Risk Factors Dashboard

Item 1A. “Risk Factors”. These and other factors could cause results to differ materially from those expressed in, or implied by, the estimates made by independent parties and by us. Furthermore, we cannot assure you that a third party using different methods to assemble, analyze or compute industry and market data would obtain the same results.

Cautionary Note Regarding Forward-Looking Statements

This report contains forward-looking statements that are based on our management’s beliefs and assumptions and on information currently available to us. All statements other than statements of historical facts are forward-looking statements. These statements relate to future events or to our future financial performance and involve known and unknown risks, uncertainties and other factors that may cause our actual results, levels of activity, performance or achievements to be materially different from any future results, levels of activity, performance or achievements expressed or implied by these forward-looking statements. Forward-looking statements include, but are not limited to, statements about:

In some cases, you can identify forward-looking statements by terms such as “may,” “could,” “will,” “should,” “would,” “expect,” “plan,” “intend,” “anticipate,” “believe,” “estimate,” “predict,” “potential,” “project” or “continue” or the negative of these terms or other comparable terminology. These statements are only predictions. You should not place undue reliance on forward-looking statements because they involve known and unknown risks, uncertainties and other factors, which are, in some cases, beyond our control and which could materially affect results. Factors that may cause actual results to differ materially from current expectations include, among other things, those listed under Part I. Item 1A. “Risk Factors” and elsewhere in this report. If one or more of these risks or uncertainties occur, or if our underlying assumptions prove to be incorrect, actual events or results may vary significantly from those implied or projected by the forward-looking statements. No forward-looking statement is a guarantee of future performance.

In addition, statements that “we believe” and similar statements reflect our beliefs and opinions on the relevant subject. These statements are based upon information available to us as of the date of this report, and while we believe such information forms a reasonable basis for such statements, such information may be limited or incomplete, and our statements should not be read to indicate that we have conducted an exhaustive inquiry into, or review of, all potentially available relevant information. These statements are inherently uncertain and investors are cautioned not to unduly rely upon these statements.

The forward-looking statements made in this report relate only to events or information as of the date on which the statements are made in this report. Except as expressly required by the federal securities laws, there is no undertaking to publicly update or revise any forward-looking statements, whether as a result of new information, future events, changed circumstances or any other reason.

Summary of Risk Factors

The following is a summary of material risks that could affect our business. This summary may not contain all of our material risks, and it is qualified in its entirety by the more detailed risk factors set forth under Part I. Item 1A. “Risk Factors”.

PART I

ITEM 1. BUSINESS.

Overview

Firefly Neuroscience, Inc. is an artificial intelligence company advancing precision neuroscience, applying AI and large-scale electrophysiological data to give clinicians a more complete, objective picture of how an individual patient's brain is functioning.

Firefly Neuroscience, Inc. is rebuilding the foundation of how electrophysiological data flows into clinical decision-making for brain health. We believe the brain is the most under-measured organ in medicine, and that the tools to change this have, until now, been inaccessible to the clinicians who need them most.

We have built the Firefly Platform: a vertically integrated hardware, software, and data infrastructure that captures standardized electroencephalographic (EEG) and event-related potential (ERP) assessments at the point of care, analyzes that data through our proprietary analytics engine, and delivers structured, clinician-ready reports back to the provider, all within a single seamless workflow. Every scan expands and enriches our database. Every clinic that joins our network increases the depth and diversity of our data. We describe this compounding relationship between clinical deployment, data acquisition, and report quality as the Firefly Flywheel.

Our FDA-510(k) cleared Evoke System, commercially deployed as the Evoke System, is in active use across more than 85 clinical sites in the United States as of December 31, 2025. Clinicians use the system to perform EEG and ERP assessments, which are analyzed by our cloud-based platform and returned as structured reports designed to support clinical decision-making. Our subscription-based commercial model creates a recurring revenue stream that scales in lockstep with clinical utilization, meaning that the more deeply clinicians integrate electrophysiological assessment into their practice, the more revenue we generate and the more our database grows.

Figure 1: The Firefly Flywheel — each clinical assessment simultaneously generates revenue and expands our proprietary database, compounding the intelligence of every future report.

The Problem We Are Solving

Clinicians treating neurological and psychiatric conditions have access to a range of assessment tools, including standardized cognitive and behavioral rating instruments such as the Montreal Cognitive Assessment (MoCA), the Mini-Mental State Examination (MMSE), the Generalized Anxiety Disorder scale (GAD-7), and the Patient Health Questionnaire (PHQ-9). These tools provide valuable, reproducible data points and play an important role in clinical evaluation. However, they assess behavior, self-reported symptoms, and observable cognitive performance; they do not directly measure the underlying functional activity of the brain. As a result, clinicians may have a clear picture of how a patient is presenting clinically, but limited visibility into what is occurring at the neural level: which regions of the brain are deviating from expected activity for a patient of that age, and in which direction. The Evoke System is designed to provide exactly this additional layer of insight; to add a direct electrophysiological signal that complements other testing modalities and gives clinicians a more complete biological picture to inform treatment planning.

We believe four structural problems define the current state of brain health diagnostics, and that Firefly is uniquely positioned to address each of them:

1. Adding electrophysiological insight to existing assessments. While standardized rating scales such as the MoCA, MMSE, GAD-7, and PHQ-9 provide reproducible and clinically valuable data, they measure cognitive performance and self-reported symptoms rather than the direct electrical activity of the brain. Electrophysiological assessment captures what these tools cannot: which neural circuits are active, how quickly they respond, and how a given patient's brain activity compares to a reference group. The Evoke System adds this direct biological signal to the clinical picture, helping clinicians understand not just how a patient is presenting, but what is measurably occurring in their brain.

2. Population-level context at the point of care. A clinician evaluating a patient's brain activity in isolation may not have a population-level frame of reference for what they are seeing. Our analytics platform addresses this by comparing each patient's electrophysiological data against a reference group; giving clinicians a standardized benchmark that reflects what healthy brain activity typically looks like for a patient of that age and gender. As our database continues to grow, we expect to expand the granularity of these reference populations over time, with the goal of enabling comparisons across increasingly specific clinical subgroups. The foundation for that future capability is being built with every assessment performed on our network today.

3. Late detection of cognitive and neurological disease. Many of the most debilitating neurological conditions; including Mild Cognitive Impairment (MCI), early-stage Alzheimer's disease, and prodromal psychiatric disorders; progress substantially before they are clinically detectable through behavioral observation alone. Electrophysiological biomarkers captured by EEG and ERP can surface neurological change earlier, giving clinicians a window to intervene before disease progression accelerates.

4. Imprecise treatment selection. Even when a diagnosis is established, selecting the right treatment plan often remains a process of elimination. Our growing database is enabling the identification of electrophysiological subtypes within diagnostic categories; meaning that a patient's specific EEG/ERP signature may predict which therapy is most likely to produce a meaningful response, potentially reducing the time and cost of trial-and-error prescribing.

The Firefly System

The Firefly System is a closed-loop system designed to continuously improve with use. It combines three interdependent layers: standardized hardware acquisition through the Evoke System, cloud-based electrophysiological analytics, and a growing proprietary data repository. Each layer reinforces the others, and the system as a whole, we believe, becomes more beneficial with every assessment performed across our network.

The Evoke System

The Evoke System is our FDA-510(k) cleared EEG and ERP acquisition hardware and associated software, deployed in clinical settings across the United States under the commercial brand name Evoke System. The system is purpose-built for standardized electrophysiological assessment in clinical environments; not limited to research laboratories; and is designed to be operable by clinical staff without specialized neurophysiology training.

The Evoke System captures brain activity using a 19-channel EEG electrode array configured according to the International 10-20 system, the clinical standard for electrode placement. In addition to the cortical EEG signal, the system incorporates a Heart Rate Variability (HRV) sensor, enabling simultaneous measurement of autonomic nervous system function alongside neural activity. This multimodal data capture; cortical EEG across 19 channels plus HRV; provides a richer physiological signal than single-modality approaches, and we believe distinguishes our hardware from more limited EEG-only assessment tools.

Figure 2: Evoke System hardware configuration — 19 EEG electrode channels (10-20 system) plus integrated HRV sensor for multimodal brain and autonomic nervous system measurement.

The Evoke System captures two principal categories of electrophysiological data. Resting-state EEG records spontaneous neural oscillatory activity in the absence of deliberate stimulation, providing a baseline measure of brain network function. Event-Related Potentials (ERPs) are captured during cognitive task paradigms, measuring the brain's time-locked electrical responses to specific stimuli across standardized cognitive task types. Together, resting EEG and ERPs enable assessment of up to 20 distinct cognitive functional measures per session; including early sensory processing, attention, working memory, response inhibition, and executive function.

The standardized nature of the Evoke System's acquisition protocol is a critical design requirement, not merely a technical characteristic. Our analytics engine compares each patient's data against a reference database. As our database continues to grow, every assessment will add further clinical value. The Evoke System's standardized protocol enables this comparability, ensuring that each record entering our database can meaningfully inform the interpretation of future assessments.

Analytics Engine — Assessment and Reporting

Electrophysiological data captured by the Evoke System is transmitted to our cloud-based analytics platform for processing. Our proprietary analytics engine analyzes raw EEG and ERP signals across captured dimensions and compares each patient’s electrophysiological profile to a reference dataset. As our dataset expands, we intend to further stratify and refine reference comparisons, which may include demographic segmentation, condition-specific cohorts, and longitudinal outcome data, subject to data availability and applicable regulatory considerations.

The output of this analysis is a structured clinical report delivered to the clinician. This report contextualizes the patient's electrophysiological data relative to a reference database, surfacing deviations in signal characteristics that may be relevant to the clinician’s assessment. Reports are delivered through our cloud-based portal and are designed to integrate into clinical workflows.

As more assessments are added, the database becomes richer and more diverse; broadening the body of data against which future assessments may be contextualized and supporting our longer-term goal of developing more granular reference populations for specific clinical subgroups.

The Firefly Database

Our proprietary database, which includes more than 191,000 standardized EEG and ERP assessment records, represents a significant long-term strategic asset of our business. We continue to analyze and expand this dataset to enhance our understanding of electrophysiological patterns associated with cognitive function. Over time, we believe that further analysis of this data may support the development of more refined reference populations, including condition-specific cohorts, and may contribute to the identification of potential electrophysiological biomarkers. Further, we believe that our extensive clinical database, when combined with advanced AI, provides the opportunity to identify clinically relevant biomarkers that will support better patient outcomes through precision medicine and companion diagnostics.

Figure 3: Proprietary database growth — records added quarterly through commercial clinical deployment, research collaborations, and clinical trials

The database spans over 12 distinct neurological and psychiatric disorders and includes records from more than 100,000 patients. We believe there may be value in collecting longitudinal data that enables analysis of how electrophysiological signatures change with disease progression and in response to treatment. The database also includes records from healthy individuals across the age range of 12 to 85.

Figure 4: The 12+ neuropsychiatric disorder categories represented in Firefly's proprietary EEG/ERP database.

Each assessment performed at any site using the Evoke System enters our data pipeline and, subject to appropriate rules and regulations, may be incorporated into our reference database. Commercial deployment and database growth are not separate activities, they are complementary, simultaneously generating subscription revenue and expanding the data asset that makes our platform more valuable over time.

Our Commercial Model

We sell access to the Firefly Platform through a tiered subscription model. Clinics pay a monthly subscription fee that provides access to the Evoke System, a defined volume of assessments per month, and access to our analytics and reporting platform. Assessments performed in excess of the monthly allotment are billed at a per-scan overage rate, ensuring that our revenue scales proportionally with clinical utilization.

Multiple subscription tiers are available to accommodate the diverse utilization profiles of our clinical customers; from individual practitioners performing a modest number of monthly assessments to larger multi-provider clinics or health systems with significantly higher throughput. This structure allows us to serve a broad range of clinical settings while ensuring pricing is calibrated to the value delivered. As a clinic's utilization grows, the subscription structure encourages migration to higher tiers, providing natural revenue expansion within our existing customer base.

Clinical Applications

Supporting Clinical Decision-Making

The Evoke System's primary clinical application is providing an objective electrophysiological layer to complement the assessment tools clinicians already use. Standardized instruments such as the MoCA, MMSE, PHQ-9, and GAD-7 are well-established components of neuropsychiatric evaluation, capturing how a patient performs on cognitive tasks and how they report experiencing mood, anxiety, and daily functioning. The Evoke System adds a direct measurement of the brain's electrical activity; capturing the speed, amplitude, and pattern of neural responses during rest and cognitive tasks, contextualized against a reference group. By returning structured reports that map a patient's electrophysiological profile against our reference group, we give clinicians an additional dimension of biological evidence to inform diagnostic and treatment planning decisions.

The database includes over 12 disorder categories, including depression, anxiety, ADHD, PTSD, MCI, dementia, Parkinson's disease, bipolar disorder, schizophrenia, schizoaffective disorder, ASD, and traumatic brain injury.

Early Detection of Cognitive Decline

We believe a clinically significant application of our platform is the early identification of cognitive impairment. Our database includes electrophysiological records spanning the spectrum from clinically normal cognition through Mild Cognitive Impairment (MCI) to confirmed dementia and early Alzheimer's disease. Research utilizing our platform and database; including a peer-reviewed study examining the differential electrophysiological signatures of MCI versus depression; which has demonstrated that EEG and ERP biomarkers can differentiate between stages of cognitive impairment with meaningful clinical utility.

The ability to distinguish between conditions with overlapping clinical presentations; such as cognitive decline due to early neurodegeneration versus cognitive symptoms secondary to depression; we believe is a valuable application of our technology. Clinicians already use standardized cognitive assessments such as the MoCA and MMSE to evaluate cognitive performance, and mood instruments such as the PHQ-9 and GAD-7 to assess depressive and anxiety symptoms. These tools are clinically important, but they assess how a patient performs and feels; not what is measurably occurring in the patient's brain. Our platform adds a direct electrophysiological dimension to this clinical picture: identifying the specific frequency bands, neural regions, and response latencies that deviate from norms, and contextualizing those deviations against the electrophysiological signatures of previously assessed patients across both diagnostic categories. This combination of behavioral assessment and direct neural measurement is designed to give clinicians a richer, more complete basis for clinical judgment.

Early detection of MCI and related conditions is particularly impactful because the range of available interventions; lifestyle, pharmacological, and enrollment in clinical trials studying disease-modifying therapies; we believe is broadest in the earliest stages of disease. We believe the Evoke System may enable clinicians to identify electrophysiological changes consistent with early cognitive decline through a non-invasive, cost-effective assessment that can be administered in a standard clinical setting, without the expense or logistical complexity of PET imaging or other advanced neuroimaging modalities.

Treatment Selection and Longitudinal Monitoring

As our database scales, we may focus on treatment selection support. Research utilizing our electrophysiological data has begun to identify signatures associated with differential responses to specific therapeutic interventions. For example, EEG-based endophenotyping in ADHD has demonstrated that patients with excess theta activity in specific frequency bands tend to respond differently to stimulant medications than patients with excess beta activity; an electrophysiological signal that may guide initial treatment selection before a trial-and-error prescribing process begins.

This capability may continue to evolve as our database expands. We are actively investing in research to develop and validate electrophysiological biomarkers of treatment response across additional conditions in our clinical footprint, and we believe as our database scales, it may provide a statistical foundation for this research that is not replicable from smaller, less standardized datasets.

The Evoke System also supports longitudinal monitoring. Repeated assessments of the same patient over time that allow clinicians to track how electrophysiological profiles change in response to treatment. This capability transforms the electrophysiological assessment from a one-time diagnostic event into an ongoing clinical monitoring tool, increasing the frequency with which clinicians engage with our platform and correspondingly increasing both revenue and database contribution per patient.

Research & Development

Scientific validation is central to our commercial strategy. We believe that clinician adoption of electrophysiological assessment as a standard component of neuropsychiatric care depends not only on the clinical utility of our platform, but on the depth and quality of the scientific evidence supporting it. Accordingly, we invest in research collaborations, clinical studies, and academic partnerships designed to generate peer-reviewed evidence for the applications of our technology.

Combined across Firefly Neuroscience and the former Evoke Neuroscience, our technology and dataset have been the subject of more than 20 peer-reviewed publications in indexed scientific journals. These publications span a range of conditions and applications, including early-stage Parkinson's disease detection, ADHD endophenotyping and treatment response prediction, major depressive disorder and cognitive biomarkers, traumatic brain injury assessment, drug pharmacodynamics in neuropharmacology trials, and genetic conditions affecting cognitive development.

Select highlights from our published research include:

•

Early Parkinson's Detection: A machine learning approach utilizing ERP-derived features from our database identified a neuromarker discriminating early-stage Parkinson's disease patients from healthy controls with an AUC of 0.79, sensitivity of 0.74, and specificity of 0.73; demonstrating the capacity of our electrophysiological dataset to support early detection of neurodegenerative disease (PLOS ONE, 2022).

•

MDD Treatment Monitoring: A pilot study published in the Journal of Affective Disorders Reports (2024) demonstrated that EEG-based assessments using our platform could objectively measure cognitive changes in outpatients with major depressive disorder during treatment with vortioxetine; with baseline brain activation latencies normalizing toward healthy control levels following treatment, independent of antidepressant effect.

•

Neuropharmacology Biomarkers: Collaborative research with Novartis evaluated the pharmacodynamic effects of MIJ821 (onfasprodil) using our EEG analytics as an objective CNS biomarker in a Phase I first-in-human study, published in Clinical and Translational Science (2023).

•

ADHD Endophenotyping: Published research demonstrated that electrophysiological activity flow patterns analyzed through our platform can differentiate ADHD subtypes with implications for treatment selection, including differential prediction of stimulant medication response (Psychological Medicine, 2017).

•

Concussion and TBI: Multiple publications, including work conducted in collaboration with university athletic programs and the Concussion Assessment, Research and Education (CARE) consortium, have demonstrated the utility of ERP-based assessments for objective evaluation of sport-related concussion and tracking of post-concussion recovery. Reches, A., Kutcher, J., Elbin, R.J., Or-Ly, H., Sadeh, B., Greer, J., McAllister, D.J., Geva, A.B., & Kontos, A.P. (2017)

•

Differential Diagnosis — MCI vs. Dementia: Published research utilizing the Evoke platform has examined the differential electrophysiological signatures of MCI, early-stage Alzheimer's disease, and dementia — demonstrating the potential of EEG/ERP biomarkers to support differential diagnosis in conditions that are clinically challenging to distinguish. Ganapathi et al. (2023). Journal of Alzheimer's Disease, 91(1), 293–305.

We also conduct academic research collaborations, including a collaboration with the Institute of Human Genetics at Heidelberg University Hospital on EEG biomarker research in genetic neurodevelopmental conditions, and with the Pacific Neuroscience Institute Brain Center on a clinical study examining the electrophysiological signatures of Alzheimer's disease. We view these collaborations as complementary to our commercial network, generating peer-reviewed scientific evidence that supports clinician adoption of our platform while simultaneously contributing high-quality, protocol-driven records to our database.

Pharmaceutical and Research Partnerships

In addition to our clinical subscription business, we engage with pharmaceutical companies and academic research institutions that seek access to our electrophysiological database and/or analytical capabilities in support of neuroscience drug development. These engagements typically involve the use of our EEG and ERP analytics as biomarker endpoints in clinical trials, providing pharmaceutical sponsors with an objective electrophysiological measure of drug effect on the central nervous system.

The use of EEG and ERP as pharmacodynamic biomarkers in CNS drug development is a well-established scientific approach, and the availability of a large, standardized normative and disorder-specific reference dataset we believe significantly enhances the interpretability of electrophysiological biomarker data in drug trials. We believe our database scale and the quality of our analytics engine position us as a preferred partner for pharmaceutical sponsors seeking to incorporate electrophysiological biomarkers into neuropsychiatric drug development programs.

Regulatory Matters

The Evoke System has received FDA clearance under the 510(k) pathway as a Class II medical device for the acquisition, display, and storage of EEG and ERP data, and for associated analytical and reporting functions. This clearance permits commercial marketing and sale of the Evoke System for its cleared indications in the United States and is a prerequisite for our clinical subscription deployment model.

Our analytics platform generates reports for clinician review and is designed to operate as a decision-support tool. We intend to engage proactively with the FDA as our analytical capabilities evolve to ensure our regulatory posture remains appropriate to the clinical applications of our platform.

Competition

The market for brain health diagnostics and clinical decision-support tools includes traditional EEG hardware manufacturers, digital health companies offering neurology-focused software, and academic medical centers with research-grade electrophysiological assessment capabilities. We believe, however, that the most significant long-term competitive determinant in this market will be the depth and quality of the proprietary electrophysiological dataset underlying AI-driven analytics; and on this dimension we believe we hold a substantial and growing advantage.

Structural neuroimaging modalities; including computed tomography (CT), magnetic resonance imaging (MRI), and functional MRI (fMRI); are well-established and clinically important tools for evaluating brain structure and, in the case of fMRI, patterns of metabolic activity. CT imaging involves exposure to ionizing radiation and provides excellent resolution of structural abnormalities, but limited visibility into functional neural dynamics. MRI offers superior soft-tissue contrast and structural detail without radiation, and fMRI can approximate regional brain activity through blood-oxygen-level-dependent (BOLD) signals. These are valuable tools, and we view them as complementary to, rather than competitive with, electrophysiological assessment. EEG and ERP capture the brain's direct electrical activity at millisecond-level temporal resolution; a dimension of brain function that structural and hemodynamic imaging modalities are not designed to measure. MRI reveals the brain’s structure, while EEG measures its real-time electrical activity and the speed at which it processes information. We believe different test modalities answer different clinical questions and are most powerful when considered together.

From a practical standpoint, the Evoke System also occupies a distinct access tier relative to neuroimaging equipment. MRI and CT scanners require significant capital investment, specialized facility infrastructure, and dedicated radiology or imaging staff, making them primarily available in hospital and large outpatient settings. The Evoke System is designed to operate in standard clinical environments; psychiatric practices, neurology offices, and behavioral health clinics; at a cost per assessment that is generally lower than most structural imaging studies. This accessibility profile means the Evoke System may be able to reach patient populations and clinical settings where advanced neuroimaging is not routinely available, rather than competing directly for the same clinical indication.

We believe our data advantage, combined with our FDA-cleared hardware platform deployed across more than 85 clinical sites, our intellectual property portfolio, and our growing body of more than 20 peer-reviewed publications, leads us to believe we occupy an increasingly valuable position in the brain health diagnostics market.

Human Capital

Our team spans neuroscience, biomedical engineering, signal processing, artificial intelligence, clinical operations, and healthcare commercialization. We believe our ability to attract and retain talent with deep expertise across these complementary disciplines is essential to the continued development and commercialization of the Firefly Platform.

Intellectual Property

Firefly’s commercial success depends in part on its ability to obtain and maintain intellectual property protection for Firefly’s products and any future products, to prevent others from infringing, misappropriating, or otherwise violating its intellectual property rights, to defend and enforce its intellectual property rights, and to operate without infringing, misappropriating, or otherwise violating valid and enforceable intellectual property rights of others. Firefly actively seeks to protect intellectual property that it believes is important to its business, which includes patents covering the components of its software and the methods used for optimizing the assessments its products perform. Firefly actively seeks to protect intellectual property that it believes is important to its business, which includes patents covering the components of the BNA Platform and the methods used for optimizing the therapy that the BNA Platform delivers. Firefly also seeks patent protection for other processes and inventions that are commercially or strategically important to developing and maximizing the value of its enterprise. Firefly takes steps to build and maintain the integrity of its brand, for example, with trademarks and service marks, and Firefly seeks to protect the confidentiality of trade secrets that may be important to the development of its business. Firefly relies on a strategy that combines the use of patents, trademarks, trade secrets, know-how, and license agreements, as well as other intellectual property laws, employment, confidentiality and invention assignment agreements, and contractual protections, to establish and protect its intellectual property rights.

Patents

As of December 31, 2025, we owned 23 issued U.S. patents, which have expiration dates ranging from November 2028 to November 2037.

The anticipated expiration dates are without taking into account all possible patent term adjustments, extensions, or abandonments, and assuming payment of all appropriate maintenance, renewal, annuity, and other governmental fees. We continue to evaluate our intellectual property portfolio as patents reach end of life to determine the optimal course for continuing to protect our technology. We cannot ensure that patents will issue from any of our pending applications or that, if patents are issued, they will be of sufficient scope or strength to provide meaningful protection for our technology.

We recognize that the ability to obtain patent protection and the degree of such protection depends on a number of factors. The patent positions of medical device companies like ours are generally uncertain and involve complex legal, scientific, and factual questions. The protection afforded by a patent varies on a product-by-product basis, from jurisdiction-to-jurisdiction, and depends upon many factors, including the type of patent, the scope of its coverage, the availability of patent term adjustments and extensions, the availability of legal remedies, and the validity and enforceability of the patent.

In addition, the coverage claimed in a patent application can be significantly narrowed before the patent is issued, and patent claims can be reinterpreted or further altered even after patent issuance. We cannot predict whether the patent applications we are currently pursuing will issue as patents or whether the claims of any issued patents will provide sufficient protection from competitors. A competitor could develop systems, devices, or methods of manufacture or treatment that are not covered by our patents. Accordingly, our ability to stop third parties from commercializing any of our patented inventions, either directly or indirectly, will depend in part on our success in obtaining, maintaining, defending, and enforcing patent claims that adequately cover our inventions.

Our commercial success will also depend, in part, on not infringing, misappropriating, or otherwise violating the intellectual property rights of third parties. Third parties own numerous patents in the U.S. and in jurisdictions outside the U.S. with claims directed to inventions in the fields in which we operate or plan to operate. It is uncertain whether the issuance of any third-party patent would require us to alter our development or commercial strategies, seek licenses, cease certain activities, or participate in US Patent and Trademark Office ("USPTO") proceedings. Moreover, such licenses may not be available on commercially reasonable terms or at all. Our breach of any license agreements or failure to obtain a license necessary to our business may have a material adverse impact on us.

Trademarks

Our trademark portfolio is designed to protect the brands of our current and any future products. As of December 31, 2025, we own one trademark registration for “BNA” in the United States and other countries, including Israel, Switzerland, European Union, Canada, and India. The trademark is also registered with World Intellectual Property Organization.

Trade Secrets

We also rely on trade secrets relating to our product and technology, including our data processing algorithms, and we maintain the confidentiality of such proprietary information to protect aspects of our business that are not amenable to, or that we do not consider appropriate for, patent protection. We seek to protect our trade secrets and know-how by entering into confidentiality and invention assignment agreements with employees, contractors, consultants, suppliers, customers, and other third parties, who have access to such information. These agreements generally provide that all confidential information concerning our business or financial affairs developed or made known to the individual during the course of the individual’s relationship with us are to be kept confidential and not disclosed to third parties except in specific circumstances.

For more information regarding the risks related to our intellectual property, please see “Risk Factors-Risks Related to Our Intellectual Property.”

Manufacturing

Our Evoke system is manufactured by a third party contract manufacturer based in the United States.

Employees

As of the date of this report, we have 17 full-time employees.

None of Firefly’s employees are represented by a labor union or covered by collective bargaining agreements, and Firefly considers its relationship with its employees to be good.

Government Regulation

Our products are considered medical devices, and, accordingly, are subject to rigorous regulation by government agencies in the United States and other countries in which we intend to sell our products. These regulations vary from country to country but cover, among other things, the following activities with respect to medical devices:

FDA Regulation

In the U.S., numerous laws and regulations govern the processes by which medical devices are developed, manufactured, brought to market and marketed. These include the Federal Food, Drug, and Cosmetic Act (“FD&C Act”) and its implementing regulations issued by FDA, among others. Unless an exemption applies, each medical device commercially distributed in the United States requires FDA clearance of a 510(k) premarket notification (“510(k) clearance”), granting of a de novo request, or approval of an application for premarket approval (“PMA”). In general, under the FD&C Act, medical devices are classified in one of three classes on the basis of the controls necessary to reasonably assure their safety and effectiveness. A medical device’s classification determines the level of FDA review and approval to which the device is subject before it can be marketed to consumers:

●

Class I devices, the lowest-risk FDA device classification, include devices with the lowest risk to the patient and are those for which safety and effectiveness can be assured by adherence to FDA’s medical device general controls, including labeling, establishment registration, device product listing, adverse event reporting, and, for some products, adherence to good manufacturing practices through FDA’s Quality System Regulations.

●

Class II devices, moderate-risk devices, also require compliance with general controls and in some cases, special controls as deemed necessary by FDA to ensure the safety and effectiveness of the device. These special controls may include performance standards, particular labeling requirements, or post-market surveillance obligations. While most Class I devices are exempt from the 510(k) premarket notification requirement, typically a Class II device also requires pre-market review and 510(k) clearance as well as adherence to the Quality System Regulations/good manufacturing practices for devices.

●

Class III devices, high-risk devices that are often implantable or life-sustaining, also require compliance with the medical device general controls and Quality System Regulations, and generally must be approved by FDA before entering the market through a PMA application. Approved PMAs can include post-approval conditions and post-market surveillance requirements, analogous to some of the special controls that may be imposed on Class II devices.

Our BNA Platform and Evoke System are Class II medical devices, which were cleared by FDA for commercialization in the U.S. pursuant to the 510(k) notification process. The marketing and distribution of Firefly’s products are subject to continuing regulation and enforcement by FDA and other government authorities, which includes product listing requirements, medical device reporting regulations. If FDA finds that we have failed to comply with any legal or regulatory requirements, it or other government agencies may institute a wide variety of enforcement actions against us, ranging from Warning Letters to more severe sanctions, including but not limited to financial penalties, withdrawal of 510(k) clearances already granted, and criminal prosecution.

The 510(k) Process

Under the 510(k) process, the applicant must submit to FDA a premarket notification demonstrating that the device is “substantially equivalent” to either a device that was legally marketed prior to May 28, 1976, the date upon which the Medical Device Amendments of 1976 were enacted, and for which a PMA is not required, a device that has been reclassified from Class III to Class II or Class I, or another commercially available device that was cleared through the 510(k) process. To be “substantially equivalent,” the proposed device must have the same intended use as the predicate device, and either have the same technological characteristics as the predicate device or have different technological characteristics and not raise different questions of safety or effectiveness than the predicate device. Clinical data is sometimes required to support substantial equivalence.

After a 510(k) premarket notification is submitted, FDA determines whether to accept it for substantive review. If it lacks necessary information for substantive review, FDA will refuse to accept the 510(k) notification. If it is accepted for filing, FDA begins a substantive review. By statute, FDA is required to complete its review of a 510(k) notification within 90 days of receiving the 510(k) notification. As a practical matter, clearance often takes longer, and clearance is never assured. FDA may require further information, including clinical data, to make a determination regarding substantial equivalence, which may significantly prolong the review process. If FDA agrees that the device is substantially equivalent to a predicate device currently on the market, it will grant 510(k) clearance to commercially market the device.

Post-Market Regulation

After a device is cleared or approved for marketing, numerous and extensive regulatory requirements may continue to apply. These include but are not limited to:

International Regulation

Many countries throughout the world have established regulatory frameworks for marketing and commercialization of medical devices. As a designer and marketer of medical devices, we are obligated to comply with the respective frameworks of these countries to obtain and maintain access to these global markets. The frameworks often define requirements for marketing authorizations which vary by country. Failure to obtain appropriate marketing authorization and to meet all local requirements, including specific quality and safety standards in any country in which we currently market our products, could cause commercial disruption and/or subject us to sanctions and fines. Delays in receipt of, or a failure to receive, such marketing authorizations, or the loss of any previously received authorizations, could have a material adverse effect on our business, financial condition and results of operations.

There is currently no premarket government review of medical devices in the European Economic Area (“EEA”). However, all medical devices placed on the market in the EEA must meet the relevant essential requirements laid down in Annex I of Directive 93/42/EEC concerning medical devices, or the Medical Devices Directive. The most fundamental essential requirement is that a medical device must be designed and manufactured in such a way that it will not compromise the clinical condition or safety of patients, or the safety and health of users and others. In addition, the device must achieve the performances intended by the manufacturer and be designed, manufactured, and packaged in a suitable manner. The European Commission has adopted various standards applicable to medical devices. These include standards governing common requirements, such as sterilization and safety of medical electrical equipment, and product standards for certain types of medical devices. There are also harmonized standards relating to design and manufacture. While not mandatory, compliance with these standards is viewed as the easiest way to satisfy the essential requirements as a practical matter. Compliance with a standard developed to implement an essential requirement also creates a rebuttable presumption that the device satisfies that essential requirement.

On April 5, 2017, the European Parliament passed the Medical Devices Regulation (Regulation 2017/745), which repeals and replaces the EU Medical Device Directive and became effective on May 26, 2021. The Medical Devices Regulation, among other things, is intended to establish a uniform, transparent, predictable, and sustainable regulatory framework across the EEA for medical devices and ensure a high level of safety and health while supporting innovation. The new regulations, among other things:

We received our European CE mark, indicating that we affirm our product’s conformity with European health, safety and environmental protection standards, in 2021.

Healthcare Regulatory Laws

Within the United States, our products are subject to extensive regulation by a wide range of federal and state agencies that govern business practices in the medical device industry. These laws include federal and state anti-kickback, fraud and abuse, false claims and physician payment transparency laws and regulations.

The federal Anti-Kickback Statute prohibits, among other things, knowingly and willfully offering, paying, soliciting or receiving any remuneration (including any kickback, bribe or rebate), directly or indirectly, overtly or covertly, to induce or in return for purchasing, leasing, ordering or arranging for or recommending the purchase, lease or order of any good, facility, item or service reimbursable, in whole or part by Medicare, Medicaid or other federal healthcare programs. The term “remuneration” has been broadly interpreted to include anything of value, including cash, improper discounts, and free or reduced price items and services. Among other things, the Anti-Kickback Statute has been interpreted to apply to arrangements between medical device manufacturers on the one hand and prescribers and purchasers on the other. Although there are a number of statutory exceptions and regulatory safe harbors protecting some common activities from prosecution, the exceptions and safe harbors are drawn narrowly. Practices that involve remuneration that may be alleged to be intended to induce prescribing, purchases or recommendations may be subject to scrutiny if they do not qualify for an exception or safe harbor.

Failure to meet all of the requirements of a particular applicable statutory exception or regulatory safe harbor does not make the conduct per se illegal under the Anti-Kickback Statute. Instead, the legality of the arrangement will be evaluated on a case-by-case basis based on a cumulative review of all of its facts and circumstances. Several courts have interpreted the statute’s intent requirement to mean that if any one purpose of an arrangement involving remuneration is to induce referrals of federal healthcare covered business, the Anti-Kickback Statute has been violated. In addition, a person or entity does not need to have actual knowledge of the statute or specific intent to violate, in order to have committed a violation. Further, a claim including items or services resulting from a violation of the federal Anti-Kickback Statute also constitutes a false or fraudulent claim for purposes of the federal civil False Claims Act. Many states have adopted laws similar to the Anti-Kickback Statute. Some of these state prohibitions apply to referral of patients for healthcare items or services reimbursed by any payor, not only the Medicare and Medicaid programs. Commercial payors may also bring a private cause of action for treble damages against a manufacturer for a pattern of causing false claims to be filed under the federal Racketeer Influenced and Corrupt Organizations Act, or RICO.

The federal civil False Claims Act prohibits, among other things, any person or entity from knowingly presenting, or causing to be presented, a false or fraudulent claim for payment to or approval by the federal government or knowingly making, using or causing to be made or used a false record or statement material to a false or fraudulent claim to the federal government. A claim includes “any request or demand” for money or property presented to the U.S. government. The qui tam provisions of the False Claims Act allow a private individual to bring actions on behalf of the federal government alleging that the defendant has submitted a false claim to the federal government, and to share in any monetary recovery. In recent years, the number of suits brought against healthcare providers by private individuals has increased dramatically. The government has obtained multi-million and multi-billion dollar settlements under the False Claims Act in addition to individual criminal convictions under applicable criminal statutes. In addition, the federal civil monetary penalties statute imposes penalties against any person or entity that, among other things, is determined to have presented or caused to be presented a claim to a federal health program that the person knows or should know is for an item or service that was not provided as claimed or is false or fraudulent. Given the significant size of actual and potential settlements, it is expected that the government will continue to devote substantial resources to investigating healthcare providers’ and manufacturers’ compliance with applicable fraud and abuse laws. Various states have also enacted false claim laws analogous to the federal civil False Claims Act, although many of these state laws apply where a claim is submitted to any third-party payor and not merely a federal healthcare program.

The federal Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act, or HIPAA, among other things, created two new federal crimes: healthcare fraud and false statements relating to healthcare matters. The HIPAA healthcare fraud statute prohibits, among other things, knowingly and willfully executing, or attempting to execute, a scheme to defraud any healthcare benefit program, including private payors. A violation of this statute is a felony and may result in fines, imprisonment and/or exclusion from government sponsored programs. The HIPAA false statements statute prohibits, among other things, knowingly and willfully falsifying, concealing or covering up a material fact or making any materially false, fictitious or fraudulent statement or representation in connection with the delivery of or payment for healthcare benefits, items or services. A violation of this statute is a felony and may result in fines and/or imprisonment. Similar to the Anti-Kickback Statute, a person or entity does not need to have actual knowledge of these statutes or specific intent to violate them in order to have committed a violation.

Additionally, there has been a recent trend of increased federal and state regulation of payments made to physicians and other healthcare providers. The ACA, imposed, among other things, new annual reporting requirements for covered manufacturers for certain payments and “transfers of value” provided to physicians and certain other healthcare providers and teaching hospitals, as well as ownership and investment interests held by physicians and their immediate family members. In addition, certain states require implementation of compliance programs and compliance with the device industry’s voluntary compliance guidelines and the relevant compliance guidance promulgated by the federal government, impose restrictions on marketing practices, and/or tracking and reporting of gifts, compensation and other remuneration or items of value provided to physicians and other healthcare professionals and entities.

Health Information Privacy and Security Laws

There are numerous U.S. federal and state laws and regulations related to the privacy and security of Personally Identifiable Information (“PII”), including health information. Among others, the federal Health Insurance Portability and Accountability Act of 1996, as amended by HITECH, and their implementing regulations, which we collectively refer to as HIPAA, establish privacy and security standards that limit the use and disclosure of Protected Health Information (“PHI”) and require covered entities and business associates to implement administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and availability of individually identifiable health information in electronic form, among other requirements.

Violations of HIPAA may result in civil and criminal penalties. We must also comply with HIPAA’s breach notification rule which requires notification to affected individuals and HHS, and in certain cases to media outlets, in the case of a breach of unsecured PHI. The regulations also require business associates of covered entities to notify the covered entity of breaches by the business associate.

State attorneys general also have the right to prosecute HIPAA violations committed against residents of their states, and HIPAA standards have been used as the basis for the duty of care in state civil suits, such as those for negligence or recklessness in misusing personal information. In addition, HIPAA mandates that HHS conduct periodic compliance audits of HIPAA covered entities and their business associates for compliance.

Many states also have laws that protect the privacy and security of sensitive and personal information, including health information. These laws may be similar to or even more protective than HIPAA and other federal privacy laws. For example, the laws of the State of California, are more restrictive than HIPAA. Where state laws are more protective than HIPAA, we must comply with the state laws we are subject to, in addition to HIPAA. California passed the California Consumer Privacy Act or CCPA on June 28, 2018, which went into effect January 1, 2020. On November 3, 2020, the California Privacy Rights Act of 2020 (“CPRA”), which amends the CCPA and adds new privacy protections that became effective on January 1, 2023, was enacted through a ballot initiative. While information we maintain that is covered by HIPAA may be exempt from the CCPA, other records and information we maintain on our patients may be subject to the CCPA. In certain cases, it may be necessary to modify our planned operations and procedures to comply with these more stringent state laws. Not only may some of these state laws impose fines and penalties upon violators, but also some, unlike HIPAA, may afford private rights of action to individuals who believe their personal information has been misused. In addition, state and federal privacy laws subject to frequent change.

In addition to HIPAA and state health information privacy laws, we may be subject to other state and federal privacy laws, including laws that prohibit unfair privacy and security practices and deceptive statements about privacy and security, laws that place specific requirements on certain types of activities, such as data security and texting, and laws requiring holders of personal information to maintain safeguards and to take certain actions in response to a data breach.

Foreign data protection, privacy, and other laws and regulations are often more restrictive than those in the U.S. The E.U., for example, traditionally has imposed stricter obligations under its laws and regulations relating to privacy, data protection and consumer protection than the U.S. In May 2018, the GDPR, governing data practices and privacy in the E.U., became effective and replaced the data protection laws of the individual member states. GDPR requires companies to meet stringent requirements regarding the handling of personal data of individuals in the E.U. These more stringent requirements include expanded disclosures to inform members about how we may use their personal data, increased controls on profiling members, and increased rights for members to access, control and delete their personal data. In addition, there are mandatory data breach notification requirements. The law also includes significant penalties for non-compliance, which may result in monetary penalties of up to 20 million Euros or 4% of a company’s worldwide turnover, whichever is higher. GDPR and other similar regulations require companies to give specific types of notice and informed consent is required for the placement of a cookie or similar technologies on a user’s device for online tracking for behavioral advertising and other purposes and for direct electronic marketing, and the GDPR also imposes additional conditions in order to satisfy such consent, such as a prohibition on pre-checked consents. It remains unclear how the U.K. data protection laws or regulations will develop in the medium to longer term and how data transfer to the U.K. from the E.U. will be regulated. Outside of the E.U., there are many other countries with data protection laws, and new countries are adopting data protection legislation with increasing frequency.

Many of these laws may require consent from individuals for the use of data for various purposes, including marketing, which may reduce our ability to market our products.

There is no harmonized approach to these laws and regulations globally. Consequently, we increase our risk of non-compliance with applicable foreign data protection laws and regulations when we expand internationally. We may need to change and limit the way we use personal information in operating our business and may have difficulty maintaining a single operating model that is compliant. Compliance with such laws and regulations will result in additional costs and may necessitate changes to our business practices and divergent operating models, limit the effectiveness of our marketing activities, adversely affect our business, results of operations, and financial condition, and subject us to additional liabilities.

Corporate History and Structure

Firefly’s corporate history began in April 2006 with the formation of Elminda Ltd, a company organized under the laws of the State of Israel, for the purpose of developing a system to provide clinicians with an objective assessment of brain electrophysiology to support better outcomes for people with mental illnesses and cognitive disorders.

Firefly spent over ten years building a significant database of standardized longitudinal EEG brain scans using clinically defined paradigms that captured patients brain activity while resting and while activated (evoke response potential). Firefly collected this data in over 100 sites, over 20 countries, and over 40 studies. Significant time and resources went into analyzing and interpreting the data as well as preparing for an FDA 510k application process.

On May 2, 2014, management of Firefly Neuroscience Ltd.” and “Firefly Neuroscience Ltd. incorporated a new wholly owned subsidiary company named “Elminda Inc.” in the State of Delaware for the purpose of initiating the company’s United States marketing and distribution activity.

In July 2014, Firefly received Class II medical device 510(k) clearance from the U.S. Food and Drug Administration (the “FDA”) for the BNA Analysis System, the predicate device to the BNA Platform, with indication for use in individuals 14 to 24 years of age.

In September 2014, the company received the Conformity European approval for the BNA Platform allowing use in European Economic Area.

In December 2020, Firefly received Class II medical device 510(k) clearance from the FDA for the BNA Platform, with indication for use in individuals 12 to 85 years of age.

On April 13, 2022, the name of Elminda Inc. was changed to “Elminda 2022 Inc.”

On April 21, 2022, management of Firefly Neuroscience Ltd.” and “Firefly Neuroscience Ltd. incorporated a new wholly owned subsidiary company named “Elminda Inc.” for the purpose of re-domiciling the company to enhance access to capital markets.

On July 5, 2022, Elminda Ltd. became a subsidiary of Elminda Inc. via a share exchange agreement wherein Elminda Inc. issued shares to shareholders of Elminda Ltd. against shares of Elminda Ltd.

On September 15, 2022 and October 24, 2022 management changed the name from Elminda Inc. and Elminda Ltd, respectively, to “Firefly Neuroscience, Inc.” and “Firefly Neuroscience Ltd.”, respectively.

On August 12, 2024, pursuant to the Merger Agreement, FFN merged with and into Firefly Neuroscience, Inc., with Firefly Neuroscience, Inc. surviving the merger as a wholly owned subsidiary of WaveDancer, Inc. On the Merger Closing Date (i) pursuant to the Amended and Restated Certificate of Incorporation of WaveDancer, we changed our name to Firefly Neuroscience, Inc. On the Closing Date (i) pursuant to the Amended and Restated Certificate of Incorporation of WaveDancer, we changed our name to Firefly Neuroscience, Inc. and (ii) pursuant to an amendment to its Certificate of Incorporation, Firefly changed its name to Firefly Neuroscience 2023, Inc. and (iii) Firefly and FFN filed the Certificate of Merger with the State of Delaware.

On April 30, 2025, Firefly completed the acquisition of Evoke Neuroscience Inc. (“Evoke”), which resulted in the acquisition of the Evoke business and a significant expansion of business operations and headcount. This acquisition included the Evoke System which was Evoke's primary commercial product.

The Charter and the Bylaws contain certain provisions relating to limitations of liability and indemnification of directors and certain officers, provide advance notice procedures for stockholder proposals at stockholder meetings, and other matters. See “Description of Capital Stock– Anti-Takeover Provisions” in Exhibit 4.1 to this Annual Report on Form 10-K and Item 10. “Directors, Executive Officers and Corporate Governance – Limitation on Liability and Indemnification of Directors and Certain Officers”.

Our fiscal year ends on December 31. Neither we nor any of our predecessors have been in bankruptcy, receivership or any similar proceeding.

ITEM 1A. RISK FACTORS. RISK FACTORS.

An investment in our securities involves a high degree of risk. You should carefully read and consider all of the risks described below, together with all of the other information contained or referred to in this report, before making an investment decision with respect to our securities. If any of the following events occur, our financial condition, business and results of operations (including cash flows) may be materially adversely affected. In that event, the market price of our shares could decline, and you could lose all or part of your investment.

Risks Related to the Company’s Business, Operations and Industry

We are facing significant liquidity risks that raise substantial doubt about our ability to continue as a going concern.

We have incurred recurring losses and experienced negative cash flows from operations since our inception, and we may continue to incur operating losses. For the fiscal year ended December 31, 2025, we had an accumulated deficit of $111,615 and negative cash flows from operating activities of approximately $8,194. We have generated minimal revenue to date, and our ability to generate recurring revenue depends on the successful commercialization of our products, which remains in the early stages of market adoption.

Our financial position raises significant liquidity concerns. Our existing capital resources may be insufficient to fund our operations for the next twelve months, and we may be unable to realize our assets or discharge our liabilities in the normal course of business. These conditions raise substantial doubt about our ability to continue as a going concern. To mitigate these risks, we are actively pursuing additional capital through equity or debt financings and implementing cost-reduction measures. However, there is no assurance that we will be able to secure such funding on favorable terms or at all. Failure to obtain additional financing would materially and adversely affect our ability to continue operations and could force us to delay, reduce, or eliminate our commercialization efforts, product development activities, or other key initiatives.

Our continued existence is dependent on our ability to raise additional capital and ultimately achieve and maintain profitable operations. Even if we are successful in raising additional funds, our expenses may exceed expectations, or we may deplete our available capital resources more quickly than anticipated. The report of our independent registered public accounting firm for the fiscal year ended December 31, 2025 includes an explanatory paragraph expressing substantial doubt about our ability to continue as a going concern, which may further impair our ability to raise capital and negatively impact investor confidence.

We have engaged, and may continue to engage, in strategic acquisitions or transactions, which could have a material adverse effect on our business, results of operations, financial condition and cash flows.

Acquisitions involve a number of risks, including diversion of management’s attention, ability to finance the acquisition on attractive terms, failure to retain key personnel or valuable customers, legal liabilities, the need to amortize acquired intangible assets, and intellectual property ownership and infringement risks, any of which could have a material adverse effect on our business, results of operations, financial condition and cash flows. Any additional future acquisitions may also result in the incurrence of indebtedness or the issuance of additional equity securities.

We could also experience financial or other setbacks if transactions encounter unanticipated problems, including problems related to governmental approval, execution, integration or underperformance relative to prior expectations. Acquisitions may not result in long-term benefits to us or we may not be able to further develop the acquired business in the manner we anticipated.

Following the completion of acquisitions, we may have to rely on the seller to provide administrative and other support, including financial reporting and internal controls, and other transition services to the acquired business for a period of time. There can be no assurance that the seller will do so in a manner that is acceptable to us.

We may not realize the anticipated benefits of past or future acquisitions and integration of these acquisitions may disrupt our business.

On April 30, 2025, we completed the acquisition of Evoke Neuroscience Inc., which resulted in our acquisition of the Evoke business and a significant expansion of our business operations and headcount. In the future, we may acquire additional companies, project pipelines, products, or technologies, or enter into joint ventures or other strategic initiatives. Our ability as an organization to integrate acquisitions is unproven. We may not realize the anticipated benefits of our acquisitions or any other future acquisition or the acquisition may be viewed negatively by customers, financial markets or investors.

Any acquisition has numerous risks, including, but not limited to, the following:

We are subject to operating risks, including excess or constrained capacity and operational inefficiencies, which could adversely affect our results of operations.

We are subject to operating risks, including excess or constrained capacity and pressure on our internal systems and personnel. In order to manage current and anticipated future operations effectively, we must continually implement and improve our operational, financial and management information systems, hire, train, motivate, manage and retain employees. We may be unable to balance near-term efforts to meet existing demand with future customer demand, including adding personnel, creating scalable, secure and robust systems and operations, and automating processes needed for long term efficiencies. Any such failure could have a material impact on our business, operations and prospects.

Our products and information technology systems are critical to our business. Issues with product development or enhancements, IT system integration, implementation, updates and upgrades could disrupt our operations and have a material impact on our business and operating results.

We rely on the efficient, uninterrupted and secure operation of our IT systems and are dependent on key third-party software embedded in our products and IT systems as well as third-party hosted IT systems to support our operations. All software and IT systems are vulnerable to damage, cyber-attacks or interruption from a variety of sources. To effectively manage and improve our operations, our IT systems and applications require an ongoing commitment of significant expenditures and resources to maintain, protect, upgrade, enhance and restore existing systems and develop new systems to keep pace with continuing changes in information processing technology, evolving industry and regulatory standards, increasingly sophisticated cyber threats, and changing consumer preferences. Failure to adequately protect and maintain the integrity of our products and IT systems may result in a material effect on our financial position, results of operations and cash flows.

We plan to continuously upgrade and issue new releases of our products and customer-facing software applications, upon which our operations depend. Software applications and products containing software frequently contain errors or defects, especially when first introduced or when new versions are released. Additionally, any third-party software integrated into or interoperable with our products and services will routinely reach end of life, and as a consequence, may be exposed to additional vulnerabilities, including increased security risks, errors and malfunctions that may be irreparable or difficult to repair. The discovery of a defect, error or security vulnerability in our products, software applications or IT systems, incompatibility with future customers’ computer operating systems and hardware configurations with a new release or upgraded version or the failure of our products or primary IT systems may cause adverse consequences, including: delay or loss of revenues, significant remediation costs, delay in market acceptance, loss of data, disclosure of financial, health or other personal information of any customers or patients, product recalls, damage to our reputation, or increased service costs, any of which could have a material effect on our business, financial condition or results of our operations and the operations of our potential customers or our business partners.

Our operations and financial performance depend on global and regional economic conditions. Inflation, fluctuations in currency exchange rates, changes in consumer confidence and demand, tariffs and trade policy changes, and weakness in general economic conditions and threats, or actual recessions, could materially affect our business, results of operations, and financial condition. Inflation, fluctuations in currency exchange rates, changes in consumer confidence and demand, and weakness in general economic conditions and threats, or actual recessions, could materially affect our business, results of operations, and financial condition.

Macroeconomic conditions impact consumer confidence and discretionary spending, which could adversely affect demand for any products we bring to market. Consumer spending habits are affected by, among other things, inflation, fluctuations in currency exchange rates, weakness in general economic conditions, threats or actual recessions, pandemics, wars and military actions, levels of employment, wages, debt obligations, discretionary income, interest rates, volatility in capital, and consumer confidence and perceptions of current and future economic conditions. Changes and uncertainty can, among other things, reduce or shift spending away from treatments and procedures to address mental illness and cognitive disorders, and could drive patients and clinicians towards other options in the marketplace that may cost less than our products, reduce patient traffic in clinicians’ offices or reduce demand for services to treat mental illness and cognitive disorder generally. The recent declines in, or uncertain economic outlooks for, the U.S., European and certain other international economies has and may continue to adversely affect consumer and healthcare practice spending. The increase in the cost of fuel and energy, food and other essential items along with elevated interest rates could reduce consumers’ disposable income, resulting in less discretionary spending for products like ours. Decreases in disposable income and discretionary spending or change in consumer confidence and spending habits may adversely affect our revenues and operating results.

In addition, tariffs and changes in trade policy — including new or increased tariffs imposed by the U.S. or other governments on imported goods, components, or materials — could increase our costs of goods or disrupt our supply chain, and may trigger retaliatory measures by foreign governments that adversely affect our ability to sell products in international markets. Tariff-related cost increases may be difficult to pass on to customers or healthcare providers, which could compress our margins. The current uncertainty surrounding trade policy, including the scope, duration, and potential escalation of existing and proposed tariffs, makes it difficult to predict their ultimate impact on our business. Depending on the markets in which we operate and the countries from which we or our suppliers source materials or components, tariff-driven cost increases could be material.

Inflation continues to adversely impact spending and trade activities and we are unable to predict the impacts of higher inflation on global and regional economies. Higher inflation has also increased domestic and international shipping costs, tariffs, raw material prices, and labor rates, which could adversely impact the costs of producing, procuring and shipping any products we bring to market. Higher inflation has also increased domestic and international shipping costs, raw material prices, and labor rates, which could adversely impact the costs of producing, procuring and shipping any products we bring to market. If similar trends continue, our ability to recover these cost increases through price increases may have limited effectiveness, resulting in downward pressure on our operating results. If similar trends continue once we begin marketing our BNA Platform, our ability to recover these cost increases through price increases may have limited effectiveness, resulting in downward pressure on our operating results. Attempts to offset cost increases with price increases could reduce sales, increase customer dissatisfaction or otherwise harm our reputation. Further, we are unable to predict the impact of efforts by central banks and federal, state and local governments to combat elevated levels of inflation. If their efforts to reduce inflation are too aggressive, they may lead to a recession. Alternatively, if they are insufficient or are not sustained long enough to lower inflation to more acceptable levels, consumer spending may be adversely impacted for a prolonged period of time. Any of these events could materially affect our business and operating results.

Our business could be impacted by political events, trade and other international disputes, war, and terrorism, including the military conflict between Russia and Ukraine.

Political events, trade and other international disputes, war, and terrorism could harm or disrupt international commerce and the global economy and could have a material effect on our business as well as our potential customers, suppliers, contract manufacturers, distributors, and other business partners.

Political events, trade and other international disputes, wars, and terrorism can lead to unexpected tariffs or trade restrictions, which could adversely impact our business. Once we begin marketing our products, these increased costs could adversely impact our gross margin and make our products less competitive or reduce demand. Countries could also adopt other measures, such as controls on imports or exports of goods, technology or data, that could adversely impact our operations and supply chain and limit our ability to offer products and services. These measures could require us to take various actions, including changing suppliers or restructuring business relationships. Complying with new or changed trade restrictions is expensive, time-consuming and disruptive to our operations. Such restrictions can be announced with little or no advance notice and we may be unable to effectively mitigate the adverse impacts of such measures. If disputes and conflicts escalate in the future, actions by governments in response could be significantly more severe and restrictive and could materially affect our business.

Political unrest, threats, tensions, actions and responses to any social, economic, business, geopolitical, military, terrorism, or acts of war involving key commercial, development or manufacturing markets such as China, Mexico, Israel, Europe, or other countries or regions could materially impact any international operations we undertake. For example, our employees in Israel could be obligated to perform annual reserve duty in the Israeli military and be called for additional active duty under emergency circumstances. If any of these events or conditions occur, the impact on us, our employees and potential customers is uncertain, particularly if emergency circumstances, armed conflicts or an escalation in political instability or violence disrupts our product development, data or information exchange, payroll or banking operations, product or materials shipping by us or our suppliers and other unanticipated business disruptions, interruptions and limitations in telecommunication services or critical systems or applications reliant on a stable and uninterrupted communications infrastructure.

U.S. and global markets are experiencing volatility and disruption following the escalation of geopolitical tensions and the start of the military conflict between Russia and Ukraine. On February 24, 2022, a full-scale military invasion of Ukraine by Russian troops was reported. In response to the military conflict, the United States and other North Atlantic Treaty Organization member states, as well as non-member states, announced targeted economic sanctions on Russia, including certain Russian citizens and enterprises, and the continuation of the conflict may trigger additional economic and other sanctions. The potential impacts of the conflict and related sanctions could include supply chain and logistics disruptions, macro financial impacts resulting from the exclusion of Russian financial institutions from the global banking system, volatility in foreign exchange rates and interest rates, inflationary pressures on raw materials and energy and heightened cybersecurity threats. We have no way to predict the progress or outcome of the conflict in Ukraine or the reactions by governments, businesses or consumers. A prolonged conflict, intensified military activities or more extensive sanctions impacting the region and the resulting economic impact could have a material effect on our business, results of operations, financial condition, liquidity, growth prospects and business outlook.

We conduct certain of our operations in Israel. Conditions in Israel, including the attack by Hamas and other terrorist organizations from the Gaza Strip and Israel’s war against them, may affect our operations.

We currently have five full-time employees, who are located in and/or reside in Israel. As a result, our business and operations are directly affected by economic, political, geopolitical and military conditions in Israel. Since the establishment of the State of Israel in 1948, a number of armed conflicts have occurred between Israel and its neighboring countries and terrorist organizations active in the region. These conflicts have involved missile strikes, hostile infiltrations and terrorism against civilian targets in various parts of Israel, which have negatively affected business conditions in Israel.

In October 2023, Hamas terrorists infiltrated Israel’s southern border from the Gaza Strip and conducted a series of attacks on civilian and military targets. Hamas also launched extensive rocket attacks on Israeli population and industrial centers located along Israel’s border with the Gaza Strip and in other areas within the State of Israel. Following the attack, Israel’s security cabinet declared war against Hamas and a military campaign against these terrorist organizations commenced in parallel to their continued rocket and terror attacks. Moreover, the clash between Israel and Hezbollah in Lebanon, may escalate in the future into a greater regional conflict.

The active military conflict involving Iran, Israel and the United States poses immediate and material risks to our operations, employees, financial condition and business.

The conflict between Iran, Israel and the United States has escalated into an active military war with significant regional and global consequences. On February 28, 2026, the United States and Israel launched coordinated strikes against Iran targeting its nuclear infrastructure, military assets and government leadership. Iran has retaliated with missile and drone attacks against targets in Israel, U.S. military bases across the region, and civilian and commercial infrastructure across multiple Gulf states. The conflict has spread across at least a dozen countries, resulting in the closure of the Strait of Hormuz — the world's major oil artery — and has caused significant casualties throughout the region.

We conduct certain of our operations in Israel and have full-time employees who are located in and/or reside in Israel. The active and expanding nature of this conflict directly heightens the risk to our personnel and operations. Israeli cities, including Tel Aviv, have been targeted by Iranian missile and drone barrages, and the conflict has simultaneously expanded into Lebanon, with Hezbollah launching attacks and Israel conducting military operations there as well. Armed conflicts or heightened security conditions may result in employee absences, evacuation or relocation of personnel, interruptions to communications or transportation infrastructure, or other operational disruptions that could materially affect our ability to conduct business activities in Israel. Unfavorable or inconsistent clinical data from future clinical studies conducted by us, our competitors, or third parties, or the negative interpretation of our clinical data internally and externally, including by customers, competitors, patients, and regulators could harm our business, financial condition, and results of operations. The conflict has materially disrupted the global economy and financial markets. The war has pushed oil prices sharply higher, disrupted shipping through the Strait of Hormuz and displaced millions of civilians across the region. Broader economic forecasts warn of inflationary pressures and slowed global growth, and a near-total halt of tanker traffic in the Strait of Hormuz has disrupted the supply of fuel and essential commodities, threatening global food security. These developments could lead to sustained volatility in financial markets, increased costs of capital, supply chain disruptions, and reduced investor confidence, each of which could adversely affect our financial condition and access to capital markets.

Iran has declared U.S. financial institutions and other technology and multinational companies operating in the Middle East as justified targets. This declaration meaningfully increases our exposure to cybersecurity threats and potential disruptions to our technology infrastructure and operations. We may face increased costs associated with protecting our systems, personnel and data, and we cannot guarantee that our defensive measures will be sufficient to prevent a material cybersecurity incident.

The conflict also carries significant sanctions, export control and regulatory risk. Expanded U.S. or allied sanctions regimes targeting Iran and its proxies, changes in government policy, and evolving export control restrictions on technology companies could alter the regulatory environment in which we operate, including with respect to our activities involving our Israeli operations and any technology developed or deployed in the region.

There is no certainty as to the duration, geographic scope, or ultimate resolution of the conflict. The failure of diplomatic negotiations and the current military trajectory suggest a prolonged conflict is possible, with an uncertain post-conflict political and economic framework. Any continuation or further escalation of hostilities — including the potential involvement of additional state or non-state actors — could materially and adversely affect our operations, personnel safety, financial condition and results of operations in ways that are difficult to predict or quantify at this time.

Any hostilities involving Israel could adversely affect our operations and results of operations. Shelter-in-place and work-from-home measures, government-imposed restrictions on movement and travel and other precautions taken to address the ongoing conflict may temporarily disrupt our employees’ ability to effectively perform their daily tasks.

The Israel Defense Force (the “IDF”), the national military of Israel, is a conscripted military service, subject to certain exceptions. Several of our employees are subject to military service in the IDF and have been and may be called to serve. Currently, all male adult citizens and permanent residents of Israel under the age of 40 (or older, depending on their position with the Israeli Defense Forces reserves), unless exempt, are obligated to perform military reserve duty annually and are subject to being called to active duty at any time under emergency circumstances. It is possible that there will be further or longer military reserve duty call-ups in the future, which may affect our business due to a shortage of skilled labor and loss of institutional knowledge, and necessary mitigation measures we may take to respond to a decrease in labor availability, such as overtime and third-party outsourcing, for example, which may have unintended negative effects and adversely impact our results of operations, liquidity or cash flows.

Also, in the event of sustained military conflict, civil unrest, or other disruptive events in Israel, we could face challenges in maintaining normal business operations or communicating with employees in the region. Our ability to recruit and retain talent locally could also be affected. Moreover, government-imposed restrictions, transportation shutdowns, or damage to infrastructure may inhibit our ability to conduct business activities.

While our facilities have not been damaged during the current war, the hostilities with Hamas, Hezbollah, Iran and its proxies and others have caused and may continue to cause damage to private and public facilities, infrastructure, utilities, and telecommunication networks, and potentially disrupting our operations and supply chains. In addition, Israeli organizations, government agencies and companies have been subject to extensive cyber attacks. This could lead to increased costs, risks to employee safety, and challenges to business continuity, with potential financial losses.

Our commercial insurance does not cover losses that may occur as a result of events associated with war and terrorism. Although the Israeli government currently covers the reinstatement value of direct damages that are caused by terrorist attacks or acts of war, we cannot assure you that this government coverage will be maintained or that it will sufficiently cover our potential damages. Any losses or damages incurred by us could have a material adverse effect on our business.

Our operations may be impacted by natural disaster and may adversely impact our business and operating results as well as those of our potential customers and suppliers.

Natural disasters and other extreme weather events may impact us and our potential customers, as well as suppliers critical to our operations. Natural disasters include earthquakes, tsunamis, floods, droughts, hurricanes, wildfires, and other extreme weather conditions that can cause deaths, injuries, and critical health crises, power outages, restrictions and shortages of food, water, shelter, and medical supplies, telecommunications failures, materials scarcity, price volatility and other ramifications.

The frequency and severity of such events can vary over time and by region. Regardless of their cause, natural disasters and extreme weather may pose ongoing operational and financial risks to us and others within our supply chain. These events can lead to facility shutdowns, shipping and logistics disruptions, increased insurance or operating costs, and potential loss of revenue.

In addition, changes in the broader economic environment due to environmental factors may affect the supply, demand, or availability of energy and other critical resources used in our operations. Any of these factors could have a material adverse effect on our business, financial condition, or results of operations.

Risks Related to our Software Platform

Our operations depend in part on third-party software platforms and artificial intelligence services, and disruptions to those services, including interruptions resulting from government actions or policy decisions, could adversely affect our business.

We rely on various third-party software tools, cloud infrastructure providers and artificial intelligence platforms to support our research, development, and operational activities. These services may be provided by large technology companies or emerging AI providers. Our ability to access and use such services may be affected by technical outages, service interruptions, contractual disputes, regulatory actions, or government policy decisions affecting technology providers.

For example, government actions or policy decisions affecting AI providers or technology supply chains may result in service interruptions, restricted access, or changes to the availability of certain platforms. Recent developments have demonstrated that government determinations regarding technology supply chain risks can lead to restrictions on the use of certain AI providers in government or commercial environments.

If any of the third-party services on which we rely were to become unavailable, experience prolonged outages, impose usage restrictions, significantly increase pricing, or otherwise change their service terms, we may experience operational disruptions, delays in product development, increased costs, or reduced efficiency. Although we may seek alternative providers where possible, transitioning to substitute platforms could require significant time, cost and technical effort.

Any interruption or limitation in our access to critical software or AI services could adversely affect our operations, research and development activities, and overall business.

If we are not successful in enhancing awareness of our products, driving adoption across our current target markets and expanding the population of eligible patients, our sales, business, financial condition and results of operations will be negatively affected.

Our business currently depends primarily on our ability to successfully market our products, which involves successfully executing our commercialization program, increasing adoption of and driving utilization our products by clinicians, in the United States. We continue to increase awareness of our products, as well as grow the number of clinicians that utilize our products, but there can be no assurance that we will succeed.

Our commercial success will continue to depend on a number of factors, including the following:

If we fail to successfully initiate our broad commercialization program, market and sell our products cost-effectively, our sales, business, financial condition and results of operations will be negatively affected.

Our commercial success will depend in large part on the future adoption of our products into patient work streams in clinics. We cannot predict how quickly, if at all, clinicians and patients will adopt our product. Moreover, we cannot predict how quickly, if at all, those currently living with mental illness or cognitive disorders but who are not being treated will seek treatment. Our ability to grow sales of our products and drive market acceptance will depend on successfully educating clinicians and patients of the relative benefits of our products. Our ability to grow sales of our BNA Platform and drive market acceptance will depend on successfully educating clinicians and patients of the relative benefits of our BNA Platform. If we are unable to successfully drive interest in our products, our business, financial condition and results of operations would be harmed. If we are unable to successfully drive interest in our BNA Platform, our business, financial condition and results of operations would be harmed.

We may be unable to compete successfully with competitive technologies, which could harm our sales, business, financial condition and results of operations.

Our industry is competitive and has been evolving rapidly. Our current customer base includes neurology and psychiatric clinics in the United States.

We will face competition in the market for our products from competing technologies, and we expect competition from new companies that may enter the market or introduce new technologies in the future. Third-party payors may encourage the use of competitors’ products due to lower costs of competing products or alternatives. Additionally, treating neurologists may promote the use of other competitors’ products or alternative therapies.

Our current and future competitors may include large, well-capitalized companies with significant market share and resources. They may have more established sales and marketing programs than we do and have greater name recognition. In addition to competing for market share, competitors may develop or acquire patents or other rights that may limit our ability to compete.

We believe that the competitive advantages of our products will be important factors in our future success. Our continued success depends on, among other things, our ability to:

The medical device industry is intensely competitive, subject to rapid change and significantly affected by new product introductions and other market activities of industry participants. There can be no assurance that other companies or institutions will not succeed in developing or marketing devices and products that are more effective than ours or that would render our products obsolete or noncompetitive. There can be no assurance that other companies or institutions will not succeed in developing or marketing devices and products that are more effective than our BNA Platform or that would render our BNA Platform obsolete or noncompetitive.

Patient and product variability may produce misleading report results

Misled clinical decision due to incorrect score results is a known risk and is continually mitigated. EEG is subject to external “noise” or artifact that contaminates waveforms such as Electrical grid; nearby medical/other devices which cause interference in frequencies near EEG frequencies., or excessive patient movement. Artifact-free data cannot always be guaranteed. This variability may lead to customer dissatisfaction which could harm our sales, business, financial condition, and results of operations.

Use of our platform requires appropriate training and inadequate training may lead to negative clinician experiences, which could harm our business, financial condition, and results of operations.

The successful use of our products depends in part on the training and skill of the clinician performing EEG recording and reading our reports. Clinicians could experience difficulty interpreting the results of our reports. Moreover, clinicians rely on their previous medical training and experience when recommending or utilizing our software platform, and we cannot guarantee that all clinicians will have the necessary skills to properly utilize the platform. Moreover, clinicians rely on their previous medical training and experience when recommending or utilizing our BNA Platform, and we cannot guarantee that all clinicians will have the necessary skills to properly utilize the BNA Platform. We cannot be certain that clinicians that will use our platform will have received sufficient training, and clinicians who have not received adequate training may nonetheless attempt to use our platform with their patients. We cannot be certain that clinicians that will use our BNA Platform will have received sufficient training, and clinicians who have not received adequate training may nonetheless attempt to use our BNA Platform with their patients. If clinicians utilize our platform incorrectly, or without adhering to or completing all relevant training, their patient outcomes may not be consistent with the outcomes achieved in our research studies and any future clinical studies. If clinicians utilize our BNA Platform incorrectly, or without adhering to or completing all relevant training, their patient outcomes may not be consistent with the outcomes achieved in our research studies and any future clinical studies. Adverse safety outcomes that arise from improper or incorrect use of our software platform may negatively impact the perception of patient benefit and the safety of our software platform, notwithstanding results from our research studies and any future clinical studies. Adverse safety outcomes that arise from improper or incorrect use of our BNA Platform may negatively impact the perception of patient benefit and the safety of our BNA Platform, notwithstanding results from our research studies and any future clinical studies. These results could limit adoption of our platform, which would harm our sales, business, financial condition, and results of operations. These results could limit adoption of our BNA Platform, which would harm our sales, business, financial condition, and results of operations.

We are highly dependent on our senior management team and key personnel, and our business could be harmed if we are unable to attract and retain personnel necessary for our success.

We are highly dependent on our senior management and key personnel. Our success will depend on our ability to retain senior management and to attract and retain qualified personnel in the future, including sales and marketing professionals, engineers, scientists, data science specialists and other highly skilled personnel and to integrate current and additional personnel in all departments.

Competition for skilled personnel in our market is intense and may limit our ability to hire and retain highly qualified personnel on acceptable terms, or at all. To induce valuable employees to remain at our company, in addition to salary and cash incentives, we have issued stock options that vest over time, restricted share units subject to vesting conditions, and certain performance warrants. The value to employees of stock options that vest over time may be significantly affected by fluctuations in our stock price that are beyond our control, and may at any time be insufficient to counteract more lucrative offers from other companies. Despite our efforts to retain valuable employees, members of our management and other key personnel may terminate their employment with us on short notice. Our employment arrangements with our employees provide for at-will employment, which means that any of our employees could leave our employment at any time, with or without notice. We also do not maintain “key man” insurance policies on the lives of these individuals or the lives of any of our other employees.

As we scale, the commercialization program for our platform, expand our product offerings in the future and increase our future marketing efforts, we will need to build and expand the reach of our marketing and sales networks. Our future success will depend largely on our ability to continue to hire, train, retain and motivate skilled employees with significant technical knowledge in various areas. An inability to attract, hire, train and retain employees will harm our sales, business, financial condition, and results of operations.

We expect to increase the size of our organization in the future, and we may experience difficulties in managing the operational elements or timing of this growth. If we are unable to manage or appropriately time the anticipated growth of our business, our future revenue and operating results may be harmed.

As of the date of this report, we have 17 full time employees. As our sales and marketing strategies evolve and as we launch commercialization of our software platform, we may need additional managerial, operational, sales, marketing, financial and other personnel. As our sales and marketing strategies evolve and as we launch commercialization of our BNA Platform, we may need additional managerial, operational, sales, marketing, financial and other personnel. Future growth would impose significant added responsibilities on members of management, including:

Our future financial performance and our ability to successfully market and sell our software platform will depend, in part, on our ability to effectively manage or time any future growth, and our management may also have to divert a disproportionate amount of attention away from day-to-day activities in order to devote a substantial amount of time to managing these growth activities.

As demand for our platform increases in the future, we will need to expand customer service, billing and systems processes and enhance our internal quality assurance program. We cannot be certain that any increases in scale, related improvements and quality assurance will be successfully implemented or that appropriate personnel will be available to facilitate the growth of our business. If we encounter difficulty meeting market demand, quality standards or clinician expectations, our reputation will be harmed and our business will suffer. Additionally, additional growth may result in higher fixed costs and may slow our ability to reduce costs in the face of a sudden decline in demand for our products.

We may not be able to achieve or maintain satisfactory pricing and margins for our products, which could harm our business and results of operations.

The medical device industry has a history of price competition, and we can give no assurance that we will be able to maintain satisfactory prices for our products or any future products at competitive levels. The pricing of our products could be impacted by several factors, including pressure to reduce prices by our customers due to a decline in the amount that third-party payors reimburse for EEG tests for clinicians utilizing our products. If we are forced to lower or are unable to increase the price we charge for our products, our gross margins will decrease, which will harm our ability to invest in and grow our business. If we are forced to lower or are unable to increase the price we charge for our BNA Platform, our gross margins will decrease, which will harm our ability to invest in and grow our business. If we are unable to maintain our prices, or if our costs increase and we are unable to offset such increase with an increase in our prices, our margins could erode, which could harm our business and results of operations.

Future sales of our products may depend on healthcare providers’ or patients’ ability to obtain reimbursement from third-party payors, such as insurance carriers.

Future sales of our products may depend on healthcare providers’ or patients’ ability to obtain reimbursement from third-party payors, such as insurance carriers. Where such insurance or third-party reimbursement becomes available in the future, any reduction in insurance or other third-party payor reimbursement for our products may cause negative price pressure, which would reduce our revenues. Without a corresponding reduction in the cost to produce such products, the result would be a reduction in our overall gross profit. Similarly, any increase in the cost of such products would reduce our overall gross profit unless there was a corresponding increase in third-party payor reimbursement. Failure by our patients or healthcare provider customers to obtain or maintain coverage or to secure adequate reimbursement for our treatment by third-party payors could have an adverse effect on our business, results of operations, and financial condition.

Our results of operations may be harmed if we are unable to accurately forecast clinician demand for our products or any future products.

Our ability to accurately forecast demand for our products or our future our products could be negatively affected by many factors, including our failure to accurately manage our expansion strategy, product introductions by competitors, our inability to forecast the lifecycle of our products, an increase or decrease in customer demand for our products or for competitor products, our failure to accurately forecast customer adoption of new products, unanticipated changes in general market conditions or regulatory matters and weakening of economic conditions or consumer confidence in future economic conditions. Inventory levels in excess of customer demand may result in inventory write-downs or write-offs, which would cause our gross margin to be adversely affected and could impair the strength of our brand, which may negatively affect our business, financial condition, and results of operations.

Adoption of our products depends on positive clinical data as well as clinician acceptance of the data and our products, and negative clinical data or perceptions among these clinicians would harm our sales, business, financial condition, and results of operations.

The rate of adoption and sales of our products is heavily influenced by clinical data. Although we have positive research data from our publications, there can be no assurance that future clinical studies, including those to demonstrate the efficacy of our current products or future products in current target patient populations and those to support label retention and expansion for our products, will demonstrate clinical utility and effectiveness. Although we have positive research data from a 2023 white paper study, there can be no assurance that future clinical studies, including those to demonstrate the efficacy of our BNA Platform or future products in current target patient populations and those to support label retention and expansion for our products, will demonstrate clinical utility and effectiveness. Unfavorable or inconsistent clinical data from future clinical studies conducted by us, our competitors, or third parties, or the negative interpretation of our clinical data internally and externally, including by customers, competitors, patients, and regulators could harm our business, financial condition, and results of operations.

The rate of adoption and sales of our products are also influenced by clinician perceptions. Negative perceptions of our products by clinicians, including due to negative clinical data, could result in decreased adoption or use of our products, which would harm our business, financial condition, and results of operations. Further, if we are not able to attain strong working relationships with clinicians and receive their advice and input, the marketing of our products could suffer, which could harm our business, financial condition and results of operations.

Our future success also depends upon patients having an experience with our products that meets their expectations in order to increase clinician demand for our products as a result of positive feedback and word-of-mouth. Patients may be dissatisfied if their expectations of the products are not met or if the performing clinicians are not adequately trained on the use of our products. Patients may be dissatisfied if their expectations of the BNA Platform are not met or if the performing clinicians are not adequately trained on use of our BNA Platform. If the results of our products do not meet the expectations of the patient, it could discourage the patient and/or their healthcare provider from continuing to use our device or referring our products to others. Dissatisfied patients may express negative opinions through social media, advocacy, or other publicity. Any failure to meet patient expectations and any resulting negative publicity could harm our reputation and future sales.

Risks Related to the Integration of the Evoke and Firefly Businesses

The integration of the Evoke and Firefly businesses may be complex, time-consuming and costly, and we may not realize the anticipated benefits of the combination. We are in the process of integrating the operations, products, personnel, technology platforms, databases and regulatory frameworks of the Evoke and Firefly businesses. The integration efforts will be completed successfully or on the anticipated timeline, or that we will achieve the expected strategic, operational or financial benefits of the combination. Integration of product platforms and databases may require additional development work, validation, testing and, in certain cases, regulatory review or new regulatory submissions. Any delays in product harmonization, data migration, system interoperability, or regulatory approvals could adversely affect our ability to commercialize integrated solutions, expand our customer base or realize anticipated synergies. The integration process may also result in increased expenses, diversion of management attention, disruption to our ongoing operations or difficulties in retaining customers and key employees. If we fail to effectively integrate the Evoke and Firefly businesses, our business, financial condition and results of operations could materially adversely affected. If any of the following events occur, our financial condition, business and results of operations (including cash flows) may be materially adversely affected.

We may acquire businesses or products, or form strategic alliances, in the future, and may not realize the benefits of such acquisitions.

We may acquire additional businesses or products, form strategic alliances, or create joint ventures with third parties that we believe will complement or augment our existing business. If we acquire businesses with promising markets or technologies, we may not be able to realize the benefit of acquiring such businesses if we are unable to successfully integrate them with its existing operations and company culture. We may encounter numerous difficulties in developing, manufacturing, and marketing any new products resulting from a strategic alliance or acquisition that delay or prevent it from realizing our expected benefits or enhancing our business. There is no assurance that, following any such acquisition, we will achieve the synergies expected to justify the transaction, which could result in a material adverse effect on our business and prospects.

Risks Related to Legal, Regulatory and Compliance Matters

Complying with regulations enforced by FDA and other regulatory authorities is expensive and time consuming, and failure to comply could result in substantial penalties.

Our current and potentially future products are considered medical devices and, accordingly, are subject to rigorous regulation by government agencies in the U.S. and other countries in which we intend to sell our products. Compliance with these rigorous regulations will affect capital expenditures, earnings and the competitive position of the Company. These regulations vary from country to country but cover, among other things, the following activities with respect to medical devices:

The regulations to which we are subject are complex. Regulatory changes could result in restrictions on our ability to carry on or expand our operations, higher than anticipated costs, or lower than anticipated sales. Our failure to comply with applicable regulatory requirements could result in enforcement action by FDA or state agencies, which may include any of the following sanctions:

If any of these events were to occur, they could harm our business.

We may not receive the necessary authorizations to market any future new products, and any failure to timely do so may adversely affect our ability to grow our business.

Before we can sell a new medical device in the U.S., or market a new use of, new claim for, or significant modification to a legally marketed device, we must first obtain either FDA 510(k) clearance or approval, unless an exemption applies. In the 510(k) clearance process, before a device may be marketed, the applicant must submit a premarket notification to FDA under Section 510(k) of the FD&C Act, and FDA must determine that a proposed device is “substantially equivalent” to a legally-marketed “predicate” device. To be “substantially equivalent,” the proposed device must have the same intended use as the predicate device, and either have the same technological characteristics as the predicate device or have different technological characteristics, not raise different questions of safety or effectiveness than the predicate device, and be as safe and as effective as the predicate device. The 510(k) clearance process can be expensive and uncertain and typically takes from three to 12 months, but may last significantly longer. Clinical data may be required in connection with an application for 510(k) clearance. Furthermore, even if we are granted regulatory clearances or approvals, they may include limitations on the indications for use or intended uses of the device, which may limit the market for the device.

Our Evoke System and BNA Platform are Class II medical devices, which were cleared by FDA for commercialization in the U.S. pursuant to the 510(k) notification process.

FDA can delay, limit, or deny 510(k) clearance, or other approval or reclassification, of a device for many reasons, including:

Any delay or failure to obtain necessary regulatory clearances or approvals could harm our business. For example, if we decide to market our products for a broader or additional indication(s) for use and/or make any material modifications to any element of the device and/or the manufacturing or distribution thereof in the future, an additional 510(k) submission, and FDA clearance thereof, will be required prior to making any promotional communications expressly or impliedly claiming that the device may be used for such indication(s) and/or prior to making such modification, respectively. For example, if we decide to market the BNA Platform for a broader or additional indication(s) for use and/or make any material modifications to any element of the device and/or the manufacturing or distribution thereof in the future, an additional 510(k) submission, and FDA clearance thereof, will be required prior to making any promotional communications expressly or impliedly claiming that the device may be used for such indication(s) and/or prior to making such modification, respectively.

In addition, FDA may change its policies, adopt additional regulations, revise existing regulations, or take other actions, or Congress may enact different or additional statutory requirements, which may prevent or delay clearance of our future products under development or impact our ability to modify our currently marketed products on a timely basis. Such policy, statutory, or regulatory changes could impose additional requirements upon us that could delay our ability to obtain new 510(k) clearances, increase the costs of compliance, or restrict our ability to maintain our current marketing authorizations.

We may also need to obtain regulatory approval in other foreign jurisdictions in which we may plan to market and sell our products. The time required to obtain registrations or approvals, if required by other countries, may be longer than that required for FDA clearance, and requirements for such registrations, clearances, or approvals may significantly differ from FDA requirements. If we modify our products, we may need to apply for additional regulatory approvals before we are permitted to sell the modified product. In addition, we may not continue to meet the quality and safety standards required to maintain the authorizations that we have received.

Failure to comply with these rules, regulations, self-regulatory codes, circulars, and orders could result in significant civil and criminal penalties and costs and could have a material adverse impact on our business. Also, these regulations may be interpreted or applied by a prosecutorial, regulatory, or judicial authority in a manner that could require us to make changes in our operations or incur substantial defense and settlement expenses. Even unsuccessful challenges by regulatory authorities or private relators could result in reputational harm and the incurring of substantial costs. In addition, many of these laws are vague or indefinite and have not been interpreted by the courts and have been subject to frequent modification and varied interpretation by prosecutorial and regulatory authorities, increasing compliance risks.

Certain modifications to our products may require new 510(k) clearance or other marketing authorizations.

Once a medical device is permitted to be legally marketed in the U.S. pursuant to a 510(k) clearance, a medical device developer may be required to notify FDA of certain modifications to the device. Medical device developers determine in the first instance whether a change to a product requires a new premarket submission, but FDA may review any such decision.

While our products have received 510(k) clearance, we may in the future apply for 510(k) clearance for updated components, which must, then, be found by the FDA to be substantially equivalent to the existing cleared product and, thus, may not be lawfully marketed in the U.S. until FDA make a substantial equivalence determination and issues the requisite 510(k) clearance for the updated product. Although the development of our products have been carefully monitored and documented by professionals who are experienced in the FDA clearance process, there is no assurance that the FDA will agree that an updated component of our product is substantially equivalent to the cleared product and allow the updated product to be marketed in the United States. Although the development of our BNA Platform has been carefully monitored and documented by professionals who are experienced in the FDA clearance process, there is no assurance that the FDA will agree that an updated component of our BNA Platform is substantially equivalent to the cleared BNA Platform and allow the updated BNA Platform to be marketed in the United States. The FDA may determine that the device is not substantially equivalent and require a premarket approval (“PMA”) or, more likely, a de novo reclassification, and/or require further information, such as additional test data, including data from clinical studies, before it is able to make a determination regarding substantial equivalence. By requesting additional information, the FDA can delay market introduction of an updated product. Delays in receipt of or failure to receive any necessary 510(k) clearance, de novo classification, or PMA, or the imposition of stringent restrictions for our products, could have a material adverse effect on our business, results of operations and financial condition.

In the future, we may make other modifications to our products, and determine, based on our review of the applicable FDA regulations and guidance, that in certain instances new 510(k) clearances or other premarket submissions are not required. If FDA disagrees with our determinations, we may be subject to a wide range of enforcement actions, including, for example, a warning letter, among other consequences, after which we will likely have to cease marketing the applicable modified product and/or to recall distributed units of such modified product until we obtain the requisite clearance or approval.

Our acquisition of Evoke increases our exposure to 510(k) regulatory risks due to the expansion of our medical device portfolio.

With our acquisition of Evoke, we have expanded our product portfolio to include additional medical devices that are subject to regulation by the FDA under the 510(k) premarket notification process. As a result, we are now responsible for ensuring ongoing regulatory compliance, post-market surveillance, and reporting obligations for multiple Class II medical devices, including both our BNA Platform and the products acquired from Evoke. This expansion increases our exposure to FDA 510(k) regulatory risks in several ways. Each product line may have unique technical characteristics, intended uses, and regulatory histories, which increases the complexity of our compliance management and the likelihood of regulatory scrutiny. Any compliance issue, adverse event, or regulatory deficiency associated with any product in our expanded portfolio could trigger FDA enforcement actions, including warning letters, product recalls, or withdrawal of marketing clearance, any of which could materially and adversely affect our business, financial condition, and results of operations. Furthermore, modifications to any of the acquired products, or efforts to expand their indications for use, may require new 510(k) submissions, increasing the risk of delays, denials, or additional data requirements from the FDA. The integration of Evoke’s regulatory processes and quality systems into our existing compliance infrastructure may also present challenges, and any gaps or deficiencies in Evoke’s historical compliance could expose us to legacy risks or require remediation efforts. As a result, the addition of Evoke’s products to our portfolio has heightened our overall risk profile with respect to FDA 510(k) regulatory compliance, and any failure to effectively manage these increased risks could have a material adverse effect on our ability to commercialize our products and achieve our strategic objectives.

Ongoing changes in healthcare regulation could negatively affect our revenues, business and financial condition.

The United States healthcare system has been continually evolving at the federal and state level due to comprehensive reforms relating to the payment for, the availability of and reimbursement for healthcare services. Key reforms have ranged from fundamentally changing federal and state healthcare reimbursement programs, including providing comprehensive healthcare coverage to the public under government-funded programs, to minor modifications to existing programs, and many have been challenged (with some being overturned or modified) along the way. One example, among countless others, is the Patient Protection and Affordable Care Act (the “Affordable Care Act”), which was the most significant federal healthcare reform law enacted in the U.S. in recent history. The Affordable Care Act has undergone substantial challenges and changes since its enactment in 2010, and numerous other federal healthcare reform legislation, executive orders, and judicial rulings have been implemented in the years since, most of which have been or are aimed at lowering healthcare costs in the U.S. To the extent any such reform measures or any future initiatives reduce reimbursement or coverage eligibility or any amounts or funds available (such as by reductions in reimbursement to our healthcare provider customers) for our Systems and/or any future products we may market in the U.S. (if any), our business may be adversely affected.

Healthcare reform initiatives will continue to be proposed and may reduce healthcare related funding. It is impossible to predict the ultimate content and timing of any healthcare reform legislation and its resulting impact on us. If significant reforms are made to the healthcare system in the United States, or in other jurisdictions, those reforms may increase our costs or otherwise negatively effect on our business, results of operations, and financial condition.

On April 5, 2017, the European Parliament passed the Medical Devices Regulation (Regulation 2017/745), which repeals and replaces the EU Medical Device Directive and became effective on May 26, 2021. The Medical Devices Regulation, among other things, is intended to establish a uniform, transparent, predictable, and sustainable regulatory framework across the EEA for medical devices and ensure a high level of safety and health while supporting innovation. The new regulations, among other things:

These modifications may have an effect on the way we conduct our business.

Any change in the laws or regulations that govern the clearance and approval processes relating to our current, planned and future products could make it more difficult and costly to obtain clearance or approval for new products or to produce, market and distribute existing products. Significant delays in receiving clearance or approval or the failure to receive clearance or approval for our new products would have an adverse effect on our ability to expand our business.

Our products may contribute to adverse medical events that we are required to report to FDA and other governmental authorities, and if we fail to do so, we would be subject to sanctions that could harm our reputation, business, results of operations, and financial condition. The discovery of serious safety issues with our products, or a recall of our products either voluntarily or at the direction of FDA or another governmental authority, could have a negative impact on us.

We are required to timely file various reports with FDA, including reports required by the medical device reporting regulations which require us to report to FDA when we receive or become aware of information that reasonably suggests that one of our products may have caused or contributed to a death or serious injury or malfunctioned in a way that, if the malfunction were to recur in the device or a similar device that we market, could cause or contribute to a death or serious injury. If we fail to comply with our reporting obligations, FDA or other governmental authorities could take action, including warning letters, untitled letters, administrative actions, criminal prosecution, imposition of civil monetary penalties, revocation of our device clearance, seizure of our products, or delay in clearance of future products. FDA and certain foreign regulatory bodies have the authority to require the recall of commercialized products under certain circumstances.

A government-mandated or voluntary recall by us could occur as a result of an unacceptable risk to health, component failures, malfunctions, labeling or design deficiencies, packaging defects, or other deficiencies, or failures to comply with applicable regulations. If we do not adequately address problems associated with our devices, we may face additional regulatory requirements or enforcement action, including required new marketing authorizations, FDA warning letters, product seizure, injunctions, administrative penalties, or civil or criminal proceedings.

We may initiate voluntary withdrawals, removals, or corrections for our products in the future that we determine do not require notification of FDA because no material compliance issue or safety risk is involved. If FDA disagrees with our determinations, it could require us to report those actions and we may be subject to enforcement action. A future recall announcement or other corrective action could harm our financial results and reputation, potentially lead to product liability claims against us, require the dedication of our time and capital, and negatively affect our sales.

In addition, FDA’s and other regulatory authorities’ policies may change, and additional government regulations may be enacted that could prevent, limit, or delay regulatory approval of our future products. For example, in November 2018, FDA announced that it plans to develop proposals to drive manufacturers utilizing the 510(k) pathway toward the use of newer predicates. It is unclear the extent to which any proposals, if adopted, could impose additional regulatory requirements on us that could delay our ability to obtain new 510(k) clearances, increase the costs of compliance, or restrict our ability to maintain our current clearances.

We also cannot predict the likelihood, nature, or extent of government regulation that may arise from future legislation or administrative or executive action, either in the U.S. or abroad. For example, the Trump Administration previously enacted several executive actions that could impose significant burdens on, or otherwise materially delay, FDA’s ability to engage in routine regulatory and oversight activities. It is difficult to predict how these executive actions and executive actions that may be taken under the Biden Administration may affect FDA’s ability to exercise its regulatory authority. If these executive actions impose constraints on FDA’s ability to engage in oversight and implementation activities in the normal course, our business may be negatively impacted.

Changes in internet regulations could adversely affect our business.

Laws, rules, and regulations governing internet communications, advertising, and e-commerce are dynamic, and the extent of future government regulation is uncertain. Federal and state regulations govern various aspects of our online business, including intellectual property ownership and infringement, trade secrets, the distribution of electronic communications, marketing and advertising, user privacy and data security, search engines, and internet tracking technologies. Future taxation on the use of the internet or e-commerce transactions could also be imposed. Existing or future regulation or taxation could increase our operating expenses and expose us to significant liabilities.

Disruptions at the FDA, other agencies or notified bodies caused by funding shortages or global health concerns could hinder their ability to hire, retain, or deploy key leadership and other personnel, or otherwise prevent new or modified products from being developed, cleared or approved, or commercialized in a timely manner, or at all, which could negatively impact our business.

The ability of the FDA, other agencies and notified bodies to review and authorize or certify for marketing new products can be affected by a variety of factors, including government budget and funding levels, statutory, regulatory and policy changes, agency’s or notified body’s ability to hire and retain key personnel and accept the payment of user fees, and other events that may otherwise affect the agency’s or notified body’s ability to perform routine functions. Average review times at the FDA and other agencies and notified bodies have fluctuated in recent years as a result. In addition, government funding of other government agencies that fund research and development activities is subject to the political process, which is inherently fluid and unpredictable. Disruptions at the FDA, other agencies and notified bodies may also slow the time necessary for new medical devices or modifications to be reviewed and/or cleared, approved or certified by necessary agencies or notified bodies, which would adversely affect our business. For example, over the last several years, the U.S. government has shut down several times and certain regulatory agencies, such as the FDA, have had to furlough critical FDA employees and stop critical activities. In addition, in recent years, the FDA postponed most inspections of domestic and foreign manufacturing facilities at various points in response to the global COVID-19 pandemic. If a prolonged government shutdown occurs, or if global health concerns, including pandemics, were to prevent the FDA or other regulatory authorities from conducting their regular inspections, reviews, or other regulatory activities, it could significantly impact the ability of the FDA or other regulatory authorities to timely review and process our regulatory submissions, which could have a material adverse effect on our business.

In the EU, notified bodies must be officially designated to certify products and services in accordance with the MDR, which regulates the development and sale of medical devices in Europe. While several notified bodies have been designated, the COVID-19 pandemic significantly slowed down their designation process and the current designated notified bodies are facing a large amount of requests with the new regulation, as a consequence of which review times have lengthened although a regulation amending the EU MDR was adopted in March 2023, extending existing transitional provisions to December 31, 2028. This situation could significantly impact the ability of notified bodies to timely review and process our regulatory submissions, which could have a material adverse effect on our business in the EU and EEA (which consists of the 27 EU member states plus Norway, Liechtenstein and Iceland).

The misuse or off-label use of our products may harm our reputation in the marketplace, result in injuries that lead to product liability suits or result in costly investigations, fines or sanctions by regulatory bodies, particularly if we are deemed to have engaged in the promotion of these uses, any of which could be costly to our business.

Our products are Class II medical devices cleared by FDA for commercialization in the U.S. pursuant to the 510(k) notification process. We, thus, are not currently able to promote the products for any other indications for use or make any promotional claims that are inconsistent with, or outside the scope of, our respective FDA clearances (often referred to as “off-label” claims). We, thus, are not currently able to promote the BNA Platform for any other indications for use or make any promotional claims that are inconsistent with, or outside the scope of, such FDA clearance (often referred to as “off-label” claims). However, the assessment of whether a given claim is or is not consistent with a given FDA clearance or approval can often be subjective, and we cannot guarantee that FDA will always agree with our position regarding a particular claim or that all of our employees, representatives, and agents will abide by our marketing policies. If FDA determines that we have promoted any product without the requisite clearance or approval and/or for an off-label or unapproved use, it could take any number of enforcement actions against us, including (among others), issuing untitled or warning letters and/or pursuing an injunction, seizure, civil fine and/or criminal penalties. It is also possible that other federal, state or foreign enforcement authorities might take action under other regulatory authority, such as laws prohibiting false claims for reimbursement, any of which would have a material adverse effect on our financial condition and/or business as a whole.

Additionally, we must have competent and reliable scientific evidence or, where applicable, other adequate substantiation for each reasonable interpretation of every promotional claim we make. In particular, comparative or superiority claims generally require adequate, well controlled, head-to-head clinical studies, comparing the product to the applicable competing products. To the extent we make any claims, or are otherwise held responsible for third-party claims about any product we may market in the United States, without the requisite clinical substantiation, we could be subject to enforcement action by FDA and/or the Federal Trade Commission (FTC), as well as a competitor challenge via the National Advertising Division (NAD) of the Better Business Bureau. Our plans to utilize social media as a primary promotional tool for our device(s) increases the applicable enforcement risk, as it makes it easier for our employees, affiliates, and any third parties with which we may have a relationship and/or arrangement under which we are deemed responsible for such party’s claims about our product(s) to disseminate promotional claims about our product(s) that may be inconsistent with applicable regulations governing device promotions. Further, consumers can bring private false-advertising lawsuits, including class actions, against us for any material misrepresentations and/or deceptive or unsubstantiated claims (among other similar causes of action) in our promotional materials or other advertising. Any of the foregoing could have a material adverse effect on our business.

We may be subject to certain federal, state, and foreign fraud and abuse laws, health information privacy and security laws, and transparency laws, which, if violated, could subject us to substantial penalties. Additionally, any challenge to or investigation into our practices under these laws could cause adverse publicity and be costly to respond to, and thus could harm our business.

There are numerous U.S. federal and state, as well as foreign, laws pertaining to healthcare fraud and abuse, including anti-kickback, false claims, and physician transparency laws. Efforts to ensure that our business arrangements with third parties will comply with applicable healthcare laws and regulations may involve substantial costs. Our business practices and relationships with providers and patients are subject to scrutiny under these laws. We may also be subject to patient information privacy and security regulation by both the federal government and the states and foreign jurisdictions in which we conduct our business. The healthcare laws and regulations that may affect our ability to operate include:

	●	the federal healthcare Medicare and Medicaid Patient Protection Act of 1987 (the “Anti-Kickback Statute”), which prohibits, among other things, persons, and entities from knowingly and willfully soliciting, offering, receiving or providing remuneration, directly or indirectly, in cash or in kind, to induce or reward either the referral of an individual for, or the purchase, lease, order, or arrange for or recommend a good or service, for which payment may be made, in whole or in part, under federal healthcare programs, such as Medicare and Medicaid. The term “remuneration” has been broadly interpreted to include anything of value. The government can establish a violation of the Anti-Kickback Statute without proving that a person or entity had actual knowledge of the law or a specific intent to violate. Moreover, the government may assert that a claim including items or services resulting from a violation of the federal healthcare Anti-Kickback Statute constitutes a false or fraudulent claim for purposes of the federal civil False Claims Act. Although there are a number of statutory exceptions and regulatory safe harbors to the federal healthcare Anti-Kickback Statute protecting certain common business arrangements and activities from prosecution or regulatory sanctions, the exceptions and safe harbors are drawn narrowly. Practices that involve remuneration to those who prescribe, purchase, or recommend medical device products, including discounts, or engaging individuals as speakers, consultants, or advisors, may be subject to scrutiny if they do not fit squarely within an exception or safe harbor. Our practices may not in all cases meet all of the criteria for safe harbor protection from anti- kickback liability. Moreover, there are no safe harbors for many common practices, such as reimbursement support programs, educational or research grants, or charitable donations;
	●	the federal civil False Claims Act, which prohibits, among other things, individuals or entities from knowingly presenting, or causing to be presented, false or fraudulent claims for payment of federal government funds, and knowingly making, using or causing to be made or used a false record or statement material to a false or fraudulent claim to avoid, decrease or conceal an obligation to pay money to the federal government. Private individuals, commonly known as “whistleblowers,” can bring civil False Claims Act qui tam actions, on behalf of the government and such individuals and may share in amounts paid by the entity to the government in recovery or settlement. False Claims Act liability is potentially significant in the healthcare industry because the statute provides for treble damages and mandatory penalties for each false or fraudulent claim or statement. The government may assert that a claim including items or services resulting from a violation of the federal Anti-Kickback Statute constitutes a false or fraudulent claim under the federal civil False Claims Act. Many pharmaceutical and medical device manufacturers have been investigated and have reached substantial settlements under the federal civil False Claims Act in connection with alleged off-label promotion of their products and allegedly providing free products to customers with the expectation that the customers would bill federal health care programs for the product. In addition, manufacturers can be held liable under the federal civil False Claims Act even when they do not submit claims directly to government payers if they are deemed to “cause” the submission of false or fraudulent claims. There are also criminal penalties, including imprisonment and criminal fines, for making or presenting false, fictitious or fraudulent claims to the federal government;

These laws and regulations, among other things, may constrain our business, marketing, and other promotional activities by limiting the kinds of financial arrangements, including sales programs, we may have with physicians or other potential purchasers of our products and consulting agreements we enter into with physicians. Further, while we do not submit claims and our future customers will make the ultimate decision on whether or how to submit any potential claims, we may provide reimbursement guidance and support regarding our products, to the extent reimbursement may be available, which could implicate these laws. Due to the breadth of these laws, the narrowness of statutory exceptions and regulatory safe harbors available, and the range of interpretations to which they are subject, it is possible that some of our current or future practices might be challenged under one or more of these laws.

To enforce compliance with healthcare regulatory laws, certain enforcement bodies have recently increased their scrutiny of interactions between healthcare companies and healthcare providers, which has led to a number of investigations, prosecutions, convictions and settlements in the healthcare industry. For example, U.S. federal and state regulatory and enforcement agencies continue to actively investigate violations of healthcare laws and regulations, including pursuing novel theories of liability under these laws. These government agencies recently have increased regulatory scrutiny and enforcement activity with respect to manufacturer reimbursement support activities and patient support programs, including bringing criminal charges or civil enforcement actions under the federal healthcare Anti-Kickback statute, federal civil False Claims Act, the health care fraud statute, and HIPAA privacy provisions. Responding to investigations can be time and resource consuming and can divert management’s attention from the business. Any such investigation or settlement could increase our costs or otherwise have an adverse effect on our business. Even an unsuccessful challenge or investigation into our practices could cause adverse publicity, and be costly to respond to.

If our operations are found to be in violation of any of the healthcare laws or regulations described above or any other healthcare regulations that may apply to us, we may be subject to administrative, civil and criminal penalties, damages, fines, disgorgement, substantial monetary penalties, exclusion from participation in government healthcare programs, such as Medicare and Medicaid, imprisonment, additional reporting obligations, and oversight if we become subject to a corporate integrity agreement or other agreement to resolve allegations of non-compliance with these laws, reputational harm, and the curtailment or restructuring of our operations.

Since our software platform will utilize cloud-based information systems and the exchange of protected information, we will be subject to numerous U.S. federal and state laws and regulations related to the privacy and security of personally identifiable information, including health information.

Among other data-privacy and/or confidentiality laws to which we may be subject, HIPAA establishes privacy and security standards that limit the use and disclosure of PHI and require covered entities and business associates to implement administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and availability of individually identifiable health information in electronic form, among other requirements.

Violations of HIPAA may result in civil and criminal penalties. We must also comply with HIPAA’s breach notification rule which requires notification to affected individuals and the Secretary of Health and Human Services (“HHS”), and in certain cases to media outlets, in the case of a breach of unsecured PHI. The regulations also require business associates of covered entities to notify the covered entity of breaches by the business associate.

State attorneys general also have the right to prosecute HIPAA violations committed against residents of their states, and HIPAA standards have been used as the basis for the duty of care in state civil suits, such as those for negligence or recklessness in misusing personal information. In addition, HIPAA mandates that HHS conduct periodic compliance audits of HIPAA covered entities and their business associates for compliance.

Many states also have laws that protect the privacy and security of sensitive and personal information, including health information. These laws may be similar to or even more protective than HIPAA and other federal privacy laws. For example, the laws of the State of California are more restrictive than HIPAA. Where state laws are more protective than HIPAA, we must comply with the state laws we are subject to, in addition to HIPAA. For example, California passed the California Consumer Privacy Act or CCPA on June 28, 2018, which went into effect January 1, 2020. On November 3, 2020, the California Privacy Rights Act of 2020 (“CPRA”), which amends the CCPA and adds new privacy protections that became effective on January 1, 2023, was enacted through a ballot initiative. While information we maintain that is covered by HIPAA may be exempt from the CCPA, other records and information we maintain related to patients or personnel may be subject to the CCPA. In certain cases, it may be necessary to modify our planned operations and procedures to comply with these more stringent state laws. Not only may some of these state laws impose fines and penalties upon violators, but also some, unlike HIPAA, may afford private rights of action to individuals who believe their personal information has been misused. In addition, state and federal privacy laws subject to frequent change.

In addition to HIPAA and state health information privacy laws, we may be subject to other state and federal privacy laws, including laws that prohibit unfair privacy and security practices and deceptive statements about privacy and security, laws that place specific requirements on certain types of activities, such as data security and texting, and laws requiring holders of personal information to maintain safeguards and to take certain actions in response to a data breach.

Our subsidiary, Firefly Neuroscience Ltd.” and “Firefly Neuroscience Ltd. , has received Israeli governmental grants to assist in the funding of its research and development activities. The IIA grants which Firefly Neuroscience Ltd.” and “Firefly Neuroscience Ltd. ’s technology has received for research and development expenditures restrict its ability to manufacture products and transfer (including by way of license for R&D purposes) know-how outside of Israel and require it to satisfy specified conditions.

Firefly Neuroscience Ltd.’s technologies were developed, in part, with grants from the Israel Innovation Authority, or IIA (formerly known as the Office of the Chief Scientist of the Ministry of Economy and Industry) in the aggregate amount of approximately $4.60 million. As of December 31, 2025, Firefly Neuroscience Ltd.” and “Firefly Neuroscience Ltd. has paid royalties to the IIA and had a contingent obligation to the IIA (including interest) of $6.043 million. The requirements and restrictions for such grants are set forth in the Encouragement of Research, Development and Technological Innovation in Industry Law, 5744-1984 (formerly known as the Law for the Encouragement of Research and Development in Industry, 5744-1984), or the Innovation Law, the IIA’s rules and guidelines and the terms of these grants.

In general, the recipients of IIA grants are obligated to pay the IIA royalties from the revenues generated from the sale of products and related services developed as a result of a research and development program funded, in whole or in part, by the IIA, at rates which are determined under the IIA’s rules and guidelines (generally of 3% to 6% on sales of IIA-funded products or related services, which rates may be increased under certain circumstances) up to the aggregate amount of the total grants received by the IIA (which may be increased under certain circumstances, as described below), plus annual interest (as determined in the IIA’s rules and guidelines). Following the full payment of such royalties and interest, there is generally no further liability for royalty payments; however, other restrictions under the Innovation Law continue to apply, as described below.

Under the IIA’s rules and guidelines, Firefly Neuroscience Ltd.” and “Firefly Neuroscience Ltd. is generally prohibited from manufacturing products developed using the IIA funding outside of the State of Israel without the prior approval of the IIA (except for the transfer of less than 10% of the manufacturing capacity in the aggregate which requires only a notice) and subject to payment of increased royalties (up to 300% of the grant amount plus accrued interest, depending on the manufacturing volume that is performed outside of Israel). Additionally, under the IIA’s rules and guidelines, Firefly Neuroscience Ltd.” and “Firefly Neuroscience Ltd. is prohibited from transferring the IIA-funded know-how and related intellectual property rights outside of the State of Israel, except under limited circumstances and only with the prior approval of the IIA. Firefly Neuroscience Ltd.” and “Firefly Neuroscience Ltd. may not receive the required approvals for any proposed transfer, and even if received, Firefly Neuroscience Ltd.” and “Firefly Neuroscience Ltd. may be required to pay the IIA a redemption fee of up to 600% of the grant amounts (less paid royalties, if any, and depreciation, but no less than the total grants received) plus accrued interest. Approval of the transfer of know-how to an Israeli company is also required, and may be granted if the recipient assumes all of our responsibilities towards the IIA, including the restrictions on the transfer of know-how and the manufacturing rights outside of Israel and the obligation to pay royalties, and, although such transfer will not be subject to the payment of a redemption fee, there will be an obligation to pay royalties to the IIA from the income of such sale transaction as part of the royalty payment obligation. No assurance can be given that approval for any such transfer, if requested, will be granted.

These restrictions may impair our ability to perform or outsource manufacturing outside of Israel or otherwise transfer or sell Firefly Neuroscience Ltd.” and “Firefly Neuroscience Ltd. ’s IIA funded know-how outside of Israel, without the approval of the IIA. Furthermore, the consideration available to Firefly Neuroscience Ltd.” and “Firefly Neuroscience Ltd. ’s and/or our shareholders in a transaction involving the transfer outside of Israel of know-how developed with IIA funding (such as a merger or similar transaction) may be reduced by any amounts that Firefly Neuroscience Ltd.” and “Firefly Neuroscience Ltd. is required to pay to the IIA. If Firefly Neuroscience Ltd.” and “Firefly Neuroscience Ltd. fails to comply with the requirements of the Innovation Law and the IIA’s rules and guidelines, Firefly Neuroscience Ltd.” and “Firefly Neuroscience Ltd. may become subject to financial sanctions, be required to return certain grants previously received along with interest and penalties and may become subject to criminal proceedings. In addition, the Government of Israel may, from time to time, audit sales of products which it claims incorporate technology funded via IIA programs and this may lead to additional royalties being payable on additional products, and may subject such products to the restrictions and obligations specified hereunder.

It may be difficult to enforce a U.S. judgment against our subsidiary, Firefly Neuroscience Ltd.” and “Firefly Neuroscience Ltd. , and our officers and directors in Israel or otherwise outside the United States, to assert U.S. securities laws claims in Israel or to serve process on our officers and directors.

While we are incorporated in Delaware, our subsidiary, Firefly Neuroscience Ltd.” and “Firefly Neuroscience Ltd. is incorporated in Israel. Some of our executive officers and directors reside outside of the United States, and many of our assets and most of the assets of our executive officers and directors are located outside of the United States. Therefore, a judgment obtained in the United States against us or such executive officers and our directors, including one based on the civil liability provisions of the U.S. federal securities laws, may not be collectible in the United States, and it may be difficult for you to affect service of process on these persons in the United States. In addition, it may be difficult to obtain a judgment in Israel based on the civil liability provisions of U.S. federal securities laws. Israeli courts might not enforce judgments obtained in the United States against us or our non-U.S. directors and executive officers, which may make it difficult to collect on judgments rendered against us or our non-U.S. officers and directors by either a U.S. or foreign court. Moreover, an Israeli court will not enforce a non-Israeli judgment if it was given in a state whose laws do not provide for the enforcement of judgments of Israeli courts (subject to exceptional cases), if its enforcement is likely to prejudice the sovereignty or security of the State of Israel, if it was obtained by fraud or in the absence of due process, if it is at variance with another valid judgment that was given in the same matter between the same parties, or if a suit in the same matter between the same parties was pending before a court or tribunal in Israel at the time the foreign action was brought.

Cybersecurity incidents, including data security breaches or computer viruses, could harm our business by disrupting our delivery of services, damaging our reputation, or exposing us to liability.

We receive, process, store, and transmit, often electronically, data of our customers and others which may be confidential. Unauthorized access to our computer systems or stored data could result in the theft or improper disclosure of confidential information, the deletion or modification of records, or could cause interruptions in our operations. These cybersecurity risks increase when we transmit information from one location to another, including transmissions over the Internet or other electronic networks. Despite implemented security measures, our facilities, systems, and procedures, and those of our third-party service providers, may be vulnerable to security breaches, phishing scams, acts of vandalism, software viruses, misplaced or lost data, programming and/or human errors, or other similar events which may disrupt our delivery of services or expose the confidential information of the Company, our customers and others. Any security breach involving the misappropriation, loss, or other unauthorized disclosure or use of confidential information of our customers or others, whether by us or a third party, could: (i) subject us to civil and criminal penalties; (ii) have a negative impact on our reputation; or (iii) expose us to liability to our customers, third parties, or government authorities. Any of these developments could have a material adverse effect on our business, financial condition, and results of operations.

Foreign data protection, privacy, and other laws and regulations are often more restrictive than those in the U.S. The E.U., for example, traditionally has imposed stricter obligations under its laws and regulations relating to privacy, data protection and consumer protection than the U.S. In May 2018, the GDPR, governing data practices and privacy in the E.U., became effective and replaced the data protection laws of the individual member states. GDPR requires companies to meet stringent requirements regarding the handling of personal data of individuals in the E.U. These more stringent requirements include expanded disclosures to inform members about how we may use their personal data, increased controls on profiling members, and increased rights for members to access, control and delete their personal data. In addition, there are mandatory data breach notification requirements. The law also includes significant penalties for non-compliance, which may result in monetary penalties of up to 20 million Euros or 4% of a company’s worldwide turnover, whichever is higher. GDPR and other similar regulations require companies to give specific types of notice, and informed consent is required for the placement of a cookie or similar technologies on a user’s device for online tracking for behavioral advertising and other purposes and for direct electronic marketing. The GDPR also imposes additional conditions in order to satisfy such consent, such as a prohibition on pre-checked consents. It remains unclear how the U.K. data protection laws or regulations will develop in the medium to longer term and how data transfer to the U.K. from the E.U. will be regulated. Outside of the E.U., there are many other countries with data protection laws, and new countries are adopting data protection legislation with increasing frequency.

Many of these laws may require consent from individuals for the use of data for various purposes, including marketing, which may reduce our ability to market our products.

There is no harmonized approach to these laws and regulations globally. Consequently, we increase our risk of non-compliance with applicable foreign data protection laws and regulations when we expand internationally. We may need to change and limit the way we use personal information in operating our business and may have difficulty maintaining a single operating model that is compliant. Compliance with such laws and regulations will result in additional costs and may necessitate changes to our business practices and divergent operating models, limit the effectiveness of our marketing activities, adversely affect our business, results of operations, and financial condition, and subject us to additional liabilities.

Our business could be adversely affected by professional and legal challenges to our business model or by new state actions restricting our ability to provide our products and services in certain states.

Since the success of our business will be dependent on the widespread adaptation of our software platform as a valid method for statistical analysis of EEG scans, neurologists across multiple geographies will be needed to use our software platform and provide positive feedback and results. This will expose us to legal risk of patients or neurologists who may have a negative experience with our software platform filing lawsuits claiming damages or other claims. This will expose us to legal risk of patients or neurologists who may have a negative experience with our BNA Platform filing lawsuits claiming damages or other claims. Although we will seek insurance coverage for such legal actions, there is no assurance that the amount of coverage will be sufficient to cover these claims. In addition, such legal actions from consumers and neurologists may result in material and adverse effects on our ability to continue to conduct business due to negative press.

Security breaches, data breaches, cyber-attacks, other cybersecurity incidents or the failure to comply with privacy, security and data protection laws could materially impact our operations, patient care could suffer, we could be liable for damages, and our business, operations and reputation could be harmed.

We expect to retain confidential customer personal and financial, patient health information and our own proprietary information and data essential to our business operations. We will rely upon the effective operation of our IT systems, and those of our service providers, vendors, and other third parties to safeguard the information and data. Additionally, our success may be dependent on the success of healthcare providers, many of whom are comprised of individual or small operations with limited IT experience and inadequate or untested security protocols, in managing data privacy and data security requirements. It is critical that the facilities, infrastructure and IT systems on which we depend to run our business and the products we develop remain secure and be perceived by the marketplace and our potential customers to be secure. Despite the implementation of security features in our products and security measures in our IT systems, we and our service providers, vendors, and other third parties may become subject to physical break-ins, computer viruses or other malicious code, unauthorized or fraudulent access, programming errors or other technical malfunctions, hacking or phishing attacks, malware, ransomware, employee error or malfeasance, cyber-attacks, and other breaches of IT systems or similar disruptive actions, including by organized groups and nation-state actors. For example, we may experience cybersecurity incidents and unauthorized internal employee exfiltration of company information.

Further, the frequency of third-party cyber-attacks has increased over the last several years. The military conflict in Ukraine may cause nation-state actors or hackers sympathetic to either side of the conflict to carry out cyber-attacks to achieve their goals, which may include espionage, information gathering operations, monetary gain, ransomware, disruption, and destruction. Significant service disruptions, breaches in our infrastructure and IT systems or other cybersecurity incidents could expose us to litigation or regulatory investigations, impair our reputation and competitive position, be distracting to our management, and require significant time and resources to address. Affected parties or regulatory agencies could initiate legal or regulatory action against us, which could prevent us from resolving the issues quickly or force us to resolve them in unanticipated ways, cause us to incur significant expense and liability, or result in judicial or governmental orders forcing us to cease operations or modify our business practices in ways that could materially limit or restrict the products and services we provide. Concerns over our privacy practices could adversely affect others’ perception of us and deter potential customers, patients and partners from using our products. In addition, patient care could suffer, and we could be liable if our products or IT systems fail to deliver accurate and complete information in a timely manner. We have internal monitoring and detection systems as well as cybersecurity and other forms of insurance coverage related to a breach event covering expenses for notification, credit monitoring, investigation, crisis management, public relations and legal advice. However, damages and claims arising from such incidents may not be covered or may exceed the amount of any coverage and do not cover the time and effort we may incur investigating and responding to any incidents, which may be material. The costs to eliminate, mitigate or recover from security problems and cyber-attacks and incidents could be material and depending on the nature and extent of the problem and the networks or products impacted, may result in network or systems interruptions, decreased product sales, or data loss that may have a material impact on our operations, net revenues and operating results. The costs to eliminate, mitigate or recover from security problems and cyber attacks and incidents could be material and depending on the nature and extent of the problem and the networks or products impacted, may result in network or systems interruptions, decreased product sales, or data loss that may have a material impact on our operations, net revenues and operating results.

Our business will expose us to potential liability for the quality and safety of our products and services, how we advertise and market those products and services and how and to whom we sell them, and we may incur substantial expenses or be found liable for substantial damages or penalties if we are subject to claims or litigation.

Our products and services involve an inherent risk of claims concerning their design, manufacture, safety and performance, how they are marketed and advertised in a complex framework of highly regulated domestic and international laws and regulations, how we package, bundle or sell them to potential customers, who may be private individuals or companies or public entities such as hospitals and clinics, and how we train and support doctors, their staffs and patients who administer or use our products. Moreover, consumer products and services are routinely subject to claims of false, deceptive or misleading advertising, consumer fraud and unfair business practices. Additionally, we may be held liable if any product we develop or manufacture or services we offer or perform causes injury or is otherwise found unhealthy. If our products are safe but they are promoted for off-label usage, we may be investigated, fined or have our products or services enjoined or approvals rescinded or we may be required to defend ourselves in litigation. Although we maintain insurance for product liability, business practices and other types of activities we make or offer, coverage may not be available on acceptable terms, if at all, and may be insufficient for actual liabilities. Any claim for product liability, sales, advertising and business practices, regardless of its merit or eventual outcome, could result in material legal defense costs and damage our reputation, increase our expenses and divert management’s attention.

The ESG regulatory landscape has shifted materially under the current U.S. administration, and we face risks from both the relaxation of certain federal requirements and the continued — and potentially intensifying — pressure from state, international, and market-driven ESG expectations.

At the federal level, the current administration has rolled back or suspended a number of ESG-related regulations. Most notably, the Securities and Exchange Commission has abandoned its defense of its climate risk disclosure rule, which would have required public companies to disclose greenhouse gas emissions and climate-related financial risks, and has revised its guidance on shareholder proposals in ways that make it easier for companies to exclude ESG-related proposals from proxy materials. The Department of Labor has also initiated rulemaking to rescind or replace Biden-era rules permitting pension fund managers to consider ESG factors in investment decisions.

Additionally, the administration has revoked billions of dollars in clean energy and transportation funding, rolled back environmental regulations, and taken executive action aimed at limiting the ability of state and local governments to regulate energy and environmental matters.

While these federal rollbacks may provide near-term compliance relief, they introduce new categories of risk. The fragmentation of ESG regulation — with the federal government moving in one direction while many U.S. states and international jurisdictions move in another — creates a complex and potentially more costly compliance environment than a uniform federal framework would. Blue states, including California, have moved aggressively to expand their own ESG disclosure and enforcement regimes, and we expect increased litigation as state attorneys general challenge both federal rollbacks and corporate ESG practices, including on greenwashing theories. We may face claims that our ESG disclosures or commitments were false or misleading, regardless of whether such disclosures were made in response to federal requirements.

Our global operations remain subject to significant and evolving ESG requirements outside the United States. The European Union's Sustainable Finance Disclosure Regulation, Corporate Sustainability Reporting Directive, and related frameworks impose disclosure and compliance obligations that apply to us regardless of changes in U.S. federal policy. A growing divergence between U.S. and international ESG standards may increase our compliance costs, require us to maintain different reporting frameworks for different markets, and affect our competitiveness with companies subject to more uniform regulatory regimes.

We also face continued and potentially increasing pressure from investors, proxy advisory services, and other market participants. Notwithstanding the change in federal policy direction, institutional investors and investment funds with global mandates continue to apply ESG screens and engagement strategies. If our ESG practices fail to meet evolving investor expectations — including with respect to environmental stewardship, human capital management, supply chain practices, board diversity, and corporate governance — our access to capital, stock price, and relationships with key counterparties may be adversely affected. Conversely, if we maintain or expand ESG commitments that are perceived as contrary to the current federal regulatory environment or the preferences of certain investors, we may face different reputational or commercial pressures.

Meeting our obligations under existing ESG laws and regulations — at the state, federal, and international levels — is already costly, and we expect those costs to remain significant and potentially increase as the regulatory landscape continues to evolve. We cannot provide assurance that we will be in compliance with all applicable requirements at all times, or that our suppliers will be in compliance. If we or our suppliers fail to comply with any applicable ESG requirements, we could be subject to penalties, litigation, reputational harm, and loss of customers or business partners.

Given the pace and unpredictability of changes in ESG-related laws, regulations, investor expectations, and public sentiment, we may be unable to anticipate, adapt to, or accurately communicate our ESG practices in a manner that satisfies all stakeholders. Any failure to do so could adversely affect our business, financial condition, results of operations, and stock price. Any of these results from litigation could adversely affect our business, financial condition, and results of operations.

We are subject to consumer protection laws that regulate our marketing practices and prohibit unfair or deceptive acts or practices. Our actual or perceived failure to comply with such obligations could harm our business, and changes in such regulations or laws could require us to modify our products, marketing or advertising efforts.

In connection with the marketing or advertisement of our products and services, we could be the target of claims relating to false, misleading, deceptive, or otherwise noncompliant advertising or marketing practices, including under the auspices of the FTC and state consumer protection statutes. If we rely on third parties to provide any marketing and advertising of our products and services, we could be liable for, or face reputational harm as a result of, their marketing practices if, for example, they fail to comply with applicable statutory and regulatory requirements.

If we are found to have breached any consumer protection, advertising, unfair competition, or other laws or regulations, we may be subject to enforcement actions that require us to change our marketing and business practices in a manner which may negatively impact us. This could also result in litigation, fines, penalties, and adverse publicity that could cause reputational harm and loss of patient trust, which could have an adverse effect on our business.

New FDA Quality Management System Regulation (“QMSR”) requirements could increase our compliance costs and expose us to additional regulatory risk.

The FDA’s Quality Management System Regulation (“QMSR”) becomes effective on February 2, 2026 and amends the medical device current good manufacturing practice requirements in 21 CFR Part 820 by incorporating by reference ISO 13485:2016. While the QMSR is intended to better harmonize FDA quality system requirements with international standards—which may facilitate international expansion over time—transitioning our quality management system, procedures, documentation, training, supplier controls, and internal audit processes to ensure full compliance with the QMSR may require significant management attention, additional personnel and consulting resources, and increased operating expenses.

If we do not implement changes to our quality system in a timely or effective manner, we may be unable to consistently demonstrate compliance during FDA inspections or other regulatory reviews. Noncompliance could result in warning letters, product holds or delays in review of submissions, import/export or distribution restrictions, product seizures, recalls, civil penalties, injunctions, or other enforcement actions, any of which could adversely affect our business, financial condition, results of operations, and cash flows. In addition, regulatory expectations and inspection approaches under the QMSR may evolve as the FDA implements the rule, creating uncertainty and potentially increasing the risk of findings, remediation obligations, and related costs.

Risks related to Our Intellectual Property

Our success depends in part on our proprietary technology, and if we are unable to successfully enforce our intellectual property rights, our competitive position may be harmed.

Our success will depend in part on our ability to maintain existing intellectual property and to obtain and maintain further intellectual property protection for our products and services, both in the U.S. and in other countries. We intend to protect our intellectual property rights, including our AI technology and related algorithms, through a combination of patent, trademark, copyright, and trade secret laws, as well as third-party confidentiality and assignment agreements. Our inability to do so could harm our competitive position.

We rely on our portfolio of issued and pending patent applications in the U.S. and other countries to protect a large part of our intellectual property and our competitive position; however, our currently pending or future patent filings may not result in the issuance of patents. While we generally apply for patents in those countries where we intend to make, have made, use, or sell patented products, we may not accurately predict all of the countries where patent protection will ultimately be desirable. If we fail to timely file for a patent, we may be precluded from doing so at a later date.

Economic and trade policy, including tariffs and customs regulations, could have a material and adverse effect on our business.

The U.S. has established free trade laws and regulations that set certain duties and tariffs for qualifying imports and exports, subject to compliance with the applicable classification and other requirements. Changes in laws or policies governing the terms of foreign trade, and in particular increased trade restrictions, tariffs or taxes on imports from countries where components of our products may be sourced, such as China, could have a material adverse effect on our business and financial results. In recent years, the U.S. and Chinese governments have imposed a series of significant incremental retaliatory tariffs to certain imported products. Most notably with respect to the automotive industry, the U.S. imposed tariffs on imports of certain steel, aluminum and automotive components, and China imposed retaliatory tariffs on imports of U.S. vehicles and certain automotive components. Further, the U.S. administration recently has proposed and begun to enact additional or enhanced tariffs in various jurisdictions relevant to our business. Implementation of tariffs or other restrictive trade measures by the United States and potentially reciprocally by other countries subject to such to tariffs remains highly uncertain. Due to the global nature of our business, specifically in the jurisdictions impacted by the recent tariffs announcements, if the actual and potential tariffs and reciprocal tariffs are implemented as currently proposed, our results of operations could be materially negatively impacted, both directly and indirectly through negative effects to our supply chain, as a result of increased costs, decreased demand and other adverse economic impacts, and we may not be able to successfully mitigate or offset such impacts. Depending upon their implementation and duration, as well as our ability to mitigate their impact, these tariffs and any other future regulatory actions implemented on a broader range of products or raw materials could materially affect our business, including in the form of increased cost of goods sold, decreased margins, increased pricing for customers, reduced sales and disruption in our supply chain. Furthermore, additional trade restrictions could be adopted with little to no advanced notice, and we may not be able to effectively mitigate the adverse impacts from such measures, which could further increase the cost of our products, disrupt our supply chain and impair our ability to effectively operate and compete in the countries where we do business.

In addition, various countries regulate cross-border transactions of certain products through import permitting and licensing requirements. The exportation, re-exportation, transfers within foreign countries and importation of our products, including by our suppliers and vendors, must comply with these laws and regulations, and any violations may result in reputational harm, government investigations and penalties, and a denial or curtailment of importing or exporting activities. Complying with U.S. export, sanctions and import laws, including ongoing and rapidly changing sanctions against certain countries, regions, governments and related persons and entities, may be time consuming, may increase our costs, and may result in the delay or loss of sales opportunities. If we are found to be in violation of U.S. export, sanctions or import laws, or similar laws in other jurisdictions, we and the individuals working for us could incur substantial fines and penalties. Changes in export, sanctions or import laws or regulations may delay the sale of complementary products in the U.S. and international markets, and require us to spend resources to seek necessary alternatives, or, in some cases, prevent the export or import of complementary products to certain countries, regions, governments, persons or entities, which could adversely affect our business, financial condition and operating results.

Patent rights are territorial, and patent protection extends only to those countries where we have issued patents. Filing, prosecuting and defending patents on our products and our future products in all countries and jurisdictions throughout the world would be prohibitively expensive, and our intellectual property rights in some countries outside the United States could be less extensive than those in the United States. Many countries do not protect intellectual property to the same extent as the U.S. or Europe, and their litigation processes differ. Competitors may successfully challenge or avoid our patents, or manufacture products in countries where we have not applied for patent protection. Changes in the patent laws in the U.S. or other countries may diminish the value of our patent rights. As a result of these and other factors, the scope, validity, enforceability, and commercial value of our patent rights are uncertain and unpredictable.

Furthermore, the patent positions of medical device companies involve complex legal and factual questions, and, therefore, the issuance, scope, validity and enforceability of any patent claims that we may obtain cannot be predicted with certainty. The issuance of a patent, while presumed valid and enforceable, is not conclusive as to its validity or its enforceability and it may not provide us with adequate proprietary protection or competitive advantages against competitors with similar products. Any patents issued to us may be challenged, invalidated, held unenforceable, circumvented, or may not be sufficiently broad to prevent third parties from producing competing products similar in design to our products. In addition, any protection afforded by foreign patents may be more limited than that provided under U.S. patent and intellectual property laws. There can be no assurance that any of our patents, any patents licensed to us, or any patents which we may be issued in the future, will provide us with a competitive advantage or afford us protection against infringement by others, or that the patents will not be successfully challenged or circumvented by third parties, including our competitors. Further, there can be no assurance that we will have adequate resources to enforce our patents. Competitors may also be able to design around our patents. Other parties may develop and obtain patent protection for more effective technologies, designs or methods.

Our ability to enforce our patent rights depends on our ability to detect infringement. It is difficult to detect infringers who do not advertise the components that are used in their products. Moreover, it may be difficult or impossible to obtain evidence of infringement in a competitor’s or potential competitor’s product, particularly in litigation in countries other than the U.S. that do not provide an extensive discovery procedure. Any litigation to enforce or defend our patent rights, if any, even if we were to prevail, could be costly and time-consuming and would divert the attention of our management and key personnel from our business operations. We may not prevail in any lawsuits that we initiate and the damages or other remedies awarded if we were to prevail may not be commercially meaningful.

Moreover, advances in AI technology may generate developments that existing IP laws do not adequately protect. The legislative and regulatory environment is out of our control, may change rapidly and unpredictably, and may negatively influence our revenue, costs, earnings, and growth. Some rules and regulations may be subject to litigation or other challenges that delay or modify their implementation and impact on us.

We also may seek to rely on protection of copyright, trade secrets, know how, and confidential and proprietary information. We generally enter into confidentiality and non-compete agreements with our employees, consultants, and collaborative partners upon their commencement of a relationship with us. However, these agreements may not provide meaningful protection against the unauthorized use or disclosure of our trade secrets or other confidential information, and adequate remedies may not exist if unauthorized use or disclosure were to occur. The exposure of our trade secrets and other proprietary information would impair our competitive advantages and could have a material adverse effect on our operating results, financial condition, and future growth prospects. In particular, a failure to protect our proprietary rights might allow competitors to copy our technology, which could adversely affect our pricing and market share. We may not be able to prevent the unauthorized disclosure or use of our technical knowledge or trade secrets by consultants, vendors, former employees and current employees. Further, other parties may independently develop substantially equivalent know-how and technology.

We currently own registered trademarks for our BNA Platform and Evoke Systems, and we intend to rely on both registered and common law rights for our trademarks in the future. There can be no assurance that our future trademark applications will be approved. Third parties may also oppose our trademark applications, or otherwise challenge our use of the trademarks. In the event that our trademarks are successfully challenged, we could be forced to rebrand our products and services, which could result in loss of brand recognition, and could require us to devote resources to advertising and marketing new brands. Further, there can be no assurance that competitors will not infringe our trademarks, or that we will have adequate resources to enforce our trademarks.

Litigation, interferences, oppositions, re-exams, inter partes reviews, post grant reviews, or other proceedings are, have been, and may in the future be necessary in some instances to determine the validity and scope of certain of our proprietary rights, and in other instances to determine the validity, scope, or non-infringement of certain proprietary rights claimed by third parties to be pertinent to the manufacture, use, or sale of our products or provision of our services. These types of proceedings are unpredictable and may be protracted, expensive, and distracting to management. The outcome of such proceedings could adversely affect the validity and scope of our patent or other proprietary rights, hinder our ability to manufacture and market our products and provide our services, require us to seek a license for the infringed product or technology, or result in the assessment of significant monetary damages. An unfavorable ruling could include monetary damages or, in cases where injunctive relief is sought, an injunction prohibiting us from selling our products or providing our services. Any of these results from litigation could adversely affect our business, financial condition, and results of operations.

Successful cybersecurity attacks, data breaches, unapproved use of machine learning or AI tools, or other security incidents could result in the loss of IP and key technological advantages. Security incidents could result in, for example, unauthorized access to, disclosure, modification, misuse, loss, or destruction of company, patient, or other third party data; theft or import of sensitive, regulated, or confidential data including personal information and IP, such as key innovations in AI; the loss of access to critical data or systems through ransomware; and business delays.

If we infringe or violate the patents or proprietary rights of other parties or are subject to an intellectual property infringement or misappropriation claim, our ability to grow our business may be severely limited.

Our commercial success also depends upon our ability, and the ability of any third party with which we may partner, to develop, manufacture, market and sell our products, if approved, and use our patent-protected technologies without infringing the patents of third parties. Extensive litigation over patents and other intellectual property rights is common in the medical device industry.

We may not have identified all patents, published applications or published literature that affect our business either by blocking our ability to commercialize our products, by preventing the patentability of one or more aspects of our products, or by covering the same or similar technologies that may affect our ability to market our products. For example, we may not have conducted a patent clearance search sufficient to identify potentially obstructing third party patent rights. Moreover, patent applications in the United States are maintained in confidence for up to 18 months after their filing. In some cases, however, patent applications remain confidential in the U.S. Patent and Trademark Office, or the USPTO, for the entire time prior to issuance as a U.S. patent. Patent applications filed in countries outside of the United States are not typically published until at least 18 months from their first filing date. Similarly, publication of discoveries in the scientific or patent literature often lags behind actual discoveries. We cannot be certain that we were the first to invent, or the first to file, patent applications covering our products. We also may not know if our competitors filed patent applications for technology covered by our pending applications or if we were the first to invent the technology that is the subject of our patent applications. Competitors may have filed patent applications or received patents and may obtain additional patents and proprietary rights that block or compete with our patents.

We may therefore in the future be the subject of patent or other litigation. From time to time, we may in the future receive letters from third parties drawing our attention to their patent rights. While we do not believe that we infringe upon any valid and enforceable rights that have been brought to our attention, and we take necessary steps to ensure that we do not infringe on the rights of others, there may be other more pertinent rights of which we are presently unaware. The defense and prosecution of intellectual property suits, interference proceedings, and related legal and administrative proceedings could result in substantial expense to us and significant diversion of effort by our technical and management personnel. An adverse determination of any litigation or interference proceeding to which we may become a party could subject us to significant liabilities. An adverse determination of this nature could also put our patents at risk of being invalidated or interpreted narrowly or require us to seek licenses from third parties. Licenses may not be available on commercially reasonable terms or at all, in which event, our business would be materially adversely affected. Intellectual property litigation or claims could force us to cease developing, selling or otherwise commercializing one or more of our products; to pay substantial damages for past use of the asserted intellectual property; and redesign, or rename in the case of trademark claims, our product(s) to avoid such third party rights, which may not be possible or which could be costly and time-consuming. Any of these risks coming to fruition could have a material adverse effect on our business, results of operations, financial condition and prospects.

Our failure to secure trademark registrations could adversely affect our ability to market our products and operate our business.

Any future trademark applications in the United States and any other jurisdictions where we may file may not be allowed registration, and we may not be able to maintain or enforce our registered trademarks. During trademark registration proceedings, we may receive rejections. Although we are given an opportunity to respond to those rejections, we may be unable to overcome such rejections. In addition, in the USPTO and in corresponding foreign agencies, third parties are given an opportunity to oppose pending trademark applications and to seek to cancel registered trademarks. Opposition or cancellation proceedings may be filed against our applications and/or registrations, and our applications and/or registrations may not survive such proceedings. Failure to secure such trademark registrations in the United States and in foreign jurisdictions could adversely affect our ability to market our products and our business.

We may be subject to claims that our employees have wrongfully used or disclosed alleged trade secrets of their former employers.

As is common in the medical device industry, we may employ individuals who were previously employed at other companies similar to ours, including our competitors or potential competitors. We may become subject to claims that these employees or we have inadvertently or otherwise used or disclosed trade secrets or other proprietary information of their former employers. Litigation may be necessary to defend against these claims. Even if we are successful in defending against these claims, litigation could result in substantial costs and be a distraction to management.

Obtaining and maintaining patent protection depends on compliance with various procedures and other requirements, and our patent protection could be reduced or eliminated in case of non-compliance with these requirements.

Periodic maintenance fees, renewal fees, annuity fees and various other governmental fees on patents and/or applications will be due to the relevant patent agencies in several stages over the lifetime of the patents and /or applications. The relevant patent agencies require compliance with a number of procedural, documentary, fee payment and other provisions during the patent application process. In many cases, an inadvertent lapse can be cured by payment of a late fee or by other means in accordance with the applicable rules. However, there are situations in which the failure to comply with the relevant requirements can result in the abandonment or lapse of the patent or patent application, resulting in partial or complete loss of patent rights in the relevant jurisdiction. In such an event, our competitors might be able to use our technologies and know-how which could have a material adverse effect on our business, prospects, financial condition and results of operation.

Patent terms may be inadequate to protect our competitive position on our products for an adequate amount of time.

Patents have a limited lifespan. In the United States, if all maintenance fees are timely paid, the natural expiration of a patent is generally 20 years from its earliest U.S. non-provisional filing date. Various extensions may be available, but the life of a patent, and the protection it affords, is limited. Even if patents covering our products are obtained, once the patent life has expired for a product, we may be open to competition from competitive products. Given the amount of time required for the development, testing and regulatory review of new products, patents protecting such products might expire before or shortly after such products are commercialized. As a result, our patent portfolio may not provide us with sufficient rights to exclude others from commercializing products similar or identical to ours.

We may be subject to claims challenging the inventorship of our patents and other intellectual property.

We may be subject to claims that former employees, collaborators or other third parties have an interest in our patents or other intellectual property as an inventor or co-inventor or an author. For example, we may have inventorship or ownership disputes arise from conflicting obligations of consultants or others who are involved in developing our products. Litigation may be necessary to defend against these and other claims challenging inventorship or our ownership of our patents or other intellectual property. If we fail in defending any such claims, in addition to paying monetary damages, we may lose valuable intellectual property rights, such as exclusive ownership of, or right to use, valuable intellectual property. Such an outcome could have a material adverse effect on our business. Even if we are successful in defending against such claims, litigation could result in substantial costs and be a distraction to management and other employees.

We use AI in our business, and challenges with properly managing its use could result in reputational harm, competitive harm, and legal liability, and adversely affect our results of operations.

We incorporate AI solutions into our software platform, services, and features, and these applications are important in our operations. Our competitors or other third parties may incorporate AI into their products more quickly or more successfully than us, which could impair our ability to compete effectively and adversely affect our results of operations.

Additionally, if the content, analyses, or recommendations that AI applications assist in producing are or are alleged to be deficient, inaccurate, or biased, our business, financial condition, and results of operations may be adversely affected. Our use of AI and machine learning is subject to risks related to flaws in our algorithms and datasets that may be insufficient or contain biased information. The development of AI technologies is complex, and there are several challenges associated with achieving the desired level of accuracy, efficiency, and reliability. The algorithms and models used in our AI systems may have limitations, including biases, errors, or inability to handle certain data types or scenarios. There is a risk of system failures, disruptions, or vulnerabilities that could compromise the integrity, security, or privacy of our platform. These failures could result in reputational damage, legal liabilities, or loss of user confidence, which could materially affect our business.

The use of AI applications has resulted in, and may in the future result in, cybersecurity incidents that implicate the personal data of patients and users of such applications. Any such cybersecurity incidents related to our use of AI applications could adversely affect our reputation and results of operations. AI also presents emerging ethical issues, and if our use of AI becomes controversial, we may experience brand or reputational harm, competitive harm, or legal liability. The rapid evolution of AI, including potential government regulation of AI, will require significant resources to develop, test and maintain our platform, services, and features to help us implement AI ethically in order to minimize unintended, harmful impact.

Legislative and governmental activity in the privacy area may result in new laws or regulations that are applicable to us and that may hinder our business, for example, by restricting use or sharing of patient data, limiting our ability to provide certain data to our customers, limiting our ability to develop or modify our AI systems, or otherwise regulating AI and machine learning, including the use of algorithms and automated processing in ways that could materially affect our business, or which may lead to significant increases in the cost of compliance.

General Risks Related to Us

Our limited access to sufficient funding may hinder our ability to conduct planned operations and realize potential profits.

To date, we have primarily funded our operations through the sale of equity securities and the issuance of convertible notes. These funding sources have been critical to supporting our ongoing research and development initiatives, maintaining our workforce, and financing our early commercialization efforts. However, the capital we have raised to date has not been sufficient to cover our long-term operational needs, and we continue to rely on external funding to sustain and grow our business. Although we have had success in raising funds previously, the availability of capital markets is subject to a variety of factors beyond our control, including macroeconomic conditions, investor sentiment, and market volatility.

There is no assurance that future financing will be available to us on acceptable terms. Market conditions or changes in our financial performance may limit our ability to attract new investment. If we are unable to raise sufficient funds through equity or debt financing or other strategic alternatives, we may be forced to delay, scale back, or discontinue our product development and commercialization efforts, reduce our workforce, or suspend or curtail planned operations altogether.

Moreover, the report of our independent registered public accounting firm for the fiscal year ended December 31, 2025, includes a statement that substantial doubt exists about our ability to continue as a going concern, which may also limit our ability to access the capital markets or obtain favorable financing terms. The going concern qualification may raise concerns among potential investors, creditors, and business partners, making it more challenging to secure future funding or enter into strategic relationships. Without adequate financing, we may be unable to achieve our planned milestones, capitalize on market opportunities, or execute our growth strategy in a timely and effective manner.

We may not continue to meet the continued listing requirements of Nasdaq, which could result in a delisting of our Common Stock.

Our Common Stock is listed on Nasdaq. While we are currently in compliance, WaveDancer has in the past been, and we may in the future be, unable to comply with certain of the listing standards that we are required to meet to maintain the listing of our Common Stock on Nasdaq. While we are currently in compliance, WaveDancer has been in the past been, and we may in the future be, unable to comply with certain of the listing standards that we are required to meet to maintain the listing of our Common Stock on Nasdaq. For instance, on August 8, 2024, WaveDancer received a letter from the Listing Qualifications Department of the Nasdaq Stock Market LLC (the “Staff”) indicating that in the former WaveDancer’s Quarterly Report on Form 10-Q filed with the SEC on May 14, 2024, WaveDancer reported stockholders’ equity of $1,708,520 for the period ended March 31, 2024, which did not comply with Listing Rule 5550(b)(1) (the “Minimum Stockholders’ Equity Requirement”). Additionally, as previously reported, in a decision dated November 14, 2023, a Nasdaq Hearings Panel (the “Panel”) confirmed that we had regained compliance with the Minimum Stockholders’ Equity Requirement for a prior outstanding deficiency under the Minimum Stockholders’ Equity Requirement as related to the WaveDancer’s stockholders’ equity for the period ended March 31, 2023. In the decision, the Panel imposed a Mandatory Panel Monitor for a period of one year or until November 14, 2024, which would require the Staff to issue a Delist Determination Letter in the event that WaveDancer, prior to the consummation of the Merger, or we, following the consummation of the Merger, failed to maintain compliance with the Minimum Stockholders’ Equity Rule. On August 13, 2024, we received a notice from the Nasdaq Stock Market LLC indicating that following the Staff’s review of the Merger, the Staff determined that we now comply with the Minimum Stockholders’ Equity Requirement and that the matter is now closed.

While we have regained compliance with the continued listing requirements for Nasdaq, it cannot be assured that we will continue to do so. If Nasdaq delists our Common Stock from trading on its exchange for failure to meet the listing standards, an investor would likely find it significantly more difficult to dispose of or obtain our shares, and our ability raise future capital through the sale of our shares could be severely limited. Delisting could also have other negative results, including the potential loss of confidence by employees, the loss of institutional investor interest and fewer business development opportunities. Additionally, if we are unable to list on Nasdaq, it would likely be more difficult to trade in or obtain accurate quotations as to the market price of our Common Stock. If our securities are delisted from trading on Nasdaq, and we are not able to list its securities on another exchange or to have them quoted on Nasdaq, our securities could be quoted on the OTC Bulletin Board or on the “pink sheets.” As a result, we could face significant adverse consequences including:

The market price of our Common Stock may be subject to significant fluctuations and volatility, and the stockholders of the company may be unable to resell their shares at a profit and may incur losses.

Prior to the Merger, there has not been a public market for our Common Stock. The market price of our Common Stock could be subject to significant fluctuation. The previous business of WaveDancer differs from our business in important respects and, accordingly, our results of operations and the market price of our Common Stock following the Merger may be affected by factors different from those currently affecting the results of operations of WaveDancer. Market prices for securities of life sciences and medical technology companies in particular have historically been particularly volatile and have shown extreme price and volume fluctuations that have often been unrelated or disproportionate to the operating performance of those companies. Broad market and industry factors, as well as general economic, political and market conditions such as recessions or interest rate changes, may seriously affect the market price of our Common Stock, regardless of our actual operating performance. Some of the factors that may cause the market price of our Common Stock to fluctuate include:

In the past, following periods of volatility in the overall market and the market prices of particular companies’ securities, securities class action litigation has often been instituted against these companies. Litigation of this type, if instituted against us, could result in substantial costs and a diversion of our management’s attention and resources. Any adverse determination in any such litigation or any amounts paid to settle any such actual or threatened litigation could require us to make significant payments.

We currently take advantage of reduced disclosure and governance requirements applicable to smaller reporting companies, which could result in our Common Stock being less attractive to investors.

We have a public float of less than $250 million and therefore qualify as a smaller reporting company under the rules of the SEC. As a smaller reporting company, we are able to take advantage of reduced disclosure requirements, such as simplified executive compensation disclosures and reduced financial statement disclosure requirements in our SEC filings. Decreased disclosures in our SEC filings due to our status as a smaller reporting company may make it harder for investors to analyze our results of operations and financial prospects. We cannot predict if investors will find our Common Stock less attractive if we rely on these exemptions. If some investors find our Common Stock less attractive as a result, there may be a less active trading market for our Common Stock and our stock price may be more volatile. We may take advantage of the reporting exemptions applicable to a smaller reporting company until we are no longer a smaller reporting company, which status would end once we have a public float greater than $250 million. In that event, we could still be a smaller reporting company if our annual revenues were below $100 million and we have a public float of less than $700 million.

Our Charter provides that the Court of Chancery of the State of Delaware will be the sole and exclusive forum for substantially all disputes between us and our stockholders, which could limit our stockholders’ ability to obtain a favorable judicial forum for disputes with us or our directors, officers or employees.

Our Charter provides that, unless we consent in writing to the selection of an alternative forum, the Court of Chancery of the State of Delaware is the sole and exclusive forum for (i) any derivative action or proceeding brought on behalf of the Company, (ii) any action asserting a claim of breach of a fiduciary duty owed by any current or former director, officer or stockholder to us or our stockholders, (iii) any action asserting a claim against the Company, its current or former directors, officers or employees arising pursuant to any provision of the DGCL or the Charter or the Bylaws, (iv) any action as to which the DGCL confers jurisdiction on the Court of Chancery of the State of Delaware, or (v) any action asserting a claim against us, our directors, officers or employees governed by the internal affairs doctrine. This exclusive forum provision would not apply to suits brought to enforce any liability or duty created by the Securities Act or the Exchange Act, or any other claim for which the federal courts have exclusive jurisdiction. To the extent that any such claims may be based upon federal law claims, Section 27 of the Exchange Act creates exclusive federal jurisdiction over all suits brought to enforce any duty or liability created by the Exchange Act or the rules and regulations thereunder. Furthermore, Section 22 of the Securities Act creates concurrent jurisdiction for federal and state courts over all suits brought to enforce any duty or liability created by the Securities Act or the rules and regulations thereunder.

This choice of forum provision may limit a stockholder’s ability to bring a claim in a judicial forum that it finds favorable for disputes with us or our directors, officers or employees, which may discourage such lawsuits against us and our directors, officers or employees. If a court were to find the choice of forum provision contained in our certificate of incorporation to be inapplicable or unenforceable in an action, we may incur additional costs associated with resolving such action in other jurisdictions, which could have a material adverse effect on our business, financial condition, results of operations and prospects.

We will issue additional equity securities in the future, which may result in dilution to existing investors.

To the extent we raise additional capital by issuing equity securities, our stockholders may experience substantial dilution. We will, from time to time, sell additional equity securities in one or more transactions at prices and in a manner it determines. If we sell additional equity securities, existing stockholders may be materially diluted. In addition, new investors could gain rights superior to existing stockholders, such as liquidation and other preferences. In addition, the number of shares available for future grant under our equity compensation plans may be increased in the future. In addition, the exercise or conversion of outstanding options or warrants to purchase shares of capital stock may result in dilution to our stockholders upon any such exercise or conversion.

All of WaveDancer’s outstanding shares of common stock, and any shares of WaveDancer Common Stock that were issued in the Merger are, freely tradable without restrictions or further registration under the Securities Act, except for any shares held by our affiliates, as defined in Rule 144 under the Securities Act. Rule 144 defines an affiliate as a person who directly, or indirectly through one or more intermediaries, controls, or is controlled by, or is under common control with, us and would include persons such as our directors and executive officers and large stockholders. In turn, resales, or the perception by the market that a substantial number of resales could occur, could have the effect of depressing the market price of our Common Stock.

We are subject to the SEC's "baby shelf" rules, which limit the amount we may raise pursuant to our shelf registration statement, and our ability to access capital markets may be constrained as a result.

As a non-accelerated filer, we are subject to General Instruction I.B.6 of Form S-3, which limits the aggregate market value of securities we may offer and sell pursuant to our registration statement on Form S-3 (File No. 333-282931) during any 12-calendar-month period to one-third of the aggregate market value of our common equity held by non-affiliates (our "public float").

This limitation may significantly restrict our ability to raise capital through public offerings at times and in amounts we deem necessary or desirable, including under our at-the-market offering program with Konik Capital Partners, LLC. We have incurred recurring operating losses as of December 31, 2025, and we have additional capital needs. If the baby shelf limitation prevents us from raising sufficient capital when needed through our shelf registration statement, we may be required to seek alternative financing sources, including private placements, registered direct offerings, or debt financings, which may not be available on terms acceptable to us or at all, or which may result in greater dilution to our stockholders. There can be no assurance that any of our patents, any patents licensed to us, or any patents which we may be issued in the future, will provide us with a competitive advantage or afford us protection against infringement by others, or that the patents will not be successfully challenged or circumvented by third parties, including our competitors.

We will become eligible to use Form S-3 without the baby shelf limitation only if our public float exceeds $75 million as of a date within 60 days prior to the filing of any prospectus supplement. If our public float does not increase above this threshold, we will remain subject to this limitation for the foreseeable future. The inability to raise sufficient capital in a timely manner could require us to delay, reduce, or eliminate our commercialization efforts and product development activities, and could have a material adverse effect on our business, financial condition, results of operations, and prospects, including our ability to continue as a going concern. Unfavorable or inconsistent clinical data from future clinical studies conducted by us, our competitors, or third parties, or the negative interpretation of our clinical data internally and externally, including by customers, competitors, patients, and regulators could harm our business, financial condition, and results of operations.

Certain stockholders could attempt to influence changes, which could adversely affect our operations, financial condition and the value of our Common Stock.

Our stockholders may from time to time seek to acquire a controlling stake, engage in proxy solicitations, advance stockholder proposals or otherwise attempt to effect changes. Campaigns by stockholders to effect changes at publicly traded companies are sometimes led by investors seeking to increase short-term stockholder value through actions such as financial restructuring, increased debt, special dividends, stock repurchases or sales of assets or the entire company. Responding to proxy contests and other actions by activist stockholders can be costly and time-consuming and could disrupt our operations and divert the attention of the Board and senior management from our business and operations. These actions could adversely affect our operations, financial condition and the value of our Common Stock.

The sale or availability for sale of a substantial number of shares of Common Stock could adversely affect the market price of such shares.

Sales of a substantial number of shares of Common Stock in the public market and other legal restrictions on resale, or the perception that these sales could occur, could adversely affect the market price of such shares and could materially impair our ability to raise capital through equity offerings in the future. As of March 25, 2026 we have approximately 14,793,075 shares of Common Stock outstanding. We are unable to predict what effect, if any, market sales of securities held by our significant stockholders, directors or officers or the availability of these securities for future sale will have on the market price of our Common Stock.

If securities analysts do not publish research or reports about our business, or if they publish negative evaluations, the price of our Common Stock could decline.

The trading market for our Common Stock will rely in part on the availability of research and reports that third-party industry or financial analysts publish about us. There are many large, publicly traded companies active in the life sciences and medical technology industries, which may mean it will be less likely that we receive widespread analyst coverage. Furthermore, if one or more of the analysts who do cover us downgrades our stock, our stock price would likely decline. If one or more of these analysts cease coverage of us, we could lose visibility in the market, which in turn could cause our stock price to decline. Additionally, if securities analysts publish negative evaluations of competitors in the life sciences and medical technology industries, the comparative effect could cause our stock price to decline.

Our management will be required to devote substantial time to comply with public company regulations.

As a public company, we will incur significant legal, accounting and other expenses we did not incur as a private company. The Sarbanes-Oxley Act of 2002 (the “Sarbanes-Oxley Act”), the Dodd-Frank Wall Street Reform and Consumer Protection Act (the “Dodd-Frank Act”), as well as rules implemented by the SEC and Nasdaq, impose various requirements on public companies, including those related to corporate governance practices. Our management and other personnel will need to devote a substantial amount of time to these requirements. Moreover, these rules and regulations will increase our legal and financial compliance costs relative to those of we incurred as a private company, and will make some activities more time consuming and costly.

The Sarbanes-Oxley Act requires, among other things, that we maintain effective internal control over financial reporting and disclosure controls and procedures. In particular, we must perform system and process evaluation and testing of its internal control over financial reporting to allow management and our independent registered public accounting firm to report on the effectiveness of our internal control over financial reporting, as required by Section 404 of the Sarbanes-Oxley Act (“Section 404”). Our compliance with these requirements will require that we incur substantial accounting and related expenses and expend significant management efforts. We will likely need to hire additional accounting and financial staff to satisfy the ongoing requirements of Section 404. The costs of hiring such staff may be material and there can be no assurance that such staff will be immediately available to us. Moreover, if we are not able to comply with the requirements of Section 404, or if we or our independent registered public accounting firm identifies deficiencies in our internal control over financial reporting that are deemed to be material weaknesses, investors could lose confidence in the accuracy and completeness of our financial reports, the market price of our Common Stock could decline and we could be subject to sanctions or investigations by Nasdaq, the SEC or other regulatory authorities.

As a non-accelerated filer, we will not be required to comply with the auditor attestation requirements of the Sarbanes-Oxley Act.

We are not an “accelerated filer” or a “large accelerated filer” under the Exchange Act. Rule 12b-2 under the Exchange Act defines an “accelerated filer” to mean any company that first meets the following conditions at the end of each fiscal year: The company had a public float of $75 million or more, but less than $700 million, as of the last business day of the company’s most recently completed second fiscal quarter; the company has been subject to the reporting requirements of the Exchange Act for at least twelve calendar months; the company has filed at least one annual report under the Exchange Act; and the company is not eligible to use the requirements for a “smaller reporting company” under the revenue test in paragraph (2) or (3)(iii)(B), as applicable, of the “smaller reporting company” definition in Rule 12b-2 of the Exchange Act. Rule 12b-2 under the Exchange Act defines a “large accelerated filer” in the same way as an “accelerated filer” except that the company meeting the definition must have a public float of $700 million or more as of the last business day of the company’s most recently completed second fiscal quarter.

A non-accelerated filer is not required to file an auditor attestation report on internal control over financial reporting that is otherwise required under Section 404(b) of the Sarbanes-Oxley Act.

Therefore, our internal control over financial reporting will not receive the level of review provided by the process relating to the auditor attestation included in annual reports of issuers that are subject to the auditor attestation requirements. In addition, we cannot predict if investors will find our common stock less attractive because we are not required to comply with the auditor attestation requirements. If some investors find our common stock less attractive as a result, there may be a less active trading market for our common stock and the trading price for our common stock may be negatively affected.

If we fail to maintain an effective system of internal control over financial reporting, we may not be able to accurately report our financial results or prevent fraud. As a result, shareholders could lose confidence in our financial and other public reporting, which would harm our business and the trading price of our Common Stock.

Effective internal controls over financial reporting are necessary for us to provide reliable financial reports and, together with adequate disclosure controls and procedures, are designed to prevent fraud. Any failure to implement required new or improved controls, or difficulties encountered in their implementation could cause us to fail to meet our reporting obligations. In addition, any testing by us conducted in connection with Section 404 or any subsequent testing by our independent registered public accounting firm, may reveal deficiencies in our internal controls over financial reporting that are deemed to be material weaknesses or that may require prospective or retroactive changes to our financial statements or identify other areas for further attention or improvement. Inferior internal controls could also cause investors to lose confidence in our reported financial information, which could have a negative effect on the trading price of our Common Stock.

A “material weakness” is a deficiency, or a combination of deficiencies, in internal control over financial reporting, such that there is a reasonable possibility that a material misstatement of our annual or interim consolidated financial statements will not be prevented or detected on a timely basis. Prior to the Merger in August 2024, we were a private company with limited accounting personnel and other resources with which to address our internal controls and procedures. In preparing our consolidated financial statements for the ended December 31, 2025, we and our independent registered public accounting firm identified material weaknesses in our internal control over financial reporting as related to the (i) not having adequate Information Technology General Controls ("ITGC") or related Information Produced by Entity ("IPE") Controls, and (ii) lack of segregation of duties

To remediate our material weaknesses, we expect to incur substantially more additional costs for addressing our material weaknesses and deficiencies. Our remedial measures will include: (a) developing, maintaining and revising impacted ITGC and IPE controls as necessary, including reviewing the names and functions of each individual involved in the overall control environment to ensure there is proper segregation of duties and (b) development of policies and procedures that require approval of journal entries by the appropriate supervisor of, or an individual that is in an oversight role to, the individuals who prepare them and retain such documentation. We have commenced the implementation of several aforementioned remedial measures, which we expect to complete in 2026.

The implementation of any or all of these aforementioned measures, however, still may not fully address the material weaknesses in our internal control over financial reporting. Additionally, as most of our documentation will be prepared internally, we do not expect there to be significant material costs to implement our remedial measures. Our failure to correct the material weaknesses or our failure to discover and address any other material weaknesses or control deficiencies could result in inaccuracies and material misstatements in our financial statements, which could result in a restatement of our consolidated financial statements, cause us to fail to meet our reporting obligations, reduce our ability to obtain financing or cause investors to lose confidence in our reported financial information, leading to a decline in our stock price. Material weaknesses could also impair our ability to comply with applicable financial reporting requirements and related regulatory filings on a timely basis, reduce our ability to obtain financing or cause investors to lose confidence in our reported financial information, leading to a decline in our stock price, and significantly hinder our ability to prevent fraud.

As a recently listed public company, we may not be able to timely and effectively implement controls and procedures required by Section 404 that are applicable to us as public company.

The standards required for a public company under Section 404 of the Sarbanes-Oxley Act are significantly more stringent than those required of a privately held company. Management may not be able to effectively and timely implement controls and procedures that adequately respond to the increased regulatory compliance and reporting requirements that will be applicable to us as a public company. If management is not able to implement the additional requirements of Section 404 in a timely manner or with adequate compliance, it may not be able to assess whether its internal control over financial reporting is effective, which may subject us to adverse regulatory consequences and could harm investor confidence and cause the market price of our Common Stock to decline.

We may be required to take write-downs or write-offs, restructuring and impairment or other charges that could have a significant negative effect on its financial condition, results of operations and stock price, which could cause you to lose some or all of your investment.

Although WaveDancer and Private Firefly had conducted due diligence on each other prior to the consummation of the Merger, there can be no assurances that their diligence revealed all material issues that may be present in our business, that all material issues through a customary amount of due diligence will be uncovered, or that factors outside of our control will not later arise. As a result, we may be forced to later write-down or write-off assets, restructure operations, or incur impairment or other charges that could result in losses. Even if due diligence successfully identifies certain risks, unexpected risks may arise, and previously known risks may materialize in a manner not consistent with each company’s preliminary risk analysis. Even though these charges may be non-cash items and may not have an immediate impact on liquidity, the fact that we report charges of this nature could contribute to negative market perceptions about us or our securities. In addition, charges of this nature may make future financing difficult to obtain on favorable terms or at all.

Anti-takeover provisions under Delaware corporate law may make it difficult for our stockholders to replace or remove our Board, and could deter or delay third parties from acquiring us, which may be beneficial to our stockholders.

We are subject to the anti-takeover provisions of Delaware law, including Section 203 of the DGCL. Under these provisions, which became effective upon the closing of the Merger, if anyone becomes an “interested stockholder,” we may not enter into a “business combination” with that person for three (3) years without special approval, which could discourage a third party from making a takeover offer and could delay or prevent a change of control. For purposes of Section 203 of the DGCL, “interested stockholder” means, generally, someone owning fifteen percent (15%) or more of our outstanding voting stock during the past three (3) years, subject to certain exceptions as described in Section 203 of the DGCL.

We do not anticipate that we will pay any cash dividends in the foreseeable future.

The current expectation is that we will retain our future earnings, if any, to fund the development and growth of our business. As a result, capital appreciation, if any, of our Common Stock will be your sole source of gain, if any, for the foreseeable future.

Our management team will have broad discretion over the use of the net proceeds from the sales of our Common Stock to Konik via the ATM, if any, and investors may not agree with how we use the proceeds and the proceeds may not be invested successfully.

Our management team will have broad discretion with respect to the use of the net proceeds, if any, from sales of our Common Stock to Konik under the ATM. We may use these net proceeds for general corporate purposes and for other purposes that may not be contemplated at the time this offering is commenced. As a result, investors will be relying on the judgment of our management team regarding the application of the net proceeds, and investors will not have the opportunity, as part of their investment decision, to evaluate whether the net proceeds are being used in a manner that improves our results of operations or financial condition. Accordingly, investors will be relying on the judgment of our management team with regard to the use of those net proceeds, and investors will not have the opportunity, as part of their investment decision, to assess whether the proceeds are being used appropriately.

Pending the use of the net proceeds, we may invest the net proceeds in short-term, interest-bearing, investment-grade securities, bank deposits, money market funds, or other instruments, and such investments may not yield a favorable return, or any return, and may result in losses. The failure of our management team to allocate these funds effectively, or the failure of these investments to perform as expected, could have a material adverse effect on our business, financial condition, results of operations, cash flows, and the market price of our Common Stock.

Substantial future sales or issuances of the Common Stock or securities convertible into, or exercisable or exchangeable for, the Common Stock, or the perception in the public markets that these sales or issuances may occur, may depress our stock price. Also, future issuances of the Common Stock or rights to purchase Common Stock could result in additional dilution of the percentage ownership of our shareholders and could cause our stock price to fall.

The conversion or exercise of our outstanding convertible or exercisable securities and resale of the underlying Common Stock, and any other future issuances of the Common Stock or securities convertible into, or exercisable or exchangeable for, the Common Stock, would result in a decrease in the ownership percentage of existing shareholders, i.e., dilution, which may cause the market price of the Common Stock to decline. We cannot predict the effect, if any, of future issuances, conversions, or exercises of our securities, on the price of the Common Stock. In all events, future issuances of the Common Stock would result in the dilution of your holdings. In addition, the perception that new issuances of our securities are likely to occur, or the perception that holders of securities convertible or exercisable for Common Stock are likely to sell their securities, could adversely affect the market price of the Common Stock. The effect of such dilution may be magnified as to all shares that are not or may eventually not be subject to restrictions on resale as enumerated below.

We also expect that significant additional capital may be needed in the future to continue our planned operations, including expanding research and development, hiring new personnel, marketing our products, and continuing activities as an operating public company. To the extent we raise additional capital by issuing equity securities, our shareholders may experience substantial dilution. We may sell Common Stock, convertible securities or other equity securities in one or more transactions at prices and in a manner we determine from time to time. If we sell Common Stock, convertible securities, or other equity securities in more than one transaction, investors may be materially diluted by subsequent sales. Such sales may also result in material dilution to our existing shareholders, and new investors could gain rights superior to our existing shareholders.

ITEM 1B. UNRESOLVED STAFF COMMENTS. UNRESOLVED STAFF COMMENTS.

Not applicable.

ITEM 1C. CYBERSECURITY.

Risk Management and Strategy

The Company recognizes the critical importance of developing, implementing, and maintaining robust cybersecurity measures to safeguard our information systems and protect the confidentiality, integrity, and availability of our data. We have developed the following processes as part of our strategy for assessing, identifying, and managing material risks from cybersecurity threats.

Managing Material Risks and Integrated Overall Risk Management

We have integrated cybersecurity risk management into our risk management processes. This integration is intended to ensure that cybersecurity considerations are part of our decision-making processes. We continuously evaluate and address cybersecurity risks in alignment with our business objectives and operational needs.

Engaging Third Parties on Risk Management

We engage a range of external experts, including consultants, auditors, and cybersecurity assessors, who assist us in evaluating and testing our cybersecurity systems and processes. These partnerships are intended to give us access to specialized knowledge and insights that can inform our cybersecurity strategies and processes, including as to industry-standard control frameworks and applicable regulations, laws, and standards.

Overseeing Third-Party Risk

As part of our evolving cybersecurity roadmap, we plan to implement and conduct security assessments of all third-party service providers before engagement and maintain ongoing monitoring to ensure compliance with relevant cybersecurity standards.

Risks from Cybersecurity Threats

We have not experienced any material cybersecurity incidents. As a result, we do not believe that risks from cybersecurity threats, have materially affected us, our results of operations and financial condition. However, as discussed under “Risk Factors” in Part I, Item 1A of this Annual Report, cybersecurity threats pose multiple and potentially material risks to us, including potentially to our results of operations and financial condition. See also “Risk Factors — Failure to protect our information technology infrastructure against cyber-based attacks, network security breaches, service interruptions, or data corruption could significantly disrupt our operations and adversely affect our business strategy and operating results.” As cybersecurity threats become more frequent, sophisticated, and coordinated, it is reasonably likely that we may expend greater resources to continue to modify and enhance protective measures against such security risks

Governance

Board of Directors Oversight

Our board of directors oversees the management of risks associated with cybersecurity threats.

Management’s Role Managing Risk

The Company’s management is primarily responsible for assessing, monitoring and managing our cybersecurity risks. Management must ensure that all industry standard cybersecurity measures are functioning as required to prevent or detect cybersecurity threats and related risks. Management oversees and tests our compliance with standards, remediates known risks, and leads our employee training program.

Monitoring Cybersecurity Incidents

The Company’s management is continually informed about the latest developments in cybersecurity, including potential threats and innovative risk management techniques. Management implements and oversees processes for the regular monitoring of our information systems. This includes the deployment of industry-standard security measures and regular system audits to identify potential vulnerabilities. In the event of a cybersecurity incident, management will implement an incident response plan. This plan includes immediate actions to mitigate the impact and long-term strategies for remediation and prevention of future incidents.

47

---

Table of Contents

Reporting to Board of Directors

Significant cybersecurity matters, and strategic risk management decisions, will be escalated to the board of directors.