Audit , Governance & Risk Management

Darktrace Taps EY to Probe Finances Amid Short-Seller Claims

Review Prompted By QCM Alleging Darktrace Overstated Sales, Margins and Growth Rate
Darktrace Taps EY to Probe Finances Amid Short-Seller Claims

Darktrace has brought in Ernst & Young to review the cybersecurity AI vendor's financial process and controls following bombshell allegations from short seller Quintessential Capital Management.

See Also: Safeguarding against GenAI Cyberthreats with Zero Trust

The Cambridge, England-based company has commissioned an independent review weeks after QCM claimed in a 70-page report that Darktrace has overstated its sales, margins and growth rates in financial statements. Darktrace strongly denied the allegations and says it is confident the financial statements it has made since going public in April 2021 fairly represent the company's financial positions and results.

"The board believes fully in the robustness of Darktrace's financial processes and controls," Board Chair Gordon Hurst says in a statement Monday. "As a sign of that confidence, we have commissioned this independent third-party review by E&Y. We look forward to the outcome of this review."

Darktrace's stock is up $8.83 - or 2.79% - to $325.29 per share after announcing the appointment of EY. EY will report findings to the chair of Darktrace's Audit and Risk Committee, and the firm doesn't expect to provide any updates when announcing financial results on March 8. The company's stock fell sharply after QCM's report came out Jan. 31 but has since recovered and now trades above pre-report levels.

QCM issued its blistering report on Darktrace less than five months after private equity giant Thoma Bravo halted efforts to take Darktrace private after the two sides failed to reach an agreement on terms. QCM is shorting Darktrace's stock, meaning the New York City-based hedge fund profits if the company's stock price falls (see: Thoma Bravo, Darktrace Ax Deal Over Disagreement on Terms)

"Even before the mysterious failure of the sale to Thoma Bravo, we have targeted Darktrace with a thorough investigation into its business model, selling practices, international partnerships, affiliates and sales force," QCM wrote on Jan. 31. "After a careful analysis, we are deeply skeptical about the validity of Darktrace's financial statements and fear that sales, margins and growth rates may be overstated."

Channel Conundrum

Prior to Darktrace's initial public offering, QCM alleges the company carried out numerous simulated or anticipated sales to phantom end users through a network of willing resellers. Darktrace's supposed channel stuffing and round-tripping activities involved shell companies in offshore jurisdictions manned by individuals with ties to organized crime, money laundering and fraud, according to QCM.

Darktrace was accused on Jan. 31 by QCM of using marketing funds to funnel money back to its channel partners as payment for fictitious purchases. Darktrace said Feb. 1 that partner marketing events have been a very small part of the company's overall marketing strategy, and costs tied to partner marketing over the past five years consistently fell well below 0.5% of the company's revenue.

Darktrace also said a small number of channel partner contracts weren't validated by reviews in the run-up to the IPO, and those contracts weren't included in recent financial statements.

"The board believes fully in the robustness of Darktrace's financial processes and controls."
– Gordon Hurst, board chair, Darktrace

Darktrace mandates that its contracts with channel partners and channel partner contracts with end users have the same start and end dates and align on other material contract terms. Darktrace requires visibility into signed end-user contracts and won't just rely on partner assurances; the company carefully reviews its contract portfolio leading up to the IPO.

After reviewing control procedures surrounding the channel, Darktrace said it ended up strengthening processes around partner onboarding processes, contract booking and post-contract auditing. Contracts that didn't meet Darktrace's policies weren't included in the company financial statement as part of either the IPO prospectus or the annual reports since the IPO, according to the company.

Appliance Abnormalities

Outside of the channel, QCM alleges that a portion of Darktrace's past recurring software sales are instead one-off sales of hardware appliances. QCM also claims it spotted anomalies involved deferred revenue, presenting a potentially misleading picture about Darktrace's cash generation.

Darktrace said Feb. 1 that it recognizes all revenue and costs upfront on the hardware appliance portion of the contract only as required by accounting practices. The company said more than 99.5% of its revenue is subscription-based, and customers buy hardware appliances only if they're a government or regulated entity that needs to own all the infrastructure in its data center.

From a deferred revenue perspective, Darktrace says the majority of its customers are invoiced annually in advance, and businesses rarely get invoiced and pay for substantially longer periods upfront. Given how infrequently customers pay full contract values in advance, Darktrace said its noncurrent deferred revenue balance will likely decline as these contracts run down.

Further, QCM suspects a large portion of Darktrace's legitimate sales were obtained through an extremely aggressive sales force stemming from unsustainably high marketing expenses and an impossibly low R&D budget. QCM expects sales momentum to drop as the surge in contracts signed before Darktrace's IPO expire without being renewed by disappointed customers.

QCM anticipates a rapid, sharp deterioration in Darktrace's financials due to increased competition, questionable product value, front-loading of existing contracts, high churn rate and lack of sustainable cash generation. Employment, website traffic and search volume metrics suggest a sharp slowdown may already be underway, according to QCM.

Darktrace now avoids opt-outs or other cancellation rights in its contracts, but it still has some historical contracts that contain these terms. For any contracts that contain opt-outs, none of the contract value beyond the opt-out date is included in Darktrace's backlog, the company said. Darktrace only recognizes revenue on fully completed transactions, and only the portion that's fully committed is included in the backlog.

"We embrace the scrutiny of the public markets," Darktrace CEO Poppy Gustafsson said in a Feb. 1 statement. "However, it is also important to refute any unfounded inferences about the listed business we are today and push back in the strongest terms on any suggestions that this is a business that is not being run with the greatest integrity."

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.