Q3 2017 Earnings Call Transcript

Published: 11 Nov 2017

Operator:

Good day, everyone, and welcome to the CynergisTek’s Third Quarter 2017 Earnings Conference Call. Today’s call is being recorded. And at this time, I would like to turn the conference over to Brian Flynn, Investor Relations. Please go ahead, sir.
Bryan Flynn:

Thank you, operator. I want to welcome everyone to CynergisTek’s third quarter 2017 earnings call. Joining us today from the company are
JD Abouchar:

Thanks, Brian, and thank you to everyone for taking the time to listen to our earnings call today. As you’re all aware, Joe Flynn, a founder of Auxilio and a former CEO, has decided to step down to take an opportunity that was offered to him with a private company. Joe did a tremendous job building Auxilio into a profitable and growing IT services company and was the instrumental in shifting our focus to the emerging opportunity in cybersecurity. Joe remains a good friend and a resource to the company. Fortunately, the leadership team has worked closely together for the better part of the year, integrating operations and investing in our future, and we expect a seamless transition. Mac has done a great job in his role as President and is extremely well qualified to lead this company, going forward. It’s a pleasure to now turn the call over to our President and newly appointed CEO, Mr. Mac McMillan. Mac, please go ahead.
Mac McMillan:

Thank you, JD, and I would like to also thank everyone for joining the call today. Joe did an excellent job, and it was a great pleasure to work with them over the last year. From the days leading up to and immediately following the acquisition of CynergisTek, we worked tirelessly to devise the strategic roadmap that will drive growth and enhance profitability in the years to come. CynergisTek has a solid plan in place. We are making great – a great deal of progress and continue to invest in our future. Over the last few quarters, we have focused on completing our integration efforts, which have caused some irregular quarter-to-quarter results. However, we believe that these efforts will lay the foundation for growth and support our next leg of expansion. While we are certainly excited about the progress that has been made, we continue to be mindful of the ongoing uncertainty in Washington regarding the Affordable Care Act and the impact that new legislation may have on healthcare customers budgets and decision making. On the flip side, recent events, such as directed malware attacks by WannaCry, NotPetya and Bad Rabbit, have put new energy in the law makers in Washington who are considering more rules around cybersecurity for biomedical devices and IoT equipment, which may actually spur greater need for cybersecurity services. We continue to watch these developments closely. As you may have seen, we have recently added some high-caliber talent to the management team and to our board. We added two very well-respected industry leaders in operational roles with strong track records of success. David Finn, our new EVP of Strategic Innovation, brings more than 30 years of healthcare IT and cybersecurity experience from his role as CIO of Texas Children’s Hospital and most recently, the Health Information Technology Officer at Symantec. David will lead our strategic development initiatives to ensure we continue to deliver a comprehensive portfolio of information management solutions to our rapidly growing client base. Angela Rivera, our new EVP of Operations, has close to 25 years in healthcare and most recently, was the Vice President of Health Solutions and Life Sciences, a computer task group, where she was the executive responsible for healthcare – for the healthcare business unit, leading strategy, business development and professional service delivery. Angela brings the ideal skill set to help drive the growth of both security and Managed Document Service lines. Her deep knowledge and experience working in IT professional services industry will be a substantial asset. Finally, we continue to strengthen and diversify our board by adding individuals with unique industry and financial expertise. Most recently, we were fortunate enough to add Judy Crandall to our board who brings with her a wealth of capital markets and microcap financial and operational experience. We continue to be focused on our cross-selling initiatives and have realized our first revenues from this effort during this quarter. We performed a paid assessment for Managed Document Services for one of CynergisTek’s long-time managed security service customer. Following completion of that assessment, we moved directly to the proposal stage at the request of the client. Our goal is to capitalize on this relationship and translate that into a long-term Managed Document Service contract. What excites me about our progress, with respect to this cross-selling experience, is both the frequency and volume of similar prospects entering the sales cycle, and we expect that this will translate into additional MDS engagements in the coming quarters. Additionally, in the area of professional services, we are now adding remediation and strategic sourcing services to our existing D.C. silver offerings. We are continuing to see demand from our customers for experienced and talent – talented resources to perform short and long-term security projects to drive the strategic direction and priorities around their cybersecurity programs. Consistent growth in our traditional cybersecurity services continues and we are working to accelerate the pipeline and expand these services to support growth here as well. We continue to add new managed security service clients while maintaining and renewing existing customers. Additional expansion is coming through growth of our patient privacy monitoring and vendor security management services and the development of a formal managed service around incident response, which is a high priority identified by our clients. I’ll speak to these more in later. As we continue to gain traction with all of our offerings, we are focused on executing our strategy to drive new growth for the company. As I mentioned earlier, the legislative uncertainty in Washington remains a headwind. The lack of clarity is causing buyers to be cautious in extending sales cycles, which is nothing new, but we continue to feel the effect. During the quarter, the experienced some MDS turnover, which we will likely see the effects of over the next few quarters. The two new contracts announced earlier this year will partially offset some of that loss, as they ramp up in early 2018, but the next few quarters will likely reflect that decline. Turnover is not unusual in Managed Document Services, and when sales cycles are normal, it is easier to manage that reality. When you have extended cycles like we do now, you are more vulnerable to temporary gaps, and that is what we’re facing. To adjust to these challenges, we began restructuring the way we deliver these services to customers with the goal of enhancing profitability through efficient delivery processes. We are packaging how we sell these – repackaging how we sell these services, adding security components and separating out some of the high-value services as options to give the client more flexibility and allow us to charge for those value-based add-ons, while still providing a more competitive-based solution that some of our customers want. The next component of improving MDS performance is the integration of automation through enabling technologies, which will further reduce our labor cost. Additionally, we are applying CynergisTek’s account management practices to strengthen relationships with our MDS clients in identifying opportunities for expansion. Lastly, we have invested in growing a pipeline by focusing on our cross-selling strategy into existing CynergisTek security clients, which has allowed us to change the message and engage the CIO, the Chief Compliance Officer and the CSO as buyers. We are still early in this process with our goal to accelerate these changes in the coming quarters, which should help offset the margin pressure we have seen in the industry. We are looking to emphasize profitability across all of our services and the optimization of this delivery model in our MDS offerings will help that endeavor. In addition to restructuring MDS offerings, we continue to invest in expanding our traditional security service offerings to meet the emerging needs of the market and our customers. As I said earlier, we continue to watch developments in Washington closely, as new legislation around biomedical devices and IoT seem very likely. We are already assisting several clients with managing their risk, their biomedical devices as well as business associates who produce and supply these critical assets. We are working now on a biomedical device security offering using the lessons learned from these experiences. This quarter, we are very pleased with the success of our new service lines launched earlier this year. The first example is our vendor security management service. The third-party vendors to our customers are an increasing threat to their enterprise. Many times, our customers do not possess the expertise in manpower to proper leave and manage the risks those suppliers pose to the data and systems that they manage for the hospital. This is also another example of where our integration efforts are beginning to pay off. By upgrading and integrating the software from the Delphiis acquisition, we now have a software-as-a-service-based solution, called RiskSonar, that allows us to take on the entire vendor security management process for our clients, bringing up their teams to focus on other core areas around risk management. Another example would be our incident response services, which will focus on all of the elements that make up a response to a breach or incident, from prevention, exercise and response to actual recovery and remediation. We go beyond the traditional approaches and address the technical, forensic, compliance, investigatory, communications and other aspects that impact the organization and the changes that clients will need to make following an incident. These are great examples of how we can leverage our existing platform and provide additional high-margin services to our customers, strengthening our relationship with them and allowing us to expand our reach and build critical mass. To recap the quarter. We have continued to invest in setting the stage for 2018, making tremendous progress towards integration of the two companies, cross-selling to our collective customer base, the restructuring of existing services and the development of new service offerings that we started at the beginning of the year. We are excited about the new leadership that has joined the CynergisTek team, and we are looking forward to focusing on growing margins and most importantly, taking advantage of the significant revenue opportunity we see in providing cybersecurity and IT consulting services to the healthcare industry. Before I turn it over to Paul, I encourage many of you to meet with us at the Craig-Hallum, LD Micro and Benchmark Micro cap Conferences this November and December. Paul, I will hand it over to you to go through the financials. Paul, please go ahead.
Paul Anthony:

Thanks, Mac. For the three months ended September 30, 2017, the company’s revenues increased by approximately $3.6 million to $17.9 million as compared to the same period of 2016. This increase is largely attributable to the growth in our cybersecurity services as a result of the acquisition of CynergisTek in January. Equipment sales for the third quarter of 2017 were approximately $0.7 million as compared to $0.2 million in 2016. Equipment revenues are primarily from the copier fleet refresh activities at our customers. These activities are sporadic and they typically are done every five years at any one customer facility. Cost of revenue consists of salaries and expenses of direct labor and indirect support staff as well as document imaging equipment parts and supplies. Cost of revenue was $11.7 million for the three months ended September 30, 2017, as compared to $11.1 million for the same period of 2016. Gross margin increased to 34% of revenue for the three months ended September 30, 2017, as compared to 23% for the same period of 2016. The increase is attributable to the higher gross margins attained from the professional services rendered to the newly acquired CynergisTek business and the benefit from the maturation of a couple of large MDS accounts. Over the next few quarters, we do expect gross margins to come due to the recent turnover we experienced in MDS, partially being offset as we grow the security services. Sales and marketing expenses were $1.3 million for the three months ended September 30, 2017, as compared to $0.6 million for the same period in 2016. The increase is attributable to the CynergisTek acquisition and the building out of the sales and marketing team, which is expected to continue into 2018. General and administrative expenses increased by $0.2 million to $1.8 million for 2017 as compared to $1.6 million for the previous year. The increase in G&A was also attributed to the CynergisTek acquisition and the absorption of this business. Amortization of acquisition-related intangibles increased to $0.5 million for the three months ended September 30, 2017, compared to $0.1 million for the same period in 2016, again, due to the acquisition of CynergisTek. The company reported income from operations of $2.4 million for the three months ended September 30, 2017, compared to $0.8 million for the same period in the prior year. Net income was $1.1 million or $0.11 per basic and diluted share compared to net income of $0.7 million or $0.08 per basic and diluted share in the same period of 2016. Non-GAAP adjusted earnings for the third quarter of 2017 was $2.4 million or $0.26 per basic and $0.25 per diluted share after adjusting for estimated income tax provision, amortization of intangibles, stock-based comp and depreciation of $1.3 million compared to $0.9 million or $0.11 per basic and diluted share after adjusting for amortization of intangibles, stock-based comp and depreciation of $0.2 million for the same of 2016. Non-GAAP adjusted EBITDA, when adding back stock-based comp, was $3 million in the third quarter of 2017 compared to $1 million for the same period in 2016. At September 30, 2017, deferred revenue was $2.1 million, up from $0.6 million at December 31, 2016, and the company had $2.7 million of cash and cash equivalents at the end of the quarter. We continue to maintain a line of credit for up to $5 million subject to borrowing base limitations, and the credit line currently has no outstanding balance on it. This concludes the financial portion. I’ll turn it back over to Mac for closing remarks.
Mac McMillan:

Thank you, Paul. As we move into Q4 and look to close out the year, we again, feel that we are making the right investments to expand our service offerings and professional services with placing resources in our hospital clients for short and long-term remediation and program development projects. Incident response, vendor security management and refining our MDS model to be more competitive in the market. And most importantly, building an exceptional leadership team to work towards and exceed our mission of being the first name in healthcare cybersecurity, providing excellent advisory services to our customers and growing shareholder value. This concludes the prepared remarks. Operator, please open the floor for questions.
Operator:

Certainly. [Operator Instructions] We’ll take our first question from Andrew D’Silva with B. Riley, FBR. Please go ahead.
Andrew D’Silva:

Hey good afternoon. Thanks for taking my call and good job at this quarter. Just a couple of quick questions here. First, just focusing on gross margins. Obviously, much higher than I think anybody was expecting on a consolidated basis. Could you give us a sense of the type of benefit you received from MDS business, as it – as some of the older contracts matured? I just had no idea that there was this kind of leverage capable from a maturing MDS contract.
Mac McMillan:

Yes, Andrew, in the case of this specific situation, again, as we complete implementations, which can occur at any point in time, there may be some true-ups that occur with customers. And in the case of the implementations that were completed in this quarter, there were two large accounts that had extended implementation periods that resulted in a larger true-up than we would have traditionally experienced. But this is very common practice for us. It happens pretty much every year. It just doesn’t normally always have the same level of impact that we saw this year.
Andrew D’Silva:

Okay. Got it. And then as far as the MDS turnover you mentioned during the prepared remarks, is this the same turnover that we’ve been talking about the last few quarters, are these some new companies that are following up as well? I was modeling a fourth quarter fall-off for the ones that you guys were mentioning since beginning of the year.
Mac McMillan:

Yes, Andrew. Absolutely, it’s the follow-up that we’ve been talking about all along, and then we’ve talked about on our last call. And in fact, we’ve not had any more since then, and we’ve actually added new MDS clients. So we’re actually on – we’re going in the right direction again in terms of increasing the MDS business.
Andrew D’Silva:

Okay. That is great to hear. As far as the business segments go, and the cross-selling, as you see today, are you seeing greater opportunities currently. Do you cross-sell MDS into the security business or security offerings into the MDS business, or it’s just starting to level up and be fairly similar between both sides?
Mac McMillan:

So it’s kind of a different opportunity. And I’ll try to explain. So there is a great opportunity for cross-selling MDS into the security offerings, clients primarily, because we have 200-plus clients. Whereas, on the MDS side, we have virtually less than a couple of dozen. So just the – here number is alone in terms of opportunity to cross-seller is vastly different. The one thing that’s very positive right now is that the cross-selling that we are engaged in with our traditional cybersecurity customers, so far, has been very positively received. And in fact, you probably heard in my remarks, one of those first opportunities that we brought that to went very quickly from the initial discussion to the assessment to a request for a proposal. And we expect to close that contract, hopefully, before the end of the year, certainly, by the very beginning of next year. And so that – number one, we’re very encouraged by that. But we also are more encouraged by the fact that we have a number of opportunities now in the pipeline for MDS discussions with those traditional customers as well. So that’s – it’s a very encouraging sign for the future.
Andrew D’Silva:

Are you seeing that traction – do you believe you’re seeing a traction because you’re now dealing with different decision makers due to the combined business? Or do you believe if the product offerings and sales that are leading that kind of traction?
Mac McMillan:

So it’s actually a combination of multiple things, but you’re absolutely correct. I mean, one of the things that we did successfully with that first iteration, and we are doing with the others is, we are, absolutely, going in and selling to a different customer. We’re going in and talking with the CIO. We’re going in and talking with the Chief Compliance Officer. We’re going in and talking to the people who are managing risk in the environment, and we’re treating those printers, not just as something that can – an opportunity to save their money by managing them more efficiently, but we’re also addressing the risk of those printers pose to those organizations as just another end point that’s connected to their network that also has data on it that has to be protected. And so it’s giving us more stakeholders to approach. And so that’s helping us. But I – also I think the way we have repackaged it in terms of those services, and in terms of how we’re offering it. The offering that we made to that customer was very different than the traditional offering that we had in the past, in the sense that we had restructured it. We have integrated security into our offering now, which is a differentiator compared to our competitors. And it’s – so I think it’s a combination of multiple factors.
Andrew D’Silva:

Okay, great. And just last question. As far as the competitive landscape goes, obviously, there’s been so many new stories within this industry and just in general about security breaches. Has that spurred any additional competition that you’re seeing in the market? Or are the same players, really, the ones that are out there currently, since you guys merged?
Mac McMillan:

So we haven’t really seen – I would say, I’m sure there are some new players. We haven’t really seen new players, quite frankly, emerged that we have run into head-to-head in terms of the healthcare space. And in fact, believe it or not, we’ve actually seen some people actually even back away. So it’s – but I think the competitive landscape is probably pretty much the same as it was.
Andrew D’Silva:

Fantastic. All right, great. Thank you very much. Good job, nice quarter and good luck going forward.
Mac McMillan:

Thank you.
Operator:

We’ll move to our next question from Jeff Bash with General Pacific Partners. Please go ahead.
Jeff Bash:

Hi guys, outstanding quarter.
Mac McMillan:

Thanks, sir.
Jeff Bash:

Could you comment a little bit more on the turnover in MDS, and let me tell you my perspective that the company, over the last 10 years or so, was typically selling to a hospital that was providing the service itself and therefore, taking over. And there’s been very little turnover until the last year or so. So I’m little puzzled as to, what’s causing the turnover and who you are losing the business to. So if you could provide a little more color there, I’d appreciate that.
Mac McMillan:

Sure. So I think, the first thing that’s helpful to understand is that we’re looking at five-year contracts. So essentially, I think, what happen at least, as I proceeded in the conversations, I have had with those clients that they turned over. The market essentially changed and what I mean by that is, it became very much commoditized market to where the model that Auxilio had traditionally, which provided the client with a whole host of value-based services that were built in to that model from – at the front end. Essentially made it very difficult as that market drove itself to the bottom, if you will, in terms of more and more commoditization and pricing to be competitive, in terms of being able to get low enough, if you will, to be able to be competitive. And a lot of those clients that we had worked with over the years and done a great job of helping them make their environments more efficient. When they got to the end of their contract, we basically found ourselves in a situation where they didn’t feel they needed all those additional services to continue. They felt that they could move forward now with a more modest offering, a more of a rate-fixed type offering which is what allowed the competition, kind of, a pull up, if you will. As it relates to the competition, it wasn’t just one vendor, it’s been – it was – it’s been multiple vendors that have one those contracts where we were displaced. I think the good news though and what’s going on now is that we have now restructured things so that we have an offering now like the one we put forward with Virtual, where we come in, and we compete nose-to-nose with those guys and actually are very competitive. But at the same time, still have the – all of the additional things that we can do for the client, which many of them still want and are adding. But for instance, one of our clients up in the Northeast, where we went in with this new approach, is now started to add all those additional things. And the nice thing is that, that’s actually driving the margin up in that engagement, because those things are being added individually as opposed to being driven into that penny-per-page model that we had in the past.
Jeff Bash:

Okay, got it. Now with respect to your instant response service, which you’re about to roll out, what’s the marketplace for that? Is this, sort of, a unique service? Is there a lot of competition or not really not much competition?
Mac McMillan:

So there is competition out there, but interestingly enough, most of the competition has been focused around the forensic aspects or the actual crisis recovery aspects as opposed to the way we’re approaching it, which, the approach that we have or we’ve developed, is one that we’ve been working on for, essentially, the last 12 months. And we’ve been holding CIO forms with our existing customers and asking them what are the different aspects that you would like to see or the different parts that you would like to see in a incident response service. The other thing that we’ve asked them, and we just did this recently up the CHIME event that we just went to, we held a focus group on incident response there, and one of the things that we were asking them there is, how would you like to buy this service and what manner would you like it as a retainer, like it’s offered by a lot of the other competitors? Or do you want this more of a managed service? Or do you it a just-in-time type service? And unanimously across-the-board, the CIOs that were in that focus group said, we want it as a managed service, because we want to know who we’re working with, we want you to be familiar with our environment, and we want you to help us get ready for incidents. We want you to help us run exercises to make sure that our readiness is at a high state of readiness. And then we want you to, when you come in during an incident and afterwards, to help us with recovery, be familiar with us and familiar with our organization and familiar with our systems, so that you’ll be more effective. And so that’s exactly what we’ve done. We’re building an incident response service that’s going to be another managed service component to our – rest of our managed services that we offer to healthcare, where we will help them build out their policy and procedures and their program around incident response. We’ll help them build their playbooks for how they handle an incident. We’ll help them run exercises and table talks with respect to their readiness posture and then be able to deploy and help them and when there is an independent and then with the recovery afterwards. And I – and that is actually very unique in the industry, and nobody that I know of, at least, offers a whole suite of services around incident response.
Jeff Bash:

Very good. And my last question has to do with the registration statement, it was filed recently. Given the financial performance that you’re showing at the moment and $5 million line of credit you have, it doesn’t seem to me off hand that you should have any difficulty paying $3 million-or-so a year debt repayments on the purchase price for CynergisTek over the next two-plus years. So I’m a little interested in some more color on why you are registering and offering at this time?
Paul Anthony:

Yes, Jeff, at least at this point, there is no immediate expectations to go out and actually go and do anything with that registration statement. It’s not uncommon for organizations like ours in our situation to at least be prepared and have that as an option as part of an overall management of our capital structure. And so right now, I can say there is no immediate expectation to do anything like that.
Jeff Bash:

Okay, that’s what I expect you to say, but I sort of one and have you on record for saying. And Mac, I just want to say that this I think is your first conference call. I really appreciate. You are handling [indiscernible]
Mac McMillan:

Thank you, sir.
Operator:

Thank you. [Operator Instructions] We’ll hear next from Andrew [indiscernible] Please go ahead.
Unidentified Analyst:

Hello, congrats on the quarter.
Paul Anthony:

Hello there.
Unidentified Analyst:

Can you break out the CynergisTek revenue for the past quarter? That really would be helpful.
Paul Anthony:

Yes, we currently don’t break out specifically the CynergisTek revenue at this type financial.
Unidentified Analyst:

Okay. Well, then can you comment on the growth in growth rate especially, sequentially in year-over-year as well as commenting on any seasonality? Or you just been trying to get a hand on that business as you guys have integrated it?
Paul Anthony:

Yes. From a year-over-year, for the security business is really what we’re focused on. It’s been flat. And that was a function of a number of factors
Unidentified Analyst:

That’s helpful. So do you have any quantification of the impacts from natural disasters, any sort of seasonality in particular? Or are you just – is it just more one-off with this contract restructure?
Mac McMillan:

Yes. It’s more a one-off. I mean, it basically, is really, has turned into deferred revenue. Once we’re able to go back, our people are able to go back into those areas, obviously, we will go back in and finish delivering the work there. It’s – as we all know, when hurricanes hit sometimes. You can’t go back in as quickly as you’d like to, and that’s just the way things happen. With respect to the contract restructuring, it just took longer than anyone expected, and – which created a delay in recognizing revenue as well. But that – but as of now we are back up 100% with – on that – with that particular client as well. And so that was – we expect that was a one-time event as well.
Paul Anthony:

And we do see some seasonality. There may be a little bit in the security side towards Q4. But again, seasonality hasn’t traditionally played a material item in the business. So yes.
Unidentified Analyst:

Excellent. And so going forward, do you guys have any, sort of, sense for growth rate for that component?
Mac McMillan:

So for our traditional managed services, we are seeing somewhere around 20% year-over-year in terms of growth. Knock on wood, we’ve been very successful at renewing all of our existing managed service clients through 2017, and we have a – traditionally have a very high renewal rate, as it is. So essentially, year-over-year, as we add new clients to that mix, that just tends to grow in a incremental pace. Adding the new VSM and patient privacy-monitoring services in the IR service, we expect that, that will actually be an additive to that. So hopefully, we’ll see some increase in terms of that percentage of growth over time. But it’s – I think it’s too early to predict what that might be.
Unidentified Analyst:

That’s really helpful. And final question. I know you talked about the margin benefit, those, kind of, one-time in nature. Can you give any, sort of, senses to a run rate gross margin that you’d expect going forward?
Paul Anthony:

Yes. We don’t provide guidance specifically on that so.
Unidentified Analyst:

Thank you.
Operator:

Thank you. [Operator Instructions] We’ll hear next from Avi Fisher with Long Cast Advisers. Please go ahead.
Avi Fisher:

Hi, Paul and Mac, good evening and thanks for taking my question.
Paul Anthony:

Hi Avi.
Mac McMillan:

Hi Avi.
Avi Fisher:

Jeff alluded to this earlier. Next year, your debt service cost bump up quite significantly. He asked you about the registration statement. I’m curious about any either efforts or do you have any flexibility that you can talk about with regard to the debt? Are you thinking about any efforts? Is there anything you can talk about regarding that bump up and flexibility around managing that, other than general when you way through it?
Paul Anthony:

Yes. There is nothing specific at this point, Avi. But obviously were constantly communicating with the banks, just like we do with our investors, keeping them up to speed on what’s going on with the business as well as working with other parties to ensure that we’re in a good position from a financial, cash flow and so on and so, but nothing specific at this time.
Avi Fisher:

Okay, all right. Thanks for taking my question. Appreciate it.
Paul Anthony:

Thank you.
Operator:

And ladies and gentlemen, that will conclude our Q&A session for today. I would like to turn the conference back over to Mr. Mac McMillan for any additional or closing remarks.
Mac McMillan:

Thank you very much. And I’d like to thank everybody for joining our call today and we look forward to talking to you again soon.
Operator:

That will conclude today’s conference. Thank you all, once again for joining. And you may now disconnect.

Q3 2017 Earnings Call Transcript

Other earnings call transcripts: