10-K
2025-05-01http://fasb.org/us-gaap/2021-01-31#OtherAssetsNoncurrent 0001580560 http://fasb.org/us-gaap/2021-01-31#OtherLiabilitiesNoncurrentOne--12-31OneFYone yearone YearfalseMassachusettsthree year0001580560us-gaap:RestrictedStockUnitsRSUMembersrt:MinimumMember2021-01-012021-12-310001580560us-gaap:CommonStockMember2020-01-012020-12-310001580560us-gaap:CashAndCashEquivalentsMember2019-12-310001580560flyw:RestrictedStockAwardsMember2021-01-012021-12-310001580560us-gaap:CustomerConcentrationRiskMemberflyw:PartnerDMemberflyw:FundsReceivableMember2021-01-012021-12-310001580560us-gaap:RestrictedStockMember2019-01-012019-12-310001580560flyw:ProvisionForIncomeTaxMember2020-01-012020-12-310001580560us-gaap:TradeNamesMember2020-12-310001580560us-gaap:NonvotingCommonStockMember2021-01-012021-12-310001580560flyw:TransactionsMember2019-01-012019-12-310001580560flyw:SeriesE2PreferredStockMember2020-01-012020-12-3100015805602021-12-310001580560flyw:SimpleeMemberus-gaap:MeasurementInputDiscountRateMember2020-12-310001580560flyw:ClientAMemberus-gaap:CustomerConcentrationRiskMemberus-gaap:AccountsReceivableMember2020-01-012020-12-3100015805602021-01-012021-12-310001580560flyw:OtherCountriesMember2020-12-310001580560country:CA2019-01-012019-12-310001580560flyw:SimplificareIncMember2020-01-012020-12-310001580560us-gaap:NoncompeteAgreementsMember2020-01-012020-12-310001580560us-gaap:RestrictedStockMember2020-01-012020-12-310001580560us-gaap:WarrantMember2021-01-012021-12-310001580560srt:MaximumMemberflyw:MeasurementInputProbabilityOfSuccessfulAchievementMemberflyw:SimpleeMember2020-12-310001580560flyw:TransactionsMember2020-01-012020-12-310001580560flyw:SimpleeMember2021-01-012021-12-310001580560us-gaap:CustomerConcentrationRiskMemberflyw:PartnerCMemberflyw:FundsReceivableMember2021-01-012021-12-3100015805602018-07-012018-07-310001580560us-gaap:ComputerEquipmentMember2020-12-310001580560us-gaap:NondesignatedMemberus-gaap:ForeignExchangeForwardMember2021-12-310001580560flyw:PlatformAndUsageBasedFeesMember2020-01-012020-12-310001580560us-gaap:ConvertiblePreferredStockMember2018-12-310001580560us-gaap:RetainedEarningsMember2020-12-310001580560flyw:OtherCountriesMember2020-01-012020-12-310001580560us-gaap:CommonStockMember2021-12-3100015805602018-12-3100015805602021-07-292021-07-290001580560us-gaap:TechnologyBasedIntangibleAssetsMember2020-01-012020-12-310001580560us-gaap:ForeignExchangeForwardMember2019-01-012019-12-310001580560us-gaap:SeriesBPreferredStockMember2020-01-012020-12-310001580560flyw:SimplificareIncMemberflyw:RevenueAndIntegrationTargetsMilestoneMember2020-02-130001580560us-gaap:CustomerRelationshipsMember2020-12-310001580560flyw:ForeignNetOperatingLossCarryForwardsMember2021-12-310001580560us-gaap:CashAndCashEquivalentsMember2021-12-310001580560country:GB2021-01-012021-12-310001580560flyw:OtherCountriesMember2021-01-012021-12-310001580560flyw:StateNetOperatingLossCarryForwardsMember2021-12-310001580560us-gaap:AdditionalPaidInCapitalMember2020-01-012020-12-310001580560flyw:ContingentConsiderationMember2021-01-012021-12-310001580560flyw:SeriesB1NVPreferredStockMember2020-01-012020-12-310001580560us-gaap:SalesRevenueNetMembercountry:GB2020-01-012020-12-310001580560srt:MinimumMemberus-gaap:ComputerEquipmentMember2021-01-012021-12-310001580560flyw:TransactionsMember2021-01-012021-12-310001580560flyw:VotingCommonStockMember2021-01-012021-12-310001580560flyw:RestrictedCashMember2020-12-310001580560us-gaap:SalesRevenueNetMembercountry:GB2019-01-012019-12-3100015805602021-03-312021-03-310001580560flyw:JoinderAndSecondAmendmentToLoanAndSecurityAgreementMembersrt:MinimumMember2020-05-182020-05-180001580560flyw:WpmMember2021-12-152021-12-150001580560flyw:FederalNetOperatingLossCarryForwardsMember2021-12-310001580560srt:MaximumMemberflyw:JoinderAndSecondAmendmentToLoanAndSecurityAgreementMember2020-05-182020-05-180001580560flyw:TwoThousandAndTwentyOneEmployeeStockPurchasePlanMember2021-04-012021-04-300001580560flyw:ForeignNetOperatingLossCarryForwardsMember2021-01-012021-12-310001580560us-gaap:SeriesAPreferredStockMember2020-01-012020-12-310001580560us-gaap:ComputerEquipmentMember2021-12-310001580560country:US2019-01-012019-12-310001580560flyw:LoanAndSecurityAgreementMember2021-01-012021-12-310001580560us-gaap:SeriesEPreferredStockMember2020-01-012020-12-310001580560country:GB2019-01-012019-12-3100015805602020-02-290001580560us-gaap:SalesRevenueNetMember2019-01-012019-12-310001580560us-gaap:CustomerConcentrationRiskMemberflyw:FundsReceivableMemberflyw:PartnerCMember2020-01-012020-12-310001580560us-gaap:FairValueInputsLevel3Member2020-12-310001580560flyw:SeriesCConvertiblePreferredStockMember2021-05-282021-05-280001580560flyw:MeasurementInputPerformancePeriodMemberflyw:SimpleeMember2020-12-310001580560us-gaap:ResearchAndDevelopmentExpenseMember2020-01-012020-12-310001580560us-gaap:RetainedEarningsMember2020-01-012020-12-310001580560flyw:ContingentConsiderationMember2020-12-310001580560flyw:WarrantsForThePurchaseOfConvertiblePreferredStockMember2019-01-012019-12-310001580560us-gaap:SellingAndMarketingExpenseMember2019-01-012019-12-310001580560country:CA2021-01-012021-12-310001580560country:US2021-01-012021-12-310001580560us-gaap:IPOMember2021-05-282021-05-280001580560flyw:SeriesB1NVPreferredStockMember2020-12-310001580560us-gaap:ConvertiblePreferredStockMember2019-01-012019-12-310001580560us-gaap:IPOMember2021-12-310001580560us-gaap:FurnitureAndFixturesMember2021-01-012021-12-310001580560flyw:ContingentConsiderationMember2020-01-012020-12-310001580560us-gaap:SeriesEPreferredStockMember2020-02-012020-02-290001580560us-gaap:CustomerRelationshipsMember2020-01-012020-12-310001580560flyw:MarketPriceOfRiskAdjustmentForRevenueMemberflyw:WpmMember2021-12-310001580560flyw:OtherCountriesMember2021-12-310001580560us-gaap:AccumulatedOtherComprehensiveIncomeMember2021-12-310001580560flyw:LSAWarrants2Member2020-12-3100015805602021-05-282021-05-280001580560flyw:OtherCountriesMember2019-01-012019-12-310001580560flyw:SeriesB1PreferredStockMember2020-12-310001580560us-gaap:RedeemableConvertiblePreferredStockMember2021-12-310001580560flyw:SimplificareIncMember2021-01-012021-12-310001580560us-gaap:NoncompeteAgreementsMember2021-01-012021-12-310001580560us-gaap:DividendDeclaredMember2020-01-012020-12-310001580560flyw:WpmGroupLimitedMember2021-12-310001580560us-gaap:SalesRevenueNetMemberflyw:NoClientMember2020-01-012020-12-310001580560flyw:FederalNetOperatingLossCarryForwardsMember2021-01-012021-12-310001580560flyw:SeriesB1PreferredStockMember2021-12-310001580560us-gaap:TechnologyBasedIntangibleAssetsMemberflyw:SimplificareIncMember2021-01-012021-12-310001580560us-gaap:RetainedEarningsMember2021-01-012021-12-310001580560us-gaap:CashAndCashEquivalentsMember2020-12-310001580560flyw:PartnerEMemberus-gaap:CustomerConcentrationRiskMemberflyw:FundsReceivableMember2021-01-012021-12-310001580560us-gaap:PreferredStockMemberus-gaap:ConvertiblePreferredStockMember2019-12-310001580560flyw:PropertyAndEquipmentMember2020-01-012020-12-310001580560country:GB2020-01-012020-12-310001580560flyw:RestrictedStockAwardsMember2021-12-310001580560flyw:PartnerAMemberus-gaap:CustomerConcentrationRiskMemberflyw:FundsReceivableMember2020-01-012020-12-310001580560us-gaap:SeriesEPreferredStockMember2021-12-3100015805602021-06-300001580560us-gaap:ConvertiblePreferredStockMember2021-01-012021-12-310001580560us-gaap:SalesRevenueNetMembercountry:US2020-01-012020-12-310001580560flyw:ImplementationContractCostsMember2021-12-310001580560us-gaap:EmployeeStockOptionMember2021-01-012021-12-310001580560us-gaap:RestrictedStockMember2021-12-310001580560us-gaap:IPOMember2021-05-280001580560us-gaap:TechnologyBasedIntangibleAssetsMember2020-12-310001580560country:US2020-12-310001580560flyw:VotingCommonStockMember2022-03-250001580560us-gaap:SeriesCPreferredStockMember2020-01-012020-12-310001580560country:SG2021-07-312021-07-310001580560us-gaap:TradeNamesMember2020-01-012020-12-310001580560us-gaap:RestrictedStockUnitsRSUMember2021-12-310001580560us-gaap:SeriesOfIndividuallyImmaterialBusinessAcquisitionsMember2021-01-012021-12-310001580560flyw:LoanAndSecurityAgreementMember2018-01-160001580560flyw:SeriesB1NVPreferredStockMember2021-12-310001580560us-gaap:AccumulatedOtherComprehensiveIncomeMember2019-01-012019-12-310001580560flyw:SeriesE1PreferredStockMember2020-01-012020-12-310001580560us-gaap:RevolvingCreditFacilityMembersrt:MaximumMember2021-07-292021-07-290001580560flyw:ClientBMemberus-gaap:CustomerConcentrationRiskMemberus-gaap:AccountsReceivableMember2020-01-012020-12-310001580560srt:MinimumMember2021-01-012021-12-310001580560us-gaap:AdditionalPaidInCapitalMember2019-01-012019-12-310001580560country:US2021-12-310001580560us-gaap:ConvertiblePreferredStockMember2019-12-310001580560srt:MaximumMember2021-01-012021-12-310001580560us-gaap:AccumulatedOtherComprehensiveIncomeMember2020-12-310001580560us-gaap:RedeemableConvertiblePreferredStockMember2020-01-012020-12-310001580560us-gaap:RedeemableConvertiblePreferredStockMemberus-gaap:PreferredStockMember2020-12-310001580560us-gaap:SalesRevenueNetMembercountry:US2021-01-012021-12-310001580560flyw:ConvertibleAndRedeemableConvertiblePreferredStockMember2020-12-310001580560us-gaap:ConvertiblePreferredStockMember2020-01-012020-12-310001580560flyw:SeriesE1PreferredStockMember2020-12-3100015805602019-12-310001580560us-gaap:AdditionalPaidInCapitalMember2018-12-310001580560us-gaap:AdditionalPaidInCapitalMember2019-12-310001580560us-gaap:SalesRevenueNetMembercountry:CA2021-01-012021-12-310001580560country:SG2021-05-312021-05-310001580560us-gaap:ConvertiblePreferredStockMember2020-12-310001580560us-gaap:SeriesEPreferredStockMember2020-02-290001580560us-gaap:NondesignatedMemberus-gaap:ForeignExchangeForwardMember2020-12-310001580560srt:MinimumMemberflyw:MeasurementInputProbabilityOfSuccessfulAchievementMemberflyw:SimpleeMember2021-12-310001580560us-gaap:DividendDeclaredMember2019-01-012019-12-310001580560us-gaap:LeaseholdImprovementsMember2020-12-310001580560flyw:ContinuingEmploymentOfKeyEmployeesMemberflyw:SimplificareIncMember2020-02-130001580560flyw:LoanAndSecurityAgreementMember2019-08-312019-08-310001580560flyw:ProvisionForIncomeTaxMember2021-01-012021-12-310001580560us-gaap:CommonStockMemberus-gaap:NonvotingCommonStockMember2021-12-310001580560flyw:WpmMember2021-01-012021-12-310001580560flyw:PartnerBMemberus-gaap:CustomerConcentrationRiskMemberflyw:FundsReceivableMember2021-01-012021-12-310001580560flyw:ContingentConsiderationMember2019-01-012019-12-310001580560flyw:LoanAndSecurityAgreementMember2018-01-162018-01-160001580560us-gaap:CustomerRelationshipsMemberflyw:SimplificareIncMember2021-01-012021-12-310001580560us-gaap:WarrantMember2021-01-012021-12-310001580560us-gaap:LeaseholdImprovementsMember2021-01-012021-12-310001580560flyw:ContinuingEmploymentOfKeyEmployeesMemberflyw:WpmMember2021-12-310001580560country:US2020-01-012020-12-310001580560us-gaap:CustomerRelationshipsMember2021-12-310001580560us-gaap:TreasuryStockMember2018-12-310001580560us-gaap:SeriesCPreferredStockMember2021-01-012021-12-310001580560flyw:PlatformAndUsageBasedFeesMember2021-01-012021-12-310001580560us-gaap:SeriesDPreferredStockMember2020-12-310001580560flyw:StateNetOperatingLossCarryForwardsMember2021-01-012021-12-310001580560flyw:ContingentConsiderationMember2018-12-310001580560flyw:WarrantsForThePurchaseOfConvertiblePreferredStockMember2020-01-012020-12-310001580560us-gaap:SeriesCPreferredStockMember2021-12-3100015805602020-05-182020-05-180001580560country:GB2020-12-310001580560us-gaap:SoftwareDevelopmentMember2021-12-310001580560us-gaap:AdditionalPaidInCapitalMember2021-12-310001580560us-gaap:AccumulatedOtherComprehensiveIncomeMember2019-12-310001580560us-gaap:SeriesBPreferredStockMember2021-12-310001580560us-gaap:EmployeeStockOptionMember2020-01-012020-12-310001580560flyw:JoinderAndSecondAmendmentToLoanAndSecurityAgreementMember2020-05-180001580560srt:MaximumMemberflyw:MeasurementInputProbabilityOfSuccessfulAchievementMemberflyw:WpmMember2021-12-310001580560us-gaap:ForeignExchangeForwardMember2020-01-012020-12-3100015805602021-02-282021-02-280001580560us-gaap:FurnitureAndFixturesMember2021-12-310001580560flyw:LSAWarrants2Member2020-01-012020-12-310001580560flyw:IncrementalContractCostsMember2021-12-310001580560us-gaap:SalesRevenueNetMembercountry:CA2019-01-012019-12-310001580560srt:MinimumMemberflyw:MeasurementInputProbabilityOfSuccessfulAchievementMemberflyw:SimpleeMember2020-12-310001580560us-gaap:SalesRevenueNetMember2021-01-012021-12-310001580560flyw:SeriesF1RedeemableConvertiblePreferredStockMember2021-01-012021-12-310001580560us-gaap:AccumulatedOtherComprehensiveIncomeMember2018-12-310001580560us-gaap:GeneralAndAdministrativeExpenseMember2020-01-012020-12-310001580560us-gaap:RedeemableConvertiblePreferredStockMember2021-01-012021-12-310001580560country:RO2021-05-312021-05-310001580560us-gaap:NoncompeteAgreementsMember2020-12-310001580560us-gaap:SalesRevenueNetMemberflyw:NoClientMember2021-01-012021-12-310001580560srt:MaximumMemberus-gaap:FurnitureAndFixturesMember2021-01-012021-12-310001580560us-gaap:NonvotingCommonStockMember2021-12-310001580560us-gaap:IPOMember2021-01-012021-12-310001580560us-gaap:CommonStockMember2018-12-310001580560us-gaap:SalesRevenueNetMembercountry:US2019-01-012019-12-310001580560flyw:LSAWarrantsMember2020-12-310001580560flyw:MeasurementInputPerformancePeriodMemberflyw:WpmMember2021-12-310001580560country:CA2020-01-012020-12-310001580560flyw:WpmMember2021-12-310001580560flyw:SimplificareIncMember2020-02-132020-02-130001580560srt:MaximumMember2020-01-012020-12-310001580560flyw:MeasurementInputPerformancePeriodMemberflyw:SimpleeMember2021-12-310001580560flyw:SeriesERedeemableConvertiblePreferredStockMember2020-01-012020-12-310001580560us-gaap:FairValueInputsLevel3Member2021-12-310001580560flyw:LoanAndSecurityAgreementMember2018-01-312018-01-310001580560flyw:SimplificareIncMember2021-12-310001580560us-gaap:RedeemableConvertiblePreferredStockMember2021-01-012021-12-310001580560flyw:ProvisionForIncomeTaxMember2019-01-012019-12-310001580560flyw:ProvisionForIncomeTaxMember2021-12-3100015805602020-12-310001580560us-gaap:PreferredStockMemberus-gaap:ConvertiblePreferredStockMember2020-12-310001580560us-gaap:NonvotingCommonStockMember2022-03-250001580560us-gaap:WarrantMember2020-01-012020-12-310001580560us-gaap:AdditionalPaidInCapitalMember2020-12-310001580560flyw:SimplificareIncMember2019-01-012019-12-310001580560flyw:ImplementationContractCostsMember2021-01-012021-12-310001580560us-gaap:GeneralAndAdministrativeExpenseMember2021-01-012021-12-310001580560flyw:SimpleeMemberus-gaap:MeasurementInputDiscountRateMember2021-12-310001580560us-gaap:RetainedEarningsMember2021-12-310001580560flyw:TwoThousandAndTwentyOneEmployeeStockPurchasePlanMember2021-04-300001580560flyw:IncrementalContractCostsMember2021-01-012021-12-310001580560us-gaap:ResearchAndDevelopmentExpenseMember2019-01-012019-12-310001580560flyw:ImplementationContractCostsMember2020-01-012020-12-310001580560us-gaap:TechnologyBasedIntangibleAssetsMember2021-12-310001580560us-gaap:WarrantMember2020-01-012020-12-310001580560us-gaap:LeaseholdImprovementsMember2021-12-3100015805602021-03-310001580560flyw:TwoThousandAndTwentyOnePlanMember2021-12-310001580560flyw:ClientAMemberus-gaap:CustomerConcentrationRiskMemberus-gaap:AccountsReceivableMember2021-01-012021-12-310001580560us-gaap:CommonStockMember2019-12-310001580560us-gaap:RestrictedStockMember2021-01-012021-12-310001580560us-gaap:SeriesAPreferredStockMember2020-12-310001580560flyw:TwoThousandAndTwentyOnePlanMember2021-01-012021-12-310001580560us-gaap:TreasuryStockMember2021-12-310001580560flyw:TermLoanMember2021-07-292021-07-290001580560flyw:PlatformAndUsageBasedFeesMember2019-01-012019-12-310001580560us-gaap:CommonStockMember2021-01-012021-12-310001580560us-gaap:RetainedEarningsMember2018-12-3100015805602021-05-012021-05-310001580560srt:MaximumMember2021-12-310001580560flyw:JoinderAndSecondAmendmentToLoanAndSecurityAgreementMember2020-05-182020-05-180001580560flyw:ContingentConsiderationMember2021-12-310001580560us-gaap:SoftwareDevelopmentMember2020-12-310001580560flyw:PropertyAndEquipmentMember2020-12-310001580560us-gaap:EmployeeStockOptionMember2019-01-012019-12-310001580560us-gaap:SalesRevenueNetMembercountry:GB2021-01-012021-12-310001580560us-gaap:TradeNamesMember2021-12-310001580560us-gaap:SellingAndMarketingExpenseMember2021-01-012021-12-310001580560srt:MinimumMemberflyw:MeasurementInputProbabilityOfSuccessfulAchievementMemberflyw:WpmMember2021-12-310001580560us-gaap:ConvertiblePreferredStockMember2021-12-3100015805602020-05-180001580560us-gaap:SellingAndMarketingExpenseMember2020-01-012020-12-310001580560us-gaap:AdditionalPaidInCapitalMember2021-01-012021-12-310001580560srt:MaximumMemberflyw:MeasurementInputProbabilityOfSuccessfulAchievementMemberflyw:SimpleeMember2021-12-310001580560flyw:SeriesE2PreferredStockMember2020-12-310001580560us-gaap:SeriesDPreferredStockMember2020-01-012020-12-310001580560us-gaap:ForeignExchangeForwardMember2021-01-012021-12-310001580560us-gaap:RevolvingCreditFacilityMember2021-07-290001580560us-gaap:DividendDeclaredMember2021-01-012021-12-310001580560srt:MinimumMember2021-12-310001580560us-gaap:ResearchAndDevelopmentExpenseMember2021-01-012021-12-310001580560us-gaap:RedeemableConvertiblePreferredStockMember2020-01-012020-12-310001580560us-gaap:TreasuryStockMember2019-12-310001580560us-gaap:RedeemableConvertiblePreferredStockMember2020-12-310001580560flyw:TwoThousandNinePlanMember2021-01-012021-12-310001580560us-gaap:TreasuryStockMember2019-01-012019-12-3100015805602019-01-012019-12-310001580560us-gaap:AccumulatedOtherComprehensiveIncomeMember2021-01-012021-12-310001580560us-gaap:RevolvingCreditFacilityMember2021-01-012021-12-310001580560flyw:TwoThousandAndTwentyOneEmployeeStockPurchasePlanMember2021-12-310001580560flyw:RestrictedCashMember2021-12-310001580560country:GB2021-12-310001580560us-gaap:RevolvingCreditFacilityMembersrt:MinimumMember2021-07-292021-07-290001580560flyw:SeriesB1PreferredStockMember2020-01-012020-12-310001580560us-gaap:CommonStockMember2020-12-310001580560flyw:TwoThousandAndEighteenPlanMember2021-01-012021-12-310001580560srt:MaximumMemberus-gaap:RestrictedStockUnitsRSUMember2021-01-012021-12-310001580560flyw:TwoThousandAndTwentyOneEquityIncentivePlanMember2021-12-310001580560us-gaap:RetainedEarningsMember2019-12-3100015805602020-01-012020-12-310001580560flyw:IncrementalContractCostsMember2020-01-012020-12-310001580560flyw:WpmMemberflyw:RevenueVolatilityMember2021-12-310001580560flyw:LSAWarrantsMember2020-01-012020-12-310001580560srt:MaximumMemberus-gaap:ComputerEquipmentMember2021-01-012021-12-310001580560us-gaap:SeriesBPreferredStockMember2020-12-310001580560us-gaap:TechnologyBasedIntangibleAssetsMember2021-01-012021-12-310001580560us-gaap:SeriesAPreferredStockMember2021-12-310001580560us-gaap:GeneralAndAdministrativeExpenseMember2019-01-012019-12-310001580560us-gaap:SeriesDPreferredStockMember2021-12-310001580560us-gaap:SoftwareDevelopmentMember2021-01-012021-12-310001580560us-gaap:CustomerConcentrationRiskMemberflyw:ClientBMemberus-gaap:AccountsReceivableMember2021-01-012021-12-310001580560us-gaap:EmployeeStockOptionMember2021-12-310001580560us-gaap:SeriesCPreferredStockMember2020-12-310001580560flyw:RestrictedCashMember2019-12-310001580560us-gaap:ConvertiblePreferredStockMember2021-01-012021-12-310001580560us-gaap:SalesRevenueNetMember2020-01-012020-12-310001580560us-gaap:RedeemableConvertiblePreferredStockMember2019-01-012019-12-310001580560us-gaap:WarrantMember2019-01-012019-12-310001580560us-gaap:FurnitureAndFixturesMember2020-12-310001580560flyw:ContingentConsiderationMember2019-12-310001580560us-gaap:SeriesEPreferredStockMember2020-02-012020-02-280001580560us-gaap:AccumulatedOtherComprehensiveIncomeMember2020-01-012020-12-310001580560flyw:PartnerBMemberus-gaap:CustomerConcentrationRiskMemberflyw:FundsReceivableMember2020-01-012020-12-310001580560us-gaap:NoncompeteAgreementsMember2021-12-310001580560us-gaap:CommonStockMember2019-01-012019-12-310001580560us-gaap:SalesRevenueNetMembercountry:CA2020-01-012020-12-310001580560us-gaap:OverAllotmentOptionMember2021-05-282021-05-280001580560us-gaap:NonvotingCommonStockMember2020-12-310001580560us-gaap:CustomerRelationshipsMember2021-01-012021-12-310001580560us-gaap:PreferredStockMemberus-gaap:ConvertiblePreferredStockMember2018-12-310001580560flyw:WpmGroupLimitedMember2021-01-012021-12-310001580560us-gaap:RetainedEarningsMember2019-01-012019-12-310001580560us-gaap:TreasuryStockMember2020-12-3100015805602021-07-290001580560us-gaap:RevolvingCreditFacilityMember2021-07-292021-07-29xbrli:pureutr:sqftxbrli:sharesiso4217:USDxbrli:sharesflyw:Numbersflyw:Segmentutr:Yiso4217:USD

 

 

UNITED STATES

SECURITIES AND EXCHANGE COMMISSION

Washington, D.C. 20549

 

FORM 10-K

 

(Mark One)

ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

For the fiscal year ended December 31, 2021

OR

TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 FOR THE TRANSITION PERIOD FROM TO

Commission File Number 001-40430

 

FLYWIRE CORPORATION

(Exact name of Registrant as specified in its Charter)

 

 

Delaware

27-0690799

(State or other jurisdiction of

incorporation or organization)

(I.R.S. Employer

Identification No.)

141 Tremont St #10

Boston, MA

02111

(Address of principal executive offices)

(Zip Code)

Registrant’s telephone number, including area code: (617) 329-4524

 

Securities registered pursuant to Section 12(b) of the Act:

 

Title of each class

 

Trading

Symbol(s)

 

Name of each exchange on which registered

Voting common stock, $0.0001 par value per share

 

FLYW

 

The Nasdaq Stock Market LLC

 

 

 

 

(Nasdaq Global Select Market)

Securities registered pursuant to Section 12(g) of the Act: None

Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act. Yes No

Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or 15(d) of the Act. Yes No

Indicate by check mark whether the registrant: (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes No

Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T (§232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit such files). Yes No

Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company,” and “emerging growth company” in Rule 12b-2 of the Exchange Act.

 

Large accelerated filer

 

 

Accelerated filer

 

 

 

 

 

Non-accelerated filer

 

 

Smaller reporting company

 

 

 

 

 

 

 

 

 

 

 

 

Emerging growth company

 

 

If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act.

Indicate by check mark whether the registrant has filed a report on and attestation to its management’s assessment of the effectiveness of its internal control over financial reporting under Section 404(b) of the Sarbanes-Oxley Act (15 U.S.C. 7262(b)) by the registered public accounting firm that prepared or issued its audit report.

Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act). Yes No

 

As of June 30, 2021, the last business day of the registrant’s mostly recently completed second fiscal quarter, the aggregate market value of the voting and non-voting common stock held by non-affiliates of the registrant was $2,418,170,478 based upon the closing sale price of our voting common stock of $36.74 on that date. The voting and non-voting common stock held by each officer and director and by each person known to own in excess of 5% of aggregate outstanding shares of our voting and non-voting common stock has been excluded in that such persons may be deemed to be affiliates. The determination of affiliate status in not necessarily a conclusive determination for other purposes.

As of March 25, 2022, the registrant had 101,017,602 shares of voting common stock, $0.0001 par value per share, outstanding and 5,988,378 shares of non-voting common stock $0.0001 par value per share, outstanding.

DOCUMENTS INCORPORATED BY REFERENCE

 


 

Portions of the registrant’s proxy statement for the 2022 annual meeting of stockholders to be filed pursuant to Regulation 14A within 120 days after the registrant’s fiscal year ended December 31, 2021, are incorporated by reference in Part III of this Form 10-K.

 

 

 


 

Table of Contents

 

 

 

Page

PART I

 

 

Item 1.

Business

4

Item 1A.

Risk Factors

27

Item 1B.

Unresolved Staff Comments

67

Item 2.

Properties

67

Item 3.

Legal Proceedings

67

Item 4.

Mine Safety Disclosures

67

 

 

 

PART II

 

 

Item 5.

Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities

68

Item 6.

[Reserved]

70

Item 7.

Management’s Discussion and Analysis of Financial Condition and Results of Operations

71

Item 7A.

Quantitative and Qualitative Disclosures About Market Risk

94

Item 8.

Financial Statements and Supplementary Data

95

Item 9.

Changes in and Disagreements with Accountants on Accounting and Financial Disclosure

139

Item 9A.

Controls and Procedures

139

Item 9B.

Other Information

139

Item 9C.

Disclosure Regarding Foreign Jurisdictions that Prevent Inspections

139

 

 

 

PART III

 

 

Item 10.

Directors, Executive Officers and Corporate Governance

140

Item 11.

Executive Compensation

140

Item 12.

Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters

140

Item 13.

Certain Relationships and Related Transactions, and Director Independence

140

Item 14.

Principal Accounting Fees and Services

140

 

 

 

PART IV

 

 

Item 15.

Exhibits, Financial Statement Schedules

141

Item 16.

Form 10-K Summary

143

 

 

i


 

SPECIAL NOTE REGARDING FORWARD-LOOKING STATEMENTS

This Annual Report on Form 10-K, as well as information included in oral statements or other written statements made or to be made by us, contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended, that involve substantial risks and uncertainties. All statements other than statements of historical fact contained in this report, including statements regarding our future results of operations and financial condition, business strategy, and plans and objectives of management for future operations, are forward-looking statements. In some cases, forward-looking statements may be identified by words such as “believe,” “may,” “will,” “potentially,” “estimate,” “continue,” “anticipate,” “intend,” “could,” “would,” “project,” “target,” “plan,” “expect,” or the negative of these terms or other similar expressions. These forward-looking statements include, but are not limited to, statements concerning the following:

our future financial performance, including our expectations regarding our revenue, cost and operating expenses, including changes in technology and development, selling and marketing and general and administrative expenses (including any components of the foregoing), gross profit and our ability to achieve, and maintain, future profitability;
our business plan and our ability to effectively manage our growth;
our cross-border expansion plans and ability to expand internationally;
anticipated trends, growth rates, and challenges in our business and in the markets in which we operate;
the sufficiency of our cash and cash equivalents to meet our liquidity needs;
political, economic, legal, social and health risks, including the COVID-19 pandemic and subsequent public health measures that may affect our business or the global economy;
beliefs and objectives for future operations;
our ability to develop and protect our brand;
our ability to maintain and grow the payment volume that we process;
our ability to further attract, retain, and expand our client base;
our ability to develop new solutions and services and bring them to market in a timely manner;
our expectations concerning relationships with third parties, including strategic partners;
the effects of increased competition in our markets and our ability to compete effectively;
future acquisitions or investments in complementary companies, products, services, or technologies;
our ability to enter new client verticals, including our relatively new B2B sector;
our expectations regarding anticipated technology needs and developments and our ability to address those needs and developments with our solutions;
our expectations regarding litigation and legal and regulatory matters;
our expectations regarding our ability to meet existing performance obligations and maintain the operability of our solutions;
our expectations regarding the effects of existing and developing laws and regulations, including with respect to payments and financial services, taxation, privacy and data protection;
economic and industry trends, projected growth, or trend analysis;
our ability to attract and retain qualified employees;
our ability to maintain, protect, and enhance our intellectual property;
our ability to maintain the security and availability of our solutions;
the increased expenses associated with being a public company; and
the future market price of our voting common stock.

2


 

Forward-looking statements are based on our management’s beliefs and assumptions and on information currently available. These forward-looking statements are subject to a number of known and unknown risks, uncertainties and assumptions, including risks described in the section titled “Risk Factors” and elsewhere in this Form 10-K. Other sections of this Form 10-K may include additional factors that could harm our business and financial performance. Moreover, we operate in a very competitive and rapidly changing environment. New risk factors emerge from time to time, and it is not possible for our management to predict all risk factors nor can we assess the impact of all factors on our business or the extent to which any factor, or combination of factors, may cause actual results to differ from those contained in, or implied by, any forward-looking statements.

You should not rely upon forward-looking statements as predictions of future events. Although we believe that the expectations reflected in the forward-looking statements are reasonable, we cannot guarantee future results, levels of activity, performance, achievements, events, or circumstances. Except as required by law, we undertake no obligation to update publicly any forward-looking statements for any reason after the date of this report or to conform these statements to actual results or to changes in our expectations. You should read this Annual Report on Form 10-K and the documents that we have filed as exhibits to this report with the understanding that our actual future results, levels of activity, performance, and achievements may be materially different from what we expect. We qualify all of our forward-looking statements by these cautionary statements.

In addition, statements that “we believe” and similar statements reflect our beliefs and opinions on the relevant subject. These statements are based upon information available to us as of the date of this report, and while we believe such information forms a reasonable basis for such statements, such information may be limited or incomplete, and our statements should not be read to indicate that we have conducted an exhaustive inquiry into, or review of, all potentially available relevant information. These statements are inherently uncertain and you are cautioned not to unduly rely upon these statements.

Unless otherwise noted or unless the context provides otherwise, all references in this Annual Report on Form 10-K to our “common stock” refers to our voting common stock.

3


 

PART I

Item 1. Business

Our Mission

Our mission is to deliver the most important and complex payments. In an increasingly digital world, getting paid means Flywire.

Our Company

Flywire is a leading global payments enablement and software company. Our next-gen payments platform, proprietary global payment network and vertical-specific software help our clients get paid and help their customers pay with ease—no matter where they are in the world. Our clients rely on us for our integrated solutions that are both global and local, combine tailored invoicing with flexible payment options, and deliver highly personalized omni-channel experiences. We believe we make generational advances for our clients by transforming payments into a source of value and growth for their organizations while delighting their customers with payment experiences that are engaging, secure, fast, and transparent.

There have been substantial strides made in payments technology in the retail and e-commerce industries; however, massive sectors of our global economy—including education, healthcare, travel, and business to business (B2B) payments—are still in the early stages of digital transformation. We estimate the annual addressable volume for these sectors alone to be approximately $11.7 trillion, as more fully described in “Our Market Opportunity”. We believe Flywire is well-positioned to capture a meaningful share of this global payment volume given our ability to provide deeply-integrated digital solutions that address both domestic and cross-border payments.

Our clients, and the types of organizations we serve in education, healthcare, travel, and B2B, require payment processes and experiences that can deliver high-stakes, high-value payments and are specifically tailored to their industry, their business, and their customers. Often, payment solutions have a “one size fits all” approach, without regard for the particular nuances and detailed operations of specific verticals. Without Flywire, organizations often invest substantial resources in building their own payment offerings or rely on disparate legacy systems, which not only fail to meet their or their customers’ needs but also divert meaningful resources away from revenue-generating work. When core payment capabilities like invoicing, diverse payment offerings and reconciliation are inefficient, organizations miss the opportunity to use payments to scale and grow their business.

Flywire was founded to solve these challenges. We aim to power the transformation of our clients’ accounts receivable functions by automating paper and check-based business processes in addition to creating interactive, digital payment experiences for their customers. As a result, clients who implement our cross-border and in-country domestic payments and software solutions can experience improved accounts receivable, higher enrollment in payment plans, and a reduction in customer support inquiries. We help our clients turn their accounts receivable functions into strategic, value-enhancing areas of their organizations.

Over the last decade, we have invested significant resources to build a global network of bank, payment and technology partners that enable us to provide end-to-end connectivity between our clients and their customers in many countries around the world. We have engineered our software-driven payments technology stack to meet enterprise-level standards and functionality while delivering simplicity, convenience and ease of use for our clients and their customers. In addition, we have developed personalized communication channels (e.g., short message service (sms), chat, email, text, or phone) to enhance our clients’ ability to engage with their customers through a digital-first user experience. The result of these investments is our Flywire Advantage.

Our Flywire Advantage is derived from three core elements: (i) our next-gen payments platform; (ii) our proprietary global payment network; and (iii) our vertical-specific software backed by our deep industry expertise.

 

4


 

 

https://cdn.kscope.io/89cc9c78c93683f1e075125ede1a5ecd-img44804101_0.jpg 

Next-Gen Payments Platform. Our platform improves the legacy accounts receivable value chain by facilitating global payment flows across multiple currencies, payment types, and payment options. We do not simply collect payments and track money flows. Rather, our clients integrate our platform into their existing apps and workflows once and have access to a full suite of solutions, including tailored invoicing, settlement and reconciliation tools, single sign-on and checkout, recurring payments, and split payouts. Our platform automates and manages the process from initial invoice delivery through payment settlement and core system reconciliation. In addition, we leverage deep data and analytics to help our clients understand their customers’ historic payment behavior, facilitate transaction matching to optimize costs and offer flexible domestic and international payment plans.
Proprietary Global Payment Network. At the core of our business is our network of global, regional and local banking partners which we have been strategically expanding for over a decade. With a single connection to Flywire, our clients have access to a unique set of payment methods including banks, third-party payment providers, payment networks and digital wallets—making it possible to accept and settle payments in over 240 countries and territories and in over 140 currencies. Our global payment network also provides direct connections to alternative payment methods such as Alipay, Boleto, PayPal / Venmo, and Trustly. Regardless of the currency on the invoice received, our clients’ customers can pay in their local currency with their preferred payment method. Additionally, our global payment network is optimized for country-specific regulatory and compliance standards which often require vertical-specific functionality and processes to serve our clients and their customers.
Vertical-Specific Software Backed by Deep Industry Expertise. We go beyond payments by offering seamless integration of our software within our clients’ existing operating workflows and IT infrastructure. Our team, with decades of industry and domain expertise, designed our cloud-based software to be highly scalable across the types of clients we serve, aiming to solve unique payments and accounts receivable challenges of education, healthcare, travel, and B2B. For example, we have launched over 7,000 client payment portals, each built on our shared payments platform and global payment network but tailored to our clients’ brands and needs. In addition, our software solutions include interactive dashboards to manage payments, reporting tools to streamline reconciliation and customer communication tools to personalize and digitize engagement. This

5


 

enables us to be a hub of omni-channel connectivity, augmenting the relationship between our clients and their customers.

These three core elements of our business fuel a powerful and accelerating flywheel. When we started Flywire, we built a robust payments platform that solved pain points for cross-border payments and delivered simplicity, transparency, and cost-effective solutions. Continued adoption of our payments platform has enabled us to enhance engagement with our clients, create more personalized connections for our clients’ customers and extend our reach. Adding new clients and their customers builds our global scale and deepens our knowledge and expertise, enabling us to streamline and automate complex accounts receivable functions. As shown in the illustration below, as the number of clients using our next-gen payments platform grows, we are able to continue to enhance our end-to-end solutions, tailor our vertical-specific software and expand our global payment network to support more local payment types.

 

https://cdn.kscope.io/89cc9c78c93683f1e075125ede1a5ecd-img44804101_1.jpg 

 

The benefits of our flywheel are visible in the significant scale we have achieved to date. Today, we serve over 2,500 clients around the world. In education alone, we serve more than 2,000 institutions and 2.0 million students globally. In healthcare, we serve more than 80 healthcare systems, including four of the top 10 healthcare systems in the United States ranked by hospital size. In our newer payment verticals of travel and B2B, we have a growing portfolio of more than 300 clients.

Our business model is designed to encourage rapid, widespread utilization of our solutions. We enable our clients to scale the use of Flywire to an unlimited number of customers with favorable unit economics. For the year ended December 31, 2021, we enabled over $13.2 billion of total payment volume across more than 140 currencies. For the year ended December 31, 2020, we enabled over $7.5 billion of total payment volume across more than 130 currencies.

The value of our Flywire Advantage has been recognized, with global financial institutions and technology providers choosing to form channel partnerships with us. Our channel partners include financial institutions such as Bank of America Corporation; payment providers such as China UnionPay Co. Ltd. and Adyen N.V.; and software companies that serve as the core systems in our verticals such as Ellucian Company, L.P. in education and Cerner Corporation in healthcare. These partnerships promote organic referral and lead generation opportunities and enhance our indirect sales strategy.

6


 

We also reach clients through our direct channel. Our domain-experienced sales and relationship management teams bring vertical expertise and regional and local reach that drives high dollar-based net retention. For the year ended December 31, 2021, our annual net dollar-based retention rate was approximately 140%. For the year ended December 31, 2020, despite the impact of the COVID-19 pandemic on our clients and the industries we serve, our annual net dollar-based retention rate was approximately 100%. For the year ended December 31, 2019, our annual net dollar-based retention rate was approximately 128%. In addition, our client and customer service combines high-tech and high-touch functions backed by 24x7 multilingual customer support, resulting in high client and customer satisfaction. For the year ended December 31, 2020, we had a net promoter score (NPS) of 64, which exceeds the average NPS of traditional financial institutions.

The chart below illustrates the year-over-year increases in aggregate revenue less ancillary services from our clients by cohorts that consist of (1) all clients as of December 31, 2017, which we refer to as the pre-2018 cohort, and (2) new clients that we added during the particular year ended December 31 for each year thereafter, which comprise the cohort for that particular year. We believe that this analysis illustrates that our services can continue to provide value to our clients on an ongoing basis and also demonstrates our ability to grow our business with clients over time. A client is included in a particular cohort based on the year in which a client first receives a payment from their customer using our services. We expect cohort revenue less ancillary services will fluctuate from one period to another depending on, among other factors, our ability to increase revenue less ancillary services from our clients within a given cohort and other changes to products and services we offer to such clients. While we believe these cohorts are a fair representation of our overall client base, there is no assurance that they will be representative of any future group of clients or periods.

 

https://cdn.kscope.io/89cc9c78c93683f1e075125ede1a5ecd-img44804101_2.jpg 

We have grown rapidly since our founding. We generated revenue of $201.1 million, $131.8 million and $94.9 million for the years ended December 31, 2021, 2020 and 2019, respectively, and incurred net losses of $28.1 million, $11.1 million and $20.1 million, respectively for those same years. In December 2021, we acquired WPM Group Ltd. (WPM), a leading software provider that enables seamless and secure payment experiences for universities and colleges across the U.K. In February 2020, we acquired Simplificare Inc. (Simplee), a provider of healthcare payment and collections software. Pro forma revenue and pro forma net loss for the year ended December 31, 2020, as if our acquisition of Simplee had occurred on January 1, 2020, was $136.3 million and $13.4 million, respectively.

Benefits of the Flywire Advantage to Our Clients and Their Customers

Flywire sits in between our clients, which include educational institutions, hospitals, travel providers, businesses, and their customers: students, patients, travelers, and businesses. We believe this two-sided relationship makes us

7


 

strategically important for our clients–who rely on us for their complex accounts receivable needs, and for our clients’ customers–who rely on us to deliver their most important payments.

Benefits of the Flywire Advantage to Our Clients

We continuously apply our knowledge and domain expertise in education, healthcare, travel, and B2B payments to expand upon our solutions and meet the specific needs of our clients, while freeing them from cumbersome and legacy financial processes. For our clients, key benefits of our solutions include:

Modern customer-focused payment experience. We enable a convenient and secure online payment experience which can be configured by country, currency, client, and vertical. Our personalization engine leverages our data and applies artificial intelligence (AI) and machine learning (ML) to match the payment preferences of our clients’ customers with the right payment options. By streamlining a previously cumbersome and highly-manual process, our clients have the ability to extend transparency to their customers and proactively engage them through their preferred communication methods.
Simplify payments complexity. We address complexity in payments by providing our clients with a “one-stop shop” offering, substantially reducing the need to work with and manage multiple disparate vendors and systems. Our clients can experience a seamless workflow from start to finish with end-to-end visibility, from invoice to payment to receipt and reconciliation. This helps accelerate funds flow while streamlining operational expenses.
Processing cost savings and enhanced payments yield. We leverage our significant global volume and in-house currency hedging algorithms to mitigate our clients’ risk from currency fluctuation and reduce incremental payment fees, which we believe results in significant cost savings to our clients’ bottom line. Additionally, to optimize affordability for our clients’ customers, we design personalized payment plan offers. By providing a better customer experience, our clients can eliminate time-consuming customer calls and make their operations more efficient. We believe this results in our clients getting paid more quickly and consistently.
Ease of integration. Built on open architecture, Flywire integrates with existing systems and technology, allowing clients to consolidate transactions and accounts, automate payment plans and cash management, and optimize processing through aligned billing-related tools. This ease of integration enables our clients to serve their customers better and faster, increasing satisfaction while reducing costs.
Trusted expertise and a trusted brand. Our clients and their customers view Flywire as a trusted technology partner. With deep roots in each industry we serve, our thought leadership, guidance, and innovation in our solutions, have built confidence and advocacy in Flywire throughout our clients and their customers around the world. We believe we bring a new level of transparency, efficiency, and value to industries that are traditionally characterized by complex operations and held back by services of legacy providers. Additionally, we believe the strength of our information security and compliance that underpins our solutions is a core differentiator that drives client trust.

Benefits of the Flywire Advantage to Our Clients’ Customers

Our digital-first customer experience is designed to make the process of paying invoices simple. For our clients’ customers, key benefits of our solutions include:

Superior and simple payment experiences. Our customer value proposition is simple: we provide a fast and nearly frictionless experience for our clients’ customers’ most important payments. Providing an integrated experience that leverages single sign-on, our clients’ customers can very quickly view real-time account balance updates, receive personalized communication and complete their payments – all as part of a streamlined digital self-service experience. These features can lead to an increase in self-service digital payments and optimized conversion of completed payments.
Customer preference. Using Flywire, our clients’ customers can choose their preferred payment method, currency, and communication channel, such as sms, chat, email, text, or phone. We make it possible to accept and settle payments in over 240 countries and territories and in more than 140 currencies, so our clients’ customers can choose the way they pay using local payment methods that they are most comfortable using.
Flexible on-demand payment options. We believe we provide favorable and transparent payment plans that can lead to increased engagement and enrollment by our clients’ customers. As a result, our clients’ customers

8


 

can spread expenses across smaller, easier-to-manage payments. Our payments platform also enables our clients to offer their customers the choice to either front-load payment plans or provide extension options beyond service delivery.
Customer confidence. Navigating the world of complex cross-border payments can be overwhelming for our clients’ customers. With our superior customer experience including around the clock multilingual support, we believe that we give customers the confidence that their payments are delivered securely, accurately, and on time.

How Our Flywire Advantage Works

Our clients’ needs extend beyond simple payment processing. Enabling our clients to use enhanced payment functionality to drive business value as well as streamlining and automating their domestic and cross-border payment operations, requires a specialized approach that combines a secure, reliable, and robust suite of payments and software solutions with a seamless customer experience.

To achieve this, we leverage our Flywire Advantage and its three core elements: (i) our next-gen payments platform; (ii) our proprietary global payment network; and (iii) our vertical-specific software backed by our deep industry expertise.

Next-Gen Payments Platform

Our next-gen payments platform is designed for payment processes and experiences that can deliver high-stakes, high-value payments. Through a single connection to our platform, we support the entire lifecycle of a domestic or cross-border transaction across online, mobile or in-person channels. This eliminates the need to work with multiple vendors and payment providers.

For the years ended December 31, 2021 and 2020, we enabled over $13.2 billion and $7.5 billion, respectively in payment volume across multiple payment types, including local bank transfer, credit, debit and other alternative payment methods such as Alipay, Boleto, PayPal / Venmo, and Trustly. The majority of our payment volume is not card related and is completed over our global payment network. This reflects the myriad of payment options enabled by our global payment network that are critical for the larger, more complex payments that we handle.

We designed our next-gen payments platform to be:

Integrated. Fully unified and seamlessly connected to a broad range of core operating systems, facilitating easy data capture and compatibility across a broad range of solutions;
Flexible. Supports complex workflows and payment experiences for both in-country domestic and cross-border payments; and
Secure. Leverages Payment Card Industry-validated Point-to-Point Encryption tokenization and other best-in-class and regulatory-compliant security measures.

By utilizing predictive analytics, ML and AI, we handle the complexities of money movement across borders while providing fast, compliant, and transparent receipt of payments. Our AI and ML enabled fraud detection risk engine has trained against millions of automated clearing House (ACH), check, card, and wire transactions. As a result, the enhanced power of our risk engine enables us to mitigate fraud.

Our comprehensive payments offering enables our clients to provide their customers a choice of cost-effective payment methods, currencies, and terms while enjoying a seamless digital experience. Our offering, supported by Flywire’s security, risk, and compliance monitoring tools, includes:

enhanced invoicing, settlement and reconciliation tools that simplify billing and customer payments and better manage cash flow and revenue;
end-to-end processing, from authorization to clearing to settlement and reconciliation;
turnkey solution for enhanced and secure single sign-on and checkout;
recurring, split and flexible payment options, including robust payment plan logic that can be tailored in our vertical-specific implementations; and

9


 

unified reporting and analytics tools through direct integrations to client back-end infrastructure.

Below is a sample funds flow for a traveler from Australia taking a ski vacation in Japan paying in their local currency and with their preferred method of payment, such as a bank transfer of Australian Dollars to Japanese Yen, without incurring hidden fees, and with exchange rate protection. The illustration shows how our next-gen payments platform can be configured and activated at the client level, and deliver a seamless experience from any country of payment or receipt.

 

https://cdn.kscope.io/89cc9c78c93683f1e075125ede1a5ecd-img44804101_3.jpg 

In addition to international expansion, we are accelerating the growth of our in-country domestic accounts receivable business, both by selling new solutions to existing clients and gaining new clients. Many of our clients who successfully use our payments platform to process cross-border payments require a similar solution for in-country domestic payments, which have similar challenges: they are reliant on home-grown or legacy solutions with limited or inflexible capabilities and often require time consuming manual updates. With our payments platform, clients are able to streamline payment processes and offer their customers flexible payment options, without the expense of building their own systems—for both in-country domestic and cross-border transactions.

Proprietary Global Payment Network

Our proprietary global payment network is comprised of global, regional and local banks and technology and payment partners around the world. We believe the extensive global reach and breadth of our network, serving more than 240 countries and territories, provides a strong competitive advantage. Additionally, we have local market knowledge and expertise to enable funds flow in some of the hardest to reach markets. We have also assembled redundant payment rails, wherever possible.

With Flywire’s network, our clients can take advantage of our “local-in / local-out strategy”—providing access to pay-in options, such as local bank transfers, card-based payments, and alternative payment methods, while enabling pay-out capabilities in our clients’ preferred local payment methods.

We believe our receive-side network sets us apart. Flywire clients, no matter the vertical or market they are in, can receive a single daily payment in their preferred currency that aggregates and reconciles all their customer payments made via Flywire from around the globe—across approximately 3,400 geographic corridors for 2021 representing transaction flows between payers and payees. The illustration below shows our top payment corridors, with a scale of connections denoting the relative payment volume originating from the applicable country.

10


 

 

https://cdn.kscope.io/89cc9c78c93683f1e075125ede1a5ecd-img44804101_4.jpg 

 

(1)
The chart above represents relative payment volume based on the country from which our client’s customer’s payment originates. Revenue is recognized by the entity providing the service. As a result, payment volume by originating geography does not correlate with revenue recognition.

Once our clients are connected to our global payment network, they can leverage an extended range of services and capabilities, including:

Transaction routing optimized for cost, risk and compliance management. We leverage the “plug and play” configuration of our global payment network and our proprietary payment-routing engine to analyze costs, currency exchange rates and payment acceptance data. Based on our analytics, we can configure optimal transaction routing that increases authorization rates in a secure and compliant manner, while reducing our processing costs and the costs to our clients’ customers.
Local clearing capabilities. Our clients’ customers have the ability to authorize and clear transactions in over 240 countries and territories through our connectivity to banks and major payment networks. Payments are made through direct connections to global, regional and local banks or through relationships with our payments partners including Citigroup Inc. These connections and relationships help us create local clearing hubs which enable our clients and their customers to have a local payments experience.
Ecosystem of alternative payment methods. We offer a myriad of alternative payment methods, such as Alipay, Boleto, PayPal / Venmo, and Trustly, to allow customers to choose how they pay. We believe this helps promote greater adoption of our payments platform, higher levels of engagement and satisfaction, and increased value across our ecosystem.
Global pay-out. We enable our clients to automate disbursements and seamlessly settle in over 140 currencies via pay-out options including local currency bank deposits. We believe we are able to settle pay-out more quickly given our end-to-end control and visibility of the transaction process.

11


 

Tailored and scalable regulatory and compliance infrastructure. This foundational element underpins our global payment network. We have fraud and transaction monitoring tools designed to accommodate multiple industry verticals. We combine this with the application of know-your customer (KYC) and anti-money laundering (AML) standards that are tailored to meet the applicable requirements of the jurisdictions where our clients operate. In addition, we leverage our in-depth knowledge of the markets in which we operate to execute tactically while complying with local licensing and regulatory requirements.

Vertical-Specific Software Backed by Deep Industry Expertise

We tailor our software to meet the needs of each vertical market we serve. We do so by leveraging our industry expertise and knowledge to develop a comprehensive view of our clients’ complex business challenges. We learn to “speak our clients’ language” and tailor their invoicing processes and payment options to their specific situations.

We offer deep integration within our clients’ existing apps and workflows for seamless payment acceptance and reconciliation. Our integrations, supported by our application programming interfaces (APIs), include some of the largest and most recognized accounting and enterprise resource planning (ERP) systems, such as Ellucian Company, L.P. in education, Epic Systems Corporation in healthcare, Rezdy Pty Ltd in travel, and Oracle Corporation in B2B payments. Through these integrations, our clients are able to reduce the number of banks and technology and payment providers on which they rely, while achieving faster settlements and lower wire and transaction fees.

Specific features of our vertical-specific software include:

Vertical-specific digital workflows. We help our clients automate the accounts receivable process from creation of an invoice, to delivery to the customer, to receipt of funds and synchronization back to their ERP system. In these workflows, we provide enhanced capabilities that improve customer satisfaction and may increase the collectability of amounts owed (e.g., offering patients of a health system the option to create a payment plan if they are unwilling or unable to pay their full amount due in a single payment). We provide timely status updates of financial inflows and outflows by indicating when invoices are delivered, opened, and paid. Our robust reporting tools provide our clients with a real time overview of their business’ payments profile.
Integration and synchronization to core and industry specific systems. Our software is designed to automate accounts receivable reconciliation by synchronizing customer transactions with our client’s accounting and ERP systems. Our synchronization capabilities substantially reduce double data-entry and increase efficiency.
Real-time access. By leveraging our data, our clients can access real-time invoice and payment status updates, facilitate seamless communication with customers and easily track payments from their customers.
Predictive analytics. We have robust predictive analytics capabilities to assess payment transactions across our client base and to intelligently determine the appropriate pricing or payment plans. For example, in healthcare, we have built a personalization engine that enables hospitals and healthcare systems to better predict a patient’s capacity to pay and tailor the payment options they are offered, all in accordance with the hospital’s business rules.

Below is an illustration of how a large hospital client utilizes our software to personalize patient engagement with payment options and billing conversations. We solve capacity to pay for our clients’ customers (with payment plans or other intelligent promotional financing) and we engage with them through their preferred communication methods (e.g., sms, chat, email, text, or phone). In turn, our clients are able to maximize yield on their accounts receivable potential, resulting in higher net payments, lower call volume, lower debt outstanding and most importantly, lower costs and happier patients.

12


 

https://cdn.kscope.io/89cc9c78c93683f1e075125ede1a5ecd-img44804101_5.jpg 

Our Industry

We believe Flywire plays a critical role in helping digitize transactions in traditionally underserved markets, facilitating in-country domestic and cross-border invoicing and payments, automating reconciliation, and providing a seamless experience for our clients’ customers. Our ability to deliver the most important and complex payments both domestically and internationally has become increasingly valued by our clients due to the following trends:

Globalization—and the rise of a “borderless” economy—requires global, cross-border and local payment and regulatory expertise

As the world becomes more connected, it is both easier and harder to do business. Consumers want to make payments across borders with ease and want to have a personalized experience in their language and in their local currency. Businesses are attempting to satisfy this demand, but we believe they often struggle to deliver truly global capabilities. Providing a solution that meets the needs of our global client base extends beyond simple payment processing. Enabling, streamlining, and automating our clients’ in-country domestic and cross-border payment operations requires a specialized approach that combines a secure, reliable, and robust suite of payments and software solutions with a seamless customer experience. We believe we can deliver extensive global reach and bring local market knowledge and expertise to keep up with the rapidly changing payments landscape.

Globalization has also increased the complexity of the regulatory landscape that our clients need to navigate. Consumers and businesses are required to understand and adhere to extensive and often incongruous sets of laws and regulations in both local and cross-border regimes. For example, many countries with significant cross-border flows require distinct paperwork to be collected, validated and recorded as part of currency export compliance for high-value payments. Furthermore, we believe that clients often lack the policies, procedures and systems in order to implement and monitor strict compliance. We believe that the result is often costly and manual review processes, which can also increase the client’s risk of penalties and fines. We endeavor to actively manage the global complexities of regulation for our clients’ payments while implementing innovative solutions intended to make the entire process more efficient and user-friendly.

The shift to software-integrated digital payments is accelerating

As business and consumer transaction expectations shift with digitization, providers of modern payments platforms with industry-specific software have begun to displace legacy systems. Businesses and consumers have come to expect that all payment flows, especially for high-value services, are settled with the same ease as typical e-commerce purchases. Additionally, we believe the COVID-19 pandemic will serve as a catalyst in accelerating digital transaction volumes as customer preferences continue to shift to contactless, online and mobile. We expect these trends will impact all industries and force many businesses to accept new digital payment methods. We believe fully integrated payments

13


 

and software solutions, including those provided by us, enable businesses to offer seamless payment experiences, minimize friction at the point-of-sale and respond to evolving customer preferences.

Legacy payment and accounts receivable management infrastructure has significant limitations and is ripe for innovation

Even in some of the largest industries in the world, such as education, healthcare, and travel, legacy payment and accounts receivable infrastructure has not evolved to streamline complexities nor enhance efficiency as demanded by organizations or their customers. This legacy infrastructure has the following limitations:

Paper-based. The accounts receivable process, from creation of an invoice to delivery to the customer, is most often still dependent on paper. This paper-based workflow not only results in payment flows that are slow, error-prone, and less secure, but is also costly for businesses. Organizations that process substantially all of their accounts receivable by automated or electronic means report half the accounts receivable processing costs of those that do not, according to survey data from the American Productivity and Quality Center (APQC). We digitize and automate the accounts receivable process from start to finish, allowing clients to rely on our solutions and save on their accounts receivable transaction and processing costs.
Manual. Legacy workflows require manual input of employees at every stage of the accounts receivable process: from opening an envelope, logging the receipt, getting approvals, cashing the check, to proper accounting and compliance. This repetitive employee engagement significantly slows down payment flows, increases likelihood of error, and is more expensive for businesses. Organizations that automatically generate the vast majority of their invoices reported processing almost twice as many invoices per invoicing full-time equivalent (FTE) compared to those that do not, according to survey data from the APQC. Our clients can easily leverage our solutions for traditional back-office tasks, with less manual labor involved from start to finish.
Disparate. Many businesses deal with multiple accounting and reconciliation systems to process a single transaction flow. According to APQC survey data, inefficient processing of receivables requires almost 2.5 times as many FTE resources compared to top-performing organizations for the same dollar volume. Instead of relying on stacks of disparate technology systems that were not built to work together in the context of a seamless experience, our clients can use our solutions to automatically synchronize customer transactions while leveraging their existing IT infrastructure.
Lacking functionality and capabilities that drive value. A large number of businesses attempt to use their current accounting or ERP systems for accounts receivable management. These systems often lack functional and analytical capabilities to calibrate and present optimal payment options that could improve customer experience and maximize client yield on their accounts receivable. In contrast, our predictive analytics capabilities provide valuable insights to help drive business decisions and allow our clients to tailor their offerings. For example, our clients can see when a payment plan may be helpful to one of their customers, allowing them or their customers to initiate a payment plan. This insight and functionality can ultimately increase the speed and frequency of collection and improve customer satisfaction.

Accelerating digitization of B2B payments

We believe the B2B payments market remains one of the largest untapped opportunities in the payments industry. For the year ended December 31, 2021, only 51% of invoices were electronic according to Ardent Partners, and more than one-third of B2B / government to business payments were made by cash or check according to Mastercard. Few payments and software companies have end-to-end integrated payments solutions including accounts receivable software, omni-channel offerings, cross-border capabilities and other value-added services. Most often, providers only offer one or two of these capabilities and require clients to employ other piecemeal point solutions. The unique combination of our next-gen payments platform, proprietary global payment network, and vertical-specific software enables us to design and deliver a comprehensive suite of solutions that help our business clients get paid by their customers.

Our Market Opportunity

We believe the trend of digitizing payments is inevitable across all industries. When businesses and consumers make payments, they expect a quick and easy process. On the receiving end, businesses expect to accept payments from different sources and countries, and reconcile them from within one system, but without added complexity or additional costs.

14


 

Many industries still lack the digital payments infrastructure that is necessary to meet customer demand and solve operational inefficiencies. For example, the majority of healthcare payments are still made by check. Likewise, in education, budget shortfalls and jobs impacted by the COVID-19 pandemic, along with rising tuition costs, have added financial strain and created collections problems.

These inefficiencies are costly. According to a study by Deloitte, middle-market businesses incur $3.3 trillion in operational costs when reconciling invoices as a result of inadequate legacy solutions, such as disparate file formats and lack of back-office support for automated remittances.

Despite these shortfalls, the demand for domestic and cross-border money movement continues to accelerate and global payments present one of the largest market opportunities. For the primary industries we currently serve, we estimate the current addressable market for our solutions to be approximately $1.7 trillion in global payment volume, including education ($660 billion)(1), healthcare ($500 billion)(2) and travel (approximately $530 billion).(3)

Additionally, our B2B payments offering expands the addressable market for our solutions, which we estimate to be over $10 trillion in addressable B2B payment volume(4). Given Flywire’s existing penetration of key verticals, ability to integrate with a broad range of core systems and continued investments in our next-gen payments platform, proprietary global payment network, and vertical-specific software, we believe we have the opportunity to capture a meaningful share of this payment volume.

Our Growth Strategy

We believe we have a significant opportunity to build on our success and momentum to date. The key elements of our growth strategy include:

Expand Our Client Reach

Grow with existing clients. We intend to continue to become a more integral part of our clients’ businesses as the number of our clients’ customers who utilize our solutions increases. Our track record of organic growth with our clients is demonstrated by our three-year average annual net dollar-based retention rate, which was approximately 123% for the years ended December 31, 2019 through December 31, 2021. As our clients transform and digitize their operational workflows, we plan to encourage them to add additional solutions, such as tailored invoicing, payment plans, and eStore marketplace.
Continue to win new clients. We plan to expand our sales and marketing efforts to increase brand awareness and highlight the value of our solutions. We believe this will attract new clients to Flywire and as we add more clients, we can accelerate the effects of our flywheel.
Increase payments platform monetization. We have the opportunity to offer additional complementary payment services to our clients’ customers in support of our clients’ business goals. We intend to leverage our Flywire Advantage by expanding the number of use cases we can address such as handling payables in education, business invoices in hospitals, and commissions in travel.
Expand our solution portfolio. We expect to continue investing in our solution portfolio by expanding the breadth and depth of our payments and software capabilities. For example, over the last year, we introduced various new solutions to help our clients better meet the needs of their customers including pre-service capabilities in healthcare and international payment plans in education.

Expand Our Ecosystem Through Channel Partnerships

While the majority of our clients to date have been acquired by our direct sales team, we expect that continued engagement with channel partners, including financial institutions and providers of enterprise software solutions in our key verticals, will enhance our client acquisition efforts and drive continued growth. We also believe our channel partners, which include consultants specialized in our industry verticals, will help amplify the reach and visibility of our solutions to clients worldwide.

 

(1)
Based on net household payments to educational institutions in OECD countries in 2020 according to the Organisation for Economic Co-operation and Development and payments made to private education institutions in Southeast Asia in 2015 according to EY Parthenon.
(2)
Based on U.S. out of pocket healthcare spending in 2019 according to the Centers for Medicare & Medicaid Services and cross-border healthcare payments in 2020 according to Patients Without Borders.

15


 

(3)
Based on global travel industry revenue in 2020 according to IBISWorld and management’s estimates that approximately 41% of the non-business and professional travel payment volume is addressable by our solutions.
(4)
Based on cross-border B2B inflows revenue in 2020 according to Juniper and management’s estimates that at least 75% of total B2B payment volume is made by medium to large businesses and is potentially addressable by our solutions.

Expand to New Verticals and Geographies

We leverage our Flywire Advantage to scale into new verticals and geographic markets. We have a strong track record of expanding efficiently into new verticals and geographic markets, as we have shown in healthcare, travel, and B2B payments and in the expanded reach of our global payment network. We see a large and significantly underserved opportunity for clients domestically and internationally to benefit from our payments platform, global payment network and vertical-specific software. Additionally, there are other industries, including real estate and government taxes, that we believe are poorly digitized and could benefit from our solutions.

Pursue Strategic and Value-Enhancing Acquisitions

We intend to continue to complement and accelerate our organic growth strategies through acquisitions. We have a successful record of identifying, executing, and integrating acquisitions, and we intend to continue to pursue acquisitions through a highly disciplined approach. We also have the scale to be an attractive and reputable consolidator in the payments markets as evidenced by our ability to retain nearly all of the clients and employees from our UniPay, OnPlan, and Simplee acquisitions. We believe our approach and breadth of experience in integrating culturally-aligned businesses position us to maximize the value we derive from future acquisitions.

Our Flywire Culture and Team

As an organization, our culture is founded on our shared experiences, unique and diverse backgrounds, and belief in our mission to deliver on the most important and complex payments. As a collective team of 665 FlyMates, we strive for excellence as one team, guided by our core values, including:

Global collaboration. We believe in teamwork.
Authenticity. We never compromise on integrity, honesty, and kindness.
Fulfillment. We strive for personal and professional satisfaction.
Execution. We accomplish our goals through collective support and accountability.
Ambitious innovation. We continuously look to deliver more and new value to all our constituents.
Evolved learning. We believe in new challenges and constant growth.

Our leadership team defines our culture and strategy and collectively has decades of experience leading companies through rapid growth at scale. Representing approximately 40 nationalities and spoken languages, our diverse team of FlyMates deliver critical domain expertise and regionally tailored skill sets to our clients 24x7. We believe our team’s relentless client focus and adherence to our shared values are evident in our 2020 NPS of 64, and will continue to define our future success.

Our Business Model

We derive revenue from transactions and platform and usage-based fees. Each new student tuition bill, patient visit, travel journey and business invoice, is an opportunity for us to generate fees.

Our revenue is highly re-occurring in nature due to the mission-critical nature of our solutions that are deeply integrated within our clients’ existing operating workflows and IT infrastructure. We believe the depth and breadth of our solutions help our clients get paid faster and with less friction. This enables us to develop long-standing relationships with our clients, which in turn also drive strong retention and significant cross-selling opportunities.

An Illustration of Our Solution

We simplify domestic and cross-border payment transactions for our clients by eliminating the need to work with disparate vendors for invoicing, global pay-in and pay-out, compliance and risk management and more. Through a single connection to Flywire, we enable our clients to securely accept and reconcile payments and engage with their customers.

16


 

The illustrations below depict how Flywire manages both international and domestic payments for a representative education client.

International Payment Example: In the first example below, a Chinese student paying their tuition to a Canadian university experiences a seamless process from start to finish—choosing their preferred payment method and currency. For our client, the accounts receivable process is automated and streamlined from invoice to receipt and to reconciliation and real-time ERP updates. For our cross-border payments, we have short term foreign exchange exposure, typically between one and four days; we leverage our in-house currency hedging algorithms, and enter into non-deliverable forward foreign currency contracts, to mitigate the volatility related to fluctuations in the foreign exchange rates. For additional discussion about our foreign exchange exposure, please see “Management’s Discussion and Analysis of Financial Condition and Results of Operations - Quantitative and Qualitative Disclosures About Market Risk”.

https://cdn.kscope.io/89cc9c78c93683f1e075125ede1a5ecd-img44804101_6.jpg 

Domestic Payment Example: The example below illustrates the process of offering payment plans to domestic students, which can be set up by either the school or the student.

 

https://cdn.kscope.io/89cc9c78c93683f1e075125ede1a5ecd-img44804101_7.jpg 

17


 

From the same payments platform, we manage the entire payment process for our clients with the only difference being the type of payment offering selected to meet the needs of their customers, whether that be international or domestic.

Our Go-To-Market Strategy

Our direct sales channel is core to our go-to-market strategy. We believe that regional, vertical, and broader domain expertise, as well as continued client management, are critical to our sales success. Our regional sales teams are located in the United States, Canada, Latin America, Europe, and the Asia Pacific region including Singapore, Japan, and Australia. Our relationship management team augments direct sales capabilities by cultivating existing relationships and identifying cross-sell and up-sell opportunities of additional solutions, contributing to our strong dollar-based net retention rate. We believe that our ability to understand the nuanced pain points of education, healthcare, and travel accounts receivable is a strategic advantage enabling us to gain clients in those verticals, while our broader domain expertise in payments, treasury, and banking is critical to executing on our broader B2B payments expansion.

We focus our sales and marketing efforts on generating leads to develop our sales pipeline, building brand and vertical awareness, scaling our network of partners, and growing our business from our existing client base. Our sales leads primarily come through inbound digital channels including our website, content marketing efforts, lead generation and account-based marketing tactics, virtual events, and industry trade shows and associations.

We typically follow a “land-and-expand” strategy as our clients engage with us on more than one solution as we grow our partnership. For example, in education we have a high success rate expanding beyond solving cross-border payments needs, with clients also adopting our domestic solutions or full-suite enterprise solution. Once our clients experience the depth of our ability to handle their multi-faceted accounts receivable and payments needs, our relationship managers are able to successfully cross-sell and up-sell other solutions, creating a large avenue of revenue generation with minimal incremental acquisition cost.

We also reach clients indirectly through our channel partnerships, integrations with workflow software, and other technology providers. Our channel partners include financial institutions, such as Bank of America Corporation, as well as a number of referral partners such as Tribal Group and Cerner Corporation. Additionally, Flywire has integrations with leading accounting and ERP systems, such as Oracle Corporation, Ellucian Company, L.P., Epic Systems Corporation and Rezdy Pty Ltd.

Our Technology and Architecture

Our unified technology is at the core of our Flywire Advantage. The scale and complexity of the product implementation challenges that we address for our clients and their customers cannot easily be addressed through today’s legacy systems and outdated infrastructure. Instead, it requires our combination of a modern technology stack, cloud-native infrastructure, and investment in product and engineering management talent.

Our engineering approach includes a DevOps culture, microservice architecture, continuous delivery, and the use of containers to enable shorter development lifecycles. We also operate independently-deployable services that are critical to supporting verticals and reliability across operating environments. Our product and engineering leadership team has a long history of payments and payments technology experience, with domain expertise across our verticals.

18


 

Our technology stack is comprised of the following:

https://cdn.kscope.io/89cc9c78c93683f1e075125ede1a5ecd-img44804101_8.jpg 

Payments-as-a-Service

Our next-gen payments platform includes the infrastructure required to support more than just simple money flows:

Payment services. Our technology to capture the payment from our clients’ customers.
Enabling services. Our proprietary pricing engine, foreign currency exchange hedging infrastructure, and ML technology to manage fraud and AML risk.
Transaction processing services. Our routing capabilities enabled by our automated technology to deliver on-time payments to the appropriate destination.

Software-as-a-Service

Our vertical-specific software leverages our payments platform to provide industry specific solutions and deliver “last mile” connectivity to our clients’ operating systems and their customers. Our applications address complex billing and domestic and cross-border payment processes, while delivering a near seamless payment experience. Additionally, our personalization engine, delivered as a software solution and leverages our AI and ML and deep analytics systems.

Public Application Programming Interface (API)

We recently launched a direct public API that sits on top of our payments platform. For organizations of all sizes, from smaller businesses to larger enterprises who want to control the customer experience, we can expose our API for easy integration, significantly reducing the time to realize advantages from the use of our solution. This public API capability significantly enhances our ability to scale and to execute on our growth strategies.

Our technology is designed for speed, resilience and reliability. We believe we demonstrated our ability to scale when we entered the broader B2B market and were able to leverage engineering solutions and APIs in our other verticals, including a native module integrated into NetSuite. Our technology enables us to process transactions in real-time, regardless of origin, destination or amount. For example, in education, our deep, customized integrations within our clients’ systems can lead to the difference between on-time enrollment or missed registrations—a difference that cannot be delivered through batch processes that are not posted instantaneously. We leverage Amazon Web Services (AWS) for our cloud redundancy, and tools such as Site24x7, Pingdom, Cloudflare, and PagerDuty for an uninterrupted experience for our clients.

19


 

Our Compliance and Risk Management Foundation

We have a dedicated compliance and risk management function. We have implemented the practices to help us protect our business and assure our clients and payment partners that our processes are compliant and meet or exceed their exacting standards, including advanced and agile practices for risk governance and a monitoring program that leverages key data inputs and software. We have robust AML, suspicious activity reports (SARs) and client KYC procedures. We also devote considerable resources to our data and cyber security. In addition, we possess key certifications across the verticals we serve, which we believe is an important aspect of why our clients choose to work with us. These audit-tested certifications and risk program features, which in many cases apply with specificity to the verticals we serve, include: third party certifications for Service Organization Control 2, Payment Card Industry Data Security Standard (PCI DSS), and Americans with Disabilities Act (ADA) compliance, as well as systems and processes designed to ensure compliance with the General Data Protection Regulation (GDPR) in Europe, the Data Security Law and Personal Information Protection Law in China, the California Consumer Protection Act (CCPA), the Personal Information Protection and Electronic Documents Act in Canada, Family Educational Rights and Privacy Act (FERPA), and Health Insurance Portability and Accountability Act (HIPAA), among others.

Our experienced team, coupled with our advanced technology and software tools, helps us navigate the challenges of global payments in a compliant manner:

Local and global regulatory regimes. We believe we are able to react nimbly to global and local regulatory changes that affect our business. For example, we managed potential Brexit implications and were able to obtain additional licensing in Europe so that our critical services to our clients and their customers would not be impacted.

Locally, we often work with licensed and regulated payment service providers (PSPs) to bring more familiar solutions to our clients’ customers and to leverage their regulatory insight. This insight can be a valuable tool to deliver differentiated services to our clients to help them stay in front of laws that may impact their business. For example, in India, we addressed new tax withholding requirements for our clients’ customers and deployed a solution to help with their education-related payments.

Currency controls and exemptions. We have developed robust controls to comply with the requirements of handling cross-border payments. For example, in certain jurisdictions where it is required, we are able to help track and prove purpose-driven payments through digital document collection and verification integrated with our clients’ systems.
Transaction-level risks. Our payments platform subjects payments to a series of controls, to mitigate the risk of facilitating fraud, money laundering, or transactions subject to sanctions. Payment information, historical activity and user behavior are utilized to identify potentially fraudulent transactions. All payments are monitored for suspicious behavior consistent with money laundering or terrorist financing, and all alerted activity is investigated by our internal team of experienced analysts. We also screen sender and receiver information, along with geolocation data, against relevant international watch lists.

In addition, we have FlyMates in the compliance and risk management function located around the world where we have operations to address the needs of the business in real-time.

Competition

Our primary competition consists of legacy payment methods such as traditional bank wires provided by local, regional and global banks and money transfers from remittance companies. Other competitors include integrated payment providers focused on cross-border payments; B2B payments platforms; and vertical-specific software solutions offered by local niche players.

We believe many legacy payment providers are hindered by limitations such as antiquated technology systems, insufficient solution and service offerings, poor user experiences, and unsatisfactory client and customer support. Our modern technology stack, combined with our innovative and flexible suite of solutions, addresses many of the issues that clients face today, including:

friction in client and customer experiences;
lack of a scaled global network;

20


 

limited software and payments offerings;
inability to adapt to new technology; and
unsophisticated fraud prevention and risk management tools.

We believe that we compete favorably on the basis of these factors.

Intellectual Property

We protect our intellectual property through a combination of trademark, copyright, and trade secret laws, as well as confidentiality procedures and contractual restrictions, to establish and protect our proprietary rights both domestically and abroad. These laws, procedures and restrictions provide only limited protection. We endeavor to enter into agreements with our employees, consultants and contractors and with parties with whom we do business in order to acquire intellectual property rights developed as a result of service to Flywire, as well as to limit access to and disclosure of our proprietary information.

We actively pursue registration of our trademarks, logos, service marks, trade dress, and domain names in the United States and in other jurisdictions. As of December 31, 2021, we had 106 registered trademarks and trademark applications, and were the registered holder of a variety of U.S. and international domain names.

From time to time, we also incorporate certain intellectual property licensed from third parties. Even if any such third-party technology was not available to us on commercially reasonable terms, we believe that alternative technologies would be available as needed.

For additional information about our intellectual property and associated risks, see the section titled “Risk Factors–If we fail to adequately protect our proprietary rights, our competitive position could be impaired and we may lose valuable assets, generate less revenue and incur costly litigation to protect our rights.”

Regulation and Industry Standards

Various aspects of our business and service areas operate in a quickly evolving regulatory environment, and are subject to U.S. federal, state, and local regulation, as well as regulation outside the United States. Certain of our services also are subject to rules promulgated by various card networks and other authorities, as more fully described below. These descriptions are not exhaustive, and these laws, regulations and rules frequently change, are subject to differing interpretations or enforcement, and are increasing in number.

We are registered as a Money Service Business (MSB) with the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) and are subject to the Bank Secrecy Act of 1970, as amended by the USA PATRIOT Act of 2001, and its implementing regulations, collectively, the BSA, and certain obligations contained therein, including, among other things, certain record-keeping and reporting requirements, and examinations by FinCEN.

The BSA is the primary compendium of U.S. laws and regulations regarding AML and countering the financing of terrorism (CFT). As required under the BSA, we have implemented and continue to expand an AML and CFT program designed to prevent our payments platform from being used to facilitate money laundering, terrorist financing, and other financial crimes. Our program is also designed to prevent our payments platform and global payment network from being used to facilitate business with certain individuals, entities, countries, and territories that are subject to economic or trade sanctions that the U.S. Department of the Treasury’s Office of Foreign Assets Controls (OFAC) and various foreign authorities administer or enforce. Our AML and CFT compliance programs include policies, procedures, and controls that are designed to address these legal and regulatory requirements and to assist in detecting and preventing the use of our payments platform to engage in money laundering or terrorist financing activity. Program elements include, without limitation, the designation of a BSA/AML Officer to oversee the programs, KYC procedures, processes to detect and report suspicious activity, sanctions screening, employee training, annual third-party independent testing, and risk-based procedures for conducting ongoing customer due diligence.

If our compliance programs are found to be deficient, we could lose key relationships with banks, merchant acquirers, and other payment partners on which we rely to carry out our business. Fines, penalties or sanctions for the violation of AML and CFT laws and regulations may be severe and our efforts to remediate issues may be costly, may result in diversion of management and staff time and effort, and may still not guarantee compliance.

21


 

Most states in the United States require a license to offer money transmission services. We have taken the position that Flywire’s business to date is exempt from licensure under various state money transmission laws, either expressly as a payment processor or agent of the payee, or pursuant to common law as an agent of the payee. We actively work to evaluate, and if applicable, comply with new license or regulatory requirements as they arise. Although we believe we have defensible arguments in support of our positions under the state money transmission statutes, we have not expressly obtained confirmation of such positions from all of the state banking departments who administer the state money transmission statutes. It is possible that certain state banking departments may determine that our activities are not exempt from licensure. In the past, certain competitors have been found to violate laws and regulations related to money transmission, and they have been subject to fines and other penalties by regulatory authorities. Regulators and third-party auditors have also identified gaps in how similar businesses have implemented AML and CFT programs. The adoption of new money transmitter or MSB statutes, or changes in regulators’ interpretation of existing state and federal money transmitter or MSB statutes or regulations, could subject Flywire to new registration, licensing or other requirements. Any determination that Flywire is in fact required to be licensed under such state money transmission or MSB statutes may require substantial expenditures of time and money and could lead to liability in the nature of penalties or fines, as well as cause us to be required to cease operations in some of the U.S. jurisdictions we serve.

We are in the process of procuring money transmitter licenses (or the statutory equivalent) in those U.S. jurisdictions that require them in order to be able to offer additional business lines in the future. We have procured and maintain money transmitter licenses in 41 U.S. jurisdictions, and actively work to comply with new license requirements as they arise. These licenses subject us, among other things, to record-keeping requirements, reporting requirements, bonding requirements, limitations on the investment of customer funds, and examination by state regulatory agencies. Any actual or perceived failure to comply with legal and regulatory requirements related to our money transmitter licenses may result in, among other things, revocation of required licenses, regulatory or governmental investigations, administrative enforcement actions, civil and criminal liability, and constraints on our ability to continue to operate.

Similar regulatory requirements exist in other markets where we do business. For example, local Flywire entities are licensed as Authorised Payments Institutions in each of the United Kingdom (U.K.) (regulated by the Financial Conduct Authority (FCA)) and Lithuania (regulated by the Bank of Lithuania (BOL)), and Australia (regulated by the Australian Securities & Investments Commission (ASIC)). When serving clients in these regulated markets, we are generally required to implement governance structures, AML and CFT programs and KYC standards that are different from those in the U.S., and which incorporate local or European Economic Area (EEA) requirements. The FCA in particular has been an active regulator, and as a result of Brexit, we were able to both obtain a license from the BOL and continue to serve our EEA clients through the “passporting” principle without any interruption of service. In other non-U.S. markets, we are able to serve clients in locations that either do not require Flywire to obtain a license or pursuant to a specific exemption issued by the applicable regulator.

In addition, several jurisdictions where our clients’ customers reside impose currency export controls (e.g., China and India), taxation at source or other documentation requirements before money can be converted into destination currency and sent abroad. Generally, our local payment partners in these locations will assist in ensuring the customers meet these requirements, but it is often the case that we need to ensure that the Flywire payment experience accommodates the unique and ever-changing regulatory environments where our clients’ customers are located.

There are also a number of U.S. federal and state consumer finance and consumer protection laws that may impact Flywire’s business. States have a myriad of statutes and case law precedent addressing when credit card surcharges or convenience fees may be imposed by third-party service providers and under what circumstances they are prohibited. In addition, Dodd-Frank created the Consumer Financial Protection Bureau (CFPB), which has assumed responsibility for implementing and enforcing most federal consumer financial protection laws and a prohibition on unfair, deceptive and abusive acts and practices. Several of these laws apply to some of Flywire’s clients, and in some cases, Flywire is contractually obligated to ensure its services do not violate these laws, even though Flywire is not directly subject to them. For example, the Truth in Lending Act of 1968 (TILA) is a U.S. federal law that applies to creditors and is designed to promote the informed use of consumer credit. Although Flywire is not in the business of extending credit or charging interest on the payments it helps its clients collect, when Flywire clients extend credit subject to TILA, TILA may require our clients to provide disclosures to their customers about consumer credit terms and costs in a format specified by the CFPB. Our payment installment plan functionality utilized by our clients in healthcare and education often requires that our payment experience accommodate these disclosure obligations that attach to our clients. Our business may also be subject to the Fair Credit Reporting Act (FCRA) which regulates the use and reporting of consumer credit information and imposes disclosure requirements on entities that take adverse action based on information obtained from credit reporting agencies. We could be liable if our practices governed under the FCRA are not in compliance with the FCRA or its regulations.

22


 

The Electronic Fund Transfer Act (EFTA) also imposes substantive disclosure and error resolution obligations on entities that facilitate electronic fund transfers and international remittance transfers. We could be liable for violating EFTA if we fail to comply with these requirements when they apply to us. We do not believe other laws that are implemented by the CFPB, including the Equal Credit Opportunity Act and the Fair Debt Collection Practices Act apply to us. If these determinations are wrong, interpretations of these statutes change, or we expand or change our solutions, we may be subject to the restrictions imposed by these laws. Should our business or solutions change in a way that did subject us to the CFPB’s jurisdiction, we would be subject to increased scrutiny of our business and consumer compliance practices.

Separately, the Telephone Consumer Protection Act of 1991 (TCPA) and similar state and federal laws contain extensive rules relating to communication by telephone, such as detailed requirements relating to granting and revocation of consent and “opt-in” or “opt-out” thresholds for receipt of communications, and these requirements are often changing and the subject of high-profile litigation. Our services include features regulated by the TCPA and similar laws (e.g., calls made from automated dialing systems, texts confirming receipt of payment, status updates or due dates, appointment reminders) and we can be liable for penalties, or subject to litigation or contractual indemnification obligations, if we do not comply with them.

Flywire is also required to navigate card network rules and other requirements of self-regulatory organizations, such as ACH payment networks. We rely on our varied network of merchant acquirer relationships to access the payment card networks such as Visa and Mastercard, which enable our acceptance of credit cards and debit cards. We pay fees to our merchant acquirers for such services.

Visa, Mastercard and other card networks set complex and evolving rules and standards with which we must comply—often referred to as “card network rules”. We also have relationships with American Express, Japan Credit Bureau (JCB) and China Unionpay, which impose similar obligations on us. The payment networks and their member financial institutions routinely update, generally expand and modify requirements applicable to merchant acquirers and their customers, including rules regulating data integrity, third-party relationships, merchant chargeback standards and compliance with the PCI DSS. PCI DSS is a set of requirements designed to ensure that all companies that process, store, or transmit payment card information maintain a secure environment to protect cardholder data. Under certain circumstances, we are required to report incidents to the card networks and other authorities within a specified time frame. Any changes in card network rules or standards that increase the cost of doing business or limit our ability to provide processing services to our merchants will adversely affect the operation of our business.

If we or our merchant acquirers fail to comply with the card network rules or other applicable rules and requirements of the card payment networks, Visa or Mastercard or our other card providers could suspend or terminate our registration. Further, our transaction processing capabilities, including with respect to settlement processes, could be delayed or otherwise disrupted, and recurring non-compliance could result in the payment networks seeking to fine us, or suspend or terminate our registrations which allow us to process transactions on their networks, which would make it impossible for us to conduct our business on its current scale.

Under certain circumstances specified in the card network rules, we may be required to submit to periodic audits, self-assessments, or other assessments of our compliance with the PCI DSS. Such activities may reveal that we have failed to comply with the PCI DSS. In addition, even if we comply with the PCI DSS, there is no assurance that we will be protected from a security breach or other cybersecurity incident.

The termination of our registration with the payment networks, or any changes in payment network or issuer rules that limit our ability to provide card payment alternatives to our clients’ customers could have an adverse effect on our payment processing volumes, revenues and operating costs. If we are unable to comply with the requirements applicable to our settlement activities, the payment networks may no longer allow us to provide these services and we would lose a substantial portion of our revenues.

We are also subject to the National Automated Clearing House Association (NACHA) operating rules. NACHA is a self-regulatory organization which administers and facilitates private-sector operating rules for ACH payments and defines the roles and responsibilities of financial institutions and other ACH network participants. The NACHA Rules and Operating Guidelines impose obligations on us and our partner financial institutions particularly when we instruct our partner institutions to debit a third party’s account. These obligations include audit and oversight by the financial institutions and the imposition of mandatory corrective action, including termination, for serious violations. If an audit or self-assessment of PCI DSS or NACHA compliance identifies any deficiencies that we need to remediate, the remediation efforts may distract our management team and other staff and be expensive and time consuming.

Similarly, our ACH sponsor banks have the right to audit our compliance with NACHA’s rules and guidelines and are given wide discretion to approve certain aspects of our business practices. Like the payment networks, NACHA may

23


 

update its operating rules and guidelines at any time, which could require us to take more costly compliance measures or to develop more complex monitoring systems. The NACHA rules permit transactions to be returned under certain circumstances. If too many of our transactions are returned, our ability to access the ACH system could be impaired by our partner financial institutions. Our partner financial institutions could similarly change their interpretation of NACHA requirements, which could require costly remediation efforts and could prevent us from continuing to provide services through such partner financial institutions until we remediate issues to their satisfaction.

We collect and use a wide variety of information (including personal information) for various purposes in our business, including: (i) to help ensure the integrity of our services, (ii) to meet KYC, transaction monitoring, AML and CFT standards, and (iii) to provide features and functionality to our clients and their customers. This aspect of our business, including the collection, use, disclosure, and protection of personal information we acquire in connection with the use of our services, is subject to numerous laws and regulations in the United States and globally. Regulation and proposed regulation in this area has increased significantly in recent years and is expected to continue to do so.

In addition to numerous privacy and data protection laws already in place, U.S. states are increasingly adopting laws modeled on the GDPR that impose comprehensive privacy and data protection obligations. For example, the CCPA, which became effective on January 1, 2020, gives California residents expanded rights to access and delete their personal information, opt out of certain personal information sharing and receive detailed information about how their personal information is used, and it imposes other requirements as well. The CCPA provides for civil penalties for violations, as well as a private right of action for data breaches. Colorado, Virginia and Utah have recently joined California in enacting privacy and data protection legislation that impose additional obligations on businesses related to the collection, storage and utilization of third party information, as well as the reporting of data breaches. All 50 states, Puerto Rico, and the U.S. Virgin Islands (similar to many of the other countries where we do business), have passed laws regulating the actions that a business must take if it experiences a data breach, such as prompt disclosure to affected individuals, consumer reporting agencies, or governmental agencies. In addition, we are subject to laws in the U.S. and abroad restricting or placing conditions on our ability to collect and utilize certain specific types of information, such as Social Security and driver’s license numbers.

Many of the foreign jurisdictions where we or our customers do business, including the European Union (E.U.), have laws and regulations dealing with the processing of personal information, which in some cases are more restrictive than those in the United States. In addition to regulating the processing of personal information within the relevant jurisdictions, these legal requirements often also apply to the processing of personal information outside these jurisdictions, where there is some specified link to the relevant jurisdiction. For example, Flywire has multiple offices in Europe and serves clients and their customers throughout the E.U., where GDPR went into effect in 2018. The GDPR, which also is the law in Iceland, Norway, Liechtenstein, and—to a large degree—the U.K., has an extensive global reach and imposes robust obligations relating to the processing of personal information, including documentation requirements, greater control for data subjects (e.g., the “right to be forgotten” and data portability), security requirements, notice requirements, restrictions on sharing personal information, data governance obligations, data breach notification requirements, and restrictions on the export of personal information to most other countries. Fines of up to 20 million Euros or up to 4% of the annual global revenue of a noncompliant corporate family, whichever is greater, could be imposed for violations of certain of the GDPR’s requirements, and private claims also are possible.

Recent legal developments have created compliance uncertainty regarding some transfers of personal information from the U.K. and EEA to locations where we or our customers operate or conduct business, including the United States and potentially Singapore. Under the GDPR, such transfers can take place only if certain conditions apply or if certain data transfer mechanisms are in place. In July 2020, the Court of Justice of the E.U. ruled in its “Schrems II” decision (C-311/18), that the Privacy Shield, a transfer mechanism used by thousands of companies to transfer data between those jurisdictions and the United States (and also used by Flywire), was invalid and could no longer be used due to the strength of United States surveillance laws. In September 2020, the Federal Data Protection and Information Commissioner of Switzerland (where the law has a similar restriction on the export of personal information) issued an opinion concluding that the Swiss-U.S. Privacy Shield Framework does not provide an adequate level of protection for data transfers from Switzerland to the United States pursuant to Switzerland’s Federal Act on Data Protection. We and our customers continue to use alternative transfer strategies including the European Commission’s Standard Contractual Clauses (SCCs) while the authorities interpret the Schrems II decision and the validity of alternative data transfer mechanisms. The SCCs, though previously approved by the European Commission, have faced challenges in European courts (including being called into question in the Schrems II decision), and may be further challenged, suspended or invalidated for transfers to some or all countries. For example, guidance regarding Schrems II issued by the European Data Protection Board (which is comprised of representatives from every E.U. member state’s top data protection authority) have cast serious doubt on the validity of SCCs for most transfers of personal information to the United States. The Schrems II decision and related enforcement actions or other legal developments in this area could subject us to

24


 

negative financial consequences, such as fines, penalties, loss of customers, and the need to engage in costly restructuring of our business and IT operations and restructuring of our relationships with service providers and other partners.

In Asia, there has been an increase in both regulation and enforcement of privacy laws. The Act on Protection of Personal Information originally enacted in June 2020 by the Japanese government, was amended and will come into effect on April 1, 2022 (Amended APPI). Since the passage of the Amended APPI, a number of implementing regulations and supporting documents have been released, addressing the requirements for transferring personal data outside Japan, notifying security breaches and creating pseudonymous information exempt from certain obligations under the Amended APPI.

China passed its new Data Security Law (DSL) in June 2021 and its new Personal Information Protection Law (PIPL) in August 2021. Both new laws impact every business operating in or doing business with China, coupling extensive obligations with respect to the processing of all types of data, with potentially significant penalties for noncompliance. With the promulgation of the DSL and PIPL, China has tightened up regulation on collection, processing, sharing and cross-border transfer of personal data and important data such as financial data. The new data security regime has an extraterritorial effect and imposes additional compliance obligations with respect to processing (in and outside China) of personal data of Chinese individuals and other data which may be viewed sensitive or important. These regulations apply not only to our client’s payers who are Chinese nationals (such as students seeking to study abroad) but also China-based employees as well as third party business partners.

We have taken steps to address compliance obligations that apply to us under the Amended APPI, the DSL and PIPL but cannot assure you that such steps will be effective, and we may face the risk of increased costs, liability and loss of business.

There are also regulations that require that access to websites be safe and accessible for people with disabilities. The ADA contains certain standards (most commonly referred to as Section 508 Standards) that apply to federal government websites as well as to websites that may be provided by institutions that are recipients of federal funding. Many of our clients (principally higher education clients in the U.S.) receive support from U.S. federal agencies, and require that our payment experience be accessible and conform to the Section 508 Standards and the World Wide Web Consortium (W3C) Web Content Accessibility Guidelines 2.0 Level AA. Our payment experience is ADA-compliant, and we arrange for third-party audits to ensure that we continually conform to these standards. As we modify our user interface to improve or add features and functionality to our payment experience, we must continue to account for ADA compliance when required.

Human Capital and Employees

As of December 31, 2021, we had 665 full-time employees. We also engage part-time and temporary employees, as well as consultants as needed to support our operations. As an organization, our culture is founded on our shared experiences, unique and diverse backgrounds, and belief in our mission to deliver on the most important and complex payments. We strive for excellence as one team, guided by our core values, including, global collaboration, authenticity, fulfillment, execution, ambitious innovation and evolved learning. Representing approximately 40 nationalities and spoken languages, our diverse team of FlyMates deliver critical domain expertise and regionally tailored skill sets to our clients 24x7. Our leadership team defines our culture and strategy and collectively has decades of experience leading companies through rapid growth at scale.

None of our employees are represented by a labor union or covered by a collective bargaining agreement. We have not experienced any work stoppages and we consider our relations with our employees to be good.

Our human capital resources objectives include, as applicable, identifying, recruiting, retaining, incentivizing and integrating our existing and additional employees. The principal purposes of our equity incentive plans are to attract, retain and motivate selected employees, consultants and directors through the granting of stock-based compensation awards and cash-based performance bonus awards.

Corporate Information

We were initially formed in July 2009 as peerTransfer Corporation, a Delaware corporation. We changed our name to Flywire Corporation in December 2016. Our principal executive offices are located at 141 Tremont St., #10, Boston, MA 02111. Our telephone number is (617) 329-4524. Our internet address is www.flywire.com. The information contained on, or that can be accessed through, our website is not a part of this Annual Report on Form 10-K. We have included our website address as an inactive textual reference only.

25


 

Flywire, the Flywire logo, and other registered or common law trade names, trademarks, or service marks of Flywire appearing in this Annual Report on Form 10-K are the property of Flywire. This Annual Report on Form 10-K contains additional trade names, trademarks, and service marks of ours and of other companies. We do not intend our use or display of other companies’ trade names, trademarks, or service marks to imply a relationship with, or endorsement or sponsorship of us, by these other companies. Other trademarks appearing in this Annual Report on Form 10-K are the property of their respective holders. Solely for convenience, our trademarks and tradenames referred to in this Annual Report on Form 10-K appear without the ® and ™ symbols, but those references are not intended to indicate, in any way, that we will not assert, to the fullest extent under applicable law, our rights, or the right of the applicable licensor, to these trademarks and tradenames.

Available Information

Investors, the media, and others should note that we intend to announce material information to the public through filings with the SEC, the investor relations page on our website, blog posts on our website (www.flywire.com), press releases, public conference calls, webcasts, and our Twitter feed (@flywire). The information disclosed by the foregoing channels could be deemed to be material information. As such, we encourage investors, the media, and others to follow the channels listed above and to review the information disclosed through such channels. Any updates to the list of disclosure channels through which we will announce information will be posted on the investor relations page on our website. The contents of our website are not incorporated into this filing. We have included our investor relations website address only as an inactive textual reference and do not intend it to be an active link to our website.

26


 

Item 1A. Risk Factors

Investing in our common stock involves a high degree of risk. Before deciding whether to invest in shares of our common stock, you should consider carefully the risks and uncertainties described below, together with all of the other information in this Annual Report on Form 10-K, including “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and our consolidated financial statements and the accompanying notes included elsewhere in this Annual Report on Form 10-K. The risks and uncertainties described below are not the only ones we face. Additional risks and uncertainties that we are unaware of or that we deem immaterial may also become important factors that adversely affect our business. If any of the following risks actually occur, our business, financial condition, liquidity, operating results, and prospects could be materially and adversely affected. In that event, the market price of our common stock could decline, and you could lose part or all of your investment. See “Special Note Regarding Forward-Looking Statements.”

Risk Factors Summary

Our business operations are subject to numerous risks and uncertainties, including those outside of our control, that could cause our actual results to be harmed, including risks regarding the following:

Risks Related to Our Business and Industry

We have a history of operating losses and may not achieve or sustain profitability in the future.
We have a short operating history at our current scale in a rapidly evolving industry.
We may be unable to retain our current clients, attract new clients, and increase the number of our clients’ customers that use our solutions or sell additional functionality to our clients.
We may be adversely affected by the COVID-19 global pandemic and related responsive actions.
Efforts to attract new clients may be unsuccessful.
We may be unable to expand our direct and channel sales capabilities, grow our marketing reach and increase sales productivity.
We expect our revenue mix to vary over time, which could affect our gross margin and results of operations.
Our business could be adversely affected if our clients and their customers are not satisfied with the timing or quality of implementation services provided by us or our partners.
Our financial and operating results are subject to seasonality and cyclicality.
Certain of our key performance indicators are subject to inherent challenges in measurement.
Our business depends, in large part, on our proprietary network of global, regional, and local banking partners and our relationships with other third parties.
The estimates of market opportunity and our ability to capture a meaningful share of this payment volume may prove to be inaccurate.
Our education business may be adversely affected by decreases in enrollment or tuition, or increased operating expenses for our clients.
The healthcare industry is rapidly evolving.
Our travel business may be sensitive to events affecting the travel industry in general.
We may be unable to enter or expand into new verticals, including our relatively new B2B payment vertical.
There could be consolidation in the payment processing or enablement industry.

27


 

Risks Related to Our Operations

We may not be able to scale our business quickly enough to meet our growing client base.
We enable the transfer of large sums of funds to our clients daily, and are subject to the risk of errors.
We may be unable to maintain or expand our ability to offer a variety of local and international payments.
Improper or unauthorized use of, disclosure of, or access to personal or sensitive data could harm our reputation.
We are exposed to fluctuations in foreign currency exchange rates.
We may fail to adapt and respond effectively to rapidly changing technology, evolving industry standards, changing regulations, and changing business needs, requirements, or preferences.
Changes to payment card networks fees or rules could harm our business.

Risks Related to Our Legal, Regulatory and Compliance Landscape

Payments and other financial services-related regulations and oversight are material to our business.
We are subject to governmental laws and requirements regarding economic and trade sanctions, AML, CFT and those applicable to a MSB.
We are subject to governmental regulation and other legal obligations, particularly those related to privacy, data protection, information security, anti-corruption, anti-bribery, and similar laws.

Risks Related to Being a Public Company

We may fail to develop and maintain proper effective internal control over financial reporting.
Estimates relating to our critical accounting policies may prove to be incorrect.
We will continue to incur increased costs as a public company.

Risks Related to Ownership of Our Common Stock

Raising additional capital may cause dilution to our existing stockholders, restrict our operations, or require us to relinquish rights to our intellectual property on unfavorable terms.
Securities and industry analysts may not publish or publish inaccurate or unfavorable research about our business.

Risks Related to Our Business and Industry

We have a history of operating losses and may not achieve or sustain profitability in the future.

We were incorporated in 2009 and have experienced net losses from our operations since inception. We generated net losses of $28.1 million, $11.1 million and $20.1 million for the years ended December 31, 2021, 2020 and 2019, respectively. In addition, as of December 31, 2021, we had an accumulated deficit of $125.9 million. We have experienced significant revenue growth in recent periods and we are not certain whether or when we will obtain a high enough volume of revenue to sustain or increase our growth or achieve or maintain profitability in the future. We also expect our costs and expenses to increase in future periods, which could negatively affect our future operating results if our revenue does not increase. In particular, we intend to continue to expend significant funds to further develop our solutions, including introducing new functionality, and to expand our marketing programs and sales teams to drive new client adoption, expand strategic partner integrations, and support international and industry expansion. Our operating results are also impacted by the mix of our revenue generated from our different revenue sources, which include transaction revenue and platform and usage-based fee revenue. Changes in our revenue mix from quarter to quarter, including those derived from cross-border or domestic currency transactions, will impact our margins, and we may not be able to grow our revenue margin adequately to achieve or sustain profitability. In addition, the mix of payment methods utilized by our clients’ customers may have an impact on our margins given that our costs associated with certain

28


 

payment methods, such as credit cards, are higher than other payment methods accepted by our solutions, such as bank transfers. We will also face increased compliance and security costs associated with growth, the expansion of our client base, and being a public company. Our efforts to grow our business may be costlier than we expect, and we may not be able to increase our revenue enough to offset our increased operating expenses. We may incur significant losses in the future for several reasons, including the other risks described herein, and unforeseen expenses, difficulties, complications, delays, and other unknown events. If we are unable to achieve and sustain profitability, the value of our business and common stock may significantly decrease.

If the assumptions we use to plan our business are incorrect or change in reaction to changes in our markets, or if we are unable to maintain consistent revenue or revenue growth, it may be difficult to achieve and maintain profitability. Our revenue from any prior quarterly or annual periods should not be relied upon as an indication of our future revenue or revenue growth or growth in volume of payments processed.

In addition, we expect to continue to expend substantial management time, financial and other resources on:

sales, marketing, relationship management and client support, including an expansion of our sales organization, and new client support and payer retention initiatives;
our technology infrastructure, including systems architecture, scalability, availability, performance, and security;
our technology development, including investments in our technology development team and the development of new solutions and new functionality;
expanding into more international markets;
attracting new clients and increasing the number of our clients’ customers that use our solutions;
acquisitions or strategic investments;
regulatory compliance and risk management; and
general administration, including increased insurance, legal and accounting expenses associated with being a public company.

These investments may not result in increased revenue growth in our business. If we are unable to increase our revenue at a rate sufficient to offset the expected increase in our costs, our business, financial position and operating results will be harmed, and we may not be able to achieve or maintain profitability over the long term.

We have a short operating history at our current scale in a rapidly evolving industry and, as a result, our past results may not be indicative of future operating performance.

We have a short history operating at our current scale in a rapidly evolving industry that may not develop in a manner favorable to our business. This relatively short operating history makes it difficult to assess our future performance with certainty. You should consider our business and prospects in light of the risks and difficulties we may encounter.

Our future success will depend in large part upon our ability to, among other things:

cost-effectively acquire new clients and retain existing clients;
withstand the impacts of the COVID-19 pandemic;
increase our market share;
avoid pricing pressure on our solutions which would compress our margins;
effectively market our solutions;
enhance our existing solutions and develop new solutions;
increase awareness of our brand and maintain our reputation;

29


 

our ability to offer seamless experience for our clients and their customers, including all user facing attributes ranging from the user interface to client and customer support;
anticipate and respond to macroeconomic changes;
expand our solutions and geographic reach, including with respect to B2B and travel payments;
anticipate and effectively respond to changing trends and the preferences of clients and their customers;
compete effectively;
avoid interruptions in our business from information technology downtime, cybersecurity breaches, or labor stoppages;
effectively manage our growth;
hire, integrate, and retain talented people at all levels of our organization;
maintain the quality of our technology infrastructure;
retain our existing proprietary global network of banking and other payment partners and add new banking and other payment partners to scale our business; and
retain our existing technology partners that allow us to provide alternative payment methods and add new technology partners to scale our business.

If we fail to address the risks and difficulties that we face, including those associated with the challenges listed above as well as those described elsewhere in this section titled “Risk Factors”, our business and operating results will be adversely affected.

If we are unable to retain our current clients, attract new clients and increase the number of our clients’ customers that use our solutions or sell additional functionality to our clients, our revenue growth and operating results will be adversely affected.

To increase our revenue, in addition to acquiring new clients, we must continue to retain existing clients, increase the volume of payments made by our clients’ customers and sell additional functionality to our clients. We expect to derive a significant portion of our revenue from renewal of existing clients’ contracts and sales of additional features and solutions to existing clients. As the market for our solutions matures, solutions evolve, and competitors introduce lower cost or differentiated products or services that are perceived to compete with our solutions, our ability to attract (and our clients’ ability to attract) new customers and maintain our current client base and clients’ customer usage could be hindered. As a result, we may be unable to retain existing clients or increase the usage of our solutions by them or their customers, which would have an adverse effect on our business, revenue, gross margins, and other operating results, and accordingly, on the trading price of our common stock.

As the market for our solutions matures, or as new or existing competitors introduce new products or services that compete with our solutions, we may experience pricing pressure. This competition and pricing pressure could have an adverse effect on our ability to retain existing clients or attract new clients at prices that are consistent with our pricing model, operating budget and expected operating margins. In particular, it has become more common in the education sector for competitors to offer generous revenue sharing arrangements for clients we target. Our business could be adversely affected if clients or their customers perceive that features incorporated into alternative products reduce the need for our solutions or if they prefer to use competitive services. If we are unable to attract new clients and increase the number of our clients’ customers that use our solutions, our revenue growth and operating results will be adversely affected. Further, in an effort to attract new clients and increase usage by their customers, we may need to offer simpler, lower-priced payment options, which may reduce our revenue.

Our ability to sell additional functionality to our existing clients may require more sophisticated and costly sales efforts, especially for our larger clients with more senior management and established accounts receivable solutions. Similarly, the rate at which our clients deploy additional solutions from us depends on several factors, including general economic conditions, the availability of client technical personnel to implement our solutions, and the pricing of additional functionality. If our efforts to sell additional functionality to our clients are not successful, our business and growth prospects would suffer.

30


 

Contracts with our clients generally have a stated initial term of three years, are not subject to termination for convenience and automatically renew for one-year subsequent terms. Our clients may negotiate terms less advantageous to us upon renewal, which may reduce our revenue. If our clients fail to renew their contracts, renew their contracts upon terms less favorable to us or at lower fee levels or fail to purchase new solutions from us, our revenue may decline or our future revenue growth may be constrained. Should any of our clients terminate their relationship with us after implementation has begun, we would not only lose our time, effort and resources invested in such implementation, but we would also have lost the opportunity to leverage those resources to build a relationship with other clients over that same period of time.

We may experience quarterly fluctuations in our operating results, as well as our key metrics, due to a number of factors which make our future results difficult to predict and could cause our operating results to fall below expectations or our guidance.

Our operating results, and key metrics, may fluctuate due to a variety of factors, many of which are outside of our control. As a result, comparing our operating results on a period-to-period basis may not be meaningful. Our past results should not be relied on as an indication of our future performance. If our revenue or operating results fall below the expectations of investors or securities analysts or below any guidance we may provide to the market, the price of our common stock could decline substantially.

Our operating results have varied in the past and are expected to continue to do so in the future. In addition to other risk factors listed in this section titled “Risk Factors”, factors that may affect our quarterly operating results, business and financial condition include the following:

demand for our solutions and the number, volume and timing of payments processed;
timing of tuition payments;
market acceptance of our current and future solutions;
our revenue mix in a particular quarter;
the mix of payment methods and currencies utilized by our clients’ customers in a particular quarter;
a slowdown in spending on information technology (IT) and software by our current and/or prospective clients;
sales cycles and performance of our direct and indirect sales force;
budgeting and implementation cycles of our current or potential clients;
foreign currency exchange rate fluctuations;
the management, performance and expansion of our domestic and international operations;
the rate of renewals of contracts with our clients;
changes in the competitive dynamics of our markets;
our ability to control and predict costs, including our operating expenses;
clients delaying purchasing decisions, including in anticipation of new products or product enhancements by us or our competitors;
the seasonality of our business;
failure to successfully manage or integrate any acquisitions, including our acquisition of Simplee and recent acquisition of WPM;
the outcome or publicity surrounding any pending or threatened lawsuits;
general economic and political conditions in our domestic and international markets;

31


 

unexpected events, including those resulting from climate change or geopolitical events; and
the continuing effects of the COVID-19 pandemic and the responses thereto.

In addition, we may in the future experience fluctuations in our gross and operating margins due to changes in the mix of our domestic and international payments and the mix of payment methods, including an increase in the use of credit cards, and currencies used by our clients’ customers to make payments.

Based upon the factors described above and those described elsewhere in this section titled “Risk Factors”, we have a limited ability to forecast the amount and mix of future revenues and expenses, which may cause our operating results to fall below our estimates or the expectations of public market analysts and investors.

The COVID-19 global pandemic and related government, private sector and individual consumer responsive actions may adversely impact our employees, strategic partners, and clients, which could adversely and materially impact our business, financial condition and results of operations.

The global impacts of the COVID-19 pandemic and related government actions taken to reduce the spread of the virus, including the variants of the virus, have significantly increased economic uncertainty and reduced economic activity. The pandemic has resulted in authorities implementing numerous measures to try to contain the virus, such as travel bans and restrictions, quarantines, shelter-in-place or total lock-down orders and business limitations and shutdowns that began in the second quarter of fiscal year 2020.

In addition, the spread of COVID-19 has caused us to modify our business practices, including restricting employee travel, implementing office closures, having our employees, who we call FlyMates, work remotely and cancelling physical participation in meetings, events and conferences. We may take further actions in response to the continuing effects of the global pandemic as may be required by government authorities or as we determine are in the best interests of our FlyMates, clients and business partners. This has caused us to make modifications to some of our planned activities and has impacted some of our business development and marketing initiatives.

During the year ended December 31, 2020, we experienced periods of reduced payment volume in some of the industries we serve, including travel and education. Cross-border payment volumes were heavily impacted by the decline in travel as a result of the COVID-19 pandemic. During the year ended December 31, 2021 we observed a recovery in payment volumes in the industries we serve, including travel and education. The introduction of COVID-19 vaccines allowed for reopening of many higher education institutions to foreign students, and borders began to open for travel. The emergence of variants (most notably Delta and Omicron) and sub-variants has periodically slowed the reopening, and we will monitor new strains of COVID-19 as they are discovered. International cross-border transaction revenue represents a significant part of our revenue; international regulations and restrictions that inhibit cross-border travel and relocation of international students have had and may continue to have a material impact on our business. In addition, we may experience financial losses due to a number of operational factors, including:

third party disruptions, including potential outages at network providers and other suppliers;
supply chain impacts, including shortages of goods, raw materials or delays in shipment;
challenges to the availability and reliability of our network due to changes to normal operations, including the possibility of one or more clusters of COVID-19 cases occurring at our suppliers’ data centers, affecting our FlyMates, or affecting the systems or employees of our clients or business partners;
increased cyber and payment fraud risk related to the COVID-19 pandemic, as cybercriminals attempt DDoS related attacks, phishing scams and other disruptive actions, given the shift to online banking, e-commerce and other online activity, as well as more employees working remotely as a result of the pandemic; and
additional regulatory requirements, including, for example, government initiatives or requests to reduce or eliminate payment fees or other costs.

We adopted measures to modify our business practices and reduce operating expenses during the first half of 2020 in response to the COVID-19 pandemic, including a reduction in our workforce, delaying hiring plans, restricting travel, lowering marketing spend and the use of external resources. These measures, while in effect, may have slowed our growth. Although we began increasing our operating expenses since such time, the impact from the COVID-19 pandemic on our business, results of operations and financial condition in the longer term remains difficult to predict.

32


 

Our offices are currently open for optional use by FlyMates, in some instances at limited capacity, as allowed under national, state and local orders. While we have implemented what we believe to be a comprehensive protocol to ensure the safety and wellbeing of employees returning to the office, including as required health screenings, physical changes to our floor layout, periodic testing and required proper personal protection equipment, these protocols may not be sufficient to mitigate the risks posed by the virus or otherwise be satisfactory to government authorities.

Our clients and their customers who are affected by the ongoing COVID-19 pandemic may continue to demonstrate changed behavior even after the COVID-19 outbreak has subsided. For example, colleges and universities may continue to rely on virtual courses as students may be hesitant to return to full social interaction, and we may continue to see reduced payment volume as economic worries continue, all of which may have adverse implications for our business. In addition, many of our clients who have historically depended upon a steady flow of international students (e.g., language schools) may have curtailed or suspended operations, or permanently closed. In our business model, we function as a merchant of record in connection with the receipt of payments by our clients’ customers, which subjects us to chargeback risk in the event a client’s customer cancels or otherwise does not receive the services for which such customer paid. Although our client contracts allow us to pass such chargeback risk to our client, if the client has gone out of business, we may be unable to collect on the chargeback and will bear the economic loss, which will negatively impact our business.

As a result, we may continue to experience materially adverse impacts to our business as a result of the global economic impact of the COVID-19 pandemic, including lower domestic and cross border spending trends, the availability of credit, adverse impacts on our liquidity, and any recessionary conditions that persist, and exacerbate many of the other known risks described in this section titled “Risk Factors”.

If our efforts to attract new clients and increase the number of our clients’ customers that use our solutions are unsuccessful, our revenue growth and operating results will be adversely affected.

Our future growth and profitability will depend in large part upon the effectiveness and efficiency of our efforts to attract new clients and increase the number of our clients’ customers that use our solutions. While we intend to dedicate resources to attracting new clients and increasing the number of our clients’ customers that use our solutions, our ability to do so depends in large part on the success of these efforts and the success of the marketing channels we use to promote our solutions. Our marketing channels include search engine optimization, search engine marketing, account-based direct marketing campaigns, industry events and association marketing relationships. If any of our current marketing channels become less effective, if we are unable to continue to use any of these channels, if the cost of using these channels were to significantly increase or if we are not successful in generating new channels, we may not be able to attract new clients in a cost-effective manner or increase the number of our clients’ customers that use our solutions. If we are unable to recover our marketing costs through increases in the number of clients and in the number of our clients’ customers that use our solutions, or if we discontinue our marketing efforts, it could have a material adverse effect on our business, prospects, results of operations, and financial condition.

If we are unable to expand our direct and channel sales capabilities, grow our marketing reach and increase sales productivity, we may not be able to generate increased revenues.

We believe that our future growth will depend on the continued development of our direct sales force and its ability to obtain new clients and to manage our existing client base. Our ability to increase our client base and achieve broader market acceptance of our solutions will depend to a significant extent on our ability to expand our sales and marketing organizations, and to deploy our sales and marketing resources efficiently. We intend to continue to increase our number of direct sales professionals and to expand our relationships with new strategic channel partners. These efforts will require us to invest significant financial and other resources. New hires require training and take time to achieve full productivity. Similarly, new channel partnerships often take time to develop and may never yield results, as they require new partners to understand the services and solutions we offer, and how to position our value within the market. We cannot be certain that recent and future new hires or partner relationships will become as productive as necessary or that we will be able to hire enough qualified individuals or build effective channel sales in the future. If we are unable to hire, develop, integrate, and retain talented and effective sales personnel, if our new and existing sales personnel are unable to achieve desired productivity levels, or if our sales, channel strategy and marketing programs and advertising are not effective, we may not be able to expand our business and grow our revenue, which may harm our business, operating results and financial condition.

We expect our revenue mix to vary over time, which could affect our gross margin and results of operations.

We expect our revenue mix to vary over time due to a number of factors. Shifts in our business mix from quarter to quarter could produce substantial variation in revenue recognized. Further, our gross margins and results of operations could be affected by changes in revenue mix and costs, together with numerous other factors, including payment methods

33


 

and currencies, pricing pressure from competitors, increases in credit card usage on our solutions and associated network fees, changes in payment volume across verticals and the portion of such payment volume for which we perform foreign exchange. Any one of these factors or the cumulative effects of certain of these factors may result in significant fluctuations in our gross margin and results of operations. This variability and unpredictability could result in our failure to meet internal expectations or those of securities analysts or investors for a particular period. If we fail to meet or exceed such expectations for these or any other reasons, the market price of our common stock could decline.

Our business could be adversely affected if our clients or their customers are not satisfied with the timing or quality of implementation services provided by us or our partners.

Our business depends on our ability to satisfy our clients and their customers with respect to our solutions as well as the services that are performed to help our clients and their customers use the features and functions of our solutions. Services are usually performed by us, and are also on occasion provided together with a third-party partner. If our clients or their customers are not satisfied with the functionality of our solutions or the services that we or a third-party partner provide, such dissatisfaction could damage our ability to retain our current clients or expand our clients’ or their customers’ use of our solutions. In addition, any negative publicity and reviews that we may receive which is related to our client relationships may further damage our business and may invite enhanced regulatory scrutiny at the federal and state level in the United States as well as internationally.

Our financial and operating results are subject to seasonality and cyclicality.

Our financial and operating results are subject to seasonal trends. For example, the volume of education tuition processed typically increases in the northern hemisphere during the summer and early fall months, as well as at year end, as students and their families seek to pay tuition costs for the fall semester, the spring semester, or the entire academic year, respectively. We expect this seasonality of education tuition processing to continue and expect it to impact the amount of processing fees that we earn and the level of expenses we incur to generate tuition payment volume and process the higher volume activity in a particular fiscal quarter. During the COVID-19 pandemic, we initially observed an increasing trend of education institutions delaying tuition invoicing or extending dates for payment due to uncertainties in the academic calendar, on-campus classes or remote learning planning, as well as relief being offered to families experiencing financial challenges. However, with the increase in availability of vaccines, educational institutions have, for the most part, returned to their normal billing cycles and payment due dates. Many higher education institutions are mandating full vaccination to promote normal operations and allowing students from abroad to return to their facilities. Similarly, subsectors of our travel client portfolio will experience increased seasonality as many of our travel clients depend upon advance planning for vacation or holiday travel, which has been hampered by the ongoing COVID-19 pandemic and related governmental and regulatory responses.

Certain of our key performance indicators are subject to inherent challenges in measurement, and real or perceived inaccuracies in such metrics may harm our reputation and negatively affect our business.

We track certain key performance indicators, including metrics such as total payment volume, revenue less ancillary services, adjusted gross margin and adjusted EBITDA, with internal systems and tools and which may differ from estimates or similar metrics published by third parties due to differences in sources, methodologies, or the assumptions on which we rely. Our internal systems and tools have a number of limitations, and our methodologies for tracking these metrics may change over time, which could result in unexpected changes to our key performance indicators, including the metrics we publicly disclose, or our estimates. If the internal systems and tools we use to track these metrics undercount or overcount performance or contain algorithmic or other technical errors, the data we report may not be accurate. While these numbers are based on what we believe to be reasonable estimates for the applicable period of measurement, there are inherent challenges in measuring these metrics across our growing client base. If our key performance indicators are not accurate representations of our business, or if investors do not perceive our operating metrics to be accurate, or if we discover material inaccuracies with respect to these figures, our reputation may be significantly harmed, and our operating and financial results could be adversely affected.

Our business depends, in large part, on our proprietary network of global, regional and local banking partners.

To grow our business, we will need to maintain and expand our network of global, regional and local banking partners. Our proprietary network of strategic relationships with global, regional and local banking partners is a material asset to our business, which took more than a decade to build. Establishing our strategic partner relationships, particularly with our banking partners entails extensive and highly specific efforts, with little predictability and various ancillary requirements. These partners and suppliers have contractual and regulatory requirements and conditions that we must satisfy and continue to comply with in order to continue and grow the relationships. For example, our financial institution partners generally require us to submit to an exhaustive security audit including adherence to AML policies and KYC

34


 

procedures. If we are not able to comply with those obligations or if our agreements with our banking partners or our network partners are terminated for any reason, we could experience service interruptions as well as delays and additional expenses in arranging new services, potentially interfering with our existing client relationships or making us less attractive to potential new clients.

We may not be able to attract new network partners to our existing network of global, regional and local banking partners, which could adversely affect our ability to expand to additional countries and territories and transact in additional currencies. In addition, our potential partners may choose to work with our competitors’ or choose to compete with our solutions directly, which could have an adverse effect on our business, financial position, and operating results. Further, many of our network partners have greater resources than we do and could choose to develop their own solutions to replace or compete with ours. If we are unsuccessful in establishing, growing, or maintaining our relationships with network partners, our ability to compete or to grow our revenue could be impaired, and our results of operations may suffer.

Our growth depends in part on the success of our relationships with other (non-banking) third parties.

We have established relationships with a number of other companies, including financial institutions, processors, other financial services suppliers, channel sales partners, providers of electronic health records (EHR) services, implementation partners, technology and cloud-based hosting providers, and others. In order to grow our business, we will need to continue to establish and maintain relationships with these types of third parties, and negotiating and documenting relationships with them requires significant time and resources. Our competitors may be more effective in providing incentives to third parties to favor their products or services. If we are unsuccessful in establishing or maintaining our relationships with third parties, our ability to compete in the marketplace or to grow our revenues could be impaired and our operating results could suffer. Even if our strategic relationships are successful, we cannot assure you that these relationships will result in increased client usage of our solutions or increased revenues.

The markets in which we participate are competitive, and if we do not compete effectively, our operating results could be harmed.

The market for payments solutions is fragmented, competitive, and constantly evolving. Our competitors range from legacy payment methods, such as traditional bank wires, to integrated payment providers that focus on cross-border payments. With the introduction of new technologies and market entrants, we expect that the competitive environment will remain intense going forward. Our competitors that offer legacy payment methods or integrated cross-border payment platforms may develop products that compete with ours. Financial institutions that choose to enter into and compete in our market may have the operating flexibility to bundle competing solutions with other offerings, including offering them at a lower price or for no additional cost to clients as part of a larger sale. In addition, new entrants not currently considered to be competitors may enter the market through acquisitions, partnerships, or strategic relationships. Many of our domestic and foreign competitors have greater resources, experience or more developed customer relationships than we do. For example, foreign competitors may seek to leverage local or common language relationships to cater to potential customers of our clients. There are new market entrants with innovative revenue sharing and other pricing arrangements that are able to attract customers that we compete to serve. Our competitors vary in size, breadth, and scope of the solutions offered. Some of our competitors and potential competitors have greater name recognition, longer operating histories, more established client relationships, larger marketing budgets, and greater resources than us. Our competitors may be able to respond more quickly and effectively than we can to new or changing opportunities, technologies, standards, and client requirements. For example, an existing competitor or new entrant could introduce new technology that reduces demand for our solutions.

For these reasons, we may not be able to compete successfully against our current or future competitors, and this competition could result in the failure of our solutions to continue to achieve or maintain market acceptance, any of which would harm our business, operating results, and financial condition.

Our estimates of market opportunity and our ability to capture a meaningful share of this payment volume may prove to be inaccurate, and even if the market in which we compete achieves the forecasted growth, our business could fail to grow at similar rates, if at all.

Our market opportunity estimates, including those we have generated ourselves and our ability to capture a meaningful share of this payment volume, are subject to significant uncertainty and are based on assumptions and estimates that may not prove to be accurate. The variables that go into the calculation of our market opportunity are subject to change over time, and there is no guarantee that any payment volumes covered by our market opportunity estimates will materialize in clients using our solutions as anticipated or generate any particular level of revenue for us. Any expansion in our market depends on a number of factors, including the cost, performance, and perceived value

35


 

associated with our business and those of our competitors. Even if the market in which we compete meets the size estimates and growth forecasted, our business could fail to grow at similar rates, if at all. Our growth is subject to many factors, including our success in implementing our business strategy, which is subject to many risks and uncertainties.

Our clients in the education sector may be adversely affected by decreases in enrollment, pressure on tuition costs, or increased operating expenses, which may reduce demand for our solutions.

We are reliant on our education clients, including colleges, universities and other education-related organizations that include language schools, boarding schools, summer programs, and others, to drive enrollment at their schools and maintain tuition costs. Factors outside of our control will affect enrollments and tuition costs, including the following:

Reduced enrollment in higher education due to lack of funding, increases to cost of attendance or other inflationary pressure. Significant reductions in student funding, through grants or loans, may reduce enrollments and decrease the payment volume we process. Potential students may also be deterred by increases in the cost of attendance.
Government supported institutions may experience losses or reduction in public funding. Many of our clients rely considerably upon public funding or support, which may not always be available due to budget constraints.
Changing perceptions about in-person classes. Students may reject the opportunity to attend courses in person, when online or virtual classes are offered as an option, due to growing familiarity and perceived convenience of remote learning, the ongoing COVID-19 pandemic or a lower price point for online classes.
Our clients’ rankings, reputation and marketing efforts strongly affect enrollments, none of which we control. If we fail to maintain or add clients with strong, stable reputations and rankings, they will fail to achieve consistent enrollments.
Declines in international student enrollment. The COVID-19 pandemic and restrictions on immigration or the award of student visas can negatively impact the cross-border education industry and schools that rely on foreign student populations will be negatively affected or may cease operations.
General economic conditions. Any contraction in the economy could be expected to reduce enrollment in higher education, whether by reducing funding, reducing corporate allowances for continuing education, general reductions in employment or savings or other factors.

In addition, some clients’ customers may find that higher education is an unnecessary investment during uncertain economic times and defer enrollment in educational institutions until the economy grows at a stronger pace, or they may turn to less costly forms of secondary education, thus decreasing our education payment volumes. A significant decrease in the payment volume and resulting revenue from clients and their customers in this market, which represents, and is expected to continue to represent for the foreseeable future, a majority of our total payment volume and revenue, would have an adverse effect on our business, operating results and financial condition.

The healthcare industry is rapidly evolving and the market for technology-enabled payment services that empower healthcare clients and their customers is relatively immature and unproven. If we are not successful in promoting the benefits of our solutions, our growth may be limited.

The market for our payment solutions is subject to rapid and significant changes. The market for technology-enabled payment services that empower healthcare clients and their customers is characterized by rapid technological change, new product and service introductions, increasing patient financial responsibility, consumerism and engagement, the ongoing shift to value-based care and reimbursement models, and the entrance of non-traditional competitors. In addition, there may be a limited-time opportunity to achieve and maintain a significant share of this market due in part to the rapidly evolving nature of the healthcare and technology industries and the substantial resources available to our existing and potential competitors. The market for technology-enabled payment services that empower healthcare clients and their customers is relatively new and unproven, and it is uncertain whether this market will achieve and sustain high levels of demand and market adoption.

In order to remain competitive, we are continually involved in a number of projects to compete with these new market entrants by developing new solutions, growing our client base and penetrating new markets. Some of these projects include the expansion of our integration capabilities and the expansion of our mobile solutions. These projects carry risks, such as cost overruns, delays in delivery, performance problems and lack of acceptance by our clients. Our

36


 

integration partners may also decide to develop and offer their own patient engagement solutions that are similar to our solutions.

Our success depends on providing high-quality payment solutions that healthcare clients use to improve their financial and operational performance, allowing them to collect payments and enhance their revenue lifecycle management objectives. If we cannot adapt to rapidly evolving industry standards and technology and increasingly sophisticated and varied healthcare client and customer payment needs, our existing technology could become undesirable, obsolete or harm our reputation. We must continue to invest significant resources in our personnel and technology in a timely and cost-effective manner in order to enhance our existing solutions and introduce new high-quality solutions that existing clients and potential new clients will want. Our operating results would also suffer if our innovations are not responsive to the needs of our existing clients or potential new clients, are not appropriately timed with market opportunity, are not effectively brought to market or significantly increase our operating costs. If our new or modified product and service innovations are not responsive to the preferences of healthcare clients and their customers, emerging industry standards or regulatory changes, are not appropriately timed with market opportunity or are not effectively brought to market, we may lose existing clients or be unable to obtain new clients and our results of operations may suffer.

We believe demand for our payment solutions in the healthcare industry has been driven in large part by more patient responsibility for out-of-pocket spend, a trend towards higher deductibles for health care services, increased digitization in payments, and the tailoring of payment offers and increased patient engagement. Our success also depends to a substantial extent on the ability of our solutions to increase the volume of our clients’ customers payments, and our ability to demonstrate the value of our solutions to our clients. If our existing clients do not recognize or acknowledge the benefits of our solutions or our solutions do not drive payment volume, then the market for our solutions might not develop at all, or it might develop more slowly than we expect, either of which could adversely affect our operating results. A significant decrease in the payment volume and resulting revenue from our clients and their customers in the healthcare industry, which represents, and is expected to continue to represent for the foreseeable future, our second largest vertical by total payment volume and revenue, may have an adverse effect on our business, operating results and financial condition.

In addition, we have limited insight into trends that might develop and affect our healthcare business. We might make errors in predicting and reacting to relevant business, legal and regulatory trends and healthcare reform, which could harm our business. If any of these events occur, it could materially adversely affect our business, financial condition or results of operations.

Finally, our competitors, including major EHR providers, may have the ability to devote more financial and operational resources than we can to developing new technologies and services, including services that provide improved operating functionality, and adding features to their existing service offerings. Relationships with companies in the EHR space and business focused on revenue lifecycle management are critical to leverage if we are to add to our healthcare customer portfolio. Many of these companies may offer products and services similar to ours. If successful, their development efforts could render our solutions less desirable, resulting in the loss of our existing clients or a reduction in the fees we generate from our solutions.

Our business serving clients in the travel sector may be sensitive to events affecting the travel industry in general.

Events like regional or larger scale conflicts, war or other military conflict, including an escalation of the conflict between Russia and Ukraine, terrorist attacks, mass shooting incidents, natural disasters, such as hurricanes, earthquakes, fires, droughts, floods and volcanic activity, and travel-related health events, such as the COVID-19 pandemic, have a negative impact on the travel industry and affect travelers’ behavior by limiting their ability or willingness to visit certain locations. We are not in a position to evaluate the net effect of these circumstances on our business as these events are largely unpredictable; however, we believe there has been negative impact to our business due to such events. Furthermore, in the longer term, our business might be negatively affected by financial pressures on or changes to the travel industry. For example, certain jurisdictions, particularly in Europe, are considering regulations intended to address the issue of “overtourism” including by restricting access to city centers or popular tourist destinations or limiting accommodation offerings in surrounding areas, such as by restricting construction of new hotels or the renting of homes or apartments. Such regulations could adversely affect travel and the volume of travel related payments that we process for our clients. The United States has implemented or proposed, or is considering, various travel restrictions and actions that could affect U.S. trade policy or practices, which could also adversely affect travel to or from the United States. If such events result in a long-term negative impact on the travel industry, such impact could have a material adverse effect on our business. The payment volume and resulting revenue from our travel vertical represents, and is expected for the

37


 

foreseeable future to represent, less than 10% of our total payment volume and revenue. Because we seek to grow the payment volume and the revenue from this vertical in the future, failure to grow our payment volume and resulting revenue from this industry, may have an adverse effect on our business, operating results and financial condition.

In addition, the U.K’s withdrawal from the E.U. (Brexit), including uncertainty, delays or practical difficulties in the implementation of Brexit, could continue to lead to economic uncertainty, sluggish growth or economic retraction, and have a negative impact on the travel industry and our European business. The U.K. could lose access to the single E.U. market, travel between the U.K and E.U. countries could be restricted, and we could face new regulatory costs and challenges, the scope of which is presently unknown.

With respect to the COVID-19 pandemic specifically, our 2020 financial results related to serving our existing travel clients and growing our client base in the travel sector were negatively impacted. During the year ended December 31, 2021, we witnessed recoveries in our financial results and growth in revenue and payment volumes in our travel payment vertical. While improvements have been noted, we are still experiencing impacts to our travel clients. We expect the continued effects of the COVID-19 pandemic, including the emergence and spread of variants or sub-variants of COVID-19, will continue to negatively impact our business into 2022, but the extent and duration of such impact in the long term is largely uncertain as it is dependent on future developments that cannot be accurately predicted at this time, including but not limited to the severity and transmission rate of the virus, global availability of vaccines and administration of vaccination, the rate of “herd immunity” and the extent and effectiveness of containment actions taken, including mobility restrictions, and the impact of these and other factors on travel behavior.

If we are unable to enter or expand new client verticals, including our relatively new B2B payment vertical, or if our solutions for any new vertical fail to achieve market acceptance, our operating results could be adversely affected and we may be required to reconsider our growth strategy.

Our growth strategy is influenced, in part, on our ability to expand into new client verticals, including our relatively new B2B payment vertical. The B2B payment vertical represents a relatively new market for us, and we have limited prior experience with the key ERP platforms that are critical to the B2B payment vertical. Accordingly, our lack of experience in the B2B payment vertical and with the key ERP platforms may result in operational difficulties, which could cause a delay or failure to integrate and realize the benefits of entering into this vertical. In addition, B2B payments carry a higher risk profile than education or healthcare receivables, and we will be required to devote more resources to manage the increased risk inherent in these payments. The payment volume and resulting revenue from our B2B payment vertical represents, and is expected for the foreseeable future to represent, less than 10% of our total payment volume and revenue. We expect both the payment volume and the revenue from this vertical to grow over time. As such, failure to grow our payment volume and resulting revenue from our B2B payment vertical may have an adverse effect on our business, operating results and financial condition.

We may be unable to identify new verticals that meet our criteria for selecting industries that our solutions are ideally suited to address. In addition, our market validation process may not support entry into selected verticals due to our perception of the overall market opportunity or of the willingness of market participants within those verticals to adopt our solutions.

Even if we choose to enter new verticals, our market validation process does not guarantee our success. We may be unable to tailor our solutions for a new vertical or, in the event that we enter a new vertical by way of a strategic acquisition, we may be unable to leverage the acquired platform in time to take advantage of the identified market opportunity, and any delay in our time-to-market could expose us to additional competition or other factors that could impede our success. In addition, any solution we develop or acquire for a new vertical may not provide the functionality required by potential clients or their customers and, as a result, may not achieve widespread market acceptance within the new vertical. To the extent we choose to enter new verticals, whether organically or via strategic acquisition, we may invest significant resources to develop and expand the functionality of our solutions to meet the needs of customers in those verticals, which investments will occur in advance of our realization of revenue from them.

Consolidation in the payment processing or enablement industry could have a material adverse effect on our business, financial condition and results of operations.

Many payment processing or enablement industry participants are consolidating to create larger and more integrated financial processing systems with greater market power. We expect regulatory and economic conditions to result in additional consolidation in the healthcare industry in the future. As consolidation accelerates, the economies of scale of our clients’ organizations may grow. If a client experiences sizable growth following consolidation, it may determine that it no longer needs to rely on us and may reduce its demand for our solutions. In addition, as payment processing providers consolidate to create larger and more integrated systems with greater market power, these providers

38


 

may try to use their market power to negotiate fee reductions for our solutions. Finally, consolidation may also result in the acquisition or future development by our clients of products and services that compete with our solutions. Any of these potential results of consolidation could have a material adverse effect on our business, financial condition and results of operations.

Risks Related to Our Operations

We may not be able to scale our business quickly enough to meet our growing client base, and if we are not able to grow efficiently, our operating results could be harmed.

As usage of our solutions grows and we sign additional clients and technology partners, we will need to devote additional resources to improving and maintaining our infrastructure and global payments network and integrating with third-party applications to maintain the performance of our solutions. In addition, we will need to appropriately scale our internal business systems, including client support, our 24x7 assistance to clients’ customers and risk and compliance operations, to serve our growing client base.

Any failure of or delay in these efforts could result in interruptions to our solutions, impaired system performance, and reduced client satisfaction, resulting in decreased sales to clients, lower renewal rates by existing clients, the issuance of service credits, or requested refunds, all of which could hurt our revenue growth. If sustained or repeated, these performance issues could reduce the attractiveness of our solutions to clients and their customers and could result in lost client opportunities and lower renewal rates, any of which could hurt our revenue growth, client loyalty, and our reputation. Even if we are successful in these efforts to scale our business, they will be expensive and complex, and require the dedication of significant management time and attention. We could also face inefficiencies or service disruptions as a result of our efforts to scale our internal infrastructure. We cannot be sure that the expansion and improvements to our internal infrastructure will be effectively implemented on a timely basis, if at all, and such failures could adversely affect our business, operating results, and financial condition.

We enable the transfer of large sums of funds to our clients daily, and are subject to the risk of errors, which could result in financial losses, damage to our reputation, or loss of trust in our brand, which would harm our business and financial results.

For the year ended December 31, 2021, we processed over $13.2 billion in payments on our solutions, compared to approximately $7.5 billion for the year ended December 31, 2020. For the year ended December 31, 2020, we processed over $7.5 billion in payments on our solutions, compared to approximately $5.8 billion for the year ended December 31, 2019. We have grown rapidly and seek to continue to grow, and our business is subject to the risk of financial losses as a result of chargebacks for client-related losses, credit losses, operational errors, software defects, service disruption, employee misconduct, security breaches, or other similar actions or errors in our solutions. As a provider of accounts receivable and other payment solutions, we enable the transfer of funds to our clients from their customers. Software errors in our solutions and operational errors by our FlyMates and business partners may also expose us to losses.

Moreover, our trustworthiness and reputation are fundamental to our business. As a global payments enablement and software company, the occurrence of any credit losses, operational errors, software defects, service disruption, employee misconduct, security breaches, or other similar actions or errors in our solutions could result in financial losses to our business and our clients, loss of trust, damage to our reputation, or termination of our agreements with strategic partners, each of which could result in:

loss of clients or a reduction in use of our solutions by our clients’ customers;
lost or delayed market acceptance and acquisition of new clients;
legal claims against us;
regulatory enforcement action; or
diversion of our resources, including through increased service expenses or financial concessions, and increased insurance costs.

There can be no assurance that the insurance we maintain to cover losses resulting from our errors and omissions will cover all losses or our coverage will be sufficient to cover our losses. If we suffer significant losses or reputational harm as a result, our business, operating results, and financial condition could be adversely affected.

39


 

If we are unable to maintain or expand our ability to offer a variety of local and international payment methods for our clients to make available to their customers, or if we fail to continue to grow and develop preferred payment choices, our business may be materially and adversely affected.

The continued growth and development of our proprietary global payments network will also depend on our ability to anticipate and adapt to changes in client and customer behavior. For example, behavior may change regarding the use of credit and debit card transactions, including the relative increased use of cash, crypto-currencies, other emerging or alternative payment methods and credit card systems that may include strong regional preferences that we or our processing partners do not adequately support. Any failure to timely integrate emerging payment methods into our solutions, anticipate behavior changes, or contract with payment processing partners that support such emerging payment technologies could cause our clients to use our solutions less, resulting in a corresponding loss of revenue, in the event such methods become popular among their customers.

The number and variety of the payment methods we offer or currencies we are able to service may not meet client expectations, or the costs borne by our clients’ customers in completing payments may become unsuitable. Accordingly, we may need to change our pricing strategies or reduce our prices, which could harm our revenue, gross profits, and operating results.

We utilize a number of payment providers to clear and settle transactions for our clients, including payments providers such as China UnionPay Co. Ltd. and Adyen N.V. If the services provided by these partners become unavailable due to extended outages or interruptions or because they are no longer available on commercially reasonable terms or prices, or for any other reason, our expenses could increase and our ability to process certain payments could be materially interrupted, all of which could harm our business, financial condition, and results of operations. In addition, our agreements with these providers include certain terms and conditions. These providers have broad discretion to change their terms of service and other policies with respect to our business, and those changes may be unfavorable to us. Therefore, we believe that maintaining successful partnerships with these payment providers is critical to our success.

We, our strategic partners and our clients obtain and process large amounts of personal and sensitive data. Any real or perceived improper or unauthorized use of, disclosure of, or access to such data could harm our reputation as a trusted brand, as well as have a material adverse effect on our business.

We, our strategic partners and our clients, and the third-party vendors that we use, obtain and process large amounts of sensitive data, including personally identifiable information, also referred to as “personal data,” and other potentially sensitive data related to our clients, their customers and each of their transactions, as well as a variety of such data relating to our own workforce and internal operations. We face risks, including to our reputation as a trusted brand, in the handling and protection of this data, and these risks will increase as our business continues to expand to include new solutions and technologies.

We are responsible for data security for ourselves and for third parties with whom we partner and under the rules and regulations established by the payment networks, such as Visa, Mastercard and American Express, and debit card networks and by industry regulations and standards that may be promulgated by organizations such as NACHA, which manages the governance of the ACH network in the United States. These third parties include our distribution partners and other third-party service providers and agents. We and other third parties collect, process, store and/or transmit personal and sensitive data, such as names, addresses, social security numbers, credit or debit card numbers and expiration dates, driver’s license numbers and bank account numbers. We have ultimate liability to the payment networks and to our customers for our failure or the failure of third parties with whom we contract to protect this data in accordance with PCI DSS and network requirements. The loss, destruction or unauthorized modification or disclosure of merchant or cardholder data by us or our contracted third parties could result in significant fines, sanctions and proceedings or actions against us by the payment networks, governmental entities, clients, client customers or others and damage our reputation.

Similarly, there are existing regulatory regimes designed to protect the privacy of categories of personal or otherwise sensitive data. Relevant U.S. federal privacy laws include the FERPA, the Gramm-Leach-Bliley Act (GLBA), and HIPAA. We also are subject to stringent contractual obligations relating to the handling of such data, including obligations that are more restrictive than legally required. For example, under HIPAA, the information we collect during the payment experience may include protected health Information (PHI), and as such, we are considered a “business associate” of the U.S. healthcare clients we serve, and we are required to enter into a business associate agreement (BAA) with these clients. The BAAs largely mirror some of the statutory obligations contained in HIPAA, but many contain additional contractual undertakings that give these clients additional remedies in the event of a breach of our obligations to protect the confidentiality of the client’s PHI or otherwise meet our contractual obligations. Privacy laws impose a variety of compliance burdens on us and our clients, such as requiring notice to individuals of privacy practices, providing individuals with certain rights to prevent the use and disclosure of protected information, and also imposing requirements

40


 

for safeguarding and proper destruction of personal information through the issuance of data security standards or guidelines. Privacy laws grant audit rights to our regulators and those of our clients. Any unauthorized disclosure of PHI or other data we are obligated to protect by regulation or contract could result in significant fines, sanctions, or requirements to take corrective action that could materially adversely affect our reputation and business.

Threats may derive from human error, fraud, or malice on the part of employees or third parties, or from accidental technological failure. For example, certain of our employees have access to personal and sensitive data that could be used to commit identity theft or fraud. Concerns about security increase when we transmit information electronically because such transmissions can be subject to attack, interception, or loss. Also, computer viruses can be distributed and spread rapidly over the Internet and could infiltrate our systems or those of our contracted third parties. Denial of service or other attacks could be launched against us for a variety of purposes, including interfering with our solutions or to create a diversion for other malicious activities. These and other types of actions and attacks could disrupt our delivery of solutions or make them unavailable. Any such actions or attacks against us or our contracted third parties could impugn our reputation, force us to incur significant expenses in remediating the resulting impacts, expose us to uninsured liability, result in the loss of our bank sponsors or our ability to participate in the payment networks, increase our risk of regulatory scrutiny and the costs associated with such scrutiny, subject us to lawsuits, fines or sanctions, distract our management, or increase our costs of doing business.

We and our contracted third parties could be subject to security breaches by hackers. Our encryption of data and other protective measures may not prevent unauthorized access to or use of personal and sensitive data. A breach of a system may subject us to material losses or liability, including payment network fines, assessments and claims for unauthorized purchases with misappropriated credit, debit or card information, impersonation, or other similar fraud claims. A misuse of such data or a cybersecurity breach could harm our reputation and deter clients and their customers from using electronic payments generally and our solutions specifically, thus reducing our revenue. In addition, any such misuse or breach could cause us to incur costs to correct the breaches or failures, expose us to uninsured liability, increase our risk of regulatory scrutiny and the costs associated with such scrutiny, subject us to lawsuits, and result in the imposition of material penalties and fines under state and federal laws or by the payment networks. The insurance coverage we maintain to cover cyber risks may be insufficient to cover all losses. In addition, a significant cybersecurity breach of our systems or communications could result in payment networks prohibiting us from processing transactions on their networks or the loss of our bank sponsors that facilitate our participation in the payment networks, either of which could materially impede our ability to conduct business.

Cyber incidents have been increasing in sophistication and frequency and can include third parties gaining access to employee or customer data using stolen or inferred credentials, computer malware, viruses, spamming, phishing attacks, ransomware, card skimming code, and other deliberate attacks and attempts to gain unauthorized access. Providers of payment and accounts receivable software have frequently been targeted by such attacks and due to the war in the Ukraine and continued political uncertainty involving Russia and Ukraine and potentially other regions of Europe, there is an increased likelihood that escalation of tensions could result in cyber-attacks that could either directly or indirectly impact our operations. Because of this, we face additional cybersecurity challenges, including threats to our own IT infrastructure or those of our clients, our customers’ clients, and/or third-party providers, that may take a variety of forms ranging from stolen bank accounts, business email compromise, client employee fraud, account takeover, or check fraud, to “mega breaches” targeted against payment and accounts receivable software, which could be initiated by individual or groups of hackers or sophisticated cyber criminals using any of the methods described above. A cybersecurity incident or breach could result in disclosure of confidential information and intellectual property, or cause production downtimes and compromised data. We have in the past experienced cybersecurity incidents of limited scale, and we may in the future experience other data security incidents or breaches affecting personally identifiable information or other confidential business information. We may be unable to anticipate or prevent techniques used in the future to obtain unauthorized access or to sabotage systems because they change frequently and often are not detected until after an incident has occurred. As we increase our client base and our brand becomes more widely known and recognized, third parties may increasingly seek to compromise our security controls or gain unauthorized access to our sensitive corporate information or our clients’ (or our clients’ customers’) data.

Additionally, it is also possible that unauthorized access to sensitive customer and business data may be obtained through inadequate use of security controls by our customers, suppliers or other vendors. While we are still not currently aware of any impact that the SolarWinds supply chain attack had on our business, this is a relatively recent event, and the scope of the attack is still undetermined. Therefore, there is residual risk that we could experience a security breach arising from the SolarWinds supply chain attack.

We have administrative, technical, and physical security measures in place, and we have policies and procedures in place to both evaluate the security protocols and practices of our vendors and to contractually require service providers to

41


 

whom we disclose personal data to implement and maintain privacy and security measures. However, we cannot provide assurance that the contractual requirements related to security and privacy that we impose on our service providers will be followed, or that those requirements, or our internal measures, will be adequate to prevent the unauthorized use or disclosure of data. If our privacy protection or security measures or those of the previously mentioned third parties are inadequate or are breached as a result of third-party action, employee or contractor error, malfeasance, malware, phishing, hacking attacks, system error, software bugs or defects in our solutions, trickery, process failure, or otherwise, and, as a result, there is improper disclosure of, or someone obtains unauthorized access to or extract funds or sensitive information, including personally identifiable information, on our systems or our partners’ systems, or if we suffer a ransomware or advanced persistent threat attack, or if any of the foregoing is reported or perceived to have occurred, our reputation and business could be damaged. Recent high-profile security breaches and related disclosures of personal and sensitive data by large institutions suggest that the risk of such events is significant, even if privacy protection and security measures are implemented and enforced. If personal or sensitive information is lost or improperly disclosed or threatened to be disclosed, we could incur significant costs associated with remediation and the implementation of additional security measures, including costs to deploy additional personnel and protection technologies, train employees, and engage third-party experts and consultants. In addition, we may incur significant liability and financial loss and may be subject to regulatory scrutiny, investigations, proceedings, and penalties.

Under our terms of service and our contracts with strategic partners and clients, if there is a breach of payment information that we store, we could be liable for their losses and related expenses. Additionally, if our own confidential business information were improperly disclosed, our business could be materially and adversely affected. A core aspect of our business is the reliability and security of our solutions. Any perceived or actual breach of security, regardless of how it occurs or the extent of the breach, could have a significant impact on our reputation as a trusted brand, cause us to lose existing partners or clients, prevent us from obtaining new partners, clients or customers, require us to expend significant funds to remedy problems caused by breaches and implement measures to prevent further breaches, and expose us to legal risk and potential liability including those resulting from governmental or regulatory investigations, class action litigation, and costs associated with remediation, such as fraud monitoring and forensics. Any actual or perceived security breach at a company providing services to us or our clients could have similar effects.

We cannot be certain that our insurance coverage will be adequate for data handling or data security liabilities actually incurred, that insurance will continue to be available to us on economically reasonable terms, or at all, or that any insurer will not deny coverage as to any future claim. The successful assertion of one or more large claims against us that exceed available insurance coverage, or the occurrence of changes in our insurance policies, including premium increases or the imposition of large deductible or co-insurance requirements, could have a material adverse effect on our business, including our financial condition, operating results, and reputation.

Our risk management efforts may not be effective to prevent fraudulent activities by our customers, employees or other third parties, which could expose us to material financial losses and liability and otherwise harm our business.

Our software provides payment facilitation solutions for a large number of our clients and their customers. We are responsible for performing KYC reviews of our clients, sanctions screening their customers, and monitoring transactions for fraud. We have been and may continue to be targeted by parties who seek to commit acts of financial fraud using techniques such as stolen identities and bank accounts, compromised business email accounts, employee or insider fraud, account takeover, false applications, and fake invoicing. We may suffer losses from acts of financial fraud committed by our clients, our clients’ customers and purported customers, our employees and payment partners or third parties.

The techniques used to perpetrate fraud are continually evolving and we may not be able to identify all risks created by new solutions or functionality. Our risk management policies, procedures, techniques, and processes may not be sufficient to identify all of the risks to which we are exposed, to enable us to prevent or mitigate the risks we have identified, or to identify additional risks to which we may become subject in the future. Furthermore, our risk management policies, procedures, techniques, and processes may contain errors or our employees or agents may commit mistakes or errors in judgment as a result of which we may suffer large financial losses. The software-driven and highly automated nature of our solutions could enable criminals and those committing fraud to steal significant amounts of money accessing our solutions. As greater numbers of our clients' customers use our solutions, and we serve clients in industries that are at higher risk for fraudulent activity, our exposure to material risk losses from a single client, or from a small number of clients, will increase. In addition, our clients or their customers may suffer losses from acts of financial fraud by third parties posing as us through account takeover, credential harvesting, use of stolen identities and various other techniques, which could harm our reputation, consume significant time of our compliance, security and client relations

42


 

teams to investigate and remediate, or prompt us to reimburse our clients for such losses in order to maintain client business relationships.

Our current business and anticipated growth will continue to place significant demands on our risk management efforts, and we will need to continue developing and improving and investing in our existing risk management infrastructure, policies, procedures, techniques, and processes. As techniques used to perpetrate fraud on our solutions evolve, we may need to modify our solutions to mitigate fraud risks. As our business grows and becomes more complex, we may be less able to forecast and carry appropriate reserves in our books for fraud related losses. Further, these types of fraudulent activities targeting our solutions can also expose us to civil and criminal liability, governmental and regulatory sanctions as well as potentially cause us to be in breach of our contractual obligations to our clients and partners.

We are exposed to fluctuations in foreign currency exchange rates that could materially and adversely affect our results of operations.

A majority of the total payment volume we have historically processed is cross-border payments denominated in many foreign currencies, which subjects us to foreign currency risk. The strengthening or weakening of the U.S. dollar versus these foreign currencies impacts the translation of our net revenues generated in these foreign currencies into the U.S. dollar. In connection with providing our solutions in multiple currencies, we may face financial exposure if we are unable to implement appropriate hedging strategies, negotiate beneficial foreign exchange rates, or as a result of fluctuations in foreign exchange rates between the times that we set them. We also have foreign exchange risk on our assets and liabilities denominated in currencies other than the functional currency of our subsidiaries. We also incur expenses for employee compensation and other operating expenses at our non-U.S. locations in the local currency. Fluctuations in the exchange rates between the U.S. dollar and other currencies, including the recent depreciation of the Russian ruble, could result in the dollar equivalent of our expenses being higher which may not be offset by additional revenue earned in the local currency. This could have a negative impact on our reported results of operations.

Periods of instability in the Eurozone, including fears of sovereign debt defaults, and stagnant growth generally, and of certain Eurozone member states in particular, have resulted in concerns regarding the suitability of a shared currency for the region, which could lead to the reintroduction of individual currencies for member states. If this were to occur, Euro-denominated assets and liabilities would be re-denominated to such individual currencies, which could result in a mismatch in the values of assets and liabilities and expose us to additional currency risks.

As our international operations continue to grow, our risks associated with fluctuation in currency rates will become greater, and we will continue to reassess our approach to managing this risk, such as using foreign currency forward and option contracts to hedge certain exposures to fluctuations in foreign currency exchange rates. In addition, currency fluctuations or a weakening U.S. dollar can increase the costs of our international operations, and the strengthening U.S. dollar could slow international demand as solutions priced in the U.S. dollar become more expensive.

If we fail to adapt and respond effectively to rapidly changing technology, evolving industry standards, changing regulations, and changing business needs, requirements, or preferences, or if we fail to continue to grow and develop our payments solutions, our business may be materially and adversely affected.

Our future success depends in large part on the continued growth and development of our payments solutions. If such activities are limited, restricted, curtailed or degraded in any way, or if we fail to continue to grow and develop our payments solutions, our business may be materially and adversely affected. The market for payments enablement solutions is relatively new and subject to changes in technology, regulatory regimes, industry standards, payment methods, regulations and client and customer needs. The success of our business will depend, in part, on our ability to adapt and respond effectively to these changes through methods which include launching new solutions.

The success of any new product and service, or any enhancements or modifications to existing solutions, depends on several factors, including the timely completion, introduction, and market acceptance of such solutions, enhancements, and modifications. Our engineering and software development teams operate in different locations across the globe (including teams in Valencia, Spain, Cluj, Romania, Chicago and Tel Aviv, Israel), which can create logistical challenges. If we are unable to effectively coordinate with our global technology and development teams to enhance our solutions, add new payment methods or develop new solutions that keep pace with technological and regulatory changes to achieve market acceptance, or if new technologies emerge that are able to deliver competitive solutions that are more effective, secure, convenient or cost effective than our solutions, our business, operating results, and financial condition would be adversely affected. Furthermore, modifications to our existing solutions or technology will increase our technology and development expenses. Any failure of our solutions to operate effectively with existing or future network solutions and technologies could reduce the demand for our solutions, result in clients or clients' customer dissatisfaction and adversely affect our business.

43


 

Changes to payment card networks fees or rules could harm our business.

We are required to comply with Mastercard, American Express, and Visa payment card network operating rules and the rules of other regional card (such as China Unionpay or JCB) or payment providers, in connection with our solutions. We have agreed to reimburse our merchant acquirers for any fines they are assessed by payment card networks as a result of any rule violations by us. We may also be directly liable to the payment card networks for rule violations. The payment card networks set and interpret the card operating rules. The payment card networks could adopt new operating rules or interpret or reinterpret existing rules that we or our processors might find difficult or even impossible to follow, or costly to implement. For example, the card networks could adopt new rules or reinterpret existing rules to substantially modify how we offer credit card payment methods to our clients, or impose new fees or costs that could negatively impact our margins. Card networks also could modify security or fraud detection methodologies that could have a downstream impact on our business, and force us to change our solutions, payment experience or security protocols, which may increase our operating costs. We also may seek to introduce other card-related solutions in the future, which would entail additional operating rules. As a result of any violations of rules, new rules being implemented, or increased fees, we could lose our ability to offer certain cards as a payment method to our clients’ customers, or such payments could become prohibitively expensive for us or for our clients. Additionally, from time to time, card networks, including Visa and Mastercard, increase the fees that they charge processors. We could attempt to pass these increases along to our clients and their customers, but this strategy might result in the loss of clients to our competitors who do not pass along the increases. If competitive practices prevent us from passing along the higher fees to our clients and their customers in the future, we may have to absorb all or a portion of such increases, which may increase our operating costs and reduce our profit margins. If we are unable to offer credit cards as a payment method to our clients’ customers, our business would be adversely affected.

If we do not or cannot maintain the compatibility of our solution with evolving software solutions used by our clients, or the interoperability of our solutions with those of our third-party payment providers, payment networks and key software vendors, our business may be materially and adversely affected.

Our solutions integrate with ERP systems, such as Ellucian Company, L.P. in education, Epic Systems Corporation in healthcare, Rezdy Pty Ltd in travel and Oracle Corporation in B2B payments. We automatically synchronize suppliers, clients, client customers, invoices, and payment transactions between our solutions and these systems. This two-way sync eliminates duplicate data entry and provides the basis for managing cash-flow through an integrated solution for accounts receivable, and payments.

In addition, we are subject to certain standard terms and conditions with these partners. These partners have broad discretion to change their terms of service and other policies, and those changes may be unfavorable to us. Therefore, we believe that maintaining successful partnerships with these providers is critical to our future success.

We also rely on our proprietary global payment network comprised of leading global, regional and local banks and technology and payment partners. If we do not or cannot maintain the interoperability of their products or services or the products or our key software vendors that are integral to our solutions, our business may be materially and adversely affected. These third parties periodically update and change their systems, and although we have been able to adapt our solutions to their evolving needs in the past, there can be no guarantee that we will be able to do so in the future. In particular, if we are unable to adapt to such changes, we may not be able to utilize these strategic partners and we may lose access to large numbers of clients as a result.

If any of the third party software providers change the features of their APIs, discontinue their support of such APIs, restrict our access to their APIs, or alter the terms governing their use in a manner that is adverse to our business, we will not be able to provide synchronization capabilities, which could significantly diminish the value of our solutions and harm our business, operating results, and financial condition.

If we fail to maintain and enhance our brand, our ability to expand our client base will be impaired and our business, operating results, and financial condition may suffer.

We believe that further developing, maintaining and enhancing our brand domestically and on a global basis is important to support the marketing and sale of our existing and future solutions to new clients and to attracting additional and strategic partners. Successfully further developing, maintaining and enhancing our brand will depend largely on the effectiveness of our marketing and demand generation efforts, our ability to provide reliable and seamless solutions that continue to meet the needs of our clients and their customers at competitive prices, our ability to maintain our clients’ trust, our ability to continue to develop new functionality, solutions, and our ability to successfully differentiate solutions from competitive solutions. Our brand promotion activities may not generate client awareness or yield increased revenue,

44


 

and even if they do, any increased revenue may not offset the expenses we incur in building our brand. If we fail to successfully promote and maintain our brand, our business could suffer.

If we lose key members of our management team or are unable to attract and retain executives and employees we need to support our operations and growth, our business may be harmed.

Our success and future growth depend upon the continued services of our management team and other key employees. Our Chief Executive Officer, Michael Massaro, and our President and Chief Operating Officer, Rob Orgel, are critical to our overall management, as well as the continued development of our solutions, strategic partnerships, culture, relationships with financial institutions, and strategic direction. From time to time, there may be changes in our management team resulting from the hiring or departure of executives and key employees, which could disrupt our business. Our senior management and key employees are employed on an at-will basis. We currently have “key person” insurance on our Chief Executive Officer, Michael Massaro, but not for any of the other members of our management team. Certain of our key employees have been with us for a long period of time and have fully vested stock options or other long-term equity incentives that may become valuable and are publicly tradable subject to Rule 144 limitations, which may reduce the incentive for each of these key employees to remain at our Company. We cannot ensure that we will be able to retain the services of any members of our senior management or other key employees or that we would be able to timely replace members of our senior management or other key employees should any of them depart. The loss of our Chief Executive Officer, or our President and Chief Operating Officer, or one or more of our senior management, or other key employees could harm our business, and we may not be able to find adequate replacements.

The failure to attract and retain additional qualified personnel could prevent us from executing our business strategy and growth plans.

To execute our business strategy, we must attract and retain highly qualified personnel. Competition for executive officers, software developers, compliance and risk management personnel and other key employees in our industry and locations is intense and increasing, especially in the U.S., where wage inflation has been increasing. We compete with many other companies for software developers with high levels of experience in designing, developing, and managing payment systems, as well as for skilled legal and compliance and risk operations professionals. Many of the companies with which we compete for experienced personnel have greater resources than we do and can frequently offer such personnel substantially greater compensation than we can offer. If we fail to identify, attract, develop and integrate new personnel, or fail to retain and motivate our current personnel, our growth prospects would be adversely affected.

If we cannot maintain our company culture as we grow, our success and our business may be harmed.

We believe our culture has been a key contributor to our success to date and that the critical nature of the solutions that we provide promotes a sense of greater purpose and fulfillment in our FlyMates. Any failure to preserve our culture could negatively affect our ability to retain and recruit personnel, which is critical to our growth, and to effectively focus on and pursue our corporate objectives. As we grow and develop the infrastructure of a public company, we may find it difficult to maintain these important aspects of our culture. If we fail to maintain our culture, our business and competitive position may be adversely affected.

Our sales cycles may be long and vary.

We devote significant resources to establish relationships with new clients and deepen relationships with existing clients. The sales cycles of our solutions tend to vary depending on the client industry sector which may make forecasting more complex and uncertain.

As a result of the ongoing COVID-19 pandemic, many enterprises have limited travel, prohibited in person meetings and implemented other restrictions that could make the sales process more lengthy and difficult. Mid-market and large enterprises tend to have more complex operating environments than smaller businesses, making it often more difficult and time-consuming for us to demonstrate the value of our solutions to prospective clients. The decision to use our solutions may also be an enterprise-wide decision, and require us to provide greater levels of education regarding the use and benefits of our solutions, which may result in additional time, effort, and money spent on our sales cycle without any assurance that our efforts will be successful in generating any sales. Often, major hospital systems and national or state higher education systems will solicit service offers by issuing requests for proposals (RFPs), which are generally a time- and resource-intensive process, with no assurances of being selected as a vendor after the RFP process is completed. Finally, large enterprises typically have longer implementation cycles, especially hospital and education systems, require greater product functionality and scalability and a broader range of services, demand that vendors take on a larger share of risks, sometimes require longer testing periods that delay general availability of our solutions, and expect greater payment flexibility from vendors. All of these factors can add further risk to business conducted with these clients. If we fail

45


 

to realize an expected sale from a large end-client in a particular quarter or at all, our business, operating results, and financial condition could be materially and adversely affected.

In addition, we may face unexpected deployment challenges with enterprise clients. It may be difficult to deploy our software solutions if a client has unexpected database, hardware or software technology issues, or if a client insists on a more customized or unique solution that is time intensive or that we have little prior experience in delivering. Decisions on timing of deployments may also be impacted by cost and availability of personnel. Any difficulties or delays in the initial implementation could cause clients to reject our solutions or lead to the delay or non-receipt of future orders, in which case our business, operating results and financial condition would be harmed.

Our operating results depend in substantial part on our ability to deliver a successful client experience and persuade our clients to grow their relationship with us over time. As we expect to grow rapidly, our client acquisition costs could outpace our build-up of recurring revenue, and we may be unable to reduce our total operating costs through economies of scale such that we are unable to achieve profitability. Any increased or unexpected costs or unanticipated delays, including delays caused by factors outside of our control, could cause our operating results to suffer.

We typically incur significant upfront costs in our client relationships, and if we are unable to develop or grow these relationships over time, we are unlikely to recover these costs and our operating results may suffer.

We devote significant resources to establish relationships with new clients and deepen relationships with existing clients. Our sales cycle for our solutions can be variable, typically ranging from three to nine months from initial contact to contract execution. However, there is potential for our sales cycle to extend beyond three to nine months as a result of the COVID-19 pandemic and other factors. During the period of our sales cycle, our efforts involve educating our clients about the use, technical capabilities and benefits of our solutions. Our operating results depend in substantial part on our ability to deliver a successful client experience and persuade our clients to grow their relationship with us over time. As we expect to grow rapidly, our client acquisition costs could outpace our build-up of recurring revenue, and we may be unable to reduce our total operating costs through economies of scale such that we are unable to achieve profitability. Any increased or unexpected costs or unanticipated delays, including delays caused by factors outside of our control, could cause our operating results to suffer.

If we fail to offer high-quality client support, or if our support is more expensive than anticipated, our business and reputation could suffer.

Our clients and their customers rely on our support services to resolve issues and realize the full benefits provided by our solutions. High-quality support is also important for the expansion of the use of our solutions with existing clients and their customers. We provide multilingual support over chat, email or via telephone. The number of our clients, and the number of their customers utilizing our solutions, has grown significantly and such growth, as well as any future growth, will put additional pressure on our client service organization. If we do not help our clients and their customers quickly resolve issues and provide effective ongoing support, or if our support personnel or methods of providing support are insufficient to meet the needs of our clients and their customers, our ability to retain clients and their customers and acquire new clients and customers could suffer, and our reputation with existing or potential clients could be harmed. Providing an exceptional client experience requires significant time and resources from our client service team. Therefore, failure to scale our client service organization adequately may adversely impact our business results and financial condition.

In addition, as we continue to grow our operations and continue to expand to new jurisdictions, we need to be able to provide efficient client service that meets our clients’ needs globally at scale. In geographies where we sell through our channel partners, if we are unable to provide a high quality client experience tailored to the language and culture of the applicable jurisdiction, our business operations and reputation may suffer.

We may require additional capital to support the growth of our business, and this capital might not be available on acceptable terms, if at all.

We have funded our operations since inception primarily through equity and debt financings, sales of our solutions, and fees. We cannot be certain when or if our operations will generate sufficient cash to fully fund our ongoing operations or the growth of our business. We intend to continue to make investments to support our business, which may require us to engage in equity or debt financings to secure additional funds. Additional financing may not be available on terms favorable to us, if at all. If adequate funds are not available on acceptable terms, we may be unable to invest in future growth opportunities, which could harm our business, operating results, and financial condition. If we incur additional debt, the debt holders would have rights senior to holders of common stock to make claims on our assets, and the terms of any debt could restrict our operations, including our ability to pay dividends on our common stock. Furthermore, if we issue

46


 

additional equity securities, stockholders will experience dilution, and the new equity securities could have rights senior to those of our common stock. Because our decision to issue securities in the future will depend on numerous considerations, including factors beyond our control, we cannot predict or estimate the amount, timing, or nature of any future issuances of debt or equity securities. As a result, our stockholders bear the risk of future issuances of debt or equity securities reducing the value of our common stock and diluting their interests.

Our business could be harmed as a result of the risks associated with our acquisitions.

As part of our business strategy, we have in the past and intend to continue to seek to acquire or invest in businesses, products or technologies that could complement or expand our business, enhance our technical capabilities or otherwise offer growth opportunities by providing us with additional intellectual property, client relationships and geographic coverage. The pursuit of potential acquisitions may divert the attention of management and cause us to incur various expenses in identifying, investigating, and pursuing suitable acquisitions, whether or not such acquisitions are completed. In addition, we can provide no assurances that we will be able to find and identify desirable acquisition targets or that we will be successful in entering into a definitive agreement with any one target. In addition, even if we reach a definitive agreement with a target, there is no assurance that we will complete any future acquisition or if we do acquire additional businesses, we may not be able to integrate them effectively following the acquisition or effectively manage the combined business following the acquisition.

Any acquisitions we undertake or have recently completed, including the acquisition of WPM in December 2021 and Simplee in February 2020, will likely be accompanied by business risks which may include, among other things:

the effect of the acquisition on our financial and strategic position and reputation;
the failure of an acquisition to result in expected benefits, which may include benefits relating to enhanced revenues, technology, human resources, costs savings, operating efficiencies, goodwill and other synergies;
the difficulty, cost and management effort required to integrate the acquired businesses, including costs and delays in implementing common systems and procedures and costs and delays caused by communication difficulties;
the assumption of certain known or unknown liabilities of the acquired business, including litigation-related liabilities;
the reduction of our cash available for operations and other uses, the increase in amortization expense related to identifiable assets acquired, potentially dilutive issuances of equity securities or the incurrence of debt;
a lack of experience in new markets, new business culture, products or technologies or an initial dependence on unfamiliar distribution partners;
the possibility that we will pay more than the value we derive from the acquisition;
the impairment of relationships with our clients, clients' customers, partners or suppliers or those of the acquired business; and
the potential loss of key employees of the acquired business.

These factors could harm our business, results of operations or financial condition.

In addition to the risks commonly encountered in the acquisition of a business or assets as described above, we may also experience risks relating to the challenges and costs of closing a transaction. The risks described above may be exacerbated as a result of managing multiple acquisitions at once.

Systems failures and resulting interruptions in the availability of our solutions could harm our business.

Our systems and those of our service providers and partners have experienced from time to time, and may experience in the future, service interruptions or degradation because of hardware and software defects or malfunctions, distributed denial-of-service and other cyberattacks, insider threats, human error, earthquakes, hurricanes, floods, fires, and other natural disasters, war or other military conflict, including an escalation of the conflict between Russia and Ukraine, power losses, disruptions in telecommunications services, fraud, computer viruses or other malware, or other events. Some of our systems are not fully redundant, and our disaster recovery planning may not be sufficient for all

47


 

possible outcomes or events. In addition, as a provider of payments solutions targeted to highly regulated clients in industries such as education and healthcare, we are subject to heightened scrutiny by regulators that may require specific business continuity, resiliency and disaster recovery plans, and more rigorous testing of such plans, which may be costly and time-consuming to implement, and may divert our resources from other business priorities.

A prolonged interruption in the availability, speed, or functionality of our solutions or payment methods could materially harm our business. Frequent or persistent interruptions in our solutions could cause current or potential clients and their customers to believe that our systems are unreliable, leading them to switch to our competitors or to avoid or reduce the use of our solutions, and could permanently harm our reputation and brand. Moreover, if any system failure or similar event results in damages to our clients or their customers and business partners, these clients, customers or partners could seek significant compensation or contractual penalties from us for their losses, and those claims, even if unsuccessful, would likely be time-consuming and costly for us to address.

We have undertaken and continue to make certain technology and network upgrades and redundancies which are designed to improve the reliability of our solutions. These efforts are costly and time-consuming, involve significant technical risk and may divert our resources from new features and solutions, and there can be no guarantee that these efforts will succeed. Because we are a regulated payments institution in certain jurisdictions, frequent or persistent interruptions could lead to regulatory scrutiny, significant fines and penalties, and mandatory and costly changes to our business practices, and ultimately could cause us to lose existing licenses that we need to operate or prevent or delay us from obtaining additional licenses that may be required for our business.

We use public cloud hosting with AWS and depend on AWS’ ability to protect their data centers against damage or interruption from natural disasters, power or telecommunications failures, criminal acts, and similar events. Our operations depend on protecting the cloud infrastructure hosted by AWS by maintaining the configuration, architecture, and interconnection specifications, as well as the information stored in these virtual data centers and transmitted by third-party internet service providers. In limited occasions, we have experienced service disruptions in the past, and may experience interruptions or delays in our solutions in the future. We may also incur significant costs for using alternative equipment or taking other actions in preparation for, or in reaction to, events that damage the data storage services we use. Although we have disaster recovery plans that utilize various data storage locations, any incident affecting our data storage or internet service providers’ infrastructure that may be caused by fire, flood, severe storm, earthquake, power loss, telecommunications failures, unauthorized intrusion, computer viruses and disabling devices, natural disasters, war or other military conflict, including an escalation of the conflict between Russia and Ukraine, terrorist attacks, negligence, and other similar events beyond our control could negatively affect our solutions. Any prolonged service disruption affecting our solutions could damage our reputation with current and potential clients, expose us to liability, cause us to lose clients, or otherwise harm our business. In the event of damage or interruption to our solutions, our insurance policies may not adequately compensate us for any losses that we may incur. System failures or outages, including any potential disruptions due to significantly increased global demand on certain cloud-based systems during the COVID-19 pandemic, could compromise our ability to provide our solutions in a timely manner, which could harm our ability to conduct business or delay our financial reporting. Such failures could adversely affect our operating results and financial condition.

Our solutions are accessed by many of our clients and their customers, often at the same time. As we continue to expand the number of clients that we serve and solutions that we are able to offer to our clients and their customers, we may not be able to scale our technology to accommodate the increased capacity requirements, which may result in interruptions or delays in service. In addition, the failure of data centers, internet service providers, or other third-party service providers to meet our capacity requirements could result in interruptions or delays in access to our solutions or impede our ability to grow our business and scale our operations. If our third-party infrastructure service agreements are terminated, or there is a lapse of service, interruption of internet service provider connectivity, or damage to data centers, we could experience interruptions in access to our solutions as well as delays and additional expense in arranging new facilities and services.

We also rely on components, applications, and services supplied by third parties, including payment service providers and merchant acquirer partners which subjects us to risks. If these third parties experience operational interference or disruptions, breach their agreements with us, fail to perform their obligations and meet our expectations, or experience a cybersecurity incident, our operations could be disrupted or otherwise negatively affected, which could result in client dissatisfaction, regulatory scrutiny, and damage to our reputation and brand, and materially and adversely affect our business.

In addition, we are continually improving and upgrading our systems and technologies. Implementation of new systems and technologies is complex, expensive, and time-consuming. If we fail to timely and successfully implement new systems and technologies, or improvements or upgrades to existing information systems and technologies, or if such

48


 

systems and technologies do not operate as intended, this could have an adverse impact on our business, internal controls (including internal controls over financial reporting), results of operations, and financial condition.

Risks Related to Our Legal, Regulatory and Compliance Landscape

We currently handle cross-border and domestic payments and plan to expand our solutions to new clients, to accept and settle payments in new countries and in new currencies, and to increase our global network to allow us to offer local and alternative payment methods, creating a variety of operational challenges; additionally, our domestic and international operations subject us to increased risks, which could harm our business.

Our business is subject to risks inherent in conducting business globally, including cross-border payments and domestic payments in the United States and certain other markets. Our handling of domestic and cross-border payments to our clients generates a significant portion of our revenues, with a substantial portion of such revenues coming from payments processed from Asia (including India, China and Korea). We expect that international revenues will continue to account for a significant percentage of total net revenues for the foreseeable future, and that in particular, the proportion of our revenue from Asia will continue to increase. Current events, including the possibility of renegotiated trade deals and international tax law treaties, and the recent escalation of the conflict between Russia and Ukraine, create a level of uncertainty, and potentially increased complexity, for multinational companies. These uncertainties could have a material adverse effect on our business and our results of operations and financial condition. In addition, international operations are subject to various risks which could have a material adverse effect on those operations or our business as a whole, including:

foreign currency exchange rate volatility;
risks related to government regulation or required compliance with local laws;
local licensing and reporting obligations or the imposition of currency controls which make it impossible or increasingly difficult for our clients to collect payments from international customers;
local regulatory and legal obligations related to privacy, data protection, data localization, and user protections;
the need to localize our solutions, including offering clients and their customers the ability to transact business in the local currency and adapting our solutions to local preferences, in markets in which we may have limited or no experience;
trade barriers and changes in trade regulations;
the impact of government sanctions on our ability to offer services in a region, such as the sanctions recently announced by the U.S. and other countries against Russia;
difficulties in developing, staffing, and managing a large number of varying foreign operations as a result of distance, language, and cultural differences;
stringent local labor laws and regulations;
limitations on the repatriation of cash, including imposition or increase of withholding and other taxes on remittances and other payments by foreign subsidiaries;
political or social unrest, war or other military conflict, including an escalation of the conflict between Russia and Ukraine, economic instability, repression, or human rights issues;
natural disasters, global pandemics such as COVID-19 or other public health emergencies, acts of war, and terrorism;
compliance with U.S. laws and foreign laws prohibiting corrupt payments to government officials, such as the Foreign Corrupt Practices Act (FCPA) and the U.K. Bribery Act, and other local anti-corruption laws;
compliance with U.S. and foreign laws designed to combat money laundering and the financing of terrorist activities;

49


 

retaliatory tariffs and restrictions limiting free movement of currency and an unfavorable trade environment, including as a result of political conditions and changes in the laws in the United States and elsewhere and as described in more detail below;
antitrust and competition regulations;
expanded compliance with potentially conflicting and changing laws of taxing jurisdictions where we conduct business and applicable U.S. tax laws as they relate to international operations, the complexity and adverse consequences of such tax laws, and potentially adverse tax consequences due to changes in such tax laws or levels of enforcement;
national or regional differences in macroeconomic growth rates; and
increased difficulties in collecting accounts receivable.

Foreign operations may also expose us to political, social, regulatory and economic uncertainties affecting a country or region, or to political hostility to investments by foreign or private equity investors. Many financial markets are not as developed or as efficient as those in the United States, and as a result, liquidity may be reduced and price volatility may be higher in those markets than in more developed markets. The legal and regulatory environment may also be different, particularly with respect to bankruptcy and reorganization, and may afford us less protection as a creditor than we may be entitled to under U.S. law. Financial accounting standards and practices may differ, and there may be less publicly available information in respect of such companies.

Restrictions imposed or actions taken by foreign governments could include exchange controls, seizure or nationalization of foreign deposits and adoption of other governmental restrictions which adversely affect the prices of securities or the ability to repatriate profits. For instance, we process a substantial amount of payments from China. The Chinese government imposes controls on the convertibility of the Renminbi the currency of China, into foreign currencies and, in certain cases, the remittance of currency out of China. The Chinese government may at its discretion further restrict access in the future to foreign currencies for current account transactions. In addition, income received by us from sources in some countries may be reduced by withholding and other taxes. Any such taxes paid by us will reduce the net income or return from such investments. While we will take these factors into consideration in making investment decisions, including when hedging positions, no assurance can be given that we will be able to fully avoid these risks or generate sufficient risk-adjusted returns.

Violations of the complex foreign and U.S. laws, rules and regulations that apply to our cross-border operations may result in fines, criminal actions, or sanctions against us, our officers, or FlyMates; prohibitions on the conduct of our business; and damage to our reputation. Although we have implemented policies and procedures designed to promote compliance with these laws, there can be no assurance that our FlyMates, contractors, or agents will not violate our policies. These risks are inherent in our cross-border operations and expansion, may increase our costs of doing business internationally, and could harm our business.

Payments and other financial services-related regulations and oversight are material to our business. Our failure to comply could materially harm our business.

The local, state, and federal laws, rules, regulations, licensing schemes, and industry standards in the United States and other jurisdictions in which we operate that govern our business include, or may in the future include, those relating to consumer finance and consumer protection, cross-border and domestic money transmission, foreign exchange, payments services (such as money transmission, payment processing, and settlement services), AML and CFT, escheatment, international sanctions regimes, and compliance with the PCI DSS. These laws, rules, regulations, licensing schemes, and standards are enforced by multiple authorities and governing bodies in the United States, including the Department of the Treasury, the Federal Deposit Insurance Corporation, the SEC, CFPB, the Federal Trade Commission, self-regulatory organizations, and numerous state and local regulators and law enforcement agencies. Our clients also have their own regulatory obligations, and they expect our solutions to comply with the regulatory requirements that are applicable to their businesses. For additional discussion about the regulatory environment that we and our clients operate in, please see “Business–Regulation and Industry Standards”. As we expand into new jurisdictions, the number of foreign laws, rules, regulations, licensing schemes, and standards governing our business will expand as well. In addition, as our business and solutions continue to develop and expand, we may become subject to additional laws, rules, regulations, licensing schemes, and standards. We may not always be able to accurately predict the scope or applicability of certain laws, rules, regulations, licensing schemes, or standards to our business, particularly as we expand into new areas of operations, which could have a significant negative effect on our existing business and our ability to pursue future plans.

50


 

Certain of our subsidiaries are registered with FinCEN. Our subsidiary Flywire Global Corp. has obtained licenses to operate as a money transmitter (or the statutory equivalent) in 41 U.S. jurisdictions, and is in the process of applying for a license in, to the best of our knowledge, all U.S. states and territories where such licensure or registration is required in order to be able to offer additional business lines in the future. As a licensed money transmitter, we are (and in the states where we are awaiting licensure, will be) subject to obligations and restrictions with respect to the investment of client funds, reporting requirements, bonding requirements, minimum capital requirements, and inspection by state regulatory agencies concerning various aspects of our business. Evaluation of our compliance efforts, as well as the questions of whether and to what extent our solutions are considered money transmission, are matters of regulatory interpretation and could change over time. In addition, there are substantial costs involved in maintaining and renewing our licenses, certifications, and approvals, and we could be subject to fines or other enforcement action if we are found to violate disclosure, reporting, AML, CFT, capitalization, corporate governance, or other requirements of such licenses.

If we fail to predict how a U.S. law or regulation or a law or regulation from another jurisdiction in which we operate will be applied to us, we could be subject to additional licensure requirements and/or administrative enforcement actions. This could also require changes to the manner in which we conduct some aspects of our business or potential product changes, and require us to pay fines, penalties, or compensation to clients for past non-compliance. At the federal level, we are registered as a MSB with FinCEN. For additional discussion of the requirements of our MSB registration, please see “Business – Regulation and Industry Standards.” At the state level, we rely on various exemptions from state money transmitter licensing requirements, and regulators may find that we have violated applicable laws or regulations because we are not licensed or registered as a money transmitter in all of the U.S. jurisdictions we service. We believe, based on our business model, that we have valid exemptions from licensure under various state money transmission laws, either expressly as a payment processor or agent of the payee, or pursuant to common law as an agent of the payee. While we believe we have defensible arguments in support of our positions under the state money transmission statutes, we have not expressly obtained confirmation of such positions from the state banking departments who administer the state money transmission statutes. It is possible that certain state banking departments may determine that our activities are not exempt. Any determination that we are in fact required to be licensed under the money transmission statute of a state where we are not yet licensed may require substantial expenditures of time and money to remediate and could lead to liability in the nature of penalties or fines, costs, legal fees, reputational damage or other negative consequences. We could be required to cease operations in some or all of the U.S. jurisdictions we service and where we are not yet licensed, which determination would have a materially adverse effect on our business, including our financial condition, operating results, and reputation. In the past, certain competitors have been found to violate laws and regulations related to money transmission, and they have been subject to fines and other penalties by regulatory authorities.

The adoption of new money transmitter or MSB statutes in jurisdictions or changes in regulators’ interpretation of existing state and federal money transmitter or MSB statutes or regulations could subject us to new registration or licensing requirements. There can be no assurance that we will be able to obtain or maintain any such licenses in all of the jurisdictions we service, and, even if we were able to do so, there could be substantial costs and potential product changes involved in maintaining such licenses, which could have a material and adverse effect on our business. These factors could impose substantial additional costs, involve considerable delay to the development or provision of our solutions, require significant and costly operational changes, or prevent us from providing our solutions in any given market.

The regulatory environment in which we operate is subject to constant change, and new regulations could make aspects of our business as currently conducted no longer possible.

In the future, as a result of the regulations applicable to our business, we could be subject to investigations and resulting liability, including governmental fines, restrictions on our business, or other sanctions, and we could be forced to cease conducting certain aspects of our business with residents of certain jurisdictions, be forced to change our business practices in certain jurisdictions, or be required to obtain additional licenses or regulatory approvals. For example, because a majority of voters in the U.K. approved an exit from the E.U. (commonly referred to as Brexit), we were required to obtain a license from a member state of the EEA which would allow us to continue to provide our solutions to clients located in the EEA under a principle known as “passporting”. We were able to obtain a license as an authorized payment institution from the Bank of Lithuania in September 2019 and subsequently obtained the right to passport our solutions to other EEA member states.

Government agencies may impose new or additional rules on money transmission, including regulations that:

prohibit, restrict, and/or impose taxes or fees on money transmission transactions in, to or from certain countries or with certain governments, individuals, and entities;

51


 

impose additional client identification and client due diligence requirements;
impose additional reporting or recordkeeping requirements, or require enhanced transaction monitoring;
limit the types of entities capable of providing money transmission services, or impose additional licensing or registration requirements;
impose minimum capital or other financial requirements;
limit or restrict the revenue that may be generated from money transmission, including revenue from the transaction value associated with the payment method used by our clients’ customers and platform-related fees for access to our solutions and invoice and payment plan fees;
require enhanced disclosures to our money transmission clients or their customers;
require the principal amount of money transmission transactions originated in a country to be invested in that country or held in trust until paid;
limit the number or principal amount of money transmission transactions that may be sent to or from a jurisdiction, whether by an individual or in the aggregate; and
restrict or limit our ability to process transactions using centralized databases, for example, by requiring that transactions be processed using a database maintained in a particular country or region.

We are subject to governmental laws and requirements regarding economic and trade sanctions, AML and CFT that could impair our ability to compete in international markets or subject us to criminal or civil liability if we violate them.

We are currently required to comply with U.S. economic and trade sanctions administered by OFAC and we have processes in place to comply with the OFAC regulations as well as similar requirements in the foreign jurisdictions in which we already operate. As part of our compliance efforts, we scan our clients against watch lists promulgated by OFAC and certain other international agencies. Our application can be accessed from anywhere in the world, and if our service is accessed from a sanctioned country in violation of applicable trade and economic sanctions, we could be subject to fines or other enforcement actions. We are also subject to various AML and CFT laws and regulations around the world that prohibit, among other things, our involvement in transferring the proceeds of criminal or terrorist activities. In the United States, most of our solutions are subject to AML laws and regulations, including the BSA, and similar laws and regulations. The BSA, among other things, requires MSBs to develop and implement risk-based AML programs, to report large cash transactions and suspicious activity, and in some cases, to collect and maintain information about clients who use their services and maintain other transaction records. Regulators and third-party auditors have identified gaps in how similar businesses have implemented AML programs, and we could likewise be subject to significant fines, penalties, inquiries, audits, investigations, enforcement actions, and criminal and civil liability if our AML program is found to be insufficient by a regulator.

Our business operations in other parts of the world such as the U.K., Lithuania, Australia and Singapore are subject to similar laws and requirements. Regulators in the United States and globally continue to increase their scrutiny of compliance with these obligations, which may require us to further revise or expand our compliance program, including the procedures we use to verify the identity of our clients and to monitor transactions on our system, including payments to persons outside of the United States. Regulators regularly re-examine the transaction volume thresholds at which we must obtain and keep applicable records or verify identities of clients, and any change in such thresholds could result in greater costs for compliance. Similarly, as a condition to doing business with us, our banking and other strategic partners also impose ongoing obligations on us related to AML and CFT and sanctions screening. Any failure on our part to maintain the necessary processes and policies to comply with these regulations and requirements, or to adapt our processes and policies to changes in laws, would subject us to penalties, fines, or loss of key relationships which would have a material adverse effect on our business and results of operations. Furthermore, government sanctions imposed with respect to Russia's invasion of Ukraine in February and March 2022 are impacting our ability to offer our services in the region, and additional sanctions could be imposed in the future. Further instability or tension in Russia, Ukraine, and the surrounding region could also cause us to adjust our operating model, which would increase our costs of operations.

52


 

Any actual or perceived failure to comply with governmental regulation and other legal obligations, particularly those related to privacy, data protection, and information security, could harm our business. Compliance with such laws could also result in additional costs and liabilities to us or inhibit sales of our solutions.

Our clients and their customers store personal and business information, financial information and other sensitive information through our solutions. In addition, we collect, store, and process personal and business information and other data from and about actual and prospective clients, their customers, our FlyMates and our service providers and other business partners, as well as their personnel. Our handling of data is subject to a variety of laws and regulations, including regulation by various government agencies, such as the U.S. Federal Trade Commission (FTC), and various state, local, and foreign agencies. Our data handling is also subject to contractual obligations and industry standards.

The U.S. federal and various state and foreign governments have adopted or proposed limitations on the collection, distribution, use, and storage of data relating to individuals and businesses, including the use of contact information and other data for marketing, advertising, and other communications with individuals and businesses. In the United States, various laws and regulations apply to the collection, processing, disclosure, and security of certain types of data, including the Electronic Communications Privacy Act, the Computer Fraud and Abuse Act, the Gramm Leach Bliley Act, FERPA, HIPAA, and the now in question E.U.-U.S. and Swiss—U.S. Privacy Shield protections, as well as state laws relating to privacy and data security. Additionally, the FTC and many state attorneys general are interpreting federal and state consumer protection laws as imposing standards for the online collection, use, dissemination, and security of data. For example, California enacted the CCPA, which took effect on January 1, 2020 and became enforceable by the California Attorney General on July 1, 2020, and broadly defines personal information. The CCPA creates new individual privacy rights for consumers (as that term is broadly defined) and places increased privacy and security obligations on entities handling personal data of consumers or households. The CCPA requires covered companies to provide certain disclosures to California consumers about its data collection, use and sharing practices, provide such consumers with ways to opt-out of certain sales or transfers of personal information, provides for civil penalties for violations, and allows for a new private right of action for data breaches that has resulted in an increase in data breach litigation. It remains unclear, however, how the CCPA will be interpreted. As currently written, it will likely impact our business activities and exemplifies the vulnerability of our business to not only cyber threats but also the evolving regulatory environment related to personal data and protected health information.

Additionally, a new California ballot initiative, the California Privacy Rights Act (CPRA) was passed in November 2020. Effective starting on January 1, 2023, the CPRA imposes additional obligations on companies covered by the legislation and will significantly modify the CCPA, including by expanding consumers’ rights with respect to certain sensitive personal information. The CPRA also creates a new state agency that will be vested with authority to implement and enforce the CCPA and the CPRA. The effects of the CCPA and the CPRA are potentially significant and may require us to modify our data collection or processing practices and policies and to incur substantial costs and expenses in an effort to comply and increase our potential exposure to regulatory enforcement and/or litigation.

The laws and regulations relating to privacy and data security are evolving, can be subject to significant change, and may result in ever-increasing regulatory and public scrutiny and escalating levels of enforcement and sanctions. The CCPA, in particular, has prompted a number of proposals for new federal and state-level privacy legislation, which could increase our potential liability and adversely affect our business. Virginia became the second state after California to enact a broad privacy law with the passage of the Virginia Consumer Data Protection Act (CDPA) on March 2, 2021. The CDPA contains several new requirements for covered companies that may add operational challenges, including a greater emphasis on transparency, broader affirmative consent or opt-in requirements to process sensitive personal data, broader opt-out rights and data protection assessment requirements for certain sales of personal data as well as targeted advertising and profiling, and an appeal process for denials of consumer rights requests. The law will take effect January 1, 2023, the same day as the CPRA. Colorado became the third state with the passage of the Colorado Privacy Act (CPA) on July 8, 2021. Like the CDPA, the CPA provides consumers the right to opt out of processing for sales of personal data, targeted advertising, and profiling, provides the right to appeal a business’ denial to take action, among other new consumer rights, requires data protection assessments for certain processing activities, and, unlike the CDPA, grants the Attorney General rulemaking powers. The law will take effect on July 1, 2023. Unlike in California, neither law provides for a private right of action. We anticipate that more states may enact legislation similar to the CCPA, which provides consumers with new privacy rights and increases the privacy and security obligations of entities handling certain personal information of such consumers. For example, the Utah state legislature passed the Utah Consumer Privacy Act in March 2022. The Utah legislation most closely mirrors Virginia’s CDPA, and if signed the law will go into effect on December 31, 2023. Such proposed legislation, if enacted, may add additional complexity, variation in requirements, restrictions and potential legal risk, require additional investment of resources in compliance programs, impact strategies and the availability of previously useful data and could result in increased compliance costs and/or changes in business practices and policies.

53


 

Many of the foreign jurisdictions where we or our clients operate or conduct business, including the E.U., have laws and regulations dealing with the collection, use, storage, and disclosure and other handling (collectively, processing) of personal information, which in some cases are more restrictive than those in the U.S. In addition to regulating the processing of personal information within the relevant jurisdictions, these legal requirements often also apply to the processing of personal information outside these jurisdictions, where there is some specified link to the relevant jurisdiction. For example, we have multiple offices in Europe and serves clients and their customers throughout the E.U., where the GDPR went into effect in 2018. The GDPR, which is also the law in Iceland, Norway, Liechtenstein, and—to a large degree—the U.K., has an extensive global reach and imposes robust obligations relating to the processing of personal information, including documentation requirements, greater control for data subjects (e.g., the “right to be forgotten” and data portability), security requirements, notice requirements, restrictions on sharing personal information, data governance obligations, data breach notification requirements, and restrictions on the export of personal information to most other countries. The solutions that we currently offer subject us to many of these laws and regulations in many of the foreign jurisdictions where we operate or conduct business, and these laws and regulations may be modified or subject to new or different interpretations, and new laws and regulations may be enacted in the future.

Recent legal developments have created compliance uncertainty regarding some transfers of personal information from the U.K. and EEA to locations where we or our clients operate or conduct business, including the United States and potentially Singapore, particularly with respect to cross-border transfers. Under the GDPR, such transfers can take place only if certain conditions apply or if certain data transfer mechanisms are in place. In July 2020, the Court of Justice of the E.U. ruled in its “Schrems II” decision (C-311/18), that the Privacy Shield, a transfer mechanism used by thousands of companies to transfer data between those jurisdictions and United States (and also used by us), was invalid and could no longer be used due to the strength of United States surveillance laws. In September 2020, the Federal Data Protection and Information Commissioner of Switzerland (where the law has a similar restriction on the export of personal information) issued an opinion concluding that the Swiss-U.S. Privacy Shield Framework does not provide an adequate level of protection for data transfers from Switzerland to the United States pursuant to Switzerland’s Federal Act on Data Protection. We and our clients continue to use alternative transfer strategies, including SCCs, while the authorities interpret the Schrems II decision and the validity of alternative data transfer mechanisms. The SCCs, though previously approved by the European Commission, have faced challenges in European courts (including being called into question in the Schrems II decision), and may be further challenged, suspended or invalidated for transfers to some or all countries. For example, guidance regarding Schrems II issued by the European Data Protection Board (which is comprised of representatives from every E.U. member state’s top data protection authority) have cast serious doubt on the validity of SCCs for most transfers of personal information to the United States. At present, there are few if any viable alternatives to the Privacy Shield and the SCCs, so such developments may necessitate further expenditures on local infrastructure, changes to internal business processes, changes to clients and clients' customer facing solutions, or may otherwise affect or restrict our sales and operations.

On June 4, 2021, the European Commission released the final Implementing Decision on SCCs (New SCCs) for the transfer of personal data from the E.U. to “third countries” such as the US. The New SCCs will repeal and replace the existing SCCs (dating from 2001, 2004 and 2010) and address the entry into force of the GDPR) and the July 2020 decision of the CJEU in Schrems II, which invalidated the E.U.-U.S. Privacy Shield. The New SCCs broadly follow the draft implementing decision on standard contractual clauses (Draft SCCs) issued by the European Commission on November 12, 2020, but there are some material differences. The Draft SCCs’ significant and extensive new requirements for data importers that act as controllers (for example, obligations to give notice to data subjects and to notify personal data breaches to EU authorities) remain, but have been aligned more closely with the GDPR requirements. While the New SCCs are not immediately in force, compliance with them will be required for new transfer agreements entered into from late September 2021. SCCs currently in effect must be replaced with the New SCCs by late December 2022.

E.U. data protection authorities have the power to impose administrative fines for violations of the GDPR of up to a maximum of €20 million or 4% of a corporate family’s total worldwide global turnover for the preceding fiscal year, whichever is higher. Such penalties are in addition to any civil litigation claims by clients, data subjects or other third parties. We believe that the solutions that we currently offer subject us to the GDPR and other laws and regulations relating to privacy, data protection, and information security, and these may be modified or subject to new or different interpretations in the future. We will need to take steps to address compliance obligations in this rapidly evolving legal environment, but we cannot assure you that we will be able to implement changes in a timely manner or without significant disruption to our business, or that such steps will be effective, and we may face the risk of liability and loss of business.

In addition, further to the U.K. exit from the E.U. on January 31, 2020, the GDPR ceased to apply in the U.K. at the end of the transition period on December 31, 2020. However, as of January 1, 2021, the U.K.’s European Union (Withdrawal) Act 2018 incorporated the GDPR (as it existed on December 31, 2020 but subject to certain U.K. specific

54


 

amendments) into U.K. law (referred to as the U.K. GDPR). The U.K. GDPR and the U.K. Data Protection Act 2018 set out the U.K.’s data protection regime, which is independent from but aligned to the E.U.’s data protection regime. Non-compliance with the U.K. GDPR may result in monetary penalties of up to £17.5 million or 4% of worldwide revenue, whichever is higher. Like the GDPR, the U.K. GDPR restricts personal data transfers outside the U.K. to countries not regarded by the U.K. as providing adequate protection (this means that personal data transfers from the U.K. to the EEA remain free flowing).

On June 28, 2021, the European Commission adopted an adequacy decision under the GDPR, thereby recognizing that the U.K.’s data protection system continues to provide the same protections with respect to personal data as when it was an EU member state, and enabling the continued exchange of personal data between the E.U. and the U.K. The adequacy decision facilitates the implementation of the E.U.-U.K. Trade Cooperation Agreement, which foresaw the need for bilateral data flow and continued cooperation. The adequacy decision does, however, include a ‘sunset clause’, limiting its duration to four years, at which point the European Commission will need to once again review the safeguards in place in the U.K.’s post-Brexit legal system and decide if the adequacy decision may be renewed.

This lack of clarity on future U.K. laws and regulations and their interaction with E.U. laws and regulations could add legal risk, uncertainty, complexity and cost to our handling of E.U. personal information and our privacy and data security compliance programs. It is possible that over time the U.K. Data Protection Act 2018 could become less aligned with the GDPR, which could require us to implement different compliance measures for the U.K. and the E.U. and result in potentially enhanced compliance obligations for E.U. personal data.

In Asia, there has been an increase in both regulation and enforcement of privacy laws. The Act on Protection of Personal Information originally enacted in June 2020 by the Japanese government, was amended and will come into effect on April 1, 2022 (Amended APPI). Since the passage of the Amended APPI, a number of implementing regulations and supporting documents have been released, addressing the requirements for transferring personal data outside Japan, notifying security breaches and creating pseudonymous information exempt from certain obligations under the Amended APPI. We have taken steps to address compliance obligations that apply to us under the Amended APPI, but cannot assure you that such steps will be effective, and we may face the risk of increased costs, liability and loss of business.

The People’s Republic of China (home to the most online users in the world), is one of the latest countries to pass a new omnibus privacy law. China passed its new Data Security Law (DSL) in June 2021 and its new Personal Information Protection Law (PIPL) in August 2021. The DSL applies to a wide range of data processing activities including, but not limited to, processing personal information. With extraterritorial scope and severe fines and penalties, these laws are set to impose an increasingly complex and comprehensive legal framework for processing personal information when doing business in China. The PIPL is enforced and administered by the Cyberspace Administration of China and relevant state and local government departments. The law draws from the GDPR, with heavy penalties up to the greater of 5% of the previous year’s revenue (possibly global) or $7.7 million.

We have taken steps to address compliance obligations that apply to us under the Amended APPI, the DSL and PIPL but cannot assure you that such steps will be effective, and we may face the risk of increased costs, liability and loss of business.

In addition to government regulation, privacy advocates and industry groups may propose new and different self-regulatory standards that, if adopted, may apply to us, or which clients or clients' customers may require us to adopt. Because the interpretation and application of privacy and data protection laws, regulations, rules, and other standards are still uncertain, it is possible that these laws, rules, regulations, and other actual or alleged legal obligations, such as contractual or self-regulatory obligations, may be interpreted and applied in a manner that is inconsistent with our existing data management practices or the functionality of our solutions. If so, in addition to the possibility of fines, lawsuits and other claims, we could be required to fundamentally change our business activities and practices or modify our software, which could have an adverse effect on our business. Any failure or perceived failure by us to comply with laws, regulations, policies, legal, or contractual obligations, industry standards, or regulatory guidance relating to privacy or data security, may result in governmental investigations and enforcement actions, litigation, fines and penalties, or adverse publicity, and could cause our clients and partners to lose trust in us, which could have an adverse effect on our reputation and business. We expect that there will continue to be new proposed laws, regulations, and industry standards relating to privacy, data protection, marketing, consumer communications, and information security, and we cannot determine the impact such future laws, regulations, and standards may have on our business. Future laws, regulations, standards, and other obligations or any changed interpretation of existing laws or regulations could impair our ability to develop and market new functionality and maintain and grow our client base and increase revenue. Future restrictions on the collection, use, sharing, or disclosure of data, or additional requirements for express or implied consent of our clients,

55


 

partners, or end users for the use and disclosure of such information could require us to incur additional costs or modify our solutions, possibly in a material manner, and could limit our ability to develop new functionality.

If we are not able to comply with these laws or regulations, or if we become liable under these laws or regulations, we could be directly harmed, and we may be forced to implement new measures to reduce our exposure to this liability. This may require us to expend substantial resources or to discontinue certain solutions, which would negatively affect our business, financial condition, and operating results. In addition, the increased attention focused upon liability issues as a result of lawsuits and legislative proposals could harm our reputation or otherwise adversely affect the growth of our business. Furthermore, any costs incurred as a result of this potential liability could harm our operating results.

We are subject to anti-corruption, anti-bribery, and similar laws, and non-compliance with such laws can subject us to criminal or civil liability and harm our business.

We are subject to the FCPA, the U.K. Bribery Act, U.S. domestic bribery laws, and other anti-corruption laws. Anti-corruption and anti-bribery laws have been enforced aggressively in recent years and are interpreted broadly to generally prohibit companies, their employees, and their third-party intermediaries from authorizing, offering, or providing, directly or indirectly, improper payments or benefits to recipients in the public sector. These laws also require that we keep accurate books and records and maintain internal controls and compliance procedures designed to prevent any such actions. We maintain operations and serve clients in several countries around the world. Although we do not target government entities as clients, some of our clients may receive funding or other support from local, state, provincial or national governments. As we maintain and seek to increase our international cross-border business and expand operations abroad, we may engage with business partners and third-party intermediaries to market our services and to obtain necessary permits, licenses, and other regulatory approvals. In addition, we or our third-party intermediaries may have direct or indirect interactions with officials and employees of government agencies or state-owned or affiliated entities. We can be held liable for the corrupt or other illegal activities of these third-party intermediaries, our FlyMates, representatives, contractors, partners, and agents, even if we do not explicitly authorize such activities.

While we maintain policies and training programs for our FlyMates related to anti-corruption, anti-bribery and gift giving, and include representations regarding legal compliance in our contracts with vendors and strategic partners, there can be no assurances that these policies, training programs or contractual provisions will be observed or enforceable. We cannot assure you that all of our FlyMates and agents will not take actions in violation of our policies and applicable law, for which we may be ultimately held responsible. As we increase our international business, our risks under these laws may increase.

Detecting, investigating, and resolving actual or alleged violations of anti-corruption laws can require a significant diversion of time, resources, and attention from senior management. In addition, noncompliance with anti-corruption or anti-bribery laws could subject us to whistleblower complaints, investigations, sanctions, settlements, prosecution, enforcement actions, fines, damages, other civil or criminal penalties, injunctions, suspension or debarment from contracting with certain persons, reputational harm, adverse media coverage, and other collateral consequences. If any subpoenas are received or investigations are launched, or governmental or other sanctions are imposed, or if we do not prevail in any possible civil or criminal proceeding, our business, operating results, and financial condition could be materially harmed. In addition, responding to any action will likely result in a materially significant diversion of management’s attention and resources and significant defense costs and other professional fees.

In February 2022, following Russia’s invasion of Ukraine, the United States and other countries announced sanctions against Russia. The sanctions announced by the United States and other countries against Russia to date include restrictions on selling or importing goods, services or technology in or from affected regions, travel bans and asset freezes impacting connected individuals and political, military, business and financial organizations in Russia, severing Russia’s largest bank from the U.S. financial system, barring some Russian enterprises from raising money in the U.S. market and blocking the access of Russian banks to financial markets. The United States and other countries could impose wider sanctions and take other actions should the conflict further escalate. While it is difficult to anticipate the impact the sanctions announced to date may have on us, any further sanctions imposed or actions taken by the United States or other countries, and any retaliatory measures by Russia in response, could increase our costs, reduce our sales and earnings or otherwise have an adverse effect on our operations.

New or revised tax regulations, unfavorable resolution of tax contingencies or changes to enacted tax rates could adversely affect our tax expense.

Changes in tax laws or their interpretations could result in changes to enacted tax rates and may require complex computations to be performed that were not previously required, significant judgments to be made in interpretation of the new or revised tax regulations and significant estimates in calculations, as well as the preparation and analysis of

56


 

information not previously relevant or regularly produced. Future changes in enacted tax rates could negatively affect our results of operations.

The vast majority of states have considered or adopted laws that impose tax collection obligations on out-of-state companies. States where we have nexus may require us to calculate, collect, and remit taxes on sales in their jurisdiction. Additionally, the Supreme Court of the United States recently ruled in South Dakota v. Wayfair, Inc. et al (Wayfair) that online sellers can be required to collect sales and use tax despite not having a physical presence in the buyer’s state. In response to Wayfair, or otherwise, states or local governments may enforce laws requiring us to calculate, collect, and remit taxes on sales in their jurisdictions. We may be obligated to collect and remit sales and use tax in states in which we have not collected and remitted sales and use tax. A successful assertion by one or more states requiring us to collect taxes where we historically have not or presently do not do so could result in substantial tax liabilities, including taxes on past sales, as well as penalties and interest. The imposition by state governments or local governments of sales tax collection obligations on out-of-state sellers could also create additional administrative burdens for us, put us at a perceived competitive disadvantage if they do not impose similar obligations on our competitors, and decrease our future sales, which could adversely affect our business and operating results.

Relevant foreign taxing authorities may disagree with our determinations as to the income and expenses attributable to specific jurisdictions. If disagreements with relevant taxing authorities on other unknown matters were to occur, and our position was not sustained, we could be required to pay additional taxes, interest and penalties, which could result in one-time tax charges, higher effective tax rates, reduced cash flows and lower overall profitability of our operations.

Our tax returns and positions are subject to review and audit by federal, state, local and international taxing authorities. An unfavorable outcome to a tax audit could result in higher tax expense, thereby negatively affecting our results of operations and cash flows. We have recognized estimated liabilities on the balance sheet for material known tax exposures relating to deductions, transactions and other matters involving some uncertainty as to the proper tax treatment of the item. These liabilities reflect what we believe to be reasonable assumptions as to the likely final resolution of each issue if raised by a taxing authority. While we believe that the liabilities are adequate to cover reasonably expected tax risks, there can be no assurance that, in all instances, an issue raised by a tax authority will be finally resolved at a financial amount no more than any related liability. An unfavorable resolution, therefore, could negatively affect our financial position, results of operations and cash flows in the current and/or future periods.

If we fail to adequately protect our proprietary rights, our competitive position could be impaired and we may lose valuable assets, generate less revenue and incur costly litigation to protect our rights.

Our success is dependent, in part, upon protecting our proprietary technology. We rely on a combination of copyrights, trademarks, service marks, trade secret laws, the domain name dispute resolution mechanism, confidentiality procedures, and contractual provisions to establish and protect our proprietary rights. However, effective protection of intellectual property rights is expensive, both in terms of application and maintenance costs, as well as the costs of defending and enforcing those rights, and the steps we take to protect our intellectual property may be inadequate. We do not have patents covering any of our technology and do not actively pursue patents. Any of our trademarks, or other intellectual property rights may be challenged or circumvented by others, or narrowed or invalidated through administrative process or litigation. There can be no guarantee that others will not independently develop similar solutions or duplicate any of our solutions. Furthermore, legal standards relating to the validity, enforceability, and scope of protection of intellectual property rights are uncertain. Despite our precautions, it may be possible for unauthorized third parties to copy our solutions and use information that we regard as proprietary to create solutions that compete with ours.

We pursue registration of copyrights, trademarks, and domain names in the United States and in certain jurisdictions outside of the United States, but doing so may not always be successful or cost-effective. We may be unable or, in some instances, choose not to obtain legal protection for our intellectual property, and our existing and future intellectual property rights may not provide us with competitive advantages or distinguish our solutions from those of our competitors. The laws of some foreign countries may not protect our intellectual property rights to the same extent as the laws of the United States, and effective intellectual property protection and mechanisms may be uncertain or unavailable in those jurisdictions. We may need to expend additional resources to defend our intellectual property in such countries, and the inability to do so could impair our business or adversely affect our international expansion. Particularly given the international nature of the Internet, the rate of growth of the Internet, and the ease of registering new domain names, we may not be able to detect unauthorized use of our intellectual property or take prompt enforcement action.

We endeavor to enter into agreements with our employees, consultants and contractors and with parties with whom we do business in order to acquire intellectual property rights developed as a result of service to us, as well as to limit access to and disclosure of our proprietary information. No assurance can be given that our intellectual property related agreements with our employees, consultants, contractors clients, their customers, or strategic partners and others will be

57


 

effective in controlling access to and distribution of our solutions and proprietary information, potentially resulting in the unauthorized use or disclosure of our trade secrets and other intellectual property, including to our competitors, which could cause us to lose any competitive advantage resulting from this intellectual property. Further, these agreements do not prevent our competitors or partners from independently developing technologies that are substantially equivalent or superior to our solutions. In addition, individuals not subject to invention assignment agreements may make adverse ownership claims to our current and future intellectual property.

To protect our intellectual property rights, we may be required to spend significant resources to monitor, protect and defend these rights. Litigation may be necessary in the future to enforce our intellectual property rights and to protect our trade secrets. Such litigation could be costly, time consuming, and distracting to management and could result in the impairment or loss of portions of our intellectual property. Furthermore, our efforts to enforce our intellectual property rights may be met with defenses, counterclaims, and countersuits attacking the validity and enforceability of our intellectual property rights. Our inability to protect our proprietary technology against unauthorized copying or use, as well as any costly litigation or diversion of our management’s attention and resources, could delay further sales or the implementation of our solutions, impair the functionality of our solutions, delay introductions of new features, integrations, and capabilities, result in our substituting inferior or more costly technologies into our solutions, or injure our reputation. In addition, we may be required to license additional technology from third parties to develop and market new features, integrations, and capabilities, and we cannot be certain that we could license that technology on commercially reasonable terms or at all, and our inability to license this technology could harm our ability to compete.

We may in the future be subject to intellectual property disputes, which are costly and may subject us to significant liability and increased costs of doing business.

We may in the future become subject to intellectual property disputes. Lawsuits are time-consuming and expensive to resolve and they divert management’s time and attention. We cannot predict the outcome of lawsuits and cannot assure you that the results of any such actions will not have an adverse effect on our business, operating results, or financial condition. During litigation, we may become subject to provisional rulings, including preliminary injunctions requiring us to cease some or all of our operations. We may decide to settle legal disputes on terms that are unfavorable to us. Furthermore, such disputes, even those without merit, may subject us to an unfavorable judgment that we may not choose to appeal or that may not be reversed upon appeal. In such a situation, we could be required to pay substantial damages or license fees to third party patent owners. In addition, we may also be required to modify, redesign, reengineer, or rebrand our solutions, or stop making, licensing, or providing solutions that incorporate the asserted intellectual property. Alternatively, we may enter into a license agreement to continue practices found to be in violation of a third party’s rights. If we are required, or choose to enter into, royalty or licensing arrangements, such arrangements may not be available on reasonable terms or at all. In addition, we may also be contractually obligated to indemnify our clients in the event of infringement of a third party’s intellectual property rights.

Our use of “open source” software could negatively affect our ability to offer and sell access to our solutions and subject us to possible litigation.

We use open source software in our solutions and expect to continue to use open source software in the future. There are uncertainties regarding the proper interpretation of and compliance with open source licenses, and there is a risk that such licenses could be construed in a manner that imposes unanticipated conditions or restrictions on our ability to use such open source software, and consequently to provide or distribute our solutions. Although use of open source software has historically been free, recently several open source providers have begun to charge license fees for use of their software. If our current open source providers were to begin to charge for these licenses or increase their license fees significantly, this would increase our research and development costs and have a negative impact on our results of operations and financial condition.

Additionally, we may from time to time face claims from third parties claiming ownership of, or seeking to enforce the terms of, an open source license, including by demanding release of source code for the open source software, derivative works or our proprietary source code that was developed using, or that is distributed with, such open source software. These claims could also result in litigation and could require us to make our proprietary software source code freely available, require us to devote additional research and development resources to change our solutions or incur additional costs and expenses, any of which could result in reputational harm and would have a negative effect on our business and operating results. In addition, if the license terms for the open source software we utilize change, we may be forced to reengineer our solutions or incur additional costs to comply with the changed license terms or to replace the affected open source software. Further, use of certain open source software can lead to greater risks than use of third-party commercial software, as open source licensors generally do not provide warranties or controls on the origin of software or indemnification for third party infringement claims. Although we have implemented policies to regulate the use and

58


 

incorporation of open source software into our solutions, we cannot be certain that we have not incorporated open source software in our solutions in a manner that is inconsistent with such policies.

Indemnity and liability provisions in various agreements potentially expose us to substantial liability for intellectual property infringement, data protection, and other losses.

Our agreements with some of our technology partners and certain clients include indemnification provisions under which we agree to indemnify them for losses suffered or incurred as a result of claims of intellectual property infringement, data protection, damages caused by us to property or persons, or other liabilities relating to or arising from our solutions or other contractual obligations. Some of these indemnity agreements provide for uncapped liability and some indemnity provisions survive termination or expiration of the applicable agreement. Large indemnity payments could harm our business, operating results, and financial condition. We may incur substantial liability, and we may be required to cease use of certain functions of our solutions, as a result of intellectual property related claims. Any dispute with a client or technology partner with respect to these obligations could have adverse effects on our relationship with that client or technology partner and other existing or new clients or technology partners, and harm our business and operating results. In addition, although we carry insurance, our insurance may not be adequate to indemnify us for all liability that may be imposed, or otherwise protect us from liabilities or damages with respect to claims alleging compromises of client or clients' customer data, and any such coverage may not continue to be available to us on acceptable terms or at all.

The U.K.’s departure from the E.U. could adversely affect us.

The U.K. formally exited the E.U. on January 31, 2020 and a transition period was in place until December 31, 2020 during which time the U.K. remained in both the E.U. customs union and single market and was subject to E.U. rules. There continues to be a significant lack of clarity over the terms of the U.K.’s future relationship with the E.U. in the future.

Brexit could therefore adversely affect U.K., regional (including European), and worldwide economic and market conditions and could contribute to instability in global financial and foreign currency exchange markets, including volatility in the value of the British Pound and Euro, which in turn could adversely affect us or our clients and companies with which we do business, particularly in the U.K. Brexit could lead to greater restrictions on travel between the U.K. and the EEA region, with the potential inability of students to travel or relocate for purposes of seeking foreign educational opportunities. Brexit could also trigger a general deterioration in credit conditions, a downturn in consumer sentiment, and overall negative economic growth. Any of these scenarios could have an adverse effect on our business or our clients.

In addition, Brexit could lead to legal uncertainty and increased complexity for financial services firms as national laws and regulations in the U.K. start to diverge from E.U. laws and regulations. In particular, depending on the terms of Brexit, we may face new regulatory costs and challenges, including the following:

if we are unable to utilize appropriate authorizations and regulatory permissions, our European operations could lose their ability to offer services into the U.K. market on a cross-border basis and for our U.K. based operations to offer services on a cross-border basis in the European markets;
we could be required to obtain additional regulatory permissions to operate in the U.K. market, adding costs and potential inconsistency to our business. Depending on the capacity of the U.K. authorities, the criteria for obtaining permission, and any possible transitional arrangements, our business in the U.K. could be materially affected or disrupted;
we could be required to comply with legal and regulatory requirements in the U.K. that are in addition to, or inconsistent with, those of the E.U., leading to increased complexity and costs for our European and U.K. operations; and
our ability to attract and retain the necessary human resources in appropriate locations to support our U.K. and European business could be adversely impacted.

These and other factors related to Brexit could, individually or in the aggregate, have a material adverse impact on our business, financial condition, and results of operations.

Our ability to use our net operating losses to offset future taxable income may be subject to certain limitations.

As of December 31, 2021, we had U.S. federal net operating loss (NOL) carryforwards of approximately $122.1 million and state NOL carryforwards of approximately $164.9 million. The federal and material state NOL carryforwards will begin to expire in 2030 and 2022, respectively. In general, under Sections 382 and 383 of the United States Internal

59


 

Revenue Code of 1986, as amended (Code), a corporation that undergoes an “ownership change” is subject to limitations on its ability to utilize its pre-change NOLs and other tax attributes such as research tax credits to offset future taxable income. An “ownership change” pursuant to Section 382 of the Code generally occurs if one or more stockholders or groups of stockholders who own at least 5% of the company’s stock increase their ownership by more than 50 percentage points over their lowest ownership percentage within a rolling three-year period. If it is determined that we have in the past experienced an ownership change, or if we undergo one or more ownership changes as a result of our initial public offering (IPO) or future transactions in our stock, then our ability to utilize NOLs and other pre-change tax attributes could be limited by Sections 382 and 383 of the Code. Future changes in our stock ownership, many of which are outside of our control, could result in an ownership change under Sections 382 or 383 of the Code. We are in the process of completing a Section 382 study. Furthermore, our ability to utilize NOLs of companies that we may acquire in the future may be subject to limitations. For these reasons, we may not be able to utilize a material portion of the NOLs, even if we were to achieve profitability.

Under the Tax Cuts and Jobs Act enacted in 2017 (Tax Act) as modified by the Coronavirus Aid, Relief, and Economic Security Act enacted in 2020 (CARES Act), U.S. federal NOL carryforwards generated in taxable periods beginning after December 31, 2017 may be carried forward indefinitely, but the deductibility of such NOL carryforwards in taxable years beginning after December 31, 2020 is limited to 80% of taxable income. In addition, federal NOLs arising in tax years ending after December 31, 2017 can be carried forward indefinitely, but carryback is generally prohibited. NOLs generated in tax years beginning before January 1, 2018 will not be subject to the taxable income limitation, and NOLs generated in tax years ending before January 1, 2018 will continue to have a two-year carryback and twenty-year carryforward period. Deferred tax assets for NOLs will need to be measured at the applicable tax rate in effect when the NOL is expected to be utilized. Similar rules may apply under state tax laws. The changes in the carryforward/carryback periods as well as the new limitation on use of NOLs may significantly impact our valuation allowance assessments for NOLs generated after December 31, 2017.

Risks Related to Being a Public Company

As a public company, we are obligated to develop and maintain proper and effective internal control over financial reporting, and if we fail to develop and maintain an effective system of disclosure controls and internal control over financial reporting, our ability to produce timely and accurate financial statements or comply with applicable laws and regulations could be impaired.

As a public company, we are subject to the reporting requirements of the Securities Exchange Act of 1934, as amended (Exchange Act), the Sarbanes-Oxley Act of 2002 (Sarbanes-Oxley Act), the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (Dodd-Frank), the listing requirements of The Nasdaq Global Select Market (Nasdaq), and other applicable securities rules and regulations. Compliance with these rules and regulations will increase our legal and financial compliance costs, make some activities more difficult, time consuming, or costly, and increase demand on our systems and resources, particularly after we are no longer an emerging growth company. The Exchange Act requires, among other things, that we file annual, quarterly, and current reports with respect to our business and operating results. The Sarbanes-Oxley Act requires, among other things, that we maintain effective disclosure controls and procedures and internal control over financial reporting. It may require significant resources and management oversight to maintain and, if necessary, improve our disclosure controls and procedures and internal control over financial reporting to meet this standard. As a result, management’s attention may be diverted from other business concerns, which could adversely affect our business and operating results. To comply with these requirements, we may need to hire more employees in the future or engage outside consultants, which would increase our costs and expenses.

As a public company, we are required, pursuant to Section 404 of the Sarbanes-Oxley Act (Section 404), to furnish a report by management on, among other things, the effectiveness of our internal control over financial reporting commencing with our Annual Report on Form 10-K for the year ending December 31, 2022. Effective internal control over financial reporting is necessary for us to provide reliable financial reports and, together with adequate disclosure controls and procedures, are designed to prevent fraud. Any failure to implement required new or improved controls, or difficulties encountered in their implementation, could cause us to fail to meet our reporting obligations. Ineffective internal controls could also cause investors to lose confidence in our reported financial information, which could have a negative effect on the trading price of our common stock.

This assessment will need to include disclosure of any material weaknesses identified by our management in our internal control over financial reporting, as well as a statement that our independent registered public accounting firm has issued an opinion on the effectiveness of our internal control over financial reporting, provided that our independent registered public accounting firm will not be required to attest to the effectiveness of our internal control over financial reporting until our first annual report required to be filed with the SEC following the later of the date we are deemed to be

60


 

an “accelerated filer” or a “large accelerated filer,” each as defined in the Exchange Act, or the date we are no longer an emerging growth company, as defined in the JOBS Act, which could be as early as our annual report on Form 10-K for the year ending December 31, 2022. We expect to incur significant expenses and devote substantial management effort toward ensuring compliance with the auditor attestation requirements of Section 404. Furthermore, if and when we are deemed to be a “large accelerated filer”, we will also have to file a more expansive proxy statement and be subject to shorter filing deadlines, which will require additional time and expense as well.

An independent assessment of the effectiveness of our internal controls could detect problems that our management’s assessment might not. Undetected material weaknesses in our internal controls could lead to financial statement restatements and require us to incur the expense of remediation. We will be required to disclose changes made in our internal control and procedures on a quarterly basis. To comply with the requirements of being a public company, we have undertaken and may need to continue to undertake various actions, such as implementing new internal controls and procedures, hiring risk professionals, accounting and internal audit staff, and engaging outside consultants, which will increase our operating expenses.

We are in the early stages of the costly and challenging process of compiling the system and processing documentation necessary to perform the evaluation needed to comply with Section 404. We may not be able to complete our evaluation, testing, and any required remediation in a timely fashion. During the evaluation and testing process, if we identify material weaknesses in our internal control over financial reporting, we will be unable to assert that our internal control over financial reporting is effective.

If we are unable to assert that our internal control over financial reporting is effective, or if our independent registered public accounting firm is unable to express an opinion on the effectiveness of our internal control, including as a result of a material weakness, we could lose investor confidence in the accuracy and completeness of our financial reports, which could cause the price of our common stock to decline, and we may be subject to investigation or sanctions by the SEC. In addition, if we are unable to continue to meet these requirements, we may not be able to remain listed on Nasdaq.

Increased scrutiny from investors and others regarding our environmental, social, governance, or sustainability responsibilities could result in additional costs or risks and adversely impact our reputation, employee retention, and willingness of partners, clients or our clients’ customers to do business with us.

Investor advocacy groups, certain institutional investors, investment funds, other market participants, stockholders, and consumer groups have focused increasingly on the environmental, social and governance (ESG) or “sustainability” practices of companies. These parties have placed increased importance on the implications of the social cost of their investments. We have convened a cross-functional working group to further enhance our commitment to sustainability and ESG, and recognize the importance of communicating our progress on ESG to our stakeholders. As part of its responsibilities, our ESG working group is assessing opportunities for communicating progress on our priority initiatives. However, if our ESG practices do not meet (or are viewed as not meeting) investor or other industry stakeholder expectations and standards, which continue to evolve, our brand, reputation and employee retention may be negatively impacted, including based on an assessment of our ESG practices. Any sustainability report that we publish or sustainability disclosure we make may include our policies and practices on a variety of social and ethical matters, including corporate governance, community involvement, environmental compliance, employee health and safety practices, cybersecurity and privacy, human capital management, and workforce equity, inclusion and diversity. It is possible that stakeholders may not be satisfied with our ESG practices or the speed of their adoption. We could also incur additional costs and require additional resources to monitor, report, and comply with various ESG practices. Also, our failure, or perceived failure, to meet the standards included in any sustainability disclosure could negatively impact our reputation, employee retention, and the willingness of our partners, clients or our clients’ customers to do business with us.

We will incur increased costs as a result of operating as a public company, and our management will be required to devote substantial time to compliance with our public company responsibilities and corporate governance practices.

As a public company, we will continue to incur significant legal, accounting, and other expenses that we did not incur as a private company, which we expect to further increase after we are no longer an “emerging growth company.” The Sarbanes-Oxley Act, Dodd-Frank, the listing requirements of the Nasdaq, and other applicable securities rules and regulations impose various requirements on public companies. Our management and other personnel devote a substantial amount of time to compliance with these requirements and interacting with public company investors and securities analysts. These new obligations and constituents require significant attention from our management team and could divert their attention away from the day-to-day management of our business, which could harm our business,

61


 

operating results, and financial condition. Moreover, these rules and regulations will increase our legal and financial compliance costs and will make some activities more time-consuming and costly. We cannot predict or estimate the amount of additional costs we will incur as a public company or the specific timing of such costs.

Risks Related to Ownership of Our Common Stock

The price of our common stock may be volatile or may decline regardless of our operating performance and you may not be able to resell your shares at or above the price you paid for them.

An active or liquid market in our common stock may not be sustainable. The market price of our common stock may fluctuate significantly in response to numerous factors, many of which are beyond our control, including:

overall performance of the equity markets;
our operating performance and the performance of other similar companies;
delays in the roll out of new solutions;
changes in our projected operating results that we provide to the public, our failure to meet these projections or changes in recommendations by securities analysts that elect to follow our common stock;
regulatory actions with respect to our payment solutions;
regulatory or legal developments in the United States and other countries;
the level of expenses related to our solutions;
announcements of acquisitions, strategic alliances or significant agreements by us or by our competitors;
developments or disputes concerning patent applications, issued patents or other intellectual property or proprietary rights;
recruitment or departure of key personnel;
the economy as a whole and market conditions in our industry, including conditions resulting from the COVID-19 pandemic;
political or social unrest, war or other military conflict, including an escalation of the conflict between Russia and Ukraine, economic instability, repression, or human rights issues;
variations in our financial results or the financial results of companies that are perceived to be similar to us;
financing or other corporate transactions, or inability to obtain additional funding;
changes in the structure of payment systems;
effects of the ongoing United States-China trade war;
trading activity by a limited number of stockholders who together beneficially own a majority of our outstanding common stock;
the expiration of market standoff or contractual lock-up agreements;
the size of our market float; and
any other factors discussed in this Annual Report on Form 10-K.

In addition, the stock markets have experienced extreme price and volume fluctuations that have affected and continue to affect the market prices of equity securities of many companies.

Concerns over economic recession, the COVID-19 pandemic, interest rate increases and inflation, supply chain delays and disruptions, policy priorities of the U.S. presidential administration, trade wars, unemployment, or prolonged

62


 

government shutdown may contribute to increased volatility and diminished expectations for the economy and markets. Additionally, concern over geopolitical issues may also contribute to prolonged market volatility and instability. For example, the conflict between Russia and Ukraine could lead to disruption, instability and volatility in global markets and industries. The U.S. government and other governments in jurisdictions have imposed severe economic sanctions and export controls against Russia and Russian interests, have removed Russia from the SWIFT system, and have threatened additional sanctions and controls. The impact of these measures, as well as potential responses to them by Russia, is unknown.

Stock prices of many companies, and technology companies in particular, have fluctuated in a manner unrelated or disproportionate to the operating performance of those companies. In the past, stockholders have filed securities class action litigation following periods of market volatility. If we were to become involved in securities litigation, it could subject us to substantial costs, divert resources and the attention of management from our business and adversely affect our business.

We are an “emerging growth company,” and we cannot be certain if the reduced reporting and disclosure requirements applicable to emerging growth companies will make our common stock less attractive to investors.

We are an “emerging growth company,” as defined in the JOBS Act, and we may take advantage of certain exemptions from various reporting requirements that are applicable to other public companies that are not “emerging growth companies,” including the auditor attestation requirements of Section 404 reduced disclosure obligations regarding executive compensation in our periodic reports and proxy statements, and exemptions from the requirements of holding a non-binding advisory vote on executive compensation and stockholder approval of any golden parachute payments not previously approved. Pursuant to Section 107 of the JOBS Act, as an emerging growth company, we have elected to use the extended transition period for complying with new or revised accounting standards until those standards would otherwise apply to private companies. As a result, our consolidated financial statements may not be comparable to the financial statements of issuers who are required to comply with the effective dates for new or revised accounting standards that are applicable to public companies, which may make our common stock less attractive to investors. In addition, if we cease to be an emerging growth company, we will no longer be able to use the extended transition period for complying with new or revised accounting standards.

We will remain an emerging growth company until the earliest of (i) December 31, 2026, (ii) the last day of the first fiscal year in which our annual gross revenue is $1.07 billion or more, (iii) the date on which we have, during the previous rolling three-year period, issued more than $1 billion in non-convertible debt securities, and (iv) the date on which we are deemed to be a “large accelerated filer,” which will occur as of the end of any fiscal year in which we (x) have an aggregate market value of our common stock held by non-affiliates of $700 million or more as of the last business day of our most recently completed second fiscal quarter, (y) have been required to file annual and quarterly reports under the Exchange Act for a period of at least 12 months, and (z) have filed at least one annual report pursuant to the Exchange Act.

We cannot predict if investors will find our common stock less attractive if we continue to choose to rely on these exemptions. For example, if we do not adopt a new or revised accounting standard, our future operating results may not be as comparable to the operating results of certain other companies in our industry that adopted such standards. If some investors find our common stock less attractive as a result, there may be a less active trading market for our common stock, and our stock price may be more volatile.

Raising additional capital may cause dilution to our existing stockholders, restrict our operations or require us to relinquish rights to our intellectual property on unfavorable terms to us.

Until such time, if ever, as we can generate substantial revenue, we may finance our cash needs through a combination of equity offerings, government or private party grants, debt financings and strategic partnership agreements. We may seek additional capital through a variety of means, including through strategic partnership arrangements, public or private equity or debt financings, third-party funding and marketing and distribution arrangements, as well as other strategic alliances and licensing arrangements or any combination of these approaches. However, disruptions in the capital markets could make any financing more challenging, and there can be no assurance that we will be able to raise capital on commercially reasonable terms or at all. To the extent that we raise additional capital through the sale of equity or convertible debt securities, your ownership interest will be diluted, and the terms may include liquidation preferences or other rights, powers or preferences that may adversely affect your rights as a stockholder. To the extent that debt financing is available, and we choose to raise additional capital in the form of debt, such debt financing may involve agreements that include covenants limiting or restricting our ability to take certain actions, such as incurring additional debt, making capital expenditures or declaring dividends. If we raise additional capital pursuant to collaborations, licensing arrangements or other strategic partnerships, such agreements may require us to relinquish rights to our technologies.

63


 

If we are unable to raise additional funds through equity or debt financing or through collaborations or strategic partnerships when needed, we may be required to delay, limit, reduce or terminate the development of our solutions or commercialization efforts.

We may allocate our cash and cash equivalents in ways that you and other stockholders may not approve.

Our management has broad discretion in the application of our cash and cash equivalents. Because of the number and variability of factors that determine our use of our cash and cash equivalents, their ultimate use may vary substantially from their currently intended use. Our management might not apply cash and cash equivalents in ways that ultimately increase the value of your investment. The failure by our management to apply these funds effectively could harm our business. Pending their use, we may invest our cash and cash equivalents in short-term, investment-grade, interest-bearing securities. These investments may not yield a favorable return to our stockholders. If we do not invest or apply our cash and cash equivalents in ways that enhance stockholder value, we may fail to achieve expected financial results, which could cause our stock price to decline.

If securities or industry analysts do not publish research or publish inaccurate or unfavorable research about our business, our stock price and trading volume could decline.

The trading market for our common stock depends in part on the research and reports that securities or industry analysts publish about us or our business. If industry analysts cease coverage of us, the trading price for our common stock would be negatively affected. If one or more of the analysts who cover us downgrade our common stock or publish inaccurate or unfavorable research about our business, our common stock price would likely decline. If one or more of these analysts cease coverage of us or fail to publish reports on us regularly, demand for our common stock could decrease, which might cause our common stock price and trading volume to decline.

Sales of substantial amounts of our common stock in the public markets could cause the market price of our common stock to decline.

The price of our common stock could decline if there are substantial sales of our common stock, particularly sales by our directors, executive officers and significant stockholders, or if there is a large number of shares of our common stock available for sale and the market perceives that sales will occur. We had a total of 100,454,177 shares of our voting common stock and 5,988,378 shares of our non-voting common stock outstanding as of December 31, 2021. Other than shares held by directors, executive officers and other affiliates that are subject to volume limitations under Rule 144 under the Securities Act and various vesting agreements, these shares of common stock generally are freely tradable without restrictions or further registration under the Securities Act.

Certain of our stockholders will have rights, subject to some conditions, to require us to file registration statements covering their shares or to include their shares in registration statements that we may file for ourselves or our stockholders, subject to market standoff and lock-up agreements. We registered shares of common stock that we have issued and may issue under our employee equity incentive plans. These shares will be able to be sold freely in the public market upon issuance, subject to securities laws.

The market price of the shares of our common stock could decline as a result of the sale of a substantial number of our shares of common stock in the public market or the perception in the market that the holders of a large number of shares intend to sell their shares.

The concentration of our stock ownership will likely limit your ability to influence corporate matters, including the ability to influence the outcome of director elections and other matters requiring stockholder approval.

As of December 31, 2021, our executive officers, directors and the holders of more than 5% of our outstanding voting and non-voting common stock, in the aggregate, beneficially owned approximately 46.9% of our voting and non-voting common stock. As a result, these stockholders, acting together, will have significant influence over all matters that require approval by our stockholders, including the election of directors and approval of significant corporate transactions. Corporate actions might be taken even if other stockholders oppose them. This concentration of ownership might also have the effect of delaying or preventing a change of control of our company that other stockholders may view as beneficial.

64


 

We do not intend to pay dividends on our common stock and, consequently, your ability to achieve a return on your investment will depend on appreciation in the price of our common stock.

We have never declared or paid any cash dividend on our common stock and do not currently intend to do so for the foreseeable future. We currently anticipate that we will retain future earnings for the development, operation and expansion of our business and do not anticipate declaring or paying any cash dividends for the foreseeable future. In addition, our loan and security agreement currently prohibits us from paying dividends on our equity securities, and any future debt financing arrangement may contain terms prohibiting or limiting the amount of dividends that may be declared or paid on our common stock. Any return to stockholders will therefore be limited to the appreciation of their stock. Therefore, the success of an investment in shares of our common stock will depend upon any future appreciation in their value. There is no guarantee that shares of our common stock will appreciate in value or even maintain the price at which our stockholders have purchased their shares.

Delaware law and provisions in our amended and restated certificate of incorporation and amended and restated bylaws could make a merger, tender offer or proxy contest difficult, thereby depressing the trading price of our common stock.

Our status as a Delaware corporation and the anti-takeover provisions of the Delaware General Corporation Law (DGCL) may discourage, delay or prevent a change in control by prohibiting us from engaging in a business combination with an interested stockholder for a period of three years after the person becomes an interested stockholder, even if a change of control would be beneficial to our existing stockholders. In addition, our amended and restated certificate of incorporation and amended and restated bylaws contain provisions that may make the acquisition of our company more difficult, including the following:

a classified board of directors with three-year staggered terms, which could delay the ability of stockholders to change the membership of a majority of our board of directors;
the ability of our board of directors to issue shares of preferred stock and to determine the price and other terms of those shares, including preferences and voting rights, without stockholder approval, which could be used to significantly dilute the ownership of a hostile acquiror;
the exclusive right of our board of directors to elect a director to fill a vacancy created by the expansion of our board of directors or the resignation, death or removal of a director, which prevents stockholders from being able to fill vacancies on our board of directors;
a prohibition on stockholder action by written consent, which forces stockholder action to be taken at an annual or special meeting of our stockholders;
the requirement that a special meeting of stockholders may be called only by a majority vote of our entire board of directors, the chairman of our board of directors or our chief executive officer, which could delay the ability of our stockholders to force consideration of a proposal or to take action, including the removal of directors;
the requirement for the affirmative vote of holders of at least 66 2/3% of the voting power of all of the then-outstanding shares of the voting stock, voting together as a single class, to amend the provisions of our amended and restated certificate of incorporation or our amended and restated bylaws, which may inhibit the ability of an acquiror to effect such amendments to facilitate an unsolicited takeover attempt; and
advance notice procedures with which stockholders must comply to nominate candidates to our board of directors or to propose matters to be acted upon at a stockholders’ meeting, which may discourage or deter a potential acquiror from conducting a solicitation of proxies to elect the acquiror’s own slate of directors or otherwise attempting to obtain control of us.

In addition, as a Delaware corporation, we are subject to Section 203 of the DGCL. These provisions may prohibit large stockholders, in particular those owning 15% or more of our outstanding voting stock, from merging or combining with us for a certain period of time. A Delaware corporation may opt out of this provision by express provision in its original certificate of incorporation or by amendment to its certificate of incorporation or bylaws approved by its stockholders. However, we have not opted out of this provision.

These and other provisions in our amended and restated certificate of incorporation, amended and restated bylaws and Delaware law could make it more difficult for stockholders or potential acquirors to obtain control of our board of directors or initiate actions that are opposed by our then-current board of directors, including delay or impede a merger,

65


 

tender offer or proxy contest involving our company. The existence of these provisions could negatively affect the price of our common stock and limit opportunities for you to realize value in a corporate transaction.

Our amended and restated certificate of incorporation provides that the Court of Chancery of the State of Delaware and the federal district courts of the United States will be the exclusive forum for substantially all disputes between us and our stockholders, which could limit our stockholders’ ability to obtain a favorable judicial forum for disputes with us or our directors, officers or employees.

Our amended and restated certificate of incorporation provides that the Court of Chancery of the State of Delaware is the exclusive forum for any derivative action or proceeding brought on our behalf, any action asserting a breach of fiduciary duty, any action asserting a claim against us arising pursuant to the DGCL, our certificate of incorporation or our bylaws or any action asserting a claim against us that is governed by the internal affairs doctrine. This provision would not apply to claims brought to enforce a duty or liability created by the Exchange Act or any other claim for which the federal courts have exclusive jurisdiction. Our amended and restated certificate of incorporation provides further that the federal district courts of the United States will be the exclusive forum for resolving any complaint asserting a cause of action arising under the Securities Act. These choices of forum provisions may limit a stockholder’s ability to bring a claim in a judicial forum that it finds favorable for disputes with us or our directors, officers or other employees and may discourage these types of lawsuits. Furthermore, the enforceability of similar choice of forum provisions in other companies’ certificates of incorporation has been challenged in legal proceedings, and it is possible that a court could find these types of provisions to be inapplicable or unenforceable. While the Delaware courts have determined that such choice of forum provisions are facially valid, a stockholder may nevertheless seek to bring a claim in a venue other than those designated in the exclusive-forum provisions, and there can be no assurance that such provisions will be enforced by a court in those other jurisdictions. If a court were to find the exclusive-forum provision contained in our amended and restated certificate of incorporation to be inapplicable or unenforceable in an action, we may incur additional costs associated with resolving such action in other jurisdictions, which could harm our business.

66


 

Item 1B. Unresolved Staff Comments

None.

Item 2. Properties

Our corporate headquarters are located in Boston, Massachusetts, where we occupy facilities totaling approximately 16,419 square feet under a lease that expires in March 2024. We use these facilities for administration, finance, legal, compliance, human resources, global payments, IT, sales and marketing, engineering, and customer success.

We maintain other leased locations in the U.S. and throughout the world. We intend to procure additional space as we add employees and expand geographically. We believe that our facilities are adequate to meet our needs for the immediate future, and that, should it be needed, suitable additional space will be available to accommodate any such expansion of our operations.

From time to time, we may be subject to legal proceedings and claims in the ordinary course of business, including patent, commercial, product liability, employment, class action, whistleblower, and other litigation and claims, as well as governmental and other regulatory investigations and proceedings. In addition, third parties may from time to time assert claims against us in the form of letters and other communications. We are not currently a party to any legal proceedings that we believe to be material to our business or consolidated financial statements. The results of any future litigation cannot be predicted with certainty, and regardless of the outcome, litigation can have an adverse impact on us because of defense and settlement costs, diversion of management resources, and other factors.

Item 4. Mine Safety Disclosures

Not applicable.

67


 

PART II

Item 5. Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities

Market Information

Our voting common stock began trading on the Nasdaq Global Select Market under the symbol “FLYW” on May 26, 2021. Prior to that date, there was no public trading market for our common stock.

Our non-voting common stock is not listed on any stock exchange nor traded on any public market.de

Holders of Record

As of March 25, 2022, there were 71 holders of record of our voting common stock. This number does not include beneficial owners whose shares are held by nominees in street name. As of March 25, 2022, there were 2 holders of record of our non-voting common stock.

Dividend Policy

We have never declared nor paid any cash dividends on our capital stock. We currently intend to retain all available funds and any future earnings for use in the operation of our business and do not expect to pay any dividends on our capital stock in the foreseeable future. Any future determination relating to our dividend policy will be at the discretion of our board of directors, subject to applicable laws, and will depend on our financial condition, results of operations, capital requirements, general business conditions, and other factors that our board of directors considers relevant. In addition, the terms of our Revolving Credit Agreement restrict our ability to pay dividends.

Securities Authorized for Issuance under Equity Compensation Plans

The following table provides information as of December 31, 2021, with respect to shares of our common stock that may be issued, subject to certain vesting requirements, under our existing equity compensation plans, including our 2009 Equity Incentive Plan, which was adopted in 2009 and amended and restated in 2011 (as amended and restated, the 2009 Plan), our 2018 Stock Incentive Plan (2018 Plan), 2021 Equity Incentive Plan (2021 Plan) and Employee Stock Purchase Plan (ESPP).

 

 

A

 

 

B

 

 

C

 

 

Plan Category

 

Number of
Securities to
be Issued
Upon Exercise
of Outstanding
Options, Warrants,
and Rights

 

 

Weighted-
Average
Exercise Price of
Outstanding
Options,
Warrants, and
Rights

 

 

Number of
Securities
Remaining
Available
for Future
Issuance
Under Equity
Compensation
Plans (Excluding
Securities
Reflected in
Column (A)

 

 

Equity compensation plans
   approved by security holders

 

 

15,068,413

 

(1)

 

5.40