and from documentation publicly available on our website to develop competing products.
Many of these risks are not within our control to prevent, and our brand may be damaged if these apps, add-ons or extensions do not perform to our customers’ satisfaction and that dissatisfaction is attributed to us.
If poor advice or misinformation is spread through our community website, Splunk Answers, users of our offerings may experience unsatisfactory results from using our offerings, which could adversely affect our reputation and our ability to grow our business.
We host Splunk Answers for sharing knowledge about how to perform certain functions with our offerings. Our users are increasingly turning to Splunk Answers for support in connection with their use of our offerings. We do not review or test the information that non-Splunk employees post on Splunk Answers to ensure its accuracy or efficacy in resolving technical issues. Therefore, we cannot ensure that all the information listed on Splunk Answers is accurate or that it will not adversely affect the performance of our offerings. Furthermore, users who post such information on Splunk Answers may not have adequate rights to the information to share it publicly, and we could be the subject of intellectual property claims based on our
hosting of such information. If poor advice or misinformation is spread among users of Splunk Answers, our customers or other users of our offerings may experience unsatisfactory results from using our offerings, which could adversely affect our reputation and our ability to grow our business.
Factors Related to Our Securities
Servicing our debt requires a significant amount of cash, and we may not have sufficient cash flow from our business to pay our substantial debt.
Our ability to make scheduled payments of the principal of, to pay interest on or to refinance our indebtedness, including the $1.0 billion aggregate principal amount of 0.75% Convertible Senior Notes due 2026 (the “2026 Notes”), $1.27 billion aggregate principal amount of 1.125% Convertible Senior Notes due 2027 (the “2027 Notes”), $776.7 million aggregate principal amount of 0.50% Convertible Senior Notes due 2023 (the “2023 Notes”) and $862.5 million aggregate principal amount of 1.125% Convertible Senior Notes due 2025 (the “2025 Notes” and collectively, the “Notes”) that we issued in July 2021, June 2020 and September 2018, depends on our future performance, which is subject to economic, financial, competitive and other factors beyond our control.Our business may not continue to generate cash flow from operations in the future sufficient to service our debt, including the Notes, and make necessary capital expenditures. If we are unable to generate such cash flow, we may be required to adopt one or more alternatives, such as selling assets, restructuring debt or issuing additional equity, equity-linked or debt instruments on terms that may be onerous or highly dilutive. Our ability to refinance our indebtedness will depend on the capital markets and our financial condition at such time. If we are unable to engage in any of these activities or engage in these activities on desirable terms, we may be unable to meet our debt obligations, including the Notes, which would materially and adversely impact our business, financial condition and operating results.
Our current and future indebtedness, including the Notes, may limit our operating flexibility or otherwise affect our business.
Our existing and future indebtedness, including the Notes, could have important consequences to our stockholders and significant effects on our business. For example, it could:
•make it more difficult for us to satisfy or refinance our debt obligations, including the Notes;
•require us to raise additional capital to refinance the Notes as they mature;
•increase our vulnerability to general adverse economic and industry conditions;
•require us to dedicate a substantial portion of our cash flow from operations to payments on our indebtedness, thereby reducing the availability of our cash flow to fund working capital and other general corporate purposes;
•limit our flexibility in planning for, or reacting to, changes in our business and the industry in which we operate;
•restrict us from exploiting business opportunities;
•place us at a competitive disadvantage compared to our competitors that have less indebtedness; and
•limit our availability to borrow additional funds for working capital, capital expenditures, acquisitions, debt service requirements, execution of our business strategy or other general purposes.
Any of the foregoing could have a material adverse effect on our business, results of operations or financial condition.
Conversion of the Notes may dilute the ownership interest of our stockholders or may otherwise depress the price of our common stock.
The conversion of some or all of the Notes may dilute the ownership interests of our stockholders. Upon conversion of the Notes, we have the option to pay or deliver, as the case may be, cash, shares of our common stock, or a combination of cash and shares of our common stock; provided, in the case of the 2026 Notes, a holder of an SL Note (as defined in the indenture governing the 2026 Notes) has the right to determine the settlement method for any SL Note converted in connection with our delivery of a redemption notice. If we elect or, in the case of a conversion of the 2026 Notes in connection with a Redemption
Notice, are required, to settle our conversion obligation in shares of our common stock or a combination of cash and shares of our common stock, any sales in the public market of our common stock issuable upon such conversion could adversely affect prevailing market prices of our common stock. Holders of the Notes may hedge their positions in the Notes by entering into short positions with respect to the underlying common stock. In addition, any anticipated conversion of the Notes into shares of our common stock could depress the price of our common stock.
The conditional conversion feature of the 2023 Notes, the 2025 Notes, or the 2027 Notes, if triggered, may adversely affect our financial condition and operating results.
In the event the conditional conversion feature of the 2023 Notes, the 2025 Notes, or the 2027 Notes is triggered, holders of such Notes will be entitled under the applicable indenture governing such Notes to convert their Notes at any time during specified periods at their option. There is no conditional conversion feature with respect to the 2026 Notes and holders of the 2026 Notes may elect to convert at any time. If one or more holders of a series of Notes elect to convert such Notes, unless we elect to satisfy our conversion obligation by delivering solely shares of our common stock, we would be required to settle a portion or all of our conversion obligation through the payment of cash, which could adversely affect our liquidity. In addition, in certain circumstances, such as conversion by holders or redemption, we could be required under applicable accounting rules to reclassify all or a portion of the outstanding principal of the relevant series of Notes as a current rather than long-term liability, which would result in a material reduction of our net working capital.
The accounting method for convertible debt securities that may be settled in cash, such as the Notes, could have a material effect on our reported financial results.
Under Accounting Standards Codification 470-20, Debt with Conversion and Other Options (“ASC 470-20”), an entity must separately account for the liability and equity components of the convertible debt instruments (such as the Notes) that may be settled entirely or partially in cash upon conversion in a manner that reflects the issuer’s economic interest cost. The effect of ASC 470-20 on the accounting for the Notes is that the equity component is required to be included in the additional paid-in capital section of stockholders’ equity in our consolidated balance sheet at issuance, and the value of the equity component is treated as a discount for purposes of accounting for the debt component of the Notes. As a result, we are required to record a greater amount of non-cash interest expense as a result of the amortization of the discounted carrying value of the Notes to their respective face amounts over their respective terms. We report larger net losses or lower net income in our financial results because ASC 470-20 requires interest to include both the amortization of the debt discount and the instrument’s coupon interest rate, which could adversely affect our reported or future financial results, the trading price of our common stock and the trading price of the Notes.
In addition, under certain circumstances, convertible debt instruments (such as the Notes) that may be settled entirely or partly in cash are currently accounted for utilizing the treasury stock method for earnings per share purposes, the effect of which is that the shares issuable upon conversion of a series of Notes are not included in the calculation of diluted earnings per share except to the extent that the conversion value of such series of Notes exceeds their principal amount. Under the treasury stock method, for diluted earnings per share purposes, the transaction is accounted for as if the number of shares of common stock that would be necessary to settle such excess, if we elected to settle such excess in shares, are issued.
We are subject to counterparty risk with respect to the Capped Calls.
In connection with the offerings of the 2023 Notes, the 2025 Notes and the 2027 Notes, we entered into privately negotiated capped call transactions with certain counterparties (collectively, the “Capped Calls”). The counterparties to the Capped Calls are financial institutions, and we will be subject to the risk that one or more of the counterparties may default, fail to perform or exercise their termination rights under the Capped Calls. Our exposure to the credit risk of the counterparties will not be secured by any collateral. If a counterparty to the Capped Calls becomes subject to insolvency proceedings, we will become an unsecured creditor in those proceedings with a claim equal to our exposure at the time under such transaction. Our exposure will depend on many factors but, generally, our exposure will increase if the market price or the volatility of our common stock increases. In addition, upon a default, failure to perform or a termination of the Capped Calls by a counterparty, we may suffer more dilution than we currently anticipate with respect to our common stock. We can provide no assurances as to the financial stability or viability of the counterparties.
Our stock price has been volatile, may continue to be volatile and may decline regardless of our financial performance.
The trading prices of the securities of technology companies have been highly volatile. The market price of our common stock has fluctuated significantly and is likely to continue to fluctuate significantly or experience declines in the future. Your investment in our stock could lose some or all of its value. Some of the factors, many of which are beyond our control, that could significantly affect the market price of our stock include:
•actual or anticipated fluctuations in our financial results;
•the financial projections we provide to the public, any changes in these projections or our failure to meet or exceed these projections;
•the impact of our shift to a cloud services delivery model, as well as increased annual invoicing and decreased multi-year upfront invoicing, which may impact our revenue, deferred revenue, cash collections, remaining performance obligations, gross margin and operating income;
•failure of securities analysts to initiate or maintain coverage of our company, changes in financial estimates by any securities analysts who follow our company, or our failure to meet these estimates or the expectations of investors;
•ratings changes by any securities analysts who follow our company;
•changes in our stockholder base;
•announcements by us or our competitors of significant technical innovations, acquisitions, strategic partnerships, joint ventures or capital commitments;
•changes in operating performance and stock market valuations of other technology companies generally, or those in our industry in particular;
•price and volume fluctuations in certain categories of companies, such as high-growth or cloud companies, or the overall stock market, including as a result of trends in the global economy;
•public health crises, such as the ongoing COVID-19 pandemic, and related measures by private industry and governments to protect the public health;
•general economic and political conditions and uncertainty, both domestically and internationally, as well as economic and political conditions and uncertainty specifically affecting industries in which our customers participate, including continued impacts from the ongoing COVID-19 pandemic and impacts from the war in Ukraine;
•any major change in our board of directors or management, including our recent CEO transition;
•lawsuits threatened or filed against us;
•actual or perceived security breaches or incidents; and
•other events or factors, including those resulting from war, incidents of terrorism or responses to these events.
In addition, the stock markets, and in particular the market on which our common stock is listed, have experienced extreme price and volume fluctuations that have affected and continue to affect the market prices of equity securities of many technology companies. Stock prices of many technology companies have fluctuated in a manner unrelated or disproportionate to the financial performance of those companies. In the past, following periods of market volatility, securities class action litigation and stockholder derivative litigation have often been instituted. In December 2020, a putative class action lawsuit was filed in the U.S. District Court for the Northern District of California against us, our former CEO and our CFO alleging violations of the Securities Exchange Act of 1934, as amended (the “Exchange Act”), for allegedly making materially false and misleading statements regarding our financial guidance. On March 16, 2021, the Court appointed lead plaintiff and lead counsel in the case. On June 7, 2021, the lead plaintiff filed an amended complaint which alleges that defendants made materially false and misleading statements regarding our marketing efforts, hiring practices, and retention of personnel. In February, March, and April 2021, several derivative lawsuits related to the securities class action were filed. These lawsuits could subject us to substantial costs, divert resources and the attention of management from our business and adversely affect our business, results
of operations, financial condition and cash flows. If we were to become involved in additional litigation in the future, it also could subject us to substantial costs, divert resources and the attention of management from our business and adversely affect our business, results of operations, financial condition and cash flows.
Climate change may have a long-term impact on our business.
The long-term effects of climate change on the global economy and the technology industry in particular are unclear, however we recognize that there are inherent climate related risks wherever business is conducted. Our business operations are subject to interruption by natural disasters, flooding, fire, power shortages, pandemics such as the ongoing COVID-19 pandemic, terrorism, political unrest, telecommunications failure, vandalism, cyber-attacks, infrastructure disruptions, geopolitical instability, war, the effects of climate change and other events beyond our control. Physical climate change risks can include, for example, our California corporate offices are located near major seismic faults, and have also historically experienced, and are projected to continue to experience, climate-related events including drought and water scarcity, warmer temperatures, rising sea levels, wildfires and air quality impacts and power shut-offs associated with wildfire prevention. Although we maintain crisis management and disaster response plans, such events could make it difficult or impossible for us to deliver our services to our customers, could decrease demand for our services, and could cause us to incur substantial expense. Our insurance may not be sufficient to cover losses or additional expenses that we may sustain. Climate-related events, including the increasing frequency of extreme weather events and their impact on critical infrastructure in the United States and elsewhere, have the potential to disrupt our business, our third-party suppliers, and/or the business of our customers, and may cause us to experience higher attrition, losses and additional costs to maintain and resume operations. Transitional climate change risks may subject us to increased regulations, reporting requirements, standards, or expectations regarding the environmental impacts of our business and untimely or inaccurate disclosure could adversely affect our reputation, business or financial performance.
We could be subject to additional tax liabilities.
We are subject to federal, state and local taxes in the United States and numerous foreign jurisdictions. Significant judgment is required in evaluating our tax positions and our worldwide provision for taxes as there are many activities and transactions for which the ultimate tax determination is uncertain. The relevant taxing authorities may disagree with our determinations as to the income and expenses attributable to specific jurisdictions. If such a disagreement were to occur, and our position is not sustained, we could be required to pay additional taxes, interest and penalties, which could result in one-time tax charges, higher effective tax rates, reduced cash flows and lower overall profitability of our operations. At any given time, we are subject to routine inquiries from taxing jurisdictions worldwide and are working to resolve these various routine questions and potential errors. Our financial statements reflect our best judgement of needed reserves to cover known contingencies, but there can be no assurances on the final outcome of any tax assessment. In addition, our tax obligations and effective tax rates could be adversely affected by changes in the relevant tax, accounting and other laws, regulations, principles and interpretations, including those relating to income tax nexus, by our earnings being lower than anticipated in jurisdictions where we have lower statutory rates and higher than anticipated in jurisdictions where we have higher statutory rates, by challenges to our intercompany relationships and transfer pricing arrangements, by changes in foreign currency exchange rates, or by changes in the valuation of our deferred tax assets and liabilities. Many countries and organizations such as the Organization for Economic Cooperation and Development are actively considering changes to existing tax laws or have proposed or enacted new tax laws that could increase our tax liabilities in countries where we do business.
Changes in accounting pronouncements and other financial and nonfinancial reporting standards may negatively impact our financial results.
Generally accepted accounting principles in the United States (“U.S. GAAP”) are subject to interpretation by the Financial Accounting Standards Board (“FASB”), the SEC, and other various bodies formed to promulgate and interpret appropriate accounting principles. We regularly monitor our compliance with applicable financial reporting standards and review new pronouncements and interpretations that are relevant to us. As a result of new standards, changes to existing standards and changes in their interpretation, we may be required to change our accounting policies, to alter our operational policies to implement new or enhance existing systems so that they reflect new or amended financial reporting standards, and to adjust our published financial statements. Such changes may have an adverse effect on our business, financial position and operating results, or cause an adverse deviation from our revenue and operating profit targets, which may negatively impact our financial results.
In addition, as we identify ESG topics for voluntary disclosure and work to align with the recommendations of the Financial Stability Board’s Task Force on Climate-Related Financial Disclosures (“TCFD”), the Sustainability Accounting Standards Board (“SASB”), and our own ESG materiality assessment, we have expanded and, in the future, may continue to expand our disclosures in these areas. Statements about our ESG initiatives and goals, and progress against those goals, may be based on standards for measuring progress that are still developing, internal controls and processes that continue to evolve, and assumptions that are subject to change in the future. If our ESG-related data, processing and reporting are incomplete or inaccurate, or if we fail to achieve progress on our metrics on a timely basis, or at all, our reputation, business, financial performance and growth could be adversely affected.
The requirements of being a public company and a growing and increasingly complex organization may strain our resources, divert management’s attention and affect our ability to attract and retain executive management and qualified board members.
We are subject to the reporting requirements of the Exchange Act, the Sarbanes-Oxley Act, the Dodd-Frank Act, the listing requirements of The Nasdaq Stock Market and other applicable securities rules and regulations. Compliance with these rules and regulations has increased and may continue to increase our legal and financial compliance costs, making some activities more difficult, time-consuming or costly, and has increased and will continue to increase demand on our systems and resources.
In addition, changing laws, regulations, standards and practices relating to corporate governance and public disclosure are creating uncertainty for public companies, increasing legal and financial compliance costs and making some activities more time consuming. These laws, regulations, standards and practices are subject to varying interpretations, in many cases due to their lack of specificity, and, as a result, their application in practice may evolve over time as regulatory and governing bodies provide new guidance or as market practices develop. This could result in continuing uncertainty regarding compliance matters and higher costs necessitated by ongoing revisions to disclosure and governance practices.
From time to time, public companies are subject to campaigns by investors seeking to increase short-term stockholder value through actions such as financial restructuring, increased debt, special dividends, stock repurchases, management changes or sales of assets or the entire company. If stockholders attempt to effect such changes or acquire control over us, responding to such actions would be costly, time-consuming and disruptive, which could adversely affect our results of operations, financial results and the value of our common stock. These factors could also make it more difficult for us to attract and retain qualified employees, executive officers and members of our board of directors.
Anti-takeover provisions in our charter documents and under Delaware law could make an acquisition of our company more difficult, limit attempts by our stockholders to replace or remove our current management and limit the market price of our common stock.
Provisions in our amended and restated certificate of incorporation and amended and restated bylaws may have the effect of delaying or preventing a change of control or changes in our management. Our amended and restated certificate of incorporation and amended and restated bylaws include provisions that:
•authorize our board of directors to issue, without further action by the stockholders, shares of undesignated preferred stock with terms, rights and preferences determined by our board of directors;
•require that any action to be taken by our stockholders be effected at a duly called annual or special meeting and not by written consent;
•specify that special meetings of our stockholders can be called only by our board of directors, the Chair of our board of directors, or our Chief Executive Officer;
•establish an advance notice procedure for stockholder proposals to be brought before an annual meeting, including proposed nominations of persons for election to our board of directors;
•establish that our board of directors is divided into three classes, Class I, Class II and Class III, with each class serving three-year staggered terms;
•prohibit cumulative voting in the election of directors;
•provide that our directors may be removed only for cause;
•provide that vacancies on our board of directors may be filled only by a majority of directors then in office, even though less than a quorum; and
•require the approval of our board of directors or the holders of a super majority of our outstanding shares of capital stock to amend our amended and restated bylaws and certain provisions of our amended and restated certificate of incorporation.
These provisions may frustrate or prevent any attempts by our stockholders to replace or remove our current management by making it more difficult for stockholders to replace members of our board of directors, which is responsible for appointing the members of our management. In addition, because we are incorporated in Delaware, we are governed by the provisions of Section 203 of the Delaware General Corporation Law, which generally prohibits a Delaware corporation from engaging in any of a broad range of business combinations with any “interested” stockholder for a period of three years following the date on which the stockholder became an “interested” stockholder.
|Item 1B. Unresolved Staff Comments|
Our corporate headquarters at 270 Brannan Street occupy approximately 182,000 square feet under an office lease wherein approximately 50% expires in February 2023 and the balance expires in February 2024. Additionally, we have an office lease for approximately 235,000 square feet located at 3098 Olsen Drive, San Jose, California that expires in August 2027 for our business operations, sales, support and product development. We lease smaller regional offices for our business operations, sales, support and some product development in various locations throughout the United States. Our foreign subsidiaries lease office space for their operations including local sales, support and some product development. While we believe our facilities are sufficient and suitable for our current operations, we are in the process of evaluating future office space needs and configurations to support our growing workforce post COVID-19.
|Item 3. Legal Proceedings|
The information set forth under Legal Proceedings in Note 3 contained in the “Notes to Consolidated Financial Statements” is incorporated herein by reference.
|Item 4. Mine Safety Disclosures|
|Item 5. Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities|
Our common stock, $0.001 par value, began trading on the Nasdaq Stock Market on April 19, 2012, where its prices are quoted under the symbol “SPLK.” As of January 31, 2022, there were 66 holders of record of our common stock. Because many of our shares of common stock are held by brokers and other institutions on behalf of stockholders, we are unable to estimate the total number of beneficial holders represented by these record holders, but it is well in excess of the number of record holders.
Stock Performance Graph
This chart compares the cumulative total return on our common stock with that of the Nasdaq Composite index and the Nasdaq Computer index for each of the last five fiscal years ended January 31, 2022, assuming an initial investment of $100. The Nasdaq Computer index utilizes the same methods of presentation and assumptions for the total return calculation as does Splunk and the Nasdaq Composite index.
|Splunk Inc.||$||100.00 ||$||159.64 ||$||215.76 ||$||268.34 ||$||285.22 ||$||214.17 |
|Nasdaq Composite||$||100.00 ||$||133.43 ||$||132.52 ||$||168.35 ||$||242.57 ||$||222.95 |
|Nasdaq Computer ||$||100.00 ||$||141.37 ||$||138.37 ||$||199.09 ||$||302.71 ||$||364.73 |
Purchases of Equity Securities by the Issuer and Affiliated Purchasers
The following table summarizes the share repurchase activity for the fiscal year ended January 31, 2022:
Total Number of Shares Purchased
(in thousands) (1)
Average Price Paid Per Share (2)
Total Number of Shares Purchased as Part of Publicly Announced Programs
(in thousands) (1)
Approximate Dollar Value of Shares that May Yet Be Purchased Under the Program
(in millions) (1)
|August 1 - August 31||1,880 ||$||143.91 ||1,880 ||$||500 |
|September 1- September 30||2,561 ||$||151.37 ||2,561 ||$||112 |
|October 1- October 31||793 ||$||141.74 ||793 ||$||— |
(1) In June 2021, our board of directors authorized a program to repurchase up to $1.0 billion of our common stock over time. Under this program, repurchases may be made from time to time through open market purchases or through privately negotiated transactions, subject to market conditions, applicable legal requirements and other relevant factors. The repurchase program was complete as of October 31, 2021. Please refer to Note 8 “Stock Compensation Plans and Stockholders’ Equity” in our accompanying Notes to Consolidated Financial Statements included elsewhere in this Annual Report on 10-K for additional information.
(2) The average price paid per share, inclusive of costs associated with the repurchases was $147.23.
|Item 6. Selected Financial Data|
|Item 7. Management’s Discussion and Analysis of Financial Condition and Results of Operations|
The following discussion and analysis of our financial condition and results of operations should be read in conjunction with our consolidated financial statements and related notes appearing elsewhere in this Annual Report on Form 10-K. This discussion contains forward-looking statements based upon current expectations that involve risks and uncertainties. Our actual results may differ materially from those anticipated in these forward-looking statements as a result of various factors, including those set forth under “Risk Factors” included in Part I, Item 1A or in other parts of this report.
The following section generally discusses fiscal 2022 and 2021 items and year-to-year comparisons between fiscal 2022 and 2021. Discussions of fiscal 2020 items and year-to-year comparisons between fiscal 2021 and 2020 that are not included in this Form 10-K can be found in “Management’s Discussion and Analysis of Financial Condition and Results of Operations” in Part II, Item 7 of our Annual Report on Form 10-K for the fiscal year ended January 31, 2021, and are incorporated herein by reference.
Amounts reported in millions are rounded based on the amounts in thousands. As a result, the sum of the components reported in millions may not equal the total amount reported in millions due to rounding. In addition, percentages presented are calculated from the underlying numbers in thousands and may not add to their respective totals due to rounding.
Splunk provides innovative solutions that use data from digital systems to help organizations identify opportunities for optimization and innovation and keep those systems secure and performing effectively. This class of data is growing significantly as a direct result of the prevalence and importance of digital systems used by today’s organizations. Decades of investment in digital transformation have integrated the hardware and software that comprise digital systems into every aspect of how modern organizations operate. The data generated by these systems contains a comprehensive, real-time record of operations, interactions, and transactions that our offerings convert into insights and actions that improve technology and business outcomes. Our solutions for Security and Observability empower users in technology roles, including Development Operations (“DevOps”), IT Operations (“ITOps”), and cyber security, to monitor and secure digital systems more quickly and efficiently. Business users leverage our offerings to gain visibility into their digital processes to deliver better experiences, improve decisions and drive better results.
Our offerings provide visibility to our customers’ diverse technology infrastructure including systems deployed on the edge, on premises, and in private and public cloud environments, running software ranging from monolithic apps to cloud native ones. We also believe our offerings empower operational transformation, helping customers move from reactive, non-
scalable and ineffective approaches to proactive, automated, and AI-assisted processes that drive better outcomes even as the scale and complexity of their technology continue to grow.
The COVID-19 pandemic significantly increased the importance of being a digital, data-driven organization and we believe the importance of data-driven innovation will only continue to increase over time. The events of 2020 and 2021 accelerated the adoption of new ways to work and exerted an enormous amount of pressure on organizations of all kinds to deliver better experiences and outcomes, and to enable entirely new offerings and business models. We believe this global shift in the business environment and the related challenges are here to stay and that Splunk enables organizations to rise to these challenges by leveraging technology to achieve greater efficiency, agility, security, and drive a sustained competitive advantage. When organizations use Splunk to improve their security postures and build resilience, they are able to innovate more effectively.
We typically base our cloud services annual subscription fees on the volume of data indexed per day including a fixed amount of data storage or purchased infrastructure and data storage our customers require to support the underlying workload. We are seeing an increasing number of customers shift to workload-based pricing. We recognize the revenues associated with our cloud services ratably over the associated subscription term. For our license offerings, we typically base the license fees on either the estimated daily data indexing capacity or the compute power consumed to support our customers' workload and we generally recognize the license fee portion of these arrangements upfront. As a result, the timing of when we enter into large license contracts may lead to fluctuations in our revenues and operating results because our expenses are largely fixed in the short-term.
Our revenue mix has shifted from sales of licenses to the delivery of cloud services and we expect it will continue to shift in favor of cloud services. Our transition to a predominantly cloud services delivery model has impacted, and it will continue to impact, our operating margins and revenue as an increasing percentage of our sales becomes recognized ratably. Our shift to a cloud services delivery model is dependent on customer choice and our ability to predict our revenue and margins in any particular period has been, and may continue to be, limited. We have also shifted from generally invoicing our multi-year contracts upfront to invoicing on an annual basis. Accordingly, we have seen the timing of our cash collections extend over a longer period of time with the transition to an annual billings model than it has historically.
We intend to continue investing for long-term growth. We have invested and intend to continue to invest in product development to deliver additional features and performance enhancements, deployment models and solutions that can address new end markets. We expect to continue to expand our sales and marketing organizations to market and sell our offerings both in the United States and internationally.
We have utilized and expect to continue to engage in acquisitions to contribute to our long-term growth objectives. During fiscal 2021, we acquired companies that expand our observability capabilities, including companies that offer auto-instrumentation, real user monitoring, application performance monitoring, advanced synthetic monitoring, web optimization and network performance monitoring. During fiscal 2022, we have continued to invest in our long-term growth including through our acquisition of TruSTAR Technology, Inc., a provider of an intelligence platform for cybersecurity and threat data.
Impact of COVID-19 on our Business
The ongoing COVID-19 pandemic has created significant global economic uncertainty, adversely impacted the business of some of our customers, partners and vendors, and has impacted our business and results of operations in the past and could further impact our results of operations and our cash flows in the future.
COVID-19 has impacted, and could further impact, our business and that of our customers as a result of quarantines, various local, state and federal government public health orders, and other restrictions. For example, we are monitoring office use in the global offices we have selected to re-open, allowing all of our employees to continue to work remotely if they prefer, allowing our employees to elect not to travel, implementing in-person, onsite and travel safety protocols, and we have shifted certain of our customer-focused and corporate events to online-only or hybrid experiences. These operational changes could extend into future quarters. The long-term impact of COVID-19 on our operational and financial performance will depend on certain developments, including the duration, spread, and severity of the virus and its variants, as well as the efficacy of vaccines and vaccine distribution, the response of our U.S. employees to the federal vaccine mandate, and the timing and trajectory of the economic recovery as well as consumer behavior as the recovery develops. Our future performance will also depend on the continuing impact of COVID-19 on our customers, partners, employee productivity and retention and sales cycles, including as a result of travel restrictions and limitations. These potential developments are uncertain and cannot be predicted and as such, the extent to which COVID-19 will continue to impact our business, operations, financial condition and
results of operations over the long term is unknown. Furthermore, due to our shift to a cloud services delivery model, the effect of COVID-19 may not be fully reflected in our results of operations and overall financial performance until future periods.
As additional COVID-19 variants emerge, we will continue to evaluate our return to work and distributed workforce strategies taking into consideration factors such as treatments, vaccines progress, and public health recommendations.We also continue to evaluate our real estate needs and have in the past made the decision to exit certain office space leases. As we continue to assess how and to what extent our employees will gradually return to work in our offices, we may decide to exit additional office space leases which could result in further losses associated with our real estate lease assets.
See Part I, Item 1A. “Risk Factors” in this Form 10-K for further discussion of the impact and possible future impacts of the COVID-19 pandemic on our business.
Key Business Metrics
We use certain key financial and operating metrics to evaluate our performance and monitor the growth of our business as we continue to shift to a cloud services delivery model.
Annual Recurring Revenue
We use cloud annual recurring revenue (“Cloud ARR”) and total annual recurring revenue (“Total ARR”) to identify the annual recurring value of customer contracts at the end of a reporting period and to monitor the growth of our recurring business as we continue to shift to a cloud services delivery model. Cloud ARR represents the annualized revenue run-rate of active cloud services contracts at the end of a reporting period. Total ARR represents the annualized revenue run-rate of active cloud services, term license and maintenance contracts at the end of a reporting period. Each contract is annualized by dividing the contract value by the number of days in the contract term and then multiplying by 365. ARR should be viewed independently of revenue, and does not represent our revenue under U.S. GAAP on an annualized basis, as it is an operating metric that can be impacted by contract start and end dates and renewal rates. ARR is not intended to be a replacement for forecasts of revenue.
The following presents our Cloud ARR and Total ARR (in millions):
Number of Customers with ARR Greater than $1 Million
We monitor the number of customers with Cloud ARR and Total ARR greater than $1 million at the end of a reporting period. An increase in this metric is an indicator of our ability to attract and scale with large enterprise customers who may have a broader array of use cases that align with the Splunk platform. The following presents the number of our customers with Cloud ARR and Total ARR greater than $1 million:
Dollar-Based Net Retention Rate
We quantify our net expansion across existing cloud customers through our cloud dollar-based net retention rate (“Cloud DBNRR”). We calculate Cloud DBNRR by dividing the Cloud ARR at the end of a period (“Cloud Current Period ARR”) by the Cloud ARR of the same group of customers at the beginning of that 12-month period. Cloud Current Period ARR includes existing customer renewals and expansion, is net of existing customer contraction and churn, and excludes new customers. For the trailing 12-month Cloud DBNRR, we take the dollar-weighted average of the Cloud DBNRR over the trailing 12 months. The following presents our trailing 12-month Cloud DBNRR:
Remaining Performance Obligations (“RPO”) Bookings
RPO Bookings is an indicator of overall bookings momentum. We calculate total RPO Bookings as total revenue plus the change in total RPO. Total RPO is separately disclosed in Note 9 “Revenue” of our accompanying Notes to Consolidated Financial Statements included elsewhere in this Annual Report on 10-K. The following presents our total RPO Bookings (in millions):
Below is a calculation of fiscal 2022 and fiscal 2021 total RPO Bookings:
|Fiscal Year Ended January 31,|
|Total revenues||$||2,673,664 ||$||2,229,385 |
|Change in RPO||591,992 ||184,319 |
|Total RPO Bookings||$||3,265,656 ||$||2,413,704 |
(Dollars in millions)
Components of Operating Results
Cloud services revenues. Cloud services allow customers to use hosted software over the contract period without taking possession of the software. We recognize the revenues associated with our cloud services ratably, over the associated subscription term.
License revenues. License revenues consist of revenues from term licenses, and to a much lesser extent perpetual licenses, under which we generally recognize the license fee portion of the arrangement upfront, assuming all revenue recognition criteria are satisfied. License revenues reflect the revenues recognized from sales of licenses to new customers and additional licenses to existing customers, including sales from the renewal of term licenses. Seasonal trends that contribute to increased sales activity in the fourth fiscal quarter often result in lower sequential revenues in the first fiscal quarter, and we expect this trend to continue.
Maintenance and services revenues. Maintenance and services revenues consist of revenues from maintenance agreements and professional services and training.
•Maintenance revenues. When a term license is purchased, maintenance is bundled with the license for the term of the license period. While we only sell perpetual licenses on an exception basis, for any existing perpetual license customers, maintenance is usually renewed on an annual basis. Customers with maintenance agreements are entitled to receive support and unspecified upgrades and enhancements when and if they become available during the maintenance period. We recognize the revenues associated with maintenance agreements ratably, on a straight-line basis, over the associated maintenance period. Maintenance revenues as a percentage of total revenues were 17.6% and 21.4% for fiscal 2022 and 2021, respectively.
•Professional services and training revenues. We have a professional services organization focused on helping our customers deploy our software in highly complex operational environments and train their personnel. Training and professional services have stated billing rates per service hour or are provided on a subscription basis, accordingly, revenues are recognized as services are delivered or ratably over the subscription period. We have experienced continued growth in our professional services revenues primarily due to the deployment of our software with some customers that have large, highly complex IT environments.
Cost of Revenues
Cost of cloud services revenues. Cost of cloud services revenues includes salaries, benefits, stock-based compensation and related expenses such as employer taxes for our cloud services organization, allocated overhead for depreciation of equipment, facilities and IT, amortization of acquired intangible assets and third-party hosting fees. We recognize expenses related to our cloud services organizations as they are incurred.
Cost of license revenues. Cost of license revenues includes all direct costs to deliver our products, including salaries, benefits, stock-based compensation and related expenses such as employer taxes, allocated overhead for facilities and IT and amortization of acquired intangible assets. We recognize these expenses as they are incurred.
Cost of maintenance and services revenues. Cost of maintenance and services revenues includes salaries, benefits, stock-based compensation and related expenses such as employer taxes for our maintenance and services organizations, third-party consulting services and allocated overhead for depreciation of equipment, facilities and IT. We recognize expenses related to our maintenance and services organizations as they are incurred.
Our operating expenses are classified into three categories: research and development, sales and marketing and general and administrative. For each category, the largest component is personnel costs, which include salaries, employee benefit costs, bonuses, commissions as applicable, stock-based compensation and related expenses such as employer taxes. Operating expenses also include allocated overhead costs for depreciation of equipment, facilities and IT. Allocated costs for facilities include costs for compensation of our facilities personnel, leasehold improvements and rent. Our allocated costs for IT include costs for compensation of our IT personnel, costs associated with our IT infrastructure and software subscriptions. Operating expenses are generally recognized as incurred.
Research and development. Research and development expenses primarily consist of personnel and facility-related costs attributable to our research and development personnel. We have devoted our product development efforts primarily to enhancing the functionality and expanding the capabilities of our software and services. We expect that our research and development expenses will continue to increase, in absolute dollars, as we increase our research and development headcount to further strengthen and enhance our software and services and invest in the development of our solutions and apps.
Sales and marketing. Sales and marketing expenses primarily consist of personnel and facility-related costs for our sales, marketing and business development personnel, commissions earned by our sales personnel, and the cost of marketing and business development programs, including advertising programs to promote our brand and awareness, demand generating activities and customer events. We expect that sales and marketing expenses will continue to increase, in absolute dollars, as we continue to hire additional personnel and invest in marketing programs.
General and administrative. General and administrative expenses primarily consist of personnel and facility-related costs for our executive, finance, legal, human resources and administrative personnel; our legal, accounting and other professional services fees; and other corporate expenses. We anticipate continuing to incur additional expenses due to growing our operations, including higher legal, corporate insurance and accounting-related expenses.
Interest and Other Income (Expense), Net
Interest and other income (expense), net consists primarily of interest expense related to our convertible senior notes, gain on extinguishment of convertible senior notes, a strategic investment impairment loss, foreign exchange gains and losses, interest income on our investments and cash and cash equivalents balances and changes in the fair value of forward exchange contracts.
Income Tax Provision (Benefit)
Our income tax provision (benefit) consists of federal, state and foreign income taxes. Because of our history of U.S. operating losses, we have established a full valuation allowance on our U.S. deferred tax assets. We regularly assess the need for the valuation allowance. If we determine that an adjustment is needed, we will record the necessary adjustment in the period that the determination is made.
Critical Accounting Policies and Estimates
We prepare our consolidated financial statements in accordance with generally accepted accounting principles in the United States. The preparation of consolidated financial statements also requires us to make estimates and assumptions that affect the reported amounts of assets, liabilities, revenues, costs and expenses and related disclosures. We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances. Actual results could differ significantly from the estimates made by our management. To the extent that there are differences between our estimates and actual results, our future financial statement presentation, financial condition, results of operations and cash flows will be affected.
We believe that the assumptions and estimates associated with revenue recognition, deferred sales commissions and business combinations have the greatest potential impact on our consolidated financial statements. Therefore, we consider these to be our critical accounting policies and estimates. Accordingly, we believe these are the most critical to fully understand and evaluate our financial condition and results of operations.
Our contracts with customers often contain multiple performance obligations. For these contracts, we account for individual performance obligations separately if they are distinct. We apply significant judgment in identifying and accounting for each performance obligation, as a result of evaluating the terms and conditions in contracts. The transaction price is allocated to the separate performance obligations on a relative standalone selling price (“SSP”) basis. We determine the SSP based on an observable standalone selling price when it is available, as well as other factors, including the price charged to customers, our discounting practices, and our overall pricing objectives, while maximizing observable inputs. In situations where pricing is highly variable, we estimate the SSP using the residual approach.
Deferred Sales Commissions
Sales commissions paid to our sales force and the related payroll taxes are considered incremental and recoverable costs of obtaining a contract with a customer. Costs related to new cloud services and term license contracts are amortized in proportion to the transfer of related services and delivery of licenses, including renewals, over the average period of benefit. We have determined that the average period of benefit related to these costs is five years, which is longer than our customers’ initial contract periods, but reflects the average period of benefit, including expected contract renewals. In arriving at this average period of benefit we considered the nature of our customer contracts, the duration of our relationships with customers, and the estimated life cycles of our technology. Costs related to renewals are amortized over the contract period. In capitalizing and amortizing deferred commissions, we have elected to apply a portfolio approach.
We use our best estimates and assumptions to allocate the fair value of purchase consideration to the tangible and intangible assets acquired and liabilities assumed based on their estimated fair values. The excess of the fair value of purchase consideration over the fair values of these identifiable assets and liabilities is recorded as goodwill. We apply significant
judgment in determining the fair value of the intangible assets acquired, which involves the use of significant estimates and assumptions with respect to revenue growth rates, royalty rate and technology migration curve. While we use our best estimates and judgments, our estimates are inherently uncertain and subject to refinement. During the measurement period, which may be up to one year from the acquisition date, we may record adjustments to the fair value of these tangible and intangible assets acquired and liabilities assumed, with the corresponding offset to goodwill. In addition, uncertain tax positions and tax-related valuation allowances are initially established in connection with a business combination as of the acquisition date. We continue to collect information and reevaluate these estimates and assumptions quarterly and record any adjustments to our preliminary estimates to goodwill provided that we are within the measurement period. Upon the conclusion of the final determination of the fair value of assets acquired or liabilities assumed during the measurement period, any subsequent adjustments are included in our consolidated statements of operations.
For further information on all of our significant accounting policies, refer to Note 1 “Description of the Business and Significant Accounting Policies” of our accompanying Notes to Consolidated Financial Statements included elsewhere in this Annual Report on Form 10-K.
Results of Operations
The following table sets forth our results of operations for the periods presented and as a percentage of our total revenues for those periods. The period-to-period comparison of financial results is not necessarily indicative of financial results to be achieved in future periods.
Consolidated Statements of Operations Data
|Fiscal Year Ended January 31,|
|(In thousands and as % of total revenues)||2022||2021||2020|
|Cloud services||$||943,785 ||35.3 ||%||$||554,132 ||24.9 ||%||$||312,358 ||13.2 ||%|
|License||1,056,481 ||39.5 ||971,378 ||43.6 ||1,373,367 ||58.2 |
|Maintenance and services||673,398 ||25.2 ||703,875 ||31.6 ||673,201 ||28.5 |
|Total revenues||2,673,664 ||100.0 ||2,229,385 ||100.0 ||2,358,926 ||100.0 |
|Cost of revenues|| |
Cloud services (1)
|398,274 ||42.2 ||252,290 ||45.5 ||161,510 ||51.7 |
|9,215 ||0.9 ||20,864 ||2.1 ||24,116 ||1.8 |
Maintenance and services (1)
|326,480 ||48.5 ||274,191 ||39.0 ||244,162 ||36.3 |
|Total cost of revenues||733,969 ||27.5 ||547,345 ||24.6 ||429,788 ||18.2 |
|Gross profit||1,939,695 ||72.5 ||1,682,040 ||75.4 ||1,929,138 ||81.8 |
|Research and development||1,029,574 ||38.5 ||791,026 ||35.5 ||619,800 ||26.3 |
|Sales and marketing||1,534,600 ||57.4 ||1,336,056 ||59.9 ||1,263,873 ||53.6 |
|General and administrative||522,350 ||19.5 ||335,144 ||15.0 ||332,602 ||14.1 |
|Total operating expenses||3,086,524 ||115.4 ||2,462,226 ||110.4 ||2,216,275 ||94.0 |
|Interest and other income (expense), net|| |
|Interest income||2,583 ||0.1 ||13,850 ||0.6 ||54,142 ||2.3 |
|Other income (expense), net||(1,939)||(0.1)||(11,636)||(0.5)||(2,407)||(0.1)|
|Total interest and other income (expense), net||(173,954)||(6.5)||(120,862)||(5.4)||(44,514)||(1.9)|
|Loss before income taxes||(1,320,783)||(49.4)||(901,048)||(40.4)||(331,651)||(14.1)|
|Income tax provision||18,314 ||0.7 ||6,932 ||0.3 ||5,017 ||0.2 |
(1)Calculated as a percentage of the associated revenues.
Comparison of the Fiscal Years Ended January 31, 2022 and 2021
(Dollars in millions)
Total revenues increased $444.3 million, or 19.9%, primarily due to the following:
+ increase of $389.7 million, or 70.3%, in cloud services revenues
+ increase of $85.1 million, or 8.8%, in license revenues
- decrease of $30.5 million, or (4.3)%, in maintenance and services revenues
Our transition to a cloud services delivery model has impacted, and it will continue to impact the timing of our recognition of revenue as an increasing percentage of our sales becomes recognized ratably. The increase in cloud services revenues reflects the continued customer adoption of our cloud services offerings. Our customers are increasingly purchasing our Splunk Cloud service as it delivers the benefits of Splunk Enterprise, while eliminating the need to purchase, deploy and manage infrastructure. The increase in license revenues is a result of increased license bookings during fiscal 2022, as compared to fiscal 2021. Maintenance and services revenues decreased as our customers shift to a cloud services delivery model.
Cost of Revenues and Gross Margin
(Dollars in millions)
Total cost of revenues increased $186.6 million or 34.1% primarily due to the increase in cloud services cost of revenues, as a result of our ongoing transition from a license to a cloud services delivery model.
Cloud services cost of revenues increased $146.0 million or 57.9%, primarily due to the following:
+ increase of $94.0 million in third-party hosting fees to support our cloud services
+ increase of $26.7 million in salaries and benefits, including stock-based compensation expense as we increased headcount
+ increase of $13.1 million in third-party consulting services
+ increase of $10.5 million in overhead expenses
Maintenance and services cost of revenues increased $52.3 million, or 19.1%, primarily due to the following:
+ increase of $34.6 million in salaries and benefits, including stock-based compensation expense as we increased headcount
+ increase of $15.2 million in third-party consulting services
Total gross margin decreased primarily due to a shift in the overall revenue mix in favor of cloud services, which have lower gross margins than our license business. The decrease in maintenance and services gross margin is primarily attributable to a decline in maintenance and services revenues and an increase in costs as we scale our cloud services related professional services.
(Dollars in millions)
Research and Development Expense
Research and development expense increased $238.5 million, or 30.2%, primarily due to the following:
+ increase of $165.0 million in salaries and benefits, which includes a $55.9 million increase in stock-based compensation expense as we increased headcount
+ increase of $43.3 million in third-party hosting fees to support our product development efforts
+ increase of $17.8 million in third-party consulting services
+ increase of $8.5 million in overhead and other expenses
Sales and Marketing Expense
Sales and marketing expense increased $198.5 million, or 14.9%, primarily due to the following:
+ increase of $134.1 million in salaries and benefits, which includes a $48.1 million increase in stock-based compensation expense as we increased headcount
+ increase of $20.8 million in overhead and other expenses
+ increase of $19.5 million in third-party consulting services
+ increase of $14.8 million in marketing expenses
+ increase of $5.1 million in travel-related expenses
General and Administrative Expense
General and administrative expense increased $187.2 million, or 55.9%, primarily due to the following:
+ increase of $128.9 million in salaries and benefits, which includes a $48.6 million increase in stock-based compensation expense as we increased headcount
+ increase of $55.2 million in facility exit costs representing the loss on the termination of a lease in San Jose, CA
+ increase of $3.7 million in overhead and other expenses
Interest and Other Income (Expense), net
|Fiscal Year Ended January 31,|
|Interest and other income (expense), net|
|Interest income ||$||2,583 ||$||13,850 |
|Other income (expense), net||(1,939)||(11,636)|
|Total interest and other income (expense), net||$||(173,954)||$||(120,862)|
Interest and other income (expense), net reflects a net increase in expense of $53.1 million, primarily due to an increase in interest expense related to our convertible notes driven by the issuance of the 2026 Notes in July 2021 and the issuance of the 2027 Notes in June 2020, which contributed less than eight months of interest expense during fiscal 2021.
Income Tax Provision
|Fiscal Year Ended January 31,|
|Income tax provision||$||18,314 ||$||6,932 |
Our income tax provision increased primarily due to increases in foreign profits and associated taxes, greater sales to countries that impose withholding taxes, and reduced stock compensation tax benefits in foreign jurisdictions.
Seasonality, Cyclicality and Quarterly Trends
Our quarterly results reflect seasonality in the sale of our offerings. Historically, a pattern of increased license sales in the fourth fiscal quarter as a result of industry buying patterns has positively impacted sales activity in that period, which can result in lower sequential revenue in the first fiscal quarter. We expect some of this seasonality to continue in fiscal 2023 and beyond as license sales activity continues, however we expect the impact of this seasonality to decrease over time as a higher percentage of our revenues come from cloud services. As we continue to expect seasonally higher bookings and billings in the fiscal fourth quarter, with more of our revenue being recognized ratably there will also be a seasonal impact on our remaining performance obligations and deferred revenue. Our gross margins and operating losses have been affected by these historical trends because the majority of our expenses are relatively fixed in the short term. The timing of revenues in relation to our expense activity, which generally does not correlate directly with revenues, has an impact on cost of revenues, research and development expense, sales and marketing expense and general and administrative expense as a percentage of total revenues in each fiscal quarter during the year. The majority of our expenses are personnel-related and include salaries, stock-based compensation, benefits and incentive-based compensation plan expenses. As a result, we have not experienced significant seasonal fluctuations in the timing of expenses from period to period. Although these seasonal factors are common in the technology industry, historical patterns should not be considered a reliable indicator of our future sales activity or performance.
Liquidity and Capital Resources
|Fiscal Year Ended January 31,|
|Cash and cash equivalents||$||1,428,691 ||$||1,771,064 |
|Investments, current||286,337 ||87,847 |
|Investments, non-current||46,431 ||13,728 |
Our principal sources of liquidity are our cash and cash equivalents, investments and net accounts receivable. From time to time, we have also issued convertible debt to supplement our working capital. As of January 31, 2022, we had $1.8 billion of cash, cash equivalents and investments of which $287.6 million was held by foreign subsidiaries. We believe that these funds will be sufficient to meet our anticipated cash needs for at least the next 12 months.
In June 2021, our board of directors authorized and approved a stock repurchase program of up to $1.0 billion of our outstanding common stock. During fiscal 2022 we repurchased 6.9 million shares of common stock with a total price of $1.0 billion, under trading plans complying with Rule 10b5-1 under the Exchange Act, at an average price of $145.23 per share. The repurchased shares are reflected as treasury stock on our consolidated balance sheets and statement of stockholders’ equity. The repurchase program was complete as of October 31, 2021.
We intend to continue to focus our capital expenditures in fiscal 2023 to support the growth in our operations, including acquisition-related activities. Our future capital requirements will depend on many factors including our growth rate, the timing and extent of spending to support development efforts, the expansion of sales and marketing activities, the introduction of new and enhanced software and services offerings, the investments in our office facilities and our systems infrastructure, the continuing market acceptance of our offerings and our planned investments, particularly in our product development efforts or acquisitions of complementary businesses, applications or technologies.
Beginning in fiscal 2020, we shifted from generally invoicing our multi-year contracts upfront to invoicing on an annual basis. Accordingly, the timing of our cash collections will extend over a longer period of time than it has historically.
In July 2021, we issued $1 billion aggregate principal amount of 0.75% Convertible Senior Notes due 2026 (the “2026 Notes”) with Silver Lake Alpine, L.P., Silver Lake Alpine (Offshore Master), L.P. and Silver Lake Partners VI, L.P. as the purchasers. The 2026 Notes are general senior, unsecured obligations of Splunk. The total proceeds from the issuance of the 2026 Notes was $981.7 million, net of issuance costs. In June 2020, we issued $1.27 billion aggregate principal amount of 1.125% Convertible Senior Notes due 2027 (the “2027 Notes”), including the exercise in full by the initial purchasers of the 2027 Notes of their option to purchase an additional $165.0 million principal amount of 2027 Notes. The 2027 Notes are general senior, unsecured obligations of Splunk. The total proceeds from the issuance of the 2027 Notes was $1.25 billion, net of initial purchaser discounts and other issuance costs. In connection with the issuance of the 2027 Notes, we entered into privately negotiated capped call transactions with certain counterparties (the “2027 Capped Calls”). We used approximately $137.4 million of the net proceeds from the offering of the 2027 Notes to pay the cost of the 2027 Capped Calls and $691.6 million to repurchase, for cash, approximately $488.3 million aggregate principal amount of our outstanding 2023 Notes. In September 2018, we issued $1.27 billion aggregate principal amount of 0.50% Convertible Senior Notes due 2023 (the “2023 Notes”) and $862.5 million aggregate principal amount of 1.125% Convertible Senior Notes due 2025 (the “2025 Notes”). In connection with the issuance of the 2023 Notes and the 2025 Notes, we entered into privately negotiated capped call transactions with certain counterparties (the “2023 and 2025 Capped Calls”). The premiums paid for the purchase of the 2023 and 2025 Capped Calls were $274.3 million. Refer to Note 7 “Convertible Senior Notes” of our accompanying Notes to Consolidated Financial Statements included elsewhere in this Annual Report on Form 10-K.
In the event that additional financing is required from outside sources, we may not be able to raise it on terms acceptable to us, if at all. If we are unable to raise additional capital when desired, our business, operating results and financial condition could be adversely affected.
Net cash provided by (used in) operating activities consist of our net loss adjusted for certain non-cash items and changes in operating assets and liabilities during the year.
Net cash provided by operating activities was $128.0 million for the year ended January 31, 2022 compared to net cash used in operating activities of $190.9 million in the prior year. Net cash provided by operating activities in fiscal 2022 was primarily due to higher cash collections from customers relative to payments to vendors and employees.
Net cash used in investing activities of $333.8 million for the year ended January 31, 2022 primarily consisted of marketable securities purchases of $210.6 million, net of maturities, cash consideration paid related to the TruSTAR acquisition, net of cash acquired, of $80.3 million, purchases of strategic investments of $23.8 million, purchases of property and equipment of $10.7 million and cash used for the development of internal-use software of $9.4 million.
Net cash provided by investing activities of $797.2 million for the year ended January 31, 2021 primarily consisted of $908.7 million maturities of marketable securities, offset by cash consideration paid related to the Rigor, Plumbr and Flowmill acquisitions, net of cash acquired of $56.4 million, purchases of property and equipment of $37.1 million and cash used for the development of internal-use software of $14.6 million.
Net cash used in financing activities of $136.7 million for the year ended January 31, 2022 primarily consisted of $1.0 billion of repurchases of common stock and taxes paid related to the net share settlement of equity awards of $201.0 million, offset by net proceeds of $982.2 from the issuance of the 2026 Notes, and proceeds of $79.9 million from our employee stock purchase plan.
Net cash provided by financing activities of $382.9 million for the year ended January 31, 2021 of $440.2 million proceeds from the issuance of the 2027 Notes, net of capped calls purchases and a partial repurchase of the 2023 Notes, and proceeds of $79.9 million from employee stock purchase plan.
Our principal commitments consist of obligations under leases for office space. Refer to Note 4 “Leases” of our accompanying Notes to Consolidated Financial Statements included elsewhere in this Annual Report on Form 10-K for additional details related to our accounting for leases and related costs. In addition, we hold convertible debt securities. For more information on our convertible senior notes, refer to Note 7 “Convertible Senior Notes” of our accompanying Notes to Consolidated Financial Statements included elsewhere in this Annual Report on Form 10-K. As of January 31, 2022, our other contractual commitments associated with agreements that are enforceable and legally binding and that specify all significant terms were payments of $0.2 billion due in the next 12 months and $0.1 billion due thereafter. We expect to fund these obligations with cash flows from operations and cash on our balance sheet.
During the ordinary course of business, we may indemnify, hold harmless and agree to reimburse for losses suffered or incurred, our customers, vendors and each of their affiliates for certain intellectual property infringement and other claims by third parties with respect to our offerings, in connection with our commercial license arrangements or related to general business dealings with those parties.
As permitted under Delaware law, we have entered into indemnification agreements with our officers, directors and certain employees, indemnifying them for certain events or occurrences in connection with their service as our officers or directors or those of our direct and indirect subsidiaries.
Claims and reimbursements under indemnification arrangements have not been material to our consolidated financial statements; therefore, there is no accrual of such amounts at January 31, 2022. We are unable to estimate the maximum potential impact of these indemnifications on our future results of operations.
|Item 7A. Quantitative and Qualitative Disclosures about Market Risk|
Interest Rate Risk
We had cash and cash equivalents of $1.4 billion as of January 31, 2022. We hold our cash and cash equivalents for working capital purposes. Our cash and cash equivalents are held in cash deposits and money market funds. The primary objective of our investment activities is to preserve principal while maximizing yields without significantly increasing risk. This objective is accomplished by making diversified investments, consisting only of investment grade securities. During fiscal 2022 and 2021, the effect of a hypothetical 10% increase or decrease in overall interest rates would not have had a material impact on our operating results or the value of our available-for-sale debt securities.
In September 2018, we issued $2.13 billion aggregate principal amount of convertible senior notes in a private placement, which includes $1.27 billion aggregate principal amount of 0.50% Convertible Senior Notes due 2023 (the “2023 Notes”) and $862.5 million aggregate principal amount of 1.125% Convertible Senior Notes due 2025 (the “2025 Notes”). In June 2020, we issued $1.27 billion aggregate principal amount of 1.125% Convertible Senior Notes due 2027 (the “2027 Notes”), including the exercise in full by the initial purchasers of the 2027 Notes of their option to purchase an additional $165.0 million principal amount of 2027 Notes. The 2027 Notes are general senior, unsecured obligations of Splunk. In July 2021, we issued $1 billion aggregate principal amount of 0.75% Convertible Senior Notes due 2026 (the “2026 Notes”). As these instruments have a fixed annual interest rate, we have no financial or economic interest exposure associated with changes in interest rates. However, the fair value of fixed rate debt instruments fluctuates when interest rates change. Additionally, the fair value of either series of notes can be affected when the market price of our common stock fluctuates. We carry the notes at face value less unamortized discount on our balance sheet, and we present the fair value for required disclosure purposes only. Refer to Note 7 “Convertible Senior Notes” of our accompanying Notes to Consolidated Financial Statements included elsewhere in this Annual Report on Form 10-K.
Foreign Currency Exchange Risk
Our results of operations and cash flows are subject to fluctuations due to changes in foreign currency exchange rates. All of our revenues are generated in U.S. dollars. Our expenses are generally denominated in the currencies in which our operations are located, which is primarily in the United States and to a lesser extent in Europe and Asia. Our results of operations and cash flows are, therefore, subject to fluctuations due to changes in foreign currency exchange rates and may be adversely affected in the future due to changes in foreign exchange rates. We may seek to minimize the impact of certain foreign currency fluctuations by hedging certain balance sheet exposures with foreign currency forward contracts. Any gain or loss from settling these contracts is offset by the loss or gain derived from the underlying balance sheet exposures. We do not enter into any hedging contracts for trading or speculative purposes. The effect of a hypothetical 10% change in foreign currency exchange rates applicable to our business would not have a material impact on our historical consolidated financial statements. As our international operations grow, we will continue to reassess our approach to manage our risk relating to fluctuations in currency rates.
We do not believe that inflation had a material effect on our business, financial condition or results of operations in the last three fiscal years. If our costs were to become subject to significant inflationary pressures, we may not be able to fully offset such higher costs through price increases. Our inability or failure to do so could harm our business, financial condition and results of operations.
Recent Accounting Pronouncements
For recent accounting pronouncements, refer to Note 1 “Description of the Business and Significant Accounting Policies” of our accompanying Notes to Consolidated Financial Statements included elsewhere in this Annual Report on Form 10-K.
|Item 8. Financial Statements and Supplementary Data|
Index to Consolidated Financial Statements
Report of Independent Registered Public Accounting Firm
To the Board of Directors and Stockholders of Splunk Inc.
Opinions on the Financial Statements and Internal Control over Financial Reporting
We have audited the accompanying consolidated balance sheets of Splunk Inc. and its subsidiaries (the “Company”) as of January 31, 2022 and 2021, and the related consolidated statements of operations, of comprehensive loss, of stockholders’ equity and of cash flows for each of the three years in the period ended January 31, 2022, including the related notes (collectively referred to as the “consolidated financial statements”). We also have audited the Company's internal control over financial reporting as of January 31, 2022, based on criteria established in Internal Control - Integrated Framework (2013) issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO).
In our opinion, the consolidated financial statements referred to above present fairly, in all material respects, the financial position of the Company as of January 31, 2022 and 2021, and the results of its operations and its cash flows for each of the three years in the period ended January 31, 2022 in conformity with accounting principles generally accepted in the United States of America. Also in our opinion, the Company maintained, in all material respects, effective internal control over financial reporting as of January 31, 2022, based on criteria established in Internal Control - Integrated Framework (2013) issued by the COSO.
Change in Accounting Principle
As discussed in Note 1 to the consolidated financial statements, the Company changed the manner in which it accounts for leases as of February 1, 2019.
Basis for Opinions
The Company's management is responsible for these consolidated financial statements, for maintaining effective internal control over financial reporting, and for its assessment of the effectiveness of internal control over financial reporting, included in Management’s Annual Report on Internal Control over Financial Reporting appearing under Item 9A. Our responsibility is to express opinions on the Company’s consolidated financial statements and on the Company's internal control over financial reporting based on our audits. We are a public accounting firm registered with the Public Company Accounting Oversight Board (United States) (PCAOB) and are required to be independent with respect to the Company in accordance with the U.S. federal securities laws and the applicable rules and regulations of the Securities and Exchange Commission and the PCAOB.
We conducted our audits in accordance with the standards of the PCAOB. Those standards require that we plan and perform the audits to obtain reasonable assurance about whether the consolidated financial statements are free of material misstatement, whether due to error or fraud, and whether effective internal control over financial reporting was maintained in all material respects.
Our audits of the consolidated financial statements included performing procedures to assess the risks of material misstatement of the consolidated financial statements, whether due to error or fraud, and performing procedures that respond to those risks. Such procedures included examining, on a test basis, evidence regarding the amounts and disclosures in the consolidated financial statements. Our audits also included evaluating the accounting principles used and significant estimates made by management, as well as evaluating the overall presentation of the consolidated financial statements. Our audit of internal control over financial reporting included obtaining an understanding of internal control over financial reporting, assessing the risk that a material weakness exists, and testing and evaluating the design and operating effectiveness of internal control based on the assessed risk. Our audits also included performing such other procedures as we considered necessary in the circumstances. We believe that our audits provide a reasonable basis for our opinions.
Definition and Limitations of Internal Control over Financial Reporting
A company’s internal control over financial reporting is a process designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles. A company’s internal control over financial reporting includes those policies and procedures that (i) pertain to the maintenance of records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the company; (ii) provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles, and that receipts and expenditures of the company are being made only in accordance with authorizations of management and directors of the
company; and (iii) provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use, or disposition of the company’s assets that could have a material effect on the financial statements.
Because of its inherent limitations, internal control over financial reporting may not prevent or detect misstatements. Also, projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions, or that the degree of compliance with the policies or procedures may deteriorate.
Critical Audit Matters
The critical audit matter communicated below is a matter arising from the current period audit of the consolidated financial statements that was communicated or required to be communicated to the audit committee and that (i) relates to accounts or disclosures that are material to the consolidated financial statements and (ii) involved our especially challenging, subjective, or complex judgments. The communication of critical audit matters does not alter in any way our opinion on the consolidated financial statements, taken as a whole, and we are not, by communicating the critical audit matter below, providing a separate opinion on the critical audit matter or on the accounts or disclosures to which it relates.
Revenue recognition –Identifying, Evaluating and Accounting for Terms and Conditions in Contracts with Customers
As described in Note 1 to the consolidated financial statements, the Company generates revenue in the form of cloud service fees, software license and related maintenance fees, and other service fees. The Company’s contracts with customers often contain multiple performance obligations. Management accounts for individual performance obligations separately if they are distinct. Management applies significant judgment in identifying and accounting for each performance obligation, as a result of evaluating the terms and conditions in contracts. As disclosed by management, the Company’s revenue was $2.7 billion for the fiscal year ended January 31, 2022.
The principal considerations for our determination that performing procedures relating to revenue recognition, specifically the identification, evaluation and accounting for terms and conditions in contracts with customers, is a critical audit matter are the significant judgment by management in identifying, evaluating and accounting for terms and conditions in contracts with customers. This in turn led to significant auditor judgment and effort in performing procedures and evaluating audit evidence related to whether terms and conditions in contracts were appropriately identified, evaluated and accounted for by management.
Addressing the matter involved performing procedures and evaluating audit evidence in connection with forming our overall opinion on the consolidated financial statements. These procedures included testing the effectiveness of controls relating to the revenue recognition process, including controls over the identification and evaluation of the contractual terms and conditions that impact the identification of performance obligations and determination of revenue recognition. These procedures also included, among others, (i) testing the completeness and accuracy of management’s identification and evaluation of the terms and conditions in contracts with customers by examining revenue arrangements on a test basis, and (ii) testing management’s process for identifying and evaluating the terms and conditions in contracts with customers, including management’s identification of the performance obligations and determination of the impact of those terms and conditions on revenue recognition.
/s/ PricewaterhouseCoopers LLP
San Jose, California
March 24, 2022
We have served as the Company’s auditor since 2010.
CONSOLIDATED BALANCE SHEETS
|(In thousands, except share and per share amounts)||January 31, 2022||January 31, 2021|
|Assets|| || |
|Current assets|| || |
|Cash and cash equivalents||$||1,428,691 ||$||1,771,064 |
|Investments, current ||286,337 ||87,847 |
|Accounts receivable, net||1,306,666 ||1,114,199 |
|Prepaid expenses and other current assets||152,871 ||162,939 |
|Deferred commissions, current||102,322 ||136,331 |
|Total current assets||3,276,887 ||3,272,380 |
|Investments, non-current||46,431 ||13,728 |
|Accounts receivable, non-current||242,689 ||347,202 |
|Operating lease right-of-use assets||229,198 ||356,296 |
|Property and equipment, net||124,900 ||182,780 |
|Intangible assets, net||164,769 ||206,153 |
|Goodwill ||1,401,628 ||1,334,888 |
|Deferred commissions, non-current||200,876 ||69,637 |
|Other assets||103,497 ||85,422 |
|Total assets||$||5,790,875 ||$||5,868,486 |
|Liabilities and Stockholders’ Equity|| || |
|Current liabilities|| || |
|Accounts payable||$||59,206 ||$||9,319 |
|Accrued compensation||396,952 ||281,986 |
|Accrued expenses and other liabilities||257,979 ||202,959 |
|Deferred revenue, current ||1,384,605 ||1,030,484 |
|Total current liabilities||2,098,742 ||1,524,748 |
|Convertible senior notes, net||3,137,731 ||2,302,635 |
|Operating lease liabilities||225,556 ||330,970 |
|Deferred revenue, non-current||86,584 ||110,418 |
|Other liabilities, non-current||19,491 ||5,710 |
|Total non-current liabilities||3,469,362 ||2,749,733 |
|Total liabilities||5,568,104 ||4,274,481 |
|Commitments and contingencies (Note 3 and 4)|
|Stockholders’ equity|| || |
Preferred stock: $0.001 par value; 20,000,000 shares authorized; no shares issued or outstanding at January 31, 2022 and January 31, 2021
|— ||— |
Common stock: $0.001 par value; 1,000,000,000 shares authorized; 160,044,675 shares outstanding at January 31, 2022, and 163,147,139 shares issued and outstanding at January 31, 2021
|167 ||163 |
|Accumulated other comprehensive loss||(1,199)||(592)|
|Additional paid-in capital ||5,032,351 ||4,063,885 |
Treasury stock, at cost: 6,885,414 shares at January 31, 2022, and 0 shares at January 31, 2021
|Total stockholders’ equity ||222,771 ||1,594,005 |
|Total liabilities and stockholders’ equity ||$||5,790,875 ||$||5,868,486 |
The accompanying notes are an integral part of these consolidated financial statements.
CONSOLIDATED STATEMENTS OF OPERATIONS
|Fiscal Year Ended January 31,|
|(In thousands, except per share amounts)||2022||2021||2020|
|Revenues|| || || |
|Cloud services||$||943,785 ||$||554,132 ||$||312,358 |
|License||1,056,481 ||971,378 ||1,373,367 |
|Maintenance and services|