McAfee Inc 10-K 2008
Documents found in this filing:
UNITED STATES SECURITIES AND EXCHANGE COMMISSION
Washington, D.C. 20549
Commission File Number: 001-31216
Registrants telephone number, including area code:
Securities registered pursuant to Section 12(b) of the Act:
Securities registered pursuant to Section 12(g) of the Act:
Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act. Yes o No þ
Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the Act. Yes o No þ
Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes þ No o
Indicate by check mark if disclosure of delinquent filers pursuant to Item 405 of Regulation S-K is not contained herein, and will not be contained, to the best of the registrants knowledge, in definitive proxy or information statements incorporated by reference in Part III of this Form 10-K or any amendment to this Form 10-K. o
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, or a smaller reporting company. See the definitions of large accelerated filer, accelerated filer and smaller reporting company in Rule 12b-2 of the Exchange Act. (Check one):
Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act). Yes o No þ
The aggregate market value of the voting stock held by non-affiliates of the issuer as of the last business day of the Registrants most recently completed second fiscal quarter (June 30, 2007) was approximately $5.6 billion. As of February 21, 2008, Registrant had outstanding approximately 162.3 million shares of common stock.
Portions of the definitive Proxy Statement to be delivered to stockholders in connection with our 2008 Annual Meeting of Stockholders are incorporated by reference in Part III herein.
TABLE OF CONTENTS
This Annual Report on Form 10-K contains forward-looking statements that involve risks and uncertainties. All forward-looking statements included in this Annual Report on Form 10-K are based on information available to us on the date of this report. These statements involve known and unknown risks, uncertainties and other factors, which may cause our actual results to differ materially from those implied by the forward-looking statements. Although we believe that the expectations reflected in the forward-looking statements are reasonable, we cannot guarantee future results, levels of activity, performance or achievements. Therefore, actual results may differ materially and adversely from those expressed in any forward-looking statements. Neither we nor any other person can assume responsibility for the accuracy and completeness of forward-looking statements. Important factors that may cause actual results to differ from expectations include, but are not limited to, those discussed in Item 1A, Risk Factors as well as in Item 1, Business and Item 7, Managements Discussion and Analysis of Financial Condition and Results of Operations in this Annual Report on Form 10-K. We undertake no obligation to revise or update publicly any forward-looking statements for any reason.
These statements include, without limitation, statements regarding our expectations, beliefs, intentions or strategies regarding the future. Forward-looking statements in the Report include, but are not limited to, statements about the following matters:
In some cases, you can identify other forward-looking statements in the Report by terminology such as may, should, could, expects, plans, anticipates, believes, estimates, predicts, potential, targets, goals, projects, continue, or variations of such words, similar expressions, or the negative of these terms or other comparable terminology.
This report includes registered trademarks and trade names of McAfee and other corporations. Trademarks or trade names owned by McAfee and/or its affiliates include, but are not limited to: McAfee, Network Associates, ePolicy Orchestrator, VirusScan, IntruShield, Entercept, Foundstone, McAfee SiteAdvisor, Avert, Preventsys, Hercules, Citadel, Policy Enforcer, Total Protection, AntiSpyware, SecurityAlliance, McAfee Security, Onigma, SafeBoot, ScanAlert and HACKERSAFE.
We are a leading dedicated security technology company that secures systems and networks from known and unknown threats around the world. We empower home users, businesses, government agencies, service providers and our partners with the ability to block attacks, prevent disruptions, and continuously track and improve their security.
Security has emerged as one of the most critical concerns facing businesses and consumers. Security breaches have risen dramatically in the past few years, fueled in part by the proliferation of mobile devices such as laptop computers, cell phones and smart phones with email and web-surfing capabilities. For corporations, the increasing frequency of security breaches has coincided with expanding regulatory compliance requirements relating to security and more specifically, to privacy. Failure to comply with these requirements, and with the requirements of internal security policies and procedures, creates an additional level of enterprise risk. For consumers, online fraud and security concerns increasingly discourages customers from transacting online for example, visiting and purchasing from e-commerce sites, using online banking services and preparing taxes online. All of these trends point toward a growing demand for effective security solutions.
We apply business discipline and a pragmatic approach to security that is based on four principles of security risk management: (i) identify and prioritize assets, (ii) determine acceptable risk, (iii) protect against threats and (iv) enforce and measure compliance. We incorporate some or all of these principles into our solutions. Our solutions protect systems and networks by blocking immediate threats while proactively providing protection from future threats. We also provide software to manage and enforce security policies for organizations of any size. Finally, we incorporate McAfee Expert Services, Foundstone services and technical support to ensure a solution is actively meeting our customers needs. These integrated solutions help our customers solve problems, enhance security and reduce costs.
We have designed a strategy that focuses on the following business objectives:
Our threat protection products address security in three key areas:
Endpoint Protection. This encompasses security solutions for corporate computer systems, including servers, desktop and laptop computers, handheld voice and data phones, and other devices that are the entry and exit points for corporate systems and networks.
Data Protection. This refers to security measures for data residing on various devices that prevent data loss through unauthorized transmission or distribution and protect the data through encryption if the device on which it resides is lost or stolen.
Network Protection. Products in this area apply to internal corporate networks and provide the same type of security measures that endpoint protection provides for servers, laptops and other devices. Network protection also encompasses email and web protection, which encompasses spam filters, virus, spyware and worm protection for email servers and products that block malicious web sites.
Each of our threat protection offerings is backed by McAfee Avert Labs, a leading global threat research organization. A substantial majority of our net revenue has historically been derived from our threat protection solutions, in particular the system security products now represented in McAfee Total Protection Solutions.
Our flagship business offering for system security is McAfee Total Protection Solutions. A single solution with a single management console, McAfee Total Protection reduces the complexity of managing enterprise security and offers comprehensive protection against spyware, viruses, worms, spam, and intrusions, and incorporates centralized management and scalable network access control. This integrated approach enables organizations to proactively block known and unknown attacks and supports business continuity by controlling non-compliant endpoints. McAfee Total Protection is available as a licensed offering or in a software-as-a-service model. With our SiteAdvisor product, we offer unique web security as part of our McAfee Total Protection Solutions.
Our consumer products are also based on our global protection technology and use McAfee Avert Labs research to provide our customers with online threat updates and up-to-date protection within our products.
Our network protection offerings help enterprises, small businesses, government agencies, educational organizations and service providers maximize the availability, performance and security of their network infrastructure. Our network protection solutions defend against network worms, intrusions, denial-of-service and other network-borne threats. Our messaging and web security offerings provide gateway defense at an organizations perimeter for systems such as web servers and email servers.
Our compliance solutions can identify and resolve security policy and regulatory issues in a measurable and sustainable manner. McAfees compliance management portfolio offerings can help ensure security compliance objectives are met across an organization from the identification of security risks to the enforcement of security policies and audit against increasing security regulations. McAfees network access control solution, McAfee NAC, supports internal security policies by preventing non-compliant personal computers from connecting to the internal network. Our McAfee Vulnerability Manager offering assesses and prioritizes risks from vulnerabilities and threats and can be integrated with our McAfee Risk and Compliance Manager, the McAfee Policy Auditor and McAfee Remediation Manager to provide advanced risk mitigation, further assisting regulatory compliance. Data loss prevention capabilities, as well as security policy compliance plus automated vulnerability remediation (e.g. patch management) capabilities are also part of the compliance management portfolio. Data Loss Prevention represents an exciting new technology addressing an increasingly visible problem shared by many companies. The combination of our data protection solutions with the encryption technology we acquired with our acquisition of SafeBoot Holding B.V. in November 2007 creates a leading data protection solution. Our solutions help customers secure their data whether it is data-at-rest, data-in-use or data-in-motion.
Our offering, McAfee ePolicy Orchestrator, is the unified security management platform that links our protection and compliance capabilities and provides our customers with centralized policy management, a common endpoint agent, efficient deployment and administration processes. Generally, our protection and compliance capabilities contained in the McAfee Total Protection Solutions are integrated with our McAfee ePolicy Orchestrator.
Our mobile security offerings proactively protect mobile operators and their users by safeguarding mobile networks, terminals, applications and content. Our mobile security offerings limit the spread of mobile malware, inappropriate content, and unsolicited messaging. In addition, these offerings lessen negative brand impact,
recovery costs, customer service issues and revenue disruption while enabling future operator strategies such as mobile payments, location-based services and mobile advertising. Our approach enables mobile network operators to assess global and local risks, protect their network and devices, and recover from attacks to their environment.
SiteAdvisors innovative technology provides color-coded safety ratings for web sites accessed through a browser or through links in emails and instant messages. It helps protect internet users from a broad range of security threats including spyware, spam and identity theft scams.
The basic version of SiteAdvisor is currently free. SiteAdvisor is included as a feature in each of our consumer product suites worldwide. SiteAdvisor was introduced into certain of our enterprise security solutions in 2007. SiteAdvisor Plus is a paid version of SiteAdvisor that contains additional premium features.
Our McAfee Solution Services and McAfee Technical Support provide professional assistance in the design, installation, configuration and support of our customers products. We offer a range of consulting and educational services under both the McAfee and Foundstone banners.
Our McAfee Solution Services provide product design and deployment support with an array of standard and custom offerings. This service offering is organized around our major product groupings and also offers a range of classroom education courses designed to assist customers and partners in their deployment and operation of our products. Services are also available to help our customers plan for upgrades or enhancements of security infrastructure, and to respond to serious security outbreaks.
Our Foundstone Professional Services include (i) threat modeling to identify potential software security problems, (ii) security assessments and (iii) education. Foundstone Professional Services assist clients in the early assessment, design, and enhancement of their security and risk architectures. The Foundstone Security Practice advises government and commercial organizations on the most effective countermeasures required to meet business and legislative policies for security and privacy. Foundstone Education provides range of classroom-based training and education courses.
McAfee Technical Support provides our customers online, telephone-based, and on-site technical support in an effort to ensure that our products are installed and working properly. Our support offerings include Gold, Gold Select, Platinum, and Platinum Select, providing varying levels of support for single consumers up through the largest organizations. All technical support programs include regular software updates and upgrades, and are available to customers worldwide from various regional support centers.
We have enhanced our support capabilities through our McAfee Virtual Technician (MVT), which provides automated online troubleshooting and assistance. MVT enables a growing percentage of customers to obtain the necessary assistance and resolution quickly, directly, and exclusively online solving their problems and increasing satisfaction while lowering our operating costs.
The market for computer software has low barriers to entry, is subject to rapid technological change, and is highly competitive with respect to timely product introductions. We believe that our ability to maintain our competitiveness depends in large part upon our ability to develop, acquire, integrate, and launch new products and solutions, and to enhance existing offerings.
Our research and development efforts support all of our offerings. They refine our security risk management processes, improve our product design and usability, and keep us on the forefront of threat research. Most importantly, our research helps ensure that our customers are protected.
In addition to developing new offerings and solutions, our development staff also focuses on upgrades and updates to existing products and on enhancement and integration of acquired technology. Future upgrades and
updates may include additional functionality to respond to market needs, while also assuring compatibility with new systems and technologies.
We are committed to researching malicious code and vulnerability through our McAfee Avert Labs organization. McAfee Avert Labs conducts research in the areas of host intrusion prevention, network intrusion prevention, wireless intrusion prevention, malicious code defense, security policy and management, high-performance assurance and forensics and threats, attacks, vulnerabilities and architectures.
For 2007, 2006 and 2005, we expensed $217.9 million, $193.4 million, $176.4 million, respectively, on research and development.
As part of our growth strategy, we have also made and expect to continue to make acquisitions of, or investments in, complementary businesses, products and technologies. See Note 3 to our consolidated financial statements included elsewhere in this report for more information about our recent business combination activities.
We have one business and operate in one industry segment: developing, marketing, distributing and supporting computer security solutions for large enterprises, governments, small and medium-sized businesses and individual consumers through a network of qualified partners and other distribution models. We conduct business in five geographic regions: North America; Europe, Middle East and Africa, collectively referred to as EMEA; Japan; Asia-Pacific, excluding Japan; and Latin America. For financial information about foreign and domestic operations, see Note 18 to our consolidated financial statements included elsewhere in this report.
We market our business solutions and offerings to commercial and government customers through resellers and distributors. Our two largest distributors, Ingram Micro Inc. and Tech Data Corp., together accounted for 24% of our net revenue in 2007.
We market our consumer solutions and offerings to individual consumers directly through online distribution methods and indirectly through traditional distribution channels, such as retail and original equipment manufacturers (OEMs). Our McAfee consumer business is responsible for online distribution of our products sold to individual consumers over the internet, including products distributed by our online partners, and for licensing of technology to strategic distribution partners for sale to individual consumers, with certain exceptions.
We derive our revenue from three sources: (i) service and support revenue, which includes maintenance, training and consulting revenue; (ii) subscription revenue, which consists of revenue from customers who purchase licenses for products for the term of the subscription; and (iii) product revenue, which includes revenue from perpetual licenses (those with a one-time license fee) and from hardware sales. Service and support revenue accounted for 52% of net revenue in 2007, subscription revenue accounted for 42% and product revenue accounted for 6% of net revenue.
We typically license our software products to corporate and government customers using our perpetual-plus licensing arrangements, which provide a perpetual license coupled with an initial support period of one year. We also sell perpetual licenses in connection with sales of our hardware-based products in which software is bundled with the hardware platform. Most of our licenses are sold with renewable annual maintenance contracts.
For our online subscription services, customers rent or subscribe to use our security services for a defined period of time by downloading our software to their personal computers. Some products or product features are also available under a software as a service model (SaaS), under which we offer our software applications to customers for their use over the Internet. This allows customers to purchase and use applications and modules on a subscription basis, without the need for individual client installations or additional maintenance costs. Because our
online subscription services and our SaaS offerings are versionless, or self-updating, customers subscribing to these services can use the most recent version of the software without having to purchase product updates or upgrades. Our online subscription consumer products and services are found at our web site (www.mcafee.com) where customers download our applications. These enable customers to detect and eliminate viruses on personal computers (PCs), repair PCs from damage caused by some viruses, and optimize hard drives. Our web site offers McAfee SiteAdvisor as a free download and offers McAfee SiteAdvisor Plus, McAfee Virus Scan Plus, McAfee Internet Security Suites and McAfee Total Protection Solutions for customers to purchase. We acquired ScanAlert in January 2008 and plan to integrate this technology with SiteAdvisor.
Our online subscription services are available to customers and small business through various channel relationships with internet service providers (ISPs), such as AOL and Comcast, and also available through OEMs, such as Dell. ISPs offer McAfee subscription services as either a standard feature included in their service, or as a premium service.
We also make our online subscription products and services available over the internet as a managed environment. Unlike our online subscription service solutions, these managed service provider (MSP) solutions are customized, monitored and updated by networking professionals for a specific customer.
Our North American sales force is organized by product offerings and customer type. A subset of our sales representatives focus on renewing the McAfee systems security installed base, while a larger group focuses on our full offering of Security Risk Management products and upgrades. Small business customers are served primarily through our reseller partners with a channel marketing organization assisting with lead generation, and a channel support team responsible for partner training and support. Although members of our sales team are an integral part of the sales process, almost all ordering and fulfillment for our commercial customers is handled by our distribution partners.
Outside of North America, we have sales and support operations in EMEA, Japan, Asia-Pacific, and Latin America. In 2007, 2006, and 2005, net revenue outside of North America accounted for 48%, 45% and 43% of our net revenue, respectively. We expect that net revenue from operations outside of North America will continue to increase as a percentage of total revenue over the next few years. Within our global geographies, our sales resources are organized by country, and the larger markets may further allocate their sales resources by McAfee product line and/or customer segments. As in North America, almost all ordering and fulfillment is handled by our distribution partners.
Substantially all of our sales come through our network of resellers, distributors and retailers. The McAfee SecurityAlliance Global Partner Program is a global marketing and sales enablement program designed to meet the needs of our reseller partners in supporting end-user customers. We currently utilize corporate resellers, including ASAP Software, Inc., CDW Corporation, Computacenter PLC, Dell Inc., Dimension Data, Insight Enterprises, Inc., Softmart, Inc., Software House International, Softchoice Corporation and others, as well as network and systems integrators who offer our solutions to corporate, small and medium-business and government customers.
Independent software distributors who currently supply our products include Ingram Micro Inc., Tech Data Corporation, Avnet, Inc. and MOCA. These distributors supply our products primarily to large retailers, value-added resellers (VARs), mail order and telemarketing companies. We also sell our retail packaged products through several of the larger computer and software retailers as well as broader-based retailers, including Frys, Office Depot, Best Buy, Wal-Mart, Costco and Yamada. McAfee marketing and sales teams work closely with our major reseller and distributor accounts to manage demand generating activities, training, order flow and affiliate relationships.
Our top ten distributors typically account for 35% to 65% of our net revenue on an annual basis. Our agreements with our distributors are not exclusive and may be terminated by either party without cause. Terminated distributors may not continue to sell our products. If one of our significant distributors terminated its relationship with us, we could experience a significant disruption in the distribution of our products and a decline in our net revenue.
We use a sell-through revenue recognition model for distributors, under which we recognize revenue at the time our distributors sell the products to their customers. Under this model, our distributors are permitted to purchase software licenses from us at the same time they fill customer orders and to pay for hardware and retail products only when they sell these products to their customers. In addition, prior to selling our products to their customers, our distributors are permitted rights of return subject to varying limitations. After a distributor sells a product to its customer, the distributor generally has no right to return the product to us, unless we approve the return from the final customer to the distributor.
Our channel efforts include strategic alliances with complimentary manufacturers to expand our reach and scale. OEMs and ISPs license our products for resale to end users or inclusion with their products. Strategic channel partners include AOL, AT&T, Cable and Wireless PLC, Comcast Corporation, Dell, Inc., Telecom Italia S.p.A., Toshiba, and Telefonica S.A., among others. Depending on the arrangement, OEMs may sell our software bundled with the PC or related services, pre-install our software and allow us to complete the sale, or sublicense a single version of our products to end users who must register the product with us in order to receive updates.
From time to time, we enter into strategic alliances with third parties to support our future growth plans. These relationships may include joint technology development and integration, research cooperation, co-marketing activities and/or sell-through arrangements. For example, our Security Innovation Alliance program is a technology partnering program that is designed to accelerate the development of interoperable security products that can be integrated in complex customer environments. Members of the alliance can develop products that will integrate with ePolicy Orchestrator and market them as McAfee-compatible. Our customers benefit from faster and less costly deployment. As part of our NTT DoCoMo alliance in Japan, we have jointly developed technology to provide integrated malware protection against threats to mobile handsets.
We use channel marketing to market, promote, train and provide incentives to our resellers and distributors, and to promote our offerings to their end-user customers. We offer our resellers and distributors technical and sales training classes, online training resources, and marketing and sales demand generation assistance kits. We also provide specific cooperative marketing programs for end-user seminars, catalogs, demand creation programs, sales events, and other items.
One of the principal means of marketing our products and services is online via the internet. Our web site, www.mcafee.com, supports marketing activities to our key customer and prospect segments, including home and home office users, small and medium-sized businesses, large enterprises and our partner community. Our web site contains various marketing materials and information about our products. Our customers can download and purchase some products directly online. We also promote our products and services through advertising activities in trade publications, direct mail campaigns, television, billboards, and strategic arrangements, as well as online through key word and search-based advertising. In addition, we attend trade shows and industry conferences, and we publish periodic channel and customer newsletters.
We also market our products through the use of rebate programs and marketing funds. Within most countries, we typically offer volume incentive rebates to channel partners and promotional rebates to end users. Our channel partners may earn a volume incentive rebate primarily based upon their sale of our products to end users.
The markets for our products are intensely competitive and are subject to rapid changes in technology. We expect both product and pricing competitive pressures to increase in the near-term as the industry continues to consolidate and our competitors grow more rapidly through acquisitions. Many of our competitors have longer operating histories, greater brand recognition, stronger relationships with strategic channel partners, larger technical staffs, established relationships with hardware vendors and/or greater financial, technical and marketing resources, and other advantages compared to us. These factors may provide our competitors with an advantage. Increasingly, security protection is offered by third parties at significant discounts to our prices or, in some cases is bundled for free. Potential customers may perceive our products as unnecessary or obsolete if similar functionality is available for free. If our competitors gain market share in the markets for our products, our sales could grow more slowly or decline. Competitive pressures could also lead to increases in competition-driven expenses such as advertising expenses, product rebates and marketing funds provided to our channel partners. See Risk Factors below.
We believe that the principal competitive factors affecting the market for our corporate products include, but are not limited to, performance; functionality and features; brand name recognition; breadth of product group; integration of products; price; the effectiveness of distributor promotion programs; and quality of customer support. We believe that we generally compete favorably against our competitors in these areas. However, lack of name recognition may be a concern with potential new customers. Competitor solutions may be more attractive than ours to the extent they are integrated with a larger product solution (such as outsourced email). In addition, our pricing may be less competitive, particularly compared to smaller competitors trying to enter the market.
Our principal competitors in the corporate market are as follows:
System Protection Market. Our principal competitors in the anti-virus market are Symantec Corp., Trend Micro, Inc. and Microsoft Corporation, each of which operates on a world-wide basis. Trend Micro Inc. remains the strongest competitor in the Asian anti-virus market. Kaspersky Lab, Inc., ESET Software, Panda Software, Sophos, F-Secure Corporation and Dr. Ahns Anti-Virus Lab are also competitors in their respective markets.
Network Protection Market. Our principal competitors in the network protection market are Cisco Systems Inc., IBM Juniper Networks, Inc., Symantec Corp., Check Point Software Technologies Ltd., Sourcefire, Inc. and 3Com Corporation. IBM, Qualys and nCircle are the strongest competitors in the vulnerability management market.
Email and Web Security Market. Our principal competitors in the email and web security market, which includes our SiteAdvisor products, include Microsoft Corporation, Trend Micro, Inc., Symantec Corporation, Barracuda Networks and various search engine providers, namely Google, Inc. and Yahoo!, Inc.
Other Competitors. In addition to competition from large technology companies such as IBM, Novell Inc. and Microsoft Corporation, we also face competition from smaller companies and shareware authors that may develop competing products.
In the consumer market, we believe that the principal competitive factors include, but are not limited to, brand name recognition and reputation; convenience of purchase; price; breadth of functionality and features; ease of use; and frequency of upgrades and updates. Our principal competitors are Symantec Corp. with their Norton product line, Microsoft Corporation and Trend Micro Inc. We typically compete effectively in each of these areas. However, if it is more convenient for consumers to use a competitive product (for example, when they purchase computers that are prebundled with a competitors product), we could be at a competitive disadvantage. Our prices are also a competitive disadvantage compared to free solutions and when competitors offer limited-time promotions.
Our success depends to a great extent on our proprietary software technology. We rely on a combination of patents, trademarks, trade secrets and copyrights to establish and protect proprietary rights to our software. However, the steps taken by us to protect our proprietary software technology may be inadequate to deter misuse or
theft of this technology. Often, we do not obtain signed license agreements from customers who license products from us. In these cases, we include an electronic version of an end-user license in all of our electronically distributed software and a printed license with our products that are distributed in a box. Although this is common practice for software companies that sell off-the-shelf products to have licenses that are not signed by the licensee, certain legal authorities believe that such licenses may not be enforceable under the laws of many states and foreign jurisdictions. In addition, the laws of some foreign countries either do not protect these rights at all or offer only limited protection for these rights. Furthermore, we are aware that a significant number of users of our anti-virus products have not paid any license or support fees to us. See Risk Factors below.
As is typical for many large software companies, our business is seasonal. Software license and maintenance orders are generally higher in our third and fourth quarters and lower in our first and second quarters. A significant decline in license and maintenance orders is typical in the first quarter of our year as compared to license and maintenance orders in the fourth quarter of the prior year. In addition, we generally receive a higher volume of software license and maintenance orders in the last month of a quarter, with orders concentrated in the later part of that month. We believe that this seasonality primarily reflects customer spending patterns and budget cycles, as well as the impact of compensation incentive plans for our sales personnel. Revenue generally reflects similar seasonal patterns but to a lesser extent than orders because revenue is not recognized until an order is shipped or services are performed and other revenue recognition criteria are met.
As of December 31, 2007, we employed approximately 4,250 individuals worldwide. Less than 2% of our employees are represented by a labor union. Competition for qualified management and technical personnel is intense in the software industry. Our continued success depends in part upon our ability to attract, assimilate and retain qualified personnel. To date, we believe that we have been successful in recruiting qualified employees, but there is no assurance that we will continue to be successful in the future or be able to retain qualified personnel.
We were incorporated in the state of Delaware in 1992 under the name of McAfee Associates, Inc. In conjunction with our 1997 merger with Network General Corporation, we changed our name to Networks Associates, Inc. In 2004, we changed our name to McAfee, Inc. and began trading on the New York Stock Exchange under the symbol MFE. We are headquartered at 3965 Freedom Circle, Santa Clara, California, 95054, and the telephone number at that location is (408) 988-3832. Our internet address is www.mcafee.com.
We file registration statements, periodic and current reports, proxy statements, and other materials with the Securities and Exchange Commission (SEC). You may read and copy any materials we file with the SEC at the SECs Office of Public Reference at 100 F Street, NE, Washington, D.C. 20549. You may obtain information on the operation of the Public Reference Room by calling the SEC at 1-800-SEC-0330. The SEC maintains a web site at www.sec.gov that contains reports, proxy and information statements and other information regarding issuers that file electronically with the SEC, including our filings. We make available, free of charge, through the investor relations section of our web site, our annual reports on Form 10-K, quarterly reports on Form 10-Q and current reports on Form 8-K, and any amendments to those reports filed pursuant to Section 13(a) or 15(d) of the Securities Exchange Act of 1934, as amended, as soon as reasonably practicable after they are electronically filed with or furnished to the SEC. Except as expressly set forth in this Form 10-K annual report, the contents of our web site are not incorporated into, or otherwise to be regarded as part of this report.
Investing in our common stock involves a high degree of risk. Some but not all of the risks we face are described below. Additional risks not presently known to us or that we have not disclosed below may also impair our business operations. Any of the following risks could materially adversely affect our business, operating results and financial condition and reduce the value of an investment in our common stock.
We face intense competition and we expect competitive pressures to increase in the future. This competition could have a negative impact on our business and financial results.
The markets for our products are intensely competitive and we expect both product and pricing competition to increase. If our competitors gain market share in the markets for our products, our sales could grow more slowly or decline. Competitive pressures could also lead to increases in expenses such as advertising expenses, product rebates, product placement fees, and marketing funds provided to our channel partners.
Our principal competitors in each of our product categories and in geographic markets are described in Business Competition, above. Our competitors include some large enterprises such as Microsoft, Cisco Systems, Symantec, IBM, Google and Trend Micro. Some of our competitors have longer operating histories, more extensive international operations, greater name recognition, larger technical staffs, established relationships with more distributors and hardware vendors and/or greater financial, technical and marketing resources than we do.
Increasingly, our competitors are large vendors of hardware or operating system software. These competitors are continuously incorporating system and network protection functionality into their products, and enhancing that functionality either through internal development or increasingly through acquisitions. For example, in 2006 Microsoft released its consumer security solution and continues to boost the security functionality of its Windows platform through its acquisition strategy. More details about competitors expanding their system and network protection offerings are described in Business Competition, above. These large vendors have significantly greater product development and acquisition budgets and resources than we do. This might enable them to provide greater functionality and to expand that functionality more quickly than we are able to do.
More than 40% of our revenue comes from our consumer business. Our growth of this business relies on direct sales and sales through relationships with ISPs such as AOL and Comcast, and PC OEMs, such as Dell and Toshiba. As competition in this market increases, we have and will continue to experience pricing pressures that could have a negative effect on our ability to sustain our revenue and market share growth. As our consumer business becomes increasingly more dependent upon the partner model, our retail businesses may continue to decline. Further, as penetration of the consumer anti-virus market through the ISP model increases, we expect that pricing and competitive pressures in this market will become even more acute.
Security protection is increasingly being offered by third parties at significant discounts to our prices or, in some cases is bundled for free. For example, Microsoft over time has sought to add security features to its operating systems that would provide functionality similar to what our products offer, while at the same time making it more difficult for us to integrate our products with its operating systems. The widespread inclusion of lower-priced or free products that perform the same or similar functions as our products within computer hardware or other companies software products could reduce the perceived need for our products or render our products obsolete and unmarketable even if these incorporated products are inferior or more limited than our products. The expansion of these competitive trends could have a significant negative impact on our sales and financial results.
We also face competition from numerous smaller companies, shareware and freeware authors and open source projects that may develop competing products, as well as from future competitors, currently unknown to us, who
may enter the markets because the barriers to entry are fairly low. Smaller and/or newer companies often compete aggressively on price.
We face product development risks due to rapid changes in our industry. Failure to keep pace with these changes could harm our business and financial results.
The markets for our products are characterized by rapid technological developments, continually-evolving industry trends and standards and ongoing changes in customer requirements. Our success depends on our ability to timely and effectively keep pace with these developments.
We must enhance and expand our product offerings to reflect industry trends, new technologies and new operating environments as they become increasingly important to customer deployments. For example, we must expand our offerings for virtual computer environments; we must continue to expand our security technologies for mobile environments to support a broader range of mobile devices such as mobile phones and personal digital assistants; we must develop products that are compatible with new or otherwise emerging operating systems, while remaining compatible with popular operating systems such as Linux, Suns Solaris, UNIX, Macintosh OSX and Leopard, and Windows XP, NT and Vista; and we must continue to expand our business models beyond traditional software licensing and subscription models. Specifically, software-as-a-service (SaaS) is becoming an increasingly important method and business model for the delivery of applications. Because of the advantages that SaaS models offer to customers over traditional software sales and licensing, competitors using SaaS models to a greater extent than we do could enjoy growth in their businesses and, as a result, we could lose business to such competitors.
We must also continuously work to ensure that our products meet changing industry certifications and standards. Failure to keep pace with any changes that are important to our customers could cause us to lose customers and could have a negative impact on our business and financial results.
Our ability to adapt to changes can be hampered by product development delays. We may experience delays in product development as we have at times in the past. Complex products like ours may contain undetected errors or version compatibility problems, particularly when first released, which could delay or adversely impact market acceptance. In addition, we may choose not to deliver a previously announced, partially-developed product, thereby increasing our development costs without a corresponding benefit. For example, if Microsoft incorporates a product that performs the same or similar function as one of our products under development into the Windows platform, we might discontinue development if we believe the Microsoft product will undermine the market for our product. This could happen even if Microsofts product is inferior or more limited than our product, if the Microsoft product is lower-priced or made available at no additional cost to customers. The occurrence of these events could negatively impact our business.
If our products do not work properly, we could experience negative publicity, damage to our reputation, legal liability, declining sales and increased expenses.
Our products are used to protect and manage computer systems and networks that may be critically important to our customers. Customers rely on our products to protect against security risks, prevent the loss of sensitive data and manage compliance activities. Because of the complexity of our products, they could contain undetected errors when first introduced and when new versions or enhancements are released. We have from time to time found errors in versions of our products, and we may find such errors in the future. Furthermore, because of the complexity of the environments in which our products operate, our products may have errors or defects that customers identify after deployment.
Failures, errors or defects in our products could result in security breaches or compliance violations for our customers, disruption or damage to their networks or other negative consequences. Any such product problems
could have a negative impact on us as well. For example, failure of our products to identify or block viruses could result in negative publicity, damage to our reputation, declining sales, increased expenses and customer relation issues. Such failures could also result in product liability damage claims against us by our customers, even though our license agreements with our customers typically contain provisions designed to limit our exposure to potential product liability claims. Furthermore, the correction of defects could divert the attention of engineering personnel from our product development efforts. A major security breach at one of our customers that is attributable to or not preventable by our products could be very damaging to our business. Any actual or perceived breach of network or computer security at one of our customers, regardless of whether the breach is attributable to our products, could adversely affect the markets perception of our security products.
Our system protection software products have in the past, and these products and our intrusion protection products may at times in the future, falsely detect viruses or computer threats that do not actually exist. These false alarms, while typical in the security industry, may impair the perceived reliability of our products and may therefore adversely impact market acceptance of our products. In addition, we have in the past been subject to litigation claiming damages related to a false alarm, and similar claims may be made in the future.
Our email and web solutions (anti-spam, anti-spyware and safe search products) may falsely identify emails, programs or web sites as unwanted spam, potentially unwanted programs or unsafe. They may also fail to properly identify unwanted emails, programs or unsafe web sites, particularly because spam emails, spyware or malware are often designed to circumvent anti-spam or spyware products and to incorrectly identify legitimate web sites as unsafe. Parties whose emails or programs are incorrectly blocked by our products, or whose web sites are incorrectly identified as unsafe or as utilizing phishing techniques, may seek redress against us for labeling them as spammers or unsafe and/or for interfering with their businesses. In addition, false identification of emails or programs as unwanted spam or potentially unwanted programs may discourage potential customers from using or continuing to use these products.
Our products may also not work properly if they are misused or abused by customers or non-customer third parties who obtain access and use of our products. These situations may arise where an organization uses our products in a manner that impacts their end users or employees privacy or where our products are misappropriated to censor private access to the Internet. Any of these situations could impact the perceived reliability of our products, result in negative press coverage, negatively affect our reputation and adversely impact our financial results.
Our international operations involve risks that could divert the time and attention of management, increase our expenses and otherwise adversely impact our business and financial results.
Our international operations increase our risks in several aspects of our business, including but not limited to risks relating to revenue, legal and tax compliance, and the overall political climate and potential political instability. Net revenue in our operating regions outside of North America represented 48% of total net revenue in 2007, increasing from 45% in 2006 and 43% in 2005. The risks associated with our continued focus on international operations could adversely affect our business and financial results.
Revenue risks include, among others, longer payment cycles, greater difficulty in collecting accounts receivable, tariffs and other trade barriers, seasonality, currency fluctuations, and the high incidence of software piracy and fraud in some countries. The primary product development risk to our revenue is our ability to deliver new products in a timely manner and to successfully localize our products for a significant number of international markets in different languages.
We face a variety of legal and compliance risks. One primary legal risk is that some of our computer security solutions, particularly those incorporating encryption technology, may be subject to export restrictions. As a result, some products cannot be exported to international customers without prior United States (U.S.) government approval. The list of products and end users for which export approval is required, and the related regulatory policies, are subject to revision by the U.S. government at any time. The cost of compliance with U.S. and international export laws and changes in existing laws could affect our ability to sell certain products in certain markets and could have a material adverse effect on our international revenue and expense. If we, or our resellers, fail to comply with applicable law and regulations, we may become subject to penalties and fines or restrictions that may adversely affect our business.
Another significant legal risk resulting from our international operations is compliance with the Foreign Corrupt Practices Act (FCPA), In many foreign countries, particularly in those with developing economies, it may be common for non McAfee personnel to engage in business practices that are prohibited by the FCPA or other U.S. laws and regulations. For example, in some countries it is customary to make payments to government regulators in order to encourage prompt and desirable regulatory actions. Such payments by U.S. companies, employees or agents of U.S. companies are prohibited by the FCPA. Although we have implemented training along with policies and procedures designed to ensure compliance with this and similar laws, there can be no assurance that all of our employees, and agents, as well as those companies to which we outsource certain of our business operations, will not take actions in violation of our policies. Any such violation, even if prohibited by our policies and training programs, could have a material adverse effect on our business.
Other legal risks include international labor laws and our relationship with our employees and regional work councils; compliance with more stringent consumer protection and privacy laws; and unexpected changes in regulatory requirements. Our principal tax risks are potentially adverse tax consequences due to foreign value-added taxes, restrictions on the repatriation of earnings, and changes in tax laws.
A significant portion of our transactions outside of the U.S. are denominated in foreign currencies. Accordingly, our future operating results will continue to be subject to fluctuations in foreign currency rates. Fluctuations in currency exchange rates and economic instability, such as higher interest rates in the U.S. and inflation, could reduce our customers ability to obtain financing for software products, or could make our products more expensive or could increase our costs of doing business in certain countries During 2007, we recorded a net foreign currency transaction gain of $1.0 million in our consolidated statements of income and comprehensive income, compared to net foreign currency transaction losses of $8.5 million in 2006 and $5.5 million in 2005. Although foreign exchange rates have not had a substantial impact on our results during 2005 through 2007, we may be negatively affected by fluctuations in foreign currency rates in the future, especially if international sales continue to grow as a percentage of our total sales. See Liquidity and Capital Resources Currency Fluctuation Risks, below and Note 2 to the consolidated financial statements, included elsewhere in this report, for additional information regarding currency exchange rate risks.
More general risks of international business operations include the increased costs of establishing, managing and coordinating the activities of geographically dispersed and culturally diverse operations (particularly sales and support, and shared service centers) located on multiple continents in a wide range of time zones.
We face a number of risks related to our product sales through distributors and other third parties.
We sell a significant amount of our products through third party intermediaries such as distributors, value-added resellers, PC OEMs, ISPs and other distribution channel partners (referred to collectively as distributors).
Reliance on third parties for distribution exposes us to a variety of risks, some of which described below, that could have a material adverse impact on our business and financial results.
We have limited control over the timing of the delivery of our products to customers by third-party distributors. We generally do not require our resellers and OEM partners to meet minimum sales volumes, so their sales may vary significantly from period to period. In particular, the volume of our products shipped by our OEM partners depends on the volume of computers shipped by the PC OEMs, which is outside of our control. These factors can make it difficult for us to forecast our revenue accurately and they also can cause our revenue to fluctuate unpredictably.
Our distributors may sell other vendors products that compete with our products. Although we offer our distributors incentives to focus on sales of our products, they may give greater priority to products of our competitors, for a variety of reasons. In order to maximize sales of our products rather than those of our competitors, we must effectively support these partners with, among other things, appropriate financial incentives to encourage them to invest in sales tools, such as online sales and technical training and product collateral needed to support their customers and prospects. If we do not properly support our partners, they may focus more on our competitors products, and their sales of our products would decline.
Our PC OEMs partners are also in a position to exert competitive pricing pressure. Competition for OEMs business continues to increase, and it gives the OEMs leverage to demand lower product prices from us in order to secure their business. Even if we negotiate what we believe are favorable pricing terms when we first establish a relationship with an OEM, at the time of the renewal of the agreement, we may be required to renegotiate our agreement with them on less favorable terms. Lower net prices for our products would adversely impact our operating margins.
We invest significant time, money and resources to establish and maintain relationships with our distributors, but we have no assurance that any particular relationship will continue for any specific period of time. The agreements we have with our distributors, including those with Ingram Micro Inc. and Tech Data Corporation, our two largest distributors, can generally be terminated by either party without cause with no or minimal notice or penalties. If any significant distributor terminates its agreement with us, we could experience a significant interruption in the distribution of our products and our revenues could decline. We could also lose the benefit of our investment of time, money and resources in the distributor relationship.
A significant portion of our net revenue is attributable to a fairly small number of distributors. Our top ten distributors represented 39% our net revenue in 2007, 47% in 2006 and 56% in 2005. Reliance on a relatively small number of third parties for a significant portion of our distribution exposes us to significant risks to net revenue and net income if our relationship with one or more of our key distributors is terminated for any reason.
Although a distributor can terminate its relationship with us for any reason, one factor that may lead to termination is a divergence of our business interests and those of our distributors and potential conflicts of interest. For example, our acquisition activity has resulted in the termination of distributor relationships that no longer fit with the distributors business priorities. Future acquisition activity could cause similar termination of, or disruption in, our distributor relationships, which could adversely impact our revenues.
Some of our distributors may experience financial difficulties, which could adversely impact our collection of accounts receivable. Our allowance for doubtful accounts was approximately $4.1 million as of December 31, 2007. We regularly review the collectability and credit-worthiness of our distributors to determine an appropriate allowance for doubtful accounts. Our uncollectible accounts could exceed our current or future allowances, which could adversely impact our financial results.
We may buy or make investments in complementary companies, products and technologies. From 2004 through the date of this filing, we have completed eight acquisitions. See Note 3 to the consolidated financial statements elsewhere in this report for details of these acquisitions. We may not realize the anticipated benefits from these acquisitions. Future acquisitions could result in significant acquisition-related charges and dilution to our stockholders in addition to the risks noted below.
We face a number of risks relating to our acquisitions, including the following, any of which could harm our ability to achieve the anticipated benefits of our past or future acquisitions.
Integration of an acquired company or technology is a complex, time consuming and expensive process. The successful integration of an acquisition requires, among other things, that we integrate and retain key management, sales, research and development and other personnel; integrate the acquired products into our product offerings from both an engineering and sales and marketing perspective; integrate and support preexisting supplier, distribution and customer relationships; coordinate research and development efforts; and consolidate duplicate facilities and functions and integrate back-office accounting, order processing and support functions.
The geographic distance between the companies, the complexity of the technologies and operations being integrated and the disparate corporate cultures being combined may increase the difficulties of integrating an acquired company or technology. Managements focus on the integration of operations may distract attention from our day-to-day business and may disrupt key research and development, marketing or sales efforts. In addition, it is common in the technology industry for aggressive competitors to attract customers and recruit key employees away from companies during the integration phase of an acquisition. If integration of our acquired businesses or assets is not successful, we may experience adverse financial or competitive effects.
Acquired companies or businesses are likely to have different standards, controls, contracts, procedures and policies, making it more difficult to implement and harmonize company-wide financial, accounting, billing, information and other systems. This risk is amplified by the increased costs and efforts in connection with compliance with the Sarbanes-Oxley Act. Acquisitions of privately held and/or non-US companies are particularly challenging because their prior practices in these areas typically do not meet the requirements of the Sarbanes-Oxley Act.
Our available cash and securities may be used to acquire or invest in companies or products. From 2005 through 2007, we used more than $500 million in cash as payment for technology companies and assets. See Note 3 to the consolidated financial statements included elsewhere in this report for more details on these acquisitions. Moreover, when we acquire a company, we may have to incur or assume that companys liabilities, including liabilities that may not be fully known at the time of acquisition. To the extent we continue to make acquisitions, we will require additional cash and/or shares of our common stock as payment. The use of securities would cause dilution for our existing stockholders.
The success of many acquisitions depends to a great extent on our ability to retain key employees from the acquired company. This can be challenging, particularly in the highly competitive market for technical personnel. Retaining key executives for the long-term can also be difficult due to other opportunities available to them. It could be difficult, time consuming and expensive to replace any key management members or other critical personnel that do not accept employment with McAfee following the acquisition. In addition to retaining key employees, we must integrate them into our company, which can be difficult and costly. Changes in management or other critical
personnel may be disruptive to our business and might also result in our loss of some unique skills and the departure of existing employees and/or customers.
Acquisitions may result in substantial accounting charges for restructuring and other expenses, write-offs of in-process research and development, future impairment of goodwill, amortization of intangible assets and stock-based compensation expense, any of which could materially adversely affect our operating results.
Our success depends in large part on our ability to attract and retain senior management personnel, as well as technically qualified and highly-skilled sales, consulting, technical, finance and marketing personnel. Other than members of executive management who have at will employment agreements, our employees are not typically subject to an employment agreement or non-competition agreement. In the recent past we have experienced significant turnover in our senior management team and in our worldwide sales and finance organizations and replacing this personnel remains difficult.
It could be difficult, time consuming and expensive to replace any key management member or other critical personnel. Integrating new management and other key personnel also may be difficult and costly. Changes in management or other critical personnel may be disruptive to our business and might also result in our loss of unique skills and the departure of existing employees and/or customers. It may take significant time to locate, retain and integrate qualified management personnel.
Other personnel related issues that we may encounter include:
Competition for qualified individuals in our industry is intense. To attract and retain critical personnel, we believe that we must maintain an open and collaborative work environment. We also believe we need to provide a competitive compensation package, including stock options, other stock awards and other incentives. Increases in shares available for issuance under our stock option plans require stockholder approval. Institutional stockholders, or our other stockholders, may not approve future requests for increases in shares available under our equity incentive plans. For example, at our 2003 annual meeting held in December 2003, our stockholders did not approve a proposed increase in shares available for grant under our employee stock option plans. We continue to evaluate our compensation programs and in particular our equity compensation philosophy. In the future, we may decide to issue fewer stock options, possibly impairing our ability to attract and retain necessary personnel. Conversely, issuing a comparable number of stock options could adversely impact our results of operations due to the accounting charges required in connection with equity compensation.
We continue to hire in key areas and have added a number of new employees in connection with our acquisitions. We have also increased our hiring in Bangalore, India in connection with the relocation of a significant portion of our research and development operations to India.
During 2006 and 2007, we experienced significant changes in our senior management team, as a number of officers resigned or were terminated and several key management positions were vacant for a significant period of time. In April 2007, David DeWalt was hired as our chief executive officer and president. Later in 2007 we also appointed other senior executives. We may continue to experience changes in senior management going forward.
For new employees, including senior management, there may be reduced levels of productivity as recent additions or hires are trained or otherwise assimilate and adapt to our organization and culture. The significant turnover in our senior management team during 2006 and 2007 may make it difficult to attract new employees and retain existing employees. Further, this turnover may also make it difficult to execute on our business plan and achieve our planned financial results.
Our financial results can fluctuate significantly, making it difficult for us to accurately estimate operating results.
Over the past five years our revenues, gross margins and operating results have fluctuated significantly from quarter to quarter and from year to year, and we expect fluctuations in our operating results to continue in the future. Thus, our operating results for prior periods may not be effective predictors of our future performance. The fluctuations make it difficult for us to accurately estimate operating results. Furthermore, because our expenses are based in part on our expectations regarding future revenues, expenses in the short term are relatively fixed. This makes it difficult for us to adjust our expenses in time to compensate for any unexpected revenue shortfall in a given period.
Volatility in our quarterly financial results may make it more difficult for us to raise capital in the future or pursue acquisitions that involve issuances of our stock. If our quarterly financial results or our predictions of future financial results fail to meet the expectations of securities analysts and investors, our stock price could be negatively affected.
Factors that may cause our revenues, gross margins and other operating results to fluctuate significantly from period to period, include, but are not limited to the following:
A significant portion of our revenue in any quarter comes from previously deferred revenue, which is a somewhat predictable component of our quarterly revenue. However, a meaningful part of revenue depends on contracts entered into or orders booked and shipped in the current quarter. Typically we generate the most orders in the last month of our quarters. Some customers believe they can enhance their bargaining power by waiting until the end of our quarter to place their order. Any failure or delay in closing significant new orders in a given quarter could have a material adverse impact on our results for that quarter. Also, personnel limitations and system processing constraints could adversely impact our ability to process the large number of orders that typically occur near the end of a fiscal quarter.
We increasingly rely upon third-party manufacturers to manufacture our hardware-based products, our reliance on their ability to provide us with timely and accurate product cost information exposes us to risk. A failure of our third-party manufacturers to provide us with timely and accurate product cost information may impact our costs of goods sold and negatively impact our ability to accurately and timely report our operating results.
We rely heavily on third parties to distribute our products. Any changes in the performance of the relationships with our distribution partners can impact our operating results. We also rely on third parties to manufacture our products. Changes in our supply chain could result in product fulfillment delays that contribute to fluctuations in operating results from period to period. We typically fulfill delivery of our hardware-based products from centralized distribution centers. We have in the past and may in the future make changes in our product delivery network. Changes in our product delivery network may disrupt our ability to timely and efficiently meet our product delivery commitments, particularly at the end of a quarter. As a result, we may experience increased costs in the short term as temporary delivery solutions are implemented to address unanticipated delays in product delivery. In addition, product delivery delays may negatively impact our ability to recognize revenue if shipments are delayed at the end of a quarter.
Another source of fluctuations in our operating results and, in particular, gross profit margins, is the mix of products we sell and services we offer, including the mix between corporate versus consumer products; hardware-based compared to software-based products; perpetual licenses versus subscription licenses; and maintenance and
support services compared to consulting services or product revenue. Product mix can impact operating expenses as well as the amount of revenue and the timing of revenue recognition, so our profitability can fluctuate significantly based on product mix.
The timing of the introduction and adoption of new products, product upgrades or updates by us or our competitors can have a significant impact on revenue from period to period. For example, revenues tend to be higher shortly after we introduce new products compared to periods without new products. Our revenues may decline after new product introductions by competitors. In addition, the volume, size, and terms of new customer licenses can cause fluctuations in our revenue.
A number of other factors that are peripheral to our core, ongoing business operations and our cash flow also contribute to variability in our operating results. These include, but are not limited to, expenses related to our acquisition and disposition activities, stock-based compensation expense, unanticipated costs associated with litigation or investigations, costs related to Sarbanes-Oxley compliance efforts, costs and charges related to certain extraordinary events such as restructurings and financial restatements, substantial declines in estimated values of long-lived assets below the value at which they are reflected in our financial statements, and changes in generally accepted accounting principles.
Conditions and changes in the national and global economic and political environments may adversely affect our business and financial results.
Adverse economic conditions in markets in which we operate can harm our business. If economic growth in the United States and other countries economies is slowed, many customers may delay or reduce technology purchases. This could result in reductions in sales of our products, longer sales cycles, slower adoption of new technologies and increased price competition. In addition, weakness in the end-user market could negatively affect the cash flow of our distributors and resellers who could, in turn, delay paying their obligations to us. This would increase our credit risk exposure and cause delays in our recognition of revenues on future sales to these customers. Specific economic trends, such as declines in the demand for PCs, servers, and other computing devices, or softness in corporate information technology spending, could have a more direct impact on our business. Any of these events would likely harm our business, operating results and financial condition.
Recent turmoil in the political environment in many parts of the world, including terrorist activities and military actions, the continuing tension in and surrounding Iraq, and increases in energy costs due to instability in oil-producing regions may continue to put pressure on global economic conditions. If global economic and market conditions, or economic conditions in the United States or other key markets deteriorate, we may experience material impacts on our business, operating results, and financial condition.
We have experienced, and may continue to experience, material weaknesses and significant deficiencies in our internal control and financial reporting environment, which impacts the accuracy, completeness and timeliness of our external financial reporting.
Section 404 of the Sarbanes-Oxley Act requires that management report annually on the effectiveness of our internal control over financial reporting and identify any material weaknesses in our internal control and financial reporting environment. In our Form 10-K for the year ended December 31, 2007, our management identified a material weakness relating to our accounting for income taxes. We have implemented, and will continue to implement, additional controls and procedures to address the material weakness related to accounting for income taxes. See Item 9A, Controls and Procedures, for details of these material weakness remediation programs. These efforts have resulted, and could further result, in significant expenses and could divert management attention away from operating our business. Even though our management believes that our efforts to remediate internal control deficiencies have improved the operation of our internal control over financial reporting, we cannot be certain that the measures we have taken or we are planning to take will sufficiently and satisfactorily remediate the identified
material weaknesses. Ongoing material weaknesses in internal controls create a reasonable possibility that a material misstatement of our interim and annual financial statements would not be prevented or detected on a timely basis.
If management identifies additional material weaknesses or significant deficiencies in the future, their correction could require additional remedial measures which could be costly and time-consuming. In addition, the discovery of further material weaknesses could also require us to restate our prior period operating results. If a material weakness is identified for a future period year-end or if our previously identified material weaknesses are not remediated, our independent auditors would be unable to express an opinion on the effectiveness of our internal controls. This in turn could damage investor confidence in the accuracy and completeness of our financial reports, which could affect our stock price and potentially subject us to litigation.
We face numerous risks relating to the enforceability of our intellectual property rights and our use of third party intellectual property, many of which could result in the loss of our intellectual property rights as well as other material adverse impacts on our business and financial results and condition.
We rely on a combination of contractual rights, trademarks, trade secrets, patents and copyrights to establish and protect proprietary rights in our software. However, the steps we have taken to protect our proprietary software may not deter its misuse, theft or misappropriation. Competitors may independently develop technologies or products that are substantially equivalent or superior to our products or that inappropriately incorporate our proprietary technology into their products. We are aware that a number of users of our security products have not paid license, technical support, or subscription fees to us. Certain jurisdictions may not provide adequate legal infrastructure for effective protection of our intellectual property rights. Changing legal interpretations of liability for unauthorized use of our software or lessened sensitivity by corporate, government or institutional users to refraining from intellectual property piracy or other infringements of intellectual property could also harm our business.
Frequency, expense and risks of intellectual property litigation in the network and system security market
Litigation may be necessary to enforce and protect our trade secrets, patents and other intellectual property rights. Similarly, we may be required to defend against claimed infringement by others. For example, as discussed in Item 3, Legal Proceedings, we are currently defending a patent infringement case that seeks to prevent us from selling certain of our products.
The litigation process is subject to inherent uncertainties, so we may not prevail in litigation matters regardless of the merits of our position. In addition to the expense and distraction associated with litigation, adverse determinations could cause us to lose our proprietary rights, prevent us from manufacturing or selling our products, require us to obtain licenses of patents or other intellectual property rights that may be held invalid or infringed upon by our products (licenses may not be available on reasonable commercial terms or at all), and subject us to significant liabilities, including monetary liabilities.
If we acquire technology to include in our products from third parties, our exposure to infringement actions may increase because we must rely upon these third parties verify the origin and ownership of any software we acquire. Similarly, we face exposure to infringement actions if we hire software engineers who were previously employed by competitors and those employees inadvertently or deliberately incorporate proprietary technology of our competitors into our products despite efforts by our competitors and us to prevent such infringement.
Like many other software companies, we use and distribute open source software in order to add functionality to our products quickly and inexpensively. We face certain risks relating to our use of open source code. Open source license terms may be ambiguous and may result in unanticipated or uncertain obligations regarding our products. For example, the scope and requirements of the most common open source software license, the GNU General Public License (GPL) have not been interpreted in a court of law. Our use of GPL or other open
source software could subject certain portions of our proprietary software to the GPL requirements or other similar requirements. That may have an adverse impact on our sale of the products incorporating the open source software. Other forms of open source software licensing present license compliance risks for us. If we fail to comply with the license obligations, we could be sued and/or lose the right to use the open source code.
Our use of open source code could also result in us developing and selling products that infringe third-party intellectual property rights. It may be difficult for us to accurately determine the developers of the open source code and whether the code incorporates proprietary software. We have processes and controls in place that are designed to address these risks and concerns, including a review process for screening requests from our development organizations for the use of open source. However, we cannot be sure that all open source is submitted for approval prior to use in our products.
We also have processes and controls in place to review the use of open source in the products developed by companies that we acquire. Despite having conducted appropriate due diligence prior to completing the acquisition, products or technologies that we acquire may nonetheless include open source software that was not identified during the initial due diligence. Our ability to commercialize products or technologies of acquired companies that incorporate open source software or to otherwise fully realize the anticipated benefits of any acquisition may be restricted for the reasons described in the preceding two paragraphs.
Our strategic alliances and our relationships with manufacturing partners exposes us to a range of business risks and uncertainties that could have a material adverse impact on our business and financial results.
Uncertainty of realizing anticipated benefits. We have entered into strategic alliances with numerous third parties to support our future growth plans. These relationships may include technology licensing, joint technology development and integration, research cooperation, co-marketing activities and/or sell-through arrangements. We face a number of risks relating to our strategic alliances, including those described below. These risks may prevent us from realizing the desired benefits from our strategic alliances on a timely basis or at all, which could have a negative impact on our business and financial results.
Challenges relating to integrated products. Strategic alliances require significant coordination between the parties involved, particularly if an alliance requires that we integrate the other companys products with our products. This could involve significant time and expenditure by our technical staff and the technical staff of our strategic partner. The integration of products from different companies may be more difficult than we anticipate, and the risk of integration difficulties, incompatible products and undetected programming errors or defects may be higher than that normally associated with new products. The marketing and sale of products that result from strategic alliances might also be more difficult than that normally associated with new products. Sales and marketing personnel may require special training, as the new products may be more complex than our other products.
We invest significant time, money and resources to establish and maintain relationships with our strategic partners, but we have no assurance that any particular relationship will continue for any specific period of time. Our agreements relating to our strategic alliances are terminable without cause with no or minimal notice or penalties. If we lose a significant strategic partner, we could lose the benefit of our investment of time, money and resources in the relationship. In addition, we could be required to incur significant expenses to develop a new strategic alliance or to determine and implement an alternative plan to pursue the opportunity that we targeted with the former partner.
Less control of the manufacturing process and outcome. We rely on a limited number of third parties to manufacture some of our hardware-based network protection and system protection products. We expect the number of our hardware-based products and our reliance on third-party manufacturers to increase as we continue to expand these types of solutions. We also rely on third parties to replicate and package our boxed software products. This reliance on third parties involves a number of risks that could have a negative impact on our business and
financial results. These risks include, but are not limited to, lack of control over the quality and timing of the manufacturing process, limited control over the cost of manufacturing, and the potential absence or unavailability of adequate manufacturing capacity.
Inadequate capacity. If any of our third-party manufacturers fails for any reason to manufacture products of acceptable quality, in required volumes, and in a cost-effective and timely manner, it could be costly as well as disruptive to product shipments. We might be required to seek additional manufacturing capacity, which might not be available on commercially reasonable terms or at all. Even if additional capacity was available, the process of qualifying a new vendor could be lengthy and could cause significant delays in product shipments and could strain partner and customer relationships. In addition, supply disruptions or cost increases could increase our costs of goods sold and negatively impact our financial performance. Our risk is relatively greater in situations where our hardware products contain critical components supplied by a single or a limited number of third parties. Any significant shortage of components could lead to cancellations of customer orders or delays in placement of orders, which would adversely impact revenue.
Hardware obsolescence. Hardware-based products may face greater obsolescence risks than software products. We could incur losses or other charges in disposing of obsolete hardware inventory. In addition, to the extent that our third-party manufacturers upgrade or otherwise alter their manufacturing processes, our hardware-based products could face supply constraints or risks associated with the transition of hardware-based products to new platforms. This could increase the risk of losses or other charges associated with obsolete inventory.
We are generally required to account for taxes in each jurisdiction in which we operate. This process may require us to make assumptions, interpretations and judgments with respect to the meaning and application of promulgated tax laws and related administrative and judicial interpretations thereof of the jurisdictions in which we operate. The positions that we take and our interpretations of the tax laws may differ from the positions and interpretations of the tax authorities in the jurisdictions in which we operate. We are presently under audit in many jurisdictions, including notably the United States, California and The Netherlands. The Internal Revenue Service is presently conducting a limited scope examination of our United States federal income tax returns for the calendar years 2002, 2003, 2004 and 2005. The State of California is auditing our income tax returns for the years 2004 and 2005. We are also in pre-filing discussions with the Dutch tax authorities with respect to tax years 2004 and 2005. An adverse outcome in one or more of these ongoing audits, or in any future audits that may occur, could have a significant negative impact on our cash position and net income. Although we have established reserves for these audit contingencies, there can be no assurance that the reserves will be sufficient to cover our ultimate liabilities.
Our provision for income taxes is subject to volatility and can be adversely affected by a variety of factors, including but not limited to changes in tax laws, regulations and accounting principles (including accounting for uncertain tax positions), or interpretations of those changes. Significant judgment is required to determine the recognition and measurement attribute prescribed in FIN 48. In addition, FIN 48 applies to all income tax positions, including the potential recovery of previously paid taxes, which if settled unfavorably could adversely impact our provision for income taxes or goodwill.
Increased customer demands on our technical support services may adversely affect our relationships with our customers and negatively impact our financial results.
We offer technical support services with many of our products. We may be unable to respond quickly enough to accommodate short-term increases in customer demand for support services. We also may be unable to modify the format of our support services to compete with changes in support services provided by competitors or successfully integrate support for our customers. Further customer demand for these services, without corresponding revenues, could increase costs and adversely affect our operating results.
We have outsourced a substantial portion of our worldwide consumer support functions to third-party service providers. If these companies experience financial difficulties, service disruptions, do not maintain sufficiently skilled workers and resources to satisfy our contracts, or otherwise fail to perform at a sufficient level under these
contracts, the level of support services to our customers may be significantly disrupted, which could materially harm our relationships with these customers.
Some of our customers have outsourced the management of their information technology departments to large system integrators. If this trend continues, our established customer relationships could be disrupted and our products could be displaced by alternative system and network protection solutions offered by system integrators that do not bundle our solutions. Significant product displacements could negatively impact our revenue and have a material adverse effect on our business.
If we fail to effectively upgrade or modify our information technology system, we may not be able to accurately report our financial results or prevent fraud.
As part of our efforts to continue improving our internal control over financial reporting, we upgraded our existing SAP information technology system during 2006 and 2007 in order to automate certain controls that were previously performed manually. We may experience difficulties in transitioning to new or upgraded systems and in applying maintenance patches to existing systems, including loss of data and decreases in productivity as personnel become familiar with new, upgraded or modified systems. Our management information systems will require modification and refinement as we grow and as our business needs change, which could prolong the difficulties we experience with systems transitions, and we may not always employ the most effective systems for our purposes. If we experience difficulties in implementing new or upgraded information systems or experience significant system failures, or if we are unable to successfully modify our management information systems and respond to changes in our business needs, our operating results could be harmed or we may fail to meet our reporting obligations. We may also experience similar results if we have difficulty applying routine maintenance patches to existing systems in a timely manner.
Due to our high profile in the network and system protection market, we have been a target of computer hackers who have, among other things, created viruses to sabotage or otherwise attack our products and services, including our various web sites. For example, we have seen the spread of viruses, or worms, that intentionally delete anti-virus and firewall software. Similarly, hackers may attempt to penetrate our network security and misappropriate proprietary information or cause interruptions of our internal systems and services. Also, a number of web sites have been subject to denial of service attacks, where a web site is bombarded with information requests eventually causing the web site to overload, resulting in a delay or disruption of service. If successful, any of these events could damage users or our own computer systems. In addition, since we do not control disk duplication by distributors or our independent agents, media containing our software may be infected with viruses.
We are continually updating or modifying our accounting and other internal and external facing business systems. Modifications of these types of systems are often disruptive to business and may cause us to incur higher costs than we anticipate. Failure to properly manage this process could materially harm our business operations.
In addition, we and our customers face a number of potential business interruption risks that are beyond our respective control. Natural disasters or other events could interrupt our business or the business of our customers, and each of us is reliant on external infrastructure that may be antiquated. Our corporate headquarters in California is located near a major earthquake fault. The potential impact of a major earthquake on our facilities, infrastructure and overall operations is not known, but could be quite severe. Despite safety precautions that have been implemented, an earthquake could seriously disrupt our entire business process. We are largely uninsured for losses and business disruptions caused by an earthquake and other natural disasters.
Investment income is an important component of our net income. The ability to achieve our investment objectives is affected by many factors, some of which are beyond our control. We rely on third-party money managers to manage the majority of our investment portfolio in a risk-controlled framework. Our cash throughout the world is invested in high-quality fixed-income securities and is affected by changes in interest rates. Interest rates are highly sensitive to many factors, including governmental monetary policies and domestic and international economic and political conditions.
The outlook for our investment income is dependent on the future direction of interest rates, the amount of any share repurchases or acquisitions that we effect and the amount of cash flows from operations that are available for investment. Any significant decline in our investment income or the value of our investments as a result of falling interest rates, deterioration in the credit of the securities in which we have invested, or general market conditions, could have an adverse effect on our net income.
Our investment strategy attempts to manage interest rate risk and limit credit risk. By policy, we only invest in what we view as very high quality debt securities and our largest holdings are short-term U.S. Government securities and high-quality, well-collateralized asset-backed securities. We do not hold any sub-prime mortgages, auction rate securities or structured investment vehicles. We do not invest in below investment-grade securities. Most amounts held outside the United States could be repatriated to the United States, but, under current law, would be subject to U.S. federal income tax, less applicable foreign tax credits.
Our historical stock option granting practices have resulted in, and could continue to result in, continued or new litigation, regulatory proceedings, government enforcement actions and remedial actions, all of which have had, and will continue to have, a negative impact on our business and financial results.
In May 2006, we announced that we had commenced an investigation of our historical stock option granting practices. As a result of that investigation, we concluded that certain stock options had been accounted for using incorrect measurement dates, which, in some instances, were chosen with the benefit of hindsight so as to intentionally give more favorable exercise prices. Consequently, certain of our historical financial statements needed to be restated to correct improper accounting for improperly priced stock options. In December 2007, we filed our Form 10-K for 2006, which included the effects of a restatement of our audited consolidated financial statements for 2004 and 2005, our selected financial data for 2002 through 2005, and our unaudited quarterly financial data for all quarters in 2005 and the first quarter of 2006.
Shortly after we announced an internal investigation of our historical stock option granting practices, both the Securities and Exchange Commission (SEC) and the United States Department of Justice (DOJ) commenced investigations of our stock option practices. The filing of our restated consolidated financial statements did not resolve the pending SEC or DOJ inquiries. We are engaged in ongoing discussions with, and continue to provide information to, the SEC regarding certain of our prior period consolidated financial statements. The resolution of the SEC inquiry into our historical stock option granting practices could require us to file additional restatements of our prior consolidated financial statements or require that we take other actions not presently contemplated.
As part of the remedial actions we have taken in connection with the investigation and restatement, we terminated the employment of certain employees, including former executive officers. We are involved in litigation and other legal proceedings in connection with such terminations, as well as other stockholder lawsuits related to our historical stock option granting practices. We expect that there may be additional legal proceedings in the future which will require additional management time and additional expense. Any resolution of the legal proceedings may require us to make severance, settlement or other related payments in the future. See Note 19 to the consolidated financial statements included elsewhere in the report for more details about ongoing legal proceedings.
We cannot predict the outcome of the pending government inquiries or stockholder or other lawsuits, and we may face additional government inquiries, stockholder lawsuits and other legal proceedings. We cannot predict what, if any, enforcement action the SEC or DOJ will take with respect to our failure to be current in our periodic reports or our historical stock option granting practices.
As a result of our investigation and our conclusion that certain options had been mispriced, some of our employees and former employees were potentially exposed to significantly increased income tax liabilities and penalties and/or were unable to realize the benefits of their stock options. We have taken a number of steps to remedy this situation for employees, which has contributed to increased operating expenses. We believe we have taken, or are in the process of taking all corrective actions to compensate for the economic effects of mispriced stock options for many of our current and former employees and directors, but it is possible that there will be other actions required.
All of the events described above have required us to devote significant management time and to incur significant accounting, legal, and other expenses. These consequences have diverted management attention from business operations and have affected our financial condition and results of operations. We anticipate that these impacts will continue to varying degrees in future periods.
Pending or future litigation could have a material adverse impact on our results of operation, financial condition and liquidity.
In addition to intellectual property litigation, from time to time, we have been, and may be in the future, subject to other litigation including stockholder derivative actions or actions brought by current or former employees. Where we can make a reasonable estimate of the liability relating to pending litigation and determine that an adverse liability resulting from such litigation is probable, we record a related liability. As additional information becomes available, we assess the potential liability and revise estimates as appropriate. However, because of the inherent uncertainties relating to litigation, the amount of our estimates could be wrong. In addition to the related cost and use of cash, pending or future litigation could cause the diversion of managements attention. In this regard, we and a number of our current and former officers and directors are involved in or the subject of various legal actions. Managing, defending and indemnity obligations related to these actions have caused significant diversion of managements and the board of directors time and resulted in material expense to us. See Note 19 to the consolidated financial statements for additional information with respect to currently pending legal matters.
On February 9, 2006, the United States District Court for the Northern District of California entered a final judgment permanently enjoining us and our officers and agents from future violations of the securities laws. This final judgment resolved the charges filed against us in connection with the SECs investigation of our accounting practices that commenced in March 2002. As a result of the judgment, we will forfeit for three years the ability to invoke the safe harbor for forward-looking statements provision of the Private Securities Litigation Reform Act (Reform Act). This safe harbor provided us enhanced protection from liability related to forward-looking statements if the forward-looking statements were either accompanied by meaningful cautionary statements or were made without actual knowledge that they were false or misleading. While we may still rely on the bespeaks caution doctrine that existed prior to the Reform Act for defenses against securities lawsuits, without the statutory safe harbor, it may be more difficult for us to defend against any such claims. In addition, due to the permanent restraint and injunction against violating applicable securities laws, any future violation of the securities laws would be a violation of a federal court order and potentially subject us to a contempt order. For instance, if, at some point in the future, we were to discover a fact that caused us to restate our financial statements similar to the restatements that were the subject of the SEC action, we could be found to have violated the final judgment. We cannot predict whether the SEC might assert that our failure to remain current in our periodic reporting obligations or our historical stock option practices violated the final judgment or what, if any, enforcement action the SEC might take upon such a determination. Further, any collateral criminal or civil investigation, proceeding or litigation related to any future violation of the judgment, such as the compliance actions mandated by the judgment, could result in the distraction of management from our day-to-day business and may materially and adversely affect our reputation and results of operations.
During 2007 and up to the date of this filing, our stock price was highly volatile ranging from a per share high of $41.66 to a low of $27.74. On February 21, 2008, our stocks closing price per share price was $33.20.
Announcements, business developments, such as a material acquisitions or dispositions, litigation developments and our ability to meet the expectations of investors with respect to our operating and financial results, may contribute to current and future stock price volatility. In addition, third-party announcements such as those made by our partners and competitors may contribute to current and future stock price volatility. For example, future announcements by Microsoft Corporation related to its consumer and corporate security solutions may contribute to future volatility in our stock price. Certain types of investors may choose not to invest in stocks with this level of stock price volatility.
In addition to the volatility that is related to our business activities and those of others in our industry, our stock price may also experience volatility that is completely unrelated to our performance or that of the security industry. During 2007 through January 2008, the major US and international stock markets have been extremely volatile. Fluctuations in these broad market indices can impact McAfees stock price regardless of McAfees performance.
Our charter documents and Delaware law and our rights plan may impede or discourage a takeover,
which could lower our stock price.
Under our certificate of incorporation, our board of directors has the authority to issue up to 5.0 million shares of preferred stock and to determine the price, rights, preferences, privileges and restrictions, including voting rights, of those shares without any further vote or action by our stockholders. The issuance of preferred stock could have the effect of making it more difficult for a third party to acquire a majority of our outstanding voting stock and could have the effect of discouraging a change of control of the company or changes in management.
Our classified board and other provisions of Delaware law and our certificate of incorporation and bylaws, could also delay or make a merger, tender offer or proxy contest involving us or changes in our board of directors and management more difficult. For example, any stockholder wishing to make a stockholder proposal (including director nominations) at our 2008 annual meeting, must meet the qualifications and follow the procedures specified under both the Securities Exchange Act of 1934 and our bylaws.
Our board of directors has adopted a stockholders rights plan. The rights would become exercisable on the tenth day after a person or group announces the acquisition of 15% or more of our common stock or announces the commencement of a tender or exchange offer the consummation of which would result in ownership by the person or group of 15% or more of our common stock. If the rights become exercisable, the holders of the rights (other than the person acquiring 15% or more of our common stock) will be entitled to acquire in exchange for the rights exercise price, shares of our common stock or shares of any company in which we are merged with a value equal to twice the rights exercise price. The rights plan makes it more difficult for a third party to acquire a majority of our outstanding voting stock and discourages a change of control of the company not approved by our board of directors.
Our worldwide headquarters currently occupies approximately 95,000 square feet in facilities located in Santa Clara, California under leases expiring through 2013 which excludes approximately 113,000 square feet of leased space that we sublease to third parties. Worldwide, we lease facilities with approximately 743,000 total square feet, with leases that expire at various times. Total square footage excludes approximately 123,000 square feet of leased space in North America and EMEA that we sublease to third parties. Our primary international facilities are located in India, Ireland, Japan, the Netherlands, the United Kingdom and Singapore. Significant domestic sites include California, Oregon and Texas. We believe that our existing facilities are adequate for the present and that additional space will be available as needed.
We own our regional office located in Plano, Texas. The approximately 170,000 square feet facility opened in January 2003 and is located on 21.0 acres of owned land. This facility supports approximately 850 employees working in our customer support, engineering, accounting and finance, information technology, internal audit, human resources, legal and sales groups.
In February 2007, we reached a confidential settlement of a breach of contract, fraud and bad faith lawsuit filed in June 2002 in the United States District Court, District of Massachusetts. As part of the settlement, we acquired and recorded ownership of intangible assets valued at $9.3 million with all remaining claims settled for $6.2 million, of which $5.0 million was recognized as expense in the three months ended June 30, 2006 with the balance of $1.2 million being expensed in 2004 and prior periods. The case was dismissed in March 2007.
On March 22, 2002, the SEC notified us that it had commenced a Formal Order of Private Investigation into our accounting practices. On September 29, 2005, we announced we had reserved $50.0 million in connection with the proposed settlement with the SEC and we had deposited $50.0 million in an escrow account with the SEC as the designated beneficiary. On February 9, 2006, the SEC entered the final judgment for the settlement with us. We also agreed to release $50.0 million to the SEC for the civil penalty on February 13, 2006 and certain other conditions, such as engaging independent consultants to examine and recommend improvements to our internal controls to ensure compliance with federal securities laws.
We have described below our material legal proceedings and investigations that are currently pending and are not in the ordinary course of business. If management believes that a loss arising from these matters is probable and can reasonably be estimated, we record the amount of the loss, or the minimum estimated liability when the loss is estimated using a range, and no point within the range is more probable than another. As additional information becomes available, any potential liability related to these matters is assessed and the estimates are revised, if necessary. While we cannot predict the likelihood of future claims or inquiries, we expect that new matters may be initiated against us from time to time. The results of claims, lawsuits and investigations also cannot be predicted, and it is possible that the ultimate resolution of these matters, individually and in the aggregate, may have a material adverse effect on our business, financial condition, results of operations or cash flows.
In May 2006, we announced that we had commenced an investigation of our historical stock option granting practices. As a result of that investigation, we concluded that certain stock options had been accounted for using incorrect measurement dates, which, in some instances, were chosen with the benefit of hindsight so as to intentionally give more favorable exercise prices. Consequently, certain of our historical financial statements needed to be restated to correct improper accounting for backdated stock options. In December 2007, we filed our Form 10-K for 2006, which included the effects of a restatement of our audited consolidated financial statements for 2004 and 2005, our selected financial data for 2002 through 2005, and our unaudited quarterly financial data for all quarters in 2005 and the first quarter of 2006.
On May 23, 2006, the SEC notified us that an investigation had begun regarding our historical stock option grants. On June 7, 2006, the SEC sent us a subpoena requesting certain documents related to stock option grants from January 1, 1995 through the date of the subpoena. At or around the same time, we received a notice of informal inquiry from the United States Department of Justice, the (DOJ), concerning our stock option granting practices. On August 15, 2006, we received a grand jury subpoena from the U.S. Attorneys Office for the Northern District of California relating to the termination of our former general counsel, his stock option related activities and the investigation. On November 6, 2006, we received a document request from the SEC for option grant data for McAfee.com, previously one of our consolidated subsidiaries that was a publicly traded company from December 1999 through September 2002.
On November 2, 2006, the investigative team created by the Special Committee of our board of directors met with the Enforcement Staff of the SEC in Washington D.C. and presented the initial findings of the investigation. Pursuant to discussions between the investigative team and the SEC during that meeting, the scope of the investigation was expanded to include a review of the historical McAfee.com option grants along with our historical exercise activity with a view toward determining potential exercise date manipulation and post-employment arrangements with former executives.
We have provided documents requested, and we are cooperating with the SEC and DOJ. The SEC investigation is still in its preliminary stages thus we are unable to determine the ultimate outcome at this time. As such, no provision has been recorded in the financial statements for this matter.
On May 31, 2006, a purported stockholder derivative lawsuit styled Dossett v. McAfee, Inc., No. 5:06CV3484 (JF) was filed in the United States District Court for the Northern District of California against certain of our current and former directors and officers (Dossett). On June 7, 2006, another purported stockholders derivative lawsuit styled Heavy & General Laborers Locals 472 & 172 Pension & Annuity Funds v. McAfee, Inc., No. 5:06CV03620 (JF) was filed in the United States District Court for the Northern District of California against certain of our current and former directors and officers (Laborers). The Dossett and Laborers actions generally allege that we improperly backdated stock option grants between 1997 and the present, and that certain of our current and former officers or directors either participated in this backdating or allowed it to happen. The Dossett and Laborers actions assert claims purportedly on behalf of us for, inter alia, breach of fiduciary duty, abuse of control, constructive fraud, corporate waste, unjust enrichment, gross mismanagement, and violations of the federal securities laws. On July 13, 2006, the United States District Court for the Northern District of California entered an order consolidating the Dossett and Laborers actions as In re McAfee, Inc. Derivative Litigation, Master File No. 5:06CV03484 (JF) (the Consolidated Action). On January 22, 2007, we moved to dismiss the complaint in the Consolidated Action on the grounds that plaintiffs lack standing to sue on our behalf because, inter alia, they did not make a pre-suit demand on our board of directors. At the parties request, the Court has continued on several occasions the due date for the plaintiffs opposition to our motion to dismiss and the date for the hearing of that motion. Currently, there is no deadline by which plaintiffs must file an opposition to the pending motion to dismiss.
On August 7, 2007, a new stockholders derivative lawsuit styled Webb v. McAfee, Inc., No. C 07 4048 (PVT) was filed in the United States District Court for the Northern District of California against certain of our current and former directors and officers (Webb). The new lawsuit generally alleges the same facts and causes of action that plaintiffs have asserted in the Consolidated Action. The plaintiff in Webb requested that his action be consolidated with the Consolidated Action. On September 21, 2007, the Court consolidated the Webb action with the Consolidated Action.
On June 2, 2006, three identical lawsuits styled Greenberg v. Samenuk, No. 106CV064854, Gordon v. Samenuk, No. 106CV064855, and Golden v. Samenuk, No. 106CV064856 were filed in the Superior Court of the State of California, County of Santa Clara against certain of our current and former directors and officers (the State Actions). Like the Consolidated Action, the State Actions generally allege that we improperly backdated stock option grants between 2000 and the present, and that certain of our current and former officers or directors either participated in this backdating or allowed it to happen. Like the Consolidated Action, the State Actions assert claims purportedly on behalf of us for, inter alia, breach of fiduciary duty, abuse of control, corporate waste, unjust enrichment, and gross mismanagement. On June 23, 2006, we moved to dismiss these actions in favor of the first-filed Consolidated Action. On September 18, 2006, the Court consolidated the State Actions and denied our motions to dismiss, but stayed the State Actions due to the first-filed action in federal court. The stay, which was continued by the Court on several occasions, expired in December 2007.
In December 2007, we reached a tentative settlement with the plaintiffs in the Consolidated Action and the State Actions. The tentative agreement must be submitted to and approved by the Court. We accrued $13.8 million in the condensed consolidated financial statements as of June 30, 2006 due to our ongoing stock option investigation and restatement related to expected payments pursuant to the tentative settlement and expect to complete the documentation and the required approvals in the first half of 2008. While we cannot predict the ultimate outcome of
the lawsuits in the event that the tentative settlement is not approved by the Court, the provision recorded in the financial statements represents our best estimate at this time.
Certain investment bank underwriters, our company, and certain of our directors and officers have been named in a putative class action for violation of the federal securities laws in the United States District Court for the Southern District of New York, captioned In re McAfee.com Corp. Initial Public Offering Securities Litigation, 01 Civ. 7034 (SAS). This is one of a number of cases challenging underwriting practices in the initial public offerings (IPOs), of more than 300 companies. These cases have been coordinated for pretrial proceedings as In re Initial Public Offering Securities Litigation, 21 MC 92 (SAS). Plaintiffs generally allege that certain underwriters engaged in undisclosed and improper underwriting activities, namely the receipt of excessive brokerage commissions and customer agreements regarding post-offering purchases of stock in exchange for allocations of IPO shares. Plaintiffs also allege that various investment bank securities analysts issued false and misleading analyst reports. The complaint against us claims that the purported improper underwriting activities were not disclosed in the registration statements for McAfee.coms IPO and seeks unspecified damages on behalf of a purported class of persons who purchased our securities or sold put options during the time period from December 1, 1999 to December 6, 2000. On February 19, 2003 the Court issued an Opinion and Order dismissing certain of the claims against us with leave to amend. We accepted a settlement proposal on July 15, 2003.
We, together with the other issuer defendants and plaintiffs, entered into a stipulation of settlement and release of claims against the issuer defendants that was submitted to the Court for approval in June 2004. On August 31, 2005, the Court preliminarily approved the settlement which, among other things, was conditioned upon class certification. In December 2006, the appellate court overturned the certification of classes making it unlikely that the proposed settlement would receive final Court approval. As a result, on June 25, 2007, the Court entered an order terminating the proposed settlement. Plaintiffs have indicated that they will seek to amend their allegations and file amended complaints. It is uncertain whether there will be any revised or future settlement. Thus, the ultimate outcome, and any ultimate effect on us, cannot be precisely determined at this time.
In February 2008, a former executive notified us of his intent to seek arbitration of claims associated with his employment. He alleges that McAfee breached his employment contract and committed certain additional wrongful acts related to the expiration of his stock options. We anticipate that the arbitration demand will be filed during the first quarter of 2008 and that arbitration will begin in the second half of 2008. We believe these claims are without merit, and intend to vigorously contest these claims once a demand has been filed. No provision has been recorded in the financial statements related to this matter.
On January 7, 2007, a former executive filed an arbitration demand with the American Arbitration Association, Dallas Texas, (the Texas arbitration) seeking the arbitration of claims associated with his employment. The Texas arbitration is scheduled to begin in August 2008. On September 5, 2007, a Complaint for Damages and Other Relief was also filed by the same former executive, in the Superior Court of the State of California, County of Santa Clara, No. 107CV-093592 (the California litigation). The California litigation generally contained the same claims as were filed in the Texas arbitration. A Motion to Compel Arbitration of the California litigation with the Texas arbitration was granted in December 2007. We have filed counterclaims against the former executive, who was terminated. The board determined this termination was for cause. We believe the claims associated with the Texas arbitration and the California litigation are without merit. We intend to vigorously contest these claims, and no provision has been recorded in the financial statements for either the Texas arbitration or the California litigation.
On August 17, 2006, a patent infringement lawsuit captioned Deep Nines v. McAfee, Inc., No. 9:06CV174, (Deep Nines litigation) was filed in the United States District Court for the Eastern District of Texas. The lawsuit asserts that (i) several of our Enterprise products infringe a Deep Nines patent, and (ii) we falsely marked certain products with a McAfee patent that was abandoned after its issuance. The lawsuit seeks preliminary and permanent injunctions against the sale of certain products as well as damages. We have counter-asserted that Deep Nines has infringed various McAfee patents. The Deep Nines litigation is still in its preliminary stages thus we are unable to determine the ultimate outcome at this time. However, we believe that we have meritorious defenses to this lawsuit and intend to vigorously defend against it. No provision has been recorded in the financial statements for this matter.
In addition, we are engaged in certain legal and administrative proceedings incidental to our normal business activities and believe that these matters will not have a material adverse effect on our financial position, results of operations or cash flows.
No matters were submitted to a vote of stockholders during the quarter ended December 31, 2007.
Our common stock is traded on the New York Stock Exchange (NYSE), under the symbol MFE. Prior to December 1, 1997, our common stock traded on the NASDAQ National Market under the symbol MCAF. From December 1, 1997 until February 12, 2002, our common stock traded on the NASDAQ National Market under the symbol NETA. Our common stock began trading on the NYSE effective February 12, 2002, and traded under the symbol NET from February 12, 2002 until June 2004, when we changed our name to McAfee, Inc. and we began trading under the symbol MFE.
The following table sets forth, for the period indicated, the high and low sales prices for our common stock for the last eight quarters, all as reported by NYSE. The prices appearing in the table below do not reflect retail mark-up, mark-down or commission.
The annual certification to the NYSE attesting to our compliance with the NYSEs corporate governance listing standards was submitted by our chief executive officer to the NYSE in December 2007.
We have not paid any cash dividends since our reorganization into a corporate form in October 1992. We intend to retain future earnings for use in our business and do not anticipate paying cash dividends in the foreseeable future.
The following Performance Graph and related information shall not be deemed soliciting material or to be filed with the Securities and Exchange Commission, nor shall such information be incorporated by reference into any future filing under the Securities Act of 1933 or Securities Exchange Act of 1934, each as amended, except to the extent that we specifically incorporate it by reference into such filing.
The following graph shows a five-year comparison of cumulative total returns for our common stock, the CRSP Total Return Index for the NASDAQ Stock Market and the CRSP Total Return Industry Index for NASDAQ Computer and Data Processing Services Stocks, each of which assumes an initial value of $100 and reinvestment of dividends. The information presented in the graph and table is as of the end of each fiscal year ended December 31. The comparisons in the graph below are based on historical data and are not intended to forecast the possible future performance of our common stock.
Performance for 2007 reflects a December 31, 2007 closing market price on the New York Stock Exchange of $37.50.
Holders of Common Stock
As of February 21, 2008, there were 651 record owners of our common stock.
Our board of directors had previously authorized the repurchase of our common stock in the open market from time to time until October 2007, depending upon market conditions, share price and other factors. Beginning in May 2006, we suspended repurchases of our common stock in the open market due to the announced investigation into our historical stock option granting practices. Our authorization to repurchase common stock in the open market expired in October 2007 prior to our becoming current on our reporting obligations under the Securities Act of 1934, as amended, on December 21, 2007. Therefore, we had no repurchases of our common stock under a publicly announced repurchase program during the fourth quarter of 2007. In January 2008, our board of directors authorized the repurchase of up to $750.0 million of our common stock from time to time in the open market or through privately negotiated transactions through July 2009, depending upon market conditions, share price and other factors.
You should read the following selected financial data with our consolidated financial statements and related notes and Managements Discussion and Analysis of Financial Conditions and Results of Operations. Historical results may not be indicative of future results.
This Managements Discussion and Analysis of Financial Condition and Results of Operations contains forward-looking statements that involve known and unknown risks, uncertainties and other factors that may cause our actual results, levels of activity, performance or achievements to be materially different from any future results, levels of activity, performance or achievements expressed or implied by such forward-looking statements. Please see Special Note Regarding Forward-Looking Statements.
We are a leading dedicated security technology company that secures systems and networks from known and unknown threats around the world. We empower home users, businesses, government agencies, service providers and our partners with the latest technology available in order to block attacks, prevent disruptions, and continuously track and improve their security. We also provide software to manage and enforce security policies for organizations of all sizes. Finally, we provide expert services and technical support to ensure that our solutions actively meet our customers needs. These integrated solutions help our customers solve problems, enhance security and reduce costs.
We have one business and operate in one industry: developing, marketing, distributing and supporting computer security solutions for large enterprises, governments, small and medium-sized businesses and consumers either directly or through a network of qualified distribution partners. We derive our revenue from three sources: (i) service and support revenue, which includes maintenance, training and consulting revenue; (ii) subscription revenue, which consists of revenue from customers who purchase licenses for products for the term of the subscription; and (iii) product revenue, which includes revenue from perpetual licenses (those with a one-time license fee) and from hardware product sales. In 2007, service and support revenue accounted for 52% of net revenue, subscription revenue accounted for 42% and product revenue accounted for 6% of net revenue.
We continue to focus our efforts on building a full line of system and network protection solutions and technologies that support our multi-platform strategy of personal computer, internet and mobile security solutions. During 2007, we acquired SafeBoot Holding BV. With this acquisition, we will be able to provide customers with endpoint, network, web, email and data security, including encryption, as well as risk and compliance solutions. In January 2008, we completed the acquisition of ScanAlert, Inc., creator of the HACKER SAFE web site security
certification service. During 2006, we acquired three companies, SiteAdvisor, Inc., Preventsys, Inc. and Onigma Ltd., and substantially all of the assets of a fourth company, Citadel Security Software Inc., to enhance and complement our current offerings. The acquisition of SiteAdvisor significantly enhanced our internet security solutions. Our system security management and vulnerability management capabilities were further advanced with the acquisition of Preventsys. The acquisition of Onigma complemented our enterprise offerings by providing businesses with data loss prevention. The acquisition of Citadel Security Softwares assets broadened our capabilities for security policy compliance enforcement and vulnerability remediation.
As discussed more fully below, our net revenue in 2007 grew by 14% to $1,308.2 million from $1,145.2 million in 2006. Our net revenue is directly impacted by corporate, government and consumer spending levels. Our net income for 2007 grew 21% to $167.0 million, compared to $137.5 million in 2006. Net income in 2007 was negatively impacted by costs associated with the investigation into our past stock option granting practices and costs associated with the restatement of our financial statements which totaled $33.0 million. For 2005 our net revenue was $981.6 million and our net income was $118.2 million. Net income in 2005 was negatively impacted by a $50.0 million SEC settlement charge.
We operate our business in five geographic segments: North America; Europe, Middle East and Africa (EMEA); Japan; Asia-Pacific, excluding Japan; and Latin America. During 2007, 48% of our total net revenue was generated outside of North America. North America and EMEA collectively accounted for approximately 84% of our total net revenue in 2007. During 2006, 45% of our total net revenue was generated outside of North America, with North America and EMEA collectively accounting for 86% of our total net revenue. Revenue generated in Japan was negatively impacted during 2007 as the Japanese Yen weakened against the U.S. Dollar compared to 2006. See Note 18 to our consolidated financial statements for a description of revenue and income from operations by geographic region.
Our corporate products include (i) our small and medium-sized business (SMB) products and (ii) our enterprise products. Revenue from our corporate products increased $101.2 million, or 15%, to $769.8 million during 2007 from $668.6 million in 2006. The year-over-year increase in revenue was due to increased revenue from our McAfee Total Protection Solutions and Foundstone product lines, and increased maintenance renewals.
Our consumer products and services consist of online subscription service and retail boxed product sales of security solutions for home computers. Net revenue from our consumer security market increased $61.9 million, or 13%, to $538.5 million in 2007 from $476.6 million in 2006. The increase in revenue from our consumer market was attributable primarily to our strengthening relationships with strategic channel partners, such as AOL and Dell.
Our deferred revenue balance at December 31, 2007 increased 16% to $1,044.5 million, compared to $897.5 million at December 31, 2006. The increase is attributable to growing sales of maintenance renewals from our expanding customer base and increased sales of subscription-based offerings. We receive up front payments for maintenance and subscriptions but we recognize revenue over the service or subscription term. Approximately 84% of our total net revenue during 2007 came from prior-period deferred revenue. As with revenue, we believe that deferred revenue is a key indicator of the growth and health of our business.
In preparing our consolidated financial statements, we make estimates, assumptions and judgments that can have a significant impact on our net revenue, income from operations and net income, as well as the value of certain assets and liabilities on our consolidated balance sheet. To apply critical accounting policies we must evaluate a number of
complex criteria and significant accounting judgments. Management bases its estimates on historical experience and on various other assumptions that they believe to be reasonable under the circumstances. These estimates form the basis for making judgments about the carrying values of assets and liabilities. We evaluate our estimates on a regular basis and make changes accordingly. Senior management has discussed the development, selection and disclosure of these estimates with the audit committee of our board of directors. Actual results may materially differ from these estimates under different assumptions or conditions. If actual results were to differ from these estimates materially, the resulting changes could have a material effect on the consolidated financial statements.
An accounting policy is deemed to be critical if it requires an accounting estimate to be made based on assumptions about complex matters that are highly uncertain at the time the estimate is made, different estimates that reasonably could have been used, or changes in the accounting estimates that are reasonably likely to occur periodically, could materially impact the consolidated financial statements. Management believes the critical accounting policies described below reflect our more significant estimates and assumptions used in the preparation of the consolidated financial statements.
Our critical accounting policies are as follows:
We must make significant management judgments and estimates to determine revenue to be recognized in any accounting period. Material differences may result in the amount and timing of our revenue for any period if our management made different judgments or utilized different estimates. These estimates affect the deferred revenue on our consolidated balance sheet and the net revenue on our consolidated statement of income. Estimates regarding revenue affect all of our operating geographies.
Our revenue is derived primarily from three sources (i) services and support revenue, which includes maintenance, training and consulting revenue, (ii) subscription revenue, which includes revenue from subscription-based offerings and (iii) product revenue, which includes hardware and perpetual licenses revenue. We present revenue net of sales taxes in our consolidated statements of income and comprehensive income.
We apply the provisions of Statement of Position 97-2, Software Revenue Recognition (SOP 97-2), and related interpretations to all transactions involving the sale of software products and hardware products that include software. For hardware transactions where software is not incidental, we do not separate the license fee and we do not apply separate accounting guidance to the hardware and software elements. For hardware transactions where no software is involved or software is incidental, we apply the provisions of Staff Accounting Bulletin 104 Revenue Recognition (SAB 104).
We recognize revenue from the sale of software licenses when all of the following are met:
Persuasive evidence is generally a binding purchase order or license agreement. Delivery generally occurs when product is delivered to a common carrier or upon delivery of a grant letter and license key, if applicable. If a significant portion of a fee is due after our normal payment terms of typically 30 to 90 days, we recognize revenue as the fees become due. If we determine that collection of a fee is not reasonably assured, we defer the fees and recognize revenue upon cash receipt, provided all other revenue recognition criteria are met.
We enter into perpetual and subscription software license agreements through direct sales to consumer customers and indirect sales with partners, distributors and resellers. We recognize revenue from the indirect sales channel upon sell-through by the partner or distributor. The license agreements generally include service and support agreements, for which the related revenue is deferred and recognized ratably over the performance period. All revenue derived from our online subscription products is deferred and recognized ratably over the performance period. Professional services revenue is generally recognized as services are performed or if required, upon customer acceptance.
For arrangements with multiple elements, including software licenses, maintenance and/or services, we allocate and defer revenue equivalent to the vendor-specific objective evidence (VSOE) of fair value for the undelivered elements and recognize the difference between the total arrangement fee and the amount deferred for the undelivered elements as product revenue. VSOE of fair value is based upon the price for which the undelivered element is sold separately or upon substantive renewal rates stated in a contract. We determine fair value of the undelivered elements based on historical evidence of stand-alone sales of these elements to our customers. When VSOE does not exist for undelivered elements such as maintenance and support, the entire arrangement fee is recognized ratably over the performance period generally as services and support revenue.
We reduce revenue for estimates of sales incentives and sales returns. We offer sales incentives, including channel rebates, marketing funds and end-user rebates for products in our corporate and consumer product lines. Additionally, end users may return our products, subject to varying limitations, through distributors and resellers or to us directly for a refund within a reasonably short period from the date of purchase. We estimate and record reserves for sales incentives and sales returns based on our historical experience. In each accounting period, we must make judgments and estimates of sales incentives and potential future sales returns related to current period revenue. These estimates affect our net revenue line item on our consolidated statement of income and affect our net accounts receivable, deferred revenue or accrued liabilities line items on our consolidated balance sheet. These estimates affect all of our operating geographies.
At December 31, 2007, our allowance for sales returns and incentives was $48.5 million compared to $39.8 million at December 31, 2006. If our allowance for sales returns and incentives were to increase by 10%, or $4.9 million, our net revenue would decrease by $1.8 million and our deferred revenue would decrease by $3.1 million for the year ended December 31, 2007.
Deferred costs of revenue, which consist primarily of costs related to revenue-sharing arrangements and costs of inventory sold into our channel which have not been sold through to the end user, are included in prepaid expenses and prepaid taxes and other current assets on our consolidated balance sheet. We only defer direct and incremental costs related to revenue-sharing arrangements and recognize such deferred costs proportionate to the related revenue recognized. At December 31, 2007, our deferred costs were $79.0 million compared to $70.2 million at December 31, 2006.
We also make estimates of the uncollectibility of our accounts receivables. Management specifically analyzes accounts receivable balances, current and historical bad debt trends, customer concentrations, customer credit-worthiness, current economic trends and changes in our customer payment terms when evaluating the adequacy of the allowance for doubtful accounts. We specifically reserve for any account receivable for which collection is considered doubtful. These estimates affect the general and administrative line item on our statement of income and
the net accounts receivable line item on the consolidated balance sheet. The estimation of uncollectible accounts affects all of our operating geographies.
At December 31, 2007, our allowance for doubtful accounts was $4.1 million compared to $2.0 million at December 31, 2006. If an additional 1% of our gross accounts receivable were deemed to be uncollectible at December 31, 2007, our allowance for doubtful accounts would increase by $2.7 million and our provision for bad debt expense, revenue and deferred revenue would also be affected.
On January 1, 2006, we adopted SFAS 123(R), which is a revision of SFAS 123, and supersedes APB 25. SFAS 123(R) requires the measurement and recognition of compensation expense for all share-based payment awards made to our employees and directors based on the estimated fair values of the awards on their grant dates. Our share-based awards include stock options, restricted stock awards, restricted stock units and our employee stock purchase plan (ESPP).
For the years ended December 31, 2007 and 2006, we recognized stock-based compensation expense of $59.0 and $57.8 million, respectively. Prior to our adoption of SFAS 123(R), we applied the intrinsic value method set forth in APB 25 to calculate the compensation expense for share-based awards. During 2005, we recognized a charge of $4.5 million under APB 25 related to grant date intrinsic value resulting from revised accounting measurement dates, the exchange of McAfee.com options in 2002, options which were repriced in 1999 and restricted stock awards. See Note 15 to the consolidated financial statements for additional information.
We use the Black-Scholes model to estimate the fair value of our option awards and employee stock purchase rights issued under our ESPP. The Black-Scholes model requires estimates of the expected term of the option, as well as future volatility and the risk-free interest rate.
For options issued during 2007, we estimated the weighted-average fair value to be $14.55. We did not issue any employee stock purchase rights during 2007. The key assumptions that we used to calculate these values are provided below:
We derive the expected term of our options through a lattice model that factors in historical data on employee exercise and post-vesting employment termination behavior. The risk-free rate for periods within the expected life of the option is based on the U.S. Treasury yield curve in effect at the time of grant. Since January 1, 2006, we have used the implied volatility of options traded on our stock with a term of one year or more to calculate the expected volatility of our option grants. Prior to that time, the expected volatility was based solely on the historical volatility of our stock. We have not declared any dividends on our stock in the past and do not expect to do so in the foreseeable future.
The assumptions that we have made represent our managements best estimate, but they are highly subjective and inherently uncertain. If management had made different assumptions, our calculation of the options fair value and the resulting stock-based compensation expense could differ, perhaps materially, from the amounts recognized
in our financial statements. For example, if we increased the assumption regarding our stocks volatility for options granted during 2007 by 10%, our stock-based compensation expense would increase by $6.0 million, net of expected forfeitures. This increased expense would be amortized over the options 4.0 year vesting period. Likewise, if we increased our assumption of the expected lives of options granted during 2007 by one year, our stock-based compensation expense would increase by $3.0 million, net of expected forfeitures. This increased expense would be amortized over the options 4.0 year vesting period.
In addition to the assumptions used to calculate the fair value of our options, we are required to estimate the expected forfeiture rate of all share-based awards and only recognize expense for those awards we expect to vest. The stock-based compensation expense recognized in our consolidated statement of income for the year ended December 31, 2007 has been reduced for estimated forfeitures. If we were to change our estimate of forfeiture rates, the amount of share-based compensation could differ, perhaps materially, from the amount recognized in our financial statements. For example, if we had decreased our estimate of expected forfeitures by 50%, our stock-based compensation expense for the year ended December 31, 2007, net of expected forfeitures, would have increased by $9.5 million. This decrease in our estimate of expected forfeitures would increase the amount of expense for all unvested stock options and restricted stock awards and units that have not yet been recognized by $16.0 million, amortized over a weighted-average period of 2.4 years.
Restructuring Accrual. We record facility restructuring charges in accordance with Statement of Financial Accounting Standards No. 146, Accounting for Exit Costs Associated With Exit or Disposal Activities (SFAS 146). To determine our restructuring charges and the corresponding liabilities, SFAS 146 requires us to make a number of assumptions. These assumptions included estimated sublease income over the remaining lease period, estimated term of subleases, estimated utility and real estate broker fees, as well as estimated discount rates for use in calculating the present value of our liability. We develop these assumptions based on our understanding of the current real estate market in the respective locations as well as current market interest rates. The assumptions used are our managements best estimate at the time of the accrual, and adjustments are made on a periodic basis if better information is obtained. If, at December 31, 2007, our estimated sublease income were to decrease 10%, the restructuring reserve and related expense would have increased by $1.4 million.
The estimates regarding our restructuring accruals affect our current liabilities and other long-term liabilities line items in our consolidated balance sheet, since these liabilities will be settled each year through 2013. These estimates affect our statement of income in the restructuring line item.
Litigation. Managements current estimated range of liability related to litigation that is brought against us from time to time is based on claims for which our management can estimate the amount and range of loss. We recorded the minimum estimated liability related to those claims, where there is a range of loss as there is no better point of estimate. Because of the uncertainties related to an unfavorable outcome of litigation, and the amount and range of loss on pending litigation, management is often unable to make a reasonable estimate of the liability that could result from an unfavorable outcome. As litigation progresses, we continue to assess our potential liability and revise our estimates. Such revisions in our estimates could materially impact our results of operations and financial position. Estimates of litigation liability affect our accrued liability line item on our consolidated balance sheet and our general and administrative expense line item on our statement of income. See Note 19 in our Notes to the Consolidated Financial Statements.
As part of the process of preparing our consolidated financial statements we are required to estimate our income taxes in each of the jurisdictions in which we operate. This process involves estimating our actual current tax exposure together with assessing temporary differences resulting from differing treatment of items, such as deferred revenue, for tax and accounting purposes. These differences result in deferred tax assets and liabilities, which are included within our consolidated balance sheet. We must then assess and make significant estimates regarding the likelihood that our deferred tax assets will be recovered from future taxable income and to the extent we believe that recovery is not likely, we must establish a valuation allowance. To the extent we establish a valuation
allowance or increase this allowance in a period, we must include an expense within the tax provision in the statement of income. Estimates related to income taxes affect the deferred tax asset and liability line items and accrued liabilities in our consolidated balance sheet and our income tax expense line item in our statement of income.
The net deferred tax asset as of December 31, 2007 was $577.5 million, net of a valuation allowance of $65.0 million. The valuation allowance is recorded due to the uncertainty of our ability to utilize some of the deferred tax assets related to foreign tax credits and net operating losses of acquired companies. The valuation allowance is based on our historical experience and estimates of taxable income by jurisdiction in which we operate and the period over which our deferred tax assets will be recoverable. In the event that actual results differ from these estimates or we adjust these estimates in future periods we may need to establish an additional valuation allowance which could materially impact our financial position and results of operations.
Tax returns are subject to audit by various taxing authorities. Although we believe that adequate accruals have been made each period for unsettled issues, additional benefits or expenses could occur in future years from resolution of outstanding matters. We record additional expenses each period on unsettled issues relating to the expected interest we would be required to pay a tax authority if we do not prevail on an unsettled issue. We continue to assess our potential tax liability included in accrued taxes in the consolidated financial statements, and revise our estimates. Such revisions in our estimates could materially impact our results of operations and financial position. We have classified a portion of our tax liability as non-current in the consolidated balance sheet based on the expected timing of cash payments to settle contingencies with taxing authorities.
We account for goodwill and other indefinite-lived intangible assets in accordance with SFAS No. 142, Goodwill and Other Intangible Assets (SFAS 142). SFAS 142 requires, among other things, the discontinuance of amortization for goodwill and indefinite-lived intangibles and at least an annual test for impairment. An impairment review may be performed more frequently in the event circumstances indicate that the carrying value may not be recoverable.
We are required to make estimates regarding the fair value of our reporting units when testing for potential impairment. We estimate the fair value of our reporting units using a combination of the income approach and the market approach. Under the income approach, we calculate the fair value of a reporting unit based on the present value of estimated future cash flows. Under the market approach, we estimate the fair value based on market multiples of revenue or earnings for comparable companies. We estimate cash flows for these purposes using internal budgets based on recent and historical trends. We base these estimates on assumptions we believe to be reasonable, but which are unpredictable and inherently uncertain. We also make certain judgments about the selection of comparable companies used in the market approach in valuing our reporting units, as well as certain assumptions to allocate shared assets and liabilities to calculate the carrying value for each of our reporting units. If an impairment were present, these estimates would affect an impairment line item on our consolidated statement of income and would affect the goodwill in our consolidated balance sheet. As goodwill is allocated to all of our reporting units, any impairment could potentially affect each operating geography.
Based on our most recent impairment test, there would have to be a significant change in assumptions used in such calculation in order for an impairment to occur as of December 31, 2007.
We account for finite-lived intangibles and long-lived assets in accordance with SFAS No. 144, Accounting for the Impairment or Disposal of Long-Lived Assets. Under this standard we will record an impairment charge on finite-lived intangibles or long-lived assets to be held and used when we determine that the carrying value of intangibles and long-lived assets may not be recoverable.
Based upon the existence of one or more indicators of impairment, we measure any impairment of intangibles or long-lived assets based on a projected discounted cash flow method using a discount rate determined by our management to be commensurate with the risk inherent in our current business model. Our estimates of cash flows require significant judgment based on our historical results and anticipated results and are subject to many of the factors, noted below as triggering factors, which may change in the near term.
Factors considered important, which could trigger an impairment review include, but are not limited to:
Goodwill amounted to $750.1 million and $530.5 million as of December 31, 2007 and 2006, respectively. We did not hold any other indefinite-lived intangibles as of December 31, 2007 and 2006. Net finite-lived intangible assets and long-lived assets amounted to $314.8 million and $205.6 million as of December 31, 2007 and 2006, respectively.
Results of Operations
Years Ended December 31, 2007, 2006 and 2005
The following table sets forth, for the periods indicated, a year-over-year comparison of the key components of our net revenue:
The increase in net revenue from 2006 to 2007 reflected (i) a $101.2 million, or 15%, increase in our corporate business and (ii) a $61.9 million, or 13%, increase in our consumer business.
Net revenue from our corporate business increased during 2007 compared to 2006 primarily due to an 11% increase in our system security products, a 26% increase in our network security products and a 35% increase in our McAfee Foundstone offerings. Net revenue from our system security products, McAfee Network Security product line and Foundstone product line, increased by $58.1 million, $30.6 million and $11.5 million, respectively. During 2007, we experienced an increase in both the number and the size of larger transactions sold to customers through a solution selling approach which bundles multiple products and services. Net revenue from our consumer business increased during 2007 compared to 2006 primarily due to (i) online subscriber growth due partly to an increase in our customer base and expansion to additional countries and (ii) increased online renewal subscriptions. These increases reflected our strengthening relationships with strategic channel partners such as AOL and Dell.
The increase in net revenue from 2005 to 2006 reflected (i) a $104.1 million increase in our corporate business and (ii) a $61.3 million increase in our consumer business. This increase was partially offset by a $1.9 million decrease attributable to McAfee Labs, which was sold in April 2005. Net revenue from our corporate business
increased during 2006 compared to 2005 primarily due to (i) increased corporate spending on McAfee security products and (ii) increased revenue from our McAfee Intrushield and McAfee Foundstone offerings. Net revenue from our McAfee Intrushield, which is now included in McAfee Network Security, and Foundstone product lines increased $25.1 million and $18.2 million, respectively. Net revenue from our consumer business increased during 2006 compared to 2005 primarily due to (i) online subscriber growth due to our increased customer base, (ii) increased online renewal subscriptions and (iii) increased royalty revenue from our strategic channel partners, such as AOL and Dell.
The following table sets forth, for the periods indicated, net revenue in each of the five geographic regions in which we operate:
Net revenue outside of North America accounted for 48%, 45%, and 43% of net revenue for 2007, 2006 and 2005, respectively. Net revenue from North America and EMEA has historically comprised between 80% and 90% of our business.
The increase in total net revenue in North America during 2007 primarily related to (i) a $38.2 million increase in corporate revenue in North America due to increased corporate spending on McAfee security products and increased revenue from our Foundstone, McAfee Network Security and Webshield product lines and (ii) a $6.8 million increase in consumer revenue in North America.
The increase in total net revenue in North America during 2006 primarily related to (i) a $46.2 million increase in corporate revenue in North America due to increased corporate spending on McAfee security products and increased revenue from our Foundstone and McAfee Network Security product lines and (ii) a $25.2 million increase in consumer revenue in North America partially offset by a $1.9 million decrease attributable to McAfee Labs, which was sold in April 2005.
The increase in total net revenue in EMEA during 2007 was attributable to (i) a $51.1 million increase in corporate revenue due to increased corporate spending on McAfee security products and increased revenue from our Foundstone and McAfee Network Security product lines and (ii) a $21.2 million increase in consumer revenue from online subscriber growth due to our increased customer base. Net revenue from EMEA was also positively impacted by the strengthening Euro against the U.S. Dollar, which resulted in an approximate $35.4 million impact to EMEA net revenue in 2007 compared to 2006 and is included in the corporate and consumer increases above.
The increase in total net revenue in EMEA during 2006 was attributable to (i) a $45.5 million increase in corporate revenue due to increased corporate spending on McAfee security products and increased revenue from our Foundstone and McAfee Network Security product lines and (ii) a $27.1 million increase in consumer revenue from online subscriber growth due to our increased customer base. Net revenue from EMEA was also positively impacted by the strengthening Euro against the U.S. Dollar, which resulted in an approximate $0.4 million impact to EMEA net revenue in 2006 compared to 2005 and is included in the corporate and consumer increases above.
Net revenue from our consumer business in both North America and in EMEA increased during 2007 and 2006 primarily due to (i) online subscriber growth due to our increased customer base and expansion to additional countries and (ii) increased online renewal rates.
Our Japan, Latin America and Asia-Pacific operations combined have historically comprised less than 20% of our total net revenue and we expect this trend to continue. Although total net revenue from Japan increased in 2007 compared to 2006, the weakening Japanese Yen against the U.S. Dollar resulted in an approximate $1.7 million negative impact to Japanese net revenue.
Risks inherent in international revenue include the impact of longer payment cycles, greater difficulty in accounts receivable collection, unexpected changes in regulatory requirements, seasonality, political instability, tariffs and other trade barriers, currency fluctuations, a high incidence of software piracy in some countries, product localization, international labor laws, compliance with the Foreign Corrupt Practices Act and our relationship with our employees and regional work councils and difficulties staffing and managing foreign operations. These factors may have a material adverse effect on our future international revenue.
The following table sets forth, for the periods indicated, each major category of our service and support revenue as a percent of service and support revenue:
Service and support revenue includes revenue from software support and maintenance contracts, training and consulting. The increase in service and support revenue in 2007 compared to 2006 was attributable to an increase in support and maintenance primarily due to amortization of previously deferred revenue from support arrangements and an increase in sales of support renewals. In addition, revenue from consulting increased due to both our Foundstone Consulting Services, which includes threat modeling, security assessments and education, and McAfee Consulting Services, which provides product design and deployment support.
The increase in service and support revenue in 2006 compared to 2005 was attributable to an increase in support and maintenance primarily due to amortization of previously deferred revenue from support arrangements and an increase in sales of support renewals offset slightly by a decrease in consulting and training revenue.
Although we expect our service and support revenue to continue to increase, our growth rate and net revenue depend significantly on renewals of support arrangements as well as our ability to respond successfully to the pace
of technological change and expand our customer base. If our renewal rate or our pace of new customer acquisition slows, our net revenue and operating results would be adversely affected.
The following table sets forth, for the periods indicated, the change in subscription revenue:
Subscription revenue includes revenue from online subscription arrangements. The increase in subscription revenue in 2007 compared to 2006 was attributable to (i) an increase in our on-line subscription arrangements due to our continued relationships with strategic channel partners, such as AOL and Dell, (ii) an increase in revenue from our McAfee Total Protection Service for small and medium-sized businesses, (iii) an increase in royalties from sales by our strategic channel partners, which have increased in number from 2006, and (iv) an increase due to our launch of McAfee Consumer Suites, including McAfee VirusScan Plus, McAfee Internet Security, and McAfee Total Protection Solutions in September 2006, as these suites utilized a subscription-based model.
The increase in subscription revenue in 2006 compared to 2005 was attributable to (i) an increase in our on-line subscription arrangements due to our continued relationships with strategic channel partners, such as AOL and Dell, (ii) an increase in revenue from our McAfee Managed VirusScan online service, (iii) an increase in royalties from sales by our strategic channel partners and (iv) an increase due to our McAfee Consumer Suites launch in September 2006, as these suites utilized a subscription-based model.
The following table sets forth, for the periods indicated, each major category of our product revenue as a percent of total product revenue:
Product revenue includes revenue from perpetual software licenses, hardware sales and retail product sales. The decrease in product revenue from 2007 compared to 2006 was primarily attributable to a decrease in license revenue as a result of the launch of our McAfee Consumer Suites in September 2006 when we switched from a perpetual model, which resulted in more revenue being recognized up-front to a subscription licensing model, which resulted in more revenue being recognized ratably over the term of the agreement. Although product revenue as a whole decreased as a result of our launch of McAfee Consumer Suites, retail and other revenue increased due to
the launch. Since these suites utilize a subscription-based model, sales return costs previously recognized as an offset to retail revenue is now recognized as an offset to subscription revenue.
The decrease in product revenue from 2006 compared to 2005 was attributable to (i) a decrease in retail sales in 2006 due to our continued shift in focus from retail-boxed products to our online subscription model for consumers, (ii) a decrease in license revenue which management believes is due to our launch of McAfee Consumer Suites, including McAfee VirusScan Plus, McAfee Internet Security, and McAfee Total Protection Solutions in September 2006, as these suites utilize a subscription-based model and (iii) an increase in incentive rebates and marketing funds with our partners that are recorded as an offset to revenue and generally included in retail and other revenue in the table above. These decreases were partially offset by an increase in Foundstone hardware revenue and an increase in demand for Intrushield.
Generally, our corporate customers license our software on a perpetual basis and our consumer customers license our software on a subscription basis. With the launch of our McAfee Consumer Suites in 2006, all consumer licenses are subscription-based. The continued use of a subscription-based model for licenses will result in product revenue declines with a corresponding increase in subscription revenue.
The following table sets forth, for the periods indicated, a comparison of cost of revenue:
Cost of service and support revenue consists principally of salaries, benefits and stock-based compensation related to employees providing customer support, training and consulting services. The cost of service and support revenue decreased in 2007 compared to 2006 due to the shift in focus from perpetual retail-boxed products to our McAfee Consumer Suites subscription model for consumers. For 2007, a larger percentage of total cost of service and support revenue relates to subscription-based consumer licenses. The decrease in cost for 2007 compared to 2006 was slightly offset by an increase in consulting service costs as a result of increased consulting activity. The cost of service and support revenue as a percentage of service and support revenue for 2007 remained consistent when compared to 2006.
Beginning in 2006, our technical support teams devoted proportionately more time to routine customer support and less time to product development. We have allocated a greater percentage of technical support costs to cost of
net revenue and a lesser percentage to research and development costs relative to prior periods, resulting in a three percentage point increase in cost of service and support revenue as a percentage of service and support revenue for 2006 as compared to 2005.
We anticipate the cost of service and support revenue will fluctuate in absolute dollars in connection with service and support revenue growth.
Cost of subscription revenue consists primarily of costs related to the sale of on-line subscription arrangements, the majority of which include revenue-share arrangements and royalties paid to our strategic channel partners. The increase in subscription costs for 2007 compared to 2006 was primarily attributed to (i) an increase in the volume of online subscription arrangements and royalties paid to our on-line strategic channel partners and (ii) an increase in the cost to support subscription-based consumer licenses. These increased costs are also the cause for the increase in cost of subscription revenue as a percentage of subscription revenue, when comparing the same periods.
The increase in subscription costs in 2006 compared to 2005 was primarily attributed to an increase in online subscription arrangements and royalties paid to our online strategic channel partners. As a percentage of subscription revenue, cost of subscription revenue increased during 2006 compared to 2005 due to higher online subscription volumes and higher percentages payable to our partners under online subscription arrangements.
We anticipate that the cost of subscription revenue will increase in absolute dollars due to increased demand for our subscription-based products with associated revenue-sharing costs.
Cost of product revenue consists primarily of the cost of media, manuals and packaging for products distributed through traditional channels, and, with respect to hardware-based security products, the cost of computer platforms and other hardware and embedded third party components. The cost of product revenue for 2007 decreased from 2006 due to a decrease in product units sold, consistent with our shift in focus from retail-boxed products to our online subscription model, and to a decrease in costs associated with product warranties and obsolete inventory. Cost of product revenue for 2007 decreased as a percentage of product revenue compared to 2006, due primarily to decreased costs as a percentage of revenue in our consumer business.
The decrease in the cost of product revenue from 2005 to 2006 was primarily attributable to our shift in focus from retail-boxed products to our online subscription model, slightly offset by an increase in hardware costs. As a percentage of product revenue, cost of product revenue increased due to increased incentive rebates and marketing funds in addition to a shift in product mix from higher margin licensing revenue to lower margin hardware revenue. Upon the launch of our McAfee Consumer Suites, all license revenue and related cost of revenue are included in subscription revenue and cost of subscription revenue.
We anticipate that cost of product revenue will increase or decrease in absolute dollars depending on the mix and size of certain enterprise-related transactions.
The increase in amortization of purchased technology in 2007 was due to the acquisitions of SiteAdvisor in April 2006, Preventsys in June 2006, Onigma in October 2006, Citadel in December 2006 and SafeBoot in November 2007. Purchased technology related to these five acquisitions totaled $160.4 million. Amortization for these items was $20.6 million in 2007 compared to $6.1 million in 2006. The purchased technology is being amortized over estimated useful lives of up to seven years.
The increase in amortization of purchased technology in 2006 was due to the acquisitions of SiteAdvisor in April 2006, Preventsys in June 2006, Onigma in October 2006 and Citadel in December 2006. Purchased technology related to these four acquisitions totaled $58.0 million. Amortization for these items was $6.1 million in 2006. The purchased technology is being amortized over estimated useful lives of up to seven years.
On January 1, 2006, we adopted SFAS 123(R), which requires the measurement and recognition of compensation expense for all share-based awards made to our employees and directors based on the estimated fair values. The following table summarizes the stock-based compensation expense that we recorded in accordance with the provisions of SFAS 123(R) in 2007 and 2006 (in thousands):
Amortization of fair value of options. We recognize the fair value of stock options issued to employees and directors as stock-based compensation expense over the vesting period of the awards. As we adopted SFAS 123(R) using the modified prospective method, these charges include compensation expense for stock options granted prior to January 1, 2006 but not yet vested as of January 1, 2006, based on the grant date fair value estimated in accordance with the pro forma provisions of SFAS 123, and compensation expense for stock options granted subsequent to January 1, 2006 based on the grant date fair value estimated in accordance with the provisions of SFAS 123(R). During 2007 and 2006, stock-based compensation expense associated with the amortization of fair value of options issued to employees and directors and assumed in acquisitions totaled $19.3 million and $30.7 million, respectively.
Extension of post-termination exercise period. From July 2006, when we announced that we might have to restate our historical financial statements as a result of our stock option granting practices investigation, through December 21, 2007, the date we became current on our reporting obligations under the Securities Exchange Act of 1934, as amended, (blackout period), we were not able to issue any shares, including those pursuant to stock option exercises. In January 2007, we extended the post-termination exercise period for all vested options held by 640 former employees and outside directors that would expire during the blackout period. As a result of this modification and the November 2007 modification described below, we recognized $14.0 million of stock-based compensation expense in 2007 and $4.3 million of stock-based compensation expense in the fourth quarter of 2006 based on the fair value of these modified options. The expense was calculated in accordance with the guidance in SFAS 123(R). The options were deemed to have no value prior to the extension of the life beyond the blackout period.
Based on the guidance in SFAS 123(R) and related FASB Staff Positions, after the January 2007 modification, stock options held by former employees and outside directors that terminated prior to such modification became subject to the provisions of EITF 00-19, Accounting for Derivative Financial Instruments Indexed to, and Potentially Settled in, a Companys Own Stock (EITF 00-19). As a result, in January 2007, these options were reclassified as liability awards within current liabilities. Accordingly, at the end of each reporting period, we determine the fair value of these options utilizing the Black-Scholes valuation model and recognize any change in fair value of the options in our consolidated statements of income in the period of change. The expense or benefit associated with these options is included in general and administrative expense in our consolidated statements of income, and is not reflected as stock- based compensation expense. We will record expense or benefit in the three months ended March 31, 2008 based on the closing price of our common stock on the days on which the options are exercised or expire.
In November 2007, due to a delay in our becoming current in our reporting obligations, we extended the post-termination exercise period for options held by 690 former employees and outside directors who terminated subsequent to the January 2007 modification and those previously modified in January 2007 as discussed above, until the earlier of (i) the ninetieth calendar day after December 21, 2007, the date we became current in our reporting obligations under the Securities Exchange Act of 1934, as amended, (ii) the expiration of the contractual terms of the options, or (iii) December 31, 2008. Based on the guidance in SFAS 123(R) and related FASB Staff Positions, after the November 2007 modification, stock options held by the former employees and outside directors that terminated subsequent to the January 2007 modification and prior to November 2007 became subject to the provisions of EITF 00-19. As a result, in November 2007, these options were reclassified as liability awards within current liabilities. Accordingly, at the end of each reporting period, we determine the fair value of these options utilizing the Black-Scholes valuation model and recognize any change in fair value of the options in our consolidated statements of income in the period of change. The expense or benefit associated with these options is included in general and administrative expense in our consolidated statements of income, and is not reflected as stock-based compensation expense. We will record expense or benefit in the three months ended March 31, 2008 based on the closing price of our common stock on the days on which the options are exercised or expire.
Former executive acceleration. On February 6, 2007, our board of directors accelerated unvested stock options held by our former chief executive officer without an extension of the post-employment exercise period. All such stock options have since expired unexercised due to the blackout. In the fourth quarter of 2006 we recorded an additional non-cash, stock-based compensation expense of $1.4 million before tax for the remaining unamortized fair value of these options. Any claims that our former chief executive officer might have with respect to the expired stock options have not been released by him.
Cash settlement of options. Certain stock options held by terminated employees expired during the blackout period as they could not be exercised during the 90-day period subsequent to termination. In January 2007, we determined that we would settle these options in cash. As of December 31, 2007, we recorded a liability of $5.7 million based on the intrinsic value of these options using our December 31, 2007 closing stock price. As of December 31, 2006, we recorded a liability of $3.1 million, based on the intrinsic value of these options using our January 7, 2007 closing stock price. We paid $5.2 million in January 2008 to settle these options was based upon the average closing price of our common stock subsequent to December 21, 2007, the date we became current on our reporting obligations under the Securities Exchange Act of 1934, as amended. We also paid approximately $0.3 million to current employees during 2007 whose options expired during the blackout period.
Restricted stock awards and units. We recognize stock-based compensation expense for the fair value of restricted stock awards and restricted stock units. Fair value is determined as the difference between the closing price of our common stock on the grant date and the purchase price of the restricted stock awards and units. The fair value of these awards is recognized to expense over the requisite service period of the awards. During 2007 and 2006, stock-based compensation expense associated with restricted stock awards and units totaled $22.8 million and $16.4 million, respectively.
Employee Stock Purchase Plan. We recognize stock-based compensation expense for the fair value of employee stock purchase rights issued pursuant to our ESPP. The estimated fair value of employee stock purchase rights is based on the Black-Scholes pricing model. Expense is recognized ratably based on contributions and the total fair value of the employee stock purchase rights estimated to be issued. Beginning in July 2006, we suspended purchases under our employee stock purchase plan, returned all withholdings to our participating employees, including interest based on a 5% per annum interest rate, due to the investigation into our historical stock option granting practices and not being current on our reporting obligations under the Securities Exchange Act of 1934, as amended. We had no stock-based compensation expense for the employee stock purchase plan during 2007. Stock-based compensation expense associated with our ESPP totaled $1.9 million during 2006. In January 2008, our board approved commencing our ESPP during the three months ended June 30, 2008 with a six-month offering period and a six-month look-back.
The following table summarizes pre-tax stock-based compensation expense recorded by consolidated statements of income line item in 2007 and 2006 (in thousands):
Prior to our adoption of SFAS 123(R), we accounted for stock-based awards to employees and directors using the intrinsic value method in accordance with APB 25, as allowed under SFAS 123. During 2005, we recorded stock-based compensation expense totaling $4.5 million, of which $3.4 million was attributable to our restatement. The following table summarizes the stock-based compensation expense recorded in 2005 (in thousands):
Grant date intrinsic value. We recognize stock-based compensation expense over the vesting period of the awards for the excess of the fair value of our common stock as of the revised measurement date over the exercise price of the options. During 2005, we recognized stock-based compensation expense related to option grants with grant date intrinsic value totaling $3.3 million.
In connection with the acquisition of Foundstone in October 2004, we recorded deferred compensation for the intrinsic value of our options issued in exchange for unvested options held by Foundstone employees. These options are vesting over the requisite service period. We recognized stock-based compensation expense totaling $0.5 million in 2005 related to these options.
Restricted stock awards. We granted restricted stock awards to key employees and executives in 2005 and 2002. The stock-based compensation expense related to these awards is determined based on the excess of our closing stock price on the grant date over the $0.01 purchase price, and is recognized over the vesting period. We recorded stock-based compensation expense of $1.1 million in 2005 related to these restricted stock grants.
Exchange of McAfee.com options. In September 2002, we acquired the minority interest of McAfee.com and exchanged options to purchase our common stock for McAfee.com options held by McAfee.com employees. The exchanged options included a provision for a cash payment to the option holder upon exercise, which resulted in the options being accounted for as variable awards. We recorded stock-based compensation expense of $0.3 million in
2005 related to these exchanged options subject to variable accounting. This stock-based compensation expense was based on our closing stock price of $27.13 at December 31, 2005.
Repriced options. Certain of our options were repriced in 1999, resulting in variable accounting. During 2005, we recorded a benefit of $0.8 million based on closing stock prices as of December 31, 2005 of $27.13. These options were fully vested at December 31, 2005, therefore, no stock-based compensation expense has been recognized under SFAS 123(R).
The pre-tax stock-based compensation expense of $4.5 million in 2005 is included in the following line items in our consolidated statements of income (in thousands):
See Note 15 in the consolidated financial statements for additional information regarding stock-based compensation.
During 2006, we changed our equity compensation program for existing employees by starting to grant, in certain instances, restricted stock units that vest over a specified period of time in addition to awarding stock options. For new employees, we continue to grant stock options. Going forward, our management and compensation committee will consider utilizing all types of equity compensation to reward top-performing employees, including performance-based restricted stock units.
As of December 31, 2007, total compensation cost related to unvested stock options, restricted stock units, restricted stock awards not yet recognized and reduced by estimated forfeitures was $67.9 million. This amount is expected to be recognized over a weighted-average period of 2.4 years.
Adverse tax consequences will result from our revision of accounting measurement dates for stock options that vest subsequent to December 31, 2004, or the 409A affected options. These adverse tax consequences include a penalty tax payable by the option holder under Internal Revenue Code (IRC) Section 409A (and, as applicable, similar penalty taxes under state tax laws). As virtually all holders of options with revised measurement dates were not involved in or aware of their incorrect option exercise prices, we took certain actions, as described below, to deal with the adverse tax consequences that may be incurred by the holders of such options.
Section 16(a) Officers and Directors
In December 2006, our board of directors approved the amendment of 409A affected options for those who were Section 16(a) officers upon the receipt of 409A affected options to increase the exercise price to the fair market value of our common stock on the revised measurement date. These amended options would not be subject to taxation under IRC Section 409A. Under IRS regulations, these option amendments had to be completed by December 31, 2006 for anyone subject to Section 16(a) requirements upon receipt of the IRC Section 409A affected options. There was no expense associated with this action, as the modifications increased the exercise price, which results in no increase in fair value of the option.
In January 2008, after we became current with our reporting obligations under the Securities and Exchange Act of 1934, we filed a Tender Offer Statement on Schedule TO with the SEC. The tender offer extended an offer by us to holders of certain outstanding stock options to amend the exercise price on certain of their outstanding options. The purpose of the tender offer was to amend the exercise price on options to have the same price as the fair market value on the revised measurement dates that were identified during our voluntary review of our historical stock option grant practices. As part of this tender offer, we will pay a cash bonus of $1.7 million, of which $0.4 million will be paid to Canadian employees in 2008 and $1.3 million will be paid to U.S. employees in 2009, to reimburse optionees who elected to participate in the tender offer for any increase in the exercise price of their options resulting from the amendment. The impact of the bonus, which will be recorded during the first quarter of 2008, will result in a decrease to additional paid-in capital of $1.1 million and an increase in stock-based compensation expense of $0.6 million.
The following table sets forth, for the periods indicated, a comparison of our research and development expenses.
Research and development expenses consist primarily of salary, benefits, and stock-based compensation for our development and a portion of our technical support staff, contractors fees and other costs associated with the enhancements of existing products and services and development of new products and services. The increase in research and development expenses in 2007 was primarily attributable to (i) a $25.4 million increase in salary and benefit expense for individuals performing research and development activities due to an increase in average headcount and salary increases and (ii) a $3.3 million increase due to the strengthening Euro against the U.S. Dollar during the year, partially offset by (i) a $1.2 million decrease in the use of third-party contractors, (ii) a decrease of $1.0 million in stock-based compensation expense in 2007 and (iii) decreases in various other expenses associated with research and development activities.
The increase in research and development expenses in 2006 compared to 2005 was primarily attributable to (i) a $20.9 million increase in salary and benefit expense for individuals performing research and development activities due to an increase in average headcount and salary increases that were effective as of April 2006, (ii) the recognition of $15.0 million of stock-based compensation expense in 2006 due to the implementation of SFAS 123(R) on January 1, 2006 compared to the recognition of $0.5 million stock-based compensation expense under APB 25 in 2005, (iii) a $5.6 million increase attributable to acquisition-related bonuses, primarily related to the SiteAdvisor acquisition and (iv) a $1.6 million increase due to additional use of third-party contractors, partially offset by a decrease of $25.5 million due mostly to our revised allocation of technical support costs related to a general decrease in product development efforts and decreases in various other expenses related to research and development activities in 2006.
Beginning in 2006, our technical support teams devoted proportionately more time to routine customer support and less time to product development. We have allocated a greater percentage of technical support costs to cost of net revenue and a lesser percentage to research and development costs relative to prior periods.
We believe that continued investment in product development is critical to attaining our strategic objectives. We expect research and development expenses will increase in absolute dollars during 2008 and stat flat as a percentage of net revenue.
The following table sets forth, for the periods indicated, a comparison of our marketing and sales expenses.
Marketing and sales expenses consist primarily of salary, commissions, stock-based compensation and benefits for marketing and sales personnel and costs associated with advertising and promotions. The increase in marketing and sales expenses during 2007 compared to 2006 reflected (i) a $12.5 million increase in salary, commission and benefit expense for individuals performing marketing and sales activities due to an increase in average headcount and salary increases, (ii) an increase of $6.8 million in contract labor, (iii) a $7.0 million increase due to the strengthening Euro against the U.S. Dollar during the year and (iv) a $3.7 million increase due to increased investment in sales, marketing, promotion and advertising programs, including marketing spend for SiteAdvisor and corporate branding initiatives, partially offset by (i) a $2.5 million decrease in stock-based compensation expense in 2007 and (ii) decreases in various other expenses associated with marketing and sales activities.
The increase in marketing and sales expenses during 2006 compared to 2005 reflected (i) the recognition of $24.3 million of stock-based compensation expense in 2006 due to the implementation of SFAS 123(R) on January 1, 2006 compared to the recognition of $1.5 million stock-based compensation expense under APB 25 in 2005, (ii) a $18.5 million increase in salary and benefit expense for individuals performing marketing and sales activities due to an increase in average headcount and salary increases in that were effective beginning April 2006, (iii) a $16.2 million increase due to increased investment in sales, marketing, promotion and advertising programs, including marketing spend for SiteAdvisor and corporate branding initiatives, (iv) a $2.0 million increase in travel expense primarily attributable to increased average headcount, (v) a $1.9 million increase in commissions, and (vi) increases in various other expenses related to marketing and sales activities, partially offset by a $0.8 million decrease due to the Japanese Yen weakening against the U.S. Dollar in 2006 compared to 2005.
We anticipate that marketing and sales expenses will increase in absolute dollars primarily due to our planned branding initiatives and our additional investment in sales capacity for 2008 and will increase slightly as a percentage of net revenue.
The following table sets forth, for the periods indicated, a comparison of our general and administrative expenses.
General and administrative expenses consist principally of salary, stock-based compensation and benefit costs for executive and administrative personnel, professional services and other general corporate activities. The increase in general and administrative expenses in 2007 compared to 2006 reflected (i) a $13.2 million increase in salary and benefit expense for individuals performing general and administrative activities due to an increase in average headcount and salary increases, (ii) an $8.7 million increase related to the change in fair value of certain stock options subject to the
provisions of EITF 00-19 and accounted for as liability awards, (iii) a $5.1 million increase of stock-based compensation expense in 2007 and (iv) a $2.7 million increase due to strengthening foreign currencies in EMEA against the U.S. Dollar during the year, partially offset by (i) a $12.5 million decrease in legal fees, which in 2006 included expenses related to our offer to settle a derivative class action lawsuit, a commercial settlement, and indemnification costs for former directors and officers, (ii) a $2.4 million decrease in contract labor, (iii) a $1.6 million decrease in travel expenses and (iv) decreases in various other expenses associated with general and administrative activities.
The increase in general and administrative expenses in 2006 compared to 2005 reflected (i) the recognition of $15.0 million of stock-based compensation expense in 2006 due to the implementation of SFAS 123(R) on January 1, 2006 compared to the recognition of a $2.4 million stock-based compensation expense under APB 25 in 2005, (ii) a $7.2 million increase in salary and benefit expense for individuals performing general and administrative activities due to an increase in average headcount and salary increases that were effective beginning in April 2006, (iii) an $25.6 million increase in legal fees, which included expenses related to our offer to settle a derivative class action lawsuit, a commercial settlement, and indemnification costs for former directors and officers, (iv) a $3.6 million severance payment to our former chief executive officer, and (v) general increases in other general and administrative expenses, partially offset by (i) a $2.8 million decrease in costs incurred to comply with Section 404 of the Sarbanes-Oxley Act, (ii) a $0.9 million decrease in expense related to uncollectible accounts receivable, and (iii) a $0.4 million decrease due to the Japanese Yen weakening against the U.S. Dollar in 2006 compared to 2005.
We anticipate that general and administrative expenses will increase in absolute dollars during 2008, but remain relatively flat as a percentage of net revenue.
The following table sets forth, for the periods indicated, a comparison of the amortization of intangibles.
Intangibles consist of identifiable intangible assets such as trademarks, non-competition agreements and customer lists. The increase in amortization of intangibles from 2006 to 2007 is primarily attributable to increased amortization associated with intangible assets acquired in the 2006 acquisitions and the SafeBoot acquisition in 2007.
The decrease in amortization of intangibles from 2005 to 2006 is attributable to older intangibles becoming fully amortized in 2006. In connection with our 2006 acquisitions we acquired $9.7 million in intangible assets $8.4 million of these intangible assets were acquired in the fourth quarter of 2006 and thus did not impact our consolidated income statement significantly during 2006.
The following table sets forth, for the periods indicated, a comparison of SEC and compliance costs.
SEC and compliance costs consist principally of costs associated with the investigation into our stock option granting practices and costs associated with independent consultants engaged to examine and recommend improvements to our internal controls to ensure compliance with federal securities laws as required by our settlement with the SEC finalized in 2006. The increase in SEC and compliance costs in 2007 compared to 2006 reflected (i) a $19.0 million increase in expense related to the investigation into our stock option granting practices and expense associated with the restatement of our financial statements, partially offset by (ii) a $3.9 million decrease in costs
related to independent consultants engaged in 2006 to examine and recommend improvements to our internal controls to ensure compliance with federal securities laws as required by our previous settlement with the SEC.
The increase in SEC and compliance costs in 2006 compared to 2005 reflected (i) $13.9 million related to the investigation into our stock option granting practices and (ii) $3.9 million in costs related to independent consultants engaged in 2006 to examine and recommend improvements to our internal controls to ensure compliance with federal securities laws as required by our previous settlement with the SEC.
The following table sets forth, for the periods indicated, a comparison of our restructuring charges.
During 2007, we completed restructuring activities when we permanently vacated several leased facilities and recorded a $0.3 million accrual for estimated lease related costs associated with the permanently vacated facilities. The remaining costs associated with vacating the facilities are primarily comprised of the present value of remaining lease obligations. We also recorded a restructuring charge of $2.6 million related to a reduction in headcount of 33 employees, of which $0.2 million, $2.3 million and $0.1 million was recorded in our North America, EMEA and Asia-Pacific operating segments, respectively. Restructuring charges were increased by $5.4 million in 2007 as a result of revisions related primarily to previous estimates of base rent, sublease income, property taxes and insurance for the Santa Clara lease which was restructured in 2003 and 2004. Accretion on prior year restructurings totaled $0.5 million.
In the fourth quarter of 2006 we initiated certain restructuring actions designed to realign our go-to-market model with our customers requirements and product offerings. As a result, we recorded a restructuring charge of $2.4 million related to a reduction in headcount of 75 employees. These actions were taken to reduce our cost structure and, at the same time, enable us to invest in certain strategic growth initiatives in an effort to enhance our competitive position. These actions were completed during the first quarter of 2007. Accretion on prior year restructurings totaled $0.6 million. Offsetting these charges is a reduction of $2.5 million due to revision of prior year estimates related to certain leased properties and other costs.
We recorded restructuring charges in 2005 related to vacating several facilities and reductions in headcount. See further information on these actions in Note 8 to our consolidated financial statements included elsewhere in this report.
During 2007, we recognized no in-process research and development expense associated with the acquisition of SafeBoot.
During 2006, we expensed $0.5 million of in-process research and development related to the acquisition of Preventsys, Inc. in June 2006. At the time of the acquisition, the ongoing project included the development of a new version of the security risk management system that would include increased functionality and new features, which we introduced in the fourth quarter of 2006. At the date of acquisition, we estimated that, on average, 40% of the development effort had been completed and that the remaining 60% of the development would take three months to complete. As of December 31, 2006, this development effort was complete and total costs to complete the development were $0.5 million.
During 2005, we expensed $4.0 million of in-process research and development related to the acquisition of Wireless Security Corporation in June 2005. At the time of the acquisition, the ongoing project related to the development of the consumer wireless security product. This consumer wireless security product enables shared-key mode of security on single or multiple access points and automatically distributes the key to stations that would
like to join the network. At the date of acquisition, we estimated that, on average, 60% of the development effort had been completed and that the remaining 40% of the development would take three months to complete. As of December 31, 2005, we had completed the remaining development efforts and total costs to complete the development were $0.6 million.
In 2007 and 2006, we recognized losses of less than $0.1 million and $0.3 million, respectively, related to the write-off of property and equipment. We recognized a gain of $1.3 million in 2005 related to the sale of our McAfee Labs assets to SPARTA, Inc. The gain was partially offset by the write-off of other fixed assets.
Since 2002, we had been engaged in ongoing settlement discussions with the SEC related to our investigation into our accounting practices that commenced in March 2002. In 2005, we reserved $50.0 million in connection with the settlement with the SEC related to the investigation into our accounting practices that commenced in March 2002. In February 2006, the SEC entered the final judgment for the settlement with us relating to this investigation. Under the terms of the settlement, we consented, without admitting or denying any wrongdoing, to be enjoined from future violations of the federal securities laws. We also agreed to certain other conditions, including the payment of a $50.0 million civil penalty, which was released from escrow during the first quarter of 2006.
In conjunction with the sale of our Sniffer product line in 2004, we entered into a transition services agreement with Network General. Under this agreement, we provided certain back-office services to Network General for a period of time through June 2005. The reimbursements we have recognized under this agreement totaled $0.4 million in 2005. We completed our requirements under the transition services agreement in July 2005.
The following table sets forth, for the periods indicated, a comparison of our interest and other income.
Interest and other income includes interest earned on investments, as well as net foreign currency transaction gains or losses. The increase in interest and other income is partially due to the rising average rate of annualized return on our investments from 4% in 2006 to 5% in 2007. In addition, our average cash, marketable securities and restricted cash calculated in 2007 compared to 2006 was 13% higher.
The increase in interest and other income from 2005 to 2006 is partially due to the rising average rate of annualized return on our investments from 3% in 2005 to 4% in 2006. In addition, our average cash, marketable securities and restricted cash in 2006 compared to 2005 was 11% higher.
During 2007, we recorded a net foreign currency transaction gain of $1.0 million in our consolidated statements of income and comprehensive income. During 2006 and 2005, we recorded net foreign currency transaction losses of $8.5 million and $5.5 million, respectively, in our consolidated statements of income and comprehensive income.
We anticipate that interest and other income will decrease during 2008 as a result of a declining interest rate environment.
In 2007 and 2006, we recognized gains on the sale of marketable securities of $1.1 million and $0.4 million, respectively. In 2005, we recognized a loss on the sale of marketable securities of $1.4 million. Our investments are
classified as available-for-sale and we may sell securities from time to time to move funds into investments with more lucrative investment yields or for liquidity purposes, thus resulting in gains and losses on sale.
The following table sets forth, for the periods indicated, a year-over-year comparison of our provision for income taxes:
Tax expense was 27%, 25% and 29% of income before income taxes for 2007, 2006 and 2005, respectively. The effective tax rates for 2007 and 2006 differ from the statutory rate generally due to the benefit of research and development tax credits, foreign tax credits, lower tax rates in certain foreign jurisdictions, adjustments to tax reserves and valuation allowances, and the tax effects of stock compensation and actual/deemed repatriations of earnings from foreign subsidiaries. For further detail see Note 16 to our consolidated financial statements. Our future effective tax rates could be adversely affected if pretax earnings are proportionately less than amounts in prior years in countries where we have lower statutory rates or by unfavorable changes in tax laws and regulations.
The American Jobs Creation Act of 2004 (the Act) provided for a deduction of 85% of certain foreign earnings that are repatriated in stipulated periods, including our year ended December 31, 2005. Certain criteria were required to have been met to qualify for the deduction, including the establishment of a domestic reinvestment plan by the Chief Executive Officer, the approval of the plan by the Board of Directors, and the execution of the plan whereby the repatriated earnings are reinvested in the United States.
In the third quarter of 2005, we decided to make distributions of earnings from our foreign subsidiaries that would qualify for the repatriation provisions of the Act. In the fourth quarter of 2005, we executed qualifying distributions totaling $350.0 million which resulted in tax expense of $1.5 million, net of a $17.8 million tax benefit stemming from a lower tax rate under the Act on a portion of foreign earnings for which we previously (in 2004) provided United States tax. Except for the aforementioned distributions qualifying under the Act, we intend to indefinitely reinvest all other current and/or future earnings of our foreign subsidiaries.
The earnings from our foreign operations in India are subject to a tax holiday from a grant effective through March 31, 2009. The tax holiday provides for zero percent taxation on certain classes of income and requires certain conditions to be met. We are in compliance with these conditions as of December 31, 2007.
In November 2007, we acquired 100% of the outstanding shares of SafeBoot Holding B.V. (Safeboot) an enterprise security software vendor for data protection via encryption and access control, for $348.3 million. The purchase price consisted of the following (in thousands):
The results of operations of Safeboot have been included in our results of operations since the date of acquisition.
In December 2006, we acquired substantially all of the assets of Citadel Security Software Inc. (Citadel), for $56.1 million in cash, plus an estimated $3.9 million in working capital reimbursement and $1.2 million in direct acquisition costs, totaling $61.2 million. Citadel was a security software provider focused on solutions in security policy compliance and vulnerability remediation that helps enterprises effectively neutralize security vulnerabilities and reduce risk. We have incorporated Citadels technology into our existing corporate products. The results of operations of Citadel have been included in our results of operations since the date of acquisition.
In October 2006, we acquired 100% of the capital shares of Onigma Ltd. (Onigma), a provider of data loss protection solutions that monitor, report and prevent confidential data from leaving an enterprise, for $18.9 million in cash and $0.2 million in direct acquisition costs, totaling $19.1 million. We have incorporated Onigmas technology into our existing corporate security offerings. The results of operations of Onigma have been included in our results of operations since the date of acquisition.
In June 2006, we acquired 100% of the outstanding capital shares of Preventsys, Inc., a creator of security risk management and automated security compliance reporting, for $4.4 million in cash and $0.4 million in direct acquisition costs, totaling $4.8 million. We believe the technology that Preventsys has developed will advance our ability to help our corporate customers reduce the complexity of managing their security. We have added Preventsys products to our existing portfolio of corporate security offerings. The results of operations of Preventsys have been included in our results of operations since the date of acquisition.
In April 2006, we acquired 100% of the outstanding capital shares of SiteAdvisor, Inc., a web safety software company that tests and rates internet sites on an ongoing basis, for $60.8 million in cash and $0.2 million in direct acquisition costs, totaling $61.0 million. We believe the technology and business model that SiteAdvisor has developed that will allow us to enhance our existing product offerings and add value to the McAfee brand. We have bundled the SiteAdvisor technology with our existing consumer product offerings. The results of operations of SiteAdvisor have been included in our results of operations since the date of acquisition.
In June 2005, we acquired 100% of the outstanding shares of Wireless Security Corporation, a provider of home and small business wireless network protection products, for $20.0 million in cash and $0.3 million of direct expenses, totaling $20.3 million. We acquired Wireless Security Corporation to continue to develop their patent-pending technology, introduce a new consumer offering and to utilize the technology in our small and medium business managed solutions. The results of operations of Wireless Security Corporation have been included in our results of operations since the date of acquisition.
Liquidity and Capital Resources
At December 31, 2007, our cash, cash equivalents and marketable securities totaled $1,318.8 million and we did not have any debt. Our principal source of liquidity was our existing cash, cash equivalents and short-term marketable securities of $732.9 million. During 2007, we paid $328.9 million, net of cash received, for the purchase of 100% of the outstanding shares of SafeBoot Holding, B.V. and we paid $4.5 million related to the acquisition of ScanAlert which closed in January 2008. In addition, we used $65.0 million for net purchases of marketable securities and $33.6 million for purchases of property and equipment. Cash flows were positively impacted by an increase in net cash of $37.2 million due to foreign exchange rate fluctuations.
Our management plans to use our cash and cash equivalents for future operations, potential acquisitions and repurchases of our common stock on the open market. We believe that our cash and cash equivalent balances and cash that we generate over time from operations will be sufficient to satisfy our anticipated cash needs for working capital and capital expenditures for at least the next 12 months.
Net cash provided by operating activities in 2007, 2006 and 2005 was primarily the result of our net income of $167.0 million, $137.5 million and $118.2 million, respectively. Net income for 2007 was adjusted for non-cash items such as depreciation and amortization of $84.4 million, stock-based compensation expense of $56.1 million, an increase in the fair value of options accounted for as liabilities of $8.7 million, restructuring charges of $6.0 million, changes in deferred income taxes of $0.2 million, discount amortization of marketable securities of $5.9 million, an excess tax benefit from stock-based compensation of $1.1 million, and changes in various assets and liabilities such as an increase in deferred revenue of $90.9 million, an increase in accrued liabilities and taxes of $35.6 million, an increase in accounts payable of $6.8 million, an increase in accounts receivable of $33.3 million and an increase in prepaid expenses, prepaid taxes and other assets of $22.8 million. The increase in deferred revenue in 2007 was due to increased sales of subscription and support contracts.
Net income for 2006 was adjusted for non-cash items such as depreciation and amortization of $70.3 million, stock-based compensation expense of $54.7 million, changes in deferred income taxes of $35.0 million, discount amortization of marketable securities of $7.2 million, an excess tax benefit from stock-based compensation of $5.0 million, and changes in various assets and liabilities such as an increase in deferred revenue of $110.1 million, an increase in prepaid expenses, prepaid taxes and other assets of $55.4 million, an increase in accounts payable, accrued taxes and other liabilities of $21.1 million, and an increase in accounts receivable of $2.1 million. The increase in deferred revenue in 2006 was due to increased sales of subscription and support contracts.
Net income for 2005 was adjusted for non-cash items such as depreciation and amortization of $67.0 million, tax benefit from exercise of nonqualified stock options of $27.0 million, deferred income taxes of $6.5 million, stock-based compensation expense of $4.5 million, acquired in-process research and development of $4.0 million, and changes in various assets and liabilities such as an increase of deferred revenue of $188.0 million, an increase of accounts payable, accrued taxes and other liabilities of $46.8 million, an increase in accounts receivable of $23.2 million and an increase of prepaid expenses, income taxes and other assets of $9.5 million.
Historically, our primary source of operating cash flow is the collection of accounts receivable from our customers and the timing of payments to our vendors and service providers. One measure of the effectiveness of our collection efforts is average accounts receivable days sales outstanding (DSO). DSOs were 64 days, 54 days and 58 days at December 31, 2007, 2006 and 2005, respectively. We calculate accounts receivable DSO on a net basis by dividing the accounts receivable balance at the end of the year by the amount of revenue recognized for the year multiplied by 360 days. We expect DSOs to vary from period to period because of changes in revenue and the effectiveness of our collection efforts. In 2007, 2006 and 2005, we did not make any significant changes to our payment terms for our customers, which are generally net 30. In 2007, DSOs increased due to (i) the acquisition of SafeBoot in the fourth quarter of 2007 and (ii) an increase in accounts receivable due to higher sales at the end of 2007. We expect our DSOs will continue to be impacted by the acquisition of SafeBoot.
In 2007, the decrease in cash related to accounts payable, accrued taxes and other liabilities was $42.3 million. Our operating cash flows, including changes in accounts payable and accrued liabilities, are impacted by the timing of payments to our vendors for accounts payable and taxing authorities. We typically pay our vendors and service providers in accordance with invoice terms and conditions, and take advantage of invoice discounts when available. The timing of future cash payments in future periods will be impacted by the nature of accounts payable arrangements. In 2007, 2006 and 2005, we did not make any significant changes to our payment timing to our vendors.
In the third quarter of 2005, we placed $50.0 million in escrow for a proposed settlement with the SEC relating to the Formal Order of Private Investigation into our accounting practices that commenced during 2002 (see Note 19 to our consolidated financial statements). On February 9, 2006, the SEC entered the final judgment for settlement with us. The $50.0 million escrow was released and transferred to the SEC on February 13, 2006. The transfer to the SEC out of escrow is reflected as cash provided by investing activities of $50.0 million and cash used in operating activities of $50.0 million. The interest earned on the amount in escrow was released to us when the transfer was made to the SEC and is reflected as a positive adjustment to reconcile net income to net cash provided by operating activities on our consolidated statement of cash flows for year ended December 31, 2006.
Our cash and marketable securities balances are held in numerous locations throughout the world, including substantial amounts held outside the United States. As of December 31, 2007 and 2006, $342.3 million and $383.7 million, respectively, was held outside the United States. We utilize a variety of tax planning and financing strategies to ensure that our worldwide cash is available in the locations in which it is needed.
We have incurred material expenses in 2007 and 2006 as a direct result of the investigation into our stock option grant practices and related accounting. These costs primarily related to professional services for legal, accounting and tax guidance. In addition, we have incurred costs related to litigation, the informal investigation by the SEC, the grand jury subpoena from the U.S. Attorneys Office for the Northern District of California and the preparation and review of our restated consolidated financial statements for 2006. We expect that we may be subject to certain fines and/or penalties resulting from the findings of the investigation. We cannot reasonably estimate the range of fines and/or penalties, if any, that might be incurred as a result of the investigation. We expect to pay for these obligations with available cash.
We expect to meet our obligations as they become due through available cash and internally generated funds. We expect to continue generating positive working capital through our operations. However, we cannot predict whether current trends and conditions will continue or what the effect on our business might be from the competitive environment in which we operate. In addition, we currently cannot predict the outcome of the litigation described in Note 19. We do believe the working capital available to us will be sufficient to meet our cash requirements for at least the next 12 months.
Our investing activities for the years ended December 31, 2007, 2006 and 2005 are as follows (in thousands):
In 2007, net purchases of marketable securities were $65.0 million compared to net purchases of marketable securities of $312.5 million in 2006 and net proceeds from sales and maturities of $102.6 million in 2005. We have classified our investment portfolio as available-for-sale, and our investments are made with a policy of capital preservation and liquidity as the primary objectives. We generally hold investments in money market, U.S. government fixed income and U.S. government agency fixed income, mortgage-backed and investment grade corporate fixed income securities to maturity; however, we may sell an investment at any time if the quality rating of the investment declines, the yield on the investment is no longer attractive or we are in need of cash. Because we invest only in investment securities that are highly liquid with a ready market, we believe that the purchase, maturity or sale of our investments has no material impact on our overall liquidity. We expect to continue our investing activities, including investment securities of a short-term and long-term nature.
During 2005, we placed $50.0 million in escrow for the SEC settlement and the interest earned on the escrow which was restricted until released by the SEC. On February 9, 2006, the SEC entered the final judgment for settlement with us. On our consolidated statement of cash flows for 2006, the $50.0 million released from escrow for payment to the SEC was reflected as cash provided by investing activities and cash used in operating activities. The interest earned on the escrow was released to us upon payment to the SEC. We had no current restricted cash balance at December 31, 2007 and 2006.
The non-current restricted cash balance, which is included in the other assets, of $0.6 million at December 31, 2007 and $1.0 million at December 31, 2006 consisted primarily of cash collateral related to leases in the United States and India, as well as workers compensation insurance coverage.
The $33.6 million of property and equipment purchased during 2007 was primarily for upgrades of our existing systems and purchases of computers, equipment and software for ongoing projects and approximately $1.4 million for leasehold improvements primarily related to our expanded research and development facility in Beaverton, Oregon. In addition, we used approximately $1.6 million in 2007 to purchase a generator to back-up servers and all corporate computer systems at our Plano, Texas facility to limit any exposure we might have to power shortages.
The $43.8 million of property and equipment purchased during 2006 was primarily for upgrades of our existing accounting systems and purchases of computers, equipment and software. We also acquired land adjacent to our facility in Plano, Texas for $1.8 million and recorded $3.7 million in leasehold improvements related to our move into our new Bangalore, India facility.
The $28.9 million of property and equipment purchased during 2005 was primarily for upgrades of our existing accounting system and equipment for our new facility in Ireland.
We anticipate that we will continue to purchase property and equipment necessary in the normal course of our business. The amount and timing of these purchases and the related cash outflows in future periods is difficult to predict and is dependent on a number of factors including our hiring of employees, the rate of change in computer hardware/software used in our business and our business outlook.
Including the amount placed in escrow, we paid $328.9 million, net of the $9.8 million cash received, for the purchase of 100% of the outstanding shares of SafeBoot Holding, B.V. in 2007. In addition, we paid $4.5 million in 2007 related to the acquisition of ScanAlert which closed in January 2008.
During 2006, we paid $146.1 million, net of cash received, for acquisitions, including $61.2 million for the purchase of substantially all of the assets of Citadel Security Software, Inc., $61.0 million for the outstanding capital
shares of SiteAdvisor, Inc., $19.1 million for the outstanding capital shares of Onigma Ltd., and $4.8 million for the outstanding capital shares of Preventsys, Inc.
In June 2005, we acquired all the outstanding stock, technology and assets of Wireless Security Corporation for $20.2 million in cash, including acquisition costs and net of cash acquired.
Our available cash and equity securities may be used to acquire or invest in complementary companies, products and technologies.
The $4.1 million of proceeds from the sale of assets during 2007 was primarily related to the sale of all of our fractional interests in our corporate aircraft.
We completed the sale of McAfee Labs in April 2005, and as result, recognized a gain of $1.3 million in 2005. We received net cash proceeds of $1.5 million related to the sale.
Our financing activities for the years ended December 31, 2007, 2006 and 2005 are as follows (in thousands):
Historically, our recurring cash flows provided by financing activities have been from the receipt of cash from the issuance of common stock under stock option and employee stock purchase plans. We received cash proceeds from these plans in the amount of $9.8 million, $32.0 million and $108.2 million in 2007, 2006 and 2005, respectively. While we expect to continue to receive these proceeds in future periods, the timing and amount of such proceeds are difficult to predict and are contingent on a number of factors including the price of our common stock, the number of employees participating in the plans and general market conditions. Beginning in July 2006, we suspended purchases under our employee stock purchase plan, returned all withholdings to our participating employees, including interest based on a 5% per annum interest rate, and prohibited our employees from exercising stock options due to the announced investigation into our historical stock option granting practices and our inability to become current on our reporting obligations under the Securities Exchange Act of 1934, as amended. We plan to reinstate our ESPP with a six-month offering period, a 15% discount and a six-month look back feature beginning in the quarter ending June 30, 2008.
In 2006, we changed our equity compensation program for existing employees by starting to grant, in certain instances, restricted stock units in addition to awarding stock options. We continued to grant stock options to new employees. Although management and our compensation committee have not determined what type of equity compensation we will use to reward top-performing employees in the future, if management and our compensation committee decide to grant only restricted stock units, which provide no proceeds to us, our proceeds from the issuance of common stock will be significantly less than proceeds that we received historically. In the first quarter of 2008, we granted 1.3 million stock options, 0.5 million restricted stock units and 2.2 million performance-based restricted stock units.
The excess tax benefit reflected as a financing cash inflow in 2007 and 2006 represents excess tax benefits realized relating to share-based payments to our employees and directors, in accordance with SFAS 123(R). There is a corresponding cash outflow included in cash flows from operating activities.
Our board of directors has authorized the repurchase of our common stock in the open market from time to time, depending upon market conditions, share price and other factors. We used $234.2 million in 2006 and $68.4 million in 2005 to repurchase 9.8 million shares and 2.8 million shares of our common stock, respectively, in the open market, including commissions paid on these transactions. Beginning in May 2006, we suspended repurchases of our common stock in the open market due to the announced investigation into our historical stock option granting practices. Our authorization to repurchase shares in the open market expired in October 2007, prior to our becoming current on our reporting obligations under the Securities Exchange Act of 1934, as amended, on December 21, 2007. Therefore, in 2007, we had no repurchases of our common stock pursuant to a publicly announced plan or program. In January 2008, our board of directors authorized the repurchase of up to $750.0 million of our common stock from time to time in the open market or through privately negotiated transactions through July 2009, depending upon market conditions, share price and other factors.
During 2007 and 2006, we used $0.2 million and $0.5 million, respectively, to repurchase shares of common stock in connection with our obligation to certain holders of restricted stock to withhold the number of shares required to satisfy such holders tax liability in connection with the vesting of such shares. These shares were not part of the publicly announced repurchase program.
A summary of our fixed contractual obligations and commitments at December 31, 2007 is as follows (in thousands):
We adopted the provisions of FASB Interpretation No. 48, Accounting for Income Taxes on January 1, 2007 (see Note 16 to our consolidated financial statements). As of December 31, 2007, we had approximately $84.0 million of tax liabilities, including interest and penalties, related to uncertain tax positions. Because of the high degree of uncertainty regarding the settlement of these liabilities, we are unable to estimate the years in which future cash outflows may occur.
In addition to the contractual obligations above and as permitted under Delaware law, we have agreements whereby we indemnify our officers and directors for certain events or occurrences while the officer or director is, or was, serving at our request in such capacity. The maximum potential amount of future payments we could be required to make under these indemnification agreements is not limited; however, we have director and officer insurance coverage that reduces our exposure and may enable us to recover a portion or all of any future amounts paid. We believe the estimated fair value of these indemnification agreements in excess of applicable insurance coverage is minimal.
We do not have off-balance sheet arrangements. As part of our ongoing business, we do not participate in transactions that generate relationships with unconsolidated entities or financial partnerships, such as entities often referred to as structured finance or special purpose entities, often established for the purpose of facilitating off-balance sheet arrangements or other contractually narrow or limited purposes. All of our subsidiaries are 100% owned by us and are fully consolidated into our consolidated financial statements.
We have a 14.0 million Euro credit facility with a bank. The credit facility is available on an offering basis, meaning that transactions under the credit facility will be on such terms and conditions, including interest rate, maturity, representations, covenants and events of default, as mutually agreed between us and the bank at the time of each specific transaction. The credit facility is intended to be used for short-term credit requirements, with terms of one year or less. The credit facility can be cancelled at any time. No balances were outstanding as of December 31, 2007 and December 31, 2006.
Financial Risk Management
The following discussion about our risk management activities includes forward-looking statements that involve risks and uncertainties. Actual results could differ materially from those projected in the forward-looking statements.
As a global concern, we face exposure to movements in foreign currency exchange rates. These exposures may change over time as business practices evolve and could have a material adverse impact on our financial results. Our functional currency is typically the currency of the local country. Our primary exposures are related to non U.S. dollar-denominated sales and operating expenses in Europe, Latin America, and Asia. At the present time, we hedge only those currency exposures associated with certain assets and liabilities denominated in nonfunctional currencies and do not generally hedge anticipated foreign currency cash flows. Our hedging activity is intended to offset the impact of currency fluctuations on certain nonfunctional currency assets and liabilities. The success of this activity depends upon estimates of transaction activity denominated in various currencies, primarily the Euro, the British Pound, and the Brazilian Real. To the extent that these estimates are overstated or understated during periods of currency volatility, we could experience unanticipated currency gains or losses.
To reduce exposures associated with nonfunctional net monetary asset positions in various currencies, we enter into forward contracts. Our foreign exchange contracts typically range from one to three months in original maturity. We have not hedged anticipated foreign currency cash flows nor do we enter into forward contracts for trading purposes. We do not use any derivatives for speculative purposes. At December 31, 2007 and 2006, the fair value of our forward contracts outstanding was less than $0.1 million and $0.5 million, respectively. Forward contracts existing during 2007 and 2006 did not qualify for hedge accounting and accordingly were marked to
market at the end of each reporting period with any unrealized gain or loss being recognized in the interest and other income line on the consolidated statements of income. During 2007, net realized gains arising from the settlement of our forward foreign exchange contracts were $1.0 million. Net realized losses arising from the settlement of our forward foreign exchange contracts were $1.1 million and $3.4 million in 2006 and 2005, respectively.
Forward contracts outstanding at December 31, 2007 are presented below (in thousands):
We utilize foreign exchange forward contracts to reduce the exchange rate impact on net revenue. A sensitivity analysis performed on our hedging portfolio as of December 31, 2007 indicated that a hypothetical 5% and 10% appreciation of the U.S. dollar from its value at December 31, 2007 would decrease the fair value of our forward contracts by $1.3 million and $2.7 million, respectively. A 5% and 10% depreciation of the dollar from its value at December 31, 2007 would increase the fair value of our forward contracts by $1.3 million and $2.6 million, respectively.
Interest Rate Risk
We maintain balances in cash, cash equivalents and investment securities. All financial instruments used are in accordance with our investment policy. We maintain our investment securities in portfolio holdings of various issuers, types and maturities including money market, government agency, mortgage-backed and investment grade corporate bonds. These securities are classified as available-for-sale, and consequently are recorded on the consolidated balance sheet at fair value with unrealized gains and losses reported as a separate component of accumulated other comprehensive income. These securities are not leveraged and are held for purposes other than trading.
The following tables present the hypothetical changes in fair values in the securities held at December 31, 2007 that are sensitive to the changes in interest rates. The modeling technique used measures the change in fair values arising from hypothetical parallel shifts in the yield curve of plus or minus 50 basis points (BPS), 100 BPS and 150 BPS over six and twelve-month time horizons. Beginning fair values represent the market principal plus accrued interest and dividends at December 31, 2007. Ending fair values are the market principal plus accrued interest, dividends and reinvestment income at six and twelve-month time horizons.
The following table estimates the fair value of the portfolio at a six-month time horizon (in millions):
The following table estimates the fair value of the portfolio at a twelve-month time horizon (in millions):
See Note 2 of the consolidated financial statements for a full description of recent accounting pronouncements, including the expected dates of adoption and effects on financial condition, results of operations and cash flows.
Quantitative and qualitative disclosure about market risk is set forth at Managements Discussion and Analysis of Financial Condition and Results of Operations under Item 7.
Quarterly Operating Results (Unaudited)
We believe that period-to-period comparisons of our financial results should not be relied upon as an indication of future performance.
Our revenue and results of operations have been subject to significant fluctuations, particularly on a quarterly basis, and our revenue and results of operations could fluctuate significantly quarter to quarter and year to year. Causes of such fluctuations may include the volume and timing of new orders and renewals, the sales cycle for our products, the introduction of new products, return rates, product upgrades or updates by us or our competitors, changes in product mix, changes in product prices and pricing models, the portion of our licensing fees and product revenue deferred or recognized as support and maintenance revenue, seasonality, trends in the computer industry,
general economic conditions, extraordinary events such as acquisitions and sales of business or litigation and the occurrence of unexpected events. Fourth quarter of 2007 net income was negatively impacted by adjustments to our provision for income taxes of approximately $24.0 million related to uncertain tax positions, other tax reserves and adjustments to taxes payable. Significant quarterly fluctuations in revenue will cause significant fluctuations in our cash flows and the cash and cash equivalents, accounts receivable and deferred revenue accounts on our consolidated balance sheet. In addition, the operating results of many software companies reflect seasonal trends, and our business, financial condition and results of operations may be affected by such trends in the future. These trends may include higher net revenue in the fourth quarter as many customers complete annual budgetary cycles, and lower net revenue in the summer months when many businesses experience lower sales, particularly in the European market.
Our financial statements and supplementary data required by this item are set forth at the pages indicated at Item 15(a).
Our management, including our chief executive officer and chief financial officer, has evaluated the effectiveness of our disclosure controls and procedures to ensure that the information included in reports we file under the Securities Exchange Act of 1934, as amended, or the Exchange Act, is processed and reported within the appropriate time periods. As discussed in more detail below, our management has concluded that these disclosure controls and procedures were ineffective as of December 31, 2007 due to material weakness that we identified in our internal controls over financial reporting, specifically related to the accounting for income taxes.
Our management is responsible for establishing and maintaining adequate internal control over financial reporting as defined in Rules 13a-15(f) of the Exchange Act. We have designed our internal controls to provide reasonable, but not absolute, assurance that our financial statements are prepared in accordance with generally accepted accounting principles in the United States of America. We assess the effectiveness of our internal controls based on the criteria set forth in the Internal Control Integrated Framework developed by the Committee of Sponsoring Organizations of the Treadway Commission (COSO).
On November 19, 2007, we completed the acquisition of all of SafeBoot Holdings, B.V., as discussed elsewhere in this report under Business Overview, Managements Discussion and Analysis of Financial Condition and Results of Operations and Note 3 to our consolidated financial statements. Therefore, in making managements assessment of the effectiveness of our internal control over financial reporting, we have excluded SafeBoot Holdings B.V., whose financial statements reflect 11% of total assets and less than 1% of total revenues, of the related consolidated financial statement amounts as of and for the year ended December 31, 2007, from our report on internal control over financial reporting as management did not have sufficient time to make an assessment of the SafeBoot Holdings B.V. internal controls using the COSO criteria in accordance with Section 404 of the Sarbanes-Oxley Act.
In performing the assessment, our management has identified one material weakness in internal control over financial reporting as of December 31, 2007 as follows:
Accounting for Income Taxes
Our management has concluded that the controls over our accounting for income taxes did not operate effectively as of December 31, 2007. In particular, errors were detected in the tax calculations for the quarterly and annual financial statements resulting from: (i) historical analyses not being prepared in sufficient detail; (ii) current period tax calculations not being accurately prepared, and (iii) reviews of tax calculations not being performed with
sufficient precision. Due to the number and amount of the errors identified resulting from these internal control deficiencies and the absence of mitigating controls, management has concluded that these internal control deficiencies constitute a material weakness in internal control because there is a reasonable possibility that a material misstatement of the interim and annual financial statements would not have been prevented or detected on a timely basis.
Due to the material weakness, management has concluded that our internal control over financial reporting was not effective as of December 31, 2007. Deloitte & Touche LLP issued an attestation report dated February 26, 2008, concerning our internal control over financial reporting, which is contained in this Annual Report. Our consolidated financial statements as of and for the year ended December 31, 2007, have been audited by the independent registered public accounting firm of Deloitte & Touche LLP in accordance with the standards of the Public Company Accounting Oversight Board (United States).
Except for those described below, there have been no changes in our internal control over financial reporting in the fourth quarter of 2007 that have materially affected, or are reasonably likely to materially affect, our internal control over financial reporting.
Remediation of Material Weakness in Stock Administration Process
In May 2006, our board of directors created a committee (the special committee) comprised of certain of its members who were independent of our company and management and who had not previously served as members of our boards compensation committee to conduct an investigation to evaluate the conduct and performance of our officers, employees and directors who were involved in the option granting process and to evaluate the timing of option grants, the related approval documentation and accounting implications with respect to grants made during the period from January 1, 1995 through March 31, 2006. The special committee retained independent counsel and forensic accountants to assist in the investigation.
This special committee presented its initial findings to the board of directors on October 10, 2006 and the special committee investigation was completed in November 2007. The special committee concluded that there were both qualitative issues and accounting and administrative errors relating to our stock option granting process. In this regard, the special committee concluded that certain former members of management had acted inappropriately, giving rise to qualitative concerns. Among the findings were that the Companys stock option granting process had control and other deficiencies. The special committee made recommendations for improvements in the process of granting all equity grants. The Board of Directors adopted the special committees recommendations. Certain of the recommendations were capable of immediate implementation and have been implemented, including the granting of all equity grants quarterly at a compensation committee meeting and no authority to grant stock awards may be delegated by management.
We previously reported a material weakness in our internal control over financial reporting in our 2006 Form 10-K, filed on December 21, 2007 regarding our stock administration controls. During the fourth quarter of 2007, our managements testing of our internal controls over financial reporting indicated that the controls and procedures over our stock option granting and accounting practices operated consistently throughout the year. Therefore, we believe that the previously reported material weakness related to our stock administration process has been remediated as of December 31, 2007. As of December 31, 2007, our actions during the fourth quarter of 2007 included the following:
Accounting for Income Taxes
We have begun the process of remediating the material weakness in accounting for income taxes by hiring more tax accounting personnel, with an emphasis on hiring personnel having international tax expertise. We will continue to make personnel additions and changes and as necessary and are implementing additional remedial steps as indicated below:
We believe the above steps will provide us with the infrastructure and processes necessary to remediate the income tax accounting material weakness. We will continue to implement these remedial steps to ensure operating effectiveness of the improved internal controls over financial reporting.
The effectiveness of any system of internal control over financial reporting, including ours, is subject to inherent limitations, including the exercise of judgment in designing, implementing, operating, and evaluating the controls and procedures, and the inability to eliminate misconduct completely. Accordingly, any system of internal control over financial reporting, including ours, no matter how well designed and operated, can only provide reasonable, not absolute assurances. In addition, projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions, or that the degree of compliance with the policies or procedures may deteriorate. We intend to continue to monitor and upgrade our internal controls as necessary or appropriate for our business, but cannot assure you that such improvements will be sufficient to provide us with effective internal control over financial reporting.
To the Board of Directors and
Stockholders of McAfee, Inc:
We have audited McAfee, Inc. and subsidiaries (the Company) internal control over financial reporting as of December 31, 2007, based on criteria established in Internal Control Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission. As described in Managements Report on Internal Control Over Financial Reporting, management excluded from its assessment the internal control over financial reporting at SafeBoot Holdings, B.V., which was acquired in November 2007 and whose financial statements constitute 11% of net and total assets and less than 1% of revenues of the consolidated financial statement amounts as of and for the year ended December 31, 2007. Accordingly, our audit did not include the internal control over financial reporting at SafeBoot Holdings, B.V. The Companys management is responsible for maintaining effective internal control over financial reporting and for its assessment of the effectiveness of internal control over financial reporting, included in the accompanying Managements Report on Internal Control over Financial Reporting. Our responsibility is to express an opinion on the Companys internal control over financial reporting based on our audit.
We conducted our audit in accordance with the standards of the Public Company Accounting Oversight Board (United States). Those standards require that we plan and perform the audit to obtain reasonable assurance about whether effective internal control over financial reporting was maintained in all material respects. Our audit included obtaining an understanding of internal control over financial reporting, assessing the risk that a material weakness exists, testing and evaluating the design and operating effectiveness of internal control based on that risk, and performing such other procedures as we considered necessary in the circumstances. We believe that our audit provides a reasonable basis for our opinion.
A companys internal control over financial reporting is a process designed by, or under the supervision of, the companys principal executive and principal financial officers, or persons performing similar functions, and affected by the companys board of directors, management, and other personnel to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles. A companys internal control over financial reporting includes those policies and procedures that (1)&