Risk Factors Dashboard

Once a year, publicly traded companies issue a comprehensive report of their business, called a 10-K. A component mandated in the 10-K is the ‘Risk Factors’ section, where companies disclose any major potential risks that they may face. This dashboard highlights all major changes and additions in new 10K reports, allowing investors to quickly identify new potential risks and opportunities.

View risk factors by ticker

Search filings by term

Risk Factors - EAWD

-New additions in green
-Changes in blue
-Hover to see similar sentence in last filing

$EAWD Risk Factor changes from 00/04/14/22/2022 to 00/04/26/24/2024

ITEM 1A. RISK FACTORS. As a Smaller Reporting Company, the Company is not required to include the disclosure required under this Item 1A. As a smaller reporting company, the Company is not required to include the disclosure required under this Item 1A. ITEM 1B. 6 ITEM 1B. UNRESOLVED STAFF COMMENTS. Not applicable. ITEM 1C. CYBERSECURITY.

For their new cybersecurity section in Form 10-Ks, companies should confirm compliance with the new line item requirements in Item 106 of Regulation S-K, as summarized below. Risk Management and Strategy. Under new Items 106(b)(1), companies must: Describe the registrant's processes, if any, for assessing, identifying and managing material risks from cybersecurity threats in sufficient detail for a reasonable investor to understand those processes. In providing such disclosure, a registrant should address, as applicable, the following non-exclusive list of disclosure items: (i) Whether and how any such processes have been integrated into the registrant's overall risk management system or processes. (ii) Whether the registrant engages assessors, consultants, auditors, or other third parties in connection with any such processes. (iii) Whether the registrant has processes to oversee and" identify such risks from cybersecurity threats associated with its use of any third-party service provider. The SEC's purpose in adopting new disclosure items in Item 106(b)(1) was to "allow investors to ascertain a registrant's cybersecurity practices, such as whether they have a risk assessment program in place, with sufficient detail for investors to understand the registrant's cybersecurity risk profile," while at the same time avoiding details that "could increase a company's vulnerability to cyberattack."15 Cybersecurity Threat Disclosure. Under new Item 106(b)(2), companies must: Describe whether any risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, have materially affected or are reasonably likely to materially affect the registrant, including its business strategy, results of operations, or financial condition and if so, how. This new requirement in Item 601(b)(2) was proposed in 2022 by the SEC to "equip investors to better comprehend the level of cybersecurity risk the company faces" and "assess the company's preparedness regarding such risk," but also aligns with the SEC's 2018 guidance, which encourages companies to address the impact of any prior cybersecurity incidents in their risk factors. We expect many companies to provide a cross reference to existing risk factor disclosure on this point and to consider, as appropriate, any additional disclosure to address and clarify whether or not any cybersecurity incidents experienced to date have constituted a material cybersecurity incident. As the SEC noted, companies should likewise consider whether they need to revisit or refresh any previous disclosure made about cybersecurity incidents as they prepare this disclosure, including during the process of investigating a cybersecurity incident.17 Governance Board Disclosure. Under new Item 106(c)(1), companies must: Describe the board of directors' oversight of risks from cybersecurity threats. If applicable, identify any board committee or subcommittee responsible for the oversight of risks from cybersecurity threats and describe the processes by which the board or such committee is informed about such risks. For this requirement in Item 601(c)(1), although the SEC opted not to adopt a proposal to require disclosure of the frequency of board and committee discussions, the SEC specifically noted in the adopting release that the disclosure may include discussion of frequency, including the board or board committee's reliance on "periodic (e.g., quarterly) presentations by the registrant's chief information security officer to inform its consideration of risks from cybersecurity threats."18 Notably, the SEC also removed its proposed requirement that companies disclose whether any directors have cybersecurity expertise, noting that "effective cybersecurity processes are designed and administered largely at the management level and that directors with broad-based skills in risk management and strategy often effectively oversee management's efforts without specific subject matter expertise as they do with other sophisticated technical matters."19 Governance Management Disclosure. Under new Item 106(c)(2), companies must: Describe management's role in assessing and managing the registrant's material risks from cybersecurity threats. In providing such disclosure, a registrant should address, as applicable, the following non-exclusive list of disclosure items: (i) Whether and which management positions or committees are responsible for assessing and managing such risks, and the relevant expertise of such persons or members in such detail as necessary to fully describe the nature of the expertise. Relevant expertise may include, for example, prior work experience in cybersecurity; any relevant degrees or certifications; any knowledge, skills or other background in cybersecurity. (ii) The processes by which such persons or committees are informed about and monitor the prevention, detection, mitigation, and remediation of cybersecurity incidents. (iii) Whether such persons or committees report information about such risks to the board of directors or a committee or subcommittee of the board of directors. For this requirement in Item 106(c)(2), the SEC noted that this list is a “non-exclusive list” that companies should consider when describing management's role in cybersecurity oversight, and that this disclosure would “typically encompass identification of whether a registrant has a chief information security officer [(CISO)] or someone in a comparable position.” The detailed information required about the CISO's background (including the CISO's prior work experience, knowledge, skills and degrees or certifications held) is notable in that it goes beyond current disclosure requirements regarding other members of company management. 12 .
Recently Filed
Click on a ticker to see risk factors
Ticker * File Date
NVTS 2 days, 8 hours ago
DAN 2 days, 8 hours ago
FSBC 2 days, 8 hours ago
CLMB 2 days, 8 hours ago
NPKI 2 days, 8 hours ago
SBGI 2 days, 8 hours ago
BXP 2 days, 8 hours ago
SHO 2 days, 8 hours ago
HFWA 2 days, 8 hours ago
SSP 2 days, 9 hours ago
FBP 2 days, 9 hours ago
WULF 2 days, 9 hours ago
GSG 2 days, 9 hours ago
SLV 2 days, 9 hours ago
IBIT 2 days, 9 hours ago
IAUM 2 days, 9 hours ago
IAU 2 days, 9 hours ago
ETHA 2 days, 9 hours ago
SOLV 2 days, 9 hours ago
NWN 2 days, 9 hours ago
TDC 2 days, 9 hours ago
SAFT 2 days, 9 hours ago
RPC 2 days, 9 hours ago
FMAO 2 days, 9 hours ago
HMN 2 days, 9 hours ago
STLD 2 days, 9 hours ago
UBSI 2 days, 9 hours ago
DKL 2 days, 9 hours ago
DK 2 days, 9 hours ago
SBAC 2 days, 10 hours ago
GLP 2 days, 10 hours ago
CCBG 2 days, 10 hours ago
CRI 2 days, 10 hours ago
SBR 2 days, 10 hours ago
MSIF 2 days, 11 hours ago
MAIN 2 days, 11 hours ago
FMC 2 days, 11 hours ago
FMBH 2 days, 11 hours ago
NYT 2 days, 11 hours ago
LASR 2 days, 11 hours ago
TXRH 2 days, 11 hours ago
DRH 2 days, 11 hours ago
DROR 2 days, 11 hours ago
ACA 2 days, 12 hours ago
HOMB 2 days, 12 hours ago
AVB 2 days, 12 hours ago
EPD 2 days, 12 hours ago
WWW 2 days, 13 hours ago
CHE 2 days, 13 hours ago
MBWM 2 days, 13 hours ago

OTHER DATASETS

House Trading

Dashboard

Corporate Flights

Dashboard

App Ratings

Dashboard