Attached files

file filename
EX-23 - CONSENT - OneSpan Inc.dex23.htm
EX-21 - SUBSIDIARIES - OneSpan Inc.dex21.htm
EX-31.2 - CERTIFICATION - OneSpan Inc.dex312.htm
EX-32.1 - CERTIFICATION - OneSpan Inc.dex321.htm
EX-4.12 - AWARD AGREEMENT - OneSpan Inc.dex412.htm
EX-32.2 - CERTIFICATION - OneSpan Inc.dex322.htm
EX-31.1 - CERTIFICATION - OneSpan Inc.dex311.htm
Table of Contents

 

 

UNITED STATES

SECURITIES AND EXCHANGE COMMISSION

Washington, D.C. 20549

 

 

FORM 10-K

FOR ANNUAL AND TRANSITION REPORTS PURSUANT TO

SECTIONS 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

(Mark One)

[x] ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(D) OF THE SECURITIES EXCHANGE ACT OF 1934

 

     FOR THE FISCAL YEAR ENDED DECEMBER 31, 2010

or

 

[    ] TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

 

     FOR THE TRANSITION PERIOD FROM              TO             

 

Commission file number 000-24389

VASCO Data Security International, Inc.

(Exact Name of Registrant as Specified in Its Charter)

 

DELAWARE   36-4169320

(State or Other Jurisdiction of

Incorporation or Organization)

 

(IRS Employer

Identification No.)

1901 South Meyers Road, Suite 210

Oakbrook Terrace, Illinois 60181

(Address of Principal Executive Offices)(Zip Code)

Registrant’s telephone number, including area code:

(630) 932-8844

Securities registered pursuant to Section 12(b) of the Act:

 

Title of each class

 

Name of exchange on which registered

Common Stock, par value $.001 per share   NASDAQ Capital Market

Securities registered pursuant to Section 12(g) of the Act:

None

Indicate by check mark if the registrant is a well-known seasoned issuer, as defined by Rule 405 of the Securities Act.    Yes              No       X    

Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or 15(d) of the act.    Yes              No      X    

Indicate by check mark whether the registrant: (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days.    Yes      X        No          

Indicate by check mark whether the registrant has submitted electronically and posted on its corporate Web site, if any, every Interactive Data File required to be submitted and posted pursuant to Rule 405 of Regulation S-T (§232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit and post such files).    Yes              No          

Indicate by check mark if disclosure of delinquent filers pursuant to Item 405 of Regulation S-K is not contained herein, and will not be contained, to the best of registrant’s knowledge, in definitive proxy or information statements incorporated by reference in Part III of this Form 10-K or any amendment to this Form 10-K.  [    ]

Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer or a smaller reporting company. See definition of “large accelerated filer,” “accelerated filer” and “smaller reporting company” in Rule 12b-2 of the Exchange Act.

Large accelerated filer              Accelerated filer      X        Non-accelerated filer              Smaller reporting company                                                                          (do not check if smaller reporting company)

Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act).    Yes              No      X    

As of June 30, 2010, the aggregate market value of voting and non-voting common equity (based upon the last sale price of the common stock as reported on the NASDAQ Capital Market on June 30, 2010) held by non-affiliates of the registrant was $173,591,568 at $6.17 per share.

As of February 28, 2011, there were 37,741,860 shares of common stock outstanding.

DOCUMENTS INCORPORATED BY REFERENCE

Certain sections of the registrant’s Notice of Annual Meeting of Stockholders and Proxy Statement for its 2011 Annual Meeting of Stockholders are incorporated by reference into Part III of this report.

 

 

 


Table of Contents

TABLE OF CONTENTS

 

          PAGE  

PART I

  

Item 1.

   Business      4   

Item 1A.

   Risk Factors      16   

Item 1B.

   Unresolved Staff Comments      27   

Item 2.

   Properties      27   

Item 3.

   Legal Proceedings      27   

Item 4.

   Reserved      27   

PART II

  

Item 5.

   Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities      28   

Item 6.

   Selected Financial Data      30   

Item 7.

   Management’s Discussion and Analysis of Financial Condition and Results of Operations      31   

Item 7A.

   Quantitative and Qualitative Disclosures About Market Risk      48   

Item 8.

   Financial Statements and Supplementary Data      49   

Item 9.

   Changes in and Disagreements with Accountants on Accounting and Financial Disclosures      49   

Item 9A.

   Controls and Procedures      49   

Item 9B.

   Other Information      52   

PART III

  

Item 10.

   Directors, Executive Officers and Corporate Governance      53   

Item 11.

   Executive Compensation      53   

Item 12.

   Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters      53   

Item 13.

   Certain Relationships and Related Transactions, and Director Independence      53   

Item 14.

   Principal Accounting Fees and Services      53   
PART IV   

Item 15.

   Exhibits, Financial Statement Schedules      54   

CONSOLIDATED FINANCIAL STATEMENTS AND SCHEDULE

     F-1   

This report contains trademarks of VASCO Data Security International, Inc. and its subsidiaries, which include VASCO, the VASCO “V” design, Digipass as a Service (DPS), DIGIPASS, VACMAN, aXsGUARD and IDENTIKEY.


Table of Contents

Cautionary Statement for Purposes of the Safe Harbor Provisions of the Private Securities Litigation Reform Act of 1995

This Annual Report on Form 10-K, including Management’s Discussion and Analysis of Financial Condition and Results of Operations and Quantitative and Qualitative Disclosures About Market Risk contains forward-looking statements within the meaning of Section 21E of the Securities Exchange Act of 1934, as amended (the “Exchange Act”) and Section 27A of the Securities Act of 1933, as amended (the “Securities Act”) concerning, among other things, the prospects of, and developments and business strategies for, VASCO and our operations, including the development and marketing of certain new products and services and the anticipated future growth in certain markets in which we currently market and sell our products and services or anticipate selling and marketing our products and services in the future. These forward-looking statements (1) are identified by use of terms and phrases such as “expect”, “believe”, “will”, “anticipate”, “emerging”, “intend”, “plan”, “could”, “may”, “estimate”, “should”, “objective”, “goal”, “possible”, “potential” and similar words and expressions, but such words and phrases are not the exclusive means of identifying them, and (2) are subject to risks and uncertainties and represent our present expectations or beliefs concerning future events. VASCO cautions that the forward-looking statements are qualified by important factors that could cause actual results to differ materially from those in the forward-looking statements. These risks, uncertainties and other factors have been described in greater detail in this Annual Report on Form 10-K and include, but are not limited to, (a) risks of general market conditions, including currency fluctuations and uncertainties resulting from the current political, economic and financial turmoil in world markets, (b) risks inherent to the computer and network security industry, including rapidly changing technology, evolving industry standards, increasing numbers of patent infringement claims, changes in customer requirements, price competitive bidding, and changing government regulations, and (c) risks specific to VASCO, including, demand for our products and services, competition from more established firms and others, pressures on price levels and our historical dependence on relatively few products, certain suppliers and certain key customers. Thus, the results that we actually achieve may differ materially from any anticipated results included in, or implied by these statements.

 

3


Table of Contents

PART I

Item 1 - Business

VASCO Data Security International, Inc. was incorporated in the State of Delaware in 1997 and is the successor to VASCO Corp., a Delaware corporation. Our principal executive offices are located at 1901 South Meyers Road, Suite 210, Oakbrook Terrace, Illinois 60181; the telephone number at that address is 630 932 8844. Our international headquarters in Europe is located at World-Wide Business Center, Balz-Zimmermannstrasse 7, CH-8152, Glattbrugg, Switzerland; the phone number at this location is 41 (0)43 555 3500. Our principal operations offices in Europe are located at Koningin Astridlaan 164, B-1780 Wemmel, Belgium and the telephone number at that address is 32 (0)2 609 9700. Unless otherwise noted, references in this Annual Report on Form 10-K to “VASCO”, “company”, “we”, “our”, and “us” refer to VASCO Data Security International, Inc. and its subsidiaries.

Additional information on the company, our products and services and our results, including the company’s annual report on Form 10-K, quarterly reports on our Form 10-Q, current reports on Form 8-K, and amendments to those reports filed with the Securities and Exchange Commission (SEC) are available, free of charge, on our website at http://www.vasco.com. You may also read and copy any materials we file with the SEC at the SEC’s Public Reference Room at 100 F Street, NE, Washington, DC 20549. You may obtain information on the operation of the Public Reference Room by calling the SEC at 1-800-SEC-0330. Our reports are filed electronically with the SEC and are also available on the SEC’s website (http://www.sec.gov).

General

We, through our operating subsidiaries, design, develop, market and support hardware and software security systems that manage and secure access to information assets. Those security systems include both open standards-based and patented “Strong User Authentication” and “PKI” (Public Key Infrastructure) products and services for employee and consumer security, e-business and e-commerce.

Our target markets are the applications and their several hundred million users that utilize fixed passwords as security. Our event and time-based system generates “one-time” passwords that change with every use and electronic and digital signatures that protect transactions. As a result, when compared to fixed passwords, our security system substantially reduces the risks of unauthorized access to the application and of the hijacking of financial or other data transfers over the Internet.

Products:

Our products enable secure financial transactions to be made over private enterprise networks and public networks, such as the Internet. VASCO customers have historically installed and managed its products on their own computers.

VASCO’s hardware and software products address three main security areas:

 

  1. User authentication: log-on access process of verifying that the user is in fact who he claims to be,

 

  2. Electronic signatures: securing a transaction/message between two known parties,

 

  3. Digital signatures/PKI: securing a transaction/message between two parties who do not necessarily know each other, whereby a third party guarantees the identity/signature of all parties involved.

The backbone of our product range is VACMAN Controller. VACMAN Controller is either integrated into or interfaced with the host system’s application. VACMAN Controller supports multiple authentication technologies, including passwords, dynamic password technology, electronic signatures, digital signatures, certificates and biometrics, on one unique platform.

 

4


Table of Contents

Our client side strong user authentication is delivered via our hardware and software DIGIPASS security products, (collectively “DIGIPASSES”) most of which incorporate an electronic signature capability, which further protects the integrity of electronic transactions and data transmissions. Some of our DIGIPASSES are compliant with the Europay MasterCard Visa (EMV) standard and are compatible with MasterCard’s and VISA’s Chip Authentication Program (CAP). Some of our DIGIPASS units are OATH (Initiative for Open Authentication) compliant.

Our strategy is to be the full option, all-terrain authentication company. Our end-to-end authentication combines all aspects of VASCO’s longstanding full option, all-terrain business model. Based on one unique core authentication engine, VACMAN, VASCO offers a wide portfolio of over 50 software and hardware client authentication products and services, for banking and non-banking markets. As such, VASCO secures a network from the server to the end-user.

Services Platform:

Cloud computing has grown in popularity over the past 10 years. Organizations are able to outsource many of their applications and access them over the Internet (or the “Cloud”). Many such applications are not adequately secured and commonly use a traditional user name and password as security. This introduces an opportunity for strong authentication provided by VASCO.

We believe that there is a growing market demand for an outsourced, or Cloud security offering. In October of 2010, we launched our DIGIPASS as a Service (“DPS”) security platform to the market. Our initial DPS offering was directed at providing strong authentication for business-to-business (“B2B”) and business-to-employee (“B2E”) applications. B2B are applications between two organizations that have an on-going relationship of some type. An example could be a manufacturer that has a web site through which a customer regularly purchases its products. VASCO’s DPS platform could be used to strongly authenticate the purchaser to prevent fraudulent activities. B2E are applications which have been outsourced by an organization. These could be sales reporting and forecasting applications, payroll and 401-k administration applications, human resource applications, etc. VASCO’s DPS platform could be used to strongly authenticate the employee accessing these applications/sites.

We are also planning to launch a DPS offering that will be directed at business-to-consumer applications (“B2C”). These applications are consumer-facing applications. End users will be able to get secure access to, among other things, their private email accounts, their personal photos, their frequent flyer information and their social networking pages, as well as buy goods, order tickets, and play their favorite e-game securely on the Internet. The goal is to have the user securely access multiple consumer applications with only one DIGIPASS. We believe that with this approach, VASCO brings best-of-breed authentication into the reach of almost every online application.

VASCO’s product and service lines include:

 

 

 

   

LOGO VACMAN: Core authentication platform, combining all technologies on one unique platform;

 

 

   

LOGO IDENTIKEY: VASCO’s authentication server, combining the VACMAN core authentication platform with full server functionality;

 

 

   

LOGO aXs GUARD: Leading authentication appliance, combining IDENTIKEY with a wide variety of Internet communication solutions;

 

5


Table of Contents

 

   

LOGO DIGIPASS: A suite of over 50 multi-application client e-signature software products, based on the world’s most widely spread electronic client platforms;

 

 

 

   

LOGO DIGIPASS as a Service (DPS): Offers on-demand identity and transaction security as a service. VASCO’s authentication services product offering is designed to provide enterprise employees, businesses and consumers secure access to multiple online and in-the-Cloud applications, combined with safe online transactions.

Our security solutions are sold worldwide through our direct sales force, as well as through distributors, resellers and systems integrators. We currently have over 10,000 customers, including more than 1,600 financial institutions, in more than 100 countries. Representative customers of our products include HSBC, Rabobank Nederland, BNP-Paribas Fortis, Citibank, KBC and Blizzard Entertainment. The number of new accounts added in each of the past three fiscal years is as follows:

 

     2010      2009      2008  

Banking

     269         211         249   

Enterprise and Application Security

     1,485         1,274         1,578   
                          

Total

     1,754         1,485         1,827   
                          

Although management considers the number of new customers as an indicator of the momentum of our business and effectiveness of our distribution channel, the number of new customers is not indicative of future revenue.

In January 2011, we acquired all of the intellectual property of DigiNotar Holding B.V. and its subsidiaries and acquired 100% of the stock of DigiNotar B.V. and DigiNotar Notariaat B.V. (collectively, “DigiNotar”), each a private company organized and existing in The Netherlands (collectively, “DigiNotar Acquisition”). The acquisition expands the technological breadth of our product line by expanding our abilities to offer PKI technology throughout the product line. We expect the acquisition will enhance our market position in three areas; (1) as a trusted Internet service provider of PKI certificates, which we expect will improve our ability to penetrate government markets (2) as a licensor of PKI-based products to customers for use in their applications, which we believe will enhance our ability to compete in our traditional business and (3) as a provider of our own PKI-secured applications, such as document signing, registration and storage solutions, which we expect will expand opportunities for us on our services platform.

Our Background

Our predecessor company, VASCO Corp., entered the data security business in 1991 through the acquisition of a controlling interest in ThumbScan, Inc., which we renamed VASCO Corp. in 1993. In 1996, we began an expansion of our computer security business by acquiring Lintel Security NV/SA, a Belgian corporation, which included assets associated with the development of security tokens and security technologies for personal computers and computer networks. In addition, in 1996, we acquired Digipass NV/SA, a Belgian corporation, which was also a developer of security tokens and security technologies and whose name we changed to VASCO Data Security NV/SA in 1997.

On March 11, 1998, we completed a registered exchange offer with the holders of the outstanding securities of VASCO Corp. Since the exchange offer, including the acquisition of DigiNotar in 2011, we have engaged in eight acquisitions and one disposition.

In December 2006, we opened our international headquarters in Zurich, Switzerland. In 2007, we established wholly-owned sales subsidiaries in Brazil and Japan. In 2008 and 2009, we established wholly-owned sales subsidiaries in Mumbai, India and Bahrain, respectively. In 2010, we received a business license to open a wholly-owned sales subsidiary in China.

 

6


Table of Contents

Industry Background

The growth in electronic banking and electronic commerce, and the increasing use and reliance upon proprietary or confidential information by businesses, government and educational institutions that is remotely accessible by many users, has made information security a paramount concern. We believe that enterprises are seeking solutions that will continue to allow them to expand access to data and financial assets while maintaining network security.

Internet and Enterprise Security. With the advent of personal computers and distributed information systems in the form of wide area networks, intranets, local area networks and the Internet, as well as other direct electronic links, many organizations have implemented applications to enable their work force and third parties, including vendors, suppliers and customers, to access and exchange data and perform electronic transactions. As a result of the increased number of users having direct and remote access to such enterprise applications, data and financial assets have become increasingly vulnerable to unauthorized access and misuse.

Individual User Security. In addition to the need for enterprise-wide security, the proliferation of personal computers, personal digital assistants and mobile telephones in both home and office settings, combined with widespread access to the Internet, have created significant opportunities for electronic commerce by individual users, such as electronic bill payment, home banking and home shopping.

Fueled by well-publicized incidents, including misappropriation of credit card information and denial of service attacks, there is a growing perception among many consumers that there is a risk involved in transmitting information via the Internet. These incidents and this perception may hamper the development of consumer-based electronic commerce. Accordingly, we believe that electronic commerce will benefit from the implementation of improved security measures that accurately identify users and reliably encrypt data transmissions over the Internet. To minimize losses due to misappropriation of credit card information, many banks in European countries have issued smart cards (credit cards with a micro-chip) that are compliant with the EMV standard.

Several governments worldwide have recognized the risk associated with using fixed passwords for Internet applications and have issued specific rules requiring two-factor authentication for online banking security. We expect that trend to continue and that governments in many countries will prepare similar guidance and/or rules in order to protect their citizens’ online assets.

Components of Security. Data and financial asset security, and secured access to and participation in on-line commerce, generally consist of the following components:

 

   

Encryption: Maintains data privacy by converting information into an unreadable pattern and allowing only authorized parties to decrypt the data. Encryption can also maintain data integrity by creating digital signatures for transmitted data, enabling the recipient to check whether the data has been changed since or during transmission.

 

   

Identification and Authentication: Serves as the foundation for other security mechanisms by verifying that a user is who he or she claims to be. Identification and authentication mechanisms are often employed with encryption tools to authenticate users, to determine the proper encryption key for encrypting/decrypting data, or to enable users to digitally “sign” or verify the integrity of transmitted data.

 

   

Access Control: Software that provides authentication, authorization and accounting functions, controlling a user’s access to only that data or the financial assets which he or she is authorized to access, and that keeps track of a user’s activities after access has been granted.

 

   

Administration and Management Tools: Software that sets, implements, and monitors security policies, the access to which is typically regulated by access control systems. These tools are extremely important to the overall effectiveness of a security system.

 

7


Table of Contents

The most effective security policies employ most, if not all, of the above components. Many companies, however, only implement a patchwork of these components, which could result in their security systems being compromised.

Our Solution

We have found that, to date, most approaches to network security, including Internet security, have been limited in scope and have failed to address all of the critical aspects of data security. We believe that an effective enterprise-wide solution must address and assimilate issues relating to the following:

 

   

Speed and ease of implementation, use and administration;

 

   

Reliability;

 

   

Interoperability within diverse enterprise environments, existing customer applications and the security infrastructure;

 

   

Interoperability within diverse applications in Cloud processing environments;

 

   

Scalability; and

 

   

Overall cost of ownership.

Accordingly, we have adopted the following approach to data security:

 

   

In designing our products, we have sought to incorporate industry-accepted, open and non-proprietary protocols. This permits interoperability between our products and the multiple platforms, products and applications widely in use.

 

   

We have designed our products and services to minimize their integration effort with, and disruption of, existing legacy applications and the security infrastructure. We provide customers with easier implementations and a more rapid means of implementing security across the enterprise, including the Internet. With security being a critical enabling technology for on-line business initiatives, speed and ease of security implementation has become crucial to an organization’s success.

 

   

We design our products and services to have a more attractive total cost of ownership than competing products and services. We have found that product improvements and tools that lower a customer’s total cost of ownership create differentiating sales and marketing tools and also help in the development of a highly loyal customer base that is open to new solutions that we offer.

As a result of this approach, we believe that we are a leading provider of strong software and hardware authentication security that can be combined with electronic and digital signature (“e-signature”) solutions for all types of on-line, risk-based transactions.

Our Strategy

We believe that we have one of the most complete lines of security products and services for strong user authentication and e-signatures available in the market today. We also believe that we can demonstrate to an increasing number of distributors, resellers and systems integrators that they can more effectively differentiate themselves in their marketplaces and increase the value of their products by incorporating our security products into their own products. On a broad basis, our strategy is to:

 

   

Continue our “full-option,” end-to-end authentication strategy by offering the financial services sector the full array of authentication products and services;

 

   

Expand our penetration in other traditional markets (“all-terrain” strategy) by selling the products offered in the financial services sector to other markets including, but not limited to, business

 

8


Table of Contents
 

enterprises and other vertical markets that center around core applications that are similar to the way that the financial services market operates (e.g., e-commerce applications and e-government applications); and

 

   

Expand our penetration into new markets such as B2B, B2E and B2C by providing strong authentication through our services platform.

Increase Sales and Marketing Efforts. In 2008 and 2010 we hired heavily in sales and marketing. In 2009, our sales and marketing staff declined as we made adjustments for non-productive staff and contained our costs by implementing a hiring freeze during the difficult economic conditions.

In 2011, we plan to limit new hires in our traditional businesses and will concentrate on making the persons hired in 2010 fully productive. Staff additions in 2011 will primarily be to our services business. We also plan to increase our investment in marketing programs to strengthen our position in existing markets, increase our focus on traditional vertical application markets and increase our support for the indirect sales channel. As part of that increased investment, we plan to increase the number of our marketing events, such as banking summits, enterprise security events, and application security events.

Continue Innovation. We intend to continue to enhance and broaden our line of security products to meet the changing needs of our existing and potential customers by:

 

   

Building on our core software and hardware security expertise by continuing to expand our technology and services for use on different platforms, such as mobile phones and personal digital assistants;

 

   

Expanding our authentication services product offering;

 

   

Acquiring complementary technologies or businesses; and

 

   

Developing products for applications in new vertical markets.

Our Products

VACMAN Product Line

The VACMAN product line incorporates a range of strong authentication utilities and solutions designed to allow organizations to add DIGIPASS strong authentication into their existing networks and applications.

In order to provide the greatest flexibility, without compromising on functionality or security, VACMAN solutions are designed to integrate with most popular hardware and software. Once integrated, the VACMAN components become largely transparent to the users, minimizing rollout and support issues.

VACMAN Controller

VACMAN Controller is the backbone of VASCO’s product strategy towards the banking and e-commerce markets. VACMAN Controller encompasses all four authentication technologies (passwords, dynamic password technologies, certificates and biometrics) and allows our customers to use any combination of those technologies simultaneously. VACMAN Controller is natively embedded in or compatible with the solutions of over 100 VASCO solution partners.

Designed by specialists in “system entry” security, VACMAN Controller makes it easy to administer a high level of access control and allows our customers to match the level of authentication security used with their perceived risk for each user of their application. Our customer simply adds a field to his or her existing user database, describing the authentication technology used and, if

 

9


Table of Contents

applicable, the unique DIGIPASS token assigned to the end user of their application. VACMAN Controller takes it from there, automatically authenticating the logon request using the security sequence the user specifies, whether it’s a one-time password using either response-only or a challenge/response authentication scheme or an electronic signature.

VACMAN Controller allows the user the freedom to provide secure remote access to virtually any type of application. VACMAN Controller is a library requiring only a few days to implement in most systems and supports all DIGIPASS functionality. Once linked to an application, VACMAN Controller automatically handles login requests from any users authorized to have a DIGIPASS.

IDENTIKEY Server

IDENTIKEY Server is an off-the-shelf centralized authentication server that supports the deployment, use and administration of DIGIPASS strong user authentication. IDENTIKEY is based on VASCO’s core VACMAN technology.

IDENTIKEY is available in four packaged versions for the use of the Enterprise and Application Security market and can be easily upgraded.

 

   

The Standard Edition includes Remote Authentication Dial In User Service (“RADIUS”) functionality for a single licensed server. It targets small and medium-sized business (“SMB”s) wanting to secure their remote access infrastructure at the lowest total cost of ownership.

 

   

The Gold Edition offers web filters to secure Outlook Web Access (“OWA”) and Citrix Web Interface (CWI”), additional to the RADIUS support. This version includes licenses for a primary and a back-up server. It is an ideal solution for SMBs that want to offer more functionality and assure availability for their employees.

 

   

The Platinum Edition addresses the security needs of companies that want to protect the external access to the corporate network as well as Windows desktop and network logon.

 

   

The Enterprise Edition is the most comprehensive solution, offering:

 

   

RADIUS for remote access to the corporate network,

 

   

Web filter support for access to in-house applications (OWA, CWI),

 

   

Simple Object Access Protocol (“SOAP”) for protection of Internet based business applications (e.g. portals, extranet, e-commerce websites, partner services, etc.), and

 

   

Licenses for up to seven servers.

The Enterprise Edition is the perfect solution for SMBs that want to secure more than remote access by using the same DIGIPASS device to secure additional applications at little to no extra cost. It also addresses the need of large enterprises to set up a pool of replication servers to share the authentication load and assure high-availability, especially when securing an increased number of customers and partners who use web-hosted applications.

aXs GUARD Product Line

We offer two types of aXs GUARD appliances: aXs GUARD Identifier and aXs GUARD Gatekeeper.

aXs GUARD Identifier

aXs GUARD Identifier is a standalone authentication solution that offers strong two-factor authentication for remote access to a corporate network or to web-based in-house business applications. It comes in a standard 19 inch rack with a mountable “slim fit” design. The appliance verifies

 

10


Table of Contents

DIGIPASS/IDENTIKEY authentication requests from RADIUS clients and web filters and can easily be integrated with any authentication server. It features a web based administration interface as well as an auditing and reporting console.

aXs GUARD Gatekeeper

aXs GUARD Gatekeeper consists of a range of dedicated appliances that brings strong user authentication and secure Internet communications to the enterprise through a choice of multiple software modules. aXs GUARD Gatekeeper integrates DIGIPASS to provide secure two factor user authentication. It is a standalone modular communications solution providing intrusion, website and virus protection; remote connection through VPNs and a reporting and monitoring console, among other things.

DIGIPASS Product Line

Our DIGIPASS product line, which exists as a family of software and hardware client authentication products and services, provides a flexible and affordable means of authenticating users to any network, including the Internet.

Security can be broken into three factors:

 

   

What the user has (the DIGIPASS itself, in either hardware or software version);

 

   

What the user knows (the PIN code to activate the DIGIPASS); and

 

   

Who the user is (biometrics).

The DIGIPASS family is currently based on the first two factors. Using the DIGIPASS system, in order to enter a remote system or to digitally sign data, the user needs a:

 

   

Client authentication device, a hardware DIGIPASS or DIGIPASS software downloaded onto an existing device. Without physical possession of the client authentication device the user will not be able to log on to the system; and

 

   

PIN code for the DIGIPASS; if the user does not know the appropriate code, he or she will not be able to use the applications stored inside.

Both factors help ensure that a natural person is authenticating (or signing), instead of a computer or another device. These factors also enable very high portability for security anytime and anywhere.

DIGIPASSES calculate dynamic signatures and passwords, also known as one-time passwords, to authenticate users on a computer network and for a variety of other applications. There are over 50 models of the DIGIPASS, each of which has its own distinct characteristics depending on the platform that it uses and the functions it performs. However, the DIGIPASS family is designed to work together and customers can switch their users’ devices without requiring any changes to the customers’ existing infrastructure. In addition, these devices can be used to calculate digital signatures, also known as electronic signatures or message authentication codes, to protect electronic transactions and the integrity of the contents of such transactions.

DIGIPASS technology is designed to operate on non-VASCO platforms such as a desktop PC or laptop. DIGIPASS technology is also available for personal digital assistants (PDA), mobile phones and smart cards. For users of mobile phones, the virtual DIGIPASS generates one-time passwords that are sent to the mobile telephone user by SMS (Short Messaging System).

Other technologies such as paper based authentication (TAN lists) and PKI-enabled products are successfully created in the DIGIPASS family, always based on the same back-end VACMAN core technology.

 

11


Table of Contents

DIGIPASS technology also combines the benefits of traditional password authenticators (authentication and digital signatures) with smart card readers. Together, they bring portability to smart cards and allow secure time-based algorithms.

The DIGIPASS technology is also available in a web browser based version. DIGIPASS for Web is the ideal product to replace a password-based security or paper-based authentication system with a security system using strong authentication, to achieve a higher security level. DIGIPASS for Web supports user authentication, transaction signing and document signing. No software installation is required on the end-user’s PC.

We believe a VASCO-secured system has the features needed to secure both today’s and tomorrow’s IT resources.

DIGIPASS at Work

LOGO

Our core authentication product, VACMAN Controller, supports all existing authentication technologies, products and services on one unique platform. This allows us to go to market with a very flexible, “full option” authentication offering. Our customers can choose which type of client authentication product they offer to their different end user segments.

Currently, our products are used in a wide variety of applications, the largest of which is banking. Banking applications include:

 

   

Corporate banking through direct dial-up, as well as over the Internet, and

 

12


Table of Contents
   

Retail banking to secure transactions made through the use of a dial-up connection with a personal computer, the traditional phone system, the Internet, wireless phones and other communication devices such as personal digital assistants.

Another significant application for our products is to secure access to corporate networks for home-based, traveling and other remote users. Hardware and software DIGIPASSES are increasingly being used in a variety of e-commerce applications where the user is part of a pre-defined user group. Finally, VASCO’s product lines are breaking through in a number of new, end-user-facing verticals, such as e-gaming. We intend to expand the use of the DIGIPASS to other groups of users and applications, including electronic commerce transactions directed at the general public.

In the fourth quarter of 2010, we announced the availability of our DIGIPASS as a Service (“DPS”) product offering. DPS is our Cloud-based authentication platform. DPS will enable application hosts to deploy strong two-factor authentication quickly with minimal upfront costs. Users will benefit from the added security of strong two-factor authentication available on an increasing number of Internet sites and applications. We expect those applications to include B2B applications, B2E applications (e.g., employees of companies logging into third party applications operated in the Cloud), and B2C applications. While there were no revenues generated from this product in 2010, we believe DPS has the potential for significant future growth as it will make two-factor authentication more affordable and readily available to users and applications markets.

Intellectual Property and Proprietary Rights and Licenses

We rely on a combination of patent, copyright, trademark and trade secret laws, as well as employee and third-party non-disclosure agreements to protect our proprietary rights. In particular, we hold several patents in the U.S. and in other countries, which cover multiple aspects of our technology. These patents expire between 2014 and 2027. We do not believe that we have any patents that will expire in 2011 that will affect business, profitability or increase competition. In addition to the issued patents, we also have several patents pending in the U.S., Europe and other countries. The majority of our issued and pending patents cover our DIGIPASS family. We believe these patents to be valuable property rights and we rely on the strength of our patents and on trade secret law to protect our intellectual property rights. To the extent that we believe our patents are being infringed upon, we intend to assert vigorously our patent protection rights, including but not limited to, pursuing all available legal remedies.

Research and Development

Our research and development efforts historically have been, and will continue to be, concentrated on product enhancement, new technology development and related new product introductions. We employ a team of full-time engineers and, from time to time, also engage independent engineering firms to conduct non-strategic research and development efforts on our behalf. We recorded $13.6, $11.6 and $11.6 million for fiscal years ended December 31, 2010, 2009, and 2008, respectively, on company-sponsored research and development.

Production

Our security hardware DIGIPASSES are manufactured by third party manufacturers pursuant to purchase orders that we issue. Our hardware DIGIPASSES are made primarily from commercially available electronic components that are purchased globally. Our software products, including software versions of our DIGIPASSES are produced in-house.

Hardware DIGIPASSES utilize commercially available programmable microprocessors, or chips. We use a limited number of microprocessors, made by Samsung, for the various hardware products we produce. The Samsung microprocessors are purchased from Samsung Semiconductor in Germany. The microprocessors are the only components of our security authenticators that are not commodity items readily available on the open market.

 

13


Table of Contents

Orders of microprocessors generally require a lead-time of 12-16 weeks. We attempt to maintain a sufficient inventory of all parts to handle short-term increases in orders. Large orders that would significantly deplete our inventory are typically required to be placed with more than 12 weeks of lead-time, allowing us to make appropriate arrangements with our suppliers.

We purchase the microprocessors and arrange for shipment to third parties for assembly and testing in accordance with our design specifications. Our DIGIPASS products are assembled by one of three independent companies with headquarters in Hong Kong and production facilities in China. Purchases from these companies are made on a volume purchase order basis. These companies commit to very high production standards, and as a result, they also have major production contracts with Japanese hi-tech companies. Equipment designed to test product at the point of assembly is supplied by us and periodic visits are made by our personnel for purposes of quality assurance, assembly process review and supplier relations.

Competition

The market for computer and network security solutions is very competitive and, like most technology-driven markets, is subject to rapid change and constantly evolving products and services. Our main competitor is RSA Security, a subsidiary of EMC Corporation. Additional direct competitors include Gemalto and Kobil Systems. There are many other companies, such as SafeNet, Symantec and Entrust that offer authentication hardware, software and services that range from simple locking mechanisms to sophisticated encryption technologies. We believe that competition in this market is likely to intensify as a result of increasing demand for security products. Visibility of global competitors and their planned actions has diminished over the last several years due to the fact that some of our competitors have been acquired by larger corporations (e.g., EMC’s acquisition of RSA in 2006) or private equity firms (e.g., SafeNet, which was acquired by Vector Capital in 2007, and Entrust, which was acquired by Thoma Bravo, LLC in 2009).

We believe that the principal competitive factors affecting the market for computer and network security products include the strength and effectiveness of the solution, technical features, ease of use, quality/reliability, customer service and support, name recognition, customer base, distribution channels and the total cost of ownership of the authentication solution. Although we believe that our products currently compete favorably with respect to such factors, other than name recognition in certain markets, there can be no assurance that we can maintain our competitive position against current and potential competitors, especially those with significantly greater financial, marketing, service, support, technical and other competitive resources.

Some of our present and potential competitors have significantly greater financial, technical, marketing, purchasing and other resources than we do, and as a result, may be able to respond more quickly to new or emerging technologies and changes in customer requirements, or to devote greater resources to the development, promotion and sale of products, or to deliver competitive products at a lower end-user price. Current and potential competitors have established or may establish cooperative relationships among themselves or with third parties to increase the ability of their products to address the needs of our prospective customers. It is possible that new competitors or alliances may emerge and rapidly acquire significant market share. Accordingly, we have forged, and will continue to forge, our own partnerships to offer a broader range of products and capabilities to the market.

Our products are designed to allow authorized users access to a computing environment, in some cases using patented technology as a replacement for the static password. Although certain of our security token technologies are patented, there are other organizations that offer token-type password generators incorporating challenge-response or response-only approaches that employ different technological solutions and compete with us for market share.

Sales and Marketing

Our security solutions are sold through our direct sales force, as well as through approximately 93 distributors, their reseller networks and systems integrators. A sales staff of 74 coordinates our sales activity

 

14


Table of Contents

through both our sales channels and our strategic partners’ sales channels and makes direct sales calls either alone or with sales personnel of vendors of computer systems. Our sales staff also provides product education seminars to sales and technical personnel of vendors and distributors with whom we have working relationships and to potential end-users of our products.

VASCO secures and trains its channel. Cumulative to date, 666 of our channel partners’ staff have become VASCO certified engineers.

Part of our expanded selling effort includes approaching our existing strategic partners to find additional applications for our security products. In addition, our marketing plan calls for the identification of new business opportunities that may require enhanced security over the transmission of electronic data or transactions where we do not currently market our products. Our efforts also include the preparation and dissemination of white papers prepared by our support engineers that explain how we believe our security products can add value or otherwise be beneficial.

Customers and Markets

Customers for our products include some of the world’s most recognized names: HSBC, Rabobank Nederland, BNP-Paribas Fortis, and Blizzard Entertainment. In 2010, we announced numerous new customers around the world including, but not limited to VTB 24 (Russia), SEB (Sweden), STB (Tunisia), BetClic (Malta), OHFA (U.S.A.), Crédit Agricole (Belgium), Virginia Heritage Bank (U.S.A.), and PartyGaming (Gibraltar).

Our top 10 customers contributed 37%, 34% and 44%, in 2010, 2009 and 2008, respectively, of total worldwide revenue. In 2010, HSBC contributed approximately 11% of our worldwide revenue. In 2009 and 2008, no single customer accounted for more than 10% of our revenue.

A significant portion of our sales is denominated in foreign currencies and changes in exchange rates could impact results of operations. To minimize exposure to risks associated with fluctuations in currency exchange rates, we attempt to denominate an amount of billings in a currency such that it would provide a hedge against operating expenses being incurred in that currency. For additional information regarding how currency fluctuations can affect our business, please refer to “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and “Quantitative and Qualitative Disclosures about Market Risk.”

We also experience seasonality in our business. Historically, these seasonal trends are most notable in the summer months, particularly in Europe, when many businesses defer purchase decisions; however, given the relatively small size of our business, the timing of any one or more large orders may temper or offset this seasonality.

We organize our sales group and report our results in two vertical markets:

 

   

Banking and Financial Institutions: Our traditional stronghold where we believe that there are substantial opportunities for future growth.

 

   

Enterprise and Application Security: Our second market that has grown into a robust source of revenue and includes:

 

  -  

Various corporations for network and remote access: We have enjoyed growing success in this market and have developed new products that we believe will allow us to compete more effectively for both SME (small and medium enterprises) as well as large corporations.

 

  -  

Other application-specific markets: Our products are being used in more than 50 different applications and we believe that we will be able to identify and leverage our knowledge with those applications to increase our penetration in the more promising markets.

 

  -  

E-commerce: Both business-to-business and business-to-consumer e-commerce are becoming ever more important for us.

 

15


Table of Contents
  -  

E-government: Our revenue in this market is still small, but we are ready to take advantage of the market’s evolution.

Our channel partners are critical to our success in the Enterprise and Application Security markets. We serve this market exclusively via our two-tier indirect sales channel. We train employees of our resellers and distributors on-site and in our offices. In addition, we have developed online video training software that allows us to train people worldwide, resulting in cost and time benefits.

We invest in and support our channel with marketing and public relations actions. Distributors and resellers get the tools they need to be successful, such as campaigns, case studies, marketing funds and more. We expect our Enterprise and Application Security market to become even more successful in the future.

Backlog

Our backlog at December 31, 2010 was approximately $56 million compared to $20 million at December 31, 2009. We anticipate that substantially all of the backlog at the end of 2010 will be shipped in 2011. We do not believe that the specific amount of backlog at any point in time is indicative of the trends in our markets or the expected results of our business. Given the relatively small size of our business and the large size of potential orders, the backlog number can change significantly with the receipt of a new order or modification of an existing order, for example, shipment timing.

Financial Information Relating to Foreign and Domestic Operations

For financial information regarding VASCO, see our Consolidated Financial Statements and the related Notes, which are included in this Annual Report on Form 10-K. We have a single reportable segment for all our products and operations. See Note 12 in the Notes to Consolidated Financial Statements for a breakdown of revenue and long-lived assets between U.S. and foreign operations.

Employees

As of December 31, 2010, we had 342 total employees, which included 325 full-time employees. Of the total employees, 34 were located in the U.S., 263 in EMEA (Europe, the Middle East and Africa), 17 in the Asia Pacific Rim countries and 28 in other countries, including Australia, Latin America, India and Central Asia. Of the total employees, 170 were involved in sales, marketing and customer support, 115 in research and development and 57 in general and administration.

Item 1A - Risk Factors

RISK FACTORS

You should carefully consider the following risk factors, which we consider the most significant, as well as other information contained in this Annual Report on Form 10-K. In addition, there are a number of less significant and other general risk factors that could affect our future results. If any of the events described in the risk factors were to occur, our business, financial condition or operating results could be materially and adversely affected. We have grouped our Risk Factors under captions that we believe describe various categories of potential risk. For the reader’s convenience, we have not duplicated risk factors that could be considered to be included in more than one category.

 

16


Table of Contents

Risks Related to Our Business

The worldwide recession and credit crisis have impacted our business.

The company’s business was still negatively affected in 2010 by a recession in many of the countries in which we do business and a credit crisis impacting banks in some of our markets. The tightening of credit in financial markets and the general economic downturn may have adversely affected the ability of our customers, suppliers, outsource manufacturers and channel partners (e.g. distributors and resellers) to obtain the financing they need to make purchases from us or to perform their obligations under agreements with us or even to continue their operations. The credit tightening and decreased cash availability could also result in (a) an increase in cancellation of orders for our products and services and/or a decrease in demand for our products and services, (b) an inability to collect our accounts receivable on a timely basis, which may result in additional reserves for uncollectible accounts receivable and (c) in the event of the contraction of our sales, dated inventory, which could result in a need for additional obsolescence reserves, each of which, individually or in aggregate, could cause our actual results to differ materially from our current expectations.

While we believe that the effects of the recession and credit crisis have abated, we are unable to predict potential future economic conditions and disruptions in financial markets or their effect on our business and results of operations, but the consequences may be materially adverse.

The current worldwide economic conditions may affect our liquidity and capital resources.

While we believe that our financial resources and current borrowing arrangements are adequate to meet our operating needs, we anticipate that the difficult current economic conditions that exist on a worldwide basis today may require us to modify our business plans. In the current economic environment there is a risk that customers may delay their orders until the economic conditions stabilize or improve further. If a significant number of orders are delayed for an indefinite period of time, our revenue and cash receipts may not be sufficient to meet the operating needs of the business. If this is the case, we may need to significantly reduce our workforce, sell certain of our assets, enter into strategic relationships or business combinations, discontinue some or all of our operations, or take other similar restructuring actions. While we expect that these actions would result in a reduction of recurring costs, they also may result in a reduction of recurring revenue and cash receipts. It is also likely that we would incur substantial non-recurring costs to implement one or more of these restructuring actions.

We have a long operating history, but only a small accumulated profit.

Although we have reported net income of $10.8 million, $11.9 million and $24.3 million for the years ended December 31, 2010, 2009, and 2008, respectively, our net income has declined each year and our retained earnings was only $47.5 million at December 31, 2010. Over our nineteen-year operating history, we have operated at a loss for many of those years. In the current uncertain economic environment, it may be difficult for us to sustain our recent levels of profitability.

We derive revenue from a limited number of products and do not have a broadly-diversified product base.

Substantially all of our revenue is derived from the sale of authentication products. We also anticipate that a substantial portion of our future revenue, if any, will also be derived from these products and related services. If the sale of these products and services is impeded for any reason and we have not diversified our product offerings, our business and results of operations would be negatively impacted.

The sales cycle for our products and technology is long, and we may incur substantial expenses for sales that do not occur when anticipated.

The sales cycle for our products, which is the period of time between the identification of a potential customer and completion of the sale, is typically lengthy and subject to a number of significant risks over which we have little control. If revenue falls significantly below anticipated levels, our business would be seriously harmed.

 

17


Table of Contents

A typical sales cycle in the Banking market is often six months or more. Larger Banking transactions may take up to 18 months or more. Purchasing decisions for our products and systems may be subject to delays due to many factors that are not within our control, such as:

 

   

The time required for a prospective customer to recognize the need for our products;

 

   

The significant expense of many data security products and network systems;

 

   

Customers’ internal budgeting processes; and

 

   

Internal procedures customers may require for the approval of large purchases.

As our operating expenses are based on anticipated revenue levels, a small fluctuation in the timing of sales can cause our operating results to vary significantly between periods.

We have a great dependence on a limited number of suppliers and the loss of their manufacturing capability could materially impact our operations.

In the event that the supply of components or finished products is interrupted or relations with any of our principal vendors is terminated, there could be a considerable delay in finding suitable replacement sources to manufacture our products at the same cost or at all. The majority of our products are manufactured by four independent vendors, a processor manufacturer headquartered in Europe and the three manufacturers of finished goods in Hong Kong. Our hardware DIGIPASSES are assembled at facilities in mainland China. The importation of these products from China exposes us to the possibility of product supply disruption and increased costs in the event of changes in the policies of the Chinese government, political unrest or unstable economic conditions in China or developments in the United States that are adverse to trade, including enactment of protectionist legislation.

We have a significant dependence on major customers and losing any of these customers could result in a significant loss in revenue.

If we don’t find other customers who generate significant future revenue, the unforeseen loss of one or more of our major customers, or the inability to maintain reasonable profit margins on sales to any of these customers, would have a material adverse effect on our results of operations and financial condition.

Our customers have the ability to reschedule their deliveries.

Prior to 2009, a major portion of our business was scheduled by our customers under purchase orders (POs) which called for multiple shipments over the course of 12 months. Typically, these were firm orders with specific requests for shipments on specified dates. Historically, a customer may have requested that a shipment be accelerated and delivered earlier than scheduled or, conversely, delayed and delivered later than originally scheduled, or in rare cases, cancelled. In 2009 and in 2010, we experienced instances in which customers delayed delivery shipments or placed smaller orders covering shorter periods of time. While we expect our customers to return to order patterns more similar to their earlier historical patterns, they may continue to delay shipments or order small quantities covering shorter periods of time. If our customers continue ordering on a basis consistent with 2009 and 2010, each quarter’s results may vary substantially based on orders delivered in that quarter.

Our success depends on establishing and maintaining strategic relationships with other companies to develop, market and distribute our technology and products and, in some cases, to incorporate our technology into their products.

Part of our business strategy is to enter into strategic alliances and other cooperative arrangements with other companies in our industry. We currently are involved in cooperative efforts with respect to the incorporation of our products into products of others, research and development efforts, marketing efforts and reseller arrangements. None of these relationships are exclusive, and some of our strategic partners also have

 

18


Table of Contents

cooperative relationships with certain of our competitors. If we are unable to enter cooperative arrangements in the future or if we lose any of our current strategic or cooperative relationships, our business could be harmed. We do not control the time and resources devoted to such activities by parties with whom we have relationships. In addition, we may not have the resources available to satisfy our commitments, which may adversely affect these relationships. These relationships may not continue, may not be commercially successful, or may require our expenditure of significant financial, personnel and administrative resources from time to time. Further, certain of our products and services compete with the products and services of our strategic partners.

We may not be able to maintain effective product distribution channels, which could result in decreased revenue.

We rely on both our direct sales force and an indirect channel distribution strategy for the sale and marketing of our products. We may be unable to attract distributors, resellers and integrators, as planned, that can market our products effectively and provide timely and cost-effective customer support and service. There is also a risk that some or all of our distributors, resellers or integrators may be acquired, may change their business models or may go out of business, any of which could have an adverse effect on our business. Further, our distributors, integrators and resellers may carry competing lines of products. The loss of important sales personnel, distributors, integrators or resellers could adversely affect us.

We depend on our key personnel for the success of our business and the loss of one or more of our key personnel could have an adverse effect on our ability to manage our business or could be negatively perceived in the capital markets.

Our success and our ability to manage our business depend, in large part, upon the efforts and continued service of our senior management team. The loss of one or more of our key personnel could have a material adverse effect on our business and operations. It could be difficult for us to find replacements for our key personnel, as competition for such personnel is intense. Further, such a loss could be negatively perceived in the capital markets, which could reduce the market value of our securities.

If we fail to continue to attract and retain qualified personnel, our business may be harmed.

Our future success depends upon our ability to continue to attract and retain highly qualified scientific, technical, sales and managerial personnel. Competition for such personnel is intense and there can be no assurance that we can attract other highly qualified personnel in the future. If we cannot retain or are unable to hire such key personnel, our business, financial condition and results of operations could be significantly adversely affected.

Changes in our effective tax rate may have an adverse effect on our results of operations.

Our future effective tax rates may be adversely affected by a number of factors including the distribution of income among the various countries in which we operate, changes in the valuation of our deferred tax assets, increases in expenses not deductible for tax purposes, including the impairment of goodwill in connection with acquisitions, changes in share-based compensation expense, and changes in tax laws or the interpretation of such tax laws and changes in generally accepted accounting principles. Any significant increase in our future effective tax rates could adversely impact net income for future periods.

Our worldwide income tax provisions and other tax accruals may be insufficient if any taxing authorities assume taxing positions that are contrary to our positions.

Significant judgment is required in determining our provision for income taxes and other taxes such as sales and VAT taxes. There are many transactions for which the ultimate tax outcome is uncertain. Some of these uncertainties arise as a consequence of intercompany agreements to purchase intellectual properties, allocate revenue and allocate costs, each of which could ultimately result in changes once the arrangements are reviewed by taxing authorities. Although we believe that our approach to determining the amount of such arrangements is

 

19


Table of Contents

reasonable, we can not be certain that the final tax authority review of these matters will not differ materially from what is reflected in our historical income tax provisions and other tax accruals. Such differences could have a material effect on our income tax provisions or benefits, or other tax accruals, in the period in which such determination is made, and consequently, on our results of operations for such period.

Any acquisitions we make could disrupt our business and harm our financial condition.

We may make investments in complementary companies, products or technologies. Should we do so, our failure to successfully manage future acquisitions could seriously harm our operating results. In the event of any future purchases, we will face additional financial and operational risks, including:

 

   

Difficulty in assimilating the operations, technology and personnel of acquired companies;

 

   

Disruption in our business because of the allocation of resources to consummate these transactions and the diversion of management’s attention from our existing business;

 

   

Difficulty in retaining key technical and managerial personnel from acquired companies;

 

   

Dilution of our stockholders, if we issue equity to fund these transactions;

 

   

Assumption of operating losses, increased expenses and liabilities; and

 

   

Our relationships with existing employees, customers and business partners may be weakened or terminated as a result of these transactions.

Reported revenue may fluctuate widely due to the interpretation or application of accounting rules.

Our sales arrangements often include multiple elements, including hardware, software and maintenance. The accounting rules for such arrangements are complex and subject to change from time to time. Small changes in circumstances could cause wide deviations in the timing of reported revenue.

Indemnity provisions in various agreements potentially expose us to substantial liability for intellectual property infringement and other losses.

Our agreements with customers, solution partners and channel partners include indemnification provisions under which we agree to indemnify them for losses suffered or incurred as a result of claims of intellectual property infringement and, in some cases, for damages caused by us to property or persons. Large indemnity payments could harm our business, operating results and financial condition.

Risks Related to the Market

We face significant competition and if we lose or fail to gain market share our financial results will suffer.

The market for computer and network security products and services is highly competitive. Our competitors include organizations that provide computer and network security products based upon approaches similar to and different from those that we employ. Many of our competitors have significantly greater financial, marketing, technical and other competitive resources than we do. As a result, our competitors may be able to adapt more quickly to new or emerging technologies and changes in customer requirements, or to devote greater resources to the promotion and sale of their products.

A decrease of average selling prices for our products and services could adversely affect our business.

The average selling prices for our solution offerings may decline as a result of competitive pricing pressures or a change in our mix of products, software and services. In addition, competition continues to increase in the market segments in which we participate and we expect competition to further increase in the future, thereby leading to increased pricing pressures. Furthermore, we anticipate that the average selling prices

 

20


Table of Contents

and gross profits for our products will decrease over product life cycles. To sell our products and services at higher prices, we must continue to develop and introduce new products and services that incorporate new technologies or increased functionality. If we experience pricing pressures or fail to develop new products, our revenue and gross margins could decline, which could harm our business, financial condition and results of operations.

We may need additional capital in the future and our failure to obtain capital would interfere with our growth strategy.

Our ability to obtain financing will depend on a number of factors, including market conditions, our operating performance and investor interest. These factors may make the timing, amount, terms and conditions of any financing unattractive. They may also result in our incurring additional indebtedness or accepting stockholder dilution. If adequate funds are not available or are not available on acceptable terms, we may have to forego strategic acquisitions or investments, defer our product development activities, or delay the introduction of new products.

We experience variations in quarterly operating results and sales are subject to seasonality, both of which may result in a volatile stock price.

In the future, as in the past, our quarterly operating results may vary significantly, resulting in a volatile stock price. Factors affecting our operating results include:

 

   

The level of competition;

 

   

The size, timing, cancellation or rescheduling of significant orders;

 

   

New product announcements or introductions by competitors;

 

   

Technological changes in the market for data security products including the adoption of new technologies and standards;

 

   

Changes in pricing by competitors;

 

   

Our ability to develop, introduce and market new products and product enhancements on a timely basis, if at all;

 

   

Component costs and availability;

 

   

Our success in expanding our sales and marketing programs;

 

   

Market acceptance of new products and product enhancements;

 

   

Changes in foreign currency exchange rates; and

 

   

General economic conditions in the countries in which we operate.

We also experience seasonality in all markets. These seasonal trends are most notable in the summer months, particularly in Europe, when many businesses defer purchase decisions.

Our stock price may be volatile for reasons other than variations in our quarterly operating results.

The market price of our common stock may fluctuate significantly in response to factors, some of which are beyond our control, including the following:

 

   

Actual or anticipated fluctuations in our quarterly or annual operating results;

 

   

Differences between actual operating results and results estimated by analysts that follow our stock and provide estimates of our results to the market;

 

   

Differences between guidance relative to financial results, if given, and actual results;

 

21


Table of Contents
   

Changes in market valuations of other technology companies;

 

   

Announcements by us or our competitors of significant technical innovations, contracts, acquisitions, strategic partnerships, joint ventures or capital commitments;

 

   

Additions or departures of key personnel;

 

   

Future sales of common stock;

 

   

Trading volume fluctuations; and

 

   

Reactions by investors to uncertainties in the world economy and financial markets.

A small group of persons control a substantial amount of our common stock and could delay or prevent a change of control.

Our Board of Directors, our officers and their immediate families and related entities beneficially own approximately 27%, with Mr. T. Kendall Hunt beneficially owning approximately 25%, of the outstanding shares of our common stock. As the Chairman of the Board of Directors, Chief Executive Officer and our largest stockholder, Mr. Hunt may exercise substantial control over our future direction and operation and such concentration of control may have the effect of discouraging, delaying or preventing a change in control and may also have an adverse effect on the market price of our common stock.

Certain provisions of our charter and of Delaware law make a takeover of our company more difficult.

Our corporate charter and Delaware law contain provisions, such as a class of authorized but unissued preferred stock which may be issued by our board without stockholder approval that might enable our management to resist a takeover of our company. Delaware law also limits business combinations with interested stockholders. These provisions might discourage, delay or prevent a change in control or a change in our management. These provisions could also discourage proxy contests, and make it more difficult for you and other stockholders to elect directors and take other corporate actions. The existence of these provisions could limit the price that investors might be willing to pay in the future for shares of our common stock.

Future issuances of blank check preferred stock may reduce voting power of common stock and may have anti-takeover effects that could prevent a change in control.

Our corporate charter authorizes the issuance of up to 500,000 shares of preferred stock with such designations, rights, powers and preferences as may be determined from time to time by our Board of Directors, including such dividend, liquidation, conversion, voting or other rights, powers and preferences as may be determined from time to time by the Board of Directors without further stockholder approval. The issuance of preferred stock could adversely affect the voting power or other rights of the holders of common stock. In addition, the authorized shares of preferred stock and common stock could be utilized, under certain circumstances, as a method of discouraging, delaying or preventing a change in control.

Risks Related to Technology and Intellectual Property

Technological changes occur rapidly in our industry and our development of new products is critical to maintain our revenue.

The introduction by our competitors of products embodying new technologies and the emergence of new industry standards could render our existing products obsolete and unmarketable. Our future revenue growth and operating profit will depend in part upon our ability to enhance our current products and develop innovative products to distinguish ourselves from the competition and to meet customers’ changing needs in the data security industry. We cannot assure you that security-related product developments and technology innovations by others will not adversely affect our competitive position or that we will be able to successfully anticipate or adapt to changing technology, industry standards or customer requirements on a timely basis.

 

22


Table of Contents

Our products contain third-party, open-source software and failure to comply with the terms of the underlying open-source software licenses could restrict our ability to sell our products or otherwise result in claims of infringement.

Our products are distributed with software programs licensed to us by third-party authors under “open-source” licenses, which may include the GNU General Public License (GPL), the GNU Lesser Public License (LGPL), the BSD License and the Apache License. These open-source software programs include, without limitation, Linux, Apache, Openssl, IPTables, Tcpdump, Postfix, Cyrus, Perl, Squid and Snort. These third-party, open-source programs are typically licensed to us for no fee and the underlying license agreements generally require us to make available to users the source code for such programs, as well as the source code for any modifications or derivative works we create based on these third-party, open-source software programs.

We do not believe that we have created any modifications or derivative works to, an extended version of, or works based on, any open-source software programs referenced above. We include instructions to users on how to obtain copies of the relevant open-source code and licenses.

We do not provide end users a copy of the source code to our proprietary software because we believe that the manner in which our proprietary software is aligned or communicates with the relevant open-source programs does not create a modification, derivative work or extended version of, or a work based on, that open-source program requiring the distribution of our proprietary source code.

Our ability to commercialize our products by incorporating third-party, open-source software may be restricted because, among other reasons:

 

   

the terms of open-source license agreements are unclear and subject to varying interpretations, which could result in unforeseen obligations regarding our proprietary products or claims of infringement;

 

   

it may be difficult to determine the developers of open-source software and whether such licensed software infringes another party’s intellectual property rights;

 

   

competitors will have greater access to information by obtaining these open source products, which may help them develop competitive products; and

 

   

open-source software potentially increases customer support costs because licensees can modify the software and potentially introduce errors.

We must continue to attract and retain highly skilled technical personnel for our research and development department.

The market for highly skilled technicians in Europe, Asia, Australia and the United States is highly competitive. If we fail to attract, train, assimilate and retain qualified technical personnel for our research and development department, we will experience delays in introductions of new or modified products, loss of clients and market share and a reduction in revenue.

We cannot be certain that our research and development activities will be successful.

While management is committed to enhancing our current product offerings and introducing new products, we cannot be certain that our research and development activities will be successful. Furthermore, we may not have sufficient financial resources to identify and develop new technologies and bring new products to market in a timely and cost effective manner, and we cannot ensure that any such products will be commercially successful if and when they are introduced.

 

23


Table of Contents

We depend significantly upon our proprietary technology and intellectual property and the failure to protect our proprietary rights could require us to redesign our products or require us to enter into royalty or licensing agreements, any of which could reduce revenue and increase our operating costs.

We currently rely on a combination of patent, copyright and trademark laws, trade secrets, confidentiality agreements and contractual provisions to protect our proprietary rights. We seek to protect our software, documentation and other written materials under trade secret and copyright laws, which afford only limited protection, and generally enter into confidentiality and nondisclosure agreements with our employees and with key vendors and suppliers.

There has been substantial litigation in the technology industry regarding intellectual property rights, and we may have to litigate to protect our proprietary technology.

We expect that companies in the computer and information security market will increasingly be subject to infringement claims as the number of products and competitors increases. Any such claims or litigation may be time-consuming and costly, cause product shipment delays, require us to redesign our products or require us to enter into royalty or licensing agreements, any of which could reduce revenue and increase our operating costs.

Our patents may not provide us with competitive advantages.

We hold several patents in the United States and in other countries, which cover multiple aspects of our technology. The majority of our patents cover the DIGIPASS product line. These patents expire between 2014 and 2027. In addition to the issued patents, we also have several patents pending in the United States, Europe and other countries. There can be no assurance that we will continue to develop proprietary products or technologies that are patentable, that any issued patent will provide us with any competitive advantages or will not be challenged by third parties, or that patents of others will not hinder our competitive advantage. Although certain of our security token technologies are patented, there are other organizations that offer token-type password generators incorporating challenge-response or response-only approaches that employ different technological solutions and compete with us for market share.

We are subject to warranty and product liability risks.

A malfunction of or design defect in our products which results in a breach of a customer’s data security could result in tort or warranty claims against us. We seek to reduce the risk of these losses by attempting to negotiate warranty disclaimers and liability limitation clauses in our sales agreements. However, these measures may ultimately prove ineffective in limiting our liability for damages. We do not presently maintain product liability insurance for these types of claims.

In addition to any monetary liability for the failure of our products, an actual or perceived breach of network or data security at one of our customers could adversely affect the market’s perception of us and our products, and could have an adverse effect on our reputation and the demand for our products. Similarly, an actual or perceived breach of network or data security within our own systems could damage our reputation and have an adverse effect on the demand for our products.

There is significant government regulation of technology exports and to the extent we cannot meet the requirements of the regulations we may be prohibited from exporting some of our products, which could negatively impact our revenue.

Our international sales and operations are subject to risks such as the imposition of government controls, new or changed export license requirements, restrictions on the export of critical technology, trade restrictions and changes in tariffs. If we become unable to obtain foreign regulatory approvals on a timely basis our business in those countries would no longer exist and our revenue would decrease dramatically. Certain of our products are subject to export controls under U.S. law. The list of products and countries for which export approval is required, and the regulatory policies with respect thereto may be revised from time to time and our inability to obtain required approvals under these regulations could materially and adversely affect our ability to make international sales.

 

24


Table of Contents

We employ cryptographic technology in our authentication products that uses complex mathematical formulations to establish network security systems.

Many of our products are based on cryptographic technology. With cryptographic technology, a user is given a key that is required to encrypt and decode messages. The security afforded by this technology depends on the integrity of a user’s key and in part on the application of algorithms, which are advanced mathematical factoring equations. These codes may eventually be broken or become subject to government regulation regarding their use, which would render our technology and products less effective. The occurrence of any one of the following could result in a decline in demand for our technology and products:

 

   

Any significant advance in techniques for attacking cryptographic systems, including the development of an easy factoring method or faster, more powerful computers;

 

   

Publicity of the successful decoding of cryptographic messages or the misappropriation of keys; and

 

   

Increased government regulation limiting the use, scope or strength of cryptography.

Risks Related to International Operations

We face a number of risks associated with our international operations, any or all of which could result in a disruption in our business and a decrease in our revenue.

In 2010, approximately 91% of our revenue and approximately 82% of our operating expenses were generated/incurred outside of the U.S. In 2009, approximately 93% of our revenue and approximately 83% of our operating expenses were generated/incurred outside of the U.S. A severe economic decline in any of our major foreign markets could adversely affect our results of operations and financial condition.

In addition to exposures to changes in the economic conditions of our major foreign markets, we are subject to a number of risks any or all of which could result in a disruption in our business and a decrease in our revenue. These include:

 

   

Inconsistent regulations and unexpected changes in regulatory requirements;

 

   

Export controls relating to our technology;

 

   

Difficulties and costs of staffing and managing international operations;

 

   

Potentially adverse tax consequences;

 

   

Wage and price controls;

 

   

Uncertain protection for intellectual property rights;

 

   

Imposition of trade barriers;

 

   

Differing technology standards;

 

   

Uncertain demand for electronic commerce;

 

   

Linguistic and cultural differences;

 

   

Political instability; and

 

   

Social unrest.

We are subject to foreign exchange risks, and improper management of that risk could result in large cash losses.

Because a significant number of our principal customers are located outside the United States, we expect that international sales will continue to generate a significant portion of our total revenue. We are subject

 

25


Table of Contents

to foreign exchange risks because the majority of our costs are denominated in U.S. Dollars, whereas a significant portion of the sales and expenses of our foreign operating subsidiaries are denominated in various foreign currencies. A decrease in the value of any of these foreign currencies relative to the U.S. Dollar could affect the profitability in U.S. Dollars of our products sold in these markets. We do not currently hold forward exchange contracts to exchange foreign currencies for U.S. Dollars to offset currency rate fluctuations.

We must comply with European governmental regulations setting environmental standards.

Our activities in Europe require that we comply with European Union Directives with respect to product quality assurance standards and environmental standards. Directive 2002/95/ec of the European Parliament on the Restriction of the Use of Certain Hazardous Substances in Electrical and Electronic Equipment, known as the RoHS Directive, became effective on July 1, 2006. If we fail to maintain compliance, we may be restricted from selling our products in the European Union and this could adversely affect our results of operations. European Directive 2002/96/EC on waste, electrical and electronic equipment, known as the WEEE Directive, makes manufacturers of electrical and electronic equipment financially responsible for specified collection, recycling, treatment and disposal of past and future covered products. The WEEE Directive became effective on August 13, 2005. We may incur financial responsibility for the collection, recycling, treatment or disposal of products covered under the WEEE Directive. Because the EU member states have not fully implemented the WEEE Directive, the nature and extent of the costs to comply and fees or penalties associated with noncompliance are unknown at this time. Costs to comply with the WEEE Directive and similar future legislation, if applicable, may also include legal and regulatory costs and insurance costs. We may also be required to take additional reserves for costs associated with compliance with these regulations.

We or our suppliers may be impacted by new regulations related to climate change.

In addition to the European environmental regulations noted above, we or our suppliers may become subject to new laws enacted with regards to climate change. In the event that new laws are enacted or current laws are modified in countries in which we or our suppliers operate, our flow of product may be impacted and/or the costs of handling the potential waste associated with our products may increase dramatically, either of which could result in a significant negative impact on our ability to operate or operate profitably.

U.S. investors may have difficulties in making claims for any breach of their rights as holders of shares because some of our assets and executives are not located in the United States.

Several of our executives and key employees are residents of foreign countries, and a substantial portion of our assets and those of some of our executives and key employees are located in foreign countries. As a result, it may not be possible for investors to effect service of process on those persons located in foreign countries, or to enforce judgments against some of our executives and key employees based upon the securities or other laws of jurisdictions in those foreign countries.

Our business in countries with a history of corruption and transactions with foreign governments increase the risks associated with our international activities.

As we operate and sell internationally, we are subject to the U.S. Foreign Corrupt Practices Act (FCPA), and other laws that prohibit improper payments or offers of payments to foreign governments and their officials and political parties by U.S. and other business entities for the purpose of obtaining or retaining business. We have operations, deal with and make sales to governmental or quasi-governmental customers in countries known to experience corruption, particularly certain countries in the Middle East, Africa, East Asia and South America, and further expansion of our international selling efforts may involve additional regions. Our activities in these countries create the risk of unauthorized payments or offers of payments by one of our employees, consultants, sales agents or channel partners that could be in violation of various laws, including the FCPA and the U.K. Bribery Act, even though these parties are not always subject to our control. Violations of the FCPA may result in severe criminal or civil sanctions, including suspension or debarment from U.S. government contracting, and we may be subject to other liabilities, which could negatively affect our business, operating

 

26


Table of Contents

results and financial condition. Violations of the U.K. Bribery Act may result in severe criminal or civil sanctions and we may be subject to other liabilities which could negatively affect our business operating results and financial condition.

Item 1B - Unresolved Staff Comments

None.

Item 2 - Properties

Our corporate headquarters is located in Oakbrook Terrace, Illinois, and our U.S. sales office is currently located in Westborough, Massachusetts, but will be relocated to Marlborough, Massachusetts in 2011.

Our international headquarters is in Zurich, Switzerland. Our European operational headquarters is located in a suburb of Brussels, Belgium. We also conduct sales and marketing, research and development and customer support activities from our Belgian office. Our logistics facility is located in Mollem, Belgium. We also have a sales and research and development facility in the Netherlands; as well as operations facilities in Mechelen, Belgium. We also have research and development facilities in Bordeaux, France and Vienna, Austria.

We occupy two locations in Australia. In Brisbane, we have an administrative and research and development facility. Our Australian sales office is located in Sydney.

In the Asia/Pacific region we currently have sales offices in Singapore and Tokyo, Japan as well as a liaison office in Shanghai, China.

We also have sales offices in Mumbai, India, Sao Paulo, Brazil, Bahrain, and the U.K. and conduct sales activities through liaison offices and agents in Germany, Turkey, Russia, China, Mexico and Colombia.

All of our properties are leased and we believe that these facilities are adequate for our present growth plans.

Item 3 - Legal Proceedings

We are from time to time involved in litigation incidental to the conduct of our business. We are not currently a party to any lawsuit or proceeding which, in the opinion of management, is likely to have a material adverse effect on our business, financial condition or results of operations.

Item 4 - Reserved

 

27


Table of Contents

PART II

Item 5 - Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities

Our common stock, par value $0.001 per share, trades on the NASDAQ Capital Market under the symbol VDSI.

The following table sets forth the range of high and low prices of our common stock on the NASDAQ Capital Market for the past two years.

 

2010

   High      Low  

Fourth quarter

   $ 9.00       $ 6.12   

Third quarter

     6.83         5.76   

Second quarter

     8.36         5.82   

First quarter

     8.98         6.20   

2009

             

Fourth quarter

   $ 7.98       $ 5.83   

Third quarter

     8.97         6.95   

Second quarter

     8.37         5.65   

First quarter

     10.60         3.85   

On February 28, 2011, there were 75 registered holders and approximately 12,900 street name holders of the company’s common stock.

We have not paid any dividends on our common stock since incorporation. The declaration and payment of dividends will be at the sole discretion of the Board of Directors and subject to certain limitations under the General Corporation Law of the State of Delaware. The timing, amount and form of dividends, if any, will depend, among other things, on the company’s results of operations, financial condition, cash requirements, plans for expansion and other factors deemed relevant by the Board of Directors. The company intends to retain any future earnings for use in its business and therefore does not anticipate paying any cash dividends in the foreseeable future.

Recent Sales of Unregistered Securities

None

Issuer Purchases of Equity Securities

None

 

28


Table of Contents

Stock Performance Graph

The Stock Performance Graph below compares the cumulative total return through December 31, 2010, assuming reinvestment of dividends, by an investor who invested $100.00 on December 31, 2005, in each of (i) our common stock, (ii) the Russell 2000 index, (iii) the Standard Industrial Code Index 3577 – Computer Peripheral Equipment, NEC and (iv) a comparable industry (the peer group) index selected by the company. The peer group for this purpose consists of: Art Technology Group Inc., Aruba Networks Inc., AuthenTec, Inc., Blue Coat Systems, Inc., CommVault Systems, Inc., F5 Networks, Inc., Fortinet, Inc., Guidance Software, Inc., OPTNET Technologies, Inc. Sourcefire, Inc. and Websense, Inc. The stock price performance shown on the graph below is not necessarily indicative of future price performance.

LOGO

 

     Dec-05      Dec-06      Dec-07      Dec-08      Dec-09      Dec-10  

VASCO Data Security International, Inc.

     100.00         120.18         283.15         104.74         63.67         82.43   

Russell 2000 Index

     100.00         118.35         116.52         77.14         98.11         124.45   

3577—Computer Peripheral Equipment, NEC

     100.00         117.93         105.34         45.64         68.99         86.15   

Peer Group

     100.00         101.43         97.60         53.64         120.24         218.47   

 

29


Table of Contents

Item 6 - Selected Financial Data (in thousands, except per share data)

 

     Year ended December 31,  
     2010      2009      2008      2007      2006  
                                 (a)  

Statements of Operations Data:

              

Revenue

   $ 107,963       $ 101,695       $ 132,977       $ 119,980       $ 76,062   

Operating income from continuing operations

     12,390         12,643         28,137         30,893         18,942   

Net income from continuing operations

     10,806         11,862         24,291         20,963         12,587   

Net income available to common stockholders

     10,806         11,862         24,291         20,963         12,587   

Diluted income from continuing operations per common share

   $ 0.28       $ 0.31       $ 0.64       $ 0.55       $ 0.33   

Balance Sheet Data:

              

Cash and equivalents

   $ 85,533       $ 67,601       $ 57,714       $ 38,833       $ 14,768   

Working capital

     96,889         87,632         75,930         52,438         22,058   

Total assets

     142,941         132,724         127,950         100,676         62,646   

Long term obligations

     683         1,095         2,694         2,658         1,178   

Total stockholders’ equity

     116,493         108,376         95,284         71,539         42,206   

Cash dividends declared per common share

     —           —           —           —           —     

 

(a) Includes the results of Logico Smartcard Solutions GmbH, acquired May 11, 2006, and Able NV, acquired October 25, 2006.

 

30


Table of Contents

Item 7 - Management’s Discussion and Analysis of Financial Condition and Results of Operations

(in thousands, except head count, ratios, time periods and percents)

Unless otherwise noted, references in this Annual Report on Form 10-K to “VASCO”, “company”, “we”, “our”, and “us” refer to VASCO Data Security International, Inc. and its subsidiaries.

Cautionary Note Regarding Forward-Looking Statements

This Annual Report on Form 10-K, including Management’s Discussion and Analysis of Financial Condition and Results of Operations and Quantitative and Qualitative Disclosures About Market Risk contains forward-looking statements within the meaning of Section 21E of the Exchange Act of 1934 and Section 27A of the Securities Act concerning, among other things, the prospects of, and developments and business strategies for, VASCO and our operations, including the development and marketing of certain new products and services and the anticipated future growth in certain markets in which we currently market and sell our products and services or anticipate selling and marketing our products and services in the future. These forward-looking statements (1) are identified by use of terms and phrases such as “expect”, “believe”, “will”, “anticipate”, “emerging”, “intend”, “plan”, “could”, “may”, “estimate”, “should”, “objective”, “goal”, “possible”, “potential” and similar words and expressions, but such words and phrases are not the exclusive means of identifying them, and (2) are subject to risks and uncertainties and represent our present expectations or beliefs concerning future events. VASCO cautions that the forward-looking statements are qualified by important factors that could cause actual results to differ materially from those in the forward-looking statements. These risks, uncertainties and other factors have been described in greater detail in this Annual Report on Form 10-K and include, but are not limited to, (a) risks of general market conditions, including currency fluctuations and the unprecedented uncertainties resulting from the current turmoil in world economic and financial markets, (b) risks inherent to the computer and network security industry, including rapidly changing technology, evolving industry standards, increasing numbers of patent infringement claims, changes in customer requirements, price competitive bidding, and changing government regulations, and (c) risks specific to VASCO, including, demand for our products and services, competition from more established firms and others, pressures on price levels and our historical dependence on relatively few products, certain suppliers and certain key customers. Thus, the results that we actually achieve may differ materially from any anticipated results included in, or implied by these statements.

General

The following discussion is based upon our consolidated results of operations for the years ended December 31, 2010, 2009 and 2008 (percentages in the discussion are rounded to the closest full percentage point) and should be read in conjunction with our consolidated financial statements included elsewhere in this Annual Report on Form 10-K.

We design, develop, market and support open standards-based hardware and software security systems that manage and secure access to information assets. We also design, develop, market and support patented strong user authentication products and services for e-business and e-commerce. Our products enable secure financial transactions to be made over private enterprise networks and public networks, such as the Internet. Our strong user authentication is delivered via our hardware and software DIGIPASS security products (collectively DIGIPASSES), most of which incorporate an electronic signature capability, which further protects the integrity of electronic transactions and data transmissions. Some of our DIGIPASSES are compliant with the Europay MasterCard Visa (EMV) standard and are compatible with MasterCard’s and VISA’s Chip Authentication Program (CAP). Some of our DIGIPASS units comply with the Initiative for Open Authentication (OATH). As evidenced by our current customer base, our products are purchased by companies and, depending on the business application, are distributed to either their employees or their customers. Those customers may be other businesses or, as an example in the case of Internet banking, our customer banks’ corporate and retail customers.

 

31


Table of Contents

Our target market is any business process that uses some form of electronic interface, particularly the Internet, where the owner of that process is at risk if unauthorized users can gain access to its process and either obtain proprietary information or execute transactions that are not authorized. Our products can not only increase the security associated with accessing the business process, thereby reducing the losses from unauthorized access, but also, in many cases, can reduce the cost of the process itself by automating activities that were previously performed manually.

In the fourth quarter of 2010, we announced the availability of our DPS product offering. DPS is our Cloud-based authentication platform. DPS will enable application hosts to deploy strong two-factor authentication quickly with minimal upfront costs. Users will benefit from the added security of strong two-factor authentication available on an increasing number of Internet sites and applications. We expect those applications to include B2B applications, B2E applications (e.g., employees of companies logging into third party applications operated in the Cloud), and B2C applications. While there were no revenues generated from this product in 2010, we believe DPS has the potential for significant future growth as it will make two-factor authentication more affordable and readily available to users and applications markets.

In January 2011, we completed the DigiNotar Acquisition. The acquisition expands the technological breadth of our product line by expanding our abilities to offer PKI technology throughout the product line. We expect that acquisition will enhance our market position in three areas; (1) as a trusted Internet service provider of PKI certificates, which we expect will improve our ability to penetrate government markets (2) as a licensor of PKI-based products to customers for use in their applications, which we believe will enhance our ability to compete in our traditional business and (3) as a provider of our own PKI-secured applications, such as document signing, registration and storage solutions, which we expect will expand opportunities for us on our services platform. The acquisition of DigiNotar is expected to have a slightly dilutive effect on our earnings in 2011.

Industry Growth: We believe that, while there are no accurate measurements of the total industry’s size, the industry growth rate is increasing and will continue to grow at a significant rate into the foreseeable future. Growth is being driven by new government regulations, growing awareness of the impact of identity theft, and the growth in commerce that is transacted electronically. The issues driving the growth are global issues and the rate of adoption in each country is a function of that country’s culture, the competitive position of businesses operating in those countries, the country’s overall economic conditions and the degree to which businesses and consumers within the country use technology. While industry growth in 2010 was uneven in the various countries in which we operate, we experienced an increase in requests for information and proposals throughout the year and an increase in order intake, especially in the second half of 2010. Based on the strength of the order intake in the second half of 2010 and the continuing strength of our pipeline of potential future orders, we believe the industry will return to more normal growth in 2011.

Economic Conditions: Our revenue may vary significantly with changes in the economic conditions in the countries in which we currently sell products. With our current concentration of revenue in Europe and specifically in the banking/finance vertical market, significant changes in the economic outlook for the European banking market may have a significant effect on our revenue.

Starting in the fourth quarter of 2009, we received an increase in the number of requests for information and requests for proposals. That increase in activity started to manifest itself into a strong order flow in the second half of 2010. As a result of the increase in orders, we realized a sequential increase in revenue in the third quarter of 2010 compared to the second quarter of 2010, which was unusual given the seasonality of our business, another sequential increase in revenue in the fourth quarter of 2010 compared to the third quarter of 2010, which we generally expect given the seasonality of our business, and a strong backlog of orders for delivery in 2011 and beyond. Also, with the apparent abatement of the difficult economic conditions in the fourth quarter of 2009 in many of the countries in which we operate, we initiated a plan to hire staff to support new product development, support new sales initiatives and mitigate risk while strengthening our position in existing markets. These actions continued throughout 2010 and resulted in lower operating income as a percentage of

 

32


Table of Contents

revenue in 2010. These actions are also expected to result in lower operating income as a percentage of revenue in 2011, but we believe that these actions allowed us to strengthen our overall market position and are expected to result in higher revenue and higher operating income in future years.

Currency Fluctuations. In 2010, approximately 91% of our revenue and approximately 82% of our operating expenses were generated/incurred outside of the U.S. In 2009, approximately 93% of our revenue and approximately 83% of our operating expenses were generated/incurred outside of the U.S. As a result, changes in currency exchange rates, especially the Euro to U.S. Dollar, can have a significant impact on revenue and expenses. To minimize the net impact of currency on operating earnings, we attempt to denominate an amount of billings in a currency such that it would provide a hedge against the operating expenses being incurred in that currency. If our revenue in Europe grows, however, we do not expect that we will be able to balance fully the exposures of currency exchange rates on revenue and operating expenses. In periods in which the U.S. Dollar is weakening, we expect that our operating income will increase as a result of the change in currency exchange rates. Conversely, in periods in which the U.S. Dollar is strengthening, we expect that our operating income will decrease as a result of the change in currency exchange rates.

In 2010 compared to 2009, the U.S. Dollar, on average, strengthened approximately 5% against the Euro and weakened approximately 16% against the Australian Dollar. In 2009 compared to 2008, on average, the U.S. Dollar strengthened approximately 6% against the Euro and approximately 12% against the Australian Dollar. We estimate that the net impact of the change in currency rates in 2010 compared to 2009 resulted in a decrease in revenue of approximately $1,679 and a decrease in operating expenses of $1,792. We also estimate that the change in currency rates in 2009 compared to 2008 resulted in a decrease in revenue of approximately $2,513 and a decrease in operating expenses of approximately $3,100.

The financial position and the results of operations of most of our foreign subsidiaries, with the exception of our subsidiaries in Switzerland and Singapore, are measured using the local currency as the functional currency. Accordingly, assets and liabilities are translated into U.S. Dollars using current exchange rates as of the balance sheet date. Revenues and expenses are translated at average exchange rates prevailing during the year. Translation adjustments arising from differences in exchange rates generated other comprehensive loss of $3,747 in 2010, other comprehensive income of $559 in 2009 and other comprehensive loss of $2,512 in 2008. These amounts are included as a separate component of stockholders’ equity. The functional currency for both our subsidiaries in Switzerland and Singapore is the U.S. Dollar.

Gains and losses resulting from foreign currency transactions are included in the consolidated statements of operations as other non-operating income/expense. In 2010, we reported $225 of foreign exchange transaction losses compared to foreign exchange gains of $835 in 2009 and foreign exchange losses of $580 in 2008.

 

33


Table of Contents

Revenue

Revenue by Geographic Regions: We classify our sales by customers’ location in four geographic regions: 1) EMEA, which includes Europe, the Middle East and Africa; 2) the United States, which for our purposes includes sales in Canada; 3) Asia Pacific; and 4) Other Countries, including Australia, Latin America and Central Asia. The breakdown of revenue in each of our major geographic areas was as follows:

 

Year

   Europe, Middle
East, Africa
(EMEA)
    United
States
    Asia
Pacific
    Other
Countries
    Total  

Total Revenue:

          

2010

   $ 72,694      $ 9,912      $ 10,860      $ 14,497      $ 107,963   

2009

     72,833        7,376        9,492        11,994        101,695   

2008

     89,511        7,783        10,116        25,567        132,977   

Percent of Total:

          

2010

     67     9     10     14     100

2009

     72     7     9     12     100

2008

     67     6     8     19     100

2010 Compared to 2009

Total revenue in 2010 increased $6,268 or 6% from 2009. The increase in total revenue was primarily attributable to an increase in products sold to the Banking market, both hardware and non-hardware, and an increase in non-hardware products sold to the Enterprise and Application Security market, partially offset by the strengthening of the U.S. dollar as compared to the Euro, as noted above, and a decrease in hardware products sold to the Enterprise and Application Security market. Please see the discussion below under “Revenue by Target Market” for additional information regarding the changes in revenue from the Banking market and the Enterprise and Application Security market.

Revenue generated in EMEA for the full-year 2010 was $139 or less than 1% lower in 2010 than in 2009. The decrease was primarily attributable to a decline of approximately 1% in the Banking market, partially offset by a 2% increase in revenue from the Enterprise and Application Security markets. We estimate that the change in currency rates reduced revenues in EMEA by $2,282 compared to 2009. Had currency exchange rates in 2010 remained unchanged from 2009, revenues in EMEA would have been approximately 3% higher than in full-year 2009.

Revenue generated in United States for the full-year 2010 was $2,536 or 34% higher in 2010 than in 2009. Revenue was approximately 42% higher in the Banking market and 30% higher in the Enterprise and Application Security markets than in full-year 2009. The U.S. market continues to defer the adoption of two factor authentication for retail Internet banking applications.

Revenue generated in Asia Pacific for the full-year 2010 was $1,368 or 14% higher in 2010 than in 2009. Revenue was approximately 25% higher in the Banking market and 26% lower in the Enterprise and Application Security markets than in full-year 2009. The decline in revenue from the Enterprise and Application Security market in Asia Pacific was primarily attributable to large orders shipped in 2009 that were not repeated or replaced by new orders in 2010. We believe the region offers substantial opportunities for future growth as our sales office in Japan, opened in 2007, matures and the two-factor authentication market in China expands.

Revenue generated in other countries for the full-year 2010 was $2,503 or 21% higher in 2010 than in 2009. Revenue in other countries was approximately 23% higher in the Banking market and 12% higher in the Enterprise and Application Security markets. As noted above, the average exchange rate for the U.S. dollar was approximately 16% weaker than the Australian dollar in 2010 compared to 2009 and we estimate that the change

 

34


Table of Contents

in currency rates increased revenues in other countries by $591 compared to 2009. We expect that revenue from other countries will be more volatile than our other regions given the earlier stage of development of the authentication market in those countries. VASCO, however, plans to continue to invest in new markets based on our estimates of the market’s demand for strong user authentication.

Given the relatively small size of the revenue in regions other than EMEA, the results may vary substantially year-to-year on both an absolute and on a percentage basis depending upon the timing of the receipt and delivery of a large new order or the completion of a large rollout. We believe that the variability in results will lessen as we develop a larger base of Banking customers and further develop our distribution channel for the Enterprise and Application Security market.

2009 Compared to 2008

Total revenue in 2009 decreased $31,282 or 24% from 2008. The decrease in total revenue was primarily attributable to a decline in products sold to the Banking market, both hardware and non-hardware, a decline in non-hardware products sold to the Enterprise and Application Security market and the strengthening of the U.S. dollar as compared to the Euro, as noted above, partially offset by an increase in hardware products sold to the Enterprise and Application Security market.

Revenue generated in EMEA for the full-year 2009 was $16,678 or 19% lower in 2009 than in 2008. The decrease was primarily attributable to factors noted above. We estimate that the change in currency rates reduced revenues in EMEA by $2,116 compared to 2008. Including the impact of currency, revenues were approximately 25% lower in the Banking market and 11% higher in the Enterprise and Application Security market than in full-year 2008.

Revenue generated in United States for the full-year 2009 was $407 or 5% lower in 2009 than in 2008. Revenue was approximately 31% lower in the Banking market and 23% higher in the Enterprise and Application Security markets than in full-year 2008. The results in the U.S. also reflect strong competition from our competitors, especially in the Enterprise and Application Security market.

Revenue generated in Asia Pacific for the full-year 2009 was $624 or 6% lower in 2009 than in 2008. Revenue was approximately 7% and 1% lower in the Banking and Enterprise and Application Security markets, respectively, than in full-year 2008.

Revenue generated in other countries for the full-year 2009 was $13,573 or 53% lower in 2009 than in 2008. This decrease in other countries was primarily due to declines in South American Banking markets where the initial deployments with large banking customers were completed in 2008. We estimate that the change in currency rates reduced revenues in other countries by $396 compared to 2008.

 

35


Table of Contents

Revenue by Target Market: Revenue is generated currently from two primary markets, (1) Banking and (2) Enterprise and Application Security, through the use of both direct and indirect sales channels. The Enterprise and Application Security market includes products used by employees of corporations to secure their internal networks (the enterprise security market) and various forms of e-commerce such as business-to-business, business-to-consumer, e-government, e-gaming and other vertical applications (the application security market) that are not related to banking or finance. In addition, revenues from services-related activities, such as maintenance and support are included in the Enterprise and Application Security markets. Management currently views the Enterprise and Application Security market as one market because the same products are sold, through the same channels to both customer groups. Sales to the Enterprise and Application Security market are generally for smaller quantities and higher prices than sales made to the Banking market. The breakdown of revenue between the two primary markets is as follows:

 

Year

   Banking     Enterprise &
Application
Security
    Total  

Total Revenue:

      

2010

   $ 79,757      $ 28,206      $ 107,963   

2009

     74,891        26,804        101,695   

2008

     108,935        24,042        132,977   

Percent of Total:

      

2010

     74     26     100

2009

     74     26     100

2008

     82     18     100

2010 Compared to 2009

Revenue for the full year 2010 from the Banking market increased $4,866 or 6% from 2009 and revenue from the Enterprise and Application Security market increased $1,402 or 5% in the same period.

The increase in the Banking market reflects an increase in products sold, both hardware and non-hardware, partially offset by the strengthening of the U.S. Dollar as compared to the Euro, as previously noted. We believe that banks in many, but not all, of our markets have recovered from the financial crisis. In the fourth quarter of 2009 banks began issuing requests for information and proposals for new projects and placed larger orders for delivery in the quarter, in part we believe to spend remaining budgets for 2009 and in part reflecting a return to a more normal level of business. Throughout 2010, we have seen a sustained increase in the volume of requests for information and proposals. Those requests for information and proposals also reflected an increase in quantities, which we believe indicates that the banks are returning to the business practices they followed prior to the onset of the financial crisis. In the second half of 2010, we also saw a significant increase in orders from banks, some of which was reflected in the sequential quarterly growth of our revenue in the third and fourth quarters of 2010, but also in our backlog of orders for delivery in 2011 and beyond.

The increase in the Enterprise and Application Security market was primarily attributable to an increase in non-hardware revenue partially offset by a decline in the number of products shipped and the strengthening of the U.S. Dollar as compared to the Euro. We believe that the decline in products shipped reflects the fact that we had strong growth in 2009 from new application markets, such as gaming, that was not fully sustained or replaced by sales into other application markets in 2010. We also believe that we needed to contact our distribution channel more often, provide more training and provide other forms of increased support to make the channel more effective in selling our products. As a result, we made additional investments in sales staff, training programs and marketing programs in 2010. We expect that we will see the benefits of the increased investments made in 2010 in the form of increased revenues in 2011.

 

36


Table of Contents

2009 Compared to 2008

Revenue for the full year 2009 from the Banking market decreased $34,044 or 31% from 2008 and revenue from the Enterprise and Application Security market increased $2,762 or 11% in the same period.

The decline in the Banking market reflects a decline in products sold, both hardware and non-hardware, and the strengthening of the U.S. Dollar as compared to the Euro, as previously noted. We believe that banks in many, but not all, of our markets were affected by the financial crisis. As a result, during the first three quarters of 2009, we believe that bank management teams increased their focus on short-term objectives while their internal structures were being realigned based on new ownership or new government rules. Also, given the worldwide recession, we believe that many banks were postponing marketing campaigns and related large-scale deployments of our products until a time when such marketing campaigns were expected to yield a higher return. For several consecutive quarters the banks placed smaller orders, which we believe was done primarily to meet their short-term needs. In the fourth quarter of 2009, however, the banks began issuing requests for information and proposals for new projects and placed larger orders for delivery in the quarter, in part we believe to spend remaining budgets for 2009 and in part reflecting a return to a more normal level of business.

The increase in the Enterprise and Application Security market was primarily attributable to an increase in the number of products shipped partially offset by the strengthening of the U.S. Dollar as compared to the Euro. We believe that the growth in products shipped reflects the benefits resulting from a number of investments that we made over the last several years to improve our competitive position, including investments in new products, training for the channel and the addition of new distributors to our channel. The increase in revenues from the Enterprise and Application Security market also reflects the penetration of new vertical markets, such as on-line gaming.

Gross Profit and Operating Expenses

The following table sets forth, for the periods indicated, certain consolidated financial data as a percentage of revenue for the years ended December 31, 2010, 2009 and 2008.

 

     Percentage of Revenue Year
Ended December 31,
 
       2010         2009         2008    

Revenue

     100.0     100.0     100.0

Cost of goods sold

     29.6        30.0        30.8   
                        

Gross profit

     70.4        70.0        69.2   

Operating costs

      

Sales and marketing

     28.7        29.8        26.6   

Research and development

     12.6        11.4        8.7   

General and administrative

     17.2        15.9        12.2   

Amortization of purchased intangible assets

     0.4        0.4        0.5   
                        

Total operating costs

     58.9        57.5        48.0   
                        

Operating income

     11.5        12.5        21.2   

Interest income, net

     0.3        0.5        0.7   

Other income (expense), net

     0.6        2.1        (0.2
                        

Income before income taxes

     12.4        15.1        21.7   

Provision for income taxes

     2.4        3.4        3.4   
                        

Net income

     10.0        11.7        18.3   
                        

 

37


Table of Contents

Gross Profit

2010 Compared to 2009

Consolidated gross profit for 2010 was $75,966, an increase of $4,806, or 7%, from the $71,160 reported for 2009. Gross profit as a percentage of revenue (“gross profit margin”) was 70% in both 2010 and 2009. While the gross profit margin was relatively constant for full year 2010 compared to full year 2009, we did experience pricing pressures across our product line that reduced our gross profit margin that were offset by changes in the mix of products sold. In 2010, card readers, as a percentage of total revenue declined from approximately 18% in 2009 to 13% in 2010 and non-hardware revenue, as a percentage of total revenue, increased from approximately 23% in 2009 to 25% of revenue in 2010.

Card readers generally have a gross profit margin that is approximately 25 to 35 percentage points lower than other hardware-related margins due to competitive pricing pressures. There are a number of competitors in the EMV market that produce card reader products with fewer features at a lower cost than our products. We expect that the card reader market will continue to be highly competitive.

Non-hardware revenue can have a gross profit margin that is approximately 20 to 30 percentage points higher than hardware-related revenue, depending on the model and quantity of the hardware units sold. We plan to continue to focus on sales of our non-hardware revenue items and expect that they will increase as a percentage of our total revenue in future periods.

Other factors that typically influence our gross profit margins include the mix of business between the Banking and Enterprise and Application Security markets and the impact of the change in exchange rates. Neither factor had a material impact on the comparison of gross profit margins in 2010 compared to 2009.

Revenue from our Enterprise and Application Security markets was 26% of total revenue in both 2010 and in 2009. The gross profit margin from our Enterprise and Application Security Business is approximately 20 to 25 percentage points higher than in the Banking market because sales in the Enterprise and Application Security market are generally for lower quantities and higher prices than in the Banking market. We plan to continue to invest in both the Banking market and the Enterprise and Application Security market and the overall mix between the two markets will vary in the future based on the growth rates in each of the markets.

Changes in currency exchange rates can impact our gross profit margins as well. The majority of our inventory purchases are denominated in U.S. Dollars. As previously noted, our sales are denominated in various currencies, including the Euro and Australian Dollar. As the U.S. Dollar strengthened in 2010 when compared to the Euro in 2009 and weakened in 2010 when compared to the Australian Dollar in 2009, revenue as measured in U.S. Dollars decreased from sales made in Euros and increased from sales made in Australian Dollars, without a corresponding decrease in cost of goods sold. The impact from changes in currency rates, as noted above, is estimated to have decreased revenue by approximately $1,679 for the full year 2010. Had the currency rates in 2010 been equal to the rates in 2009, the gross profit margin would have been approximately 0.5 percentage points higher for the year ended December 31, 2010.

2009 Compared to 2008

Consolidated gross profit for 2009 was $71,160, a decrease of $20,810, or 23%, from the $91,970 reported for 2008. Gross profit as a percentage of revenue (“gross profit margin”) was 70% in 2009, as compared to 69% in 2008. The increase in the gross profit margin primarily reflects the benefit from:

 

   

An impairment charge in 2008 of $1,276 million related to development costs of a project that did not result in revenues as expected and a benefit of $390 in 2009 from the release of warranty reserves that were determined to no longer be needed; and

 

   

An increase in Enterprise and Application Security revenues as a percentage of total revenues;

 

38


Table of Contents

partially offset by the:

 

   

Impact from the strengthening of the U.S. Dollar compared to the Euro and Australian Dollar;

 

   

Reduction in non-hardware sales as a percentage of revenue; and

 

   

An increase in sales of card readers as a percentage of total revenue.

The impairment charge in 2008 reduced the gross profit margin by 1.0 percentage point.

Revenue from our Enterprise and Application Security markets was 26% of revenue of total full year 2009 compared to 18% of revenue for full year 2008. The gross profit margin from our Enterprise and Application Security Business is approximately 20 to 25 percentage points higher than in the Banking market because sales in the Enterprise and Application Security market are generally for lower quantities and higher prices than in the Banking market.

The majority of our inventory purchases are denominated in U.S. Dollars. Also, as previously noted, our sales are denominated in various currencies including the Euro and Australian Dollar. As the U.S. Dollar has strengthened, when compared to the Euro and Australian Dollar in the same periods in the prior year, revenue from sales made in Euros and Australian Dollars decreased, as measured in U.S. Dollars, without a corresponding decrease in cost of goods sold. The impact from changes in currency rates as noted above is estimated to have decreased revenue by approximately $2,513 for the full year 2009. Had the currency rates in 2009 been equal to the rates in 2008, the gross profit rate would have been approximately 0.7 percentage points higher for the year ended December 31, 2009.

Non-hardware revenue, which can have a gross profit margin that is approximately 20 to 30 percentage points higher than hardware-related revenue, depending on the model and quantity of the hardware units sold was 23% of revenue for the full year 2009 compared to 25% of total revenue for the full year 2008.

Card readers, which can have a gross profit margin that is approximately 25 to 35 percentage points lower than other hardware-related margins, due to competitive pricing pressures, were 18% of our revenues for the full year 2009 compared to 17% for the full year 2008.

Operating Expenses

Our operating expenses are generally based on anticipated revenue levels and the majority of such expenses are fixed over short periods of time. As a result, small variations in the amount of revenue recognized in any given quarter could cause significant variations in the quarter-to-quarter comparisons of either the absolute amounts of operating income or operating income as a percentage of revenue.

The most significant factor driving our operating expenses is our headcount. Direct compensation and benefit plan expenses generally represent between 55% and 60% of our operating expenses. In addition, a number of other expense categories are directly related to headcount. In 2009, we implemented a cost containment initiative that resulted in a decrease of staff from 310 at December 31, 2008 to 294 at December 31, 2009. In the fourth quarter of 2009, with the increase in requests for information and proposals, we began to invest in our business by adding staff in critical areas. As a result, our headcount increased from 294 at December 31, 2009 to 342 at December 31, 2010, an increase of 48 persons or 16%. Our average headcount for the full year 2010 was 18 persons or 6% higher than in 2009. For 2011, we expect that additions to headcount will be lower than in 2010, with hiring focused primarily on staff needed for DPS.

In addition to headcount, the comparison of operating expenses in 2010 to 2009 was impacted by adjustments to our non-cash compensation expenses. Non-cash compensation expenses generally relate to stock-based, long-term performance incentives. For the full year of 2010, operating expenses included $1,021 of

 

39


Table of Contents

expense related to stock-based incentive plans compared to a benefit of $309 in 2009 and expense of $3,117 in 2008. In 2010 and 2009 we reversed $721 and $2,002, respectively, of accruals that had been established in prior years for long-term performance incentives where it is no longer likely that the performance targets will be met.

Sales and Marketing Expenses

2010 Compared to 2009

Consolidated sales and marketing expenses for the year ended December 31, 2010 were $31,027, an increase of $728, or 2%, from $30,299 reported for 2009. This increase in sales and marketing expenses is primarily related to:

 

   

higher compensation expenses, in part due to the larger adjustment (reversal) of non-cash compensation expenses in 2009 than in 2010,

 

   

increased marketing costs, and

 

   

increased travel costs,

partially offset by

 

   

the benefit of a stronger U.S. Dollar compared to the Euro,

 

   

lower depreciation expenses, and

 

   

lower costs associated with the use of third party consultants.

We estimate that the strengthening of the U.S. dollar to other currencies, primarily the Euro, reduced sales and marketing expenses by approximately $1,072 in 2010 compared to 2009.

While our average full year headcount was flat in 2010 compared to 2009, our compensation expenses increased as a result of the timing of when staff were added or terminated over the two year period and a reduction in the benefit from the adjustments of the accruals for long-term incentive plans. The average full-time sales, marketing and operations employee headcount was 162 in 2010 compared to 161 in 2009. At year-end 2010, 2009 and 2008, the company employed 170, 156 and 174 sales, marketing and operations employees, respectively.

For 2011, we plan to reduce the rate of hiring in the traditional sales, marketing and operations functions. Additions to our sales and marketing staff in 2011 will primarily be related to DPS. We also plan to increase our marketing expenses to targeted areas in both the traditional business and our new services business that we believe provide substantial growth opportunities.

2009 Compared to 2008

Consolidated sales and marketing expenses for the year ended December 31, 2009 were $30,299, a decrease of $5,053, or 14%, from $35,352 reported for 2008. This decrease in sales and marketing expenses is primarily related to:

 

   

the benefit of a stronger U.S. Dollar compared to the Euro,

 

   

lower compensation expenses,

 

   

lower marketing expenses, and

 

   

lower travel expenses.

We estimate that the strengthening of the U.S. Dollar to other currencies, primarily the Euro and Australian dollar, reduced sales and marketing expenses by approximately $1,730 in 2009 compared to 2008.

 

40


Table of Contents

While our average headcount increased, our compensation expenses declined as a result of the changes in currency rates and the benefit from the reduction of the accruals for long-term incentive plans. The average full-time sales, marketing and operations employee headcount increased 5% to 161 in 2009 from 153 in 2008.

Given the difficult economic environment in 2009, we reduced our spending on marketing activities and travel as part of our cost containment programs.

Research and Development Expenses

2010 Compared to 2009

Consolidated research and development costs for the year ended December 31, 2010 were $13,568, an increase of $1,986, or less than 17%, from the $11,582 reported for 2009. The change in research and development was primarily attributable to increased compensation expenses related to increased headcount, higher non-cash compensation expenses and increased cost of third party consulting expenses, partially offset by the benefit from the changes in currency rates.

The average full-time sales, research and development headcount increased 13% to 105 in 2010 from 93 in 2009. At year-end 2010, 2009 and 2008, the company employed 115, 92 and 89 research and development employees, respectively.

We estimate that the strengthening of the U.S. Dollar to the Euro and the weakening of the U.S. Dollar to the Australian dollar, reduced research and development expenses by approximately $291 in 2010 compared to 2009.

2009 Compared to 2008

Consolidated research and development costs for the year ended December 31, 2009 were $11,582, a decrease of $36, or less than 1%, from the $11,618 reported for 2008. The change in research and development was primarily attributable to increased compensation expenses related to increased headcount, offset by the benefit from the reduction of the accruals for long-term incentive plans and the benefit from the changes in currency rates.

The average full-time sales, research and development headcount increased 18% to 93 in 2009 from 79 in 2008.

We estimate that the strengthening of the U.S. dollar to other currencies, primarily the Euro and Australian dollar, reduced research and development expenses by approximately $838 in 2009 compared to 2008.

General and Administrative Expenses

2010 Compared to 2009

Consolidated general and administrative expenses for the year ended December 31, 2010 were $18,538, an increase of $2,355 or 15%, from the $16,183 reported for 2009. The increase in general and administrative expenses was primarily attributable to increased professional fees and higher cash compensation, non-cash compensation, depreciation and recruiting expenses, partially offset by the benefit from the changes in currency rates and lower provisions for uncollectible accounts receivable.

We estimate that the strengthening of the U.S. dollar to other currencies, primarily the Euro and Australian dollar, reduced general and administrative expenses by approximately $430 in 2010 compared to 2009.

 

41


Table of Contents

The average full-time general and administrative employee headcount increased 13% to 53 in 2010 from 47 in 2009. At year-end 2010, 2009 and 2008, the company employed 57, 46 and 47 general and administrative employees, respectively.

2009 Compared to 2008

Consolidated general and administrative expenses for the year ended December 31, 2009 were $16,183, a decrease of $54 or less than 1%, from the $16,237 reported for 2008. The decrease in general and administrative expenses was primarily attributable to the benefit from the reduction of the accruals for long-term incentive plans, the benefit from the changes in currency rates, lower travel, recruiting and professional fees related to cost containment actions, partially offset by the increased compensation expenses related to increased headcount, increased depreciation related to prior year investments in systems and increased software licensing costs, also related to prior year investments in systems.

We estimate that the strengthening of the U.S. dollar to other currencies, primarily the Euro and Australian dollar, reduced general and administrative expenses by approximately $532 in 2009 compared to 2008.

The average full-time general and administrative employee headcount increased 21% to 47 in 2009 from 39 in 2008.

Amortization Expense

2010 Compared to 2009

Amortization expense for 2010 was $443, a decrease of $10 or 2% from $453 reported for 2009. The decrease was primarily due to the strengthening of the U.S. Dollar versus the Euro.

2009 Compared to 2008

Amortization expense for 2009 was $453, a decrease of $173 or 28% from $626 reported for 2008. The decrease reflected the fact that the amortizable assets related to the acquisition of our Australian subsidiary, Identikey, in 2001 were fully amortized in 2008.

Interest Income, Net

2010 Compared to 2009

Consolidated net interest income was $324 in 2010 compared to $572 in 2009. The decrease in net interest income primarily reflected a decrease in the rate of return on higher average net cash balances. Average net cash balances were $78,263 in 2010, an increase of $13,971 or 22% from $64,292 in 2009. Our return on average net cash balances was 0.4% in 2010 compared to 0.9% in 2009. The reduction in the rate of return reflected the impact of various stimulus packages offered by governments to banks in the regions in which we operate. The stimulus packages effectively reduced the cost of funds to each bank, thereby reducing the interest rate the banks were willing to pay on deposits. We expect that the lower rates of return will continue in 2011.

2009 Compared to 2008

Consolidated net interest income was $572 in 2009 compared to $990 in 2008. The decrease in net interest income primarily reflected a decrease in the rate of return on higher average net cash balances. Average net cash balances were $64,292 in 2009, an increase of $17,324 or 37% from $46,968 in 2008. Our return on average net cash balances was 0.9% in 2009 compared to 2.11% in 2008. The reduction in the rate of return reflected the impact of various stimulus packages offered by governments to banks in the regions in which we operate. The stimulus packages effectively reduced the cost of funds to each bank, thereby reducing the interest rate the banks were willing to pay on deposits.

 

42


Table of Contents

Other Income (Expense), net

2010 Compared to 2009

Other income (expense), net in 2010 primarily included exchange gains (losses) on transactions that are denominated in currencies other than a subsidiary’s functional currency and subsidies received from foreign governments related to increasing trade in other countries. Other income was $698 in 2010 compared to $2,107 in 2009 and reflects a decrease in exchange gains of $1,060 and a decrease in other income of $349. We realized exchange losses of $225 in 2010 compared to exchange gains of $835 in 2009. In 2011, we expect that our other income from government subsidies will decline as government incentives put in place to stimulate the economies in some of the countries in which we operate lapse.

2009 Compared to 2008

Other income (expense), net in 2009 primarily included exchange gains (losses) on transactions that are denominated in currencies other than a subsidiary’s functional currency and subsidies received from foreign governments related to increasing trade in other countries. Other income was $2,107 in 2009 compared to expense of $209 in 2008 and reflects an increase in exchange gains of $1,415 and an increase in other income of $901. We realized exchange gains of $835 in 2009 compared to exchange losses of $580 in 2008.

Income Taxes

2010 Compared to 2009

Income tax expense for 2010 was $2,606, compared to $3,460 in 2009. The effective tax rate in 2010 was 19%, a decrease of 4 percentage points from 23% in 2009. The reduction in the rate in 2010 is primarily attributable to the benefit of discrete items related to the adjustment of prior year’s tax provisions. We expect that our effective tax rate may vary significantly in future years as actual earnings or losses are realized in countries with lower tax rates or with loss carryforwards that have been reserved.

2009 Compared to 2008

Income tax expense for 2009 was $3,460, compared to $4,627 in 2008. The effective tax rate in 2009 was 23%, an increase of 7 percentage points from 16% in 2008. The rate in 2009 reflected the lower level of pretax profit earned in 2009 in tax jurisdictions that either have a lower statutory tax rate or have tax loss carry forwards that have been reserved.

Loss Carryforwards Available

At December 31, 2010, we had U.S. net operating loss (NOL) carryforwards of $21,247 and foreign NOL carryforwards of $4,834. Of these amounts, $19,561 is available to offset future taxable income. The remainder represents tax deductions for employee stock option gains which would be credited to paid-in capital. The U.S. loss carryforwards expire in varying amounts beginning in 2020 and continuing through 2029. The foreign loss carryforwards do not expire.

Such tax loss carryforwards may provide an offset to future tax liabilities. In addition to the reduction in tax liabilities, a reduction in the valuation reserve may be possible if it is more likely than not that we will realize the benefit of the deferred tax asset. The reduction in the reserve would reduce income tax expense in the period it is reduced. See Note 5 to the consolidated financial statements for more information on tax loss carryforwards.

 

43


Table of Contents

Liquidity and Capital Resources

At December 31, 2010, we had net cash balances (total cash, cash equivalents and restricted cash less bank borrowings), totaling $85,533. We had no outstanding term debt or restricted cash at December 31, 2010. During 2010, our bank line of credit expired and we did not renew it. In 2010, 2009 and 2008, we did not borrow against the line of credit.

Cash generated from operating activities was $21,083 during the year ended December 31, 2010. During 2010, we used $1,772 for investing activities, primarily for additions to property and equipment, and provided $3 from financing activities, primarily consisting of proceeds from the exercise of stock options. Capital expenditures were $1,417 for the year ended December 31, 2010.

Cash generated from operating activities was $12,828 during the year ended December 31, 2009. During 2009, we used $2,728 for investing activities, primarily for additions to property and equipment, and provided $119 in financing activities from the exercise of stock options. Capital expenditures were $2,169 for the year ended December 31, 2009.

The net effect of 2010 activity resulted in an increase in net cash of $17,932 and a net cash balance of $85,533 at December 31, 2010, compared to $67,601 at the end of 2009. Our working capital at December 31, 2010 was $96,889, an increase of $9,257 or 11% from $87,632 at December 31, 2009. The change is primarily attributable to the generation of positive cash flow from operations in 2010. Our current ratio was 4.8 to 1.0 at December 31, 2010. We believe that our current cash balances and the anticipated cash generated from operations, including deposits received on orders of DIGIPASS to be delivered in 2011, will be sufficient to meet our anticipated cash needs for the next 12 months.

The net effect of 2009 activity resulted in an increase in net cash of $9,887 and a net cash balance of $67,601 at December 31, 2009, compared to $57,714 at the end of 2008. Our working capital at December 31, 2009 was $87,632, an increase of $11,702 or 15% from $75,930 at December 31, 2008. The change is primarily attributable to the generation of positive cash flow from operations in 2009. Our current ratio was 4.8 to 1.0 at December 31, 2009.

As further described in Note 15 to the financial statements, during January 2011, we acquired DigiNotar for approximately $12.9 million. We funded the acquisition from our existing cash balances.

While we believe that our financial resources are adequate to meet our operating needs over the next twelve months, including the cash acquisition of DigiNotar in 2011, we anticipate that the difficult current economic conditions that exist on a worldwide basis today may require us to modify our business plans. In the current economic environment there is a risk that customers may delay their orders until the economic conditions stabilize or improve further. If a significant number of orders are delayed for an indefinite period of time, our revenue and cash receipts may not be sufficient to meet the operating needs of the business. If this is the case, we may need to significantly reduce our workforce, sell certain of our assets, enter into strategic relationships or business combinations, discontinue some or all of our operations, or take other similar restructuring actions. While we expect that these actions would result in a reduction of recurring costs, they also may result in a reduction of recurring revenue and cash receipts. It is also likely that we would incur substantial non-recurring costs to implement one or more of these restructuring actions. See our “Risks Related to Our Business” in Item 1A, Risk Factors.

Off-Balance Sheet Arrangements

The company has no off-balance sheet arrangements.

 

44


Table of Contents

Contractual Obligations

The company has the following contractual obligations:

 

    Payments due by period  
    Total      Less than
1 year
     1-3
years
     3-5
years
     More than
5 years
 

Operating lease obligations

  $ 13,794       $ 3,092       $ 4,827       $ 3,486       $ 2,389   

Purchase obligations

  $ 25,457         25,457         —           —           —     

Warranty reserve

  $ 61         61         —           —           —     
                                           

Total contractual obligations

  $ 39,312       $ 28,610       $ 4,827       $ 3,486       $ 2,389   
                                           

The company had $470 of unrecognized tax benefits as of both December 31, 2010 and 2009, which have been set aside in a reserve in accordance with ASC 740-10. These amounts are not included in the above table as the timing of payment of such obligations, if any, is not determinable.

Critical Accounting Policies and Estimates

Management’s Discussion and Analysis of Financial Condition and Results of Operations discusses our consolidated financial statements, which have been prepared in accordance with accounting principles generally accepted in the U.S. The preparation of these financial statements requires management to make estimates and assumptions that affect the reported amounts of assets and liabilities and the disclosure of contingent assets and liabilities at the date of the consolidated financial statements and the reported amounts of revenue and expenses during the reporting period.

On an on-going basis, management evaluates its estimates and judgments, including those related to bad debts, net realizable value of inventory and intangible assets. Management bases its estimates and judgments on historical experience and on various other factors that are believed to be reasonable under the circumstances, the results of which form the basis for making judgments about the carrying values of assets and liabilities that are not readily apparent from other sources. Actual results may differ from these estimates under different assumptions or conditions. Management believes the following critical accounting policies, among others, affect its more significant judgments and estimates used in the preparation of its consolidated financial statements.

Revenue Recognition

We recognize revenue in accordance with Financial Accounting Standards Board (FASB) Accounting Standards Codification (ASC) Subtopic 985-605 that addresses the accounting for revenue transactions involving software, as well as Staff Accounting Bulletin 104. Revenue is recognized when there is persuasive evidence that an arrangement exists, delivery has occurred, the fee is fixed or determinable and collection of the revenue is probable.

Hardware Revenue and License Fees: Revenue from the sale of computer security hardware or the license of software is recorded upon shipment or, if an acceptance period is allowed, at the later of shipment or customer acceptance. No significant obligations or contingencies exist with regard to delivery, customer acceptance or rights of return at the time revenue is recognized.

Maintenance and Support Agreements: Maintenance and support agreements generally call for us to provide software updates and technical support, respectively, to customers. Revenue on maintenance and technical support is deferred and recognized ratably over the term of the maintenance and support agreements.

Consulting and Education Services: We provide consulting and education services to our customers. Revenue from such services is recognized during the period in which the services are performed.

 

45


Table of Contents

Multiple-Element Arrangements: We allocate revenue to the various elements of the arrangements based on the estimated fair value of each deliverable, as required by ASC 605-25. The fair value for each element is based on the price charged when that element is sold separately, renewal rates and other methods, such as prices established by management. The estimated fair value of undelivered elements is deferred and recorded as revenue when services are performed or products are delivered.

When tokens and software licenses are included in multiple element arrangements, they are generally delivered elements in such arrangements. When tokens and software are delivered elements, we use the residual method for determining the amount of revenue to recognize for token and software licenses if we have vendor specific objective evidence (VSOE) for all of the undelivered elements. Any discount provided to the customer is applied fully to the delivered elements in such an arrangement. We defer the revenue for tokens and software in any multiple element arrangement where we do not have VSOE for any undelivered element. VSOE of fair value of PCS agreements is based on separate sales transactions on a worldwide basis. In sales arrangements where VSOE of fair value has not been established, revenue for all elements is deferred and amortized over the life of the arrangement.

We recognize revenue from sales to distributors and resellers on the same basis as sales made directly to customers. We recognize revenue when there is persuasive evidence that an arrangement exists, delivery has occurred, the fee is fixed or determinable and collection of the revenue is probable.

For large-volume transactions, we may negotiate a specific price that is based on the number of users of the software license or quantities of hardware supplied. The per unit prices for large-volume transactions are generally lower than transactions for smaller quantities and the price differences are commonly referred to as volume-purchase discounts.

Allowance for Doubtful Accounts

We maintain allowances for doubtful accounts for estimated losses resulting from the inability of our customers to make payments for goods and services. We analyze accounts receivable, customer credit-worthiness, current economic trends and changes in our customer payment terms when evaluating the adequacy of the allowance for doubtful accounts. The allowance is based on a specific review of all significant past-due accounts. If the financial condition of our customers deteriorates, resulting in an impairment of their ability to make payments, additional allowances may be required.

Net Realizable Value of Inventory

We write down inventory where it appears that the carrying cost of the inventory may not be recovered through subsequent sale of the inventory. We analyze the quantity of inventory on hand, the quantity sold in the past year, the anticipated sales volume in the form of sales to new customers as well as sales to previous customers, the expected sales price and the cost of making the sale when evaluating the valuation of our inventory. If the sales volume or sales price of a specific model declines significantly, additional write-downs may be required.

Valuation of Goodwill and Other Intangible Assets and Software Development Costs

Impairment of Long-Lived and Intangible Assets: Definite-lived intangible assets include proprietary technology and other intangible assets. Intangible assets other than patents with definite lives are amortized over the useful life, generally three to seven years for proprietary technology. Patents are amortized over the life of the patent, generally 20 years in the U.S.

Long-lived assets, including property, plant and equipment, definite-lived intangible assets being amortized and capitalized software costs, are reviewed for impairment in accordance with ASC 360-10-25

 

46


Table of Contents

through 35, Property, Plant and Equipment, whenever events or changes in circumstances indicate that the carrying amount of the long-lived asset may not be recoverable. An impairment loss shall be recognized if the carrying amount of a long-lived asset exceeds the sum of the undiscounted cash flows expected to result from the use and eventual disposition of the asset. If it is determined that an impairment loss has occurred, the loss is measured as the amount by which the carrying amount of the long-lived asset exceeds its fair value. Long-lived assets held for sale are reported at the lower of carrying value or fair value less cost to sell.

Goodwill and other Intangible Assets: We account for goodwill and indefinite-lived intangible assets in accordance with ASC 350-20-25 through 35, Intangibles-Goodwill and Other. We assess the impairment of goodwill and intangible assets with indefinite lives each year-end or whenever events or changes in circumstances indicate that the carrying value may not be recoverable. Factors considered important which could trigger an impairment review include significant underperformance relative to expected historical or projected future operating results, significant changes in the manner of our use of the acquired assets or the strategy for our overall business, and significant negative industry or economic trends. Once identified, the amount of the impairment is computed by comparing the carrying value of the assets to the fair value. Fair value for goodwill is determined using our stock price which is a level 1 valuation, as defined by ASC 820-10. Fair value for trademarks is based on discounted estimated future cash flows, which is a level 3 valuation. We have not recognized any impairment for the years ended December 31, 2010, 2009 or 2008 as the fair value of our reporting unit significantly exceeds our carrying amount. Based on the significant excess of fair value over carrying value in the most recent test performed at November 30, 2010, we do not believe we are at risk of failing future impairment testing. However, future decreases in our market value or significant differences in revenue, expenses, or cash flows from estimates used to determine fair value could affect this determination.

Income Taxes:

At December 31, 2010, we had U.S. net operating loss (NOL) carryforwards of $21,247 and foreign NOL carryforwards of $4,834. A portion of such losses are available to offset future taxable income in the respective jurisdictions. ASC 740-10 requires that valuation allowances be established for deferred tax assets if it is more likely than not that the assets will not be realized. We have provided valuation allowances against the entire U.S. NOL and a substantial portion of the foreign NOLs. (See Note 5 to the consolidated financial statements for more information regarding the NOL and valuation allowance.)

Also in accordance with ASC 740-10, we have established a reserve related to tax benefits of uncertain tax positions. We have identified one exposure concerning cost allocations used in the implementation of our worldwide strategy related to the ownership of our intellectual property for which we had a reserve of $470 at both December 31, 2010 and 2009, respectively, each of which is an offset to our U.S. deferred tax asset at the end of each respective period.

Recently Issued Accounting Pronouncements

Software

In October 2009, the FASB issued ASU 2009-14, Software, Certain Revenue Arrangements that Include Software Elements. ASU 2009-14 provides guidance to enable companies to determine if the products they sell should be accounted for as software under ASC 985-605. Arrangements that are no longer defined as software will be accounted for under ASC 605-25, for separating consideration in multiple-deliverable arrangements. Under ASU 2009-14, tangible products containing software components and non-software components that function together to deliver the tangible product’s essential functionality will no longer fall within the scope of ASC 985-605. ASU 2009-14, however, also indicates that the non-software elements of the tangible product must substantively contribute to the tangible product’s essential functionality and should not simply provide a mechanism to deliver the software to the customer. Companies that are affected by ASU 2009-14 are required to provide disclosures that are included within the amendments in ASU 2009-13, a discussion of which follows in this Form 10-K.

 

47


Table of Contents

Revenue Recognition

In October 2009, the FASB issued ASU 2009-13, Revenue Recognition, Multiple-Deliverable Revenue Arrangements. ASU 2009-13 amends the criteria in ASC 605-25 for separating consideration in multiple-deliverable arrangements and is expected to provide companies with the ability to separate deliverables in more circumstances than is allowed under current U.S. GAAP. In addition, the amendments in ASU 2009-13 establish a selling price hierarchy for determining the selling price of a deliverable. The selling price used for each deliverable will be based on vendor-specific objective evidence if available, third-party evidence if vendor-specific objective evidence is not available, or estimated selling price if neither vendor-specific objective evidence or third-party evidence is available. Under this update, the term fair value will be replaced with selling price to clarify that the allocation of revenue is based on entity-specific assumptions rather than assumptions of a marketplace participant.

ASU 2009-13 also eliminates the residual method of allocation and requires that arrangement consideration be allocated at the inception of the arrangement to all deliverables using the relative selling price method. The relative selling price method allocates any discount in the arrangement proportionally to each deliverable on the basis of each deliverable’s selling price.

Both ASU 2009-13 and ASU 2009-14 will be effective prospectively for revenue arrangements entered into or materially modified in fiscal years beginning on or after June 15, 2010. VASCO adopted both Updates effective January 1, 2011. As a result of adoption of the Updates, we expect that:

 

  1. The sales of some of our products will be defined as software sales and we will continue to account for those transactions using ASC 985-605. Sales of some of our other products, however, will no longer qualify as sales of software and will be accounted for under ASC 605-25.

 

  2. For items continuing to be classified as software, we do not expect that the allocation of consideration will be significantly different than is currently the case as we have vendor-specific objective evidence for the most common type of undelivered items, such as maintenance and support. Further, we will continue to use the Residual Method when we have vendor-specific objective evidence of any undelivered elements.

 

  3. For sales of product that no longer qualify as software sales, we will allocate the arrangement consideration among each of the accounting units based on relative selling price of each of the units with any discount on the transaction being split proportionately between delivered and undelivered accounting units. We do not expect that the allocation of purchase price among delivered and undelivered elements to be significantly different than under our current accounting practices because, as noted above, we have vendor-specific objective evidence for the most common type of undelivered items and generally do not provide discounts that will significantly impact the value determined using VSOE.

 

  4. As a result, we do not expect that the impact of adopting ASU 2009-13 and ASU 2009-14 will have a material impact on the amount, pattern or timing of revenue recognized.

From time to time, new accounting pronouncements are issued by the FASB or other standards setting bodies that are adopted by us as of the specified effective date. Unless otherwise discussed, our management believes that the impact of recently issued standards that are not yet effective will not have a material impact on our consolidated financial statements upon adoption.

Item 7A - Quantitative and Qualitative Disclosures about Market Risk (In thousands)

Foreign Currency Exchange Risk – In 2010, approximately 91% of our business was conducted outside the United States, primarily in Europe, Latin America and Asia/Pacific. A significant portion of our business

 

48


Table of Contents

operations is transacted in foreign currencies. As a result, we have exposure to foreign exchange fluctuations. We are affected by both foreign currency translation and transaction adjustments. Translation adjustments result from the conversion of the foreign subsidiaries’ balance sheets and income statements to U.S. Dollars at year-end exchange rates and weighted average exchange rates, respectively. Translation adjustments resulting from this process are recorded directly into stockholders’ equity. Transaction adjustments result from currency exchange movements when one of our companies transacts business in a currency that differs from its local currency. These adjustments are recorded as gains or losses in our statements of operations. Our business transactions are spread across numerous countries and currencies. This geographic diversity reduces the risk to our operating results. As noted in Management’s Discussion and Analysis above, we attempt to minimize the net impact of currency on operating earnings by denominating an amount of billings in a currency such that it would provide a hedge against the operating expenses being incurred in that currency.

Interest Rate Risk – We have minimal interest rate risk. We had no debt outstanding at December 31, 2010. Our cash is invested in short-term instruments at current market rates. If rates were to increase or decrease by one percentage point, the company’s interest income would increase or decrease approximately $855 annually.

Item 8 - Financial Statements and Supplementary Data

The information in response to this item is included in our consolidated financial statements, together with the report thereon of KPMG LLP, appearing on pages F-1 through F-23 of this Form 10-K, and in Item 7 under the heading Management’s Discussion and Analysis of Financial Condition and Results of Operations.

Item 9 - Changes in and Disagreements with Accountants on Accounting and Financial Disclosure

None.

Item 9A - Controls and Procedures

Evaluation of Disclosure Controls and Procedures

Our management, with the participation of our Chief Executive Officer and Chief Financial Officer, who, respectively, are our principal executive officer and principal financial officer, conducted an evaluation of the effectiveness of our disclosure controls and procedures (as defined in Rule 13a-15(e) and Rule 15d-15(e) under the Securities Exchange Act of 1934, as amended (the “Exchange Act”)) as of the end of the fiscal quarter ended December 31, 2010. Based on that evaluation, our Chief Executive Officer and Chief Financial Officer concluded that as of the end of the end of the fiscal quarter ended December 31, 2010, our disclosure controls and procedures were effective to provide assurance that (i) the information required to be disclosed by us in our reports that we file or submit under the Exchange Act is recorded, processed, summarized and reported within the time periods specified in the SEC’s rules and forms, and (ii) information required to be disclosed by us in our reports that we file or submit under the Exchange Act is accumulated and communicated to our management, including our principal executive and principal financial officers, or persons performing similar functions, as appropriate to allow timely decisions regarding required disclosure.

Changes in Internal Controls

There were no changes in the company’s internal control over financial reporting (as defined in Rule 13a-15(f) and 15d-15(f) under the Exchange Act) during the fiscal quarter ended December 31, 2010, that have materially affected, or are reasonably likely to materially affect, the company’s internal control over financial reporting.

 

49


Table of Contents

Management’s Annual Report on Internal Control over Financial Reporting

The management of VASCO Data Security International, Inc. is responsible for establishing and maintaining adequate internal control over financial reporting. Our internal control system was designed to provide reasonable assurance to the company’s management and board of directors regarding the preparation and fair presentation of published financial statements. Internal control over financial reporting is defined in Rule 13a-15(f) or 15d-15(f) promulgated under the Exchange Act as a process designed by, or under the supervision of, the company’s principal executive and principal financial officers and effected by the company’s board of directors, management and other personnel, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles and includes those policies and procedures that:

 

   

Pertain to the maintenance of records that in reasonable detail accurately and fairly reflect the transactions and dispositions of the assets of the company;

 

   

Provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles, and that receipts and expenditures of the company are being made only in accordance with authorizations of management and directors of the company; and

 

   

Provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use or disposition of the company’s assets that could have a material effect on the financial statements.

Our management, including our Chief Executive Officer and Chief Financial Officer, do not expect that our disclosure controls and procedures or internal control over financial reporting will prevent all error and all fraud. While our disclosure controls and procedures and internal control over financial reporting are designed to provide reasonable assurance that their objectives are met, they cannot provide absolute assurance. The design of a control system must reflect the fact that there are resource constraints, and the benefits of controls must be considered relative to their costs. Because of the inherent limitations in all control systems, no evaluation of controls can provide absolute assurance that all control issues within a company are detected. The inherent limitations include the realities that judgments in decision-making can be faulty, and that breakdowns can occur because of simple errors or mistakes. Controls can also be circumvented by the individual acts of some persons, by collusion of two or more people or by management override of the controls. Because of the inherent limitations in a cost-effective control system, misstatements due to error or fraud may occur and may not be detected.

Notwithstanding the limitations noted above, our principal executive officer and principal financial officer have both concluded that our disclosure controls and procedures and internal control over financial reporting were effective at a reasonable level of assurance as of December 31, 2010.

Our management assessed the effectiveness of its internal control over financial reporting as of December 31, 2010. In making this assessment, it used the criteria based on the framework set forth by the Committee of Sponsoring Organizations of the Treadway Commission in Internal Controls – Integrated Framework (COSO). Based on our assessments we believe that, as of December 31, 2010, our internal control over financial reporting is effective based on those criteria.

Our independent registered public accounting firm, KPMG LLP, has issued an audit report on the effectiveness of our internal control over financial reporting. This report appears below.

 

50


Table of Contents

Report of Independent Registered Public Accounting Firm

The Board of Directors and Stockholders

VASCO Data Security International, Inc.:

We have audited VASCO Data Security International, Inc.’s internal control over financial reporting as of December 31, 2010, based on criteria established in Internal Control—Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). VASCO Data Security International, Inc.’s management is responsible for maintaining effective internal control over financial reporting and for its assessment of the effectiveness of internal control over financial reporting, included in the accompanying Management’s Annual Report on Internal Control over Financial Reporting. Our responsibility is to express an opinion on the Company’s internal control over financial reporting based on our audit.

We conducted our audit in accordance with the standards of the Public Company Accounting Oversight Board (United States). Those standards require that we plan and perform the audit to obtain reasonable assurance about whether effective internal control over financial reporting was maintained in all material respects. Our audit included obtaining an understanding of internal control over financial reporting, assessing the risk that a material weakness exists, and testing and evaluating the design and operating effectiveness of internal control based on the assessed risk. Our audit also included performing such other procedures as we considered necessary in the circumstances. We believe that our audit provides a reasonable basis for our opinion.

A company’s internal control over financial reporting is a process designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles. A company’s internal control over financial reporting includes those policies and procedures that (1) pertain to the maintenance of records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the company; (2) provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles, and that receipts and expenditures of the company are being made only in accordance with authorizations of management and directors of the company; and (3) provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use, or disposition of the company’s assets that could have a material effect on the financial statements.

Because of its inherent limitations, internal control over financial reporting may not prevent or detect misstatements. Also, projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions, or that the degree of compliance with the policies or procedures may deteriorate.

In our opinion, VASCO Data Security International, Inc. maintained, in all material respects, effective internal control over financial reporting as of December 31, 2010, based on criteria established in Internal Control—Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission.

We also have audited, in accordance with the standards of the Public Company Accounting Oversight Board (United States), the consolidated balance sheets of VASCO Data Security International, Inc. and subsidiaries as of December 31, 2010 and 2009, and the related consolidated statements of operations, comprehensive income, stockholders’ equity, and cash flows for each of the years in the three-year period ended December 31, 2010, and our report dated March 11, 2011 expressed an unqualified opinion on those consolidated financial statements.

/s/ KPMG LLP

Chicago, Illinois

March 11, 2011

 

51


Table of Contents

Item 9B - Other Information

None.

 

52


Table of Contents

PART III

Item 10 - Directors, Executive Officers and Corporate Governance

All information in response to this Item is incorporated by reference to the “Directors and Executive Officers” and “Section 16(a) Beneficial Ownership Compliance” sections of VASCO’s Proxy Statement for the 2011 Annual Meeting of Stockholders.

Item 11 - Executive Compensation

The information in response to this Item is incorporated by reference to the “Executive Compensation” section of VASCO’s Proxy Statement for the 2011 Annual Meeting of Stockholders.

Item 12 - Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters

The information in response to this Item is incorporated by reference to the “Security Ownership of Certain Beneficial Owners, Directors and Management” section of VASCO’s Proxy Statement for the 2011 Annual Meeting of Stockholders.

Item 13 - Certain Relationships and Related Transactions, and Director Independence

The information in response to this Item is incorporated by reference to the “Directors and Executive Officers” and “Transactions with Related Persons” sections of VASCO’s Proxy Statement for the 2011 Annual Meeting of Stockholders.

Item 14 - Principal Accounting Fees and Services

The information in response to this Item is incorporated by reference to the “Report of the Audit Committee” section of VASCO’s Proxy Statement for the 2011 Annual Meeting of Stockholders.

 

53


Table of Contents

PART IV

Item 15 - Exhibits and Financial Statement Schedules

(a) The following documents are filed as part of this Form 10-K.

(1) The following consolidated financial statements and notes thereto, and the related independent auditors’ report, are included on pages F-1 through F-23 of this Form 10-K:

Report of Independent Registered Public Accounting Firm

Consolidated Balance Sheets as of December 31, 2010 and 2009

Consolidated Statements of Operations for the Years Ended December 31, 2010, 2009 and 2008

Consolidated Statements of Comprehensive Income for the Years Ended December 31, 2010, 2009 and 2008

Consolidated Statements of Stockholders’ Equity for the Years Ended December 31, 2010, 2009 and 2008

Consolidated Statements of Cash Flows for the Years Ended December 31, 2010, 2009 and 2008

Notes to Consolidated Financial Statements

(2) The following consolidated financial statement schedule of the company is included on page F-24 of this Form 10-K:

Schedule II – Valuation and Qualifying Accounts

All other financial statement schedules are omitted because such schedules are not required or the information required has been presented in the aforementioned consolidated financial statements.

(3) The following exhibits are filed with this Form 10-K or incorporated by reference as set forth at the end of the list of exhibits:

 

Exhibit
Number

  

Description

  2.1    IP Purchase Agreement between VASCO Data Security International GmbH and DigiNotar Technologie B.V., DigiNotar Notariaat B.V., DigiNotar B.V., and DigiNotar Holding B.V. dated January 10, 2011. (Incorporated by reference - Form 8K filed January 14, 2011.)
  2.2    Share Sale and Purchase Agreement between VASCO Data Security International GmbH and DigiNotar Holding B.V., DigiNotar B.V., and DigiNotar Notariaat B.V. dated January 10, 2011. (Incorporated by reference - Form 8K filed January 14, 2011.)
  2.3    Agreement between VASCO Data Security International GmbH and D.B.A. ten Burg Holding B.V. and Bosco Holding B.V. dated January 10, 2011. (Incorporated by reference - Form 8K filed January 14, 2011.)
  3.1    Certificate of Incorporation of Registrant, as amended. (Incorporated by reference to the Registrant’s Registration Statement on Form S-4, as amended (Registration No. 333-35563), originally filed on September 12, 1997.)
  3.2    Bylaws of Registrant, as amended and restated December 12, 2007. (Incorporated by reference -Form 8-K filed on December 18, 2007.)

 

54


Table of Contents

Exhibit
Number

  

Description

  4.1    Specimen of Registrant’s Common Stock Certificate. (Incorporated by reference to the Registrant’s Registration Statement on Form S-4, as amended (Registration No. 333-35563), originally filed on September 12, 1997.)
  4.2*    Form of Award Agreement for Stock Option Grant under the VASCO Data Security International, Inc. 1997 Stock Compensation Plan, as Amended and Restated. (Incorporated by reference -Form 10-K filed March 14, 2008.)
  4.3*    Form of Award Agreement for Restricted Shares under the VASCO Data Security International, Inc. 1997 Stock Compensation Plan, as Amended and Restated (time-based vesting) with respect to awards granted on January 9, 2008. (Incorporated by reference - Form 8-K/A filed January 16, 2008.)
  4.4*    Form of Award Agreement for Restricted Shares under the VASCO Data Security International, Inc. 1997 Stock Compensation Plan as Amended and Restated (performance-based vesting) with respect to awards granted on January 9, 2008. (Incorporated by reference - Form 8-K/A filed January 16, 2008.)
  4.5*    Form of Award Agreement for Deferred Stock under the VASCO Data Security International, Inc. 1997 Stock Compensation Plan, as Amended and Restated (performance-based vesting). (Incorporated by reference - Form 10-K filed March 14, 2008.)
  4.6*    Form of Award Agreement for Restricted Shares under the VASCO Data Security International, Inc. 1997 Stock Compensation Plan, as Amended and Restated (time-based vesting) with respect to awards granted on or after January 8, 2009. (Incorporated by reference - Form 8K filed January 14, 2009.)
  4.7*    Form of Award Agreement for Restricted Shares under the VASCO Data Security International, Inc. 1997 Stock Compensation Plan as Amended and Restated (performance-based vesting) with respect to awards granted on or after January 8, 2009. (Incorporated by reference - Form 8-K filed January 14, 2009.)
  4.8*    Form of Option Agreement under the VASCO Data Security International, Inc. 1997 Stock Compensation Plan as Amended and Restated with respect to awards granted prior to January 9, 2008. (Incorporated by reference to the Registrant’s Registration Statement on Form S-4, as amended (Registration No. 333-35563), originally filed with the Securities and Exchange Commission on September 12, 1997.)
  4.9*    Form of Award Agreement for Deferred Stock under the VASCO Data Security International, Inc. 2009 Equity Incentive Plan. (Incorporated by reference - Form 10-K filed March 16, 2010.)
  4.10*    Form of Award Agreement for Restricted Shares under the VASCO Data Security International, Inc. 2009 Equity Incentive Plan. (Incorporated by reference - Form 10-K filed March 16, 2010.)
  4.11*    Form of Award Agreement for Performance Shares under the VASCO Data Security International, Inc. 2009 Equity Incentive Plan with respect to awards granted in 2010. (Incorporated by reference - Form 10-K filed March 16, 2010.)
  4.12*    Form of Award Agreement for Performance Shares under the VASCO Data Security International, Inc. 2009 Equity Incentive Plan with respect to awards granted in 2011. February 15, 2011
10.1*    1997 VASCO Data Security International, Inc. Stock Compensation Plan, as Amended and Restated. (Incorporated by reference to the Registrant’s Definitive Proxy Statement pursuant to Schedule 14A, filed with the SEC on April 30, 1999.)
10.2*    Employment agreement with T. Kendall Hunt. (Incorporated by reference to the Registrant’s Annual Report on Form 10-K, originally filed with the Securities and Exchange Commission on March 31, 2003.)

 

55


Table of Contents

Exhibit
Number

  

Description

10.3*    Employment agreement with Clifford Bown. (Incorporated by reference to the Registrant’s Annual Report on Form 10-K, originally filed with the Securities and Exchange Commission on March 31, 2003.)
10.4    Share Sale and Purchase Agreement by and among VASCO Data Security International, Inc., A.O.S. Holding B.V., Filipan Beheer B.V., Mr. Mladen Filipan and Pijnenburg Beheer N.V., dated February 4, 2005 (Incorporated by reference - Form 8-K filed February 8, 2005.)
10.5*    Employment Agreement by and between VASCO Data Security International, Inc. and Jan Valcke effective as of January 1, 2005. (Incorporated by reference - Form 8-K filed July 1, 2005.)
10.6*    Letter agreement dated February 26, 2007, supplementing the Employment Agreement dated January 1, 2003, between the company and Clifford K. Bown. (Incorporated by reference - Form 8K filed March 2, 2007.)
10.7*    Letter agreement dated January 8, 2009, supplementing the Employment Agreement dated January 1, 2003, between the company and Clifford K. Bown. (Incorporated by reference - Form 8K filed January 14, 2009.)
10.8*    Employment Agreement Amendment, dated December 31, 2008 by and between VASCO Data Security International, Inc. and T. Kendall Hunt (Incorporated by reference - Form 8-K filed January 14, 2009.)
10.9*    Employment Agreement Amendment, dated December 31, 2008 by and between VASCO Data Security International, Inc. and Clifford K. Bown (Incorporated by reference - Form 8-K filed January 14, 2009.)
10.10*    Amendment to the VASCO Data Security International, Inc. 1997 Stock Compensation Plan, dated December 19, 2008. (Incorporated by reference - Form 8-K filed January 14, 2009.)
10.11*    VASCO Data Security International, Inc. 2009 Equity Incentive Plan, effective December 19, 2008. (Incorporated by reference to the Registrant’s Definitive Proxy Statement pursuant to Schedule 14A, filed with the SEC on April 30, 2009.)
10.12*    VASCO Data Security International, Inc. Executive Incentive Compensation Plan, effective December 19, 2008. (Incorporated by reference to the Registrant’s Definitive Proxy Statement pursuant to Schedule 14A, filed with the SEC on April 30, 2009.)
10.13*    Amended and Restated Employment Agreement effective as of January 1, 2011 between VASCO Data Security International, Inc. and T. Kendall Hunt. (Incorporated by reference - Form 8-K filed April 27, 2010.)
10.14*    Letter Agreement dated February 15, 2011, by and between VASCO Data Security International, Inc. and T. Kendall Hunt. (Incorporated by reference - Form 8-K filed February 15, 2011.)
14.1    VASCO Data Security International, Inc. and Subsidiaries Code of Conduct and Ethics. (Incorporated by reference - Form 8-K filed March 12, 2008.)
14.2    Amended VASCO Data Security International, Inc. and Subsidiaries Code of Conduct and Ethics. (Incorporated by reference - Form 8-K filed April 27, 2010.)
21    Subsidiaries of Registrant.
23    Consent of KPMG LLP.
31.1    Rule 13a-14(a)/15d-14(a) Certification of Principal Executive Officer pursuant to Section 302 of the Sarbanes-Oxley Act of 2002, dated March 11, 2011.

 

56


Table of Contents

Exhibit
Number

  

Description

31.2    Rule 13a-14(a)/15d-14(a) Certification of Principal Financial Officer pursuant to Section 302 of the Sarbanes-Oxley Act of 2002, dated March 11, 2011.
32.1    Section 1350 Certification of Principal Executive Officer pursuant to Section 906 of the Sarbanes-Oxley Act of 2002, dated March 11, 2011.
32.2    Section 1350 Certification of Principal Financial Officer pursuant to Section 906 of the Sarbanes-Oxley Act of 2002, dated March 11, 2011.

 

* Management contract or compensatory plan or arrangement required to be filed as an exhibit to this Annual Report on Form 10-K.

(b) VASCO Data Security International, Inc. will furnish any of the above exhibits to its stockholders upon written request addressed to the Secretary at the address given on the cover page of this Form 10-K. The charge for furnishing copies of the exhibits is $0.25 per page, plus postage.

 

57


Table of Contents

VASCO Data Security International, Inc.

INDEX TO FINANCIAL STATEMENTS AND SCHEDULE

 

Financial Statements

  

Report of Independent Registered Public Accounting Firm

     F-2   

Consolidated Balance Sheets as of December 31, 2010 and 2009

     F-3   

Consolidated Statements of Operations for the Years Ended December 31, 2010, 2009 and 2008

     F-4   

Consolidated Statements of Comprehensive Income for the Years Ended December 31, 2010, 2009 and 2008

     F-5   

Consolidated Statements of Stockholders’ Equity for the Years Ended December  31, 2010, 2009 and 2008

     F-6   

Consolidated Statements of Cash Flows for the Years Ended December 31, 2010, 2009 and 2008

     F-7   

Notes to Consolidated Financial Statements

     F-8   

Financial Statement Schedule

  

The following financial statement schedule is included herein:

  

Schedule II – Valuation and Qualifying Accounts

     F-25   

All other financial statement schedules are omitted because they are not applicable or the required information is shown in the consolidated financial statements or notes thereto.

 

F-1


Table of Contents

Report of Independent Registered Public Accounting Firm

The Board of Directors and Stockholders

VASCO Data Security International, Inc.:

We have audited the accompanying consolidated balance sheets of VASCO Data Security International, Inc. and subsidiaries (the Company) as of December 31, 2010 and 2009, and the related consolidated statements of operations, comprehensive income, stockholders’ equity, and cash flows for each of the years in the three-year period ended December 31, 2010. In connection with our audits of the consolidated financial statements, we also have audited the accompanying consolidated financial statement Schedule II – Valuation and Qualifying Accounts. These consolidated financial statements and the consolidated financial statement schedule are the responsibility of the Company’s management. Our responsibility is to express an opinion on these consolidated financial statements and the consolidated financial statement schedule based on our audits.

We conducted our audits in accordance with the standards of the Public Company Accounting Oversight Board (United States). Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement. An audit includes examining, on a test basis, evidence supporting the amounts and disclosures in the financial statements. An audit also includes assessing the accounting principles used and significant estimates made by management, as well as evaluating the overall financial statement presentation. We believe that our audits provide a reasonable basis for our opinion.

In our opinion, the consolidated financial statements referred to above present fairly, in all material respects, the financial position of the Company as of December 31, 2010 and 2009, and the results of their operations and their cash flows for each of the years in the three-year period ended December 31, 2010, in conformity with U.S. generally accepted accounting principles. Also in our opinion, the related consolidated financial statement schedule, when considered in relation to the basic consolidated financial statements taken as a whole, presents fairly, in all material respects, the information set forth therein.

We also have audited, in accordance with the standards of the Public Company Accounting Oversight Board (United States), the Company’s internal control over financial reporting as of December 31, 2010, based on criteria established in Internal Control—Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO), and our report dated March 11, 2011 expressed an unqualified opinion on the effectiveness of the Company’s internal control over financial reporting.

/s/ KPMG LLP

Chicago, Illinois

March 11, 2011

 

F-2


Table of Contents

VASCO Data Security International, Inc.

CONSOLIDATED BALANCE SHEETS

(in thousands, except per share data)

 

     December 31,  
     2010     2009  

ASSETS

    

Current assets

    

Cash and equivalents

   $ 85,533      $ 67,601   

Accounts receivable, net of allowance for doubtful accounts of $1,274 in 2010 and $1,201 in 2009

     21,702        30,400   

Inventories

     10,710        9,015   

Prepaid expenses

     1,859        1,588   

Foreign sales tax receivable

     2,282        1,086   

Deferred income taxes

     369        563   

Other current assets

     199        632   
                

Total current assets

     122,654        110,885   

Property and equipment:

    

Furniture and fixtures

     4,657        4,368   

Office equipment

     7,511        6,928   
                
     12,168        11,296   

Accumulated depreciation

     (7,397     (6,107
                

Property and equipment, net

     4,771        5,189   

Goodwill, net of accumulated amortization

     12,772        13,813   

Intangible assets, net of accumulated amortization

     1,603        1,797   

Other assets

     1,141        1,040   
                

Total assets

   $ 142,941      $ 132,724   
                

LIABILITIES AND STOCKHOLDERS’ EQUITY

    

Current liabilities

    

Accounts payable

   $ 8,857      $ 4,505   

Deferred revenue

     6,464        7,188   

Accrued wages and payroll taxes

     4,971        5,178   

Income taxes payable

     2,109        3,097   

Other accrued expenses

     3,364        3,285   
                

Total current liabilities

     25,765        23,253   

Deferred compensation

     456        490   

Deferred revenue

     47        277   

Deferred income taxes

     180        328   
                

Total liabilities

     26,448        24,348   
                

Stockholders’ equity

    

Common stock: $.001 par value per share, 75,000 shares authorized; 37,640 and 37,487 shares issued and outstanding at December 31, 2010 and 2009, respectively

     38        37   

Preferred stock: 500 shares authorized, none issued and outstanding at December 31, 2010 or 2009

     —          —     

Additional paid-in capital

     68,428        67,371   

Accumulated income

     47,524        36,718   

Accumulated other comprehensive income

     503        4,250   
                

Total stockholders’ equity

     116,493        108,376   
                

Total liabilities and stockholders’ equity

   $ 142,941      $ 132,724   
                

See accompanying notes to consolidated financial statements

 

F-3


Table of Contents

VASCO Data Security International, Inc.

CONSOLIDATED STATEMENTS OF OPERATIONS

(in thousands, except per share data)

 

     For the years ended December 31,  
     2010      2009      2008  

Revenue

   $ 107,963       $ 101,695       $ 132,977   

Cost of goods sold

     31,997         30,535         41,007   
                          

Gross profit

     75,966         71,160         91,970   
                          

Operating costs:

        

Sales and marketing

     31,027         30,299         35,352   

Research and development

     13,568         11,582         11,618   

General and administrative

     18,538         16,183         16,237   

Amortization of purchased intangible assets

     443         453         626   
                          

Total operating costs

     63,576         58,517         63,833   
                          

Operating income

     12,390         12,643         28,137   

Interest income, net

     324         572         990   

Other income (expense), net

     698         2,107         (209
                          

Income before income taxes

     13,412         15,322         28,918   

Provision for income taxes

     2,606         3,460         4,627   
                          

Net income

   $ 10,806       $ 11,862       $ 24,291   
                          

Net income per share:

        

Basic

   $ 0.29       $ 0.32       $ 0.65   
                          

Diluted

   $ 0.28       $ 0.31       $ 0.64   
                          

Weighted average common shares outstanding:

        

Basic

     37,413         37,319         37,156   
                          

Diluted

     38,241         38,084         38,204   
                          

 

See accompanying notes to consolidated financial statements.

 

F-4


Table of Contents

VASCO Data Security International, Inc.

CONSOLIDATED STATEMENTS OF COMPREHENSIVE INCOME

(in thousands)

 

     For the years ended December 31,  
     2010     2009      2008  

Net income

   $ 10,806      $ 11,862       $ 24,291   

Other comprehensive income (loss) - Currency translation adjustment

     (3,747     559         (2,512
                         

Comprehensive income

   $ 7,059      $ 12,421       $ 21,779   
                         

 

See accompanying notes to consolidated financial statements.

 

F-5


Table of Contents

VASCO Data Security International, Inc.

CONSOLIDATED STATEMENTS OF STOCKHOLDERS’ EQUITY

(in thousands)

 

    Common Stock     Additional
Paid-In

Capital
    Accumulated
Income
    Accumulated
Other
Comprehensive

Income (Loss)
    Total
Stockholders’

Equity
 
     Shares     Amount          

Balance at January 1, 2008

    37,205      $ 37      $ 64,734      $ 565      $ 6,203      $ 71,539   

Net income

    —          —          —          24,291        —          24,291   

Foreign currency translation adjustment

    —          —          —          —          (2,512     (2,512

Exercise of stock options

    17        —          80        —          —          80   

Restricted stock awards

    39        —          1,328        —          —          1,328   

Conversion of warrants

    79        —          274        —          —          274   

Stock option compensation

    —          —          284        —          —          284   
                                               

Balance at December 31, 2008

    37,340        37        66,700        24,856        3,691        95,284   

Net income

    —          —          —          11,862        —          11,862   

Foreign currency translation adjustment

    —          —          —          —          559        559   

Exercise of stock options

    38        —          119        —          —          119   

Restricted stock awards

    109        —          542        —          —          542   

Stock option compensation

    —          —          10        —          —          10   
                                               

Balance at December 31, 2009

    37,487        37        67,371        36,718        4,250        108,376   

Net income

    —          —          —          10,806        —          10,806   

Foreign currency translation adjustment

    —          —          —          —          (3,747     (3,747

Exercise of stock options

    1        —          3        —          —          3   

Restricted stock awards

    152        1        1,054        —          —          1,055   
                                               

Balance at December 31, 2010

    37,640      $ 38      $ 68,428      $ 47,524      $ 503      $ 116,493   
                                               

 

See accompanying notes to consolidated financial statements.

 

F-6


Table of Contents

VASCO Data Security International, Inc.

CONSOLIDATED STATEMENTS OF CASH FLOWS

(in thousands)

 

     For the years ended December 31,  
     2010     2009     2008  

Cash flows from operating activities:

      

Net income

   $ 10,806      $ 11,862      $ 24,291   

Adjustments to reconcile net income to net cash provided by operating activities:

      

Depreciation and amortization

     2,458        3,343        3,381   

Deferred tax expense (benefit)

     118        (38     (612

Non-cash compensation

     1,021        (309     3,117   

Changes in assets and liabilities:

      

Accounts receivable, net

     6,700        (4,951     (223

Inventories

     (1,695     4,363        (6,358

Foreign sales tax receivable

     (1,155     6,375        (2,581

Other current assets

     (229     5        (266

Accounts payable

     4,465        (5,864     2,689   

Income taxes payable

     (744     (91     (849

Accrued expenses

     41        (951     246   

Current deferred compensation

     —          (1,434     —     

Deferred revenue

     (703     518        671   
                        

Net cash provided by operations

     21,083        12,828        23,506   
                        

Cash flows from investing activities:

      

Additions to property and equipment

     (1,417     (2,169     (2,812

Other assets

     (355     (559     (256
                        

Net cash used in investing activities

     (1,772     (2,728     (3,068
                        

Cash flows from financing activities:

      

Proceeds from exercise of stock options and warrants

     3        119        354   
                        

Net cash provided by financing activities

     3        119        354   
                        

Effect of exchange rate changes on cash

     (1,382     (332     (1,911

Net increase in cash

     17,932        9,887        18,881   

Cash and equivalents, beginning of year

     67,601        57,714        38,833   
                        

Cash and equivalents, end of year

   $ 85,533      $ 67,601      $ 57,714   
                        

Supplemental cash flow disclosures:

      

Cash paid for income taxes

   $ 3,372      $ 3,775      $ 6,177   

Cash paid for interest

     —          —          21   

 

See accompanying notes to consolidated financial statements.

 

F-7


Table of Contents

VASCO DATA SECURITY INTERNATIONAL, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS

(amounts in thousands, except per share data)

Unless otherwise noted, references in this Annual Report on Form 10-K to “VASCO”, “company”, “we”, “our” and “us” refer to VASCO Data Security International, Inc. and its subsidiaries.

Note 1 – Summary of Significant Accounting Policies

Nature of Operations

VASCO Data Security International, Inc. and its wholly owned subsidiaries design, develop, market and support hardware and software security systems that manage and secure access to information assets. VASCO has operations in Austria, Australia, Bahrain, Belgium, Brazil, China, France, India, Japan, The Netherlands, Singapore, the United Kingdom (U.K)., the United States (U.S.) and Switzerland.

Principles of Consolidation

The consolidated financial statements include the accounts of VASCO Data Security International, Inc. and its wholly owned subsidiaries. Intercompany accounts and transactions have been eliminated in consolidation.

Estimates and Assumptions

The preparation of financial statements in conformity with accounting principles generally accepted in the U.S. requires management to make estimates and assumptions that affect the reported amounts of assets and liabilities and disclosure of contingent assets and liabilities at the date of the financial statements and the reported amounts of revenue and expenses during the reporting period. Actual results could differ from those estimates.

Foreign Currency Translation and Transactions

The financial position and results of the operations of the majority of the company’s foreign subsidiaries are measured using the local currency as the functional currency. Accordingly, assets and liabilities are translated into U.S. Dollars using current exchange rates as of the balance sheet date. Revenues and expenses are translated at average exchange rates prevailing during the year. Translation adjustments arising from differences in exchange rates are charged or credited to other comprehensive income. Gains and (losses) resulting from foreign currency transactions were $(225), $835, and $(580) in 2010, 2009 and 2008, respectively, and are included in other income in the consolidated statements of operations.

The financial position and results of our operations in Singapore and Switzerland are measured in U.S. Dollars. For these subsidiaries, gains and losses that result from foreign currency transactions are included in the consolidated statements of operations.

Revenue Recognition

We recognize revenue in accordance with Financial Accounting Standards Board (FASB) Accounting Standards Codification (ASC) 985-605 that addresses the accounting for revenue transactions involving software, as well as Staff Accounting Bulletin 104. Revenue is recognized when there is persuasive evidence that an arrangement exists, delivery has occurred, the fee is fixed or determinable and collection of the revenue is probable.

Hardware Revenue and License Fees: Revenue from the sale of computer security hardware or the license of software is recorded upon shipment or, if an acceptance period is allowed, at the latter of shipment or customer acceptance. No significant obligations or contingencies exist with regard to delivery, customer acceptance or rights of return at the time revenue is recognized.

 

F-8


Table of Contents

VASCO DATA SECURITY INTERNATIONAL, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (Continued)

(amounts in thousands, except per share data)

 

Maintenance and Support Agreements: Maintenance and support agreements generally call for us to provide software updates and technical support, respectively, to customers. Revenue on maintenance and technical support is deferred and recognized ratably over the term of the maintenance and support agreement.

Consulting and Education Services: We provide consulting and education services to our customers. Revenue from such services is recognized during the period in which the services are performed.

Multiple-Element Arrangements: We allocate revenue to the various elements of the arrangements based on the estimated fair value of each deliverable as required by ASC 605-25. The fair value for each element is based on the price charged when that element is sold separately, renewal rates and other methods, such as prices established by management. The estimated fair value of undelivered elements is deferred and recorded as revenue when services are performed or products are delivered.

When tokens and software licenses are included in multiple element arrangements, they are generally delivered elements in such arrangements. When tokens and software are delivered elements, we use the Residual Method (ASC 605-25) for determining the amount of revenue to recognize for token and software licenses if we have vendor specific objective evidence (VSOE) for all of the undelivered elements. Any discount provided to the customer is applied fully to the delivered elements in such an arrangement. We defer the revenue for tokens and software in any multiple element arrangement where we do not have VSOE for any undelivered element. VSOE of fair value of PCS agreements is based on separate sales transactions on a worldwide basis. In sales arrangements where VSOE of fair value has not been established, revenue for all elements is deferred and amortized over the life of the arrangement. We recognize revenue from sales to distributors and resellers on the same basis as sales made directly to customers. We recognize revenue when there is persuasive evidence that an arrangement exists, delivery has occurred, the fee is fixed or determinable and collection of the revenue is probable.

For large-volume transactions, we may negotiate a specific price that is based on the number of users of the software license or quantities of hardware supplied. The per unit prices for large-volume transactions are generally lower than transactions for smaller quantities and the price differences are commonly referred to as volume-purchase discounts.

All revenue is reported on a net basis, excluding any sales or value added taxes.

Cash and Equivalents

Cash and equivalents are stated at cost plus accrued interest, which approximates fair value. Cash equivalents are high-quality short term money market instruments with original maturities of three months or less. Cash and equivalents are held by a number of U.S. and non-U.S. commercial banks and money market investment funds with next day availability. Cash and equivalents at December 31, 2010 include $85,182 in money market investment funds or demand bank deposits for which fair value is equal to cost. These investments are valued using level one inputs, as defined in ASC 820, Fair Value Measurements and Disclosures. Cash and equivalents also include $351 in bank certificates of deposit for which fair value was $352 at December 31, 2010. Bank certificates of deposit are valued using level two inputs, as defined by ASC 820.

At December 31, 2010, cash and equivalents includes approximately $14,048 of unrestricted cash held on our behalf by our attorneys in a bank in The Netherlands pending the acquisition of DigiNotar in January 2011. (See note 15.)

Accounts Receivable and Allowance for Doubtful Accounts

The credit worthiness of customers is reviewed prior to shipment. A reasonable expectation of collection is a requirement for revenue recognition. Verification of credit and/or the establishment of credit limits are part of the customer contract administration process. Credit limit adjustments for existing customers may result from the

 

F-9


Table of Contents

VASCO DATA SECURITY INTERNATIONAL, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (Continued)

(amounts in thousands, except per share data)

 

periodic review of outstanding accounts receivable. The company records trade accounts receivable at invoice values, which are generally equal to fair value.

We maintain allowances for doubtful accounts for estimated losses resulting from the inability of our customers to make payments for goods and services. We analyze accounts receivable balances, customer credit-worthiness, current economic trends and changes in our customer payment timing when evaluating the adequacy of the allowance for doubtful accounts. The allowance is based on a specific review of all significant past-due accounts. If the financial condition of our customers deteriorates, resulting in an impairment of their ability to make payments, additional allowances may be required.

Inventories

Inventories, consisting principally of hardware and component parts, are stated at the lower of cost or market. Cost is determined using the first-in-first-out (FIFO) method. We write down inventory where it appears that the carrying cost of the inventory may not be recovered through subsequent sale of the inventory. We analyze the quantity of inventory on hand, the quantity sold in the past year, the anticipated sales volume in the form of sales to new customers as well as sales to previous customers, the expected sales price and the cost of making the sale when evaluating the valuation of our inventory. If the sales volume or sales price of a specific model declines significantly, additional write downs may be required.

Property and Equipment

Property and equipment are stated at cost. Depreciation is computed using the straight-line method over the estimated useful lives of the related assets ranging from three to seven years. Additions and improvements are capitalized, while expenditures for maintenance and repairs are charged to operations as incurred. Gains or losses resulting from sales or retirements are recorded as incurred, at which time related costs and accumulated depreciation are removed from the accounts.

Research and Development Costs

Costs for research and development, principally the design and development of hardware, and the design and development of software prior to the determination of technological feasibility, are expensed as incurred on a project-by-project basis.

Software Development Costs

We capitalize software development costs in accordance with ASC 985-20. Research costs and software development costs, prior to the establishment of technological feasibility, determined based upon the creation of a working model, are expensed as incurred. Our software capitalization policy currently defines technological feasibility as a functioning beta test prototype with confirmed manufacturability (a working model), within a reasonably predictable range of costs. Additional criteria include receptive customers, or potential customers, as evidenced by interest expressed in a beta test prototype, at some suggested selling price. Our policy is to amortize capitalized costs by the greater of (a) the ratio that current gross revenue for a product bear to the total of current and anticipated future gross revenue for that product or (b) the straight-line method over the remaining estimated economic life of the product, generally two to five years, including the period being reported on. No software development costs were capitalized in any of the years ending December 31, 2010, 2009, or 2008.

Income Taxes

We account for income taxes under the asset and liability method. Deferred tax assets and liabilities are recognized for the future tax consequences attributable to differences between the financial statement carrying amounts of existing assets and liabilities and their respective tax bases and operating loss and tax credit carryforwards. We measure deferred tax assets and liabilities using enacted tax rates expected to apply to taxable

 

F-10


Table of Contents

VASCO DATA SECURITY INTERNATIONAL, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (Continued)

(amounts in thousands, except per share data)

 

income in the years in which those temporary differences are expected to be recovered or settled. We recognize the effect of a change in tax rates on deferred tax assets and liabilities and in income in the period that includes the enactment date.

We monitor our potential income tax exposures as required by ASC 740-10.

We have significant net operating loss carryforwards in the U.S. and other countries which are available to reduce the liability on future taxable income. A valuation reserve has been provided to offset most of these future benefits because we have not determined that their realization is more likely than not.

Fair Value of Financial Instruments

At December 31, 2010 and 2009, our financial instruments were cash equivalents, accounts receivable, accounts payable and accrued liabilities. The estimated fair value of our financial instruments has been determined by using available market information and appropriate valuation methodologies, as described in Cash and Equivalents above. The fair values of the financial instruments were not materially different from their carrying amounts at December 31, 2010 and 2009.

Accounting for Leases

All of our leases are operating leases. Rent expense on facility leases is charged evenly over the life of the lease, regardless of the timing of actual payments.

Goodwill and Other Intangibles

We account for goodwill and indefinite-lived intangible assets in accordance with ASC 350-20. Indefinite-lived intangible assets include customer lists, proprietary technology and other intangible assets. Intangible assets other than patents with definite lives are amortized over the useful life, generally three to seven years for proprietary technology. Patents are amortized over the life of the patent, generally 20 years in the U.S.

We assess the impairment of goodwill and intangible assets with indefinite lives each year-end or whenever events or changes in circumstances indicate that the carrying value may not be recoverable. Factors considered important which could trigger an impairment review include significant underperformance relative to expected historical or projected future operating results, significant changes in the manner of our use of the acquired assets or the strategy for our overall business, and significant negative industry or economic trends. Once identified, the amount of the impairment is computed by comparing the carrying value of the assets to the fair value. Fair value for goodwill is determined using our stock price which is a level 1 valuation, as defined by ASC 820-10. Fair value for trademarks is based on discounted estimated future cash flows, which is a level 3 valuation. We have not recognized any impairment for the years ended December 31, 2010, 2009 or 2008 as the fair value of our reporting unit substantially exceeds our carrying amount.

Stock-Based Compensation

We have stock-based employee compensation plans, which are described more fully in Note 9. ASC 718-10 requires us to estimate the fair value of stock options and restricted stock granted to employees, directors and others and to record compensation expense equal to the estimated fair value. Compensation expense is recorded on a straight-line basis over the vesting period.

 

F-11


Table of Contents

VASCO DATA SECURITY INTERNATIONAL, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (Continued)

(amounts in thousands, except per share data)

 

Warranty

Warranties are provided on the sale of certain of our products and an accrual for estimated future claims is recorded at the time revenue is recognized. Warranty reserves are based on past claims experience, sales history and other considerations. Our standard practice is to provide a warranty on our hardware products for either a one or two year period after the date of purchase. Customers may purchase extended warranties covering periods from one to four years after the standard warranty period. We defer the revenue associated with the extended warranty and recognize it into income on a straight-line basis over the extended warranty period. We have historically experienced minimal actual claims over the warranty period.

Note 2 – Inventories

Inventory is comprised of the following:

 

     December 31,  
     2010      2009  

Component parts

   $ 4,716       $ 5,810   

Work-in-process and finished goods

     5,994         3,205   
                 

Total

   $ 10,710       $ 9,015   
                 

Note 3 – Goodwill and Other Intangibles

Intangible asset activity for the two years ended December 31, 2010 and the composition of the balance as of December 31, 2010 is detailed in the following table. Certain goodwill and other intangibles are denominated in local currencies and are subject to currency fluctuations.

 

     Capitalized
Technology
    Patents &
Trademarks
    Total Intangible
Assets
    Goodwill  

Net balance at December 31, 2008

     1,454        543        1,997        13,584   

Additions

     —          241        241        —     

Net foreign currency translation

     12        —          12        229   

Amortization expense

     (432     (21     (453     —     
                                

Net balance at December 31, 2009

     1,034        763        1,797        13,813   

Additions

     —          326        326        —     

Net translation loss

     (77     —          (77     (1,041

Amortization expense

     (413     (30     (443     —     
                                

Net balance at December 31, 2010

   $ 544      $ 1,059      $ 1,603      $ 12,772   
                                

December 31, 2010 balance at cost

   $ 11,106      $ 1,168      $ 12,274      $ 13,778   

Accumulated amortization

     (10,562     (109     (10,671     (1,006
                                

Net balance at December 31, 2010

   $ 544      $ 1,059      $ 1,603      $ 12,772   
                                

 

F-12


Table of Contents

VASCO DATA SECURITY INTERNATIONAL, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (Continued)

(amounts in thousands, except per share data)

 

Expected amortization of the intangible assets for the years ended:

 

December 31, 2011

   $ 329   

December 31, 2012

     263   

December 31, 2013

     53   

December 31, 2014

     33   

December 31, 2015

     33   

Thereafter

     351   
        

Subject to amortization

     1,062   

Trademarks

     541   
        

Total intangible assets

   $ 1,603   
        

Note 4 – Other Assets - Long-Term

Instructional software, developed in 2006 at a cost of $2,448, was capitalized in accordance with ASC 985-20 and amortized on a straight line basis over a three year life. In conjunction with a 2006 acquisition, deemed compensation in the amount of €1,250 (equivalent to $1,570 at the historical exchange rate) was recorded and amortized over four years. Changes in deferred tax assets are charged to income tax expense.

 

     Instructional
software
    Deemed
compen-
sation
    Deferred
tax assets
    Deposits      Total other
assets
 

Net balance at December 31, 2008

     823        367        972        129         2,291   

Additions/(reductions)

     —          —          (302     241         (61

Net translation gain/(loss)

     (16     (10     —          —           (26

Amortized/expensed

     (807     (357     —          —           (1,164
                                         

Net balance at December 31, 2009

     —          —          670        370         1,040   

Additions/(reductions)

     —          —          38        63         101   
                             

Net balance at December 31, 2010

   $ —        $ —        $ 708      $ 433       $ 1,141   
                                         

Amortization expense for instructional software and deemed compensation is included in selling expense.

Note 5 – Income Taxes

Income before income taxes was generated in the following jurisdictions:

 

     For the years ended December 31,  
     2010      2009     2008  

Domestic

   $ 806       $ (576   $ 3,930   

Foreign

     12,606         15,898        24,988   
                         

Total

   $ 13,412       $ 15,322      $ 28,918   
                         

 

F-13


Table of Contents

VASCO DATA SECURITY INTERNATIONAL, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (Continued)

(amounts in thousands, except per share data)

 

The provision for income taxes consists of the following:

 

     For the years ended December 31,  
     2010      2009     2008  

Current:

       

Federal

   $ 32       $ (148   $ 103   

Foreign

     2,461         3,646        5,117   
                         

Total current

     2,493         3,498        5,220   
                         

Deferred:

       

Foreign

     113         (38     (593
                         

Total deferred

     113         (38     (593
                         

Total

   $ 2,606       $ 3,460      $ 4,627   
                         

The differences between the income tax provisions computed using the statutory federal income tax rate of 35% and the provisions for income taxes reported in the consolidated statements of operations are as follows:

 

     For the years ended December 31,  
     2010     2009     2008  

Expected tax at statutory rate

   $ 4,694      $ 5,363      $ 10,121   

Foreign taxes at other rates

     (1,783     (1,989     (4,247

Change in valuation allowance due to:

      

NOL valuation reserve adjustments

     (335     (315     (782

Utilization of NOL carryforwards

     (725     (164     (1,953

Generation of NOL carryforwards

     164        223        258   

Taxes on intercompany interest / dividends

     197        —          487   

Non-deductible amortization

     117        149        207   

Prior year tax adjustments

     67        111        247   

Other, net

     210        82        289   
                        

Total

   $ 2,606      $ 3,460      $ 4,627   
                        

 

F-14


Table of Contents

VASCO DATA SECURITY INTERNATIONAL, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (Continued)

(amounts in thousands, except per share data)

 

Current deferred tax assets are presented as a separate line on the balance sheet. Long-term deferred tax assets are included in other long-term assets and identified in Note 4. Current deferred tax liabilities were $299 in 2010 and $194 in 2009 and are included in other accrued liabilities. The deferred income tax balances are comprised of the following:

 

     As of December 31,  
     2010     2009  

Deferred tax assets:

    

U.S. net operating loss carryforwards

   $ 5,273      $ 6,021   

Stock and long-term compensation plans

     1,538        1,349   

Foreign NOL carryforwards

     1,456        1,609   

Deferred revenue

     259        384   

Accrued expenses and other

     264        133   
                

Total gross deferred tax assets

     8,790        9,496   

Less: Valuation allowance

     (7,713     (8,263
                

Net deferred income tax assets

   $ 1,077      $ 1,233   
                

Deferred tax liabilities:

    

Swiss tax allowances

   $ 202      $ —     

Intangible assets—Logico acquisition

     180        328   

Potential tax on intercompany dividends

     97        194   
                

Deferred tax liabilities

   $ 479      $ 522   
                

At December 31, 2010, we had U.S. net operating loss (NOL) carryforwards of $21,247. Of this amount, $14,727 is available to offset future taxable income. The remainder represents tax deductions for employee stock option gains which would be credited to paid-in capital. The U.S. loss carryforwards expire in varying amounts beginning in 2020 and continuing through 2029. In addition, if certain substantial changes in the company’s ownership were deemed to have occurred, there would be an annual limitation on the amount of the U.S.NOL carryforwards that could be utilized.

At December 31, 2010, we also had foreign NOL carryforwards of $4,834. The foreign NOL carryforwards have no expiration dates.

The company has provided a valuation allowance at December 31, 2010 and 2009 for all of its U.S. deferred tax assets and certain foreign deferred tax assets. In assessing the realizability of deferred tax assets, the company considers whether it is more likely than not that some portion or all of the deferred tax assets will be realized. The ultimate realization of deferred tax assets is dependent upon the generation of future taxable income. In two foreign jurisdictions, we have determined that it is more likely than not that NOL carryforwards will be realized. The unreserved deferred tax asset for these NOL carryforwards is $1,029 at December 31, 2010. The amount of future earnings in these jurisdictions necessary to realize these benefits is $4,187. Annual earnings in these jurisdictions have averaged $1,058 over the last four years.

The net change in the valuation allowance for the years ended December 31, 2010, 2009 and 2008 was a decrease of $550, $151, and $2,977, respectively. This valuation allowance will be reviewed on a regular basis and adjustments made as appropriate. In addition to the utilization of NOLs in the U.S. and in foreign countries as noted above, the change in the valuation allowance also reflects other factors including, but not limited to, changes in our assessment of our ability to use existing NOLs, changes in currency rates and adjustments to

 

F-15


Table of Contents

VASCO DATA SECURITY INTERNATIONAL, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (Continued)

(amounts in thousands, except per share data)

 

reflect differences between the actual returns filed and the estimates we made at financial reporting dates. For 2010, we have reviewed the NOL carryforwards for each of our entities to determine if it is more likely than not that the NOL carryforward would be utilized in future years. Based on our review, we have reduced income tax expense and the valuation reserve in 2010 by $335. The company expects to generate adequate taxable income to realize deferred tax assets in foreign jurisdictions where no valuation reserve exists.

The company has not provided deferred U.S. taxes on its unremitted foreign earnings because it considers them to be permanently invested. The unremitted foreign earnings are estimated to be $65,000. We have provided a deferred tax liability of $97 to reflect the foreign tax liability on unremitted earnings to one of our foreign subsidiaries.

We had no accrued interest or penalties for income tax liabilities at December 31, 2010. Our policy is to record interest expense and penalties on income taxes as income tax expense.

ASC 740-10 sets a “more likely than not” criterion for recognizing the tax benefit of uncertain tax positions; it established measurement criteria for tax benefits and it established certain new disclosure requirements. We have identified one such exposure concerning cost allocations related to the implementation of our worldwide strategy related to the ownership of our intellectual property for which we had a reserve of $470 at December 31, 2010 and 2009, which is an offset to our U.S. deferred tax asset.

Our primary tax jurisdictions and the earliest year for which tax returns are subject to audit are presented in the following table. VASCO Data Security is abbreviated as “VDS”.

 

Australia    VDS Pty. Ltd.    2005
Austria    VDS Austria    2006
Belgium    VDS NV    2008
Belgium    VDS Europe NV    2007
Belgium    Lintel    2008
Belgium    Able NV    2006
Netherlands    VDS BV    2003
Singapore    VDS Asia Pacific    2006
Switzerland    VDS International GmbH    2010
United States    VDS International, Inc.    2005

Note 6 – Deferred Warranty Revenue and Warranty Reserve

Our standard practice is to provide a warranty on our DIGIPASS hardware for either one or two years, depending on where the sale is made, after the date of purchase. Customers may purchase extended warranties covering periods from one to four years after the standard warranty period. We defer the revenue associated with the extended warranty and recognize it into income on a straight-line basis over the extended warranty period. The estimated cost of providing warranty services during the extended warranty period is less than the revenue related to such warranty service.

 

F-16


Table of Contents

VASCO DATA SECURITY INTERNATIONAL, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (Continued)

(amounts in thousands, except per share data)

 

Deferred warranty revenue at December 31, 2010, which will be recognized as revenue as follows:

 

Year

   Amount  

2011

   $ 81   

2012

     34   

2013

     13   
        

Total

   $ 128   
        

We maintain a reserve for the potential cost of future warranty claims related to products sold and recognized in revenue. The reserve is included in accrued expenses. Activity in the warranty reserve account during the three fiscal years ended December 31 was as follows:

 

     2010     2009     2008  

Balance, beginning of period

   $ 150      $ 475      $ 171   

Provision for warranty claims

     105        108        551   

Product or cash issued to settle claims

     (194     (433     (247
                        

Balance, end of period

   $ 61      $ 150      $ 475   
                        

Note 7 – Debt

As of December 31, 2010 and 2009, we had no borrowings outstanding. During 2010, we did not renew our bank line of credit. In 2010, 2009 and 2008, we did not borrow against the line of credit.

Note 8 – Stockholders’ Equity

Preferred Stock and Warrants

During 2003, we sold 0.8 shares of Series D 5% Cumulative Convertible Voting Preferred Stock and 600 detachable warrants to purchase common stock at $3.47 per share. The warrants expired in 2008. Prior to expiration in 2008, holders exercised warrants to purchase 79 shares.

Note 9 – Stock Compensation Plans

In June 2009, our stockholders approved the VASCO Data Security International, Inc. 2009 Equity Incentive Plan (the “2009 Equity Plan”). The 2009 Equity Plan permits the issuance of awards in a variety of forms, including (1) shares of our common stock, (2) nonqualified and incentive stock options for the purchase of our common stock, (3) stock appreciation rights, (4) deferred stock, (5) other stock-based awards (including restricted shares, performance shares, performance units and other stock unit awards), and (6) cash incentive awards.

Upon approval of the 2009 Equity Plan, our 1997 Stock Compensation Plan, as amended and restated (the “1997 Compensation Plan”) was suspended. No additional awards will be issued under the 1997 Compensation Plan, however, all outstanding awards under the 1997 Compensation Plan were unaffected by the approval of the 2009 Equity Plan. The 1997 Compensation Plan permitted the award of stock compensation in various forms.

The 2009 Equity Plan and the 1997 Compensation Plan were designed and intended to provide performance incentives to employees and non-employee directors, consultants and other key persons of the company. Both

 

F-17


Table of Contents

VASCO DATA SECURITY INTERNATIONAL, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (Continued)

(amounts in thousands, except per share data)

 

plans are administered by the Compensation Committee as appointed by the Board of Directors and are intended to be non-qualified plans.

As of December 31, 2010, the number of shares allowed to be issued under the 2009 Equity Plan was 7,669 shares of the company’s common stock, representing 20.4% of the issued and outstanding shares of the company as of such date.

The following table summarizes compensation expense recorded under the two plans. No tax benefits were recognized, due to our fully reserved U.S. NOL carryforwards.

 

     2010     2009     2008  

Compensation expense included in income:

      

Stock options

   $ —        $ 11      $ 284   

Restricted stock

     1,054        542        1,328   

Long-term compensation plan

     (33     (862     1,505   
                        

Total expense (benefit)

     1,021        (309     3,117   

Income tax benefit

     —          —          —     
                        

Net expense (benefit)

   $ 1,021      $ (309   $ 3,117   
                        

Stock Options

We have not granted stock options since 2005; however, compensation expense is recognized for the unvested options as required by the ASC 718-10. This statement requires the company to estimate the fair value of stock options granted and to record compensation expense equal to the estimated fair value. The fair value of stock options at the date of grant is estimated using the Black-Scholes option pricing model, with the expected life adjusted to reflect the effect of post-vesting restrictions. This compensation expense is recorded on a straight-line basis over the vesting period of the options.

All options granted under the 1997 Compensation Plan were issued at market value on the date of grant, with terms of six to ten years and vesting periods ranging from one to five years. The company may issue new shares or treasury shares for option exercises. The following table summarizes option activity for the year ended December 31, 2010. All options outstanding at December 31, 2010 and 2009 were fully vested.

 

     Shares     Weighted
Average
Exercise
Price
     Weighted
Average
Remaining
Term (Years)
     Aggregate
Intrinsic
Value
 

Outstanding at January 1, 2010

     1,297      $ 3.01         2.71       $ 4,493   

Exercised

     (1     6.38         —           2   

Forfeited or expired

     (65     9.70         0.02         —     
                

Outstanding at December 31, 2010

     1,231        2.65         1.88         6,746   
                

At December 31, 2010:

          

Fully vested, exercisable options

     1,231      $ 2.65         1.88       $ 6,746   

 

F-18


Table of Contents

VASCO DATA SECURITY INTERNATIONAL, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (Continued)

(amounts in thousands, except per share data)

 

The intrinsic value of options exercised and the fair value of shares vested over the last three years were:

 

     2010      2009      2008  

Intrinsic value of options exercised

   $ 2       $ 204       $ 130   

Fair value of shares vested

     —           21         271   

All options were fully vested at December 31, 2009.

Time-Based Restricted Stock

We granted restricted stock awards to employees and non-employee directors under both the 2009 Equity Plan and the 1997 Compensation Plan. Awards to non-employee directors vest on the first anniversary date of the grant and awards to employees vest annually over a four year period. These shares are subject to forfeiture if the service period requirement is not met. Compensation expense equal to the market value of the stock on the grant date is recorded on a straight-line basis over the vesting period as required ASC 718-10. Compensation expense for 2010 was $905. The following table summarizes the time-based restricted stock activity for the year ended December 31, 2010:

 

     Shares     Weighted
average
remaining
term (years)
     Aggregate
intrinsic
value
 

Outstanding at January 1, 2010

     165        1.03       $ 1,036   

Shares vested

     (95        649   

Shares awarded

     152           992   
             

Outstanding at December 31, 2010

     222        1.85         1,805   
             

The unamortized future compensation expense for time-based restricted stock awards was $929 at December 31, 2010.

Performance-Based Restricted Stock

Performance-based restricted stock was granted under the 2009 Equity Plan and the 1997 Compensation Plan and is earned over a three-year period beginning January 1 of the year of grant. Each executive officer’s right to performance-based restricted shares is subject to VASCO’s achievement of a three year cumulative earnings per share goal. Under the 2009 Equity Plan, each executive officer will receive 0% of the shares if less than 80% of the performance goal is achieved, 50% of the shares if 80% of the performance goal is achieved, 100% of the shares if 100% of the performance goal is achieved, and 160% of the shares if 140% of the performance goal is achieved. Under the 1997 Compensation Plan, each executive officer will receive 0% of the shares if less than 80% of the performance goal is achieved, 50% of the shares if 80% of the performance goal is achieved, 100% of the shares if 100% of the performance goal is achieved, and 125% of the shares if 140% of the performance goal is achieved.

The performance-based restricted shares granted in 2008 lapsed unearned as VASCO did not achieve the cumulative earnings per share goal for the three years ending December 31, 2010. The number of shares granted was 179 in 2010 and 83 in 2009, which represents the number of shares that will be received if the Company achieves 100% of the performance goal. The shares received for performance at a level between stated performance percentages will be interpolated. The performance targets are established by the Board of Directors.

 

F-19


Table of Contents

VASCO DATA SECURITY INTERNATIONAL, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (Continued)

(amounts in thousands, except per share data)

 

Compensation expense equal to the market value of the stock on the grant date is recorded on a straight-line basis over the vesting period if the performance condition is deemed to be probable, as required by ASC 718-10. Compensation expense in 2010 includes a benefit of $231 for the reversal of 2009 award accruals and expense of $380 for the 2010 awards. The reversal of the reserve related to the 2009 awards reflected our assessment that it was not probable that we would achieve the performance targets required for the payout of the performance-based restricted stock. The unamortized future compensation expense for the performance-based restricted stock was $806 at December 31, 2010.

The following table summarizes the activity related to performance share units during 2010:

 

     Shares     Weighted
average
remaining
term (years)
     Aggregate
intrinsic
value
 

Outstanding at January 1, 2010

     112        1.76       $ 703   

Shares lapsed, unearned

     (29        —     

Shares awarded

     179           1,185   
             

Outstanding at December 31, 2010

     262        2.02         2,130   
             

Long-term Incentive Compensation

Under the 2009 Equity Plan and the 1997 Compensation Plan, we provided long-term incentive awards to key employees, other than named executive officers, that can be earned if the company achieves certain cumulative earnings per share targets over a three year period. Under both plans, the amount of payment will be determined as follows: no award will be paid if the cumulative earnings per share is less than 90% of the target; if the cumulative earnings per share is greater than 90% but less than 110% of the target, the award will be prorated on a basis consistent with actual performance; and if the cumulative earnings per share is greater than 110% of the target, 120% of the award will be paid.

The award amounts are designated as a specific dollar amount but, at the option of the company, can be paid in either VASCO common stock or cash. If paid in stock, the company will issue the corresponding number of freely tradable shares to the employees based on the stock price on the date the awards are earned. The company granted awards totaling $2,020, $1,968, and $1,980, in 2010, 2009 and 2008, respectively. Compensation expense for long-term incentive awards is recognized ratably over the period beginning with the effective date of the grant and ending on December 31 of the targeted three-year period, if it is deemed probable that the target will be met.

Accruals for the 2009 grants were reversed in the fourth quarter of 2010, based on our assessment that it was not probable that we would achieve the performance targets required for the payout of the long-term incentive awards. Compensation expense in 2010 includes a benefit of $490 for the 2009 reversal and expense of $456 for the 2010 award.

Accruals for the 2007 and 2008 grants were reversed in the first quarter of 2009, based on our assessment that it was not probable that the performance targets would be met. Compensation expense in 2009 includes a benefit of $1,352 for the 2007 and 2008 reversals and expense of $490 for the 2009 award.

Employees forfeit their awards if they terminate from the company prior to the end of the three-year performance period. The amounts expensed are reported as liabilities on the balance sheet. The unamortized future compensation expense for the long-term incentive awards was $1,564 at December 31, 2010.

 

F-20


Table of Contents

VASCO DATA SECURITY INTERNATIONAL, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (Continued)

(amounts in thousands, except per share data)

 

Note 10 – Earnings per Common Share

Basic earnings per share is based on the weighted average number of shares outstanding and excludes the dilutive effect of unexercised common stock equivalents. Diluted earnings per share is based on the weighted average number of shares outstanding and includes the dilutive effect of unexercised common stock equivalents to the extent they are not anti-dilutive. A reconciliation of the shares included in the basic and fully diluted earnings per share calculations is as follows:

 

     For the years ended December 31,  
     2010      2009      2008  

Net Income

   $ 10,806       $ 11,862       $ 24,291   
                          

Weighted average common shares outstanding

        

Basic

     37,413         37,319         37,156   

Incremental shares with dilutive effect:

        

Stock options

     778         762         992   

Restricted stock awards

     50         3         27   

Warrants

     —           —           29   
                          

Dilutive

     38,241         38,084         38,204   
                          

Net Income per share

        

Basic

   $ 0.29       $ 0.32       $ 0.65   

Dilutive

   $ 0.28       $ 0.31       $ 0.64   

Note 11 – Employee Benefit Plan

We maintain a defined contribution pension plan for our U.S. employees established pursuant to the provisions of Section 401(k) of the Internal Revenue Code, which provides benefits for eligible employees of the company and allow us to match employee contributions. For the years ended December 31, 2010, 2009 and 2008, we contributed $72, $75, and $100, respectively, to this plan as matching contributions.

We also maintain a pension plan for our Belgian employees, in compliance with Belgian law. The plan is a defined contribution plan, but has a minimum return guarantee under Belgian law. Returns guaranteed by the pension plan administrator are essentially equal to the legal requirement. For the years ended December 31, 2010, 2009 and 2008, the company contributed $470, $487, and $386, respectively, to this plan.

 

F-21


Table of Contents

VASCO DATA SECURITY INTERNATIONAL, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (Continued)

(amounts in thousands, except per share data)

 

Note 12 – Geographic, Customer and Supplier Information

We classify our sales by our customers’ locations in four geographic regions: 1) EMEA, which includes Europe, the Middle East and Africa; 2) the United States, which for our purposes includes sales in Canada; 3) Asia Pacific Rim; and 4) Other Countries, including Australia, Latin America and Central Asia. Information regarding geographic areas for the years ended December 31, 2010, 2009 and 2008 is as follows:

 

     Europe,
Middle East,
Africa (EMEA)
     United States      Asia Pacific      Other
Countries
     Total  

2010

              

Revenue

   $ 72,694       $ 9,912       $ 10,860       $ 14,497       $ 107,963   

Gross profit

     50,950         7,683         6,078         11,255         75,966   

Long-lived assets

     18,685         730         17         147         19,579   

2009

              

Revenue

   $ 72,833       $ 7,376       $ 9,492       $ 11,994       $ 101,695   

Gross profit

     57,615         4,013         3,327         6,204         71,160   

Long-lived assets

     20,452         561         38         118         21,169   

2008

              

Revenue

   $ 89,511       $ 7,783       $ 10,116       $ 25,567       $ 132,977   

Gross profit

     59,352         6,577         6,346         19,695         91,970   

Long-lived assets

     20,123         450         65         2,052         22,690   

For the years 2010, 2009 and 2008, our top 10 customers contributed 37%, 34%, and 44%, respectively, of total worldwide revenue. In 2010, one customer accounted for approximately 11% of total revenue. In 2009 and 2008, no one customer exceeded 10% of total revenue.

The majority of our products are manufactured by four independent vendors, one headquartered in Europe and the other three in Hong Kong. Our hardware DIGIPASSES are assembled at facilities in mainland China.

Note 13 – Commitments and Contingencies

The company leases office space and automobiles under operating lease agreements expiring at various times through 2018. Future minimum rental payments required under non-cancelable leases are as follows:

 

Year

   Amount  

2011

   $ 3,092   

2012

     2,621   

2013

     2,206   

2014

     1,850   

2015

     1,636   

Thereafter

     2,389   
        

Total

   $ 13,794   
        

Rent expense under operating leases aggregated $2,540, $2,544, and $2,228 for the years ended December 31, 2010, 2009 and 2008, respectively. Rent expense is recorded on a straight-line basis over the life of the lease agreement.

 

F-22


Table of Contents

VASCO DATA SECURITY INTERNATIONAL, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (Continued)

(amounts in thousands, except per share data)

 

From time to time, we have been involved in litigation incidental to the conduct of our business. Currently, we are not a party to any lawsuit or proceeding that, in management’s opinion, is likely to have a material adverse effect on its business, financial condition or results of operations.

Note 14 – Quarterly Results of Operations (unaudited)

The quarterly results of operations are as follows:

 

     First
Quarter
     Second
Quarter
     Third
Quarter
     Fourth
Quarter
 
2010            

Net sales

   $ 23,915       $ 24,742       $ 26,301       $ 33,005   

Gross profit

     16,688         17,436         18,545         23,296   

Operating expenses

     15,964         15,860         16,043         15,710   

Operating income

     724         1,576         2,502         7,586   

Net income

     573         1,396         2,183         6,654   

Net income per share:

           

Basic

   $ 0.02       $ 0.04       $ 0.06       $ 0.18   

Fully diluted

     0.01         0.04         0.06         0.17   
2009            

Net sales

   $ 23,175       $ 24,458       $ 22,126       $ 31,936   

Gross profit

     16,698         16,712         15,390         22,360   

Operating expenses

     11,976         15,360         13,436         17,745   

Operating income

     4,722         1,352         1,954         4,614   

Net income

     3,463         2,042         1,522         4,834   

Net income per share:

           

Basic

   $ 0.09       $ 0.05       $ 0.04       $ 0.13   

Fully diluted

     0.09         0.05         0.04         0.13   

Due to rounding in earnings per share, the sum of the quarters may not be equal to the full year.

Note 15 – Subsequent Event—Acquisition of DigiNotar

On January 10, 2011, we purchased all of the intellectual property of DigiNotar Holding B.V. and its subsidiaries and acquired 100% of the stock of DigiNotar B.V. and DigiNotar Notariaat B.V., each a private company organized and existing in The Netherlands (collectively, “DigiNotar”), for cash in the aggregate of €10.0 million (approximately $12.9 million at an exchange rate of 1.29 dollars per Euro). Both transactions were effective January 1, 2011 (“Effective Date”). We funded the transactions from our existing cash balances.

Pursuant to the terms of the IP Purchase Agreement, we acquired all the intellectual property rights relating to the identity, authentication, signature and delivery services and products owned by DigiNotar Technologie B.V. and DigiNotar as guaranteed by their parent entity, DigiNotar Holding B.V., for total consideration of €6.3 million or approximately $8.1 million. In addition, pursuant to the terms of the Share Sales and Purchase Agreement (“Share Agreement”), we acquired all the shares of DigiNotar from DigiNotar Holding B.V. for initial consideration of €3.7 million or approximately $4.8 million, subject to adjustments related to working capital and certain liabilities and DigiNotar’s EBIT (earnings before interest and taxes) for fiscal year 2011 (collectively “Purchase Price Reductions”). Of the initial consideration under the Share Agreement, €1.45 million or approximately $1.9 million was paid at closing and €2.25 million or approximately $2.9 million was deposited into an escrow fund.

 

F-23


Table of Contents

VASCO DATA SECURITY INTERNATIONAL, INC.

NOTES TO CONSOLIDATED FINANCIAL STATEMENTS - (Continued)

(amounts in thousands, except per share data)

 

The IP Purchase Agreement and the Share Agreement contain representations, warranties, and covenants that are customary for a transaction of this size and nature. DigiNotar Holding B.V. irrevocably and unconditionally guarantees DigiNotar’s performance and payments under the IP Agreement and will satisfy its obligations initially from the escrow fund established under Share Agreement. The escrow fund also serves as a source of payment in the event of any Purchase Price Reductions and for DigiNotar Holding B.V.’s indemnification obligations related to specified liabilities under the Share Agreement.

As additional support for the potential adjustment related to DigiNotar’s EBIT for 2011, an agreement and a second escrow fund in the amount of €0.4 million or approximately $0.5 million was established by D.B.A. ten Burg Holding B.V. and Bosco Holding B.V., both private limited liability companies organized and existing under the laws of The Netherlands. As a result of this agreement, the maximum potential adjustment related to DigiNotar’s EBIT increased from €1.0 million or approximately $1.3 million under the Share Agreement to €1.4 million or approximately $1.8 million in the aggregate.

 

F-24


Table of Contents

SCHEDULE II

VASCO DATA SECURITY INTERNATIONAL, INC.

VALUATION AND QUALIFYING ACCOUNTS

 

     Beginning
balance
     Additions     Deductions  
        Bad debt
expense/
(recovery)
     Foreign
currency
translation
    Accounts
written off
    Ending
balance
 

Allowance for doubtful accounts for trade accounts receivable

            

Year ended December 31, 2010

   $ 1,201         114         (36     (5   $ 1,274   

Year ended December 31, 2009

     708         472         43        (22     1,201   

Year ended December 31, 2008

     452         322         (24     (41     708   

See accompanying independent auditors’ report

 

F-25


Table of Contents

SIGNATURES

Pursuant to the requirements of Section 13 or 15(d) of the Securities Exchange Act of 1934, the Registrant has duly caused this Report to be signed on its behalf by the undersigned, thereunto duly authorized, on March 11, 2011.

 

VASCO Data Security International, Inc.

        /s/ T. Kendall Hunt

T. Kendall Hunt
Chief Executive Officer

Pursuant to the requirements of the Securities Exchange Act of 1934, this Report has been signed by the following persons on behalf of the Registrant in the capacities indicated on March 11, 2011.

POWER OF ATTORNEY

Each of the undersigned, in his capacity as an officer or director, or both, as the case may be, of VASCO Data Security International, Inc. does hereby appoint T. Kendall Hunt, and each of them severally, his true and lawful attorneys or attorney to execute in his name, place and stead, in his capacity as director or officer, or both, as the case may be, this Annual Report on Form 10-K for the fiscal year ended December 31, 2010 and any and all amendments thereto and to file the same with all exhibits thereto and other documents in connection therewith with the Securities and Exchange Commission. Each of said attorneys shall have power to act hereunder with or without the other attorney and shall have full power and authority to do and perform in the name and on behalf of each of said directors or officers, or both, as the case may be, every act whatsoever requisite or necessary to be done in the premises, as fully and to all intents and purposes as to which each of said officers or directors, or both, as the case may be, might or could do in person, hereby ratifying and confirming all that said attorneys or attorney may lawfully do or cause to be done by virtue hereof.

 

SIGNATURE

      

TITLE

        /s/ T. Kendall Hunt

     Chief Executive Officer and Chairman
T. Kendall Hunt      (Principal Executive Officer)

        /s/ Jan Valcke

     President and Chief Operating Officer
Jan Valcke      (Principal Operating Officer)

        /s/ Clifford K. Bown

     Chief Financial Officer and Secretary
Clifford K. Bown      (Principal Financial Officer and Principal Accounting Officer)

        /s/ Michael P. Cullinane

     Director
Michael P. Cullinane     

        /s/ Jean K. Holley

     Director
Jean K. Holley     

        /s/ John R. Walter

     Director
John R. Walter     

        /s/ John N. Fox, Jr.

     Director
John N. Fox, Jr.