Risk Factors Dashboard

Once a year, publicly traded companies issue a comprehensive report of their business, called a 10-K. A component mandated in the 10-K is the ‘Risk Factors’ section, where companies disclose any major potential risks that they may face. This dashboard highlights all major changes and additions in new 10K reports, allowing investors to quickly identify new potential risks and opportunities.

View risk factors by ticker

Search filings by term

Risk Factors - EAWD

-New additions in green
-Changes in blue
-Hover to see similar sentence in last filing

$EAWD Risk Factor changes from 00/04/14/22/2022 to 00/04/26/24/2024

ITEM 1A. RISK FACTORS. As a Smaller Reporting Company, the Company is not required to include the disclosure required under this Item 1A. As a smaller reporting company, the Company is not required to include the disclosure required under this Item 1A. ITEM 1B. 6 ITEM 1B. UNRESOLVED STAFF COMMENTS. Not applicable. ITEM 1C. CYBERSECURITY.

For their new cybersecurity section in Form 10-Ks, companies should confirm compliance with the new line item requirements in Item 106 of Regulation S-K, as summarized below. Risk Management and Strategy. Under new Items 106(b)(1), companies must: Describe the registrant's processes, if any, for assessing, identifying and managing material risks from cybersecurity threats in sufficient detail for a reasonable investor to understand those processes. In providing such disclosure, a registrant should address, as applicable, the following non-exclusive list of disclosure items: (i) Whether and how any such processes have been integrated into the registrant's overall risk management system or processes. (ii) Whether the registrant engages assessors, consultants, auditors, or other third parties in connection with any such processes. (iii) Whether the registrant has processes to oversee and" identify such risks from cybersecurity threats associated with its use of any third-party service provider. The SEC's purpose in adopting new disclosure items in Item 106(b)(1) was to "allow investors to ascertain a registrant's cybersecurity practices, such as whether they have a risk assessment program in place, with sufficient detail for investors to understand the registrant's cybersecurity risk profile," while at the same time avoiding details that "could increase a company's vulnerability to cyberattack."15 Cybersecurity Threat Disclosure. Under new Item 106(b)(2), companies must: Describe whether any risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, have materially affected or are reasonably likely to materially affect the registrant, including its business strategy, results of operations, or financial condition and if so, how. This new requirement in Item 601(b)(2) was proposed in 2022 by the SEC to "equip investors to better comprehend the level of cybersecurity risk the company faces" and "assess the company's preparedness regarding such risk," but also aligns with the SEC's 2018 guidance, which encourages companies to address the impact of any prior cybersecurity incidents in their risk factors. We expect many companies to provide a cross reference to existing risk factor disclosure on this point and to consider, as appropriate, any additional disclosure to address and clarify whether or not any cybersecurity incidents experienced to date have constituted a material cybersecurity incident. As the SEC noted, companies should likewise consider whether they need to revisit or refresh any previous disclosure made about cybersecurity incidents as they prepare this disclosure, including during the process of investigating a cybersecurity incident.17 Governance Board Disclosure. Under new Item 106(c)(1), companies must: Describe the board of directors' oversight of risks from cybersecurity threats. If applicable, identify any board committee or subcommittee responsible for the oversight of risks from cybersecurity threats and describe the processes by which the board or such committee is informed about such risks. For this requirement in Item 601(c)(1), although the SEC opted not to adopt a proposal to require disclosure of the frequency of board and committee discussions, the SEC specifically noted in the adopting release that the disclosure may include discussion of frequency, including the board or board committee's reliance on "periodic (e.g., quarterly) presentations by the registrant's chief information security officer to inform its consideration of risks from cybersecurity threats."18 Notably, the SEC also removed its proposed requirement that companies disclose whether any directors have cybersecurity expertise, noting that "effective cybersecurity processes are designed and administered largely at the management level and that directors with broad-based skills in risk management and strategy often effectively oversee management's efforts without specific subject matter expertise as they do with other sophisticated technical matters."19 Governance Management Disclosure. Under new Item 106(c)(2), companies must: Describe management's role in assessing and managing the registrant's material risks from cybersecurity threats. In providing such disclosure, a registrant should address, as applicable, the following non-exclusive list of disclosure items: (i) Whether and which management positions or committees are responsible for assessing and managing such risks, and the relevant expertise of such persons or members in such detail as necessary to fully describe the nature of the expertise. Relevant expertise may include, for example, prior work experience in cybersecurity; any relevant degrees or certifications; any knowledge, skills or other background in cybersecurity. (ii) The processes by which such persons or committees are informed about and monitor the prevention, detection, mitigation, and remediation of cybersecurity incidents. (iii) Whether such persons or committees report information about such risks to the board of directors or a committee or subcommittee of the board of directors. For this requirement in Item 106(c)(2), the SEC noted that this list is a “non-exclusive list” that companies should consider when describing management's role in cybersecurity oversight, and that this disclosure would “typically encompass identification of whether a registrant has a chief information security officer [(CISO)] or someone in a comparable position.” The detailed information required about the CISO's background (including the CISO's prior work experience, knowledge, skills and degrees or certifications held) is notable in that it goes beyond current disclosure requirements regarding other members of company management. 12 .
Recently Filed
Click on a ticker to see risk factors
Ticker * File Date
PRHI 1 day, 1 hour ago
QUIK 1 day, 1 hour ago
GPAC 1 day, 1 hour ago
M 1 day, 1 hour ago
CAQ 1 day, 1 hour ago
PNYG 1 day, 1 hour ago
HVMC 1 day, 1 hour ago
ULYX 1 day, 1 hour ago
OUNZ 1 day, 1 hour ago
ANDG 1 day, 1 hour ago
LOCL 1 day, 1 hour ago
ITHUF 1 day, 1 hour ago
BTCW 1 day, 1 hour ago
INTS 1 day, 1 hour ago
GYRO 1 day, 1 hour ago
BIOE 1 day, 2 hours ago
PRT 1 day, 2 hours ago
RVP 1 day, 2 hours ago
BSBK 1 day, 2 hours ago
SJT 1 day, 2 hours ago
QNTO 1 day, 3 hours ago
PBT 1 day, 3 hours ago
CRT 1 day, 4 hours ago
VABK 1 day, 4 hours ago
BAFN 1 day, 4 hours ago
VRA 1 day, 4 hours ago
XAEIU 1 day, 4 hours ago
XXAAU 1 day, 4 hours ago
ANSC 1 day, 4 hours ago
LGMK 1 day, 4 hours ago
NKSH 1 day, 4 hours ago
BVFL 1 day, 4 hours ago
MNPR 1 day, 4 hours ago
GRHI 1 day, 6 hours ago
OXM 1 day, 6 hours ago
HAFG 1 day, 6 hours ago
IWAL 1 day, 7 hours ago
SHFH 1 day, 7 hours ago
EPSN 1 day, 7 hours ago
IPWR 1 day, 8 hours ago
CMTV 1 day, 8 hours ago
WENN 2 days ago
GTERA 2 days ago
CCXI 2 days ago
PAAC 2 days ago
NRDE 2 days ago
SLND 2 days ago
SGP 2 days ago
GPAT 2 days ago
SFRX 2 days ago

OTHER DATASETS

House Trading

Dashboard

Corporate Flights

Dashboard

App Ratings

Dashboard