10-K 1 form10k.htm  


UNITED STATES
SECURITIES AND EXCHANGE COMMISSION
WASHINGTON, D.C. 20549

FORM 10-K
ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) THE SECURITIES EXCHANGE ACT OF 1934
      For the fiscal year ended December 31, 2020
OR
 TRANSITION REPORT PURSUANT TO SECTION 13 OR 15 (d) THE SECURITIES EXCHANGE ACT OF 1934
Commission file number: 001-08443
TELOS CORPORATION
(Exact name of registrant as specified in its charter)

Maryland
52-0880974
(State or other jurisdiction of incorporation or organization)
(I.R.S. Employer Identification No.)
19886 Ashburn Road, Ashburn, Virginia
20147-2358
(Address of principal executive offices)
(Zip Code)

Registrant's telephone number, including area code: (703) 724-3800

Securities registered pursuant to Section 12(b) of the Act:
Title of each class
Trading symbol
Name of each exchange on which registered
Common stock, $0.001 par value per share
TLS
The Nasdaq Stock Market LLC

Securities registered pursuant to Section 12(g) of the Act:
None

Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act. Yes      No   
 
Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the Act. Yes      No  

Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes      No  
 
Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T (§ 232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit such files). Yes     No  

Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company” and “emerging growth company” in Rule 12b-2 of the Exchange Act.
 
Large accelerated filer    
Accelerated filer                             
Non-accelerated filer     
Smaller reporting company  
 
Emerging growth company  
If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act.

Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act). Yes      No  

The aggregate market value of the registrant’s common stock held by non-affiliates of the registrant as of June 30, 2020:  Not applicable

As of March 15, 2021, the registrant had outstanding 64,625,071 shares of common stock.

DOCUMENTS INCORPORATED BY REFERENCE:

Certain of the information required in Part III of this Form 10-K is incorporated by reference to the Registrant's definitive proxy statement to be filed for the Annual Meeting of Stockholders to be held on May 25, 2021.

1

TABLE OF CONTENTS
 
   
Page
     
PART I
   
     
Item 1.
3
Item 1A.
15
1Item 1B.
24
Item 2.
25
Item 3.
25
Item 4.
25
     
PART II
   
     
Item 5.
26
Item 6.
27
Item 7.
28
Item 7A.
39
Item 8.
40
Item 9.
72
Item 9A
72
Item 9B.
72
     
PART III
   
     
Item 10.
73
Item 11.
73
Item 12.
73
Item 13.
73
Item 14.
73
     
PART IV
   
     
Item 15.
73
Item 16.
76
 
77


Special Note Regarding Forward-Looking Statements

This annual report contains statements that constitute forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. In addition, in the future the Company, and others on its behalf, may make statements that constitute forward-looking statements. Such forward-looking statements may include, without limitation, statements relating to the Company’s plans, objectives or goals; future economic performance or prospects; the potential effect on the Company’s future performance of certain contingencies; and assumptions underlying any such statements.

Words such as “believes,” “anticipates,” “expects,” “intends” and “plans” and similar expressions are intended to identify forward-looking statements but are not the exclusive means of identifying such statements. The forward-looking statements are and will be based upon management’s then current views and assumptions regarding future events and operating performance and are only applicable as of the dates of such statements. The Company does not intend to update these forward-looking statements except as may be required by applicable laws.

By their very nature, forward-looking statements involve inherent risks and uncertainties, both general and specific, and risks exist that predictions, forecasts, projections and other outcomes described or implied in forward-looking statements will not be achieved. The Company cautions you that a number of important factors could cause results to differ materially from the plans, objectives, expectations, estimates and intentions expressed in such forward-looking statements, including without limitation the risks described under the caption “Risk Factors” in this Annual Report on Form 10-K. You are cautioned not to place undue reliance on the Company’s forward-looking statements.

PART I
Item 1.  Business

Overview

Telos Corporation, together with its subsidiaries (the “Company” or “Telos” or “We”), offers technologically advanced, software-based security solutions that empower and protect the world’s most security-conscious organizations against rapidly evolving, sophisticated and pervasive threats. Our portfolio of security products, services and expertise empower our customers with capabilities to reach new markets, serve their stakeholders more effectively, and successfully defend the nation or their enterprise. We protect our customers’ people, information, and digital assets so they can pursue their corporate goals and conduct their global missions with confidence in their security and privacy.

Our customer base consists of the U.S. federal government, large commercial businesses, state and local governments, as well as international customers. Our federal government customers include the Department of Defense (“DoD”), the Central Intelligence Agency (“CIA”) and multiple other agencies within the Intelligence Community (“IC”), and multiple civilian agencies, including the Department of Homeland Security (“DHS”), the U.S. Department of State (“DoS”), and the Federal Bureau of Investigation (“FBI”). Our commercial customers include Fortune 500 enterprises such as Amazon.com, Inc., Citigroup Inc., Microsoft Corporation, and Salesforce.com, Inc. We have conducted business with over 350 customers in each of the last three years. For the year ended December 31, 2020, approximately 50% of our revenue was derived from sole source contracts or contracts for which we had limited competition. Our customers are highly targeted by cyber attackers and require continuous real-time insights to make informed decisions about how to effectively balance the constraints of security risk with the freedom to act and decide in the best interests of the organization and the greater good of the public. Our advanced security solutions help protect and ensure confidence in the information that is vital to the world’s most important commercial and governmental organizations, national security, and mission success for the warfighter.

Our revenue growth trajectory began to accelerate in 2018 as we increased our investment into new products and solutions. Our security solutions are the product of the investment of approximately 3,000 man-years developing our intellectual property and highly sophisticated software technology. These investments helped us expand with commercial customers, as well as win additional contracts within the military and the IC. Revenue grew from $107.7 million in 2017 to $138.0 million in 2018 and to $159.2 million in 2019 and to $179.9 million in 2020, representing annual growth rates of 28.1%, 15.4%, and 13.0%, respectively. Once our security solutions are imbedded in our customers’ technology infrastructure, these customer relationships often expand and lead to us providing additional security solutions. As a consequence, we believe that our customer turnover is low and, based on historical experience, approximately 85% of our revenue is recurring, as discussed further below.

We develop our annual budgeted revenue by estimating for the upcoming year our continuing business from existing customers and active contracts. We consider backlog, both funded and unfunded (as explained below), other expected annual renewals, and expansion planned by our current customers. In the context of our current customer portfolio, we view “recurring revenue” as revenue that occurs often and repeatedly. In each of the last three years, recurring revenue has exceeded 85% of our annual revenue. Our total budgeted revenue is the combination of recurring revenue and a forecast of new business.

Total backlog, a component of recurring revenue, consists of the aggregate contract revenues remaining to be earned by us at a given time over the life of our contracts, whether funded or unfunded. Funded backlog consists of the aggregate contract revenues remaining to be earned at a given time, which, in the case of U.S. government contracts, means that they have been funded by the procuring agency. Unfunded backlog is the difference between total backlog and funded backlog and includes potential revenues that may be earned if customers exercise delivery orders and/or renewal options to continue these contracts. Based on historical experience, we generally assume option year renewals to be exercised. Most of our customers fund contracts on a basis of one year or less and, as a result, funded backlog is generally expected to be earned within one year from any point in time, whereas unfunded backlog is expected to be earned over a longer period.

On November 19, 2020, we completed our initial public offering of shares of our common stock. We issued 17.2 million shares of our common stock at a price of $17.00 per share, generating net proceeds of approximately $272.7 million.  We used approximately $108.9 million of the net proceeds in connection with the conversion of our outstanding shares of Exchangeable Redeemable Preferred Stock into the right to receive cash and shares of our common stock, $30.0 million to fund our acquisition of the outstanding Class B Units of Telos ID, and $21.0 million to repay our outstanding senior term loan and subordinated debt.  We intend to use the remaining net proceeds for general corporate purposes. We also may use a portion of the net proceeds to acquire complementary businesses, products, services, or technologies. We do not, however, have agreements, commitments, or plans for any specific acquisitions at this time. The amounts and timing of our actual use of the net proceeds will vary depending on numerous factors.

Our Mission: Cyber, Cloud, and Enterprise Security

Our mission is to protect our customers’ people, systems, and vital information assets with offerings for cybersecurity, cloud security, and enterprise security. In the current global environment, our mission is more critical than ever. The emergence of each new information and communications technology (“ICT”) introduces new vulnerabilities, as security is still too often overlooked in solution development. Networks and applications meant to enhance productivity and profitability often jeopardize an organization due to poor planning, misconfiguration, or an unknown gap in security. Ransomware, insider threats, cybercrime, and advanced persistent threats continue to menace public and private enterprises across all industries.

Cybersecurity, cloud security, and enterprise security of the modern organization share much in common, yet also call for a diverse range of skills, capabilities, and experience in order to meet the requirements of security-conscious customers. Decades of experience in developing, orchestrating, and delivering solutions across these three domains gives us the vision and the confidence to provide solutions that empower and protect the enterprise at an integrated, holistic level. Our experience in addressing challenges in one area of an enterprise helps us meet requirements in others. We understand that a range of complementary capabilities may be needed to solve a single challenge, and we also recognize when a single solution might address multiple challenges.

Our security solutions span across the following domains:
 Cybersecurity – We help our customers ensure the ongoing security, integrity, and compliance of their on-premises and related cloud-based systems, reducing threats and vulnerabilities in order to foil cyber adversaries before they can attack.  Our consultants assess our customers’ security environments and design, engineer, and operate the systems they need to strengthen their cybersecurity posture.

 Cloud Security – The cloud as an organizational resource is more than two decades old, yet the needs of cloud users are constantly changing. Telos offers the specialized skills and experience needed to help our customers plan, engineer, and execute secure cloud migration strategies and then assure ongoing management and security in keeping with the leading standards for cloud-based systems and workloads.

 Enterprise Security – Securing the enterprise means protecting the essential and timeless elements common to every organization: its people and processes, its supply chain and inventories, its finances and facilities, and its information and communications. As ICT and operational technology (“OT”) have become part of the organizational make-up, we have offered solutions that ensure personnel can work securely and productively across and beyond the enterprise.

Our Market

Our market includes organizations in business across industry verticals, government, and the military. We believe that digital transformation is a reality for these organizations and that the ICT systems they depend on for their success and security are subject to unprecedented levels of stress, threat, and attack. Market-disrupting technologies, a global pandemic, and economic uncertainty make it difficult for customers to plan for business expansion, develop new programs in service to the public, or prepare military forces for the nation’s defense. Public and private enterprises alike face the following dynamic challenges that threaten their security:

Heavy dependence on information and operational technologies. Organizations are increasingly dependent on technology, including mobile and wireless applications, cloud-based resources, industrial internet of things (“IoT”), industrial control systems (“ICS”), supervisory control and data acquisition (“SCADA”), and others.
Digital transformation and accelerating migration to the cloud. Enterprises and government agencies are accelerating the migration of applications, storage, and ICT/OT infrastructure to hosted and cloud environments. More organizations – including highly security-conscious agencies within the U.S. government and commercial entities – are gaining comfort and confidence in the cloud, taking advantage of the rapid application development, greater flexibility, and strategic agility that the cloud offers.
Ability to work across and beyond the enterprise. Organizations are no longer defined by or confined by real estate, geography, or personnel rosters. Information and applications are now accessible in the cloud. Mobile devices free personnel to work wherever their mission takes them. Employees, contractors, and partners collaborate in the physical and digital domains, trusting that they can rely on the integrity and trustworthiness of their people and their systems.
Turbulent technology environment due to COVID-19. The COVID-19 pandemic has accelerated the growth of the remote workforce and thus, cyber risk. Existing technologies for mobility are being stretched to the limit, and enterprises are facing dramatic growth in cyber-attack risk as a result of personnel and systems that are still adjusting to an increasing number of workers accessing systems remotely. Ransomware, phishing attempts, and inadequate virtual private networks (“VPNs”) all contribute to a significant increase in threats and vulnerabilities.

The networked nature of enterprise technologies and the ability to work outside the organizational perimeter result in increased risk and the constant threat of attack. In particular, the cloud adds new complexities due to the shared responsibility of cloud security and the need to manage and maintain the compliance of cloud-based resources.

Our solutions across a wide variety of use cases are designed to address our customers’ proliferating need to understand and address cybersecurity risk, reduce the organizational attack surface, enhance enterprise mobility, expand adoption of cloud computing, and manage and protect identities in an increasingly dynamic and intensifying threat landscape. By addressing the breadth of our customers’ complex and evolving needs, we believe that our total addressable market in 2021 for the security services and products that we provide is over $80 billion.

Our Offerings

We refer to our cyber and cloud applications as Security Solutions, which includes Information Assurance / Xacta®, Secure Communications, and Telos ID. We refer to our offerings for enterprise security as Secure Networks.

Security Solutions
Information Assurance / Xacta: a premier platform for enterprise cyber risk management and security compliance automation, delivering security awareness for systems in the cloud, on-premises, and in hybrid and multi-cloud environments. Xacta delivers automated cyber risk and compliance management solutions to large commercial and government enterprises. Across the U.S. federal government, Xacta is the de facto commercial cyber risk and compliance management solution.
 
Secure Communications:
   
 
Telos Ghost: a virtual obfuscation network-as-a-service with encryption and managed attribution capabilities to ensure the safety and privacy of people, information, and resources on the network. Telos Ghost seeks to eliminate cyber-attack surfaces by obfuscating and encrypting data, masking user identity and location, and hiding network resources. It provides the additional layers of security and privacy needed for intelligence gathering, cyber threat protection, securing critical infrastructure, and protecting communications and applications when operations, property, and even lives can be jeopardized by a single error in security.
 
Telos Automated Message Handling System (“AMHS”): web-based organizational message distribution and management for mission-critical communications; the recognized gold standard for organizational messaging in the U.S. government. Telos AMHS is used by military field operatives for critical communications on the battlefield and is the only web-based solution for assured messaging and directory services using the Defense Information System Agency’s (“DISA”) Organizational Messaging Service and its specialized communications protocols.
Telos ID: offering Identity Trust and Digital Services through IDTrust360® – an enterprise-class digital identity risk platform for extending software-as-a-service (“SaaS”) and custom digital identity services that mitigate threats through the integration of advanced technologies that fuse biometrics, credentials, and other identity-centric data used to continuously monitor trust. We maintain government certifications and designations that distinguish Telos ID, including TSA PreCheck® enrollment provider, Designated Aviation Channeling provider, FBI-approved Channeler, and the Financial Industry Regulatory Authority (“FINRA”) Electronic Fingerprint Submission provider. We are the only commercial entity in our industry designated as a Secure Flight Services provider for terrorist watchlist checks.
 

Secure Networks
Secure Mobility: solutions for business and government that enable remote work and minimize concern across and beyond the enterprise. Our secure mobility team brings credentials to every engagement, supplying deep expertise and experience as well as highly desirable clearances and industry recognized certifications for network engineering, mobility, and security.
Network Management and Defense: services for operating, administrating, and defending complex enterprise networks and defensive cyber operations. Our diverse portfolio of capabilities addresses common and uncommon requirements in many industries and disciplines, ranging from the military and government agencies to Fortune 500 companies.

Xacta

Xacta Overview

Xacta delivers automated cyber risk and compliance management solutions to large commercial and government enterprises. Xacta is sold as a solution, which includes Xacta technology and Xacta subject matter experts (“SMEs”) to help with deployment, on-going support, and training to ensure rapid and long-term customer success. Our solution-based business model provides predictable, recurring, and growing revenue year-on-year.

Xacta disrupted the cyber risk and compliance management industry 20 years ago. When it was first introduced, Xacta represented a new way of doing business that challenged the inefficient labor-intensive business models of traditional consultants and government contractors who charge by the hour.

We have developed and evolved Xacta over the past two decades to make security risk and compliance activities more efficient through workflow-based automation. Many cyber risk and compliance management activities can be automated, which greatly reduces the need for inefficient Time and Materials (“T&M”) services. More importantly, we believe that certain critical capabilities like continuous monitoring are effectively impossible without automation.

Xacta is the de facto commercial cyber risk and compliance management solution across the U.S. federal government. Noteworthy U.S. government enterprise customers include DoD, multiple agencies within the IC (including the CIA), and civilian agencies such as DHS, DoS and the FBI. Xacta cloud security is also being adopted by very large commercial organizations like Amazon Web Services (“AWS”) and Microsoft Azure.

Across these government and commercial customers, we currently have hundreds of Xacta deployments used to manage tens of thousands of mission critical/national security systems that are comprised of millions of critical information technology (“IT”) assets and cloud resources. There are also more than 20,000 cyber security professionals who actively use Xacta to manage cyber risk for a wide range of IT/information systems in warfighting, intelligence, business/financial, and healthcare applications.

In 2016, at the request of the CIA, we evolved Xacta from an on-premises cyber risk and compliance management solution, used to manage traditional IT assets, to a solution that also manages cloud resources. As a result, we believe that Xacta is unique in its ability to manage complex hybrid IT environments that span on-premises, cloud, and multi-cloud. Our cloud focus has attracted the attention of the largest cloud and cloud service providers in the world, many of which are now our partners and customers. These partnerships have greatly increased our market opportunity, as many organizations look to migrate to the cloud. Security compliance remains a major inhibitor to cloud adoption. Xacta addresses this issue by automating and accelerating security compliance activities allowing organizations to migrate to the cloud more quickly and securely.

Recognizing these advantages, the two largest cloud providers in the world, AWS and Microsoft Azure, have partnered with Telos to use Xacta to accelerate security compliance activities in their air-gapped and global sovereign cloud environments to help hundreds of thousands of regulated organizations address security risk and compliance much more efficiently.

Our cloud focus has also resulted in significant partnerships with other cloud organizations, such as Rackspace Technology, Inc., which are helping SaaS vendors address cloud compliance requirements, including the Federal Risk and Authorization Management Program (“FedRAMP”), which is required by the federal government for all SaaS solutions. There are thousands of potential SaaS applications needed by the federal government. These organizations understand that Xacta’s ability to reduce the security compliance burden helps accelerate cloud adoption and generates cloud usage and revenue more quickly. To this end, Xacta’s capabilities are viewed as a strategic advantage by these cloud-centric organizations.

Managing cyber risk is top-of-mind for many organizations today. There is an increasing number of security standards and regulations with which global organizations must comply. The National Institute of Standards and Technology (“NIST”) is the source for many security standards that are being adopted globally. Telos, using Xacta, has specialized in supporting NIST-based standards for nearly 20 years. We have been considered by a leading, third-party consultancy to be NIST-based cybersecurity domain experts.

Xacta’s Critical Capabilities

Xacta offers a number of critical and differentiated capabilities that support a wide range of cyber risk and compliance management use cases, such as:

Automated asset inventory - helps quickly define IT boundary/parameters and establish audit/test plans.
Automated control validation - reduces manual test efforts.
Automated continuous control monitoring - offers ongoing assurance of compliance.
Vulnerability management functionality - understand vulnerabilities that apply to IT environments.
Remediation management - workflow to help organizations prioritize risk, establish remediation plans, and track remediation progress to closure.
Automated regulatory report generation - reduces manual effort needed to create regulatory reports (bi-product of the workflow process).
Cloud integration - allows Xacta to manage cloud-based resources (multi-cloud environments) as well as on-premises assets.
Cloud deployment - allows Xacta to be deployed as a SaaS, Virtual Machine Image (“VMI”), Amazon Machine Image, and Microsoft Azure VMI, as well as on-premises.
Intelligent workflow - Artificial Intelligence (“AI”)-like functionality reduces the need for manual intervention.
Predictive control mapping - AI-like functionality helps reduce redundant control testing and manual control mapping effort to help address audit fatigue.
Automated control inheritance - allows organizations to share common compliance information - cloud providers share common controls with customers as per the shared responsibility model of cloud security - which greatly reduces manual effort and enables rapid cloud adoption.
Visualization and reporting - reduces dependency on third-party business intelligence products.
End-to-end workflow capabilities - support for complex system authorization processes like FedRAMP and the NIST Risk Management Framework, dramatically reducing time, cost, and effort.
Evidence of security posture compliance - designed to provide the body of evidence needed for regulatory or legal proceedings and insurance claims to verify security posture compliance with industry best practices at the time of an event.

Xacta Evolution

Xacta was launched in August 2000 and was the first automated solution of its kind. Xacta was initially created to help U.S. government organizations satisfy demanding security risk and compliance management requirements. Over the years, commercial and international demand for the Xacta solutions provided by Telos has grown rapidly.

In 2004, Xacta was enhanced to provide industry-first automated continuous monitoring functionality. Between 2002 and 2005, Telos was issued five patents in the area of security risk and compliance management, including one patent for what is now known as continuous monitoring. Since then, numerous technical enhancements have been made to Xacta, some of which are described above in “Xacta’s Critical Capabilities.”

Xacta supports other NIST frameworks such as the NIST Cybersecurity Framework (“CSF”), which was established in 2014 via Executive Order 13636 to help commercial organizations in the 16 DHS-defined critical infrastructure sectors improve their cyber risk posture. Executive Order 13800, issued in 2017, requires federal agencies to adopt the CSF, and it is also being adopted by many countries as a national cybersecurity standard.

Xacta also currently supports various vendor/supply chain risk management standards such as NIST Special Publication 800-161 and NIST Special Publication 800-171. NIST 800-171 is a contractual requirement for approximately 70,000 commercial companies that support the U.S. federal government.

Xacta will also support an emerging standard called Cybersecurity Maturity Model Certification, which will soon be required by approximately 300,000 commercial organizations that support DoD.

Xacta has highly customizable workflows that can be configured to support most any cybersecurity/risk and compliance management frameworks. To that end, Xacta can support national and international security compliance standards such as HIPAA, PCI-DSS, ISO 27000, and many others.

Xacta does not require a customer to abandon (i.e. rip and replace) its existing solutions - rather it works with the customer’s prior software choices and uses those software choices as data feeds so that Xacta can perform automated (and continuous) security compliance validation.

Xacta use cases include audit management, compliance management, inventory management, vulnerability management, continuous compliance monitoring, vendor/supply chain risk management, cyber risk management, risk remediation management, and security authorizations. These use cases are broadly applicable across industry verticals globally and help explain the large and expanding market in which Xacta participates.

Our goal is to make Xacta the default security risk and compliance management solution of choice for commercial and government entities across the globe that seek continuous compliance with cybersecurity and risk management frameworks and standards.

Telos Ghost® 

Telos Ghost Overview

As cyber threats have increased in scope and scale and the consequences of hacks and breaches have grown, we have developed a solution that enables organizations to work on the internet without being detected. In 2018, we introduced Telos Ghost, which allows our customers to shield communications, transactions, and even their very presence on the web from the view of cyber adversaries.

Conceived on the notion that “you can’t exploit what you can’t see,” Telos Ghost provides organizations a virtually anonymous way to do business, connect with global resources, and conduct research online. Telos Ghost is a virtual obfuscation network-as-a-service that:

obscures and varies network pathways to prevent adversaries from tracking users and information.
uses multiple layers of encryption to protect information and remove source and destination IP addresses, eliminating network paths back to the source.
enables users to manage their technical and non-technical persona to disguise their identity and location.
hides critical network resources using cloaked capabilities for email, storage, unified communications, and other applications.

Telos Ghost seeks to eliminate cyber-attack surfaces by obfuscating and encrypting data, masking user identity and location, and hiding network resources. It provides the additional layers of security and privacy needed for intelligence gathering, cyber threat protection, securing critical infrastructure, and protecting communications and applications when operations, property, and even lives can be jeopardized by a single error in security.

Telos Ghost Critical Capabilities

Private Web Access: Secure anonymous Internet access. Telos Ghost disguises the identity and location of personnel when using the public web for cyber threat intelligence and competitive research. It provides users with dynamic access for every session and assures that traffic securely traverses the virtual private lines of Telos Ghost. Scalable and flexible, Telos Ghost Private Web Access allows users multiple points of international or domestic egress to the public internet based on customer requirements. Traffic mixing and misdirection techniques are designed to ensure that activity remains anonymous, obscure and private.
Private Network Access: Leased-line security with VPN flexibility. This capability is designed to allow authorized users to work with mission-critical enterprise information without being seen or discovered. It enables the establishment of sustainable cybersecurity infrastructure, providing multi-layered secure tunnels for data traffic and obscuring the correlation between the entry doorways and the client cloud from external observers. Software and system agnostic and accessible from nearly any device and location, Telos Ghost Private Network Access is designed to provide a full security solution while maintaining existing encryption and software services.
Cloaked Services: Hidden unified mobile communications, storage, and applications. Telos Ghost also provides remote users with the ability to securely talk, text, email, store information, and use video and applications over nearly any mobile device. These abilities include fully encrypted geo-masked hidden mobile communications for device-agnostic voice, video, chat, and data; hidden storage to store, analyze, and collaborate privately and securely within Telos Ghost; and hidden email and applications that cloaks the servers for access only by Telos Ghost users.

Telos Ghost Applications

Cyber threat research. Telos Ghost provides members of a U.S. government organization with an isolated networking infrastructure that enables red team members to operate securely and privately without attracting unwanted attention.
Open source intelligence. A U.S. government organization uses Telos Ghost to securely conduct open source cyber threat intelligence analysis.
Supply chain security vulnerability assessment. A security company that vets the vulnerability of supply chains in the Defense Industrial Base uses Telos Ghost to inspect the digital connections of the supply chain online, safe from observation by adversaries that might otherwise evade discovery.
Worldwide investigative and recovery services. A commercial firm uses Telos Ghost for cloaked online research and voice communications over mobile devices to enable secure, privatized communications as they track and recover property from nefarious actors.

Telos AMHS

Telos AMHS is used by military field operatives for critical communications on the battlefield. Since 1999, it has been one of our signature security solutions and has been one of the most widely used organizational messaging products in DoD and other agencies charged with defending U.S. national security.

Telos AMHS is designed to support a range of secure messaging services to a worldwide community of U.S. military, government, and allied customers operating in both strategic and tactical environments. It is used to securely transmit messages that provide direction and establish a formal position, commitment, or response requiring the authority of an organization, rather than an individual, including:

Military command and control;
Cross-border authorizations;
Exchanges between military forces of sovereign nations;
High-level policy, procedure, or directives; and
Response to legal, sensitive, or personnel matters.

Because Telos AMHS supports timely and reliable delivery for authoritative communications, its uses include terrorist warnings, “eyes-only” messages, military execution orders, intelligence information, overflight clearances, and Emergency Action Messages for nuclear command and control. Information exchange at this level and for these purposes requires operational requirements for time-sensitive, guaranteed delivery, precedence, high availability, and reliability.

Telos AMHS is the only web-based solution for assured messaging and directory services using the DISA’s Organizational Messaging Service and its specialized communications protocols. With Telos AMHS, users are able to send and receive rich-text messages across security domains and in different formats using plain language addressing. Users can search messages, archive messages, and send attachments up to 200MB to accommodate photos and videos, including those of terrorists, most wanted notices, maps, and satellite images.

More than fifty organizations around the world depend on Telos AMHS, including the Joint Staff, combatant commands, military services, defense agencies, federal agencies, and the IC. Telos AMHS provides a proven return on investment over alternative organizational messaging offerings and has been implemented on a SaaS basis by an increasing number of organizations.

Telos ID Identity Offerings

Telos ID Overview

Telos ID provides trusted identity and digital services that are critical for the delivery of vital citizen services that millions of Americans rely on each year. Access to these vital services requires a robust and reliable infrastructure comprised of advanced technologies, facilities, and professional staff members that can effectively deliver these services around the world.

We have transformed the Telos ID business model by leveraging a SaaS approach. We utilize our partnerships with AWS and ServiceNow, and we have fully integrated a robust suite of customer service, cybersecurity, and performance monitoring tools that align with DHS’s Continuous Diagnostics and Mitigation (“CDM”) Program that are designed to enable us to quickly deliver SaaS or turn-key solutions to our federal customers. Our digital platform extends web, mobile, and client applications that also drive professional services and product licensing opportunities. Our services are differentiated because our back-end system is intended to interface with critical homeland security and law enforcement systems and are tightly coupled with a mature, modern cloud-based platform that can scale to support large federal, state, local, and commercial programs.

We maintain government certifications and designations that distinguish Telos ID, including TSA PreCheck® enrollment provider, Designated Aviation Channeling provider, FBI-approved Channeler, and the FINRA Electronic Fingerprint Submission provider. We are the only commercial entity in our industry designated as a Secure Flight Services provider for terrorist watchlist checks.

Our strategic partners offer retail and on-demand service channels that further differentiate our offerings. Our established global logistics infrastructure provides responsive supply chain support. We operate a full-service call center with chat-bots, AI, and virtual agent support, all of which contribute to scalability. Our network and security operations centers align with U.S. Computer Emergency Readiness Team and CDM best practices.

Telos ID Applications and Use Cases

U.S. Military ID. For more than 25 years, Telos ID’s identity trust services have provided access to health care, commissary services, and critical defense resources for more than 2,000,000 military members, their dependents, and civilian employees through use of the Common Access Card (“CAC”). We operate more than 250,000 components that comprise 7,000 end-user systems deployed around the world to nearly 2,000 military installations. We provide near real-time data collection support on personnel movement and location information for operating forces, government civil servants, and government contractors in specified operational theaters. This system has captured over 636,000,000 scans of government, U.S. military, and contractor personnel since its inception. Our logistics infrastructure provides responsive 24-hour delivery of components to our warfighters deployed across the globe, and we custom-build our identity, credentialing, and access management solutions to function effectively in austere environments that demand reliability and performance at all times.

TSA Airport Employee Vetting. Historically, more than 300,000,000 airline passengers’ travel experiences have been handled by more than 1,500,000 aviation workers who are screened through Telos ID’s aviation channeling service. As one of only two authorized aviation channeling providers in the market, we offer our aviation partners innovative biometric, identity trust, and customer service technologies that are critical to the operation of more than half of the largest airports in the nation. We actively support nearly 100 commercial airports, airlines, and general aviation customers, and our Independent Secure Flight Vetting technology provides a secure vetting service for non-travelers who need to access secure areas of an airport. We were the first commercial company in the United States to implement the FBI’s Rap Back service, enabling our aviation partners to perform continuous monitoring for insider threat detection.

U.S. Census Bureau Enumerator Screening. For the 2020 U.S. Census, we have processed more than 1,000,000 enumerators through our 1,100 identity service centers. Telos ID extends digital identity verification, fingerprinting, and photo services across the nation in support of 2020 Census hiring initiatives. We custom designed and deployed more than 1,300 desktop, kiosk, and mobile workstations that are operated by thousands of Census-cleared staff members. At the peak, Telos ID’s managed service supported more than 30,000 appointments per day, and our customer call center handled more than 35,000 daily calls at the peak.

TSA PreCheck® Enrollment Screening. Telos ID’s recent award of a 10-year contract to provide enrollment services in support of the TSA PreCheck® Enrollment Program presents a large, high-profile opportunity for us, and we are preparing to launch services under this program in early 2021. The TSA PreCheck® contract is an important example of a government-sponsored, consumer facing opportunity, in which we provide PreCheck® enrollment services to individual, fee-paying applicants. Telos ID’s service will engage with the world’s leading airline, hospitality, credit card, ride share, and other Fortune 500 businesses to provide consumer marketing and loyalty program tie-ins to promote the PreCheck® program. In addition, this program is expected to feature an omni-channel market approach that leverages advanced digital services to reach our customers across several market segments.

CMS Healthcare Provider Screening. Telos ID was recently awarded a 10-year contract to provide technology and service solutions that detect, prevent, and proactively deter fraud, waste and abuse in the Medicare and Medicaid programs. Telos ID’s digital identity trust platform and digital services is expected to offer critical technology necessary to identify and mitigate fraud across the United States. Each year, approximately 1,500,000 health care providers are required to undergo FBI-based non-criminal history checks requiring identity trust services, including identity verification, fingerprinting, and continuous monitoring.

Telos ID's digital trusted identity platform -- IDTrust360® -- is a leading, fully integrated suite containing IoT, Machine Learning (ML), AI, and other advanced cloud-hosted products and services that deliver identity trust, multi-modal biometric capture and matching, identity assurance, identity vetting, document validation, credentialing, personnel security, case management, call center support, cyber security, network and security operations, service management, integrated logistics, and numerous other features and functions. Its open architecture is supported by a flexible API gateway and a robust workflow engine that can efficiently extend individual services or offer the entire platform as a SaaS or turn-key solution for our customers. IDTrust360® is the only commercially owned and operated platform on the market with direct interfaces to the FBI's criminal records, DHS's terrorist watch list service, Treasury's pay.gov, other government identity risk management systems, and numerous commercial identity, intelligence, and risk-based data sources. We are actively engaged with federal customers to integrate vital event records, government identification document records, and other fingerprint-based biometric records hosted across multiple agencies. This enables Telos ID exclusively to offer NIST-compliant digital identity services aligned with federal security mandates. IDTrust360® extends web, mobile, and client applications within a fully integrated low-code development environment for rapid application development. The environment meets FISMA High certification standards and is NIST SP 800-53 certified within multiple federal agencies, while boasting 99.998% availability performance and enterprise-level scalability. IDTrust360® leverages leading cyber security and network monitoring tools aligned with DHS Continuous Diagnostics & Mitigation and industry best practices for strengthening network defense and enhancing the resiliency of our infrastructure necessary for managing and protecting millions of identity records, sensitive information, and end-point hardware components deployed across thousands of sites around the world for customers operating within defense, homeland security and law enforcement, financial, health, commerce, transportation, retail, and other market segments.

Secure Mobility

Nearly 20 years ago, we were the first non-government solutions provider to receive approval to design and deliver secure wireless solutions to DoD. That authorization to operate enabled us to build a very large footprint within DoD and the U.S. Air Force. As a result, we have a long track record of enabling our customers to work remotely and securely. Given the depth of our relationships, when one of our customers elects to modernize its remote mobility infrastructure, it frequently chooses to work with us. Within the U.S. Air Force and supporting DoD communities, we have designed and delivered enterprise-level secure mobile networks on every active duty, Air National Guard, and Air Force Reserve site worldwide.

Our secure mobility team brings credentials to every engagement, supplying deep expertise and experience as well as highly desirable clearances and industry recognized certifications for network engineering, mobility, and security. We also foster and maintain key industry partnerships, offering insight into technology advances and early access to new secure mobility solutions.

Network Management and Defense

On a managed basis, we offer a broad suite of services needed to operate, administer, and defend complex enterprise networks, giving our customers the benefit of these capabilities without having to commit to the cost and burden of providing the services for themselves. We have the expertise to manage and defend large-scale enterprises and have been successful at hiring and retaining personnel with the necessary key skills and security clearances.

Our Competitive Strengths

Leading cybersecurity company with a long history of providing security solutions to the most sophisticated customers. We have been providing security solutions, specializing in the area of cybersecurity, since 1995. Our customers include some of the most security-conscious organizations in the world, including the IC. For example, we believe that our award-winning Xacta offering is the dominant commercial risk management solution in the federal government space and is increasingly being adopted in the commercial sphere, notably by leading cloud providers such as AWS and Microsoft Azure. Additionally, Telos Ghost gives organizations and individuals the ability to hide in plain sight, eliminating attack vectors from hackers through obfuscation and mis-attribution. And, we believe our Telos ID identity offerings are market disruptors that present large opportunities for growth.

Superior security solutions and capabilities. Our solutions are designed for both government and commercial industries and are configured to operate in highly sensitive, highly classified environments, serving some of the most demanding, secure organizations in the world. Our solutions are flexible, and can be deployed in various ways, including on premises, in the cloud, or in hybrid or multi-cloud environments.



Proven ability to win and retain large contracts and enterprise-level deals, providing clear visibility into future revenue and profitability. We have over 20 active acquisition contracts and vehicles, thousands of active contracts and purchase orders, and more than 350 customers in each of the last three years. These contracts, vehicles and customers present a solid platform for growth. As but one example, we have provided IT security support to the Defense Manpower Data Center (“DMDC”) under a variety of contract vehicles since 1995, and this program accounts for annual revenue at a historical average of approximately $28 million over the last five years. We also have proven repeatedly our ability to deploy our security solutions at the enterprise level for both federal and commercial organizations. These long-term contract relationships provide predictable, recurring revenue at attractive margins.

Our substantial investments into technology and automation can be expanded beyond our core market. Our solutions are built to help our customers be more secure, more efficient, and more effective. We have made investments across the company to take advantage of efficiencies and automation through scalable security solutions that are market driven and market proven. In contrast to traditional cybersecurity businesses with a focus on government customers, we own the intellectual property developed through our R&D initiatives and can deploy our technology solutions across our entire public and private sector customer set. The ability to offer our solutions beyond the U.S. federal government sphere is a key enabler of our strategy to grow and expand our relationships with commercial customers.

Strong relationships with our customers. We are a customer-centric organization and pride ourselves on our close customer relationships. We have longstanding relationships with DoD, civilian agencies of the federal government, and the IC that date back more than two decades. Since 1995, our security solutions have been adopted by many defense, intelligence, civilian agency, and commercial customers, and we believe that the Telos brand has become synonymous with trust.

Respected, experienced management team. Our executive officers have an average tenure at Telos of approximately 21 years. The team is comprised of personnel with extensive military, federal government, and commercial backgrounds who are directly familiar with customer needs. Our management team also includes senior professionals who are experienced in developing commercial software solutions and leading technical teams throughout the development process.

COVID-resistant business. We support mission critical operations. Because of this and the growth of remote workforces as a result of the COVID-19 pandemic, we believe, based upon our 2020 financial performance to date, that our business is relatively COVID resistant. Additionally, the automation provided by our solutions can help customers do more with less as they are forced to downsize their staffs because of the pandemic. Automation is now even more critical to efficiently manage a business, including with respect to cyber risk and regulatory compliance, which should result in additional demand for our security solutions.

Our Growth Strategies

We are pursuing multiple strategies in order to grow the company, in both our commercial and government business end markets in the United States and abroad. Our key strategies are:

Leverage our diverse security solutions to expand our presence in commercial markets. Our offerings are designed to have broad application and include security risk and compliance, secure messaging, identity vetting, and managed attribution and obfuscation. We believe that we are well-positioned to sell our capabilities into a dynamic and growing commercial opportunity set and to innovate to address emerging and unique requirements. For example, we have leveraged core Xacta functionality to meet the needs of large financial services and CRM firms. We have also leveraged our U.S. federal government identity management qualifications to improve the speed and accuracy of vetting results for nearly 100 airports, air carriers, and general aviation across the country. We intend to continue to innovate and are developing additional offerings for cloud, mobile, and IoT devices.

Grow our revenue and expand margins by building robust sales channels. In recent years, we have formed an inside sales organization that serves as both the direct channel to a wider account universe and an effective and efficient training program to grow our field sales organization. We plan to expand our partner program to include a variety of channels, including resellers, integrators, and contract partners to help us more quickly gain access to new markets, particularly commercial and international. For example, both Telos Ghost and Xacta are now available through various AWS and Microsoft Azure marketplaces, serving regions around the world and markets requiring varying levels of security. We plan to grow our direct sales team and to accelerate the expansion of these channel partner initiatives, which we anticipate will drive revenue growth and material gross margin expansion.

Target and replace inefficient legacy products. Recognizing the limitations of their legacy systems, organizations are replacing existing systems and processes with our solutions. For example, Telos AMHS is a web-centric system that replaced legacy capabilities like communications centers for the purpose of executing operational orders (through organizational messaging) across the U.S. federal government and around the world. Xacta has disrupted the cyber risk and compliance management business across the U.S. federal government, replacing tedious manual activity with automation and delivering that automation to meet our customer’s needs flexibly on premises, in hybrid environments, in the cloud, and across multi-cloud infrastructures.



Broaden reach within the U.S. federal government. We have historically focused on the U.S. federal government and believe that we are an established leader in providing security solutions to federal agencies, including DoD and the IC. Nonetheless, we believe the U.S. federal government represents a significant growth opportunity, and we expect to continue to invest in products to serve additional customers in this vertical. For example, Xacta is included on DHS’s CDM Approved Products List to provide federal agencies with innovative security tools, which we believe presents us with an excellent opportunity to pursue contracts with additional federal agencies. In addition, our platform is available for use in the AWS GovCloud (US) and Azure Government.

Expand our international footprint. We are expanding our international operations and intend to invest globally to broaden our international footprint. We are currently working with countries such as Canada, Singapore, Australia, and Bahrain to offer Xacta to address cyber risk and compliance management capabilities. We are also working to expand AMHS to all NATO countries and to offer Telos Ghost internationally. We intend to grow our international customer base by increasing our investments in overseas operations, establishing channel partners, and adding personnel in Europe, the Middle East, and Asia-Pacific.

Pursue strategic acquisition opportunities. We believe that our markets remain fragmented, with many niche players providing limited product solutions targeting narrow customer segments. Given the breadth of our solution set and our customer end markets, we believe that we are well-positioned to opportunistically acquire smaller companies and incorporate their technology or deploy their solutions across a larger customer set. We believe that a targeted and opportunistic acquisition strategy will complement our significant organic growth opportunity.

Sales and Marketing

We typically focus on large government and commercial organizations that have demanding security requirements and/or complex cyber security risk and compliance management objectives.

Customer acquisition often involves extensive interaction at all levels of the organizations from users to executives and decision makers. We seek to forge relationships throughout an organization in an effort to obtain broad consensus as part of the sales process. Currently, the customer acquisition process is largely driven by direct sales activity.

As a result of the long tenure of many of our employees, many of our sales and business development executives have trusted relationships that have developed over many years. We augment these trusted relationships with senior leaders who have retired from the military, civil service, and various related industries. Many of these individuals are our employees. These leaders provide our sales team with access to high level contacts that would be difficult to achieve otherwise.

Our sales executives are supported by an inside sales team that works with the Telos marketing team on various awareness campaigns where sales leads are obtained, vetted, and pursued via proactive outreach (calls, email, etc.).

Metrics are tracked using a formal CRM process and used to equip the sales executives with useful sales data. Our sales team works hand in hand with our marketing team and various subject matter experts to develop target awareness campaigns for our various solutions that generate valuable leads and contacts.

Our sales strategy is to establish a customer foothold with one of our solutions and work to achieve rapid success. We then leverage this customer relationship to expand usage of other Telos solutions. We have a variety of upsell opportunities that allow us to expand our presence within a customer account. For example, there are various complementary Xacta features that build on each other and are sold separately. Additionally, our sales team is responsible for selling all Telos solutions. This allows a sales executive to quickly identify demand for other Telos solutions in existing accounts.

Our sales team also works with partner organizations like AWS, Microsoft Azure, and Rackspace Technology, Inc. to pursue mutual customers. These relationships represent our current channel sales strategy that we are in the process of expanding. We are also actively working with Singapore Technologies Engineering, Limited, which is helping us gain access to the Asian market for cyber security solutions.
We plan to expand our direct sales capability for markets in which we are well-known, such as the U.S. government, certain critical infrastructure sectors, and certain commercial verticals like healthcare and financial services. We also plan to expand our channel sales capability to gain rapid access to other commercial verticals and international markets.

We will be increasing our investment in sales and marketing with the goal of increasing sales of our security solutions and acquiring customers in a variety of verticals. In 2021, we are planning on implementing an approximate 300% increase from our 2020 sales and marketing investment. We currently have less than 10 salespeople at Telos who carry quotas that they are expected to meet. We plan on adding direct, quota-driven, in-house sales assets to focus on commercial accounts. We will focus Xacta and Telos Ghost sales efforts in the banking/financial services and insurance sector, healthcare, energy, and other critical infrastructure protection markets. We will also be investing in additional lead generation tools, financial incentives and marketing programs.

Our partner program will include a variety of channels, including resellers, technical/integrators, and consulting partners to help us accelerate access and implementations in new markets, particularly commercial and international. Currently, we participate in Microsoft and AWS partner programs, which incentivize their respective sellers to promote Telos security solutions (e.g., Xacta and Telos Ghost).

As part of the sales and channel program investment, we are also making corporate investments in functional areas such as contracts, solution architects and operations.

Much of our business is awarded through submission of formal competitive bids, though about 50% is awarded through limited competition or sole source contracts.

We build market awareness of Telos and our solutions through a variety of marketing programs, including regular briefings with industry analysts, public relations activities, government relations initiatives, web seminars, trade show exhibitions, speaking engagements and web site marketing. We will be making additional investments in these types of activities and targeting additional vertical specific content creation, targeted advertising and brand awareness campaigns, social media campaigns, and search engine marketing. When appropriate, we will engage in joint marketing activities with our channel, technology and consulting partners.

Competition

We operate in a highly competitive marketplace. There are other companies that provide solutions similar to ours. Although these companies provide offerings that overlap with some of our solutions, we are not aware of any single company that provides competitive solutions in all of the areas where we compete. The primary companies with which our solutions compete range from security solutions and software organizations such as CLEAR (operated by Alclear, LLC), Cutting Edge, IDEMIA, MetricStream Inc., Palantir Technologies Inc., RSA Archer, ServiceNow, Inc., and Unisys Corporation, to more traditional government services integrators that provide products and services such as Booz Allen Hamilton Inc., General Dynamics Corporation, Lockheed Martin Corporation, Northrop Grumman Corporation, and Science Applications International Corporation.

The majority of our business is in response to competitive requests from potential and current customers. Decisions regarding contract awards by our customers typically are based upon an assessment of the quality of our past performance, responsiveness to proposal requirements, uniqueness of the offering itself, price, and other competitive factors.

Aside from other companies that compete in our space, we sometimes face indirect competition from solutions that are developed “in-house” by some of our customers.

Our People and Culture

As of December 31, 2020, we had 785 employees, of which approximately 60% held security clearances.

Our people are proficient in many fields such as computer science, information security and vulnerability testing, networking technologies, physics, engineering, operations research, mathematics, economics, and business administration. We place a high value on our people. As a result, we seek to remain competitive in terms of salary structures, incentive compensation programs, fringe benefits, opportunities for growth, and individual recognition and award programs.

Our management team is committed to maintaining a corporate culture that fosters mutual respect and job satisfaction for our people, while delivering innovation and value to customers and shareholders. This commitment is reflected in our core values.

Always with integrity, at Telos we:

Build trusted relationships,
Work hard together,
Design and deliver superior solutions, and
Have fun doing it.

These values are woven throughout the fabric of Telos. They are reflected in our hiring practices, reinforced regularly, and reviewed during appraisals. They are written into annual and quarterly objectives for staff and managers alike, as well as department and company business goals. Employees are encouraged to challenge themselves and each other to exhibit the core values in everyday activities.

Our employees also are given avenues of communication and interaction should they observe activities that are inconsistent with our core values. Encouraged first to speak openly about any issues, a hotline provides an opportunity to express concerns anonymously.

We consider the foundational value of integrity to be a non-negotiable requirement of employment, and an expectation of suppliers, partners, and our customers. We guard our reputation and will take aggressive action to protect it. An essential part of our brand promise is that we always engage employees, customers, partners, suppliers, and investors with integrity.

Government Contracts and Regulation

Our business is heavily regulated. We must comply with and are affected by laws and regulations relating to the formation, administration and performance of U.S. Government and other contracts. These laws and regulations, among other things: 

impose specific and unique cost accounting practices that may differ from Generally Accepted Accounting Principles (“GAAP”) in the United States of America and therefore require reconciliation;

impose acquisition regulations that define reimbursable and non-reimbursable costs; and

restrict the use and dissemination of information classified for national security purposes and the export of certain products and technical data.

Government contracts are subject to congressional funding. Consequently, at the outset of a program, a contract is usually partially funded, and Congress annually determines if additional funds are to be appropriated to the contract. All of our government customers have the right to terminate their contract with us at their convenience or in the event that we default.

A portion of our business is classified by the U.S. Government and cannot be specifically described. The operating results of these classified programs are included in our consolidated financial statements.

Backlog

We develop our annual budgeted revenue by estimating for the upcoming year our continuing business from existing customers and active contracts. We consider backlog, both funded and unfunded (as explained below), other expected annual renewals, and expansion planned by our current customers. In the context of our current customer portfolio, we view “recurring revenue” as revenue that occurs often and repeatedly. In each of the last three years, recurring revenue has exceeded 85% of our annual revenue. Our total budgeted revenue is the combination of recurring revenue and a forecast of new business.

Total backlog, a component of recurring revenue, consists of the aggregate contract revenues remaining to be earned by us at a given time over the life of our contracts, whether funded or unfunded. Funded backlog consists of the aggregate contract revenues remaining to be earned at a given time, which, in the case of U.S. government contracts, means that they have been funded by the procuring agency. Unfunded backlog is the difference between total backlog and funded backlog and includes potential revenues that may be earned if customers exercise delivery orders and/or renewal options to continue these contracts. Based on historical experience, we generally assume option year renewals to be exercised. Most of our customers fund contracts on a basis of one year or less and, as a result, funded backlog is generally expected to be earned within one year from any point in time, whereas unfunded backlog is expected to be earned over a longer period.

Item 1A. Risk Factors

In addition to other information in this Form 10-K, the following risk factors should be carefully considered in evaluating the Company and its businesses because these factors currently have, or may have, a significant impact on our business, operating results or financial condition. Actual results could differ materially from those projected in the forward-looking statements contained in this Form 10-K as a result of the risk factors discussed below and elsewhere in this Form 10-K.

We depend on the U.S. Government for a significant portion of our sales and a significant decline in U.S. Government defense and intelligence community spending, or a reallocation of spending to other priorities, could have an adverse impact on our financial condition and results of operations.
Our sales are highly concentrated with the U.S. Government. The customer relationship with the U.S. Government involves certain risks that are unique. The programs in which we participate must compete with other programs and policy imperatives during the budget and appropriations process.  In each of the past three years, a substantial portion of our net sales were to the U.S. Government, particularly the DoD. U.S. defense spending has historically been cyclical. Defense budgets have received their strongest support when perceived threats to national security raise the level of concern over the country’s safety. As these threats subside, spending on the military tends to decrease. Rising budget deficits, increasing national debt, the cost of the global war on terrorism, increasing costs for entitlement programs, and potentially the large costs of combating the Coronavirus pandemic and addressing the health concerns and economic dislocation caused by COVID-19, continue to put pressure on all areas of discretionary spending, which could ultimately impact the defense budget and other aspects of federal discretionary spending.

U.S. Government appropriations have been and continue to be affected by larger U.S. Government budgetary issues and related legislation. In 2011, Congress enacted the Budget Control Act of 2011 (the “BCA”), which established specific limits on annual appropriations for fiscal years 2012-2021. These limits were subsequently amended several times. With the expiration of the BCA at the end of FY 2021, there are no statutory limits in place for FY 2022.

According to the non-partisan Congressional Budget Office (CBO), since enactment of the BCA, federal outlays devoted to defense programs fell from 4.5 percent as a share of Gross Domestic Product (GDP) to as low as 3.1 percent of GDP in each of fiscal years 2016-18, before rising slightly the past two years to a level of 3.4 percent in FY 2020. Moreover, CBO reports that, as a result of the spending caps imposed by the BCA, non-adjusted defense outlays subsequently shrank from $699.4 billion in FY 2011 to as low as $583.4 billion in FY 2016, and did not again exceed their FY 2011 level until FY 2020, when outlays were $713.8 billion, two percent above the FY 2011 level.

In FYs 2020 and 2021, the COVID-19 pandemic and associated economic dislocation in the United States has resulted in an overwhelming federal response, including enactment of several massive and comprehensive emergency appropriations and economic stimulus measures. These were in addition to annual appropriations legislation for FY 2021, which was not enacted into law until late December 2020, nearly three months after the beginning of the fiscal year, during which time the government once again operated under a series of Continuing Resolutions which strictly limited new spending initiatives. These enormous emergency spending packages and their resulting increases in the budget deficit will necessarily factor into future spending decisions to an unknown degree. Further, as the outgoing Trump Administration did not complete its work on a proposed FY 2022 budget prior to leaving office on January 20, 2021, and the incoming Biden Administration has been delayed in submitting a proposed budget to Congress, the proposed spending levels for FY 2022 cannot be predicted.  Finally, the near- and long-term impacts of the COVID-19 health and associated economic crisis on federal budget planning and the government contracts that we hold, and on the federal procurements that we would otherwise compete for, cannot be known.

Should Congress and the White House be unable to make sufficient progress on the FY 2022 budget and enact appropriations legislation prior to the beginning of the new fiscal year on October 1, 2021, the Department of Defense and other federal departments and agencies will likely again be funded for an unknown period of time under a Continuing Resolution, which would restrict new spending initiatives.

We are subject to the seasonality of the U.S. government spending.
We derive a substantial portion of our revenues from U.S. government contracting, and as a result, we are subject to the annual seasonality of the U.S. government purchasing. Because the U.S. government fiscal year ends on September 30, it is not uncommon for U.S. government agencies to award extra tasks in the weeks immediately prior to the end of its fiscal year in order to avoid the loss of unexpended fiscal year funds. As a result of this seasonality, we have historically experienced higher revenues in the third and fourth fiscal quarters, ending September 30 and December 31, respectively, with the pace of orders typically substantially reduced during the first and second fiscal quarters ending March 31 and June 30, respectively.

Our pricing structures for our solutions and services may change from time to time.
We expect that we may change our pricing model from time to time, including as a result of competition, global economic conditions, and general reductions in our customers’ spending levels, pricing studies, or changes in how our solutions are broadly consumed. Similarly, as we introduce new products and services, or as a result of the evolution of our existing solutions and services, we may have difficulty determining the appropriate price structure for our products and services. In addition, as new and existing competitors introduce new products or services that compete with ours, or revise their pricing structures, we may be unable to attract new customers at the same price or based on the same pricing model as we have used historically. Moreover, as we continue to target selling our solutions and services to larger organizations, these larger organizations may demand substantial price concessions. In addition, we may need to change pricing policies to accommodate government pricing guidelines for our contracts with federal, state, local, and foreign governments and government agencies. If we are unable to modify or develop pricing models and strategies that are attractive to existing and prospective customers, while enabling us to significantly grow our sales and revenue relative to our associated costs and expenses in a reasonable period of time, our business, financial condition, and results of operations may be adversely impacted.

We depend on computing infrastructure operated by Amazon Web Services (“AWS”), Microsoft, and other third parties to support some of our solutions and customers, and any errors, disruption, performance problems, or failure in their or our operational infrastructure could adversely affect our business, financial condition, and results of operations.
We rely on the technology, infrastructure, and software applications, of certain third parties, such as AWS and Microsoft Azure, in order to host or operate some of certain key platform features or functions of our business. Additionally, we rely on computer hardware and cloud capabilities purchased in order to deliver our solutions and services. We do not have control over the operations of the facilities of the third parties that we use. If any of these third-party services experience errors, disruptions, security issues, or other performance deficiencies, if they are updated such that our solutions become incompatible, if these services, software, or hardware fail or become unavailable due to extended outages, interruptions, defects, or otherwise, or if they are no longer available on commercially reasonable terms or prices (or at all), these issues could result in errors or defects in our solutions, cause our solutions to fail, our revenue and margins could decline, or our reputation and brand to be damaged, we could be exposed to legal or contractual liability, our expenses could increase, our ability to manage our operations could be interrupted, and our processes for managing our sales and servicing our customers could be impaired until equivalent services or technology, if available, are identified, procured, and implemented, all of which may take significant time and resources, increase our costs, and could adversely affect our business. Many of these third-party providers attempt to impose limitations on their liability for such errors, disruptions, defects, performance deficiencies, or failures, and if enforceable, we may have additional liability to our customers or third-party providers.

We have experienced, and may in the future experience, disruptions, failures, data loss, outages, and other performance problems with our infrastructure and cloud-based offerings due to a variety of factors, including infrastructure changes, introductions of new functionality, human or software errors, employee misconduct, capacity constraints, denial of service attacks, phishing attacks, computer viruses, malicious or destructive code, or other security-related incidents, and our disaster recovery planning may not be sufficient for all situations. If we experience disruptions, failures, data loss, outages, or other performance problems, our business, financial condition, and results of operations could be adversely affected.

Our systems and the third-party systems upon which we and our customers rely are also vulnerable to damage or interruption from catastrophic occurrences such as earthquakes, floods, fires, power loss, telecommunication failures, cybersecurity threats, terrorist attacks, natural disasters, public health crises such as the COVID-19 pandemic, geopolitical and similar events, or acts of misconduct. Despite any precautions we may take, the occurrence of a catastrophic disaster or other unanticipated problems at our or our third-party vendors’ hosting facilities, or within our systems or the systems of third parties upon which we rely, could result in interruptions, performance problems, or failure of our infrastructure, technology, or solutions, which may adversely impact our business. In addition, our ability to conduct normal business operations could be severely affected. In the event of significant physical damage to one of these facilities, it may take a significant period of time to achieve full resumption of our services, and our disaster recovery planning may not account for all eventualities. In addition, any negative publicity arising from these disruptions could harm our reputation and brand and adversely affect our business.

Furthermore, our solutions are in many cases important or essential to our customers’ operations, including in some cases, their cybersecurity or oversight and compliance programs, and subject to service level agreements (“SLAs”). Any interruption in our service, whether as a result of an internal or third-party issue, could damage our brand and reputation, cause our customers to terminate or not renew their contracts with us or decrease use of our solutions and services, require us to indemnify our customers against certain losses, result in our issuing credit or paying penalties or fines, subject us to other losses or liabilities, cause our solutions to be perceived as unreliable or unsecure, and prevent us from gaining new or additional business from current or future customers, any of which could harm our business, financial condition, and results of operations.

Moreover, to the extent that we do not effectively address capacity constraints, upgrade our systems as needed, and continually develop our technology and network architecture to accommodate actual and anticipated changes in technology, our business, financial condition, and results of operations could be adversely affected. The provisioning of additional cloud hosting capacity requires lead time. AWS, Microsoft Azure, and other third parties have no obligation to renew their agreements with us on commercially reasonable terms, or at all. If AWS, Microsoft Azure, or other third parties increase pricing terms, terminate or seek to terminate our contractual relationship, establish more favorable relationships with our competitors, or change or interpret their terms of service or policies in a manner that is unfavorable with respect to us, we may be required to transfer to other cloud providers or invest in a private cloud. If we are required to transfer to other cloud providers or invest in a private cloud, we could incur significant costs and experience possible service interruption in connection with doing so, or risk loss of customer contracts if they are unwilling to accept such a change.

A failure to maintain our relationships with our third-party providers (or obtain adequate replacements), and to receive services from such providers that do not contain any material errors or defects, could adversely affect our ability to deliver effective products and solutions to our customers and adversely affect our business and results of operations.

We are dependent on a few key customer contracts for a significant portion of our future revenue, and a significant reduction in services to one or more of these contracts would reduce our future revenue and harm our anticipated operating results.
A small number of our large customer contracts, including the TSA PreCheck™ enrollment program and our program with CMS, are expected to comprise a significant portion of our future revenue. Our business will likely be harmed if any of our key customer contracts do not generate as much revenue as we forecast, and the termination or delay of a large contract or of multiple contracts could have a material adverse effect on our revenue and profitability. Adverse events affecting the programs subject to these contracts could also negatively affect our ability to process transactions under those contracts, which could adversely affect our revenue and results of operations. For example, the COVID-19 pandemic may adversely affect or disrupt the TSA PreCheck™ enrollment program, which could lead to delays in the implementation of that program and changes in demand for that program. In addition, if the COVID-19 pandemic and associated protective or preventative measures expand, we may experience a material adverse effect on our business operations, revenues, financial condition, and ability to execute on business or contract opportunities; however, the ultimate impact is highly uncertain and subject to change.

We will face risks associated with the growth of our business in new commercial markets and with new customer verticals, and we may neither be able to continue our organic growth nor have the necessary resources to dedicate to the overall growth of our business.
We plan to expand our operations in new commercial markets, including those where we may have limited operating experience, and may be subject to increased business, technology and economic risks that could affect our financial results. In recent periods, we have increased our focus on commercial customers. In the future, we may increasingly focus on such customers, including in the banking, financial services, healthcare, pharmaceutical, manufacturing, telecommunication, airlines and aerospace, insurance, retail, transportation, shipping and logistics, and energy industries, as well as other critical infrastructure industries. Entering new verticals and expanding in the verticals in which we are already operating will continue to require significant resources and there is no guarantee that such efforts will be successful or beneficial to us. Historically, sales to a new customer have often led to additional sales to the same customer or similarly situated customers. As we expand into and within new and emerging markets and heavily regulated industry verticals, we will likely face additional regulatory scrutiny, risks, and burdens from the governments and agencies which regulate those markets and industries. While this approach to expansion within new commercial markets and verticals has proven successful in the past, it is uncertain we will achieve the same penetration and organic growth in the future and our reputation, business, financial condition, and results of operations could be negatively impacted.

In the future, we may seek to enter into other credit facilities to help fund our working capital needs. These credit facilities may expose us to additional risks associated with leverage and may inhibit our operating flexibility.
We may seek to enter into other credit facilities with third-party lenders to help fund our business. Such credit facilities will likely require us to pay a commitment fee on the undrawn amount and will likely contain a number of affirmative and restrictive covenants.

If we violate any such covenants, our lenders could accelerate the maturity of any debt outstanding and we may be prohibited from making any distributions to our stockholders. Such debt may be secured by our assets, including the stock we may own in subsidiaries and the rights we have under intercompany loan agreements that we may enter into in the future with our businesses. Our ability to meet our debt service obligations may be affected by events beyond our control and will depend primarily upon cash produced by our business. Any failure to comply with the terms of our indebtedness may have a material adverse effect on our financial condition.

In addition, we expect that such credit facilities will bear interest at floating rates which will generally change as interest rates change. We will bear the risk that the rates that we are charged by our lenders will increase faster than we can grow the cash flow from our businesses, which could reduce profitability, materially adversely affect our ability to service our debt and cause us to breach covenants contained in our third-party credit facilities.

Our business is subject to complex and evolving U.S. and non-U.S. laws and regulations regarding privacy, data protection and security, technology protection, and other matters. Many of these laws and regulations are subject to change and uncertain interpretation, and could result in claims, changes to our business practices, monetary penalties, increased cost of operations, or otherwise harm our business.
We are subject to a variety of local, state, national, and international laws and directives and regulations in the United States and abroad that involve matters central to our business, including privacy and data protection, data security, data storage, retention, transfer and deletion, technology protection, and personal information. Foreign data protection, data security, privacy, and other laws and regulations can impose different obligations or be more restrictive than those in the United States. These U.S. federal and state and foreign laws and regulations, which, depending on the regime, may be enforced by private parties or government entities, are constantly evolving and can be subject to significant change, and they are likely to remain uncertain for the foreseeable future. In addition, the application, interpretation, and enforcement of these laws and regulations are often uncertain, and may be interpreted and applied inconsistently from country to country and inconsistently with our current policies and practices. A number of proposals are pending before U.S. federal, state, and foreign legislative and regulatory bodies that could significantly affect our business.

The overarching complexity of privacy and data protection laws and regulations around the world pose a compliance challenge that could manifest in costs, damages, or liability in other forms as a result of failure to implement proper programmatic controls, failure to adhere to those controls, or the malicious or inadvertent breach of applicable privacy and data protection requirements by us, our employees, our business partners, or our customers.

In addition to government regulation, self-regulatory standards and other industry standards may legally or contractually apply to us, be argued to apply to us, or we may elect to comply with such standards or to facilitate our customers’ compliance with such standards. Because privacy, data protection, and information security are critical competitive factors in our industry, we may make statements on our website, in marketing materials, or in other settings about our data security measures and our compliance with, or our ability to facilitate our customers’ compliance with, these standards. We also expect that there will continue to be new proposed laws and regulations concerning privacy, data protection, and information security, and we cannot yet determine the impact such future laws, regulations and standards, or amendments to or re-interpretations of existing laws and regulations, industry standards, or other obligations may have on our business. New laws, amendments to or re-interpretations of existing laws and regulations, industry standards, and contractual and other obligations may require us to incur additional costs and restrict our business operations. As these legal regimes relating to privacy, data protection, and information security continue to evolve, they may result in ever-increasing public scrutiny and escalating levels of enforcement and sanctions. Furthermore, because the interpretation and application of laws, standards, contractual obligations and other obligations relating to privacy, data protection, and information security are uncertain, these laws, standards, and contractual and other obligations may be interpreted and applied in a manner that is, or is alleged to be, inconsistent with our data management practices, our policies or procedures, or the features of our solutions. If so, in addition to the possibility of fines, lawsuits, and other claims, we could be required to fundamentally change our business activities and practices or modify our solutions, which could have an adverse effect on our business. We may be unable to make such changes and modifications in a commercially reasonable manner or at all, and our ability to fulfill existing obligations, make enhancements, or develop new solutions and features could be limited. Furthermore, the costs of compliance with, and other burdens imposed by, the laws, regulations, and policies that are applicable to the businesses of our customers may limit the use and adoption of, and reduce the overall demand for, our solutions.

These existing and proposed laws and regulations can be costly to comply with and can make our solutions and services less effective or valuable, delay or impede the development of new products, result in negative publicity, increase our operating costs, require us to modify our data handling practices, limit our operations, impose substantial fines and penalties, require significant management time and attention, or put our data or technology at risk. Any failure or perceived failure by us or our solutions to comply with U.S., or applicable foreign laws, regulations, directives, policies, industry standards, or legal obligations relating to privacy, data protection, or information security, or any security incident that results in loss of or the unauthorized access to, or acquisition, use, release, or transfer of, personal information, personal data, or other customer or sensitive data sensitive data or information may result in governmental investigations, inquiries, enforcement actions and prosecutions, private claims and litigation, indemnification or other contractual obligations, other remedies, including fines or demands that we modify or cease existing business practices, or adverse publicity, and related costs and liabilities, which could significantly and adversely affect our business and results of operations.

Changes in accounting principles or their application to us could result in unfavorable accounting charges or effects, which could adversely affect our results of operations and growth prospects.
We prepare consolidated financial statements in accordance with U.S. GAAP. In particular, we make certain estimates and assumptions related to the adoption and interpretation of these principles including the recognition of our revenue and the accounting of our stock-based compensation expense with respect to our consolidated financial statements. If these assumptions turn out to be incorrect, our revenue or our stock-based compensation expense could materially differ from our expectations, which could have a material adverse effect on our financial results. A change in any of these principles or guidance, or in their interpretations or application to us, may have a significant effect on our reported results, as well as our processes and related controls, and may retroactively affect previously reported results or our forecasts, which may negatively impact our financial statements. For example, recent new standards issued by the Financial Accounting Standards Board could materially impact our consolidated financial statements. The adoption of these new standards may potentially require enhancements or changes in our processes or systems and may require significant time and cost on behalf of our financial management. This may in turn adversely affect our results of operations and growth prospects.

If our judgments or estimates relating to our critical accounting policies are based on assumptions that change or prove to be incorrect, our results of operations could fall below expectations of securities analysts and investors, resulting in a decline in our stock price.
The preparation of our consolidated financial statements in conformity with GAAP requires management to make judgments, estimates, and assumptions that affect the amounts reported in the consolidated financial statements and accompanying notes. We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances, the results of which form the basis for making judgments about the carrying values of assets, liabilities, and equity, and the amount of revenue and expenses that are not readily apparent from other sources. Our results of operations may be adversely affected if our assumptions change or if actual circumstances differ from those in our assumptions, which could cause our results of operations to fall below the expectations of securities analysts and investors, resulting in a decline in the trading price of our common stock. Significant judgments, estimates, and assumptions used in preparing our consolidated financial statements include, or may in the future include, those related to revenue recognition, stock-based compensation, common stock valuations, and income taxes.

A novel strain of coronavirus, COVID-19, as well as variants of this strain, may adversely affect our future business operations, financial condition and our ability to execute on business or contract opportunities.
In December 2019, an outbreak of COVID-19 was reported in Wuhan, China. On March 11, 2020, the World Health Organization declared COVID-19 a global pandemic and on March 13, 2020, President Donald J. Trump declared the virus a national emergency. This highly contagious disease has spread to most of the countries in the world and throughout the United States, creating a serious impact on customers, workforces, and suppliers, disrupting economies and financial markets, and potentially leading to a world-wide economic downturn. COVID-19, as well as subsequently reported variants of this strain, have caused a disruption of the normal operations of many businesses, including the temporary closure or scale-back of business operations and/or the imposition of either quarantine or remote work or meeting requirements for employees, either by government order or on a voluntary basis. The pandemic may adversely affect our customers’ ability to perform their missions and is in many cases disrupting their operations. It may also impact the ability of our subcontractors, partners, and suppliers to operate and fulfill their contractual obligations, and result in an increase in their costs and cause delays in performance. These supply chain effects, and the direct effect of the virus and the disruption on our operations, may negatively impact both our ability to meet customer demand and our revenue and profit margins. Our employees, in some cases, are working remotely due either to safety concerns or to customer imposed limitations and using various technologies to perform their functions. We could see delays or changes in customer demand, particularly if government funding priorities change. Additionally, the disruption and volatility in the global and domestic capital markets may increase the cost of capital and limit our ability to access capital. Both the health and economic aspects of COVID-19 are highly fluid and the future course of each is uncertain. For these reasons and other reasons that may come to light if the coronavirus pandemic and associated protective or preventative measures expand, we may experience a material adverse effect on our business operations, revenues and financial condition, and our ability to execute on business or contract opportunities, including the TSA PreCheckTM enrollment program; however, its ultimate impact is highly uncertain and subject to change.

Our facilities or operations could be adversely affected by events outside of our control, such as natural disasters, wars or health epidemics.
We may be impacted by natural disasters, wars, power outages, health epidemics or pandemics, or other events outside of our control. If major disasters such as earthquakes, floods, hurricanes, tornadoes, fires, or other events occur, or our information system or communications network breaks down, operates improperly, or is unusable, our headquarters and other facilities may be seriously damaged, or we may have to stop or delay production and delivery of our solutions and services. Although we maintain crisis management and disaster response plans, such events could make it difficult or impossible for us to deliver our solutions and services to our customers, and could decrease demand for our offerings. We may incur shutdowns, delays, disruptions or expenses relating to such events outside of our control, which could have a material adverse impact on our business, operating results and financial condition. Because we do not carry insurance for all of these possible losses, and significant recovery time could be required to resume operations, our financial condition and operating results could be materially adversely affected by such an event outside of our control.

Our U.S. Government contracts are subject to competitive bidding, both upon initial issuance and re-competition. If we are unable to successfully compete in the bidding process or if we fail to win re-competitions, it could adversely affect our operating performance and lead to an unexpected loss of revenue.
Substantially all of our U.S. Government contracts are awarded through a competitive bidding process upon initial award and renewal, and we expect that this will continue to be the case. There is often significant competition and pricing pressure as a result of this process. The competitive bidding process presents a number of risks, including the following:

we may expend substantial funds and time to prepare bids and proposals for contracts that may ultimately be awarded to one of our competitors;
we may be unable to accurately estimate the resources and costs that will be required to perform any contract we are awarded, which could result in substantial cost overruns;
we may encounter expense and delay if our competitors protest or challenge awards of contracts, and any such protest or challenge could result in a requirement to resubmit bids on modified specifications or in the termination, reduction or modification of the awarded contract. Additionally, the protest of contracts awarded to us may result in the delay of program performance and the generation of revenue while the protest is pending; and
if we are not given the opportunity to re-compete for U.S. Government contracts previously awarded to us, we may incur expenses to protect such decision and ultimately may not succeed in competing for or winning such contract renewal.

The U.S. Government contracts for which we compete typically have multiple option periods, and if we fail to win a contract or a task order, we generally will be unable to compete again for that contract for several years. If we fail to win new contracts or to receive renewal contracts upon re-competition, it may result in additional costs and expenses and possible loss of revenue, and we will not have an opportunity to compete for these contract opportunities again until such contracts expire.

U.S. Government contracts generally are not fully funded at inception and are subject to amendment or termination, which places a significant portion of our revenues at risk and could adversely impact our earnings.
Our U.S. Government sales are funded by customer budgets, which operate on an October-to-September fiscal year. In February of each year, the President of the United States presents to the Congress the budget for the upcoming fiscal year. This budget proposes funding levels for every federal agency and is the result of months of policy and program reviews throughout the Executive branch. From February through September of each year, the appropriations and authorization committees of Congress review the President’s budget proposals and establish the funding levels for the upcoming fiscal year in appropriations and authorization legislation. Once these levels are enacted into law, the Executive Office of the President administers the funds to the agencies. There are two primary risks associated with this process. First, the process may be delayed or disrupted. Changes in congressional schedules, negotiations for program funding levels or unforeseen world events can interrupt the funding for a program or contract. Second, funds for multi-year contracts can be changed in subsequent years in the appropriations process. In addition, the U.S. Government has increasingly relied on IDIQ contracts and other procurement vehicles that are subject to a competitive bidding and funding process even after the award of the basic contract, adding an additional element of uncertainty to future funding levels. Delays in the funding process or changes in funding or funding priorities can impact the timing of available funds or can lead to changes in program content or termination at the government’s convenience. The loss of anticipated funding or the termination of multiple or large programs could have an adverse effect on our future sales and earnings. The health and economic crisis created by the Coronavirus pandemic, and the substantial increase in federal spending devoted to addressing multiple aspects of the crisis, might cause changes in federal or agency spending priorities that might impact our customer’s willingness or ability to continue or extend our contracts or procure contracts which we otherwise, in the absence of the crisis, might have secured.

We are subject to substantial oversight from federal agencies that have the authority to suspend our ability to bid on contracts.
As a U.S. Government contractor, we are subject to oversight by many agencies and entities of the U.S. Government that may investigate and make inquiries of our business practices and conduct audits of contract performance and cost accounting. Depending on the results of any such audits and investigations, the U.S. Government may make claims against us. Under U.S. Government procurement regulations and practices, an indictment of a U.S. Government contractor could result in that contractor being fined and/or suspended for a period of time from eligibility for bidding on, or for the award of, new U.S. Government contracts. A conviction could result in debarment for a specified period of time. To the best of management’s knowledge, there are no pending investigations, inquiries, claims or audits against the Company likely to have a material adverse effect on our business or our consolidated results of operations, cash flows or financial position.

We enter into fixed-price and other contracts that could subject us to losses if we experience cost growth that cannot be billed to customers.
Generally, our customer contracts are either fixed-priced or cost reimbursable contracts. Under fixed-priced contracts, which represented approximately 84.3% of our 2020 revenues, we receive a fixed price irrespective of the actual costs we incur and, consequently, we carry the burden of any cost overruns. Due to their nature, fixed-priced contracts inherently have more risk than cost reimbursable contracts, particularly fixed-price development contracts where the costs to complete the development stage of the program can be highly variable, uncertain and difficult to estimate. Under cost reimbursable contracts, subject to a contract-ceiling amount in certain cases, we are reimbursed for allowable costs and paid a fee, which may be fixed or performance based. If our costs exceed the contract ceiling and are not authorized by the customer or are not allowable under the contract or applicable regulations, we may not be able to obtain reimbursement for all such costs and our fees may be reduced or eliminated. Because many of our contracts involve advanced designs and innovative technologies, we may experience unforeseen technological difficulties and cost overruns. Under both types of contracts, if we are unable to control costs or if our initial cost estimates are incorrect, we can lose money on these contracts. In addition, some of our contracts have provisions relating to cost controls and audit rights, and if we fail to meet the terms specified in those contracts, we may not realize their full benefits. Lower earnings caused by cost overruns and cost controls would have a negative impact on our results of operations.

We depend on third parties in order to fully perform under our contracts and the failure of a third party to perform could have an adverse impact on our earnings.
We rely on subcontractors and other companies to provide raw materials, major components and subsystems for our products or to perform a portion of the services that we provide to our customers. Occasionally, we rely on only one or two sources of supply, which, if disrupted, could have an adverse effect on our ability to meet our commitments to customers. We depend on these subcontractors and vendors to fulfill their contractual obligations in a timely and satisfactory manner in full compliance with customer requirements. If one or more of our subcontractors or suppliers is unable to satisfactorily provide on a timely basis the agreed-upon supplies or perform the agreed-upon services, our ability to perform our obligations as a prime contractor may be adversely affected.

Our future profitability depends, in part, on our ability to develop new technologies and maintain a qualified workforce to meet the needs of our customers.
Virtually all of the products that we produce and sell are highly engineered and require sophisticated manufacturing and system integration techniques and capabilities. The government market in which we primarily operate is characterized by rapidly changing technologies. The product and program needs of our government and commercial customers change and evolve regularly. Accordingly, our future performance in part depends on our ability to identify emerging technological trends, develop and manufacture competitive products, and bring those products to market quickly at cost-effective prices. In addition, because of the highly specialized nature of our business, we must be able to hire and retain the skilled and appropriately qualified personnel necessary to perform the services required by our customers. If we are unable to develop new products that meet customers’ changing needs or successfully attract and retain qualified personnel, future sales and earnings may be adversely affected.

The business environment in which we operate is highly competitive and may impair our ability to achieve revenue growth.
We operate in industry segments that are diverse. Based upon our current market analysis, there is no single company or small group of companies in a dominant competitive position. Some large competitors offer capabilities in a number of markets that overlap many of the same areas in which we offer services, while certain companies are focused upon only one or a few of such markets.  Some of the firms that compete with us in multiple areas include: Northrop Grumman, Lockheed Martin and General Dynamics. In addition, we compete with smaller specialty companies, including risk and compliance management companies, organizational messaging companies, and security consulting organizations, and companies that provide secure network offerings. If we do not compete effectively, we may suffer price reductions, reduced gross margins, and loss of market share.

Some of our security solutions have lengthy sales and implementation cycles, which could significantly impact our results of operations if projected orders are not realized.
We market the majority of our security solutions directly to U.S. Government customers. The sale and implementation of our services to these entities typically involves a lengthy education process and a significant technical evaluation and commitment of capital and other resources. This process is also subject to the risk of delays associated with customers’ internal budgeting and other procedures for approving large capital expenditures, deploying new technologies within their networks and testing and accepting new technologies that affect key operations. As a result, the sales and implementation cycles associated with certain of our services can be lengthy. Our quarterly and annual operating results could be materially harmed if orders forecasted for a specific customer for a particular quarter are not realized.

Our business could be negatively affected by cyber or other security threats or other disruptions.
As a cybersecurity company and a U.S. defense contractor, we face cyber threats, threats to the physical security of our facilities and employees, and terrorist acts. We also are exposed to the potential for business disruptions associated with information technology failures, natural disasters, or public health or economic crises, such as that created by the Coronavirus pandemic. We routinely experience cyber security threats, threats to our information technology infrastructure and attempts to gain access to our sensitive information, as do our customers, suppliers, subcontractors and joint venture partners. We may experience similar security threats at customer sites that we operate and manage as a contractual requirement. Prior cyber attacks directed at us have not had a material impact on our financial results, and we believe our threat detection and mitigation processes and procedures are adequate. The threats we face vary from attacks common to most industries to more advanced and persistent, highly organized adversaries who target us because we protect national security information. If we are unable to protect sensitive information, our customers or governmental authorities could question the adequacy of our threat mitigation and detection processes and procedures.  Due to the evolving nature of these security threats, however, the impact of any future incident cannot be predicted. Occurrence of any of these events could adversely affect our internal operations, the services we provide to our customers, loss of competitive advantages derived from our research and development efforts or other intellectual property, early obsolescence of our products and services, our future financial results, or our reputation.

If we are unable to protect our intellectual property, our revenues may be impacted adversely by the unauthorized use of our products and services.
Our success depends on our internally developed technologies, patents and other intellectual property. Despite our precautions, it may be possible for a third party to copy or otherwise obtain and use our trade secrets or other forms of intellectual property without authorization. Furthermore, the laws of foreign countries may not protect our proprietary rights in those countries to the same extent U.S. law protects these rights in the United States. In addition, it is possible that others may independently develop substantially equivalent intellectual property. If we do not effectively protect our intellectual property, our business could suffer. In the future, we may have to resort to litigation to enforce our intellectual property rights, to protect our trade secrets or to determine the validity and scope of the proprietary rights of others. This type of litigation, regardless of its outcome, could result in substantial costs and diversion of management and technical resources.

If we are unable to license third-party technology that is used in our products and services to perform key functions, the loss could have an adverse effect on our revenues.
The third-party technology licenses used by us may not continue to be available on commercially reasonable terms or at all. Our business could suffer if we lost the rights to use these technologies. A third-party could claim that the licensed software infringes a patent or other proprietary right. Litigation between the licensor and a third-party or between us and a third-party could lead to royalty obligations for which we are not indemnified or for which indemnification is insufficient, or we may not be able to obtain any additional license on commercially reasonable terms or at all. The loss of, or our inability to obtain or maintain, any of these technology licenses could delay the introduction of new products or services until equivalent technology, if available, is identified, licensed and integrated. This could harm our business.

We are involved in a number of legal proceedings. We cannot predict the outcome of litigation and other contingencies with certainty.
Our business may be adversely affected by the outcome of legal proceedings and other contingencies that cannot be predicted with certainty. As required by GAAP, we estimate loss contingencies and establish reserves based on our assessment of contingencies where liability is deemed probable and the amount of loss is reasonably estimable in light of the facts and circumstances known to us at a particular point in time. Subsequent developments in legal proceedings may affect our assessment of the potential for liability and our estimates of the loss contingency recorded as a liability or as a reserve against assets in our financial statements. For a description of our current legal proceedings, see Note 13 – Commitments, Contingencies and Subsequent Events to the consolidated financial statements.

Any potential future acquisitions, strategic investments, divestitures, mergers or joint ventures may subject us to significant risks, any of which could harm our business.
Our long-term strategy may include identifying and acquiring, investing in or merging with suitable candidates on acceptable terms, or divesting of certain business lines or activities. In particular, over time, we may acquire, make investments in, or merge with providers of product offerings that complement our business or may terminate such activities. Mergers, acquisitions, and divestitures include a number of risks and present financial, managerial and operational challenges, including but not limited to:
diversion of management attention from running our existing business;
possible material weaknesses in internal control over financial reporting;
increased expenses including legal, administrative and compensation expenses related to newly hired or terminated employees;
increased costs to integrate the technology, personnel, customer base and business practices of the acquired company with us;
potential exposure to material liabilities not discovered in the due diligence process;
potential adverse effects on reported operating results due to possible write-down of goodwill and other intangible assets associated with acquisitions; and
unavailability of acquisition financing or unavailability of such financing on reasonable terms.

Any acquired business, technology, service or product could significantly under-perform relative to our expectations, and may not achieve the benefits we expect from possible acquisitions. For all these reasons, our pursuit of an acquisition, investment, divestiture, merger, or joint venture could cause its actual results to differ materially from those anticipated.

Weakened global economic conditions may adversely affect our industry, business, operating results and financial condition.
Our overall performance depends in part on worldwide economic and geopolitical conditions. The United States and other key international economies have experienced cyclical downturns from time to time in which economic activity was impacted by falling demand for a variety of goods and services, restricted credit, poor liquidity, reduced corporate profitability, volatility in credit, equity and foreign exchange markets, bankruptcies and overall uncertainty with respect to the economy. These economic conditions can arise suddenly and the full impact of such conditions can remain uncertain at any point in time. In addition, geopolitical developments, such as potential trade wars, can increase levels of political and economic unpredictability globally and increase the volatility of global financial markets. Moreover, these conditions can affect the rate of information technology spending and could adversely affect our customers’ ability or willingness to purchase our solutions and services, delay prospective customers’ purchasing decisions, reduce the value or duration of their subscription contracts, or affect attrition rates, all of which could adversely affect our future sales and operating results.

Climate change may have a long-term impact on our business.
While we seek to mitigate our business risks associated with climate change by establishing robust environmental programs, we recognize that there are inherent climate related risks wherever business is conducted. Access to clean water and reliable energy in the communities where we conduct our business, whether for our offices, vendors, customers or other stakeholders, is a priority. Any of our primary locations may be vulnerable to the adverse effects of climate change. Climate related events, including the increasing frequency of extreme weather events and their impact on U.S. critical infrastructure, have the potential to disrupt our business, our third party suppliers, or the operations and/or business of our customers, and may cause us to experience higher attrition, losses and additional costs to maintain or resume operations.

Any failure in our delivery of high-quality technical support services may adversely affect our relationships with our customers and our financial results.
Our customers depend on our support organization to resolve technical issues relating to our solutions and offerings. We may be unable to respond quickly enough to accommodate short-term increases in customer demand for support services. Increased customer demand for these services, without corresponding revenues, could increase costs and adversely affect our operating results. In addition, our sales process is highly dependent on our solutions and business reputation and on positive recommendations from our existing customers. Any failure to maintain high-quality technical support, or a market perception that we do not maintain high-quality support, could adversely affect our reputation, our ability to sell our offerings to existing and prospective customers, and our business, operating results and financial position.

We may lose key members of our management team, development and operations personnel, or subject matter experts, and may be unable to attract and retain employees we need to support our operations and growth.
Our success depends substantially upon the continued services of our executive officers and other key members of management, particularly our chief executive officer. From time to time, there may be changes in our executive management team resulting from the hiring or departure of executives. Such changes in our executive management team may be disruptive to our business. We are also substantially dependent on the continued service of our existing development and operations personnel and subject matter experts because of the complexity of our services and technologies. The loss of one or more of our key employees or groups could seriously harm our business.

The technology industry is subject to substantial and continuous competition for engineers and other subject matter experts with high levels of experience in designing, developing and managing software, cybersecurity, and Internet-related services, as well as competition for sales executives, data scientists and operations personnel. We may not be successful in attracting and retaining qualified personnel. We have from time to time experienced, and we expect to continue to experience, difficulty in hiring, developing, integrating and retaining highly skilled employees with appropriate qualifications. These difficulties may be amplified by evolving restrictions on immigration, travel, or availability of visas for skilled technology workers. These difficulties may potentially be further amplified by the high cost of living in Washington D.C. metropolitan area, where our headquarters and one of our other offices are located. If we fail to attract new personnel or fail to retain and motivate our current personnel, our business and future growth prospects could be severely harmed.

If our customers do not renew their subscriptions or contracts for our solutions and services, our revenue could decline and our business may suffer.
Our customers have no obligation to renew or extend their subscriptions or contracts for our solutions or services after the expiration of the contractual period, which vary in length, and in the normal course of business, some customers have elected not to renew or extend.  It is difficult to predict attrition rates given the varying needs of our customer base. Our attrition rates may increase or fluctuate as a result of a number of factors, including customer dissatisfaction with our services, customers’ spending levels, mix of customer base, decreases in the number of users at our customers, competition, pricing increases or changes and deteriorating general economic conditions or budgetary constraints.

Our future success also depends in part on our ability to sell additional features and services, more subscriptions or enhanced editions of our services to our current customers. This may also require increasingly sophisticated and costly sales efforts that are targeted at senior leaders. Similarly, the rate at which our customers purchase new or enhanced services depends on a number of factors, some of which are beyond our control.

If customers do not renew or extend their subscriptions or contracts, do not purchase additional features or enhanced solutions, or if attrition rates increase, our business could be harmed.

If our security measures or those of our third-party data center hosting facilities, cloud computing platform providers or third-party service partners, or the underlying infrastructure of the internet are breached, and unauthorized access is obtained to a customer’s data, our data or our IT systems, or authorized access is blocked or disabled, our services may be perceived as not being secure, customers may curtail or stop using our services, and we may incur significant reputational harm, legal exposure and liabilities, or a negative financial impact.

Our services sometimes involve the storage and transmission of our customers’ and our customers' customers' proprietary and other sensitive data, including financial information and personally identifiable information. While we have security measures in place to protect our customers and our customers’ customers' data, our services and underlying infrastructure may in the future be materially breached or compromised as a result of the following:
third party attempts to fraudulently induce employees or customers into disclosing sensitive information such as user names, passwords or other information to gain access to our customers’ data, our data or our IT systems;
efforts by individuals or groups of hackers and sophisticated organizations, including state-sponsored organizations or nation-states;
cyber-attacks on our internally built infrastructure;
vulnerabilities resulting from enhancements and updates to our existing solutions;
vulnerabilities in the products or components across the broad ecosystem that our services operate in or are dependent on;
vulnerabilities existing within newly acquired or integrated technologies and infrastructures;
attacks on, or vulnerabilities in, the many different underlying networks and services that power the internet that our products depend on, most of which are not under our control or the control of our vendors, partners, or customers; and
employee or contractor errors or intentional acts that compromise our security systems.

These risks are mitigated, to the extent possible, by our ability to maintain and improve business and data governance policies, enhanced processes and internal security controls, including our ability to escalate and respond to known and potential risks. Although we have developed systems and processes designed to protect our customers’ and our customers’ customers’ sensitive data, as well as our data, we can provide no assurances that such measures will provide absolute security. In the normal course of business, we are the target of malicious cyber-attack attempts. To date, any such attempts have not been material or significant to us, including to our reputation or business operations, or had a material financial impact, but there can be no assurance that future cyberattacks will not be material or significant.

A security breach or incident could result in unauthorized parties obtaining access to, or the denial of authorized access to, our IT systems or data, or our customers' systems or data, including intellectual property, proprietary, sensitive, or other confidential information. A security breach could also result in a loss of confidence in the security of our services, damage our reputation, negatively impact our future sales, disrupt our business and lead to increases in insurance premiums and legal and financial exposure and liability. Finally, the detection, prevention and remediation of known or potential security vulnerabilities, including those arising from third-party hardware or software, may result in additional financial burdens due to additional direct and indirect costs, such as additional infrastructure capacity spending to mitigate any system degradation.

Our ability to deliver our services is dependent on the development and maintenance of the infrastructure of the Internet by third parties.
The Internet’s infrastructure is comprised of many different networks and services that are highly fragmented and distributed by design. This infrastructure is run by a series of independent third-party organizations that work together to provide the infrastructure and supporting services of the Internet under the governance of the Internet Corporation for Assigned Numbers and Names (ICANN) and the Internet Assigned Numbers Authority (IANA), now under the stewardship of ICANN.

The Internet has experienced a variety of outages and other delays as a result of damages to portions of its infrastructure, denial-of-service attacks or related cyber incidents, and it could face outages and delays in the future. These outages and delays could reduce the level of Internet usage or result in fragmentation of the Internet, resulting in multiple separate Internets. These scenarios are not under our control and could reduce the availability of the Internet to us or our customers for delivery of our Internet-related services. Any resulting interruptions in our services or the ability of our customers to access our services could result in a loss of potential or existing customers and harm our business.

Sales to customers outside the United States expose us to risks inherent in international operations.
We sell our services outside the United States and are subject to risks and challenges associated with international business. We intend to continue to expand our international sales efforts. The risks and challenges associated with sales to customers outside the United States or those that can affect international operations generally, include:
localization of our services, including translation into foreign languages and associated expenses;
regulatory frameworks or business practices favoring local competitors;
pressure on the creditworthiness of sovereign nations;
evolving domestic and international tax environments;
liquidity issues or political actions by sovereign nations, including nations with a controlled currency environment, which could result in decreased values of these balances or potential difficulties protecting our foreign assets or satisfying local obligations;
foreign currency fluctuations and controls, which may make our services more expensive for international customers and could add volatility to our operating results;
compliance with multiple, conflicting, ambiguous or evolving governmental laws and regulations, including employment, tax, privacy, anti-corruption, import/export, antitrust, data transfer, storage and protection, and industry-specific laws and regulations, including rules related to compliance by our third-party resellers and our ability to identify and respond timely to compliance issues when they occur;
vetting and monitoring our third-party resellers in new and evolving markets to confirm they maintain standards consistent with our brand and reputation;
uncertainty regarding regulation, currency, tax, and operations resulting from the Brexit vote that could disrupt trade, the sale of our services and commerce, and movement of our people between the United Kingdom, European Union, and locations;
changes in the public perception of governments in the regions where we operate or plan to operate;
regional data privacy laws and other regulatory requirements;
treatment of revenue from international sources, intellectual property considerations and changes to tax codes, including being subject to foreign tax laws and being liable for paying withholding income or other taxes in foreign jurisdictions;
different pricing environments;
difficulties in staffing and managing foreign operations;
different or lesser protection of our intellectual property;
longer accounts receivable payment cycles and other collection difficulties;
natural disasters, acts of war, terrorism, pandemics or security breaches; and
regional economic and political conditions.

Any of these factors could negatively impact our business and results of operations. The above factors may also negatively impact our ability to successfully expand into emerging market countries, where we have little or no operating experience, where it can be costly and challenging to establish and maintain operations, including hiring and managing required personnel, and difficult to promote our brand, and where we may not benefit from any first-to-market advantage or otherwise succeed.

We are subject to governmental export and import controls that could impair our ability to compete in international markets and subject us to liability if we are not in full compliance with applicable laws.
Some of our solutions are subject to export and import controls, including the Commerce Department’s Export Administration Regulations, U.S. Customs regulations and various economic and trade sanctions regulations established by the Treasury Department’s Office of Foreign Assets Control. If we fail to comply with these U.S. export control laws and import laws we and certain of our employees could be subject to substantial civil or criminal penalties, including the possible loss of export or import privileges; fines, which may be imposed on us and responsible employees or managers; and, in extreme cases, the incarceration of responsible employees or managers. Obtaining the necessary authorizations, including any required license, may be time-consuming, is not guaranteed and may result in the delay or loss of sales opportunities. Furthermore, the U.S. export control laws and economic sanctions laws prohibit the shipment of certain products and services to U.S. embargoed or sanctioned countries, governments and persons. Even though we take precautions to prevent our solutions from being provisioned or provided to U.S. sanctions targets in violation of applicable regulations, our solutions could be provisioned to those targets despite such precautions. Any such sales could have negative consequences, including government investigations, penalties and reputational harm. Changes in our solutions or changes in export and import regulations may create delays in the introduction, sale and deployment of our solutions in international markets or prevent the export or import of our solutions to certain countries, governments or persons altogether. Any decreased use of our solutions or limitation on our ability to export or sell our solutions may adversely affect our business, financial condition and results of operations.

Item 1B. Unresolved Staff Comments

None.

Item 2. Properties

We lease approximately 191,700 square feet of space for our corporate headquarters, integration facility, and primary service depot in Ashburn, Virginia. The lease expires in May 2029.

We lease additional office space in facilities located in Maryland, New Jersey and Nevada under various leases expiring through January 2024.

We believe that the current space is substantially adequate to meet our operating requirements.

Item 3. Legal Proceedings

Hamot et al. v. Telos Corporation

As previously disclosed in Note 13 of the Consolidated Financial Statements contained in our Annual Report on Form 10-K for the year ended December 31, 2020, beginning on August 2, 2007, Messrs. Seth W. Hamot (“Hamot”) and Andrew R. Siegel (“Siegel”), principals of Costa Brava Partnership III, L.P. (“Costa Brava”), were involved in litigation against the Company as Plaintiffs and Counter-defendants in the Circuit Court for Baltimore City, Maryland (the “Circuit Court”). Mr. Siegel was a Class D Director of the Company and Mr. Hamot was a Class D Director of the Company until his resignation on March 9, 2018. The Plaintiffs initially alleged that certain documents and records had not been provided to them promptly and were necessary to fulfill their duties as directors of the Company. Subsequently, Hamot and Siegel further alleged that the Company had failed to follow certain provisions concerning the noticing of Board committee meetings and the recording of Board meeting minutes and, additionally, that Mr. John Wood’s service as both CEO and Chairman of the Board was improper and impermissible under the Company’s Bylaws. On April 23, 2008, the Company filed a counterclaim against Hamot and Siegel for money damages and preliminary and injunctive relief based upon Hamot and Siegel’s interference with, and improper influence of, the Company’s independent auditors regarding, among other things, a specific accounting treatment.  On June 27, 2008, the Circuit Court granted the Company’s motion for preliminary injunction and enjoined Hamot and Siegel from contacting the Company’s auditors until the completion of the Company’s Form 10-K for the preceding year, which injunction later expired by its own terms. As previously disclosed, trial on Hamot and Siegel’s claims and the Company’s counterclaims took place in July through September 2013, and the Court subsequently issued decisions on the various claims by way of memorandum opinions and orders dated September 11, 2017. Among other rulings, the Court found Hamot and Siegel liable for the intentional tort of tortious interference with the Company’s contractual relationship with one of its auditors and entered a monetary judgment in favor of the Company and against Hamot and Siegel for approximately $278,000. The Company’s subsequent appeal of the amount of damages awarded to it for Hamot and Siegel’s intentional interference was ultimately dismissed by way of the Mandate issued by the Court of Appeals of Maryland on October 11, 2019.

Hamot (and later, his Estate) and Siegel on multiple occasions during this litigation have sought to be indemnified or to be awarded advancement of various attorney’s fees and expenses incurred by them in this litigation.  On October 20, 2020, Hamot’s Estate and Siegel (together the “Plaintiffs”) filed their latest Motion for Indemnification of Legal Fees and Expenses against the Company in the Circuit Court for Baltimore City and a Request for a Hearing.  The Motion demands that the Company indemnify the Plaintiffs for legal fees and expenses incurred in the sum of $2,540,000.  The Company filed an Opposition to the Motion on November 4, 2020. On January 28, 2021, Plaintiffs filed a Motion for Leave to File Amended Motion for Indemnification of Legal Fees and Expenses, which the Company opposed, and which was granted by the Court on February 23, 2021, and briefing of the Amended Motion for Indemnification of Legal Fees and Expenses (“Amended Motion”) continues. A hearing is scheduled before the Court on Plaintiffs’ Amended Motion for Indemnification of Legal Fees and Expenses for May 18, 2021. The Company denies that it has any liability for indemnification to the Plaintiffs and intends to vigorously defend the matter through its opposition to the Amended Motion and further proceedings.

At this stage of the litigation, it is impossible to reasonably determine the degree of probability related to the Company’s success in relation to this claim by Hamot’s Estate and Siegel for indemnification for certain attorney’s fees and expenses incurred in this litigation. The Company intends to vigorously defend the matter.
 
Other Litigation

In addition, the Company is a party to litigation arising in the ordinary course of business.  In the opinion of management, while the results of such litigation cannot be predicted with any reasonable degree of certainty, the final outcome of such known matters will not, based upon all available information, have a material adverse effect on the Company's condensed consolidated financial position, results of operations or cash flows.

Item 4. Mine Safety Disclosures

Not applicable.

PART II

Item 5. Market for Registrant's Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities

       Our common stock is traded on the Nasdaq Global Market under the symbol “TLS”.  As of December 31, 2020, there were approximately 231 registered shareholders of record, not including the number of persons or entities whose stock is held in nominee or "street" name through various brokerage firms. There was no public market for our common stock prior to November 19, 2020.

Performance Graph
This performance graph shall not be deemed “soliciting material” or to be “filed” with the Securities Exchange Commission (“SEC”) for purposes of Section 18 of the Securities Exchange Act of 1934, as amended (“Exchange Act”), or otherwise subject to the liabilities under that Section, and shall not be deemed to be incorporated by reference into any of our filings under the Securities Act or the Exchange Act.

The following graph compares the cumulative total return to stockholders on our common stock since November 19, 2020 (the date our common stock commenced trading on the NASDAQ National Market) relative to the cumulative total returns of the Standard & Poor’s 500 Index and the Standard & Poor’s Information Technology Index over the same period. An investment of $100 (with reinvestment of all dividends) is assumed to have been made in our common stock and in each index at the market close on November 19, 2020, and its relative performance is tracked through December 31, 2020. The returns shown are based on historical results and are not intended to suggest future performance.




Item 6. Selected Financial Data

The following should be read in connection with the accompanying information presented in Item 7 and Item 8 of this Form 10-K.

OPERATING RESULTS

   
Years Ended December 31,
 
   
2020
   
2019
   
2018
   
2017
   
2016
 
   
(amounts in thousands)
 
Sales
 
$
179,917
   
$
159,218
   
$
138,016
   
$
107,727
   
$
134,868
 
Operating income (loss)
   
297
     
5,025
     
9,014
     
414
     
2,112
 
Income (loss) income before income taxes
   
6,795
     
(2,241
)
   
1,768
     
(6,265
)
   
(3,335
)
Net income (loss) attributable to Telos Corporation
   
1,687
     
(6,401
)
   
(1,640
)
   
(5,833
)
   
(7,175
)


FINANCIAL CONDITION

   
As of December 31,
 
   
2020
   
2019
   
2018
   
2017
   
2016
 
   
(amounts in thousands)
 
Total assets
 
$
183,817
   
$
77,692
   
$
74,489
   
$
74,421
   
$
56,799
 
Senior term loan (1)
   
----
     
16,335
     
10,984
     
10,786
     
----
 
Subordinated debt, long-term (1)
   
----
     
2,927
     
2,597
     
2,289
     
----
 
Finance lease obligations, long-term (2)
   
14,301
     
15,641
     
16,865
     
17,980
     
18,990
 
Operating lease obligations, long-term (2)
   
941
     
1,553
     
----
     
----
     
----
 
Deferred income taxes, long-term (3)
   
652
     
621
     
818
     
741
     
3,391
 
Senior redeemable preferred stock (4)
   
----
     
----
     
----
     
----
     
2,092
 
Public preferred stock (4)
   
----
     
139,210
     
135,387
     
131,565
     
127,742
 


(1)
See Note 6 to the Consolidated Financial Statements in Item 8 regarding our debt obligations.
(2)
See Note 10 to the Consolidated Financial Statements in Item 8 regarding our lease obligations.
(3)
See Note 9 to the Consolidated Financial Statements in Item 8 regarding our income taxes.
(4)
See Note 7 to the Consolidated Financial Statements in Item 8 regarding our redeemable preferred stock.


Item 7. Management's Discussion and Analysis of Financial Condition and Results of Operations

General
We offer technologically advanced, software-based security solutions that empower and protect the world’s most security-conscious organizations against rapidly evolving, sophisticated and pervasive threats. Our portfolio of security products, services and expertise empower our customers with capabilities to reach new markets, serve their stakeholders more effectively, and successfully defend the nation or their enterprise. We protect our customers’ people, information, and digital assets so they can pursue their corporate goals and conduct their global missions with confidence in their security and privacy.

Our mission is to protect our customers’ people, systems, and vital information assets with offerings for cybersecurity, cloud security, and enterprise security. In the current global environment, our mission is more critical than ever. The emergence of each new ICT introduces new vulnerabilities, as security is still too often overlooked in solution development. Networks and applications meant to enhance productivity and profitability often jeopardize an organization due to poor planning, misconfiguration, or an unknown gap in security. Ransomware, insider threats, cybercrime, and advanced persistent threats continue to menace public and private enterprises across all industries.

Cybersecurity, cloud security, and enterprise security of the modern organization share much in common, yet also call for a diverse range of skills, capabilities, and experience in order to meet the requirements of security-conscious customers. Decades of experience in developing, orchestrating, and delivering solutions across these three domains gives us the vision and the confidence to provide solutions that empower and protect the enterprise at an integrated, holistic level. Our experience in addressing challenges in one area of an enterprise helps us meet requirements in others. We understand that a range of complementary capabilities may be needed to solve a single challenge, and we also recognize when a single solution might address multiple challenges.

Our security solutions span across the following domains:
Cybersecurity – We help our customers ensure the ongoing security, integrity, and compliance of their on-premises and related cloud-based systems, reducing threats and vulnerabilities in order to foil cyber adversaries before they can attack. Our consultants assess our customers’ security environments and then design, engineer, and operate the systems they need to strengthen their cybersecurity posture.
Cloud Security – The cloud as an organizational resource is more than two decades old, yet the needs of cloud users are constantly changing. We offer the specialized skills and experience needed to help our customers plan, engineer, and execute secure cloud migration strategies and then ensure ongoing management and security in keeping with the leading standards for cloud-based systems and workloads.
Enterprise Security – Securing the enterprise means protecting the essential and timeless elements common to every organization: its people and processes, its supply chain and inventories, its finances and facilities, and its information and communications. As ICT and OT have become part of the organizational make-up, we have offered solutions that ensure personnel can work securely and productively across and beyond the enterprise.

We refer to our cyber and cloud applications as Security Solutions, which includes Information Assurance / Xacta®  (previously referred to as Cyber & Cloud Solutions), Secure Communications (previously referred to as Secure Communications Cyber and Enterprise Solutions), and Telos ID (previously referred to as Telos ID Enterprise Solutions). We refer to our offerings for enterprise security as Secure Networks (previously referred to as Secure Mobility and Network Management/Defense Enterprise Solutions).

Security Solutions
Information Assurance / Xacta: a premier platform for enterprise cyber risk management and security compliance automation, delivering security awareness for systems in the cloud, on-premises, and in hybrid and multi-cloud environments. Xacta delivers automated cyber risk and compliance management solutions to large commercial and government enterprises. Across the U.S. federal government, Xacta is the de facto commercial cyber risk and compliance management solution.
 
Secure Communications:
   
 
Telos Ghost: a virtual obfuscation network-as-a-service with encryption and managed attribution capabilities to ensure the safety and privacy of people, information, and resources on the network. Telos Ghost seeks to eliminate cyber-attack surfaces by obfuscating and encrypting data, masking user identity and location, and hiding network resources. It provides the additional layers of security and privacy needed for intelligence gathering, cyber threat protection, securing critical infrastructure, and protecting communications and applications when operations, property, and even lives can be jeopardized by a single error in security.
 
Telos Automated Message Handling System (“AMHS”): web-based organizational message distribution and management for mission-critical communications; the recognized gold standard for organizational messaging in the U.S. government. Telos AMHS is used by military field operatives for critical communications on the battlefield and is the only web-based solution for assured messaging and directory services using the DISA Organizational Messaging Service and its specialized communications protocols.
Telos ID: offering Identity Trust and Digital Services through IDTrust360® – an enterprise-class digital identity risk platform for extending SaaS and custom digital identity services that mitigate threats through the integration of advanced technologies that fuse biometrics, credentials, and other identity-centric data used to continuously monitor trust. We maintain government certifications and designations that distinguish Telos ID, including TSA PreCheck® enrollment provider, Designated Aviation Channeling provider, FBI-approved Channeler, and FINRA Electronic Fingerprint Submission provider. We are the only commercial entity in our industry designated as a Secure Flight Services provider for terrorist watchlist checks.
 

Secure Networks
Secure Mobility: solutions for business and government that enable remote work and minimize concern across and beyond the enterprise. Our secure mobility team brings credentials to every engagement, supplying deep expertise and experience as well as highly desirable clearances and industry recognized certifications for network engineering, mobility, and security.
Network Management and Defense: services for operating, administrating, and defending complex enterprise networks and defensive cyber operations. Our diverse portfolio of capabilities addresses common and uncommon requirements in many industries and disciplines, ranging from the military and government agencies to Fortune 500 companies.

Critical Accounting Policies and Estimates

The preparation of consolidated financial statements in conformity with GAAP requires management to make estimates and assumptions that affect the reported amounts of assets and liabilities and disclosure of contingent assets and liabilities at the date of the consolidated financial statements, and the reported amounts of revenues and expenses during the reporting period. Significant estimates and assumptions used in the preparation of our consolidated financial statements include revenue recognition, allowance for doubtful accounts receivable, allowance for inventory obsolescence, the valuation allowance for deferred tax assets, income taxes, contingencies and litigation, potential impairments of goodwill and intangible assets, estimated pension-related costs for our foreign subsidiaries and accretion of public preferred stock.  Actual results could differ from those estimates.

        The following is a summary of the most critical accounting policies used in the preparation of our consolidated financial statements.

Revenue Recognition
We account for revenue in accordance with Accounting Standards Codification (“ASC”) Topic 606, “Revenue from Contracts with Customers.” The unit of account in ASC 606 is a performance obligation, which is a promise in a contract with a customer to transfer a good or service to the customer. ASC 606 prescribes a five-step model for recognizing revenue that includes identifying the contract with the customer, determining the performance obligation(s), determining the transaction price, allocating the transaction price to the performance obligation(s), and recognizing revenue as the performance obligations are satisfied. Timing of the satisfaction of performance obligations varies across our businesses due to our diverse product and service mix, customer base, and contractual terms. Significant judgment can be required in determining certain performance obligations, and these determinations could change the amount of revenue and profit recorded in a given period.  Our contracts may have a single performance obligation or multiple performance obligations. When there are multiple performance obligations within a contract, we allocate the transaction price to each performance obligation based on our best estimate of standalone selling price.

The majority of our revenue is recognized over time, as control is transferred continuously to our customers who receive and consume benefits as we perform, and is classified as services revenue.  All of our business groups earn services revenue under a variety of contract types, including time and materials, firm-fixed price, firm-fixed price level of effort, and cost plus fixed fee contract types, which may include variable consideration as discussed further below. Revenue is recognized over time using costs incurred to date relative to total estimated costs at completion to measure progress toward satisfying our performance obligations. Incurred cost represents work performed, which corresponds with, and thereby best depicts, the transfer of control to the customer. Contract costs include labor, material, subcontractor costs and indirect expenses. This continuous transfer of control to the customer is supported by clauses in our contracts with U.S. Government customers whereby the customer may terminate a contract for convenience and then pay for costs incurred plus a profit, at which time the customer would take control of any work in process. For non-U.S. Government contracts where we perform as a subcontractor and our order includes similar Federal Acquisition Regulation (FAR) provisions as the prime contractor’s order from the U.S. Government, continuous transfer of control is likewise supported by such provisions. For other non-U.S. Government customers, continuous transfer of control to such customers is also supported due to general terms in our contracts and rights to recover damages which would include, among other potential damages, the right to payment for our work performed to date plus a reasonable profit.

Due to the transfer of control over time, revenue is recognized based on progress towards completion of the performance obligation. The selection of the method to measure progress towards completion requires judgment and is based on the nature of the performance obligations. We generally use the cost-to-cost measure of progress on a proportional performance basis for our contracts because it best depicts the transfer of control to the customer which occurs as we incur costs on our contracts. Under the cost-to-cost measure of progress, the extent of progress towards completion is measured based on the ratio of costs incurred to date to the total estimated costs at completion of the performance obligation. Revenues are recorded proportionally as costs are incurred. Due to the nature of the work required to be performed on certain of our performance obligations, the estimation of total revenue and cost at completion is complex, subject to many variables and requires significant judgment.  Contract estimates are based on various assumptions including labor and subcontractor costs, materials and other direct costs and the complexity of the work to be performed. A significant change in one or more of these estimates could affect the profitability of our contracts. We review and update our contract-related estimates regularly and recognize adjustments in estimated profit on contracts on a cumulative catch-up basis, which may result in an adjustment increasing or decreasing revenue to date on a contract in a particular period that the adjustment is identified. Revenue and profit in future periods of contract performance are recognized using the adjusted estimate.

Revenue that is recognized at a point in time is for the sale of software licenses in our Information Assurance / Xacta® and Secure Communications business groups and for the sale of resold products in Telos ID and Secure Networks, and is classified as product revenue.  Revenue on these contracts is recognized when the customer obtains control of the transferred product or service, which is generally upon delivery of the product to the customer for their use, due to us maintaining control of the product until that point. Orders for the sale of software licenses may contain multiple performance obligations, such as maintenance, training, or consulting services, which are typically delivered over time, consistent with the transfer of control disclosed above for the provision of services. When an order contains multiple performance obligations, we allocate the transaction price to the performance obligations using our best estimate of standalone selling price.

Contracts are routinely and often modified to account for changes in contract requirements, specifications, quantities, or price.  Depending on the nature of the modification, we determine whether to account for the modification as an adjustment to the existing contract or as a new contract.  Generally, modifications are not distinct from the existing contract due to the significant interrelatedness of the performance obligations and are therefore accounted for as an adjustment to the existing contract, and recognized as a cumulative adjustment to revenue (as either an increase or reduction of revenue) based on the modification’s effect on progress toward completion of a performance obligation.

Our contracts may include various types of variable consideration, such as claims (for instance, indirect rate or other equitable adjustments) or incentive fees. We include estimated amounts in the transaction price based on all of the information available to us, including historical information and future estimations, and to the extent it is probable that a significant reversal of cumulative revenue recognized will not occur when any uncertainty associated with the variable consideration is resolved.  We have revised and re-submitted several years of incurred cost submissions reflecting certain indirect rate structure changes as a result of regular Defense Contract Audit Agency (“DCAA”) audits of incurred cost submissions.  This resulted in signed final rate agreement letters for fiscal years 2011 to 2013 and conformed incurred cost submissions for 2014 to 2015. We evaluated the resulting changes to revenue under the applicable cost plus fixed fee contracts for the years 2011 to 2015 as variable consideration, and determined the most likely amount to which we expect to be entitled, to the extent that no constraint exists that would preclude recognizing this revenue or result in a significant reversal of cumulative revenue recognized. We included these estimated amounts of variable consideration in the transaction price and as performance on these contracts is complete, we have recognized revenue of $6.0 million during the year ended December 31, 2018.

Historically, most of our contracts do not include award or incentive fees. For incentive fees, we would include such fees in the transaction price to the extent we could reasonably estimate the amount of the fee.  With limited historical experience, we have not included any revenue related to incentive fees in our estimated transaction prices.  We may include in our contract estimates additional revenue for submitted contract modifications or claims against the customer when we believe we have an enforceable right to the modification or claim, the amount can be estimated reliably and its realization is probable. We consider the contractual/legal basis for the claim (in particular FAR provisions), the facts and circumstances around any additional costs incurred, the reasonableness of those costs and the objective evidence available to support such claims.

For our contracts that have an original duration of one year or less, we use the practical expedient applicable to such contracts and do not consider the time value of money. We capitalize sales commissions related to proprietary software and related services that are directly tied to sales. We do not elect the practical expedient to expense as incurred the incremental costs of obtaining a contract if the amortization period would have been one year or less. For the sales commissions that are capitalized, we amortize the asset over the expected customer life, which is based on recent and historical data.

Contract assets are amounts that are invoiced as work progresses in accordance with agreed-upon contractual terms, either at periodic intervals or upon achievement of contractual milestones. Generally, revenue recognition occurs before billing, resulting in contract assets. These contract assets are referred to as unbilled receivables and are reported within accounts receivable, net of reserve on our consolidated balance sheets.

Billed receivables are amounts billed and due from our customers and are reported within accounts receivable, net of reserve on the consolidated balance sheets. The portion of the payments retained by the customer until final contract settlement is not considered a significant financing component due to the intent of the retainage being the customer’s protection with respect to full and final performance under the contract.

Contract liabilities are payments received in advance and milestone payments from our customers on selected contracts that exceed revenue earned to date, resulting in contract liabilities. Contract liabilities typically are not considered a significant financing component because they are generally satisfied within one year and are used to meet working capital demands that can be higher in the early stages of a contract. Contract liabilities are reported on our consolidated balance sheets on a net contract basis at the end of each reporting period.

We have one reportable segment. We treat sales to U.S. customers as sales within the U.S. regardless of where the services are performed. Substantially all of our revenues are from U.S. customers as revenue derived from international customers is de minimus. The following tables disclose revenue (in thousands) by customer type and contract type for the periods presented.  Prior period amounts have not been adjusted under the modified retrospective method.

   
2020
   
2019
   
2018
 
 
Federal
 
$
171,677
   
$
149,257
   
$
129,279
 
State & Local, and Commercial
   
8,240
     
9,961
     
8,737
 
Total
 
$
179,917
   
$
159,218
   
$
138,016
 

   
2019
   
2019
   
2018
 
 
Firm fixed-price
 
$
151,703
   
$
131,629
   
$
103,454
 
Time-and-materials
   
13,455
     
14,569
     
16,795
 
Cost plus fixed fee
   
14,759
     
13,020
     
17,767
 
Total
 
$
179,917
   
$
159,218
   
$
138,016
 

The following table discloses accounts receivable and contract assets (in thousands):
   
December 31,
 
   
2020
   
2019
 
Billed accounts receivable
 
$
12,060
   
$
11,917
 
Unbilled receivables
   
19,161
     
16,745
 
Allowance for doubtful accounts
   
(308
)
   
(720
)
Receivables – net
 
$
30,913
   
$
27,942
 

As of December 31, 2020 and 2019, we had $127.7 million and $112.4 million of remaining performance obligations, respectively, which we also refer to as funded backlog. We expect to recognize approximately 92.4% of our remaining performance obligations as revenue in 2021, an additional 2.5% by 2022 and the balance thereafter. For the years ended December 31, 2020, 2019, and 2018, the amount of revenue recognized during the year that was included in the opening contract liabilities balance was $5.3 million, $4.2 million, and $5.5 million, respectively. Contract liabilities were $5.7 million and $6.3 million as of December 31, 2020 and 2019, respectively.

We develop our annual budgeted revenue by estimating for the upcoming year our continuing business from existing customers and active contracts. We consider backlog, both funded and unfunded (as explained below), other expected annual renewals, and expansion planned by our current customers. In the context of our current customer portfolio, we view “recurring revenue” as revenue that occurs often and repeatedly. In each of the last three years, recurring revenue has exceeded 85% of our annual revenue. Our total budgeted revenue is the combination of recurring revenue and a forecast of new business.

Total backlog, a component of recurring revenue, consists of the aggregate contract revenues remaining to be earned by us at a given time over the life of our contracts, whether funded or unfunded. Funded backlog consists of the aggregate contract revenues remaining to be earned at a given time, which, in the case of U.S. government contracts, means that they have been funded by the procuring agency. Unfunded backlog is the difference between total backlog and funded backlog and includes potential revenues that may be earned if customers exercise delivery orders and/or renewal options to continue these contracts. Based on historical experience, we generally assume option year renewals to be exercised. Most of our customers fund contracts on a basis of one year or less and, as a result, funded backlog is generally expected to be earned within one year from any point in time, whereas unfunded backlog is expected to be earned over a longer period.

Inventories
Inventories are stated at the lower of cost or net realizable value, where cost is determined primarily using the weighted average cost method. Inventories consist primarily of purchased off-the-shelf hardware and software, and component computer parts used in connection with system integration services that we perform. Inventories also include spare parts utilized to support certain maintenance contracts. Spare parts inventory is amortized on a straight-line basis over two to five years, which represents the shorter of the warranty period or estimated useful life of the asset. An allowance for obsolete, slow-moving or non-salable inventory is provided for all other inventory. This allowance is based on our overall obsolescence experience and our assessment of future inventory requirements.

Goodwill
We evaluate the impairment of goodwill in accordance with ASC 350, “Intangibles – Goodwill and Other,” which requires goodwill and indefinite-lived intangible assets to be assessed on at least an annual basis for impairment using a fair value basis. Between annual evaluations, if events occur or circumstances change that would more likely than not reduce the fair value of the reporting unit below its carrying amount, then impairment must be evaluated. Such circumstances could include, but are not limited to: (1) a significant adverse change in legal factors or business climate, or (2) a loss of key contracts or customers.

As the result of an acquisition, we record any excess purchase price over the net tangible and identifiable intangible assets acquired as goodwill. An allocation of the purchase price to tangible and intangible net assets acquired is based upon our valuation of the acquired assets. Goodwill is not amortized, but is subject to annual impairment tests. We complete our goodwill impairment tests as of December 31st each year. Additionally, we make evaluations between annual tests if events occur or circumstances change that would more likely than not reduce the fair value of a reporting unit below its carrying amount. The evaluation is based on the estimation of the fair values of our three reporting units, CO&D (comprised of Information Assurance / Xacta and Secure Networks), Telos ID, and Secure Communications, of which goodwill is housed in the CO&D reporting unit, in comparison to the reporting unit’s net asset carrying values. Our discounted cash flows required management’s judgment with respect to forecasted revenue streams and operating margins, capital expenditures and the selection and use of an appropriate discount rate. We utilized the weighted average cost of capital as derived by certain assumptions specific to our facts and circumstances as the discount rate. The net assets attributable to the reporting units are determined based upon the estimated assets and liabilities attributable to the reporting units in deriving its free cash flows. In addition, the estimate of the total fair value of our reporting units is compared to the market capitalization of the Company. The Company’s assessment resulted in a fair value that was greater than the Company’s carrying value, therefore the second step of the impairment test, as prescribed by the authoritative literature, was not required to be performed and no impairment of goodwill was recorded as of December 31, 2020. Subsequent reviews may result in future periodic impairments that could have a material adverse effect on the results of operations in the period recognized. Recent operating results have reduced the projection of future cash flow growth potential, which indicates that certain negative potential events, such as a material loss or losses on contracts, or failure to achieve projected growth could result in impairment in the future. We estimate the fair value of our reporting unit and compare the valuation with the respective carrying value for the reporting unit to determine whether any goodwill impairment exists. If we determine through the impairment review process that goodwill is impaired, we will record an impairment charge in our consolidated statements of operations. Goodwill is amortized and deducted over a 15-year period for tax purposes.

Income Taxes
We account for income taxes in accordance with ASC 740, “Income Taxes.” Under ASC 740, deferred tax assets and liabilities are recognized for the estimated future tax consequences of temporary differences and income tax credits. Deferred tax assets and liabilities are measured by applying enacted statutory tax rates that are applicable to the future years in which deferred tax assets or liabilities are expected to be settled or realized for differences between the financial statement carrying amounts and the tax bases of existing assets and liabilities. Any change in tax rates on deferred tax assets and liabilities is recognized in net income in the period in which the tax rate change is enacted. We record a valuation allowance that reduces deferred tax assets when it is "more likely than not" that deferred tax assets will not be realized. We are required to establish a valuation allowance for deferred tax assets if, based on the weight of available evidence, it is more likely than not that some portion or all of the deferred tax assets will not be realized. Based on available evidence, realization of deferred tax assets is dependent upon the generation of future taxable income. We considered projected future taxable income, tax planning strategies, and reversal of taxable temporary differences in making this assessment. As such, we have determined that a full valuation allowance is required as of December 31, 2020 and 2019. As a result of a full valuation allowance against our deferred tax assets, a deferred tax liability related to goodwill remained on our consolidated balance sheet at December 31, 2020 and 2019.  Due to the tax reform enacted on December 22, 2017, net operating losses generated in taxable years beginning after December 31, 2017 will have an indefinite carryforward period, which will be available to offset future taxable income created by the reversal of temporary taxable differences related to goodwill. As a result, we have adjusted the valuation allowance on our deferred tax assets and liabilities at December 31, 2020 and 2019. See additional information on tax reform and its impact on our income taxes in Note 9 – Income Taxes.

Results of Operations
We derive a substantial portion of our revenues from contracts and subcontracts with the U.S. Government. Our revenues are generated from a number of contract vehicles and task orders. Over the past several years we have sought to diversify and improve our operating margins through an evolution of our business from an emphasis on product reselling to that of an advanced solutions technologies provider. To that end, although we continue to offer resold products through our contract vehicles, we have focused on selling solutions and outsourcing product sales, as well as designing and delivering Telos manufactured and branded technologies.  We believe our contract portfolio is characterized as having low to moderate financial risk due to the limited number of long-term fixed price development contracts. Our firm fixed-price activities consist principally of contracts for the products and services at established contract prices. Our time-and-material contracts generally allow the pass-through of allowable costs plus a profit margin.  For 2020, 2019, and 2018, the Company’s revenue derived from firm fixed-price contracts was 84.3%, 82.7%, and 74.9%, respectively, cost-plus contracts was 8.2%, 8.2%, and 12.9%, respectively, and time-and-material contracts was 7.5%, 9.1%, and 12.2%, respectively.

We provide different solutions and are party to contracts of varying revenue types under the NETCENTS (Network-Centric Solutions) and NETCENTS-2 contracts to the U.S. Air Force. NETCENTS and NETCENTS-2 are IDIQ and GWAC, therefore any government customer may utilize the NETCENTS and NETCENTS-2 vehicles to meet its purchasing needs. Consequently, revenue earned on the underlying NETCENTS and NETCENTS-2 delivery orders varies from period to period according to the customer and solution mix for the products and services delivered during a particular period, unlike a standalone contract with one separately identified customer. The contracts themselves do not fund any orders and they state that the contracts are for an indefinite delivery and indefinite quantity. The majority of our task/delivery orders have periods of performance of less than 12 months, which contributes to the variances between interim and annual reporting periods. We have also been awarded other IDIQ/GWACs, including the Department of Homeland Security’s EAGLE II, GSA Alliant 2, and blanket purchase agreements under our GSA schedule.

We refer to our cyber and cloud applications as Security Solutions, which includes Information Assurance /Xacta® (previously referred to as Cyber & Cloud Solutions), Secure Communications (previously referred to as Secure Communications Cyber and Enterprise Solutions), and Telos ID (previously referred to as Telos ID Enterprise Solutions). We refer to our offerings for enterprise security as Secure Networks (previously referred to as Secure Mobility and Network Management/Defense Enterprise Solutions).

U.S. Government appropriations have been and continue to be affected by larger U.S. Government budgetary issues and related legislation. In 2011, Congress enacted the Budget Control Act of 2011 (the “BCA”), which established specific limits on annual appropriations for fiscal years 2012-2021. These limits were subsequently amended several times. With the expiration of the BCA at the end of FY 2021, there are no statutory limits in place for FY 2022.

According to the non-partisan Congressional Budget Office (CBO), since enactment of the BCA, federal outlays devoted to defense programs fell from 4.5 percent as a share of Gross Domestic Product (GDP) to as low as 3.1 percent of GDP in each of FYs 2016-18, before rising slightly the past two years to a level of 3.4 percent in FY 2020. Moreover, CBO reports that, as a result of the spending caps imposed by the BCA, non-adjusted defense outlays subsequently shrank from $699.4 billion in FY 2011 to as low as $583.4 billion in FY 2016, and did not again exceed their FY 2011 level until FY 2020, when outlays were $713.8 billion, two percent above the FY 2011 level.

In Fiscal Years 2020 and 2021, the COVID-19 pandemic and associated economic dislocation in the United States has resulted in an overwhelming federal response, including enactment of several massive and comprehensive emergency appropriations and economic stimulus measures. These were in addition to annual appropriations legislation for FY 2021, which was not enacted into law until late December, 2020, nearly three months after the beginning of the fiscal year, during which time the government once again operated under a series of Continuing Resolutions which strictly limited new spending initiatives. These enormous emergency spending packages and their resulting increases in the budget deficit will necessarily factor into future spending decisions to an unknown degree. Further, as the outgoing Trump Administration did not complete its work on a proposed FY 2022 budget prior to leaving office on January 20, 2021, and the incoming Biden Administration has been delayed in submitting a proposed budget to Congress, the proposed spending levels for FY 2022 cannot be predicted.  Finally, the near- and long-term impacts of the COVID-19 health and associated economic crisis on federal budget planning and the government contracts that we hold, and on the federal procurements that we would otherwise compete for, cannot be known.

Should Congress and the White House be unable to make sufficient progress on the FY 2022 budget and enact appropriations legislation prior to the beginning of the new fiscal year on October 1, 2021, the Department of Defense and other federal departments and agencies will likely again be funded for an unknown period of time under a Continuing Resolution, which would restrict new spending initiatives.

Despite the pandemic’s resultant shift to teleworking by federal employees and contractors, the government has successfully maintained continuity of services as has Telos Corporation.  With much of the business of government continuing to be conducted remotely through use of information technology systems, we believe there will continue to be a need on the part of the government for the types of solutions and services provided by Telos.

For more information on the risks and uncertainties related to U.S. Government contracts, see Part I – Item 1A Risk Factors in this Annual Report on the Form 10-K.

Statement of Operations Data

The following table sets forth certain consolidated financial data and related percentages for the periods indicated:

   
Years Ended December 31,
 
   
2020
   
2019
   
2018
 
   
(dollar amounts in thousands)
 
                                     
Revenue
 
$
179,917
     
100.0
%
 
$
159,218
     
100.0
%
 
$
138,016
     
100.0
%
Cost of sales
   
117,497
     
65.3
     
106,874
     
67.1
     
84,954
     
61.6
 
Selling, general and administrative expenses
   
62,123
     
34.5
     
47,319
     
29.7
     
44,048
     
31.9
 
Operating income
   
297
     
0.2
     
5,025
     
3.2
     
9,014
     
6.5
 
Other income (expenses):
                                               
Gain on redemption of public preferred stock
   
14,012
     
7.8
     
----
     
----
     
----
     
----
 
Non-operating (expense) income
   
(255
)
   
(0.2
)
   
201
     
0.1
     
12
     
----
 
 Interest expense
   
(7,259
)
   
(4.0
)
   
(7,467
)
   
(4.7
)
   
(7,258
)
   
(5.2
)
Income (loss) income before income taxes
   
6,795
     
3.8
     
(2,241
)
   
(1.4
)
   
1,768
     
1.3
 
Benefit from (provision for) income taxes
   
46
     
----
     
104
     
0.1
     
(31
)
   
----
 
Net income (loss)
   
6,841
     
3.8
     
(2,137
)
   
(1.3
)
   
1,737
     
1.3
 
Less: Net income attributable to non-controlling interest
   
(5,154
)
   
(2.9
)
   
(4,264
)
   
(2.7
)
   
(3,377
)
   
(2.4
)
Net income (loss) attributable to Telos Corporation
 
$
1,687
     
0.9
%
 
$
(6,401
)
   
(4.0
)%
 
$
(1,640
)
   
(1.1
)%

Years ended December 31, 2020, 2019, and 2018

Revenue.  Revenue increased by 13.0% to $179.9 million for 2020 from $159.2 million for 2019.  Security Solutions revenue was $117.3 million and $101.9 million for 2020 and 2019, respectively. This increase in 2020 of approximately 15% was driven primarily by an increase of $8.1 million in sales of offerings in Telos ID on the contract with the U.S. Census Bureau and $7.3 million in sales of offerings related to the contract with a U.S. government agency for our Telos Ghost managed intelligence support solution in Secure Communications. Secure Networks revenue was $62.6 million and $57.3 million for 2020 and 2019, respectively. This increase in 2020 of approximately 9% resulted from various DoD contracts, in both our Secure Mobility and Network Management/Defense Enterprise Solutions offerings. Due to the various solutions offerings and within the business groups, sales may vary from period to period according to the solution mix and timing of deliverables for a particular period.

Revenue increased by 15.4% to $159.2 million for 2019 from $138.0 million for 2018.  Such increase primarily consists of an increase in sales from the U.S. Air Force NETCENTS-2 contract. As discussed above, NETCENTS-2 is an IDIQ contract utilized by multiple government customers and sales under NETCENTS-2 vary from period to period according to the solution mix and timing of deliverables for a particular period. Security Solutions revenue was $101.9 million and $86.6 million in 2019 and 2018, respectively. This increase in 2019 of approximately 18% is primarily attributable to a $10.1 million increase in sales of offerings in Telos ID on a contract with the U.S. Census Bureau and a $6.3 million increase in sales of offerings related to a contract with a U.S. government agency for our Telos Ghost managed intelligence support solution in Secure Communications. Secure Networks revenue was $57.3 million in 2019 and $51.4 million in 2018. The sales increase in 2019 is the result of various DoD contracts around our Secure Mobility as well as our Network Management and Defense offerings.

Cost of sales.  Cost of sales increased by 9.9% to $117.5 million for 2020 from $106.9 million for 2019 as a result of increases in revenue. Cost of sales for Security Solutions increased to $66.9 million in 2020 from $59.9 million in 2019 which translates as a decrease in the cost of sales as a percentage of revenue to 57.0% from 58.7%. due to a change in the mix and nature of the programs. Cost of sales for Secure Networks increased to $50.6 million in 2020 from $47.0 million in 2019 which translates as a decrease in the cost of sales as a percentage of revenue to 80.9% from 82.0%.

Cost of sales increased by 25.8% to $106.9 million for 2019 from $85.0 million for 2018 as a result of increases in revenue. Cost of sales for Security Solutions increased to $59.9 million in 2019 from $48.2 million in 2018 which translates as a increase in the cost of sales as a percentage of revenue to 58.7% from 55.7%. due to a change in the mix and nature of the programs. Cost of sales for Secure Networks increased to $47.0 million in 2019 from $36.7 million in 2018 which translates as an increase in the cost of sales as a percentage of revenue to 82.0% from 71.5% due primarily to the effect of revenue accruals in 2018 for multiple contracts as a result of several years of cumulative indirect rate adjustments, which did not include direct costs.

Gross profit.  Gross profit increased by 19.2% to $62.4 million for 2020 from $52.3 million for 2019. Gross profit for Security Solutions increased to $50.5 million in 2020 from $42.1 million in 2019. Gross profit for Secure Networks increased to $12.0 million in 2020 from $10.3 million in 2019. Gross margin increased to 34.7% for 2020 from 32.9% for 2019, due to various changes in the mix of contracts in all business lines as discussed above. Gross margin for Security Solutions increased to 43.0% in 2020 from 41.3% in 2019. Gross margin for Secure Networks increased to 19.1% in 2020 from 18% in 2019.

Gross profit decreased by 1.4% to $52.3 million for 2019 from $53.1 million for 2018. Gross profit for Security Solutions increased to $42.1 million in 2019 from $38.4 million in 2018. Gross profit for Secure Networks decreased to $10.3 million in 2019 from $14.6 million in 2018, due primarily to the effect of revenue accruals in 2018 for multiple contracts as a result of several years of cumulative indirect rate adjustments, which did not include direct costs. Gross margin decreased to 32.9% for 2019 from 38.4% for 2018, due to various changes in the mix of contracts in all business lines, primarily decreases in proprietary software sales. Gross margin for Security Solutions decreased to 41.3% in 2019 from 44.3% in 2018. Gross margin for Secure Networks decreased to 18% in 2019 from 28.5% in 2018.

Selling, general, and administrative expenses.  Selling, general, and administrative expenses increased by 31.3% to $62.1 million for 2020 from $47.3 million for 2019. Such increase is primarily attributable to increases in bonuses of $6.3 million, outside services of $5.9 million, labor costs of $5.9 million, and $0.6 million in legal fees, offset by capitalization of research and development costs of $4.2 million.

Selling, general, and administrative expenses increased by 7.4% to $47.3 million for 2019 from $44.0 million for 2018. Such increase is primarily attributable to increases in labor costs of $1.9 million, bonuses of $0.5 million, bad debt expenses of $0.5 million, and outside services of $0.4 million.

Interest expense.  Interest expense decreased by 2.8% to $7.3 million for 2020 from $7.5 million for 2019, primarily due to decreases in public preferred stock interest as a result of such stock redemption, and interest on an equipment purchase arrangement, offset by an increase in interest on the senior term loan with EnCap (as defined below).

Interest expense increased by 2.9% to $7.5 million for 2019 from $7.3 million for 2018, primarily due to an increase in interest on the EnCap senior term loan, offset by a decrease in interest on an equipment purchase arrangement.

Components of interest expense are as follows:
   
December 31,
 
   
2020
   
2019
   
2018
 
   
(amounts in thousands)
 
Commercial and subordinated note interest incurred
 
$
3,875
   
$
3,644
   
$
3,436
 
Preferred stock interest accrued
   
3,384
     
3,823
     
3,822
 
Total
 
$
7,259
   
$
7,467
   
$
7,258
 

Provision for income taxes.  Income tax benefit was $46,000 for 2020, compared to an income tax provision of $104,000 for 2019, primarily attributable to administrative practice release of certain FIN48 liability.

Income tax benefit was $104,000 for 2019, compared to an income tax provision of $31,000 for 2018, primarily attributable to the decrease in deferred tax liability due to the timing of the state conformity to the indefinite-lived net operating loss provision of the Tax Act (as described below).

Non-GAAP Financial Measures
In addition to our results determined in accordance with GAAP, we believe the non-GAAP financial measures of Non-GAAP Operating Income, Enterprise EBITDA and Adjusted EBITDA are useful in evaluating our operating performance. We believe that this non-GAAP financial information, when taken collectively with our GAAP results, may be helpful to readers of our financial statements because it provides consistency and comparability with past financial performance and assists in comparisons with other companies, some of which use similar non-GAAP financial information to supplement their GAAP results. The non-GAAP financial information is presented for supplemental informational purposes only, should not be considered a substitute for financial information presented in accordance with GAAP, and may be different from similarly-titled non-GAAP measures used by other companies. A reconciliation is provided below for each of these non-GAAP financial measures to the most directly comparable financial measure stated in accordance with GAAP.

We use the following non-GAAP financial measures to understand and evaluate our core operating performance and trends, to prepare and approve our annual budget, to develop short-term and long-term operating plans, and to evaluate the performance of certain management personnel when determining incentive compensation. We believe these non-GAAP financial measures facilitate comparison of our operating performance on a consistent basis between periods by excluding certain items that may, or could, have a disproportionate positive or negative impact on our results of operations in any particular period. When viewed in combination with our results prepared in accordance with GAAP, these non-GAAP financial measures help provide a broader picture of factors and trends affecting our results of operations.

Enterprise EBITDA and Adjusted EBITDA
Both Enterprise EBITDA and Adjusted EBITDA are supplemental measures of operating performance that are not made under GAAP and that does not represent, and should not be considered as, an alternative to net income (loss) as determined by GAAP. We define Enterprise EBITDA as net income (loss) attributable to Telos Corporation, adjusted for net income attributable to non-controlling interest, non-operating income, interest expense, (benefit) provision for income taxes, and depreciation and amortization. We define Adjusted EBITDA as Enterprise EBITDA, adjusted for stock-based compensation expense, the gain realized on redemption of the public preferred stock upon the closing of our initial public offering, the losses realized on the extinguishment of senior term loan and subordinated debt upon the closing of our initial public offering, bonuses paid as a result of the closing of our initial public offering, and other expenses related to our initial public offering.

A reconciliation of Enterprise EBITDA and Adjusted EBITDA to net income (loss) attributable to Telos Corporation, the most directly comparable GAAP measure, is as follows:

   
Years Ended December 31,
 
   
2020
   
2019
   
2018
 
   
(amount in thousands)
 
Net income (loss) attributable to Telos Corporation
 
$
1,687
   
$
(6,401
)
 
$
(1,640
)
Net income attributable to non-controlling interest
   
5,154
     
4,264
     
3,377
 
Non-operating income
   
(20
)
   
(201
)
   
(12
)
Interest expense
   
7,259
     
7,467
     
7,258
 
(Benefit) provision for income taxes
   
(46
)
   
(104
)
   
31
 
Depreciation and amortization
   
5,353
     
4,972
     
3,028
 
Enterprise EBITDA
   
19,387
     
9,997
     
12,042
 
Transaction related gains/losses/expenses:
                       
Transaction related legal and accounting
   
1,914
     
----
     
----
 
Transaction related bonus
   
3,816
     
----
     
----
 
Gain on redemption of public preferred stock
   
(14,012
)
   
----
     
----
 
Transaction related non-operating income
   
(274
)
   
----
     
----
 
Loss on extinguishment of senior term loan
   
138
     
----
     
----
 
Loss on extinguishment of subordinated debt
   
411
     
----
     
----
 
Stock-based compensation expense
   
----
     
----
     
----
 
Total transaction related gains/losses/expenses
   
(8,007
)
   
----
     
----
 
Stock-based compensation expense
   
4
     
----
     
----
 
Adjusted EBITDA
 
$
11,384
   
$
9,997
   
$
12,042
 

Each of Enterprise EBITDA and Adjusted EBITDA has limitations as an analytical tool, and you should not consider it in isolation, or as a substitute for analysis of our results as reported under GAAP. Among other limitations, each of Enterprise EBITDA and Adjusted EBITDA does not reflect our cash expenditures, or future requirements, for capital expenditures or contractual commitments, does not reflect the impact of certain cash charges resulting from matters we consider not to be indicative of our ongoing operations, and does not reflect income tax expense or benefit. Other companies in our industry may calculate Adjusted EBITDA differently than we do, which limits its usefulness as a comparative measure. Because of these limitations, neither Enterprise EBITDA nor Adjusted EBITDA should be considered as a replacement for net income (loss), as determined by GAAP, or as a measure of our profitability. We compensate for these limitations by relying primarily on our GAAP results and using non-GAAP measures only for supplemental purposes.
Liquidity and Capital Resources

Upon the closing of our initial public offering, we issued 17.2 million shares of our common stock at a price of $17.00 per share, generating net proceeds of approximately $272.8 million. We used approximately $108.9 million of the net proceeds in connection with the ERPS Conversion (see Note 7 – Exchangeable Redeemable Preferred Stock Conversion), $30.0 million to fund our acquisition of the outstanding Class B Units of Telos ID (see Note 2 – Purchase of Telos ID/Non-controlling Interests), $21.0 million to repay our outstanding senior term loan and subordinated debt (see Note 6 – Debt Obligations).  We intend to use the remaining net proceeds for general corporate purposes. We also may use a portion of the net proceeds to acquire complementary businesses, products, services, or technologies. However, we do not have agreements, commitments, or plans for any specific acquisitions at this time. The amounts and timing of our actual use of the net proceeds will vary depending on numerous factors. Proceeds held by us are invested in short-term investments until needed for the uses described above. We currently anticipate that we will retain all available funds for use in the operation and expansion of our business, and we do not anticipate paying any cash dividends on our common stock in the foreseeable future.

Our working capital was $105.2 million and $2.9 million as of December 31, 2020 and 2019, respectively. Although no assurances can be given, we expect that funds generated from operations are sufficient to maintain the liquidity we require to meet our operating, investing and financing needs for the next 12 months.

Cash used in operating activities was $2.1 million for the year ended December 31, 2020, compared to cash provided by operating activities of $11.8 million and $6.3 million, for the years ended December 31, 2019 and 2018, respectively. Cash provided by operating activities is primarily driven by our operating income, the timing of receipt of customer payments, the timing of payments to vendors and employees, and the timing of inventory turnover, adjusted for certain non-cash items that do not impact cash flows from operating activities.  Additionally, cash used in operating activities also includes dividends from preferred stock recorded as interest expense of $3.4 million, $3.8 million, and $3.8 million for 2020, 2019, and 2018, respectively. In 2020, net income was $6.8 million, $14.0 million of gain related to the redemption of public preferred stock, and $5.4 million of depreciation and amortization, $1.7 million of which was amortization of capitalized software development costs. In 2019, net loss was $2.1 million, which included $5.0 million of depreciation and amortization, $1.8 million of which was amortization of capitalized software development costs. In 2018, net income was $1.7 million, which included $3.0 million of depreciation and amortization, $1.1 million of which was amortization of capitalized software development costs.
Cash used in investing activities for the years ended December 31, 2020, 2019, and 2018 was $7.5 million, $6.5 million, and $4.1 million, respectively, which, for the year ended December 31, 2020, 2019 and 2018, consisted of the capitalization of software development costs of $6.7 million, $2.4 million and $1.6 million, respectively, and the purchases of property and equipment of $0.8 million, $4.1 million and $2.5 million, respectively.
Cash provided by financing activities for the years ended December 31, 2020 and 2019 was $108.9 million and $1.4 million, respectively, compared to cash used in financing activities $2.7 million for 2018. The financing activities in 2020 consisted of net proceeds of $272.8 million from the initial public offering, offset by $108.9 million redemption of the public preferred stock, $17.4 million payoff of senior term loan, $30.0 million purchase of Telos ID membership interest, distributions of $2.7 million to the Class B Member of Telos ID, $3.7 million payoff of subordinated debt, and repayments of $1.2 million under finance leases. The financing activities in 2019 consisted of net proceeds of $4.9 million from the EnCap senior term loan, distributions of $2.4 million to the Class B Member of Telos ID, and repayments of $1.1 million under finance leases. The financing activities in 2018 consisted of distributions of $1.7 million to the Class B Member of Telos ID and repayments of $1.0 million under finance leases.

Contractual Obligations

The following summarizes our contractual obligations and our redeemable preferred stock at December 31, 2020 (in thousands):

       
Payments due by Period
 
   
Total
   
2021
     
2022 - 2024
     
2025 - 2027
   
2028 and later
 
                                   
Finance lease obligations (1)
 
$
19,364
   
$
2,097
   
$
6,609
   
$
7,117
   
$
3,541
 
Operating lease obligations (2)
   
1,744
     
752
     
992
     
----
     
----
 
   
$
21,108
   
$
2,849
   
$
7,601
   
$
7,117
   
$
3,541
 
 
 (1)    Includes interest expense:
 
$
3,724
   
$
758
   
$
1 ,826
   
$
1,009
   
$
131
 
 (2)    Includes operating lease right-of-use obligations and short-term leases with terms of 12 months or less.

Off-Balance Sheet Arrangements
We have no off-balance sheet arrangements (as defined in Item 303, paragraph (a)(4)(ii) of Regulation S-K) that have or are reasonably likely to have a material current or future effect on our financial condition, changes in financial condition, sales or expenses, results of operations, liquidity, capital expenditures or capital resources.

Capital Expenditures
Capital expenditures for property and equipment were $0.8 million, $4.1 million, and $2.5 million for 2020, 2019, and 2018, respectively. We presently anticipate capital expenditures of approximately $5.2 million in 2021; however, there can be no assurance that this level of capital expenditures will occur. We believe that available cash and borrowings under the Purchase Agreement will be sufficient to generate adequate amounts of cash to fund our projected capital expenditures for 2021.

Leases and Related Obligations
We have various lease agreements for property and equipment that, pursuant to ASC 840, “Leases,” require us to record the present value of the minimum lease payments for such equipment and property as an asset in our consolidated financial statements. Such assets are amortized on a straight-line basis over the term of the related lease or their useful life, whichever is shorter.

We adopted ASU 2016-02 effective January 1, 2019 and recorded right-of-use assets and liabilities in our consolidated balance sheets and expanded disclosures about leasing arrangements, among other items, for most lease arrangements.

Inflation
The rate of inflation has been moderate over the past five years and, accordingly, has not had a significant impact on the Company. We have generally been able to pass through any increased costs to customers through higher prices to the extent permitted by competitive pressures.

Recent Accounting Pronouncements
See Note 1 – Summary of Significant Accounting Policies of the Consolidated Financial Statements for a discussion of recently issued accounting pronouncements.

Item 7A. Quantitative and Qualitative Disclosures about Market Risk
None.


Item 8. Consolidated Financial Statements and Supplementary Data


TELOS CORPORATION AND SUBSIDIARIES

INDEX TO CONSOLIDATED FINANCIAL STATEMENTS AND SUPPLEMENTARY DATA

 
Page
41
   
42
   
43
   
44 - 45
   
46 - 47
   
48
   
49 - 71

Report of Independent Registered Public Accounting Firm

Shareholders and Board of Directors
Telos Corporation
Ashburn, Virginia
Opinion on the Consolidated Financial Statements
We have audited the accompanying consolidated balance sheets of Telos Corporation (the “Company”) and subsidiaries as of December 31, 2020 and 2019, the related consolidated statements of operations, comprehensive income (loss), changes in stockholders’ equity (deficit), and cash flows for each of the three years in the period ended December 31, 2020, and the related notes (collectively referred to as the “consolidated financial statements”). In our opinion, the consolidated financial statements present fairly, in all material respects, the financial position of the Company and subsidiaries at December 31, 2020 and 2019, and the results of their operations and their cash flows for each of the three years in the period ended December 31, 2020, in conformity with accounting principles generally accepted in the United States of America.
Basis for Opinion
These consolidated financial statements are the responsibility of the Company’s management. Our responsibility is to express an opinion on the Company’s consolidated financial statements based on our audits. We are a public accounting firm registered with the Public Company Accounting Oversight Board (United States) (“PCAOB”) and are required to be independent with respect to the Company in accordance with the U.S. federal securities laws and the applicable rules and regulations of the Securities and Exchange Commission and the PCAOB.
We conducted our audits in accordance with the standards of the PCAOB. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the consolidated financial statements are free of material misstatement, whether due to error or fraud. The Company is not required to have, nor were we engaged to perform, an audit of its internal control over financial reporting. As part of our audits we are required to obtain an understanding of internal control over financial reporting but not for the purpose of expressing an opinion on the effectiveness of the Company’s internal control over financial reporting. Accordingly, we express no such opinion.
Our audits included performing procedures to assess the risks of material misstatement of the consolidated financial statements, whether due to error or fraud, and performing procedures that respond to those risks. Such procedures included examining, on a test basis, evidence regarding the amounts and disclosures in the consolidated financial statements. Our audits also included evaluating the accounting principles used and significant estimates made by management, as well as evaluating the overall presentation of the consolidated financial statements. We believe that our audits provide a reasonable basis for our opinion.


/s/ BDO USA, LLP

We have served as the Company's auditor since 2007.
McLean, Virginia
March 25, 2021

TELOS CORPORATION AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF OPERATIONS
(amounts in thousands, except earnings per share data)

 
Years Ended December 31,
 
   
2020
   
2019
   
2018
 
Revenue (Note 5)
                 
Services
 
$
161,180
   
$
143,581
   
$
120,990
 
Products
   
18,737
     
15,637
     
17,026
 
     
179,917
     
159,218
     
138,016
 
Costs and expenses
                       
Cost of sales – Services
   
106,969
     
98,772
     
76,857
 
Cost of sales – Products
   
10,528
     
8,102
     
8,097
 
     
117,497
     
106,874
     
84,954
 
Selling, general and administrative expenses
                       
     Sales and marketing
   
6,176
     
5,951
     
6,014
 
     Research and development
   
14,243
     
10,647
     
8,755
 
     General and administrative
   
41,704
     
30,721
     
29,279
 
     
62,123
     
47,319
     
44,048
 
Operating income
   
297
     
5,025
     
9,014
 
Other income (expenses)
                       
Gain on redemption of public preferred stock (Note 7)
   
14,012
     
     
 
Non-operating (expense) income
   
(255
)
   
201
     
12
 
Interest expense
   
(7,259
)
   
(7,467
)
   
(7,258
)
Income (loss) before income taxes
   
6,795
     
(2,241
)
   
1,768
 
Benefit from (provision for) income taxes (Note 9)
   
46
     
104
     
(31
)
                         
Net income (loss)
   
6,841
     
(2,137
)
   
1,737
 
Less: Net income attributable to non-controlling interest (Note 2)
   
(5,154
)
   
(4,264
)
   
(3,377
)
Net income (loss) attributable to Telos Corporation
 
$
1,687
   
$
(6,401
)
 
$
(1,640
)
Net  earnings (loss) per share attributable to Telos Corporation, basic
 
$
0.04
   
$
(0.17
)
 
$
(0.04
)
Net earnings (loss) per share attributable to Telos Corporation, diluted
 
$
0.04
   
$
(0.17
)
 
$
(0.04
)
Weighted-average shares of common stock outstanding, basic
   
41,642
     
37,729
     
36,762
 
Weighted-average shares of common stock outstanding, diluted
   
42,877
     
37,729
     
36,762
 

The accompanying notes are an integral part of these consolidated financial statements.

TELOS CORPORATION AND SUBSIDIARIES  
CONSOLIDATED STATEMENTS OF COMPREHENSIVE INCOME (LOSS)
 (amounts in thousands)

 
Years Ended December 31,
 
   
2020
   
2019
   
2018
 
Net income (loss)
 
$
6,841
   
$
(2,137
)
 
$
1,737
 
Other comprehensive income (loss), net of tax:
                       
Foreign currency translation adjustments
   
38
     
(11
)
   
(15
)
Comprehensive income attributable to non-controlling interest
   
(5,154
)
   
(4,264
)
   
(3,377
)
Comprehensive income (loss) attributable to Telos Corporation
 
$
1,725
   
$
(6,412
)
 
$
(1,655
)

The accompanying notes are an integral part of these consolidated financial statements.

TELOS CORPORATION AND SUBSIDIARIES
CONSOLIDATED BALANCE SHEETS
(amounts in thousands)

ASSETS

 
December 31,
 
   
2020
   
2019
 
Current assets
           
Cash and cash equivalents
 
$
106,045
   
$
6,751
 
Accounts receivable, net of reserve of $308 and $720, respectively (Note 5)
   
30,913
     
27,942
 
Inventories, net of obsolescence reserve of $851 and $860, respectively (Note 1)
   
3,311
     
1,965
 
Prepaid expenses
   
3,059
     
1,717
 
Deferred program expenses
   
5
     
673
 
Other current assets
   
781
     
1,197
 
Total current assets
   
144,114
     
40,245
 
Property and equipment (Note 1)
               
Furniture, equipment, and capitalized software development costs
   
25,827
     
18,709
 
Leasehold improvements
   
2,669
     
2,536
 
Property and equipment under finance leases
   
30,792
     
30,792
 
     
59,288
     
52,037
 
Accumulated depreciation and amortization
   
(36,891
)
   
(32,470
)
     
22,397
     
19,567
 
Operating lease right-of-use assets
   
1,464
     
1,979
 
Goodwill (Note 3)
   
14,916
     
14,916
 
Other assets
   
926
     
985
 
Total assets
 
$
183,817
   
$
77,692
 


The accompanying notes are an integral part of these consolidated financial statements.


TELOS CORPORATION AND SUBSIDIARIES
CONSOLIDATED BALANCE SHEETS
(amounts in thousands, except share data)

LIABILITIES AND STOCKHOLDERS' EQUITY (DEFICIT)

 
December 31,
 
   
2020
   
2019
 
Current liabilities
           
Accounts payable and other accrued liabilities (Note 6)
 
$
20,899
   
$
15,050
 
Accrued compensation and benefits
   
8,474
     
12,187
 
Contract liabilities (Notes 1 and 6)
   
5,654
     
6,337
 
Finance lease obligations – short-term (Note 10)
   
1,339
     
1,224
 
Operating lease obligations – short-term (Note 10)
   
677
     
602
 
Other current liabilities
   
1,903
     
1,903
 
Total current liabilities
   
38,946
     
37,303
 
                 
Senior term loan, net of unamortized discount and issuance costs (Note 6)
   
     
16,335
 
Subordinated debt (Note 6)
   
     
2,927
 
Finance lease obligations - long-term (Note 10)
   
14,301
     
15,641
 
Operating lease obligations - long-term (Note 10)
   
941
     
1,553
 
Deferred income taxes (Note 9)
   
652
     
621
 
Public preferred stock (Note 7)
   
     
139,210
 
Other liabilities (Note 9)
   
1,873
     
724
 
Total liabilities
   
56,713
     
214,314
 
Commitments and contingencies (Notes 10 and 13)
               
                 
Stockholders’ equity (deficit) (Note 8)
               
Telos stockholders’ equity (deficit)
               
Common stock, $0.001 par value, 250,000,000 shares authorized, 64,625,071 shares issued and outstanding as of December 31, 2020
   
103
     
 
Class A common stock, no par value, 50,000,000 shares authorized, 35,826,200 shares issued and outstanding as of December 31, 2019
   
     
65
 
Class B common stock, no par value, 5,000,000 shares authorized, 3,204,293 shares issued and outstanding as of December 31, 2019
   
     
13
 
Additional paid-in capital
   
270,800
     
4,310
 
Accumulated other comprehensive income
   
44
     
6
 
Accumulated deficit
   
(143,843
)
   
(145,530
)
Total Telos stockholders’ equity (deficit)
   
127,104
     
(141,136
)
Non-controlling interest in subsidiary (Note 2)
   
     
4,514
 
Total stockholders’ equity (deficit)
   
127,104
     
(136,622
)
Total liabilities and stockholders’ equity (deficit)
 
$
183,817
   
$
77,692
 


The accompanying notes are an integral part of these consolidated financial statements.

TELOS CORPORATION AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF CASH FLOWS
(amounts in thousands)

 
Years Ended December 31,
 
   
2020
   
2019
   
2018
 
Operating activities:
                 
Net income (loss)
 
$
6,841
   
$
(2,137
)
 
$
1,737
 
Adjustments to reconcile net income (loss) to cash (used in) provided by operating activities:
                       
Gain on redemption of public preferred stock
   
(14,012
)
   
     
 
Net loss on early extinguishment of debt and other transactions
   
275
     
     
 
Stock-based compensation
   
4
     
     
 
Dividends from preferred stock recorded as interest expense
   
3,384
     
3,823
     
3,822
 
Depreciation and amortization
   
5,353
     
4,972
     
3,028
 
Provision for inventory obsolescence
   
(1
)
   
376
     
30
 
(Benefit) provision for doubtful accounts receivable
   
(412
)
   
414
     
(105
)
Provision for doubtful non-trade receivables
   
569
     
     
 
Amortization of debt issuance costs
   
978
     
461
     
198
 
Deferred income tax provision (benefit)
   
31
     
(197
)
   
77
 
Loss on disposal of fixed assets
   
1
     
15
     
3
 
Changes in assets and liabilities:
                       
(Increase) decrease in accounts receivable
   
(2,559
)
   
6,186
     
(9,917
)
(Increase) decrease in inventories
   
(1,345
)
   
2,048
     
9,101
 
 Decrease (increase) in deferred program expenses
   
668
     
(429
)
   
1,828
 
 Increase in prepaid expenses, other current assets and other assets
   
(1,606
)
   
(3,576
)
   
(465
)
Increase (decrease) in accounts payable and other accrued payables
   
3,413
     
(6,730
)
   
(3,914
)
(Decrease) increase in accrued compensation and benefits
   
(3,713
)
   
3,105
     
1,626
 
(Decrease) increase in contract liabilities
   
(683
)
   
1,106
     
(960
)
 Increase in other current liabilities and other liabilities
   
710
     
2,379
     
179
 
Cash (used in) provided by operating activities
   
(2,104
)
   
11,816
     
6,268
 
Investing activities:
                       
Capitalized software development costs
   
(6,681
)
   
(2,442
)
   
(1,649
)
Purchases of property and equipment
   
(780
)
   
(4,090
)
   
(2,465
)
Cash used in investing activities
   
(7,461
)
   
(6,532
)
   
(4,114
)
Financing activities:
                       
Proceeds from initial public offering
   
272,813
     
     
 
Redemption of public preferred stock
   
(108,878
)
   
     
 
Purchase of Telos ID membership interest
   
(30,000
)
   
     
 
Payment of senior term loan
   
(17,351
)
   
     
 
Payment of subordinated debt
   
(3,657
)
   
     
 
Proceeds from senior term loan
   
     
4,881
     
 
Payments under finance lease obligations
   
(1,225
)
   
(1,115
)
   
(1,013
)
Amendment fee paid to lender
   
(100
)
   
     
 
Distributions to Telos ID Class B member – non-controlling interest
   
(2,743
)
   
(2,371
)
   
(1,669
)
Cash  provided by (used in) financing activities
   
108,859
     
1,395
     
(2,682
)
Increase (decrease) in cash and cash equivalents
   
99,294
     
6,679
     
(528
)
Cash and cash equivalents, beginning of the year
   
6,751
     
72
     
600
 
Cash and cash equivalents, end of year
 
$
106,045
   
$
6,751
   
$
72
 

                         
Supplemental disclosures of cash flow information:
                       
Cash paid during the year for:
                       
Interest
 
$
7,259
   
$
3,299
     
2,483
 
Income taxes
 
$
64
   
$
40
   
$
19
 
                         
Noncash:
                       
Dividends from preferred stock recorded as interest expense
 
$
3,384
   
$
3,823
   
$
3,822
 
Common stock issued on redemption of public preferred stock (Note 7)
 
$
19,213
   
$
   
$
 
Common stock issued on purchase of Telos ID membership interest (Note 2)
 
$
148,399
   
$
   
$
 
Distributions to Telos ID Class B member – non-controlling interest
 
$
2,436
   
$
   
$
 
Debt issuance costs and prepayment of interest on senior term loan
 
$
   
$
119
   
$
 

The accompanying notes are an integral part of these consolidated financial statements.

TELOS CORPORATION AND SUBSIDIARIES
CONSOLIDATED STATEMENTS OF CHANGES IN STOCKHOLDERS' EQUITY (DEFICIT)
(amounts in thousands)

 
Common Stock
   
Class A Common
Stock
   
Class B
Common
Stock
   
Additional
Paid–in Capital
   
Accumulated
Other
Comprehensive Income
   
Accumulated
Deficit
   
Non-Controlling Interest
   
Total
Stockholders’ Equity
(Deficit)
 
Balance December 31, 2017
 
$
   
$
65
   
$
13
   
$
4,310
   
$
32
   
$
(141,370
)
 
$
913
   
$
(136,037
)
Net (loss) income
   
     
     
     
     
     
(1,640
)
   
3,377
     
1,737
 
Cumulative effect adjustment due to change in accounting policy
   
     
     
     
     
     
3,881
     
     
3,881
 
Foreign currency translation loss
   
     
     
     
     
(15
)
   
     
     
(15
)
Distributions
   
     
     
     
     
     
     
(1,669
)
   
(1,669
)
Balance December 31, 2018
 
$
   
$
65
   
$
13
   
$
4,310
   
$
17
   
$
(139,129
)
 
$
2,621
     
(132,103
)
Net (loss) income
   
     
     
     
     
     
(6,401
)
   
4,264
     
(2,137
)
Foreign currency translation loss
   
     
     
     
     
(11
)
   
     
     
(11