Skip to main content

AI assistant

Sign in to chat with this filing

The assistant answers questions, extracts KPIs, and summarises risk factors directly from the filing text.

Sign up Log in

Plurilock Security Inc. Management Reports 2025

Aug 20, 2025

47713_rns_2025-08-19_48ec2922-f3a5-4d90-998b-13a613b3c029.pdf

Management Reports

Open in viewer

Opens in your device viewer

Plurilock Security Inc.
June 30, 2025
Page 1

Plurilock Security Inc.

Management's Discussion and Analysis

For the three and six months ended June 30, 2025

Introduction

This management's discussion and analysis ("MD&A") for Plurilock Security Inc. ("Plurilock" or the "Company" or "PSI") should be read in conjunction with the Company's unaudited condensed interim consolidated financial statements as at and for the three and six months ended June 30, 2025 and 2024 which have been prepared in accordance with International Accounting Standard 34 – Interim Financial Reporting ("IAS 34") using accounting policies consistent with International Financial Reporting Standards ("IFRS")– see note 2 of the June 30, 2025 condensed interim consolidated financial statements for further information. As such, the interim financial statements do not contain all the disclosures required by IFRS for annual financial statements and should be read in conjunction with the Company's audited consolidated financial statements for the years ended December 31, 2024 and 2023 ("consolidated financial statements"). These documents, along with any additional information about the Company, are available on SEDAR+ at www.sedarplus.ca. Except as otherwise indicated or where the context so requires, references to "Plurilock" or the "Company" include Plurilock and its subsidiaries. All dollar figures stated herein are expressed in Canadian dollars (\$ or Cdn\$), unless otherwise specified.

The Company Background

Plurilock was incorporated under the BC Business Corporations Act on July 5, 2018. The Company's head office and principal place of business is located at 1021 West Hastings Street, MNP Tower, 9th Floor, Vancouver, BC, V6E 0C3, Canada.

The Company's common shares trade on the TSX-V as a Tier 1 technology issuer under the ticker symbol "TSX-V: PLUR" and on the OTCQB under the ticker symbol "OTCQB: PLCKF".

Plurilock sells Cyber Security solutions to the United States and Canadian Federal Governments along with Global 2000 companies. Through these relationships, Plurilock sells its unique brand of Critical Services - aiding clients with our expertise to defend against, detect, and prevent costly data breaches and cyber-attacks.

As at the consolidated financial statement date on December 31, 2024, Plurilock had two wholly owned subsidiaries - Plurilock Security Solutions Inc. ("PL") and Integra Network Corporation ("INC"). PL was formed following the amalgamation of PL and 1243540 B.C. Ltd. on September 17, 2020 pursuant to a Qualifying Transaction ("QT"). INC was acquired on March 4, 2022. PL in turn has one wholly owned subsidiary, Plurilock Security Corp. ("PLUS"). PLUS was incorporated on November 15, 2017 in the State of Delaware, USA. On March 31, 2021, PLUS acquired Aurora Systems Consulting Inc. ("ASC"), a provider of advanced cybersecurity technology and services based in the State of California, USA. PLUS acquired all of the outstanding securities of ASC. On July 22, 2021, Plurilock incorporated an Indian subsidiary, Plurilock Security Private Limited ("PSP"). PSP is owned 99.9% by PSI and 0.01% by PL.

Plurilock operates two business divisions, the Technology Division and the Solutions Division. The Technology Division operates under the legacy Plurilock brand and builds and operates Plurilock's own proprietary products as well as products obtained through acquisitions. The Technology Division is operated by PSI, PL, PLUS and PSP. The Solutions Division offers services and resells cybersecurity industry products and technologies to meet customer needs. The Solutions Division also sells services directly to end users. The Solutions Division is operated by ASC and INC.

The date of this MD&A is August 19, 2025, the date on which it was approved by the Board of Directors.

Forward-looking statements

Certain statements in this MD&A constitute forward-looking statements within the meaning of applicable securities laws. Forward-looking statements include, but are not limited to, the Company's goals, expected costs, objectives, growth strategies, merger and acquisition program and similar statements concerning anticipated future events, results, circumstances, performance or expectations that are not historical facts. Forward-looking statements generally can be identified by the use of forward-looking terminology such as "outlook", "objective", "may", "will", "expect", "intend", "estimate", "anticipate", "believe", "should", "plans" or "continue", or similar expressions suggesting future outcomes or events. Such forward-looking statements reflect management's current beliefs and are based on information currently available to management.

Forward-looking statements involve risks and uncertainties that could cause actual results to differ materially from those contemplated by such statements. Factors that could cause such differences include the highly competitive nature of the

Plurilock Security Inc.
June 30, 2025
Page 2

Company's industry, government regulation and funding and other such risk factors described herein and in other disclosure documents filed by the Company with Canadian securities regulatory agencies and commissions. This list is not exhaustive of the factors that may impact the Company's forward-looking statements. These and other factors should be considered carefully, and readers should not place undue reliance on the Company's forward-looking statements. As a result of the foregoing and other factors, no assurance can be given as to any such future results, levels of activity or achievements and neither the Company nor any other person assumes responsibility for the accuracy and completeness of these forward-looking statements. The factors underlying current expectations are dynamic and subject to change.

Although the forward-looking statements contained in this MD&A are based upon what management believes are reasonable assumptions, there can be no assurance that actual results will be consistent with these forward-looking statements. All forward-looking statements in this MD&A are qualified by these cautionary statements. Other than specifically required by applicable laws, we are under no obligation and we expressly disclaim any such obligation to update or alter the forward-looking statements whether as a result of new information, future events or otherwise except as may be required by law. These forward-looking statements are made as of the date of this MD&A.

Plurilock Security Inc.

June 30, 2025

Page 3

Selected 2025 financial information

The following selected financial information for the three and six months ended June 30, 2025, and 2024 has been derived from the annual consolidated financial statements and should be read in conjunction with those financial statements and related notes. Non-IFRS measures are defined below.

Three months ended June 30, Six months ended June 30,
Restated-Note 26 Restated-Note 26
2025 2024 2025 2024
Revenue $ $ $ $
Hardware and systems sales 16,404,963 14,305,546 35,445,577 27,140,854
Software, license and maintenance sales 1,350,705 2,167,319 4,070,937 3,529,551
Professional services 10,785,841 10,492,062 23,367,659 20,557,340
Gross margin (%) 12.0% 14.7% 12.1% 14.4%
Net loss for the period (2,230,829) (3,733,983) (5,243,192) (5,536,232)
Basic and diluted loss per share - for the period (0.03) (0.10) (0.07) (0.27)
EBITDA(1) (1,945,546) (3,416,800) (4,104,462) (4,576,128)
Reconciliation of EBITDA:
Net loss for the period (2,230,829) (3,733,983) (5,243,192) (5,536,232)
Foreign exchange translation gain/(loss) 89,039 (36,779) 679,992 86,206
Amortization 46,730 81,416 149,238 186,272
Interest expenses 139,670 262,485 299,656 679,144
Income tax recovery expense (recovery) 9,844 8,482 9,844 8,482
Impairment on assets - 1,579 - -
Adjusted EBITDA(1) (1,400,359) (2,422,291) (2,675,180) (1,643,193)
Reconciliation of adjusted EBITDA:
EBITDA(1) (1,945,546) (3,416,800) (4,104,462) (4,576,128)
Stock-based compensation 209,093 377,959 433,435 438,798
Financing expenses 15,550 215,285 241,367 219,128
Acquisition-related expenses 41,609 87,975 108,552 92,255
Investor relations 278,935 313,290 647,597 365,284
Loss (gain) on disposal of assets - - - 1,817,470
Loss on convertible debt conversion inducement - - (1,669) -
June 30, December 31,
2025 2024
$ $
Cash and cash equivalents 1,719,643 1,399,463
Restricted cash 20,000 20,000
Total current assets 25,092,452 30,510,681
Total assets 28,681,606 34,473,190
Total current liabilities 30,986,804 39,266,753
Total liabilities 31,341,919 39,614,489
Weighted average common shares outstanding (millions) 78.5 37.5

Note:

(1) Non-GAAP measure. Earnings before interest, taxes, depreciation, and amortization ("EBITDA") and Adjusted EBITDA should not be construed as alternatives to net income/loss determined in accordance with IFRS. EBITDA and Adjusted EBITDA do not have any standardized meaning under IFRS and therefore may not be comparable to similar measures presented by other issuers. The Company defines EBITDA as earnings before interest, taxes, and amortization. Adjusted EBITDA is defined as EBITDA before stock-based compensation, financing, investor relations and acquisition related expenses, loss on convertible debt conversion, loss on settlement of debt, impairment of assets and impairment of goodwill and intangibles. The Company believes that EBITDA and Adjusted EBITDA is a

Plurilock Security Inc.
June 30, 2025
Page 4

meaningful financial metric for investors as it adjusts income to reflect amounts which the Company can use to fund working capital requirements, service future interest and principal debt repayments and fund future growth initiatives.

Q2 2025 Financial Highlights

  • Total revenue for the three and six months ended June 30, 2025 was $16,404,963 and $35,445,577 as compared to $14,305,546 and $27,140,854 for the three and six months ended June 30, 2024. Revenue for the three and six months ended June 30, 2025, is significantly higher as a result of the timing on a few large orders, and significant growth in professional services along with revenue recognition of software over time.
  • Comparable gross sales bookings under previous accounting interpretations would have been $9,527,268 and $21,247,435, and $12,538,958 and $23,793,232 for the three and six months ended June 30, 2025 and 2024, respectively.
  • Hardware and systems sales revenue for the three and six months ended June 30, 2025, totalled $1,350,705 and $4,070,937 compared to $2,167,319 and $3,529,551 respectively in the comparative period ended June 30, 2024. Software, license, and maintenance sales revenue for the three and six months ended June 30, 2025, was $10,785,841 and $23,367,659 compared to $10,492,062 and $20,557,340 in the comparative period. Professional services revenue was $4,268,417 and $8,006,981 for the three and six months ended June 30, 2025, compared to $1,646,165 and $3,053,963 in the three and six months ended June 30, 2024.
  • Hardware and systems sales revenues for the three and six months ended June 30, 2025, accounted for 8.2% and 11.5%, respectively, of total revenues compared to 15.2% and 13.0%, respectively, for the three and six months ended June 30, 2024. Software, license and maintenance sales revenues for the three and six months ended June 30, 2025, accounted for 65.7% and 65.9%, respectively, compared to 73.3% and 75.7%, respectively, for the three and six months ended June 30, 2024. Professional services revenue for the three and six months ended June 30, 2025, accounted for 26.0% and 22.6%, respectively, of total revenues, compared to 11.5% and 11.3%, respectively, for the three and six months ended June 30, 2024.
  • Gross margin for the three and six months ended June 30, 2025, was 12.0% and 12.1% compared to 14.7% and 14.4% for the three and six months ended June 30, 2024.
  • Adjusted EBITDA for the three and six months ended June 30, 2025 was $(1,400,359) and $(2,675,180) compared to $(2,422,291) and $(1,643,193) during the same period in the prior year.
  • Cash and cash equivalents and restricted cash on June 30, 2025 was $1,739,643 compared to $1,419,463 on December 31, 2024.
  • During the three and six months ended June 30, 2025, the Company generated $47,795 and used $5,087,345 of cash from operating activities compared to $1,552,516 and $1,973,631 used of cash during the same periods in the prior year.

Q2 2025 Operational Highlights

  • 02-Apr-25 Plurilock Secures $5.9 Million in new contracts across several Federal and Public Sector Clients
  • 16-Apr-25 Plurilock Security Presenting at Planet MicroCap Showcase and Attending RSAC(TM) 2025 Conference
  • 17-Apr-25 Plurilock Provides Corporate Update Highlighting Strategic Focus, Sector Strength, and Margin Expansion
  • 2-May-25 Plurilock Security Inc. Reports Fiscal 2024 Financial Results
  • 2-Jun-25 Plurilock Security Inc. Reports Record First Quarter Fiscal 2025 Financial Results
  • 5-Jun-25 Plurilock Secures $1.3M in New Critical Services Contracts Across U.S. Commercial Clients
  • 25-Jun-25 Plurilock Announces Results of Annual General Meeting
  • 26-Jun-25 Plurilock Announces $2.54 Million CAD Sale to NASDAQ-Listed Enterprise for AI Cybersecurity

Plurilock Security Inc.
June 30, 2025
Page 5

  • 10-Jul-25 Plurilock Named Certified Services Partner for Forcepoint

Company

Overview

Cybersecurity has become an identity-driven discipline, and identity-driven solutions are needed to combat today's pressing threats, comply with regulation, and ensure the safety of contemporary business environments. Plurilock's vision is to meet this need by delivering solutions that combine next-generation identity technologies with best-of-breed cybersecurity tools, all delivered with a customer-obsessed focus.

PSI is headquartered in Vancouver, B.C., Canada with sales offices in Canada, U.S.A and India. The Company's website is www.plurilock.com.

PSI has the following material, directly or indirectly, wholly owned subsidiaries:

  1. PL, a company incorporated under the laws of British Columbia, Canada;
  2. PLUS, a company incorporated under the laws of the State of Delaware, U.S.A.;
  3. ASC, a company incorporated under the laws of the State of California, U.S.A.;
  4. PSP, a company incorporated under the laws of India; and
  5. INC, a company incorporated under the laws of Ontario, Canada.

Plurilock operates two business divisions, a technology division (the "Technology Division") and a solutions division (the "Solutions Division"). The Technology Division, operated under the Plurilock brand, builds and operates Plurilock's own proprietary products. The Solutions Division, operated separately as ASC and INC, offers hardware and software procurement services, professional services and solutions integrations, managed services, and cybersecurity consulting.

Technology Division

At Plurilock's heart is the ability to recognize individuals and verify identities using cutting-edge behavioral biometric signatures, each generated by applying machine learning in the background to personal behavioral and input patterns, physical location, and other contextual data, as users do their normal work. Plurilock joins this capability to industry-leading products and services in powerful solutions that secure the systems and attack surfaces that are of greatest cybersecurity concern in today's enterprises—all without requiring new user training, authentication steps, security hardware, or helpdesk support.

Solutions Division

Plurilock's Solutions Division supports clients' business-critical applications with a deeply consultative approach to cybersecurity, combining partner-provided solutions with in-house security services to help clients address the complex challenges of cybersecurity.

ASC and INC sell both hardware and packaged software and offers both expert professional services and long-term managed services capabilities.

Principal Products and Services

Solutions Division

Plurilock's Solution Division provides an extensive line of best-of-breed, Tier-1 cybersecurity technologies, services and

Plurilock Security Inc.
June 30, 2025
Page 6

products covering each of the major service areas and risk areas in cybersecurity along with enterprise service provision to manage these product deployments and their integration and operation.

Through the Plurilock's Critical Services offer, the Company assists organizations in supporting, architecting, building, and rebuilding infrastructure through a security and resiliency lens, enabling organizations critical to western democracies to continue to fulfill their roles.

Plurilock Critical Services draws on the Company's experience with Canadian and United States federal government work, providing world-class professional services in four areas:

  • Digital transformation: cloud and multi-cloud infrastructure and migration, enterprise networking, technology logistics, data and AI implementation and migration, and continuity and resilience design
  • Cyber engineering: cloud security, identity security, network security, endpoint, on-premises, and cloud data loss prevention
  • Cyber operations: penetration testing, environment and surface hardening, threat intelligence and monitoring, incident response and management, digital forensics, disaster recovery, security awareness and training
  • Advisory and GRC services: standards and compliance assessments (SOC 1 and 2, ISO 27001, CMMC, NIST and NIST CSF, PCI, MITRE, and others), supply chain and geopolitical risk assessment and management, cyber maturity optimization, resilience training, war gaming and tabletop exercises

Technology Division

Plurilock's Technology Division offers multiple-patent-protected technology that confirms user identity without passwords, numeric MFA codes, fingerprints, or other common identity confirmation technologies. This enables robust control of access to key systems and data resources while eliminating obstacles that hamper adoption of other security tools. It does this by:

  • observing user keyboard behavior, pointer behavior, physical location, machine identity, network context, and other factors on an ongoing basis and in real time,
  • analyzing this data using machine learning techniques to generate a unique and evolving identity signature for each distinct user as work happens, and
  • leveraging this identity signature to grant or deny access as appropriate, every few seconds throughout the workday, without additional user or administrator steps.

This core capability is incorporated directly into the Company's flagship cybersecurity platform, which offers the following capabilities as an aggregate or in various partial "package" offerings:

  • Enterprise continuous authentication that confirms user identity or alerts security teams to detected intrusions in real time, as regular work is carried out, without otherwise inconveniencing or interrupting users; and
  • Cloud-based solution that secures enterprise cloud data while offering a low-friction single sign-on functionality. Identity is secured using contextual cues such as IP address, geo-location, unique device identity, and other confirmation data.

Plurilock also acquired key products from CC with unique cloud security SaaS enterprise solutions for protecting email and group collaboration platforms as well as other cybersecurity products including single-sign-on ("SSO"), multi-factor authentication (MFA), and cloud data loss prevention ("DLP") solutions.

The combination of Plurilock's next-generation technology offerings as well as ASC's and INC's stable of cybersecurity capabilities enables the creation of enterprise-reading, single-provider solutions that cover traditional, organization-wide cybersecurity requirements while also providing cutting-edge capabilities to address emerging threats.

Operations

Plurilock is headquartered in Vancouver, British Columbia, Canada. The Company's Technology and Solutions Divisions

Plurilock Security Inc.
June 30, 2025
Page 7

have various regional offices in Canada, United States and India.

Plurilock currently sells to larger enterprise and government customers. For this reason, sales cycles are relatively long and unpredictable as well as seasonal. There may be fluctuations in sales and cash flow in quarters during which large sales are completed.

Plurilock does not anticipate any effects on major aspects of the business over the next 12 months resulting from termination or renegotiation of contracts.

Plurilock's staff have deeply rooted domain knowledge of the regional and global cybersecurity industry, which provides a competitive advantage through its specialized software architecting and development skills and its sales, training, and support capabilities. As of the date hereof, Plurilock has 64 full and part-time staff and 31 contractors.

Sales, support, services, and information technology software development offices are located and managed at Plurilock's division offices. Plurilock will add regional sales offices as required and will continue to rely on securing channel partners in markets where Plurilock does not maintain a sales force. These partners in local markets conduct in-person sales, support, and account relations activity in close collaboration with Plurilock to ensure client satisfaction and retention.

Plurilock uses full time and contractors for services work. Plurilock develops its products using employed software developers, as well as retaining specialized sub-contractors on a case-by-case basis.

Plurilock currently holds several patents related to core intellectual property and is actively filing for additional ones.

Plurilock technologies and services depend on a variety of "open source" software tools, applications, and libraries. The continued availability of these tools, applications, and libraries under appropriate commercially compatible licences is important to the segment.

Plurilock's most important intangible assets are its intellectual property, maintained as a body of trade secrets in the form of computer code and the practical knowledge and experience of behavioural biometrics methods and approaches gained through operational experimentation.

Markets

Plurilock is directly focused on business-to-business ("B2B") sales globally, where there are roughly one billion knowledge workers (employees who utilize technology to deliver more value through their work) around the world.[1] In particular, outbound sales efforts for both divisions target three markets aggressively:

  1. North American federal government sales. Plurilock and its holdings have multiple existing contracts with both U.S. and Canadian federal government agencies and maintain currently a number of procurement vehicles, including a NASA Solutions for Enterprise-Wide Procurement contract, a Government-Wide Acquisition Contract, and a General Services Administration STARS-II contract to enable the conducting of business with U.S. Federal agencies such as the U.S. Department of Defense, U.S. Air Force, and U.S. Department of the Navy.
  2. North American state, local, and education ("SLED") sales. Plurilock and its holdings maintain procurement vehicles, expertise, and existing relationships to sell to public sector and critical infrastructure organizations below the federal level, representing an expanding area of aggressive focus. Available procurement vehicles include multiple California Multiple Awards Schedule contracts, with recently closed SLED business that includes the California State Teachers' Retirement System and the California Department of Motor Vehicles.
  3. Global commercial entity sales. Key verticals in the commercial market space are marked by significant cyberthreat pressure and/or significant regulatory compliance requirements regarding cybersecurity, data safety, and privacy. Plurilock sells to commercial entities worldwide facing these realities.

https://www.forbes.com/sites/sisense/2021/12/01/who-are-knowledgeworkers-and-how-do-we-enable them/?sh=2a04bb2a6018

Plurilock Security Inc.
June 30, 2025
Page 8

Go to Market

Plurilock is highly focused on B2B sales and goes to market by identifying prospects in federal government and SLED verticals, and regulated commercial organizations that:

  • Face significant IT & cybersecurity risks and requirements;
  • Face significant regulatory and compliance pressure to address such cybersecurity risks and liabilities; and
  • Demonstrate or show evidence of budgetary allocations to enable such purchases.

Sales Strategy

Plurilock pursues these clients with a “land and expand” sales model that combines the resale of third-party products with upselling/cross-sales of high-margin services and Plurilock’s own high-margin recurring revenue products. Any initial sale forms the basis of a business relationship that enables subsequent, more lucrative sales.

Plurilock’s sales process relies on an organic force of specialized B2B sales representatives, developed long-term relationships, a well-considered sales strategy, and extensive support from marketing teams, infrastructure, and initiatives:

  • Sales representatives retain and grow their customer base by maintaining close, meaningful relationships with their clients, partners, and team members. This direct engagement generates on-the-ground expertise that enables effective prioritization and decision-making, producing high rates of customer satisfaction.
  • Partnerships are signed, maintained, and promoted with pride and similarly close contact, enabling relationship prioritization in terms of pricing, knowledge distribution, and other kinds of access. Marketing of these partnerships prioritizes brand consistency and leveraging partner relationships to enable thought leadership when engaging key decision-makers.
  • In addition to its team of B2B sales representatives, Plurilock may in the future add touchless self-service purchasing options operated through its corporate website, with self-service options serving as supplements to, rather than replacements for, expert B2B sales labor.

Marketing expenses, excluding employee labor costs, are currently centered heavily on software, infrastructure, and advertising expenses including inbound sales such as website & other advertising platforms; outbound direct sales and event-driven sales are also represented here.

Growth Strategy

Plurilock employs a multi-pronged strategy to ensure continued rapid growth:

  • Organic acquisition of new customers through referrals. Plurilock retains existing customers by maintaining deep engagement, including in-person sales and engineering team visits to develop and refine security strategy and client relationships. These positive relationships, combined with product line breadth, enable increased customer base penetration and expansion to adjacent markets through references and organic word-of-mouth marketing.
  • Cross-sell services and resell expansion to existing customer base. Plurilock has to expanded sales by reaching out to existing customers across several verticals and looks to grow the share of wallet for each customer by continuing to cross-sell services while expanding the resell base of products it serves to each customer.
  • Channel partners to accelerate awareness. In regions without a direct Plurilock presence, Plurilock employs channel partners to drive awareness and empowers these channel partners with regular close interaction and a deep library of marketing and sales collateral.
  • Strategic acquisition of synergistic companies. Plurilock continues to pursue strategic acquisitions that enhance its go-to-market and sales capabilities. The acquisitions of ASC and INC, which provided Plurilock with an already extremely successful sales organization and extensive stable of best-of-breed cybersecurity products to enable comprehensive solutions provision and cross-sale capabilities, is broadly representative of Plurilock’s strategy to:

Plurilock Security Inc.
June 30, 2025
Page 9

  • enable the provision of the more comprehensive, single-provider solution set for which the market is increasingly calling.
  • add complementary capabilities that accelerate adoption and sales of core Plurilock technologies and the integration of these technologies into delivered solution.

Future acquisitions may include, but are not limited to, those that add new capabilities in cloud and remote work security, capabilities in managed and professional services provision, and core technologies or intellectual property able to further enhance the utility and differentiation of core Plurilock products and technologies.

Acquisition Strategy

Plurilock’s growth strategy also includes completing strategic acquisitions. In assessing the suitability of potential acquisition targets (“PAT”), Plurilock considers numerous operational and strategic factors as they relate to Plurilock which may include, amongst others, the following: enhanced, additional and diversified product offerings and customer lists; strong brands and intellectual property; additional sales channel and partnerships; new revenue streams in adjacent market segments; and accretive revenue and costs synergies.

To date, Plurilock has completed four such acquisitions: the ASC acquisition, the INC acquisition, the CloudCodes acquisition, and the Atrion acquisition.

There is significant competition for PATs due to the dynamic nature of the security industry. Plurilock may need to pay a premium to acquire desirable PATs. In North America, there are several hundred companies that fit the PAT profile identified by Plurilock, but some have not achieved the revenue scale, or product-market-fit to make them accretive to Plurilock’s core business.

Plurilock’s acquisition model is expected to include paying for acquisitions with a combination of cash, Common Shares, and earnout payments (debt). Acquisitions may also be structured to accommodate the continued involvement for the vendor and the retention of individuals key to the success and viability of the acquired firm. The structure of Plurilock’s acquisitions, including the proportion of cash, Common Shares, and earnout payments/debt as consideration are subject to deal specific factors including business, legal, and tax advice, and are reviewed and approved by the Company’s Board of Directors.

Plurilock does not necessarily envision integrating newly acquired businesses under one common corporate brand. Instead, Plurilock’s strategy may include maintaining the value created by the vendor by retaining the identity, specialization, and other success factors of the target firm within its local market. Each PAT will be reviewed and negotiated separately.

Overall performance and discussion of operations

Revenue

Plurilock operates two business divisions, the Technology Division and the Solutions Division. The Technology Division operates under the legacy Plurilock brand, builds and sells Plurilock’s own proprietary products as well as products obtained through acquisitions. The Technology Division is operated by PSI, PL, PLUS, and PSP. The Solutions Division is separately operated and offers services and resells cybersecurity industry products and technologies to meet customer needs. The Solutions Division is operated by ASC and INC.

Plurilock derives revenue from the three main sources under both the Technology Division and the Solutions Division:

  1. Hardware and systems sales

a. Hardware and systems sales revenue is comprised of products that proactively prevent, secure and manage advanced cybersecurity threats and malware for customers.

Plurilock Security Inc.
June 30, 2025
Page 10

  1. Software, license, and maintenance sales

a. Software, license, and maintenance sales revenues are comprised of fees that provide customers with access to propriety and third-party software licenses, and related support and updates during the term of the customer agreements.

  1. Professional Services

a. Professional Services are generally on either a fixed fee, milestone based, time & material or subscription basis. These services are generally distinct from other goods or services that the Company might provide to the same customer under the same or separate contracts.

The following table shows the details of revenuees from operations for the three and six months ended June 30, 2025 and 2024:

For the three months ended June 30,

Restated - Note 26
2025 2024 -Decrease
$ % $ % %
Hardware and systems sales 1,350,705 8.2% 2,167,319 15.2% -37.7%
Software, license and maintenance sales 10,785,841 65.7% 10,492,062 73.3% 2.8%
Professional services 4,268,417 26.0% 1,646,165 11.5% 159.3%
Total revenue 16,404,963 100.0% 14,305,546 100.0% 14.7%

For the six months ended June 30,

For the six months ended June 30,
2025 2024 -Decrease
$ % $ % %
Hardware and systems sales 4,070,937 11.5% 3,529,551 13.0% 15.3%
Software, license and maintenance sales 23,367,659 65.9% 20,557,340 75.7% 13.7%
Professional services 8,006,981 22.6% 3,053,963 11.3% 162.2%
Total revenue 35,445,577 100% 27,140,854 100% 30.6%

Total revenue for the three and six months ended June 30, 2025 was $16,404,963 and $35,445,577 compared to $14,305,546 and $27,140,854 during the same periods in the prior fiscal year. The increase in revenue for the three and six months ended June 30, 2025 is primarily due to growth in professional services revenue stream and revenue recognition of software sales over the term of the contract agreement in backlog.

Hardware and systems sales revenue for the three and six months ended June 30, 2025, totalled $1,350,705 and $4,070,937 compared to $2,167,319 and $3,529,551 respectively in the comparative period ended June 30, 2024. Software, license, and maintenance sales revenue for the three and six months ended June 30, 2025, was $10,785,841 and $23,367,959 compared to $10,492,062 and $20,557,340 in the comparative period.

Professional services revenue was $4,268,417 and $8,006,981 for the three and six months ended June 30, 2025, compared to $1,646,165 and $3,053,963 in the three and six months ended June 30, 2024.

Hardware and systems sales revenues for the three and six months ended June 30, 2025, accounted for 8.2% and 11.5%, respectively, of total revenues compared to 15.2% and 13.0%, respectively, for the three and six months ended June 30, 2024. Software, license and maintenance sales revenues for the three and six months ended June 30, 2025, accounted for 65.8% and 66.0%, respectively, compared to 73.3% and 75.7%, respectively, for the three and six months ended June 30, 2024. Professional services revenue for the three and six months ended June 30, 2025, accounted for 26.0% and 22.6%, respectively, of total revenues, compared to 11.5% and 11.3%, respectively, for the three and six months ended June 30,

Plurilock Security Inc.
June 30, 2025
Page 11

  1. The Company continues to focus its growth strategy on increasing its three revenues streams, organically, cross selling and through acquisitions.

Gross Profit and Gross Margin

The following table summarizes gross profit and gross margin from operations for the three and six months ended June 30, 2025 and 2024:

For the three months ended June 30, For the six months ended June 30,
Restated - Note 26 Restated - Note 26
2025 2024 2025 2024
Revenue $ $ $ $
Cost of sales 16,404,963 14,305,546 35,445,577 27,140,854
Gross profit (14,437,493) (12,207,732) (31,149,246) (23,223,768)
Gross profit (%) 1,967,470 2,097,814 4,296,331 3,917,086
12.0% 14.7% 12.1% 14.4%

Gross profit depends on the product mix and costs of sales for the reporting periods. Cost of sales include expenses related to the procurement of hardware, software, cost of using external cloud-based server providers, project management effort, customer support staff and third-party subcontractors.

Gross profit as a percentage of revenue for the three and six months ended June 30, 2025, decreased to 12.0% and 12.1% compared to 14.7% and 14.4% during the same periods in the prior year. The change in the gross profit percentage is primarily a result of the Company's continuation of the price architecture and busy federal buying season in INC that is contributes to lower profit margins.

Research and Development Expenses ("R&D")

The following table is a breakdown of the Company's R&D related expenses for the three and six months ended June 30, 2025 and 2024:

For the three months ended For the six months ended
June 30, 2025 June 30, 2024 June 30, 2025 June 30, 2024
Research and development
Communication and IT services 22,576 83,994 45,407 168,863
Contractors - - - 19,726
Government assistance - - - -
Office and general - 617 - 1,583
Salaries and benefits 253,937 172,733 457,906 428,033
Travel and entertainment - - - -
COS allocation - (24,072) - (51,049)
276,513 233,272 503,313 567,156

For the three and six months ended June 30, 2025, Plurilock's R&D expenses totalled $276,513 and $503,313 compared to $233,272 and $567,156 during the same periods in the prior year. R&D expenses primarily include salaries and benefits, contractor fees, and communication & IT services. The net decrease in R&D expenses is due to the decreased use of contractors and reduction in employee headcount in salaries and benefits.

Plurilock Security Inc.
June 30, 2025
Page 12

R&D expenses may continue to increase in the future as the Company seeks to evolve and improve its behavioral biometrics authentication platform, invest in new technology and products that will enhance the Company's value proposition to customers and provide additional revenues.

Sales and Marketing expenses ("S&M")

The following is a breakdown of the Company's S&M related expenses for the three and six months ended June 30, 2025, and 2024:

For the three months ended For the six months ended
June 30, 2025 June 30, 2024 June 30, 2025 June 30, 2024
Sales and marketing $ $ $ $
Advertising and promotion 504 22,462 5,619 30,233
Communication and IT services 28,047 14,912 40,381 43,441
Contractors - 10,218 3,500 23,291
Marketing 5,261 5,741 57,807 9,053
Office and general 1,435 15 2,708 42
Salaries and benefits 548,653 431,509 1,152,786 1,027,105
Sales commission 262,350 18,097 474,751 171,776
Travel and entertainment 3,008 - 7,602 -
849,258 502,954 1,745,154 1,304,941

For the three and six months ended June 30, 2025, the Company's S&M expenses totalled $849,258 and $1,745,154 compared to $502,954 and $1,304,941 during the same periods in the prior year. S&M expenses primarily include salaries and benefits, marketing, sales commission, and web hosting fees. The increase in salaries and sales commission is due to the additional headcount to increase sales throughout the year.

Sales and marketing expenses may continue to increase in the future as the Company seeks to execute on its sales growth strategy with the addition of more sales & marketing staff, both organically and through acquisitions.

General and Administrative expenses ("G&A")

The following table is a breakdown of the Company's G&A related expenses for the three and six months ended June 30, 2025 and 2024:

For the three months ended For the six months ended
Restated - Note 26 Restated - Note 26
General and administrative June 30, 2025 June 30, 2024 June 30, 2025 June 30, 2024
Amortization 46,730 81,416 149,238 186,272
Bad debt - (317,623) - 35,876
Communication and IT services 108,886 85,279 262,486 158,641
Contractors 111,138 188,289 203,894 195,403
Insurance 40,731 31,613 83,718 56,854
Office and general 104,506 129,687 232,559 253,128
Professional fees 489,588 247,884 789,242 405,087
Investor relations and regulatory filing 333,023 359,882 732,262 427,098
Salaries and benefits 1,315,235 1,038,889 3,003,392 2,081,040
Travel and entertainment 68,633 60,003 113,796 66,496
2,618,470 1,905,319 5,570,587 3,865,895

Plurilock Security Inc.
June 30, 2025
Page 13

For the three and six months ended June 30, 2025, G&A expenses totalled $2,618,470 and $5,570,587 compared to $1,905,319 and $3,865,895 during the same periods in the prior year. G&A expenses primarily included salaries and benefits, professional fees (audit & accounting, legal and corporate finance), investor relations and regulatory filing fees, communication, and IT services as well as office and general expenses. The increase in G&A expenses compared to the prior year for the same periods relates to increased contractors, professional fees, travel, insurance and investor relations, as well as increased salaries and benefits.

Stock-based compensation

Total stock-based compensation cost recognized in the Company's condensed interim consolidated statements of loss and comprehensive loss for the three and six months ended June 30, 2025, was $209,093 and $433,435 compared to $377,959 and $438,798 in prior year and is credited to contributed surplus.

Total stock-based compensation expense for the three and six months ended June 30, 2025, is comprised of the expense pursuant to stock options issued to related parties (as discussed in Note 25) of $Nil and $Nil compared to $395,314 and $429,954 respectively in prior period and to other parties of 63,080 and $134,537 compared to $(17,355) and $8,844 respectively in the prior year.

Total stock-based compensation expense for the three and six months ended June 30, 2025, is comprised of the expense pursuant to restricted share units issued to related parties (as discussed in Note 25) of $146,014 and $298,899 compared to $Nil respectively in prior year for the same periods.

The Company issued stock options to directors, officers, employees, and consultants in Q1, and Q2 2025 compared to stock options issued during Q2 2024. The fair value of these options, as determined on the date of grant, is being recognized as an expense according to the vesting periods of the options. See Note 19 of the June 30, 2025, condensed interim consolidated financial statements for further information.

Summary of Quarterly Results

June 30, 2025 (Q2) March 31, 2025 (Q1) December 31, 2024 (Q4) September 30, 2024 (Q3) June 30, 2024 (Q2) March 31, 2024 (Q1) December 31, 2023 (Q4) September 30, 2023 (Q3)
$ $ $ $ $ $ $ $
Revenue 16,404,963 19,040,614 17,655,122 14,328,564 14,305,546 12,835,308 11,370,763 20,000,867
Gross Profit 1,967,470 2,328,861 2,866,175 972,459 2,097,814 1,819,272 113,066 1,434,448
Gross Profit % 12.0% 12.2% 16.2% 6.8% 14.7% 14.2% 1.0% 7.2%
Net loss for the period (2,230,829) (3,012,363) (1,902,748) (4,093,493) (3,733,983) (1,802,249) (6,429,356) (1,891,428)
Basic and diluted loss per share (0.03) (0.04) (0.03) (0.08) (0.10) (0.18) (0.63) (0.19)

Liquidity and capital resources

Cash and cash equivalents and restricted cash

As at June 30, 2025, and December 31, 2024, the Company had $1,719,643 and $1,399,463 of cash and cash equivalents respectively. As at June 30, 2025 and December 31, 2024, the Company had $20,000 and $20,000 of restricted cash.

Operating activities

Plurilock Security Inc.
June 30, 2025
Page 14

During the three and six months ended June 30, 2025, the Company generated $47,795 and used $5,087,345 of cash from operating activities compared to the Company used $1,552,516 and $1,973,631 during the same periods in the prior year.

Investing activities

During the three and six months ended June 30 2025, the Company generated $Nil and $12,954 of cash on investing activities, compared to $2,414 and $5,977 use of cash during the same periods in the prior year.

Financing activities

During the three and six months ended June 30, 2025, the Company used cash of $1,190,066 generated cash of $5,234,242 from financing activities compared to used $3,834,177 and $2,997,904 during the same periods in the prior year.

Off balance sheet arrangements

As at June 30, 2025 and the date of the MD&A, the Company does not have any off-balance sheet arrangements.

Related party transactions

Key management personnel are those persons having authority and responsibility for planning, directing, and controlling the activities of the Company, directly or indirectly. Key management personnel include the Company's Board of Directors and members of the executive team.

The following table summarizes the related party transactions:

For the three months ended For the six months ended
June 30, 2025 June 30, 2024 June 30, 2025 June 30, 2024
$ $ $ $
Salaries, benefits and consulting fees 458,137 554,506 934,333 826,991
Stock-based compensation expense* (190,677) 395,314 298,899 429,954
267,460 949,820 1,233,232 1,256,945
  • Reflects the amount recorded as expense in the condensed interim consolidated statement of loss and comprehensive loss. The fair value of stock-based compensation is measured at grant date and is recognized as an expense over the vesting period.

The Company has agreed to indemnify its board of directors and officers in accordance with the Company's policies. The Company maintains insurance policies that may provide coverage against certain claims.

Summary of Accounting Changes

To prepare for a potential uplist in the US capital markets, the Company initiated a review of its accounting policies in accordance with its auditors. Consequently, the Company has made some accounting policy changes. These changes circulate around revenue recognition. The Company has made the following changes:

  1. Revenue of resold software is now recognized over the life of the software contract in most cases.

Plurilock Security Inc.
June 30, 2025
Page 15

  1. Principal and agent considerations are reviewed each transaction and in certain cases the Company has changed accounting policy to Agent versus Principal. In an Agent arrangement, the Company recognizes the net margin, or revenue less costs, netted, as revenue. When the Company is acting as principal, the Company recognizes gross revenue and gross costs.

The prior year was restated for these changes. Further information may be found in the notes of the financial statements.

Critical accounting estimates

The preparation of financial statements in accordance with IFRS requires management to make judgements, estimates and assumptions that affect the application of accounting policies and the carrying amount of assets and liabilities, and disclosures of contingent assets and liabilities as at the date of the consolidated financial statements, and the recorded amount of revenues and expenses for the reporting period.

These estimates are changed periodically, and as adjustments become necessary, they are reported in profit or loss in the period in which they become known.

The material accounting policies subject to such estimates that, in the Company's opinion, could significantly affect the reported results or financial position, are as follows:

> Going concern considerations

The Company has financed its operating cash requirements primarily through the issuance of share capital. The Company's ability to realize the carrying value of its assets, discharge its liabilities and to continue as a going concern is based upon the continued support from the Company's shareholders and the successful execution of the Company's strategic plan to improve the scale and profitability of its business to achieve future profitable operations. It will be necessary for the Company to raise additional funds from time to time for the continued execution of its strategic plan. These funds may come from sources which include the issuance of shares, the issuance of debt or alternative sources of financing. There can be no assurance that the Company will successfully generate sufficient operating cash flows or raise sufficient funds to continue the execution of its strategic plan and to operate as a going concern.

The estimates used by the Company in reaching the above conclusion are based on information available as of the date of the consolidated statement of financial position was authorized for issuance and included internally generated cash flow forecasts. Accordingly, actual results could differ from these estimates and resulting variances may be material to management's assessment.

> Impairment of intangible assets including goodwill and other intangible assets

The Company assesses whether there are any indicators of impairment as at the reporting date for all intangible assets. Goodwill and intangible assets with indefinite useful lives are tested for impairment annually and at other times when such indicators exist. Other intangible assets are tested for impairment when there are indicators that the carrying amounts may not be recoverable. When value in use calculations are undertaken, the Company must estimate the expected future cash flows from the CGUs and choose a suitable discount rate in order to calculate the present value of those cash flows. The key sources of estimation uncertainty are the future business performance over the forecast period (five years), projected long-term growth rates and the discount rates applied.

> Valuation of stock-based compensation

The Company uses the Black-Scholes model to value share options issued to directors, employees, and consultants. The model's estimates include inputs that require management estimates and judgement, such as volatility of the underlying equity instruments, forfeiture rate and expected life of stock options.

Plurilock Security Inc.
June 30, 2025
Page 16

  • Valuation of warrants issued for services

For warrants issued for services and as part of financing, the Company follows guidelines under IFRS 2 and uses the Black-Scholes model to assess these warrants. The model's estimates include inputs that require management estimates and judgement, such as volatility of the underlying equity instruments, forfeiture rate and expected life of warrants.

  • Carrying values of allowances for unrecoverable trade and other receivables

The Company recognizes an allowance for expected credit loss on accounts receivable that are measured at amortized cost. The amount of ECL is updated at each reporting date to reflect changes in credit risk since the initial recognition of the trade and other receivables. The Company recognizes lifetime ECL for its trade and other receivables. The expected credit losses on these financial assets are estimated using the Company's historical credit loss experience, adjusted for factors that are specific to the debtors, general economic conditions, and an assessment of both the current as well as the forecast direction of conditions at the reporting date.

  • Fair value measurement and valuation processes

Some of the Company's assets are measured at fair value for financial reporting purposes. The Company hires external valuation professionals to determine the appropriate valuation techniques and inputs for fair value measurements. The Company works closely with the external valuation professionals to establish the appropriate valuation techniques and inputs to the model.

The critical judgements that the Company's management has made in the process of applying the Company's accounting policies, apart from those involving estimates above, that has the most significant effect on the amounts in the Company's consolidated financial statements, are related to the determination of the functional currency of the Company and its subsidiaries.

  • Assessment of revenue recognition under IFRS 15

During the year, management assessed the various performance obligations present in each contract in effect and if revenue was to be recognized at a point in time or over a period of time. Judgment was used to determine the identification of those performance obligations, allocation of the transaction price to the performance obligation, and accounting for the consideration payable by the customer.

The Company has made significant judgements in determining that sale of software license, access to third-party software as a service provided to customers, deployment, configuration and integration activities are combined together to fulfill the performance obligation of cybersecurity solutions paired with AI-driven cloud-friendly security products to customers which is satisfied over the contract term as the Company satisfies a portion of its performance obligation each day it provides the cybersecurity solution and revenue is recognized on a straight-line basis over the contract term.

The Company uses significant judgment in presentation of revenue contracts with customers in accordance with the principles of IFRS 15, to assess whether it acts as a principal in a transaction or as an agent acting on behalf of others in recognition of sale of hardware, software, maintenance and services to customers.

New accounting policies not yet adopted

The following new standards, amendments to standards and interpretations have been issued but are not effective during the year ended December 31, 2024.

Plurilock Security Inc.
June 30, 2025
Page 17

Classification of Liabilities as Current or Non-Current (Amendments to IAS 1) — the amendments sought to improve the information that an entity provides when its right to defer settlement of a liability is subject to compliance with covenants within 12 months after the reporting period. These amendments to IAS 1 override but incorporate the previous amendments, classification of liabilities as current or non-current, issued in January 2020, which clarified that liabilities are classified as either current or non-current, depending on the rights that exist at the end of the reporting period. Liabilities should be classified as non-current if a company has a substantive right to defer settlement for at least 12 months at the end of the reporting period. The amendments are effective for annual reporting periods beginning on or after January 1, 2024, and are to be applied retrospectively. There was no material impact on adoption.

The IASB's newly issued IFRS Accounting Standard, IFRS 18 Presentation and Disclosure in Financial Statements aims to improve the usefulness of information presented and disclosed financial statements. IFRS 18 is effective for annual reporting periods beginning on or after January 1, 2027, with early application permitted. AcSB will ballot IFRS 18 and complete its endorsement process in Q2 2024. The company has not adopted this standard and will plan implementation by the prescribed deadline.

The Company does not expect the amendment or any other amendments to standards and interpretations applicable to the Company and not yet effective for the three and six months ended June 30, 2025 to have a significant effect on its condensed interim consolidated financial statements.

Restatement of previously issued financial statements

The Company has restated its comparative column to these condensed interim consolidated financial statements for the three and six months ended June 30, 2024.

The Company reviewed its revenue recognition in accordance with IFRS 15. The Company has reassessed two areas. The first is that in some transactions, the Company has changed from Principal recognition to Agent recognition. These are mainly in the areas of Hardware Maintenance and Support transactions where the vendor has prime responsibility for carrying out the contractual obligations. The Company also reassessed that where it is reselling software and is Principal, the revenue recognition has been re-assessed to be over time as opposed to a point in time. Refer to Note 28 in the annual audited consolidated financial statements and Note 26 in the condensed interim consolidated financial statements.

Financial instruments and other instruments

The Company's financial instruments consist of cash and cash equivalents, restricted cash, trade and other receivables, trade payables and accruals, short term loans, and convertible debenture.

Cash and cash equivalents and restricted cash are classified as financial assets at amortized cost and are initially recognized at fair value and subsequently carried at amortized cost less any impairment. Trade receivables as collateral for loans are classified as financial assets at FVTOCI and are initially recognized at fair value and subsequently measured with FVTOCI. Trade and other receivables other than trade receivables as collateral for loans are classified as financial assets at amortized cost and are initially recognized at fair value and subsequently carried at amortized cost less any impairment. The carrying value of these financial assets approximates their fair value due to the relatively short period to maturity.

Trade payables and accruals, short term loans, lease liability, and a portion of convertible debenture are classified as financial liabilities at amortized cost and recognized at fair value and subsequently carried at amortized cost. The carrying value of other financial liabilities approximate fair value due to the relatively short period to maturity.

Financial risk management

Management and monitoring of financial risks are performed by the Company's management, which manages all financial exposures. The Company is exposed to various financial risks through its financial instruments: credit risk, liquidity risk and

Plurilock Security Inc.
June 30, 2025
Page 18

market risk (including currency risk, interest rate risk and other price risk). The following analysis enables users to evaluate the nature and extent of the risks at the end of each reporting period.

(a) Credit risk

Credit risk is the risk that one party to a financial instrument will cause a financial loss for the other party by failing to discharge an obligation. The Company's significant financial assets include cash and cash equivalents, restricted cash and trade and other receivables. The Company mitigates credit risk on cash by placing it at credit-worthy financial institutions.

The carrying amounts of the financial assets represent the Company's maximum credit exposure:

June 30, 2025 December 31, 2024
$ $
Cash and cash equivalents 1,719,643 1,399,463
Restricted cash 20,000 20,000
Trade and other receivables 5,765,825 8,698,200
7,505,468 10,117,663

The Company transacts with customers with strong credit ratings and strives to minimize credit risk by performing credit reviews, ongoing credit evaluation and account monitoring procedures. The credit risk associated with trade receivables with the aging balances over 90 days at June 30, 2025 is considered lower than normal given the customers of the Company are governments. All of the Company's receivables have been reviewed for indicators of impairment and, if any, bad debt expenses have been recorded. The aging of trade and other receivables is as follows:

June 30, 2025 December 31, 2024
Trade receivables 0-30 days 31-90 days Over 90 days $ $
$ $ $ $ $
3,550,641 1,520,280 694,904 5,765,825 8,698,200
3,550,641 1,520,280 694,904 5,765,825 8,698,200

(b) Interest rate risk

Interest rate risk is the risk that the fair value or future cash flows of a financial instrument will fluctuate because of changes in market interest rates. Interest rates of the Company's short-term loans are fixed; as a result, the Company is not subject to significant interest rate risk. Interest rate on the Company's cash deposits and guaranteed income certificates held at the bank is nominal.

(c) Liquidity risk

Liquidity risk refers to the risk that the Company will not be able to meet its financial obligations when they become due or can only do so at excessive costs.

The Company's ability to continue as a going concern is dependent on management's ability to raise required funding through future equity issuances and through short-term borrowing. The Company's approach to managing liquidity risk is to provide reasonable assurance that it will have sufficient funds to meet liabilities when due, through cash flows from its

Plurilock Security Inc.
June 30, 2025
Page 19

operations and anticipating any investing and financing activities. The Company manages its liquidity risk by forecasting cash flows required for operations and anticipated financing activities. Management and the Board of Directors are actively involved in the review, planning and approval of significant expenditures and commitments.

(d) Currency risk

Currency risk is the risk that the fair value or future cash flows of a financial instrument will fluctuate because of changes in foreign exchange rates. The Company enters into foreign currency purchase and sale transactions and has assets and liabilities that are denominated in foreign currencies. The Company is exposed to the financial risk of earnings fluctuations arising from changes in foreign exchange rates and the degree of volatility of these rates. The Company does not currently use derivative instruments to reduce its exposure to foreign currency risk.

A breakdown of the Company's financial instruments by currency, presented in Canadian dollars, is presented below:

(d) Currency risk (continued)

June 30, 2025 December 31, 2024
USD INR EUR CAD Total USD INR EUR CAD Total
Cash and cash equivalents 760,914 146,849 221,325 590,555 1,719,643 417,954 94,553 205,543 681,413 1,399,463
Restricted cash - - - 20,000 20,000 - - - 20,000 20,000
Trade and other receivables 6,289,828 36,490 - (560,493) 5,765,825 7,513,349 58,252 - 1,126,599 8,698,200
Trade payables and accruals 7,240,398 37,612 - 290,576 7,568,586 10,870,607 45,971 - 576,769 11,493,347
Short-term loans 1,002,296 - - - 1,002,296 2,408,034 - - - 2,408,034
Lease liability - - - - - 5,268 - - 7,122 12,390
Convertible debenture - - - 336,727 336,727 - - - 328,296 328,296

Significant exchange rates used

June 30, 2025 December 31, 2024
Average rate for the period/year
US dollar 1.4097 1.4000
Indian Rupee 0.0162 0.0166
European Euro 1.4094 1.4816
Statement of financial position rates
US dollar 1.3607 1.4393
Indian Rupee 0.0159 0.0168
European Euro 1.6030 1.4928

The table below shows the Company's sensitivity to foreign exchange rates for its U.S. dollar, European Euro and Indian Rupee financial instruments, the foreign currencies in which the Company's assets and liabilities are denominated:

Plurilock Security Inc.
June 30, 2025
Page 20

June 30, 2025 increase/(decrease) in equity $ December 31, 2024 increase/(decrease) in equity $
10% appreciation of the U.S. dollar against Canadian dollar (119,195) (535,261)
10% depreciation of the U.S. dollar against Canadian dollar 119,195 535,261
10% appreciation of the European Euro against Canadian dollar 22,133 20,554
10% depreciation of the European Euro against Canadian dollar (22,133) (20,554)
10% appreciation of the Indian Rupee against Canadian dollar 14,573 10,684
10% depreciation of the Indian Rupee against Canadian dollar (14,573) (10,684)

(e) Fair values

Fair value is the price that would be received to sell an asset or paid to transfer a liability in an orderly transaction between market participants at the measurement date. Fair value reflects market conditions at a given date and, for this reason, may not be representative of future fair values or of the amount that will be realized upon settling the instrument.

To the extent possible, the Company uses data from observable markets to measure the fair value of an asset or liability. Fair value measurements are established based on a hierarchy into three levels that categorizes the inputs to valuation techniques.

Level 1 – Fair value measurement based on quoted prices (unadjusted) observable in active markets for identical assets or liabilities.

Level 2 – Fair value measurement using inputs other than quoted prices included within Level 1 that are observable for the asset or liability, either directly (i.e., as prices) or indirectly (i.e., derived from prices).

Level 3 – Fair value measurement using inputs that are not based on observable market data (unobservable inputs).

The carrying value of cash and cash equivalents, restricted cash, trade and other receivables, trade payables and accruals and short-term loans approximates their fair value due to the relatively short-term maturity of these financial instruments and are measured and reported at amortized cost. The carrying values of the liability portion of the convertible debenture are initially recognized at fair value and subsequently measured at amortized cost using the effective interest method.

The fair value of financial assets and liabilities are as follows:

June 30, 2025 $ December 31, 2024 $
Cash and cash equivalents 1,719,643 1,399,463
Restricted cash 20,000 20,000
Trade and other receivables 5,765,825 8,698,200
Total financial assets 7,505,468 10,117,663
Trade payables and accruals 7,568,586 11,493,347
Short-term loans 1,002,296 2,408,034
Lease liability - 12,390
Convertible debenture 336,727 328,296
Total financial liabilities 8,907,609 14,891,232

(f) Contractual cash flows

Plurilock Security Inc.
June 30, 2025
Page 21

The contractual maturity of short-term loans, lease liability, convertible debenture and trade payables and accruals are shown below:

June 30, 2025
Due in less than a year Due between one to five years Total
$ $ $
Trade payables and other payables 7,568,586 - 7,568,586
Short-term loans 1,002,296 - 1,002,296
Convertible debenture - 336,727 336,727
8,570,882 336,727 8,907,609
December 31, 2024
--- --- --- ---
Due in less than a year Due between one to five years Total
$ $ $
Trade payables and other payables 11,493,347 - 12,142,512
Short-term loans 2,408,034 - 2,408,034
Lease liability 12,390 - 12,390
Convertible debenture 328,296 328,296
13,913,771 328,296 14,891,232

Subsequent events

Management has evaluated subsequent events through August 19, 2025 and determined that no events requiring disclosure or adjustment have occurred.

Disclosure of outstanding share data

As of August 19, 2025, the Company has the following securities outstanding:

Description Number Exercise Price Per Share and Expiry
Common shares 78,526,869
Options 6,844,626 Exercise price from $0.30 to $3.70 and which expire between April 2025 and March 2033
Warrants 25,252,646 Exercise price from $0.25 to $2.00 and which expire between July 2025 and February 2028
Restricted Stock Units 3,800,000 Granted shares restricted until December 2027
Convertible debentures 137,500 Exercise price of $2.00 and expires August 26, 2026
Total diluted number of shares 114,561,641

Risks and uncertainties

The following are certain factors relating to the Company's business which prospective investors should carefully consider before deciding whether to purchase Common Shares in the Company's authorized capital. The following information is a summary only of certain risk factors and is qualified in its entirety by reference to, and must be read in conjunction with, the detailed information appearing elsewhere in this MD&A. These risks and uncertainties are not the only ones the Company

Plurilock Security Inc.
June 30, 2025
Page 22

is facing. Additional risk and uncertainties not presently known to Plurilock, or that Plurilock currently deems immaterial, may also impair our operations. If any such risks actually occur, the business, financial condition, liquidity and results of our operations could be materially adversely affected:

  1. Alignment of Plurilock's cost structure with revenue

Plurilock must ensure that its costs and workforce continue to be proportionate to demand for its services. Failure to align Plurilock's cost structure and headcount with net revenue could adversely affect Plurilock's business, financial condition and results of operations. Plurilock attempts to mitigate the risks of short-term revenue shifts by having a large portion of employee compensation based on the revenue of the employee's business unit, and for management to consolidate revenue and operating profit.

Plurilock is a growth company, and in order to facilitate growth, Plurilock must continually invest in resources and overhead costs ahead of planned revenue. Accordingly, Plurilock may operate with substantial negative cash flow in the future. The majority of Plurilock's revenues from certain of its business units are generated from a few customers. There can be no guarantee that any agreements with these customers will be extended or renewed, or, if extended or renewed, that they will be extended or renewed on the same or similar terms. Failure by Plurilock to maintain these relationships could have a material adverse impact on the business and financial condition of Plurilock. While Plurilock expects this concentration of business to decrease over time, it may continue to depend upon a relatively small number of clients for a significant portion of revenue into the foreseeable future.

  1. Ability to Predict Profitability and risks associated with any continued sales growth

Plurilock focuses on several key performance metrics including, but not limited to, Revenue, Net Income (Loss), EBITDA and Adjusted EBITDA. Management believes that IFRS profitability will increase over time, however, due to the evolving business model and the unpredictability of its emerging and competitive category of security products, the Company may not be able to accurately forecast the rate of adoption of its services and hence its revenue growth and profitability. The Company bases its current and future expense levels and its investment plans on estimates of future revenue growth. Plurilock may not be able to adjust its spending quickly enough if the rate of new or renewed subscriptions falls short of its expectations. In addition, the intense competition the Company faces in the sales of its products and services and general economic and business conditions (including foreign exchange rates) can put pressure on it to change its prices. If Plurilock's competitors offer deep discounts on certain products or services or develop products that the marketplace considers more valuable, the Company may need to lower its prices or offer other favorable terms in order to compete successfully. Any such changes may reduce margins and could adversely affect operating results. Plurilock's operating results may also fluctuate significantly on a quarterly basis. Accordingly, period-to-period comparisons of its operating results may not necessarily be a meaningful indicator of future performance. Plurilock has remained focused on sales growth. This has resulted, at times, in increasing headcount and operational costs to generate and support this growing customer base, which has placed, and will continue to place, to the extent that Plurilock is able to sustain such growth, significant strain on Plurilock's management, administrative, operational, and financial infrastructure. Plurilock anticipates that further growth will be required to address increases in the customer base, further development of its products, and expansion into new geographic areas, amongst other areas of its business and operations. Further growth will require Plurilock to continue to hire, train and manage new employees as needed. If new hires perform poorly, or if Plurilock is unsuccessful in hiring, training, managing and integrating new employees, or if Plurilock is unsuccessful in retaining existing employees, its business may be harmed. In addition, Plurilock may look to expand its engineering and sales teams in an attempt to increase sales growth. Such sales growth may not match, or exceed, the increase in operating costs associated with hiring, training, managing, and integrating of such employees.

  1. Plurilock's focus on larger enterprise customers could result in greater costs, less favourable commercial terms, and other adverse impacts to Plurilock

As Plurilock continues to direct more sales efforts at larger enterprise customers, Plurilock could face greater costs, less

Plurilock Security Inc.
June 30, 2025
Page 23

favourable commercial and contract terms and conditions, greater due diligence and technical scrutiny, longer sales cycles, less predictability in completing some sales and greater fluctuation in sales and cash flow in quarters where these large deals conclude. In this market segment, the customer's decision to use Plurilock's service or products may be an enterprise-wide decision and, if so, these types of sales may require Plurilock to provide increased product discounts, additional global support and professional services, increased service level availability, greater levels of education and training regarding the use and benefits of the service.

As a result of these factors, these sales opportunities may require Plurilock to devote greater sales support and professional services resources to individual customers, driving up costs and time required to complete sales and diverting sales and professional services resources to a smaller number of larger transactions.

  1. Plurilock is reliant on key management

The success of Plurilock is dependent upon the ability, expertise and judgement of its senior management.

Shortages in qualified personnel or the loss of key personnel could adversely affect the financial condition of Plurilock and results of operations of the business. The loss of any of Plurilock's senior management or key employees could materially and adversely affect Plurilock's ability to execute its business plan and strategy and Plurilock may not be able to find adequate replacements on a timely basis, or at all.

  1. Plurilock operates in a highly competitive industry and may be unable to retain clients or market share

Plurilock operates in a highly competitive business and may be unable to retain clients or market share. The cybersecurity industry is highly competitive, and the barriers to entry are low. There are many competitors, and new competitors are entering the market constantly. Current and new competitors may be better capitalized, have a stronger operating history, have more expertise and be able to provide comparable or superior services at the same or lower cost. Long-term contracts also form a small and declining portion of Plurilock's revenue. There is no assurance that Plurilock will be able to retain clients or its market share in the future, nor can there be any assurance that it will, in light of competitive pressures, be able to maintain or increase its current margins, or reach and sustain profitability.

  1. Plurilock may not be able to attract new customers, maintain its existing consumer base or grow or upgrade the products provided to these customers

To expand Plurilock's customer base, Plurilock needs to convince potential customers to allocate a portion of their discretionary budgets to purchase Plurilock's solutions. Plurilock's sales efforts often involve educating its prospective customers about the uses and benefits of Plurilock's solutions. Enterprises and governments that use other forms of security products may be hesitant to purchase Plurilock's solutions if they believe that these products are more cost effective, provide substantially the same functionality as Plurilock's solutions, or provide a level of security that is sufficient to meet their needs. Plurilock may have difficulty convincing prospective customers of the value of adopting Plurilock's solutions. Even if Plurilock is successful in convincing prospective customers that Plurilock's solutions are critical to protect against cyberattacks, they may not decide to purchase Plurilock's solutions for a variety of reasons, some of which are out of Plurilock's control. For example, any deterioration in general economic conditions, including a downturn due to COVID-19, may cause Plurilock's customers to cut their overall security and IT operations spending, and such cuts may fall disproportionately on security solutions like Plurilock's. Economic weakness, customer financial difficulties, and constrained spending on security and IT operations may result in decreased revenue, reduced sales, lengthened sales cycles, increased churn, lower demand for Plurilock's products, and adversely affect its results of operations and financial conditions.

If organizations do not continue to adopt Plurilock's solutions, Plurilock's sales will not grow as quickly as anticipated, or at all, and Plurilock's business, results of operations, and financial condition would be harmed.

In order for Plurilock to maintain or improve its financial and operational results, it is important that Plurilock's existing customers renew their subscriptions for Plurilock's solutions when existing contract terms expire, and that Plurilock expand

Plurilock Security Inc.
June 30, 2025
Page 24

its commercial relationships with its existing customers by selling and deploying to more endpoints in their environments, selling additional types of services, and/or moving these customers to higher tiers of Plurilock's solutions.

Plurilock's customers typically have no obligation to renew their subscription for Plurilock's solutions after the expiration of their contractual subscription period, and in the normal course of business, some customers have elected not to renew. In addition, customers may seek to renew for shorter contract subscription lengths, reduce the number of users accounts, or downgrade to lower tiers of Plurilock's solutions.

Customer retention and expansion may decline or fluctuate as a result of a number of factors, including customers' satisfaction with Plurilock's services, pricing, customer security and networking issues and requirements, customers' spending levels, mergers and acquisitions involving its customers, industry developments, competition and general economic conditions. Plurilock is focused on maintaining or increasing its customer renewal and growth rates efficiently and cost effectively. However, if Plurilock's efforts to maintain and expand its relationships with its existing customers are not successful, its business, results of operations, and financial condition may materially suffer.

  1. Plurilock may not be able to prevent damages resulting from a cybersecurity attack

Plurilock's business uses confidential information about candidates (successful and unsuccessful), employees, and clients. Plurilock is subject to cyberattacks, computer viruses, social engineering schemes and other means of unauthorized access to its systems. Plurilock has not experienced any material losses to date related to cyber-attacks or other information security breaches, but there can be no assurance that Plurilock will not incur such losses in the future. The security controls over sensitive or confidential information and other practices implemented by Plurilock and its third-party vendors may not prevent the improper access to, disclosure of, or loss of such information. Failure to protect the integrity and security of such confidential and/or proprietary information could expose Plurilock to fines, litigation, contractual liability, damage to its reputation and increased compliance costs. In addition, as cyber threats continue to evolve, Plurilock may be required to expend additional resources to continue to modify or enhance protective measures or to investigate and remediate any security vulnerabilities.

  1. There are risks inherent in Plurilock's acquisition strategy

Plurilock intends to continue actively pursuing accretive business acquisitions in Canada, the United States, India and/or internationally consistent with its investment strategy. Such acquisitions involve inherent risks including but not limited to: (a) unanticipated costs; (b) potential loss of key employees of the company or the business acquired; (c) unanticipated changes in business, industry or general economic conditions that affect the assumptions underlying the acquisition; and (d) decline in the value of the acquired business or assets. Further, there can be no assurance that an acquired business will achieve the desired levels of revenue, profitability or productivity or otherwise perform as expected. Any one or more of these factors could cause Plurilock to fail to realize the anticipated benefits of the acquisition in question. Additionally, there can be no assurance that Plurilock will be able to successfully identify suitable acquisition targets and complete acquisitions on terms beneficial to Plurilock and its shareholders. Plurilock's failure to successfully execute its acquisition strategy could have a material adverse effect on its business. Moreover, Plurilock may be required to use available cash, incur debt, issue securities, or a combination of these in order to complete an acquisition. This could affect Plurilock's future flexibility and ability to raise capital, operate or develop its business, and could dilute its existing shareholders' holdings, as well as decrease the trading price of the Common Shares.

In addition, the process of acquiring and integrating companies into Plurilock's existing business may also result in unforeseen difficulties which may absorb significant management attention, require significant financial resources, and be disruptive to operations causing the business and results of operations to suffer materially. There is no assurance that when evaluating a possible acquisition, Plurilock will correctly identify and manage the risks and costs inherent in the business or asset to be acquired.

  1. Plurilock's business is subject to broader economic factors

Any adverse change in general economic conditions may adversely affect Plurilock's business and financial condition. The

Plurilock Security Inc.
June 30, 2025
Page 25

demand for workforce solutions is highly dependent upon the state of the economy and upon the staffing needs of Plurilock clients, which creates uncertainty and volatility.

As economic activity slows, the need for temporary and new employees decreases. Significant declines in demand of any region or industry in which Plurilock has a major presence may significantly decrease its revenues and profits. Deterioration in economic conditions or the financial or credit markets could also have an adverse impact on the ability of Plurilock to collect payment for services.

It is difficult for Plurilock to forecast future demand for its services due to the inherent uncertainty in forecasting the direction and strength of economic cycles, the terms and nature of future staffing assignments and the financial viability of its clients. Additionally, Plurilock may experience a decline in revenue before a decline in economic activity is seen in the broader economy. When it is difficult for Plurilock to accurately forecast future demand, Plurilock may not be able to determine the optimal level of personnel and investment necessary to profitably take advantage of growth opportunities.

  1. Current and future global economic and political volatility and uncertainty may negatively impact Plurilock's financial performance and results of operations as well as its ability to predict future spending requirements and growth, if any

Current and future global economic, political and social conditions remain volatile and uncertain, especially in certain parts of the world. As a result, it is difficult to estimate the level of growth or contraction for the global economy as a whole. It is even more difficult to estimate economic growth or contraction in various sectors and regions, including the markets in which the Company operates. Because all components of Plurilock's budgeting and forecasting are dependent upon estimates of growth or contraction in the markets it serves and the demand for its products and services, the prevailing economic uncertainties render estimates of future income and expenditures very difficult to make. Adverse changes may occur wavering consumer confidence, unemployment, declines in stock markets, contraction of credit availability, declines in real estate values, stagnant economic conditions, increasing nationalism and protectionism, trade tensions and tariff uncertainty, political deadlock, war, social unrest or other factors affecting economic conditions generally. These changes may negatively affect the sales of our products and services and, therefore, may impact our ability to meet our targets for revenue, Adjusted EBITDA and cash from operating activities.

  1. Plurilock's business may suffer if it cannot continue to protect its intellectual property rights

Plurilock's revenue, cost of revenue, and expenses may suffer if Plurilock cannot continue to protect its intellectual property rights, or if third parties assert that Plurilock violates their intellectual property rights. Plurilock and its subsidiaries rely upon patent, copyright, trademark and trade secret laws in the United States and Canada and similar laws in other countries, and agreements with employees, customers, suppliers and other parties, to establish and maintain intellectual property rights in its principal products, amongst other items. PLURILOCK, AURORA and the INTEGRA logos are unregistered trademarks of Plurilock. An unregistered trademark provides its owners with common law rights to prevent another party from representing its goods or services as that of another. The risk of Plurilock using an unregistered trademark in a particular country is that such use risks infringing on the registered or unregistered trademark of another party. Such infringement may result in liability to Plurilock and the loss of use of such trademark.

The industry in which Plurilock competes may include new or existing entrants that own, or claim to own, intellectual property, and Plurilock has received, and may receive in the future, assertions and claims from third parties that the Company's products infringe on their patents or other intellectual property rights.

Litigation has been, and in the future may continue to be, necessary to determine the scope, enforceability, and validity of third-party proprietary rights or to establish Plurilock's proprietary rights.

Any of Plurilock's direct or indirect intellectual property rights could be challenged, invalidated, or circumvented, or such intellectual property rights may not be sufficient to permit Plurilock to take advantage of current market trends or otherwise to provide competitive advantages, which could result in costly or delayed product redesign efforts, discontinuance of certain product offerings, or other competitive harm. Further, the laws of certain countries do not protect proprietary rights to the same extent as the laws of Canada or the United States. Therefore, in certain jurisdictions, Plurilock may be unable to protect its proprietary technology adequately against unauthorized third-party copying or use, which could adversely affect its competitive position. Third parties also may claim that Plurilock or customers or partners indemnified by Plurilock are infringing upon their intellectual property rights. Even if management believes that the claims are without merit, the

Plurilock Security Inc.
June 30, 2025
Page 26

claims can be time-consuming and costly to defend, and divert management's attention and resources away from the business. Claims of intellectual property infringement also might require Plurilock to redesign affected products, enter into costly settlement or license agreements (if such licenses can be obtained on commercially reasonable terms, or at all) or pay costly damage awards, or face a temporary or permanent injunction prohibiting the marketing or selling certain of its products, which could result in Plurilock's business, operating results and financial condition being materially adversely affected.

  1. Plurilock may be unable to obtain patent or other proprietary or statutory protection for new or improved technologies or products

Plurilock's research and development activities and commercial success depend in part upon its ability to develop new or improved technologies and products, and to successfully obtain patent or other proprietary or statutory protection for these technologies and products in Canada, the United States, India and other countries. Plurilock seeks to patent concepts, components, protocols, and other inventions that are considered to have commercial value or that will likely yield a technological advantage. Plurilock owns rights to patented and patent pending technologies in the United States, Canada, India and other countries. Plurilock may not be able to develop new technology that is patentable; new patents may not be issued in connection with Plurilock's pending applications; allowed claims may not be sufficient to protect Plurilock's new technology; and patents may not be obtained by Plurilock in every jurisdiction where Plurilock's products are sold. Furthermore, any patents issued could be challenged, invalidated or circumvented and may not provide proprietary protection or a competitive advantage. New entrants to the field may have been issued patents and may have filed patent applications or may obtain additional patents and proprietary rights for technologies similar to those that Plurilock has made or may make in the future. Since patent applications filed before November 29, 2000 in the United States are maintained in secrecy until issued as patents, and since publication or public awareness of new technologies often lags behind actual discoveries, Plurilock cannot be absolutely certain that it was the first to develop the technology covered by its pending patent applications or that it was the first to file patent applications for the technology. In addition, the disclosure in Plurilock's new patent applications, particularly in respect of the utility of its claimed inventions, may not be sufficient to meet the statutory requirements for patentability in all cases. As a result, there can be no assurance that Plurilock's new patent applications will result in enforceable patents, nor can the breadth of allowed claims in Plurilock's patents, and their enforceability, be predicted. Even if Plurilock's patents are held to be enforceable, others may be able to design around these patents or develop products similar to Plurilock's products that are not within the scope of these patents.

  1. Plurilock's research and development efforts may not be successful

Plurilock believes that it must continue to dedicate a significant amount of resources to its research and development efforts to maintain and develop its solutions and maintain and enhance its competitive position.

Plurilock recognizes the costs associated with these research and development investments earlier than the anticipated benefits, and the return on these investments may be lower, or may develop more slowly, than it expects. If Plurilock spends significant resources on research & development and is unable to generate an adequate return on its investment, its business, financial condition and results of operations may be materially and adversely affected.

  1. Plurilock's software may contain errors, vulnerabilities, or defects

The software technology enabling Plurilock's software services is complex and the related application software may contain errors, vulnerabilities or defects, especially when upgrades or new versions are released. Any errors or vulnerabilities that are discovered after commercial release could result in loss of revenues or delay in market acceptance, diversion of development resources, damage to Plurilock's reputation, increased service and warranty costs, liability claims and its end customers' unwillingness to buy products from Plurilock. In addition, it is possible that Plurilock's product, vendor supply chain or externally sourced technology may become the subject of a third-party attack or disruption, whether malicious or otherwise. This could detrimentally affect the persistence of Plurilock's technology, which could have a material adverse effect on its business.

Plurilock Security Inc.
June 30, 2025
Page 27

  1. Uncertainty of Liquidity and Sourcing Capital Requirements

The future capital requirements of the Company will depend on many factors, including the number and size of acquisitions consummated, rate of growth of its customer base, the costs of expanding into new markets, the growth of the market for cybersecurity services and the costs of administration. In order to meet such capital requirements, the Company may consider additional public or private financing (including the incurrence of debt and the issuance of additional common shares) to fund all or a part of a particular venture, which could entail dilution of current investors' interest in the Company. There can be no assurance that additional funding will be available or, if available, that it will be available on acceptable terms. If adequate funds are not available, the Company may have to reduce substantially or otherwise eliminate certain expenditures. There can be no assurance that the Company will be able to raise additional capital if its capital resources are depleted or exhausted. Further, due to regulatory impediments and lack of investor appetite, the ability of the Company to issue additional common shares or other securities exchangeable for or convertible into common shares to finance acquisitions may be restricted.

  1. Directors and officers of Plurilock may be subject to conflicts of interest

Plurilock is subject to various potential conflicts of interest because of the fact that some of its officers and directors are engaged in a range of business activities. In addition, Plurilock's executive officers and directors may devote time to their outside business interests, so long as such activities do not materially or adversely interfere with their duties to Plurilock. In some cases, Plurilock's executive officers and directors may have fiduciary obligations associated with these business interests that interfere with their ability to devote time to Plurilock's business and affairs and that could adversely affect Plurilock's operations. These business interests could require significant time and attention of Plurilock's executive officers and directors.

In addition, Plurilock may also become involved in other transactions which conflict with the interests of its directors and the officers who may from time-to-time deal with persons, firms, institutions or corporations with which Plurilock may be dealing, or which may be seeking investments similar to those desired by it. The interests of these persons could conflict with those of Plurilock. In addition, from time to time, these persons may be competing with Plurilock for available investment opportunities. Conflicts of interest, if any, will be subject to the procedures and remedies provided under the Business Corporations Act (British Columbia).

  1. Dependence on Distribution Channels

Plurilock's product and sales strategies include its ability to partner with successful distribution partners. The Company's products may compete with other solutions developed and/or marketed by another distribution partner or otherwise lose favour with these partners.

Its distribution partners may also cease or reduce marketing its products with limited or no notice and with little or no penalty. New distribution partners require extensive training and may take several months or more to achieve productivity. If any of its distribution partners elect to sell competing products, this could have a material adverse effect on the Company's business, operating results, and financial condition. In addition, if any of its distribution partners cease or reduce marketing our solutions and/or the Company fails to manage these important sales and distribution channels effectively, Plurilock may have to change its sales strategies, which could have a material adverse effect on its business, operating results, and financial condition.

  1. The Company relies on third parties to provide some of its services and its business will be harmed if it is unable to provide these services in a cost-effective manner

The Company relies heavily on third parties such as cloud computing service vendors and partners to provide some of its services. If these third parties were unable or unwilling to provide these services in the future, or if these third parties are ineffective at providing services, the Company would need to obtain such services from other providers. This could cause the Company to incur additional costs or cause interruptions in its business until these services are replaced.

  1. Growing stringent regulations and compliance requirements

Regulatory bodies are increasing cybersecurity requirements, and cybersecurity practices are therefore becoming a board-level fiduciary and legal concern. Evidence for this can be seen in the proliferation of standards and regulations, including the General Data Protection Regulation, the Payment Card Industry Data Security Standard, the Health Insurance Portability and Accountability Act ("HIPPA"), the Federal Information Security Management Act, and the Gramm-Leach-Bliley Act,

Plurilock Security Inc.
June 30, 2025
Page 28

amongst others. As requirements grow, the use of point solutions and hotfixes to maintain near-term compliance is also increasing, causing intractable complexity, high maintainability costs, and unforeseen knock-on vulnerabilities.

As a result, there is growing enterprise demand for risk-based authentication solutions, common, extensible infrastructures to support compliance regimes, and the collection of more sophisticated and timely security intelligence. As a result, Plurilock's business operates in an environment in which government regulations and funding play a key role. Any change in governmental regulation and licensing requirements or their interpretation and application, which are beyond the Company's control, could adversely affect the business, financial condition, and results of operations of the business. In addition, the Company could incur significant costs in the course of complying with any changes in the regulatory regime. Non-compliance with any existing or proposed laws or regulations could result in audits, civil or regulatory proceedings, fines, penalties, injunctions, recalls or seizures, any of which could adversely affect the reputation, operations, or financial performance of the Company.

20. Ethical Business Conduct

Any failure of Plurilock to adhere to its corporate governance or business policies, the law or ethical business practices could significantly affect its reputation and brands and could therefore negatively impact the Company's financial performance. The Company's framework for managing ethical business conduct includes the adoption of a Code of Business Conduct and Ethics which directors, employees, advisors and consultants of the Company are required to acknowledge and agree to. As well, as part of an independent audit and security function the Company maintains a whistle blowing hotline. There can be no assurance that these measures will be effective to prevent violations of law or ethical business practices.

21. Confidentiality & Privacy of Information

The Company's staff may have access, in the course of their duties, to certain information of the Company's customers. Although, all staff are required to sign confidentiality agreements, there can be no assurance that the Company's existing policies, procedures and systems will be enough to address the privacy concerns of existing and future customers. If a customer's privacy is violated, or if the Company is found to have violated any law or regulation, it could be liable for damages or for criminal fines or penalties.

22. The Company Needs to Comply with Financial Reporting and Other Requirements as a Public Company

The Company is subject to reporting and other obligations under applicable Canadian & US securities laws, as well as TSXV (including National Instrument 52-109) & OTC rules. These reporting and other obligations place significant demands on the Company's management, administrative, operational, and accounting resources. Moreover, any failure to maintain effective internal controls could cause the Company to fail to meet its reporting obligations or result in material misstatements in its consolidated financial statements. If the Company cannot provide reliable financial reports or prevent fraud, its reputation and operating results could be materially harmed, which could also cause investors to lose confidence in the Company's reported financial information, which could result in a lower trading price of its securities. Management does not expect that Company's disclosure controls and procedures and internal controls over financial reporting will prevent all error and all fraud. A control system, no matter how well designed and implemented, can provide only reasonable assurance that its objectives will be met. Further, the design of a control system must reflect the fact that there are resource constraints, and the benefits of controls must be considered relative to their costs. Due to the inherent limitations in all control systems, no evaluation of controls can provide Plurilock assurance that all control issues within a company are detected. The inherent limitations include the realities that judgements in decision-making can be faulty, and that breakdowns can occur because of simple errors or mistakes. Controls can also be circumvented by individual acts of some persons, by collusion of two or more people or by management override of the controls. Due to the inherent limitations in a cost-effective control system, misstatements due to error or fraud may occur and not be detected.

23. Plurilock has limited operating history

Prior to the QT, Plurilock was a CPC and as a result has not commenced commercial operations and has no assets other than cash. Following the QT, Plurilock adopted the business of PL. PL began carrying on business in 2008 and has been incurring operating losses and cash flow deficits since inception. Plurilock is therefore subject to many of the risks common to early-stage enterprises, including under-capitalization, cash shortages, and limitations with respect to personnel, financial, and other resources.

There is no assurance that Plurilock will be successful, and the likelihood of success must be considered in light of its early stage of operations. The majority of Plurilock's revenues are generated from a few customers. If economic or other factors were to change and thus impact these customers or the market, then the revenues of Plurilock would be negatively

Plurilock Security Inc.
June 30, 2025
Page 29

impacted. To the extent Plurilock has negative operating cash flow in future periods, it may need to allocate a portion of its cash reserves to fund such operating cash flow. Plurilock may also be required to raise additional funds through the issuance of equity or debt securities. There can be no assurance that Plurilock will be able to generate a positive cash flow from operations, that additional capital or other types of financing will be available when needed, or that such financings will be on favourable terms.

24. Damage to Plurilock's brand may harm its results

Plurilock's business depends on its strong reputation. Anything that harms Plurilock's reputation will likely harm its results. As a provider of temporary and permanent staffing, Plurilock's reputation is dependent, in part, on the performance of its employees. If Plurilock's clients become dissatisfied with the performance of Plurilock's employees, or if any of Plurilock's employees engage in or are believed to have engaged in conduct that is harmful to Plurilock's clients, Plurilock's ability to retain existing clients and maintain or expand its client base may be negatively affected. Plurilock's ability to attract suitable candidates to fulfil both temporary and permanent positions is also affected by the external perception of its brand and reputation.

Damage to Plurilock's reputation can be the result of the actual or perceived occurrence of any number of events and could include any negative publicity, whether true or not. Although Plurilock operates in a manner that is respectful to all stakeholders and that takes care in protecting its image and reputation, Plurilock does not ultimately have direct control over how it is perceived by others.

Reputational damage could negatively affect its ability to attract and retain employees, decreased shareholder confidence, increased challenges in maintaining relationships with prospective clients and other industry participants, and an impediment to its ability to execute its business plan, thereby having a material adverse impact on financial performance, financial condition, cash flows and growth prospects.

25. Plurilock faces fluctuating foreign exchange rates

Plurilock's reporting and functional currency is the Canadian dollar. However, a significant portion of operating expenses is denominated in U.S. dollars. As a result, Plurilock is exposed to fluctuations in the U.S. dollar exchange rate for which it has not entered into foreign exchange hedges. Currency markets by their nature are volatile and have seen recent increased volatility. A significant appreciation of the Canadian dollar relative to the U.S. dollar could materially impact the profitability of Plurilock. In addition, Plurilock will be exposed to greater foreign exchange risk from other countries as its operations, and its operating expenses, expand in foreign jurisdictions.

26. The price of the Company's common shares may be volatile

The price of the Common Shares may be volatile and subject to wide fluctuations because of a variety of factors, many of which are beyond Plurilock's control including the following:

  • actual or anticipated quarterly fluctuations in its operating results and financial condition;
  • changes in financial estimates or publication of research reports and recommendations by financial analysts;
  • reports in the press or investment community generally or relating to Plurilock's reputation or the industry in which it operates;
  • strategic actions by Plurilock or its competitors, such as acquisitions, restructurings, dispositions, or financings;
  • fluctuations in the stock price and operating results of Plurilock's competitors;
  • future sales of Plurilock's equity or equity-related securities;
  • proposed or adopted regulatory changes or developments;
  • domestic and international economic & political factors unrelated to Plurilock's performance; and general market conditions.

Financial markets have recently experienced significant price and volume fluctuations that have particularly affected the market prices of equity securities of companies and that have often been unrelated to the operating performance, underlying asset values, or prospects of such companies. Accordingly, the market price of the Company's common shares may decline

Plurilock Security Inc.
June 30, 2025
Page 30

even if Plurilock’s operating results, underlying asset values or prospects have not changed. There can be no assurance that continuing fluctuations in price and volume will not occur.

  1. The market price of the common shares may decline due to the large number of convertible securities issued and outstanding common shares eligible for future sale

Sales of substantial amounts of Common Shares in the public market, or the perception that these sales could occur, could cause the market price of the Company’s common shares to decline. These sales could also make it more difficult for Plurilock to sell equity or equity-related securities in the future at a time and price that it deems appropriate.

  1. Plurilock may be subject to litigation

Plurilock may become party to litigation, either as plaintiff or defendant, from time to time in the ordinary course of business including but not limited to actions related to Plurilock’s commercial relationships, employment matters, and services delivered. Such matters include both actual and threatened claims. Should any litigation in which Plurilock becomes involved be determined against Plurilock, such a decision could adversely affect Plurilock’s ability to continue operating, and the market price for the Common Shares. Even if Plurilock is successful in litigation, litigation can redirect significant company resources.

  1. Risks related to Plurilock’s foreign operations

Plurilock intends to continue to pursue and commit resources to growth opportunities beyond North America which could result in international sales accounting for an increasing portion of Plurilock’s consolidated revenues. Plurilock will be subject to a number of risks associated with international business activities that may increase liability or costs, lengthen sales and/or product development cycles, or require significant management attention. International operations carry certain risks and associated costs, such as: the complexities and expense of administering a business abroad; complications in compliance with, and unexpected changes in legal and regulatory restrictions or requirements; foreign laws, international import and export legislation; trading and investment policies; economic and political instability; foreign currency fluctuations; exchange controls; increased nationalism and protectionism; tariffs and other trade barriers; difficulties in collecting accounts receivable; potential adverse tax consequences; uncertainties of laws and enforcement relating to intellectual property and privacy rights; unauthorized copying of software; difficulty in managing a geographically dispersed workforce in compliance with diverse local laws and customs; potential governmental expropriation (especially in countries with undemocratic/authoritarian ruling parties); and other factors depending upon the country involved. There can be no assurance that Plurilock will not experience these risks in the future. If foreign operations expand to the point where they account for a significant portion of Plurilock’s consolidated revenues, the presence of such risks could have a material adverse effect on Plurilock’s business, financial condition, and results of operations.

  1. Lenders may penalize or otherwise act against Plurilock if it is unable to meet its obligations under financial instruments

Plurilock’s ability to continue its operations is dependent upon the continued support of its shareholders, its ability to obtain additional financing as and when required and generating revenue. Currently, Plurilock’s revenues combined with its financing activities provide enough resources to fund its obligations as they come due.

  1. Plurilock does not anticipate paying dividends on the Common Shares

Plurilock has not previously paid any dividends and does not anticipate paying any dividends in the foreseeable future. Dividends paid by Plurilock would be subject to tax and, potentially, withholdings. Any decision to declare and pay dividends in the future will be made at the discretion of the Board and will depend on, among other things, financial results, cash requirements, contractual restrictions, and other factors that the Board may deem relevant. As a result, investors may not receive any return on an investment in Common Shares, other than an appreciation in share price.

  1. Management has discretion concerning unallocated funds

Management will have discretion concerning the use and allocation of Plurilock’s available funds as well as the timing of

Plurilock Security Inc.
June 30, 2025
Page 31

their expenditure. As a result, shareholders will be relying on the judgement of management for the application of the available funds. The results and the effectiveness of the application of the funds are uncertain. If Plurilock’s cash reserves are not applied effectively, Plurilock’s results of operations may suffer.

  1. Plurilock may issue additional equity securities or engage in other transactions that could dilute its book value or affect the priority of the Company’s common shares, which may adversely affect the market price of the Company’s common shares

The Board may determine from time to time that it needs to raise additional capital by issuing additional Company common shares or other securities. Except as otherwise described in this document, Plurilock will not be restricted from issuing additional common shares, including securities that are convertible into or exchangeable for, or that represent the right to receive, the Company’s common shares. Because Plurilock’s decision to issue securities in any future offering will depend on market conditions and other factors beyond Plurilock’s control, it cannot predict or estimate the amount, timing, or nature of any future offerings, or the prices at which such offerings may be affected. Additional equity offerings may dilute the holdings of Plurilock’s existing shareholders or reduce the market price of the Common Shares, or both. Holders of the Company’s common shares are not entitled to pre-emptive rights or other protections against dilution. New investors also may have rights, preferences and privileges that are senior to, and that adversely affect, Plurilock’s then-current holders of the Company’s common shares. Additionally, if Plurilock raises additional capital by making offerings of debt or preference shares, upon liquidation of Plurilock, holders of its debt securities and preference shares, and lenders with respect to other borrowings, may receive distributions of its available assets before the holders of the Company common shares.

  1. Plurilock is a holding company with its only material assets being direct or indirect ownership of PL, PLUS, PSP, INC and ASC

Plurilock is a holding company and essentially all of its assets are the capital stock of its subsidiaries. Consequently, Plurilock’s cash flows and ability to leverage future business opportunities are dependent on the earnings of its subsidiaries and the distribution of those earnings to Plurilock. The ability of its subsidiaries to pay dividends and other distributions will depend on their operating results and will be subject to applicable laws and regulations which require that solvency and capital standards be maintained by such companies and contractual restrictions contained in the instruments governing their debt, if any.

In the event of a bankruptcy, liquidation, or reorganization of any of its subsidiaries, holders of indebtedness and trade creditors will generally be entitled to payment of their claims from the assets of those subsidiaries before any assets are made available for distribution to Plurilock.

  1. Income tax related risks

Significant judgement is required in determining Plurilock’s provision for income taxes. Various internal and external factors may have favourable or unfavourable effects on Plurilock’s future provision for income taxes, income taxes payable and/or effective income tax rate. These factors include but are not limited to: changes in tax laws, regulations and/or rates; results of audits by tax authorities; changing interpretations of existing tax laws or regulations; changes in estimates of prior years’ items; future levels of R&D spending; changes in the overall mix of income among the different jurisdictions in which Plurilock operates; and changes in overall levels of income before taxes. To the extent that the taxation authorities do not agree with Plurilock’s tax positions, Plurilock may not be able to realize all, or a portion of the tax benefits recognized. Furthermore, new accounting pronouncements or new interpretations of existing accounting pronouncements can have a material impact on Plurilock’s effective income tax rate. Plurilock and its subsidiaries file income tax returns and pay income taxes in jurisdictions where Plurilock believes it is subject to tax. In jurisdictions in which Plurilock and its subsidiaries do not believe they are subject to tax and therefore do not file income tax returns, Plurilock can provide no certainty that tax authorities in those jurisdictions will not subject one or more tax years (since inception of Plurilock or its subsidiaries) to examination. Tax examinations are often complex as tax authorities may disagree with the treatment of items reported by Plurilock, the result of which could have a material adverse effect on Plurilock’s financial condition and results of operations.

In addition, in response to significant market volatility and disruptions to business operations resulting from COVID-19, legislatures and taxing authorities in many jurisdictions in which Plurilock operates may propose changes to their tax rules.

Plurilock Security Inc.
June 30, 2025
Page 32

These changes could include modifications that have temporary effect, and more permanent changes. The impact of these potential new rules on Plurilock, its long-term tax planning, and its tax effective tax rate could be material.

  1. Plurilock’s business could be disrupted because of actions of certain shareholders or potential acquirers of Plurilock

If any of the holders of Common Shares commence a proxy contest, advocate for change that is not necessarily in the best interests of Plurilock and all of its stakeholders, make public statements critical of Plurilock’s performance or business, or engage in other similar activities, or if Plurilock becomes subject to a potential acquisition target, then Plurilock’s business could be adversely affected because Plurilock may have difficulty attracting and retaining employees and clients due to perceived uncertainties as to its future direction and negative public statements about its business. In addition, responding to proxy contests and other similar actions by shareholders is likely to result in Plurilock incurring substantial additional costs and significantly diverting the attention of management and employees; and, if individuals are elected to the Board with a specific agenda, the execution of Plurilock’s strategic plan may be disrupted or a new strategic plan altogether may be implemented, which could have a material adverse impact on its business, financial condition or results of operations. Further, any of these matters or any such actions by shareholders may impact and result in volatility of the price of the Company’s common shares.

  1. Plurilock’s reliance on copyrights, trademarks, trade secrets, confidentiality procedures and similar contractual provisions

In addition to patents, Plurilock relies on, among other things, copyrights, trademarks, trade secrets, confidentiality procedures and contractual provisions to protect its proprietary rights in Canada, the United States, and other countries.

As a result, it is possible that the following may occur: some or all of the confidentiality agreements entered into by Plurilock with its employees, consultants, business partners, customers, potential customers and other third parties will not be honoured; third parties will independently develop equivalent technology or misappropriate Plurilock’s technology and/or designs; disputes will arise with Plurilock’s strategic partners, customers or others concerning the ownership of intellectual property; there may occur an unauthorized disclosure of source code, know-how or trade secrets; or contractual provisions may not be enforced in foreign jurisdictions. There can be no assurance that Plurilock will be successful in protecting its proprietary rights in Canada, the United States, and other countries.

  1. Plurilock’s Federal government business is subject to direct action from the current and future administrations

Plurilock relies on stability in the Federal government processes. A disruption to the federal government buying process could have a negative impact to Plurilock’s Federal government business.

  1. Other Risks

There can be no assurance that an active and liquid market for the Company’s common shares will develop, and investors may find it difficult to resell the common shares.

More from Plurilock Security Inc.

Regulatory Filings 2026
May 21
Proxy Solicitation & Information Statement 2026
May 16
Regulatory Filings 2026
May 13
Regulatory Filings 2026
May 13
Regulatory Filings 2026
May 13
Regulatory Filings 2026
May 13
Regulatory Filings 2026
May 12
Regulatory Filings 2026
May 7
Regulatory Filings 2026
May 6
Regulatory Filings 2026
May 6
View all filings →