Untitled

ANNUAL REPORT 2021

F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

CONTENTS

Nobody knows cyber security like F-Secure. For three decades, F-Secure has driven innovations in cyber security, defending over , companies and millions of people. With unsurpassed experience in

endpoint protection as well as detection and response, F-Secure shields enterprises and consumers against everything from advanced cyber attacks and data breaches to widespread ransomware infections.

F-Secure’s sophisticated technology combines the power of machine learning with the human expertise of its world-renowned security labs. F-Secure’s security experts perform incident response and

forensic investigations on four continents, and its products are sold all over the world by around  broadband and mobile operators and thousands of resellers.

Founded in , F-Secure is listed on the Nasdaq Helsinki.

CONTENTS

F-SECURE CORPORATION .................. 

Income statement ......................... 

Balance sheet ............................. 

Cash ﬂow statement ....................... 

Notes to the parent company

Financial Statements ....................... 

BOARD OF DIRECTORS’ REPORT

Board of Directors’ Report .................. 

Key figures ................................ 

Calculation of key ratios .................... 

FINANCIAL STATEMENTS

F-SECURE CONSOLIDATED.................. 

Statement of comprehensive income ........ 

Statement of financial position .............. 

Statement of cash ﬂows .................... 

Statement of changes in equity .............. 

Notes to the Financial Statements............ 

Auditor’s Report ........................... 

FSECURE 

Key figures ................................ 

Business model ............................ 

Portfolio in Corporate Security .............. 

Value proposition in Consumer Security ...... 

Products and services ...................... 

CEO’s letter ............................... 

NONFINANCIAL INFORMATION

Statement of Corporate responsibility ........ 

F-Secure’s business model and value creation . 

CORPORATE GOVERNANCE

F-Secure’s CorporateGovernance Statement .. 

Board of Directors ......................... 

Leadership team ........................... 

Remuneration report ....................... 

INFORMATION FOR SHAREHOLDERS

Information for shareholders ................ 



FSECURE 2021

Corporate responsibility

Corporate governance

F-Secure 2021

Board of Directors’ Report

Financial statements

20212020201920182017

Consumer security revenue Corporate security revenue

"2017 97.53 72.223

"2018 94.87 95.861

"2019 94.8 122.5

"2020 100 120

"2021 106.3 130

170

191

123

217

120

100

220

130

106

236

KEY FIGURES 2021

Revenue

236

MEUR

Adjusted EBITDA

36.5

MEUR

Adjusted EBITDA margin

15.4%

Sales from

100+

countries

Cybersecurity insights for

30+

years

Employees representing

nationalities with

cultural diversity

North America 10%

Corporate security

products

Consumer security

products

Cyber security

consulting

● Corporate security revenue

● Consumer security revenue

■

Adjusted EBITDA

GROWING IN ALL BUSINESSES

Revenue development and adjusted EBITDA, MEUR

Revenue split by region, %

Key facts

35%

20%

45%

Revenue split by business, %

Rest of the world 13%

44% Rest of Europe

Nordic 33%



FSECURE 2021

F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

SOFTWARE TO CONSUMERS

MAINLY VIA CHANNEL

SOFTWARE TO MIDMARKET

BUSINESSES VIA CHANNEL

SOLUTIONS TO ENTERPRISES

DIRECTLY

BUSINESS MODEL:

MONETIZING THROUGH SOFTWARE AND SOLUTIONS

 TWO BUSINESSES AND THREE PLAYBOOKS

INNOVATIONS | THREAT INSIGHTS | RESEARCH | AI | MACHINE LEARNING

COMMON SOFTWARE TECHNOLOGY

DETECTION & RESPONSE TECHNOLOGY

TECHNOLOGY IS THE KEY TO IMPROVE PROFITABILITY

. Standardized partner integration

. Upsell new products

. Automate business processes

. Modular SaaS oﬀering

. Land and expand

. Scale MDR with D&R technology

. Productize standard services



FSECURE 2021

F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

PORTFOLIO IN

CORPORATE SECURITY

F-Secure ELEMENTS is a modular, cloud-native platform

that enables customers to choose between standalone

solutions and the full suite of endpoint products. This

platform meets the need for the servitization of cyber

security and is an easy way for our customers to deploy

new solutions”, says Juhani Hintikka, President & CEO.

“

SOFTWARE SOLUTIONS

ELEMENTS

ENDPOINT

PROTECTION

ENDPOINT

DETECTION AND

RESPONSE

COLLABORATION

PROTECTION

VULNERABILITY

MANAGEMENT

CLOUD

PROTECTION FOR

SALESFORCE

MANAGED

DETECTION AND

RESPONSE

CYBER SECURITY

CONSULTING

Reported as:

● Corporate Security Products

● Cyber Security Consulting

Our portfolio for businesses

SERVITIZE

PRODUCTIZE

ARTIFICIAL INTELLIGENCE AND MACHINE LEARNING BLACKFIN

RESEARCH AND THREAT INTELLIGENCE

DATA



FSECURE 2021

F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

VALUE PROPOSITION IN

CONSUMER SECURITY

We want to be the most desired partner in cyber security.

It’s not good enough to provide just some software, it

also has to work very well,” says Timo Laaksonen, SVP

Consumer Security.

“

Our value proposition – service provider success

Award-winning portfolio to protect devices,

privacy, identity and the connected home

Ensure partner success Platforms for partners

PROTECTING CONSUMERS’

CONNECTED LIVES

BUSINESS MODEL

FLEXIBILITY

INTEGRATION

SUPPORT BUSINESS

INTELLIGENCE



FSECURE 2021

F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

In corporate security F-Secure provides a broad range of cyber

security products, managed detection and response solutions and

cyber security consulting to companies globally with a focus on

the mid-market and local enterprises.

F-Secure Elements – one cloud-native

platform for chosen cyber security solutions

F-Secure Elements is a ﬂexible platform that allows our partners to

choose from a traditional annual license, a monthly subscription or

the pay-as-you-go model.

F-Secure Elements Endpoint Protection – Cloud-native endpoint

security

F-Secure Elements Endpoint Detection and Response –

Customer- or partner-managed software solution to protect

against targeted attacks

F-Secure Elements Vulnerability Management – Automated

vulnerability scanning and management platform

F-Secure Elements for Microsoft  – Advanced protection for

online exchange of content

In consumer security the company provides a comprehensive

range of endpoint protection, privacy and password management

solutions, and security for all the connected devices at home, both

separately and as a bundled premium oﬀering (F-SecureTOTAL).

The majority of consumer sales comes from the sale of endpoint

protection products through the operator channel, but the

company also sells consumer products through various retail

partners, as well as the company’s own web shop.

F-Secure SAFE

– Easy to use antivirus and internet

security, including Family rules to let

you set healthy boundaries for your

children’s device use

F-Secure SENSE

– A software-based solution integrated

in operators’ broadband routers

to secure all devices and the entire

connected home against online

threats

F-Secure ID PROTECTION

– Combines personal information

monitoring against data breaches with

password manager

F-Secure FREEDOME

– VPN that ensures anonymous and

secure internet browsing

F-Secure KEY

– A light and easy password manager,

allowing you to store your passwords

securely and access them from any

device

Corporate security

Consumer security

PRODUCTS AND SERVICES

Independent cyber security solutions

MDR: F-Secure Countercept – Advanced threat hunting and

continuous response capabilities against targeted attacks delivered as

a managed service

F-Secure Cloud Protection for Salesforce – Cloud-hosted content-

level security for Salesforce customers

F-Secure Business Suite – On-site deployed endpoint security

phishd – Anti-phishing behavior management platform

Cyber security services

F-Secure provides premium consultancy services for all areas of cyber

security on four continents, including services such as:

– F-Secure Cyber Incident & Resilience Services

– F-Secure Security Assessments

– F-Secure Red Team Testing

– F-Secure Cyber Risk Management



FSECURE 2021

F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

The COVID- pandemic impacted the global economy and our

operations also in . The digital leap of societies and increased

remote working supported the positive development of our

businesses. The accelerating growth of our Managed Detection

and Response (MDR) solutions and continuing strong customer

demand for our Cloud Protection for Salesforce software and

cloud-native Elements platform showed their strength over the

course of the year.

In , the most important target for our corporate security busi-

ness was the growth of our SaaS (Security as a Service) oﬀering and

riding on its strong growth. In our consulting business, we were

impacted by the COVID- pandemic and high attrition during

the year. However, I am very happy that by the end of the year

the attrition rate had already improved, and things look positive

for the future of our consulting business as well. On the consumer

security side, we focused on maintaining our high profitability,

while investing in our ability to grow.

As a result, our revenue increased by % to EUR . million

(.m), especially driven by the excellent growth of Managed

Detection and Response (MDR) solutions as well as business secu-

rity software. Our adjusted EBITDA grew to EUR . million (.m),

i.e. .% of revenue. I am also satisfied with the development of

our annual recurring revenue (ARR) during the year. At the end of

December, the annual recurring revenue (ARR) of our corporate

security’s Cloud-based Solutions was over EUR  million, growing

by % year-on-year. This shows we are making good progress in

transitioning towards a SaaS company. I want to express my sincere

thanks to our personnel for their dedication and hard work during

these exceptional of times. Without their extraordinary contribu-

tion, this would not have been possible.

A YEAR OF STRATEGY CLARIFICATION  PAVING THE WAY FOR THE

SEPARATION OF CONSUMER SECURITY BUSINESS

Juhani Hintikka

CEO’S LETTER



CEO LETTER

F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

Award-winning security

The role of F-Secure is to build and sustain trust in digital society.

In the light of the several severe ransomware and supply chain

attacks that took place in , this role is more important than

ever.

I strongly believe that no one, let alone our customers, should

experience a serious loss from a cyber attack. That is why R&D is

in such an important role in our company. One of the underlying

principles is that security should be an integral part of products

and processes, not a separate component to be added later on.

In , the quality of our products was once again proven, when

our Detection and Response solutions continued their excellent

performance in the rd MITRE Engenuity ATT&CK® evaluation and

when F-Secure SAFE product received top scores in the indepen-

dent AV-TEST Institute’s tests.

The most important product launch of the year was the launch

of F-Secure ELEMENTS, a modular, cloud-native platform that

enables customers to choose between standalone solutions and

the full suite of endpoint products. This platform meets the need

for the servitization of cyber security and helps our customers to

deploy new solutions easily.

Clarification of strategy

Year  was also a year of clarifying our strategy. We recognize

we operate in three very diﬀerent markets. Each of these markets

requires its own playbook. Our business security software focuses

on the mid-market segment through an extensive partner network,

whereas the enterprise customers are served directly by our

outcome-based solution portfolio and our consulting business. In

consumer security, we are aiming for growth while partnering with

service providers.

In the new strategy, we have put good partnerships at the core

of our business. Our clear goal is to be the most desired partner

in cyber security. This applies both to our corporate security and

consumer security businesses.

In , we also started a review and evaluation of diﬀerent

strategic options for our consumer security business. In February

, we announced the outcome of that review. We will now

pursue towards the separation of our consumer security business.

The plan is to transfer the consumer security business into a new

independent company that will be named F-Secure Corporation.

The current F-Secure will carry on its corporate security business

and is planning to change its name to WithSecure Corporation.

The demerger would enable us to serve our end customers even

better through two separate companies, which are more focused

on the diﬀering customer needs. These companies would also

have diﬀerent financial profiles, that would support shareholder

value creation in the long term. I believe the demerger would

create two even more successful companies and oﬀer new,

exciting opportunities also for our employees.

I look forward to the year  with great enthusiasm. Both our

corporate security and consumer security businesses are in an

excellent position to grow and prosper as separate companies as

the world is moving towards a new normal.

Juhani Hintikka

“

I want to thank all our stakeholders

– customers, partners, investors

and especially our personnel – for

believing in us in . We have an

exciting journey ahead of us.“



CEO LETTER

F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

BOARD OF DIRECTORS’

REPORT 2021

The COVID-19 pandemic impacted the global economy and

F-Secure’s operations also in 2021. The digital leap of societies and

increased remote working supported the positive development

of company’s corporate security products and consumer security

business. The accelerating growth of F-Secure’s Managed

Detection and Response (MDR) solutions and continuing strong

customer demand for Cloud Protection for Salesforce software

and cloud-native Elements platform proved the strength of our

oﬀering. As a result, F-Secure’s revenue increased by 7% to EUR

236.3 million (220.2m) and adjusted EBITDA grew to EUR 36.5

million (35.7m).

In 2021, F-Secure’s corporate security business continued its strong

performance. In corporate security products, the growth came

especially from Managed Detection and Response (MDR) solution,

Endpoint Detection and Response (EDR) and Cloud Protection

products, while Endpoint Protection Platform (EPP) still accounted

for a significant share of the revenue. In cyber security consulting,

COVID-19 pandemic still impacted F-Secure’s operations especially

in the beginning of the year. At the same time, as remote working



BOARD OF DIRECTORS’ REPORT

F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

has now become a new norm, F-Secure can better utilize its global

pool of experts and deliver cyber security consulting services more

remotely and globally, thus mitigating the lack of highly specialized

experts to meet the strong customer demand in some regions.

In F-Secure’s consumer security business, both service provider

channel and direct business grew. In the service provider channel,

the whole portfolio contributed to the growth. In direct sales to

consumers, the growth was driven by the increasing share of our

bundled solution, F-Secure TOTAL.

Financial performance and key figures

The company’s total revenue in January–December increased

by 7% year-on-year to EUR 236.3 million (220.2m). The share of

corporate security of total revenue was 55% (55%).

Corporate security

Revenue from corporate security increased by 8% year-on-year

and was EUR 130.0 million (120.1m) as corporate security products

grew by 11% and cyber security consulting by 3%. In the end of

December 2021, the annual recurring revenue (ARR) of corporate

security’s cloud-based Solutions was EUR 60.9 million (45.5m),

growing by 34% year-on-year.

Products

Revenue from business security software grew year-on-year. The

growth was driven by the cloud-native Elements platform, its EDR

(Endpoint Detection and Response) software as well as Cloud

Protection for Salesforce software, while EPP (Endpoint Protection

Platform) still accounts for a significant share of the revenue. The

sales of EDR and Cloud Protection products grew across all the key

regions.

The orders of F-Secure’s business security software in 2021 were

all-time high, mainly driven by the successful launch of the

Elements platform in May 2021, renewed licensing models as

well as the systematic and close co-operation with partners in

productizing the EDR oﬀering.

Revenue from Managed Detection and Response (MDR) solutions

(F-Secure Countercept) grew year-on-year. In 2021, several

important deals were signed for example with customers from key

enterprise verticals i.e in manufacturing, technology, media and

financial services sectors.

Cyber security consulting

Revenue from cyber security consulting increased by 3% year-on-

year to EUR 47.2 million (45.8m).

Especially in the beginning of the year, the COVID-19 pandemic

impacted the cyber security consulting operations. Towards

the end of the year, the impact of pandemic decreased, but the

attrition of consultants in some regions negatively impacted

the consulting business. However, during the fourth quarter the

attrition rate improved.

Due to pandemic, remote working has become a new norm. This

enables F-Secure to better utilize its global pool of experts and

deliver cyber security consulting services more remotely and

globally, independent of customer’s physical location.

In December, F-Secure divested its UK public sector consulting

team through a management buy-out (MBO) to increase focus on

enterprise clients. In 2021, revenue of the divested operations was

EUR 3.7 million and it employed some 20 consultants.

Consumer security

Revenue from consumer security increased by 6% year-on-year

and was EUR 106.3 million (100.1m) as both service provider

channel and direct business grew.

Service Providers (previously Operators)

Revenue from the service provider channel grew year-on-year

driven by the sale of core endpoint protection solutions in addition

to partners expanding their oﬀering to F-Secure’s new consumer

products. In 2021, the majority of revenue came from the F-Secure

SAFE product.

Direct sales

Revenue from direct sales to consumers grew year-on-year,

which was driven by the increasing share of our bundled solution,

F-Secure TOTAL. The overall renewal performance continued at a

good level.

Gross margin

Gross margin increased by EUR 13.5 million to EUR 185.7 million

(172.2m) was 78.6% of revenue (78.2%). The increase in gross

margin was due to increased revenue in scalable product

businesses and improved performance in cyber security

consulting.

Operating expenses

Operating expenses excluding depreciation and amortization, and

items aﬀecting comparability (IAC) increased by EUR 13.0 million

to EUR 151.5 million (138.5m). During the comparative period,

operative expenses were at an unusually low level due to the

COVID-19 pandemic. Sales and marketing costs grew year-on-

year due to an increase in marketing activities and higher sales

commissions. Research and development costs grew year-on-year

due to a headcount increase. In addition, the company has

experienced salary inﬂation in several markets. Items aﬀecting

comparability (IAC) totaled EUR 4.3 million and consisted of costs

related to strategic reviews.

Depreciation and amortization were EUR 15.1 million (16.0m), where

PPA amortization from acquisitions was EUR 2.8 million (3.2m) and

the impairment was EUR 1.0 million.

Profitability

Adjusted EBITDA was EUR 36.5 million and 15.4% of revenue (35.7m,

16.2%) and adjusted EBIT was EUR 25.3 million and 10.7% of revenue

(22.9m, 10.4%).

EBITDA was EUR 32.8 million and 13.9% of revenue (35.7m, 16.2%).

EBIT was EUR 17.7 million and 7.5% of revenue (19.7m, 8.9%),

including EUR 2.8 million of PPA amortization (3.2m), EUR 1.0

million impairment and EUR 3.7 million of IAC items. Strategy



BOARD OF DIRECTORS’ REPORT

F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

related costs of EUR 4.3 million were partially oﬀset by a

preliminary capital gain of EUR 0.5 million from divesting UK public

sector consulting team through a local management buy-out. The

final capital gain is dependent on deferred consideration based

on the future performance of the divested business and it will be

measured at fair value quarterly.

Cash ﬂow

Cash ﬂow from operating activities before financial items and taxes

decreased by EUR 9.6 million and was EUR 38.7 million (48.3m).

Changes in net working capital due primarily to an increase in

current receivables had a negative impact on operative cash ﬂows.

Cash ﬂow from operations decreased by EUR 15.9 million and

was EUR 30.7 million (46.7m). In addition to net working capital,

residual taxes for 2020 and increase in advance taxes impacted the

cash ﬂow negatively.

Acquisitions and financial arrangements

F-Secure did not carry out acquisitions during 2021.

Company did not enter new financing agreements during 2021.

Bank loan repayments were made according to the schedule.

Total repayments for term loan during 2021 were EUR 6.0 million.

Company’s financing agreement includes a committed revolving

credit facility (RCF) of EUR 23.0 million to decrease short-term

liquidity risk. Remaining term loan at the end of the financial

year was EUR 19.0 million while RCF was undrawn. During next

12 months EUR 6.0 million of remaining term loan will be paid

according to the financing agreement.

The financing agreement includes conventional loan covenants

related to ratio of net debt to EBITDA and equity ratio. F-Secure

complied with the covenants throughout the reporting period.

Changes in the group structure

Following changes have occurred in the Group structure during

the financial year:

F-Secure Pty Limited in Australia was liquidated during second

quarter of 2021.

Capital structure

The financial position remained solid. The company has liquid

assets of EUR 53.0 million (51.4m) and interest- bearing bank debt

of EUR 19.0million (30.0m). Gearing was negative –25.8% due to

strong liquidity.

The next repayment (3.0m) of the term loan is due in June 2022.

To guarantee liquidity, F-Secure has EUR 23.0 million committed

revolving credit facility that was undrawn at the end of the year.

Research and development

F-Secure’s research and development expenditure amounted to

EUR 46.6 million in 2021, representing 19.7% of revenue (EUR 41.9m,

19%). Capitalized development expenses were EUR 5.6 million (EUR

5.5 million).

F-Secure is a cyber security technology company for which the

ability to innovate is crucial. The company has consistently earned

top marks in third-party technology evaluations for providing

the best protection, advanced detection & eﬀective response

capabilities and high customer satisfaction. This was once more

demonstrated in April, when F-Secure’s Detection and Response

solutions continued their excellent performance in the 3rd MITRE

Engenuity ATT&CK® evaluation.

During the year, both F-Secure’s corporate security and consumer

security products won many awards, e.g. the Best Protection

Awards from AV-TEST for home and business users and a Best

Performance award for home users. In autumn, an important

milestone was reached when, for the first time, F-Secure SAFE

product received top scores in all three categories (Protection,

Performance, Usability) in all three operating systems (Windows,

MacOS, Android) in the independent AV-TEST Institute’s tests.

In 2021, F-Secure also received the Artificial Intelligence Excellence

Award for its Project Blackfin, a multi-year research eﬀort aimed

at investigating how to apply collective intelligence in the cyber

security domain. The research, which is being led by F-Secure’s

Artificial Intelligence Centre of Excellence, is a company-wide

eﬀort involving F-Secure’s engineers, researchers data scientists,

and academic partners. The goals of the project are for example

to develop new, more generic methods for detecting adversarial

actions, further improve and automate threat intelligence

gathering capabilities and understand how to implement and

improve automated response actions.

The most important product launch of the year was the launch of

F-Secure ELEMENTS in the second quarter. F-Secure ELEMENTS

is a modular, cloud-native platform that enables customers

to choose between standalone solutions and the full suite of

endpoint products. The combines endpoint protection, endpoint

detection and response, vulnerability management, and

collaboration protection for cloud services such as Microsoft

Oﬃce 365. It also meets the need for the servitization of cyber

security and is an easy way for our customers to deploy new

solutions, which helps us to implement the Land and Expand

strategy.

Organization and leadership

Personnel

At the end of the year, F-Secure had 1,656 employees, which shows

a net decrease of 22 employees (–1%) since the beginning of the

year (1,678 on 31 December 2020).

Leadership team

In February 2021, Ari Vänttinen started as Chief Marketing Oﬃcer.

Consequently, Antti Hovila became Executive Vice President,

Strategy & Portfolio.

In September 2021, Tom Jansson started as CFO of F-Secure

Corporation and a member of company’s Leadership team as the

former CFO, Eriikka Söderström left the company.

In September 2021, Tiina Sarhimaa was appointed as Chief Legal

Oﬃcer (CLO) and she became a member of F-Secure’s Leadership

team.



BOARD OF DIRECTORS’ REPORT

F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

On 1 October 2021, F-Secure renewed the composition of its

Leadership Team to reﬂect its updated strategy. Going forward,

Chief Information Oﬃcer will report to Antti Koskela (CPO) and

Strategy and Portfolio team will report to Tom Jansson (CFO). As

an outcome, Jari Still (former CIO) and Antti Hovila (former EVP,

Strategy & Portfolio) left the Leadership Team.

At the end of the year, the composition of the Leadership Team

was the following:

Juhani Hintikka (CEO & President), Tom Jansson (CFO), Christine

Bejerasco (CTO), Antti Koskela (CPO), Ari Vänttinen (CMO), Timo

Laaksonen (EVP, Consumer Security), Juha Kivikoski (EVP, Business

Security), Edward Parsons (EVP, Cyber Security Consulting), Tim

Orchard (EVP, Managed Detection & Response), Charlotte Guillou

(EVP, People Operations & Culture) and Tiina Sarhimaa (CLO).

After the reporting period, on January 1, 2022, F-Secure changed

its management structure and combined its Managed Detection

and Response unit and Cyber Security Consulting unit under one

Solutions unit, led by Tim Orchard as Executive Vice President,

Solutions.

Shares, Shareholders’ Equity, Own Shares

The total number of company shares is currently 158,798,739. The

company’s registered shareholders’ equity is EUR 1,551,311.18. The

company held 411,358 of its own shares at the end of the quarter.

The company holds its own shares to be used in the incentive

compensation plans, for making acquisitions or implementing

other arrangements related to the company’s business, to improve

the company’s financial structure or to be otherwise assigned or

cancelled.

In January–December, 20,164,500 (22,752,704) of F-Secure’s shares

were traded on the Helsinki Stock Exchange. The highest trading

price was EUR 5.53 (4.14) and the lowest price was EUR 3.66 (2.04).

The volume weighted average price of F-Secure’s shares in 2021

was EUR 4.39 (3.10).

The share’s closing price on the last trading day of the year, 30

December 2021, was EUR 4.97 (3.84). Based on that closing price,

the market value of the company’s shares, excluding the treasury

shares held by the company, was EUR 786 million (607m).

The company currently has performance- and market-based

long-term share-based incentive programs for key employees.

Risks and uncertainties

The following risks and uncertainties can adversely impact

F-Secure’s sales, profitability, financial condition, market share,

reputation, share price or the achievement of the company’s short-

and long-term objectives. The matters described here should not

be construed as an exhaustive list. The most significant risks are:

COVID- pandemic

Cyber security consulting and the new sales of Managed Detection

and Response (MDR) service are negatively aﬀected by the

COVID-19 pandemic. Slowdown in the new sales of software

products and Managed Detection and Response (MDR) solutions

may occur if the situation prolongs.

Goodwill is tested for impairment annually and whenever there

is indication that it might be impaired. The annual impairment

testing of Consulting and MDR goodwill was carried out at the end

of 2021 and indicated no impairment although long-term forecasts

continue to include a higher level of uncertainty due to the

prolonged pandemic. Management continues to assess the need

for updated testing regularly.

Under the pandemic an increase in credit losses and delayed

customer payments may occur. To date, significant risks have

not realized, but the impacts of the pandemic on customers may

arise in the longer term. As part of the quarterly assessment of

allowances for expected credit losses under IFRS 9, a slight increase

in the calculation of expected credit losses was maintained.

Cyber security incident

Cyber security attacks threaten the confidentiality, integrity and

availability of F-Secure’s products, services and the enterprise.

F-Secure builds cyber resilience by continually improving its

capability to identify, protect, detect and respond to relevant

threats.

Endpoint protection market disruption

Endpoint security market is highly competitive. Operating system

manufacturers have increased their focus to built-in security

features and at the same time new vendors and technologies

have emerged. F-Secure has to succeed in maintaining in-depth

understanding of cyber security threat landscape, hacker

techniques and technologies used as well as continue to innovate

in defense technologies.

Market consolidation

The cyber security market is consolidating due to economies of

scale. F-Secure has to succeed in finding the right acquisition

targets, as well as successfully integrating the target companies.

Risks relating to launch of new technologies

In a rapidly evolving industry, it is vital to keep products and

services relevant to customers while introducing new technologies

to the market on-time. F-Secure is driving technology

simplification and R&D eﬀectivization initiatives as well as

investments in artificial intelligence to ensure a competitive

product portfolio.

Attracting and retaining talent

Competition for capable personnel is increasing and there is

structural undersupply of talent in the cyber security industry.

F-Secure is continuously developing and adopting new ways of

recruitment, building its own talent and knowledge pools and

investing in training and development of personnel.



BOARD OF DIRECTORS’ REPORT

F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

Geopolitical risks

F-Secure operates globally in diﬀerent countries, and local

regulation is exposing the company to geopolitical risks, including,

for instance, unfavorable tax matters or export controls. Changes

in regulations or their application, applicable to current or new

technologies or services, may adversely aﬀect F-Secure’s business

operations.

Currency ﬂuctuations

Increased amount of operations and sites outside the Eurozone in

diﬀerent currencies exposes F-Secure to an increased risk related

to currency ﬂuctuations.

Annual General Meeting

The Annual General Meeting of F-Secure Corporation was held on

24 March 2021. The Meeting confirmed the financial statements for

the financial year 2020 and reviewed the remuneration policy and

remuneration report for governing bodies. The members of the

Board and the President and CEO were discharged from liability.

The Annual General meeting approved the proposal of the Board

of Directors that a dividend of EUR 0.04 per share shall be paid

from the parent company’s distributable funds to shareholders

who are registered in the Company’s shareholders’ register

maintained by Euroclear Finland Oy on the dividend record date,

26 March 2021. The dividend was paid on 8 April 2021.

The Annual General Meeting decided that the annual

remuneration of the Board of Directors remain unchanged: EUR

80,000 for the Chairman of the Board of Directors, EUR 48,000

for the Committee Chairmen, EUR 38,000 for the members of

the Committees, and EUR 12,667 for a member of the Board

of Directors belonging to the personnel of the Company.

Approximately 40% of the annual remuneration will be paid as

company shares.

The Annual General Meeting decided that the number of Board

members shall be seven. The following current Board members

were re-elected: Risto Siilasmaa, Keith Bannister, Pertti Ervi, Päivi

Rekonen and Tuomas Syrjänen. Åsa Riisberg and Robin Wikström,

who belongs to the personnel of F-Secure Corporation, were

elected as new members of the Board of Directors.

The Board elected Risto Siilasmaa as the Chairman of the Board.

Päivi Rekonen was nominated as the Chair to the Personnel

Committee and Risto Siilasmaa and Tuomas Syrjänen as members

of the Personnel Committee. Pertti Ervi was nominated as the

Chairman of the Audit Committee and Keith Bannister, Åsa Riisberg

and Robin Wikström were nominated as members of the Audit

Committee.

It was decided that the Auditor’s fee will be paid against approved

invoice. PricewaterhouseCoopers Oy was elected as the Group’s

auditor. APA, Mr. Janne Rajalahti acts as the responsible partner.

The Board of Directors was authorized to resolve to repurchase a

maximum of 10,000,000 shares in the Company. Shares may be

repurchased also otherwise than in proportion to the shareholders’

holding in the Company. The authorization to repurchase the

Company’s own shares shall be valid until the conclusion of the

next Annual General Meeting, in any case until no later than 30

June 2022.

The Board of Directors was authorized to decide on the issuance

of a maximum of 15,879,874 shares in total through a share issue

or by issuing special rights entitling to shares pursuant to chapter

10, section 1 of the Companies Act in one or several tranches.

The proposed maximum number of the shares corresponds

to approximately 10% of the Company’s registered number of

shares. The authorization entitles the Board of Directors to decide

on all terms related to the share issue as well as the issuance of

options and other special rights entitling to shares. The issuance

of shares may be carried out in deviation from the shareholders’

pre-emptive subscription right (directed issue). The authorization

is valid until the conclusion of the next Annual General Meeting, in

any case until no later than 30 June 2022.

Market overview

The growing number and variety of connected devices as well

as digital services continues to create security challenges for

both businesses and individuals. Combined with the increasing

complexity of IT systems, tightening regulation and increasing

significance of geopolitics, these trends are driving demand for

security products and services. While advanced cyber-attacks are

becoming more common and persistent, criminals are targeting

companies of all sizes along with consumers by taking advantage

of vulnerabilities in popular software, both traditional and new

connected devices as well as online services. Apart from pure

criminal activity, governments and hacktivists use vulnerabilities

and malware for things including espionage and surveillance.

Attacks against corporations often go undetected for months.

As most companies lack relevant capabilities for detection and

response, it is estimated that the demand for both Endpoint

Detection and Response (EDR) solutions and Managed Detection

and Response (MDR) will continue to increase rapidly. The new

detection and response capabilities are supplementing existing

endpoint protection solutions (EPP), causing the EPP market to be

in transition. Overall, as organizations are increasingly adopting

cloud services, they seek managed security services and cloud-

based delivery to help them maintain control of their security.

The consumer security software market continues to be impacted

by the changing device landscape, app stores and online sales

overall. On the whole, the number of connected smart home

devices is growing very rapidly, and as a result, telecommunication

operators are investing heavily in upgrading connectivity and

introducing new security related services into their oﬀerings. As

consumers become increasingly aware of the threats to their

privacy and security, they seek to buy more comprehensive

solutions to secure their digital lives.

Outlook

F-Secure will share outlook for  later when the demerger

process has progressed further.



BOARD OF DIRECTORS’ REPORT

F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

Medium term financial targets

Medium term financial targets for consumer security business:

•

Growth target: High single digit organic revenue growth

•

Profitability target: After initial growth investments, adjusted

EBITA margin of above 42%

Medium term financial targets for corporate security business:

•

Growth target: To double revenue organically by the end of



•

Profitability target: Adjusted EBITDA breakeven by the end of

2023 and adjusted EBITDA margin of some 20% by 2025

Board of Directors’ proposal for

the distribution of profit

The company’s dividend policy is to pay approximately half of

its profits as dividends. On December 31, 2021, F-Secure Oyj’s

distributable funds totaled EUR 81.4 million of which net profit for

the period was EUR 15.7 million. No material changes have taken

place in the company’s financial position after the balance sheet

date.

F-Secure’s Board of Directors proposes that no dividend will be

paid for 2021 due to the planned demerger of consumer security

business.

More information about the planned demerger can be found from

the demerger plan, published on February 17, 2022, that is available

from company’s website at www.f-secure.com.

Events after period-end

After the reporting period, in February 2022, F-Secure sold its

shares in its F-Secure Cyber Security (PTY) Limited in South Africa

through a local management buy-out (MBO). Impacts of the

divestment to financial reporting will be disclosed in the first

quarter of 2022 Interim Report.

On February 17, 2022, F-Secure announced the outcome of the

strategic review and evaluation of diﬀerent strategic options for

company’s consumer security business. The Board of Directors

of F-Secure Corporation has decided to pursue towards the

separation of the company’s consumer security business through

a partial demerger. It is planned that the consumer security

business will be transferred into a new independent company to

be named F-Secure Corporation to be established in connection

with the demerger. The current F-Secure Corporation will carry on

its corporate security business and it is planned to be renamed as

WithSecure Corporation. The planned completion date is June 30,

2022. The trading in the new consumer security company’s shares

on Nasdaq Helsinki is expected to commence on July 1, 2022 or as

soon as possible thereafter.

Helsinki, 16 February 2022

F-Secure Corporation

Board of Directors

Risto Siilasmaa

Pertti Ervi

Päivi Rekonen

Tuomas Syrjänen

Keith Bannister

Åsa Riisberg

Robin Wikström

President and CEO

Juhani Hintikka



BOARD OF DIRECTORS’ REPORT

F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility



million EUR

row 13 pt

Economic indicators

IFRS



IFRS



IFRS



IFRS



IFRS



Revenue (MEUR)     

Revenue growth % % % % % %

EBIT (MEUR)     

% of revenue % % % % %

Result before taxes     

% of revenue % % % % %

ROE (%) % % % % %

ROI (%) % % % % %

Equity ratio (%) % % % % %

Investments (MEUR)     

% of revenue % % % % %

R&D costs (MEUR)     

% of revenue % % % % %

Capitalized development (MEUR)     

Gearing % –% –% % % –%

Wages and salaries (MEUR)     

Personnel on average     

Personnel on Dec      

Key ratios

IFRS



IFRS



IFRS



IFRS



IFRS



Earnings / share (EUR)     

Earnings / share (EUR) continuing

operations     

Earnings / share diluted     

Earnings / share diluted continuing

operations     

Shareholders' equity per share     

Dividend per share *     

Dividend per earnings (%) % % % % %

Eﬀective dividends (%) % % % % %

P/E ratio     

Share price, lowest (EUR)     

Share price, highest (EUR)     

Share price, average (EUR)     

Share price Dec      

Market capitalization (MEUR)     

Trading volume (millions)     

Trading volume (%) % % % % %

* Board proposal

Adjusted number of shares IFRS  IFRS  IFRS  IFRS  IFRS 

average during the period     

average during the period, diluted     

Dec      

Dec , diluted     

● Turnover EUR ● Average price

Turnover and average share price

per month 

KEY FIGURES

F-Secure has applied new IFRS16 standard from January 1, 2019 onwards with modified approach and comparatives are not restated. IFRS 15 and IFRS 9 standards have been applied from January 1, 2018 onwards

and 2017 financials are restated retrospectively.



F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

Equity ratio, %

Total equity

 

Total assets – advance payments received

ROI, %

Result before taxes  financial expenses

 

Total assets – non-interest bearing liabilities (average)

ROE, %

Result for the period

 

Total equity (average)

Gearing, %

Interest bearing liabilities – cash and bank and financial asset through profit and loss

 

Total equity

Earnings per share, EUR

Profit attributable to equity holders of the company

Weighted average number of outstanding shares

Shareholders’ equity

per share, EUR

Equity attributable to equity holders of the company

Number of outstanding shares at the end of period

P/E ratio

Closing price of the share, end of period

Earnings per share

Dividend per earnings, %

Dividend per share

 

Earnings per share

Eﬀective dividends, %

Dividend per share

 

Closing price of the share, end of period

Operating expenses

Sales and marketing, research and development and administration costs

EBITDA

EBIT  depreciation, amortization and impairment

EBITA

EBIT  amortization and impairment

CALCULATION OF KEY RATIOS



F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

Reconciliation between adjusted EBITDA, EBITDA, adjusted EBIT and EBIT

EUR  Consolidated  Consolidated 

Adjusted EBITDA  

Adjustments to EBITDA

Gains and losses from sales of businesses 

Costs related to strategic review –

Costs related to restructuring 

EBITDA  

Depreciation, amortization and impairment losses – –

EBIT  

Adjusted EBIT  

Adjustments to EBIT

Gains and losses from sales of businesses 

Costs related to strategic review –

PPA amortization – –

Impairment –

Costs related to restructuring 

EBIT  

Classification of adjusted costs in operating expenses

Operating Expenses



Costs related to

strategic review

Expenses for

adjusted EBIT Depreciation Impairment PPA amortization

Operating Expenses

for Adjusted EBITDA



Sales and marketing – –  –

Research and development – –  –

Administration –  –    –

Operating expenses –  –    –

Operating Expenses



Costs related to

restructuring

Expenses for

adjusted EBIT Depreciation Impairment PPA amortization

Operating Expenses

for Adjusted EBITDA



Sales and marketing – –  –

Research and development – –  –

Administration –  –   –

Operating expenses –  –   –



F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

Shares and share ownership distribution,  Dec 

Number of

shareholders

% of

shareholders Total shares % of shares

–  %  %

–  %  %

–  %  %

–  %  %

–  %  %

Total  %  %

Shareholders by category,  Dec  Total shares % of shares

Corporations  %

Financial and insurance institutions  %

General government  %

Non-profit organizations  %

Households  %

Other countries and international organizations  %

Total  %

Largest shareholders and administrative register

Owner Shares % of shares % of votes

Risto Siilasmaa  % %

Skandinaviska Enskilda Banken AB  % %

Nordea Nordic Small Cap Fund  % %

Mandatum Life Insurance Company  % %

Citibank Europe Plc  % %

Ilmarinen Mutual Pension Insurance Company  % %

Elo Mutual Pension Insurance Company  % %

The State Pension Fund  % %

Varma Mutual Pension Insurance Company  % %

Nordea Finnish Stars Fund  % %

Kaleva Mutual Insurance Company  % %

Administrative register Shares % of shares % of votes

Skandinaviska Enskilda Banken AB  % %

Citibank Europe Plc  % %

Other registers  % %

Other shareholders  % %

Total  % %

Own shares F-Secure Corporation  %

Total  %

Ownership of management

Board of Directors Shares % of shares

Risto Siilasmaa  %

Pertti Ervi  %

Tuomas Syrjänen  %

Päivi Rekonen  %

Keith Bannister  %

Åsa Riisberg  %

Robin Wikström  %

Total  %

Executive team Shares % of shares

Juha Kivikoski  %

Timo Laaksonen  %

Edward Parsons  %

Christine Bejerasco  %

Antti Koskela  %

Tiina Sarhimaa  %

Juhani Hintikka

Tom Jansson

Ari Vänttinen

Tim Orchard

Charlotte Guillou

Total  %

Ownership of management

The Board of Directors owned a total of 60,142,711 shares on December 31, 2021. This represents

37.9 percent of the Company’s shares and 38.0 percent of votes.

Shares and shareholders



F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

STATEMENT OF COMPREHENSIVE INCOME JAN 1DEC 31, 2021

EUR  Note

Consolidated,

IFRS 

Consolidated,

IFRS 

REVENUE () 236,265 220,204

Cost of revenue () –50,551 –47,996

GROSS MARGIN 185,714 172,208

Other operating income () 2,791 2,108

Sales and marketing (, , ) –99,215 –95,625

Research and development (, , ) –46,599 –41,891

Administration (, , ) –24,984 –17,120

EBIT 17,707 19,680

Financial income () 1,473 2,443

Financial expenses () –1,751 –5,666

PROFIT (LOSS) BEFORE TAXES 17,429 16,457

Income tax () –4,726 –3,581

RESULT FOR THE FINANCIAL YEAR 12,703 12,875

Other comprehensive income

Exchange diﬀerence on translation of foreign operations 3,992 –7,361

COMPREHENSIVE INCOME FOR THE YEAR 16,695 5,514

Result of the financial year is attributable to:

Equity holders of the parent 12,703 12,875

Comprehensive income for the year is attributable to:

Equity holders of the parent 16,695 5,514

Earnings per share

– basic and diluted () 0.08 0.08



FINANCIAL STATEMENTS F-SECURE CONSOLIDATED

F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

STATEMENT OF FINANCIAL POSITION DEC 31, 2021

EUR 

Note

Consolidated,

IFRS 

Consolidated,

IFRS 

ASSETS

NON-CURRENT ASSETS

Tangible assets (, ) 12,712 14,064

Intangible assets () 33,034 34,016

Goodwill (, , ) 85,143 81,944

Deferred tax assets () 4,124 3,954

Other receivables () 1,860 579

Total non-current assets 136,874 134,557

CURRENT ASSETS

Inventories () 51 74

Accrued income () 4,714 3,398

Trade and other receivables (, ) 49,856 47,462

Income tax receivables () 1,740 872

Financial asset at FVTPL () 61 61

Cash and bank accounts (, ) 52,940 51,380

Total current assets 109,361 103,246

TOTAL ASSETS 246,235 237,803

EUR 

Note

Consolidated,

IFRS 

Consolidated,

IFRS 

SHAREHOLDERS’ EQUITY AND LIABILITIES

SHAREHOLDERS’ EQUITY ()

Share capital 1,551 1,551

Share premium 165 165

Treasury shares –849 –1,288

Translation diﬀerences –124 –4,116

Reserve for invested unrestricted equity 6,789 6,464

Retained earnings 87,831 79,554

Equity attributable to equity holders of the parent 95,363 82,330

NON-CURRENT LIABILITIES

Interest bearing liabilities, non-current (, , ) 17,577 23,929

Deferred tax liabilities () 1,880 1,294

Other non-current liabilities () 26,335 25,338

Total non-current liabilities 45,792 50,560

CURRENT LIABILITIES

Interest bearing liabilities, current (, , ) 10,824 15,937

Trade and other payables (, ) 29,990 26,088

Income tax liabilities () 4,182 5,656

Other current liabilities () 60,084 57,232

Total current liabilities 105,080 104,913

TOTAL SHAREHOLDERS’ EQUITY AND LIABILITIES 246,235 237,803



FINANCIAL STATEMENTS F-SECURE CONSOLIDATED

F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

STATEMENT OF CASH FLOWS JAN 1DEC 31, 2021

EUR 

Consolidated,

IFRS 

Consolidated,

IFRS 

Cash ﬂow from operations

Result for the financial year 12,703 12,875

Adjustments

Depreciation and amortization 15,066 16,020

Profit / loss on sale of fixed assets 142 58

Other adjustments 2,504 1,783

Financial income and expenses 278 3,224

Income taxes 4,726 3,581

Cash ﬂow from operations before change in

working capital 35,420 37,542

Change in net working capital

Current receivables, increase (–),

decrease() –4,138 6,164

Inventories, increase (–), decrease () 23 33

Non-interest bearing debt, increase (),

decrease (–) 7,371 5,069

Provisions, increase (), decrease (–) –500

Cash ﬂow from operations before financial items

and taxes

38,675 48,307

Interest expenses paid –451 –536

Interest income received 11 –4

Other financial income and expenses –843 –1,017

Income taxes paid –6,652 –70

Cash ﬂow from operations 30,741 46,680

EUR 

Consolidated,

IFRS 

Consolidated,

IFRS 

Cash ﬂow from investments

Investments in intangible and tangible assets –6,569 –8,139

Proceeds from sale of intangible and tangible

assets 433 238

Other investments 0 6

Acquisition of subsidiaries, net of cash acquired –3,681

Cash ﬂow from investments –6,135 –11,575

Cash ﬂow from financing activities

Proceeds from interest-bearing liabilities 10,000

Repayments of interest-bearing liabilities –11,000 –11,000

Repayments of lease liabilities –5,963 –7,251

Dividends paid –6,334

Cash ﬂow from financing activities –23,298 –8,251

Change in cash 1,309 26,854

Cash and bank at the beginning of the period 51,380 25,427

Eﬀects of exchange rate changes 252 –902

Cash and bank at period end 52,940 51,380



FINANCIAL STATEMENTS F-SECURE CONSOLIDATED

F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

STATEMENT OF CHANGES IN EQUITY

Attributable to the equity holders of the parent

EUR  IFRS Share capital

Share premium

fund Treasury shares

Translation

diﬀerences

Unrestricted

equity reserve Retained earnings Total equity

Equity December ,  1,551 165 –2,141 3,245 6,172 67,166 76,158

Result of the financial year 12,875 12,875

Translation diﬀerence –7,361 –7,361

Total comprehensive income for the year –7,361 0 12,875 5,514

Cost of share based payments 853 291 –486 659

Equity December ,  1,551 165 –1,288 –4,116 6,464 79,554 82,330

Result of the financial year 12,703 12,703

Translation diﬀerence 3,992 3,992

Total comprehensive income for the year 3,992 12,703 16,695

Dividends –6,334 –6,334

Cost of share based payments 439 325 1,913 2,678

Equity December ,  1,551 165 –849 –124 6,789 87,831 95,363

More information in note . Shareholders’ equity



FINANCIAL STATEMENTS F-SECURE CONSOLIDATED

F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

ACCOUNTING PRINCIPLES FOR THE

CONSOLIDATED FINANCIAL STATEMENTS

Basic information

F-Secure provides cyber security products and services globally for

consumers and businesses.

The parent company of the Group is F-Secure Corporation

incorporated in Finland and domiciled in Helsinki. Company’s

registered address is Tammasaarenkatu 7, 00180 Helsinki. A copy

of consolidated financial statements can be downloaded on

www.f-secure.com or can be received from the parent company’s

registered address.

These financial statements were authorized for issue by the

Board of Directors on 16 February 2022. According to the Finnish

Companies Act, the Annual General Meeting can confirm or

reject the consolidated financial statements after publication. The

Annual General Meeting can also decide to change the financial

statements.

ACCOUNTING PRINCIPLES

The consolidated financial statements of F-Secure Corporation

of 2021 have been prepared in accordance with International

Financial Reporting Standards (IFRS), applying the IAS and IFRS

standards as well as SIC and IFRIC interpretations that were in force

and had been approved by the EU by 31 December 2021.

Principles of consolidation

The consolidated financial statements incorporate the financial

statements of F-Secure Corporation and entities controlled

by F-Secure Corporation. Consolidation is done using the

acquisition method and begins when control over the subsidiary

is obtained. The consolidation stops when the control ceases. The

Group does not have any associated companies nor is there any

non-controlling interest in the Group.

All intra-group transactions and balances, including unrealized

profits arising from intra-group transactions, have been eliminated

on consolidation. Where necessary, accounting policies of the

subsidiaries have been adjusted to ensure consistency with the

policies adopted by the Group.

Transactions in foreign currency

The consolidated financial statements are presented in euros,

which is F-Secure Corporation’s functional currency. At each

reporting date for the purpose of presenting consolidated financial

statements the income statements of foreign Group companies

are translated at the average exchange rates for the reporting

period and the balance sheets are translated using the European

Central Bank’s exchange rates prevailing on the reporting date.

Translation diﬀerences are recognized in shareholders’ equity and

the change in other comprehensive income.

Foreign currency transactions are translated using the exchange

rates prevailing at the dates of the transactions. On the reporting

date, assets and liabilities denominated in foreign currencies

are translated using the European Central Bank’s exchange

rates prevailing at that date. Exchange rate gains and losses are

recognized in financial items in the income statement.

New and amended IFRS Standards

that are eﬀective for 

During 2021 there were no changes in the Group’s accounting

principles.

COVID- impacts on financial

reporting during 

During 2021 COVID-19 pandemic has continued to impact

F-Secure’s financial reporting by increasing the amount of

management judgment related to certain items in the financial

statements. Operationally, COVID-19 impacted the business less

than in 2020 as the Group has managed to adopt new ways of

working and delivering services.

During 2021 management has continued to regularly monitor

any indications of goodwill impairment. During the financial year

such indications have not been identified, and thus only annual

impairment testings have been carried out at the end of the year.

Testings did not result in impairment bookings.

According to management’s assessment COVID-19 may have an

impact on the liquidity of the Group’s customers in short and

longer term. In 2020, the expected credit losses according to

IFRS 9 were reassessed to include the increased risk caused by

the pandemic. No significant risks realized during 2020, but the

prolonging of the pandemic can still impact customers’ liquidity.

Therefore, the potential impacts of the pandemic have been

reassessed for 2021 and a slight risk element in the provision for

expected credit losses has been maintained.

In 2020 COVID-19 temporarily impacted the Group’s cyber security

consulting business’ profitability in certain locations. At year end

2020 the management assessed the Group’s capability to utilize

the taxable losses generated in these locations according to IAS

12 and deferred tax assets were booked accordingly. During 2021

the Group has been able to utilize these losses against the profits

generated during the financial year. No new losses in consulting

locations due to the pandemic have occurred.

Group’s financing agreement includes a committed revolving

credit facility (RCF) of EUR 23,000 thousand. At the end of previous

financial year, the Group had EUR 5,000 thousand withdrawn from

the RCF. The cash position has remained solid during 2021, and the

RCF was fully repaid during the first quarter of 2021.

Management judgment on significant

accounting principles and use of estimates

The preparation of consolidated financial statements requires the

use of estimates and assumptions as well as the use of judgment

when applying accounting principles. These aﬀect the contents of

the financial statements and it is possible that actual results may

diﬀer from estimates.

Estimates made in connection with the preparation of financial

statements are based on management’s best knowledge at the

reporting date. Estimates build upon past experience as well

as assumptions of the future development of the economic

NOTES TO THE FINANCIAL STATEMENTS



FINANCIAL STATEMENTS F-SECURE CONSOLIDATED

F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

environment of the Group. Revisions in estimates and assumptions

are recognized in the period they occur and in future periods if the

revision aﬀects both current and future periods.

Key sources where estimation uncertainty arises at the reporting

date are:

– Impairment testing: Recoverable amount of goodwill from

acquisitions is based on estimated future cash ﬂows which are

subject to management judgment.

– In addition to goodwill the intangible assets that are not yet

ready for use (EUR 2.7 million) are tested annually for impair-

ment. The recoverable amount of these assets is based on

estimated future cash ﬂows from sales and/or use of the asset.

– Deferred tax assets from tax losses: The Group has

recognized deferred tax assets from tax losses. Biggest losses

are in the UK where the deferred tax asset is EUR 2.5 million

The amount of deferred tax assets is based on management

estimation about future profits and the recoverability of these

tax losses.

– Expected credit losses: Provision for expected credit losses

in Group’s balance sheet is EUR 2.1 million. Managements has

used judgment in defining potential impacts of the COVID-19

pandemic on expected credit losses and provision has been

adjusted accordingly.

– Share-based payments: The Group’s share-based incen-

tives programs are mainly tied to market based conditions.

Management uses external valuations in determining the fair

value of the shares granted under these incentive programs.

The method for the valuation is Monte Carlo Simulation.

– Deferred consideration sales of UK public sector consulting

team: The sales price of the UK public sector consulting team

divested in December 2021 includes a deferred consideration

which is measured at discounted fair value on each reporting

date. Management judgment is used to forecast the future

performance of the divested business which is the basis for

determining the deferred consideration.

Revenue recognition

Revenue is derived from corporate and consumer businesses.

Corporate security business revenue includes cyber security

products, managed services, and cyber security consulting.

Cyber security products comprise endpoint protection solutions

(F-Secure Elements Endpoint Protection, F-Secure Business Suite,

F-Secure Cloud Protection for Salesforce, F-Secure Elements for

Microsoft Oﬃce 365), as well as solutions targeted at detecting

and responding to advanced attacks (F-Secure Elements

Endpoint Detection and Response and F-Secure Countercept)

and vulnerability management (F-Secure Elements Vulnerability

Management and phishd). Consumer security business revenue

comes through operator and direct consumer channels, and

the main products include F-Secure SAFE, F-Secure FREEDOME,

F-Secure SENSE, F-Secure KEY and F-Secure ID PROTECTION.

Endpoint protection solutions and

vulnerability management products

Endpoint protection security solutions (F-Secure Elements

Endpoint Protection, F-Secure Business Suite, F-Secure Elements

Endpoint Detection and Response, F-Secure Cloud Protection

for Salesforce and F-Secure Elements for Microsoft Oﬃce 365)

are sold to corporate customers by granting the customer access

to use the intellectual property during the license period or as

Security-as-a-Service. F-Secure delivers the product and provides

continuous automated updates against new threats. The software

and the accompanied services are highly interdependent and

therefore treated as one performance obligation for which

revenue is recognized over time on a straight-line basis for the

license period.

Consumer customer products and vulnerability management

products for corporate customers (F-Secure Elements

Vulnerability Management and phishd) are treated as Security-as-

a-Service as they do not include a license of intellectual property.

Revenue is accounted for as a single performance obligation and

recognized over time on a straight-line basis for the contract

period.

When there is a hardware component to the solution (F-Secure

SENSE) the hardware is considered as a distinct performance

obligation and revenue for hardware is recognized separately at

point in time of delivery.

Cyber security consulting services and

managed detection and response solutions

Cyber security consulting services are recognized as revenue

based on the delivery of the work. For F-Secure managed

detection and response solution (F-Secure Countercept) the

software and the service are considered as single performance

obligation. The customer is granted access to use the intellectual

property and the service is provided by F-Secure continuously

throughout the contract period. Revenue for managed services is

recognized on a straight-line basis for the contract period.

Presenting of receivables and liabilities

from contracts with customers

Receivables from contracts with customers are presented in the

balance sheet as

Accrued income

. Liabilities from contracts with

customers are presented in the balance sheet as

Deferred revenue

and included in

Total non-current liabilities

Total current

liabilities

depending on the duration of the liability.

Pensions

All of F-Secure Group’s pension arrangements are defined

contribution plans in accordance with local statutory requirements.

Contributions to defined contribution plans are recognized in the

income statement in the period to which the contributions relate.

Leases

Leases which meet with IFRS 16 requirements are booked to

balance sheet as right-of-use asset with corresponding lease

liability. Right-of-use assets and lease liabilities are initially valued

at the present value of the remaining lease payments. Incremental

borrowing rate is applied in discounting the remaining payments.

F-Secure’s incremental borrowing rate varies between 2.45% and



FINANCIAL STATEMENTS F-SECURE CONSOLIDATED

F-Secure 2021

Board of Directors’ Report

Financial statements

Corporate governance

Corporate responsibility

9.15% depending on the geographical location of the leased asset,

lease period and guarantees.

F-Secure’s right-of-use assets comprise of rented oﬃce premises

and leased cars. Short-term contracts (remaining contract

period 12 months or less) and low value assets are excluded from

leases and lease expense is recognized on a straight-line basis as

permitted by IFRS 16.

Lease contracts for the Group’s oﬃce premises are typically made

for fixed periods of 3 to 6 years and they may contain extension

options. Each oﬃce lease contract is negotiated individually

and the contracts may contain wide range of diﬀerent terms

and conditions. Some of Group’s oﬃce premises are leased with

on-going contracts where the ending date is not defined. The

management assesses the probable duration for these contracts

case-by-case and the lease liability is calculated accordingly.

Changes to the estimates are accounted for at each reporting

date. Estimated duration for on-going contracts vary between 3

to 5 years and the total liability from on-going contracts is EUR 3.0

million.

In measuring the present value of the liabilities arising from leases

any service related fees are excluded from the lease payment. The

Group’s lease contracts do not contain residual value guarantees or

purchase options.

Income taxes

The income tax expense in income statement represents the sum

of current taxes and deferred taxes. Current taxes are calculated

on the taxable income for all Group companies in accordance

with the local tax rules. Deferred taxes, resulting from temporary

diﬀerences between the financial statement and the income tax

basis of assets and liabilities, use the enacted tax rates in eﬀect

in the years in which the diﬀerences are expected to reverse.

Deferred tax assets are recognized to the extent that it is probable

that future taxable profit will be available. Deferred tax liabilities are

recognized for all temporary diﬀerences.

Deferred tax assets and liabilities are oﬀset when there is a legally

enforceable right to set oﬀ current tax assets against current tax

liabilities and when they relate to the same taxation authority and

the Group intends to settle the assets and liabilities on a net basis.

Business combinations

Acquisition method is used for accounting the acquisitions

of businesses. The consideration transferred in a business

combination is measured at fair value, which is calculated as the

sum of the acquisition-date fair values of assets transferred by the

Group and liabilities incurred by the Group to the former owners

of the acquiree. Contingent considerations related to business

combinations are measured at fair value at acquisition date and

included as part of the consideration transferred. Costs related to

the acquisition are recognized in profit and loss statement.

The identifiable assets acquired and the liabilities assumed are

recognized at fair value at the acquisition date except for deferred

tax assets or liabilities which are measured in accordance with

IAS 12 Income taxes. Goodwill is measured as the excess of the

transferred consideration over the net amount of the acquired

identifiable assets and assumed liabilities.

Changes in fair value of the contingent consideration that do

not arise within one year from the acquisition from facts and

circumstances that existed at the acquisition date are recognized

in profit or loss.

Goodwill

Goodwill is initially recognized and measured in business

combinations as set out above. Goodwill is not amortized but

is instead tested for impairment at least annually and whenever

there is an indication that it may be impaired. For the purpose of

impairment testing goodwill has been allocated to cash generating

units expected to benefit from the synergies of the combination. If

the recoverable amount of the cash generating unit is less than the

carrying amount of the unit, the impairment loss is allocated first

to reduce the carrying amount of any goodwill allocated to the

unit and then to the other assets of the unit. If an impairment loss

for goodwill is recognized it will not be reversed in the subsequent

periods. Goodwill is recorded at historical cost less accumulated

impairment losses.

INTANGIBLE ASSETS

Research and development expenditure

Research expenditure is recognized as an expense at the time

it is incurred. Development expenditure on new products or

product versions with significant new features are recognized

as intangible assets when they fulfill the requirements set out in

IAS 38. Amortization is recorded on a straight-line basis over the

estimated useful life, which is 3–8 years for these assets.

Intangible assets acquired in

business combinations

Intangible assets acquired in business combinations and

recognized separately from goodwill are initially recognized at fair

value on the acquisition date. Subsequent to initial recognition

these assets are reported at initial value less accumulated

amortization and accumulated impairment losses.

Intangible assets acquired in business combinations include

technology, trademarks and customer relationships, which all have

a finite useful life. Initial valuation for technology and trademarks

is done based on Relief from royalty method and for customer

relationships based on Excess earnings method. The estimated

useful lives for intangible assets acquired in business combinations

are:

Technology 10 years

Trademark 2 years

Customer relationships 6–10 years

Other intangible assets

Other intangible assets include intangible rights and software

licenses, all with a finite useful life. Other intangible assets are

recorded at historical cost less accumulated amortization and

possible impairment. Amortization is recorded on a straight-line