WhiteHawk Limited (WHK.AX) Earnings Call Transcript & Summary

Welcome to the General Meeting of WhiteHawk Limited. My name is Terry Roberts, and I'm the CEO and Chair of your company and will be chairing this meeting. I remind you that only shareholders present in-person, persons holding valid proxies and validly appointed corporate representatives have the right to speak and vote at this meeting. If a shareholder has appointed a proxy but is present at the meeting in-person, the proxy holder is not entitled to speak or vote. Joining us today are Mr. Giuseppe Porcelli, Chief Strategy Officer and Executive Director; Ms. Melissa King, Non-Executive Director; Mr. Brian Hibbeln, Non-Executive Director; Ms. Soo Kim, Chief Operating and Product Officer; Ms. Mindy Ku, Company Secretary. I have been informed that there is a quorum present. Therefore, the meeting is properly constituted, and I declare the meeting open at 9:01 a.m. The purpose of today's meeting is to deal with the formal business as set out in the Notice of Meeting dated 22 August, 2025. If there are no objections. And in an effort to expedite proceedings, I propose the notice to be taken as read. All resolutions at this general meeting will be decided by a poll, ensuring all eligible votes, including proxies are counted. Shareholders, proxies and attorneys can vote in real time via Computershare's live voting platform from the start of the meeting until the Chair announces the closure of the meeting. The meeting concludes once all votes are cast and final results released to the ASX and published on WhiteHawk's website. Please refer to the Notice of Meeting for references and URL to voting. Should you have any issues or unable to access live voting, please contact Ron -- Rod Somes, Returning Officer at Computershare via e-mail at Rod, R-O-D, dot Somes, S-O-M-E-S, at Computershare, dot com, dot au, [email protected] or telephone at (613) 9415-4024 for assistance. If live voting for the general meeting is open, click on meeting open for voting and follow the steps provided. On a poll, each shareholder, whether voting in-person, by proxy or by representative, is entitled to 1 vote for every share. Select for or against to cast your vote or select abstain if you choose not to vote. The Chair acting as the proxy must vote as directed. Other proxies are not required to vote, but if the proxy does so, the proxy must vote as directed. Proxy holder with open votes may vote as at their discretion. We have received proxies from a number of shareholders to streamline the meeting, details of each resolution and the corresponding proxy notes will be displayed on the screen. I do not intend to read each of them out to you. Where the proxies have appointed me as Chair and no voting directions are given, I will vote in favor of all the resolutions in which I'm entitled to vote undirected proxies. In relation to the proceedings for today's meeting, I propose to deal with formal items of business as set out in the Notice of Meeting. There will be an opportunity for shareholders to questions. Shareholders may submit questions or comments through the Zoom message function, or for those shareholders who have joined us via telephone, please send your question via e-mail to [email protected]. Please keep questions brief and relevant. They will be addressed after the formal items of business, start your question with resolution or other so that we can appropriately address your questions. I declare that the live voting is now open. There are now 7 resolutions to be considered by the meeting. As announced on 25 July 2025, the company received firm commitments to raise up to $2 million pursuant to a placement of approximately 173.9 million shares to professional and sophisticated investors at an issue price of $0.0115 per share, together with 1 free attaching option for every 2 shares subscribed for and issued, exercisable at $0.02 on or before 24 April 2028. The placement was to be issued in 2 tranches, refer to the notice for the details of the options, terms and conditions. Resolution 1 and 2 seeks shareholder ratification for the issue of a total of 135.6 million Tranche 1 Placement Shares that were issued on 11 August 2025, pursuant to the company's capacity under Listing Rule 7.1 and 7.1 alpha. Ratification of prior issue of Tranche 1 Placement Shares under Listing Rule 7.1. Details for this resolution, including proxies are on the screen. Please complete your voting in relation to Resolution 1. [Voting]

We will move to the next item. Ratification of prior issue of Tranche 1 Placement Shares under Listing Rule 7.1 alpha. Details for this resolution, including proxies are on the screen. Please complete your voting in relation to Resolution 2. [Voting]

The next item of business is approval to issue options to placement participants. Resolution 3 seeks shareholder approval for the company to issue free attaching options to placement participants on the terms and conditions as set out in the Notice of Meeting. Details for this resolution, including proxies are on the screen. Please complete your voting in relation to Resolution 3. [Voting]

The next item of business is Resolution 4 and 5, seek shareholder approval for the purpose of Chapter 2 echo of the Corporations Act and Listing Rule 10.11 for the issue of shares to Lakaba (sic) [ Lakeba ], where Mr. Giuseppe Porcelli serves as an Executive Chairman; and Mr. Alfonso Porcelli, a closely related party of the Director. These resolutions enable Lakaba (sic) [ Lakeba ] and Alfonso to participate in the placement on the same terms as unrelated participants. Approval to issue Tranche 2 placement securities, and you know, I may be screwing up the pronunciation. Just a bit. Is it -- am I screwing it up?

A little bit, but it's okay...

Okay. Lakyba?

Lakeba.

Lakeba. Okay. I apologize. For some reason, my brain is tired and I knew that. Okay. Approval to issue Tranche 2 Placement Securities to Lakeba Group Limited. Details for this resolution, including proxies are on the screen. Please complete your voting in relation to Resolution 4. [Voting]

You know, it's the Spanish coming out in me, the Hispanic part of me. Okay. Approval to issue Tranche 2 Placement Securities to Alfonso Porcelli. Details for this resolution, including proxies are on the screen. Please complete your voting in relation to Resolution 5. [Voting]

The next item of business is approval to issue options to Copeak Limited. Resolution 6 seeks shareholder approval to issue 5.6 million options in consideration for lead manager services provided by Peak. Details for this resolution, including proxies are on the screen. Please complete your voting in relation to Resolution 6. [Voting]

The final item of business is approval to issue options to Viaticus Capital. Resolution 7 seeks shareholders' approval to issue up to 933,333 quoted options to Viaticus Capital in consideration for consultancy services, pursuant to the consultancy agreement on the terms and conditions as set out in the Notice of Meeting. Details for this resolution, including proxies are on the screen. Please complete your voting in relation to Resolution 7. [Voting]

Please finalize and submit your votes. Now if you have not yet voted, the voting will close in 2 minutes. And we are going to pause for 2 minutes. [Voting]

Everyone was provided with the opportunity to vote on the resolutions. I declare the polls closed. This concludes the voting on the resolutions of the meeting. The matters contained in the Notice of General Meeting have been addressed, and I formally declare the meeting closed at 9:14 p.m. -- a.m., sorry. As previously stated, the results of the meeting will be made public on the ASX website as soon as possible. We will now proceed with a presentation on the company's progress and outlook, followed by responding to shareholder questions and comments, submitted via Zoom chat or email. So please do, if you have any questions, now is a great time to formulate them and submit them so that we can address them by the end of this short company update. Okay. So we're excited, as always, to give you an update about the company. As you may know, all of our 3 major product lines are actually proven and scaled and have been implemented across many customers. So the focus of today's presentation is going to be on some strategy and partnership updates. Everything is focused on growth and sales because we're in a really good place from a product line standpoint. Next. So I think the good way to think about us about WhiteHawk is that traditional cybersecurity of which I was a part of, starting in the late 1990s is very complex, additive, still has a lot of manual processes, is hard to scale and extremely expensive. And so globally, it is estimated that only 10% of all companies and government organizations can afford traditional cybersecurity. They don't have in-house teams and they're never going to have the budgets. So our focus has always been on how do you provide a next-generation approach to enable all companies to have access to cyber resilience, but also the 10% to have a sanity check on their inside team or their service provider. Next. So this actually list of issues was put together by Fortune 100 CISOs who had major cyber events. And they said, these were the areas that corporations and organizations should focus on when they're putting in place a digital age risk to resilience program. And so this is how we have structured our Cyber Risk Program approach in support of clients across all sectors, so that they can, with confidence, address these issues smartly and in an automated fashion. Next. So looking at some of our strategic priorities for '25 to '27. Obviously, if we do what we're doing at scale, then we can bring more AI innovation in, and I'm going to talk about that later. We're also looking at how to broaden the partnerships, so that we have greater distribution. And then obviously, that should result in revenue acceleration. Next. So looking at 12 months out, 18 to 24 and 3 years out. But obviously, I'm very focused on the next 12 months, and we put a lot in place over the last 6 months to be able to fully leverage the next 12. Next. So our business pipeline priorities. The distribution partnerships are very important for us. So as you may remember, of one of our product lines is our Cyber Risk Platform as a Service. We can white label this platform for partners. So in this way, we can provide them a Platform as a Service. We can load it with all of their client data, and then they can wrap a service around it. And that is the best return on investment for us and profit margins for us. So we are really digging into this model. We have proven it at a smaller scale, and now it's time to do it at a bigger scale. And then we can also, right, anything we do, any of our analytics can be also API-ed out to partners in order to scale our sales. So expanding the consulting and AI firm partnerships, I'm sure you saw the amazing announcement that we have put in place a strategic partnership with DoxAI. And I'm going to go into detail of how we are working with them to provide a more powerful and streamlined service to their clients and to our clients and to new clients, okay? Idea Entity is a slightly similar model where they focus on advancing AI-based processes, but internal to the U.S. government and also across the U.S. federal contractor space. And we're already starting to engage with their clients because of something that I'll go into in the future in our next quarterly, which is that the cybersecurity model certification is now on track in the U.S. and has to be implemented by companies starting in November of 2025. So we're working that with Idea Entity. And if you go to the last box, with one of our long-term partners, Dun & Bradstreet. And then in other words, working with these companies that they can leverage our Software as a Service, Platform as a Service and wrap their service around us and then engage across health care, finance and professional firms. On the government clients -- sorry, let's go back, please. On the government client side, in the third box, we're focusing on our Cyber Risk Analyst Platform as a Service, okay? And all -- we just did a proposal that we submitted to the Office of the Secretary of Defense per their request, and we hope to hear about that over the next month. And then AI-based Critical Infrastructure Global Entity Illumination is a new product line that we created last year that can basically put together a list of all critical infrastructure entities in any region in the world. And we're also in conversation with the Australian Home Affairs Office regarding this capability because what we find is a majority of countries and states and cities don't know all the critical infrastructure entities in their region. And then last but not least, I know you saw our announcement in May about the GSA SCRIPTS contract vehicle. This proposal that we just put into the Office of the Secretary of Defense actually relates to that. And so we're hoping that, that will help to drive task orders to come out on it that we have shaped so that we can respond to them. We also are about to launch new marketing campaigns with Carahsoft for our Cyber Analyst Internship Platform as a Service across all Canadian and U.S. public universities. We actually submitted the substance for that this week. And then continuing to work with Amazon Web Services, who we sell our assessments via their marketplace and Peraton, who has been a long-time defense industrial-based partner of ours. And there -- and we're working with them on the CMMC capability that I mentioned earlier. Next. So with DoxAI, this is -- we're -- it's still draft because it's living. We're literally having regular deep dives with them to hone both -- the 3 product lines that we're going to advance together, our independent cyber GRC programs, our Cyber Risk Radar, supply chain risk management and with universities our Cyber Analyst Platform as a Service, Internship Analyst Platform as a Service. So we're working through these. We have some initial engagement. And then honing the marketing materials and the engagement campaigns and lockstep with one another. And the beauty is that we can leverage their AI solutions and they can leverage our AI-based analytics and Software as a Service, Platform as a Service. Next. So these are the two primary product lines and showing where DoxAI capabilities come in right up front. They go in. They have -- they get the customer intimacy, track all their processes and stakeholders and then we bring in our solution and then we work together on putting it in place with annual subscriptions. And then the same thing with the supply chain risk management or third-party risk management capabilities. What we have found in the past is that in order to optimize their usage of our next-generation SaaS and PaaS solutions, actually having someone like DoxAI on the inside, putting all the processes and automating all the processes on the customer-facing side will really help with long-term adoption. Next. So what we've been doing with DoxAI and also Idea Entity in supporting the U.S. government is working through how this is done. So clients have their legacy processes and then we're coming in and automating them, right? So that they can leverage their human talent to do only what humans can do, which is that decision-making, that risk mitigation, not doing process management, not doing spreadsheets, not a lot of manual labor to meet compliance requirements as opposed to truly becoming more resilient. Next. And then the same approach on the supply chain risk management side. Next. Our corporate snapshot. Obviously, our objective is to get our share price out of the dirt, and to be able to use the proven product lines that we already have, all we need to do is scale the sales. And the beauty with Software as a Service and Platform as a Service is we don't have to hire a lot of additional people in order to deliver on these contracts. Next. Just a reminder that all of our data, all of our big data is publicly available information. And then we apply AI and machine learning analytics across those data sets so that we can deliver actionable cyber intelligence. Next. I wanted to give an example of one of our city clients so that you could see from 100% -- by the way, remember, all we have is -- are using as the legal name and URL of all of the city agencies. There is no proprietary data. All of this is open-source information like credit monitoring and credit reporting and yet you can have this level of fidelity down to spreadsheets of technical data. This has only become -- the ability to do this has only really existed at this level for the last 5 years. Next. And then you can see by city government, by the different sectors, the police department, the procurement agencies, the fire and rescue, the airports, the water services, literally by sector, you can dissect it. These analytics are extremely powerful. So our objective has been to be able to do it across cities, across states and even across countries. I'll give you an example. We were talking to the Australian Critical Infrastructure ISAC, and they don't have a list of all their critical infrastructure entities. And only about 10% of critical infrastructure can leverage their cyber intelligence because you have to be sophisticated. To leverage our Cyber Risk Analytics, you just have to have a brain, you don't even have to be cyber sophisticated. Next. And then lastly, our Cyber Risk Analyst Internship Programs that we have put in place across 5 U.S. universities. We have 3 that are new ones that are in process in the U.S., and 2 new ones that are in process in Australia. I am in communication with 12 different universities across Australia, and hope to have more over the next few months. What this allows them to do is to scale online internships, service state and local entities and conduct research across all those entities. We also submit grants with the universities to help them obtain the money. So we're submitting for a $1 million grant in the state of Maryland next month, in partnership with 2 universities. Next. So the leadership team. Next, the Board. And open for questions.

Great question. Can you give me an update on where we might see significant increases to revenues and become profitable, not relying on capital raises? You're singing my song. So I think near term, it's the contracts that we are working and putting in place and channels that we're putting in place with DoxAI. But I will also say this turn on the Cybersecurity Maturity Model Certification for those of you who have been with us for a while, you may remember that we implemented an automated path to CMMC back in 2019, 2020. But there was a change of administration and the regulation was frozen. So there was an entire industry that was created to make people to support CMMC certification similar to the Australian Essential Eight, okay? And then when the regulation froze, then the impetus for everyone to fill them just right, went to the wayside. We had a contract in place across 600 companies at the time. And then that got frozen, okay, as an example. Now the U.S. defense industrial base, which is estimated to be over 180,000 companies and their suppliers have to comply. So this is why we're launching engagements with Dun & Bradstreet, who has hundreds of current clients across the defense industrial base. As you may remember, it's D&B cyber compliance powered by WhiteHawk. So they can just sell our assessments and our services to their current clients. And then also working with Idea Entity the ability to engage across all the major defense industrial-based companies. So that, the partnership with DoxAI and the CMMC near term and then, of course, the GSA SCRIPTS. All we need is one of those major task orders to be able to get between USD 2 million to USD 5 million a year and have that recurring revenue. And this initial proposal with OSD gives us that lead on that. So those are the 3 areas, I would say. Any other questions? So now on the OSD proposal, we're actually a sole source because we've been working with a partner of ours. And so this would be the ability to demonstrate how our approach works. So they actually asked us to specifically to work this proposal. So it was only sent to us based on doing this 6-month pilot program. Any other questions? Yes. Social media contract, you may remember when it was renewed last year was for 2 years. So it was renewed last December. And so it was a 2-year contract. So we do not have to go through the entire process for renewal this December. So excellent question. Okay. I would like to thank everyone for attending. Thank you to our Board. Thank you for your interest, and we look forward to your continued support. And remember, you can reach out to us any time at [email protected]. Thank you.