Category: SaaS

In a landmark case related to taxation, on June 21, 2018, the United States Supreme Court ruled in favour of the state in South Dakota v. Wayfair Inc., overruling a longstanding physical presence rule (local nexus) and creating what came to be known as economic nexus which allowed states to require remote sellers to collect and remit sales tax. 

While this led to the widespread & rapid adoption of economic nexus laws by tax-dependent states, for sales taxpayers, it significantly amplified the complexity of an already complicated sales tax regime due to the lack of uniformity in economic nexus thresholds.

To put this in perspective, sales tax collection in the US in 2022 was north of $570B and a failure to comply with sales tax laws can attract penalties ranging from 10-25% of the tax amount depending on the State. That is a $100B problem statement to solve in the US alone & this is where Kintsugi comes in. They are leveraging advancements in AI to build a full-stack sales tax automation platform which can effectively track nexus, accurately predict sales tax liabilities across states, and fully automate the process of sales tax registration, filing & remittance. 

Sales tax compliance in the US can only be solved by automation

Sales tax is a critical source of revenue for state and local governments in the United States, funding essential services and infrastructure. However, the web of sales tax regulations can be intricate, causing confusion and challenges for businesses operating across state lines. The challenges in sales tax compliance are:

Large Volume of rules/regulations

US Sales Tax is levied by US State, County, City and within each city by each jurisdiction. Thus, Sales tax rates vary between streets and are determined by the exact street address. The US has 50 states, 3,100 counties and ~110k cities, each with the authority to levy their own sales tax rate/regulations. For Example: If you purchase an iPhone and have shipping for Zip Code 94305 (Palo Alto) and 94205 (Menlo Park) – you will notice a different tax amount, even though they are just 3 miles apart.

Applicability and dynamicity of tax regulations

The taxability of goods and services also varies across states. E-commerce commissions are taxable in 46 out of 50 states, whereas software sales are taxable in 22 out of 50 states. Some states exempt groceries, and some don’t. Additionally, sales tax laws are always changing. A Senate bill can go in tomorrow, and people could vote, and the law could change, making it impossible for companies to track all the changes. Tracking in a few jurisdictions is fine, but imagine tracking 110k regulations across 10k jurisdictions. Phew!

Tracking local nexus

Businesses must file sales tax returns in every state where they have a physical presence. Post-COVID, with remote working, local nexus also gets established unintentionally in all places where team members work remotely. This increases sales tax compliance even though no business activity/transaction exists.

Tracking economic nexus is very complex

On June 21, 2018, the United States Supreme Court ruled in favour of the state in South Dakota v. Wayfair, Inc., which overruled a longstanding physical presence rule, allowing states to require remote sellers to collect and remit sales tax. This meant if a seller had a physical presence in New York and sold to a consumer in San Francisco (where there is no physical presence of the seller), the seller would still have to collect taxes in both New York and San Francisco and remit to respective governments. With the economic nexus, the complexity increases exponentially – businesses need to track new jurisdictions where they might have sales tax compliance, ensure appropriate tax rates are levied on invoicing in each jurisdiction of the economic nexus and file returns in each of those states.

Cumbersome filing procedure & high cost of non-compliance

Sales tax portals are confusing and outdated. Most don’t have two-factor authentication or single sign-on (SSO). For a business to keep track of all the portals’ credentials, the sales tax deadlines and the changing laws is very cumbersome. The cost of non-compliance is high. 10% of tax due + 1% for each month’s delay, capped at 30% of the tax due.

Kintsugi aims to solve compliance by building a full stack ‘predictive’ sales tax platform

Kintsugi is building a global sales tax compliance tool that enables businesses to automate US sales tax compliance. Kintsugi sits at the origination/source of the transaction (like billing systems):

• verifies each transaction through its real-time database of rules from 110k+ jurisdictions, 
• tracks local nexus / economic nexus on a real-time basis, 
• identifies appropriate tax rates for invoicing and 
• during month-end helps with one-click remittance and filing of sales tax returns in each applicable state.

In addition, Kintsugi has also built an LLM which is trained across all Sales Tax regulations across 110k+ jurisdictions. This acts as a 24/7 support tool for tax professionals and finance teams.

With its 10-minute onboarding, seamless workflows and real-time support via LLM, Kintsugi is already becoming a go-to product for sales tax compliance for companies of all sizes in the US.

We believe this is an exceptional team solving a large global problem at an inflection point

We are proud to partner with Pujun, Barkin and Jeff at Kintsugi as we believe this is an exceptional team in terms of talent, experience & purpose. 

• Pujun brings strong AI/ML experience, having worked on indexing/ranking of Facebook stories and many ML research projects for Google/Meta. He also worked at Stanford AI Labs alongside Andrej Karpathy. Pujun completed his undergrad from Georgia, MS from Stanford and dropped out of the MBA at Harvard. 
• Barkin brings product manager skills and domain knowledge, having built similar products previously at Earnest Research. He also brings a strong finance background, having spent over 5 years at Credit Suisse & Goldman Sachs, and is currently pursuing the CPA program in the US. Barkin is a graduate of Elec & Comp Science from Yale and is an MBA from MIT Sloan.
• Jeff has spent over a decade working in technology, software engineering & data engineering. He brings a wealth of experience as an Engineering Manager at Atlassian and ex Co-founder/CTO at MonetizeNow. Jeff holds a BS in computer science from the University of Montana. 

What we really like about this team is that they strongly complement each other and bring significant talent/experience in all three aspects of tech, product and business development skills. We also believe that their energy is infectious, their vision is grand and their execution capabilities are exceptional. 

We also highlight some of the other areas that really excited us about this opportunity:

Complex & dynamic problem with a large addressable market 

The state-by-state variability, nexus determination, taxability of goods and services, economic nexus laws, filing and reporting requirements, and evolving legislation collectively create a maze that businesses must navigate to ensure compliance. 

We estimate a Serviceable Addressable Market (SAM) of c.$3-5B by 2028E, considering only the US E-commerce & SaaS businesses as ideal customers for Kintsugi. We also believe this is a truly horizontal product as the problem is sector-agnostic & global and has the potential to create a larger outcome.

Demonstrated success in the category & limited competition provide a large opportunity for a new player

There are few players in the category – long-standing tools like Avalara or more recently built tools like Anrok. This allows a new player an opportunity to reimagine sales tax compliance to make it more seamless, predictive and automated.

Avalara – Currently at ~$750M ARR. IPO’ed in 2018, reached a market cap of $19bn and was later acquired by Vista Equity Partners for $8.4 Bn in 2022. This demonstrates that the market opportunity is large.

TaxJar – Acquired by Stripe in Apr 2021. Currently available only for Stripe customers. Had raised $60M at $180M valuation from Insight Partners. They were at a scale of $40M approx during the fundraise.

Anrok – Raised $20M from Sequoia. Close competitor. Focused on SaaS. Need for new players to incorporate the new dynamism of economic nexus and other shortcomings of existing tools

Strong execution focus and high-quality early traction

In under 6 months, the founders have achieved strong outcomes: they have single-handedly built a robust, soon-to-be SOC2-compliant, product and have set in motion key GTM strategies/partnerships like marketplace listing, tax consultant partnerships, direct outreach and state partnerships.

In a short span of time, they have gained 25 paying customers, including a large enterprise client and have built a very strong sales pipeline driven largely by strong inbounds. 

If you are also dealing with the complexities of sales tax and are keen to simplify sales tax compliance so that you can focus on building & growing, try out Kintsugi or reach out to pujun@trykintsugi.com to learn more!

.

“Wie geht es dir?”

“I am good”

“Was ist dein Plan für heute?”

“I plan to read more about EzDubs!”

We’re pretty sure you put parts of this into Google Translate. But what if you could talk fluently, in real-time, to a German, in German?

That is the audacious goal of EzDubs.

We met Paddy, Amrut and Kareem, expecting them to have an asynchronous dubbing solution. As we tested the product, we uploaded one of our videos into EzDubs. We got our output in 10! 10 seconds, not minutes!

The latency of EzDubs was exceptionally low. In a market where latency is easily as high as 10 minutes, EzDubs had created “wow”. The founders’ deep experience building and researching in AI/ML for a collective 30 years showed. The trio had worked at Cisco, doing their masters  in audio and speech machine learning from Columbia University.

The team saw a big opportunity in creating real-time translation. They identified a new underlying wave due to the creation of LLMs and exponentially increasing computational power. Real-time translation would now be possible, as easily as an app on your device. EzDubs was targeting a huge opportunity.

Translation services is a $45B market globally. Most translation services involve a human in the loop. The reason is accuracy and the need to preserve emotion, tone and rhythm. Known as prosody, the preservation of prosody through a machine is hard. Dubbing services charge as high as $500/hour, taking days due to this difficulty.

Imagine the unlock if you could do this in 1/5th the cost in a few seconds. EzDubs saw the power of low latency almost instantly. 

EzDubs launched their tool for free via a Twitter bot to test their hypothesis. To say that it grew explosively is an understatement.The bot initially found pockets of fervent users like Indian football fans wanting to hear Messi’s world cup interviews in Hindi, and within a few months, it had grown to 100k followers, becoming one of the fastest growing AI bots on Twitter . Much larger, well-funded text-to-speech tools existed, yet people signed up for their dubbing service without a penny spent on marketing. Large enterprises found EzDubs thoroughly impressed with the output.

A flood of generative AI tools has emerged alongside EzDubs, doing audio, image, marketing or code. But many are essentially a UX layer built on top of a large language model. EzDubs, on the other hand, is building its audio model from scratch for real time sub-sentence translationa far more complex and ambitious approach. This will truly revolutionize how we communicate with each other in a multilingual environment.

Despite the love for their early product, the team believes they are just getting started. Paddy, Amrut, and Kareem’s conviction in an audacious goal, product thinking and technical horsepower made a compelling case for us.

Wir freuen uns über die Partnerschaft mit EzDubs.

The current state of technology worldwide has made cybersecurity solutions a necessity over the past decade rather than a mere optional value addition. This necessity applies to not just larger organizations managing trust for millions of users but also small startups storing personally identifiable information of their user base.

Technology shifts, such as the internet, the smartphone, cloud computing, and now AI, have led to an increasing span of cyber attacks across different cyber assets. At the same time, these shifts provide opportunities for tech entrepreneurs to push the limit and build groundbreaking security solutions. To understand the upcoming trends in enterprise cybersecurity software, let us first look at how the industry evolved. 

The cybersecurity industry is almost half a century in the making

The commercial cybersecurity industry has been growing rapidly for almost half a century and shows no sign of slowing down. At the helm of the ARPANET, a predecessor of the Internet, the “Creeper” was the earliest rendition of a computer virus, operating independently of human control. Thankfully, the “Reaper”, the earliest version of an anti-malware program created by the inventor of the email, eliminated the Creeper.

While both B2C and B2B cybersecurity software were blooming during the 80s, the most powerful security systems were in the hands of the government, responsible for protecting both the software and hardware of the emerging enterprises of the 20th century.

The internet, the cloud, and the smartphone are the three tectonic shifts that forever changed the face of entrepreneurship around cybersecurity. The rising access of the general public to the internet after its onset in the 90s paved the way for cyber attackers to penetrate systems that seemed a distant dream before. With government systems unable to cope with the rising frequency of attacks, entrepreneurs coming out from the recently established big techs found an opportunity to create an industry.

Bottom-up thinking led to the creation of consumer-grade antivirus and antimalware software. However, this approach of creating single-dimensional products for both consumers and enterprises proved detrimental. Cyber attackers evolved, and their tech evolved with them. No matter how antivirus software was updated, attackers always seemed to be one step ahead.

Inefficiencies in on-premise models laid the foundation for cloud computing in the early 2000s. The digitization of businesses created the need for shared computational resources and reduced complexities.

While legacy antivirus players profited, some nifty technocrats noted the need to ringfence enterprise systems. One such company, Palo Alto Networks, launched a highly intelligent “enterprise firewall” as their first product. Riding the wave of cloud computing, it became a catalyst for migrating legacy on-prem infrastructure to cloud platforms, providing trust and security for digital assets. Today, Palo Alto Networks is the largest cybersecurity company in the world.

When smartphones became popular amidst the world’s largest recession, the interactions between end-users and enterprise applications on the cloud became mainstream. Companies needed a way to open the doors of potential customers onto their applications without compromising security. This paved the way for Okta, an identity and access management company, to build products enabling security between the application and the user, such as single sign-on and multi-factor authentication.

Constant innovation and the creation of large companies in this field have made cybersecurity a playground for the next generation of entrepreneurs.

Security has become a must-have for all organizations

Over the past decade, the importance of security has evolved from being a less emphasized requirement to becoming a crucial priority for both enterprises and organizations. This shift has been propelled by several factors, including the widespread adoption of external software and applications, the growing volume of data usage within enterprise and mid-market companies, and the digital transformation of the employee lifecycle. As a result, cyber-attacks and data breaches are no longer just technology concerns but also significant business risks.

Furthermore, regulatory constraints and increased awareness among end consumers have heightened the demand for more effective cybersecurity solutions and products. Cybersecurity startups have experienced a substantial surge, with numerous entrepreneurs launching innovative solutions. Investors have recognized the potential in this sector, making enterprise security SaaS a prominent focus for investment.

Security holds varying levels of importance for different roles within an organization. The following summarises how diverse user personas approach and view different products in this context.

Going downward in the organizational hierarchy of security personnel, from CISOs to data engineers, translates to decreasing contract values. The go-to-market strategy also transitions from a pure-play sales-based approach driven by an executive network to a product-led open-source approach, building credibility around a nifty product.

Consequentially, an expanding market drives further innovation in this space 

Security in the digital realm is of utmost importance for specific industries, while it lurks as an implicit necessity for others. These sectors encompass a wide spectrum, including banking and financial services, information technology, manufacturing, healthcare, retail, government, telecommunications, media, entertainment, energy, utilities, and defence.

Enterprise cybersecurity software’s Total Addressable Market (TAM) quantifies organisations’ cumulative investment within these prioritized verticals to fortify their digital defenses.

By adopting a top-down approach, one can gauge the TAM to be approximately USD 350 billion, representing a colossal and steadily expanding opportunity for enterprises.

Intriguingly, the cybersecurity market is far from homogenous; instead, it is highly fragmented, with a substantial portion of cybersecurity resources allocated towards in-house product development or the engagement of external experts.

Surprisingly, the collective revenues generated by the top 8 cybersecurity firms merely scratch the surface of the global cybersecurity spending pie. Given the vastness and fragmentation of this market landscape, cybersecurity presents an alluring domain for entrepreneurs seeking to embark on new ventures and craft innovative solutions.

Nonetheless, considering that cybersecurity revolves around a singular objective with numerous avenues of approach, it becomes an arduous challenge for emerging companies to carve out a distinct competitive advantage or a clear path to success within this industry.

Cybersecurity entrepreneurs have to be creative to capitalize on this opportunity

After evaluating over 100 cybersecurity startups in India and the US, we’ve realised that the only way a new startup can capture the cybersecurity market significantly and differentiate itself is via moats that catalyse trust with security teams. There are four such moats:

Cross-sell motion

Established cybersecurity stalwarts initiated their journey by crafting a select few products, gradually amassing an initial clientele of enterprises. Over time, they expanded their product portfolio, strategically offering new solutions to their existing client base, bolstering their Average Contract Value (ACV).

The allure of a comprehensive, all-encompassing cybersecurity solution lies in its ability to create customer loyalty, shifting an organization’s focus away from security concerns and towards other revenue-generating endeavours.

Many startups in this domain have embraced a similar trajectory, leveraging this approach to achieve substantial growth and significantly elevate the barriers to client switching. Notable examples include companies like Palo Alto Networks and Fortinet. Conversely, a few well-established enterprises like Akamai have augmented their ACV by incorporating cybersecurity offerings into their pre-existing suite of synergistic services, such as content delivery and cloud operations.

Since many of these comprehensive solutions have already attained a full-stack status, the landscape has become increasingly challenging for newer startups seeking to replicate this level of diversity and scale.

Distribution and Domain Expertise

Another prevalent approach to achieving scalability entails developing case studies within specialized domains, building a reputation for domain-specific expertise, and securing additional clients within that niche. A notable illustration of this strategy is exemplified by Leidos, a comprehensive engineering platform that has cultivated a deep well of knowledge and proficiency in specific sectors, such as defence. Leidos collaborates closely with defence firms and government entities to safeguard their digital assets.

Similarly, many versatile cybersecurity solutions have meticulously crafted robust security offerings tailored to the unique demands of critical verticals, including fintech, healthcare, and retail. This has restricted the manoeuvring space for emerging startups aspiring to scale through this method, as the landscape in these domains is already well-saturated with established expertise and solutions.

Ease of Use

Given the inherently technical nature of cybersecurity products, their utilization often proves challenging for individuals lacking specialized cybersecurity training. This creates a notable opportunity for startups offering products and tools with ease of use, straightforward deployment, and comprehensibility.

One striking example of this competitive advantage can be found in Okta, a company that honed its focus on a specific category – identity and access management (IAM) – and developed products renowned for their user-friendliness. This strategic emphasis on usability propelled Okta to attain widespread adoption within the IAM sector.

Similar arguments hold for companies like Drata and Vanta in Governance, Risk Management, and Compliance (GRC) products. These firms have elevated their Average Contract Value (ACV) by delivering an exceptional user experience by automating compliance processes for standards like SOC2, ISO27001, HIPAA, etc. Their success is underpinned by a commitment to simplicity and usability, setting them apart in the competitive landscape.

Integrations

Another pivotal factor that contributed to Okta’s success was its extensive array of integrations with SaaS applications. By offering organizations the ability to bolster security on widely used enterprise applications seamlessly, Okta enhanced user experiences and established a compelling acquisition incentive.

In a landscape where the utilization of SaaS applications continues to surge, the prospect of offering such integrations emerges as a potent mechanism for newer companies to attract and retain customers, potentially becoming a synergistic driver for their growth and success.

AI will increase the efficacy of identity protection and cloud security software

The objective of bad actors in cybersecurity has shifted from spreading malware and breaking systems to entering systems in stealth and getting access. Over 70% of adversary activity was identified as malware-free in 2022 compared to 40% in 2019, indicating a move beyond malware to get initial access and persist.

Access brokerage has taken off over the last two years. All these are indications of increasing interest and propensity for identity attacks. Identity and Access Management continues to remain a top priority for organizations. While tools in this space have undergone significant and rapid technology transitions, Artificial Intelligence is the key to creating foolproof privilege access and identity management systems. 

With the ability to find patterns in data quickly and efficiently, AI will enable accurate and real-time detection of threats with much fewer false positives. AI-based security tools serve as an opportunity for upcoming entrepreneurs to redefine legacy cybersecurity tools by building smarter tools capable of making adaptive decisions to eliminate live and new threats based on threat data collected over the last two decades.

AI can significantly improve identity protection with the ability to model the digital behavior and intent of every employee within an organization as well as every customer of a company. Penetration testing becomes robust, and strategic decision-making by CISOs becomes much more informed with AI-driven simulations of social engineering attacks. With data and cloud becoming the most critical digital assets in an AI-first world, startups building unique data and cloud security solutions have great potential to scale globally.

---

The persona of founders building cybersecurity tools has also been changing consistently. Unlike at the beginning of the millennium, when cybersecurity tools could be built only by industry veterans who had strong relationships with clients, understood the space, and had access to enormous datasets, the coming decade presents an opportunity for young and highly talented entrepreneurs to leave their mark in the security industry.

While enterprise sales will remain the preferred go-to-market strategy for most experienced founders, the increasing acceptance of open-source security software will allow product-led growth for security tools built by founders right out of college and build credibility. Trust is key within the cybersecurity ecosystem, and an open-source strategy allows you to create that trust with strong evangelizers in the tech community and without any prior experience to show your credibility.