Risk Factors Dashboard

Once a year, publicly traded companies issue a comprehensive report of their business, called a 10-K. A component mandated in the 10-K is the ‘Risk Factors’ section, where companies disclose any major potential risks that they may face. This dashboard highlights all major changes and additions in new 10K reports, allowing investors to quickly identify new potential risks and opportunities.

Risk Factors - INTA

-New additions in green
-Changes in blue
-Hover to see similar sentence in last filing

Item 1A. Risk Factors.

Our business, operations and financial results are subject to various risks and uncertainties, including those described below, that could materially adversely affect our business, results of operations, financial condition, and the trading price of our common stock. The following material factors, among others, could cause our actual results to differ materially from historical results and those expressed in forward-looking statements made by us or on our behalf in filings with the SEC, press releases, communications with investors, and oral statements.

Risk Factors Summary

Below is a summary of material factors that make an investment in our common stock speculative or risky:

Our rapid growth makes it difficult to evaluate our future prospects and may increase the risk that we will not continue to grow at or near historical rates.
We have a history of losses and may not achieve or maintain profitability in the future.
All of our revenues are generated by sales to clients in our targeted verticals, and factors, including the downturns in U.S. and global markets and economic conditions, that adversely affect the applicable industry could also adversely affect our business.
If our solutions or third-party cloud providers or sub-processors experience data security breaches and there is loss, theft, misuse, unauthorized disclosure or unauthorized access to our clients’ data, we may lose current or future clients, our reputation and business may be harmed, and we may be subject to governmental inquiries or investigations and a risk of loss or liability.
Our business depends on clients renewing and expanding their subscriptions for our solutions. A decline in our client renewals and expansions could harm our future results of operations.
Because we recognize revenues from our SaaS solutions over the term of the agreements for our subscriptions, a significant downturn in our business may not be reflected immediately in our operating results, which increases the difficulty of evaluating our future financial performance.
Our sales cycles are lengthy and variable, depend upon factors outside our control, and could cause us to expend significant time and resources prior to generating revenues.
We are expanding our SaaS solutions to incorporate recent innovations in AI and these initiatives may not be successful, which may adversely affect our business, results of operations and financial condition, and may also result in reputational harm and liability.
If we are unable to develop, introduce and market new and enhanced versions of our solutions, we may be put at a competitive disadvantage and our operating results could be adversely affected.
If we are unable to develop or sell our solutions into new markets or to further penetrate existing markets, our revenues will not grow as expected and our operating results could be adversely affected.
We compete in highly competitive markets, and if we do not compete effectively, our business, results of operations, and financial condition could be negatively impacted and cause our market share to decline.
If the market for SaaS solutions for professional and financial services develops slower than we expect or declines, it could have a material adverse effect on our business, financial condition and results of operations.
We may continue to expand through acquisitions or partnerships with other companies, which may divert our management’s attention and result in unexpected operating and technology integration difficulties, increased costs, and dilution to our stockholders.
If we fail to effectively manage our growth, our business and results of operations could be harmed.
Our solutions address functions within the heavily regulated professional and financial services industry, and our clients’ failure to comply with applicable laws and regulations could subject us to litigation.

11


Our solutions or pricing models may not accurately reflect the optimal pricing necessary to attract new clients and retain existing clients as the market matures.
Our loan and security agreement provides our lender with a first-priority lien against substantially all of our assets and contains restrictive covenants which could limit our operational flexibility and otherwise adversely affect our financial condition.
Failure of any of our established solutions to satisfy client demands or to maintain market acceptance would harm our business, results of operations, financial condition, and growth prospects.
Our ability to sell and renew our solutions is dependent in part on the quality of our implementation services and technical support services and the implementation services provided by our partners, and our failure to offer high-quality implementation services or technical support services or our partners’ failure to offering high-quality implementation services could damage our reputation and adversely affect our ability to sell our solutions to new clients and renew agreements with our existing clients.
Real or perceived errors or failures in our solutions may affect our reputation, cause us to lose clients and reduce sales which may harm our business and results of operations.
Changes in laws, regulations, or guidance issued by supervisory authorities relating to privacy or the protection or transfer of personal data, or any actual or perceived failure by us to comply with such laws, regulations, or guidance, could adversely affect our business and could subject us to liability, fines and reputational harm.
Assertions against us, by third parties alleging infringement or other violation of their intellectual property rights, could result in significant costs and substantially harm our business and results of operations.
Failure to protect our intellectual property could substantially harm our business and results of operations.
We and our clients rely on technology and intellectual property of third parties, and any errors or defects in, or any unavailability of, such technology and intellectual property could limit the functionality of our solutions and disrupt our business.
We agree to indemnify clients and other third parties, which exposes us to substantial potential liability.
If we fail to maintain an effective system of internal controls, our ability to produce timely and accurate financial statements or comply with applicable regulations could be impaired.
Our international sales and operations subject us to additional risks that can adversely affect our business, results of operations and financial condition.
If the ownership of our common stock continues to be highly concentrated, it may prevent other minority stockholders from influencing significant corporate decisions and may result in conflicts of interest.
The market price and trading volume of our common stock has been and may continue to be volatile, which could result in rapid and substantial losses for our stockholders.
Future offerings of debt or equity securities by us may materially adversely affect the market price of our common stock.
The market price of our common stock could be negatively affected by sales of substantial amounts of our common stock in the public markets.
We may be adversely affected by natural disasters, outbreaks, epidemics, or pandemics involving public health, other catastrophic events and terrorism that could disrupt and harm our business, results of operations, and financial condition.

12


Risks Related to Our Business and Industry

Our rapid growth makes it difficult to evaluate our future prospects and may increase the risk that we will not continue to grow at or near historical rates.

We have been growing rapidly over the last several years, and as a result, our ability to forecast our future results of operations is subject to a number of uncertainties, including our ability to effectively plan for and model future growth. Our recent and historical growth should not be considered indicative of our future performance. In future periods, our revenues could grow more slowly than in recent periods or decline for a number of reasons, including any reduction in demand for our Intapp Intelligent Cloud platform, increase in competition, limited ability to, or our decision not to, increase pricing, or our failure to capitalize on growth opportunities or if any of the other risks described herein were to materialize. In future periods, our revenues could grow more slowly than in recent periods or decline for a number of reasons, including any reduction in demand for our Intapp platform, increase in competition, limited ability to, or our decision not to, increase pricing, or our failure to capitalize on growth opportunities or if any of the other risks described herein were to materialize. We have encountered in the past, and will encounter in the future, risks and uncertainties frequently experienced by growing companies in new and rapidly changing markets. If our assumptions regarding these risks and uncertainties, which we use to plan and operate our business, are incorrect or change, or if we do not address these risks successfully, our operating and financial results could differ materially from our expectations, our growth rates may slow and our business would suffer.

We have a history of losses and may not achieve or maintain profitability in the future.

In fiscal years 2024, 2023 and 2022, we incurred net losses. We must generate and sustain higher revenue levels in future periods to become profitable, and even if we do, we may not be able to maintain or increase our profitability. We expect to continue to incur losses for the foreseeable future as we intend to continue to invest in product development, sales and marketing programs and acquisitions to support further growth.

These expenditures may not result in additional revenues or growth of our business. We have also experienced increased costs associated with the growth and expansion of our client base and investments in research and development. Accordingly, we may not be able to generate sufficient revenues to offset our expected cost increases and achieve and sustain profitability. If we fail to achieve and sustain profitability, the market price of our common stock could decline.

All of our revenues are generated by sales to clients in our targeted verticals, and factors, including the downturns in U.S. and global markets and economic conditions, that adversely affect the applicable industry could also adversely affect our business.

A majority of our sales are to clients in the professional and financial services industry. Demand for our solutions could be affected by factors that are unique to and adversely affect our targeted verticals. In particular, our clients in the professional and financial services industry are highly regulated, subject to intense competition and impacted by changes in general economic and market conditions. For example, changes in applicable laws and regulations could significantly impact the software functionality demanded by our clients and require us to expend significant resources to ensure our solutions continue to meet their evolving needs. Changes in general economic and market conditions, including economic uncertainty, inflation, liquidity concerns and fluctuating interest rates, have resulted in and could continue to result in stress and volatility in the financial services industry. Also, changes in general economic and market conditions, including economic uncertainty, inflation, liquidity concerns and fluctuating interest rates, have resulted in and could continue to result in stress and volatility in the financial services industry. In certain sectors of the financial services industry, certain financial institutions have faced liquidity and solvency concerns, consolidation, a severe decline in market value, distress, failure and receivership. For example, in March 2023, Silicon Valley Bank (SVB) was closed by regulators. While the closure did not have a material direct impact on our business, continued instability in the global banking system may result in additional bank failures, as well as volatility of global financial markets, either of which may adversely impact our clients in the financial services industry and our business and financial condition. It is possible that these conditions may persist, deteriorate or reoccur, which may cause our clients to reduce their spending on our technology or to seek to terminate or renegotiate their contracts with us. It is possible that these conditions may persist, deteriorate or reoccur, which may cause our customers to reduce their spending on our technology or to seek to terminate or renegotiate their contracts with us. In addition, industry consolidation or the introduction of competing technology, in any of our targeted verticals could lead to a significant reduction in the number of clients that use our solutions or the services demanded by these clients. In addition, other industry-specific factors, such as industry consolidation or the introduction of competing technology, could lead to a significant reduction in the number of clients that use our solutions within a particular vertical or the services demanded by these clients.

13


Significant economic and market downturns make it difficult for our clients and us to forecast and plan future business activities accurately. Adverse changes in domestic and global economic and political conditions, including those associated with outbreaks, epidemics, or pandemics involving public health, uncertainty as a result of geopolitical events such as the conflicts in and around Ukraine, the Middle East and other parts of the world, inflation, elevated interest rates and the adverse economic downturn, stress and volatility in the financial services industry and impacts from climate change, could result in significant decreases in demand or lengthened sales cycles for our solutions, including the delay or cancellation of current or anticipated projects, and reduction in IT spending by our clients and potential clients, or could present difficulties in collecting accounts receivables from our clients if their financial condition deteriorates. Adverse changes in domestic and global economic and political conditions, including those associated with outbreaks, epidemics, or pandemics involving public health Russian military action against Ukraine, inflation and the adverse economic downturn, stress and volatility in the financial services industry and impacts from climate change, could result in significant decreases in demand or lengthened sales cycles for our solutions, including the delay or cancellation of current or anticipated projects, and reduction in IT spending by our clients and potential clients, or could present difficulties in collecting accounts receivables from our clients if their financial condition deteriorates. The effects of climate change may further disrupt our clients’ businesses, by, among other things, increasing their costs and credit risk from their clients. Additionally, our market verticals are also interdependent. Our clients in the professional services industry rely significantly on revenues they receive from their own clients in the financial services industry, thus a decline in one vertical can lead to a decline in the other vertical. As a result, our ability to generate revenues from our clients could be adversely affected by specific factors that affect the professional and financial services industry.

If our solutions or third-party cloud providers or sub-processors experience data security breaches, and there is loss, theft, misuse, unauthorized disclosure or unauthorized access to our clients’ data, we may lose current or future clients, our reputation and business may be harmed, and we may be subject to governmental inquiries or investigations and a risk of loss or liability.

Our business involves the processing, storing and transmission of increasingly large amounts of confidential and sensitive information that our clients and potential clients in the professional and financial services industry maintain and access. We and our third-party cloud providers and sub-processors face a variety of evolving threats that could cause data security breaches, including cyberattacks. Also, companies that provide software solutions to clients in the legal industry, like us, may face heightened cyber security risks. While we have developed and implemented measures designed to protect client information and prevent security breaches and our cloud services comply with numerous internationally recognized standards, such as ISO 27001, ISO 27017, ISO 27108, SOC 2 and CSA STAR, if our security measures are breached or unauthorized access to client data is otherwise obtained, our solutions may be perceived as not being secure; clients, especially those in the professional and financial services industry, may reduce the use of or stop using our solutions, and we may incur significant liabilities. Our solutions involve the storage and transmission of data, in some cases to third-party cloud providers, which may include personal data, and security breaches, including at third-party cloud providers, could result in the loss, theft, misuse, unauthorized disclosure of and unauthorized access to this information, which in turn could result in governmental inquiries or investigations, litigation, breach of contract claims, indemnity obligations, reputational damage and other liability for our company. Despite the measures that we have or may take, our infrastructure will be potentially vulnerable to physical or electronic break-ins, ransomware attacks, computer viruses or similar problems, and in the case of third-party cloud providers, may be outside of our control. Despite the measures that we have or may take, our infrastructure will be potentially vulnerable to physical or electronic break-ins, computer viruses or similar problems, and in the case of third-party cloud providers, may be outside of our control. As AI technologies, including generative AI models, develop rapidly bad actors may use these technologies to create new sophisticated attack methods that are increasingly automated, targeted and coordinated and more difficult to defend against. If a person circumvents our security measures, that person could misappropriate proprietary information or disrupt or damage our operations. As our business grows, the number of individuals using our products, as well as the amount of information we collect and store, is increasing, and our brands are becoming more widely recognized, which makes us a greater target for malicious activity. Risk of cyberattacks including ransomware, continues to grow as cybersecurity threats become more sophisticated and complex and geopolitical tensions or conflicts, may create a heightened risk of cyberattacks. Risk of cyberattacks continues to grow as cybersecurity threats become more sophisticated and complex and geopolitical tensions or conflicts, such as Russia’s invasion of Ukraine, may create a heightened risk of cyberattacks. Like most companies that provide cloud-based software solutions, we are, in the normal course of business, the target of malicious cyberattack attempts. Although, to date, such identified attempts have not resulted in security events that are material or significant to us, including to our reputation or business operations, or had a material financial impact, there can be no assurance that future cyberattacks will not be material or significant. Security breaches that result in access to confidential information could damage our reputation and subject us to a risk of loss or liability. We may be required to make significant expenditures to remediate security breaches or significant additional expenditures to protect against security breaches. Additionally, if we are unable to adequately address our clients’ concerns about security, we may have difficulty selling our solutions.

14


We rely on third-party technology and systems for a variety of services, including, without limitation, third-party cloud providers or sub-processors to host our websites and web-based services, encryption and authentication technology, employee email, content delivery to clients, back-office support and other functions, and the ability to prevent breaches of any of these systems may be beyond our control. Because techniques used to obtain unauthorized access or sabotage systems change frequently and generally are not identified until they are launched against a target, we may be unable to anticipate these techniques or to implement adequate preventative measures. Although we have developed systems and processes that are designed to protect client information and prevent data loss and other security breaches, including systems and processes designed to reduce the impact of a security breach at a third-party vendor, such measures cannot provide absolute security. In addition, we may have to introduce such protective systems and processes to acquired companies, who may not correctly implement them at first or at all. Any or all of these issues could negatively impact our ability to attract new clients or to increase engagement by existing clients, could cause existing clients to elect not to renew their subscription arrangements or term licenses, or could subject us to third-party lawsuits, regulatory fines or other action or liability, thereby adversely affecting our results of operations. The laws, regulations and industry standards related to cybersecurity are evolving globally. We may be subject to increased compliance requirements by regulators and clients with respect to our products and services, as well as additional costs to oversee and monitor security risks. Many jurisdictions have enacted laws mandating the notification of individuals, stockholders, regulatory authorities and others of security breaches. For example, the SEC recently adopted cybersecurity risk management and disclosure rules, which require the disclosure of material cybersecurity incidents, risk management, strategy and governance. While we maintain cyber liability insurance policies covering certain damages relating to security breaches, we cannot be certain that our coverage will be adequate for liabilities actually incurred or that insurance will continue to be available to us on economically reasonable terms, or at all. Our risks are likely to increase as we continue to expand our platform, grow our client base, and process, store, and transmit increasingly large amounts of confidential and sensitive data, and as cyber security threats continue to grow increasingly sophisticated and complex.

Our business depends on clients renewing and expanding their subscriptions for our solutions. A decline in our client renewals and expansions could harm our future results of operations.

Our software solutions are provided on a subscription basis, with subscription terms typically varying from one to three years. Although most of our client subscriptions automatically renew at the end of their terms, our clients do have the opportunity to cancel their subscriptions prior to such renewals. Clients may elect not to renew their subscriptions on conclusion of the terms on relatively short notice. The loss of business from clients, including from cancellations, could seriously harm our business, results of operations and financial condition. Historical data with respect to rates of client renewals, upgrades and expansions of our solutions, may not accurately predict future trends in client renewals, upgrades and expansions of our solutions. Our clients’ renewal, upgrade and expansion rates may fluctuate or decline because of several factors, including their satisfaction or dissatisfaction with our solutions and implementation services, the prices of our solutions, the prices of the solutions and the quality of the implementation services offered by our competitors or reductions in our clients’ spending levels due to the macroeconomic environment or other factors. If our clients do not renew their subscriptions for our solutions or renew on less favorable terms, or otherwise do not upgrade or expand their use of our solutions, our revenues may decline or grow more slowly than expected and our profitability will be harmed.

Because we recognize revenues from our SaaS solutions over the term of the agreements for our subscriptions, a significant downturn in our business may not be reflected immediately in our operating results, which increases the difficulty of evaluating our future financial performance.

We generally recognize revenues from our SaaS solutions ratably over the duration of the contract, which typically range from one to three years. As a result, a substantial majority of our quarterly revenues from our SaaS solutions are generated from contracts entered into during prior periods. Consequently, a decline in new contracts in any quarter may not affect our results of operations in that quarter, but could reduce our revenues from our SaaS solutions in future quarters. Additionally, the timing of renewals or non-renewals of a contract during any quarter may only affect our financial performance in future quarters. For example, the non-renewal of a contract late in a quarter will have minimal impact on revenues from our SaaS solutions for that quarter but will reduce such revenues in future quarters. Accordingly, the effect of significant declines in sales of our solutions may not be reflected in our short-term results of operations, which would make these reported results less indicative of our future financial results. By contrast, a non-renewal occurring early in a quarter may have a significant negative impact on revenues from our SaaS solutions for that quarter and we may not be able to offset a decline in such revenues with revenues from new contracts

15


entered into in the same quarter. In addition, we may be unable to adjust our costs in response to reduced revenues from our SaaS solutions. These factors may cause significant fluctuations in our results of operations and cash flows, may make it challenging for an investor to predict our performance and may prevent us from meeting or exceeding the expectations of research analysts or investors, which in turn may cause our stock price to decline.

Our sales cycles are lengthy and variable, depend upon factors outside our control, and could cause us to expend significant time and resources prior to generating revenues.

The typical sales cycle for our solutions is lengthy and unpredictable and often requires pre-purchase evaluation by a significant number of employees in our clients’ organizations. Our sales efforts involve educating our clients about the use and benefits of our solutions, including the technical capabilities of our solutions and the potential cost savings achievable by organizations using our solutions. Potential clients typically undertake a rigorous pre-purchase decision-making and evaluation process, and sales to new clients involve extensive client due diligence and reference checks. We invest a substantial amount of time and resources in our sales efforts without any assurance that our efforts will produce sales. Even if we succeed at completing a sale, we may be unable to predict the size of an initial subscription arrangement until very late in the sales cycle.

Furthermore, our sales cycles could be disrupted by factors outside of our control, including macroeconomic factors, volatility in the financial services industry and outbreaks, epidemics, or pandemics involving public health. Remote working and widespread restrictions on travel and in-person meetings could affect and interrupt sales activity and may negatively impact our business, results of operations, or financial position. See “Risk Factors—General Risk Factors — We may be adversely affected by natural disasters, outbreaks, epidemics, or pandemics involving public health other catastrophic events and terrorism that could disrupt and harm our business, results of operations, and financial condition.

We are expanding our SaaS solutions to incorporate recent innovations in AI and these initiatives may not be successful, which may adversely affect our business, results of operations and financial condition, and may also result in reputational harm and liability.

We have an AI strategy to further expand and embed industry-specific AI throughout the Intapp Intelligent Cloud platform and our solutions to help our clients more effectively use their data to manage risk, enhance efficiency and improve operations. While we have made, and expect to continue to make, investments in the continued development of AI capabilities, adoption of fast changing AI technology presents risks, challenges and potential unintended consequences. Also, the markets for our solutions and services are rapidly evolving and are highly competitive, and many of our competitors are also seeking to incorporate AI into their products. Competing firms may be able to develop and embed AI in their products more quickly than we can. If our competitors are better able to incorporate AI in their products and we are unable to compete effectively with them, our business, results of operations and financial condition could be adversely affected. Also, while we believe that the market for AI in SaaS solutions for the professional and financial services industries is growing, if the market for AI in these solutions develops more slowly than we expect or declines, our business, results of operations and financial condition could be adversely affected. If we are unable to sell our solutions into new markets or to further penetrate existing markets, or to increase sales from existing clients by selling them additional software and services, our revenues will not grow as expected, which would have a material adverse effect on our business, financial condition, and results of operations.

Our AI capabilities include, among other things, automation, machine learning, deep learning and generative AI. Many of our products are powered by AI and machine learning, some of which include the use of large language models and generative AI. Known risks of generative AI currently include accuracy, bias, toxicity, privacy, and security and data provenance. Developing, testing and deploying AI systems may also increase the cost of our offerings. The AI capabilities of our platform and solutions could potentially have actual or perceived impacts on privacy, employment and civil rights. Our failure to adequately address legal risks relating to AI in our platform and solutions could result in litigation regarding, among other things, intellectual property, privacy, employment, civil rights and other claims that could result in liability for our company. Countries are applying their data protection laws to AI, particularly generative AI, and are considering legal frameworks on AI. The introduction of AI technologies, including generative AI, into new or existing products could result in a failure or perceived failure by the Company to comply with such legal requirements and may also result in new or increased governmental or regulatory scrutiny, which could result in regulatory action and liability. Additionally, actions taken by our clients and employees, including through the use or misuse of our products or new technologies for illegal activities or improper information sharing, may result in reputational harm or possible liability. The use of our AI capabilities could raise ethical or social

16


concerns and our failure to adequately address these concerns or the failure of our competitors, clients or other end users to do so could negatively impact our brand and reputation.

If we are unable to develop, introduce and market new and enhanced versions of our solutions, we may be put at a competitive disadvantage and our operating results could be adversely affected.

Our ability to attract new clients and increase revenues from our existing clients depends, in part, on our continued ability to enhance the functionality of the existing solutions on the Intapp Intelligent Cloud platform by developing, introducing, and marketing new and enhanced versions of our solutions that address the evolving needs of our clients and changing industry standards. Because some of our solutions are complex and require rigorous testing, development cycles can be lengthy and can require months or even years of development, depending upon the solution and other factors. As we expand internationally, our products and services must be modified and adapted to comply with regulations and other requirements of the countries in which our clients do business.

Additionally, market conditions, including heightened pressure on clients from end-users relating to mobile computing devices and speed of delivery, may dictate that we change the technology platform underlying our existing solutions or that new solutions be developed on different technology platforms, potentially adding significant time and expense to our development cycles. The nature of these development cycles may cause us to experience delays between the time we incur expenses associated with research and development and the time we generate revenues, if any, from such expenses.

If we fail to develop new solutions or enhancements to our existing solutions, our business could be adversely affected, especially if our competitors are able to introduce solutions with enhanced functionality. It is critical to our success for us to anticipate changes in technology, industry standards, regulations and client requirements and to successfully introduce new, enhanced, and competitive solutions to meet our clients’ and prospective clients’ needs on a timely basis. It is critical to our success for us to anticipate changes in technology, industry standards, and client requirements and to successfully introduce new, enhanced, and competitive solutions to meet our clients’ and prospective clients’ needs on a timely basis. We have invested and intend to continue to make significant investments in research and development to meet these challenges. However, we may not recognize significant revenues from these investments for several months or years, if at all. Our estimates of research and development expenses may be too low, revenues may not be sufficient to support the future product development that is required for us to remain competitive and development cycles may be longer than anticipated. Further, there is no assurance that research and development expenditures will lead to successful solutions or enhancements to our existing solutions, or that our clients will value or be willing to bear the cost of our new solutions. If we incur significant expenses developing solutions that are not competitive in technology and price or that fail to meet client demands, our market share will decline and our business and results of operations would be harmed.

If we are unable to develop or sell our solutions into new markets or to further penetrate existing markets, our revenues will not grow as expected and our operating results could be adversely affected.

Our ability to increase revenues will depend, in large part, on our ability to further penetrate our existing markets and to attract new clients, as well as our ability to generate subscription renewals from existing clients and to increase sales from existing clients who do not utilize the full Intapp Intelligent Cloud platform. The success of any enhancement or new solution or service depends on several factors, including the timely completion, introduction and market acceptance of enhanced or new solutions, adaptation to new industry standards that our solutions address and technological changes, the ability to maintain and to develop relationships with third parties and the ability to attract, retain and effectively train sales, services, support and marketing personnel. Any new solutions we develop or acquire may not be introduced in a timely or cost-effective manner and may not achieve the market acceptance necessary to generate significant revenues. Any new industry standards or practices that emerge, or any introduction by competitors of new solutions embodying new services or technologies, may cause our solutions to become obsolete. Any new markets in which we attempt to sell our solutions, including new countries or regions, may not be receptive or sales cycles may be delayed due to outbreaks, epidemics, or pandemics involving public health, political instabilities and the global economic downturn. Additionally, any expansion into new markets will require commensurate ongoing expansion of our monitoring of local laws and regulations, which increases our costs. Our ability to further penetrate our existing markets depends on the quality of our solutions and our ability to design our solutions to meet changing consumer demands and industry standards, as well as our ability to assure that our clients will be satisfied with our existing and new solutions. If we are unable to sell our solutions into new markets or to further penetrate existing markets, or to increase sales from existing clients by selling them additional software and services, our revenues will not grow as expected, which would have a material adverse effect on our business, financial condition, and results of operations.

17


We compete in highly competitive markets, and if we do not compete effectively, our business, results of operations, and financial condition could be negatively impacted and cause our market share to decline.

The markets for our solutions and services are rapidly evolving and highly competitive. As these markets continue to mature and new technologies and competitors enter such markets, we expect competition to intensify. Our current competitors include large solution providers that focus on one or more point solutions, legacy systems, and manual processes developed by or for our clients, new or emerging entrants seeking to develop competing technologies, including those with AI and generative AI capabilities, and well-established horizontal solution providers that provide broad solutions across multiple verticals. Our current competitors include large solution providers that focus on one or more point solutions, legacy systems, and manual processes developed by or for our clients, new or emerging entrants seeking to develop competing technologies and well-established horizontal solution providers that provide broad solutions across multiple verticals. Specifically, we compete from time to time with large software companies such as SAP and Salesforce. The competitors we face in any sale may change depending on, among other things, the line of business, functional or regional group or department purchasing the solution, the solution being sold, the geography in which we are operating and the size of the client to which we are selling.

We compete based on various factors, including unique product features or functions, configurability, price and the time and cost required for software implementation. Outside of the United States, we are more likely to compete against vendors that may further differentiate themselves based on local advantages in language or market knowledge. Some of our current and potential competitors may have longer operating histories and greater financial, technical, sales, marketing, and other resources than we do, as well as larger installed client bases. Our current and potential competitors may also establish cooperative relationships or engage in other strategic transactions among themselves or with third parties, including our clients, to further enhance their resources and offerings. As a result, such competitors may be able to devote greater resources to the development, promotion, and sale of their solutions than we can devote to ours, which could allow them to respond more quickly than we can to new or emerging technologies and changes in client needs, thus leading to their wider market acceptance. Existing relationships with our competitors may make those clients less willing to purchase our solutions. For instance, if a potential client uses one product from a competitor that powers a critical element of the client’s day-to-day operations, they may be more likely to turn to such competitor in the future to the extent they require further product solutions, rather than purchasing one or more solutions from the Intapp Intelligent Cloud platform. If we are unable to compete effectively with these evolving competitors for market share, our business, results of operations, and financial condition would be materially and adversely affected.

Our industry is evolving rapidly and we anticipate the market for solutions will become increasingly competitive as our current and potential clients move a greater proportion of their data and computational needs to the cloud or to future generation technologies. New competitors may emerge that offer services either comparable or better suited than ours to address the demand for such solutions, which could reduce demand for our offerings. Continuing intense competition could result in increased pricing pressure, increased sales and marketing expenses, increased expenses associated with personnel and third-party services and greater investments in research and development, each of which could negatively impact our profitability. In addition, the failure to increase, or the loss of, market share, would harm our business, results of operations, financial condition, and/or future prospects.

18


If the market for SaaS solutions for professional and financial services develops slower than we expect or declines, it could have a material adverse effect on our business, financial condition and results of operations.

While the market for SaaS solutions for the professional and financial services industry is growing, it is uncertain whether our SaaS solutions will achieve and sustain high levels of client demand and market acceptance, particularly in the professional and financial services industry. Many professional and financial services firms use on-premises software applications, including some who have invested substantial resources to integrate a variety of point solutions into their organizations to address one or more specific business needs and, therefore, may be reluctant to switch to SaaS solutions. Our success substantially depends on the adoption of cloud computing and SaaS solutions in the professional and financial services industry, which may be affected by, among other things, the widespread acceptance of cloud computing and SaaS solutions in other industries and in general. Market acceptance of our SaaS solutions may be affected by a variety of factors, including but not limited to: price, security, reliability, performance, client preference, public concerns regarding privacy and the enactment of restrictive laws or regulations. It is difficult to predict client adoption rates and demand for our SaaS solutions, the future growth rate and size of the cloud computing market or the entry of other competitive applications. If we or other providers of cloud-based computing in general, and in the professional and financial services industry in particular, experience security incidents, loss of client data, disruptions in delivery, or other problems, the market for cloud computing applications as a whole, including our SaaS solutions, may be negatively affected. If there is a reduction in demand for cloud computing caused by a lack of client acceptance, technological challenges, weakening economic conditions, security or privacy concerns, competing technologies and solutions, reductions in corporate spending or otherwise, it could have a material adverse effect on our business, financial condition, and results of operations.

We may continue to expand through acquisitions or partnerships with other companies, which may divert our management’s attention and result in unexpected operating and technology integration difficulties, increased costs, and dilution to our stockholders.

We expect to continue to grow, in part, by making targeted acquisitions. Our business strategy includes the potential acquisition of shares or assets of, or alliances with companies with software, technologies or businesses complementary to ours, both domestically and globally. For example, in fiscal year 2024, we acquired delphai, an AI software company specializing in applied AI for firmographic data automation, structuring and intelligence, and TDI, a software and professional services provider and a reseller of Intapp’s products. Acquisitions and alliances may result in unforeseen operating difficulties and expenditures and may not result in the benefits anticipated by such corporate activity.

In particular, we may fail to assimilate or integrate the businesses, technologies, services, products, personnel or operations of the acquired companies, retain key personnel necessary to favorably execute the combined companies’ business plan, or retain existing clients or sell acquired products to new clients. Additionally, the assumptions we use to evaluate acquisition opportunities may not prove to be accurate, and intended benefits may not be realized. Our due diligence investigations may fail to identify all of the problems, liabilities or other challenges associated with an acquired business which could result in increased risk of unanticipated or unknown issues or liabilities, including with respect to privacy, environmental, competition and other regulatory matters, and our mitigation strategies for such risks that are identified may not be effective. As a result, we may not achieve some or any of the benefits, including anticipated synergies or accretion to earnings, that we expect to achieve in connection with our acquisitions, or we may not accurately anticipate the fixed and other costs associated with such acquisitions, or the business may not achieve the performance we anticipated, which may materially adversely affect our business, prospects, financial condition, results of operations, and cash flows, as well as our stock price. Further, if we fail to achieve the expected synergies from our acquisitions and alliances, particularly if business performance declines or expected growth is not realized, we may experience impairment charges with respect to goodwill, intangible or other long-lived assets. Any future impairment of our goodwill or intangible or other long-lived assets could have an adverse effect on our financial condition and results of operations.

19


Acquisitions and alliances may also disrupt our ongoing business, divert our resources and require significant management attention that would otherwise be available for ongoing development of our current business. In addition, we may be required to make additional capital investments or undertake remediation efforts to ensure the success of our acquisitions, which may reduce the benefits of such acquisitions. We also may be required to use a substantial amount of our cash or issue debt or equity securities to complete an acquisition or realize the potential of an alliance, which could deplete our cash reserves and/or dilute our existing stockholders. In addition, our ability to maintain favorable pricing of new solutions may be challenging if we bundle such solutions with sales of existing solutions. Reduced pricing due to bundled sales may cause fluctuations in our quarterly financial results, may adversely affect our operating margins and may reduce the benefits of such acquisitions or alliances.

Additionally, competition within the software industry for acquisitions of businesses, technologies and assets has been, and is expected to continue to be, intense. As such, even if we are able to identify an acquisition that we would like to pursue, the target may be acquired by another strategic buyer or financial buyer such as a private equity firm, or we may otherwise not be able to complete the acquisition on commercially reasonable terms, if at all. Moreover, in addition to our failure to realize the anticipated benefits of any acquisition, including our revenues or return on investment assumptions, we may be exposed to unknown liabilities or impairment charges as a result of acquisitions we do complete.

If we fail to effectively manage our growth, our business and results of operations could be harmed.

We have experienced, and may continue to experience, rapid growth, which has placed, and may continue to place, significant demands on our management and our operational and financial resources. We operate globally, sell our services to more than 2,550 clients in more than 55 countries, and have employees and contractors in the Americas, Europe and Asia Pacific. We plan to continue to expand our international presence in the future, which will place additional demands on our resources and operations. Additionally, we continue to increase the breadth and scope of our Intapp Intelligent Cloud platform and our operations and continue to develop our partner network. Additionally, we continue to increase the breadth and scope of our Intapp platform and our operations and continue to develop our partner network. In order to successfully manage our future growth, we will need to continue to add and retain qualified personnel across our operations, improve our IT and financial infrastructures, our operating and administrative systems, and our ability to manage headcount, capital, and internal processes in an efficient manner and deepen our industry experience in key industry verticals. Our organizational structure is also becoming more complex as we grow our operational, financial, and management infrastructure and we must continue to improve our internal control over financial reporting as well as our disclosure systems and procedures. We intend to continue to invest to expand our business, including investing in technology, sales and marketing operations, developing new solutions and features for our existing solutions, hiring additional personnel, and upgrading our infrastructure. These investments will require significant capital expenditures and may divert management and financial resources from other projects, such as the development of new solutions, and any investments we make will occur in advance of experiencing the benefits from such investments, making it difficult to determine in a timely manner if we are efficiently allocating our resources. We continue to assess our facilities requirements and may deem it advisable in the near-term or later to add new offices or downsize certain of our offices in order to reduce costs, which may cause us to incur related charges. For example, during fiscal year 2024, we entered into a lease agreement to lease office space in New York, New York for a term ending in February 2030. Also, during fiscal year 2023, we exited a portion of our space in Palo Alto, California and recorded a net charge of $1.6 million in connection with the impairment of the related operating lease right-of-use asset and the reassessment of the lease liability. As we continue to evaluate our real estate needs, we may incur additional charges in the future in connection with exit activities. If we do not achieve the benefits anticipated from these investments, or if the achievement of these benefits is delayed, our results of operations may be adversely affected.

Our solutions address functions within the heavily regulated professional and financial services industry, and our clients’ failure to comply with applicable laws and regulations could subject us to litigation.

We sell our solutions to clients within the professional and financial services industry. Our clients use our solutions for business activities that are subject to a number of laws and regulations, including state and local legal, accounting, and other types of professional ethics rules. Any failure by our clients to comply with laws and regulations applicable to their businesses, and in particular to the functions for which our solutions are used, could result in fines, penalties or claims for substantial damages against our clients. To the extent our clients believe that such failures were caused by our solutions or our client service organization, our clients may make a claim for damages against us, regardless of whether we are responsible for the failure. We may be subject to lawsuits that, even if unsuccessful,

20


could divert our resources and our management’s attention and adversely affect our business, and our insurance coverage may exclude coverage for some claims or may not be sufficient to cover such claims against us.

Our solutions or pricing models may not accurately reflect the optimal pricing necessary to attract new clients and retain existing clients as the market matures.

As the market for our solutions matures, or as competitors introduce new solutions that compete with ours, we may be unable to attract new clients at the same price or based on the same pricing models as we have used historically. We price our solutions based on an enterprise size basis with enterprise-wide access to our solutions or based on the number of individual users, and therefore, pricing decisions may also impact the mix of adoption among our subscription plans and negatively impact our overall revenues. Further, pricing pressures and increased competition generally could result in reduced sales, reduced margins, losses, or the failure of our products to achieve or maintain more widespread market acceptance, any of which could harm our business, results of operations, and financial condition. In the future, we may be required to reduce our prices or develop new pricing models, which could adversely affect our revenues, gross margin, profitability, financial position, and cash flow.

Our loan and security agreement provides our lender with a first-priority lien against substantially all of our assets and contains restrictive covenants which could limit our operational flexibility and otherwise adversely affect our financial condition.

Our loan and security agreement under our revolving credit facility contains a number of covenants that limit our ability to incur debt, grant liens, make acquisitions, undergo a change in control, make investments, make certain dividends or distributions, repurchase or redeem stock, dispose of or transfer assets, and enter into transactions with affiliates. Our loan and security agreement is secured by substantially all of our assets. The terms of our loan and security agreement may restrict our current and future operations and could adversely affect our ability to finance our future operations or capital needs or to execute preferred business strategies. In addition, complying with these covenants may make it more difficult for us to successfully execute our business strategy and compete against companies who are not subject to such restrictions. Additionally, our obligations to repay principal and interest on our indebtedness make us vulnerable to economic or market downturns. As of August 26, 2024, we had no outstanding loan balance under this facility. As of September 7, 2023, we had no outstanding loan balance under this facility.

Our failure to comply with the covenants or payment requirements, or other events specified in our loan and security agreement, could result in an event of default and our lender may accelerate our obligations under our loan and security agreement and foreclose upon the collateral, or we may be forced to sell assets, restructure our indebtedness, or seek additional equity capital, which would dilute our stockholders’ interests. Our failure to comply with any covenant could result in an event of default under the agreement and the lender could make the entire debt immediately due and payable. If this occurs, we might not be able to repay our debt or borrow sufficient funds to refinance it. Even if new financing is available, it may not be on terms that are acceptable to us. Any of the foregoing could adversely affect our business, financial condition, or results of operations.

Failure of any of our established solutions to satisfy client demands or to maintain market acceptance would harm our business, results of operations, financial condition, and growth prospects.

We derive our revenues and cash flows from our established solutions. We expect to continue to derive a substantial portion of our revenues from these sources. As such, continued market acceptance of these solutions is critical to our growth and success. Demand for our solutions is affected by a number of factors, some of which are beyond our control, including the successful implementation of our solutions, the timing of development and release of new solutions by us and our competitors, technological advances which reduce the appeal of our solutions, changes in regulations that our clients must comply with in the jurisdictions in which they operate and the growth or contraction in the worldwide market for technological solutions for the professional and financial services industry. If we are unable to continue to meet client demands, to achieve and maintain a technological advantage over competitors, or to maintain market acceptance of our solutions, our business, results of operations, financial condition, and growth prospects would be adversely affected.

21


Our ability to sell and renew our solutions is dependent in part on the quality of our implementation services and technical support services and the implementation services provided by our partners, and our failure to offer high-quality implementation services or technical support services or our partners’ failure to offering high-quality implementation services could damage our reputation and adversely affect our ability to sell our solutions to new clients and renew agreements with our existing clients.

Our solutions are complex and are used in a wide variety of environments. Our revenues and profitability depend in part on the reliability and performance of our implementation services, training services and technical support services, some of which are provided through partners that can provide services for our solutions to clients. If our implementation services are unavailable, or clients are dissatisfied with our or our partners’ performance, we could lose clients, our revenues and profitability would decrease and our business operations or financial position could be harmed. Additionally, if our solutions are not used correctly or as intended, inadequate performance may result. Because our clients rely on our solutions to manage a wide range of operations, our failure to properly train clients on how to efficiently and effectively use our solutions, may result in negative publicity or legal claims against us. As we grow internationally, we may face additional challenges and costs in delivering implementation services and training in languages other than English.

Unexpected delays and difficulties can occur as clients implement and test our solutions. Implementing our solutions typically involves integration with our clients’ and third-party’s systems, as well as adding client and third-party data to our platform. This can be complex, time consuming, and expensive for our clients and can result in delays in the implementation of our solutions. We also provide our clients with upfront estimates regarding the duration, resources and costs associated with the implementation of our solutions. Failure to meet these upfront estimates and the expectations of our clients for the implementation of our solutions could result in a loss of clients and negative publicity about us and our solutions and implementation services. Such failure could result from deficiencies in our solution capabilities or inadequate professional service engagements performed by us, our partners or our clients’ employees, the latter two of which are beyond our direct control. Time-consuming implementations may also increase the amount of services personnel we must allocate to each client, thereby increasing our costs and consequently the cost to our clients and adversely affecting our business, results of operations, and financial condition.

Once our solutions are implemented and integrated with our clients’ existing IT investments and data, our clients may depend on our technical support services to resolve any issues relating to our solutions. High-quality support is critical for the continued successful marketing and sale of our solutions and renewal of contracts. In addition, as we continue to expand our operations internationally, our support organization will face additional challenges, including those associated with delivering support in languages other than English. Many enterprise clients require higher levels of support than smaller clients. If we fail to meet the requirements of our larger clients, it may be more difficult to sell additional solutions and implementation services to these clients, a key group for the growth of our revenues and profitability. The implementation, provision and support of our solutions also creates the risk of significant liability claims against us. Our subscription arrangements with our clients contain provisions designed to limit our exposure to potential liability claims. It is possible, however, that the limitation of liability provisions contained in such agreements may not be enforced as a result of international, federal, state and local laws or ordinances or unfavorable judicial decisions. Breach of warranty or damage liability, or injunctive relief resulting from such claims, could harm our results of operations and financial condition.

In addition, as we further expand our solutions, our implementation services and support organization will face new challenges, including hiring, training and integrating a large number of new implementation services personnel with experience in delivering high-quality support for our solutions. Alleviating any of these problems could require significant expenditures which could adversely affect our results of operations and growth prospects. Further, as we continue to rely on our partners to provide implementation and on-going services, our ability to ensure a high level of quality in addressing client issues will be diminished. If our partners fail to meet such commitments or do not commit sufficient or qualified resources to these activities, our clients will be less satisfied, be less supportive with references, or may require the investment of our resources at discounted rates.

Our sales are dependent on our business reputation and on positive recommendations from our existing clients. Accordingly, if we or our partners do not effectively assist our clients in implementing our solutions, train our clients in the use of our solutions, succeed in helping our clients quickly resolve post-implementation issues, our ability to sell additional solutions and implementation services to existing clients would be adversely affected and our reputation with potential clients could be damaged, which could have a material adverse effect on our business, results of operations, financial condition, and growth prospects.

22


Real or perceived errors or failures in our solutions may affect our reputation, cause us to lose clients and reduce sales which may harm our business and results of operations.

As with all software solutions, undetected errors or failures may exist or occur, especially when solutions are first introduced or when new versions are released, implemented or integrated into other systems. Our software solutions are often installed and used in large-scale computing environments with different third party applications operating systems, system management software and equipment and networking configurations, which may cause errors or failures in our solutions or may expose undetected errors, failures, or bugs in our solutions. Despite testing by us, we may not identify all errors, failures, or bugs in new solutions or releases until after commencement of commercial sales or installation. In the past, we have discovered errors, failures, and bugs in some of our solutions after their introduction. We may not be able to fix errors, failures, and bugs without incurring significant costs or an adverse impact to our business. We believe that our reputation and name recognition are critical factors in our ability to compete and generate additional sales. Promotion and enhancement of our name will depend largely on our success in continuing to provide effective solutions and services. The occurrence of errors in our solutions or the detection of bugs by our clients may damage our reputation in the market and our relationships with our existing clients, and as a result, we may be unable to attract or retain clients. Any of these events may result in the loss of, or delay in, market acceptance of our solutions, which could seriously harm our sales, results of operations, and financial condition.

Changes in laws, regulations, or guidance issued by supervisory authorities relating to privacy or the protection or transfer of personal data, or any actual or perceived failure by us to comply with such laws, regulations, or guidance, could adversely affect our business and could subject us to liability, fines and reputational harm.

Data protection and privacy legislation, enforcement and policy activity are rapidly expanding in the United States and around the world and creating a complex compliance environment and the potential for high profile negative publicity in the event of any noncompliance or data breach. We are subject to many privacy and data protection laws and regulations in the United States and around the world, some of which place restrictions on our ability to process and store personal data across our business. For example, in Europe Regulation (EU) 2016/679 (GDPR) imposes requirements relating to, among other things, consent to process personal data of individuals, the information provided to individuals regarding the processing of their personal data, rights which may be exercised by individuals, the security and confidentiality of personal data, and notifications in the event of data breaches and use of third-party processors. The GDPR imposes substantial fines for breaches of data protection requirements, which can be up to four percent of the worldwide revenues or 20 million Euros, whichever is greater. Despite the UK’s exit from the EU, the UK still also has laws equivalent to the GDPR/EU data protection laws. We may experience hesitancy, reluctance, or refusal by European or multi-national clients to continue to use some of our services due to the potential risk exposure of personal data transfers and the current data protection obligations imposed on them by certain data protection authorities. We may also experience hesitancy, reluctance, or refusal by European or multi-national clients to continue to use some of our services due to the potential risk exposure of personal data transfers and the current data protection obligations imposed on them by certain data protection authorities. Such clients may also view any alternative approaches to the transfer of any personal data as being too costly, too burdensome, or otherwise objectionable, and therefore may decide not to do business with us if the transfer of personal data is a necessity or may require that our employees who are providing services to them be based in the European Union/UK which could increase our costs in providing such services. Such clients may also view any alternative approaches to the transfer of any personal data as being too costly, too burdensome, or otherwise objectionable, and therefore may decide not to do business with us if the transfer of personal data is a necessary requirement. Uncertainty about compliance with the GDPR and EU data protection laws remains, with the possibilities that data protection authorities located in different EU Member States may interpret GDPR differently, or requirements of national laws may vary between the EU Member States, or guidance on GDPR and compliance practices may be often updated or otherwise revised. Any of these events will increase the complexity and costs of processing personal data in the UK or European Economic Area or concerning individuals located in the UK or European Economic Area (“EEA”). Any of these events will increase the complexity and costs of processing personal data in the European Economic Area or concerning individuals located in the European Economic Area.

Under GDPR, transfers of personal data to countries outside of the European Economic Area that have not been determined by the European Commission to provide adequate protections for personal data, including the United States, are prohibited unless certain transfer mechanisms are used. Switzerland and the UK have similar restrictions. Switzerland has similar restrictions. However, such mechanisms are subject to consistent scrutiny and challenge. A decision of the Court of Justice of the European Union in July 2020 invalidated the EU-US Privacy Shield Framework, a means that previously permitted transfers of personal data from the EEA to companies in the United States that certified adherence to the Privacy Shield Framework. For example, a decision of the Court of Justice of the European Union in July 2020 invalidated the EU-US Privacy Shield Framework, a means that previously permitted transfers of personal data from the EEA to companies in the United States that certified adherence to the Privacy Shield Framework. While the United States and EU have put in place a new framework to replace the Privacy Shield Framework, the EU-US Data Privacy Framework, this framework is already subject to challenge in the Court of Justice of the European Union, so there can be no assurance that it will not be invalidated, repealed or otherwise modified in the future. There are also Swiss and UK extensions to the EU-US Data Privacy Framework. In addition, that same Court of Justice of the European Union decision also cast doubt on the use of a prior form of standard contractual clauses that are the other commonly used mechanism to transfer personal data outside of the EEA/UK. In the UK and

23


the EEA, there are now updated form versions of standard contractual clauses and a need to conduct a transfer risk assessment in accordance with applicable guidance. With respect to personal data transfers from the EU to the UK and UK to the EU, there are adequacy decisions in place meaning personal data can transfer freely for the time being. Given the consistent scrutiny and challenge to data transfers, further changes to how data transfers to and from the European Union and other jurisdictions are regulated could impact how we provide services to our clients in relevant jurisdictions.

The CCPA imposes requirements relating to how companies may collect, use and process personal information relating to California residents. The CCPA establishes a privacy framework for covered businesses such as ours by, among other things, creating an expanded definition of personal information, establishing new data privacy rights for California residents and creating a new and potentially severe statutory damages framework for violations of the CCPA, as well as potentially severe statutory damages and private a right of action against businesses that suffer a data security breach due to their violation of a duty to implement reasonable security procedures and practices. This private right of action may increase the likelihood of, and risks associated with, data breach litigation. In addition, in November 2020, California voters adopted the CPRA, which enhances and strengthens regulatory requirements and individual protections that currently exist under the CCPA. In addition, in November 2020, California voters adopted the CPRA, which became effective January 1, 2023 and under which enforcement has been delayed until March 29, 2024, and enhances and strengthens regulatory requirements and individual protections that currently exist under the CCPA. Numerous other states have enacted or are considering enacting similar privacy laws, further complicating our privacy compliance obligations through the introduction of increasingly disparate requirements across the various U.S. jurisdictions in which we operate. Congress is also considering legislation that may preempt some or all of such U.S. state privacy laws, but which may also provide a more expansive private right of action for privacy claims than exists under current state laws. Further, privacy class actions in the United States are on the rise, with cases being filed based on pre-digital age state and federal laws. The evolving complexity of privacy and data security legislation in the United States may complicate our compliance efforts and further increase our risk of regulatory enforcement, penalties and litigation. The uncertainty and changes in the requirements of California and other jurisdictions, including potential federal legislation regarding data privacy that may impose requirements and potentially preempt state data privacy rules, may increase the cost of compliance, restrict our ability to offer services in certain locations or subject us to sanctions by national, regional, state, local and international data protection regulators, all of which could harm our business, results of operations or financial condition.

Although we take reasonable efforts to comply with all applicable laws and regulations and have invested and continue to invest human and technology resources into data privacy compliance efforts, there can be no assurance that we will not be subject to regulatory action, including fines, in the event of an incident or other claim. Data protection laws and requirements may also be enacted, interpreted or applied in a manner that creates inconsistent or contradictory requirements on companies that operate across jurisdictions. We or our third-party service providers could be adversely affected if legislation or regulations are expanded to require changes in our or our third-party service providers’ business practices or if governing jurisdictions interpret or implement their legislation or regulations in ways that negatively affect our or our third-party service providers’ business, results of operations or financial condition. For example, we may find it necessary to establish alternative systems to maintain personal data originating from the European Union in the European Economic Area, which may involve substantial expense and may cause us to divert resources from other aspects of our business, all of which may adversely affect our results from operations. Data protection legislation, regulatory and contractual requirements could hamper our ability to use data to train our artificial intelligence algorithms. Further, any inability to adequately address privacy concerns in connection with our solutions, or comply with applicable privacy or data protection laws, regulations and policies, could result in additional cost and liability to us, and adversely affect our ability to offer our solutions. Further, countries are applying their data protection laws to AI, and particularly generative AI, and are considering legal frameworks on AI. Any failure or perceived failure by the Company to comply with such requirements could have an adverse impact on our business.

Anticipated further evolution of regulations on this topic may substantially increase the penalties to which we could be subject in the event of any non-compliance. Compliance with these laws is challenging, constantly evolving, and time consuming and federal regulators, state attorneys general and plaintiff’s attorneys have been and will likely continue to be active in this space. We may incur substantial expense in complying with legal obligations to be imposed by new regulations and we may be required to make significant changes to our solutions and expanding business operations, all of which may adversely affect our results of operations.

24


Assertions against us, by third parties alleging infringement or other violation of their intellectual property rights, could result in significant costs and substantially harm our business and results of operations.

The software industry is characterized by the existence of a large number of patents and frequent claims and related litigation regarding patents and other intellectual property rights. In particular, leading companies in the software industry own large numbers of patents, copyrights, trademarks, and trade secrets, which they may use to assert claims against us. From time to time, third parties holding such intellectual property rights, including leading companies, competitors, patent holding companies, and/or non-practicing entities, may assert patent, copyright, trademark or other intellectual property claims against us, our clients, and partners, and those from whom we license technology and intellectual property.

Although we believe that our solutions do not infringe upon the intellectual property rights of third parties, we cannot assure that third parties will not assert infringement or misappropriation claims against us with respect to current or future solutions, or that any such assertions will not require us to enter into royalty arrangements or result in costly litigation, or result in us being unable to use certain intellectual property. Infringement assertions from third parties may involve patent holding companies or other patent owners who have no relevant product revenues, and therefore our own issued and pending patents may provide little or no deterrence to these patent owners in bringing intellectual property rights claims against us. The intellectual property ownership and license rights, including without limitation copyright, surrounding AI technologies generally, and generative AI technologies specifically, has not been fully addressed by courts or applicable laws or regulations. Further, the use or adoption of third-party AI technologies, including generative AI technologies, into our products and services may result in exposure to claims of copyright infringement or other intellectual property-related causes of action.

If we are forced to defend against any infringement or misappropriation claims, whether they are with or without merit, are settled out of court, or are determined in our favor, we may be required to expend significant time and financial resources on the defense of such claims. Regardless of the merits or eventual outcome, such a claim could harm our brand and business. Furthermore, an adverse outcome of a dispute may require us to pay damages, potentially including treble damages and attorneys’ fees, if we are found to have willfully infringed a party’s intellectual property; cease making, licensing or using our solutions that are alleged to infringe or misappropriate the intellectual property of others; expend additional development resources to redesign our solutions; enter into potentially unfavorable royalty or license agreements in order to obtain the right to use necessary technologies or works; and indemnify our partners, clients and other third parties. Any of these events could seriously harm our business, results of operations, and financial condition.

Failure to protect our intellectual property could substantially harm our business and results of operations.

Our success depends in part on our ability to enforce and defend our intellectual property rights. We rely upon a combination of trademark, trade secret, copyright, patent, and unfair competition laws, as well as license agreements and other contractual provisions, to do so.

In the future we may file patent applications related to certain of our innovations. We do not know whether those patent applications will result in the issuance of a patent or whether the examination process will require us to narrow our claims. In addition, we may not receive competitive advantages from the rights granted under our patents and other intellectual property. Our existing patents and any patents granted to us or that we otherwise acquire in the future, may be contested, circumvented or invalidated, and we may not be able to prevent third parties from infringing these patents. Therefore, the extent of the protection afforded by these patents cannot be predicted with certainty. In addition, given the costs, effort, risks, and downside of obtaining patent protection, including the requirement to ultimately disclose the invention to the public, we may choose not to seek patent protection for certain innovations; however, such patent protection could later prove to be important to our business.

We also rely on several registered and unregistered trademarks to protect our brand. Nevertheless, competitors may adopt service names similar to ours, or purchase our trademarks and confusingly similar terms as keywords in Internet search engine advertising programs, thereby impeding our ability to build brand identity and possibly leading to confusion in the marketplace. In addition, there could be potential trade name or trademark infringement claims brought by owners of other registered trademarks or trademarks that incorporate variations of our trademarks. Any claims or client confusion related to our trademarks could damage our reputation and brand and substantially harm our business and results of operations.

25


We attempt to protect our intellectual property, technology and confidential information by generally requiring our employees and consultants to enter into confidentiality and assignment of inventions agreements and third parties to enter into nondisclosure agreements, all of which offer only limited protection. These agreements may not effectively prevent unauthorized use or disclosure of our confidential information, intellectual property, or technology and may not provide an adequate remedy in the event of unauthorized use or disclosure of our confidential information, intellectual property or technology. Despite our efforts to protect our confidential information, intellectual property, and technology, unauthorized third parties may gain access to our confidential proprietary information, develop and market solutions similar to ours, or use trademarks similar to ours, any of which could materially harm our business and results of operations. In addition, others may independently discover our trade secrets and confidential information, and in such cases, we could not assert any trade secret rights against such parties. Existing United States federal, state and international intellectual property laws offer only limited protection. The laws of some foreign countries do not protect our intellectual property rights to as great an extent as the laws of the United States, and many foreign countries do not enforce these laws as diligently as governmental agencies and private parties in the United States. Moreover, policing our intellectual property rights is difficult, costly and may not always be effective. In addition, the availability of copyright protection and other legal protections for intellectual property generated by certain new technologies, such as generative AI, is uncertain. The use of generative AI and other forms of AI may expose us to risks because the intellectual property ownership and license rights, including copyright, of generative and other AI output has not been fully settled in the United States or abroad.

From time to time, legal action by us may be necessary to enforce our patents and other intellectual property rights, to protect our trade secrets, to determine the validity and scope of the intellectual property rights of others or to defend against claims of infringement or invalidity. Even if we are successful in defending our claims, litigation could result in substantial costs and diversion of resources and could negatively affect our business, reputation, results of operations, and financial condition. To the extent that we seek to enforce our rights, we could be subject to claims that an intellectual property right is invalid, otherwise not enforceable, or is licensed to the party against whom we are pursuing a claim. In addition, our assertion of intellectual property rights may result in the other party seeking to assert alleged intellectual property rights or assert other claims against us, which could harm our business. If we are not successful in defending such claims in litigation, we may not be able to sell or license a particular solution due to an injunction, or we may have to pay damages that could, in turn, harm our results of operations. In addition, governments may adopt regulations, or courts may render decisions, requiring compulsory licensing of intellectual property to others, or governments may require that products meet specified standards that serve to favor local companies. Our inability to enforce our intellectual property rights under these circumstances may harm our competitive position and our business. If we are unable to protect our technology and to adequately maintain and protect our intellectual property rights, we may find ourselves at a competitive disadvantage to others who need not incur the additional expense, time and effort required to create the innovative solutions that have enabled us to be successful to date.

We and our clients rely on technology and intellectual property of third parties, and any errors or defects in, or any unavailability of, such technology and intellectual property could limit the functionality of our solutions and disrupt our business.

We use technology and intellectual property licensed from unaffiliated third parties internally and in certain of our solutions, and we may license additional third-party technology and intellectual property in the future. We have experienced, and may continue to experience, errors or defects in this third-party technology and intellectual property that result in errors that could harm our brand and business. In addition, licensed technology and intellectual property may not continue to be available on commercially reasonable terms, or at all. The loss of the right to license and distribute this third-party technology could limit the functionality of our solutions and might require us to redesign our solutions. In some cases, we receive subscription fees from the provision of such third-party technology to our clients, and the loss of the right to distribute such technology could negatively impact revenues.

26


We agree to indemnify clients and other third parties, which exposes us to substantial potential liability.

Our agreements with clients, suppliers, partners and other third parties may include indemnification or other provisions under which we agree to indemnify or otherwise be liable to them for losses suffered or incurred as a result of claims of intellectual property infringement, damages caused by us to property or persons, and other liabilities relating to or arising from our software, services, acts or omissions. The term of these contractual provisions often survives termination or expiration of the applicable agreement. Large indemnity payments or damage claims from contractual breach could harm our business, results of operations, and financial condition. Although in some cases we contractually limit our liability with respect to such obligations, we do not always do so, and in the future we may still incur substantial liability related to them. Any dispute with a client with respect to such obligations could have adverse effects on our relationship with that client and other current and prospective clients, reduce demand for our solutions, and harm our business, results of operations, and financial condition.

If we fail to maintain an effective system of internal controls, our ability to produce timely and accurate financial statements or comply with applicable regulations could be impaired.

As a public company we are subject to various requirements pursuant to the Sarbanes-Oxley Act, the Dodd-Frank Wall Street Reform and Consumer Protection Act, the rules of the SEC, the listing requirements of the Nasdaq Global Select Market, and other applicable securities rules and regulations, including requirements relating to disclosure controls and procedures, internal control over financial reporting and corporate governance practices. The Sarbanes-Oxley Act requires, among other things, that we maintain effective disclosure controls and procedures and internal control over financial reporting. Our disclosure controls and other procedures are designed to ensure that information required to be disclosed by us in the reports that we file with the SEC is recorded, processed, summarized, and reported within the time periods specified in SEC rules and forms and that information required to be disclosed in reports under the Exchange Act is accumulated and communicated to our principal executive and financial officers. In order to maintain and improve the effectiveness of our disclosure controls and procedures and internal control over financial reporting, we have expended, and anticipate that we will continue to expend, significant resources, including accounting-related costs and significant management oversight.

Our current controls and any new controls that we develop may become inadequate because of changes in conditions in our business. Further, weaknesses in our disclosure controls and internal control over financial reporting may be discovered in the future. Any failure to develop or maintain effective controls or any difficulties encountered in their implementation or improvement could harm our results of operations or cause us to fail to meet our reporting obligations and may result in a restatement of our financial statements for prior periods. Ineffective disclosure controls and procedures and internal control over financial reporting could also cause investors to lose confidence in our reported financial and other information, which could have a negative effect on the trading price of our common stock. In addition, if we are unable to continue to meet these requirements, we may not be able to remain listed on Nasdaq.

We are required to comply with the SEC rules that implement Section 404 of the Sarbanes-Oxley Act and are required to provide an annual management report on, among other things, the effectiveness of our internal control over financial reporting, as well as a statement that our independent registered public accounting firm has issued an opinion on our internal control over financial reporting. We expect to continue to incur significant expenses and to continue to devote substantial management effort toward ensuring compliance with the auditor attestation requirements of Section 404 of the Sarbanes-Oxley Act. We expect to incur significant expenses and devote substantial management effort in the future toward ensuring compliance with the auditor attestation requirements of Section 404 of the Sarbanes-Oxley Act, once applicable. We may in the future, identify deficiencies and be unable to remediate them before we must provide the required reports. Furthermore, if we have a material weakness in our internal control over financial reporting, we may not detect errors on a timely basis and our financial statements may be materially misstated. If we are unable to assert that our internal control over financial reporting is effective, or if our independent registered public accounting firm is unable to express an unqualified opinion on the effectiveness of our internal control, including as a result of any identified material weakness, we could lose investor confidence in the accuracy and completeness of our financial reports which could cause a decline in the price of our common stock. In addition, changing laws, regulations, and standards relating to corporate governance and public disclosure, including those related to executive compensation, human capital, climate change, and other ESG-focused disclosures, may result in increased general and administrative expenses and a diversion of management's time and attention from revenue-generating activities to compliance activities.

27


Our international sales and operations subject us to additional risks that can adversely affect our business, results of operations and financial condition.

We sell our solutions to clients located outside the United States, and we are continuing to expand our international operations as part of our growth strategy. Our current international operations and our plans to expand our international operations subject us to a variety of risks, including:

increased management, travel, infrastructure, and legal compliance costs associated with having multiple international operations;
unique terms and conditions in contract negotiations desired by clients in foreign countries;
longer payment cycles and difficulties in enforcing contracts and collecting accounts receivable;
the need to localize our solutions and store data locally for international clients;
lack of familiarity with and unexpected changes in foreign regulatory requirements;
increased exposure to fluctuations in currency exchange rates;
levels of inflation in international economies;
the burdens and costs of complying with a wide variety of foreign laws and legal standards, including employment, tax, privacy, anticorruption, import/export, antitrust, data transfer, storage and protection, health and safety, and industry-specific laws and regulations;
compliance with the U.S. Foreign Corrupt Practices Act of 1977, as amended, the U.K. Bribery Act and other anti-corruption regulations, particularly in emerging market countries;
compliance by international staff with accounting practices generally accepted in the United States, including adherence to our accounting policies and internal controls;
import and export license requirements, tariffs, trade agreements, taxes, and other trade barriers;
increased financial accounting and reporting burdens and complexities;
weaker protection of intellectual property rights in some countries;
multiple and possibly overlapping tax regimes;
the application of the respective local laws and regulations to our business in each of the jurisdictions in which we operate and associated legal expenses;
government sanctions that may interfere with our ability to sell into particular countries;
disruption to our operations caused by epidemics, pandemics or outbreaks; and
political, social, and economic instability abroad, including geopolitical and regional conflicts, terrorist attacks, and security concerns in general.

Additionally, we engage through third parties a significant number of independent contractors abroad in our research and development efforts. Changes to foreign laws governing the definition or classification of such independent contractors, or judicial decisions regarding independent contractor classification could result in re-classification of such contractors as employees. Such reclassification could have an adverse effect on our business and results of operations, could require us to pay significant retroactive wages, taxes and penalties, and could force us to change our contractor business model in the foreign jurisdictions affected.

As we continue to expand our business globally, our success will depend, in large part, on our ability to anticipate and effectively manage these and other risks associated with our international operations. Any of these risks could harm our international operations and reduce our international sales, adversely affecting our business, results of operations, financial condition, and growth prospects.

28


Some of our development resources are subject to additional risks inherent in foreign operations, which could lead to interruptions in our development efforts or hamper our ability to maintain its solutions.

Prior to Russian military action against Ukraine, a majority of our research and development had been conducted through our facilities based in Ukraine and our contractors’ facilities located in Belarus, Ukraine, and Russia. In addition to product development, our resources in the region also played a role in providing implementation services as well as support services for our solutions. After Russia’s invasion of Ukraine, we implemented contingency plans to ensure the continuity of our contract research and development activity which included ending activities in Belarus and Russia and transitioning work to the European Union, U.K. and Americas. Political tensions or economic instability in the regions where we conduct operations could disrupt or delay our research and development operations or adversely affect the timeliness of new product delivery or maintenance and upgrades to existing products and solutions, which could harm our operations, financial conditions, sales and growth prospects. Any further escalation of political tensions or economic instability in these regions could disrupt or delay our research and development operations in these regions, or adversely affect the timeliness of new product delivery or maintenance and upgrades to existing products and solutions, which could harm our operations, financial conditions, sales and growth prospects. Disruptions in communications with these resources could also lead to periods of unavailability of our SaaS solutions, which could require us to provide credits or refunds to clients or lead to client cancellations.

Additionally, we engage through third parties a significant number of independent contractors in our research and development efforts. Changes to foreign laws governing the definition or classification of such independent contractors, or judicial decisions regarding independent contractor classification could result in re-classification of such contractors as employees. Such reclassification could have an adverse effect on our business and results of operations, could require us to pay significant retroactive wages, taxes and penalties, and could force us to change our contractor business model in the foreign jurisdictions affected.

If we are unable to retain key members of our management team or attract, integrate and retain additional executives and other skilled personnel we need to support our operations and growth, we may be unable to achieve our goals and our business will suffer.

Our future success depends upon our ability to continue to attract, train, integrate and retain highly skilled employees, particularly those on our management team, including John Hall, our Chief Executive Officer and David Morton, our Chief Financial Officer, whose services are essential to the execution of our corporate strategy and ensuring the continued operations and integrity of financial reporting within our company. Our management team is generally employed on an at-will basis, which means that these personnel could terminate their relationship with us at any time. The loss of any member of our senior management team could significantly delay or prevent us from achieving our business and/or development objectives, and could materially harm our business.

We compete with a number of software and other technology companies to attract and retain software developers with specialized experience in designing, developing, and managing our solutions, including our cloud-based software, as well as for skilled developers, engineers and information technology and operations professionals who can successfully implement and deliver our solutions. Additionally, we believe that our future growth will depend on the development of our go-to-market strategy and the continued recruiting, retention, and training of our sales teams, including their ability to obtain new clients and to manage our existing client base. Our ability to expand geographically depends, in large part, on our ability to attract, retain and integrate managers to lead the local business and employees with the appropriate skills. Similarly, our profitability depends on our ability to effectively utilize personnel with the right mix of skills and experience to perform services for our clients, including our ability to transition employees to new assignments on a timely basis. Many of the companies with which we compete for experienced personnel have greater resources than we have. We may incur significant costs to attract, train and retain such personnel, and we may lose new employees to our competitors or other technology companies before we realize the benefit of our investment after recruiting and training them. Also, to the extent that we hire personnel from competitors, we may be subject to allegations that such personnel have been improperly solicited or have divulged proprietary or other confidential information. If we are unable to attract, integrate and retain qualified personnel, or if there are delays in hiring required personnel, including delays due to geopolitical instability or outbreaks, epidemics, or pandemics involving public health or adjustments to U.S. immigration policy related to skilled foreign workers, our business, results of operations, and financial condition may be materially adversely affected.

29


Increases in labor costs, including wages, and an overall tightening of the labor market, could adversely affect our business, results of operations or financial condition.

The labor costs associated with our business are subject to several external factors, including unemployment levels and the quality and the size of the labor market, prevailing wage rates, minimum wage laws, wages and other forms of remuneration and benefits offered to prospective employees by competitor employers, health insurance costs and other insurance costs and changes in employment and labor legislation or other workplace regulation. Although we are not currently exposed to minimum wage work, we are exposed to related requirements as per the Fair Labor Standards Act regarding exempt versus non-exempt employment. From time to time, the labor market becomes increasingly competitive. For example, the United States is currently experiencing low unemployment, which in turn, has created a competitive wage environment that may increase our operating costs. If we are unable to mitigate wage rate increases driven by increases to the competitive labor market through automation and other labor savings initiatives, our labor costs may increase. Furthermore, high inflation rates could also push up our labor costs. There is no assurance that our revenues will increase at the same rate as these labor cost increases to maintain the same level of profitability.

In the event we must offer increased wages or other competitive benefits and incentives to attract and retain qualified personnel and fail to do so, the quality of our workforce could decline, causing certain aspects of our business to suffer. Increases in labor costs could force us to increase our prices, which could adversely impact sales. Although we have not experienced any material labor shortage to date, we have observed an overall tightening and increasingly competitive labor market and have recently experienced and expect to continue to experience some labor cost pressures. If we are unable to hire and retain capable employees, manage labor cost pressures, or if mitigating measures we take in response to increased labor costs, have unintended negative effects, including on client service or retention, our business would be adversely affected. If competitive pressures or other factors prevent us from offsetting increased labor costs, our profitability may decline and could have an adverse effect on our business, results of operations or financial condition.

Any disruption of our Internet connections, including to any third-party cloud providers that host any of our websites or web-based services, could affect the success of our SaaS solutions.

Any system failure, including network, software or hardware failure, that causes an interruption in our network or a decrease in the responsiveness of our website and our SaaS solutions could result in reduced user traffic, reduced revenues and potential breaches of our subscription arrangements. Continued growth in Internet usage, as well as Internet outages, delays and other difficulties due to system failures unrelated to our solutions could cause a decrease in the quality of Internet connection service. Websites have experienced service interruptions as a result of outages and other delays occurring throughout the worldwide Internet network infrastructure. If these outages, delays or service disruptions frequently occur in the future, usage of our web-based services could grow more slowly than anticipated or decline and we may lose revenues and clients.

30


If the third-party cloud providers or sub-processors that host any of our websites or web-based services were to experience a system failure, the performance of our websites and web-based services, including our SaaS solutions, would be harmed and our ability to deliver our solutions to our clients could be impaired, resulting in client dissatisfaction, damage to our reputation, loss of clients, and harm to our operations and our business. In general, third-party cloud providers are vulnerable to damage from fire, floods, earthquakes, acts of terrorism, power loss, telecommunications failures, break-ins, and similar events. The controls implemented by our current or future third-party cloud providers may not prevent or timely detect such system failures and we do not control the operation of third-party cloud providers that we use. Our current or future third-party cloud providers could decide to close their facilities without adequate notice. In addition, any financial difficulties, such as bankruptcy, faced by our current or future third-party cloud providers, or any of the service providers with whom we or they contract, may have negative effects on our business. If our current or future third-party cloud providers are unable to keep up with our growing needs for capacity or any spikes in client demand, it could have an adverse effect on our business. Any changes in service levels by our current or future third-party cloud providers could result in loss or damage to our clients’-stored information and any service interruptions at these third-party cloud providers could hurt our reputation, cause us to lose clients, harm our ability to attract new clients or subject us to potential liability. In the event of any damage or interruption, our property and business interruption insurance coverage may not be adequate to fully compensate us for losses that may occur. Additionally, our systems are not fully redundant, and we have not yet implemented a complete disaster recovery plan or business continuity plan. Although the redundancies we do have in place will permit us to respond, at least to some degree, to service outages, our current or future third-party cloud providers that host our SaaS solutions are vulnerable in the event of failure. We do not yet have adequate structure or systems in place to recover from a third-party cloud provider’s severe impairment or total destruction, and recovery from the total destruction or severe impairment of any of our third-party cloud providers could be difficult and may not be possible at all. Any of these events could seriously harm our business, results of operations, and financial condition.

Some of our services and technologies may use “open source” software, which may restrict how we use or distribute our services or require that we release the source code of certain solutions subject to those licenses.

Some of our services and technologies may incorporate software licensed under so-called “open source” licenses. In addition to risks related to license requirements, usage of open source software can lead to greater risks than use of third-party commercial software, as open source licensors generally do not provide warranties or controls on origin of the software. Additionally, some open source licenses require that source code subject to the license be made available to the public and that any modifications to or derivative works of open source software continue to be licensed under open source licenses. These open source licenses typically mandate that proprietary software, when combined in specific ways with open source software, become subject to the open source license. If we combine our proprietary solutions in such ways with certain open source software, we could be required to release the source code of our proprietary solutions.

We take steps to ensure that our proprietary solutions are not combined with, and do not incorporate, open source software in ways that would require our proprietary solutions to be subject to many of the restrictions in an open source license. However, few courts have interpreted open source licenses, and the manner in which these licenses may be interpreted and enforced is therefore subject to some uncertainty. Additionally, we rely on software programmers to design our proprietary technologies, and although we take steps to prevent our programmers from including objectionable open source software in the technologies and software code that they design, write and modify, we do not exercise complete control over the development efforts of our programmers and we cannot be certain that our programmers have not incorporated such open source software into our proprietary solutions and technologies or that they will not do so in the future. In the event that portions of our proprietary technology are determined to be subject to an open source license, we could be required to publicly release the affected portions of our source code, re-engineer all or a portion of our technologies, or otherwise be limited in the licensing of our technologies, each of which could reduce or eliminate the value of our services and technologies and materially and adversely affect our business, results of operations and prospects.

31


We may experience fluctuations in foreign currency exchange rates that could adversely impact our results of operations and financial condition.

Our international sales are generally denominated in foreign currencies, and these revenues could be materially affected by currency fluctuations. The volatility of exchange rates depends on many factors that we cannot forecast with reliable accuracy. Although we believe our operating activities act as a natural hedge for a substantial portion of our foreign currency exposure at the cash flow or operating income level because we typically collect revenues and incur costs in the currency of the location in which we provide our solutions, it is difficult to predict if our operating activities will provide a natural hedge in the future. Our results of operations may also be impacted by transaction gains or losses related to revaluing certain monetary asset and liability balances that are denominated in currencies other than the functional currency of the entities in which they are recorded. Moreover, significant and unforeseen changes in foreign currency exchange rates may cause us to fail to achieve our stated projections for revenues and operating income, which could have an adverse effect on our stock price. We will continue to experience fluctuations in foreign currency exchange rates, which, if material, may harm our results of operations or financial condition. We will continue to experience fluctuations in foreign currency exchange rates, which, if material, may harm our revenues or results of operations.

Our U.S. NOL carryforwards may expire or could be substantially limited if we experience an ownership change as defined in the Internal Revenue Code of 1986, as amended (“IRC”) or if changes are made to the IRC.

We have significant U.S. federal and state net operating loss (“NOL”) carryforwards. Under U.S. federal tax laws, we can carry forward and use our pre-2018 NOLs to reduce our future U.S. taxable income and tax liabilities until such NOL carryforwards expire in accordance with the IRC. Under changes made by the Tax Cuts and Jobs Act (“TCJA”), as modified by the Coronavirus Aid, Relief, and Economic Security Act (“CARES Act”), NOL carryforwards generated on or after January 1, 2018 may be carried forward indefinitely, but their utilization is limited to 80% of annual taxable income for tax years beginning after December 31, 2020. Our NOL carryforwards provide a benefit to us, if fully utilized, of significant future tax savings. However, our ability to use these tax benefits in future years will depend upon the amount of our federal and state taxable income. If we do not have sufficient federal and state income in future years to use the benefits before they expire, we will permanently lose the benefit of the pre-2018 NOL carryforwards. Additionally, as a result of the common stock sold by certain of our existing stockholders, we experienced a change of ownership as defined under the IRC. As a result of this change in ownership, pursuant to Section 382 and Section 383 of the IRC, our ability to utilize our tax attributes, including NOL carryforwards and credits, as well as certain built-in losses, against our U.S. taxable income, are limited to certain annual limitations. We currently do not anticipate any of our NOL loss carryforwards expiring, and as such, have not recorded a reduction of deferred tax assets. However, there can be no assurance that a portion of our NOL loss carryforwards may expire in any future periods. Any further changes made to the IRC or to the regulations promulgated thereunder could impact our ability to utilize our NOLs. Accordingly, any such occurrences could adversely affect our financial condition, operating results, and cash flows.

Our results of operations may be harmed if we are required to collect sales or other related taxes for our subscription solutions in jurisdictions where we have not historically done so.

We collect sales and similar value-added taxes as part of our client agreements in a number of jurisdictions. Sales and use, value-added, and similar tax laws and rates vary greatly by jurisdiction. If we believe that we should have been or should be collecting additional sales, use, or other taxes on our solutions, we voluntarily engage with appropriate tax authorities, and such engagement has led and may lead to our participation in voluntary disclosure agreements. Additionally, we have been in the past and may in the future be, under audit by one or more state or local tax authorities with regard to sales tax and other indirect tax matters. Additionally, we are currently, and may in the future be, under audit by one or more state or local tax authorities with regard to sales tax and other indirect tax matters. Our voluntary participation in agreements with states, countries, or other jurisdictions, or successful assertions by states, countries, or other jurisdictions that we should have been or should be collecting additional sales, use, or other taxes on our solutions could, among other things, result in substantial tax liabilities for past sales, create significant administrative burdens for us, discourage clients from purchasing our solutions, or otherwise harm our business, results of operations, and financial condition.

32


Risks Related to Our Organizational Structure

If the ownership of our common stock continues to be highly concentrated, it may prevent other minority stockholders from influencing significant corporate decisions and may result in conflicts of interest.

As of August 12, 2024, Anderson Investments Pte Ltd. and its affiliates (collectively, “Anderson”) beneficially own approximately 23% of our common stock. and its affiliates (collectively, “Anderson”) beneficially own approximately 28% of our common stock and Great Hill Equity Partners IV, L. As a result, Anderson exercise significant influence over all matters requiring a stockholder vote, including: the election of directors; mergers, and acquisitions; the sale of all or substantially all of our assets and other decisions affecting our capital structure; the amendment of our amended and restated certificate of incorporation and our amended and restated bylaws; and our winding up and dissolution. As a result, Anderson and Great Hill exercise significant influence over all matters requiring a stockholder vote, including: the election of directors; mergers, and acquisitions; the sale of all or substantially all of our assets and other decisions affecting our capital structure; the amendment of our amended and restated certificate of incorporation and our amended and restated bylaws; and our winding up and dissolution. This concentration of ownership may delay, deter or prevent acts that would be favored by our other stockholders. The interests of Anderson may not always coincide with our interests or the interests of our other stockholders. The interests of Anderson and Great Hill may not always coincide with our interests or the interests of our other stockholders. This concentration of ownership may also have the effect of delaying, preventing or deterring a change in control of us. Also, Anderson may seek to cause us to take courses of action that, in its judgment, could enhance its investment in us, but which might involve risks to our other stockholders or adversely affect us or our other stockholders. Also, Anderson and Great Hill may each seek to cause us to take courses of action that, in its judgment, could enhance its investment in us, but which might involve risks to our other stockholders or adversely affect us or our other stockholders. As a result, the market price of our common stock could decline or stockholders might not receive a premium over the then-current market price of our common stock upon a change in control. In addition, this concentration of share ownership may adversely affect the trading price of our common stock because investors may perceive disadvantages in owning shares in a company with a significant stockholder.

Certain provisions of Delaware law, the Stockholders’ Agreement, our amended and restated certificate of incorporation and our amended and restated bylaws could hinder, delay or prevent a change in control of us, which could adversely affect the price of our common stock.

Certain provisions of Delaware law, that certain stockholders’ agreement, dated July 2, 2021, by and between us and Anderson (the “Stockholders’ Agreement”), our amended and restated certificate of incorporation and our amended and restated bylaws contain provisions that could make it more difficult for a third-party to acquire us without the consent of our board of directors or certain existing stockholders.

The Company has not been governed by Section 203 of the Delaware General Corporation Law, as amended (the “DGCL”), and we will only become subject to Section 203 of the DGCL, immediately following the time at which both of the following conditions exist: (i) Section 203 of the DGCL by its terms would, but for the provisions of our amended and restated certificate of incorporation, apply to the Company; and (ii) Anderson does not own (as defined in Section 203 of the DGCL) shares of capital stock of the Company representing at least fifteen percent (15%) of the voting power of all the then outstanding shares of capital stock of the Company. Section 203 of the DGCL prevents some stockholders holding more than 15% of our outstanding common stock from engaging in certain business combinations without approval of the holders of two-thirds of all of our outstanding common stock not held by such interested stockholder.

Furthermore, Anderson controls 23% of the voting power of the shares of our common stock eligible to vote in the election of our directors and on other matters submitted to a vote of our stockholders, and Anderson may be able to influence outcome of matters submitted to a stockholder vote. Pursuant to the Stockholders’ Agreement, so long as Anderson beneficially owns at least 10% of our outstanding common stock, it shall have the right to nominate one director to our board of directors. Pursuant to the Stockholders’ Agreement, so long as each of Anderson and Great Hill beneficially owns at least 10.0% of our outstanding common stock, each shall have the right to nominate one director to our board of directors.

These provisions may make it difficult and expensive for a third-party to pursue a tender offer, change in control or takeover attempt that is opposed by Anderson, our management or our board of directors. Public stockholders who might desire to participate in these types of transactions may not have an opportunity to do so, even if the transaction is favorable to stockholders. These anti-takeover provisions could substantially impede the ability of public stockholders to benefit from a change in control or change our management and board of directors and, as a result, may adversely affect the market price of our common stock and your ability to realize any potential change of control premium.

33


Risks Related to Ownership of Our Common Stock

The market price and trading volume of our common stock has been and may continue to be volatile, which could result in rapid and substantial losses for our stockholders.

The market price of our common stock has been and may continue to be highly volatile and could be subject to wide fluctuations. In addition, the trading volume in our common stock may fluctuate and cause significant price variations to occur. Some of the factors that have or could in the future negatively affect our share price or result in fluctuations in the price or trading volume of our common stock, many of which are beyond our control, include:

variations in our quarterly or annual operating results;
our ability to attract new clients in both domestic and international markets, and our ability expand the solutions provided to existing clients;
the timing of our clients’ buying decisions and reductions in our clients’ budgets for IT purchases and delays in their purchasing cycles, particularly in light of recent adverse global economic conditions;
changes in our earnings estimates (if provided) or differences between our actual financial and operating results and those expected by investors and analysts;
the contents of published research reports about us or our industry or the failure of securities analysts to cover our common stock;
additions to, or departures of, key management personnel and our ability to attract, train, integrate and retain highly skilled employees;
any increased indebtedness we may incur in the future;
announcements and public filings by us or others and developments affecting us;
actions by institutional stockholders;
litigation and governmental investigations;
operating and stock performance of other companies that investors deem comparable to us (and changes in their market valuations) and overall performance of the equity markets;
speculation or reports by the press or investment community with respect to us or our industry in general;
increases in market interest rates, including due to impacts from inflation, that may lead purchasers of our shares to demand a higher yield;
announcements by us or our competitors of significant contracts, acquisitions, dispositions, strategic relationships, joint ventures or capital commitments;
announcements or actions taken by our principal stockholders;
sales of substantial amounts of our common stock by Anderson or other significant stockholders or our insiders, or the expectation that such sales might occur;
volatility, inflation, or economic downturns in the markets in which we, our clients and our partners are located caused by outbreaks, epidemics, or pandemics involving public health and related policies and restrictions undertaken to contain the spread of such pandemics or potential pandemics;
geopolitical tensions or conflicts in locations in which we, our clients and our partners are located, including Russian military action against Ukraine and any further escalation of such conflict as well as ongoing conflict in the Middle East;
general volatility in the prices of stock traded on the Nasdaq Global Select Market and other equity markets; and
general market, political and economic conditions, including inflation, rising interest rates and disruptions in the professional and financial services industry, including any such conditions and local conditions in the markets in which any of our clients are located.

34


The stock markets have experienced price and volume fluctuations that have affected and continue to affect the market prices of equity securities of many technology companies. Stock prices of many technology companies have fluctuated in a manner unrelated or disproportionate to the operating performance of those companies. In the past, following periods of volatility in the overall market and the market price of a company’s securities, securities class action litigation has often been instituted against these companies. This litigation, if instituted against us, could result in substantial costs and a diversion of our management’s attention and resources.

Future offerings of debt or equity securities by us may materially adversely affect the market price of our common stock.

In the future, we may attempt to obtain financing or to further increase our capital resources by issuing additional shares of our common stock or offering debt or other equity securities, including senior or subordinated notes, debt securities convertible into equity or shares of preferred stock. In addition, we may seek to expand operations in the future to other markets which we would expect to finance through a combination of additional issuances of equity, corporate indebtedness and/or cash from operations.

Issuing additional shares of our common stock or other equity securities or securities convertible into equity may dilute the economic and voting rights of our existing stockholders or reduce the market price of our common stock or both. For example, in May of 2023, we completed an underwritten public offering of 7,187,500 shares of our common stock, consisting of 2,000,000 shares sold by us and 5,187,500 shares of common stock sold by certain selling stockholders, which had a dilutive effect on the pre-existing stockholders. Debt securities convertible into equity could be subject to adjustments in the conversion ratio pursuant to which certain events may increase the number of equity securities issuable upon conversion. Preferred shares, if issued, could have a preference with respect to liquidating distributions or a preference with respect to dividend payments that could limit our ability to pay dividends to the holders of our common stock. Our decision to issue securities in any future offering will depend on market conditions and other factors beyond our control, which may adversely affect the amount, timing or nature of our future offerings. Thus, holders of our common stock bear the risk that our future offerings may reduce the market price of our common stock and dilute their stockholdings in us.

The market price of our common stock could be negatively affected by sales of substantial amounts of our common stock in the public markets.

As of August 12, 2024, there were 74,699,528 shares of common stock outstanding. Approximately 23% of our outstanding common stock is held by Anderson and can be resold into the public markets in the future in accordance with the requirements of Rule 144. In addition, we filed an automatically effective registration statement on Form S-3 with the SEC on May 16, 2023, as supplemented on April 15, 2024, and as may be amended or supplemented from time to time, which registered shares held by certain of our existing stockholders (including Anderson) and its respective affiliates. Pursuant to this effective registration statement, such shares are freely tradeable in the public market to the extent sold pursuant to the registration statement. The sale by Anderson of a substantial number of shares, or a perception that such sales could occur, could significantly reduce the market price of our common stock. In addition, certain of our employees, executive officers and directors have entered or may enter into Rule 10b5-1 trading plans providing for sales of shares of our common stock from time to time. The market price of our common stock may decline significantly if our existing stockholders were to sell substantial amounts of our common stock. A decline in the price of our common stock might impede our ability to raise capital through the issuance of additional common stock or other equity securities.

As of August 12, 2024, we had an aggregate of 599,415,412 shares of common stock authorized but unissued and not reserved for issuance under our incentive plans. We may issue all of these shares of common stock without any action or approval by our stockholders, subject to certain exceptions. Additionally, as of August 12, 2024, we had 25,885,060 shares of common stock reserved for issuance under our incentive plans. Any common stock issued in connection with our incentive plans, the exercise of outstanding stock options or otherwise would dilute the percentage ownership held by all of our stockholders.

35


We have not paid dividends in the past and do not anticipate paying any dividends on our common stock in the foreseeable future.

We have never paid cash dividends on our common stock and have no plans to pay regular dividends on our common stock in the foreseeable future. Any declaration and payment of future dividends to holders of our common stock will be at the sole discretion of our board of directors and will depend on many factors, including our financial condition, earnings, capital requirements, level of indebtedness, statutory, and contractual restrictions applying to the payment of dividends and other considerations that our board of directors deems relevant. Additionally, our revolving credit facility agreements limit the ability of certain of our subsidiaries to pay dividends. Until such time that we pay a dividend, which may never occur, our investors must rely on sales of their common stock after price appreciation, which may never occur, as the only way to realize any future gains on their investment. Until such time that we pay a dividend, our investors must rely on sales of their common stock after price appreciation, which may never occur, as the only way to realize any future gains on their investment.

Our amended and restated certificate of incorporation designates a state or federal court located within the State of Delaware as the exclusive forum for certain types of actions and proceedings and the federal courts for certain other types of actions that may be initiated by our stockholders, which could limit our stockholders’ ability to obtain a favorable judicial forum for disputes with us or our directors, officers, employees, or other stockholders.

Our amended and restated certificate of incorporation provides that, unless we consent in writing to the selection of an alternative forum, to the fullest extent permitted by law, the sole and exclusive forum for (1) any derivative action or proceeding brought on our behalf, (2) any action asserting a claim of breach of a fiduciary duty owed by any of our directors, officers or other employees or our stockholders to us or our stockholders, (3) any action asserting a claim arising pursuant to any provision of the DGCL, our amended and restated certificate of incorporation or our amended and restated bylaws or as to which the DGCL confers jurisdiction on the Court of Chancery of the State of Delaware, or (4) any action asserting a claim that is governed by the internal affairs doctrine shall be, to the fullest extent permitted by law, the Court of Chancery of the State of Delaware or, if such court does not have subject matter jurisdiction thereof, the federal district court of the State of Delaware. Our amended and restated certificate of incorporation also provides that, unless we consent in writing to the selection of an alternative forum, the federal district courts of the United States of America will be the sole and exclusive forum for resolving any complaint asserting a cause of action arising under the Securities Act. Any person or entity purchasing or otherwise acquiring any interest in shares of our capital stock shall be deemed to have notice of and consented to these provisions. This provision would not apply to suits brought to enforce a duty or liability created by the Exchange Act or any other claim for which the federal courts have exclusive jurisdiction.

Furthermore, Section 22 of the Securities Act creates concurrent jurisdiction for federal and state courts over all such Securities Act actions. Accordingly, both state and federal courts have jurisdiction to entertain such claims. To prevent having to litigate claims in multiple jurisdictions and the threat of inconsistent or contrary rulings by different courts, among other considerations, our amended and restated certificate of incorporation contains a federal forum provision which provides that unless the Company consents in writing to the selection of an alternative forum, the federal district courts of the United States of America will be the exclusive forum for the resolution of any complaint asserting a cause of action arising under the Securities Act.

While the Delaware courts have determined that such choice of forum provisions are facially valid, a stockholder may nevertheless seek to bring a claim in a venue other than those designated in the exclusive forum provisions. In such instance, we would expect to vigorously assert the validity and enforceability of the exclusive forum provisions of our amended and restated certificate of incorporation. This may require significant additional costs associated with resolving such action in other jurisdictions and there can be no assurance that the provisions will be enforced by a court in those other jurisdictions.

These choice of forum provisions may limit a stockholder’s ability to bring a claim in a judicial forum that it finds favorable for disputes with us or our directors, officers, or other employees, which may discourage such lawsuits. Alternatively, if a court were to find the choice of forum provision in our amended and restated certificate of incorporation to be inapplicable or unenforceable in an action, we may incur additional costs associated with resolving such action in other jurisdictions, which could harm our business, results of operations and financial condition.

36


General Risk Factors

We may be adversely affected by natural disasters, outbreaks, epidemics, or pandemics involving public health, other catastrophic events and terrorism that could disrupt and harm our business, results of operations, and financial condition.

Our business operations are subject to interruption by various events beyond our control. Natural disasters or other catastrophic events may cause damage or disruption to our operations, international commerce, and the global economy, which could have an adverse effect on our business, operating results, and financial condition. Further, acts of terrorism and other geopolitical unrest could cause disruptions in our business or the businesses of our partners or the economy as a whole. In addition, our global operations expose us to risks associated with public health crises, such as pandemics and epidemics, which could materially and adversely impact our operations and the markets and industries in which we, our partners and clients operate. For example, the COVID-19 pandemic and/or the precautionary measures that we, our clients, and governmental authorities adopted resulted in global business disruptions, economic downturn and increased market volatility. Outbreaks, epidemics or pandemics involving public health, including COVID-19, could materially and adversely impact our operations and the markets and industries in which we, our partners and customers operate.

Public health crises may adversely affect, among other things, demand, spending by new clients, renewal and retention rates of existing clients, the length of our sales cycles, the value and duration of subscriptions, collections of accounts receivable, our IT and other expenses, our ability to recruit, and the ability of our employees to travel, all of which could adversely affect our business, results of operations and financial condition.

Because we recognize revenues over the term of the agreements for our SaaS solutions, any downturn in our business resulting from the such outbreaks, epidemics, or pandemics involving public health may not be reflected immediately in our operating results, which increases the difficulty of evaluating our future financial performance. Further, our sales cycles could increase, resulting in a slower growth of new sales. Certain of our competitors may also be better equipped to weather the impact of such outbreaks, epidemics, or pandemics involving public health both domestically and abroad and better able to address changes in client demand. Certain of our competitors may also be better equipped to weather the impact of such outbreaks, epidemics, or pandemics involving public health, including COVID-19 outbreaks both domestically and abroad and better able to address changes in client demand.

We may not be able to obtain capital when desired on favorable terms, if at all, and we may not be able to obtain capital or complete acquisitions through the use of equity without dilution to our stockholders.

We may need additional financing to execute our current or future business strategies, including to develop new or enhance existing solutions, acquire businesses and technologies or otherwise respond to competitive pressures. If we fail to raise capital when needed, we could be prevented from executing our business strategy or react to the economic environment.

If we raise additional funds through the issuance of equity or securities convertible into shares of our common stock, the percentage ownership of our stockholders could be significantly diluted, and newly-issued securities may have rights, preferences, or privileges senior to those of existing stockholders. The trading prices for our and other technology companies' common stock have been highly volatile in recent years, including as a result of circumstances unrelated to the operating performance of companies, which may reduce our ability to access capital on favorable terms or at all. These anti-takeover provisions could substantially impede the ability of public stockholders to benefit from a change in control or change our management and board of directors and, as a result, may adversely affect the market price of our common stock and your ability to realize any potential change of control premium. Additionally, if we accumulate additional funds through debt financing, a substantial portion of our operating cash flow may be dedicated to the payment of principal and interest on such indebtedness, thus limiting funds available for our business activities. We cannot assure you that additional financing will be available on terms favorable to us, or at all. If adequate funds are not available or are not available on acceptable terms, when we desire them, our ability to fund our operations, develop or enhance our solutions, invest in future growth opportunities or otherwise respond to competitive pressures would be significantly limited. If adequate funds are not available or are not available on acceptable terms, when we desire them, our ability to fund our operations, take advantage of unanticipated opportunities, develop or enhance our solutions, invest in future growth opportunities or otherwise respond to competitive pressures would be significantly limited. Any of these factors could harm our results of operations.

If tax laws change or we experience adverse outcomes resulting from examination of our income tax returns, it could adversely affect our results of operations.

We are subject to federal, state and local income taxes in the United States and in foreign jurisdictions. Our future effective tax rates and the value of our deferred tax assets could be adversely affected by changes in tax laws, which changes may have retroactive application. In recent years, many such changes have been made and changes are likely to continue to occur in the future. For example, the TCJA and the CARES Act made a number of significant changes to the current U.S. federal income tax rules, including with respect to the corporate tax rate, NOLs, and the international tax rules. Many of the provisions of these laws still require finalization by the U.S. Treasury Department, increasing the uncertainty as to the ultimate effects on us and our stockholders. Global tax developments applicable

37


to multinational businesses may have a material impact to our business, cash flows, or financial results. Such developments, for example, may include certain new provisions introduced by the Inflation Reduction Act, certain Organization for Economic Co-operation and Development's proposals including the implementation of the global minimum tax under the Pillar Two model rules, and the European Commission's and certain major jurisdictions' heightened interest in and taxation of companies participating in the digital economy. Furthermore, governments' responses to macroeconomic factors such as shrinking gross domestic product or increased inflation rates and tax revenue needs may lead to tax rule changes that could materially and adversely affect our cash flows and financial results. In addition, we are subject to the examination of our income tax returns by the Internal Revenue Service (“IRS”), foreign and other tax authorities. We regularly assess the likelihood of adverse outcomes resulting from such examinations to determine the adequacy of our provision for income taxes. Significant judgment is required in determining our worldwide provision for income taxes. Although we believe we have made appropriate provisions for taxes in the jurisdictions in which we operate, changes in the tax laws or challenges from tax authorities under existing tax laws could adversely affect our business, financial condition, and results of operations.

Item 1B. Unresolved Staff Comments.

None

Item 1C. Cybersecurity.

Cybersecurity Risk Management and Strategy

The Company recognizes the critical importance of developing, implementing, and maintaining robust cybersecurity measures to safeguard our information systems and to protect the confidentiality, integrity, and availability of our and our client’s data and information assets. As such, we have developed and implemented a cybersecurity risk management program intended to protect the confidentiality, integrity, and availability of our critical systems and information. Our cybersecurity risk management program includes a cybersecurity incident response plan.

We design our program based on industry standard cybersecurity frameworks, such as the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF). This does not imply that we meet any particular technical standards, specifications, or requirements, only that we use the NIST CSF as a guide to help us identify, assess, and manage cybersecurity risks relevant to our business. Also, our cloud services comply with numerous internationally recognized standards, such as ISO 27001, ISO 27017, ISO 27108, SOC 2 and CSA STAR.

Our cybersecurity risk management program is integrated into our overall enterprise risk management program, and shares common methodologies, reporting channels and governance processes that apply across the enterprise risk management program to other legal, compliance, strategic, operational, and financial risk areas.

Our cybersecurity risk management program includes:

risk assessments designed to help identify material cybersecurity risks to our critical systems, information, products, services, and our broader enterprise IT environment;
a security team principally responsible for managing (1) our cybersecurity risk assessment processes, (2) our security controls, and (3) our response to cybersecurity incidents;
the use of external service providers, where appropriate, to assess, test or otherwise assist with aspects of our security controls;
cybersecurity awareness training of our employees, incident response personnel, and senior management, including through the use of third-party providers for regular mandatory trainings;
a cybersecurity incident response plan that includes procedures for responding to cybersecurity incidents; and
a third-party risk management process for service providers, suppliers, and vendors.

38


When we experience cybersecurity incidents, we promptly activate incident response protocols and commence investigation of the incident. We may notify law enforcement and engage third-party professionals, as appropriate, as part of our incident response and/or investigation. Based on our assessments, we have not identified any cybersecurity threats that have had a material impact during the last fiscal year, and we do not believe these incidents have materially affected or will materially affect us, including our operations, business strategy, results of operations, or financial condition. However, we face ongoing cybersecurity risks, including threats that might become more sophisticated and effective over time. If realized, these risks are reasonably likely to materially affect the Company. Additional information on the cybersecurity risks we face is discussed in Part I, Item 1A, “Risk Factors.

Cybersecurity Governance

Our Board of Directors considers cybersecurity risk as part of its risk oversight function and has delegated to the Audit Committee (“Committee”) oversight of the Company’s enterprise risks, including cybersecurity and other information security risks. The Committee oversees management’s implementation of our cybersecurity risk management program. Also, the Company created a Risk Management Working Group which meets no less than quarterly and which receives updates on the Company’s cybersecurity risk management program and cybersecurity risks from the Chief Information Security Officer (“CISO”). The Risk Management Working Group includes two Audit Committee members, certain members of senior management and the CISO.

The Committee receives quarterly reports on our cybersecurity risks from the Risk Management Working Group. In addition, management updates the Committee, as necessary, regarding any material cybersecurity incidents, as well as any incidents with lesser impact potential.

The Committee reports quarterly to the full Board of Directors regarding its activities, including those related to cybersecurity. The full Board of Directors also receives briefings on our cyber risk management program, including from our CISO.

Our team of experienced cybersecurity professionals has primary responsibility for our overall cybersecurity risk management program, including assessing and managing material risks from cybersecurity threats. Our CISO, Mark Schertler, supervises both our internal cybersecurity personnel and our retained external cybersecurity consultants. Mr. Schertler has over 40 years of experience in the field of cybersecurity. Mr. Schertler leads a team of experienced cybersecurity professionals who have extensive experience in the field of cybersecurity, including experience in cybersecurity consulting, cloud security, principal security architect, application security and as a chief technology officer.

Our management team supervises efforts to prevent, detect, mitigate, and remediate cybersecurity risks and incidents through various means, which may include briefings from internal security personnel; threat intelligence and other information obtained from governmental, public or private sources, including external consultants engaged by us; and alerts and reports produced by security tools deployed in the IT environment.

39


Recently Filed
Click on a ticker to see risk factors
Ticker * File Date
FCEL 2 days, 19 hours ago
OTLK 2 days, 19 hours ago
IMKTA 2 days, 19 hours ago
FORD 2 days, 20 hours ago
BDL 2 days, 21 hours ago
FUST 3 days, 19 hours ago
VPLM 3 days, 22 hours ago
SIF 6 days, 14 hours ago
BLIN 6 days, 16 hours ago
CLAY 6 days, 17 hours ago
EEGI 6 days, 18 hours ago
SMME 6 days, 19 hours ago
AVXL 6 days, 19 hours ago
LMNR 6 days, 19 hours ago
SNTW 6 days, 23 hours ago
TRCK 6 days, 23 hours ago
OCC 1 week ago
GEF 1 week ago
TBLT 1 week, 2 days ago
AVGO 1 week, 2 days ago
TOL 1 week, 2 days ago
CSPI 1 week, 2 days ago
CIEN 1 week, 2 days ago
A 1 week, 3 days ago
ARKR 1 week, 3 days ago
LTCH 1 week, 3 days ago
LIVE 1 week, 3 days ago
HEI 1 week, 3 days ago
ESOA 1 week, 3 days ago
AVO 1 week, 3 days ago
JOB 1 week, 3 days ago
ABM 1 week, 3 days ago
MGYR 1 week, 3 days ago
OPXS 1 week, 3 days ago
HPE 1 week, 4 days ago
NDSN 1 week, 4 days ago
HOV 1 week, 4 days ago
NVOS 1 week, 4 days ago
YCBD 1 week, 4 days ago
TTC 1 week, 4 days ago
APDN 1 week, 5 days ago
KEYS 1 week, 5 days ago
SONN 1 week, 6 days ago
NMTC 1 week, 6 days ago
EPIX 1 week, 6 days ago
UPXI 1 week, 6 days ago
CMP 1 week, 6 days ago
QIPT 1 week, 6 days ago
MITK 1 week, 6 days ago
ALID 1 week, 6 days ago

OTHER DATASETS

House Trading

Dashboard

Corporate Flights

Dashboard

App Ratings

Dashboard