Risk Factors Dashboard
Once a year, publicly traded companies issue a comprehensive report of their business, called a 10-K. A component mandated in the 10-K is the ‘Risk Factors’ section, where companies disclose any major potential risks that they may face. This dashboard highlights all major changes and additions in new 10K reports, allowing investors to quickly identify new potential risks and opportunities.
View risk factors by ticker
Search filings by term
Risk Factors - CCL
-New additions in green
-Changes in blue
-Hover to see similar sentence in last filing
Item 1A. Risk Factors and Part II, Item 7, Management’s Discussion and Analysis of Financial Condition and Results of Operations, in this Form 10-K.
Our cybersecurity diligence extends to third-party vendors and partners. We have operationalized processes that seek to identify and manage cybersecurity risks from our service providers, including those who have access to our guest or team member data or direct access to our network, systems and applications, with the goal of minimizing our exposure to third party risks. In addition, cybersecurity and data privacy considerations factor greatly in the sourcing, selection and oversight of our third-party service providers. We generally require third-party service providers that access or host our data, systems, or applications or could otherwise introduce cybersecurity risk to us, to complete additional risk assessments, comply with our security and privacy requirements, and agree to the timely reporting of cyber security incidents to us.
As of November 30, 2024, we are not aware of any risks from cybersecurity threats that have materially affected or are reasonably likely to materially affect our business strategy, results of our operations, or financial condition. Despite our efforts with respect to protecting information technology operations and strengthening our cybersecurity and data privacy positions, we have been, and may continue to be, impacted by breaches in data security and lapses in data privacy, which occur from time to time. In the last three fiscal years, we have not experienced any material cybersecurity incidents and the expenses incurred in connection with cybersecurity incidents were not material. For additional information on the risks from cybersecurity threats and the potential related impacts on the company, refer to Operational Risk Factor f.
Our Chief Information Security Officer (“CISO”) leads our worldwide efforts in cybersecurity risk reduction and regulatory compliance. Our CISO oversees risk management across information technology operations, cybersecurity and data privacy. With over 20 years of experience across various industries, including Fortune 50 and 100 organizations, our CISO brings a comprehensive background in strategic cybersecurity leadership and risk management. This expertise is further supported by an array of certifications (C-CISO, CISSP, CISM, CRISC, CISA, and CIPT), as well as academic credentials, including a Master’s in Information Systems from Harvard University and a Bachelor’s in Business Administration from Florida International University. Our CISO regularly updates executive management and actively engages within the cybersecurity community to stay informed on the latest industry developments.
The Audit Committees are responsible for oversight of our risk management with respect to information technology operations and cybersecurity while the Compliance Committees oversee risk management in the area of data privacy and the HESS Committees oversee risk management related to our maritime operational technologies. The Audit Committees receive updates from the CISO on our information technology operations, including cybersecurity developments and risks, three times a year, and our Board of Directors receive updates from the CISO on an annual basis.
Item 1A. Risk Factors.
You should carefully consider the following discussion of material factors, events and uncertainties that make an investment in the company’s securities risky and provide important information for the understanding of the “forward-looking” statements discussed in this Form 10-K and elsewhere. These risk factors should be read in conjunction with other information in this Form 10-K.
The events and consequences discussed in these risk factors could have a material adverse effect on the company’s business, financial condition, operating results and stock price. These risk factors do not identify all risks that the company faces; operations could also be affected by factors, events, or uncertainties that are not presently known to the company or that the company currently does not consider to present material risks to its operations. In addition to the risk factors below, additional or unforeseen effects from our substantial debt balance incurred during the pause of our guest cruise operations could give rise to additional risks or amplify many of the risks discussed below. Some of the statements in this item and elsewhere in this document are “forward-looking statements.” For a discussion of those statements and of other factors to consider see the “Cautionary Note Concerning Factors That May Affect Future Results” section.
The ordering and lettering of the risk factors set forth below is not intended to reflect any company indication of priority or likelihood.
Operational Risk Factors
a.Events and conditions around the world, including geopolitical uncertainty, war and other military actions, pandemics, inflation, higher fuel prices, higher interest rates and other general concerns impacting the ability or desire of people to travel could lead to a decline in demand for cruises as well as have significant negative impacts on our financial condition and operations. Events and conditions around the world, including geopolitical uncertainty, war and other military actions, inflation, higher fuel prices, higher interest rates and other general concerns impacting the ability or desire of people to travel have led, and may in the future lead, to a decline in demand for cruises as well as negative impacts to our operating costs and profitability.
We have been, and may continue to be, impacted by the public’s concerns regarding the health, safety and security of travel, including pandemics, government travel advisories and travel restrictions, political instability and civil unrest, terrorist attacks, war and military action and other general concerns.We have been, and may continue to be, impacted by the public’s concerns regarding the health, safety and security of travel, including government travel advisories and travel restrictions, political instability and civil unrest, terrorist attacks, war and military action and other general concerns. The resulting impacts of these events, including a pause of our guest cruise
26
operations, supply chain disruptions, increased fuel prices, impact on demand for cruises to neighboring regions and international sanctions and other measures that have been imposed, have significantly adversely affected, and may in the future significantly adversely affect, our business. These factors may also have the effect of heightening many other risks to our business, any of which could materially and adversely affect our business and results of operations. Additionally, we have been, and may continue to be, impacted by heightened regulations around customs and border control, travel bans to and from certain geographical areas, voluntary changes to our itineraries in light of geopolitical events, government policies increasing the difficulty of travel and limitations on issuing international travel visas. We may be impacted by adverse changes in the perceived or actual economic climate, such as inflation, global or regional recessions, higher unemployment and underemployment rates and declines in income levels.
b. Incidents concerning our ships, guests or the cruise industry may negatively impact the satisfaction of our guests and crew and lead to reputational damage. Incidents concerning our ships, guests or the cruise industry have in the past and may, in the future, negatively impact the satisfaction of our guests and crew and lead to reputational damage.
Our operations involve the risk of incidents and media coverage thereof. Such incidents include, but are not limited to, the improper operation or maintenance of ships, motorcoaches and trains; guest and crew illnesses; mechanical failures, fires and collisions; repair delays, groundings and navigational errors; oil spills and other maritime and environmental issues as well as other incidents at sea, while in port or on land, which have in the past and may in the future generate negative publicity or cause voyage disruptions or changes in itineraries, guest and crew discomfort, injury, or death. Such incidents include, but are not limited to, the improper operation or maintenance of ships, motorcoaches and trains; guest and crew illnesses; mechanical failures, fires and 38collisions; repair delays, groundings and navigational errors; oil spills and other maritime and environmental issues as well as other incidents at sea, while in port or on land which may generate negative publicity or cause guest and crew discomfort, injury, or death. Although our commitment to the safety and comfort of our guests and crew is paramount to the success of our business, our ships have been involved in outbreaks, accidents and other incidents in the past and we may experience similar or other incidents in the future. Our ability to attract and retain the loyalty of our guests, our ability to hire and the amounts we must pay our crew depend, in part, upon the perception and reputation of our company and our brands and the public’s concerns regarding the health and safety of travel generally, as well as the cruising industry and our ships specifically. In addition, these and any other events which impact the travel industry more generally may negatively impact our guests’ and/or crew’s ability or desire to travel to or from our ships and/or interrupt the supply of critical goods and services.
c. Changes in and non-compliance with laws and regulations under which we operate, such as those relating to health, environment, safety and security, data privacy and protection, anti-money laundering, anti-corruption, economic sanctions, trade protection, labor and employment, and tax may be costly and lead to litigation, enforcement actions, fines, penalties and reputational damage.
We are subject to numerous international, national, state and local laws, regulations, treaties and other legal requirements that govern health, environmental, safety and security matters in relation to our guests, crew and ships. These requirements change regularly, depending on the itineraries of our ships and the ports and countries visited. Implementing these and any subsequent requirements have been, and may in the future continue to be costly and take time to implement across our global cruise operations. Implementing these and any subsequent requirements may be costly and take time to implement across our global cruise operations. In addition, the accelerating pace of regulatory changes may affect our ability to comply in the future. If we violate or fail to comply with any of these laws, regulations, treaties and other requirements we could be, and have previously been, fined, placed on probation or otherwise sanctioned by regulators. In addition, there is increased global focus on climate change, which may lead to additional regulatory requirements. Refer to Operational Risk Factor “d.” below for additional discussion on climate change regulation risks.
In the course of doing business, we collect guest, team member, company and other third-party data, including personal and other sensitive data. We are subject to laws and requirements related to the treatment and protection of personal, sensitive and/or other regulated data in the jurisdictions where we operate. Various governments, agencies and regulatory organizations have enacted or are considering new rules and regulations and we expect to continue to incur costs to comply with these rules and regulations.
Our operations subject us to potential liability under anti-money laundering and anti-corruption laws and regulations. We may also be affected by economic sanctions, trade protection laws, policies and other regulatory requirements affecting trade and investment.
We are subject to compliance with tax laws, regulations and treaties in the jurisdictions in which we are incorporated or operate. These tax laws, regulations and treaties are subject to change at any time, which may result in substantially higher tax expense. For example, the implementation of the OECD’s rules will affect Carnival plc and its subsidiaries beginning in fiscal 2025 and Carnival Corporation and certain of its subsidiaries beginning in fiscal 2026. The application of these rules continues to evolve, and its outcome may alter our tax obligations in certain countries in which we operate. Refer to XVII. Refer to XIX. Taxation for additional discussion on the OECD’s rules. Other changes in domestic and international tax rules and regulations and their application could also alter our tax obligations.
27
d. Factors associated with climate change, including evolving and increasing regulations, increasing global concern about climate change and the shift in climate conscious consumerism and stakeholder scrutiny, and increasing frequency and/or severity of adverse weather conditions could have a material impact on our business.
Growing concerns regarding climate change have resulted in increased global regulatory focus on GHG and other emissions which have impacted us and may in the future have material impacts on our business. Refer to XVIII. Refer to XIX. Governmental Regulations for additional discussion of recent developments related to Maritime Regulations, Greenhouse Gas Emissions and EU Regulations. Fossil fuels are currently the only viable option for our industry and it is not clear when alternative fuels or other technologies will be commercially viable at scale. To provide a path to net zero emissions, alternative low GHG emission fuels will be necessary for the maritime industry; however, there are significant supply challenges that must be resolved before viability is reached. Climate change-related regulatory activity and developments that require us to reduce our emissions, which includes both the EU regulations and IMO Strategy (refer to XVIII. Governmental Regulations), have impacted us and may in the future have a material impact on our business and financial results by requiring us to make capital investments in new equipment or technologies, pay for emission allowances, purchase carbon offset credits, or otherwise incur additional costs or take additional actions related to our emissions. Governmental Regulations), may individually or collectively have a material impact on our business and financial results by requiring us to make capital investments in new equipment or technologies, pay for emissions, purchase carbon offset credits, or otherwise incur additional costs or take additional actions related to our emissions. Such activity has impacted and may continue to impact us indirectly by increasing our operating costs, including fuel costs. Such activity may also impact us indirectly by increasing our operating costs, including fuel costs. Regulatory developments may also result in the inability to operate ships that do not meet certain standards, the acceleration of the removal of less fuel-efficient ships from our fleet and impact the resale value of our ships in the future. In addition, regulatory developments may restrict or limit our access to certain destinations and/or countries or impact our freedom to operate. Regulatory efforts, both internationally and in the U.S., are evolving, including the international alignment of such efforts, and we cannot determine what final regulations will be enacted, modified, or reversed or what their ultimate impact on our business will be.
Growing recognition among consumers globally of the negative effects of climate change and the impact of GHG and other emissions may lead to material changes in consumer preferences. For instance, our guests may choose a vacation option that they perceive as operating in a manner that is more sustainable for the climate, seek alternative methods of travel, or reduce the amount and frequency of their travel. In addition, some environmental focused groups have and may continue to generate negative publicity regarding the environmental impact of the cruise industry and are advocating for more stringent oversight and regulation of our industry, including of ship emissions while the ship is docked and at sea. At the same time, we may also face negative impacts from consumers who do not support climate-related initiatives or concerns. Environmental scrutiny of our operations and the industry from the investment community, other stakeholders, and the media (including social media) have impacted and may continue to impact how we are perceived, which may have a material impact on our operations and financial results. Environmental scrutiny of our operations and the industry from the investment community, other stakeholders, and the media have impacted and may continue to impact how we are perceived, which may have a material impact on our operations and financial results. Certain climate-related actions and investments we make today may not lead us to our intended future emissions related goals or may not be favorably perceived in future years based on continuing evolving regulations and perceptions around effective emissions mitigation strategies and technologies.
Our cruise ships, hotels, land tours, port and related commercial facilities and shore excursions have been and may continue to be impacted by adverse weather patterns or other natural disasters, such as hurricanes, earthquakes, floods, fires, tornadoes, tsunamis, typhoons and volcanic eruptions. Climate change is expected to increase the frequency and intensity of certain adverse weather patterns, possibly making certain destinations less desirable or impacting our business in other ways. We have been forced to, and in the future may be forced to, alter itineraries or cancel a cruise or a series of cruises or tours due to these or other types of disruptions. The physical climate-related risks to our business include increased hurricane/typhoon intensity and frequency, increases in global temperatures and rising sea levels which may adversely impact our shoreside facilities, our investments in ports or the availability or desirability of ports and destinations in which we operate. These effects may also disrupt the supply of critical goods and services to our facilities and ships. Any of these events could have a material impact on our business and profitability.
e. Inability to meet or achieve our targets, goals, aspirations, initiatives, and our public statements and disclosures regarding them, including those related to sustainability matters, may expose us to risks that may adversely impact our business.
We have developed and will continue to establish targets, goals, aspirations, and other objectives, including those related to sustainability matters (“sustainability objectives”). These statements reflect our current plans and do not constitute a guarantee that they will be achieved. Our efforts to research, establish, accomplish, and accurately report on our sustainability objectives expose us to numerous operational, reputational, financial, legal, and other risks, any of which could have a negative impact on our business. With respect to our sustainability objectives, our efforts to research, establish, accomplish, and accurately report on these objectives expose us to numerous operational, reputational, financial, legal, and other risks, any of which could have a negative impact on our business. Our ability to achieve any of our stated sustainability objectives, particularly with respect to our environmental emissions aspirations, is subject to numerous factors and conditions, many of which are outside of our control. Examples of such factors include the availability and costs of low- or non-GHG emission energy sources and technology that do not yet exist at scale for our industry, evolving regulatory requirements affecting sustainability standards or disclosures, the availability of future financing and the availability of suppliers that can meet our sustainability standards. Examples of such factors include the availability and costs of low- or non-GHG emission energy sources and technology, evolving regulatory requirements affecting sustainability standards or disclosures, the availability of future financing and the availability of suppliers that can meet our sustainability standards.
Our business may face increased scrutiny from our guests, our team members, the investment community, governments, regulators, destinations and other stakeholders that we serve related to our sustainability activities, including the sustainability objectives that we adopt, our methodologies and timelines for pursuing them and our ability to document and support the
28
achievement of those objectives, as their expectations for such matters continue to evolve. If our sustainability practices do not meet, are adverse to, or are perceived to fall short of, the expectations of our guests, team members, investors or other stakeholders, demand for cruising, our reputation, our ability to attract or retain team members, and our attractiveness as an investment could be negatively impacted. If our sustainability practices do not meet, or are perceived to fall short of, the expectations of our guests, team members, investors or other stakeholders, demand for cruising, our reputation, our ability to attract or retain team members, and our attractiveness as an investment could be negatively impacted. In addition, governments may restrict or limit our access to ports and destinations for which there is high guest demand. Similarly, our pursuit, or our failure or perceived failure to pursue, meet or fulfill our targets, goals, aspirations, and other objectives (including sustainability objectives) within the timelines we announce, or at all, could have the same negative impacts as well as expose us to government enforcement actions and private litigation. Similarly, our failure or perceived failure to pursue, meet or fulfill our targets, goals, aspirations, and other objectives (including sustainability objectives) within the timelines we announce, or at all, could have the same negative impacts as well as expose us to government enforcement actions and private litigation.
f. Cybersecurity incidents and data privacy breaches, as well as disruptions and other damages to our principal offices, information technology operations and system networks and failure to keep pace with developments in technology have adversely impacted and may in the future materially adversely impact our business operations, the satisfaction of our guests and crew and may lead to fines, penalties and reputational damage.
We have been and may continue to be impacted by cybersecurity incidents and data privacy breaches, which occur from time to time.We have been and may continue to be impacted by breaches in data security and lapses in data privacy, which occur from time to time. These malicious attacks can vary in scope and aim to disrupt or compromise our shoreside and shipboard operations by targeting our key operating systems or those of our third-party service providers. Breach or circumvention of our systems or the systems of third parties, including by ransomware or malware, through vulnerabilities in licensed software or hardware, generative artificial intelligence (“AI”) impersonation, targeted and coordinated attacks of our systems or as a result of other attacks, have led to and may continue to lead to disruptions in our business operations; unauthorized access to (or the loss of company access to) competitively sensitive, confidential or other critical data (including sensitive financial, medical or other personal or business information) or systems; loss of customers; financial losses; regulatory investigations, enforcement actions, fines and penalties; litigation; reputational damage; and misuse or corruption of critical data and proprietary information, any of which could be material. Breach or circumvention of our 40systems or the systems of third parties, including by ransomware or malware, through vulnerabilities in licensed software or hardware, or as a result of other attacks, has led to and may continue to lead to disruptions in our business operations; unauthorized access to (or the loss of company access to) competitively sensitive, confidential or other critical data (including sensitive financial, medical or other personal or business information) or systems; loss of customers; financial losses; regulatory investigations, enforcement actions and fines; litigation; reputational damage; and misuse or corruption of critical data and proprietary information, any of which could be material. Additionally, integrating AI into our operations may increase our cybersecurity and data privacy risks. We also have and may continue to rely on third parties in helping us manage our cybersecurity risk management processes. Additionally, we may rely on third parties in helping us to implement and manage our cyber security risk management processes. Any measures that we take and such third parties take to avoid, detect, mitigate or recover from material cybersecurity threats or incidents can be expensive, and may be insufficient, circumvented, or may become ineffective. Any measures that we take and such third parties take to avoid, detect, mitigate or recover from material cyber security threats or incidents can be expensive, and may be insufficient, circumvented, or may become ineffective.
Our physical work locations, including those that house our information technology operations, system networks and various other remote locations may be impacted by actual or threatened natural disasters (for example, hurricanes, earthquakes, floods, fires, tornadoes, tsunamis and typhoons) or other disruptive events.Our offices, information technology operations, system networks and various remote work locations may be impacted by actual or threatened natural disasters (for example, hurricanes, earthquakes, floods, fires, tornadoes, tsunamis and typhoons) or other disruptive events. Our maritime and/or shoreside operations, including our ability to manage our inventory of cabins held for sale and set pricing, control costs and serve our guests, depends on the reliability of our information technology operations and system networks, as well as our ability to refine and update to more advanced systems and technologies. In addition, we may be unable to obtain appropriate technology in a timely manner or at all or we may incur significant costs in doing so. A failure to adopt the appropriate technology, or a failure, disruption or obsolescence in the technology that we do adopt, could have adverse effects on our business.
g. The loss of key team members, our inability to recruit or retain qualified shoreside and shipboard team members and increased labor costs could have an adverse effect on our business and results of operations.
Our success depends, in large part, on the skills and contributions of our team members, and on our ability to recruit, develop and retain high quality, diverse team members. We may not be successful in recruiting, developing or retaining key or other highly qualified team members. In addition, high-GHG emission industries may become a less attractive employment opportunity. At times we have, and may in the future continue to, experience difficulty in hiring sufficient qualified team members, due to general macroeconomic factors and/or increasingly competitive labor markets. At times we have and may in the future experience difficulty in hiring sufficient qualified team members, due to general macroeconomic factors and/or increasingly competitive labor markets.
In addition, we hire a significant number of qualified shipboard team members each year and, thus, our ability to adequately recruit, develop and retain these individuals is important to our success. Incidents involving cruise ships, including disease outbreaks on our ships and increasing demand as a result of the industry’s projected growth could negatively impact our ability to recruit, develop and retain sufficient qualified shipboard team members.
h. Increases in fuel prices, changes in the types of fuel consumed and availability of fuel supply may adversely impact our scheduled itineraries and costs.
We have been and may continue to be impacted by economic, market and political conditions around the world, regulatory requirements including climate-induced regulations, supply disruptions and related infrastructure needs, which make it difficult to predict the future price and availability of fuel.We have been and may continue to be impacted, by economic, market and political conditions around the world, regulatory requirements including climate-induced regulations, supply disruptions and related infrastructure needs, which make it difficult to predict the future price and availability of fuel. The supply and availability of different fuel types in various markets in which we operate have experienced increased volatility and have led to increased fuel prices and reduced profitability. Future increases in the global price of fuel would increase the cost of our cruise ship operations as well as some of our other expenses, such as crew travel, freight and commodity prices. Increases in airfares, such as those resulting from increases in the price of fuel, have in the past and may in the future increase our guests’ overall vacation costs and reduce demand for cruises, as many of our guests depend on airlines to transport them to or from the airports near the ports where our cruises embark and
29
disembark. Refer to Operational Risk Factor “d.” for additional discussion on the impact of climate change and regulation changes on fuel costs.
i. We rely on suppliers who are integral to the operations of our businesses. We rely on supply chain vendors who are integral to the operations of our businesses. These suppliers and service providers may be unable to deliver on their commitments, which could negatively impact our business. These vendors and service providers may be unable to deliver on their commitments, which could negatively impact our business.
We rely on suppliers to deliver key products and services to the operations of our businesses around the world.We rely on supply chain vendors to deliver key products to the operations of our businesses around the world. Any event impacting a supplier’s ability to deliver quality goods and services at the location and time needed could negatively impact our ability to operate our business. Any event impacting a vendor’s ability to deliver quality goods at the location and time needed could negatively impact our ability to operate our business. Events impacting our supply chain could be caused by factors beyond the control of our suppliers or us, including labor actions, increased demand, problems in production or distribution and/or disruptions in third-party logistics, information technology or transportation systems. In addition, global events in recent years have resulted in widespread global supply chain disruptions to suppliers including critical supply chain shortages, labor shortages, significant material cost inflation and extended lead times for items that are required for our operations. In addition, global events in recent years have resulted in widespread global supply chain disruptions to vendors including critical supply chain shortages, labor shortages, significant material cost inflation and extended lead times for items that are required for our operations. Any such interruptions to our supply chain could increase our costs and could limit the availability of products critical to our operations.
j. Fluctuations in foreign currency exchange rates may adversely impact our financial results.
We earn revenues, pay expenses, purchase and own assets and incur liabilities in currencies other than the U.S. dollar. Additionally, our shipbuilding contracts are typically denominated in euros. Movements in foreign currency exchange rates, which at times have been more volatile, will affect our financial results.
k. Overcapacity and competition in the cruise and land-based vacation industry may negatively impact our cruise sales, pricing and destination options.
We have been and may in the future be impacted by increases in capacity in the cruise and land-based vacation industry, which may result in capacity growth beyond demand, either globally or for a region, or for a particular itinerary.We may be impacted by increases in capacity in the cruise and land-based vacation industry, which may result in capacity growth beyond demand, either globally or for a region, or for a particular itinerary. We face competition from other cruise brands on the basis of overall experience, destinations, types and sizes of ships and cabins, travel agent partner preferences and value. In addition, we may fail to sufficiently invest in or upgrade our existing cruise ships and other assets to meet the expectations of current and potential guests. We also compete with land-based vacation alternatives throughout the world on the basis of overall experience, destinations and value. In addition, certain ports and destinations have faced a surge of both cruise and non-cruise tourism and in certain destinations, countermeasures to limit the number of tourists have been proposed or contemplated and/or put into effect, including limits on cruise ships and cruise guests. Potential restrictions in ports and destinations could limit the itinerary and destination options we can offer our guests going forward.
l. Inability to implement our shipbuilding programs and ship repairs, maintenance and refurbishments may adversely impact our business operations and the satisfaction of our guests.
There are a limited number of shipyards with the capability and capacity to build, repair, maintain and/or upgrade our ships, which may limit our ability to meet our capacity growth or ship refurbishment objectives. In addition, we have in the past and may in the future be impacted by unforeseen events, such as work stoppages, supply chain issues, insolvencies, “force majeure” events or other financial difficulties experienced by shipyards, their subcontractors and our suppliers. In addition, we may be impacted by unforeseen events, such as work stoppages, supply chain issues, insolvencies, “force majeure” events or other financial difficulties experienced by shipyards, their subcontractors and our suppliers. This may result in less shipyard availability resulting in delays or preventing the delivery of our ships under construction and/or the completion of the repair, maintenance or refurbishment of our existing ships. This may lead to potential delays or cancellations of cruises. Additionally, the prices of various commodities that are used in the construction of ships and for repair, maintenance and refurbishment of existing ships, such as steel, are subject to volatility which may increase our costs.
Financial Risk Factors
a. We require a significant amount of cash to service our debt and sustain our operations. Our ability to generate cash depends on many factors, including those beyond our control, and we may not be able to generate cash required to service our debt and sustain our operations.
Our ability to meet our debt service obligations, refinance our debt or sustain our business needs and operations depends on our future operating and financial performance and our ability to generate cash. This will be affected by our ability to successfully continue to execute on our business strategy, which if unsuccessful, would negatively impact the occupancy levels and pricing of our cruises. Our future performance is also impacted by general macroeconomic, financial, geopolitical, competitive, regulatory and other factors beyond our control such as inflation, higher fuel prices, higher taxes and higher interest rates. If we cannot generate sufficient cash to meet our debt service obligations or fund our other business needs, we may, among other things, need to refinance our debt, obtain additional financing, delay planned capital expenditures or sell assets. We cannot make assurances that we will be able to generate sufficient cash through any of the foregoing. If we are not able to refinance our
30
debt, obtain additional financing or sell assets on commercially reasonable terms or at all, we may not be able to satisfy our obligations with respect to our debt. Refer to Liquidity, Financial Condition and Capital Resources.
b. Our substantial debt could adversely affect our financial health and operating flexibility.
We have a substantial amount of debt, significant debt service obligations and related covenant restrictions. Despite our leverage, we may incur more debt, subject to certain restrictions, in the future. Our substantial debt has had and could continue to have important negative consequences for us. Our substantial debt could, among other things:
•require us to dedicate a large portion of our cash flow from operations to servicing debt and funding repayments on our debt, thereby reducing the availability of our cash flow to fund working capital, capital expenditures and other general corporate purposes;
•increase our vulnerability to adverse general economic or industry conditions;
•limit our flexibility in planning for, or reacting to, changes in our business or the industry in which we operate;
•limit our ability to pay dividends or distributions on or redeem or repurchase stock and make other restricted payments;
•place us at a disadvantage compared to others that have less debt;
•make us more vulnerable to downturns in our business, the economy or the industry in which we operate;
•limit our ability to raise additional debt or equity capital in the future to satisfy our requirements relating to working capital, capital expenditures, development projects, strategic initiatives or other purposes;
•restrict us from introducing new technologies or exploiting business opportunities;
•make it difficult for us to satisfy our obligations with respect to our debt; and
•expose us to the risk of increased interest rates as certain of our borrowings are (and may be in the future) at a variable rate of interest.
Certain of our indebtedness accrues interest at variable rates, which subjects us to interest rate volatility with respect to such instruments and could cause our debt service obligations to increase significantly. If we breach the covenants or restrictions in our debt instruments, we could trigger a default under the terms of certain of our debt instruments. If that occurs, we may be required to seek covenant amendments or the relevant creditors could elect to declare the debt, together with accrued and unpaid interest and other fees, if any, immediately due and payable (or cancel any unfunded commitments, if applicable) and proceed against the collateral, if any, securing that debt. Borrowings under our other debt instruments that contain cross-default provisions may also be accelerated or become payable on demand, and our assets may not be sufficient to repay such indebtedness in full.
Item 1B. Unresolved Staff Comments.
None.
Item 1C.Item 1A. Cybersecurity.
With an increasingly technology-driven business landscape, cybersecurity is critical to safeguarding our company's shipboard and shoreside assets and maintaining our operational integrity. We have implemented cybersecurity measures that are designed to protect the confidentiality, integrity and availability of our information technology and operational technology systems against the constantly evolving cyber threats.
Risk Management
Our processes to identify and manage cybersecurity risks form part of our overall risk management framework which includes an organization wide, multi-layered approach to risk assessment and management. Our cybersecurity risk management program is designed to proactively identify, assess and mitigate potential cybersecurity threats. It leverages industry-leading cybersecurity frameworks and standards, such as the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework and the ISO/IEC 27001 standard. We conduct regular risk assessments to evaluate the security posture of our systems and processes, including vulnerability assessments, penetration testing, external attack surface mitigations and monitor our network for suspicious activity and potential breaches. We engage third-party advisory firms to conduct assessments of the maturity of our cybersecurity program, including measures to improve our Payment Card Industry Data Security Standard (“PCI DSS”) compliance, as well as to conduct penetration testing of our shoreside and shipboard assets on a periodic basis. We continue to invest in our information technology, operational technology and cybersecurity programs to layer in the right mix of risk-based controls to protect against evolving threats.
We maintain an incident response plan and related policies and protocols which outline procedures for identifying, reporting and responding to cybersecurity incidents. Our incident response plan is regularly updated to address new threats and tested through crisis simulation exercises involving our shipboard and shoreside employees. We also have an incident response team who is trained to handle a wide range of security events and collaborates with external cybersecurity experts when necessary.
31
We have data privacy and security standards across the company that are designed to comply with relevant regulations, including the General Data Protection Regulation (“GDPR”), the California Consumer Privacy Act (“CCPA”) and PCI DSS. We employ encryption, access controls, and other data anonymization techniques to safeguard data throughout its lifecycle.
We also have data privacy and cybersecurity focused training for our shoreside and select shipboard team members. We regularly educate our shoreside and shipboard team members about the importance of handling and protecting guest and team member data, including phishing simulation exercises and annual privacy and security training to enhance awareness of how to detect and respond to cybersecurity threats.
Governance
Our CISO chairs our Cybersecurity Advisory Council (“CAC”), a cross-functional management committee that drives awareness, ownership and alignment across broad governance and risk stakeholder groups for effective cybersecurity risk management. The CAC is sponsored by our Chief Financial Officer and is composed of senior leaders from our brand information security, data privacy, legal, internal audit and information technology teams. The CAC meets at least quarterly and has responsibility for oversight of our cybersecurity strategic direction, risks and threats, priorities, resource allocation, capabilities and planning. The CISO and her team are informed about and monitor the prevention, detection, mitigation and remediation of cybersecurity incidents in accordance with our cyber incident response plan. Additionally, the CISO informs our Disclosure Committee on a quarterly basis, or more frequently if needed, of any cybersecurity risks or incidents or other information system matters that may affect our business strategy, results of operations or financial condition.
Our Chief Privacy Officer and Data Protection Officers oversee our focus on the proper processing of personal information in alignment with our privacy policy and applicable privacy laws and regulations.
32
Recently Filed
Click on a ticker to see risk factors
| Ticker * | File Date |
|---|---|
| PYPL | 10 hours ago |
| HMMR | 10 hours ago |
| OTIS | 10 hours ago |
| PEAK | 11 hours ago |
| SLAB | 12 hours ago |
| DOW | 19 hours ago |
| BKR | 20 hours ago |
| PEP | 1 day, 9 hours ago |
| FCFS | 1 day, 10 hours ago |
| RTX | 1 day, 10 hours ago |
| KREF | 1 day, 10 hours ago |
| BA | 1 day, 13 hours ago |
| GE | 1 day, 21 hours ago |
| JVA | 4 days, 10 hours ago |
| ISRG | 4 days, 10 hours ago |
| INTC | 4 days, 10 hours ago |
| CMCSA | 4 days, 11 hours ago |
| TMUS | 4 days, 11 hours ago |
| SKKY | 4 days, 11 hours ago |
| X | 4 days, 15 hours ago |
| CHTR | 4 days, 20 hours ago |
| NOC | 5 days, 11 hours ago |
| NOBH | 5 days, 12 hours ago |
| SIRI | 5 days, 18 hours ago |
| NOW | 6 days, 5 hours ago |
| TSLA | 6 days, 7 hours ago |
| META | 6 days, 7 hours ago |
| CCS | 6 days, 7 hours ago |
| BRID | 6 days, 10 hours ago |
| FLUX | 6 days, 10 hours ago |
| SVBL | 6 days, 10 hours ago |
| PBSV | 6 days, 10 hours ago |
| URI | 6 days, 11 hours ago |
| MXL | 6 days, 11 hours ago |
| LEVI | 6 days, 11 hours ago |
| OCEL | 6 days, 11 hours ago |
| FREVS | 6 days, 18 hours ago |
| CODA | 6 days, 20 hours ago |
| JEF | 1 week ago |
| NRIX | 1 week ago |
| LMT | 1 week ago |
| CRGH | 1 week ago |
| GM | 1 week ago |
| CNXC | 1 week ago |
| CCL | 1 week, 1 day ago |
| MULN | 1 week, 4 days ago |
| KBH | 1 week, 4 days ago |
| SNX | 1 week, 4 days ago |
| LEN | 1 week, 5 days ago |
| MKC | 1 week, 5 days ago |
