Principal risks

Description

Gamma is increasingly relying on its own development efforts to bring new products to market and at the same time the technical landscape continues to evolve rapidly to meet the requirements of business customers. It is therefore very important that Gamma's product development is guided by a market-led plan which embodies a clear understanding of what business customers require. This ensures Gamma's products remain attractive to existing and prospective customers, supporting the Company's organic growth ambition.

Potential impact

If Gamma fails to achieve this, it risks delivering products which do not meet market needs, and which are therefore likely to be unsuccessful and result in lost revenue and market share.

Mitigating actions

In 2022 Gamma undertook a comprehensive review of its processes which underpin how it gathers market input, defines customer product requirements and how these requirements inform each stage of the product development process. This process also enables employees with customer facing roles to input into the early definition of new products and services.

• In addition, Gamma appointed a new Product Management Director to oversee the management of its product portfolio and ensure this continues to be closely aligned to market needs.
• Gamma ensures that it maintains a two-way dialogue with its customers to understand their needs, primarily via direct customer and wholesale channel partner feedback processes.

Description

Reliable, high-quality business communications services are critical to Gamma's customers and are the core components of the Company's products and strategy. Therefore, maintaining very high levels of service availability is central to Gamma’s credibility, competitive positioning and its financial performance. This is particularly so as it serves the business market and public sector, and any disruption to Gamma’s service affects the ability of its customers to provide critical services.

Potential impact

If any of Gamma’s services are disrupted and therefore unavailable to its customers for any material length of time, then this could result in loss of customer confidence, with consequential reputational impact and loss of customers. This would have a direct impact on product and revenue growth and could result in significant financial loss.

Mitigating actions

Gamma operates a comprehensive operational governance framework to manage the availability and performance of its services. This includes the design and architecture of its network for resilience, capacity planning, change management and security. Business continuity planning and rehearsals are routine components of the governance framework. This governance is subject to external audit via the ISO 22301 certification. The Company also has fraud management applications used to identify unusual voice traffic patterns quickly within its 24/7 operational monitoring.

Regular reviews take place with key suppliers and there is an internal fortnightly “Supplier Management Meeting” chaired by Gamma’s Procurement Director, which seeks to improve supplier performance as well as address supply chain risks as they arise.

There is a mature Incident Management process that is rehearsed on a regular basis. This capability is available 24x7x365 and ensures the business can respond immediately to events that may impact the performance of the services provided to customers. This Incident Management process includes the potential to activate an Emergency Communications Committee, ensuring that the Company maintains effective communication both internally and externally with customers, suppliers and where necessary the media and regulatory bodies (the latter is supported by specialist agencies). This process is rehearsed at least once a year and was last tested during 2022.

Gamma recognises that occasional technology failures cannot be avoided despite rigorous change management and testing, particularly when it comes to the deployment of new products at pace to maintain a competitive advantage.

Description

By its very nature, Gamma’s network infrastructure provides customers with open access to the internet and global voice networks. As such there is a risk from cyber threat and telephony fraud, as well as to the physical infrastructure.

Cyber attacks are constantly evolving, and Gamma recognises that it could be a target for both sophisticated attackers as well as nuisance attackers. Gamma may also be targeted through:

1. Downstream services provided to key sectors e.g. where customer equipment is targeted.
2. Upstream partners Gamma works with e.g. where Gamma products integrate with other products provided by partners such as Microsoft.
3. Potential breaches of security within its own supply chain e.g., where critical corporate business applications could become compromised.

Gamma holds various types of data and its network carries customer communications, which heightens the risk of data related attacks.

Potential impact

A breach of security could have a significant reputational impact and in some cases also impact Gamma's commercial position. Potential fines could also be enforced if the Company was found to be in breach of its obligations relating to various regulations e.g., GDPR.

Mitigating actions

Gamma continues to adapt its governance structure to ensure best practice is followed in the identification and management of information and cyber security threats. This includes increased frequency and broadened scope of both routine and bespoke penetration testing; continuous compliance checks; integrated security behaviours training, which is mandatory for all employees; dedicated security roles to track how cyber threats are evolving and are best detected; and Board oversight of the maturity of the governance structure.

Gamma’s core infrastructure and operations are certified under ISO 27001 for security. Gamma's Corporate infrastructure is certified against the National Cyber Security Centre's (NCSC) Cyber Essentials Plus scheme.

The Company is represented in various industry forums to ensure it is aware of emerging threats, methods employed by malicious actors and best practice in the identification and mitigation of cyber risk. Gamma has been actively engaged in industry discussions regarding the recent Telecommunications Security Bill and will be regulated under the resulting Code of Practice in the coming years.

Gamma carefully considers the cost vs benefit when it comes to investing in controls against cyber-attacks, as well as how its peers are approaching this risk. Targeted investments are made in preventative, detective and responsive controls but it is accepted that some service disruption resulting from cyberattacks is possible.

In 2022 Gamma has ensured that acquired European subsidiaries have integrated security controls to the same level of maturity as in the UK.

Description

The business relies on a number of key suppliers to provide elements of its products and services. For example, cloud and software providers that are integral to the development of Gamma's products as well as equipment from various hardware and software suppliers that facilitate Gamma's operational activities.

Potential impact

Failure of one of these suppliers to perform may have an impact on the Company’s ability to deliver products and services. Due to the nature of the services provided, over-reliance on any single supplier may result in delays with product development or unplanned service interruptions.

Mitigating actions

Where possible, the business avoids significant reliance on individual suppliers, dual sourcing wherever possible. This reduces the potential for operational issues and enhances Gamma’s ability to react to market and customer developments. Gamma is more tolerant when it comes to reliance on dominant “tech suppliers” as their risk profile is lower and working with them is essential in certain selected markets or product segments.

Suppliers of important services are monitored carefully and are subject to regular performance reviews which include adherence to Gamma’s information security requirements and broader service KPls. In addition, Gamma undertakes annual audits with these suppliers to assure areas such as data protection and cyber security.

Description

The business has grown rapidly over the last few years and is facing increased risk regarding talent acquisition and retention due to conditions in the employment market and the scarcity of UCaaS skills. There is a risk to continued growth, product portfolio expansion and entry into new markets, should the business be unable to attract, develop, and retain enough people of the required skill and experience. This risk is exacerbated by the current inflationary environment as this applies increasing financial pressure on Gamma to maintain competitive salary levels.

Potential impact

Gamma is dependent upon recruiting and retaining enough skilled people to achieve its strategic priorities. The business has become increasingly reliant on employees with experience of modern technologies and design principles in order to develop and support its products.

Recruiting new people with skills which are in high demand is costly, as is the inability to retain people. Failure to attract and retain enough talent also has a compound effect on existing employees who feel pressures from additional workload and mental strain lowering productivity and employee engagement.

Mitigating actions

Gamma has a well-established reputation for being a good employer. This is achieved in part by encouraging internal development and promotion, and relying more on external recruitment for specialist skills. The business also recognises that employee reward remains a key factor in attracting and retaining talent and this has been actively reviewed and enhanced in 2022. For instance, Gamma took positive and decisive action for its lowest paid employees, increasing the minimum salary and in addition providing a one-off “Cost of living allowance”. Gamma has also made various out of cycle salary adjustments to reduce the risk of people with specialist skills leaving the business. Employee reward will remain under continuous review into 2023 to ensure Gamma remains competitive within the employment market.

Employee satisfaction is measured formally annually using the “Gamma Pulse survey”. Anonymous feedback is provided through this platform which has enabled managers to act more swiftly to reinforce positive trends and tackle any negative sentiment.

The Chief People Officer uses People related KPIs that are shared with the Executive Committee and Board to measure various topics, from engagement and retention through to employee sickness (including mental ill-health), gender diversity and gender pay gap.

Gamma sees the opportunity that flexible working provides as part of its employee value proposition and moved to a hybrid working business model in 2022.

Gamma is committed to its People Agenda, with focus on development and leadership programmes, succession planning, employee wellbeing, developing its diversity and inclusion, charitable giving, as well as effective employee engagement initiatives.

Description

The market for buying and selling communication services is changing and businesses are researching and procuring services in a wider range of ways. Gamma must respond to this changing behaviour to be able to continue to drive customer acquisition, to increase the value of each customer relationship and to maintain the successful growth of the business.

One of the changes is an increase in the time spent researching and procuring services online, across all types of business. This means Gamma must continue to evolve its go to market model to capitalise on this opportunity.

Potential impact

Gamma's inability to adapt to the changes in a timely manner could limit its opportunity to grow as the business needs to have access to the largest possible proportion of its target audience for each of its key products and services.

Mitigating actions

Gamma has invested in both product management and marketing expertise in 2022, developing both areas of the business and rebranding its European businesses to drive brand awareness.

CircleLoop, Gamma's fully digital UCaaS product, which is available in the UK, was also launched in both German and Dutch markets in 2022 and is intended to capitalise on the growth opportunity linked to digital buyers.

Gamma is also focusing on the way each of its products and services align to the market it is serving. In 2022 Gamma started to implement changes designed to align its sales and marketing teams to customer segments and provide focused efforts towards addressing how each segment procures IT and communications products and services, with close monitoring of how these buying behaviours change over time. These structural changes will further strengthen Gamma's ability to understand and leverage buying behaviours and ensure its routes to market remain relevant.

Description

The lack of a clear view of the competitive landscape could result in Gamma being unable to identify and leverage opportunities, recognise new entrants or potential competitive threats and respond accordingly. These threats could include for example, new market entrants such as software firms, aggressive competitor pricing strategies, disruptive technologies, and competitive market consolidation. In FY21 Gamma reported a separate risk related to the impact of price erosion within its markets. In FY22 this risk was subsumed into the wider threats Gamma sees within an uncertain competitive landscape.

Potential impact

These factors may impact Gamma’s position in the market due to the loss of its customers and may dilute the addressable market and slow down the rate of business growth. If the Company does not at least keep pace with the evolving market, and its competitors, in terms of product, pricing strategy and service development, then its plans for revenue growth may be negatively impacted.

Mitigating actions

One of Gamma's strengths is in its close understanding of the business market and its evolving customer needs and the Company adapts to these needs by introducing new technologies, products and services. It is not an innovator of novel products but a fast follower and seeks to address growing markets, tailoring products for the target market quickly. However, considering the changing competitive landscape close monitoring is required to remain relevant and competitive.

Gamma does not seek to differentiate itself by offering the lowest prices in its markets and instead aims to provide products and supporting services which are more attractive to its customers than those of its competitors. The planning, development and marketing of products and customer service that Gamma provides are closely aligned to the evolution of market demands and of relevant technologies.

Market insight is gathered, both through recognised industry and market experts, and internal analysis. This insight informs decision making and execution plans across multiple time horizons.

Gamma takes a cautious approach to protect price and margin on its existing products and services, and has undergone a rigorous pricing review in 2022. This is tightly governed by its Pricing Committee in the UK.

In addition, the Company undertakes a thorough strategic review every three years, supported by the Board which constantly monitors management's assessment of market changes and evolving competitive landscape. This has driven complementary strategies to continue to grow market share within its UK and European geographies.

Description

M&A remains a critical part of Gamma's future growth plans in terms of extending its geographic reach, gaining further scale in existing markets as well as acquiring new technologies as part of its products and services offering.

If Gamma fails to identify, acquire, and successfully integrate sufficient acquisitions the company could fail to achieve its strategic goals and limit its growth potential. This risk could materialise, for example, where vendors have unrealistic valuation expectations or if the Company is unsuccessful in a competitive sale process.

Potential impact

The impact of this risk could cause Gamma not to realise its full potential as a leading UCaaS provider in Europe. The economic climate coupled with unrealistic valuations is the main reason why Gamma made no significant acquisitions in 2022.

Mitigating actions

Acquisition targets are identified based on Gamma’s strategic objectives. Giving in depth consideration to what the new company could contribute to Gamma, such as geographical expansion into new markets or product and operational synergies. Potential targets are constantly sought out and analysed by dedicated personnel to support key areas of Gamma's growth strategy.

Acquisition of new businesses, particularly those in different countries, introduces both financial and operational risk. To reduce the risks associated with making acquisitions, Gamma applies specialist resource and third parties to conduct thorough due diligence, negotiation, and contractual preparation.

Gamma also ensures that its Executive Committee responsibilities are aligned to any new acquisition to support the ongoing development and growth post-acquisition.

Description

Gamma operates in a pan-European environment and is subject to various legislation and regulation in each territory. Failure to adhere to these laws and regulation may result in a loss of trust, financial penalties, suspension or loss of our licence to operate, personal sanctions and investigation costs.

Changes in regulation may also impact the UCaaS market as it develops, for example, local regulators may take a different view on the level of regulation required and therefore Gamma may either inadvertently breach local regulations (resulting in regulatory penalties and reputational damage) or could be slow to act and lose ground to competitors through overcompliance with regulation which no longer applies.

As Gamma broadens its routes to market, the territories in which it operates and its pricing strategies evolve, there could be a greater risk of non-compliance to local law.

Potential impact

The Company’s activities can be impacted by the decisions of relevant legislative, regulatory, or judicial bodies both domestically and in other non-UK territories within which it operates, the outcomes of which could put Gamma at a competitive disadvantage in its target markets.

Legal and regulatory non-compliance could lead to significant reputational damage and resultant fines.

Changes in legislation or regulation could result in additional investment being required to comply, for example the recent UK Telecommunications Security Bill and future BEIS reform.

Mitigating actions

Gamma does not seek to influence regulations in every market, but may choose to do so in selected markets, considering various factors, such as the market size, our presence, and the regulatory maturity of that market.

Gamma mitigates this risk by continuing to monitor likely legislative or regulatory changes within the markets within which it operates, assessing their risk and potential impact, and by regularly engaging with regulators as appropriate.

In addition, Gamma carefully governs its pricing strategies, setting reasonable thresholds and a governance process that extends across the Gamma Group. In the UK where Gamma carries a large market share of Cloud PBX and SIP trunking, a central Pricing Committee operates to control and agree pricing limits and incentives.

Furthermore, specific training surrounding competition law and anti-competitive behaviour is provided to employees with roles where this risk may occur.