Annual Report • May 27, 2021
Annual Report
Open in ViewerOpens in native device viewer
cyan AG, Munich DE
| Earnings Figures | 2020 | 2019 | |
|---|---|---|---|
| Total earningsa | in EUR million | 25.4 | 32.5 |
| EBITDAb | in EUR million | -5.1 | 11.7 |
| EBITDA-marginc | in % | -24% | 44% |
| EBIT | in EUR million | -11.0 | 5.5 |
| EBIT-marginc | in % | -52% | 21% |
| Net income/loss | in EUR million | -9.3 | 4.5 |
| Earnings per share | in EUR | -0.95 | 0.49 |
| Segment Figures | 2020 | 2019 | |
|---|---|---|---|
| Revenue BSS/OSS | in EUR million | 18.2 | 18.4 |
| Revenue Cybersecurity | in EUR million | 3.1 | 8.3 |
| EBITDA BSS/OSS | in EUR million | 8.4 | 11.5 |
| EBITDA Cybersecurity | in EUR million | -11.3 | 3.7 |
| Cash Flow Figures | 2020 | 2019 | |
|---|---|---|---|
| Operating cash flow | in EUR million | -8.7 | -5.8 |
| Investment cash flow | in EUR million | -0.8 | 0.5 |
| Financing cash flow | in EUR million | 1.8 | 11.8 |
| Balance Sheet Figures | 31/12/2020 | 31/12/2019 | |
|---|---|---|---|
| Assets, total | in EUR million | 96.3 | 99.3 |
| Equity | in EUR million | 72.7 | 82.2 |
| Net debtd | in EUR million | 7.3 | -5.1 |
| Key Operating Figures | 31/12/2020 | 31/12/2019 | |
|---|---|---|---|
| Number of staff | 149 | 135 | |
| Leadse | 106 | 58 | |
| Addressable marketf | in million | 74 | 50 |
a Comprising sales revenue EUR 21.3 million plus other income EUR 2.1 million and changes in inventories EUR 2.0 million.
b Including extraordinary expenses amounting to EUR - 9.3 million (e.g., FX-effects, write-down of Wirecard receivables)
c Calculated as EBITDA or EBIT divided by revenues
d Consists of leasing liabilities of EUR 6.2 million and financial liabilities of EUR 3.6 million less cash and cash equivalents of EUR 2.5 million.
e Corresponds to leads from internal sales cycle phases: NDA, Proof of Concept, Request for Proposal/Quote, Close to Signing.
f Existing contractual relationship where technical integration has already been started/implemented.
| Letter from the Management Board | 5 |
|---|---|
| Six Questions for Frank von Seth | 8 |
| Report by the Supervisory Board | 11 |
| cyan-Share Share price Analyst coverage Key share data Shareholder structure Investor relations activities Apportionment of profits |
15 15 15 16 16 17 18 |
| Combined Management Report Principles of the Group Economic report Economic developments at cyan AG Opportunity and risk report Forecast report Takeover disclosures |
21 21 29 38 41 49 50 |
| Consolidated Financial Statements | 55 |
| Statement of Comprehensive Income Consolidated Statement of Financial Position Consolidated Statement of Cash Flows Consolidated Statement of Changes in Equity |
55 56 58 60 |
| Notes to the Consolidated Financial Statements | 63 |
| Information About the Company Accounting Principles Segment Reporting Notes to the Statement Comprehensive Income Notes to the Statement of Financial Position Notes to the Consolidated Cash Flow Statement Financial Instruments and Risk Management Other Explanations |
63 63 79 81 87 99 100 106 |
| Assurance by the Legal Representatives | 111 |
| Independent Auditor's Report | 113 |
| Further Information | 119 |
| Disclaimer Imprint |
119 120 |
Dear shareholders,
The 2020 financial year was for cyan, as for most companies and people, an extraordinary year marked by many uncertainties, but also by new insights. The global spread of the COVID-19 pandemic brought social and economic life largely to a halt, both nationally and internationally, and led to a downturn in the global economy. Despite the serious endurance test due to the global pandemic, cyan was able to make some important progress with existing and new partners.
At all times, the safety and well-being of our employees was a top priority. As a first step, we moved our employees to home offices, first in Europe and then in Latin America. Thanks to a very flexible IT environment and the excellent response of our employees, we were able to make this transition smoothly and continue our daily operations virtually uninterrupted. However, the often very complex corporate structures at our partners and customers, led to difficulties coping with the new situation on their side, resulting in delayed installation projects and technical on-site workshops, due to reduced resources caused by short-time work and travel restrictions.
The important Mobile World Congress in Barcelona was cancelled in February, depriving us of an important opportunity to present ourselves to potential new customers. With the recurring waves of the pandemic and the resulting global uncertainty, the short-term reaction of most MNOs and insurance companies was, on the one hand, to refocus on mission-critical business and, on the other, to exercise great caution with regard to new investments, which led to budget cuts.
The shift to remote work by large parts of the global population resulted in a significant increase in traffic over private, unsecured networks which led to an immediate increase in cybersecurity incidents through phishing and malware. During the course of the year, many telecommunications companies and insurers recognized this fact and intend to offer their customers suitable products for protection against cyber-attacks in the future. This led to an increased demand for our technology at the end of the year, from which we can also expect significant opportunities for our company in the medium term.
During these difficult times, the dominant focus for us was on implementing installations with existing customers. First and foremost, we were able to make significant progress with Orange France. Once we had handed over the software solution in the beginning of 2020, we went on to complete the technical test phase and began Friendly Customer Testing, an 'early-access program' with a four-digit number of interested customers in preparation for the commercial launch. In addition, detailed talks and negotiations with Orange companies in other countries have been initiated, and other projects such as the one in Slovakia have been defined and started. The network environment in most of these countries is less complex so we anticipate faster implementation and, from day one, the inclusion of all customer groups as well as of the entire range of cyan cybersecurity products.
In April 2020, our successful collaboration with Aon was completed at a technical level through the upload of the Aon CySec app to the Google Play Store and the Apple App Store. Regrettably, the pandemic delayed the sales launch for Aon. We have been engaged in a constructive dialogue to leverage areas of further potential here in 2021. In addition, Aon acts as an important intermediary with other insurance companies that have already expressed great interest in working with us.
In May, a partnership was agreed with MobiFone for our child protection solution. In the first quarter of 2021, we managed to finalize the integration of products in a telecommunications network with more than 50 million customers, despite travel restrictions and therefore almost entirely through virtual coordination and communication. We are in close dialog with MobiFone on the monetarization and the implementation of further cyan solutions.
The contractual extension with Magenta (previously T-Mobile Austria) defined a substantial enlargement of the potential customer base, to the magnitude of several hundred thousand end customers with fixed-line internet connections (previously UPC Austria). Delayed because of COVID, the market launch commences in the second quarter of 2021.
At the end of June, we were made aware of the insolvency of our important customer Wirecard. We had to make an adjustment in our accounts, writing down receivables amounting to almost EUR 5 million.
In July, cyan was able to sign an important contract with Virgin Mobile covering 83 million end user licenses in Mexico, Colombia, and Chile. Under the terms of this contract, cyan will provide all the technology needed to operate an MVNO, including security offers.
In the BSS/OSS segment, we concluded a contract with SMARTEL in the second half of the year. This will involve cyan, as a Mobile Virtual Network Enabler (MVNE), in providing the technological infrastructure for a new generation of MVNOs in Central Europe.
In December, a partnership with the US-American company Secure64, to develop 360 degree security solutions in the field of DNS technology, was announced. With this shared approach, the expertise that both companies possess in various aspects of the DNS business can be bundled to generate the best possible range of products for major Tier-1 operators.
In January 2021, we were able to announce an extension of our partnership with Grameenphone in Bangladesh for at least another five years. Grameenphone is planning to double its number of end users for its Skitto brand by the end of 2021. In addition, the clear objective is to achieve a customer base in the double-digit millions in the following years.
The cybersecurity market is in constant transformation and through COVID-19 the threat landscape has been further amplified. We are therefore working continuously on our technology to provide our end users with a secure online experience. By using the latest technologies and optimizing research processes, our teams managed to reduce the update cycle of our software filter to two hours, which allows end users to be even better protected against emerging threats on the internet. The goal continues to be a near real-time update of customers' systems, which we want to achieve through further optimizations in the research process and the update interfaces.
In product development, we decided to focus on unifying our security portfolio, under the heading of 'Seamless Security'. This step provides us with a unique selling proposition over our competitors, as we are the only provider to offer all security modules – networkbased filters, iOS & Android apps as well as a solution for Windows – controllable for the end user using one central interface.
The solid order backlog, despite COVID-19, requires our company to invest continuously in new resources, especially the sectors of research, development and operations. To secure liquidity, talks with our principal banks on a credit line were successfully concluded in the second half of the year. In addition, a Convertible Notes Funding Program was launched with a strategic investor at the beginning of 2021. This scheme entitles us to issue convertible notes for a total value of up to EUR 8.4 million. The financing instrument provides us with important flexibility for leveraging our growth opportunities on the market and enables us to expand geographically as well as in terms of our products. In this way, we can continue to invest in our technology and further strengthen our brand – where the most urgent objective must be to achieve recurring revenues with as many additional customers as possible.
In mid-September, we announced a change in the cyan AG Management Board. Longserving CEO Peter Arnoth was succeeded by Frank von Seth, who formally took office on January 1, 2021, following a transition period. Over the last ten years, Frank von Seth has occupied various management positions in the insurance and risk management sector – most recently with our partner, the leading risk adviser Aon. Also, in early 2021, we were able to welcome a core investor, Alexander Schütz, to the Supervisory Board.
Dear shareholders, 2020 was a challenging year. We would like to extend our thank you for the confidence you have shown, and we look forward to moving with you into a very promising future.
The Management Board,
Frank von Seth CEO
Munich, April 2021
Markus Cserna CTO
Michael Sieghart CFO
Frank von Seth joined cyan as CEO in January 2021. His vision for cyan's cybersecurity solutions is to become the safety belt for end users on the data highway. The mission will be to drive cyan's growth even further through brand awareness and customer focus and to establish cyan as the world's leading cybersecurity company for mobile devices.
I am originally from Hamburg, where I spent the first 30 years of my life. I made my career in the financial industry and consulting, where my main focus has been distribution. The last 20 years I have had the privilege to work and live very internationally – in countries like Japan, Australia and Switzerland. During this time, I have repeatedly built companies and teams around the world, formed partnerships, and learned to appreciate cultural and economic structures. These experiences have helped me to develop new business areas under the most diverse circumstances and to generate great success with my employers, but especially with my customers, partners, and suppliers. I see myself very much in the position of a service provider who is interested in ensuring that the largest possible number of stakeholders are successful in the long term. Interestingly, I have always achieved this with very selective products or services, which then later became the door opener to a much larger market, or through which it was much easier to reach the larger market with other services. I see something similar happening at cyan now.
Let me illustrate it using an example: In the seventies, a seat belt was not standard when driving a car. It wasn't even installed by all car manufacturers and there were no corresponding legal requirements – obviously quite different from today. The same thing is currently happening on the digital highway which is the internet: consumers are currently driving around at work and in their private life without wearing a seatbelt. cyan has made it its mission to ensure safe driving on this data highway – our solutions are intended to be the seat belt on the internet journey, without limiting the positive experience of this journey.
In the consumer mass market. In the future, cyan will rather directly address the needs of the end user so that we understand their security needs and behavior even better. Our technology is universal and can be deployed in many areas: telecommunications, insurance, but also IoT, educational apps, or connected mobility, for example. In the next step, we will focus on three areas: MNOs, insurers, and end users. What unites the former two groups is that they have very large access to consumers and that they are still in the early stages of dealing with cyber. We no longer view these two groups as customers, but rather see them as our partners. B2B2C thus becomes B2P2C – we both have the same goal in mind. In the third focus area, we will approach end users directly with our own product. The knowledge we develop from this can then also be used by our distribution partners to streamline product presentation, user-friendliness, and monetization.
As mentioned, cyber is a very important topic among insurers, but it does not have a long history, so in many ways they are still limited in knowledge and experience. I came from risk consulting and worked a lot with insurers. It was possible to see how the risks of cybercrime have changed over time. In the beginning, it almost invariably affected multinational companies – mainly banks. In recent years, small and medium-sized companies have been added to the target list; the pandemic and the associated home office and distance learning have led to major cyberattacks on a broad scale among smaller companies, educational institutions, and private individuals. Having a cyber insurance is important and helps fill financial gaps when problems have occurred that could not have been prevented. But in order to effectively protect customers now, and ultimately reduce insurance risk, preventative measures are necessary – otherwise it would be a bit like offering car insurance but not having a seatbelt. The compensation that the insurer can offer is usually financial, but for SMEs and individual consumers, the non-material damage is often far greater – think of, say, grandparents losing the pictures of their children and grandchildren on their smartphones. We want to work with insurers to help customers mitigate these risks through our convenient and mass-marketable cybersecurity solutions, so that damage is minimal to non-existent.
cyan has developed a great technological edge in its cybersecurity products in the past. Today, we can offer a customer interface for every situation – we call this our Seamless Security Platform. We have solutions for both network-integrated and device-based cybersecurity, which we sell as white-label products through our partners. However, as with many technology companies, marketing such complex technologies often gets overlooked in the process. A big focus will be on building our own brand. We will reposition ourselves through non-traditional sales channels and marketing tools, getting to know and understand the user even better and making a virtual product attractive to the user. We plan to do this with our own cyan branded app and associated marketing activities. This will then also benefit us in our collaboration with our partners – we become an ingredient and quality stamp in our partner's branding strategy. Basically like 'cyan inside'.
'Think big, be creative and be fast' is how I would describe the atmosphere I want to create at cyan. We operate in a large, rapidly evolving market that offers tremendous opportunity for employees, partners, and shareholders. We will improve every day, strive to create sustainable value as a company, and do everything we can to evolve from a mediumsized European company into a global cybersecurity player.
Dear shareholders,
The 2020 financial year was strongly influenced by the COVID-19 pandemic and thus also challenging for CYAN AG (hereinafter also called the 'Company'). On the Supervisory Board, we had to suddenly move towards holding all sessions online; for an entire year, the Management Board and the staff had to demonstrate great flexibility while maintaining high standards of professionalism. In the following report, the Supervisory Board provides information on the performance of its duties and the key points of its activities in the 2020 financial year.
In the 2020 financial year, the Supervisory Board of CYAN AG was able to perform all of its duties, despite the global COVID-19 pandemic, as defined by law and by Articles of Association. Throughout the 2020 financial year, it regularly and extensively dealt with the position and development of the company. The Supervisory Board consulted on a regular basis with the Management Board of the company, and it monitored its activities diligently. On a regular, prompt, and comprehensive basis, the Management Board informed the Supervisory Board in written and verbal form of all major aspects of planning, business development, the position of the company including its risk position, governance, and compliance as well as current topics.
A total of six Supervisory Board sessions took place, on January 15, 2020, February 25, 2020, April 29, 2020, May 14, 2020, June 3, 2020, and on October 22, 2020. Every member of the Supervisory Board attended at least half of all Supervisory Board sessions. Mr. Rofalski and Mr. Prunbauer attended all of those sessions, while Mr. Schütze was prevented from attending one because of illness. Due to the extensive security measures resulting from the COVID- 19 pandemic, these sessions were held virtually through the medium of videoconferences. When necessary, the Supervisory Board also passed written resolutions by circulation procedure. Between these sessions, the Supervisory Board was kept informed by written reports from the Management Board covering significant projects and plans for the company.
Topics covered at regular sessions of the Supervisory Board included the position of the company in relation to sales, profits and customers, as well as the financial position of the company. No conflicts of interest arose among Supervisory Board members in relation to their activities as members of the Supervisory Board. The Supervisory Board approved the resolutions proposed by the Management Board after thorough examination.
Since the Supervisory Board only consists of three members, no committees were formed in the 2020 financial year.
The first conference call of the Supervisory Board in the 2020 financial year, held on January 15, 2020, dealt primarily with budget and liquidity planning for the new financial year, explained in detail by the Management Board. In addition, members of the Management Board answered a range of questions put to them by members of the Supervisory Board.
In the session on February 25, 2020, the Management Board ran through its preliminary annual figures for the financial year 2019. In this context, the recognition of license revenues with ACN and Wirecard was covered. In the light of the cash flow plan presented, the Management Board explained its past and future strategy.
In the balance sheet meeting on April 29, 2020, the finalized consolidated financial statements in accordance with IFRS and the annual accounts of CYAN AG in accordance with HGB were presented by the Management Board. The auditor of HLB Dr. Stückmann und Partner mbB attended the detailed discussion of the financial statement documents and reported on the audit, the main points of the audit and the results of the audit. Following a detailed examination by the Supervisory Board, the annual accounts of CYAN AG in accordance with HGB and the consolidated financial statements in accordance with IFRS were signed off. This session also included a discussion with the Management Board of the possible impact of the COVID-19 pandemic – specific details of that impact were to be clarified at the following session on May 14, 2020.
Accordingly, the Supervisory Board session on May 14, 2020 dealt primarily with the ramifications of the COVID-19 crisis for the company and revisited the discussion from previous sessions in greater depth. Measures to reduce risk and to protect liquidity were discussed with the Management Board.
On May 19, 2020, the Chairman of the Supervisory Board arranged for a resolution to be adopted by telephone. The subject of the resolution was the compensation of the members of the Management Board.
The meeting on June 3, 2020 focused on the forecast for the following half-year, adjusted due to the COVID 19 pandemic and in accordance with previous Supervisory Board meetings.
On July 1, 2020, a resolution was passed by telephone. In this, the appointments of Markus Cserna and Michael Sieghart to the Management Board for the years 2021 to 2022 and the corresponding extension of their employment contracts were resolved.
By way of circular resolution, the personnel changes to the Management Board and Supervisory Board were decided on September 15, 2020. Frank von Seth was appointed to the Management Board succeeding Peter Arnoth as of January 1, 2021, and a corresponding employment contract was concluded. Furthermore, the resignation of Volker Rofalski from the Supervisory Board at the end of the year and the court appointment of Alexander Schütz to the Supervisory Board were resolved.
The Supervisory Board session on October 22, 2020, dealt with the published interim report, the concluded lines of credit and the budget forecast for the remainder of the year. In this regard, the Management Board explained the published half-year results as well as the forecast. The Management Board also reported on the status of changes to the corporate structure. The companies of the group cyan International Solutions GmbH, cyan Mobile Security GmbH, and cyan Networks Software GmbH were merged with cyan Security Group GmbH. In addition, I-New Unified Mobile Solutions GmbH was converted from an AG to a GmbH [from a corporation to a limited company]. Other structural measures such as the merger between Smartspace GmbH and I-New Unified Mobile Solutions GmbH were discussed.
The following session took place at the start of the next year.
During the 2020 financial year, changes were agreed for the Management Board and for the Supervisory Board of CYAN AG were decided and these were announced in mid-September. At the end of the year, on December 31, 2020, Volker Rofalski, Deputy Chairman of the Supervisory Board, stepped down from the Supervisory Board. With the start of the following year, Alexander Schütz was formally appointed to the Supervisory Board. On the Management Board, Peter Arnoth, Chairman of the Management Board (CEO), relinquished his post at the end of the financial year. Frank von Seth was appointed as his successor.
We would like to thank Volker Rofalski and Peter Arnoth for their many years of service.
The auditor elected at the shareholder's meeting on July 2, 2020, and duly appointed by the Supervisory Board, the auditing company of HLB Dr. Stückmann und Partner mbB, Munich, examined the annual accounts of CYAN AG and the combined management report as well as the consolidated financial statements for the 2020 financial year and issued an unqualified audit opinion on this report. The auditor submitted a declaration of independence to the Supervisory Board.
The auditor explained the auditing principles in their audit report. No objections were raised by the auditors.
Both the annual financial statements and the combined management report, as well as the auditor's report were presented to all members of the Supervisory Board in a timely manner. The annual financial statement documents were discussed in depth at the balance sheet meeting of the Supervisory Board on April 27, 2021. The Supervisory Board examined the annual accounts and consolidated financial statements as well as the combined management report in thorough detail.
No objections were raises after completion of this review. The Supervisory Board agreed with the results of the audit and approved the financial statements submitted by the Management Board for the 2020 financial year. The annual financial statements have thus been adopted. The Supervisory Board endorsed the combined management report and the assessment of the further development of the Company.
With respect to the profit achieved by CYAN AG, due to the negative consolidated cashflow from operations, the profit generated by CYAN AG will be proposed to the Annual General Meeting on June 23, 2021 to be carried forward without dividend.
The Supervisory Board acknowledged its gratitude to the Management Board and to all company employees for their hard work under demanding conditions during the 2020 financial year, and expressed its recognition for their high level of commitment and performance.
Munich, April 2021
On behalf of the Supervisory Board,
Alexander Schütz Chairman of the Supervisory Board
cyan share price development 1/1/2020 – 31/12/2020a
CYAN AG has been listed in scale segment (Open Market) on the Frankfurt Stock Exchange since March 2018. The capital market experienced a volatile year in 2020. While the Corona pandemic and Brexit ratification had a negative impact on the markets at the beginning of the fiscal year, the stock market recovered noticeably in the second half of the year. On January 2, 2020 (first trading day on XETRA), the cyan share opened at EUR 20.70, and initially it progressed in step with the comparison index. At the end of June, the share price was severely affected by the insolvency of Wirecard AG and thereafter was only able to recover at a lower rate than the index, with cyan closing on December 30, 2020 (last trading day on XETRA) at EUR 12.80. In the 2020 financial year, the cyan share returned negative performance of 38.2 %. The Scale All Share Performance Index that covers the performance of all companies listed in the scale segment rose during the same period by 32.9%, the DAX (Performance Index), by contrast, rose only by approximately 3%. On January 20, 2020, the highest closing price (XETRA) in the year was achieved, at EUR 23.88. The lowest daily closing price was recorded on September 25 at EUR 9.25. The market capitalization based on the outstanding bearer shares of CYAN AG was EUR 125.1 million as of December 31, 2020.
As of December 31, 2020, research coverage of the cyan share was being provided by a total of six research analysts. Three institutes issued a buy recommendation for cyan shares while two issued a hold recommendation; one did not issue any recommendation. The average value of the issued share price targets amounted to EUR 16.10.
| Analyst | Date | Target Price (EUR) |
Recommen dation |
|---|---|---|---|
| Kepler Cheuvreux | 18/12/2020 | 20.00 | Buy |
| Bankhaus Lampea | 18/12/2020 | 16.00 | Buy |
| Berenberg | 17/12/2020 | 15.00 | Hold |
| Edison Research | 29/10/2020 | - | - |
| Hauck & Aufhäuser | 19/10/2020 | 14.50 | Buy |
| Mainfirst | 22/6/2020 | 15.00 | Hold |
a Coverage ended on December 31, 2020
| WKN (SIN) | A2E4SV |
|---|---|
| ISIN | DE000A2E4SV8 |
| Stock symbol | CYR |
| Trading segment | Open Market (Scale) |
| Sector | Software |
| Exchange | XETRA und Frankfurt |
| Type of shares | Bearer shares |
| First trading day | 28/3/2018 |
| Initial issue price in EUR | 23.00 |
| Number of shares | 9,774,538 |
| Market capitalization 31/12/2020 (in EUR million)a | 125.10 |
| Closing price on 31/12/2020a | 12.80 |
| Percentage change since 1/1/2020a | -38.20% |
| High during the period 2020a | 23.88 |
| Low during the period 2020a | 9.25 |
a XETRA closing price
The shareholder structure as of December 31, 2020, based on the votes registered at cyan's virtual Annual General Meeting, were as follows: Alexander Schütz 14.7%, Apeiron Investment Group Ltd. 12.6%, Tansanit Stiftung 10.3%, cyan AG Management Board 8.1% and Infinitum Ltd. 3.9%. The free float totaled 50.4%.
a Based on the voting rights counted and apportionable at the shareholder's meeting in 2020, supplemented by updated information that was made available to the company.
With the change in the Management Board that took effect on January 1, 2021, Frank von Seth, Markus Cserna and Michael Sieghart accounted for 4.6 % and former member of the Management Board, Peter Arnoth, held 3.5 % of the shares. The Chairman of the Supervisory Board, Alexander Schütz, also reported a change in his positions in February 2021. In the first quarter, the shareholder structure was as follows: Apeiron Investment Group Ltd. 12.6%, Tansanit Stiftung 10.3%, Alexander Schütz 9.7%, alex schütz familienstiftung 9.6%, cyan AG Management Board 4.6%, Peter Arnoth 3.5%, and Infinitum Ltd. 1.0%. The free float accounted for a total of 48.7%.
The global COVID-19 pandemic also had an impact on investor relations activities. International conferences and roadshows were either held as virtual events, or they were canceled on short notice by the event organizers. Nonetheless, the Management Board and Investor Relations were able to provide a vast array of stakeholders with information and to answer their questions, in some cases through virtual conferences and, last but not least, at the Annual General Meeting that was held virtually in 2020. Furthermore, the public was kept informed through quarterly financial reporting as well as by numerous news articles and ad hoc announcements about current developments within the group. A total of 27 capital market publications and news were published during the past year. At the end of the 2020 financial year, the company website, including its Investor Relations area, was revised with the aim of providing users with better and easier navigation.
The new website includes comprehensive information about the company, its technology and its products as well as IR information. This includes information on the share price, financial reports, presentations, the financial calendar, analyst coverage as well as information and documents relating to the shareholder's meeting. ir.cyansecurity.com
At the second Annual General Meeting on July 3, 2020, held in virtual format due to COVID-19, the Management Board and the Supervisory Board of cyan AG, received a high level of support from shareholders for the strategy and direction adopted by the company. The attendance quorum was 64.43%. All points on the agenda requiring decisions were accepted with large majorities (in each case at least 80 %).
Alongside the discharge of Management Board and Supervisory Board and the election of HLB Dr. Stückmann und Partner mbB as the auditor for the 2020 financial year, it was also agreed to create new authorized capital as well as a corresponding change to the articles of association. In addition, the articles of association were adapted in line with the second shareholders rights directive (ARUG II). This defines the participation in and allocation of voting rights at a virtual shareholder's meeting.
Details of the Annual General Meeting, including the voting results, are available on the Investor Relations section of the website.
ir.cyansecurity.com/de/news-events
At the start of the financial year 2021, the Convertible Notes Funding Program (CNFP) was agreed, authorizing the issue of convertible notes to a total value of up to EUR 8.4 million. The exclusive investor for the program is the Swiss company Nice & Green SA, a specialist in equity mezzanine investments and financing of small to medium highgrowth enterprises. The program includes eight consecutive tranches with a term of two years from issue date. The issue will be made excluding the subscription rights of existing shareholders. Further details of the program are provided in the supplementary report.
Once again in 2021, cyan AG will be informing the capital market on a quarterly basis about business performance in a consolidated form and will be represented at several international analyst and investor conferences.
| Event | Date | Location |
|---|---|---|
| Goldman Sachs European Small and Mid Cap Symposium | 4-7/5/2021 | virtual |
| Equity Forum Spring Conference 2021 | 17-19/5/2021 | virtual |
| Quarterly Statement Q1 2021 | 31/5/2021 | - |
| 3rd Annual General Meeting | 23/6/2021 | Munich/virtual |
| Berenberg & Goldman Sachs German Corporate Conference | 20-22/9/2021 | |
| Interim Report H1 2021 | 30/9/2021 | - |
| CF&B 21. MidCap Event | 12-13/10/2021 | virtual |
| Deutsche Börse Equity Forum | 22-24/11/2021 | virtual |
| Quarterly Statement Q3 2021 | 30/11/2021 | - |
Current dates, upcoming events and news for 2021 will be posted on the website on an ongoing basis and updated continuously.
ir.cyansecurity.com/de/news-events
In its annual financial statement, prepared in accordance with HGB for the 2020 financial year, cyan AG posts a net profit. Due to the absence of a positive operational consolidated cashflow, the Management Board and the Supervisory Board propose at the shareholder's meeting of cyan AG on June 23, 2021 to carry forward the profit in cyan AG (see Economic Developments at cyan AG) entirely to new account without dividends. In this way, the Group will maintain the resources to continue on a path to growth.
cyan-Share | 19
The cyan Group (XETR: CYR; hereinafter 'cyan') is a provider of intelligent IT security solutions and telecommunication services with more than 15 years of experience in the IT industry. The main business of the company involves cybersecurity solutions for the end customers of mobile and fixed-line internet providers (MNO, ISP), financial service providers, mobile virtual network operators (MVNO) as well as the convergent BSS/OSS platform (Business Support System and Operations Support System) as a mobile virtual network enabler (MVNE). The security solutions from cyan are integrated in the infrastructure of the business partner who then offers these in a B2B2C model to its own end users under its own brand. With the BSS/OSS business, services such as connection to the network operator, billing, provisioning, and similar services relating to the operational aspects of running an MVNO are offered.
Today, the Group has a large number of international customers through whom cyan products are sold to millions of end users. cyan is able to offer products and services along the entire value-added chain, from the platform, data optimization, to cybersecurity. In addition, cyan runs its own research and development center with the aim of identifying trends in the industry at an early stage and developing optimal product solutions. In December 2018, cyan was able to secure a global Group contract with Orange through an international tender process. Alongside other existing major customers such as T-Mobile and Aon, cyan has been able to announce cooperation agreements with leading international MVNOs such as Flash Mobile or Virgin Mobile.
Within cyan Group, cyan AG based in Munich (Germany) acts as a holding company. The majority of its operational services are provided by its subsidiary I-New Unified Mobile Solutions GmbH ('i-new'; previously I-New Unified Mobile Solutions AG) as well as its subsidiary Cyan Security Group GmbH ('cyan GmbH'), both based in Vienna (Austria).
To make the corporate structure even more streamlined, several companies within the Group were merged during the second and third quarters (see graphic on the Group structure). Through these measures, it was possible to reduce the number of subsidiaries by three companies in the reporting period. The companies Cyan International Solutions GmbH, Cyan Mobile Security GmbH, and Cyan Networks Software GmbH were merged with Cyan Security Group GmbH. In addition, one company was deconsolidated, and a new company was included in the consolidated structure. For the 2021 financial year, as part of the strategy to strengthen the cyan brand, further company mergers are being planned. On the reporting date, cyan was thus represented in eleven countries by its own local subsidiaries. In addition, it operates worldwide sales and service hubs. Further information explaining the consolidated structure at the relevant reporting date is provided in the Notes to the Consolidated Financial Statements.
a In the process of formation
Strategic management of the Group is carried out at the Group holding's head office in Munich (Germany). cyan AG is listed in the scale segment (open market) at Deutsche Börse in Frankfurt am Main (Germany). This stock corporation, an 'Aktiengesellschaft' under German law, has a dual management structure consisting of Management Board and Supervisory Board. The Management Board comprising three members is responsible for the strategic and operational management of the Group. The Chairman of the Management Board (the Chief Executive Officer or CEO) is responsible for Sales, Marketing, and Partner Management. He is also responsible for regional management in South America. The responsibilities of the Chief Technology Officer (CTO) comprise Product and Engineering (Research, Development, Project Management, and Support) as well as Operations. The duties of the Chief Financial Officer (CFO) include Finance and Controlling, Human Resources, Legal & Compliance, and Investor Relations. The Supervisory Board appoints, advises and oversees the Management Board. It comprises three members. No committees are formed on the Supervisory Board. More information about the activities of the Supervisory Board can be found in the Report of the Supervisory Board.
In mid-September, a change was announced on the Management Board of cyan AG. Peter Arnoth, the CEO for many years, relinquished his post at the end of December 2020. Frank von Seth was appointed as his successor, taking up his position on January 1, 2021. Frank von Seth has held various leadership positions at the world's leading risk adviser Aon over the past ten years. Most recently, he was Chief Commercial Officer for Austria and Switzerland. There he was able to conclude many large contracts with multinational customers. Prior to that, Frank von Seth worked for QBE Insurance and Euler Hermes Kreditversicherungs AG, including around eight years in Japan and Australia.
There was also a change on the Supervisory Board. Volker Rofalski left this body on December 31, 2020. For the vacant position, the Supervisory Board nominated Alexander Schütz, who was appointed to the Supervisory Board by court order on January 5, 2021 and elected Chairman of the Supervisory Board at the first Supervisory Board meeting on January 25, 2021. Alexander Schütz is one of the main shareholders of cyan AG and has more than 20 years of management experience; he is founder and Executive Board member of the C-Quadrat Investment Group.
The business activities of the Group are divided into two segments that are used to manage the Group and form the basis for segment reporting: Cybersecurity and BSS/OSS. This structure is modeled on the type of solutions provided. Over the last few years, cyan has developed five product groups, that are offered to its customers individually and also as combined 'seamless' solutions – they are OnNet Security, OnDevice Security, Child Protection, Clean Pipe DNS, and MVNO Platform (BSS/OSS).
The Management Board decided in favor of this form of segmentation because it best reflects the opportunity and threat structure of the company. The distinctive nature of customer groups and the technical solutions and products used provide clear differentiation between the segments.
The cybersecurity segment comprises all services provided by cyan that are based on the use of technology developed by cyan for protection against threats from the Internet. In this segment, cyan delivers its services through the use of products such as OnNet Security, OnDevice Security, Child Protection, or Clean Pipe DNS. The security solutions from cyan are integrated in the infrastructure of the business partners who then offer the products in their own names ('white labeled') to their end users as a value-added service ('B2B2C'). Contracts in the cybersecurity segment usually feature a revenue share or software license model that generates recurring revenues.
The cybersecurity segment consists of the Group member Cyan Security Group GmbH and its subsidiaries. The growth prospects in this segment are viewed as very promising. At present, the geographical focus is primarily on Europe and South America but other regions (including North America, or Asia) are to be gradually supplied by cyan with cybersecurity solutions.
OnNet Security is cyan's fully network-integrated cybersecurity solution, it is, for example, successfully implemented at Magenta Telekom (T-Mobile Austria GmbH), T-Mobile Poland and Orange. The DNS-based filter is integrated directly in the network infrastructure of the corresponding MNO so that the MNO can generate revenues with its end customers through additional packages (such as Magenta with additional package "Internet Protection" in Austria) and at the same time strengthen its own brand with cyan's white-label approach. For each active end user, cyan receives a monthly license fee for the provision of the cybersecurity solution, or derives a direct percentage of the relevant sales revenue.
cyans OnDevice Security (Endpoint Protection) forms an additional security layer that is installed directly on the end customer's device. End users protect their smartphones with an app which in addition to the cybersecurity filter offers features such as an identity and website check or virus scanner. These solutions are connected to the cyan filter system that is implemented in the infrastructure of cyan's partner. The app constitutes an additional offer and is usually sold as a premium expansion to the OnNet Security solution and based on the same model.
Using the Child Protection solution, parents are given the tool they need to provide their children with optimum protection against the dangers on the Internet and to manage activity online. In a central menu, personal profiles can be set up for each child. The app provides age-dependent default settings that are easy for parents to adapt to individual needs. This solution is sold primarily to telecommunications companies as a white label solution, which then offer it to their customers as an additional service (B2B2C).
With Clean Pipe DNS, non-relevant and prohibited data packages are filtered out of the data flow, leading to significant cost savings for the MVNOs and can be required for the fulfillment of compliance stipulations. In particular, cyan technology blocks what are known as background trackers and advertising that loads in the background. This improves the surfing experience of the customer and reduces the volume of data consumed. Through the reduction in data achieved using the Clean Pipe DNS solution, MNOs are confronted with a lower number of network peak loads which means that network operators can postpone the need for investment in the network.
The BSS/OSS segment consists of the services offered as MVNE through provision of a dedicated MVNO platform. cyan is providing a modular product, the MVNO platform, as a one-stop shop for MVNOs. This involves offering MVNOs the entire range of products needed to operate a virtual mobile operator. In the BSS/OSS segment, licenses are typically sold on a monthly basis or in packages, and separate maintenance, support and implementation services are charged where applicable.
Originally, this segment results from the business by I-New Unified Mobile Solutions GmbH, acquired by cyan in 2018. The primary geographic focus of this segment is on South America – recently the customer base in Asia and Europe was also expanded. Here the strong market position of the company is to be enlarged through the acquisition of new customers and, at the same time, the range of services is to be constantly extended, in particular through the company's own cybersecurity products.
On the convergent MVNO platform, all digital services and features needed to operate an MVNO are managed from a single source, a one-stop-shop, in a cloud-native service hub. The spectrum of services provided by cyan ranges from connection to the MNO network, the core network, service delivery, (online) charging, billing, rating and policy control through to customer and product management with tools for customer experience, customer management, PoS support, loyalty campaigns and more.
The solutions from the cybersecurity segment are also integrated in this dedicated platform as part of our Seamless promise. This makes cyan's MVNO platform the only one to offer fully integrated tools and security solutions from a single source to improve revenue opportunities and competitiveness. The platform is distributed to MVNOs as a white label solution.
For over 15 years, cyan's intelligent technology – cyan Threat Intelligence – has ensured that devices and people are protected from digital threats and dangers in their daily use of the Internet. Over the last few years, as a cybersecurity company with a focus on Web Security, cyan has evolved into a technological protective shield for the mass market through its white-label and B2B2C approach. The aim is to continue setting benchmarks for secure connectivity and internet usage into the future – regardless of how and where people access content on the internet. For this, cyan has defined four central areas, building on past successes, to define its future corporate strategy: Implementation strength and enhancement of the customer base, growth on new markets, the cyan brand as a technology leader, and the increasing of recurring revenues.
In the past year, cyan was able to prove, despite the widespread restrictions imposed in response to the pandemic, that major customers such as MobiFone could be gained despite the COVID-19 pandemic and that implementation projects in complex infrastructures, such as at Orange France can be completed to a high level of customer satisfaction. The existing and newly acquired experience will be deployed in the next step to drive sustained growth on all three levels: existing customers, integration projects and the sales pipeline.
At the level of existing customers, this means to leverage of potential for cross-selling and up-selling within the existing customer base coupled with the building of customer loyalty through the creation of identifiable added value to customers and a high service level. Professional implementation and therefore a swift transition to monetarization constitutes an important aspect for customers and for cyan. Previous successes, an important reference for implementation strength and for monetization potential, are of significant benefit to the effective acquisition of new customers.
Based on the motto of 'One Technology – Many Opportunities', cyan's medium-term focus for the cybersecurity segment is on other target groups, industries and regions in addition to the telecom industry. By expanding the base of its business and by addressing new markets, dependence on individual sectors is reduced, and the potential for cyan is increased substantially. With Aon, additional traction has already been obtained in the insurance sector. The plan is for cyan's cybersecurity solutions to complement insurance products. These provide insurance companies the opportunity to offer relevant premium features that also reduce cyber risk. Other future growth segments include the areas of Internet-of-Things and Connected Mobility. Furthermore, geographic expansion in regions with high ARPU and regions with high numbers of mobile internet users will also be pursued. In an ongoing process, the Management Board is reviewing potential growth options. The main factors and growth drivers are presented in the Industry-specific Developments and Opportunities sections of this report.
In the growth market for cybersecurity solutions, the significance of a brand that clearly represents technological leadership, product benefits and lasting added value to customers, also in the B2B2C business, is something that should not be underestimated. An approach focused on the target customer base with a coherent core message and clear positioning is needed. This means that the cyan brand will have to be more prominent reflecting the technology leadership for innovative cybersecurity for the mass market. This facilitates dialogue with partners in the sales process and also helps to boost recognition level with end users, which in turn helps to increase penetration rates and sales revenues with customers. Furthermore, the tangential benefit of a widespread level of recognition is also significant in relation to recruiting of highly skilled junior staff and key workers (employer branding). As part of the central branding strategy, the businesses of the BSS/OSS segment have already been combined under the cyan brand, the corporate structure has been made leaner (see Group structure) and, in the fourth quarter of 2020, a new website was launched.
In previous financial years, Group sales were also characterized by one-off license revenues from the BSS/OSS segment. With the aforementioned objectives, especially the expansion of the cybersecurity recurring revenues as a further key financial indicator for Group management will be assuming a significant role. Both share of Group recurring sales and growth in recurring revenue are to be used as central control parameters (see also Management System and Forecast Report). With the focus on recurring revenues, cyan not only offers greater visibility of the growth strategy but can also benefit more from the scaling potential of the business and make new products and solutions available to customers more quickly.
The management system's aim is the targeted execution and monitoring of the corporate strategy. The system is implemented through regular strategic discussions and planning talks within the Management Board and with the staff responsible for the respective area. Value drivers are at the heart of Group management. These have a direct influence on the medium and long-term growth strategy of the Group. The aim is to detect deviations from strategy and planning based on defined key indicators in good time, to enable appropriate measures to be initiated. The Management Board reports to the Supervisory Board on a regular basis in relation to strategy, planning and related measures. The key indicators employed for management of the Group remain essentially unchanged in a comparison with the previous year.
The central key indicators for management of the Group were, in the most recent financial year and in the year prior to that, revenue, and EBITDA (significant financial performance indicators), as reported in the consolidated financial statements. As a growth company, attention is also paid to (operational) cashflow and further to that to the net liquidity of individual subsidiaries. As well as the financial performance indicators, non-financial indicators for management, in particular the number of employees, the addressable market and the development of the sales pipeline are all employed in the operational management system.
For both segments, Cybersecurity and BSS/OSS, as in the previous financial year, the same key indicators for management are used as at overall Group level. These indicators are also applied to internal reporting. As part of the strategy, starting with the 2021 financial year, performance indicators will be adjusted slightly. The existing key indicators are supplemented with the share of, and growth in, recurring revenues as significant performance indicators for the current business. Recurring revenues reflect the sustainability and stability of the cyan business model.
Research and development plays a major role in safeguarding the competitiveness and lasting success of the Group. In particular, the cybersecurity sector is one strongly characterized by innovations. Intensive exchange with research institutions is being fostered, collaborating on various topics associated with internet security, new approaches to threat detection, the use of artificial intelligence or also the application of cyan technology to new business sectors such as IoT, healthcare and automotive.
A significant part of executing development work also entails making continuous improvements to existing technology prepared against emerging potential threats from the cyberspace. In this way, cyan acknowledges the growing need for greater security combined with maximum convenience for the customer – cyan Seamless Security. In particular, the detection of threats on the internet through the continuous further development and optimization of the 25 proprietary or patented analysis methods continued to play a key role in 2020. The COVID-19 crisis and the global shift to home office work also increased criminal activity through phishing and ransomware, for example. As a consequence, a special focus of security research was on threats that make targeted use of the spread of the coronavirus pandemic. cyan was able to demonstrate its flexibility in research here in 2020 and respond quickly to these new threats.
Apart from customer-specific projects such as the publication of the Aon CySec app in the first half of the year, integration and implementation in the network of Orange and the bundling of Virgin Mobile services on the cyan MVNE platforms, significant innovations and new product developments were accomplished. The adaptation of the OnNet security technology for fixed-line networks was successfully completed, which significantly increases the potential reach for cyan. For the complementary solution on the cyan Seamless Security platform, OnDevice Security for PCs, a solution was developed that can be integrated seamlessly with the mobile world, and that also transitions the Seamless Security concept into the classic Windows world. To strengthen OnDevice solutions on mobile devices, the development of DNS-over-VPN was also started to facilitate a convergent solution between iOS (Apple) and Android (Google) devices. Furthermore, the second half of 2020 saw the completion of the integration and deployment of the Child Protection solution for MobiFone Vietnam, and also some development work for the partnership with Secure64 announced at the end of 2020.
By setting up a dedicated Cloud Proof-of-Concept environment (PoC environment), cyan was able to preempt the coronavirus pandemic. The development of this virtual platform, launched at the end of 2019, was completed on schedule and has in the meantime already been extended. For tests with potential partners, it now offers easy access to the cybersecurity solutions OnNet, OnDevice B2C, OnDevice B2B as well as Child Protection. The primary emphasis was placed on having a complete installation that functioned in almost exactly the same way to provide interested customers with a realistic insight into the final products. The PoC environment also serves for quality tests to Threat Intelligence and content classification engines, which are frequently required in the course of tenders.
As a result, the investments in innovation are also reflected in the development expenses which amounted to EUR 3.7 million which represents an increase of 48 % over the previous year (EUR 2.5 million). The development ratio (development expenses as a percentage of Group revenue) increased due to the increase in research activities coupled with slightly lower revenue to 17.4% (2019: 9.2%). If the requirements for capitalization of development costs pursuant to IAS 38 are met, they are recognized in the balance sheet under intangible assets. No development costs were capitalized in the 2020 financial year; scheduled amortization in the reporting period amounted to EUR 54 thousand. As a result, the development costs in assets declined slightly from EUR 945 thousand on December 31, 2019 to EUR 891 thousand on December 31, 2020. Research and development expenses were mainly incurred for the above-mentioned innovations. Further Notes to the recognition of intangible assets and development costs can be found in the Notes to the Consolidated Financial Statements.
| 2020 | 2019 | |
|---|---|---|
| R&D expenses | 3,704 | 2,482 |
| Capitalized development costs | 0 | 315 |
For cyan, highly qualified employees constitute one of the most significant factors for sustainable business success. Great value is placed on the selection of the right employees and their further development. The aim is to retain these employees in the long term. The processes for recruiting and employee development already established for this purpose in 2019 were also able to withstand the COVID-19-related difficult situation. After most of 2019 was spent on the integration of i-new and the consistent expansion of the organization, 2020 began with targeted strengthening of the sales and business development areas, as well as the technology area. The aim of the Management Board is to continue to promote the diversity of employees in terms of gender, origin, age or other individual characteristics at all levels.
Like many other employers, cyan faced new challenges due to the COVID-19 pandemic. Utilization of the office premises in Vienna, extended just at the beginning of the year, was greatly reduced due to people working from home. Nonetheless, as a digital company, cyan was able to swiftly implement a seamless transition to working from home for a high proportion of its staff. Important areas, such as the monitoring of active system installations, were able to continue unhindered in compliance with all security and hygiene standards. For its employees, cyan is a strong employer, in that there were no waves of redundancy as a result of COVID-19, nor were any employees put on short-time work. Due to the current order situation, cyan will continue to expand important areas in the company.
As of December 31, 2020, cyan employed 160 people (this equates to 155 FTE) including 12 permanent freelancers. That represents an increase of 20 FTE compared to December 31, 2019. A significant proportion of the employees, almost 75 %, worked in operations, development, product management as well as research and development. At the same time, approximately 30% of staff were employed outside the European Union. Globally, the proportion of women represents about one fifth of the staff, and is to increase in the future.
| in FTE as of 31/12/2020 | Total | EU | Rest of world |
|---|---|---|---|
| Personnel incl. Freelancers | 156 | 121 | 35 |
| Thereof in operations, development, research | 116 | 88 | 28 |
The global economy experienced a significant shock at the beginning of the year due to the spread of coronavirus (COVID-19) and market volatility increased due to the rising levels of uncertainty.1 Together with the action taken to curb the spread of COVID-19, this led to a significant economic downturn in Europe.2 In the summer months, there were initially some signs of a slight recovery but then in the fourth quarter, harsh measures were adopted to curb the spread of COVID-19 in many European countries. The prospects remain very uncertain.3
The impact of the pandemic continues to cloud global economic forecasts. In its base forecast in January 2021, the World Bank estimates a downturn in global BIP of 4.3 % for 2020, a slight improvement over its forecast in June – the deepest global recession for decades, despite exemplary political and fiscal support. After the downturn caused by the COVID-19-pandemic, the global economy is expected to grow by 4 % in 2021, but this will still be more than 5% below the forecasts issued before then pandemic. For 2022, a weakening in global growth, down to 3.8%, is being forecast, with the impact of the pandemic causing sustained impairment in potential growth.4
In the euro region, real GDP declined by 15 % in the first half of 2020, above all due to the strict lockdown measures that were adopted by most countries in the eurozone. Projected onto the 2020 financial year, the real BIP in the eurozone looks set to decline by 7.3%, but in the following years 2021 and 2022, an average increase of 3.9 % and 4.2% respectively is forecast – the scenarios range from virtually no recovery to a complete recovery in 2021. Together with the increased level of uncertainty and the worsening in labor market conditions, this will continue to have an adverse impact on the supply as well as the demand side, and on investment levels.5
In the United States of America (USA) the coronavirus pandemic translated into a drastic increase in unemployment of 10.3 percentage points, to 14.7 %.6 there were signs of a significant recovery and stabilization at a high 6.7%.7 As a result, U.S. GDP is expected to contract by 3.6% in 2020, but a recovery is also forecast in the U.S. in 2021 with a rebound to 3.5%. The abrupt recession in the USA and China disrupted supply chains, and the sharp drop in global commodity prices hit Latin America, among others, particularly hard. Economic performance is expected to suffer a decline of 6.9 % in South America and the Caribbean. However, the outlook is extremely uncertain and is heavily dependent on the magnitude and duration of the pandemic. In 2021, a normalization in domestic and global conditions is expected to facilitate growth of 3.7 %.8
Given the major disruptions caused by the pandemic, growth in China is expected to slow sharply, from 6.1% in 2019 to 2.0% in 2020. Nevertheless, growth is expected to rebound in 2021, reaching 7.9%, partly due to an early local recovery and stabilization of global
1 ECB (2020), Economic Bulletin, Issue 2 / 2020.
2 ECB (2020), Economic Bulletin, Issue 4 / 2020.
3 ECB (2020), Economic Bulletin, Issue 1 / 2021.
4 World Bank (2020), Global Economic Prospects – June 2020; World Bank (2021), Global Economic Prospects – January 2021.
5 ECB (2020), Eurosystem staff macroeconomic projections for the euro area – June 2020; ECB (2020); Eurosystem staff macroeconomic projections for the euro area – September 2020; ECB (2020), Eurosystem staff macroeconomic projections for the euro area – December 2020.
6 U.S. Bureau of Labor Statistics (2020), The Employment Situation — April 2020.
7 U.S. Bureau of Labor Statistics (2020), The Employment Situation — December 2020.
8 World Bank (2021), Global Economic Prospects – January 2021.
demand. The rest of the Asia-Pacific region (APAC) experienced the spread of COVID-19 and the associated countermeasures a little later. For the development markets in East Asia and Pacific as well as South East Asia, the forecast is for a substantial slowing in regional growth in 2020, declining to 2.0% and -6,7% respectively, which reflects the lockdowns due to the pandemic, the more stringent financial conditions and the sharp decline in exports. Although subject to considerable uncertainty, regional growth is expected to rebound to 7.9% and 5.4%, respectively, by 2021 as the pandemic subsides, global import demand recovers, and capital flows to the region normalize.9
While the overall economy contracted, in some cases drastically, due to the measures taken in connection with the fight against the COVID-19 pandemic, the pandemic gave additional stimulus to general digitization in society. The number of connected smartphones increased steadily in recent years, (mobile) data volumes rose and global network coverage with mobile internet improved; at the same time, cybercrime continued to rise significantly during the pandemic.
Analysis conducted by the GSM Alliance in the context of The State of Mobile Internet Connectivity Report 2020 indicate further improvement in network coverage of the world population with mobile internet. The coverage gap, those living in an area not covered by a mobile broadband network, is declining steadily and was in single digits for the first time in 2019 at just 7%. At the same time, there was a continued increase in the number of people who had an active connection, at least on the basis of 3G, and who can therefore be called 'Connected' – the roll-out of 4G (LTE) already accounts for more than 50 %. Directly related to this is the further spread of smartphones as a means of communication, which represented over two-thirds of connections globally. This corresponds to a doubling in less than five years. In South Asia, the number even increased sixfold in the same period.10 Nevertheless, the sales figures for smartphones to end customers declined last year, according to Gartner.11
Both factors, 4G and the adoption of internet-capable devices, play an important role in the further expansion of network coverage. At the end of 2019, commercial 5G services were available in 22 countries in Asia, Europe, the Middle East and North America. During the first half of 2020, 5G networks went into service in another 16 countries, including the first one in Africa, launched in South Africa.12 The Ericsson Mobility Report in November 2020 forecast growth to 3.5 billion 5G subscriptions by 2026 – without IoT. In the forecasting period, it is expected that the roll-out of 5G contracts will take place much faster than that of 4G (LTE) following its launch in 2009. Net additions to mobile lines have recently been slightly lower. This is probably due to the pandemic and the associated restrictions on, among other things, the business premises of mobile communications companies. Still, the forecast for the number of 5G contracts at the end of 2020 has been increased to 220 million.13
Further developments at the level of the device chip sets needed for 5G that were announced for the next few years, including 5G carrier aggregation that makes it possible to combine two 5G frequency bands in the sub-6GHz range, not only increase transmission speeds but also facilitates greater coverage. In addition, for instance, the combination of frequency division duplex and time division duplex makes it possible for FR1 channels to combine low-band frequencies for uplink transmissions and the downlink at
9 World Bank (2021), Global Economic Prospects – January 2021.
10 GSMA (2020), The State of Mobile Internet Connectivity 2020.
11 Gartner (2021), Market Share: PCs, Ultramobiles and Mobile Phones, All Countries, 4Q20 Update.
12 GSMA (2020), The State of Mobile Internet Connectivity 2020.
13 Ericsson (2020), Ericsson Mobility Report – November 2020.
the same time. In this way, the availability of fast 5G download speeds can be extended over large areas. In addition, dynamic spectrum sharing, which facilitates the parallel provision of 4G and 5G technologies on the same frequency range, enables mobile network operators to combine the spectrum already in use with a dedicated medium-band spectrum to deliver a better 5G service. This encompasses the full potential of 5G networks, including low latency times for critical kinds of infrastructure or mobile cloud gaming as well as network slicing for IoT and MVNOs.
The generally better network coverage with mobile internet, the increased range and faster connection speeds have contributed to the fact that mobile data traffic has been growing strongly for years. On a year-for-year comparison, the growth rate of data traffic volumes in each quarter (uplink and downlink) remained at an average level of about 50 %. Estimates suggest that the worldwide volume of mobile data traffic at the end of 2020 reached roughly 51 Exabytes (EB) per month and this volume is expected to have grown by a factor of 4.5 to 226 EB per month by 2026. Today, smartphones remain at the heart of this development because they today generate the bulk of all mobile data traffic – about 95 percent; a share that is expected to grow in the course of the full forecasting period. With an average expected market penetration of 54% for 5G by 2026, the volume of data handled by each smartphone will grow significantly.14
Even before the COVID-19 crisis, a substantial proportion of daily working life relocated to the digital world, with 39 % of the risk experts surveyed viewing cyber threats as the most significant threat to business at the very top of the Allianz Risk Barometer in 2020. Comparing this to 2013, when it accounted for only 6% of those answers occupying 15th place, it becomes apparent just how quickly awareness of the cyber threats has grown, driven by increasing dependence of companies on their data and their IT systems.15 The Hiscox Cyber Readiness Report 2020 also shows that there are still substantial differences in terms of resource allocation. The experts believe that smaller and more susceptible companies will come into the firing line and that those less well prepared will pay the price.16
Opportunistic cybercriminals made use of this sudden change to society, working life and to everyday business. Traditional cybercrime activities such as phishing and cyber fraud quickly exploited the societal vulnerability, according to Europol Internet Organised Crime Threat Assessment 2020, as many individuals and businesses sought information, answers and sources of help during this time. Since cashless forms of payment are increasing as a result of online shopping, and with smartphone-based payments being propagated in brick and mortar as well, mobile threats such as mobile malware that targets cashless payment methods are continuing to flourish. Thanks to the availability of Cybercrime-as-a-Service for malware, ransomware, or phishing, for example, it has also become easier for criminals to conduct highly targeted attacks.17
MVNOs are operators who lease bandwidth and wireless frequencies from the mobile network operators and sell these on to consumers. This exchange benefits MNOs as well as consumers. The operating costs of MNOs in relation to billing, customer service, and marketing are reduced. Also, the customer base of the MNOs is extended indirectly to include niche customers by offering targeted, segment-oriented differentiation in products and prices to customers who fall outside the core customer base of traditional MNOs.
14 Ericsson (2020), Ericsson Mobility Report – November 2020.
15 Allianz Global Corporate & Specialty (2020), ALLIANZ RISK BAROMETER: Identifying The Major Business Risks For 2020.
16 Hiscox (2020), Hiscox Cyber Readiness Report 2020.
17 Europol (2020), Internet Organised Crime Threat Assessment (IOCTA) 2020.
Over the last few years, MVNOs have experienced strong growth and have transformed themselves from operators who only provide customers with basic services such as voice calls to comprehensive providers who can deliver a wide and diverse range of valueadded and premium services. These extended services, such as roaming packages, data plans, media and entertainment content as well as cybersecurity, on the one hand help to retain customers and, on the other, also contribute to increased average revenues derived from each user (ARPU). The MVNO model is therefore an advantage for customers, MVNOs and MNOs and is becoming an increasingly dynamic force on the global telecommunications market. Consequently, in 2020, the number of active MVNOs is still continuing to rise globally. According to records by GSMA Intelligence, in South America, one of the strongest growth markets, ten new MVNOs began operations in 2020, and also in Europe no fewer than nine new MVNOs were launched.18
In Germany, according to a study by the sector association Bitkom, MVNOs and subbrands already have a market share of about 20 % and cover a broad range of customer segments. Similar developments can be observed globally, for example also in Mexico, where a survey conducted by the national telecommunications authority Instituto Federal de Telecomunicaciones shows that the number of MVNO customers has doubled between 2015 and 2019.19
Despite the generally difficult economic situation triggered most recently by the COVID-19-pandemic, cyan operates with both segments, Cybersecurity and BSS/OSS, in strong growth markets where the long-term impact of the crisis will only be felt to a very small degree. Nonetheless, the worldwide economic conditions as well as the structural and technological developments on the relevant markets will continue to have a significant influence on the business performance for cyan in the coming years. The competitive situation in the emerging cybersecurity sector, with its high margins and disruptive technologies, is different to that in the established and price-sensitive market for MVNO technology and services.
The technology of cybersecurity for mobile devices offered through the network-integrated approach is still relatively young, so competition in this new growth market is still just starting to emerge. Classic endpoint solutions are continuously getting replaced by contemporary alternatives that are better able to meet current challenges such as heterogeneity for terminal devices, and the performance and agility required for deployment. Most recently, cyan has been in competition mainly with providers of cloud-based solutions, traditional DNS providers with 'on-top' security products as well as with Deep Packet Inspection (DPI). The former, cloud providers, have the significant disadvantage that their traffic has to be directed in part or wholly via third-party data centers. This can lead to significant overhead and latencies but also presents problems in relation to data protection. Traditional DNS providers have the advantage of a partially existing customer base, but their products are often 'add-ons' and are not the primary focus of attention. Also, scaling in the fixed and mobile network with regard to 5G is often difficult or even impossible due to the old architectures involved. The latter, solutions based on deep packet inspection, are reaching their limits due to the required computing power combined with low latency as the data throughput surges, triggered among others by the expansion of 5G networks and the increasing proportion of encrypted data packets. Furthermore, the modern Scale-to-the-Customer approach on communications networks where service delivery should wherever possible occur in the geographic vicinity of the
18 GMSA Intelligence (2021), MVNO List (Datenbankabfrage Januar 2021) [Database survey, January 2021].
19 Bitkom & Tarifica (2020), Deutschlands Mobilfunkpreise im internationalen Vergleich [An international comparison of Germany's wireless prices]; Instituto Federal de Telecomunicaciones (2020), Anuario Estadístico 2020.
customer, is hard to reconcile with DPI approaches and the required roll-out of infrastructure.
Competition in the BSS/OSS and MVNO service market is much more pronounced because, in contrast to modern cybersecurity solutions, this market has already been in existence for decades, and is also characterized by higher levels of price-based competition. The BSS/OSS market is dominated by a small number of big players although their solutions are directed at the comprehensive needs of Tier-1 telecommunications companies and are correspondingly expensive and elaborate, both in terms of project implementation and of everyday operation. In many cases, these systems and services are not suitable for the requirements of a dynamic and cost-sensitive MVNO. In this respect, right from the outset, cyan has established itself on the market with a completely digital and therefore quick-to-implement, inexpensive convergent cloud-native platform. cyan is in competition with smaller and more agile providers who generally are not able to cover the entire product range including cybersecurity on a one-stop-shop basis like cyan's Seamless BSS/OSS.
The 2020 financial year was significantly impacted by the worldwide COVID-19 pandemic. At our existing customers, the lockdown, home office, and short-time work caused bottlenecks in resources not only in sales, but also in the technology area and thus in ongoing integration projects. At the same time, due to the travel restrictions in place from March, business was somewhat slow in new customer projects – virtual customer contact did anything but speed up new contract signings. All of this, as well as the write-down of approximately EUR 5 million caused by the insolvency of Wirecard, meant that at the end of June the forecast target figures for revenues and EBITDA, in particular, could no longer be maintained. Accordingly, the forecasts for 2021 also had to be reduced. On the other hand, the pandemic led to a sharp increase in malware and phishing activity, as well as in the security needs of end customers in their home offices. The pipeline of prospects for cyan's solutions grew significantly during the financial year. The announced deals also ultimately underpin the positive demand for cyan's solutions.
At the end of February 2020, as a precursor to the coming lockdown, the important Mobile World Congress in Barcelona got canceled. As a consequence, the first ever worldwide presentation of our solution with Orange was not possible to take place as planned. By far the most important project for cyan remained the product launch with Orange in France. Following the handover of the software solution to Orange France in the beginning of 2020, the technical test phase was finalized during the fourth quarter and the next step with customers, the 'friendly customer testing' stage with several thousand customers, commenced. The go-live for the cybersecurity solution alongside the Child Protection product is planned initially for the B2B segment (launched in April 2021), then at a later date in the B2C segment. In addition, detailed discussions and negotiations were held with other national Orange companies and corresponding preparations were made for a roll-out in these countries. The network environment in most of these countries is less complex so faster implementation and, from day one, the inclusion of all customer groups as well as of the entire range of cyan cybersecurity products is envisaged.
In March 2020, a collaboration with Vara Technology, an Indian IT integrator with a broad range of digital services, was agreed. Vara Technology will offer cyan's highly scalable security solutions to Indian mobile network operators (MNOs) and insurers. Vara Technology is another positive example of cyan's strategy to enter new markets and access with selected integration partners in order to avoid start-up costs for own support and sales centers for the time being.
The technical integration at Aon was successfully done in the first quarter and completed at the end of April. The Aon CySec app has since been available for download in both the Google Play Store and the Apple App Store. The start of the marketing phase is planned for the first half of 2021. Here, the joint solution will initially be distributed in Austria and Switzerland, then throughout Europe.
In May, a contract was signed with MobiFone (Vietnam) for the implementation of child protection products. MobiFone is a fast-growing MNO with approximately 50 million customers and is regarded nationally as a highly innovative telecom company. The installation of our Child Protection app was completed for both Android and iOS before the end of the fourth quarter. The joint product is already being marketed. With MobiFone, cyan is still negotiating expansion of its business relations within the group and the introduction of further security solutions.
At the end of the first half year, cyan managed to conclude an important contract with Virgin Mobile covering more than 83 million end user licenses. Under the terms of this contract, cyan will provide all the technology needed to operate an MVNO, including security offers. The contract covers the countries of Mexico, Colombia and Chile and runs for a term of five years. Large parts of this license sales were already included in revenues in the second quarter of 2020.
The Wirecard accounting scandal unfortunately also affected cyan as a technology partner. A receivable against Wirecard in the amount of EUR 4.8 million was fully written-down due to the insolvency of Wirecard Technologies GmbH, which was registered at the beginning of July 2020.
With the expansion of cyan technology to the fixed-line customers of Magenta Austria, cyan was able to gain another end user segment. Here, cyan is at the implementation stage with this product. At the same time, Magenta was working on its marketing and product bundling strategy. The product launch is scheduled for the first half of 2021.
In mid-September, cyan AG announced changes on its Management Board and Supervisory Board. Peter Arnoth announced that he would be stepping down as Chairman of the Management Board (CEO) on December 31, 2020 and was succeeded by Frank von Seth who assumed his new position on January 1, 2021. On the Supervisory Board, following the departure of Volker Rofalski, Alexander Schütz was nominated for the vacated position and was formally appointed by court on January 5, 2021. Further details can be found in the section on Organizational structure.
To slim down the corporate structure even further, applications to merge several companies in the Group were submitted in September to the competent register court [Registergericht] and have since been implemented. Details of the target structure are explained in the section on the Company structure in the Management Report.
In December, a partnership with Secure64 to develop 360-degree security solutions in the DNS technology sector was announced. DNS infrastructure is an integral and important component for all mobile and fixed-line providers. Secure64, based in Fort Collins, USA, is one of the market leaders in the segment of DNS-based network solutions and its customer base includes many tier-1 telecommunications companies. The cyan software filter technology, in turn, is based precisely on the DNS node of the telecom network. With this shared approach, the expertise that both companies possess in various aspects of the DNS business can be bundled to generate the best possible range of products for major tier-1 operators. First projects have already been launched and some have already progressed to an advanced stage.
Also in December, cyan launched a partnership with SMARTEL with the aim of setting up an MVNO platform for a new generation of MVNOs in Central Europe. As a mobile virtual network enabler, cyan will create the technological infrastructure that will enable these innovative mobile operators to offer their services without their own network. Already in the second quarter of 2021, the first SMARTEL customer with a solid existing customer base in the five-digit range will launch on this MVNO platform, and further very promising projects are planned in the medium term. These new mobile wireless companies will focus on specific target groups, either consumers or corporate customers. A declared objective of SMARTEL is to bundle yet more MVNOs in central Europe on one technological platform and to facilitate a fast go-to-market through the complementary competencies of both companies.
In 2020, total consolidated group revenue reached EUR 21.3 million (2019: EUR 26.8 million). Revenues in 2019, adjusted for the write-down caused by the insolvency of Wirecard, amounted to EUR 22.0 million. Consequently, cyan posted a slight downturn in revenue of 3.2% compared to the adjusted revenue for the previous year. Although cyan continues to record increasing demand for cybersecurity products from existing customers, projects and contract negotiations stalled due to the impact of the pandemic on customers. On the one hand, the short-term working that was widespread among telecoms customers gave rise to resource bottlenecks, especially in relation to integration projects. On the other hand, almost all customer contact was virtual as a result of travel restrictions, this initially caused some delays in the process of getting contracts signed. The first signs of progress were first seen the beginning of the 2021 financial year, with a significant delay.
Segment revenues amounted to 85% with EUR 18.2 million (2019: EUR18.4 million) attributable to the BSS/OSS segment and 15 % with EUR 3.1 million (2019: EUR 8.3 million) to the Cybersecurity segment. In the BSS/OSS segment, a multi-year license agreement was concluded with Virgin Mobile of which the majority of revenues were recognized in 2020. A similar license agreement was concluded in the fourth quarter of 2019 with ACN/Flash Mobile and its sales revenues were included back in 2019. Consequently, in the most recent financial year, this only contributed in small amount to the group revenue. In addition, in the BSS/OSS segment, project-related revenues from the contractual extension were achieved, including the platform upgrade with Grameenphone for the Skitto brand. The decrease in revenue in the Cybersecurity segment is attributable to the onetime license agreement concluded in 2019 with Wirecard, and the resulting increase in segment revenue in 2019. cyan achieved 68% (2019: 58%) of its Group revenue in the Americas region, 16% (2019: 6%) in the APAC region and 17% (2019: 36%) in the EMEA region. Most of the changes were due to the loss of revenue from Wirecard, sales from which in the previous year contributed to the result posted for the EMEA region.
In addition, other operating income of EUR 1.1 million (2019: EUR 2.1 million) was achieved; earnings from reversals of impairment of EUR 1.0 million (2019: EUR 0 million), and from change in inventories EUR 2.0 million (2019: EUR 3.6 million) were recorded. Other operating income includes a research grant of EUR 0.5 million that Cyan Security Group GmbH received in conjunction with a research initiative 'WeProtectYou – Extended Phishing and Website Protection'. The changes in inventories are based primarily on contract costs in accordance with IFRS 15 amounting to EUR 2.0 million from the contract with Orange France. Consequently, the total earnings for the 2020 financial year amounted to EUR 25.4 million (2019: EUR 32.5 million).
In the 2020 financial year, due in part to one-offs, EBITDA amounted to EUR -5.1 million (2019: EUR 11.7 million). This change in the 2020 financial year was caused in part by the changes in revenue explained above and in part by the exceptional expenses incurred, amounting to EUR 9.3 million in total: The occurrence of contractually agreed preconditions for waiving the receivable in favor of Virgin Mobile amounting to EUR 1.3 million; the earn-out of EUR 1.0 million on the agreed acquisition price resulting from the achievement of defined EBITDA thresholds in 2020 in respect of the purchase of I-New Unified Mobile Solutions AG (today: I-New Unified Mobile Solutions GmbH) agreed by CYAN AG, the adjustment (write-down of the receivable) as a result of the insolvent Wirecard of EUR 4.8 million and negative foreign exchange variances due to the strengthening of the Euro, amounting to EUR 2.2 million.
The expenses for materials and services procured rose only slightly in the last financial year to EUR 4.3 million (2019: EUR 3.9 million); in 2020, personnel expenses remained basically stable with an average number of employees of 145 (2019: 127) at EUR 11.1 million (2019: EUR 10.4 million). Due to the one-off factors listed above, value adjustments and other operating expenses amounted to a total figure of EUR 15.1 million (2019: EUR 6.6 million). As a result of exceptional events, operating expenses rose by 46 % from EUR 20.8 million in the 2019 financial year to EUR 30.3 million in the 2020 financial year.
The segment EBITDA for BSS/OSS amounted to EUR 8.4 million (2019: EUR 11.5 million) and EUR -11.3 million for cybersecurity (2019: EUR 3.7 million). Development and implementation costs incurred were contrasted by initially low project revenues prior to market launch, primarily in the Cybersecurity segment. Earnings in this segment were also impacted by the insolvency of Wirecard. In the BSS/OSS segment, in addition to license revenues, project revenues were also increasingly recognized, which are associated with higher expenses.
The operating result (EBIT) amounted to EUR -11.0 million (2019: EUR 5.5 million). The expenses associated with depreciation and amortization dropped slightly from EUR 6.1 million to EUR 6.0 million, of which EUR 4.9 million was incurred for intangible assets and EUR 1.1 million for the depreciation of tangible assets. Depreciation is mainly scheduled and includes depreciation expense in accordance with IFRS 16.
In the past year, a positive financial result in the amount of EUR 0.6 million was achieved, which mainly resulted from the interest income of the contract assets. Accordingly, the pre-tax profit (EBT) amounted to EUR -10.5 million (2019: EUR 5.4 million). Due to deferred tax income, the annual losses amounted to EUR 9.3 million (2019: annual surplus EUR 4.5 million). Accordingly, the undiluted result per share was EUR -0.95 (2019: EUR 0.49).
Total assets as of December 31, 2020 amounted to EUR 96.3 million (2019: EUR 99.3 million). The non-current assets rose from EUR 82.7 million to EUR 85.4 million while the current assets fell from EUR 16.6 million to EUR 10.9 million. Equity amounted to EUR 72.7 million (2019: EUR 82.2 million), which equates to an equity ratio of 75 % (2019: 83%). Compared to the previous year, non-current liabilities rose from EUR 10.3 million to EUR 14.4 million by EUR 4.1 million, of which EUR 3.4 million is attributable to the use of a line of credit that was agreed during the third quarter with an Austrian bank.
On December 31, 2020, net debt amounted to EUR 7.3 million (2019: EUR -5.1 million), with the level of liquid assets (cash and cash equivalents) amounting to EUR 2.5 million (2019: EUR 8.5 million). The change in debt was mainly related to the increase in leasing liabilities under IFRS 16 to EUR 6.2 million (2019: EUR 3.4 million) and the raising of financial liabilities amounting to EUR 3.7 million.
In the 2020 financial year, cash flow from operations amounted to EUR -8.7 million (2019: EUR -4.7 million). The license agreement with Virgin Mobile was only cash-effective to a minor extent in the reporting period but will provide recurring cash flows in the future. Cash flow from investing activities amounted to EUR -0.8 million (2019: EUR 0.5 million) and the cashflow from financing activity amounted to EUR 1.8 million (2019: EUR 11.8 million). The latter was exceptionally high in the financial year 2019 due to the capital increase and loan repayment carried out. In 2020, financing cash flow included borrowings of EUR 3.6 million, earn-out payments made to the former shareholders of i-new in the amount of EUR 0.5 million, and lease payments in connection with IFRS 16 in the amount of EUR 1.2 million. In total, there was a cash outflow of EUR 7.7 million in the financial year (2019: cash inflow of EUR 6.4 million).
In contrast to the consolidated financial statements, the annual accounts of CYAN AG are not prepared in accordance with the International Financial Reporting Standards (IFRS) as applicable in the European Union, but in accordance with the rules defined in the German Commercial Code [Handelsgesetzbuch (HGB)]. In addition, the regulations of the German Stock Corporation Act [Aktiengesetz (AktG)] were observed.
CYAN AG is a company headquartered in Munich. It is registered in the Commercial Register [Handelsregister] at the Munich District Court [Amtsgericht München] under HRB 232764. Within the Group, CYAN AG acts as a holding company. Strategic management of the corporation is based at the head office of the company in Munich. The majority of operational services are provided by the subsidiary I-New Unified Mobile Solutions GmbH and its subsidiaries, in particular cyan Security Group GmbH.
The key performance indicator for CYAN AG in both the financial year and the previous year was the annual result. In addition, in the form of regular reports, the Management Board monitors the cost structure of CYAN AG as well as the operational performance of its affiliated companies (based on the indicators listed in the consolidated financial statements). Also, the most important balance sheet indicators, such as equity, outside capital and net debt, are observed at reporting dates.
As a holding company, CYAN AG does not generate any sales revenues itself. The development of results is determined on the one hand by the expenses incurred for legal and consulting services, administrative activities, and Management Board compensation, and on the other hand by interest income from the financing of the operating activities of the subsidiaries and income from holdings. CYAN AG handles all cash management and financing within the cyan Group on behalf of all of its subsidiaries. To service its debt properly and to finance integration and growth, CYAN AG is dependent upon the inflow of funds from its operational subsidiaries or from other financing resources.
| in EUR thousand | 2020 | 2019 |
|---|---|---|
| Other operating income | 1,342 | 24 |
| Personnel expenses | -342 | -1,010 |
| Depreciation | -3 | -3 |
| Other operating expenses | -1,333 | -2,400 |
| Interest income | 1,386 | 1,217 |
| Interest expense | -6 | -171 |
| Taxes on income and earnings | -13 | 0 |
| Net profit/-loss for the year | 1,032 | -2,343 |
| Profit/loss carried forward | 0 | 0 |
| Withdrawals from capital reserve | 0 | 2,343 |
| Declared profit | 1,032 | 0 |
Other operating income in the past fiscal year, 2020, amounted to EUR 1,343 thousand compared to EUR 24 thousand in the prior-year period. In 2018, cyan AG had acquired a shareholder loan with a nominal value of EUR 21,313 thousand at a purchase price of EUR 4,083 thousand as part of the acquisition of i-new. CYAN AG waived part of this recoverable receivable in 2020, resulting in other operating income of EUR 970 thousand. In addition to personnel expenses of EUR 342 thousand (2019: EUR 1,010 thousand), other operating expenses amounted to EUR 1,333 thousand (2019: EUR 2,400 thousand). Personnel expenses in fiscal year 2019 include provisions for variable compensation components based on the consolidated results achieved, which were significantly lower in the completed fiscal year due to the lower consolidated results. The financial result in the period amounted to EUR 1,380 thousand (2019: EUR 1,046 thousand) and consists of financial income in the amount of EUR 1,386 thousand (2019: EUR 1,217 thousand) and financial expenses of EUR 6 thousand (2019: EUR 171 thousand).
In financial year 2020, the annual result, which constitutes the most significant management parameter at the level of CYAN AG, amounted to EUR 1,032 thousand (2019: EUR 2,343 thousand). The 2020 forecast shown for the annual result, indicating a slightly negative outcome, has been outperformed by a significant margin. In overall terms, the Management Board views the financial year as a success. The previous year was characterized by exceptional levels of expenditure, especially as a result of the capital measures taken by CYAN AG.
In the absence of positive consolidated operating cash flow (see consolidated statement of cash flows), the Management Board proposes that the profit be carried forward without dividend.
| in EUR thousand | 31/12/2020 | 31/12/2019 |
|---|---|---|
| Intangible assets | 15 | 17 |
| Tangible assets | 0 | 1 |
| Financial assets | 49,340 | 47,119 |
| Non-current assets | 49,356 | 47,138 |
| Receivables and other assets | 27,093 | 22,109 |
| Cash on hand, bank balances and checks | 243 | 6,230 |
| Current assets | 27,335 | 28,340 |
| Prepaid expenses | 39 | 77 |
| Assets | 76,730 | 75,554 |
| in EUR thousand | 31/12/2020 | 31/12/2019 |
| Subscribed capital | 9,775 | 9,775 |
| Capital reserve | 63,448 | 63,448 |
| Declared profit | 1,032 | 0 |
| Equity | 74,255 | 73,223 |
| Provisions | 320 | 1,086 |
| Liabilities | 2,155 | 1,246 |
| Liabilities | 2,475 | 2,332 |
| Equity and liabilities | 76,730 | 75,554 |
On December 31, 2020, CYAN AG had a balance sheet total of EUR 76,730 million compared to EUR 75,554 thousand on the closing date of the previous year. Equity amounts to EUR 74,268 thousand (2019: EUR 73,222 thousand).
As of December 31, 2020, CYAN AG had a significant investment in the form of I-New Unified Mobile Solutions GmbH, which is reported as an investment in the balance sheet in the amount of EUR 49,340 thousand (2019: EUR 47,119 thousand). The increase results from the loan waiver and the earn-out.
The business performance of cyan AG is closely linked with the performance of its subsidiaries and is therefore indirectly subject to the same opportunities and risks as the Group. The opportunities and risks faced by the Group are listed under the heading of Opportunities and risks.
In view of the current economic and industry forecasts, which continue to depend heavily on the development of the pandemic, and the existing sales pipeline of the subsidiaries, the Management Board is cautious but optimistic overall about the new fiscal year. For the financial year 2021, CYAN AG is expected to achieve an annual result at the level of the previous year.
In January 2021, to secure further liquidity for cyan at a decisive phase of its strategic growth, the Management Board decided, with the approval of the Supervisory Board, in favor of a Convertible Notes Funding Program (CNFP) that authorizes the issue of convertible notes with a total value of up to EUR 8.4 million. The exclusive investor for the CNFP is the Swiss company Nice & Green SA, a specialist in equity mezzanine investments and financing of small to medium high-growth enterprises.
This program consists of eight consecutive tranches, each with a total part value of EUR 1.05 million. Each tranche consists of 105 convertible notes, each with a par value of EUR 10,000. The term is 24 months from date of issue. The issue is carried out under exclusion of the subscription rights of existing shareholders. The interest rate is 0.0 %. The conversion price is defined as 95 % of the lowest daily volume-weighted average rate over the last six trading days (XETRA) before exercising of the conversion right. This amounts to at least EUR 10.47 and therefore at least 80% of the value of the average closing price of the share on the ten trading days before the issuing of the bond. After the mandatory issuance of the first tranche, cyan AG has the right, but not the obligation, to issue the seven remaining tranches. At the same time, CYAN AG concluded an agreement with NICE & GREEN S.A., Switzerland, under which NICE & GREEN S.A. is obliged to subscribe to any tranches issued.
In this way, cyan can invest in long-term growth, including the strengthening of the cyan brand and further development of the technology. With a significantly expanded customer base, cyan's market position and visibility have been greatly improved. The proceeds from the program will also be used to take advantage of the momentum and digitalization push and to expand both geographically and in terms of products. The convertible bond gives the Group important financial leeway to take advantage of the growth opportunities in the market.
In addition, at the start of the 2021 financial year, the extension by at least further five years of the partnership with Grameenphone, the leading telecommunications service provider in Bangladesh, was announced. The partnership focuses on the dynamic product brand Skitto which is aimed at 'digital natives' in Bangladesh. Grameenphone is planning to double the number of end users of Skitto by the end of 2021. In addition, the aim is to establish a customer base in the double-digit millions over the next few years.
Entrepreneurial activity serves to increase the value of the company by making use of identified opportunities. As a group operating internationally, cyan is exposed to various external and internal developments and events. The opportunity and risk management system used, serves to optimize the relationship between risk and opportunity in the interests of sustained business success. In order to ensure this, suitable instruments are in place by the Management Board which continually develops them further as needed.
The risk management of cyan concentrates on the early detection of risks with the aim of identifying all risks and opportunities that could or could not endanger the existence of the company, in order to derive appropriate strategic measures in good time. Risk management is conducted for the Group and for cyan AG in the same way, on a parallel basis. The internal control system (ICS) and the Information Security Management System constitute integral components of the risk management system used throughout the Group. The following section illustrates the risk management system and its principal components.
The risk management process implemented throughout the Group involves the use of risk protocols. These ensure comprehensive and largely uniform risk recording for central assessment and detailed monitoring of the risk situation by the Management Board in cooperation with the divisional management both at the level of the individual company and for the Group. The group-wide risk management system stipulates the recording of relevant risks, the ways to mitigate them and the resultant opportunities to enable these to be identified and used within the corporation and/or at Management Board level. The overriding risk principle is to safeguard the company's continued existence – no decision or action may give rise to a risk that could endanger the company's existence.
First and foremost, the risk management process tracks all market developments in order to derive appropriate decisions for the strategic management of the company. On a regular basis, the Management Board discusses any new risks that have occurred and takes appropriate remedial action. Risk assessment is subject to a regular check to monitor the long-term quality of this procedure. The risk management system at cyan is further developed and optimized continually.
The Supervisory Board is informed by the Management Board in regular meetings about the economic development in the form of consolidated presentations, consisting of segment reporting, earnings development with budgetary and previous year figures, forecasts, consolidated financial statements, personnel and order development as well as selected other key financial figures. The Supervisory Board is also informed about the effectiveness of the ICS in the form of a separate report.
Taking due account of the level of potential damage and the probability of occurrence, individual quantifiable risks are grouped together into risks of a similar nature. These risks are then analyzed and assessed based on their expected probability of occurrence, the potential level of damage, and the proposed countermeasures. The implications of opportunities and threats are offset against one another. Residual threats are then assessed once again and additional measures are drawn up. These risk groups are set in relation to the planned period result (EBITDA). Risks are classified in qualitative terms at three levels: 'low', 'moderate', and 'high'. Based on this, risks at cyan are classified as:
cyan has established an internal control system that analyses, documents and, if necessary, extends the existing internal control processes relating to accounting. The groupwide uniform documentation of all controls for achieving the main control objectives is being continuously adapted and optimized and serves as the basis for audits of the performance of local ICSs. Key elements of the ICS are regular audits of the institutionalized dual control principle, the separation of functions and defined control steps for monitoring and auditing the effectiveness and efficiency of operating activities. Other important topics include the reliability of financial reporting as well as compliance with the legal regulations applicable to the company.
The basis of the processes for group accounting and reporting is an accounting manual, which is published and regularly updated by cyan. It defines the essential IFRS-based accounting and reporting requirements for the entire group. The group's guidelines, work instructions and process descriptions form another important basis of the ICS.
The scope and design of the accounting-related ICS of cyan are at the discretion and responsibility of the Management Board. The objective of the ICS, with regard to the accounting process is to ensure, through the implementation of controls, that sufficient security is provided to ensure that, despite the identified risks, the consolidated and individual financial statements are prepared in compliance with the regulations. The ICS contains the principles, procedures and measures to ensure the correctness of the accounting and is subject to continuous development. The ICS is designed in such a way that the annual financial statements are prepared in accordance with the relevant local provisions of the German Commercial Code (HGB) and the German Stock Corporation Act (AktG), and the consolidated financial statements are prepared in accordance with the International Financial Reporting Standards (IFRS) as applicable in the European Union.
The processes for consolidated accounting are managed accordingly by the responsible employees in the finance department. The organization of the accounting-related ICS has a uniform and centrally prescribed reporting structure that is in line with the group's principles based on local legal requirements. The subsidiaries report periodically in accordance with IFRS as part of the group reporting. Newly founded or acquired companies are integrated into this reporting process as quickly as possible.
In order to ensure uniform reporting, corporate guidelines such as accounting and consolidation manuals exist, compliance with which is regularly reviewed. Internal accounting controls of the subsidiaries are carried out locally at regular intervals. These include, among others, IT-supported and random checks and plausibility checks as well as the separation of functions and the dual control principle.
At the end of the fiscal year, an internal review of the local financial statements is performed before they are released for the auditor and to the consolidated financial statements. All measures taken and the ongoing development and adjustment of the ICS contribute to ensuring the reliability of the accounting. Even adequate and functional systems that are set up cannot guarantee absolute certainty that risks will be identified and managed.
As a European corporation, cyan places great value on the security of information and data. Back in 2019, significant steps had already been taken to prepare the existing internal security system for certification in accordance with ISO standard 27001. The international standard specifies and certifies the requirements for setting up, implementing, maintaining and continuously improving a documented information security management system. The aim of the certification is the standardization of internal security standards with the focus on measures within the company that are evaluated by independent auditors in accordance with a stringent procedure. In terms of content, ISO 27001 covers not only internal technical IT security but also organizational, personnel and physical aspects, starting with employee awareness and extending to fire protection.
The certification process, which includes a two-stage audit, has been delayed slightly due to the Coronavirus pandemic and will now be completed in 2021. The existing system is already largely based the requirements of the standard.
All risks at cyan are grouped into five categories; in an additional sixth category, COVIDspecific risks are grouped together. These categories are based on the internal structure of risk recording in the divisions, as they are also maintained in the risk protocols of the responsible division managements.
In the 2020 financial year, as a result of the pandemic, cyan faced a few operational challenges. Within a very short space of time, it had to adapt all procedures to reflect new conditions. At cyan, a digital company, this worked seamlessly, but the same was not true of a fair number of partners and potential customers. Due to restrictions, these faced substantial hurdles in the changeover in their workplace procedures. As a consequence, discussions and negotiations stalled and implementation projects had to be supported more strongly by cyan's own teams. However, through targeted recruitment of personnel in key areas, including operations and development, cyan was able to complete projects on schedule.
In operational terms, the pandemic made recruiting much harder. For any company in the entire technology and software sector, hiring and retaining highly skilled staff is a key success factor. Key workers, especially in the fields of cybersecurity research, development and operations as well as sales, are indispensable with their knowledge, abilities as well as contacts for the development, sales and deployment of solutions. Through greater marketing efforts, a strategic objective of the Management Board, it should be possible to raise the profile of cyan to direct customers, partners and end users, while also making it easier to attract personnel.
For cyan's solutions, failure-free (zero-downtime) operation is always the goal. In the event of a platform failure or software crash, this can lead to a complete shutdown of the business operations of MVNOs or unprotected end users which in turn can give rise to compensation claims against cyan if it is found to have been negligent. To prevent failures of this kind, cyan uses several data centers, a highly skilled operations team and continuous monitoring of the systems.
The Management Board assesses the operational risks as moderate.
The market for cybersecurity is characterized by above-average growth that is forecast to continue into the foreseeable future. Despite the high barriers to entry, this makes new market entries for startups and established providers attractive. As technology leader for Seamless Security, cyan was able to position itself well at an early stage, and views itself as still being within a 'window of opportunity'. At the present time, no direct competitor has solutions on the market that combine OnNet and OnDevice Security in the form of a single in-house solution. As part of the new strategy, new markets are also being developed in which cyan, as a first mover, encounters little competition. The aim is to gain further major customers through the combination of its current technological edge over the competition coupled with intensified marketing efforts. Through targeted investments into research and development of products and the growth of the cybersecurity segment in new markets, the Management Board expects to be able to retain its competitive lead on this market, and therefore to reduce the level of competition risk.
The Management Board evaluates the competition risk as low.
In the fight against cybercrime and threats on the internet, cyan faces a continuous race against cybercriminals. Among others, cyan is developing highly complex, network-integrated cybersecurity solutions for the detection of potential threats such as phishing, malware or identity theft for the users of smartphones and tablets. By using machine learning and artificial intelligence in its threat analysis processes, cyan can respond to new threats in a timely manner. Nonetheless there is a risk of cyan failing to respond in time to technological progress or to changing requirements in relation to cybersecurity products and services, or to changes in the entire cybersecurity market. Risks are also reduced through active research and development as well as the targeted expansion of the workforce.
In addition, products can become obsolescent or even obsolete as the result of amendments to existing standards, or to the appearance of new ones. On the one hand, significant changes in the MVNO market environment can have negative implications for cyan in the BSS/OSS segment and, on the other hand, software can develop faults and have vulnerabilities. For its own development and in its own products, cyan also uses thirdparty and open-source software components (e.g. libraries). Despite thorough checks, these can harbor a residual level of risk in relation to compatibility and security. In order not to fall behind technologically and to maintain the market position, further developments and optimizations of the products are constantly carried out, as well as investments in research and development. In addition, an extensive information security management system has been established that monitors the risks, above all in relation to data processing.
The Management Board considers the technological risk for the cybersecurity segment as well as for the BSS/OSS segment as low.
Most of cyan's direct customers are international corporations that entrust cyan with the security of their and their end user's data traffic, and also with the platform operation of the MVNO. For this, professional implementation and continuous operation are important criteria against which technology companies like cyan are measured. A significant contribution to the strong reputation of cyan was delivered by successful implementation of its products in the highly complex network of Orange France and its digital implementation with MobiFone. It offers its cybersecurity solutions as 'white-labeled'. It is therefore vital to assure the best possible level of protection for mobile devices for end users because damage to the reputation of the partner among its end users ultimately falls back on cyan Reputational damage from a failure is also possible in the BSS/OSS segment, and this can be more severe due to the continuous nature of operation.
Part of the future strategy involves strengthening the cyan brand in the eyes of end users. Through intensified marketing cyan's strengths are to be further emphasized to direct partners and end customers, thereby supporting sales. Subsequently, increased awareness among end consumers should also increase penetration rates among existing customers. This results in a risk from the strategic orientation in building the brand and branding through the additional exposure to the general public.
In overall terms, the Management Board estimates the reputation risk to be low.
The impact of the COVID-19 pandemic presented unprecedented challenges to the global economy in 2020. The general economic and industry specific impact of COVID-19 remains difficult to assess because of recurring waves and associated restrictions. The impact of this crisis, especially in this sector, is multi-faceted. For example, on the one hand sales figures for smartphones have declined, while the activities of cybercriminals have risen, exploiting this situation with massive phishing attacks, for example.
Internally, cyan was able to adapt quickly to the new daily routine and complete integration projects, such as with MobiFone. Nevertheless, there were repeated delays on the customer side, as some partners affected by closures were confronted with an unprecedented situation. As a result, contract negotiations were delayed, in some cases considerably. The risk of sales losses due to the delays continues to exist. The financial and business consequences of the failures of receivables as a result of the pandemic look as though they will remain manageable since cyan has strong global partners and it operates in a crisis-resistant business sector.
The Management Board continues to assess the risks in connection with COVID-19 as at least moderate due to the consequences that are difficult to foresee.
The main financial risks are the cluster and customer default risk, the liquidity risk, the interest rate risk, and the foreign exchange risk.
In the past financial year, further significant contracts have been concluded, including ones with Virgin Mobile and Grameenphone. The Management Board is committed to reducing this potential concentration of customer revenue streams, in particular, by signing contracts with new customers from other sectors such as insurers, and to derive its sales revenues from a broadened base. As already explained in the section on Objective and strategy, recurring revenue will represent significant metric for Group management in the future.
Regardless of the current economic situation, there is a risk of insolvency on the part of one or more customers. The debtor-side risk of receivables failure, in particular of the failure of a large receivable, is classified as moderate due to the diversified portfolio and experience from recent. Effective systems are employed to monitor creditworthiness.
To determine its liquidity needs, cyan operates a rolling financial and liquidity planning scheme. Attention is paid to ensuring that sufficient liquid assets are always available to settle any liabilities that fall due in the companies. On December 31, 2020, the available liquid assets amounted to EUR 2.5 million and are kept in banks with very high credit ratings. The agreed credit lines can be drawn down until the following financial year 2021. Moreover, at the start of the 2021 financial year, a Convertible Note Funding Program (CNFP) was launched with a total volume of up to EUR 8.4 million. Further details on the program are explained in the Section on Subsequent events.
Nevertheless, there could be project delays, for example, as a result of which individual projects generate revenue only after a delay and thus generate a later cash flow, or there could be outright defaults by existing customers. A prolonged flattening of the economy (triggered by COVID-19, for example) may result in the company having to borrow money on the capital market or from financial institutions during the year. This risk is classified as moderate.
The interest rate risk is insignificant due to the fact that cyan had only fixed-interest financial liabilities of EUR 3.7 million outstanding as of the reporting date and that no contracts contain interest rate adjustment clauses.
In the financial year 2020, cyan recorded a negative effect from foreign currency differences in the Statement of Comprehensive Income, in particular due to the devaluation of the US dollar. The company's finance department constantly monitors these risks and in particular foreign currency rates in order to be able to react appropriately. Efforts are made to conclude contracts in stable international currencies and to hold more volatile currencies only to the extent necessary. To the degree that expenses and investments are not made in euros, exchange rate fluctuations may nevertheless impair the solvency of Group companies and have a negative impact on the Group's results or earnings. This risk is classified as medium.
Key drivers for growth and for the future development of cyan primarily constitute three factors: technological change, expansion into new markets, and increasing awareness. In this context, reference is also made to the section on Industry-specific developments.
In an ever more connected world, the ability to use the internet safely plays an important role. Mobile devices have long since ceased only to be used for sending texts and for voice calls. Instead, they have been transformed into a key form of access to a seemingly limitless range of digital services. In the past year, the COVID-19 pandemic acted as an additional catalyst for innovation and digitalization. The improving network coverage, at minimum with 4G, and the widespread availability of internet-capable devices contributes to further growth in potential end users. At the same time, network operators are continuing to invest in expansion of 5G infrastructure, the advantage of which lies in high speeds and low latency levels. Together with the rise in encryption of traffic, this makes Deep Packet Inspection (DPI) more difficult, causing the focus to move onto DNS filter technology.
It is expected that not only the number of smartphones will increase, but also the number of other internet-connected devices, Internet-of-Things (IoT). This leads to further fragmentation of the system landscape because there is usually no uniform hardware and software and numerous devices, especially smaller ones, do not have the computing power to run complex endpoint solutions directly yet. Nevertheless, many smart TVs, smartwatches, home automation devices, and even vehicles (connected mobility) are constantly connected to each other and to the internet. Network-integrated solutions can also protect users in this area.
Over the last few years, cyan has been able to leverage the synergies from its acquisition of i-new and to expand into new geographical markets, especially in South America and Asia. Through successful combination of its businesses, cyan has not only managed to gain new products and customers but has also added new knowledge in relation to development, and to access to new markets. Through the cooperation with Vara Technology from India and with Secure64 from the USA, further steps were also taken in the past fiscal year to increase the international reach in key markets in Asia and America.
There is also significant potential by attracting more partners to the Cybersecurity B2B2C model. Another target group, insurance companies, is now being further addressed with the launch of Aon CySec in the last year. cyan's solutions are of particular importance as a digital value-added offering for insurance companies which want to offer contemporary products such as cybersecurity policies with corresponding risk control mechanisms. In order to achieve corresponding risk reduction, solutions such as cyan OnDevice Security are sought for as they require little effort for the end customer.
In addition, cyan is working continuously on new solutions to provide end users with the best possible level of protection. An important step has been made through further development of its Seamless Security platform to include an OnNet solution for PCs on the fixed-line internet, facilitating a broad range of reachable partners as well as potential scope for further upselling to existing customers.
In recent years, the consequences of increasing digitization, such as data protection and cybersecurity, have increasingly become the focus of public attention. The European Union established a first milestone with its General Data Protection Regulation that entered into force in 2018. Since then, numerous prominent IT security incidents have become known, the security of foreign telecom equipment has been highlighted in the media, and the population has experienced an unprecedented wave of digitalization triggered by the COVID-19 pandemic. As a consequence, security on the Internet for the general public at large as well as for national governments, including the European Union, has become an important topic. In this regard, the European Union published its own cybersecurity strategy in the fourth quarter of 2020 with the essential goal of technological sovereignty.20 In view of the comparatively stringent European regulatory structure, European providers are viewed as trustworthy on the international stage. For cyan, this is an opportunity to benefit from the momentum this provides.
As a growth company, cyan operates in a continuously evolving industry that is characterized by disruptive innovations. This gives rise to risks and opportunities that are influenced by various factors. In the opinion of the Management Board, the risk management system used at cyan is suitable for identifying, analyzing and quantifying the existing risks
20 European Commission (2020), The EU's Cybersecurity Strategy in the Digital Decade (Factsheet, 16.12.2020).
in order to manage them effectively. The Management Board is committed to making the best possible use of opportunities, and to reducing risks as far as reasonably possible. Nevertheless, in view of the still unclear situation regarding the measures to contain the COVID-19 pandemic, future developments are difficult to forecast reliably. Changes in external and internal factors are therefore analyzed regularly and opportunistic measures are taken as required.
Based on the multi-year overall planning for cyan, which was prepared under the longterm assumption of a significant increase in sales, in particular through additional new customer business, the Management Board considers the financial risks to be moderate. The Management Board assesses the Group-wide risks as moderate on a consolidated basis and at the time of reporting, following appropriate countermeasures. There are no discernible risks that could jeopardize the continued existence of cyan. The Management Board classifies the risks described as manageable and sees very good opportunities for cyan to grow strongly in the future. cyan is in a solid position to successfully achieve the set objectives and realize the growth strategy.
The unexpected impact of the COVID-19 pandemic has hit the global economy hard. Although the technology sector was able to benefit in part from a surge in digitization, nonurgent investment decisions were postponed in many areas, such as the telecoms industry. Consequently, in June 2020, as a precaution, the Management Board withdrew its previous forecast for 2021. Globally, COVID-19 still does not appear to be truly under control. The resulting regional and international measures to combat the pandemic are shaping and clouding the outlook.
Nonetheless, in overall terms, the Management Board is cautiously optimistic about the future. In addition to the installation at Orange France and MobiFone, both of which have already been successfully implemented, several other projects are about to be launched. This has significantly increased the number of directly addressable end users and the resulting revenue potential. These successful deployments represent a further important validation of the technology. On the other hand, under the motto 'One Technology – Many Opportunities', cyan is focusing not only on the telecom industry as a target group, but also on other solutions, industries and regions, thereby increasing the reach of the solutions in the market. The use of the internet in people's daily lives and the associated need for security solutions will increase, irrespective of economic forecasts. Despite the global slowdown in economic growth, the industry-specific conditions, especially for cybersecurity, are positive.
Also in regard to the current economic and industry forecasts, which continue to depend heavily on the development of the pandemic, as well as the existing sales pipeline, the Management Board is looking positively overall into the new financial year. For cyan, it is a high priority to realize the opportunities in the growth market for cybersecurity in a timely manner – with a particular focus on the growth of recurring revenues. In the BSS/OSS segment, multi-year contracts with large license volumes have been booked in recent years, which accordingly contribute only slightly to revenue growth in subsequent years. In terms of revenue, a significant increase in recurring revenue can be expected across the Group if the pandemic develops positively and sales by cyan's customers thus pick up again. Following the conclusion of a very large license agreement with Virgin Mobile in the previous year, which is unlikely to be repeated in 2021, the Management Board currently expects revenue for 2021 to be on a par with the previous year, albeit with a significantly increased share from the Cybersecurity segment. Due to the expenses
associated with the further development of the organization, the Executive Board expects EBITDA to break even in 2021.
cyan AG is listed in the Open Market, Scale Segment of Deutsche Börse in Frankfurt am Main (Germany). The open market is not an organized market as defined in Section 2 (7) of the German Securities Acquisition and Takeover Act [Wertpapiererwerbs- and Übernahmegesetzes (WpÜG)]. This information is provided on a voluntary basis in the interests of the reader and is based on Sections 289a (1), and 315a (1) of the German Commercial Code [Handelsgesetzbuch (HGB)].
The nominal capital (subscribed capital) on December 31, 2020 amounts to EUR 9,774,538 and consists of 9,774,538 bearer shares without a par value [Stückaktien] with a proportional contribution to the nominal capital of EUR 1.00 per share. The nominal capital is fully paid up. Every share carries one vote. The rights and obligations associated with them comply with relevant legislative provisions, in particular the German Stock Corporation Act (AktG), with due consideration of the stipulations in the Articles of Association of CYAN AG. No voting agreements among shareholders have been disclosed to the Management Board. On December 31, 2020, no treasury shares are being retained by the company.
The details regarding the development of nominal capital and capital reserves is shown in the Consolidated Statement of Changes in Equity and in the explanations in the Notes to the Consolidated Financial Statements.
The company is not aware of any agreements between shareholders of cyan AG that aim to restrict voting rights or the transfer of shares.
To the knowledge of the Management Board, there were three direct or indirect shareholdings with more than ten percent of the voting rights in cyan AG as of the reporting date December 31, 2020.
| Name | Shareholdinga |
|---|---|
| Alexander Schütz | 14.70% |
| Apeiron Investment Group Ltd. | 12.60% |
| Tansanit Stiftung | 10.30% |
a Counts based on voting rights determination at the shareholder's meeting in July 2020.
All shares carry identical rights. No shares grant special rights, in particular they do not confer any powers of control.
In cases where employees of cyan are shareholders of cyan AG, the Management Board is not aware of any special issues regarding the exercising of voting rights. Neither the rights-based communities of employees nor allied voting agreements between employee shareholders are known.
Appointment and dismissal of members of the Management Board are based upon Sections 84, 85 of the German Stock Corporation Act (AktG) and Section 31 of the Codetermination Act [Mitbestimmungsgesetz (MitbestG)]. Section 84 AktG defines that Management Board members are appointed by the Supervisory Board for a period in office of no more than five years. In accordance with the Articles of Association of cyan AG, the Management Board can comprise one or more people. The number of members is stipulated by the Supervisory Board. The Articles of Association also provide no special regulations for the appointment and dismissal of individual members – or of all members – of the Management Board.
Section 179 of AktG stipulates that changes to the Articles of Association require a decision at the shareholder's meeting whereby amendments that only relate to the version can be, and also were, transferred to the Supervisory Board in accordance with Section 15 of the Articles of Association of cyan AG. Any such amendment becomes valid once recorded in the register of companies. In accordance with Section 18 of the Articles of Association of cyan AG, any decisions taken at the shareholder's meeting require a simple majority of the votes cast, unless otherwise stipulated in the Articles of Association or by enforceable legislative stipulations.
At the Annual General Meeting 2020, a new authorized capital 'Authorized Capital 2020' was created in the Articles of Association of cyan AG. The Management Board is authorized, with the approval of the Supervisory Board, to increase the company's nominal capital on one or more occasions by up to a total of EUR 4,887,269.00 by July 1, 2025 by issuing up to 4,887,269 new no-par value bearer shares in return for cash and/or noncash contributions. In principle, shareholders are to be granted subscription rights; the statutory subscription right may also be granted in such a way that the new shares are underwritten by a bank or an equivalent institution pursuant to Section 186 (5) sentence 1 of the German Stock Corporation Act (AktG) with the obligation to offer them for subscription to the shareholders of the company. However, the Management Board is authorized, with the approval of the Supervisory Board, to exclude the statutory subscription right of shareholders to the extent necessary to compensate for fractional amounts; if, in the case of a capital increase against contributions in kind, the shares are granted for the purpose of acquiring companies, parts of companies or interests in companies (including increasing existing interests) or for the purpose of acquiring receivables from the company; if a capital increase against cash contributions does not exceed 10 % of the capital stock and the issue price of the new shares is not significantly lower than the stock market price (Section 186 (3) sentence 4 AktG) – when exercising this authorization under exclusion of subscription rights in accordance with Section 186 (3) sentence 4 AktG, the exclusion of subscription rights on the basis of other authorizations in accordance with Section 186 (3) sentence 4 AktG must be taken into account; to the extent necessary to grant the holders of option and/or convertible bonds issued by the company subscription rights to new shares to the extent to which they would be entitled after exercising their option or conversion rights. The Management Board is authorized, with the approval of the Supervisory Board, to determine the further details of the capital increase and its implementation. The Supervisory Board is authorized to amend the wording of the Articles of Association in accordance with the scope of the implementation of the capital increase from authorized capital.
The financing contracts concluded with the main bank partners include market-standard Change-of-Control regulations; under certain conditions, these can trigger a redefinition of existing credit agreements. Furthermore, these are no agreements between cyan AG and third parties that are conditional upon a change of control following a takeover bid and that could have implications of this nature solely or in their totality.
No agreements have been made with members of the Management Board in the event of a takeover bid which could lead to compensation or other payments by the company.
Munich, April 2021
The Management Board
| in EUR thousand | Notes | 2020 | 2019 |
|---|---|---|---|
| Revenues | 1 | 21,293 | 26,754 |
| Other operating income | 2 | 2,076 | 2,138 |
| Change in inventories and capitalized own work | 2 | 2,011 | 3,615 |
| Cost of materials and services procured | 3 | -4,274 | -3,874 |
| Personnel expenses | 4 | -11,108 | -10,387 |
| Value adjustmentsa | 5 | -6,096 | -1,029 |
| Other expenses | 6 | -8,958 | -5,547 |
| EBITDA | -5,058 | 11,670 | |
| Depreciation | 7 | -5,981 | -6,141 |
| Operating result (EBIT) | -11,039 | 5,529 | |
| Financial income | 8 | 704 | 132 |
| Financial expenses | 8 | -143 | -222 |
| Earnings before taxes | -10,478 | 5,438 | |
| Taxes on income and earnings | 9 | 1,210 | -909 |
| Net profit/-loss for the year | -9,268 | 4,530 |
aValue adjustments of trade receivables and contract assets
| in EUR thousand | Notes | 2020 | 2019 |
|---|---|---|---|
| Actuarial resultsa | -0 | -1 | |
| Gains (losses) from exchange rate differencesb | -209 | 69 | |
| Total result for the fiscal year | -9,477 | 4,598 |
a Not recyclable
b Recyclable
| in EUR per share | Notes | 2020 | 2019 |
|---|---|---|---|
| Undiluted result per share | -0.95 | 0.49 | |
| Diluted result per share | -0.95 | 0.49 |
| in EUR thousand | Notes | 31/12/2020 | 31/12/2019 |
|---|---|---|---|
| Intangible assets | 58,864 | 63,744 | |
| Patents, customer relationships and similar rights | 10 | 12,894 | 14,520 |
| Software | 10 | 14,300 | 17,499 |
| Development costs | 10 | 891 | 945 |
| Goodwill | 10 | 30,779 | 30,779 |
| Tangible assets | 5,999 | 2,916 | |
| Land and buildings | 11 | 5,321 | 2,207 |
| Machines and other equipment | 11 | 89 | 60 |
| Business and office equipment | 11 | 589 | 649 |
| Other receivables | 13 | 41 | 397 |
| Financial receivables | 14, 15 | 572 | 374 |
| Contract costs | 12 | 5,118 | 3,038 |
| Contract assets | 12 | 14,588 | 11,771 |
| Deferred tax assets | 13 | 192 | 432 |
| Non-current assets | 85,373 | 82,670 | |
| Trade receivables and other receivables | 15 | 3,149 | 3,898 |
| Contract assets | 12 | 2,934 | 1,888 |
| Inventories | 10 | 13 | |
| Tax receivables | 15 | 548 | 470 |
| Other receivables and assets | 15 | 1,502 | 1,640 |
| Financial receivables | 14, 15 | 272 | 164 |
| Cash and cash equivalents | 16 | 2,490 | 8,512 |
| Current assets | 10,905 | 16,585 | |
| Total assets | 96,278 | 99,255 |
| in EUR thousand | Notes | 31/12/2020 | 31/12/2019 |
|---|---|---|---|
| Nominal capital | 17 | 9,775 | 9,775 |
| Reserves | 62,905 | 72,382 | |
| Capital reserves | 68,269 | 68,269 | |
| Other reserves | -66 | 143 | |
| Reserves according to IAS 19 | -1 | -1 | |
| Profit/loss carried forward | -5,297 | 3,971 | |
| Equity | 72,680 | 82,157 | |
| Provisions | 20 | 7 | 7 |
| Contract liabilities | 12 | 230 | - |
| Leasing liabilities | 14, 18 | 4,970 | 2,812 |
| Other financial liabilitiesa | 14, 18 | 3,650 | - |
| Other non-current liabilities | 14, 19 | 206 | 300 |
| Deferred tax liabilities | 13 | 5,311 | 7,160 |
| Non-current liabilities | 14,374 | 10,278 | |
| Trade payables and other liabilities | 19 | 4,887 | 3,409 |
| Provisions | 20 | 1,903 | 2,328 |
| Financial liabilities | 14, 18 | 6 | 9 |
| Leasing liabilities | 14, 18 | 1,180 | 635 |
| Contract liabilities | 12 | - | - |
| Tax liabilities | 1,248 | 439 | |
| Current liabilities | 9,224 | 6,820 | |
| Total liabilities | 23,599 | 17,098 | |
| Total equity and liabilities | 96,278 | 99,255 |
a In 2019, financial liabilities were reported under other non-current liabilities
| in EUR thousand | Notes | 2020 | 2019 |
|---|---|---|---|
| Result before tax from continuing operations | -10,478 | 5,438 | |
| Result before tax from discontinued operations | - | - | |
| Earnings before tax | -10,478 | 5,438 | |
| Adjustments to reconcile profit before tax to net cash flows |
|||
| Profit/loss from the decrease in assets | 13 | 1,258 | |
| Depreciation of intangible and tangible assets | 5,981 | 6,141 | |
| Change in provisions | -424 | -2,438 | |
| Share-based remuneration | 657 | ||
| Financial income | -704 | -77 | |
| Financial expenses | 143 | 222 | |
| Other expenses/income with no influence on liquid | |||
| funds | -8,814 | -414 | |
| -14,284 | 10,788 | ||
| Working capital adjustments | |||
| Change in inventories | 4 | 0 | |
| Change in contract assets and contract costs | 2,505 | -16,536 | |
| Change in receivables trade receivables and other | |||
| receivables | 480 | 923 | |
| Change in trade payables and other liabilities | 2,246 | 172 | |
| Change in contract liabilities | 230 | - | |
| Net cash flow from earnings before taxes | -8,820 | -4,653 | |
| Income taxes paid | 109 | -1,180 | |
| Cash flow from operating activities | 21 | -8,711 | -5,834 |
| in EUR thousand | Notes | 2020 | 2019 |
|---|---|---|---|
| Purchases of intangible and tangible assets | -1,044 | -326 | |
| Purchase of financial assets | 274 | 20 | |
| Disposal of tangible and intangible assets | 1,005 | ||
| Interest received | 7 | 76 | |
| Development expenses | -315 | ||
| Cash flow from investing activities | 22 | -763 | 460 |
| Proceeds from the issue of shares | 23,781 | ||
| Cash receipts from taking out loans | 3,558 | - | |
| Repayments of financial liabilites | -5 | -11,693 | |
| Repayments of participation rights | -545 | 414 | |
| Change in non-controlling interests | -1,164 | -515 | |
| Interest paid | -71 | -191 | |
| Cash flow from financing activities | 23 | 1,773 | 11,797 |
| Change in cash and cash equivalents | -7,701 | 6,422 | |
| Cash and cash equivalents at the beginning of the fiscal | |||
| year | 8,512 | 1,942 | |
| Cash and cash equivalents at the end of the period | 2,490 | 8,512 | |
| Net foreign exchange difference/Effect of movements | |||
| in exchange rates on cash held | 1,679 | 147 |
| in EUR thousand | Nominal capital |
Capital reserves |
Currency reserve |
Reserves according to IAS 19 |
Profit / loss carried forward |
Total |
|---|---|---|---|---|---|---|
| 1/1/2019 | 8,765 | 42,086 | 74 | - | -558 | 50,366 |
| Net loss /profit for the year | 4,530 | 4,530 | ||||
| Changes in the scope of consolidation | - | |||||
| Miscellaneous result after taxation | 69 | -1 | 68 | |||
| Total result for the financial year | - | - | 69 | -1 | 4,530 | 4,598 |
| Share-based remuneration | 657 | 657 | ||||
| Capital increase | 1,010 | 25,526 | 26,535 | |||
| 31/12/2019 | 9,775 | 68,269 | 143 | -1 | 3,971 | 82,157 |
| Net loss /profit for the year | -9,268 | -9,268 | ||||
| Changes in the scope of consolidation | - | |||||
| Miscellaneous result after taxation | -209 | 0 | -209 | |||
| Total result for the financial year | - | - | -209 | 0 | -9,268 | -9,477 |
| Share-based remuneration | ||||||
| Capital increase | ||||||
| 31/12/2020 | 9,775 | 68,269 | -66 | -1 | -5,297 | 72,680 |
CYAN AG, headquartered in Munich (Theatinerstrasse 11, 80333 Munich) is a corporation, registered in Commercial Register B [Handelsregister] of the Munich District Court [Amtsgericht München] under HRB 232764. Since March 2018, CYAN AG has been listed on the German stock market in the Scale Segment of the Open Market. CYAN AG operates within cyan as a holding company. Operational services are provided by the Austrian subsidiary I-New Unified Mobile Solutions GmbH (previously I-New Unified Mobile Solutions AG) and its subsidiaries, in particular CYAN Security Group GmbH. CYAN Security Group GmbH provides cybersecurity solutions to end-customers of Mobile Network Operators (MNOs), Mobile Virtual Network Operators (MVNOs) and financial service providers. I-New Unified Mobile Solutions GmbH operates as a Mobile Virtual Network Enabler (MVNE).
The following section presents the main accounting and valuation methods used for these consolidated financial statements. These principles – unless otherwise indicated – were used for all of the years presented.
The consolidated financial statements comprise the Consolidated Statement of Comprehensive Income, the Consolidated Statement of Financial Position, the Consolidated Statement of Cash Flows, the Consolidated Statement of Changes in Equity and the Notes to the Consolidated Financial Statements.
The Management Board of CYAN AG has approved the consolidated financial statements and their submission to the Supervisory Board on April 19, 2021.
The consolidated financial statements for the fiscal year ended December 31, 2020 were prepared on a voluntary basis exercising the option defined in Section 315e German Commercial Code (HGB) in accordance with the International Financial Reporting Standards (IFRS) applicable on the reporting date, as applied in the EU. The designation IFRS comprises the International Accounting Standards (IAS) which remain valid, the International Financial Reporting Standards (IFRS) as well as interpretations of the Standing Interpretations Committee (SIC) and the International Financial Reporting Interpretations Committee (IFRIC). The valuation was based on the assumption that the corporate group will continue as a going concern.
The layout of the statement of comprehensive income is based on the total cost method. Individual items in the statement of comprehensive income and the balance sheet are grouped together for ease of understanding or due to their lack of material significance. In accordance with IAS 1, capital assets and liabilities are classified on the basis of maturity. These items are classified as current if they fall due within one year. Otherwise, they are classified as non-current.
The Accounting and Valuation Methods were applied consistently to the consolidated financial statements and to figures from the previous year.
Further to comments in the combined management report, the coronavirus pandemic has developed into a global economic crisis. In this regard, cyan is affected primarily by delays in the completion of projects and by postponements in the signing of contracts. At least in part, cyan has managed to mitigate the impact on financial results through cost-saving measures, in particular in relation to travel costs and the expenditure for trade fairs.
In conjunction with COVID-19, cyan has also evaluated whether there are sufficient grounds for an impairment of assets in accordance with IFRS 9. Based on the assumption that investment in protection against cybercrime will increase given that the lockdown has prompted a big move towards digitalization and a rise in the level of home office activity across all sectors, cyan further assumes that the widespread economic downturn will not affect the telecommunications sector, home to cyan's main customers and, for this reason, has not made adjustments to reflect the anticipated loss rates.
Another evaluation was performed to establish whether the outbreak of the COVID-19 pandemic constitutes sufficient grounds for an impairment in accordance with IAS 36. Due to the observable change in market interest rates, an evaluation of recoverability was performed again. For this, the Weighted Average Capital Costs (WACC) were adjusted. The analysis showed that the values-in-use of the assets remain higher than their book values, demonstrating that there is no requirement for an impairment.
The consolidated financial statements of CYAN AG are shown in thousand euro. The totalization of rounded figures can give rise to rounding variances caused by the use of automatic computing tools.
The management team takes the considered view that the consolidated statement of accounts includes all necessary adjustments required to provide a fair view of the assets, financial positions and profit and loss.
The annual accounts of subsidiaries whose functional currency is other than the euro are translated in accordance with the functional currency principle. For balance sheet items, this conversion takes place at the period-end exchange rate (the current rate method). Income and expense items are converted at the annual average rate. Resulting translation variances are recognized under Other Comprehensive Income (OCI) and are disclosed in the currency conversion provision as equity until the subsidiary is sold.
Conversion rate variances arising from fluctuations in the exchange rate between the date the transaction was posted and its impact on cashflow or its valuation on balance sheet date are recorded in terms of their impact on net income, as well as in the operating result.
| Average rate | Closing rate | |||
|---|---|---|---|---|
| 2020 | 2019 | 31/12/2020 | 31/12/2019 | |
| Bangladeshi Taka (BDT) | 97.098 | 94.424 | 103.874 | 94.889 |
| Chilean Peso (CLP) | 905.061 | 792.242 | 870.660 | 832.350 |
| Colombian Peso (COP) | 4,272.080 | 3,693.019 | 4,212.021 | 3,666.792 |
| Mexican Peso (MXN) | 24.512 | 21.557 | 24.291 | 21.264 |
| Peruvian Sol (PEN) | 4.079 | 3.761 | 4.676 | 3.765 |
| Hungarian Forint (HUF) | 351.205 | 325.231 | 359.020 | 330.710 |
| US Dollar (USD) | 1.141 | 1.120 | 1.217 | 1.111 |
The following table shows the foreign currency rates of all foreign currencies in which CYAN AG and its subsidiaries transact their business.
The preparation of the consolidated financial statements requires estimates and assumptions that affect the figures reported in the consolidated financial statements. The actual results may diverge from these estimates. The estimates and their underlying assumptions are subject to continuous review. Amendments of balance sheet estimates are recorded in the period in which the estimate was changed, and in all later periods of time. IFRS-based valuations performed by the management that have a substantial impact on the consolidated financial statements and estimates that carry a substantial risk of a major adjustment in the following year are explained in the respective items.
The assessment of recoverability of intangible assets, goodwill and tangible assets, is based on assumptions for the future. The assumptions employed for the impairment tests of goodwill are explained in the explanations to the consolidated statement of financial position in section 10, Intangible Assets. The determination of the useful life of assets involves estimates.
Impairments of receivables are accounted for on the basis of assumptions about the probability of default in accordance with the model of expected credit losses.
Other provisions are set up in response to current liabilities resulting from events in the past that give rise to an outflow of resources with an economic benefit, employing a figure that most probably reflects that value, based on reliable estimates. Details of provisions can be found in the explanations to the consolidated statement of financial position in section 20, Provisions.
The application and subsequence valuation of actual as well as deferred taxes are subject to uncertainties arising from complex taxation legislation in the different national jurisdictions, and that are also subject to regular amendments. Furthermore, the valuation of losses carried forward is contingent upon future results. Management assumes that it has come to a reasonable estimate of the uncertainties surrounding taxation and of future results. However, due to the existing uncertainties surrounding taxation and in relation to the estimation of future results, there is a risk of variances arising between actual results and the assumptions made in relation to the impact of these on the tax liabilities and deferred taxes. The following sections on the taxation of income explain tax-related details in greater depth.
The assessment of contracts with customers by the criteria of IFRS 15 is based on the estimates and assumptions in relation to the identification of separate performance-related obligations within a contract and the distribution of the transaction price to these in accordance with their individual selling prices. More detailed explanations are provided in the Accounting and Valuation Methods under 'Revenue from Contracts with Customers'.
Substantial estimates as lessee and lessor were required for the calculation of rights-ofuse and their associated leasing liabilities and receivables respectively. These are explained in greater detail in the Leasing part of the Accounting and Valuation Methods section.
The scope of consolidation is defined in accordance with IFRS provisions. As well as the annual accounts of CYAN AG, the consolidated financial statements also include the final accounts of companies (and their subsidiaries) in which CYAN AG has a controlling interest.
Subsidiaries are companies in which the corporation holds a controlling interest. A controlling interest exists when cyan can exercise control over the associated company, is exposed to fluctuating returns on its investment, and can influence returns in terms of their size due to the power to control. The annual accounts of subsidiaries are included in the consolidated financial statements from the time when cyan acquires a controlling interest in those subsidiaries, up to the time when this control by cyan ends.
| Company | Registered office | Share | Fully consolidated since |
|---|---|---|---|
| CYAN AG | Germany | ||
| CYAN International Solutions GmbHa | Austria | 100% | 1/1/2018 -30/6/2020 |
| CYAN Licencing GmbH | Austria | 100% | 1/1/2018 |
| CYAN Mobile Security GmbHa | Austria | 100% | 1/1/2018 -30/6/2020 |
| CYAN Networks Software Gesellschaft mbHa |
Austria | 100% | 1/1/2018 -30/6/2020 |
| CYAN research and development s.r.o.b | Czech Republic | 100% | 1/1/2018 -28/6/2019 |
| cyan security Chile S.p.A | Chile | 100% | 31/7/2018 |
| cyan security Colombia S.A.S. | Colombia | 100% | 31/7/2018 |
| cyan security Ecuador SASc | Ecuador | 100% | 31/12/2020 |
| CYAN Security Group GmbH | Austria | 100% | 1/1/2018 |
| Cyan security Peru S.A.C. | Peru | 100% | 31/7/2018 |
| Cyan security USA, Inc. | USA | 100% | 31/7/2018 |
| I-New Bangladesh Ltd. | Bangladesh | 100% | 31/7/2018 |
| I-New Hungary Kft. | Hungary | 100% | 31/7/2018 |
| I-New Unified Mobile Solutions GmbH | Austria | 100% | 31/7/2018 |
| I-New Unified Mobile Solutions, S.A. de C.V. | Mexico | 100% | 31/7/2018 |
| Say:Hola! S.A.S.d | Colombia | 100% | 31/7/2018 -31/3/2020 |
| smartspace GmbH | Austria | 100% | 31/7/2018 |
The scope of consolidation to December 31, 2020 is as follows:
a With the merger contracts on August 20, 2020, and August 28, 2020, the companies were merged with the parent company through an up-stream merger process.
b On finalization of the balance sheet on June 28, 2019, the liquidation of Cyan research and development s.r.o. was concluded, which is why it was deconsolidated in 2019.
c In 2020, cyan security Ecuador SAS was founded.
d On finalization of the balance sheet on March 31, the liquidation of Say: Hola! S.A.S. was concluded, which is why it was deconsolidated in 2020.
The consolidated financial statements were produced on the premise that CYAN AG is the parent company of cyan. The consolidated financial statements include all companies over which the parent company has a controlling influence ('control') through full consolidation.
The following table shows the changes in the basis of consolidation:
| Full consolidation | At-equity | |||
|---|---|---|---|---|
| 31/12/2020 | 31/12/2019 | 31/12/2020 | 31/12/2019 | |
| Balance at the beginning of the | ||||
| reporting period | 16 | 17 | 0 | 0 |
| Included for the first time | 1 | 0 | 0 | 0 |
| Deconsolidation due to mergers | 3 | 0 | 0 | 0 |
| Deconsolidated | 1 | 1 | 0 | 0 |
| Balance at the end of the reporting | ||||
| period | 13 | 16 | 0 | 0 |
For the first time, application of the following amended standards is mandatory:
| Standard | Content | Effective |
|---|---|---|
| Framework Concept, | ||
| Amendment | Revision of Framework Concept for Financial Reporting | 1/1/2020 |
| IFRS 3, Amendment | Definition of a Business | 1/1/2020 |
| IAS 1 and IAS8, | ||
| Amendment | Definition of Materiality | 1/1/2020 |
| IFRS 9, IAS 39 and IFRS 7 | Interest Rate Benchmark Reform I | 1/1/2020 |
These amendments had no significant impact on the asset, financial and earnings position of cyan.
Application of the following amendments or new editions of standards and interpretations is not mandatory or applicable or have not yet been adopted by the EU:
| Standard | Content | Effective |
|---|---|---|
| IFRS 17 | Insurance Contracts | 1/1/2023 |
| IAS 1 | Classification of liabilities as current or non-current | 1/1/2023 |
| Miscellaneous | Improvements to IFRS, Cycle 2018-2022 | 1/1/2022 |
| IFRS 3 | Amendments to References to the Framework Concept in | |
| the IFRS | 1/1/2022 | |
| IAS 16 | Tangible assets | 1/1/2022 |
| IAS 37 | Provisions, contingent liabilities and contingent | |
| receivables | 1/1/2022 | |
| IFRS 16 | COVID-19-related Amendments to Rental Franchises | 1/6/2020 |
| IFRS 9, IAS 39, IFRS 7, | ||
| IFRS 4 and IFRS 16 | Interest Rate Benchmark Reform Phase II | 1/1/2021 |
| IFRS 4 | Insurance contracts - prorogation of IFRS 9 | 1/1/2021 |
The standards listed above – unless adopted by the EU – will not be applied prematurely. From a current perspective, cyan does not anticipate any significant impacts on its asset, financial and earnings position arising from these amendments to and new editions of standards and interpretations.
cyan has applied IFRS 15 Revenues from Contracts with Customers. Further to IFRS 15, the time when the transfer of title to goods and services takes place, and the point where the customer can make use of them, is decisive in relation to the time when revenue is generated. To this end, cyan has applied the 5-step model for quantifying the extent and timing of the revenue recognition:
In its customer contracts, cyan has identified the following performance-related obligations: Granting of Licenses, Technical Support and Maintenance as well as Updates.
During the process of selling licenses by cyan, the customer acquires the right to use intellectual property and thus revenue is recognized when the license is sold. Critical to the timing of this is the point from which the customer is able to use the license and therefore to derive benefit from it. One example of this involves the licenses for using the cybersecurity software developed by cyan. Another involves the licenses for using the BSS/OSS software solution developed by i-new.
During the term of the contract, further services are to be delivered, for example in the form of technical support and maintenance. In this case it is assumed that an obligation to provide such services exists in accordance with IFRS 15.26 e) and therefore revenue is recognized over the specified period of time.
In the context of technical support for the BSS/OSS solution, provision of as well as support and maintenance for the technical platform, used for connection to the MNO, is included. The services delivered in the BSS/OSS segment are not hosting services because these do not become the property of customers when they use the solution transferred to them but can instead also be used at the same time by other customers.
Irregular updates occur with the BSS/OSS software solution. However, unrestricted use can still be made of the software solution originally provided, even without updates.
For customer contracts in the cybersecurity segment, ongoing updates of databases may be provided. These are fully automated and involve the use of self-learning algorithms. The original version of the software provided, installed on customer systems, remains functionally capable and can still be used effectively, even without updates, to provide end customers with a corresponding level of cybersecurity. While updates can improve quality and topicality, neither of these is critical in terms of software functionality because these updates only relate to part of the functional scope and are not essential for the ability of customers to use the software and/or the licenses. Therefore, these updates are also based upon the premise of an obligation to provide said services in accordance with IFRS 15.26 e) and therefore on the recognition of revenue over a specific period of time.
Revenues are recognized at the transaction price. The transaction price is the consideration in exchange for the anticipated level of performance delivered. Anticipated discounts and cash discounts as well as amounts obtained on behalf of third parties (sales tax) are deducted from this. If the service and the payment take place within a one-year period, no adjustment needs to be made in terms of applying any interest charges.
The transaction prices should be regarded as fixed, particularly with regard to the point in time at which revenue is recognized (sales quantity x unit price). In relation to contracts that include longer payment terms, it is assumed that a significant financing component exists for those revenues that are allocated to services that are already provided at the beginning of the contract. The transaction price assigned to this service is therefore discounted and then an interest component is added to it.
The over-time recognition of revenue is based on the elapsed contractual term as a proportion of the full term of the contract in question. The management has reached the considered view that the proportion of time that has elapsed at closing date in relation to the total time anticipated for delivery of a service represents a reasonable measure for the level of completion of these performance obligations as defined in IFRS 15.
The usual target payment period for cyan is 30 days.
Agreements to take back purchases are only included on a 'best effort' basis and therefore have no impact on the allocation of the transaction price or the recognition of revenue.
In cases where a service is delivered before consideration is received, contract assets are capitalized.
Trade receivables are disclosed if there is a direct entitlement to receive payment.
Wherever additional costs are incurred when concluding a contract and where its associated sales revenues are generated over a one-year period, these costs must be recognized as assets and then written down progressively as actual sales revenues are generated.
Income tax expenses (or tax income) for the period is the amount of tax payable on the taxable income of the current period based on the applicable rate of tax on earnings (reconciled to include changes in deferred taxation claims and liabilities arising from temporary variances and, where applicable, any unused tax losses).
Deferred taxes on income (expenses or income) result from temporary variances between the book value of an asset or a debt on the balance sheet and its tax value. In accordance with IAS 12 (taxes on earnings), the deferred tax assets and deferred taxes reflect all temporary valuation and balance sheet variances between the tax balance sheet and the IFRS final accounts. Moreover, deferred taxes are formed on the basis of tax losses carried forward.
At CYAN AG, the trade tax loss carried forward amounts to approximately EUR 7 million (2019: EUR 8 million) and a corporation income tax loss carried forward amounts to roughly EUR 7 million (2019: EUR 8 million). In future, since it will be improbable to carry forward unused losses, no provision is being set up for deferred taxation.
In relation to the consolidated tax-sharing agreement of December 18, 2014, CYAN Security Group GmbH as group leader forms a tax corporation with CYAN Networks Software GmbH in accordance with Section 9 of the Austrian Corporate Income Tax Code (öKStG). Over the last few years, this fiscal group of companies has been extended to include several group members. The core concept for taxation of the group involves grouping together the tax results of financially affiliated entities with the group leader. All companies that belong to the group calculate their respective revenues separately. The resultant taxation charge is then charged to the group leader (standalone method) in the form of distributions of the tax burden. The results of all companies are unified with the group leader and taxation is levied accordingly.
With a contribution and contribution in kind contract dated Jul 5, 2019, CYAN AG has contributed its entire holding in CYAN Security Group GmbH to its subsidiary I-New Unified Mobile Solutions GmbH as an investment in kind. As a result of restructuring, the existing group was dissolved and a new group was set up, with I-New Unified Mobile Solutions GmbH as group leader and with CYAN Security Group GmbH, CYAN Mobile Security GmbH, CYAN Networks Software GmbH, CYAN International Solutions GmbH, CYAN Licencing GmbH, and smartspace GmbH as group members.
Since in 2020 a retroactive merger was agreed, whereby CYAN Mobile Security Group GmbH, CYAN Networks Software GmbH, and CYAN International GmbH merged with CYAN Security Group GmbH, in 2020 only I-New Unified Mobile Solutions GmbH, CYAN Security Group GmbH, CYAN Licencing GmbH, and smartspace GmbH are now included in the group.
For following years, pre-group losses amounting to about EUR 24 million are available. Without any time limit, these can be offset to the extent of 75% against future profits.
| Company | 2020 | 2019 |
|---|---|---|
| CYAN AG | 32.975% | 30.0% |
| CYAN International Solutions GmbH | - a |
25.0% |
| CYAN Licencing GmbH | 25.0% | 25.0% |
| CYAN Mobile Security GmbH | a - |
25.0% |
| CYAN Networks Software Gesellschaft mbH | - a |
25.0% |
| cyan security Chile S.p.A | 27.0% | 27.0% |
| cyan security Colombia S.A.S. | 32.0% | 33.0% |
| cyan security Ecuador SAS | 25.0% | 25.0% |
| CYAN Security Group GmbH | 25.0% | 25.0% |
| Cyan security Peru S.A.C. | 29.5% | 29.5% |
| Cyan security USA, Inc. | 26,5%b | 26,5%b |
| I-New Bangladesh Ltd. | - c |
- c |
| I-New Hungary Kft. | 9.0% | 9.0% |
| I-New Unified Mobile Solutions GmbH | 25.0% | 25.0% |
| I-New Unified Mobile Solutions, S.A. de C.V. | 30.0% | 30.0% |
| Say:Hola! S.A.S. | - d |
33.0% |
| smartspace GmbH | 25.0% | 25.0% |
For the fully consolidated companies, the following rates of income tax were applied:
aMerged b 21% + 5.5%
c Tax exempt d Deconsolidated
Intangible Assets and Goodwill
Purchased intangible assets are valued in accordance with IAS 38 at acquisition costs or costs of production and any applicable impairments less scheduled pro-rata temporis depreciation. Extraordinary depreciation is applied if circumstances exist that justify an impairment.
Software licenses acquired are capitalized as assets on the basis of acquisition costs and commissioning of the software. These costs are amortized over the estimated useful life, which is between 3 and 5 years.
Since the period of time during which brand rights are expected to generate cashflows cannot be estimated, these are not amortized of a defined timeframe. Instead, they are written down when impairment occurs.
Research expenses are expensed as incurred. Development expenses are capitalized as assets whenever the corresponding criteria for IAS 38 are satisfied. Capitalized development expenses are carried at cost of production, less depreciation and impairment, assuming a depreciation period of between 3 and 10 years.
Intangible assets acquired in the context of a corporate merger are recognized separately from goodwill and are measured at fair value at the time of acquisition.
During the subsequent periods, intangible assets acquired in the context of a corporate merger as well as individually acquired intangible assets are valued on the basis of their acquisition costs less cumulative impairment and any cumulative depreciation charges.
Goodwill arises in the course of corporate acquisitions from the associated consideration paid and the total of all non-controlling interests in the company acquired less the balance of identifiable assets and debt taken on measured at fair value. If the difference is negative, the calculation for the consideration transferred and the purchase price allocation needs to be reexamined. If a further examination yields a negative difference, this is recorded on the statement of consolidated income. If the variance figure is positive, goodwill is recognized.
During the acquisition of CYAN Security Group GmbH and its subsidiaries, goodwill, technologies and customer relationships were capitalized. Goodwill is not subject to scheduled depreciation. IAS 36 requires an impairment test to be carried out once a year. If any indication for an impairment is discovered, such impairment test is to be conducted immediately.
The technologies are depreciated on a straight-line basis over their useful life (7 years). The customer relationships are amortized over the estimated useful life (9 to 12 years).
Tangible assets (property, plant and equipment) are carried in the balance sheet as assets at their acquisition costs less cumulative depreciation. Acquisition costs comprise the purchase price, ancillary costs and subsequent acquisition costs less any deductions they may contain on the purchase price.
Subsequent costs are included in the book value of an asset or may if necessary be recorded as a separate asset figure, but only if it is probable that the company will obtain a future economic benefit from the asset and if the costs of that asset can be established reliably. The book value of any part that is replaced is derecognized. All other repair and maintenance costs are recorded to the statement of comprehensive income for the reporting period in which they are incurred.
Tangible assets are depreciated using the straight-line method over their estimated useful life. When defining the estimated useful life, due account is taken of the expected economic and technical service life. The estimated useful life for tangible assets: 3 to 5 years for IT equipment, 4 to 10 years for other business and office equipment and 33.33 years for buildings. The recoverability of book values and periods of use for assets is examined on every balance sheet date and is adjusted as and when necessary. Whenever assets are sold, decommissioned or scrapped, the difference between the net proceeds and the net book value of the asset is recorded as a profit or a loss in other operating income or expenditure.
Investment grants are recorded under equity and liabilities, as part of other liabilities, using the gross method without affecting net income. Investment grants are recognized as other income in the consolidated statement of comprehensive income over the useful life of the assets for which they were obtained for.
An impairment test, as defined in IAS 36, must be conducted at least once a year for goodwill, intangible assets with an indefinite useful life and intangible assets that are not yet available for use. The recoverability of book values for all other assets, with the exception of ones that are valued at their fair value in the statement of profit and loss, or that are subject to special regulations from a different standard governing the checking of recoverability, only needs to be checked if there are indications for an impairment.
Since corresponding data for carrying out an impairment test at the level of individual assets frequently do not exist, cash generating units are formed for the purposes of an impairment check. These are defined as the smallest identifiable group of assets that generate cash inflows that are almost entirely independent of the cash inflows from other assets or from other groups of assets. For the purposes of the impairment test, a goodwill figure is established at the time of acquisition and is allocated by cyan to those cashgenerating units (or groups of them) that are expected to deliver a benefit resulting from the synergies of the merger. Cash-generating units to which a proportion of that goodwill was assigned need to be examined on an annual basis for impairment. If indications of impairment are found to exist for a unit, it may be necessary to conduct impairment tests more frequently. If the achievable amount of a cash-generating unit is less than the book value of the unit, the cost of impairment must first be allocated to the book value of each goodwill figure and then proportionally to other assets on the basis of the book value of each of those assets, as a proportion of total book value of assets within that unit. Here, the achievable amount is the higher figure from value-in-use and associated fair value less disposal costs.
The impairment test is conducted using the Value-in-Use concept, the achievable figure is established on the basis of the value-in-use.
Any resulting impairment loss is recognized in the statement of profit and loss, hence with an effect on earnings. If the reason for an impairment ceases to exist in a subsequent period, the impairment loss is reversed affecting earnings. Any impairment loss relating to goodwill cannot be reversed in future periods.
A decisive factor for recognition on the balance sheet in accordance with IFRS 16 is whether the leased object constitutes an identifiable asset where the lessee can determine the form of use and is entitled to the economic benefits from the asset. For each lease, the lessee records a liability for future lease payments to be made. At the same time, a right-of-use asset is capitalized at the present value of the future lease payments and is subsequently depreciated on a straight-line basis. This standard affects cyan particularly in conjunction with the leasing of office premises, server rooms, data lines and vehicles.
The valuation of a leasing liability is based on the present value of the future lease payments. Leasing payments are discounted using the incremental borrowing rate. The rights of use corresponding to the leasing liability are adjusted to reflect any advance or deferred lease payments.
The incremental borrowing rate used to discount lease liabilities was derived from the interest rate on German federal bonds taking due account of the markup for the credit rating, the sovereign risk and the inflation differential. The average weighted incremental borrowing rate applied by cyan is 1.28% (2019: 1.14%).
The leasing liability features the following maturities:
| in EUR thousand | 31/12/2020 | 31/12/2019 |
|---|---|---|
| Leasing liabilities | 6,150 | 3,447 |
| Thereof non-current | 4,970 | 2,812 |
| Thereof current | 1,180 | 635 |
IFRS 16 mandates estimates that influence the valuation of the usage rights as well as the leasing liabilities. These include the contract duration and the applied incremental borrowing rate to discount future leasing payment obligations.
The following table shows the impact of lease contracts in the statement of profit and loss.
| in EUR thousand | 31/12/2020 | 31/12/2019 |
|---|---|---|
| Depreciation of buildings | 671 | 388 |
| Depreciation of other equipment, operating and office equipment | 104 | 98 |
| Interest expense | 71 | 32 |
| Income from subleasing of rights of use in connection with buildings | 274 | 0 |
| Interest income | 5 | 1 |
The total lease payments in 2020 amounted to EUR 1,164 thousand (2019: EUR 515 thousand).
cyan leases various office premises, server rooms, vehicles and fiber-optic cables. Lease contracts for buildings usually run for 10 years or for an indefinite period, 5 years for colocation sevices, 5 years for vehicles and 5 years for fiber-optic cables.
In 2019, a shortage of space prompted the leasing of a larger office, and the office used previously was sub-let starting November 2019. The term of that subletting contract is the same as the term of the lease contract. For this, the usage rights were derecognized, and a leasing receivable was set up. As a result of the sub-lease to a customer, a leasing receivable was capitalized in 2020.
A number of cyan's property and plant lease contracts include extension and termination options. Contractual terms of this kind are used to assure cyan of maximum operational flexibility in relation to the assets used by the group. The majority of existing extension and termination options can only be exercised by the group and by its respective lessors.
The application of IFRS 16 at cyan in 2020 has a positive impact of EUR 1,164 thousand on EBITDA because in conjunction with IFRS 16, no rental cost is incurred. Since in relation to sub-leases associated with IFRS 16 no lease revenue is recorded, this has a negative impact on EBITDA amounting to EUR 274 thousand. Due to the adjustment of the lease contract of the former office building (on which no usage right is now available), the EBITDA was reduced by EUR 8 thousand. Through a sub-lease with a customer, the EBITDA was increased by EUR 57 thousand. In addition, with CYAN Peru, CYAN Chile and CYAN Colombia, foreign exchange gains to the value of EUR 75 thousand were obtained, as a result of contracts denominated in USD. These are set against depreciation amounting to EUR 775 thousand that reduce the EBIT. After interest expenses of EUR 71 thousand and interest income of EUR 5 thousand, an effect from IFRS 16 applies to the period
result, to the amount of EUR 173 thousand. Interest incurred is disclosed in the financial results.
The following table shows the receivables from financial leasing arrangements:
| in EUR thousand | 31/12/2020 | 31/12/2019 |
|---|---|---|
| Due in one year | 274 | 156 |
| Due between 1 and 2 years | 274 | 156 |
| Due between 2 and 3 years | 183 | 156 |
| Due between 3 and 4 years | 118 | 65 |
| Due between 4 and 5 years | - | - |
| Due in more than five years | - | - |
| Total undiscounted leasing payments | 849 | 533 |
| Non-guaranteed residual values | - | - |
| Depreciation of other equipment, operating and office equipment | -6 | -6 |
| Present value of lease payments to be received | 843 | 527 |
| Impairment for uncollectible lease payments | - | - |
| Net investment value from leases | 843 | 527 |
Undiscounted leasing payments:
| in EUR thousand | 31/12/2020 | 31/12/2019 |
|---|---|---|
| Due within one year | 274 | 156 |
| Due in more than one year | 575 | 377 |
Net investment value from leasing:
| in EUR thousand | 31/12/2020 | 31/12/2019 |
|---|---|---|
| Due within one year | 271 | 153 |
| Due in more than one year | 572 | 374 |
The options pursuant to IFRS 16.5 for short-term leasing arrangements with a term of up to one year and for leasing arrangements where the underlying asset is a low value good (less than EUR 5,000) have been adopted. The associated lease payments are recorded as expense in a straight-line fashion over the term of the lease arrangement. A total of EUR 203 thousand was incurred for short-term lease arrangements, and EUR 28 thousand for low-value lease arrangements.
IFRS 9 contains three valuation categories which represent valuation at amortized acquisition costs, valuation at fair value with changes recognized through the statement of profit and loss and valuations at the fair value with changes in value recognized through other comprehensive income.
At this time, and for the following reasons, at cyan only the valuation at amortized acquisition costs is being applied.
Fundamentally, the fair values for financial instruments do not differ from their book values because the interest-related receivables and liabilities either virtually correspond to current market rates, or the instruments are current.
In the case of trade receivables (receivables from goods and services), other receivables, cash and cash equivalents as well as the trade payables (liabilities from goods and services) and other liabilities, due to the predominantly short-term nature of these items, their book values by and large match their associated fair values. Variable rates of interest are applied to financial liabilities so no difference to the associated fair value exists, or the associated fair values virtually correspond to their book values at fixed rates of interest.
Impairments must be conducted in relation to financial assets that are valued on the basis of amortized cost, and to contract assets.
cyan makes use of the simplified procedure for trade receivables, which under certain conditions for the assessment of impairment for these financial assets allows to always take place at the level of the expected credit loss using a distribution matrix.
As a basis for estimated, expected credit losses, experience-based values are derived from actual historical credit losses from the previous 3 years. In relation to receivables and leasing receivables with an impaired credit rating ('Level 3') and for contract assets, specific provisions for bad debt are set up.
Inventories are valued at the lower figure from purchase costs or manufacturing costs and the net disposal value. The net disposal value is the estimated proceeds from a sale, less the estimated costs of completion and the sale transaction. Purchase costs or manufacturing costs are established on the basis of the moving average price procedure.
Provisions for performance-based liabilities are set up to cover the legal entitlement of employees. Employees are entitled to a severance payment when they reach retirement age and when the employer terminates their employment. The level of these claims is determined by the number of years of service and by the salary level at the severance date. Calculated in accordance with actuarial principles based on the projected unit credit method. Contribution-oriented liabilities exist for salaried staff in Austria whose employment relationship began after December 31, 2002. These severance payment liabilities are covered by the ongoing payment of corresponding contributions to an employee social security fund held in an account of the employee.
Cash and cash equivalents are classified as cash in hand and as credit balances in banks and may include other short-term highly liquid capital assets with an original term of up to three months. They are recorded at nominal value.
In accordance with IFRS 9, financial liabilities are recognized initially at the associated fair value less any transaction costs incurred. The following assessment is based on amortized cost. The difference between the cash-inflow (after deduction of transaction costs) and the repayment figure is recorded in the statement of comprehensive income over the term of the financial liabilities, applying the effective interest method.
Trade payables are liabilities from the payment of goods or services that were acquired from suppliers in the course of normal business activity. Trade payables are classified as short-term liabilities if payment falls due within one year or sooner. Initially, trade payables are recorded at their fair value, and are then valued as amortized costs by applying the effective interest method.
The book value of other liabilities corresponds to the associated fair value, as they are mainly current.
Provisions are set up if the company as the result of a past event incurs a current (legal or factual) liability for which it is probable that the company will be obliged to fulfill it, and where a reliable estimate of the value of that liability can be performed. The valuation of provisions is based on the present value of the best possible estimate by the management expenses required at the end of the reporting period to fulfill the current liability. The expenses for a provision are recorded in the statement of comprehensive income.
No corporate acquisitions took place in 2020 and 2019.
When I-New Unified Mobile Solutions GmbH was acquired by CYAN AG in 2018, an earnout clause was agreed with the former shareholders which provides for a results-based supplement to the purchase price when defined EBITDA thresholds are achieved in the following years of 2019 to 2021. Due to a one-off license deal, the EBITDA threshold was exceeded in 2019.
To determine the supplement to the purchase price, a consolidated balance sheet and income statement were set up for the original I-New Group (elimination of inclusion of Cyan Security Group GmbH) including explanatory details. In 2019, the original I-New group achieved an EBITDA of EUR 11,525 thousand which led to the recognition of a liability amounting to EUR 817 thousand for the earn-out payment to former shareholders. In 2020 the EBITDA was EUR 8,040 thousand so a liability of EUR 1,021 thousand was recognized. The current budget figures for the I-New Group envisage an EBITDA for the forthcoming 2021 financial year that is below the EBITDA threshold provided for in the share purchase contract.
Accordingly, the fair value calculated for earn-out components for the 2021 financial year amounts to zero. The associated fair value of the conditional purchase price liabilities for the I-New companies is based on the discounted cashflow method (Level 3). The valuation model takes into account the cash value of the expected payment based on the EBITDA forecast for the next two years, with interest levied at a risk-adjusted rate. The associated fair value on the balance sheet date is EUR 0.00.
Reporting across the business segments takes place in a way that coincides with the internal reporting body to the Management Board that acts as the main decision-making body (Management Approach). Accordingly, the Management Board is responsible for the allocation of company resources for both segments.
cyan has two segments that are used to manage the company: Cybersecurity and BSS/OSS, oriented on the type of products they offer. The Management Board decided in favor of this form of segmentation because it best reflects the opportunity & risk structure of the company. The distinctive nature of customer groups and the technical solutions and products used provide clear separation between the segments.
This segment includes all the services delivered by cyan that are based on application of the filter technology used in B2B2C business. In this segment, cyan delivers its services in conjunction with products such as OnNet Security, OnDevice Security, Child Protection or Clean Pipe. The growth prospects in this segment are viewed in a very favorable light. In the OnNet sector especially, an independent study conducted by an international strategy consultancy company anticipates annual growth of 50 % by 2023.
At present, the geographical focus is primarily on Europe, but other regions (such as North America, Asia and Africa) are to be supplied by cyan with cybersecurity gradually.
In this segment, MVNOs are offered the entire range of products needed to operate a virtual mobile operator. The array of solutions offered by cyan includes connection to the network of an MNO, billing, the management of credit balances, provisioning, etc.
The primary geographic focus of this segment is on South America. Here the strong market position of the company is to be expanded through the acquisition of new customers and, at the same time, the range of services is to be extended continuously. However, cyan is also endeavoring to establish a foothold in EMEA with its BSS/OSS solution.
Segment reporting, in accordance with IFRS 8, is to be based on internal control and reporting (Management Approach). The line of separation between the business segments and their corresponding report contents are therefore based, as mentioned previously, on the reporting structure within cyan, with the Management Board as the main decisionmaking body.
Accordingly, operational segments with mandatory reporting requirements are defined as the 'Cybersecurity' segment (consisting of Cyan Security Group GmbH and its subsidiary), and the 'BSS/OSS' segment (consisting of I-New Unified Mobile Solutions GmbH and its subsidiaries with the exception of the subsidiaries assigned to the 'Cybersecurity' division). Both segments are constituent parts of the corporation that conduct business activities that give rise to sales revenues and expenditures, the results of which are monitored by the Management Board of CYAN AG for the purposes of measuring success and resource allocation, with separate financial information available for each. While both segments operate in the technology and software sector, each offers distinctive products and services, which is why each is monitored separately by the Management Board of CYAN AG.
Both business segments outperform the quantitative threshold values. No further business segments exist beyond these two. The 'Transition' column includes the activities of CYAN AG that have not been allocated to either of these two segments and to consolidations performed at group level.
| BSS/OSS | Cybersecurity | Transition | Total | |||||
|---|---|---|---|---|---|---|---|---|
| in EUR thousand | 2020 | 2019 | 2020 | 2019 | 2020 | 2019 | 2020 | 2019 |
| Segment total earningsa | 19,673 | 20,381 | 5,707 | 11,712 | - | 414 | 25,379 | 32,507 |
| Segment revenues | 18,180 | 18,406 | 3,113 | 8,348 | - | - | 21,293 | 26,754 |
| Thereof with external customers | 18,180 | 18,406 | 3,113 | 8,348 | - | - | 21,293 | 26,754 |
| Thereof with other segments | - | - | - | - | - | - | - | - |
| EBITDA | 8,437 | 11,512 | -11,327 | 3,650 | -2,167 | -3,493 | -5,058 | 11,670 |
a Total of revenue, other operating income and changes in inventories
| BSS/OSS | Cybersecurity | Transition | Total | ||||
|---|---|---|---|---|---|---|---|
| 2020 | 2019 | 2020 | 2019 | 2020 | 2019 | 2020 | 2019 |
| 83 | 91 | 66 | 36 | 0 | 0 | 149 | 127 |
| BSS/OSS | Cybersecurity | Transition | Total | |||||
|---|---|---|---|---|---|---|---|---|
| in EUR thousand | 2020 | 2019 | 2020 | 2019 | 2020 | 2019 | 2020 | 2019 |
| Impairment | -229 | -431 | - | - | - | - | -229 | -431 |
The following table shows how the long-term tangible assets, the intangible assets and the deferred tax assets of cyan reflecting the region of origin of the company.
| BSS/OSS | Cybersecurity | Transition | Total | |||||
|---|---|---|---|---|---|---|---|---|
| in EUR thousand | 2020 | 2019 | 2020 | 2019 | 2020 | 2019 | 2020 | 2019 |
| Americas | 1,625 | 976 | - | - | - | - | 1,625 | 976 |
| APAC | 23 | 1 | - | - | - | - | 23 | 1 |
| EMEA | 15,974 | 18,664 | 47,386 | 47,431 | 47 | 18 | 63,407 | 66,114 |
| Non-current tangible assets, intangible | ||||||||
| assets and deferred tax assets | 17,622 | 19,641 | 47,386 | 47,431 | 47 | 18 | 65,055 | 67,091 |
The countries of their respective customers or companies that were assigned to these regions.
The following table shows how the additions of long-term tangible assets and intangible assets reflecting the region of origin of the company.
| BSS/OSS | Cybersecurity | Transition | Total | |||||
|---|---|---|---|---|---|---|---|---|
| in EUR thousand | 2020 | 2019 | 2020 | 2019 | 2020 | 2019 | 2020 | 2019 |
| Americas | 1,261 | 66 | - | - | - | - | 1,261 | 66 |
| APAC | 75 | - | - | - | - | - | 75 | - |
| EMEA | 223 | 66 | 2,668 | 2,544 | 40 | - | 2,931 | 2,610 |
| Additions to non-current tangible | ||||||||
| assets, intangible assets | 1,559 | 132 | 2,668 | 2,544 | 40 | - | 4,267 | 2,676 |
The accounting and valuation methods of the reporting segments match the group's accounting and valuation methods described above.
All revenues result exclusively from contracts with customers as defined in IFRS 15 and include all earnings that result from the ordinary business activity of cyan. In this financial year, cyan was able to sign new customer contracts and to extend contracts with existing customers. There have been no significant changes in revenue levels.
| BSS/OSS | Cybersecurity | Total | ||||
|---|---|---|---|---|---|---|
| in EUR thousand | 2020 | 2019 | 2020 | 2019 | 2020 | 2019 |
| Americas | 14,433 | 15,627 | - | - | 14,433 | 15,627 |
| Thereof Colombia | 1,040 | 4,192 | 1,040 | 4,192 | ||
| Thereof Mexico | 12,883 | 1,511 | - | 12,883 | 1,511 | |
| Thereof other countries | 510 | 9,924 | 510 | 9,924 | ||
| APAC | 3,343 | 1,545 | - | - | 3,343 | 1,545 |
| Thereof Bangladesh | 2,075 | 417 | 2,075 | 417 | ||
| Thereof New Zealand | 1,268 | 1,127 | 1,268 | 1,127 | ||
| EMEA | 404 | 1,234 | 3,113 | 8,348 | 3,517 | 9,582 |
| Thereof Austria | 118 | 385 | 2,824 | 3,408 | 2,941 | 3,793 |
| Thereof other countries | 286 | 849 | 290 | 4,940 | 576 | 5,789 |
| Revenues | 18,180 | 18,406 | 3,113 | 8,348 | 21,293 | 26,754 |
The following table shows the sales revenues of cyan, split by region of origin of each business partner.
In the cybersecurity segment, the revenues from two customers amount to EUR 2,860 thousand (2019: EUR 7,875 thousand). In the BSS/OSS segment, revenues from three customers amount to EUR 16,752 thousand (2019: EUR 11,906 thousand).
At the end of the reporting period, EUR 21,458 thousand are attributable to the allocated transaction prices of performance obligations not yet settled.
The following table shows the allocated transaction prices of performance obligations that have not yet been fulfilled split by due date.
| in EUR thousand | Up to 1 year | 2 -5 years | 5 years |
|---|---|---|---|
| Transaction prices | 4,076 | 17,382 | - |
The other operating income, income from reversals of impairment losses and changes in inventories and capitalized own work comprise the following items:
| in EUR thousand | 2020 | 2019 |
|---|---|---|
| Change in inventories and capitalized own work | 2,011 | 3,615 |
| Income from subsidies/research grants | 762 | 499 |
| Income from reversal of impairment losses | 983 | - |
| Exchange rate gains | 164 | 267 |
| Other | 167 | 1,372 |
| Other income, income from reversals of impairment losses and | ||
| changes in inventories | 4,086 | 5,753 |
The changes in inventories relate to contract costs associated with the fulfillment of customer contracts as a result of IFRS 15, as well as to development costs capitalized in accordance with IAS 38 (2019). The research grant is a form of financial support for the costs incurred by research and development and is paid out by the Austrian tax authorities. In 2019, income from reversals of impairment losses of EUR 591 thousand were included in other income and not shown as separate item.
The cost of materials and services procured as shown in the statement of profit and loss and in the statement of comprehensive income constitute:
| in EUR thousand | 2020 | 2019 |
|---|---|---|
| Cost of materials | -386 | -457 |
| Cost of services procured | -3,888 | -3,417 |
| Cost of materials and services procured | -4,274 | -3,874 |
The services procured relate primarily to third-party services and to miscellaneous services in the domestic market, in the EU, in third countries and to IT consultancy support.
Personnel costs include the following items:
| in EUR thousand | 2020 | 2019 |
|---|---|---|
| Salaries | -8,755 | -8,938 |
| Expenses for social security contributions and payroll taxes | -1,984 | -1,554 |
| Other personnel expenses | -370 | 105 |
| Personnel expenses | -11,108 | -10,387 |
The decline in salaries shown in personnel costs, despite an increase in the number of employees compared to the previous year results from changes in the levels of variable remuneration. The positive balance of Other personnel expenses in 2019 results from changes to bonus payments and from changes to vacation provisions. The average number of employees is 149 (2019: 127). These are divided as follows on the basis of geographical features:
| 2020 | 2019 | |
|---|---|---|
| European Union (excl. Austria) | 31 | 30 |
| Austria | 84 | 67 |
| South America | 29 | 26 |
| Asia | 5 | 4 |
| Rest of the world | - | - |
| Average number of employees | 149 | 127 |
In 2020, the impairment expenses of trade receivables, and contract assets primarily affects the impairment of contract assets amounting to EUR 4,785 thousand following bankruptcy filing by Wirecard. The contract with Virgin Mobile also entails a write-down to the value of EUR 565 thousand. The remaining EUR 746 thousand are provisions for bad debt. In 2019, EUR 435 thousand are due to the write-downs of three receivables, EUR 303 thousand from lump-sum impairments in accordance with IFRS 9, and EUR 291 thousand from provisions for bad debt.
Other expenses include the following items (type of expenditure item):
| in EUR thousand | 2020 | 2019 |
|---|---|---|
| Fees | -195 | -250 |
| Rental expenses | -365 | -387 |
| Consulting fees | -2,494 | -2,881 |
| Insurance | -242 | -187 |
| Travel expenses | -221 | -655 |
| Advertising expenses | -913 | -376 |
| Research and development | -330 | -132 |
| Exchange rate differences | -2,166 | - |
| Other | -2,032 | -679 |
| Other expenses | -8,958 | -5,547 |
The consultancy costs include expenditure on technical, legal and tax advice, and other consultancy services. Other expenses include administration costs, financial transaction charges and contributions as well as the earn-out payments in relation to I-New Unified Mobile Solutions GmbH. In the previous year, the foreign exchange differences amounting to EUR 131 thousand were recognized in Other expenses.
In the statement of comprehensive income, the following charges for depreciation are included:
| in EUR thousand | 2020 | 2019 |
|---|---|---|
| Amortization of intangible assets | -4,889 | -5,149 |
| Depreciation on property, plant and equipment | -1,092 | -992 |
| Depreciation and amortization | -5,981 | -6,141 |
More details about depreciation can also be found under sections 10 and 11 as well as in the Accounting and Valuation Methods under the section concerning Intangible Assets, Tangible Assets and Leasing.
| in EUR thousand | 2020 | 2019 |
|---|---|---|
| Interest income | ||
| Loans | 0 | 0 |
| Other | 704 | 131 |
| Financial income | 704 | 132 |
| Interest and similar expenses | ||
| Leasing liabilities | -71 | -32 |
| Interest on loans | -11 | -172 |
| Other | -61 | -18 |
| Financial expenses | -143 | -222 |
| Financial result | 561 | -91 |
The majority of financial income results from the interest charged on contract assets. Interest expenses are due to third-party financing (e.g., bank loans and other loans).
Actual tax refund claims and tax liabilities are netted if the company has an enforceable right to offsetting and if it intends to achieve a net basis settlement or to offset claims against liabilities simultaneously.
| in EUR thousand | 2020 | 2019 |
|---|---|---|
| Expenses for current income taxes | -489 | -1,091 |
| Tax credits/back payments for previous years | 31 | -18 |
| Change in deferred income taxes | 1,669 | 200 |
| Income taxes | 1,210 | -909 |
The group tax rate is defined as the ratio of recorded income tax expenses to the earnings before taxes. The cost of tax is calculated at the applicable tax rates in the various jurisdictions. In accordance with IAS 12, the tax rate to be applied is the most suitable one for the information interests of the final account addressees. In most cases, this is the tax rate in the country in which the company is headquartered. Since CYAN AG, a company based in Germany, operates solely as a holding company while the majority of its operational subsidiaries have their head offices in Austria, Austrian corporation tax is applied at the rate of 25% (2019: 25%) when the tax transition account is created.
Transition of the computed tax on income at the recorded cost of tax on revenues is presented as follows:
| in EUR thousand | 2020 | 2019 |
|---|---|---|
| Income before income taxes | -10,478 | 5,438 |
| Income tax expense based on the austrian corporate income tax rate | 2,619 | -1,360 |
| Differences due to different tax rates | -3 | 170 |
| Tax-free income | 842 | 116 |
| Non-deductible expenses | -577 | -669 |
| Taxes from previous periods | 31 | -18 |
| Losses of the current year - for which no deferred tax asset was | ||
| recognised | -1,638 | -769 |
| Recognition of tax effects of previously unrecognised loss | ||
| carryforwards | 349 | 1,099 |
| Foreign taxes | -408 | - |
| Changes in estimates from previous years | - | 612 |
| Other differences | -6 | -91 |
| Effective group tax expense | 1,210 | -909 |
The following table shows the development of intangible assets:
| in EUR thousand | Patents, customer relations & similar rights |
Software | Development costs |
Goodwill | Total |
|---|---|---|---|---|---|
| As of 1/1/2019 | |||||
| Acquisition costs | 17,678 | 22,147 | 651 | 30,779 | 71,256 |
| Accumulated depreciation | -1,111 | -1,765 | - | - | -2,876 |
| Book value | 16,566 | 20,382 | 651 | 30,779 | 68,379 |
| Financial year 31/12/2019 | |||||
| Initial book value | 16,566 | 20,382 | 651 | 30,779 | 68,379 |
| Additions - purchases | 11 | 96 | - | - | 107 |
| Additions - internal development | - | - | 315 | - | 315 |
| Reclassifications | 4 | 4 | |||
| Disposals | - | -1 | - | - | -1 |
| Depreciation | -2,057 | -2,983 | -21 | - | -5,061 |
| Thereof impairment | -431 | - | - | - | -431 |
| Book value | 14,520 | 17,499 | 945 | 30,779 | 63,744 |
| As of 1/1/2020 | |||||
| Acquisition costs | 17,689 | 22,247 | 966 | 30,779 | 71,681 |
| Accumulated depreciation | -3,168 | -4,748 | -21 | - | -7,937 |
| Book value | 14,520 | 17,499 | 945 | 30,779 | 63,744 |
| Financial year 31/12/2020 | |||||
| Initial book value | 14,520 | 17,499 | 945 | 30,779 | 63,744 |
| Additions - purchases | - | 43 | - | - | 43 |
| Additions - internal development | - | - | - | - | - |
| Reclassifications | - | - | - | - | - |
| Disposals acquisition costs | -0 | -1,716 | - | - | -1,716 |
| Disposals accumulated depreciation | 0 | 1,705 | - | - | 1,705 |
| Depreciation | -1,626 | -3,234 | -54 | - | -4,914 |
| Thereof impairment | - | -229 | - | - | -229 |
| Currency difference depreciation | - | 4 | - | - | 4 |
| Book value | 12,894 | 14,301 | 891 | 30,779 | 58,865 |
| As of 31/12/2020 | |||||
| Currency translation acquisition costs | - | -1 | - | - | -1 |
| Currency translation accumulated | |||||
| depreciation | - | 0 | - | - | 0 |
| Acquisition costs | 17,688 | 20,572 | 966 | 30,779 | 70,006 |
| Accumulated depreciation | -4,794 | -6,273 | -75 | - | -11,142 |
| Book value | 12,894 | 14,299 | 891 | 30,779 | 58,863 |
The depreciation in the statement of profit and loss also includes the depreciation of contract costs amounting to EUR -11 thousand (2019: EUR -91 thousand).
The development costs capitalized amount to EUR 891 thousand (2019: EUR 945 thousand) and primarily comprise personnel costs.
With customer relationships, the loss of a customer in August 2019 gave rise to a depreciation requirement (impairments) amounting to EUR 435 thousand. Then, in 2020, the impairment of a software product required an extraordinary write-down to the amount of EUR 229 thousand.
Brand rights which have an unlimited useful life and that are disclosed under Patents, customer relationships & other rights, are recognized with a book value of EUR 32 thousand (2019: EUR 32 thousand).
In the consolidated financial statements, goodwill to the amount of EUR 30,779 thousand is disclosed. This results from the acquisition of the CYAN Security Group GmbH by CYAN AG as part of the stock market flotation in 2018. Goodwill was therefore assigned entirely to the cash-generating unit (CGU) of Cybersecurity which already existed from cyan companies even prior to acquisition of the holding in I-New Unified Mobile Solutions GmbH in July 2018 and that at the same time constitutes a business segment in accordance with IFRS 8. For CGU Cybersecurity, an impairment test was therefore a mandatory requirement.
In addition, the achievable amount of the CGU must be set alongside its book value. The achievable amount is the higher of the two figures from the fair value less sale costs and value-in-use. In accordance with the evaluation hierarchy in IFRS 13, the fair values need to be established primarily on the basis of market prices, and can for example be linked to existing binding purchase offers, secondary pricing on active markets or comparable transactions within the sector at similar times. If it is not possible to apply the market price-based method, capital value-based methods such as the discounted cashflow method used in this case can be applied.
As an achievable amount for CGU, its value-in-use is determined by means of a discounted cashflow calculation. This involves deriving cashflows from the business plan including the cashflow plan that is approved by the Management Board and that is updated on a regular basis. Future expansion investments and restructuring costs are only included in the determination of value-in-use to the extent that an official obligation to do so exists because the value-in-use must always correspond to the asset value or to the group of asset values in their current condition. The discounting rate takes the form of a post-tax rate of interest that reflects current market estimates, the fair value of the money and the specific risks to the asset value and/or the CGU. The corresponding pre-tax rate of interest is based on an iterative process. To determine quantifiable amounts using capital value-based methods, the weighted average capital cost (WACC) is used. The WACC, the planned sales revenues and the growth rate for the perpetual annuities constitute the most important planning assumptions and it is to these that the achievable figure reacts most sensitively.
The interest applied to equity is defined using the Capital Asset Pricing Model (CAPM) which comprises the basic rate of interest, a market risk premium and a beta factor. The rate of interest debt corresponds to the risk premium on corporate loans for comparable companies. To disclose sovereign risk appropriately, due account is taken of corresponding cash inflows. On this basis, the WACC is defined as approximately 7.4%. Due to the volatile financial market environment, the development of capital costs (and in particular the sovereign risk premiums) are monitored continually. Financial surpluses anticipated after the detailed planning period of six years are incorporated using a terminal value calculation, based on the assumption of an infinite growth rate of 3 %. The annual rate of growth from the business plan based upon the impairment tests indicates a growth in sales over the planning period of about 50% for the CGU being tested. This figure can also be substantiated for the OnNet sector by means of an independent market study by an internationally renowned consultancy company.
The impairment test did not give rise to any need for value adjustment.
cyan has conducted an analysis into the sensitivity of the impairment tests against amendments to the key assumptions upon which a determination of the achievable figure for the Cybersecurity CGU is based. The view of the management is that every possible amendment to those key assumptions that can be viewed as reasonable and upon which the achievable figure for the CGU is based, would not give rise to a situation where the total book value exceeds the recoverable total value.
The development of tangible assets can be depicted as follows:
| in EUR thousand | Building equipment |
Machinery and similar equipment |
Other equipment/ office equipment |
Total |
|---|---|---|---|---|
| As of 1/1/2019 | ||||
| Acquisition costs | 3,625 | 972 | 1,009 | 5,606 |
| Accumulated depreciation | -818 | -105 | -209 | -1,132 |
| Book value | 2,807 | 867 | 800 | 4,474 |
| Financial year 31/12/2019 | ||||
| Initial book value | 2,807 | 867 | 797 | 4,471 |
| Additions | 1,949 | 20 | 285 | 2,254 |
| Disposals | -2,128 | -520 | -141 | -2,789 |
| Depreciation | -407 | -288 | -294 | -989 |
| Currency difference | -16 | 16 | 2 | 2 |
| Book value | 2,205 | 95 | 649 | 2,949 |
| As of 1/1/2020 | ||||
| Acquisition costs | 3,452 | 371 | 1,144 | 4,967 |
| Accumulated depreciation | -1,245 | -311 | -495 | -2,051 |
| Book value | 2,207 | 60 | 649 | 2,916 |
| Financial year 31/12/2020 | ||||
| Initial book value | 2,207 | 60 | 649 | 2,916 |
| Additions | 3,896 | 50 | 279 | 4,225 |
| Rebooking of acquisition costs | - | 5 | -5 | - |
| Rebooking of accumulated depreciation | - | -0 | 0 | - |
| Disposals acquisition costs | -700 | -351 | -254 | -1,305 |
| Disposals accumulated depreciation | 688 | 351 | 247 | 1,286 |
| Depreciation | -715 | -23 | -317 | -1,056 |
| Currency difference | 7 | 1 | 2 | 10 |
| Book value | 5,382 | 92 | 601 | 6,076 |
| As of 31/12/2020 | ||||
| Currency translation acquisition costs | -85 | 52 | -14 | -48 |
| Currency translation accumulated | ||||
| depreciation | 24 | -55 | 2 | -29 |
| Acquisition costs | 6,562 | 127 | 1,132 | 7,821 |
| Accumulated depreciation | -1,242 | -38 | -542 | -1,822 |
| Book value | 5,321 | 89 | 589 | 5,999 |
This table also includes the rights-of-use that arise as a consequence of IFRS 16. The disposals in 2019 include a platform owned by the Chilean subsidiary with a value of EUR 520 thousand that was disposed of because there was no further scope for using it. The office building in Mattersburg was sold in 2019 for EUR 1,000 thousand. Since the book value on the date of sale was EUR 1,525 thousand, this disposal entailed a loss of EUR 525 thousand that was recognized under Other expenses.
The following table shows the development of rights-of-use in the Tangible assets section of the balance sheet.
| in EUR thousand | Buildings | Vehicles | Fibre Optic |
Total |
|---|---|---|---|---|
| As of 1/1/2019 | ||||
| Acquisition costs | 1,480 | 155 | 272 | 1,907 |
| Accumulated depreciation | -149 | -16 | -23 | -188 |
| Book value | 1,331 | 140 | 249 | 1,720 |
| Financial year 31/12/2019 | - | |||
| Initial book value | 1,331 | 140 | 249 | 1,720 |
| Additions | 1,940 | 18 | 15 | 1,973 |
| Disposals | -717 | - | - | -717 |
| Depreciation | -373 | -39 | -57 | -469 |
| Currency difference | 4 | - | 2 | 6 |
| Book value | 2,185 | 118 | 209 | 2,512 |
| As of 1/1/2020 | - | |||
| Acquisition costs | 2,707 | 173 | 289 | 3,169 |
| Accumulated depreciation | -522 | -55 | -80 | -657 |
| Book value | 2,185 | 118 | 209 | 2,512 |
| Financial year 31/12/2020 | - | |||
| Initial book value | 2,185 | 118 | 209 | 2,512 |
| Currency translation acquisition costs | -80 | - | -9 | -89 |
| Currency translation accumulated depreciation | 21 | - | 3 | 24 |
| Initial book value after translation | 2,127 | 118 | 203 | 2,448 |
| Additions | 3,162 | 35 | 2 | 3,199 |
| Disposals acquisition costs | -9 | -18 | - | -27 |
| Disposals accumulated depreciation | - | 18 | - | 18 |
| Depreciation | -671 | -45 | -58 | -775 |
| Currency difference | 7 | 2 | 9 | |
| Book value | 4,616 | 108 | 148 | 4,872 |
| As of 31/12/2020 | - | |||
| Acquisition costs | 5,781 | 190 | 282 | 6,253 |
| Accumulated depreciation | -1,165 | -82 | -134 | -1,381 |
| Book value | 4,616 | 108 | 148 | 4,872 |
The following table shows the amount of contract costs (costs of initiating a contract and contract performance costs), receivables, contract assets and contract liabilities from contracts with customers in accordance with IFRS 15:
| in EUR thousand | 31/12/2020 | 31/12/2019 |
|---|---|---|
| Costs of initiating a contract | 57 | 69 |
| Thereof non-current | 57 | 69 |
| Thereof current | - | |
| Contract performance costs | 5,061 | 2,969 |
| Thereof non-current | 5,061 | 2,969 |
| Thereof current | - | |
| Trade receivables | 3,149 | 3,897 |
| Thereof non-current | - | |
| Thereof current | 3,149 | 3,897 |
| Contract assets | 17,522 | 13,659 |
| Thereof non-current | 14,588 | 11,771 |
| Thereof current | 2,934 | 1,888 |
| Contract liabilities | 230 | - |
| Thereof non-current | 230 | - |
| Thereof current | - | - |
The costs of initiating a contract include special bonuses for concluding customer contracts. These are posted to assets and are then written down over the term of the contract. They are disclosed in the balance sheet as long-term assets because the contract term is longer than 1 year. Contract performance costs primarily comprise personnel costs, services procured and travel costs. These are written down using a schedule contingent on how the goods or services to which those costs relate are transferred to the customer. Since the performance obligations agreed in the contracts have not yet been fulfilled, these costs constitute long-term contract costs. Due to the conclusion of new contracts, in particular the comprehensive contract with Virgin Mobile, contract assets have increased. In conjunction with Wirecard Technologies GmbH filing for bankruptcy, the contract assets that were included in balance sheet in 2019 as a result of the Wirecard contract have been written down 100 % (i.e., EUR 4,785 thousand). Some of the contract assets are current while others are non-current, divided up in accordance with the stipulations of IAS 1.
The contract liabilities are based on services already billed from the Orange contract that have not yet been delivered and that therefore cannot yet be posted as earnings.
The tax effects of temporary differences, tax losses carried forward and tax credits that give rise to deferred tax assets and to deferred tax liabilities are as follows. Deferred tax claims and deferred tax liabilities are offset in each country provided that defined requirements are satisfied. These requirements are satisfied if an actionable right exists to offset current tax refund claims against current tax liabilities, if these relate to income taxes that are levied by the same tax authority and cyan intends to settle its tax claims and tax liabilities as a net figure.
| in EUR thousand | 31/12/2020 | 31/12/2019 |
|---|---|---|
| Deferred tax assets | ||
| Non-current assets | 17 | 0 |
| Current assets | 686 | 303 |
| Non-current provisions and liabilities | - | 101 |
| Current provisions and liabilities | 82 | 22 |
| Losses carried forward | 45 | 45 |
| Other (asset items, cash procurement costs) | - | - |
| Deferred tax liabilities | ||
| Non-current assets | 3 | 20 |
| Current assets | 55 | - |
| Non-current provisions and liabilities | 0 | - |
| Current provisions and liabilities | 582 | 20 |
| Other (asset items, cash procurement costs) | 0 | - |
| Net deferred tax assets | 192 | 432 |
Due to tax planning, future profits are anticipated against which deferred tax assets can be offset.
| in EUR thousand | 31/12/2020 | 31/12/2019 |
|---|---|---|
| Deferred tax assets | ||
| Non-current assets | 92 | 14 |
| Current assets | 8,899 | 3,545 |
| Non-current provisions and liabilities | 1,031 | 568 |
| Current provisions and liabilities | 489 | 279 |
| Losses carried forward | 6,269 | 5,916 |
| Other (asset items, cash procurement costs) | 19 | - |
| Deferred tax liabilities | ||
| Non-current assets | 12,112 | 10,896 |
| Current assets | 251 | 1,478 |
| Non-current provisions and liabilities | - | 5,051 |
| Current provisions and liabilities | 7,488 | 56 |
| Other (asset items, cash procurement costs) | - | - |
| Net deferred tax liabilities | 5,311 | 7,160 |
Deferred taxes are netted off in each country. The deferred tax liabilities originate from companies in Austria and Germany. The deferred tax assets originate from the other countries.
The development of deferred taxes and the breakdown of changes into components that do and do not have an effect on earnings are shown in the table below:
| in EUR thousand | Deferred tax assets |
Deferred tax liabilities |
Currency difference |
|---|---|---|---|
| Balance as at 1/1/2019 | 906 | -7,849 | |
| Changes affecting net income | -474 | 690 | -16 |
| Changes not affecting net income | - | - | |
| Balance at 31/12/2019 | 432 | -7,160 | |
| Balance as at 1/1/2020 | 432 | -7,160 | |
| Changes affecting net income | -240 | 1,848 | -60 |
| Changes not affecting net income | - | - | |
| Balance at 31/12/2020 | 192 | -5,311 |
| a | Book values | Book values | ||
|---|---|---|---|---|
| in EUR thousand | IFRS 9 | Level | 31/12/2020 | 31/12/2019 |
| Assets | ||||
| Leasing receivables (non-current) | AC | n/a | 572 | 374 |
| Leasing receivables (current) | AC | n/a | 272 | 164 |
| Cash and cash equivalents | AC | n/a | 2,490 | 8,512 |
| Trade receivables and other receivables | AC | n/a | 3,149 | 3,897 |
| Other receivables | AC | n/a | 41 | 397 |
| Other receivables and assets | AC | n/a | 1,502 | 1,640 |
| Liabilities | ||||
| Leasing liabilities (non-current) | AC | n/a | 4,970 | 2,812 |
| Leasing liabilities (current) | AC | n/a | 1,180 | 635 |
| Financial liabilities | AC | n/a | 6 | 9 |
| Trade payables and other liabilities | AC | n/a | 4,887 | 3,409 |
| Other non-current financial liabilities | AC | n/a | 3,650 | - |
| Other non-current liabilities | AC | n/a | 206 | 300 |
a Classification in accordance with IFRS 9 (AC = Accumulated Cost, Acquisition Costs Carried Forward)
A Level 2 fair value valuation (net present value) of leasing receivables yielded a fair value of EUR 719 thousand on December 31, 2020.
The non-current financial liabilities include fixed-interest loans by the Austrian research promotion agency, the Forschungsförderungsgesellschaft (FFG) as well as a fixed-interest loan from Erste Bank der oesterreichischen Sparkassen AG (short form 'Erste Bank'). The FFG loans are valued under acquisition costs carried forward and have a book value on December 31, 2020 of EUR 305 thousand. A Level 2 fair value valuation (capital valuebased) yielded a fair value of EUR 310 thousand on December 31, 2020. The fixed-interest loan from Erste Bank is also valued under acquisition costs carried forward and has a book value on December 31, 2020 of EUR 3,345 thousand. A Level 2 fair value valuation (capital value-based) yielded a Fair Value of EUR 3,427 thousand on December 31, 2020.
In the case of trade receivables, other receivables, cash and cash equivalents as well as the trade payables and other liabilities, due to the predominantly current nature of these items, their book values by and large match their associated fair values.
The receivables are broken down by maturity date, as follows:
| in EUR thousand | 31/12/2020 | 31/12/2019 |
|---|---|---|
| Other receivables | 41 | 397 |
| Financial receivables | 572 | 374 |
| Non-current receivables | 613 | 771 |
| Trade receivables and other receivables | 3,149 | 3,897 |
| Tax receivables | 548 | 470 |
| Accruals and deferred income | 590 | 902 |
| Other receivables and assets | 1,184 | 903 |
| Current receivables | 5,471 | 6,172 |
| Receivables | 6,084 | 6,942 |
The majority of the non-current other receivables consist of damage deposits. None of them was overdue nor impaired.
From the trade receivables, contract assets and leasing receivables, provisions were deducted for bad debt amounting to EUR 7,401 thousand (2019: EUR 291 thousand) and for impairments in accordance with IFRS 9 amounting to EUR 176 thousand (2019: EUR 1,315 thousand).
The other receivables primarily comprise leasing receivables, deferred items, tax receivables and research grants.
The following table shows the performance of impairments from goods and services, contract assets and leasing receivables:
| in EUR thousand | 2020 |
|---|---|
| Impairment losses 1/1/2020 | 1,315 |
| Allocation | - |
| Reversal of impairment losses | -983 |
| Currency difference | 22 |
| Foreign currency valuation | -177 |
| Impairment losses 31/12/2020 | 176 |
The following table shows the performance of impairments from financial assets, the creditworthiness of which is impaired on the reporting date:
| in EUR thousand | 2020 |
|---|---|
| Impairment losses 1/1/2020 | 291 |
| Impairment losses recognized for the first time Jan. 1 | 1,014 |
| Allocation | 7,094 |
| Reversal of impairment losses | -583 |
| Utilization | -413 |
| Currency difference | -3 |
| Foreign currency valuation | - |
| Impairment losses 31/12/2020 | 7,401 |
The reversal of this impairment originates from the reversal of the impairment loss set up in 2019 in relation to máz tiempo in Mexico. Most of the allocations and utilizations result from impairments concerning the contract with Virgin Mobile, and from the impairment relating to the filing for bankruptcy by Wirecard.
cyan has assigned trade receivables to the Erste Bank der oesterreichischen Sparkassen AG (short form 'Erste Bank') as security for all receivables and other claims by Erste Bank in relation to the lines of credit and loans it has already extended to CYAN Security Group GmbH. Erste Bank has provided cyan with no advance against a receivable. These receivables were derecognized because a right of recourse means that all threats and opportunities, first among this being the risk of business failure, lie with cyan. The third-party debtors (garnishees) have been advised of this assignment. In accordance with an agreement with the Bank, customers settle their liabilities by making payment to an account specially set up at the Bank for this purpose, to which cyan has the power of disposition over the paid-in funds. The receivables are held in a business model for the collection of payment flows, consistent with the carry-forward approach to receivables. The book value for trade receivables at year-end, transferred but not posted to expenses, amounts to EUR 3,345 thousand. The book value of the secured credit at year-end also amounts to EUR 3,345 thousand.
The following table includes details of cash and cash equivalents:
| in EUR thousand | 31/12/2020 | 31/12/2019 |
|---|---|---|
| Cash on hand | 2 | 1 |
| Deposits with credit institutions | 2,487 | 8,510 |
| Cash and cash equivalents | 2,490 | 8,512 |
On December 31, 2020, the nominal capital has a value of EUR 9,774,538 (2019: EUR 9,774,538) and is fully paid-up. The performance of nominal capital and capital reserves is shown in the consolidated statement of changes in equity.
On the reporting date, 9,774,538 shares were outstanding (December 31, 2019: 9,774,538 shares) with a par value of EUR 1.00 per share (December 31, 2019: EUR 1.00). Further details are explained in the 'cyan share' chapter.
Following a capital increase of EUR 121,021 in March 2019, the authorized capital of EUR 3,300,000 approved by the Annual General Meeting ('AGM') on January 19, 2018 amounted to EUR 2,628.979 in the financial year 2019 after a partial utilisation, and was cancelled by resolution at the AGM on July 3, 2019. At the same time, the AGM decided on new authorized capital of EUR 4,442,972. Further to that, a capital increase of EUR 888,594 took place on July 11, 2019. During the AGM on July 3, 2019, it was also decided to create contingent capital of EUR 4,442,972.
The Management Board is authorized by a resolution at the AGM of July 2, 2020 to increase the nominal capital further after approval of the Supervisory Board by EUR 4,887,269.00 up until July 1, 2025 by an injection of cash and/or assets over one or more occasions, and the subscription rights of the shareholders can be excluded (Authorized Capital).
The following tables explain the weighted average of shares outstanding for the calculation of earnings per share.
| Transaction date |
Shares outstanding |
Treasury shares |
Total shares | Weighting (days) |
Weight. avg. of shares outstanding |
|---|---|---|---|---|---|
| 31/12/2019 | 9,774,538 | - | 9,774,538 | 365 | 9,287,219 |
| 31/12/2020 | 9,744,538 | - | 9,774,538 | 9,774,538 |
| Transaction date |
Shares outstanding |
Treasury shares |
Total shares | Weighting (days) |
Weight. avg. of shares outstanding |
|---|---|---|---|---|---|
| 31/12/2018 | 8,764,923 | - | 8,764,923 | 365 | 8,764,923 |
| 1/3/2019 | 121,021 | - | 121,021 | 305 | 101,127 |
| 11/7/2019 | 888,594 | - | 888,594 | 173 | 421,169 |
| 31/12/2019 | 9,774,538 | - | 9,774,538 | - | 9,287,219 |
The capital reserves result from payments made by the shareholders and correspond to those of the annual accounts of CYAN AG. The other reserves include IAS 19 accruals and foreign currency reserves. The reserve made in accordance with IAS 19 originates from amendments to actuarial assumptions relating to a provision for severance pay the effects of which are disclosed in Other comprehensive income. The other reserves relate to currency differences arising from exchange rate differences from translation of the annual accounts of foreign subsidiaries.
The non-current financial liabilities primarily comprise leasing liabilities, and also consist of a recently obtained line of credit. Interest has been applied to leasing liabilities at the incremental borrowing rate over the appropriate contractual term. A fixed rate of interest of 1.00% was applied to this line of credit.
Other liabilities are broken down by maturity date, as follows:
| in EUR thousand | 31/12/2020 | 31/12/2019 |
|---|---|---|
| Advance payments made | 31 | 7 |
| Trade payables | 2,076 | 1,643 |
| Trade payables | 2,107 | 1,651 |
| Liabilities to employees | 124 | 180 |
| Social security contributions | 1,068 | 172 |
| Accruals and deferred income | 129 | 330 |
| Loans | - | - |
| Investment grant | - | - |
| Other | 1,459 | 1,077 |
| Other current liabilities | 2,780 | 1,759 |
| Trade accounts payable and other current liabilities | 4,887 | 3,409 |
| Non-current liabilities | 206 | 300 |
| Trade payables and other liabilities | 5,093 | 3,709 |
Trade payables were all due within one year. Trade payables are not secured and are usually settled within 30 days of being recorded.
The social security contributions relate to social security expenses for the employees. The majority deferred income relates to the accrual of licenses.
The provisions include the following items:
| in EUR thousand | Personnel expenses |
Consulting expenses |
Other | Total |
|---|---|---|---|---|
| Book value at 1/1/2019 | 1,683 | 156 | 2,930 | 4,769 |
| Utilization/reversal | 1,347 | 150 | 2,883 | 4,380 |
| Allocations to provisions | 1,359 | 446 | 135 | 1,939 |
| Book value at 31/12/2019 | 1,694 | 452 | 182 | 2,328 |
| Utilization/reversal | 1,271 | 594 | 174 | 2,039 |
| Allocations to provisions | 960 | 373 | 281 | 1,614 |
| Book value at 31/12/2020 | 1,384 | 231 | 289 | 1,903 |
For the most part, the other provisions include expected expenses for various cases of damages as well as claims by employees, which are only current. The non-current provisions only relate to the following provision for severance pay:
| in EUR thousand | 31/12/2020 | 31/12/2019 |
|---|---|---|
| Present value of the severance payment obligation as of 1 January | 6 | 4 |
| Service cost for the period | 1 | 1 |
| Interest expense | - | - |
| Severance payments | - | - |
| Revaluations from experience adjustments | 0 | -2 |
| Revaluations from changes in demographic assumptions | - | - |
| Revaluation from changes in financial assumptions | - | 3 |
| Present value of severance payment obligations as of 31 December | 7 | 7 |
The provision for severance pay was established from actuarial calculations and involved assumptions about the discount rates applied, future increases in salary and mortality. No further information on actuarial assumptions is provided due to the immateriality of the provision. Future deviations from the assumptions taken can give rise to changes to the value of the provision. Due to the amount of the provision, since this would only have a very slight impact, a sensitivity analysis was waived.
The cash flow statement was produced using the indirect method. It shows changes in cash and cash equivalents that arise from the inflow and outflow of funds during the reporting period and that distinguishes between payment flows from business, investment and financing activity. The funds disclosed in the cash flow statement are cash and cash equivalents.
Cashflow from operating activities is reflected by the payment flows from the provision and acceptance of services during the reporting period and includes changes in current assets.
Cashflow from investment activities primarily involves cash outflows for the purchase of tangible assets and intangible assets.
Cashflow from financing activities comprises the taking out of a loan and the deduction of interest charges. In addition, cash outflows for leasing arrangements are included.
The following table shows the changes in liabilities from financing activity:
| in EUR thousand | 1/1/2020 | Cash flows | Foreign exchange difference |
New leasing contracts |
Other | 31/12/2020 |
|---|---|---|---|---|---|---|
| Current interest-bearing loans | 9 | -3 | 6 | |||
| Non-current interest-bearing loans | 94 | 3,556 | 3,650 | |||
| Leasing liabilities | 3,447 | -1,164 | -151 | 3,947 | 71 | 6,150 |
| Financial liabilities | 3,550 | 2,389 | -151 | 3,947 | 71 | 9,806 |
| in EUR thousand | 1/1/2019 | Cash flows | Foreign exchange difference |
New leasing contracts |
Other | 31/12/2019 |
|---|---|---|---|---|---|---|
| Current interest-bearing loans | 11,406 | -11,338 | -59 | 9 | ||
| Non-current interest-bearing loans | - | 35 | 59 | 94 | ||
| Leasing liabilities | 1,737 | -515 | 6 | 2,187 | 32 | 3,447 |
| Financial liabilities | 13,143 | -11,818 | 6 | 2,187 | 32 | 3,550 |
The main financial instruments used by cyan are deposits, trade receivables, leasing liabilities, financing liabilities and trade payables. cyan does not use any derivative financial instruments.
cyan has to take account of the following risks:
The liquidity risk designates the risk of being unable to meet payment commitments through a lack of funds. Diligent liquidity risk management means having sufficient funds and an appropriate level of approved lines of credit in order to settle liabilities that fall due and to close market positions.
At the end of the reporting period, cyan held immediately available deposits with credit institutions of EUR 2,490 thousand (31.12.2019: EUR 8,512 thousand) that are expected to be able to generate funding to manage liquidity risk at any time.
Liquidity at cyan depends primarily on payments from customers. Since the majority of cyan's customers have settled their payment obligations in the past, and since there are no indications that this is going to change in future, cyan does not view its liquidity as being under threat. Through the acquisition of new customers, cyan assumes that its liquidity position will improve, hence the risk of cyan becoming unable to honor its payment obligations can be viewed as very low.
An analysis of the maturity of all liabilities existing on balance sheet date is shown below, which also illustrates the liquidity risk of cyan:
| in EUR thousand | Up to 1 year | 2‑ 5 years | 5 years |
|---|---|---|---|
| 31/12/2020 | |||
| Bank liabilities | 6 | 3,650 | - |
| Trade payables | 2,107 | - | - |
| Leasing liabilities | 1,180 | 3,521 | 1,449 |
| Other financial liabilities | - | - | - |
| 31/12/2019 | |||
| Bank liabilities | 9 | - | - |
| Trade payables | 7 | - | - |
| Leasing liabilities | 635 | 1,990 | 916 |
| Other financial liabilities | - | - | - |
The bank liabilities of CYAN AG were repaid in 2019 before they reached their term. In 2020 another line of credit was taken out with Erste Bank.
The solvency risk designates asset losses resulting from the non-fulfillment of contractual obligations by the business partners. Management of the solvency risk of investment transactions is performed by the Management Board.
The cash and cash equivalents are primarily held at banks with a good credit rating. Balances are kept in current bank accounts. The credit risk is therefore low.
The contract assets and contract costs for the total amount of EUR 22.6 million relate to three customers (ACN/Flash Mobile, Virgin Mobile, and Orange) which represent a cluster risk that is not collateralized. In 2020, as a consequence of the balance sheet scandal surrounding Wirecard, a 100% write-down of contract assets was applied because cyan anticipates no payment of funds from its registered claim in the context of insolvency proceedings. The full contract assets from the Wirecard contract amount to EUR 5,000 thousand. This event was not foreseeable and the Management Board estimates the risk of failure for ACN/Flash Mobile, Virgin Mobile, and Orange as little.
Receivables are classified as financial assets with impaired creditworthiness in cases where specific indications for an impairment exist (in particular serious financial difficulties on the part of the debtor, failure to pay or delayed payment, increased risk of insolvency). In cases where payments become overdue by more than 180 days, a provision is considered. Depreciation (a write-down) takes place when an inability to pay (insolvency) is established, or when a receivable is judged to be irredeemable for other reasons. In cases where the reasons for impairment cease to apply, a reversal takes place, up to the level of acquisition costs carried forward.
The maximum theoretical risk of failure equates to the receivables itemized in the balance sheet.
Since defaults varied greatly from one country to another, it has been decided not to view this situation in a group-based format. The following table contains information about the risk of default and the recorded and expected credit losses for financial instruments, classified by geographical region:
| in EUR thousand | Loss rate | Gross book value |
Value adjustment |
|---|---|---|---|
| 2020 | |||
| Not overdue | 13.05% | 37 | 5 |
| 1 -30 days overdue | 15.55% | 71 | 11 |
| 31 -60 days overdue | 33.53% | - | - |
| 61 -90 days overdue | 34.30% | - | - |
| More than 90 days overdue | 34.30% | 58 | 19 |
| Not overdue | 15.21% | 81 | 13 |
|---|---|---|---|
| 1 -30 days overdue | 18.14% | 85 | 16 |
| 31 -60 days overdue | 39.10% | 47 | 19 |
| 61 -90 days overdue | 40.00% | - | - |
| More than 90 days overdue | 40.00% | - | - |
| in EUR thousand | Loss rate | Gross book value |
Value adjustment |
|---|---|---|---|
| 2020 | |||
| Not overdue | 16.66% | 2 | 0 |
| 1 -30 days overdue | 20.08% | - | - |
| 31 -60 days overdue | 21.57% | - | - |
| 61 -90 days overdue | 21.57% | - | - |
| More than 90 days overdue | 21.57% | 327 | 81 |
| Not overdue | 17.14% | - | - |
|---|---|---|---|
| 1 -30 days overdue | 20.65% | 18 | 4 |
| 31 -60 days overdue | 22.19% | 18 | 4 |
| 61 -90 days overdue | 22.19% | - | - |
| More than 90 days overdue | 22.19% | 442 | 98 |
| in EUR thousand | Loss rate | Gross book value |
Value adjustment |
|---|---|---|---|
| 2020 | |||
| Not overdue | 1.34% | 89 | 1 |
| 1 -30 days overdue | 1.54% | - | - |
| 31 -60 days overdue | 7.83% | - | - |
| 61 -90 days overdue | 19.83% | - | - |
| More than 90 days overdue | 21.74% | 197 | 42 |
| 2019 | |||
|---|---|---|---|
| Not overdue | 1.67% | 616 | 10 |
| 1 -30 days overdue | 1.95% | 3 | 0 |
| 31 -60 days overdue | 12.81% | 74 | 9 |
| 61 -90 days overdue | 46.61% | - | - |
| More than 90 days overdue | 48.52% | 470 | 227 |
| in EUR thousand | Loss rate | Gross book value |
Value adjustment |
|---|---|---|---|
| 2020 | |||
| Not overdue | 17.64% | 48 | 8 |
| 1 -30 days overdue | 19.70% | 13 | 3 |
| 31 -60 days overdue | 36.92% | - | - |
| 61 -90 days overdue | 42.54% | 15 | 6 |
| More than 90 days overdue | 50.10% | 5 | 2 |
| 2019 | |||
|---|---|---|---|
| Not overdue | 24.60% | 85 | 21 |
| 1 -30 days overdue | 27.79% | 36 | 10 |
| 31 -60 days overdue | 36.38% | 27 | 10 |
| 61 -90 days overdue | 47.29% | 35 | 16 |
| More than 90 days overdue | 67.66% | 1,115 | 744 |
| in EUR thousand | Loss rate | Gross book value |
Value adjustment |
|---|---|---|---|
| 2020 | |||
| Not overdue | 1.71% | 154 | 3 |
| 1 -30 days overdue | 2.43% | 28 | 1 |
| 31 -60 days overdue | 4.51% | 5 | 0 |
| 61 -90 days overdue | 6.76% | - | - |
| More than 90 days overdue | 8.65% | 22 | 2 |
| 2019 | |||
|---|---|---|---|
| Not overdue | 1.66% | 1,639 | 27 |
| 1 -30 days overdue | 2.85% | 682 | 19 |
| 31 -60 days overdue | 5.15% | 42 | 2 |
| 61 -90 days overdue | 7.60% | 60 | 5 |
| More than 90 days overdue | 11.51% | 430 | 49 |
The loss rates take into account forward-looking aspects (such as macroeconomic changes) with a percentage markup.
The following table shows the value adjustments from trade receivables, contract assets and leasing receivables arranged by segment:
| BSS/OSS | Cybersecurity | ||||
|---|---|---|---|---|---|
| in EUR thousand | 2020 | 2019 | 2020 | 2019 | |
| Value adjustment IFRS 9 | -983 | 325 | - | - | |
| Currency difference | -22 | - | |||
| Other specific allowances | 746 | 291 | 4,785 | - | |
| Write-offs of accounts receivable | 565 | 433 | - | 2 | |
| Value adjustments | 328 | 1,027 | 4,785 | 2 |
Value adjustments as defined in IFRS 9 have performed as follows in the 2020 balance sheet:
| in EUR thousand | BSS/OSS | Cybersecurity |
|---|---|---|
| Value adjustments 1/1/2019 | 966 | - |
| Allocation | 466 | - |
| Reversal | -160 | - |
| Currency difference | 42 | |
| Value adjustments 31/12/2019 | 1,315 | - |
| Value adjustments 1/1/2019 | 1,315 | - |
| Allocation | - | - |
| Reversal | -983 | - |
| Currency difference | 22 | - |
| Foreign currency valuation | -177 | - |
| Value adjustments 31/12/2020 | 176 | - |
In 2020, contract assets have changed as follows:
| in EUR thousand | BSS/OSS | Cybersecurity |
|---|---|---|
| Contract asset value 1/1/2019 | - | - |
| Allocation | 8,907 | 4,751 |
| Reversal | - | - |
| Contract asset value 31/12/2019 | 8,907 | 4,751 |
| Contract asset value 1/1/2020 | 8,907 | 4,751 |
| Allocation | 12,798 | 34 |
| Reversal | -4,184 | -4,785 |
| Contract asset value 31/12/2020 | 17,522 | - |
Foreign exchange risk is defined as the potential loss resulting from fluctuating exchange rates. Because of the international nature of its business, cyan is exposed to certain foreign exchange risks. The finance department of the company constantly monitors these risks, and in particular the foreign exchange risks, to enable it to respond appropriately. In the event of a substantial foreign exchange risk arising at short notice, this could have adverse implications for the asset, financial and earnings position of cyan.
On the reporting date, cyan holds contract assets to the value of USD 21.3 million (2019: USD 9.8 million) that are subject to a foreign exchange risk. Changes to the exchange rate can have an impact, positive or negative, on earnings. A change in the value of the USD of 5% that the management views as a reasonable possible change in the exchange rate has an impact on earnings to the value of EUR 0.8 million (2019: EUR 0.4 million).
Wherever expenditure items and investment items are not denominated in euro, fluctuations in exchange rates can impair cyan's ability to meet its financial obligations and/or can adversely affect the earnings position of cyan. In summary, due to the low level of expenditure in non-euro currencies, this risk can be classified as limited, and it is therefore not quantified.
The interest rate risk is defined as the risk of interest charges and/or earnings changing in an adverse manner. In 2019, the loan (non-current financial liability) from previous years was fully paid off, so on the balance sheet date of December 31, 2019, there is no change of interest rate risk to report. All loans have fixed interest rates so the change of interest rate risk can be classified as minimal, and no sensitivity analysis was conducted.
Information relating to the earnings, financial and asset position (capital management) of cyan is provided in the combined management report.
Since all subsidiaries are fully consolidated, this means that transactions are eliminated, so there are no transactions to report with regard to related companies and people.
In August 2017, the former board directors of CYAN Security Group GmbH, Markus Cserna and Peter Arnoth, received share options for their future Management Board activity in CYAN AG, commencing in January 2018, by the shareholder of CYAN AG, Alexander Schütz.
Each of these board members was assigned the right to purchase 337,249 shares in CYAN AG for an acquisition price of EUR 2.4 million. These options could be exercised to one third after December 31, 2020, a further third after December 31, 2021 and the final third after December 31, 2022 and were tied to continuity of service with the company. In an agreement on the exercising of options on June 4, 2019, both parties agreed to prematurely exercise of these options in full by July 19, 2019. As these are share based forms of remuneration in accordance with IFRS 2 with compensation through equity instruments, a corresponding increase in equity is shown and the fair value of the option rights determined at the time of granting in the total amount of EUR 882 thousand based on the exercise provision is recognized under personnel expenses over the respective vesting periods.
The Black-Scholes Formula is applied to determining the associated fair value of those share options on the date that they were granted. The anticipated volatility was derived from options in corresponding peer companies and/or from the historical volatility records for the share prices of peer companies, and amounted in the 1st tranche to 29.30 %, in the 2nd tranche to 29.24%, and in the 3rd tranche to 29.21%. The anticipated terms of these three tranches used in the model were based on the best possible estimate of management and are based on the assumptions that the members of the Management Board exercise their options in full and that all share options, to the extent that they are actionable, are taken in full at the exercise price of EUR 7.24 per share. The actual share price on the date the option was exercised was EUR 24.39 per share. The expected dividend return was taken to be 0% and, as a zero-risk interest rate, the 6-month EURIBOR was taken, based on the swap curve on the date the options were granted (1st tranche: -0.047%, 2nd tranche: 0.075%, 3rd tranche: 0.205%).
The personnel expenses from commitments with compensation through equity instruments amounted to EUR 224 thousand in 2018 and in 2019 to EUR 657 thousand due to the early exercise of options and the resulting early recording of amounts still to be vested. No further commitments were provided.
Within the scope of its legislative competences, the Supervisory Board shall work towards the Management Board and Supervisory Board having a share option scheme to present at and to be voted upon at the company's ordinary AGM in 2021. In accordance with share-related legislation, this scheme must not exceed the maximum permitted volume amounting to 10% of nominal capital. Accordingly, Frank von Seth is to receive up to 5 % of the share options through this scheme. Based on the current nominal capital of EUR 9,774,538, this represents outstanding shares for up to 488,727 share options. The exercise price for these options should be EUR 22.00 per share for up to 3% of the options and EUR 80.00 per share for up to a further 2% of the options. The success target and therefore the criterion for exercising these options is a share price movement to EUR 40.00 per share for 3% and a share price movement to EUR 150.00 for the other 2%. Legislation (Stock Corporation Act, AktG) stipulates that options cannot be exercised any earlier than four years of their issue date.
On December 31, 2020, the Management Board of CYAN AG comprises three members:
The compensation of members of the Management Board of CYAN AG comprise the following components.
| in EUR thousand | 2020 2019 |
|||||
|---|---|---|---|---|---|---|
| Current fixed compensation |
Current variable compensation |
Total | Current fixed compensation |
Current variable compensation |
Total | |
| Peter Arnoth | 73 | - | 73 | 73 | 143 | 216 |
| Markus Cserna | 67 | 50 | 117 | 67 | 143 | 210 |
| Michael Sieghart | 101 | 50 | 151 | 157 | 67 | 223 |
| Compensation | 241 | 100 | 341 | 297 | 353 | 649 |
a Due to Wirecard's insolvency filing, the members of the Management Board waived 50 % of their variable compensation
from 2019 in July 2020. The table has been adjusted accordingly for 2019.
The compensation of the Management Board comprise fixed salaries and one-off bonuses. These bonus payments amount to 2.45 % of the Group EBITDA for Peter Arnoth. For Markus Cserna, the bonus payments in 2019 amounted to 2.45% of Group EBITDA and for Michael Sieghart 2.45% of Group EBT. However, in 2020, due to contractual amendments, a target bonus of EUR 250.000 was agreed for Markus Cserna, and a target bonus of EUR 200.000 was agreed for Michael Sieghart, both bonuses being contingent on achieving precisely defined targets (linked to EBITDA and operational cashflow).
No advance payments or loans to entities were made.
The members of the Management Board also receive compensation from subsidiaries that are not included in the details provided above. The compensation of members of the Management Board of CYAN AG which originate from subsidiaries comprise the following components.
| in EUR thousand | 2020 | 2019 | ||||
|---|---|---|---|---|---|---|
| Current fixed compensation |
Current variable compensation |
Total | Current fixed compensation |
Current variable compensation |
Total | |
| Peter Arnoth | 291 | - | 291 | 291 | - | 291 |
| Markus Cserna | 269 | - | 269 | 269 | - | 269 |
| Michael Sieghart | 235 | - | 235 | 179 | - | 179 |
| Compensation | 795 | - | 795 | 739 | - | 739 |
As well as the current fixed compensation, they also receive remuneration in kind to the total value of EUR 32 thousand (2019: EUR 27 thousand) as well as an expenses account for the total amount of EUR 12 thousand (2019: EUR 3 thousand). The preceding tables do not include the share-based remuneration recognized under personnel expenses (refer to previous section for further explanations). The severance agreement with Mr. Peter Arnoth entitles him to termination pay of EUR 291 thousand.
The following people are on the Supervisory Board of CYAN AG.
In September 2020, a decision was taken to appoint Mr. Alexander Schütz to the Supervisory Board, from January 1, 2021. The previous member, Volker Rofalski, will leave the Board at this time. The appointment by the competent courts happened on January 5, 2021.
The members of the Supervisory Board of CYAN AG were compensated as follows:
| in EUR thousand | Period of appointment | 2020 | 2019 |
|---|---|---|---|
| Stefan Schütze | 1/1/2018 -31/12/2022 | 40 | 40 |
| Volker Rofalski | 1/1/2018 -31/12/2020 | 30 | 30 |
| Lucas Prunbauer | 30/11/2018 -31/12/2022 | 35 | 30 |
| Alexander Schütz | from 5/1/2021 | - | - |
The average number of employees during the 2020 fiscal year was 149 (2019: 127).
A breakdown of personnel-related expenses can be found in Section 4, Personnel expenses.
Contingent liabilities include guarantees for rental damage deposits and credit cards, and on the balance sheet date these amounted to EUR 1,552 thousand (2019: EUR 859 thousand).
The expenses of the group auditor for the financial year are itemized as follows:
| in EUR thousand | 2020 | 2019 |
|---|---|---|
| Expenses for audit services | 117 | 140 |
| Thereof from previous years | - | 38 |
| Expenses for other certification services | - | - |
The financial statements were approved by the Management Board in accordance with IAS 10.17 on April 19, 2021. These consolidated financial statements are subject to approval by the Supervisory Board (Section 171 (2) AktG). Between the balance sheet date on December 31, 2020 and approval a few events have occurred, including the appointment of a new Management Board and a new Supervisory Board, and an option was created for issuing convertible notes. A precise analysis of the implications of these events is included in the combined management report.
Frank von Seth CEO
Markus Cserna CTO
Michael Sieghart CFO
We assure that, to the best of our knowledge, the consolidated financial statements convey a true and fair picture of the actual assets, financial and earnings positions of the group, in accordance with the applicable accounting principles and that the representations in the combined management report on the business performance, including on the results and the position of the group are such that an image is provided that is a true and fair reflection of the actual conditions and that the essential risks and opportunities in terms of expected development of the group are described in it.
Munich, April 2021
Management Board of cyan AG
Frank von Seth CEO
Markus Cserna CTO
Michael Sieghart CFO
This is a convenience translation of the German original. Solely the original text in the German language is authoritative.
We have audited the consolidated financial statements of CYAN AG and its subsidiaries (the Group), which comprise the consolidated statement of financial position as at 31 December 2020, and the consolidated statement of comprehensive income, consolidated statement of changes in equity and consolidated statement of cash flows for the financial year from 1 January to 31 December 2020, and notes to the consolidated financial statements, including a summary of significant accounting policies. In addition, we have audited the group management report of CYAN AG, which is combined with the management report of CYAN AG ("combined management report"), for the financial year from 1 January to 31 December 2020.
In our opinion, on the basis of the knowledge obtained in the audit, the accompanying consolidated financial statements comply, in all material respects, with the IFRS as adopted by the EU, and the additional requirements of German commercial law pursuant to § [Article] 315e Abs. [paragraph] 1 HGB [Handelsgesetzbuch: German Commercial Code] and, in compliance with these requirements, give a true and fair view of the assets, liabilities, and financial position of the Group as at 31 December 2020, and of its financial performance for the financial year from 1 January to 31 December 2020, and the accompanying combined management report as a whole provides an appropriate view of the Group's position. In all material respects, this combined management report is consistent with the consolidated financial statements, complies with German legal requirements and appropriately presents the opportunities and risks of future development.
Pursuant to §322 Abs. 3 Satz [sentence] 1 HGB, we declare that our audit has not led to any reservations relating to the legal compliance of the consolidated financial statements and of the combined management report.
We conducted our audit of the consolidated financial statements and of the combined management report in accordance with §317 HGB and in compliance with German Generally Accepted Standards for Financial Statement Audits promulgated by the Institut der Wirtschaftsprüfer [Institute of Public Auditors in Germany] (IDW). Our responsibilities under those requirements and principles are further described in the "Auditor's Responsibilities for the Audit of the Consolidated Financial Statements and of the Combined Management Report" section of our auditor's report. We are independent of the group entities in accordance with the requirements of European law and German commercial and professional law, and we have fulfilled our other German professional responsibilities in accordance with these requirements. We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our [audit] opinions on the consolidated financial statements and on the combined management report.
The management board is responsible for the other information. The other information comprise the remaining parts of the annual report, with the exception of the audited consolidated financial statements and combined management report and our auditor's report.
Our [audit] opinions on the consolidated financial statements and on the combined management report do not cover the other information, and consequently we do not express an [audit] opinion or any other form of assurance conclusion thereon.
In connection with our audit, our responsibility is to read the other information and, in so doing, to consider whether the other information
If, based on the work we have performed, we conclude that there is a material misstatement of this other information, we are required to report that fact. We have nothing to report in this regard.
The management board is responsible for the preparation of the consolidated financial statements that comply, in all material respects, with IFRS as adopted by the EU and the additional requirements of German commercial law pursuant to § 315e Abs. 1 HGB and that the consolidated financial statements, in compliance with these requirements, give a true and fair view of the assets, liabilities, financial position, and financial performance of the Group. In addition, the management board is responsible for such internal control as they have determined necessary to enable the preparation of consolidated financial statements that are free from material misstatement, whether due to fraud or error.
In preparing the consolidated financial statements, the management board is responsible for assessing the Group's ability to continue as a going concern. They also have the responsibility for disclosing, as applicable, matters related to going concern. In addition, they are responsible for financial reporting based on the going concern basis of accounting unless there is an intention to liquidate the Group or to cease operations, or there is no realistic alternative but to do so.
Furthermore, the management board is responsible for the preparation of the combined management report that, as a whole, provides an appropriate view of the Group's position and is, in all material respects, consistent with the consolidated financial statements, complies with German legal requirements, and appropriately presents the opportunities and risks of future development. In addition, the management board is responsible for such arrangements and measures (systems) as they have considered necessary to enable the preparation of a combined management report that is in accordance with the applicable German legal requirements, and to be able to provide sufficient appropriate evidence for the assertions in the combined management report.
The supervisory board is responsible for overseeing the Group's financial reporting process for the preparation of the consolidated financial statements and of the combined management report.
Our objectives are to obtain reasonable assurance about whether the consolidated financial statements as a whole are free from material misstatement, whether due to fraud or error, and whether the combined management report as a whole provides an appropriate view of the Group's position and, in all material respects, is consistent with the consolidated financial statements and the knowledge obtained in the audit, complies with the German legal requirements and appropriately presents the opportunities and risks of future development, as well as to issue an auditor's report that includes our [audit] opinions on the consolidated financial statements and on the combined management report.
Reasonable assurance is a high level of assurance, but is not a guarantee that an audit conducted in accordance with §317 HGB and in compliance with German Generally Accepted Standards for Financial Statement Audits promulgated by the Institut der Wirtschaftsprüfer (IDW) will always detect a material misstatement. Misstatements can arise from fraud or error and are considered material if, individually or in the aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis of these consolidated financial statements and this combined management report.
We exercise professional judgment and maintain professional skepticism throughout the audit. We also:
position and financial performance of the Group in compliance with IFRSs as adopted by the EU and the additional requirements of German commercial law pursuant to §315e Abs. 1 HGB.
We communicate with those charged with governance regarding, among other matters, the planned scope and timing of the audit and significant audit findings, including any significant deficiencies in internal control that we identify during our audit.
Bielefeld, 20 April 2021
Dr. Stückmann und Partner mbB Wirtschaftsprüfungsgesellschaft Steuerberatungsgesellschaft
(Teipel) (Schröder)
Wirtschaftsprüfer Wirtschaftsprüfer
[German Public Auditor]
This report contains statements on future events and developments, based on current assessments of the management. Such statements are based on current expectations and certain assumptions and estimates made by management. They are subject to risks, uncertainties and other factors that may cause the actual circumstances, including cyan's assets, financial and earnings positions, to differ materially or to be more negative than those expressly or implicitly assumed or described in these statements.
The business activities of cyan are subject to a number of risks and uncertainties that may cause statement, estimate or prediction in relation to future events and developments to be inaccurate. Statements on future events and developments must not be perceived as guaranties or assurances that such future events or developments will actually materialise.
The figures in this report have been rounded in accordance with prevailing commercial principles. Consequently, rounding differences may occur. Therefore, the sum of the individual values shown may differ from the precisely shown total.
In the interest of legibility, gender-differentiating formulations have been dispensed with throughout. The relevant terms apply to all sexes within the framework of equal rights. The shortened manner of speech has only editorial reasons and does not represent any evaluations on the part of cyan.
The interim report is also available translated in English. In case of deviations, the German version prevails. The interim report is available for downloading in both languages in the Investor Relations section of the website.
cyan AG Theatinerstraße 11 80333 Munich Germany
VAT ID: DE315591576 HR Munich: HRB 232764
cyan AG Investor Relations [email protected]
cyan AG Inhouse mit firesys
Fünf Höfe, Theatinerstraße 11 80333 Munich, Germany
www.cyansecurity.com
Building tools?
Free accounts include 100 API calls/year for testing.
Have a question? We'll get back to you promptly.