Small-Cap Spotlight Report: NCC (LSE: NCC)

Many great companies still can’t resist ‘diworsifiying’ in the quest for growth. Maynard Paton studies IT specialist NCC and its costly folly beyond software escrow.


“Instead of buying back shares or raising dividends, profitable companies often prefer to blow the money on foolish acquisitions. The dedicated diworsifier seeks out merchandise that is (1) overpriced, and (2) completely beyond his or her realm of understanding. This ensures that losses will be maximised.”

The term “diworsification” was coined by legendary investor Peter Lynch in his book, One Up on Wall Street, to describe the over-expansion of a company into new growth projects and businesses they do not fully understand and which do not align with the company’s core competencies.

Market legend Peter Lynch never liked great companies that ‘diworsified’ into less appealing sectors in the quest for growth.

His book One Up On Wall Street recounted how many famous US stocks blew big money on foolish acquisitions to ensure losses were maximised during the 1980s.

Diworsification sadly remains a popular management strategy, and UK small-caps have not been immune from ambitious boardrooms trying to prove Mr Lynch wrong.

NCC is a prime example. The IT group was once dominated by a terrific subsidiary, but lots of acquisitions created a series of mishaps and the shares are now back to where they were twelve years ago:

Let’s take a closer look.

A 60% margin from software escrow

NCC floated during 2004 and immediately offered a super 30%-plus margin for ‘quality stock’ investors:

The jewel in NCC’s crown was its escrow division. The 2006 annual report showed UK escrow services boasting an incredible 60% or so margin:

Software escrow always was — and still is — extremely lucrative for NCC.

Such services act as independent middlemen between software developers and their customers. Should the developer go bust (or some other adverse event occur), the software can still be accessed by the customer through the escrow provider.

Escrow fees tend to be reliable, with NCC citing yearly renewal rates of c90%, while the associated costs — assuming ‘release events’ are infrequent — ought to be kept very low. After all, the software in question just sits on a protected server and all providers must do is ensure the server stays safe and working.

The 2006 annual report emphasised the escrow division’s ‘peace of mind’ proposition and the up-selling ‘verification’ opportunities:

Escrow continues as a ‘peace of mind’ assurance proposition which provides real benefit in all economic climates. We continue to encourage our clients to reach the correct level of protection and encouragingly, we are seeing a good increase in their levels of risk awareness.

Apart from customers taking on more escrow agreements, many are now including Verification Testing as part of their minimum standard. At present one in ten new agreements are being ordered with Verification Testing and we are seeing 40% of verifications being repeated on an annual basis.”

During 2006, NCC bought two small US escrow businesses for nearly £4m and started a German escrow operation for £0.5m. The group then claimed during 2008 it had become “the world’s largest software escrow provider” after acquiring Escrow Europe for £8m.

The 2009 annual report still showed the UK escrow division with a superb 62% margin, with the smaller European and US escrow operations boasting attractive 33% and 25% margins respectively:

But notice NCC’s assurance testing and consultancy divisions representing more than half of total revenue during 2009. These operations sported much lower margins but would eventually come to dominate NCC’s top line.

Ten years of acquisitions

NCC’s first ten years as a quoted company witnessed all of its cumulative free cash flow — approximately £100 million — spent on acquisitions:

The purchases primarily bolstered the group’s assurance and consultancy operations. Deals included:

  • Site Confidence (2007: £9 million)
  • Next-Generation Security (2009: £10 million);
  • SDLC Solutions (2010: £14 million);
  • iSEC Partners (2011: £15 million), and;
  • Matasano Security (2013: £8 million).

NCC also acquired Accumuli for more than £50 million, funded mostly through the issue of new shares.

In contrast, escrow purchases after Escrow Europe were limited to only a £6 million deal during 2011.

NCC’s rationale for expanding beyond escrow appeared plausible: the diversification boosted the group’s exposure to the fast-growing cyber-security market. The 2015 annual report explained:

The cyber landscape presents an ever-increasing and ever-changing threat to security as cyber intruders develop increasingly sophisticated ways to attack corporate networks, thereby gaining access to organisations’ sensitive and valuable data.

NCC Group has one of the world’s largest security consulting teams. It delivers over 112,000 testing days per year to organisations worldwide. The Group’s global presence offers clients skilled and experienced expert services, complemented by a world-renowned research team.

With the recent addition of Accumuli, the Group is expanding these services further. The Group is now able to provide 24-hour, 365 days, frontline support to major organisations as well as steering them through the myriad of different security and data products that are available and suitable for their needs.

NCC then went ‘all in’ on cyber security when it purchased Dutch firm Fox-IT for £94 million. NCC explained at the time:

This is a unique opportunity to acquire a leading, substantial European cyber security business that focuses on security analysis and threat intelligence; at a time that organisations globally are only now beginning to appreciate that they need to be proactive, not reactive, in dealing with cyber security.

Fox has an impressive reputation and brand with a high-quality client base, including government security departments and global organisations. The business also has a range of complementary professional and managed services and products which we aim to distribute internationally.”

The Fox-IT deal was huge compared to the group’s (declining) free cash flow and its previous purchases:

After Fox-IT, profitability once dominated by escrow had become evenly balanced between escrow and assurance/consultancy:

Profit warning

The 2016 results said Fox-IT was performing “in accordance with expectations” and revealed the entire assurance/consultancy division had enjoyed 25% organic sales growth.

Escrow meanwhile was plodding along with single-digit growth albeit supported by a still-remarkable 57% divisional margin:

Three months after the publication of the 2016 results, a profit warning emerged:

The loss of three major contracts along with difficulties with contract renewals within the managed security services business unit (formerly Accumuli plc) is causing a significant erosion of margin. The Group is working to remediate this position.

Fox-IT continues to be slowly integrated into the Group but the lumpy nature of its product revenues and a large contract deferral allied to complex Government relationships makes this process more challenging.”

The shares fell from 300p to 200p as the market suddenly realised cyber-security contracts were not always that predictable:

At least NCC’s warning acknowledged the escrow division had “continued to perform strongly“.

Indeed, NCC confirmed escrow renewals were forecast to be £21 million for 2017 — £1 million greater than escrow revenue for 2016.

Another warning a few months later reiterated the contrasting divisional fortunes:

The rate of sales growth and subsequent delivery in the Assurance Division in the third quarter to date has been lower than had been anticipated in both Security Consulting and Software Testing and Web Performance.

The Escrow Division continues to perform in line with expectations.”

Those 2016 results included substantial write-downs of £19 million that, with hindsight, suggested acquisitions prior to Fox-IT had not gone entirely to plan:

Those 2016 results also bemoaned company boards lacking IT skills:

A cultural change is needed as the majority of boards do not have executives with the necessary IT skills, let alone an understanding of cyber security. Most board directors who have extensive operational and financial expertise in their industries and the corporate world, have minimal, if any, formal education in IT.

The irony back in 2016 was NCC’s board comprised five chartered accountants and an MBA… all of whose bios lacked obvious “formal education in IT“:

Note that the non-exec chairman at the time may not have been completely objective about Fox-IT and ‘diworsification’ generally. His corporate advisory firm collected fees for working on the deals:

During the year the Audit Committee approved corporate finance fees payable to Rickitt Mitchell & Partners Ltd of £750,000 (2015: £748,500) in relation to the fundraise and the successful acquisition of Fox-IT in November 2015. Paul Mitchell is Non-Executive Chairman of both the Group and Rickitt Mitchell & Partners Ltd.

The 2017 results inevitably showed a thumping loss following write-downs and other ‘exceptional’ costs that amounted to £71 million:

Back to escrow

Fast forward to 2021 and a revamped board decided this time to go back to escrow. An enormous £153m was paid to acquire the escrow business of Iron Mountain (‘IPM’):

NCC stressed IPM’s lucrative escrow economics:

  • 80% of the IPM Business’s revenues are recurring or re-occurring.
  • EBITDA of $21.6 million (£15.4 million) in 2020 equates to an EBITDA margin of 65.7%.
  • Cash conversion ratio of over 90% for the last three years.

But NCC’s assurance/consultancy efforts still excited the board. Earlier this year management gave a strategic target of cyber-security sales growing at a double-digit pace with a mid-teen margin:


Escrow meanwhile would maintain slower, single-digit growth albeit underpinned by “global market leadership“.

Two months after that strategy was announced, another profit warning confirmed a further bout of assurance/consultancy problems:

The Board now expects Assurance (Cyber Security) revenue growth on a constant currency basis to be low single digits compared to the high single-digit growth outlined in our FY23 interim results.

As a result of lower Assurance revenue, Group Adjusted operating profit is now expected to be within a range of £28m to £32m after the impact of FY23 strategic investments.”

NCC’s revised profit forecast of approximately £30 million compared to the group’s earlier projection of £47 million.

At least NCC said its escrow operations remained “on track to perform as set out in our FY23 interim results“.

NCC’s next chapter

NCC’s 2023 full-year results will be announced later this month after the auditor — perhaps not surprisingly — requested more time to study the accounts.

The forthcoming results will outline “the next chapter of NCC’s strategy“, which hopefully can improve upon the acquisitive chapters already written.

Early strategic progress includes opening overseas ‘delivery centres’, rebranding services and — importantly — developing greater recurring revenue from the assurance/consultancy work.

Certainly, NCC’s current chief executive — appointed only in 2022 — has been busy refreshing his leadership team. Recent recruits for the next chapter include:

  • A new chief financial officer;
  • A new chief marketing officer;
  • A new chief operating officer;
  • A new chief technology officer, and;
  • A new director of ‘strategy and transformation’.

That final ‘strategy and transformation’ appointment feels quite ominous.

What NCC’s chief exec should really be doing is bringing sensible capital-allocation decisions to the top of the agenda. That way the board may well decide to:

  • Sell the unpredictable assurance/consultancy cyber-security operations;
  • Focus on the reliable escrow division that sports 60% margins, 90% renewals and still maintains “global market leadership”;
  • Limit further acquisitions to small, bolt-on escrow businesses, and;
  • Pay any surplus cash to shareholders through dividends and buybacks.

Such thinking may not excite the new senior managers, but I am sure loyal shareholders won’t begrudge a more measured approach to creating value and returns.


Peter Lynch reckoned corporate management would always find acquisitions “more exciting” than buying back shares or paying dividends, both of which required “no imagination“.

I am quite sure NCC shareholders would have been better off with buybacks and higher dividends rather than acquisitions and diversification.

Indeed, the business could have stagnated for the last ten years and still be ahead of where things stand today.

Back in 2012 after the escrow acquisitions had paused, adjusted earnings were almost 8p per share. Current forecasts show earnings recovering to almost 8p per share for 2025:

Earnings per share going nowhere just emphasises how little value NCC’s acquired assurance/consultancy revenue has created:

Indeed, since 2012, NCC’s adjusted earnings have gained £17 million after net asset value (shareholder equity) increased by £233 million. Shareholders have effectively invested £233 million for an extra £17 million — or a 7% return:

Factor in the approximate £150 million or so of amortisation, write-offs and other adjustments that have reduced net asset value as well…

…and arguably NCC earned an extra £17 million on total extra shareholder money of £383 million — or a 4% return over ten years.

Despite the persuasive ‘growth’ attractions of cyber security, NCC’s diversification plan has proven to be a costly folly. I dare say Mr Lynch would not be surprised to learn NCC’s shares are back to where they were twelve years ago.

Until next time, I wish you safe and healthy investing with SharePad.

Maynard Paton

Maynard writes about his portfolio at and co-hosts the Investor’s Roundtable Podcast with Roland Head, Mark Simpson and Bruce Packard. Maynard does not own shares in NCC.

Got some thoughts on this week’s article from Maynard? Share these in the SharePad chat. Login to SharePad – click on the chat icon in the top right – select or search for a specific share.