GitLab has again warned of material weaknesses in its financial controls because of failures to design and maintain the correct internal IT systems.

Following the code shack's Q3 financial results - which reported above expectation revenue growth of 32 percent to $149.7 million - GitLab released a 10-Q legal filing to the Securities and Exchange Commission (SEC) disclosing that the business had "identified material weaknesses in … internal control over financial reporting."

"We did not design and maintain effective controls over certain information technology ('IT') general controls for information systems that are relevant to the preparation of our consolidated financial statements," reads the report.

The statement repeats earlier warnings about lack of financial controls, and follows the publication in March of an "adverse opinion" by auditors KPMG based on full-year results for the period ending January 31, 2023.

According to the SEC, an adverse opinion means the auditors have judged that a company's financial statements taken as a whole are not presented fairly in conformity with generally accepted accounting practices (GAAP) and do not satisfy the legal requirements of the Securities Act, S-X Article 2.

Financial and investment news website Investopedia explained that an adverse opinion represents "a red flag for investors and can have major negative effects on stock prices."

The Register asked GitLab to comment further. The open core platform provider has yet to respond.

GitLab first disclosed what it is calling "material weaknesses in internal control over financial reporting" to regulators in December 2021 - its first 10-Q filing since its Initial Public Offering on the Nasdaq stock exchange.

"We have not properly designed internal controls over the preparation of our financial statements insofar as it relates to appropriately performing effective and timely review of the accounting for and disclosure of non-routine transactions. Therefore, there was a risk that a potential material misstatement of the financial statements would occur without being prevented or detected on a timely basis," the newly listed entity admitted at the time.

In the most recent filing, the business reiterated that it did not design and maintain effective program change management controls to ensure that "IT programs, data changes and migrations affecting financial IT applications and underlying records are identified, tested, authorized and implemented appropriately."

It failed to effectively implement "user access controls to ensure appropriate segregation of duties, restricted user and privileged access to our financial applications, data and programs to the appropriate personnel."

Financial reporting, review of stock-based compensation, and the accounting for non-routine transactions were all affected by these problems, the report reveals.

Although the biz admitted these weaknesses in financial controls, the report argues that the CEO and CFO "concluded that our unaudited condensed consolidated financial statements … present fairly, in all material respects, our financial position, results of operations and cash flows for the periods presented in conformity with US generally accepted accounting practices."

GitLab also revealed it is making "remediation efforts" to fix the material weaknesses. The report states that it was "taking the steps that we believe will address the underlying causes of the material weaknesses," echoing a statement made in March.

GitLab has yet to report a net profit. For Q3 2024, it disclosed a net loss of $285.2 million - up from $48.5 million in the same period a year earlier. ®

https://www.theregister.com//2023/12/07/gitlab_finance_control_warning/