Crossword Cybersecurity plc (CCS) 2021年年度報告「LSE」.pdf

《Crossword Cybersecurity plc (CCS) 2021年年度報告「LSE」.pdf》由會員分享，可在線閱讀，更多相關《Crossword Cybersecurity plc (CCS) 2021年年度報告「LSE」.pdf（80頁珍藏版）》請在三個皮匠報告上搜索。

1、ANNUAL REPORT AND ACCOUNTSfor the year ended 31 December 2021Crosswords vision is to partner with organisations to keep them secure in the digital world.The Group reduces cyber risks for their clients by providing a portfolio of innovative products and services,powered by university and other resear

2、ch-driven insights.Crossword Cybersecurity PLC is the parent company of the Crossword group of companies which focuses on the cyber security sector.Crossword Cybersecurity plc focuses on the development and commercialisation of cyber security and risk management-related software and cyber security c

3、onsulting.The Groups specialist cyber security product development and software engineering teams develop the concept into a fully-fledged commercial product that it will then take to market.The Group has built up a portfolio of revenue-generating,intellectual property-based,cyber security products.

4、Rizikon Assurance,Crosswords leading product,is a SaaS platform that enables companies of all sizes to assess and manage all risks from their suppliers.Nixer CyberML is a new tool for businesses that want to solve advanced security and cybercrime problems,such as detecting and dealing with compromis

5、ed accounts,fraud,and in-application denial of service attacks.Identiproof,Crosswords third product,is the World Wide Web Consortium(W3C)verifiable credentials compatible middleware and wallet technology.Trillion and Arc are the latest additions to Crosswords product suite,offering some of the stron

6、gest and most advanced credential leak monitoring services in the market.Crosswords team of expert cyber security consultants leverages years of experience in national security,defence and commercial cyber intelligence and operations to provide bespoke cyber security consulting advice tailored to it

7、s clients business needs,including threat monitoring using Nightingale,the world class platform.SERVICESCYBERSECURITY CONSULTING Crossword has a full-service cyber security consulting team that provides strategy,assessment and risk management services.NIGHTINGALE SECURITY MONITORING A comprehensive

8、security monitoring service which brings together multiple facets and services to identify organisational assets,users,traffic,networks and endpoints,to mitigate the threats and vulnerabilities an organisation faces.CROSSWORD CYBERSECURITY PLC Annual Report and accounts 2021Strategic reportFinancial

9、 Highlights02Chairmans Statement03Chief Executive Officers Statement04Performance Review06Section 172(1)Statement07Corporate Social Responsibility08Principal Risks&Uncertainties10GovernanceThe Board18Corporate Governance Report23Directors Report&Statement of Directors Responsibilities35Financial sta

10、tementsIndependent Auditors Report38Consolidated Statement of Comprehensive Income44Statements of Financial Position45Statements of Changes in Equity46Statements of Cash Flows47Notes to the Financial Information48Notice of AGM72Company Information76CONTENTSPRODUCTSRizikon Assurance helps organisatio

11、ns take control of Supplier Assurance and Supply-chain Risk Management Secure online Questionnaires in your own branded portal Audit trails on all answers 360-degree Supplier Scorecards Dashboard of the risk across all suppliers and a host of other features Use our standard Cyber Security,GDPR,Moder

12、n Slavery,General On-boarding,Anti-bribery&corruption,COVID-19,National Minimum Wage,and Equality&Diversity questionnaires or create your own using our Question-set Editor Creditsafe integration Darkbeam instant digital risk audit integration Detect and Mitigate Credential Attacks with Nixer CyberML

13、Nixer can stop your users from using breached passwords and intelligently protect your applications from Credential Stuffing attacks without killing usability.Find out more about how integrating Nixers open source Java plug-in can protect your applications from Credential Attacks.Identiproof enhance

14、s the security and privacy of your digital credentialsUsing the W3C standard for Verifiable Credentials and advanced cryptography,Identiproof makes it easier than ever to create,manage and authenticate identities online,reducing the risk of fraud and identity theft,while ensuring that the individual

15、s privacy is protected.TRILLIONManaged Service Providers keep their customers infrastructure protected with Trillion Trillion is the Breached Account Mining platform that continuously tracks,correlates and analyses billions of stolen usernames and passwords,hunting for Digital Identities that could

16、belong to your customers.ARCAccount protection for eCommerce platform ownersArc is a service which enables your customer facing authentication services to query,in real time,for access attempts,using username and password pairs already known to criminals so you can instantly step in and avoid losses

17、.GOVERNANCE REPORTFINANCIAL STATEMENTSSTRATEGIC REPORT01 2021 FINANCIAL HIGHLIGHTS 2021 OPERATIONAL HIGHLIGHTS Rizikon users grew to over 500 by the end of 2021.Integrated DarkBeams real-time cyber risk audits into Rizikon,significantly enhancing its functionality.New distribution partners for Rizik

18、on.Completed grant-funded feasibility study with Liverpool John Moores University to investigate the underlying problems and causes of failures in supply chain risk and assurance.Conceived of,designed,architected and market-tested a completely new product in the privacy governance space,called PRC,f

19、or the University of Glasgow.The IASME Consortium Limited commenced using Rizikon to deliver its Counter Fraud Fundamentals Certification.This is as well as delivering its Internet of Things security certification,and was followed early in 2022,by IASME choosing Rizikon to deliver its Counter Fraud

20、Fundamental certifications.Consulting secured two more FTSE250 clients.Busiest penetration testing year.Crossword Cybersecurity LLC was formed in the Sultanate of Oman,90%owned by Crossword Cybersecurity Plc with the remaining 10%owned by Al Rawahy Holdings LLC.Crossword Cybersecurity LLC will be th

21、e exclusive third-party distributor of Crosswords existing and future cyber security products,including Rizikon.Crosswords full range of cyber security services will also be made available helping companies in the region improve their cyber security posture to achieve best practices with the latest

22、solutions.Crossword acquired two companies,Stega UK Limited and Verifiable Credentials Limited,and in March 2022 have acquired Threat Status Limited,a threat intelligence company,resulting in the acquisition of three companies within 12 months.With Stega UK Limited,Crossword acquired a brilliant tea

23、m and managed security services platform,Nightingale,with a new set of customers and are already selling these new services into the Consulting client base.With the acquisition of Verifiable Credentials Limited,IdentiProof was added to the product portfolio.Refreshed the Board with the appointment o

24、f Dr Robert Coles and Tara Cemlyn-Jones,and we strengthened our Advisory Board with two leading industry CISOs,Alison Dyer of Urenco,taking over as Chair,and Naina Bhattacharya of Danone.Share split where each Ordinary Share of 5p was sub-divided into 10 new ordinary shares of 0.5p.The capital reorg

25、anisation aimed to improve the market liquidity of and trading activity in the Companys shares and attract new investors.Crosswords team grew from 37 to 60 during 2021,a 62%increase in team size.Great progress on gender diversity with the Board being 37.5%women and Advisory Board at 50:50 parity.The

26、 Women at Crossword Group was established and has met 3 times covering an interesting range of topics and speakers.Office move in London from Richmond to a new Waterloo office which since then has been expanded to provide capacity to cope with the evergrowing team.Looked after our health and well-be

27、ing in many ways,including online yoga classes,a Wellness Week and post-COVID-19,the re-establishment of the social committee who organised several enjoyable events.Thought about people other than ourselves.In Krakow,the team supported the incredible Noble Box charity again this year delivering amaz

28、ing gifts to a chosen family and since we started working with SPEAR,the homelessness charity,the London team have raised over 6,500 and donated clothes and furniture to SPEAR.We also joined a salary sacrifice for vaccinations scheme to support roll-out of vaccines to areas in need worldwide.Highlig

29、htsARRDOUBLED2.3m2021 REVENUE*INCLUDES GRANT INCOME1.6mEQUITY FUND RAISE FEB 202143%REVENUE GROWTH5.0mEQUITY FUND RAISE JULY 202156%PRODUCT AND SERVICES REVENUE GROWTH 02CROSSWORD CYBERSECURITY PLC Annual Report and accounts 2021Management and staff are to be congratulated on achieving 43%revenue gr

30、owth in 2021,as the economy emerged gradually from a very tough period.We look forward to continuing to build value for shareholders in the year ahead.”SIR RICHARD DEARLOVE KCMG OBE 13 April 2022STRONG GROWTH AS THE ECONOMY EMERGES FROM THE PANDEMIC As the world emerged slowly from the challenging p

31、andemic period,Crossword continued to progress rapidly with our strategy of building a significant intellectual property-based,AIM quoted cyber security business.By the end of 2021,Crossword had grown revenue including Grant Income by a very healthy 43%.2022 has started positively,and the company is

32、 confident of achieving growth of circa 75%in the coming year.Rizikon now has over 500 organisations using the platform,we have integrated two acquisitions and our first-class specialist cyber security consulting team is building on its major client relationships.Management and staff are to be congr

33、atulated on achieving 43%revenue growth in 2021,as the economy emerged gradually from a very tough period.We look forward to continuing to build value for shareholders in the year ahead.A series of smart acquisitionsDuring 2021,Crossword continued to expand its product portfolio and accelerate growt

34、h through a series of targeted acquisitions.Crossword acquired Verifiable Credentials Limited in the first half of the year and Stega UK Limited in the second half.The company also signed a head of terms to acquire a cyber threat company,Threat Status Limited,in December and the transaction complete

35、d in March 2022.Robust GovernanceWe strengthened the Group Balance Sheet in 2021 by completing two equity fund raises,with significant shareholder support and new investors coming on board.We completed a 1.6m fundraise early in the year followed by a 5m raise in July.We would like to thank our share

36、holders for their support as we build for the future.We were delighted to welcome aboard two new Board members,Dr Robert Coles and Tara Cemlyn-Jones,at the AGM.Once again,I would like to take this opportunity to thank Dr David Stupples and Gordon Matthew for their invaluable contributions as they re

37、tired from the Board.The Board maintains a robust framework of controls and high standards,enabling the company to adapt quickly and securely in a way that safeguards our stakeholders longer-term interests.The Board continues to adhere to the Quoted Companies Alliance Corporate Governance Code(the Q

38、CA Code)in line with the London Stock Exchanges requirement for all AIM listed companies to adopt a recognised corporate governance code.The Chairmans Corporate Governance Statement on page 23 of this report provides further details.Significant growth in 2021,set to accelerate in 2022The last year h

39、as been one of rapid growth once again as we emerge from the worst of the pandemic.Crossword is well set for faster growth in 2022.We have experienced leadership,an expert cyber security team and a strong set of best-in-class cyber security products and services to offer in the fast-growing cyber se

40、curity market.Our diverse and committed team of employees has performed remarkably during this period and I would like to acknowledge them all.Crosswords core values of responsibility,openness,flexibility and learning underpin everything we do and will enable our company to accelerate in 2022 and be

41、yond.SIR RICHARD DEARLOVE KCMG OBE 13 April 2022Chairmans StatementGOVERNANCE REPORTFINANCIAL STATEMENTSSTRATEGIC REPORTI am incredibly pleased with the progress Crossword made in 2021,achieving 43%total revenue growth,and 56%growth in our product and services revenue.We expanded our product portfol

42、io with the addition of Identiproof,our services offering with the addition of Nightingale,and our geographical reach with the opening of our Oman office.We were delighted to welcome new institutional investors in our February and July 2021 fund raises and are appreciative of the ongoing support of

43、our shareholders.We have welcomed the teams from Stega UK Ltd and Verifiable Credentials into the Crossword fold during 2021,and the team from Threat Status Ltd in March 2022.Crossword employees continue to embody our culture and values of responsibility,openness,flexibility and learning.”TOM ILUBE

44、CBE 13 April 2022It is my pleasure,as Chief Executive Officer,to present the Annual Report and audited accounts for Crossword Cybersecurity Plc(Crossword or the Company or the Group)for the financial year ended 31 December 2021.Crossword grew strongly in 2021,as the economy and wider society started

45、 to emerge from the pandemic albeit with stops and starts along the way.Overall,the business grew by an impressive 43%through the year.In the period under review,product and services revenue(including Grant Income)grew by 56%over the comparative period.The Group revenue growth of 43%includes softwar

46、e development services to related party which has now discontinued.We were particularly pleased to see consulting services recurring revenue increase by almost 100%over the prior year.Despite the pandemic reaching new heights and negatively impacting the economy worldwide,the field of cyber security

47、 experienced high demand and demonstrated its resilience with another consecutive record year of investment in cyber security firms.Crosswords products and services have seen a growing demand throughout 2021 leading to another successful year of operations.According to the UK Cyber Security Sectoral

48、 Analysis 2022,the UK remains the largest cyber security market in Europe with a total revenue of 10.15bn,which represents growth of 14%from last years figure(8.9bn).The UK maintained its spot as the biggest exporter of cyber services in Europe,increasing its exports from 3.9bn to 4.24bn.Going into

49、2021,after a tough period the previous year due to the pandemic,the Executive team was determined to make solid progress in building the business.We decided to accelerate our growth and enhance our product portfolio through a series of tactical acquisitions,and we successfully completed two transact

50、ions during the year.The first was Verifiable Credentials Limited which has been assigned intellectual property from the University of Kent,adding its product Identiproof to our product portfolio.Identiproof addresses the growing digital credentials market whereby tens of millions of physical certif

51、icates(such as academic certificates,insurance documents,health certificates and many others)will be converted into digital certificates that need to be verified to confirm their authenticity.Identiproof was created by Professor David Chadwick,an acknowledged expert and co-author of the global W3C s

52、tandard in the digital credentials field,who joined Crosswords team.The second,Stega UK Limited,the threat intelligence and monitoring company that is particularly strong in the financial services and hedge fund sector,added significant technical expertise,in-depth cyber threat data and thirty new c

53、lients,bringing our revenue generating services client base to over 100 organisations.We also signed a heads of terms for our third acquisition,Threat Status Limited,a threat intelligence company,that we completed in March 2022.Following the acquisition of Threat Status Limited,products Trillion and

54、 Arc will be incorporated into Crosswords product suite,completing our aim of having five products in the market by the end of 2022.Rizikon,Crosswords leading product,continued to make strong progress as we rolled it out to a wide range of clients,driven by our membership body programme.Our agreemen

55、t to launch Rizikon to the 10,000 Chartered Institute of Information Security members resulted in great take-up.We also signed up a number of other membership organisations.As a result,we ended 2021 with more than 500 organisations using Rizikon,either in trials or contracted.We also enhanced the pr

56、oduct by integrating Darkbeam cyber risk audits into Rizikon.Chief Executive Officers Review04Our R&D team,who work closely with universities on cyber risk intellectual property-based product ideas,completed a revenue generating project with the University of Glasgow on privacy governance software.T

57、hey also completed an Innovate UK-funded project to investigate Manufacturing Supply Chain Risk with Liverpool John Moores University and a number of industry partners.Concepts generated by this project will be used to enhance Rizikon over the coming year.Crosswords Consulting division continued to

58、secure projects with major FTSE,mid-market and fast-growing entrepreneurial companies.We are particularly pleased that our consulting services division has secured a good mix of vCISO revenue contracts,which will deliver recurring revenue through 2022 and beyond.vCISO is a virtual/remote CISO(Chief

59、Information Security Officer)service,provided by Crossword Consulting cyber security experts at a fraction of the cost of an in-house CISO.Crossword services recurring revenue,strengthened by the acquisition of Stega UK Ltd,increased by almost 100%over the prior year.Following consulting and market

60、research projects carried out in the region in 2020,Crossword established an Oman subsidiary,in partnership with Al-Rawahy Holdings,a significant Omani Group with extensive interests across the Gulf region.Our subsidiary,Crossword Cybersecurity LLC,will be the exclusive third-party distributor of Cr

61、osswords existing and future cyber security products,including Rizikon.Our full range of products and services will be made available across the region to help organisations improve their cyber security posture.On the corporate front,Crossword strengthened its balance sheet,completing a 1.6m equity

62、fundraise in 2021 through a placing and subscription of Crossword Ordinary Shares at a price of 260 pence per share.In May,we competed a 10:1 share split to support liquidity and following the share split,we raised 5m at a price of 30 pence in July 2021.I was delighted with the level of support from

63、 our existing shareholders through this period and was very pleased to welcome several major new shareholders.At our AGM in May 2021,we welcomed two new Board members,Dr Robert Coles and Tara Cemlyn-Jones.Robert was lead partner for KPMGs Information Security consulting business prior to moving into

64、 industry where he held a number of CISO positions at large corporations including GlaxoSmithKline.Robert previously chaired Crosswords Advisory Board and continues to chair our consulting business.Tara has 28 years experience in financial services with specialist knowledge of capital markets,M&A,st

65、rategy and digital transformation.We would like to thank Dr David Stupples and Gordon Matthew for their excellent contribution over the years as they retired from the Board at the AGM.As Crossword continues to grow and mature as an organisation,a keen focus is kept on our wider stakeholder and socia

66、l responsibilities.Our Polish team reacted quickly to the suffering of Ukrainians evacuating to Poland,putting a donations scheme in place,and sharing experiences with the whole group.Crossword is considering the BCorp accreditation,as we believe that this will provide external parties with confiden

67、ce that Crossword holds itself to high standards in relation to stakeholders,in areas such as governance,employees,community,environment and customers.I want to close by thanking all those who helped Crossword accelerate through a tricky year which ended with an excellent result.As we look forward,2

68、022 looks incredibly exciting for Crossword.We are aiming for 75%revenue growth across the Group and with Crosswords outstanding team and our culture of responsibility,openness,flexibility and learning,I am confident that we will achieve our goals.TOM ILUBE Chief Executive Officer 13 April 2022GOVER

69、NANCE REPORTFINANCIAL STATEMENTSSTRATEGIC REPORT05Performance ReviewFINANCIAL REVIEWFinancial PositionCrossword Cybersecurity plc finished theyear with a cash balance of 3.4m.Results2021 income(including grant income 152k)was 2.3m;an increase of 696k,43%on the prior year.The planned termination of t

70、he one remaining software development contract resulted in a 39%reduction in development revenue and a 56%increase in product and services(consulting and Nightingale)revenue,Crosswords core offerings.The shape of the revenue has changed over the previous years;in 2018,software development accounted

71、for 38%of revenue,reducing to 6%in 2021.In 2021,product income(including grant income 152k)grew by 268%(2020:95%)and accounted for 22%(2020:8%).Services income grew by 33%(2020:35%)and accounted for 72%(2020:78%).Total comprehensive loss for the year was2.46m.Total cost of sales and administrative e

72、xpenses increased by 1.3m in 2021 compared to 2020.The increase is primarily driven by the increase in staff with full-time equivalents(“FTE”)increasing by 74%compared to the closing FTE at the end of 2020.Organic FTE growth was 48%,with the balance driven by the two acquisitions during the year,Ste

73、ga UK Limited(“Stega”)and Verifiable Credentials Limited(“VCL”).In 2021,Crossword continued to invest in sales and marketing,and product development,which are the areas which saw the largest FTE growth.An increase in professional fees in 2021 was driven by two equity fundraises,two acquisitions and

74、the opening of an overseas company in Oman.Crossword completed a 1.6m equity fundraise in February 2021 through a placing and subscription of Crossword ordinary shares at a price of 260 pence per share.In May,10:1 share split to support liquidity was completed and,following the share split,a 5m equi

75、ty fundraise at a price of 30 pence in July 2021 was completed.In May 2021,Crossword acquired the whole of the share capital of VCL,the provider of Identiproof,the World Wide Web Consortium(“W3C”)verifiable credentials compatible middleware and wallet technology.In August 2021,the acquisition of the

76、 whole of the share capital of Stega,the threat intelligence and monitoring company,was announced.This acquisition brought the additional capability of threat intelligence and monitoring services,using its sophisticated in-house platform,Nightingale.Consultancy cost increases were a result of the re

77、quirement to use third-party providers to deliver consulting revenue due to a shortage of internal capacity.The gain on revaluation of financial assets reflects the fair value of shares held.CashflowsNet cash inflows of the Group in 2021 were 2.4m.Excluding proceeds from issue of loan notes and cash

78、 paid for acquisitions,net cash outflows of the Group were 3.3m(2020:1.6m).TaxationThe Group continues to claim research and development tax credits,with 206k accounted for in 2021(2020:210k).KPISAverage product and services revenue per client2017201820192020202125,00020,00015,00010,0005,0000Number

79、of product and services clients2017201820192020202112010080604020006CROSSWORD CYBERSECURITY PLC Annual Report and accounts 2021Section 172(1)StatementThe Company has complied with the requirements of s414CZA of the Companies Act 2006 by including certain information within the Strategic and Governan

80、ce Reports,that informs members of the Company how the Directors have considered the matters set out in section 172(1)(a)to(f)of the Companies Act 2006 when performing their duty under section 172 to promote the success of the Company.The following table outlines where the key content as required by

81、 the regulations can be found in this report.Matters considered by the BoardWhere to read more in this Annual ReportThe likely consequences of any decision in the long termStrategic Report on page 02Corporate Governance Report on page 23Directors Report on page 35The interests of the Companys employ

82、eesCorporate Social Responsibility on page 08Corporate Governance Report on page 23The need to foster the Companys business relationships with suppliers,customers and othersCorporate Governance Report on page 23The impact of the Companys operations on the community and the environmentCorporate Socia

83、l Responsibility on page 08Corporate Governance Report on page 23The desirability of the Company maintaining a reputation for high standards of business conductPerformance Review on page 06Strategic Report on page 02Corporate Governance Report on page 23The need to act fairly as between members of t

84、he CompanyCorporate Governance Report on page 23Directors Report on page 35GOVERNANCE REPORTFINANCIAL STATEMENTSSTRATEGIC REPORT07ENVIRONMENTAL,SOCIAL&GOVERNANCEAs Crossword continues to grow and mature as an organisation,a keen focus is kept on our wider stakeholder and social responsibilities.Cros

85、sword is considering the BCorp accreditation.Certified B Corporations,or B Corps,are companies verified by B Lab to meet high standards of social and environmental performance,transparency,and accountability.We believe that this accreditation will provide external parties with confidence that Crossw

86、ord holds itself to high standards in relation to stakeholders,in areas such as governance,employees,community,environment and customers.Crossword recognises that we have a responsibility to manage our environmental impacts carefully,including meeting all legal and regulatory requirements.We are com

87、mitted to reducing our environmental impact and continually improving our environmental performance as an integral part of our business strategy and operating methods,with regular review points.We will encourage customers,suppliers and other stakeholders to do the same.At Crossword,we value the peop

88、le and we believe our greatest strength is a good team of experts.We aim to make progress on gender diversity with the Board being 37.5%women and Advisory Board at 50:50 parity.The Women at Crossword Group was established during 2021 and has met 3 times covering an interesting range of topics and sp

89、eakers.Our cultureOur culture is that distinct differentiator which drives our decisions and actions.We are energetic,agile and passionate about the quality of work we deliver.Weencourage responsibility early in the lifecycle of an employees career,along with which comes valuable learning.We make su

90、re we have fun while doing our work and look out for each other by being open,transparent and flexible to adapt to each others needs and the needs of our customers and stakeholders.The Board is committed to promoting a strong ethical and values-driven culture throughout the Company and has a people-

91、oriented ethos where hard work and commitment is recognised.The benefit of experienceThe make-up of our team gives us something unique to offer.Its rare to find such richness of leadership experience in a small organisation and the advantage of our size is that our leadership team are present,access

92、ible and engaged with the whole team.Employees will get to know the leadership well and our staff tell us time and time again that they find this level of exposure invaluable in developing their own knowledge and business acumen.In 2021,we looked after our health and well-being in many ways,includin

93、g with online yoga classes,a Wellness Week and post-COVID-19,the re-establishment of the Social Committee who organised several enjoyable events.A Mental Health First Aider was appointed to provide support where required.We have a Balance channel on Slack,which is a dedicated space to bring interest

94、ing articles,blogs,websites and general content about Mental Wellbeing.Our Mental Wellbeing Policy outlines our provisions to prevent and address mental health issues among our employees.Mental Health is just as important as physical health.Mental ill health may be detrimental to a person as it impa

95、cts happiness,productivity,and collaboration.Crossword in the UK has an Employee Assistance Programme(EAP)which includes a wealth of resources like confidential health assessments,online resources,and telephone support.Corporate Social ResponsibilityI believe every employee will affirm this;Crosswor

96、d Cybersecurity is an exceptional company that truly cares.”OMOLOLA ADEYEMI Technical Product Associate08CROSSWORD CYBERSECURITY PLC Annual Report and accounts 2021Company values FlexibilityWe adapt to changing needs and empower our employees with the trust and autonomy they need to deliver high qua

97、lity work.LearningWe promote continuous learning culture and believe that knowledge and competence drives performance and growth of the individual and organisation.ResponsibilityWe take the ownership to demonstrate a high standard of work as we are personally responsible for the work we deliver.Open

98、nessWe encourage openness between all employees and with clients,we are inclusive adaptive collaborative,and committed to accepting people from diverse backgrounds.More reasons to join us Leadership supportAsking for help and support is celebrated and highly encouraged at Crossword.The support can b

99、e available in the form of Mentoring,knowledge sharing and we also have a Buddy system for new starters.The Executive team is committed to their teams professional development.Great working environmentWe strive to better the employee experience by providing proper work equipment and also through wor

100、kplace engagement surveys which encourage open communication and feedback.Our offices are modern and equipped with kitchen and shower facilities,coffee machines and breakout spaces.Inclusivity&DiversityOur collective strength is in our individual uniqueness and the range of experiences we can bring

101、to the table.When we recruit,we dont look for a Culture fit,to fit any specific but rather what the person brings,but Our culture is extremely collaborative and adapts to cater to the needs of our biggest asset our people!Work-life balanceWe are focused on achievements at work,not how long you spend

102、 in the office.We believe in being agile and adapt to work around employees commitments and working styles.We prioritise our employees mental well-being above everything else.All employees are encouraged to take timely breaks to spend time doing what they love and pursue their recreations.Some of th

103、e initiatives which highlight the elements of our culture are as follows:Employee Engagement through our Corporate Social Responsibility initiative drives a common goal and brings employees together for a higher purpose.We have partnered with SPEAR,a local charity in Richmond,to raise funds and help

104、 the homeless.Our Krakow office employees carry out philanthropic initiatives every year to help the disadvantaged and needy.We also have other interesting employee engagement events like our company away days,social events,lunch Mondays,etc.Excellent communication channels like Slack,Google Meet,vi

105、rtual fortnightly coffee mornings allow for an easy flow of communication.Flexible and family-friendly policies which enable an enviable work environment.Open recognition initiatives as well as a 5-year Long Service Award to acknowledge hard work and commitment to the business.GOVERNANCE REPORTFINAN

106、CIAL STATEMENTSSTRATEGIC REPORT09The Board has overall responsibility for ensuring that risk is appropriately managed throughout the business.The Board is aware of the need to conduct regular risk assessments to identify any deficiencies in the controls currently operating over all aspects of the Co

107、mpany.Risks to the achievement of strategic objectives are identified by the Executive.The degree of risk is evaluated by reference to the impact and probability of the risk,considering inherent and residual risk.The Executive considers the nature and extent of the risks,the threat of such risks bec

108、oming reality,the ability to reduce the incidence and impact on its business if the risk materialises,and the costs and benefits resulting from operating relevant controls.A Risk Register is prepared and regularly reviewed by the Executive,and shared with the Audit Committee for independent review a

109、nd robust challenge.The Risk Register includes a plan for mitigation of risks above the risk appetite of the business.RISKS RELATING TO THE GROUP AND THE INDUSTRY IN WHICH IT OPERATESINTELLECTUAL PROPERTY ACQUISITION AND DEVELOPMENTCrossword acquires intellectual property(IP)rights from universities

110、 via licensing,IP transfer arrangements and acquisitions,and then develops this IP into commercial products.Failure to secure good quality IP deals,and to quickly and appropriately meet new cyber security challenges,will make it difficult for the Group to generate new products.The success of this st

111、rategy depends on the ability of Crossword to source suitable IP and use its expertise in business management,marketing and product development to build solutions attractive to its potential customer base.Ultimately,Crossword will only succeed if it is able to acquire design,develop and sell new sof

112、tware solutions in a timely fashion that deliver operational reliability and effectiveness.TECHNOLOGICAL CHANGES Generally,product markets are exposed to rapid technological change,changes in use,changes to customer requirements and preferences,and services employing new technologies and the emergen

113、ce of new industry standards and practices.The Group operates in a market with such changes,which have the potential to render the Groups existing technology and products obsolete or uncompetitive.To remain competitive,the Group must ensure continued product improvement,and the development of new ma

114、rkets and capabilities to maintain a pace congruent with changing technology.This added strain may stretch the Companys capital resources,which may adversely impact the revenues and profitability of the Company.The Companys success is dependent on the ability to effectively respond and adapt to tech

115、nological changes and changes to customer preferences.There can be no assurance that the Company will be able to effectively anticipate future technological changes or changes in customer preferences.Furthermore,there is also no assurance that the Company will have sufficient financial resources to

116、effectively respond in a timely manner if such a change is anticipated.Principal Risks and Uncertainties101210CROSSWORD CYBERSECURITY PLC Annual Report and accounts 2021COMPETITION There is no guarantee against new entrants or current competitors providing superior technologies,products or services

117、to the market.There is no certainty that new entrants or current competitors will not provide equivalent products for a lower price.The Company may be forced to make changes to one or more of its products or to its pricing strategy to effectively respond to changes in customer preferences in order t

118、o remain competitive.This may impact negatively on the Companys financial performance.The Groups consulting division operates in an environment that includes large international accounting firms and consultancies and a number of smaller niche players.There are very low start-up costs for any new ent

119、rant into the market and the Group cannot prevent any person or organisation from seeking to compete with it.There is a risk that an existing competitor or a new entrant may,over time,be able to win work from the Groups existing and future customers.In addition,larger competitors may,in the future,a

120、dopt more aggressive expansion strategies,which could include hiring additional experienced consultants and changing their business model and service offering to one that is directly comparable to that of the Group.This could,in theory,result in a material loss of customers from the Group to larger

121、competitors and therefore have a material adverse impact on the financial performance of the Group.REPUTATIONAL RISKS As a cyber security company,Crossword is very conscious of its external reputation.If the Group is compromised as a result of a cyber incident,it would impact its clients confidence.

122、Crossword has an experienced cyber security expert acting as its Chief Information Security Officer(CISO)and a strong technical team who actively seek to mitigate threats.Nonetheless,should an event take place which adversely affects the reputation of the Group,its future prospects and value could s

123、uffer.34GOVERNANCE REPORTFINANCIAL STATEMENTSSTRATEGIC REPORT11RISKS RELATING TO THE GROUP AND THE INDUSTRY IN WHICH IT OPERATESPrincipal Risks and Uncertainties CONTINUEDKEY SYSTEM FAILURE,DISRUPTION OR INTERRUPTION The Companys reliance on technology exposes the Company to a significant risk in th

124、e event that such technology,or the Companys systems,experience damage,interruption or failure in some form.A malfunctioning of the Companys technology and systems,or those of key parties,could result in a diminished confidence in the Companys services,resulting in a consequential material adverse e

125、ffect on the Companys operations and results.DEPENDENCE ON THIRD PARTIES AND BUSINESS CONTINUITY Key components of Crosswords technology platform may be dependent on the continuing availability of a particular supplier.The software development environment or data processing platforms may become unav

126、ailable for an extended period of time thereby disrupting customers experience of Crosswords products and services.Crosswords business is at risk from disruption of key systems and assets on which it depends.The functioning of the IT systems on which it relies could be disrupted for reasons either w

127、ithin or beyond its control,including but not limited to:accidental damage;disruption to the supply of utilities or services;security breaches;extreme weather events;systems failure;or workforce actions.There is a risk that such disruption may materially and adversely affect Crosswords ability to of

128、fer services to customers and therefore materially and adversely affect its reputation,performance or financial condition.12CROSSWORD CYBERSECURITY PLC Annual Report and accounts 20215612GENERAL BUSINESS RISKSABILITY TO RECRUIT AND RETAIN SKILLED PERSONNEL The Company believes that it has the approp

129、riate incentive structures and culture to attract and retain the calibre of employees and contractors necessary to ensure the efficient management and development of the Company.However,any difficulties encountered in hiring,and retaining,appropriate employees and/or contractors and the failure to d

130、o so,or a change in market conditions that renders current incentive structures unattractive,may have a detrimental effect upon the trading performance of the Company.With recognised shortage of skilled technical people post COVID-19,the ability to attract new employees and contractors with the appr

131、opriate expertise and skills cannot be guaranteed.FINANCIAL CONTROLS AND INTERNAL REPORTING PROCEDURESThe Companys future growth and prospects will depend on its ability to manage growth and to continue to maintain,expand and improve operational,financial and management information systems on a time

132、ly basis,whilst at the same time maintaining effective cost controls.Any damage to,failure of or inability to maintain,expand and upgrade effective operational,financial and management information systems and internal controls in line with the Companys growth could have a material adverse effect on

133、the Companys business,financial condition and results of operations.TAXATION RISK The Company is subject to taxation and the application of such taxes may change over time due to changes in laws,regulations or interpretations by the relevant tax authorities.The recent proposed changes to the researc

134、h and development tax incentives may have an adverse effect on the Companys results of operations.The continuing status of the Ordinary Shares as a qualifying holding for VCT and/or EIS purposes will be conditional(amongst other things)on the qualifying conditions being satisfied throughout the peri

135、od of ownership.There can be no assurance that the Company will continue to conduct its activities in a way that will secure or retain qualifying status for VCT and/or EIS purposes.789GOVERNANCE REPORTFINANCIAL STATEMENTSSTRATEGIC REPORT13COUNTERPARTY CREDIT RISKThere is a risk that parties with who

136、m the Company trades or has other business relationships(including partners,customers,suppliers,subcontractors and other parties)may become insolvent.This may be as a result of general economic conditions or factors specific to that company,or exceptional circumstances such as COVID-19.In the event

137、that a party with whom the Company trades becomes insolvent,this could have an adverse impact on the revenues and profitability of the Company.LEGAL RISK Legal risks include the inability to enforce security arrangements,an absence of adequate protection for intellectual property rights,an inability

138、 to enforce foreign judgments relating to contracts entered into by the Company that are governed by law outside England and Wales,absence of a choice of law,and an inability to refer disputes to arbitration or to have a limited choice with regard to arbitration rules,venue and language.Mitigation m

139、easures for these risks may also be limited.INSURANCE RISK There can be no certainty that the Groups insurance cover is adequate to protect against every eventuality.The occurrence of an event for which the Group did not have adequate insurance cover could have a materially adverse effect on the Gro

140、ups business,revenue,financial condition,profitability,results,prospects and/or future operations.14GENERAL BUSINESS RISKSPrincipal Risks and Uncertainties CONTINUEDCROSSWORD CYBERSECURITY PLC Annual Report and accounts 2021101112ECONOMIC CONDITIONSThe Group could be affected by unforeseen events ou

141、tside its control including economic and political events and trends,inflation and deflation or currency exchange fluctuations.There is likely to be global economic impact as a result of the Ukraine crisis.The impact is likely to include interrupted power supply,disruption to financial markets and h

142、igher inflation.Any economic downturn either globally or locally in any area in which the Group operates may have an adverse effect on the demand for the Groups products and services.A more prolonged economic downturn may lead to an overall decline in the volume of the Groups activities and sales,re

143、stricting the Groups ability to realise a profit.The markets in which the Group offers its services are directly affected by many national and international factors that are beyond the Groups control.CURRENCY EXCHANGE RISKThe Groups functional currency is Sterling.One subsidiary,Crossword Cybersecur

144、ity Sp.Z.o.o is based in Poland,and another subsidiary,Crossword Cybersecurity LLC,is based in Oman.Crossword Cybersecurity Sp.Z.o.o,where the functional currency is zloty,accounts for approximately 11 per cent of the total costs of the business.Crossword Cybersecurity LLCs functional currency is Om

145、ani rials,which is pegged to the US Dollar.Exposure to this and other exchange rates may effect the Companys results.The Company may consider implementing policies to limit its currency exposure and will consider currency hedging instruments when they prove to be available and cost-effective.GOING C

146、ONCERN RISK The 6.6m placings in February and July 2021,put the Company in a strong financial position at that time.The acquisition of Threat Status Limited in March 2022,reduced cash resources by 714k.In December 2022,the 1.4m convertible loan notes mature.There is an expectation by the Directors,b

147、ased on current growth plans,that the Company will replace the convertible loan notes with further debt.There is a risk that the Group will not be able to raise cash when it is required.This could be as a result of poor performance within the Group or turmoil within the markets following COVID-19,or

148、 other economic issues such as the Ukraine crisis.GOVERNANCE REPORTFINANCIAL STATEMENTSSTRATEGIC REPORT15131415A single heatmap view of your suppliers based on the results of the assessments completedAssessments instantly generate a report with a visual scorecard of risk as soon as the assessment is

149、 completed and submitted by the supplierTrack progress,send reminders and communicate with your suppliers all in one placeRun non-intrusive digital risk audits on demand to generate a technical cyber risk rating and to identify indicators of weakness in the cyber posture of your suppliersA document

150、repository for suppliers to upload evidence,such as policies and certifications which can be tracked for expiry datesFlag answers to suppliers and provide notes,such as requests for clarification or additional evidence uploadRizikon AssuranceSuppliers receive a link to an intuitive online interface

151、with smart questionnaires meaning a supplier only sees the questions that are appropriate to them-no more supplier confusionCreate and send cyber security questionnaires at scale from a single online portalControl of all assessments and responses in a single place with tracking of any changes and an

152、 audit trail of updatesAUTOMATION AND EFFICIENCY IN YOUR CYBER SECURITY ASSESSMENT PROCESS:RIZIKON HELPS YOU STAY ON TOP OF YOUR CYBER SECURITY AND SUPPLY CHAIN RISKRizikon is an online platform that improves third-party assurance and risk management,by providing efficiency,automation and better vis

153、ibility.You count on third party companies to fulfil essential services for your business.You also count on them to protect the security of the data and the availability of the services with which they are entrusted.Your customers,partners,regulators and board count on you to keep track of all your

154、suppliers and continuously monitor for security risks.Many organisations use manual processes for their cyber security based supplier assessments,sending spreadsheet,Word or PDF questionnaires by email,but this quickly becomes a cumbersome manual process.Rizikon Assurance makes it easy to manage,ass

155、ess and act on your cyber based supply chain risks.16CROSSWORD CYBERSECURITY PLC Annual Report and accounts 2021Customer testimonialsWe continue in our mission to reduce the cyber risks for our clients by providing a portfolio of innovative products and services.”TOM ILUBE CEO 14 March 2022Rizikon h

156、as helped us make our supplier onboarding processes more efficient,improving the consistency of communications with suppliers,which has given us insight into new ways of reviewing risks.NNL can manage any query related to the completion of assessments securely through this platform,which makes the p

157、rocess quicker and more efficient,especially with features such as credit checks,and integration with Dark Beam for cyber security audits.”VICTORIA McCONVILLE Senior Business Analyst Procurement,at National Nuclear LaboratoryAll of our supplier onboarding communication and management now takes place

158、 in Rizikon.As a result,we have halved the time we spend on supplier management and made the process easier for our suppliers.All the information and discussions about questionnaires is kept in one place and we can clearly see when forms were completed and by whom,removing any nonrepudiation risk.”V

159、ICTOR MIHAILESCU Head of Security at Spotlight Sports Group The solution developed by Rizikon Assurance will become one of our key tools in identifying,quantifying and managing the risk and compliance with our suppliers and service providers.The customisable nature of this system has enabled us to f

160、ocus the attention on the areas which are of the greatest significance to our business.”RICHARD JOHNSON Leader for Procurement&Supply Chain at Barron McCannGOVERNANCE REPORTFINANCIAL STATEMENTSSTRATEGIC REPORTThe BoardSir Richard Dearlove KCMG OBENon-Executive ChairmanAppointment Date:1 September 20

161、16Skills and Experience:Sir Richard brings to the Board extensive experience across government,education and global business.Sir Richard joined MI6 in 1966,undertaking various overseas and head office roles before being promoted to Chief of the Secret Intelligence Service in 1999.He retired from the

162、 Service in 2004.External Appointments:Sir Richard is presently Chair of Trustees of University of London,Chairman of Ascot Underwriting Limited at Lloyds of London and a Director of Kosmos Energy,the New York Stock Exchange listed oil and gas exploration company.Sir Richard is a Director of The Cam

163、bridge Security Initiative 2017 and the Cambridge Arts Theatre Trust Limited.He also holds several advisoryroles.Committee Memberships:NoneThomas Ilube CBEChief Executive OfficerAppointment Date:6 March 2014Skills and Experience:Tom is founder and CEO of Crossword.Tom served as Chief Information Off

164、icer of Egg Banking PLC,which at the time was a pioneering main market listed UK internet bank.Tom chaired the UK Government Technology Strategy Boards Network Security Innovation panel.He was a member of the High Level Expert Group on cyber security at the International Telecommunication Union(ITU)

165、,a Geneva-based UN agency.He was awarded a Doctor of Science(Honoris Causa)by City,University of London,an Honorary Doctor of Technology by the University of Wolverhampton and was appointed a CBE in the 2018 Birthday Honours for services to Technology and Philanthropy.External Appointments:Non-Execu

166、tive Director of WPP PLC and Chair of the RFU.Director of Iternal Limited,Advisory Fellow of St Annes College,Oxford and member of African Gifted Foundation.Committee Memberships:NoneMary DowdChief Financial OfficerAppointment Date:14 June 2018Skills and Experience:Mary was most recently Chief Opera

167、ting Officer for Europe,the Middle East and Africa,and previously Chief Financial Officer at Cordium Consulting Group Limited,a leading provider of governance,risk and compliance services,with operations in London,Hong Kong,Malta,New York,Boston and San Francisco.Mary brings over 20 years experience

168、 of working alongside business leaders.She has demonstrated a track record of managing finance teams to ensure timely delivery of relevant financial information to all stakeholders,providing clear leadership,continuous process improvement,and excellent communication.She also brings to Crossword exte

169、nsive experience of working in acquisitive businesses and providing transactional support.Mary graduated from University College Galway,Ireland and has a postgraduate Diploma in Business Studies from the same university.She is a Fellow of the Chartered Institute of Management Accountants.External Ap

170、pointments:The Groundwork South Trust Limited.Committee Memberships:NoneDr Robert Coles Independent Non-Executive DirectorAppointment Date:25 May 2021Skills and Experience:Robert is a highly experienced IT Risk and Cyber Security leader.He is the former Chief Information Security Officer of GlaxoSmi

171、thKline(GSK)and of the NHS,with over 30 years commercial experience.Prior to his time at the NHS,Robert worked for GSK from 2013 and was the companys Chief Information Security Officer(CISO).Before GSK,Robert served as CISO for the National Grid and Merrill Lynch.Robert has extensive links with majo

172、r industry information security networking groups and government security agencies.Robert is Chair of the Groups subsidiary,Crossword Consulting Limited.External Appointments:Honorary Professor at UCL,Governor of University of Brighton.Committee Memberships:Nomination(Member)The Directors in office

173、during the year and at the date of this report are as shown below:18CROSSWORD CYBERSECURITY PLC Annual Report and accounts 2021Dr David SecherIndependent Non-Executive DirectorAppointment Date:16 June 2014Skills and Experience:David is an international expert in intellectual property,technology tran

174、sfer and research management.His experience includes Japan,Jordan,South Africa,Brazil,Chile,Australia,Argentina,India,Saudi Arabia and Lebanon as well as Europe and the USA.David is a Life Fellow and until 2018 was Senior Bursar at Gonville&Caius College,Cambridge where he was responsible for the in

175、vestment of a 210m endowment.David was co-founder and chairman of Praxis(now PraxisAuril),the leading UK technology transfer training programme,of which he is now Patron.He served as Director of Research Services,University of Cambridge,where he was responsible for creating and directing a new divis

176、ion of 80 staff,for designing and implementing an intellectual policy for the university and for technology transfer throughout the university resulting in 2m licensing revenue,40 new licences and six spin outs per year.David was Chief Executive of N8 Limited,a consortium of eight research-intensive

177、 universities in the North of England,securing initial funding of 6m from Regional Development Agencies.His earlier career was in molecular biology research with MRC Laboratory of Molecular Biology,Celltech Limited and Cancer Research Campaign(now Cancer Research UK).David held or was named on three

178、 patents and is the holder of a Lifetime Queens Award for Enterprise Promotion for creating environments that favour enterprise,specialising in the practical aspects of commercialising the results of academic research.External Appointments:David is a Director of Cambridge KT Limited,Trustee of Cambr

179、idge United Charities,Chairman of Fitzwilliam Museum(Enterprises)Limited and Hon.Treasurer of the Csar and Celia Milstein Foundation.David is Interim Bursar of Trinity College,Cambridge.Committee Memberships:Audit(Chair),and Remuneration(Member).Ruth Anderson Independent Non-Executive DirectorAppoin

180、tment Date:1 February 2018Skills and Experience:Ruth has over 15 years experience in the fields of security,intelligence,cyber crime and risk management.She brings to the Board extensive experience across defence and law enforcement sectors and within financial services,developing and implementing c

181、yber risk governance frameworks.Ruth is currently Chief Operating Officer for Technology,Security and Data divisions at Lloyds Banking Group.She was previously a Director of Cyber in the Financial Services Department of KPMG.She served as the Head of Specialist Operational Support and also as the He

182、ad of Intelligence at the Child Exploitation and Online Protection Centre,where she delivered the first-ever strategic threat assessment on child abuse in the online environment.Prior to this,Ruth served in intelligence and security in the British Army.External Appointments:None.Committee Membership

183、s:Audit(member),Remuneration(Member)and Nomination(Member).Tara Cemlyn-Jones Independent Non-Executive DirectorAppointment Date:25 May 2021Skills and Experience:Tara has 28 years experience in financial services with specialist knowledge of capital markets,M&A,strategy and digital transformation acr

184、oss many sectors,including financial services(asset&wealth management,retail banking and fintech),energy&infrastructure and healthcare.Tara was head of M&A at L and has held senior positions at Schroders,Citigroup and Espirito Santo Investment Bank.External Appointments:25x25 Ltd19GOVERNANCE REPORTF

185、INANCIAL STATEMENTSSTRATEGIC REPORTThe BoardCONTINUEDTHE EXECUTIVE BOARDAndy Gueritz Independent Non-Executive Director Appointment Date:21 September 2015Skills and Experience:Andy is an experienced Senior Advisor with a successful track record in helping clients improve and transform their business

186、 by managing technology better and creating new technology-based ventures.In recent years,Andy has advised clients in a broad range of industries on topics such as business/technology strategy and investment planning;customer data analytics;transformation for innovation and agility;performance impro

187、vement and cost optimisation,and other ways using technology to get and deliver better value.As a Vice President at marchFIRST(formerly Mitchell Madison Group),Andy led the European B2B eCommerce Strategy and IT Strategy Practices.Before becoming a consultant,he attained Board-level responsibility i

188、n a successful career in software development and systems implementation.At K2 Systems PLC(subsidiary of 4Front Technology Inc.),he was Customer Service and Development Director,responsible for all client service and delivery operations,amongst other roles.Notable systems implemented in his time at

189、K2/4Front include,bespoke procurement,telesales and billing systems;a call centre based on workflow and CTI technologies;and a client-server insurance claims handling system,incorporating document image processing.Prior to 4Front,Andy was a Development Executive at McDonnell Douglas Information Syst

190、ems and also worked for Marconi Defence Systems on a number of electronic warfare and guided weapons projects.Andy is a Chartered Fellow of the BCS(FBCS),Chartered IT Practitioner(CITP),Chartered Engineer(C.Eng),Fellow of the IET(FIET),and a European Engineer registered at FEANI.He holds a First Cla

191、ss Honours degree in Electrical and Electronic Engineering with Computer Science from Queen Mary University of London.External Appointments:None.Committee Memberships:Audit(member),Remuneration(Chair)and Nomination(Chair).Thomas Ilube CBE Chief Executive Officer Appointment Date:6 March 2014Skills a

192、nd Experience:Tom is founder and CEO of Crossword.Tom chaired the UK Government Technology Strategy Boards Network Security Innovation panel.He was a member of the High Level Expert Group on cyber security at the International Telecommunication Union(ITU),a Geneva-based UN agency.Tom was appointed a

193、 CBE in the 2018 Birthday Honours for services to Technology and Philanthropy.External Appointments:Non-Executive Director of WPP PLC,chair of RFU,Director of Iternal Limited,Advisory Fellow of St Annes College,Oxford and member of African Gifted Foundation.Mary Dowd Chief Financial Officer Appointm

194、ent Date:14 June 2018Skills and Experience:Mary brings over 20 years experience of working alongside business leaders.She has demonstrated a track record of managing finance teams to ensure timely delivery of relevant financial information to all stakeholders,providing clear leadership,continuous pr

195、ocess improvement,and excellent communication.She also brings to Crossword extensive experience of working in acquisitive businesses and providing transactional support.Mary graduated from University College Galway,Ireland and has a postgraduate Diploma in Business Studies from the same university.S

196、he is an associate member of the Chartered Institute of Management Accountants.External Appointments:The Groundwork South Trust Limited.20CROSSWORD CYBERSECURITY PLC Annual Report and accounts 2021Stuart Jubb Group Managing Director Stuart joined Crossword from KPMG where he was Associate Director,D

197、efence&Security.Prior to that,he was Chief Operating Officer of a global consulting team of over 200 in KPMG Advisory.Stuart spent nine years as an officer in HM Forces,after Sandhurst,serving in Afghanistan,NATO and elsewhere.Jake Holloway Chief Product Officer Jake has over 30 years of experience

198、in technology across a wide range of industries and roles including as CTO and Head of Product for two well-known software houses,and as CEO/Founder of an innovative Online Systems House.In his two most recent roles before joining Crossword,he was advising Worldpay on their separation from RBS,and f

199、ounded Xendpay,a Fintech startup,where he was COO.Jake authored books on project management in 2015 and 2016.Sean ArrowsmithGroup Sales Director Sean has over 20 years sales experience in cyber/information security and technology.He was previously Group Sales Director at IRM Limited,the World Class

200、Centre in Cyber Security of Altran Technologies SA,the global innovation and engineering consulting firm.Here,Sean was accountable for revenue target achievement across all of IRMs business streams including consulting,software and training.Prior to that,Sean was responsible for leading consulting s

201、ales at Siemens Insight Consulting.Sean ArrowsmithGroup Sales Director Sean has over 20 years sales experience in cyber/information security and technology.He was previously Group Sales Director at IRM Limited,the World Class Centre in Cyber Security of Altran Technologies SA,the global innovation a

202、nd engineering consulting firm.Here,Sean was accountable for revenue target achievement across all of IRMs business streams including consulting,software and training.Prior to that,Sean was responsible for leading consulting sales at Siemens Insight Consulting.21GOVERNANCE REPORTFINANCIAL STATEMENTS

203、STRATEGIC REPORTThe BoardCONTINUEDTHE ADVISORY BOARDAlison Dyer Chair of the Advisory BoardAlison Dyer joined URENCO,a global supplier of enrichment services and fuel cycle products,in 2018 and is responsible for all aspects of their information and cyber security,covering both information and opera

204、tional technology.Prior to this,Alison was Director of GlaxoSmithKlines(GSK)global cyber security programme,where she led multiple strategic delivery workstreams including security technology,governance,culture,third party management and operational technology security.Alison holds a BEng in Mechani

205、cal Engineering from Imperial College,London and an MSc in Information Security from Royal Holloway University.Professor David Stupples Advisory Board MemberDavid is currently Director of the Centre for Cyber and Security Sciences at City University London.In his early career,he was employed as an e

206、ngineer in signals intelligence in the Royal Air Force followed by a period of intensive research into surveillance systems at the Royal Signal and Radar Establishment,Malvern.He spent three years developing highly secure communications for surveillance satellites for Hughes Aircraft Corporation in

207、the United States of America.Later,he became a senior partner with PA Consulting Group where he undertook surveillance and intelligence systems research for Ministry of Defence(Navy)and was responsible for consultancy in secure communications and surveillance systems for world-wide clients.Since 200

208、3,David has been researching internet security at City University focused on cyber terrorism and organized cyber crime for both the UK government and commercial companies.However,he still maintains an active interest in radar surveillance research.Professor Stupples is a member of the Defence Scient

209、ific Advisory Council(DSAC),the Defence Procurement Agencys Independent Advisory Board on Systems Integration,and he consults worldwide in cyber intelligence.General Nick Houghton,Baron Houghton of Richmond,GCB CBE DL Advisory Board MemberGeneral the Lord Nick Houghton(Baron Houghton of Richmond)bri

210、ngs unparalleled experience across both government and business.In July 2013,General Houghton assumed the appointed position of Chief of the Defence Staff of the British Armed Forces,retiring in 2016.Previously General Houghton was Vice Chief of the Defence Staff from May 2009.Educated at Sandhurst

211、and Oxford,General Houghton commanded 1st Battalion The Green Howards and an Infantry Brigade in Northern Ireland.Following his retirement from the army,General Houghton became the 160th Constable of the Tower of London and a Trustee of Historic Royal Palaces.Naina Bhattacharya Advisory Board Member

212、Naina Bhattacharya is Global Chief Information Security Officer at Danone S.A.,the multinational food product corporation with over 100,000 staff in 120 countries.She is responsible for delivering the cyber security vision and roadmap for the company.Prior to Danone,she worked in consulting and had

213、the privilege of working on complex cyber security and data privacy projects across multiple companies in several industries.She is passionate about diversity and inclusion with a specific interest in increasing the representation of women in technology.Naina holds a BEng in Computer Science from BI

214、TS,Pilani,India and a post-graduation in management from the Indian School of Business in Hyderabad.22CROSSWORD CYBERSECURITY PLC Annual Report and accounts 2021Corporate Governance ReportCHAIRMANS INTRODUCTIONThe Directors acknowledge the importance of high standards of corporate governance and hav

215、e adopted the principles set out in the Quoted Companies Alliance Corporate Governance Code for Small and Mid-Size Quoted Companies(the QCA Code)2018,given the Groups size and the constitution of the Board.The QCA Code sets out a standard of minimum best practice for small and mid-size quoted compan

216、ies,particularly AIM companies.The Chairman and the Board accept the importance and responsibility of setting good corporate culture,values and behaviours.The Board also acknowledges its responsibility in delivering the long-term success of the Company for the benefit of shareholders and other stake

217、holders.This Corporate Governance Report describes how the Company has applied the principles and standards set out in the Code during the year and,to the extent it has not done so,any deviations from them.It is the Boards view that the Company has complied with all of the provisions of the Code dur

218、ing the year ended 31 December 2021.PRINCIPLE 1:ESTABLISH A STRATEGY AND BUSINESS MODEL WHICH PROMOTE LONG-TERM VALUE FOR SHAREHOLDERSThe Companys Strategic Report is on pages 02 to 17 of this report.Crosswords vision is to partner with organisations to keep them secure in the digital world.The Grou

219、p reduces cyber risks for their clients by providing a portfolio of innovative products and services,powered by university and other research-driven insights.Crossword Cybersecurity plc focuses on the development and commercialisation of cyber security and risk management-related software and cyber

220、security consulting and threat intelligence services.The Groups specialist cyber security product development and software engineering teams develop the concept into a fully-fledged commercial product that it will then take to market.The Groups aim is to build up a portfolio of revenue generating,in

221、tellectual property-based,cyber security products.Rizikon Assurance,Crosswords leading product,is a SaaS platform that enables medium to large companies to assess and manage all risks from their suppliers.Nixer CyberML is a new tool for businesses that want to solve advanced security and cybercrime

222、problems,such as detecting and dealing with compromised accounts,fraud,and in-application denial of service attacks.Identiproof,Crosswords third product,is the World Wide Web Consortium(W3C)verifiable credentials compatible middleware and wallet technology.Trillion and Arc are the latest additions t

223、o Crosswords product suite,offering some of the strongest and most advanced credential leak monitoring services in the market.Crosswords team of expert cyber security consultants leverages years of experience in national security,defence and commercial cyber intelligence and operations to provide be

224、spoke cyber security consulting advice tailored to its clients business needs,including threat monitoring using Nightingale,our world class platform.Where appropriate,Crossword will transfer the IP to separate companies in which it will retain a commercial interest.So far,Crossword has been instrume

225、ntal in the development of two such companies,ByzGen Limited and CyberOwl Limited.PRINCIPLE 2:SEEK TO UNDERSTAND AND MEET SHAREHOLDER NEEDS AND EXPECTATIONSCrossword is committed to engaging with its shareholders to ensure that its strategy,business model and performance is clearly understood.The Co

226、mpany communicates with shareholders and potential investors through a variety of channels,including webinars,regular financial reporting,direct contact with its major shareholders and release of regulatory announcements,which are available on its website.Regulatory announcements include details of

227、the Companys website and the relevant contact at the Company,as well as its professional advisors.The Annual General Meeting(AGM)provides another opportunity for dialogue between shareholders and the Board.The Chair of the Board and of the Committees,together with other Directors,routinely attend th

228、e AGM and are available to answer questions 23GOVERNANCE REPORTFINANCIAL STATEMENTSSTRATEGIC REPORTraised by the shareholders.At the meeting,each vote,the number of proxy votes received for,against and withheld is announced.The results of the AGM are subsequently published on the Companys website an

229、d released via a regulatory information service provider.A range of corporate information,including all Company announcements,is also available to shareholders,investors and the public on the Companys corporate website,.PRINCIPLE 3:TAKE INTO ACCOUNT WIDER STAKEHOLDER AND SOCIAL RESPONSIBILITIES AND

230、THEIR IMPLICATIONS FOR LONG-TERM SUCCESSApart from our shareholders,our most important stakeholder groups are our employees,our clients and partners and the universities we work with.The Board is regularly updated on stakeholder feedback and their potential impact on our business to enable them to u

231、nderstand and consider the feedback in decision-making.The Board understands that maintaining the support of all its stakeholders is paramount for the long-term success of the Company.EmployeesCrossword aims to provide an environment which will attract,retain and motivate its team.The Company has a

232、growing number of permanent staff employed across the UK and Poland and therefore employee engagement with the senior management,who pride themselves on their availability and flexibility,is frequent through daily discussions and meetings.Staff are encouraged to give regular feedback in relation to

233、their needs,interests and expectations on away days,general discussions or one-to-one meetings with their line managers.These can then be addressed at the fortnightly management meeting to all senior members of the team where further actions will be discussed.Furthermore,the team engages in a weekly

234、 call where staff are able to communicate with all levels of the team across both countries.Crossword reviews its processes and policies,which are guided by our values of Responsibility,Openness,Learning and Flexibility,to make continuous improvements for its staff.The Company has developed its indu

235、ction programme for new staff,engages with employees to maintain its culture and values and expected behaviours,performs exit interviews in the event people decide to leave the business,and follow-up interviews with new employees.Crossword is supportive of career development of its employees and pro

236、vides training programmes and Masters degree opportunities where appropriate.Crosswords clients and partnersCrossword develops mutually beneficial commercial relationships with companies to support sourcing and commercialising cyber security intellectual property originating from university and othe

237、r research projects and evaluating and exploiting routes to distributing and reselling its products.Crossword recognises that the establishment of a close working relationship with its partners is essential for its long-term success.Crossword maintains its relationship with its partners through regu

238、lar meetings,mutual understanding and aligned objectives.Feedback from partners is communicated to the relevant teams and the Board as appropriate.Crosswords interacts closely with its clients to understand the cyber issues organisations are facing,in order to support clients and help them to reduce

239、 cyber risks.Crossword provides a portfolio of innovative products and services,aimed at addressing risks clients have identified.UniversitiesCrossword has excellent connections with universities in the UK and elsewhere through members of the Board and Management,who include some of the most highly

240、regarded experts in IP commercialisation and the cyber security sector.Crossword maintains regular interaction with the universities with which it engages.This is predominantly achieved by digital means(e.g.frequent email exchanges and video calls),in which both parties can feedback to one another t

241、o ensure their needs are being met.The team also has face-to-face meetings with academics and works alongside universities at various events,such as talks and conferences.This continuous engagement with universities is paramount to the long-term success of the Company.Social responsibilityCrossword

242、partners with charities both in UK and Poland,where our offices are based.Crossword employees propose and vote on which charity they would like to support.Previously work has been undertaken to help a charity in their efforts to support the homeless and lead them to independence.In Poland,Crossword

243、is supporting one of the largest,most recognisable and effective social schemes in Poland which implements and develops a system of smart,personalised aid that is unique in the world.Corporate Governance ReportCONTINUED24CROSSWORD CYBERSECURITY PLC Annual Report and accounts 2021PRINCIPLE 4:EMBED EF

244、FECTIVE RISK MANAGEMENT,CONSIDERING BOTH OPPORTUNITIES AND THREATS,THROUGHOUT THE ORGANISATIONAudit,risk and internal controlFinancial controls The Group has an established framework of internal financial controls,the effectiveness of which is regularly reviewed by the Executive Management,the Audit

245、 Committee and the Board,in light of an ongoing assessment of significant risks facing the Group.The Board is ultimately responsible for the effectiveness of the Groups system of internal controls.Its key strategy has been to establish financial reporting procedures that provide the Board of Directo

246、rs with a reasonable basis upon which to make judgements as to the financial position and prospects of the Group.Executive Directors and Non-Executive Directors have been appointed by the Board to assist with the implementation of this strategy and report progress to the Board.The Audit Committee ha

247、s the primary responsibility for monitoring the quality of internal controls to ensure that the financial performance of the Group is properly measured and reported on.It receives and reviews reports from the Groups management and external auditors relating to the interim and annual accounts and the

248、 accounting and internal control systems in use throughout the Group.The Audit Committee meets not less than three times in each financial year and has unrestricted access to the Groups external auditors.Regular budgeting and forecasting is conducted to monitor the Groups ongoing cash requirements a

249、nd cash flow forecasts are circulated to the Board.The Group has a Risk Register which identifies the potential possibility and impact of risks associated with the Group and allocates an owner to mitigate each risk.The Risk Register is updated by the Chief Financial Officer and reviewed by the Execu

250、tive,the Audit Committee and the Board.Non-financial controlsThe Board has ultimate responsibility for the Groups system of internal control and for reviewing its effectiveness.However,any such system of internal control can provide only reasonable,but not absolute,assurance against material misstat

251、ement or loss.The Board considers that the internal controls in place are appropriate for the size,complexity and risk profile of the Group.The principal elements of the Groups internal control system include:Close management of the day-to-day activities of the Group by the Executive Directors;An or

252、ganisational structure with defined levels of responsibility,which promotes entrepreneurial decision-making and rapid implementation whilst minimising risks;Central control over key areas such as capital expenditure authorisation and banking facilities;A comprehensive annual budgeting process produc

253、ing a detailed integrated profit and loss,balance sheet and cash flow,which is approved by the Board;and Detailed monthly reporting of performance against budget.The Group continues to review its system of internal control to ensure compliance with best practice,whilst also having regard to its size

254、 and the resources available.Standards and policiesThe Board is committed to maintaining appropriate standards for all the Groups business activities and ensuring that these standards are set out in written policies.Key examples of such standards and policies include:Anti-bribery and Corruption Poli

255、cy Information Security Policy Data Protection Policy Share Dealing Code.All policies are documented and senior managers and Directors are responsible for monitoring the compliance of these policies.Approval processAll contracts are required to be reviewed and signed by a Director of the Company.25G

256、OVERNANCE REPORTFINANCIAL STATEMENTSSTRATEGIC REPORTCorporate Governance ReportCONTINUEDPRINCIPLE 5:MAINTAINING THE BOARD AS A WELL-FUNCTIONING,BALANCED TEAM,LED BY THE CHAIRComposition,qualification and independence of the boardThe Board comprises six Non-Executive and two Executive Directors.The n

257、ames and responsibilities of the current Directors,together with their biographical details,are set out on pages 18 to 20.37.5%62.5%Female MaleThe Board considers each of the Non-Executive Directors to be independent in character and judgement.Two of the Non-Executive Directors do not meet the stric

258、t criteria for independence set out in the QCA Code,due to their participation in the Companys share option arrangements,as part of their remuneration arrangements.The Board considers that the ownership of shares and participation in the Companys share options to certain of the Non-Executive Directo

259、rs encourages the alignment of their interests with those of the Companys shareholders and are not material enough to compromise their independence,character and judgement.Therefore,the Company considers all Non-Executive Directors to be independent for the purposes of the QCA Code.The Non-Executive

260、 Directors provide independent,robust and constructive challenge to the Executive Management and monitor the performance of the management team in delivering the agreed objectives.All Directors have disclosed their other significant commitments and confirmed that they have sufficient time to dischar

261、ge their duties effectively.Appointment and tenureThe Board makes decisions regarding the appointment and removal of Directors and there is a formal,rigorous and transparent procedure for appointments,some of which has been delegated to the Nomination Committee.Appointments are made on merit,taking

262、account of the balance of skills,experience and knowledge required.The Companys Articles of Association require that all Directors retire by rotation at regular intervals and that any new Directors appointed during the year must stand for election at the AGM immediately following their appointment.P

263、RINCIPLE 6:ENSURE THAT,BETWEEN THEM,THE DIRECTORS HAVE THE NECESSARY UP-TO-DATE EXPERIENCE,SKILLS AND CAPABILITIESThe names and responsibilities of the current Directors,together with their biographical details,are set out on pages 18 to 20.The Board believes that its composition brings a desirable

264、range of skills and experience in light of the Groups challenges and opportunities following Admission,while at the same time ensuring that no individuals or a small group of individuals can dominate the Boards decision-making.The current Board,although considered to have a sufficient level of skill

265、s in all areas of the business,is always looking to improve and further its knowledge of the industry.All Directors receive regular and timely information on the Groups operational and financial performance and on technical issues.InductionUpon appointment,all Directors are provided with training in

266、 respect of their legal,regulatory and governance responsibilities and obligations,in accordance with the UK regulatory regime.The induction includes face-to-face meetings with Executive Management and site visits to orientate and familiarise the new Directors with the Companys industry,organisation

267、,business,strategy,commercial objectives and key risks.The Board is kept up to date on legal,regulatory and governance matters at Board meetings.Additional training is available on request,where appropriate,so that Directors can update their skills and knowledge as applicable.Independent adviceAll D

268、irectors are able to take independent professional advice in the furtherance of their duties,if necessary,at the Companys expense.In addition,the Directors have direct access to the advice and services of the Company Secretary and Chief Financial Officer.26CROSSWORD CYBERSECURITY PLC Annual Report a

269、nd accounts 2021PRINCIPLE 7:EVALUATE BOARD PERFORMANCE BASED ON CLEAR AND RELEVANT OBJECTIVES,SEEKING CONTINUOUS IMPROVEMENTBoard effectiveness reviewThe Board undertook a further evaluation of its performance for the during the financial year.Some of the main themes and focus areas resulting from t

270、he evaluation included:Focus on strategy and Company culture;Managing and communicating risk and implementing internal controls;Shareholder sentiment;Diversity;and Board Development and Succession Planning.The Board has continued throughout the year to measure progress against the recommendations re

271、sulting from the Board evaluation and will continue to assess its effectiveness in implementing new processes to achieve the recommendations.Furthermore,the Board conducted an evaluation in March 2022 to assess current performance and the progress made against the key focus areas.The Nomination Comm

272、ittee and Board were satisfied that previous recommendations and focus areas had been implemented and were being continually assessed.The Nominations Committee will regularly review the structure,size and composition(including the skills,knowledge,independence,experience and diversity)of the Board a

273、nd make recommendations concerning plans for succession for both Executive and Non-Executive Directors and in particular for the key roles of Chair and Chief Executive Officer.PRINCIPLE 8:PROMOTE A CORPORATE CULTURE THAT IS BASED ON ETHICAL VALUES AND BEHAVIOURSThe Board is committed to promoting a

274、strong ethical and values-driven culture throughout the Company and has a people-oriented ethos where hard work and commitment is recognised.The Company has articulated its values as Responsibility,Openness,Learning and Flexibility,and develops its values and expected behaviours on an ongoingbasis.C

275、rossword also recognises that employees will have interests outside work and consequently supports flexibility around these interests.PRINCIPLE 9:MAINTAIN GOVERNANCE STRUCTURES AND PROCESSES THAT ARE FIT FOR PURPOSE AND SUPPORT GOOD DECISION-MAKING BY THE BOARDThe role of the BoardThe Board is respo

276、nsible for the long-term success and strategic leadership of the Group.It is responsible for reviewing,formulating and approving the strategy of the Group and its subsidiaries,corporate actions and overseeing the Groups progress towards its goals.In addition,it also approves the annual and interim r

277、esults and monitors the exposure to key business risks.The Boards full responsibilities are set out in a schedule of matters reserved for the Board.The matters reserved for the attention of the Board include:The approval of interim and annual financial statements,dividends and significant changes in

278、 accounting practices;Review of bi-monthly financial statements;Board membership,reviewed by NOMAD,and powers including the appointment and removal of Board members,determining the terms of reference of the Board and establishing the overall control framework;AIM-related issues including the approva

279、l of communications to the London Stock Exchange and communications with shareholders will be dealt with by the Market Disclosure Committee and reviewed by the NOMAD,or delegated by the Board to the Executive Directors;Senior management,remuneration,contracts,and the grant of share options will be a

280、ddressed by the Remuneration Committee;Key commercial matters where the financial commitment is in excess of 50,000 per annum;Taking of loans or other credit;Financial matters including the approval of the budget and financial plans and performance against such plans and budgets;Approval of the appo

281、intment of the current period auditor,year-end audited statutory accounts and audit-related queries addressed by the Audit Committee;Risk management review;Changes to the Companys capital structure,its business strategy,acquisitions and disposals of businesses,and capital expenditures outside of bud

282、get approval;and Other matters including,but not limited to,health and safety policy,insurance and legal compliance.27GOVERNANCE REPORTFINANCIAL STATEMENTSSTRATEGIC REPORTCorporate Governance ReportCONTINUEDRole of the Chairman and Chief Executive OfficerThere is a clear division of responsibility a

283、t the head of the Company.The Chairman is responsible for running the business of the Board and for ensuring appropriate strategic focus and direction,whilst the Chief Executive Officer is responsible for proposing the strategic focus to the Board,implementing it once approved,and overseeing the man

284、agement of the Company through the Executive Management.The Chief Executive Officer is also responsible for communicating with shareholders,assisted by the Chief Financial Officer.This separation of responsibilities is clearly defined and agreed by the Board.Board and Committee meetingsThe Board mee

285、ts at least six times each year,in accordance with its scheduled meeting calendar(these may be supplemented by additional meetings as and when required)to review,formulate and approve the Groups strategy,budgets,corporate actions and oversee the Groups progress towards its goals.At each meeting,the

286、Board considers a number of matters,which include technical,operational,financial,risk and corporate governance reports,in addition to an update from its Committees,where applicable.Any Director can challenge proposals,and decisions are taken democratically after discussion.Any Director who feels th

287、at any concern remains unresolved after discussion may ask for that concern to be noted in the minutes of the meeting,which are then circulated to all Directors.Specific actions arising from such meetings are agreed by the Board or relevant committee and then followed up by Management.The Group has

288、established an Audit Committee,a Remuneration Committee,and a Nomination Committee,each with formally delegated duties and responsibilities outlined within terms of reference reviewed and approved by the Board on an annual basis.From time to time,separate committees may be set up by the Board to con

289、sider specific issues when the need arises.The Board and its Committees are supported by the Company Secretary,who ensures that the Board receives regular and timely information ahead of each meeting.A formal agenda is produced for each meeting and the Company Secretary distributes papers several da

290、ys before meetings take place to provide the Board with sufficient time to consider the matters to be discussed.Each Committee has access to such resources,information and advice as it deems necessary,at the cost of the Company,to enable it to discharge its duties.The table below sets out the attend

291、ance record of individual Directors at the scheduled and unscheduled Board meetings held during the year:NameBoard MeetingsAuditNominationRemunerationRichard Dearlove3/6Tom Ilube6/6Andy Gueritz6/62/22/21/1Ruth Anderson6/62/21/20/1David Secher6/62/21/1David Stupples*3/31/20/1Gordon Matthew*2/31/2Mary

292、 Dowd6/6Tara Cemlyn Jones*3/3 Robert Coles*3/31/1*Both David Stupples and Gordon Matthew resigned from the Board on the 25 May 2021.Tara Cemlyn-Jones and Robert Coles were appointed to the Board on the 25 May 2021.28CROSSWORD CYBERSECURITY PLC Annual Report and accounts 2021PRINCIPLE 10:COMMUNICATE

293、HOW THE COMPANY IS GOVERNED AND IS PERFORMING BY MAINTAINING A DIALOGUE WITH SHAREHOLDERS AND OTHER RELEVANT STAKEHOLDERSThe Board attaches considerable importance to the maintenance of constructive relationships with shareholders and its other stakeholders.As mentioned above,the Company communicate

294、s with shareholders through the Annual Report and accounts,full-year and half-year results announcements,the AGM and one-to-one meetings with large existing or potential new shareholders.The Company regularly releases regulatory and other announcements covering operational and corporate matters.A ra

295、nge of corporate information(including all Company announcements)is also available to shareholders,investors and the public on the Companys corporate website, including:Our Articles of Association and admission document;A detailed account of how we have applied the principles of the QCA Code;Latest

296、Crossword Cybersecurity news and press releases;and Annual and Interim Reports.The Board receives regular updates on the views of shareholders through briefings from the Chief Executive Officer,Chief Financial Officer and the Companys brokers.Sir Richard Dearlove KCMG OBE Chairman 13 April 202229GOV

297、ERNANCE REPORTFINANCIAL STATEMENTSSTRATEGIC REPORTCorporate Governance ReportCONTINUEDAUDIT COMMITTEE REPORTI am pleased to present the Committees report for the year ended 31 December 2021.The following pages provide an insight into how the Committee discharged its responsibilities during the year

298、and the key topics that it considered in doing so.The role of the Audit Committee is to monitor the integrity of the Groups Financial Statements,including its annual and half-yearly reports and any other formal statements relating to its financial performance.It monitors and reviews the effectivenes

299、s of the Groups system of internal financial control systems that identify,assess,manage and monitor financial risks,and other internal control and risk management systems.Committee membership and governanceThe Audit Committee is comprised of three independent Non-Executive Directors,currently David

300、 Secher,Ruth Anderson and Andrew Gueritz.David Secher,Chair of the Committee,is considered by the Board to have recent and relevant financial experience and the Committee as a whole has competence relevant to the sector in which the Company operates.At the request of the Chair of the Committee,the C

301、hief Executive Officer,Chief Financial Officer and other members of the senior management team may also be invited to attend meetings as guests.The Audit Committee aims to meet twice in each financial year and has unrestricted access to the Groups external Auditor.The Committee works to a planned pr

302、ogramme of activities focused on key events in the annual financial reporting cycle and standing items that it considers regularly under its Terms of Reference.Principal activities during the yearThe Committee held two meetings during the year under review and considered the following:The external A

303、uditors 2020 year-end audit report and opinion;The Companys Report for the financial year ended 31 December 2020 and the related results announcements and the Half-Yearly Report to 30 June 2021;Evaluation of the performance of the external Auditor including their independence,objectivity and the eff

304、ectiveness of the audit process;The re-appointment of MHA MacIntyre Hudson as the external Auditor for the Company;The Committees Terms of Reference;and The Companys Risk Register as well as the internal controls and risk management systems in place.The Committee is planning the following activities

305、 during 2022:Review the Companys procedures,systems and controls for the prevention of bribery or fraud;Review the adequacy and security of the Companys arrangements for its employees to raise concerns,in confidence,about possible wrongdoing in financial reporting or other matters.The Committee shal

306、l ensure that these arrangements allow proportionate and independent investigation of such matters and appropriate follow-up action;Review and approve the FY22 external Auditors plan,including the proposed materiality threshold,the scope of the audit,the significant audit risks and fees;Review the C

307、ommittees internal audit role,in the absence of an external provider of an internal audit service;and Risk review and challenge the Risk Register,and consider the risk appetite of the business.The Committee members attendance at meetings during the year is set out on page 28 above.External AuditorMH

308、A MacIntyre Hudson has been the external Auditor of the Group since 2014.The continued appointment of MHA MacIntyre Hudson is reviewed by the Committee each year,taking into account the relevant legislation,guidance and best practice appropriate for a Company of Crosswords size,nature and stage of d

309、evelopment.The Committee considers a number of areas when reviewing the external Auditor appointment,namely its performance in discharging the audit,the scope of the audit and terms of engagement,its independence and objectivity,and its reappointment and remuneration.The breakdown of fees between au

310、dit and non-audit services paid to MHA MacIntyre Hudson during the financial year is set out in Note 8 to the Groups Consolidated Financial Statements.The non-audit fees relate to tax advice.Following Implementation of the Revised Ethical Standard by MHA MacIntyre Hudson,non-audit services have ceas

311、ed.Internal auditThe Audit Committee presently considers it appropriate that the Group uses the audit committee to undertake the internal audit function.This is due to the effectiveness of the Groups internal financial control systems that identify,assess,manage and monitor financial risks,and other

312、 internal control and risk management systems,and the close involvement of the Executive Directors and senior management on a day-to-day operational basis.However,the need for an internal audit function will be kept under review by the Audit Committee on behalf of the Board.DAVID SECHER Chair,Audit

313、Committee 13 April 202230CROSSWORD CYBERSECURITY PLC Annual Report and accounts 2021NOMINATION COMMITTEE REPORTThe Nomination Committee is responsible for reviewing the composition of the Board taking into account the skills,experience and diversity of the Directors in light of the challenges and op

314、portunities facing the Company and makes recommendations for the appointment and reappointment of Board members.Committee membership and governanceThe Nomination Committee is chaired by Andrew Gueritz and its other members are Ruth Anderson and Robert Coles.Under the Committees Terms of Reference,th

315、e Committee is required to meet at least twice in each financial year and must comprise of at least three members,two of whom must be independent Non-Executive Directors.The Committee held two meetings during the year.The Committee members attendance at meetings during 2021 is set out on page 28.Boa

316、rd effectiveness reviewIn compliance with the QCA Code,the Board undertook an evaluation of its performance in January 2021.The evaluation was conducted by way of a questionnaire designed to assess the effectiveness of the Board,the Directors and the Chairman,as well as the Boards Committees and ide

317、ntify any areas for improvement.The results of the evaluation were presented to the Board for review in early April 2021 and revealed no significant concerns amongst Directors about the effectiveness of the Board.Actions arising from recommendations to further improve the effectiveness of the Board

318、are being implemented and include the review of succession plans for key members of management and Board members.DiversityThe Company has not adopted a formal policy on diversity and,therefore,has no measurable objectives to disclose.Appointments,including appointments to the Board and senior manage

319、ment positions,are made on merit,taking account of the balance of skills and experience required.Key areas of focus for 2022:Review the time committed to the development of individual Directors and the Board as a whole;Put in place succession plans for both Executive and Non-Executive Directors and,

320、in particular,for the key roles of Chair and Chief Executive Officer;and Conduct a further internal evaluation of the Board,its Committees and individual Directors,to assess improvements in the key focus areas,using questionnaires.ANDREW GUERITZ Chair,Nomination Committee 13 April 202231GOVERNANCE R

321、EPORTFINANCIAL STATEMENTSSTRATEGIC REPORTCorporate Governance ReportCONTINUEDREMUNERATION COMMITTEE REPORTThe Remuneration Committee is responsible for determining and agreeing with the Board the framework or broad policy for the remuneration of all Executive Directors,the Chair of the Board,includi

322、ng pension rights and any compensation payments,and such other members of the senior management as it is designated to consider.In addition,the Committee makes recommendations to the Board on proposals for the granting of share options and other equity incentives,pursuant to any employee share optio

323、n scheme or equity incentive plans in operation from time to time.Committee membership and governanceThe Remuneration Committee is a formal committee of the Board and has powers delegated to it under the Articles of Association.Its remit is set out in Terms of Reference formally adopted by the Board

324、,which are reviewed annually.The Remuneration Committee is currently comprised of Andrew Gueritz(as Chair),David Secher and Ruth Anderson.The Committee meets at least once in each financial year and held four meetings during the year.The Committee members attendance at meetings during the year is se

325、t out on page 28.Letters of appointment,service contracts and terminationThomas IIube(Chief Executive Officer)Tom Ilube is appointed as Chief Executive Officer under an Executive service contract dated 1 April 2014(as amended).The employment commenced on 1 April 2014 and will continue unless termina

326、ted by either party giving 12 months written notice.The Company may terminate the contract without notice(or with payment in lieu of notice)if,inter alia,Tom is guilty of gross misconduct,commits a serious breach of the employment contract,commits a criminal offence,is declared bankrupt or becomes o

327、f unsound mind.The Company may,after giving or receiving notice of termination,immediately end the employees employment and make payment in lieu of salary with no other benefit for the remaining period of notice.Mary Dowd(Chief Financial Officer)Mary Dowd is employed as Chief Financial Officer under

328、 an employee service contract dated 10 May 2018.The employment commenced on 16 May 2018 and will continue unless terminated by either party giving six months written notice.The Company may terminate the contract on shorter notice if the employee is absent from work for an extended period through sic

329、kness or injury and may terminate without notice(or with payment in lieu of notice)if,inter alia,Mary is guilty of gross misconduct,commits a serious breach of the employment contract,commits a criminal offence,is declared bankrupt or becomes of unsound mind.The Company may,after giving or receiving

330、 notice of termination,immediately end the employees employment and make payment in lieu of salary with no other benefit for the remaining period of notice.Following termination of employment,Mary is subject to certain restrictions for a period of six months,including a restriction on dealing with t

331、he Companys customers and suppliers and from working for a competing business.Non-Executive DirectorsAll Non-Executive Directors,including the Chairman,serve on the basis of letters of appointment which are terminable by three months written notice and are available for inspection at the Companys re

332、gistered office.Subject to continued satisfactory performance,the Board does not think it appropriate at this time to limit the term of appointment of the Non-Executive Directors.The Executive Directors service contracts are also available for inspection at the Companys registered office.32CROSSWORD

333、 CYBERSECURITY PLC Annual Report and accounts 2021The remuneration of the Directors who served in the current year was as follows:Basic Salary and Fees Bonus Taxable Benefits Employers Pension Contribution Total Executive DirectorsTom Ilube*128,311 3,942 1,318 133,572 Mary Dowd130,000 10,000 140,000 Non-Executive DirectorsSir Richard Dearlove25,000 25,000 50,000 Ruth Anderson12,000 12,000 Andy Gue