Future acquisitions could disrupt the Company’s business and adversely affect our results of operations, financial condition and cash flows.

On December 2, 2024, the Company completed the acquisition of the assets of Tribute Contracting & Consultants, LLC. In fiscal 2022, the Company completed the acquisitions of Tri-State Paving and Ryan Construction.In fiscal 2022, the Company completed the acquisitions of Tri-State Paving and Ryan Construction. The Company may continue to expand by making additional acquisitions that could be material to its business, results of operations, financial condition and cash flows. The Company may choose to expand by making additional acquisitions that could be material to its business, results of operations, financial condition and cash flows. Acquisitions involve many risks, including the following:

The occurrence of any of these risks could have a material adverse effect on the Company’s business, results of operations, financial condition and cash flows.

Risk Related to our Business

The type of contracts we obtain could adversely affect our profitability.

We enter into various types of contracts, including fixed price and variable pricing contracts. On fixed price contracts our profits could be curtailed or eliminated by unanticipated pricing increases associated with the contract.

A portion of our business depends on our ability to provide surety bonds. We may be unable to compete on certain projects if we are not able to obtain the necessary surety bonds.

Current or future market conditions, including losses in the construction industry or as a result of large corporate bankruptcies, as well as changes in our surety providers’ assessment of our operating and financial risk, could cause our surety providers to decline to issue or renew, or substantially reduce the amount of bonds for our work or could increase our bonding costs. These actions could be taken on short notice. Since a growing number of our customers require such bonding, should our surety providers limit or eliminate our access to bonding, our performance could be negatively impacted if we are unable to replace the bonded business with work that does not require bonding or if we are unable to provide other means of securing the jobs performance such as with letters of credit or cash.

Many of our contracts can be cancelled or delayed or may not be renewed upon completion.

If our customers cancel or delay many projects, our revenues could be reduced if we are unable to replace these contracts with others. Also, we have contracts that expire and are renewed periodically. If we are unsuccessful in renewing those contracts, that could reduce our revenue as well.

Our business requires a skilled labor force and if we are unable to attract and retain qualified employees, our ability to maintain our productivity could be impaired.

Our productivity depends upon our ability to employ and maintain skilled personnel to meet our requirements. Should some of our key managers leave the Company, it could limit our productivity. Also, many of our labor personnel are trade union members. Should we encounter labor problems associated with our union employees or if we are unable to employ enough available operators, welders, or other skilled labor, our production could be significantly curtailed.

Our backlog may not be realized.

Our backlog could be reduced due to the cancellation of projects by customers and/or reductions in scope of the projects. Should this occur, our anticipated revenues would be reduced unless we are able to replace those contracts.

We extend credit to customers for purchases of our services and therefore have risk that they may not be able to repay us.10 Table of ContentsWe extend credit to customers for purchases of our services and therefore have risk that they may not be able to repay us.

While we have not had any significant problems with collections of accounts receivables historically, should there be an economic downturn our customers’ ability to repay us could be compromised, and this may curtail our operations and ability to operate profitably.

Our dependence on suppliers, subcontractors and equipment manufacturers could expose us to risk of loss in our operations.

On certain projects, we rely on suppliers to obtain the necessary materials and subcontractors to perform portions of our services. We also rely on equipment manufacturers to provide us with the equipment needed to conduct our operations. Any limitation on the availability of materials or equipment or failure to complete work on a timely basis by subcontractors in a quality fashion could lead to added costs and therefore lower profitability for the Company.

We face cybersecurity risk including breach of confidential personal information, Company or customer intellectual properties, and delays related to data loss.

Information technology systems are critical to our business. We use various technology systems to manage our customer relationships, general ledger, and other systems. Our computer systems, data management and internal processes, as well as those of third parties, are integral to our performance. Our operational risks include the risk of malfeasance by employees or persons outside our company, errors relating to transaction processing and technology, systems failures or interruptions, breaches of our internal control systems, and business continuation and disaster recovery. There have been increasing efforts by third parties to breach data security. Such attacks include computer viruses, malicious or destructive code, phishing attacks, denial of service or information or other security breaches that could result in the unauthorized release, gathering, monitoring, misuse, loss or destruction of confidential, proprietary, and other information, damages to systems, or other material disruptions to network access or business operations. The Company uses industry-leading firewall hardware and runs anti-malware, antivirus, and anti-exploit solutions on all computers as a first line of defense to prevent security breaches. The Company’s email software utilizes spam blocking, phishing filtering, and external sender warnings. The Company uses compartmentalized network drive access to mitigate ransomware damage and performs daily encrypted backups to secure offsite locations including a disaster recovery site.

Although we take protective measures and believe that we have not experienced any of the data breaches described above, the security of our computer systems, software, and networks may be vulnerable to breaches, unauthorized access, misuse, computer viruses, or other malicious code and cyber-attacks that could have an impact on information security. Because the techniques used to cause security breaches change frequently, we may be unable to proactively address these techniques or to implement adequate preventative measures.

Inflation can have an adverse impact on our business and on our customers.

Inflation risk is the risk that the value of assets or income will be worth less in the future as inflation decreases the value of money. Over the last several years, there have been market indicators of a pronounced rise in inflation and the Federal Reserve has raised certain benchmark interest rates to combat inflation. Recently, there have been market indicators of a pronounced rise in inflation and the Federal Reserve has raised certain benchmark interest rates to combat inflation. Inflation generally increases the cost of goods and services we will use in our business operations, such as electricity and other utilities, which increases our expenses. In addition, we may have to increase both wages to retain our employees and the cost of our services by a greater amount than we have budgeted. Furthermore, our customers will also be affected by inflation and the rising costs of goods and services used in their businesses, which could have a negative impact on their ability to use our services and afford to pay our fees.

​

Societal responses to climate change could adversely affect our business and performance, including indirectly through impacts on our customers.

Concerns over the long-term impacts of climate change have led and will continue to lead to governmental efforts around the world to mitigate those impacts. Consumers and businesses also may change their behavior on their own as a result of these concerns. We and our customers will need to respond to new laws and regulations as well as consumer and business preferences resulting from climate change concerns. We and our customers may face cost increases, asset value reductions and operating process changes. The impact on our customers will likely vary depending on their specific attributes, including reliance on or role in carbon intensive activities. Among the impacts on us could be a drop in demand for our products and services, particularly in certain sectors. Our efforts to take these risks into account may not be effective in protecting us from the negative impact of new laws and regulations or changes in consumer or business behavior.

The SBA may review the Company’s PPP Loan forgiveness application and if the SBA disagrees with the Company’s certification the Company could be subject to penalties and the repayment of the PPP Loans, which could negatively impact the Company’s business, financial condition and results of operations and prospects.

Due to the economic uncertainties created by COVID-19 and limited operating funds available, the Company applied for loans under the PPP. On April 15, 2020, the Company and its subsidiaries, C.J. Hughes, Contractors Rental and Nitro, entered into separate PPP notes effective April 7, 2020, with the Lender in an aggregate principal amount of $13.1 million pursuant to the PPP Loans. In a special meeting held on April 27, 2020, the Board of Directors of the Company unanimously voted to return $3.3 million of the PPP Loans after discussing the financing needs of the Company and subsidiaries. That left the Company and subsidiaries with $9.8 million in PPP Loans to fund operations. During fiscal year 2021, the Company received notice that the SBA had granted forgiveness of the $9.8 million of PPP Loans and the SBA repaid the Lender in full. The forgiveness was recorded as other income for the fiscal year ended September 30, 2021.

During April 2023, management received notification from the SBA that one of the Company’s forgiveness applications related to the PPP Loans was under review. As part of the review, the SBA requested additional payroll information. Additionally, the SBA requested information regarding the ability of the Company’s affiliates to meet SBA size standards and/or PPP corporate maximum limits. The requested information was subsequently provided to the SBA through the Lender. The Company recognizes that there is a possibility that the SBA could reverse its previous determination on the forgiveness of the PPP Loans. As a result of this uncertainty, the Company restated the previously audited financial statements of the Company for the fiscal years ended September 30, 2022 and 2021.

During July 2023, management received notification from the SBA that two additional forgiveness applications related to the PPP Loans were under review. As part of the review, the SBA requested information regarding the ability of the Company’s affiliates to meet SBA size standards and/or PPP corporate maximum limits. The requested information was subsequently provided to the SBA through the Lender.

Borrowers must retain PPP documentation for at least six years after the date the loan is forgiven or paid in full, and the SBA and SBA Inspector General must be granted these files upon request. The SBA could revisit its forgiveness decision and determine that the Company does not qualify in whole or in part for loan forgiveness and demand repayment of the loans. In addition, it is unknown what type of penalties could be assessed against the Company if the SBA disagrees with the Company’s certification. Any penalties in addition to the potential repayment of the PPP Loans could negatively impact the Company’s business, financial condition and results of operations and prospects.

Risk Related to our Industry

An economic downturn in the industries we serve could lead to less demand for our services.

In addition to the effects of an economic recession, there could be reductions in the industries that the Company serves. If the demand for natural gas should drop dramatically, or the demand for electrical and mechanical services drops dramatically, these would in turn result in less demand for the Company’s services.

Project delays or cancellations may result in additional costs to us, reductions in revenues or the payment of liquidated damages.

In certain circumstances, we guarantee project completion by a scheduled acceptance date or are paid only upon achievement of certain acceptance and performance testing levels. Failure to meet any of these requirements could result in additional costs or penalties which could exceed the expected project profits.

Our industry is highly competitive.

Our industry has been and remains competitive with competitors ranging from small owner operated companies to large public companies. Within that group there may be companies with lower overhead costs that may be able to price their services at lower levels than we can. Accordingly, if that occurs, our business opportunities could be severely limited. In addition, our industry competes for energy demand with suppliers of alternative energy sources such as solar and wind.

We may be unsuccessful at generating internal growth.

Our ability to generate internal growth will be affected by our ability to:

Risk Related to Financing

Credit facilities to fund our operations and growth might not be available.

Our business relies heavily on having lines of credit in place to fund the various projects we are working on. Should funding not be available, or on favorable terms, it could severely curtail our operations and the ability to generate profits. Energy Services maintains a banking relationship with two regional banks and has lines of credit and borrowing facilities with these institutions.

On August 8, 2024, the Company renewed its $30.0 million line of credit with a maturity date of June 28, 2026. The line of credit is limited to a borrowing base calculation, which was approximately $25.1 million at September 30, 2024. The outstanding balance on the line of credit was $4.5 million at September 30, 2024. The line of credit has a variable interest rate equal to the “Wall Street Journal” Prime Rate with a floor of 4.5%, which was 8.0% at September 30, 2024.

The Company believes this line of credit will provide enough operating capital for future projects. The Company cannot guarantee it will always have access to this line of credit in the future depending on the Company’s financial performance.

Risk Related to our Financial Performance

Revenue and cost estimates on projects may differ from actual results.

The preparation of these consolidated financial statements requires us to make estimates and assumptions that affect the reported amounts of revenues and expenses during the reporting period. We evaluate our estimates on an ongoing basis, based on historical experience and on various other assumptions that are believed to be reasonable under the circumstances. While the Company believes estimates on project performance are materially correct at September 30, 2024, there can be no assurance that actual results will not differ from those estimates.

Risk Related to Law and Regulatory Compliance

During the ordinary course of business, we may become subject to lawsuits or indemnity claims, which could materially and adversely affect our business and results of operations.

From time to time, we may in the ordinary course of business be named as a defendant in lawsuits, claims and other legal proceedings. These actions may seek, among other things, compensation for alleged personal injury, worker’s compensation, employment discrimination, breach of contract, property damages, civil penalties, and other losses of injunctive or declaratory relief. Also, we often indemnify our customers for claims related to the services we provide and actions we take under our contracts with them. Because our services in certain instances may be integral to the operation and performance of our customers’ infrastructure, we may become subject to lawsuits or claims for any failure of the systems we work on. While we carry insurance to protect the Company against such claims, the outcomes of any of the lawsuits, claims or legal proceedings could result in significant costs and diversion of management’s attention from the business. Payments of significant amounts, even if reserved, could adversely affect our reputation, liquidity and results of operations.

We may incur liabilities or suffer negative financial or reputational harm relating to occupational health and safety matters.

Our operations are subject to extensive laws and regulations relating to the maintenance of safe conditions in the workplace. While we are constantly monitoring our health and safety programs, our industry involves a high degree of operating risk and there can be no assurance given that we will avoid significant liability exposure and/or be precluded from working for various customers due to high incident rates.

Changes by the government in laws regulating the industries we serve could reduce our sales volumes.

If the government enacts legislation that has a serious impact on the industries we serve, it could lead to the curtailment of capital projects in those industries and therefore lead to lower sales volumes for our Company.

Our failure to comply with environmental laws could result in significant liabilities.

Our operations are subject to various environmental laws and regulations, including those dealing with the handling and disposal of waste products, polychlorinated biphenyls (PCBs) and other hazardous materials, as well as fuel storage. We also work around and under bodies of water. We invest significantly in compliance with the appropriate laws and regulations. However, if we should inadvertently cause contamination of waters or soils, liabilities for our Company relating to cleanup and remediation could be substantial and could exceed any insurance coverage we might have and result in a negative impact to the Company’s ability to operate.

​

We have operations in multiple states and face risks related to pandemics such as the Coronavirus/COVID 19 global pandemic that could impact our results of operations.

Our business could be adversely affected by the effects of a widespread outbreak of a global pandemic such as COVID-19 and other adverse public health developments that could have a material and adverse effect on our business operations. These could include disruptions or restrictions on our ability to travel or to complete our projects, as well as temporary closures of our facilities or the facilities of our suppliers or customers. Any disruption of our suppliers or customers would likely impact our operating results.

​

Risks Relating to Ownership of Our Common Stock

Our common stock is not heavily traded, and the stock price may fluctuate significantly.

Our common stock is traded on the NASDAQ Capital Market under the symbol “ESOA.” Certain brokers currently make a market in the common stock, but such transactions are infrequent, and the volume of shares traded is relatively small. Management cannot predict whether these or other brokers will continue to make a market in our common stock. Prices on stock that is not heavily traded, such as our common stock, can be more volatile than heavily traded stock. Factors such as our financial results, the introduction of new products and services by us or our competitors, publicity regarding our industry, and various other factors may have a significant impact on the market price of the shares of the common stock. Management also cannot predict the extent to which an active public market for our common stock will develop or be sustained in the future. Accordingly, stockholders may not be able to sell their shares of our common stock at the volumes, prices, or times that they desire.

Our directors beneficially own a significant portion of our common stock and have substantial influence over us.

Our directors, as a group, beneficially owned approximately 32.4% of our outstanding shares of common stock as of September 30, 2024. As a result of this level of ownership, our directors have the ability, by taking coordinated action, to exercise significant influence over our affairs and policies. The interests of our directors may not be consistent with your interests as a stockholder. This influence may also have the effect of delaying or preventing changes of control or changes in management or limiting the ability of our other stockholders to approve transactions that they may deem to be in the best interests of our Company.

Our dividend policy may change without notice and any payment of dividends in the future is subject to the discretion of our board of directors.

The holders of our common stock will receive cash dividends if and when declared by our board of directors out of legally available funds. Although we paid an annual cash dividend in calendar 2024 and have initiated a regular quarterly cash dividend in fiscal 2025, we have no obligation to continue paying dividends. Although we paid an annual cash dividend in calendar 2023, we have no obligation to continue paying dividends. Any future determination relating to our dividend policy will be made at the discretion of our board of directors and will depend on a number of factors, including our future earnings, capital requirements, financial condition, future prospects, and other factors that our board of directors may deem relevant. Our ability to pay dividends to our stockholders will continue to be subject to, and limited by, certain legal restrictions. Further, any lenders making loans to us may impose financial covenants that may be more restrictive with respect to dividend payments than our legal requirements.

Increasing scrutiny and evolving expectations from customers, regulators, investors, and other stakeholders with respect to our environmental, social and governance practices may impose additional costs on us or expose us to new or additional risks.

Companies are facing increasing scrutiny from customers, regulators, investors, and other stakeholders related to their environmental, social and governance (“ESG”) practices and disclosure. Investor advocacy groups, investment funds and influential investors are also increasingly focused on these practices, especially as they relate to the environment, health and safety, diversity, labor conditions and human rights. Increased ESG-related compliance costs could result in increases to our overall operational costs. Increased ESG related compliance costs could result in increases to our overall operational costs. Failure to adapt to or comply with regulatory requirements or investor or stakeholder expectations and standards could negatively impact our reputation, ability to do business with certain partners, and our stock price. New government regulations could also result in new or more stringent forms of ESG oversight and expanding mandatory and voluntary reporting, diligence, and disclosure.

​

ITEM 1B. Unresolved Staff Comments

​

None.

​

ITEM 1C. Cybersecurity

​

The Company’s Board of Directors recognizes the critical importance of developing, implementing, and maintaining robust cybersecurity measures to assess, identify, and manage material risks associated with cybersecurity threats. These risks include, among other things, internal information technology risks; system security risks; data protection; risks to proprietary business information; intellectual property theft; fraud; extortion; harm to employees, partners, or customers; violation of privacy or security laws and other litigation and legal risk; and reputational risks. The Company has implemented a cybersecurity risk management program that generally aligns with the National Institute of Standards and Technology (NIST) Cybersecurity Framework to manage these material risks, safeguard the Company’s information systems, protect the confidentiality, integrity, and availability of the Company’s data, and maintain the trust and confidence of our customers, business partners, and employees.

Risk Management and Strategy

The Board of Directors is actively involved in oversight of the Company’s risk management framework. The Company’s cybersecurity risk management practices are strategically integrated into its broader risk management framework to promote a company-wide culture of cybersecurity awareness. This integration ensures cybersecurity considerations are an integral part of decision-making processes across the organization.

The Company’s risk management team collaborates closely with its internal IT team to evaluate and address cybersecurity risks in alignment with the Company’s overall business objectives and operational needs. The Company has implemented controls and

procedures to ensure the prompt escalation of cybersecurity concerns so that management, the Audit Committee, and the Board of Directors receive timely and appropriate information.

Given the complexity and evolving nature of cybersecurity threats, the Company engages external experts, such as cybersecurity assessors, third-party legal consultants, and auditors, to evaluate and test its risk management systems. These engagements include audits, threat assessments, and consultations on security enhancements. Such collaboration ensures the Company leverages specialized knowledge to maintain cybersecurity practices aligned with industry standards.

To assess, identify, and manage cybersecurity risks, the Company:

Governance

The Company’s Board of Directors believes it understands the significance of risks associated with cybersecurity threats to its operational integrity and stakeholder confidence and believes it has established mechanisms to effectively manage such risks based on the current understanding of the threat environment. As part of the Company’s entire Board of Directors operational risk management responsibilities, it has oversight of risks from cybersecurity threats. As discussed below, members of management advise the entire Board of Directors about cybersecurity threat risks, among other cybersecurity related matters, at least annually and management also reports to the Audit Committee with respect to cybersecurity risks with financial statement or financial statement reporting implications. The Audit Committee routinely interacts and reports to the entire Board of Directors on these matters.

The Board of Directors is composed of members with diverse expertise including risk management, technology, and finance domain expertise, equipping them to oversee cybersecurity risks effectively.

The Board of Directors and the Audit Committee receive briefings from the Company’s Chief Information Officer (“CIO”), Chief Financial Officer (“CFO”) and President and Chief Executive Officer (“CEO”) on a regular basis, with a minimum frequency of once per year. These briefings encompass a broad range of topics, including:

In addition to scheduled briefings, ad hoc discussions regarding emerging or potential cybersecurity risks ensure the Board remains informed and engaged in strategic decision-making related to cybersecurity. The Board conducts an annual review of the Company’s cybersecurity posture and risk management strategies to identify areas for improvement and maintain alignment with the Company’s overall risk management framework.

The Company’s CIO has over 20 years of experience in the field of technology and security and is instrumental in developing and designing, implementing and executing the Company’s cybersecurity strategies. The internal IT team is responsible for the day-to-day implementation of the Company’s cybersecurity risk management programs, testing compliance with standards, remediating known risks, and leading employee training programs. The team monitors the latest developments in cybersecurity, including potential threats and innovative risk management techniques, to help prevent, detect, and mitigate cybersecurity incidents.

In the event of a cybersecurity incident, the IT team implements the Company’s incident response plan to mitigate immediate impacts, implement remediation strategies, and prevent future incidents. The team also ensures that senior management is regularly informed about material cybersecurity risks and incidents to maintain alignment with organizational priorities.

As of the date hereof, the Company has not encountered cybersecurity incidents that the Company believes to have materially affected or are reasonably likely to materially affect the Company taken as a whole, including its business strategy, results of operations or financial condition.

​