January 23, 2017
VIA EDGAR
United States Securities and Exchange Commission
Division of Corporate Finance
100 F Street, N.E.
Washington, D.C. 20549
Attn: Ms. Cecilia Blye
Chief, Office of Global Security Risk
Re: Commvault Systems, Inc.
Form 10-K for the Fiscal Year Ended March 31, 2016
Filed May 6, 2016
File No. 1-33026
Dear Ms. Blye:
We are submitting this letter in response to your comment letter dated January 13, 2017 regarding the above referenced filing by Commvault Systems, Inc. (“Commvault” or the “Company”). For your convenience, we have set forth each of the Staff’s comments in bold type and each comment is then followed by the Company’s response.
General
1. You disclose in your Form 10-K that you have sales infrastructure and distribution in the Middle East and Africa. Syria, located in the Middle East, and Sudan, located in Africa, are designated by the State Department as state sponsors of terrorism and are subject to U.S. economic sanctions and export controls. Your Form 10-K does not provide disclosure about those countries. Section 5.18(a) of a June 30, 2014 credit agreement filed as Exhibit 10.11 to your 2014 first quarter Form 10-Q sets forth a representation stating that you are not located, organized or resident in a Designated Jurisdiction, which is defined to include Syria and Sudan, other than de minimis operations in any Designated Jurisdiction that are not in violation of any sanctions and are otherwise in compliance with applicable law. Please describe to us the nature and extent of any past, current, and anticipated contacts with Syria and Sudan, whether through subsidiaries, affiliates, distributors, resellers, or other direct or indirect arrangements. For instance, you identify Huawei as a vendor in the Form 10-K, and we located a recent news article which reported that you and Huawei announced plans to create a joint lab to develop certain solutions; two years ago, Huawei agreed to distribute your software with Huawei OceanStor data storage systems; you and Huawei collaborated to create an integrated offering with bundled service agreements; and you collaborated for the Huawei Cloud
1
Data Center Offerings. News articles report that Huawei sells its products and does other business in Syria and Sudan. You should describe any products, components, technology or services you have provided to Syria or Sudan, directly or indirectly, and any agreements, commercial arrangements or other contacts with the governments of those countries or entities they control.
Commvault has no known past, current or anticipated contacts with Syria or Sudan, whether through subsidiaries, affiliates, distributors, resellers or other direct or indirect arrangements. Further, to the best of its knowledge, the Company has not directly or indirectly provided any products, components, technology or services to Syria or Sudan (or to customers located in these jurisdictions), nor has Commvault had any agreements, commercial arrangements or other contracts with the governments of those countries or entities that they control.
Huawei and Commvault are party to a Master Purchase Agreement, as amended (the “MPA”), and certain related agreements that allow Huawei to resell Commvault software and services. The MPA specifically allows Huawei to resell Commvault products and services “…except as prohibited by U.S. or other applicable export laws and regulations.” The MPA goes on to provide that the Territory in which Huawei is permitted to resell company products and services means:
“…countries and regions excluding…., Cuba, North Korea, Sudan, Iran and Syria. …[N]o sales may take place in Cuba, North Korea, Sudan, Iran or Syria under any circumstances.”
Commvault conducts its business in accordance with all applicable U.S. export control laws and regulations, including those relating to countries designated by the U.S. State Department as sponsors of terrorism or as subject to economic embargo and export controls. Commvault also maintains a global compliance program which consists of: a system of controls integrated with internal accounting and customer reporting databases; screening of every customer or potential customer at the time the Company is made aware of the possibility of a relationship (when the potential customer information is first entered into our systems), and again prior to the consummation of any sale transaction; contractual terms such as those mentioned above that obligate partners and resellers to comply with U.S. export laws and regulations; the use of a third-party service to verify potential customers against applicable U.S. and international watch-lists, including the Office of Foreign Asset Control (OFAC) List and the OFAC Specially Designated Nationals List; regular and ongoing training and reminders for worldwide employees regarding export control requirements; and, self-classifying our products to the Department of Commerce BIS Encryption Division on an annual basis.
2. Please discuss the materiality of any contacts with Syria and Sudan you describe in response to the comment above, and whether those contacts constitute a material investment risk for your security holders. You should address materiality in quantitative terms, including the approximate dollar amounts of any associated revenues, assets, and liabilities for the last three fiscal years and the subsequent interim period. Also, address materiality in terms of qualitative factors that a reasonable investor would deem important in making an investment decision, including the potential impact of corporate activities upon a company’s reputation and share value. Various state and municipal governments, universities, and other investors have proposed or adopted divestment or similar initiatives regarding investment in companies that do business with U.S.-designated state sponsors of terrorism. You should address the potential impact of the investor sentiment evidenced by such actions directed toward companies that have operations associated with Syria and Sudan.
2
As noted in response to comment 1 above, Commvault has no known past, current or anticipated contacts with Syria or Sudan, whether through subsidiaries, affiliates, distributors, resellers or other direct or indirect arrangements. As a result, the Company does not believe that there exists a material investment risk for its security holders and does not anticipate any adverse impact in its reputation or share value associated with business activities in Syria or Sudan.
3. In June, Huawei was issued a subpoena by the Commerce Department regarding its exports to Syria, Sudan and Iran, another U.S.-designated state sponsor of terrorism. Please address for us the potential for reputational harm to result from your business with Huawei.
Commvault has disclosed its relationship with Huawei in press releases and on its website. To date, the Company has received no comments, concerns or other indication from existing partners, customers or shareholders that its relationship with Huawei has harmed the Company’s reputation. Furthermore, we are not aware of any divestment or similar initiative directed towards companies doing business with Huawei. Given the contractual and other compliance elements in place, as noted in the above comments, Commvault believes that there is not a material risk of reputational harm as a result of its relationship with Huawei.
If you have any further questions, please feel free to contact me at 732-870-4000.
Sincerely,
/s/ Brian Carolan
Brian Carolan
Chief Financial Officer
3