Risk Factors Dashboard

Once a year, publicly traded companies issue a comprehensive report of their business, called a 10-K. A component mandated in the 10-K is the ‘Risk Factors’ section, where companies disclose any major potential risks that they may face. This dashboard highlights all major changes and additions in new 10K reports, allowing investors to quickly identify new potential risks and opportunities.

View risk factors by ticker

Search filings by term

Risk Factors - ADSK

-New additions in green
-Changes in blue
-Hover to see similar sentence in last filing

ITEM 1A. RISK FACTORS

We operate in a rapidly changing environment that involves significant risks, a number of which are beyond our control. In addition to the other information contained in this Annual Report on Form 10-K, the following discussion highlights some of these risks and the possible impact of these factors on our business, financial condition, and future results of operations. If any of the following risks actually occur, our business, financial condition, or results of operations may be adversely impacted, causing the trading price of our common stock to decline. In addition, these risks and uncertainties may impact the forward-looking statements described elsewhere in this Annual Report on Form 10-K and in the documents incorporated herein by reference. They could affect our actual results of operations, causing them to differ materially from those expressed in forward-looking statements.

Table of Contents

Summary of Risk Factors

Our business is subject to numerous risks and uncertainties that you should consider before investing in our securities. These risks are described more fully below and include, but are not limited to, risks relating to the following:

•Our strategy to develop and introduce new products and services, exposing us to risks such as limited customer acceptance (both with new and existing customers), costs related to product defects, and large expenditures.

•Existing and increased competition and rapidly evolving technological changes.

•Global economic and political conditions.

•Costs and challenges associated with strategic acquisitions and investments.

•Dependency on international revenue and operations, exposing us to significant international regulatory, economic, intellectual property, collections, currency exchange rate, taxation, political, and other risks.

•Inability to predict subscription renewal rates and their impact on our future revenue and operating results.

•Fluctuation of our financial results, key metrics and other operating metrics.

•Deriving a substantial portion of our net revenue from a small number of solutions, including our AutoCAD-based software products and collections.

•Any failure to successfully execute and manage initiatives to realign or introduce new business and sales initiatives.

•Our strategy and expectations regarding the expected benefits, timing and costs associated with our restructuring plans.

•Net revenue, billings, earnings, cash flow, or subscriptions shortfalls or volatility of the market causing the market price of our stock to decline.

•Challenges relating to the proper management and governance of our use of AI in our offerings.

•Security incidents compromising the integrity of our or our customers’ offerings, services, data, or intellectual property.

•Reliance on third parties to provide us with a number of operational and technical services as well as software.

•Our highly complex software, which may contain undetected errors, defects, or vulnerabilities, and is subject to service disruptions, degradations, outages or other performance problems.

•Increasing regulatory focus on privacy, data protection, and cybersecurity issues and expanding laws.

•Governmental export and import controls that could impair our ability to compete in international markets or subject us to liability if we violate the controls.

•Protection of our intellectual property rights and intellectual property infringement claims from others.

•The government procurement process.

•Fluctuations in currency exchange rates.

•Our debt service obligations.

•Our investment portfolio consisting of a variety of investment vehicles that are subject to interest rate trends, market volatility, and other economic factors.

Risks Relating to Our Business and Strategy

Our strategy to develop and introduce new products and services exposes us to risks such as limited customer acceptance (both with new and existing customers), costs related to product defects, and large expenditures, each of which may result in no additional net revenue or decreased net revenue.

The software industry is characterized by rapid technological changes as well as changes in customer requirements and preferences. In recent years, the industry has undergone a transition from developing and selling perpetual licenses and on-premises products to subscriptions and cloud-enabled technologies. Both new and existing customers are also reconsidering how they purchase software products, which requires us to constantly evaluate our business model and strategy. In response, we are focused on providing solutions to enable our customers to be more agile and collaborative on their projects. If we are unable to provide new features, enhancements to user experience, and modifications in a timely and cost-effective manner that achieve market acceptance, align with customer expectations, and that keep pace with rapid technological developments and changing regulatory landscapes, our business and operating results could be adversely affected. For example, AI and machine learning are propelling advancements in technology, but if they are not widely adopted and accepted or fail to operate as expected, our business and reputation may be harmed.

Table of Contents

In addition, we frequently introduce new business models or methods that require a considerable investment of technical and financial resources, such as our introduction of flexible subscription and service offerings, our transition of multi-subscription plans to named-user plans and our new transaction model. It is uncertain whether these strategies, including our product and pricing changes, will accurately reflect customer demand or be successful, or whether we will be able to develop the necessary infrastructure and business models more quickly than our competitors. We make such investments through further development and enhancement of our existing products and services, as well as through acquisitions. Such investments may not result in sufficient revenue generation to justify their costs and could result in decreased net revenue or profitability. If we are not able to meet customer requirements, either with respect to new customers or existing customers, and either with respect to our software or the manner in which we provide such products, or if we are not able to adapt our business model to meet our customers’ requirements, our business, financial condition, or results of operations may be adversely impacted.

In particular, a critical component of our growth strategy is to have customers of our AutoCAD and AutoCAD LT products, as well as other individual Autodesk products, expand their portfolios to include our other offerings and cloud-based functionality, and we are taking steps to accelerate this migration. At times, sales of our AutoCAD and AutoCAD LT or individual Autodesk flagship products have decreased without a corresponding increase in Industry Collections or cloud-based functionality revenue, or without purchases of customer seats to our Industry Collections. Should this continue, our results of operations will be adversely affected.

Our executive management team must continuously act quickly and with vision, given the rapidly changing customer expectations and technology advancements inherent in the software industry, the extensive and complex efforts required to create useful and widely accepted products, and the rapid evolution of cloud computing, mobile devices, new computing platforms, and other technologies, such as consumer products. Although we have articulated a strategy that we believe will fulfill these challenges, if we fail to execute properly on that strategy or adapt the strategy as market conditions evolve, we may fail to meet our customers’ expectations, be unable to compete with our competitors' products and technology, and lose the confidence of our channel partners and employees. This in turn could adversely affect our business and financial performance.

Existing and increased competition and rapidly evolving technological changes may reduce our revenue and profits.

The software industry has limited barriers to entry, and the availability of computing devices with continually expanding performance at progressively lower prices contributes to the ease of market entry. The industry has undergone a transition from developing and selling perpetual licenses and on-premises products to subscriptions and cloud-enabled technologies. This shift further lowers barriers to entry and poses a disruptive challenge to established software companies. The markets in which we operate are characterized by vigorous competition, both by entrants with innovative technologies and by consolidation of companies with complementary offerings and technologies. Some of our competitors have greater financial, technical, sales and marketing, and other resources. For example, disruptive technologies such as machine learning and other AI technologies may significantly alter the market for our products in unpredictable ways and reduce customer demand. The market may also react to these disruptive technologies in unpredictable ways inconsistent with our financial condition and results of operation.

Furthermore, a reduction in the number and availability of compatible third-party applications or our inability to rapidly adapt to technological and customer preference changes, including those related to cloud computing, mobile devices, and new computing platforms, may adversely affect the sale of our solutions. Because of these and other factors, competitive conditions in the industry are likely to intensify in the future. Increased competition could result in price reductions, reduced net revenue and profit margins, and loss of market share, any of which would likely harm our business.

Global economic and political conditions may further impact our industries, business, and financial results.

The United States and other countries’ economies have experienced cyclical downturns, in which economic activity was impacted by falling demand for a variety of goods and services, restricted credit, poor liquidity, decreased government spending, reduced corporate profitability, volatility in credit, equity, and foreign exchange markets, inflationary pressures and higher interest rates, bankruptcies, and overall uncertainty. These economic conditions can occur abruptly. The extent to which these challenges will impact our financial condition or results of operations is

Table of Contents

still uncertain and will continue to depend on developments such as the impact of these challenges on our customers, vendors, distributors, and resellers, such as the supply chain disruption and resulting inflationary pressures and global labor shortage that we have seen recently, material scarcity, as well as other factors; actions taken by governments, businesses, and consumers in response to these challenges; speed and timing of economic recovery, including in specific geographies; our billings and renewal rates, including new business close rates, rate of multi-year contracts, pace of closing larger transactions, and new unit volume growth; wars and armed conflicts, including the ongoing wars between Ukraine and Russia and conflicts in the Middle East; foreign exchange rate fluctuations; and the effect of these challenges on margins and cash flow. All of these factors continue to evolve and remain uncertain at this time, and some of these factors are not within our control. If economic growth in countries where we do business slows or if such countries experience further economic recessions, customers may delay or reduce technology purchases. Our customers include government entities, including the U.S. federal government, and if spending cuts impede the ability of governments to purchase our products and services, our revenue could decline. In addition, a number of our customers rely, directly and indirectly, on government spending.

As described elsewhere in these risk factors, we are dependent on international revenue and operations and are subject to related risks of conducting business globally. These trends have increased political and economic unpredictability globally and may increase the volatility of global financial markets, and the impact of such developments on the global economy remains uncertain. Political instability or adverse political developments in any of the countries in which we do business could harm our business, results of operations, and financial condition. A financial sector credit crisis could impair credit availability and the financial stability of our customers, including our distribution partners and channels. A disruption in the financial markets may also have an effect on our derivative counter-parties and could also impair our banking partners, on which we rely for operating cash management. War, geopolitical conflicts, and any related political or economic responses and counter-responses or otherwise by various global actors or the general effect on the global economy, could also affect our business. Any of these events could harm our business, results of operations, and financial condition.

Our business could be adversely impacted by the costs and challenges associated with strategic acquisitions and investments.

In addition, such acquisitions and investments involve other risks such as:

•the inability to retain customers, key employees, vendors, distributors, business partners, and other entities associated with the acquired business;

•the potential that due diligence of the acquired business or solution does not identify significant problems;

•exposure to litigation or other claims in connection with, or inheritance of claims or litigation risk as a result of, an acquisition, including claims from terminated employees, customers, or other third parties;

•the potential for incompatible business cultures;

•significantly higher than anticipated transaction or integration-related costs;

•the potential that acquired businesses or businesses that we invest in may not have adequate controls, processes, and procedures to ensure compliance with laws and regulations, including with respect to data privacy, data protection, and cybersecurity, as well as anti-bribery and anti-corruption laws, export controls, sanctions and industry-specific-regulation;

•potential additional exposure to economic, tax, currency, political, legal, and regulatory risks and liabilities, including risks associated with specific countries; and

•the potential impact on relationships with existing customers, vendors, and distributors as business partners as a result of acquiring another business.

We may not be successful in overcoming such risks, and such acquisitions and investments may negatively impact our business. In addition, if we do not complete an announced acquisition transaction or integrate an acquired business successfully and in a timely manner, we may not realize the benefits of the acquisition to the extent anticipated. Acquisitions and

Table of Contents

investments have in the past and may in the future contribute to fluctuations in our quarterly financial results. These fluctuations could arise from transaction-related costs and charges associated with eliminating redundant expenses or write-offs of impaired assets recorded in connection with acquisitions and investments, and could negatively impact our financial results.

We are dependent on international revenue and operations, exposing us to significant international regulatory, economic, intellectual property, collections, currency exchange rate, taxation, political, and other risks, which could adversely impact our financial results.

International net revenue represented 64% of our net revenue for both fiscal 2026 and 2025. Our international revenue, some of which comes from emerging economies, is subject to economic and political conditions in foreign markets, including those resulting from economic and political conditions in the United States. Our total revenue is also impacted by the relative geographical and country mix of our revenue over time. Our dependency on international revenue makes us much more exposed to global economic and political trends, which can negatively impact our financial results even if our results in the United States are strong for a particular period.

We anticipate that our international operations will continue to account for a significant portion of our net revenue and, as we expand our international development, sales, and marketing expertise, will provide significant support to our overall efforts in countries outside of the United States. Risks inherent in our international operations include:

•economic volatility;

•tariffs, quotas, and other trade barriers and restrictions, geopolitical conflicts, and any political or economic responses and counter-responses thereto by various global actors;

•fluctuating currency exchange rates, including devaluations, currency controls, and inflation, and risks related to any hedging activities we undertake;

•changes in regulatory requirements and practices;

•delays resulting from difficulty in obtaining export licenses for certain technology;

•different purchase patterns as compared to the developed world;

•operating in locations with a higher incidence of corruption and fraudulent business practices, particularly in emerging economies;

•compliance with the U.S. Foreign Corrupt Practices Act, the U.K. Bribery Act, and other anti-corruption laws;

•difficulties in staffing and managing foreign sales and development operations;

•local competition;

•longer collection cycles for accounts receivable;

•U.S. and foreign tax law changes and the complexities of tax reporting;

•laws regarding the free flow of data across international borders and management of and access to data and public networks;

•possible future limitations upon foreign-owned businesses;

•increased financial accounting and reporting burdens and complexities;

•inadequate local infrastructure;

•greater difficulty in protecting intellectual property;

•software piracy; and

•other factors beyond our control, including popular uprisings, terrorism, war (including any related political or economic responses and counter-responses or otherwise by various global actors or the general effect on the global economy), natural disasters, and diseases and pandemics.

Some of our business partners also have international operations and are subject to the risks described above.

In addition, in recent years, the United States has instituted or proposed changes to foreign trade policy, including the negotiation or termination of trade agreements, the imposition of new or increased tariffs on products imported from certain countries; economic sanctions on individuals, corporations, or countries; and other government regulations affecting trade between the United States and other countries in which we do business. For example, the United States and other global actors have continued to increase sanctions and export restrictions as a result of the war against Ukraine launched by Russia, the geopolitical landscape with respect to China, ongoing conflicts in the Middle East, and other risks. Additionally, recent executive actions and executive branch policies in the United States, such as those communicated in a February 2025 memorandum regarding a change in U.S. policy with respect to the negotiation and imposition of digital services taxes and

Table of Contents

regulations by other countries, suggest a broader purview for changes in U.S. trade policy as a component of U.S. foreign policy. For example, since March 2025 the United States has imposed additional Section 232 tariffs on various commodities, including steel, aluminum, passenger vehicles and trucks (and components for such vehicles), and other industry-specific targets. Between February 2025 and February 2026, the United States placed additional fentanyl-related tariffs on most goods from China, Canada and Mexico (with an exception for goods that qualify for duty-free treatment under the U.S.-Mexico-Canada Agreement); and between April 2025 and February 2026 placed additional reciprocal tariffs on most imports from U.S. trading partners other than Canada, Mexico, Russia, Belarus, Cuba, and North Korea. These additional U.S. tariffs were implemented under authorities asserted in the International Emergency Economic Powers Act (“IEEPA”) and rescinded on February 24, 2026, following a Supreme Court decision invalidating the use of IEEPA to authorize these tariffs. The availability, timing, and amount of any related refunds associated with payments of these duties remain uncertain and subject to further legal, regulatory, and administrative action. Beginning February 24, 2026, the U.S. government implemented a new, global “temporary import surcharge” of 10% on many of the same products affected by the prior reciprocal tariffs, under authorities provided for in Section 122 of the Trade Act of 1974, supplementing existing non-IEEPA measures. Additional trade-related investigations by the U.S. government are in progress and could result in the imposition of additional tariffs.

There is currently significant uncertainty about the future relationship between the United States and its trading partners with respect to trade policies, tariffs, taxes, and similar policies affecting cross-border operations. These new or increased tariffs and other changes in U.S. trade policy, including new sanctions and increased export restrictions, have triggered and could continue to trigger retaliatory actions by affected countries, including Canada, China, Russia, and others, that have instituted, considered, or are considering imposing new or increased tariffs, export controls, and other trade sanctions targeting certain U.S. persons or U.S.-manufactured goods. These retaliatory measures could include responses such as the imposition of new or increased digital services taxes.

Even if we are able to successfully manage the risks of international operations, our business may be adversely affected if our business partners are not able to successfully manage these risks.

We may not be able to predict subscription renewal rates and their impact on our future revenue and operating results.

We are dependent on attracting new customers as well as renewing and expanding our business with existing customers. Our customers are not obligated to renew their subscriptions for our offerings, and they may elect not to renew, upgrade, or expand their subscriptions. We cannot assure renewal rates or the mix of subscriptions renewals. Customer renewal rates may decline or fluctuate due to a number of factors, including offering pricing; competitive offerings; customer satisfaction; and reductions in customer spending levels, customer activity, or number of users due to economic downturns or financial markets uncertainty. If our customers do not renew their subscriptions or if they renew on less favorable terms, our revenues may decline.

In addition, we generally recognize subscription revenue over the term of the respective contracts, which typically range from 1-year to 3-years. As a result, most of the revenue we report in each quarter is the result of subscriptions entered into during previous quarters. Consequently, a decline in new or renewed subscriptions in any one quarter may not be reflected in our revenue results for that quarter but will negatively impact our revenue in future quarters. Accordingly, the effect of significant downturns in sales and market acceptance of our services, and changes in our attrition rate, may not be fully reflected in our results of operations until future periods.

Our financial results, key metrics, and other operating metrics fluctuate within each quarter and from quarter to quarter, making our future revenue and financial results difficult to predict.

Our quarterly financial results, key metrics, and other operating metrics have fluctuated in the past and will continue to do so in the future. These fluctuations have in the past caused and could in the future cause our stock price to change significantly or experience declines. We also provide investors with quarterly and annual financial forward-looking guidance that could prove to be inaccurate as a result of these fluctuations. In addition to the other risks described in these risk factors, some of the factors that have in the past caused and could in the future cause our financial results, key metrics, and other operating metrics to fluctuate include:

•general market, economic, business, and political conditions in Europe and APAC including from an economic downturn or recession in the United States or other countries, as well as economic and regulatory uncertainty;

•failure to produce sufficient revenue, billings, subscription, profitability, and cash flow growth;

Table of Contents

•failure to accurately predict the impact of acquired businesses or to identify and realize the anticipated benefits of acquisitions, and successfully integrate such acquired businesses and technologies;

•shift to named-user plans and annual billing of multi-year contracts, which impacted the timing of our billings and cash collections in fiscal year 2024, 2025 and 2026 and which is expected to continue into fiscal year 2027;

•our ability to successfully introduce and expand new transaction models such as Flex;

•potential goodwill impairment charges related to prior acquisitions;

•failure to manage spend;

•changes in billings linearity;

•changes in subscription mix, pricing pressure, or changes in subscription pricing;

•weak or negative growth in one or more of the industries we serve, including AECO, manufacturing, and digital media and entertainment markets;

•the success of new business or sales initiatives;

•security breaches, related reputational harm, and potential financial penalties to customers and government entities;

•restructuring or other accounting charges and unexpected costs or other operating expenses;

•timing of additional investments in our technologies or deployment of our services;

•changes in revenue recognition or other accounting guidelines employed by us and/or established by the Financial Accounting Standards Board, Securities and Exchange Commission, or other rulemaking bodies;

•fluctuations in foreign currency exchange rates and the effectiveness of our hedging activity;

•dependence on and timing of large transactions;

•adjustments arising from ongoing or future tax examinations;

•the ability of governments around the world to adopt fiscal policies, meet their financial and debt obligations, and finance infrastructure projects;

•failure to expand our AutoCAD and AutoCAD LT customer base to related design products and services;

•our ability to rapidly adapt to technological and customer preference changes, including those related to cloud computing, mobile devices, and new computing platforms;

•timing of the introduction of new products by us or our competitors;

•the financial and business condition of our reseller and distribution channels;

•perceived or actual technical or other problems with a product or combination of subscriptions;

•unexpected or negative outcomes of matters and expenses relating to litigation or regulatory inquiries;

•increases in cloud functionality-related expenses;

•timing of releases and retirements of offerings;

•changes in tax laws or tax or accounting rules and regulations, such as increased use of fair value measures;

•changes in sales compensation practices;

•failure to effectively implement and maintain our copyright legalization programs, especially in developing countries;

•renegotiation or termination of royalty or intellectual property arrangements;

•interruptions or terminations in the business of our consultants or third-party developers;

•timing and degree of expected investments in growth and efficiency opportunities;

•failure to achieve continued success in technology advancements;

•catastrophic events, natural disasters, or public health events, such as pandemics and epidemics;

•regulatory compliance costs; and

•failure to appropriately estimate the scope of services under consulting arrangements.

We have also experienced fluctuations in financial results in interim periods in certain geographic regions due to seasonality or regional economic or political conditions. In particular, our financial results, key metrics, or other operating metrics in Europe during our third quarter are usually affected by a slower summer period, and our APAC operations typically experience seasonal slowing in our fourth quarter. War, geopolitical conflicts, and any related political or economic responses and counter-responses or otherwise by various global actors or the general effect on the global economy, could also affect our business.

Table of Contents

Our operating expenses are based in part on our expectations for future revenue and are relatively fixed in the short term. Accordingly, any revenue shortfall below expectations has had, and in the future could have, an immediate and significant adverse effect on our profitability. Greater than anticipated expenses or a failure to maintain rigorous cost controls would also negatively affect profitability.

We derive a substantial portion of our net revenue from a small number of solutions, including our AutoCAD-based software products and collections, and if these offerings are not successful, our revenue would be adversely affected.

We derive a substantial portion of our net revenue from sales of subscriptions of a limited number of our offerings, including AutoCAD software, solutions based on AutoCAD, which include our collections that serve specific markets, and products that are interoperable with AutoCAD. Any factor adversely affecting sales of these subscriptions, including the product release cycle, market acceptance, product competition, performance and reliability, reputation, price competition, economic and market conditions, and the availability of third-party applications, would likely harm our financial results. During fiscal 2026 and 2025, combined revenue from our AutoCAD and AutoCAD LT family products, not including collections having AutoCAD or AutoCAD LT as a component, represented 25% and 26% of our total net revenue, respectively.

From time to time we realign or introduce new business and sales initiatives; if we fail to successfully execute and manage these initiatives, our results of operations could be negatively impacted.

As part of our effort to accommodate our customers’ needs and demands and the rapid evolution of technology, from time to time we evolve our business and sales initiatives, such as shifting to annual billing of multi-year contracts, introducing and expanding new business models such as the new transaction model and Flex, realigning our development and marketing organizations, offering software as a service, and realigning our internal resources in an effort to improve efficiency. We may take such actions without clear indications that they will prove successful and, at times, we have been met with short-term challenges in the execution of such initiatives. Market acceptance of any new business or sales initiative is dependent on our ability to match our customers’ needs at the right time and price. Often, we have limited prior experience and operating history in these new areas of emphasis. If any of our assumptions about expenses, revenue, or revenue recognition principles from these initiatives proves incorrect, or our attempts to improve efficiency are not successful, our actual results may vary materially from those anticipated, and our financial results will be negatively impacted.

We may not successfully execute or achieve the expected benefits of our restructuring plan and other measures we may take in the future, and our efforts may adversely affect our business.

During the first quarter of fiscal 2026, we initiated a restructuring plan (the “2026 Plan”), to support Autodesk's initiatives to optimize its go-to-market organization and, at the same time, to reallocate resources to Autodesk’s strategic priorities such as investments in cloud, platform, and artificial intelligence. During the fourth quarter of fiscal 2026, we initiated another restructuring plan (the "January 2026 Plan") that marks the final phase of our sales and marketing optimization program. These measures are intended to address our short and long-term objectives and are based on our current estimates, assumptions, and forecasts, which are subject to known and unknown risks and uncertainties. Implementation of these and any other initiatives may not achieve our expected benefits, may be disruptive to our business, the expected costs and charges may be greater than we have forecasted, and the estimated cost savings may be lower than we have forecasted.

Net revenue, billings, earnings, cash flow, or subscriptions shortfalls or volatility of the market generally may cause the market price of our stock to decline.

The market price for our common stock has experienced significant fluctuations and may continue to fluctuate significantly. The market price for our common stock has in the past been, and in the future may be, affected by a number of factors, including the other risks described in these risk factors and the following:

•shortfalls in our expected financial results, including net revenue, billings, earnings, and cash flow or key performance metrics, such as subscriptions, and how those results compare to securities analyst expectations, including whether those results fail to meet, exceed, or significantly exceed securities analyst expectations;

•quarterly variations in our or our competitors’ results of operations;

Table of Contents

•general socioeconomic, political, or market conditions, including from an economic downturn or recession in the United States or in other countries, as well as economic and regulatory uncertainty;

•changes in forward-looking estimates of future results, how those estimates compare to securities analyst expectations, or changes in recommendations or confusion on the part of analysts and investors about the short- and long-term impact to our business;

•uncertainty about certain governments’ abilities to repay debt or effect fiscal policy;

•announcements of new offerings or enhancements by us or our competitors as well as market perception of disruptive technologies such as machine learning and other AI technologies;

•unusual events such as significant acquisitions, divestitures, regulatory actions, and litigation;

•changes in laws, rules, or regulations applicable to our business;

•outstanding debt service obligations;

•actions by activist shareholders or others, and our response to such actions; and

•other factors, including factors unrelated to our operating performance, such as instability affecting the economy or the operating performance of our competitors.

Significant changes in the price of our common stock could expose us to costly and time-consuming litigation. Historically, after periods of volatility in the market price of a company’s securities, a company becomes more susceptible to securities class action litigation. This type of litigation is often expensive and diverts management’s attention and resources.

As a result of our strategy of partnering with other companies for product development, our product delivery schedules could be adversely affected if we experience difficulties with our product development partners.

We partner with certain independent firms and contractors to perform some of our product development activities. We believe our partnering strategy allows us to achieve efficiencies in developing new products and maintaining and enhancing existing product offerings. This strategy creates a dependency on independent developers. Independent developers, including those who currently develop solutions for us in the United States and throughout the world, may not be able or willing to provide development support to us in the future. In addition, use of development resources through consulting relationships, particularly in non-U.S. jurisdictions with developing legal systems, may be adversely impacted by, and expose us to risks relating to, evolving employment, export, and intellectual property laws. These risks could, among other things, expose our intellectual property to misappropriation and result in disruptions to product delivery schedules.

We incorporate AI into our offerings, and challenges with properly managing its use could result in competitive harm, reputational harm, or liability, and adversely affect our results of operations.

We are increasingly building AI into many of our offerings. We expect to rely on AI technologies to help drive future growth in our business, but there can be no assurance that we will realize the desired or anticipated benefits from AI or at all. We may also fail to properly implement or market our AI offerings. As with many innovations, AI presents risks and challenges that could affect its adoption, and therefore our business. Our competitors or other third parties may incorporate AI into their products more quickly or more successfully than us, which could impair our ability to compete effectively and adversely affect our results of operations. For example, if the content, analyses, or recommendations that AI applications assist in producing are or are alleged to be deficient, inaccurate, or biased, our business, financial condition, and results of operations may be adversely affected. The use of AI applications has resulted in, and may in the future result in, cybersecurity incidents that implicate the personal data of end users of such applications. Any such cybersecurity incidents related to our use of AI applications could adversely affect our reputation and results of operations.

Social and ethical issues relating to the use of new and evolving technologies such as AI in our offerings, may result in reputational harm and liability, and may cause us to incur additional research and development costs to resolve such issues. AI presents emerging ethical issues and if we enable or offer solutions that draw controversy due to their perceived or actual impact on society, we may experience brand or reputational harm, competitive harm, or legal liability. Government regulation addressing AI ethics, transparency requirements, or other aspects of the development, or use, or deployment of AI may also increase the burden and cost of research, development, and other activities, which may increase our costs, limit our ability to leverage AI, and subject us to brand or reputational harm, competitive harm, or legal liability. For example, the European Union’s Artificial Intelligence Act (the “AI Act”), which achieved approval by the European Council on February 2, 2024, and

Table of Contents

the European Parliament on March 13, 2024, imposes obligations on providers and users of AI technologies. Some U.S. states have proposed, and in certain cases enacted, laws addressing aspects of the development and use of AI.

The Audit Committee internal investigation has been time-consuming and expensive, has resulted in the filing of lawsuits, and may result in additional expense and/or litigation.

As previously disclosed on April 1, 2024, the Audit Committee commenced an internal investigation with the assistance of outside counsel and advisors, regarding Autodesk’s free cash flow and non-GAAP operating margin practices. The results of that investigation were announced on May 31, 2024.

We have incurred significant expenses, including audit, legal, consulting and other professional fees, in connection with the investigation, and we could be forced to incur significant additional time and expense as a result of the investigation. The incurrence of significant additional expense, or the requirement that management devote significant time that could reduce the time available to execute on our business strategies, could have an adverse effect on our business, results of operations and financial condition.

In addition, the United States Attorney’s Office for the Northern District of California (“USAO”) contacted us regarding the Audit Committee investigation. We cooperated with the SEC and USAO, including by providing certain documents and information. On August 19, 2025, the SEC notified us that it was closing its matter. On August 21, 2025, the USAO notified us that it was closing its matter as well. We cannot guarantee that we will not receive inquiries from other regulatory authorities regarding the investigation, or that we will not be subject to future claims, investigations or proceedings. Any future inquiries from the SEC or other regulatory authorities, or future claims or proceedings or any related regulatory investigation will, regardless of the outcome, likely consume a significant amount of our internal resources and result in additional legal and accounting costs. We can provide no assurances as to the outcome of any governmental investigation.

In addition, we and certain of our officers and directors have been named in purported shareholder litigation arising out of our announcement of the investigation. For additional discussion, see Part I, Item 3. Legal Proceedings and Note 12 to our Consolidated Financial Statements. The pending litigation, and any future litigation, investigation or other actions that may be filed or initiated against us or our officers or directors, may be time consuming and expensive. We cannot predict what losses we may incur in these litigation matters, and contingencies related to our obligations under the federal and state securities laws, or in other legal proceedings or governmental investigations or proceedings related to these matters.

Any legal proceedings, if decided adversely to us, could result in significant monetary damages, penalties and reputational harm, and will likely involve significant defense and other costs. We have entered into indemnification agreements with each of our directors and certain of our officers, and our bylaws require us to indemnify each of our directors and officers. Further, our insurance may not cover all claims that have been or may be brought against us, and insurance coverage may not continue to be available to us at a reasonable cost. As a result, we may be exposed to substantial uninsured liabilities, including pursuant to our indemnification obligations, which could adversely affect our business, prospects, results of operations and financial condition.

Risks Relating to Our Operations

Security breaches or incidents may compromise the integrity of our or our customers’ systems, solutions, offerings, services, applications, data, or intellectual property, harm our reputation, damage our competitiveness, create additional liability, and adversely impact our financial results.

As we digitize Autodesk and use cloud- and web-based technologies to leverage customer data to deliver the total customer experience, we are exposed to increased security risks and the potential for unauthorized access to, or improper use, disclosure, or other processing of, our and our customers’ information. Like other software offerings and systems, ours are vulnerable to security breaches and incidents, including those from acquired companies. Also, our ability to mitigate the risk of security breaches and incidents may be impacted by our limited control over our customers or third-party technology providers and vendors, or the processing of data by third-party technology providers and vendors, which may not allow us to maintain the integrity or security of such transmissions or processing. We devote significant resources in an effort to maintain the security and integrity of our systems, offerings, services, and applications (online, mobile, and desktop). Despite these efforts, we have

Table of Contents

been subject to security breaches and incidents, and we face the risks of them occurring in the future, as well as the risks of delays and other difficulties in identifying, responding to, or remediating security breaches or incidents.

Hackers regularly have targeted our systems, offerings, services, and applications, and we expect them to do so in the future. To date, we have not considered any such identified security events as material to us, including to our reputation or business operations, or had a material financial impact, but there can be no assurance that future cyberattacks will not be material or otherwise significant. Security breaches or incidents disrupt the proper functioning of our systems, solutions, offerings, applications, or services; cause errors in the output of our customers’ work; allow unauthorized access to or unauthorized use, disclosure, modification, loss, unavailability, or destruction of, sensitive data or intellectual property, including proprietary or confidential information of ours or our customers; or cause other destructive or disruptive outcomes. The risk of a security incident, particularly through cyber-attack or cyber intrusion, including by computer hackers, foreign governments, and cyber terrorists, has increased as the number, intensity, and sophistication of attempted attacks and intrusions from around the world have increased. These threats include, among others, identity theft, unauthorized access, DNS attacks, wireless network attacks, viruses and worms, malware, bugs, vulnerabilities, advanced persistent threats, application-centric attacks, peer-to-peer attacks, social engineering, phishing, credential stuffing, malicious file uploads, backdoor trojans, supply chain attacks, ransomware attacks, and distributed denial of service attacks. In addition, third parties may attempt to fraudulently induce our employees, vendors, partners, customers, or users to disclose information to gain access to our data or our customers’ or users’ data and there is the risk of employee, contractor, or vendor error or malfeasance. These existing risks are compounded given the shift in recent years to work-from-home arrangements for a large population of employees and contractors, as well as employees and contractors of our third-party technology providers and vendors, and the risks could also be elevated in connection with the ongoing wars between Ukraine and Russia and conflicts in the Middle East as we and our third-party technology providers and vendors are vulnerable to a heightened risk of cyberattacks from or affiliated with nation-state actors, including retaliatory attacks from Russian actors against U.S.-based companies. Additionally, these threats continue to evolve in sophistication and volume and are difficult to detect and predict due to advances in electronic warfare techniques, advances in cryptography and other technologies, including AI and machine learning. Our use of AI may also increase our risks of being subject to a security breach or incident. Despite our significant efforts to create security barriers to such threats, we cannot entirely mitigate these risks, and there is no guarantee that inadvertent or unauthorized use or disclosure of such information will not occur or that third parties will not gain unauthorized access to such information.

Many governments have enacted laws requiring companies to provide notice of security breaches or incidents involving certain types of personal data and personal information. We are also contractually required to notify certain customers of certain security breaches or incidents. Any security breach or incident suffered, or believed to have been suffered, by us or by our technology providers or vendors could result in harm to our reputation and competitive position, difficulty attracting new customers (including government customers), retaining existing customers, and securing payment from customers, our expenditure of significant capital and other resources to evaluate and alleviate the security incident and to try to prevent further or additional incidents, and regulatory inquiries, investigations, and other proceedings, private claims, demands, lawsuits, potential liability, and the potential loss of our authorization under the Federal Risk and Authorization Management Program (“FedRAMP”). We could incur significant costs and liabilities, including due to litigation, indemnity obligations, damages for contract breach, penalties for violation of applicable laws or regulations, and costs for remediation and other incentives offered to customers or other business partners in an effort to maintain business relationships after a security breach or incident, and our financial performance could be negatively impacted.

We cannot assure you that any limitations of liability provisions in our contracts would be enforceable or adequate or would otherwise protect us from any liabilities or damages with respect to any particular claim relating to a security incident. We also cannot be sure that our existing insurance coverage will continue to be available on acceptable terms or will be available in sufficient amounts to cover one or more large claims related to a security incident, or that the insurer will not deny coverage as to any future claim. The successful assertion of one or more large claims against us that exceed available insurance coverage, or the occurrence of changes in our insurance policies, including premium increases or the imposition of large deductible or co-insurance requirements, could have a material adverse effect on our business, including our financial condition, operating results, and reputation.

Our use of third-party open source software could negatively affect our ability to sell subscriptions to access our products and subject us to possible litigation and greater security risks.

We use third-party open source software. From time to time, companies that use third-party open source software have faced claims challenging the use of such open source software and compliance with the open source software license terms. Accordingly, we may be subject to suits by parties claiming ownership of what we believe to be open source software or

Table of Contents

claiming non-compliance with the applicable open source licensing terms. Some open source software licenses require end-users, who distribute or make available across a network software and services that include open source software, to make publicly available or to license all or part of such software (which in some circumstances could include valuable proprietary code, such as modifications or derivative works created, based upon, incorporating, or using the open source software) under the terms of the particular open source license. While we employ practices designed to monitor our compliance with the licenses of third-party open source software and protect our valuable proprietary source code, we may inadvertently use third-party open source software in a manner that exposes us to claims of non-compliance with the terms of the applicable license, including claims of intellectual property rights infringement or for breach of contract. Furthermore, there exists today an increasing number of types of open source software licenses, almost none of which have been tested in courts of law to provide clarity on their proper legal interpretation. If we were to receive a claim of non-compliance with the terms of any of these open source licenses, we may be required to publicly release certain portions of our proprietary source code. We could also be required to expend substantial time and resources to re-engineer some or all of our software. Any of the foregoing could materially adversely affect our business, financial condition, results of operations, and prospects.

In addition, the use of third-party open source software typically exposes us to greater risks than the use of third-party commercial software because open source licensors generally do not provide warranties or controls on the functionality or origin of the software. Use of open source software may also present additional security risks because the public availability of such software may make it easier for hackers and other third parties to determine how to compromise our platform. Any of the foregoing could materially adversely affect our business, financial condition, results of operations, and prospects and could help our competitors develop products and services that are similar to or better than ours.

We rely on third parties to provide us with a number of operational and technical services; third-party security incidents could result in the loss of our or our customers’ data, expose us to liability, harm our reputation, damage our competitiveness, and adversely impact our financial results.

We rely on third parties, such as Amazon Web Services, to provide us with operational and technical services. These third parties may have access to our systems, provide hosting services, or otherwise process data about us or our customers, employees, or partners. Our ability to monitor such third parties’ security measures is limited. There have been and may continue to be significant supply chain attacks, and we cannot guarantee that our or our such third parties’ systems have not been breached or otherwise compromised or that they do not contain exploitable defects, bugs, or vulnerabilities that could result in an incident, breach, or other disruption to, our or these third parties’ systems. Any security breach or incident involving such third parties could compromise the integrity or availability of, or result in the theft or unauthorized use, modification, or other processing of, our and our customers’ data. In addition, our operations or the operations of our customers or partners could be negatively affected in the event of a security breach or incident and could be subject to the loss or theft of confidential or proprietary information, including source code. Unauthorized access to or other processing of data and other confidential or proprietary information may be obtained through break-ins, network breaches by unauthorized parties, employee theft or misuse, or other misconduct. If any of the foregoing were to occur or to be perceived to occur, our reputation may suffer, our competitive position may be diminished, customers may buy fewer of our offerings and services, we could face lawsuits, regulatory investigation, fines, and potential liability, and our financial results could be negatively impacted.

Delays in service from third-party service providers could expose us to liability, harm our reputation, damage our competitiveness, and adversely impact our financial results.

From time to time, we may rely on a single or limited number of suppliers, or upon suppliers in a single country, for the provision of services and materials that we use in the operation of our business and production of our solutions. Inability of such third parties to satisfy our requirements could disrupt our operations or make it more difficult for us to implement our strategy. If any of these situations were to occur, our reputation could be harmed, we could be subject to third-party liability, including under laws relating to privacy, data protection, and cybersecurity in certain jurisdictions, and our financial results could be negatively impacted.

We are investing in resources to update and improve our information technology systems to digitize Autodesk and support our customers. Should our investments not succeed, or if delays or other issues with new or existing information technology systems disrupt our operations, our business could be harmed.

We rely on our network and data center infrastructure, technology systems, and websites for our development, marketing, operational, support, sales, accounting, and financial reporting activities. We continually invest resources to update and improve these systems to meet the evolving requirements of our business and customers. In particular, our transition to cloud-based

Table of Contents

products and a subscription-only business model involves considerable investment in the development of technologies, as well as back-office systems for technical, financial, compliance, and sales resources. Such improvements are often complex, costly, and time consuming. In addition, such improvements can be challenging to integrate with our existing technology systems, or may uncover problems with those systems.

Our software solutions are highly complex and may contain undetected errors, defects, or vulnerabilities, and are subject to service disruptions, degradations, outages or other performance problems, each of which could harm our business and financial performance.

The software solutions that we offer are complex and, despite extensive testing and quality control, may contain errors, defects, or vulnerabilities. Some errors, defects, or vulnerabilities in our software solutions may only be discovered after they have been released. In addition, we have experienced, and may in the future experience, service disruptions, degradations, outages, and other performance problems in connection with our software solutions.

Any errors, defects, vulnerabilities, service disruptions, degradations, outages or other performance problems could result in the need for corrective releases to our software solutions, damage to our reputation, damage to our customers’ businesses, loss of revenue, an increase in subscription cancellations, or lack of market acceptance of our offerings, any of which would likely harm our business and financial performance.

If we do not maintain good relationships with the members of our distribution channel, or if our distribution channel suffers financial losses, becomes financially unstable or insolvent, or is not provided the right mix of incentives to sell our subscriptions, our ability to generate revenue will be adversely affected.

We sell our software products both directly to end users and through a network of distributors and resellers. For fiscal 2026 and 2025, approximately 37% and 58%, respectively, of our revenue was derived from indirect channel sales primarily through distributors and resellers. Our distributor, TD Synnex accounted for 14% and 33% of our total net revenue for fiscal 2026 and 2025, respectively. We anticipate that our revenue by direct sales channel will continue to increase as a percentage of total net revenue. We expect our indirect channel will continue to transact and support a considerable portion of our customers, particularly in emerging regions. Our ability to effectively distribute our solutions depends in part upon the financial and business condition of our distributor and reseller network. Computer software distributors and resellers typically are not highly capitalized, and have previously experienced difficulties during times of economic contraction as well as during the past several years. We have processes to ensure that we assess the creditworthiness of distributors and resellers prior to our sales to them. In the past we have taken steps to support them, and may take additional steps in the future, such as extending credit terms and adjusting our incentives. These steps, if taken, could harm our financial results. If our distributors and resellers were to become insolvent, they would not be able to maintain their business and sales or provide customer support services, which would negatively impact our business and revenue.

Further, our distributors and resellers may lose confidence in our business, move to competitive products, or not have the skills or ability to support customers. In particular, if one or more of such distributors or resellers were unable to meet their obligations with respect to accounts payable to us, we could be forced to write off such accounts and may be required to delay the recognition of revenue on future sales to these customers. These events could have a material adverse effect on our financial results.

Many of our products are designed to include software licensed from third parties. Such third-party software includes software licensed from commercial suppliers and under public open source licenses. While we have internal processes to manage our use of such third-party software, if such processes are inadequate, we may be subject to copyright infringement or other third-party claims. If we are non-compliant with a license for commercial software, we may be required to pay penalties or undergo costly audits pursuant to the license agreement. In the case of open-source software licensed under certain “copyleft” licenses, the license itself, or a court-imposed remedy for non-compliant use of the open source software, may

Table of Contents

require that proprietary portions of our own software be publicly disclosed or licensed. This could result in a loss of intellectual property rights, increased costs, re-engineering of our software, damage to our reputation, or loss of revenue.

In addition to risks related to license requirements, usage of open source software can lead to greater risks than use of third-party commercial software, as open source licensors generally do not provide warranties, support, indemnities, assurances of title or controls on origin of the software, or other contractual protections regarding infringement claims or the quality of the code. Likewise, some open source projects have known security and other vulnerabilities and architectural instabilities, or are otherwise subject to security attacks due to their wide availability, and are provided on an “as-is” basis.

Our business could be adversely affected if we are unable to attract and retain key personnel.

Our success and ability to invest and grow depend largely on our ability to attract and retain highly skilled technical, professional, managerial, sales, and marketing personnel. Historically, competition for these key personnel has been intense. The loss of services of any of our key personnel, including key personnel joining our company through acquisitions, inability to retain and attract qualified employees in the future, or delays in hiring required personnel, particularly engineering and sales personnel, including sales leadership personnel, could make it difficult to meet key objectives, such as timely and effective product introductions and financial goals.

We rely on third-party technologies and if we are unable to use or integrate these technologies, our solutions and service development may be delayed and our financial results negatively impacted.

We rely on certain software that we license from third parties, including software that is integrated with internally developed software and used in our offerings to perform key functions. These third-party software licenses may not continue to be available on commercially reasonable terms, and the software may not be appropriately supported, maintained, or enhanced by the licensors. The loss of licenses to, or inability to support, maintain, and enhance any such software could result in increased costs or delays until equivalent software can be developed, identified, licensed, and integrated, which would likely harm our business.

Disruptions in licensing relationships and with third-party developers could adversely impact our business.

We license certain key technologies from third parties. Licenses may be restricted in the term or the use of such technology in ways that negatively affect our business. Similarly, we may not be able to obtain or renew license agreements for key technology on favorable terms, if at all, and any failure to do so could harm our business. Our business strategy has historically depended in part on our relationships with third-party developers who provide products that expand the functionality of our design software. Some developers may elect to support other products or may experience disruption in product development and delivery cycles or financial pressure during periods of economic downturn. In particular markets, such disruptions have in the past, and would likely in the future, negatively impact these third-party developers and end users, which could harm our business.

Technology created by outsourced product development, whether outsourced to third parties or developed externally and transferred to us through business or technology acquisitions, involves additional risks such as effective integration into existing products, adequate transfer of technology know-how, and ownership and protection of transferred intellectual property.

Risks Relating to Laws and Regulations

Increasing regulatory focus on privacy, data protection, and cybersecurity issues, as well as new and expanding laws and regulations, and customer requirements, addressing AI, data localization and sovereignty, and the collection and processing of data and information, may impact our business and expose us to increased liability.

To accomplish this strategy, we must collect and otherwise process customer data, which may include personal data and personal information of users from different jurisdictions globally. We also collect and otherwise process personal data and personal information of our employees and contractors. As a result, numerous federal, state, and global laws and regulations relating to privacy, data protection, cybersecurity, and the collection, use, security, and other processing of personal data, personal information, and other data and information, apply to our data and information processing activities. The scope of these laws and regulations is rapidly

Table of Contents

evolving, subject to differing interpretations, may be inconsistent among jurisdictions, or conflict with other rules and is likely to remain uncertain for the foreseeable future. Globally, laws such as the General Data Protection Regulation (“EU”) 2016/679 (“GDPR”) in the European Union and the Personal Information Protection Law (“PIPL”) in China have been enacted, and numerous other countries have proposed or have enacted laws concerning these matters, and we expect new laws, regulations, and industry standards concerning these matters to be proposed and enacted in various jurisdictions. In addition, new and emerging laws and regulations in the United States governing privacy, data protection, and cybersecurity, such as the California Consumer Privacy Act (“CCPA”), the California Privacy Rights Act (“CPRA”), other laws and regulations in other states, and numerous laws and regulations at the U.S. federal level, have been enacted or otherwise promulgated. These laws and regulations, as well as industry self-regulatory codes, industry standards, and other actual and asserted obligations to which we are or may be asserted to be subject, create new compliance obligations and substantially expand the scope of potential liability and provide greater penalties for non-compliance. For example, the GDPR provides for penalties of up to €20 million or 4% of a company’s annual global revenue, whichever is greater, the PIPL provides for penalties of up to 50 million renminbi or 5% of a company's annual revenue and disgorgement of all illegal gains, whichever is greater, and the CCPA provides for penalties of up to $7,500 per violation. These laws, regulations, and codes may also impact our innovation and business drivers in developing new and emerging technologies (e.g., AI and machine learning). These requirements, among others, may impact demand for our offerings and force us to bear the burden of expanded obligations in our contracts.

Many laws and regulations relating to privacy and data protection impose restrictions on cross-border transfers of personal data. Available data transfer mechanisms impose obligations on us and other companies that engage in cross-border personal data transfers and are complex, uncertain, and subject to active litigation and enforcement actions in a number of jurisdictions around the world. Data transfer mechanisms may be challenged, revoked, or otherwise modified. Numerous jurisdictions also have imposed data localization requirements, and we have faced, and expect to continue to face, customer requirements to maintain data in particular jurisdictions. We may, in addition to other impacts in connection with personal data transfer mechanisms or data localization requirements, be required to expend significant time and resources to update contractual arrangements and to comply with new and evolving obligations, experience additional costs associated with increased compliance burdens, and find it necessary or appropriate to stop using certain service providers, engage in new contract negotiations, localize certain personal data, or make other operational changes, all of which may impact our business, financial condition, and results of operations. Further, we face exposure to regulatory complaints, actions, and other proceedings, and the potential for substantial fines, other liabilities, and injunctions or other imposed requirements, in connection with transfers of personal data and data localization requirements.

In addition, the CPRA and many other recently enacted state laws addressing privacy and cybersecurity provide for additional obligations and grant additional rights to consumers such as correction of personal information and additional opt-out rights. These laws have required us to modify our data processing practices and policies and may cause us to make additional modifications, and to incur substantial costs and expenses, in our efforts to comply.

Evolving legislation and the interplay of federal and state laws may be subject to varying interpretations by courts and government agencies, creating complex compliance issues.

Governments, regulators, plaintiffs’ attorneys, and privacy advocates have increased their focus on how companies collect, use, store, share, transmit, and otherwise process personal data, personal information, and certain other data and information. Moreover, because the interpretation and application of many laws, regulations, and other actual and asserted obligations relating to privacy, data protection, cybersecurity, and the collection, use, security, and other processing of data and information are uncertain, it is possible that these laws, regulations, and obligations may be interpreted and applied in a manner that is inconsistent with our practices or the features of our products, offerings, and

Table of Contents

services. We could be required to fundamentally change our business activities and practices or modify our products, offerings, and services, any of which could require significant additional expense and adversely affect our business and results of operations, including impacting our ability to innovate, delaying our development roadmap, negatively impacting our efforts to understand our customers, limiting the effectiveness of our marketing activities, adversely affecting our relationships with customers and our ability to compete, harming our margins, and subjecting us to additional liabilities. If we are obligated to fundamentally change our business activities and practices or modify our products, offerings, or services, we may be unable to make such changes and modifications in a commercially reasonable manner, or at all, and our ability to develop new products, offerings, and services could be limited.

We are subject to governmental export and import controls that could impair our ability to compete in international markets or subject us to liability if we violate the controls.

Our offerings are subject to export controls and economic sanctions laws and regulations that prohibit the delivery of certain solutions and services or the export of these solutions and services to locations, governments, and persons targeted by applicable sanctions without the required export authorizations. While we have processes to prevent our offerings from being exported in violation of these laws, including obtaining authorizations as appropriate and screening against U.S. government and applicable international lists of restricted and prohibited persons, we cannot guarantee that these processes will prevent all violations of export controls and sanctions laws and regulations.

If our channel partners fail to obtain appropriate import, export, or re-export licenses or permits, we may also be adversely affected, through reputational harm as well as other negative consequences including government investigations and penalties. We presently incorporate export controls and sanctions compliance requirements in our channel partner agreements. Complying with export controls and sanctions laws and regulations for a particular sale may be time-consuming and may result in the delay or loss of sales opportunities. Violations of applicable sanctions or export control laws or regulations can result in fines or penalties.

For additional risks regarding sanctions and trade protectionism, please see the risk factor entitled “We are dependent on international revenue and operations . . .” earlier in this section.

If we are not able to adequately protect our proprietary rights, our business could be harmed.

We rely on a combination of patent, copyright, and trademark laws, trade secret protections, confidentiality procedures, and contractual provisions to protect our proprietary rights. However, the steps we take to protect our intellectual property rights may be inadequate. While we have patent applications pending in the United States and throughout the world, we may be unable to obtain patent protection for the technology covered in our patent applications. In addition, any patents issued to us in the future may not provide us with competitive advantages or may be successfully challenged by third parties. Furthermore, legal standards relating to the validity, enforceability, and scope of protection of intellectual property rights are uncertain. Despite our efforts to protect our proprietary rights, unauthorized parties from time to time have copied or reverse engineered aspects of our software or have obtained and used information that we regard as proprietary. Policing unauthorized use of our software is time-consuming and costly. We are unable to measure the extent to which unauthorized use of our software exists and we expect that unauthorized use of software will remain a persistent problem, particularly in emerging economies.

Additionally, we actively protect the secrecy of our confidential information and trade secrets, including our source code. If unauthorized disclosure of our source code occurs, we could potentially lose future trade secret protection for that source code. Unauthorized disclosure of our source code could make it easier for third parties to compete with our offerings by copying functionality, which could adversely affect our financial performance and our reputation. We also seek to protect our confidential information and trade secrets through the use of non-disclosure agreements with our employees, customers, contractors, vendors, and partners. However, it is possible that our confidential information and trade secrets may be disclosed or published without our authorization. If this were to occur, it may be difficult and/or costly for us to enforce our rights, and our financial performance and reputation could be negatively impacted.

We may face intellectual property infringement claims that could be costly to defend and result in the loss of significant rights.

Our competitors, as well as a number of other entities and individuals, may own or claim to own intellectual property relating to our business. Third parties may claim that we are infringing upon or misappropriating their intellectual property rights, and we may be found to be infringing upon such rights, even if we are unaware of the intellectual property rights claimed

Table of Contents

against us. As more software patents are granted worldwide, the number of offerings and competitors in our industries grows, and the functionality of products in different industries overlaps, we expect that software developers will be increasingly subject to infringement claims. Additionally, certain patent assertion entities have become more aggressive in threatening and pursuing litigation in attempts to obtain fees for licensing the right to use patents.

Any claims or threats of infringement or misappropriation, whether with or without merit, have been and could in the future be time-consuming to defend, result in costly litigation and diversion of resources, cause product delays, require us to change our products or business practices, prevent us from offering our software and services, or require us to enter into royalty or licensing agreements. In addition, such royalty or license agreements, if required, may not be available on acceptable terms, if at all, which would likely harm our business. We may also be obligated to indemnify our customers or business partners or pay substantial settlement costs, including royalty payments, in connection with any such claim or litigation and to obtain licenses, modify applications, or refund fees, which could be costly. Furthermore, from time to time we may introduce or acquire new products, including in areas where we historically have not competed, which could increase our exposure to patent and other intellectual property claims.

We provide products and services, directly and indirectly, to a variety of government entities. Risks associated with licensing and selling products and services to government entities include extended sales and collection cycles, varying governmental budgeting processes, and adherence to complex procurement regulations and other government-specific contractual requirements, which are subject to change by the government, and which may require significant upfront cost, time, and resources, with no assurance that we will secure contracts with government entities. Furthermore, government certification requirements applicable to our platform, including FedRAMP, may change and, in doing so, restrict our ability to sell into the governmental sector until we have attained the full or revised certification. Governmental entities may also have statutory, contractual or other legal rights to terminate contracts with us or our partners for convenience or for other reasons.

We have obtained authorization under FedRAMP for certain offerings, which facilitates our entry into the U.S. federal government market. Such certification is subject to rigorous compliance and if we lose our certification, it could inhibit or preclude our ability to contract with certain U.S. federal government customers. In addition, some customers may rely on our authorization under FedRAMP to help satisfy their own legal and regulatory compliance requirements and our failure to maintain FedRAMP authorization might result in a breach under public sector contracts obtained on the basis of such authorization. This could subject us to liability, result in reputational harm, and adversely impact our financial condition or operating results.

We may be subject to audits and investigations relating to our government contracts and any violations could result in civil and criminal penalties and administrative sanctions, including termination of contracts, payment of fines, and suspension or debarment from future government business, as well as harm to our reputation and financial results.

Risks Relating to Financial Developments

We are exposed to fluctuations in currency exchange rates that could negatively impact our financial results and cash flows.

Because we conduct a substantial portion of our business outside the United States, we face exposure to adverse movements in foreign currency exchange rates, which could have a material adverse impact on our financial results and cash flows. These exposures may change over time as business practices evolve and economic conditions change. We use derivative instruments to manage a portion of our cash flow, revenue and expense exposure to fluctuations in foreign currency exchange rates. As part of our risk management strategy, we use foreign currency contracts to manage a portion of our exposures of underlying assets, liabilities, and other obligations, which exist as part of our ongoing business operations. These foreign currency instruments may have maturities that extend for one to 18 months in the future and provide us with some protection against currency exposures. However, our attempts to hedge against these risks may not be completely successful, resulting in an adverse impact on our financial results.

The fluctuations of currencies in which we conduct business can both increase and decrease our overall revenue and expenses for any given period. Although our foreign currency cash flow hedge program extends beyond the current quarter in order to reduce our exposure to foreign currency volatility, we do not attempt to completely mitigate this risk, and in any case,

Table of Contents

will incur transaction fees in adopting such hedging programs. Such volatility, even when it increases our revenues or decreases our expenses, impacts our ability to accurately predict our future results and earnings.

In addition, global events, including geopolitical and economic developments, may contribute to volatility in foreign exchange markets, which we may not be able to effectively manage, and our financial results could be adversely impacted. Additionally, countries in which we operate may be classified as highly inflationary economies, requiring special accounting and financial reporting treatment for such operations, or such countries’ currencies may be devalued, or both, which may adversely impact our business operations and financial results.

Our debt service obligations may adversely affect our financial condition and cash flows from operations.

We have $2.50 billion of principal debt, consisting of notes due at various times from June 2027 to June 2035, as of January 31, 2026, as described in Part II, Item 8. In May 2025, we also entered into the 2025 Credit Agreement, which provides for an unsecured revolving loan facility in the aggregate principal amount of $1.5 billion, with an option to be increased up to $2 billion, subject to receipt of additional commitments and other customary conditions, as described in Part II, Item 8. Maintenance of our indebtedness, contractual restrictions, and additional issuances of indebtedness could:

•cause us to dedicate a substantial portion of our cash flows from operations towards debt service obligations and principal repayments;

•increase our vulnerability to adverse changes in general economic, industry, and competitive conditions;

•limit our flexibility in planning for, or reacting to, changes in our business and our industry;

•impair our ability to obtain future financing for working capital, capital expenditures, acquisitions, general corporate, or other purposes; and

•due to limitations within the debt instruments, restrict our ability to grant liens on property, enter into certain mergers, dispose of all or substantially all of the assets of Autodesk and its subsidiaries, taken as a whole, materially change our business, and incur subsidiary indebtedness, subject to customary exceptions.

If we breach any of the covenants and do not obtain a waiver from the lenders, then, subject to applicable cure periods, we would not be able to incur additional indebtedness under the 2025 Credit Agreement, and the lenders under the 2025 Credit Agreement could declare any outstanding indebtedness under the 2025 Credit Agreement immediately due and payable, which declaration could also lead to a default under agreements governing our outstanding senior notes and any future indebtedness. In addition, changes by any rating agency to our credit rating may negatively impact the value and liquidity of our securities. Under certain circumstances, if our credit ratings are downgraded or other negative action is taken, the interest rate payable by us under the 2025 Credit Agreement could increase. Downgrades in our credit ratings could also restrict our ability to obtain additional financing in the future and could affect the terms of any such financing.

Our investment portfolio consists of a variety of investment vehicles that are subject to interest rate trends, market volatility, and other economic factors. If general economic conditions decline, this could cause the credit ratings of our investments to deteriorate and illiquidity in the financial marketplace, and we may experience a decline in interest income and an inability to sell our investments, leading to impairment in the value of our investments.

It is our policy to invest our cash, cash equivalents, and marketable securities in highly liquid instruments with, and in the custody of, financial institutions with high credit ratings and to limit the amounts invested with any one institution, type of security, or issuer. However, we are subject to general economic conditions, interest rate trends, and volatility in the financial marketplace that can affect the income that we receive from our investments, the net realizable value of our investments (including our cash, cash equivalents, and marketable securities), and our ability to sell them. Any one of these factors could reduce our investment income or result in material charges, which in turn could impact our overall net income (loss) and earnings (loss) per share.

From time to time we make direct investments in privately held companies. Investments in privately held companies are considered inherently risky. The technologies and products these companies have under development are typically in the early stages and may never materialize, which could result in a loss of all or a substantial part of our initial investment in these companies. The evaluation of privately held companies is based on information that we request from these companies, which is not subject to the same disclosure regulations as U.S. publicly traded companies and, as such, the basis for these evaluations is subject to the timing and accuracy of the data received from these companies.

Table of Contents

A loss on any of our investments may cause us to record an other-than-temporary impairment charge. The effect of this charge could impact our overall net income and earnings per share. In any of these scenarios, our liquidity may be negatively impacted, which in turn may prohibit us from making investments in our business, taking advantage of opportunities, and potentially meeting our financial obligations as they come due.

Changes in tax rules and regulations, and uncertainties in interpretation and application, could materially affect our tax obligations and effective tax rate.

We are a U.S.-based multinational company subject to tax in multiple U.S. and foreign tax jurisdictions. Our effective tax rate is primarily based on our geographic mix of earnings; statutory rates; stock-based compensation; intercompany arrangements, including the manner in which we develop, value, and license our intellectual property; and enacted tax rules. Significant judgment is required in determining our effective tax rate and in evaluating our tax positions on a worldwide basis. While we believe our tax positions, including intercompany transfer pricing policies, are consistent with the tax laws in the jurisdictions in which we conduct our business, it is possible that these positions may be challenged by tax authorities and, if our positions are not sustained, may have a significant impact on our effective tax rate and cash taxes.

Tax laws in the United States and in foreign tax jurisdictions are dynamic and subject to change as new laws are passed and new interpretations of the law are issued or applied. Due to the complexity and varying interpretations of new and existing tax laws, the U.S. Department of Treasury and other standard-setting bodies have issued and will continue to issue regulations and interpretative guidance that could significantly impact how we will apply the law and the ultimate effect on our results of operations, including for our prior tax years. In addition, increases in corporate tax rates, could increase our effective tax rate, cash taxes and have an adverse effect on our results from operations.

Increasingly, tax authorities are reviewing existing corporate tax regulatory and legal regimes. Many countries are actively considering or implementing new taxing regimes and changes to existing tax laws. This could include U.S. and foreign tax law developments related to changes to long-standing tax principles arising from proposals made by the Organization for Economic Co-operation and Development (the “OECD”) that seek to allocate greater taxing rights to countries where customers are located and establish a global minimum tax rate of 15% (“Pillar Two”). On January 5, 2026, the OECD announced a“side-by-side” elective safe harbor that exempts U.S.-parented multinational entities from certain provisions of Pillar Two for fiscal years beginning on or after January 1, 2026. If U.S. or foreign tax authorities change applicable tax laws or successfully challenge how or where our profits are currently recognized, our overall taxes could increase, and our business, financial condition, or results of operations may be adversely impacted.

If we were required to record an impairment charge related to the value of our long-lived assets or an additional valuation allowance against our deferred tax assets, our results of operations would be adversely affected.

Our long-lived assets are tested for impairment if indicators of impairment exist. If impairment testing shows that the carrying value of our long-lived assets exceeds their estimated fair values, we would be required to record a non-cash impairment charge, which would decrease the carrying value of our long-lived assets, adversely affecting our results of operations. Our deferred tax assets include net operating loss, amortizable tax assets, and tax credit carryforwards that can be used to offset taxable income and reduce income taxes payable in future periods. Each quarter, we assess the need for a valuation allowance, considering both positive and negative evidence to determine whether all or a portion of the deferred tax assets are more likely than not to be realized. We continue to have a valuation allowance against certain U.S. and foreign deferred tax assets. Changes in the amount of the U.S. and foreign jurisdictions valuation allowance could also result in a material non-cash expense or benefit in the period in which the valuation allowance is adjusted, and our results of operations could be materially affected. We will continue to perform these tests on our worldwide deferred tax assets, and any future adjustments to the realizability of our deferred tax assets may have a material effect on our financial condition and results of operations.

General Risk Factors

Our business may be significantly disrupted upon the occurrence of a catastrophic event.

Our business is highly automated and relies extensively on the availability of our network and data center infrastructure, our internal technology systems, and our websites. We also rely on hosted computer services from third parties for services that

Table of Contents

we provide to our customers and computer operations for our internal use. For example, our corporate headquarters and executive offices are located near major seismic faults in the San Francisco Bay Area and face annual periods of wildfire danger, which increase the probability of power outages and may impact employees’ abilities to commute to work or to work from home. We have developed disaster recovery plans and maintain backup systems in order to reduce the potential impact of a catastrophic event; however, there can be no assurance that these plans and systems would enable us to return to normal business operations. In addition, any such event could negatively impact a country or region in which we sell our products. This could in turn decrease that country’s or region’s demand for our products, negatively impacting our financial results.

We are subject to legal proceedings and regulatory inquiries, and we may be named in additional legal proceedings or become involved in regulatory inquiries in the future, all of which are costly, distracting to our core business, and could result in an unfavorable outcome or a material adverse effect on our business, financial condition, results of operations, cash flows, or the trading prices for our securities.

We are involved in legal proceedings and receive inquiries from regulatory agencies. As the global economy has changed and our business has evolved, we have seen an increase in litigation activity and regulatory inquiries. Like many other technology companies, the number and frequency of inquiries from U.S. and foreign regulatory agencies we have received regarding our business and our business practices, as well as the business practices of others in our industry, have increased in recent years. In the event we are involved in significant disputes or are the subject of a formal action by a regulatory agency, we could be exposed to costly and time-consuming legal proceedings that could result in any number of outcomes. Any claims or regulatory actions initiated by or against us, whether successful or not, could result in high defense costs, damage awards, injunctive relief, increased costs of business, fines or orders to change certain business practices, significant dedication of management time, diversion of operational resources, or otherwise harm our business. In any such event, our financial results, results of operations, cash flows, or trading prices for our securities could be negatively impacted.

Changes in existing financial accounting standards or practices, or taxation rules or practices may adversely affect our results of operations.

Changes in existing accounting or taxation rules or practices, new accounting pronouncements or taxation rules, or varying interpretations of current accounting pronouncements or taxation practices could have a significant adverse effect on our results of operations or the way we conduct our business. Further, such changes could potentially affect our reporting of transactions completed before such changes are effective.

We are required to evaluate our internal control over financial reporting under Section 404 of the Sarbanes-Oxley Act of 2002 and any adverse results from such evaluation could result in a loss of investor confidence in our financial reports and have an adverse effect on our stock price.

Pursuant to Section 404 of the Sarbanes-Oxley Act of 2002, we are required to furnish a report by our management on our internal control over financial reporting, including an assessment of the effectiveness of our internal control over financial reporting as of the end of our fiscal year. This assessment must include a statement as to whether or not our internal control over financial reporting is effective and disclosure of any material weaknesses in our internal control over financial reporting identified by management. If our management or independent registered public accounting firm identifies one or more material weaknesses in our internal control over financial reporting, we are unable to assert that our internal control over financial reporting is effective, or our independent registered public accounting firm is unable to express an opinion that our internal controls are effective, investors could lose confidence in the accuracy and completeness of our financial reports, which could have an adverse effect on our business and stock price.

In preparing our financial statements we make certain assumptions, judgments, and estimates that affect amounts reported in our consolidated financial statements which, if not accurate, may significantly impact our financial results.

Table of Contents

We make assumptions, judgments, and estimates for a number of items, including revenue recognition for product subscriptions and enterprise business agreements (“EBAs”), the determination of the fair value of acquired assets and liabilities, and the realizability of deferred tax assets. Actual results could differ materially from our estimates, and such differences could significantly impact our financial results.

ITEM 1B.UNRESOLVED STAFF COMMENTS

None.

ITEM 1C. CYBERSECURITY

Risk Management and Strategy

Autodesk has established policies and processes for assessing, treating, and managing material risk from cybersecurity threats based on relevant industry standards. These policies and processes are reviewed and updated at least annually. We routinely assess material risks from cybersecurity threats, including any potential unauthorized occurrence on or conducted through our information systems that may adversely affect the confidentiality, integrity, or availability of our information systems or any information residing therein.

We conduct risk assessments, penetration tests, and other security assessments to identify cybersecurity threats regularly, and in the event of a material change in our business practices that may affect information systems potentially vulnerable to such cybersecurity threats. These assessments include the identification of reasonably foreseeable internal and external risks, the likelihood and potential damage that could result from such risks, and the sufficiency of existing policies, procedures, systems, and safeguards in place to manage such risks. Risks are then assigned to the appropriate owners for tracking and mitigation.

We devote significant resources and designate high-level personnel, including our Chief Trust Officer, who reports to our Chief Technology Officer, to manage the risk assessment and mitigation processes.

As part of our overall risk management system, we monitor and test our safeguards. We train our workforce on these safeguards. Personnel at all levels and departments are made aware of our cybersecurity policies through required trainings. Cybersecurity tabletop exercises are regularly conducted for our executives and for incident response professionals. Improvements identified at these tabletop exercises are implemented into our processes.

We engage assessors, consultants, and auditors in connection with our risk assessment processes. These outside advisors assist us to design and implement our cybersecurity policies and procedures, as well as to monitor and test our safeguards.

For additional information regarding whether any risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, have materially affected or are reasonably likely to materially affect our Company, including our business strategy, results of operations, or financial condition, please refer to Item 1A, “Risk Factors,” in this Annual Report on Form 10-K, including the risk factors under the heading “Risks Relating to Our Operations”.

Governance

One of the key functions of our board of directors is informed oversight of our risk management process, including risks from cybersecurity threats. Our board of directors is responsible for monitoring and assessing strategic risk exposure. The board’s Audit Committee oversees the management of cybersecurity risks relating to financial, accounting, and internal control

Table of Contents

matters. The full board receives regular updates from our senior management and outside advisors regarding cybersecurity risks Autodesk faces. Our Enterprise Risk Management function is responsible for identifying, prioritizing, and mitigating risks that could limit Autodesk's achievement of its strategic and operational priorities. Our executive officers are responsible for the day-to-day assessment and management of these risks.

Our Chief Trust Officer is responsible for assessing and managing material risks from cybersecurity threats. Our Chief Trust Officer has more than twenty years of cybersecurity leadership experience, including serving in similar roles leading cybersecurity programs at other public companies.

Our Chief Trust Officer oversees our cybersecurity policies and processes, including those described in “Risk Management and Strategy” above.

Our Chief Trust Officer provides quarterly briefings to the Audit Committee regarding our cybersecurity risks and state of our Trust program, including recent cybersecurity incidents and related responses, cybersecurity systems testing, and data protection initiatives and metrics. Our Audit Committee regularly updates the board of directors on such reports. In addition, our Chief Trust Officer provides briefings on cybersecurity risks and activities to the board of directors at least annually. Our Chief Trust Officer may also brief the board of directors regarding significant cybersecurity incidents.

Recently Filed

Click on a ticker to see risk factors

Ticker *	File Date
HRZN	2 hours ago
HY	2 hours ago
ARCT	2 hours ago
QSI	2 hours ago
FTEK	2 hours ago
ACEL	2 hours ago
RYM	2 hours ago
ANAB	2 hours ago
PRKS	2 hours ago
ABVC	2 hours ago
FTCO	2 hours ago
CVEO	2 hours ago
DAR	2 hours ago
ELVN	2 hours ago
SANA	2 hours ago
UPLD	2 hours ago
HNGE	2 hours ago
JRVR	2 hours ago
IMNM	2 hours ago
CENX	2 hours ago
ADSK	2 hours ago
RIGL	2 hours ago
CALC	2 hours ago
STAA	2 hours ago
EVOX	2 hours ago
CODQL	4 hours ago
HLIO	4 hours ago
CFFI	5 hours ago
SRTA	6 hours ago
YORW	7 hours ago
CBL	8 hours ago
INGM	9 hours ago
AMRC	10 hours ago
HNI	10 hours ago
PRME	10 hours ago
OFS	10 hours ago
SRRK	11 hours ago
PASG	11 hours ago
AMLX	11 hours ago
HYMC	22 hours ago
ANIK	23 hours ago
DAAQ	1 day ago
RAAQ	1 day ago
HTLD	1 day ago
NBBK	1 day, 1 hour ago
AMRN	1 day, 1 hour ago
CECO	1 day, 1 hour ago
SIVR	1 day, 1 hour ago
GLTR	1 day, 1 hour ago
PALL	1 day, 1 hour ago

OTHER DATASETS

House Trading

Dashboard

Corporate Flights

Dashboard

App Ratings

Dashboard

Strategies

Alerts

Browse Data

Risk Factors Dashboard

View risk factors by ticker

Search filings by term

Risk Factors - ADSK

-New additions in green
-Changes in blue
-Hover to see similar sentence in last filing

Recently Filed

OTHER DATASETS

House Trading

Corporate Flights

App Ratings

TRADE SMARTER

TRADE SMARTER

Strategies

Alerts

Browse Data

Risk Factors Dashboard

View risk factors by ticker

Search filings by term

Risk Factors - ADSK

-New additions in green-Changes in blue-Hover to see similar sentence in last filing

Recently Filed

OTHER DATASETS

House Trading

Corporate Flights

App Ratings

TRADE SMARTER

TRADE SMARTER

-New additions in green
-Changes in blue
-Hover to see similar sentence in last filing