AI Terminal
SSH Communications Security
Annual / Quarterly Financial Statement • Mar 5, 2020
3344_10-k-afs_2020-03-05_3c1089ea-d006-4396-b94a-53a5e8b13178.pdf
Annual / Quarterly Financial Statement
Open in ViewerOpens in native device viewer
Ernst & Young Oy Alvar Aallon katu 5 C FI-00100 Helsinki FINLAND
Tel. +358 207 280 190 www.ey.com/fi Business ID 2204039-6. domicile Helsinki
AUDITOR'S REPORT (Translation of the Finnish original)
To the Annual General Meeting of SSH Communications Security Oyj
Report on the Audit of Financial Statements
Opinion
We have audited the financial statements of SSH Communications Security Oyj (business identity code 1035804-9) for the year ended 31 December, 2019. The financial statements comprise the consolidated balance sheet, statement of comprehensive income, statement of changes in equity, statement of cash flows and notes, including a summary of significant accounting policies, as well as the parent company's balance sheet, income statement, statement of cash flows and notes.
In our opinion
- the consolidated financial statements give a true and fair view of the group's financial position as well as its financial performance and its cash flows in accordance with International Financial Reporting Standards (IFRS) as adopted by the EU.
- the financial statements give a true and fair view of the parent company's financial performance and financial position in accordance with the laws and regulations governing the preparation of financial statements in Finland and comply with statutory requirements.
Our opinion is consistent with the additional report submitted to the Board of Directors.
Basis for Opinion
We conducted our audit in accordance with good auditing practice in Finland. Our responsibilities under good auditing practice are further described in the Auditor's Responsibilities for the Audit of Financial Statements section of our report.
We are independent of the parent company and of the group companies in accordance with the ethical requirements that are applicable in Finland and are relevant to our audit, and we have fulfilled our other ethical responsibilities in accordance with these requirements.
In our best knowledge and understanding, the non-audit services that we have provided to the parent company and group companies are in compliance with laws and regulations applicable in Finland regarding these services, and we have not prohibited non-audit services referred to in Article 5(1) of regulation (EU) 537/2014. The non-audit services that we have provided have been disclosed in note 5 to the consolidated financial statements.
We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our opinion.
Key Audit Matters
Key audit matters are those matters that, in our professional judgment, were of most significance in our audit of the financial statements of the current period. These matters were addressed in the context of our audit of the financial statements as a whole, and in forming our opinion thereon, and we do not provide a separate opinion on these matters.
We have fulfilled the responsibilities described in the Auditor's responsibilities for the financial statements section of our report, including in relation to these matters. Accordingly, our audit included the performance of procedures designed to respond to our assessment of the risks of material misstatement of the financial statements. The results of our audit procedures performed to address the matters below, provide the basis for our audit opinion on the accompanying financial statements.
We have also addressed the risk of management override of internal controls. This includes consideration of whether there was evidence of management bias that represented a risk of material misstatement due to fraud.
| Key Audit Matter | How our audit addressed the Key Audit Matter |
|---|---|
| Revenue Recognition We refer to the Group's accounting policies and the notes 2 and 3 The Group has multiple revenue sources including licenses, maintenance contracts, and consulting services. Since sales contracts include many different terms, there is a risk of incorrect timing of revenue recognition due to fraud or misstatements. Due to this the revenue recognition was determined to be a key audit matter and a significant risk of material misstatement referred to in EU Regulation No 537/241, point (c) of Article 10(2). |
Our audit procedures to address the risk of material misstatement in respect of correct timing of revenue recognition included among others: · We evaluated the revenue recognition principles applied by the Group towards applicable accounting standards · We evaluated the revenue recognition of different sources of revenue in the relation to the terms of the sales agreements We tested the timing of the revenue recognition We evaluated the appropriateness of the notes related to Group's revenue |
| Valuation of Intangible Assets We refer to the Group's accounting policies and the notes 2 and 13 Capitalized R&D expenses aggregated to 5.528 k€ representing a material amount of the consolidated assets (23%) and equity (46%). Capitalized expenses are tested annually for impairment. Our audit procedures to address the risk of material misstatement in respect of correct timing of revenue recognition included among others. The Group Management exercises judgment determining the assumptions related to future market conditions and economic trends as the general economic growth and sales and margin trends. Due to this the valuation of intangible assets was determined to be a key audit matter and a significant risk of material misstatement referred to in EU Regulation No 537/2014, point (c) of Article 10(2). |
Our audit procedures included, among others: Evaluation of the relevant assumptions used in the impairment testing of the intangible assets, focusing on the reasonableness of the forecasted economic information and the estimation and allocation of the revenue and costs related to each R&D asset Estimating the accuracy of the management's earlier estimates Evaluation of the notes representing the 0 impairment test of the intangible assets |
Responsibilities of the Board of Directors and the Managing Director for the Financial Statements
The Board of Directors and the Managing Director are responsible for the preparation of consolidated financial statements that give a true and fair view in accordance with International Financial Reporting Standards (IFRS) as adopted by the EU, and of financial statements that give a true and fair view in accordance with the laws and regulations governing the preparation of financial statements in Finland and comply with statutory requirements. The Board of Directors and the Managing Director are also responsible for such internal control as they determine is necessary to enable the preparation of financial statements that are free from material misstatement, whether due to fraud or error.
In preparing the financial statements, the Board of Directors and the Managing Director are responsible for assessing the parent company's and the group's ability to continue as going concern, disclosing, as applicable, matters relating to going concern and using the going concern basis of accounting. The financial statements are prepared using the going concern basis of accounting unless there is an intention to liquidate the parent company or the group or cease operations, or there is no realistic alternative but to do so.
Auditor's Responsibilities for the Audit of Financial Statements
Our objectives are to obtain reasonable assurance on whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, and to issue an auditor's report that includes our opinion. Reasonable assurance is a high level of assurance, but is not a guarantee that an audit conducted in accordance with good auditing practice will always detect a material misstatement when it exists. Misstatements can arise from fraud or error and are considered material if, individually or in aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis of the financial statements.
As part of an audit in accordance with good auditing practice, we exercise professional judgment and maintain professional skepticism throughout the audit. We also:
- · Identify and assess the risks of material misstatement of the financial statements, whether due to fraud or error, design and perform audit procedures responsive to those risks, and obtain audit evidence that is sufficient and appropriate to provide a basis for our opinion. The risk of not detecting a material misstatement resulting from fraud is higher than for one resulting from error, as fraud may involve collusion, forgery, intentional omissions, misrepresentations, or the override of internal control.
- Obtain an understanding of internal control relevant to the audit in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness of the parent company's or the group's internal control.
- Evaluate the appropriateness of accounting policies used and the reasonableness of accounting estimates and related disclosures made by management.
- Conclude on the appropriateness of the Board of Directors' and the Managing Director's use of the going concern basis of accounting and based on the audit evidence obtained, whether a material uncertainty exists related to events or conditions that may cast significant doubt on the parent company's or the group's ability to continue as a going concern. If we conclude that a material uncertainty exists, we are required to draw attention in our auditor's report to the related disclosures in the financial statements or, if such disclosures are inadequate, to modify our opinion. Our conclusions are based on the audit evidence obtained up to the date of our auditor's report. However, future events or conditions may cause the parent company or the group to cease to continue as a going concern.
- Evaluate the overall presentation, structure and content of the financial statements, including the disclosures, and whether the financial statements represent the underlying transactions and events so that the financial statements give a true and fair view.
- Obtain sufficient appropriate audit evidence regarding the financial information of the entities or business activities within the group to express an opinion on the consolidated financial statements. We are responsible for the direction, supervision and performance of the group audit. We remain solely responsible for our audit opinion.
We communicate with those charged with governance regarding, among other matters, the planned scope and timing of the audit and significant audit findings, including any significant deficiencies in internal control that we identify during our audit.
We also provide those charged with a statement that we have complied with relevant ethical requirements regarding independence, and communicate with them all relationships and other matters that may reasonably be thought to bear on our independence, and where applicable, related safeguards.
From the matters communicated with those charged with governance, we determine those matters that were of most significance in the audit of the financial statements of the current period and are therefore the key audit matters. We describe these matters in our auditor's report unless law or regulation precludes public disclosure about the matter or when, in extremely rare circumstances, we determine that a matter should not be communicated in our report because the adverse consequences of doing so would reasonably be expected to outweigh the public interest benefits of such communication.
Other Reporting Requirements
Information on our audit engagement
We were first appointed as auditors by the Annual General Meeting on 20.4.2016, and our appointment represents a total period of uninterrupted engagement of 4 years.
Other information
The Board of Directors and the Managing Director are responsible for the other information. The other information comprises the report of the Board of Directors and the information included in the Annual Report, but does not include the financial statements and our auditor's report thereon. We have obtained the report of the Board of Directors prior to the date of this auditor's report, and the Annual Report is expected to be made available to us after that date.
Our opinion on the financial statements does not cover the other information.
In connection with our audit of the financial statements, our responsibility is to read the information identified above and, in doing so, consider whether the other information is materially inconsistent with the financial statements or our knowledge obtained in the audit, or otherwise appears to be materially misstated. With respect to report of the Board of Directors, our responsibility also includes considering whether the report of the Board of Directors has been prepared in accordance with the applicable laws and requlations.
In our opinion, the information in the report of the Board of Directors is consistent with the information in the financial statements and the report of the Board of Directors has been prepared in accordance with the applicable laws and regulations.
If, based on the work we have performed on the other information that we obtained prior to the date of this auditor's report, we conclude that there is a material misstatement of this other information, we are required to report that fact. We have nothing to report in this regard.
Helsinki 13.2.2020
Ernst & Young Oy Authorized Public Accountant Firm
Erkka Talvinko Authorized Public Accountant