Sustainability Report

The board acknowledges its responsibility to consider the impact of the company’s operations on the community and the environment in its decision-making, and is committed to the principles of sustainability in achieving SecureData’s strategy to deliver long-term, sustainable, above-average returns to shareholders. Sustainability encompasses social and environmental responsibility as well as corporate governance and ethics, and the principles of sustainability are fundamental to the way in which the group interacts with all its stakeholders: investors, customers, suppliers and employees.

The group remains committed to:

• providing our customers with the integrated and environmentally sound solutions they require to meet their sustainable development objectives;
• acting in the best interests of our principals and representing them in a manner that reflects their sustainable development objectives;
• ensuring an inspiring climate for our employees to work in and within which all have equal opportunity to fulfil their aspirations and be proud ambassadors of the group;
• delivering sustainable returns to our shareholders that are not achieved at the expense of future generations; and
• being regarded as a responsible corporate citizen by all our stakeholders, including the communities in which we operate.

Furthermore, the concept of sustainability applies beyond the group’s immediate stakeholders to care for the environment and to support the sustainable development of communities across the world. Ultimately, every employee is responsible for the sustainability of the organisation through a dedicated fulfilment of their respective roles in the context of the group’s values and ethics.

Environmental sustainability in the ICT industry

The growth in the use of information technology in business and in the home over recent years has driven the technology sector’s usage of energy and generation of carbon dioxide to a significant part of the global total. All participants in the ICT industry have a responsibility to tackle this energy use by maximising utilisation and efficiency of IT systems and networks. Improving efficiency of IT systems is often referred to as ‘green IT’ and there are a number of ways in which SecureData subsidiaries are helping their clients to become more efficient, or ‘greener’, in their use of IT. Some examples include:

• Server virtualisation – the average Intel server only uses 5% to 15% of its capacity (UNIX 15% to 20%) and the rest of its capacity is available for use with no increase in power usage, floor space or cooling capacity. Consolidating the use of servers (processors), known as virtualisation, allows much better utilisation of their processing capacity and also enables a single operator to control more servers.
• Storage virtualisation – the amount of data being stored digitally is growing at a staggering rate of 45% per year. The underutilisation of server processing capacity noted above applies equally to servers used for storage, and virtualisation in storage offers scope for greatly increased efficiency.
• Information lifecycle management – involves improving the control of the huge amounts of information being stored. Reducing duplication of data and deleting obsolete data through appropriate management will reduce the ‘information landfill’ noted above.
• Desktop power management and thin client technology – it is estimated that there are 1,2 billion active personal computers (“PCs”) across the globe, all using electricity and contributing an estimated 60% of the ambient temperature in offices which then require more energy to cool. Thin client technology means transferring the processing power (which is the energy-intensive part) from the desktop to central servers. The typical thin client desktop terminal uses only 10% of the energy of the equivalent PC.
• Unified communications and video conferencing – these have huge potential to reduce the time executives spend travelling, increasing their efficiency and reducing the cost and environmental impact of road and air travel for businesses.

Environmental sustainability in SecureData’s own business

SecureData recognises its responsibility to reduce carbon dioxide output through more efficient power use in order to play its part in mitigating climate change. As well as applying the principles of ‘green IT’ to its own businesses, the group implemented the following best practice objectives in environmental management:

• Comply with legal environmental requirements, for example the European Waste Electrical and Electronic Equipment (“WEEE”) regulations
• Purchase environmentally sensitive products wherever possible by:
  • purchasing products displaying the ‘environmental choice’ label;
  • purchasing recycled paper products; and
  • considering packaging, recyclability and biodegradability of products.
• Seek to minimise waste by:
  • reusing paper;
  • recycling paper and all other recyclable products;
  • refilling toner and printer ink cartridges; and
  • maintaining an electronic filing system instead of a paper one where possible.
• Seek to minimise energy use by:
  • turning off all unused equipment;
  • setting monitors to automatically power down after non-use;
  • turning off lights;
  • using low-energy bulbs wherever possible; and
  • using solar battery rechargers
• Seek to minimise transportation impacts by:
  • using public transport whenever possible;
  • sharing a single vehicle for work and home;
  • minimising mileage; and
  • supporting community and other environmental initiatives by active involvement.

Empowerment and employment equity

SecureData places particularly high value on the abilities and contributions made by employees in the development and achievements of its businesses. The group’s employees are seen as important stakeholders in the business and their training and development is a material aspect of the group’s sustainability. Around the globe, the group is an equal opportunities employer. The group strives to afford all staff members opportunities to realise their full potential and advance their careers. The group is committed to a working environment that is free from any discrimination and seeks to develop skills and talent inherent in its workforce. The group is open to new partnerships that will increase shareholder value and is committed to ploughing back skills and resources into the South African community and into the local communities in which the group operates around the world. All the South African operations have committed themselves to a transformation process designed to minimise barriers to employment equity. Significant progress has been made in achieving the employment equity plan goals. Since a substantial portion of our business interests exist outside South Africa, employment equity plans are established on an individual entity basis.

Corporate governance, organisational integrity and ethics

The group’s corporate governance structures and procedures are described in detail in the corporate governance report on pages 17 to 20. The board recognises that good corporate governance is vital to the sustainable growth of SecureData.

Social and ethics committee

The new Companies Act requires that companies establish a social and ethics committee within 12 months from 1 May 2011. The board recognises the requirement and will establish the committee within the required time frames.

Management reporting

The group has established management reporting disciplines which include the preparation of annual budgets by operating segmental divisions. Monthly results and the financial status of operating segmental divisions are reported against approved budgets. Profit projections and cash flow forecasts are reviewed regularly, while working capital, borrowing facilities and bank covenant compliance are monitored on an ongoing basis. All financial reporting by the group, including external financial reporting and internal management reporting, is generated from the same financial systems which are subject to the internal controls and risk management procedures.

Operating environment

SecureData’s three divisions give the group exposure to three separate parts of the IRM supply chain particularly and enable it to supply the leading hardware and software brands as well as the group’s own services to its customers. Two of the group’s three operating divisions are based in South Africa and the third in Europe, mitigating the risk of exposure to a single geographic region. The group diversified its dependence on key vendors of the last few years with group services now contributing 24% of revenue.

SecureData operates within the IRM market within its territories with a well diversified risk profile and with the opportunity to provide sustainable long-term benefits to all its stakeholders: shareholders; employees; customers; suppliers and the communities in which it works.

The group operates a strategy of supporting decentralised, standalone business units. Our managers are held accountable for the performance of their business units, which includes understanding and responding to the financial and operational risks they face.

The board, however, recognises that some elements of risk management can be achieved only on an integrated basis and, as such, are controlled centrally. The group’s risk management policies and procedures are summarised in the report.

The risk management process has identified certain key risks faced by the group, some of which are summarised in the key risks section of this report. The risks identified do not necessarily comprise all those affecting the group and the risks listed are not set out in any particular order of priority. Additional risks and uncertainties not presently known to the group or the directors or that the group or the directors currently consider to be insignificant, may also adversely affect the group’s business or operations.

Key risks

Macroeconomic environment

The group is exposed to the world’s developed and developing markets. If conditions worsen, the group’s operations and reported results will be impacted. The board believes that the group’s divisional structure, multiple lines of business and geographic diversification will enable it to deliver a relatively resilient performance.

Financial risk related to financial instruments

These risks include market risk (currency risk and interest rate risk), credit risk and liquidity risk. The group seeks to minimise the effects of these risks by using derivative financial instruments to hedge these risk exposures. While the group utilises derivative financial instruments where appropriate, the board cannot predict the effect of exchange rate fluctuations upon future operating results and there can be no assurance that exchange rate fluctuations will not have a material adverse effect on its business, operating results or financial condition.

Dependence on key vendors

If any one of the group’s principal vendors terminates, fails to renew or adversely changes its agreement or arrangements with the group, it could materially reduce the group’s revenue and operating profit and thereby seriously harm the group’s business, financial condition and results of operations. The group reduced its dependence on certain key vendors with the largest key vendor contributing less than 20% of the group’s revenue in 2011.

Working capital

The group’s business is working capital intensive; this is particularly relevant for SecureData Africa. SecureData Africa’s working capital is utilised to finance accounts receivable and inventories. SecureData Africa relies largely on revolving credit and vendor inventory purchase financing for its working capital needs. Typically, SecureData Africa carries inventory quantities which are sufficient to enable it to promptly meet anticipated customer demand. SecureData Africa maintains inventory levels based on its projections of future demand and market conditions. Any sudden decline in demand or technological change could cause it to have excess or obsolete inventories. If actual market conditions are more favourable than forecasts, additional inventory reserves may be required. While SecureData Africa takes steps to mitigate this risk by including protective provisions in its purchase agreements with vendors, there can be no assurance that such risks will be obviated.

Management of future growth and acquisition risk

The group’s planned growth strategy will continue to place additional demand on the group’s management, customer support, administrative and technological resources. If the group is unable to manage its growth effectively, its business operations or financial conditions may deteriorate. To date, the business of the group has grown through acquisitions and through organic growth. The group will continue to consider further acquisition opportunities. If the group is unable to successfully integrate an acquired company or business, such acquisition could lead to disruptions to the business. If the operations or assimilation of an acquired business does not accord with the group’s expectations, the group may have to decrease the value attributed to the acquired business or realign the group’s structure.

Payment discounts, product rebates and allowances

The group receives significant benefits from purchase and prompt payment discounts, product rebates, allowances and other programmes from vendors based on various factors. A decrease in purchases and/or sales of a particular vendor’s products could negatively affect the amount of volume rebates the group receives from such vendor. Because some purchase discounts, product rebates and allowances from vendors are based on percentage increases in purchases and/or sales of products, it may become more difficult for the group to achieve the percentage growth in volume required for larger discounts due to the current size of its revenue base. In addition, vendors may exclude the group from time to time from participation in some of their programmes.

Dependence on key personnel

The group’s future success depends largely upon the continued employment of its executive directors, senior management and key sales, technical and marketing personnel. Certain of its key employees have personal relationships with principal vendors and customers which are particularly important to the business of the group. The executive directors, senior management team and key technical personnel would be very difficult to replace and the loss of any of these key employees could harm the business and prospects of the group.

Other risks

Other risks faced by the group include:

• Impairment of business by restrictive covenants
• Intellectual property protection
• Intense competition
• Dependence on relationships with third parties
• Reduction in future profitability
• Managing and controlling widespread international activities
• Restrictions on access to capital in future
• Reduction in demand
• Pressure on gross margins
• Failure of supply arrangements
• Dependence on key information systems
• Significant exposure to credit risk

Business strategy and objectives

SecureData’s strategy is to deliver long-term, sustainable, above average returns to shareholders through the development of its three operating divisions. These divisions are run as sector-focused standalone businesses to facilitate enhanced operational and financial performance as well as to react faster to technology change.

The key elements of the group’s strategy include:

Focus on organic growth in the higher value, faster growing IRM sectors

The group focuses on the more rapidly developing areas of the IRM market where it has the capacity to deliver higher value products, solutions and services to its customers. These areas include: information security; managed security services; cloud computing and consultancy services. The central team supports the activities of the divisions in strategy, finance and acquisitions and, through the use of the holding company’s shares, provides added financial capacity for acquisitive growth.

Investment in higher margin products and services

The group focuses on fast developing hardware and software sectors including security and storage where margins are higher and where value-added services are sought by customers. The services supplied by the group, the biggest revenue line within the group, is the highest margin business.

Earnings enhancing acquisitions

The group’s strategy is to add acquisitions both to grow the business in emerging markets and to enhance and balance the portfolio of products and services offered in existing established operations.

The board has ensured that the group has the appropriate organisational profile to deliver on the strategy set out above. Each of the group’s three divisions: SecureData Africa, SecureData Europe and SensePost, has its own operational board of directors responsible for operating the businesses and growing them organically and by acquisition. This allows the divisions a high degree of autonomy to respond flexibly to the demands of their individual markets. SecureData retains overall control through its corporate governance structures which extend throughout the group and through its central finance, risk management and corporate finance functions. The board of SecureData provides overall strategic guidance and oversight and tests and monitors the individual divisions’ strategies and achievements.

The key performance indicators (KPIs) the board has selected to monitor the progress of the group are:

• Adjusted earnings per share – earnings are the ultimate measure of the profitability of the business and monitoring the earnings on a per share basis ensures that any share capital increases are aligned with the overall strategy. The metric of adjusted earnings per share has been chosen to eliminate the effect of accounting adjustments on the earnings figure.
• EBITDA – earnings before interest, tax, depreciation and amortisation and other financial items is an important KPI because it reflects the true operating performance of the group. This KPI is based on the absolute figure rather than a per share amount.

In addition to the above, the board and the divisional boards monitor many other performance metrics of their businesses including gross margins, operating margins, working capital metrics, cash generation and non-financial metrics to ensure that a holistic view of the businesses is input into all decisions which are made.

Remuneration

Remuneration policy

The remuneration committee operates a framework of policies, within which it has set the remuneration package for the group’s executive directors and senior executives. Its aim is to align the interests of management with those of shareholders in order to support the group’s strategy to deliver long-term, sustainable above-average returns to shareholders.

The remuneration committee seeks to ensure that executive directors and senior managers are rewarded for their contribution to the group’s operating and financial performance at levels which take account of the international IT industry, market and country benchmarks.

The objective of the remuneration policy is that the executive directors and senior management should receive remuneration which is appropriate to their scale of responsibility and performance and which will attract, motivate and retain individuals of the necessary calibre.

The remuneration policy distinguishes between three main classes of remuneration:

• Basic salary
• Short-term incentive – annual bonus plan
• Long-term incentive – executive incentive plans

The metrics by which the remuneration in the latter two classes are determined are aligned directly with the creation of shareholder value.

Non-executive directors’ remuneration

The remuneration committee determines the fee structure for non-executive directors, including the chairman. The directors’ fees are split into a base fee and attendance fee components, as recommended by King III.

Non-executive directors are reimbursed for travel costs necessary for attending board meetings and do not receive any employment benefits.

The terms and conditions of appointment of non-executive directors are available on request from the company secretary. Non-executive directors are not eligible to participate in the annual bonus plan or any of the long-term incentive plans.

Directors’ service contracts

The financial director and interim chief executive officer, JG du Toit, has a contract with SecureData Holdings Limited. The employment contract is terminable at three months’ notice by either party and contains contractual provisions for payment on termination of employment. All the non-executive directors have letters of appointment with SecureData Holdings Limited. Under these contracts, non-executive directors retire in accordance with the Memorandum of Incorporation of the company, which is at least every three years. Retiring directors may offer themselves for re-election.

Health and safety

The group recognises its obligation to reduce the risk of injury in the work environment and to supply a clean and safe workplace. The group undertakes to comply with health and safety regulations as set out in the jurisdictions in which the group operates around the world. Operating subsidiaries have individual health and safety policies consistent with best practice in the applicable jurisdiction, and undertake programmes and procedures to mitigate health and safety risks. This includes health and safety training for employees.

Emerging market development

SecureData’s strategy involves diversifying its operations into emerging markets around the world. The board believes that this strategy is an important part of SecureData’s global sustainable growth, and conversely that communities in the developing economies will benefit from the sustainability ethos which SecureData brings to its partnerships in these regions.

Corporate social investment

SecureData Africa houses a start-up, 100% black-owned company, within its building, rent free, which it uses as a supplier for certain professional services.

As part of a Skills Development programme, the group employs seven black learners from various colleges. The learners are on an accelerated training programme and spend scheduled time within various departments to attain pertinent skills. After a set period of time they are either offered permanent positions or are sufficiently skilled to seek jobs elsewhere within the IT industry.

The group’s social responsibility programme has entered into a formal relationship whereby they provide four bursaries on an annual basis to an independent social needs college based in Johannesburg. The college was established in August 1990, when a group of parents recognised the need to create a school for learners who are mildly to moderately intellectually challenged. Learners entering the college have delayed scholastic ability and perform below their chronological age in various school subjects. The college caters for students aged from six to 20 years.

METT Centre is a registered non-profit organisation that has been working in the field of trauma for the past 14 years. Their support programmes are focused on children in primary schools in the form of individual, group and family therapy. “Planting therapy centres in schools has become a powerful tool for children to learn and grow not only academically but also emotionally.” – Retha Badenhorst (MD METT Centre). SensePost has been involved at METT Centre for a number of years. Not only do we contribute financially, but SensePost staff assist with IT support to the Centre. More information can be found at mett.co.za