Risk Factors Dashboard
Once a year, publicly traded companies issue a comprehensive report of their business, called a 10-K. A component mandated in the 10-K is the ‘Risk Factors’ section, where companies disclose any major potential risks that they may face. This dashboard highlights all major changes and additions in new 10K reports, allowing investors to quickly identify new potential risks and opportunities.
View risk factors by ticker
Search filings by term
Risk Factors - BEN
-New additions in green
-Changes in blue
-Hover to see similar sentence in last filing
Item 1A. Risk Factors.
Our cybersecurity team is led by our Chief Security Officer (“CSO”) or the CSO’s delegee partnering with our risk, technology, legal, compliance, privacy, human resources, and other applicable business teams. Identification and Protection. Our cybersecurity program has established processes to identify and categorize cybersecurity threats and vulnerabilities as part of our risk identification process, pursuant to which we regularly seek to obtain, monitor, assess and respond to evolving threat and vulnerability information. Information about threats and vulnerabilities generally originates from multiple sources, including, but not limited to, government, information-sharing organizations, industry threat intelligence sources, and third parties. The identification of risks is supported through various security controls and testing to help minimize exposure to reported cybersecurity threats and vulnerabilities. These security controls include, but are not limited to, penetration testing, compromise assessments, vulnerability scanning, and various additional internal and external security audits and assessments. In addition, we maintain a third-party risk management program that includes an initial and periodic cybersecurity assessment on critical vendors’ security posture and controls. Education and Awareness . Our cybersecurity education and awareness program for employees and contractors covers a wide range of cyber topics including, but not limited to, policies and procedures, business/technology roles and responsibilities, threats and vulnerabilities, data privacy, confidentiality and asset protection. Our employees and contractors are required to complete mandatory initial onboarding and annual cybersecurity trainings, supplemented by other periodic cyber-related testing and training.
Our Board is responsible for the oversight of our cybersecurity risk management program. The Board has delegated to the Franklin Audit Committee oversight responsibility regarding cybersecurity risks.Our CSO reports directly to our Chief Risk and Transformation Officer, each of whom has extensive experience in information security and risk management. The Board and/or Audit Committee receive(s) a report on cybersecurity matters, including threats, events and program enhancements, at least annually. We are not aware of any cybersecurity threats or incidents that have materially impacted us during the fiscal year ended September 30, 2025, or that are reasonably likely to materially affect our business, including our business strategy, results of operations or financial condition. We routinely face risks of cybersecurity incidents, whether through attempted or actual: cyber-attacks or cyber intrusions, ransomware and other forms of malware, computer viruses, attachments to emails, individual or brand impersonation, phishing, extortion or other scams. Although we make efforts to maintain the security and integrity of our systems, these systems and the proprietary, confidential and personal information that resides on or is transmitted through them, are subject to the risk of a cybersecurity incident or disruption, and there can be no assurances regarding the effectiveness of our security efforts and measures or those of our third-party providers who have access to, transmit, or store such data. For additional information regarding our cybersecurity risks, see our risk factors under Item 1A in Part I of this Annual Report.
MARKET AND VOLATILITY RISKS
Volatility and disruption of our business and financial markets and adverse changes in the global economy may significantly affect our results of operations and put pressure on our financial results.
We derive substantially all of our operating revenues and income from providing investment management and related services to investors in jurisdictions worldwide through our investment products, which include our funds, as well as institutional and high-net-worth separate accounts, retail separately managed account programs, sub-advised products, and other investment vehicles. Related services include fund administration, sales and distribution, and shareholder servicing, which we may perform directly or outsource to third parties. Related services include fund administration, sales and distribution, and shareholder servicing. The investment management industry continues to experience disruption and challenges, including continued fee pressure, regulatory changes, an increasing and changing role of technology in investment management services, the continuous introduction of new products and services, and the consolidation of financial services firms through mergers and acquisitions. The asset management industry continues to experience disruption and challenges, including increased fee pressure, regulatory changes, an increasing and changing role of technology in asset management services, the continuous introduction of new products and services, and the consolidation of financial services firms through mergers and acquisitions. Further, financial markets have experienced and may continue, from time to time, to experience volatility and disruption worldwide. Further, financial markets have currently and in the past experienced and may continue, from time to time, to experience volatility and disruption worldwide. Declines in global economic markets have periodically resulted, and may continue to result, in significant decreases in our AUM, revenues and income, and future declines may further negatively impact our financial results. Such declines have had, and may in the future have, a material adverse impact on our business. We may need to modify our business, strategies or operations and we may be subject to additional constraints or costs in order to compete in a changing global economy and business environment.
Individual financial, equity, debt and commodity markets may be adversely affected by financial, economic, operational, political, electoral, diplomatic or other changes and/or instabilities that are particular to the country or region in which a market is located, including without limitation local acts of terrorism, economic crises, political protests, war, insurrection or other business, social or political crises.Individual financial, equity, debt and commodity markets may be adversely affected by financial, economic, political, electoral, diplomatic or other instabilities that are particular to the country or region in which a market is located, including without limitation local acts of terrorism, economic crises, political protests, war, insurrection or other business, social or political crises. For example, the Ukraine-Russia and Middle East wars and/or conflicts may continue to develop and/or expand globally and significantly impact the global economy and financial markets, which may have an adverse effect on our investment performance and flows in certain products. Global economic conditions, exacerbated by war, terrorism, social, civil or political unrest, natural disasters, public health crises, such as epidemics or pandemics, or financial crises, changes in the equity, debt or commodity marketplaces or market operations, changes in currency exchange rates, interest rates, inflation rates, the yield curve, defaults by trading counterparties, bond defaults, revaluation and bond market liquidity risks, geopolitical risks, the imposition of economic sanctions and other factors that are difficult to predict, affect the mix, market values and levels of our AUM. Global economic conditions, exacerbated by war, terrorism, social, civil or political unrest, natural disasters, public health crises, such as epidemics or pandemics, or financial crises, changes in the equity, debt or commodity marketplaces, changes in currency exchange rates, interest rates, inflation rates, the yield curve, defaults by trading counterparties, bond defaults, revaluation and bond market liquidity risks, geopolitical risks, the imposition of economic sanctions and other factors that are difficult to predict, affect the mix, market values and levels of our AUM. Changing market conditions could also cause an impairment to the value of our goodwill and other intangible assets.
The amount and mix of our AUM are subject to significant fluctuations, and a shift in our asset mix toward lower-fee products may negatively impact our revenues and income.
Fluctuations in the amount and mix of our AUM may be attributable in part to market conditions outside of our control that have had, and in the future could have, a negative impact on our revenues and income. The level of our revenues depends largely on the level and relative mix of AUM. Our investment management fee revenues are based primarily on a percentage of AUM and vary with the types and strategies of our products. Any decrease in the value or amount of our AUM because of market volatility or other factors, such as asset outflows or a decline in the price of securities, in particular market segments or in the securities market generally, negatively impacts our revenues and income. Any decrease in the value or amount of our AUM because of market volatility or other factors, such as asset outflows or a decline in the price of stocks, in particular market segments or in the securities market generally, negatively impacts our revenues and income. Changing market conditions and investor preferences may cause a shift in our asset mix toward certain lower fee products, such as fixed income products and ETFs, and away from higher fee equity and alternative products, which may cause a related decline in our revenues and income. In addition, increases in interest rates, particularly if rapid, as well as uncertainty in the future direction of interest rates, may have a negative impact on our fixed income products and decrease the total return on bond investments due to lower market valuations of existing bonds. Moreover, we generally derive higher investment management and distribution fees from our international products than from our U.S. products, and higher sales fees from our U.S. products than from our international products. Changing market conditions may cause a shift in our asset mix between international and U.S. products, which may result in a decline in our revenues and income.
Our funds may be subject to liquidity risks or an unanticipated large number of redemptions and fund closures.
Due to market volatility, reputational harm or other events or conditions described above, our funds may need to sell securities or instruments that they hold, possibly at a loss, or draw on any available lines of credit, to obtain cash to maintain sufficient liquidity or settle redemptions, or settle in-kind with securities held in the applicable fund.Due to market volatility or other events or conditions described above, our funds may need to sell securities or instruments that they hold, possibly at a loss, or draw on any available lines of credit, to obtain cash to maintain sufficient liquidity or settle these redemptions, or settle in-kind with securities held in the applicable fund. While we have no legal or contractual obligation to do so, we have in the past provided, and may in the future at our discretion
16
provide, financial support to our funds to enable them to maintain sufficient liquidity in any such event. Changes in investor preferences regarding our more popular products have in the past caused, and could in the future cause, sizable redemptions and lower the value of our AUM, which would result in lower revenue and operating results. Increased market volatility and changes in investor preferences also increase the risk of fund closures. Any decrease in the level of our AUM resulting from market declines, credit or interest rate volatility or uncertainty, increased redemptions or other factors could negatively impact our revenues and income.
INVESTMENT PERFORMANCE AND REPUTATIONAL RISKS
Poor investment performance of our products could reduce the level of our AUM or affect our sales, and negatively impact our revenues and income.
Our investment performance, along with achieving and maintaining superior distribution and client service, is critical to the success of our business. Strong investment performance often stimulates sales of our products. Poor investment performance, as has been and may be periodically experienced by certain of our products, as compared to third-party benchmarks or competitive products, has led, and could in the future lead, to a decrease in sales of our products and stimulate redemptions from existing products, generally lowering the overall level of AUM and reducing the management fees we earn. Poor investment performance, as currently experienced by certain of our products, as compared to third-party benchmarks or competitive products, has led, and could in the future lead, to a decrease in sales of our products and stimulate redemptions from existing products, generally lowering the overall level of AUM and reducing the management fees we earn. We can provide no assurance that past or present investment performance in our products will be indicative of future performance. If we fail, or appear to fail, to successfully and promptly address the underlying causes of poor investment performance, our future business prospects would likely be negatively affected.
Harm to our reputation may negatively impact our revenues and income.
Our reputation is critical to the success of our business. We believe that our brand names have been, and continue to be, well received both in our industry and with our clients, reflecting the fact that our brands, like our business, are based in part on trust and confidence. If our brands or reputation are harmed, existing clients may reduce amounts held in, or withdraw entirely from, our products and services, and/or our clients and products may terminate their management agreements with us, which could reduce the amount of our AUM and cause us to suffer a corresponding loss in our revenues and income. If our brands or reputation are harmed, existing clients may reduce amounts held in, or withdraw entirely from, our products, or our clients and products may terminate their management agreements with us, which could reduce the amount of our AUM and cause us to suffer a corresponding loss in our revenues and income. Such impacts could materially and adversely affect our profitability, lead to further business and operational disruptions, and expose us to additional costs and increased reputational damage and risk. In addition, reputational harm may prevent us from attracting new clients or developing new business, and any inability to meet applicable client, regulatory or other requirements may adversely impact our reputation and business. In addition, reputational harm may prevent us from attracting new clients or developing new business.
GLOBAL OPERATIONAL RISKS
Our business and operations are subject to adverse effects from the outbreak and spread of contagious diseases.
The outbreak and spread of contagious diseases have had, and may in the future have, adverse effects on our business, financial condition and results of operations. For example, the COVID-19 pandemic resulted in a widespread global public health crisis. The COVID-19 pandemic resulted in a widespread global public health crisis. Such infectious illness outbreaks or other adverse public health developments in countries where we operate, as well as local, state and/or national government restrictive measures implemented to control such outbreaks, could adversely affect the economies of many nations or the entire global economy, the financial condition of individual issuers or companies and capital markets, in ways that cannot necessarily be foreseen, and such impacts could be significant and long term. Such extraordinary events and their aftermaths can cause investor fear and panic, which can further adversely affect the operations and performance of companies, sectors, nations, regions and financial markets in general and in ways that cannot necessarily be foreseen. It is not possible to predict the full extent to which a pandemic may evolve and/or adversely impact our business, liquidity, capital resources, financial results and operations.
17
We may review and pursue strategic transactions that could pose risks to our business and global operations.
As part of our global business strategy, we regularly consider, and have discussions with respect to, potential strategic transactions, including acquisitions, dispositions, consolidations, joint ventures or similar transactions, some of which may be deemed material. There can be no assurance that we will find suitable candidates for strategic transactions at acceptable prices, have sufficient capital resources to accomplish our strategy, or be successful in entering into agreements for desired transactions. In addition, such transactions typically involve a number of risks and present financial, managerial and operational challenges. Acquisitions and related transactions pose the risk that any business we acquire may result in the loss of clients, customers or personnel or could underperform relative to expectations. We also may not realize the anticipated benefits of an acquisition, including with respect to revenue, tax benefits, financial benefits or returns, and expense and other synergies. We could also experience financial or other setbacks if transactions encounter unanticipated problems, including problems related to execution or integration. Entries into material transactions typically are announced publicly even though they may remain subject to numerous closing conditions, contingencies and approvals, and there is no assurance that any announced transaction will actually be consummated. Future transactions also may further increase our leverage or, if we issue equity securities to pay for acquisitions, dilute the holdings of our existing stockholders.
In addition, from time to time, we enter into joint ventures or take minority stakes in companies in which we typically do not have control. These investments may involve risks, including the risk that the controlling stakeholder or joint venture partner may have business interests, strategies or goals that are inconsistent with ours. The business decisions or other actions or omissions of the controlling stakeholder, joint venture partner or the entity itself may result in liability to us or harm to our reputation, or adversely affect the value of our investment in the entity.
Our business operations are complex and a failure to perform operational tasks properly or comply with applicable regulatory requirements could have an adverse effect on our revenues and income.
Through our subsidiaries, we provide investment management and related services to investors globally. Further, we outsource various administration, technology, transfer agency and other services for our funds to third-party providers who may serve as a sub-agent or delegate. In order to be competitive and comply with our agreements, we must properly manage our business and subsidiaries around the world, and effectively perform our fund and portfolio administration and related responsibilities, including portfolio record keeping and accounting, security pricing, corporate actions, investment restrictions compliance, daily net asset value computations, account reconciliations, and required distributions to fund shareholders. In order to be competitive and comply with our agreements, we must properly perform our fund and portfolio administration and related responsibilities, including portfolio recordkeeping and accounting, security pricing, corporate actions, investment restrictions compliance, daily net asset value computations, account reconciliations, and required distributions to fund shareholders. Many of our operations are complex and dependent on our ability, and the ability of our third-party providers, to process and monitor a large number of transactions effectively, which may occur across numerous markets and currencies at high volumes and frequencies. Although we expend considerable resources on internal controls, supervision, technology and training in an effort to ensure that such transactions do not violate applicable guidelines, rules and regulations or adversely affect our clients, counterparties or us, our operations are ultimately dependent on our personnel, as well as others involved in our business, such as third-party providers and other intermediaries, and subject to human error. Our personnel and others involved in our business may, from time to time, make mistakes that are not always immediately detected, which may disrupt our operations, cause losses, lead to regulatory fines or sanctions, litigation, or otherwise damage our reputation. In addition, any misrepresentation of our services and products in advertising materials, public relations information, social media or other external communications could also adversely affect our reputation and business prospects. Our investment management fees, which represent a majority of our revenues, are dependent on fees earned under investment management agreements that we have with our products and clients. Our revenues could be adversely affected if such agreements representing a significant portion of our AUM are terminated. Further, certain of our subsidiaries may act as general partner for various investment partnerships, which may subject them to liability for the partnerships’ liabilities. If we fail to perform and monitor our operations properly, our business could suffer and our revenues and income could be adversely affected.
Failure to establish adequate controls and risk management policies, or the circumvention of controls and policies, could have an adverse effect on our global operations, reputation and financial position.
Although we have adopted risk management, operational and financial controls and compliance policies, procedures and programs that are subject to regular review and update, we cannot ensure that these measures will enable us effectively to identify and manage internal and external risks including those related to fraudulent activity and dishonesty. We are subject to the risk that our personnel, contractors, vendors and other third parties may deliberately or recklessly circumvent or violate our controls to commit fraud against our business, products and/or client accounts, pay or solicit bribes, or otherwise act in ways inconsistent with our controls, policies, workplace culture and business principles. Continued
18
attempts to circumvent our policies and controls or repeated incidents involving violation of controls and policies, fraud or conflicts of interests could negatively impact our business and reputation and result in adverse publicity, regulatory investigations and actions, legal proceedings and losses and adversely affect our operations, reputation, AUM and financial results.
We face risks, and corresponding potential costs and expenses, associated with conducting operations and growing our business in numerous countries.
We sell our products and offer our strategies and investment management and related services in many different regulatory jurisdictions around the world, and intend to continue to expand our operations internationally. As we do so, we will continue to face challenges to the adequacy of our resources, procedures and controls to operate our business consistently and effectively. In order to remain competitive, we must be proactive and prepared to implement necessary resources when growth opportunities present themselves, whether as a result of a business acquisition or rapidly increasing business activities in particular markets or regions. Local regulatory environments may vary widely in terms of scope, adequacy and sophistication. Similarly, local distributors, and their policies and practices as well as financial viability, may vary widely and they may be inconsistent or less developed or mature than other more internationally focused distributors. Growth of our international operations has involved and may continue to involve near-term increases in expenses, as well as additional capital costs, such as information systems and technology costs, and costs related to compliance with particular regulatory or other local requirements or needs. Local requirements or needs also may place additional demands on sales and compliance personnel and resources, such as meeting local language requirements, while also integrating personnel into an organization with a single operating language. Finding, hiring and retaining additional, well-qualified personnel and crafting and adopting policies, procedures and controls to address local or regional requirements remain challenges as we expand our operations internationally.
Moreover, regulators in non-U.S. jurisdictions could also change their policies or laws in a manner that might restrict or otherwise impede our ability to distribute or authorize products or maintain their authorizations in their respective markets. Any of these local requirements, activities or needs could increase the costs and expenses we incur in a specific jurisdiction without any corresponding increase in revenues and income from operating in the jurisdiction. Certain laws and regulations both inside and outside the U.S. have extraterritorial application. This may lead to duplicative or conflicting legal or regulatory burdens and additional costs and risks.
Our focus on international markets as a source of investments and sales of our products subjects us to increased exchange rate and market-specific political, economic or other risks that may adversely impact our revenues and income generated overseas.
While we maintain a significant portion of our operations in the U.S., we also provide services and earn revenues in Asia-Pacific; Europe, Middle East and Africa; Latin America; and Canada. As a result, we are subject to foreign currency exchange risk through our non-U.S. operations. Fluctuations in the exchange rates to the U.S. dollar have affected, and will in the future affect, our financial results from one period to the next. While we have taken steps to reduce our exposure to foreign exchange risk, for example, by denominating a significant amount of our transactions in U.S. dollars, our situation may change in the future. Appreciation of the U.S. dollar could in the future moderate revenues from managing our products internationally, or could affect relative investment performance of certain of our products invested in non-U.S. securities. In addition, we have risk associated with the foreign exchange revaluation of U.S. dollar balances held by certain non-U.S. subsidiaries for which the local currency is the functional currency. Separately, management fees that we earn tend to be higher in connection with non-U.S. AUM than with U.S. AUM. Consequently, downturns in international markets have in the past had, and could in the future have, a significant effect on our revenues and income. Moreover, our emerging market portfolios and revenues derived from managing these portfolios are subject to significant risks of loss from financial, economic, political and diplomatic developments, currency fluctuations, social instability, changes in governmental policies, nationalization, asset confiscation and changes in legislation related to non-U.S. ownership. International trading markets, particularly in some emerging market countries, are often smaller, less liquid, less regulated and significantly more volatile than those in the U.S. Any ongoing and future business, economic, political or social unrest affecting these markets, in addition to any direct consequences such unrest may have on our personnel and facilities located in the affected area, also may have a lasting impact on the long-term investment climate in these and other areas and, as a result, our AUM and the corresponding revenues and income that we generate from them may be negatively affected.
19
COMPETITION AND DISTRIBUTION RISKS
Failure to properly address the increased transformative pressures affecting the investment management industry could negatively impact our business.
The investment management industry is facing transformative pressures and trends from a variety of different sources including increased fee pressure; a continued shift away from actively managed core equities and fixed income strategies towards alternative, passive and smart beta strategies; increased demands from clients and distributors for client engagement and services; a trend towards institutions developing fewer relationships and partners and reducing the number of investment managers they work with; increased regulatory activity and scrutiny of many aspects of the investment management industry, including transparency/unbundling of fees, inducements, conflicts of interest, capital, liquidity, solvency, leverage, operational risk management, controls and compensation; addressing the key emerging markets in the world, such as China and India, which often have populations with different needs, preferences and horizons than the U.S. and European markets; advances in technology and digital wealth and distribution tools and increasing client interest in interacting digitally with their investment portfolios; and growing digital asset markets that remain subject to substantial volatility and significant regulatory uncertainty. As a result of the trends and pressures discussed above, the investment management industry is facing an increased level of disruption. If we are unable to adapt our strategy and business to address adequately these trends and pressures, we may be unable to meet client needs satisfactorily, our competitive position may weaken, and our business results and operations may be adversely affected.
Strong competition from numerous and sometimes larger companies with competing offerings and products could limit or reduce sales of our products, potentially resulting in a decline in our market share, revenues and income.
We compete with numerous investment management companies, securities brokerage and investment banking firms, insurance companies, banks, hedge fund firms and other financial management institutions.We compete with numerous investment management companies, securities brokerage and investment banking firms, insurance companies, banks and other financial institutions. Our products also compete with products offered by these competitors, as well as with other financial products. Our products also compete with products offered by these competitors, as well as with real estate investment trusts, hedge funds and other products. The periodic establishment of new investment management companies and other competitors increases the competition that we face. At the same time, consolidation in the financial services industry has created stronger competitors with greater financial resources and broader distribution channels than our own. Competition is based on various factors, including, among others, business reputation, investment performance, product mix and offerings, business trends and strategic considerations, investor goals and preferences, service quality and innovation, distribution relationships, fees charged, and legal and product requirements and restrictions. Competition is based on various factors, including, among others, business reputation, investment performance, product mix and offerings, ESG strategies and considerations, service quality and innovation, distribution relationships, and fees charged. Further, although we may offer certain types of ETFs, to the extent that there is a trend among existing or potential clients in favor of lower-fee index and other ETFs, it may favor our competitors who may offer such products that are more established or on a larger scale than we do. Additionally, competing securities broker-dealers and banks, upon which we rely to distribute and sell certain of our funds and other products, also may sell their own proprietary funds and products, which could limit the distribution of our products. To the extent that existing or potential clients, including securities broker-dealers, decide to invest in or distribute the products of our competitors, the sales of our products as well as our market share, revenues and income could decline. Our ability to attract and retain AUM is also dependent on the relative investment performance of our products, offering a mix of products and strategies that meets investor demands, and our ability to maintain our investment management fees and pricing structure at competitive levels.
Increasing competition and other changes in the third-party distribution and sales channels on which we depend could reduce our revenues and income and hinder our growth.
We primarily derive our fund sales through third-party broker-dealers, banks, investment advisers and other financial intermediaries. Because we rely on third-party distribution and sales channels to sell our products, we do not control the ultimate investment recommendations given by them to clients. Such financial intermediaries may recommend competing products. Increasing competition for these distribution and sales channels, and regulatory changes and initiatives, have caused our distribution costs to rise and could cause further cost increases in the future, or could otherwise negatively impact the distribution of our products. Increasing competition for these distribution and sales channels, and regulatory changes and initiatives, have 20Table of Contentscaused our distribution costs to rise and could cause further cost increases in the future, or could otherwise negatively impact the distribution of our products. Consolidations in the broker-dealer or banking industries also could adversely impact our revenues and income. A failure to maintain our third-party distribution and sales channels, or a failure to maintain strong business relationships with our distributors and other intermediaries, may impair our distribution and sales operations. Any inability to access and successfully sell our products to clients through such third-party channels could have a negative effect on our level of AUM and adversely impact our business.
20
Moreover, we can provide no assurance that we will continue to have access to the third-party financial intermediaries that currently distribute our products, or that we will continue to have the opportunity to offer all or some of our existing products through them. If several of the major financial advisers that distribute our products were to cease operations or limit or otherwise end the distribution of our products, it could have a significant adverse impact on our revenues and income.
Further, the standards of conduct and disclosure and reporting requirements, with respect to fees, products, services and possible conflicts of interest, applicable to broker-dealers and other financial intermediaries in the U.S., remain subject to change and enhancement pursuant to business and regulatory developments and requirements, including with respect to investor suitability obligations, enhanced investor protections for retail customers, and increased compliance requirements.
In addition, Canada, the U.K., the Netherlands and the EU have adopted regimes that ban, or may limit, the payment of commissions and other inducements to intermediaries in relation to certain sales to retail customers in those jurisdictions, and similar regimes are under consideration in several other jurisdictions., the Netherlands and the EU, through MiFID II, have adopted regimes that ban, or may limit, the payment of commissions and other inducements to intermediaries in relation to certain sales to retail customers in those jurisdictions, and similar regimes are under consideration in several other jurisdictions. Depending on their exact terms, such regimes may result in existing flows of business moving to less profitable channels or even to competitors providing substitutable products outside the regime. Arrangements with non-independent advisers will also continue to be affected as narrower rules related to the requirement that commissions reflect an enhancement of the service to customers continue to come into effect, along with a prescriptive list of permissible non-monetary benefits. Arrangements with non-independent advisers will also be affected as narrower rules related to the requirement that commissions reflect an enhancement of the service to customers come into effect, along with a prescriptive list of permissible non-monetary benefits. The interpretation of the inducements rules has also resulted in major changes to how fund managers, including us, finance investment research with many firms.
THIRD-PARTY RISKS
Any failure of our third-party providers to fulfill their obligations, or our failure to maintain good relationships with our providers, could adversely impact our business.
We currently, and may in the future, depend on third-party providers to support various operational, administrative, technology, transfer agency, market data, distribution, and other business needs of our company.We currently, and may in the future, depend on a number of third-party providers to support various operational, administrative, technology, transfer agency, market data, distribution, and other business needs of our company. Further, we outsource various administration, technology, transfer agency and other services for our funds to third-party providers. In addition, we may, from time to time, transfer vendor contracts and services from one provider to another. If our third-party providers fail to deliver required services on a timely basis, or if we experience other negative service quality or relationship issues with our providers, we may be exposed to significant costs and/or operational difficulties, and our ability to conduct and grow our business may be impaired. Such administrative and functional changes are costly and complex, and may expose us to heightened operational risks. Any failure to mitigate such risks could result in reputational harm to us, as well as financial losses to us and our clients. The failure of any key provider or vendor to fulfill its obligations to us could result in outcomes inconsistent with our or our clients’ objectives and requirements, result in legal liability and regulatory issues for us, and otherwise adversely impact us.
We may be adversely affected if any of our third-party providers is subject to a successful cyber or security attack.
Due to our interconnectivity with and dependency upon third-party providers, including, for example, advisors, central agents, exchanges, clearing organizations, other financial institutions, and other service providers supporting our business and technology needs, we may be adversely affected if any of them is subject to a successful cyber attack or other privacy or information security event or disruption. Cybersecurity issues affecting third-party providers are a growing concern in the asset management industry. Many services that we use in our business are delivered from and supported, upgraded and maintained by, third-party providers. A breach, suspension or termination of these services or related support, upgrades and maintenance could cause system delays or interruption, and/or unauthorized access to confidential or private data, that could adversely impact our business, including financial losses to us and our clients, legal and regulatory issues, and reputational harm.
TECHNOLOGY AND SECURITY RISKS
Our ability to manage and grow our business successfully can be impeded by systems and other technological limitations.
Our continued success in effectively managing and growing our business depends on our ability to integrate our varied accounting, financial, information, and operational systems on a global basis. Moreover, adapting or developing the existing technology systems we use to meet our internal needs, as well as client needs, industry demands and new regulatory requirements, is also critical for our business. The introduction of new technologies presents new challenges to us. On an ongoing basis, we need to upgrade and improve our technology, including our technology platform, data
21
processing, financial, accounting, shareholder servicing and trading systems. For example, in July 2024, we selected a third-party technology solution to further support our investment management process and unify our investment management technology platform across asset classes to reduce complexity and support business growth, subject to a multi-year transition and implementation period. Further, we also must be proactive and prepared to implement new technology when growth opportunities present themselves, whether as a result of a business acquisition or rapidly increasing business activities in particular markets or regions. These needs could continue to present operational issues or require significant capital spending, and may require us to reevaluate the current value and/or expected useful lives of the technology we use or intend to use, which could negatively impact our results of operations. These needs could present operational issues or require significant capital spending, and may require us to reevaluate the current value and/or expected useful lives of the technology we use, which could negatively impact our results of operations. In addition, technology is subject to rapid advancements and changes and our competitors may, from time to time, implement newer technologies or more advanced platforms for their services and products, including investment management platforms, digital advisers, digital wealth and distribution tools, digital asset tools and other advanced electronic systems, which could adversely affect our business if we are unable to remain competitive. In addition, technology is subject to rapid advancements and changes and our competitors may, from time to time, implement newer technologies or more advanced platforms for their services and products, including digital advisers, digital wealth and distribution tools, crypto asset tools and other advanced electronic systems, which could adversely affect our business if we are unable to remain competitive.
Any significant limitation, failure or security breach of our information and cybersecurity infrastructure, software applications, technology or other systems, or those of our third-party providers, that are critical to our operations could disrupt our business and harm our operations, financial condition, and reputation.Any significant limitation, failure or security breach of our information and cyber security infrastructure, software applications, technology or other systems that are critical to our operations could disrupt our business and harm our operations and reputation.
We are highly dependent upon the use of various proprietary and third-party information and security technology, software applications, external third-party services and other technology systems, and remote equipment and connectivity infrastructure, to access critical business systems necessary to operate our business. We are also dependent on the continuity and effectiveness of our information and cybersecurity infrastructure, management oversight and reporting framework, policies, procedures and capabilities to protect our computer and telecommunications systems and the data that reside on or are transmitted through them and contracted third-party systems. We are also dependent on the continuity and effectiveness of our information and cyber security infrastructure, management oversight and reporting framework, policies, procedures and capabilities to protect our computer and telecommunications systems and the data that reside on or are transmitted through them and contracted third-party systems. We use technology and third-party providers on a daily basis in our business to, among other things, support our business continuity and operations, process and transmit confidential communications, store and maintain confidential and proprietary data including personal employee and/or client data, obtain securities pricing information, process client transactions, and provide reports and other services to our clients. In addition, developments in our use of process automation and artificial intelligence (“AI”) further heighten our dependency on technology, as such technology may be complex and unpredictable. Any disruptions, inaccuracies, mismanagement, delays, theft, systems failures, data security or privacy breaches, cybersecurity threats, incidents, attacks, individual or brand impersonations, or other cyber-related fraud, or other security breaches in these and other processes, could subject us to significant client dissatisfaction and financial losses and damage our reputation. We and our third-party providers have been, and we expect to continue to be, the subject of these types of risks, breaches and/or attacks. Ongoing advances in technology, including generative AI, as well as the malicious use of such technology, further heighten the risks to our business.
Although we take protective measures, including measures to secure and protect information through system security technology and our internal security procedures, as well as measures to assess third-party provider security posture and controls, we can provide no assurance that any of these measures will prove effective or comply with evolving information security standards, particularly given the evolving nature and sophistication of cyber and technology threats and attacks. The technology systems we use or rely on, including those provided and/or leveraged by third-party providers, remain vulnerable to denial of service attacks, unauthorized access, computer viruses, human error and other events and circumstances that may have a security impact, such as an external or internal hacker attack by one or more cyber criminals (including through the use of directive attacks involving impersonation, social engineering, phishing, malware, ransomware and other methods and activities maliciously designed to obtain and exploit confidential information and to cause system and service disruption and other damage), and to our personnel or vendors inadvertently or recklessly causing release of confidential information, which could materially harm our operations and reputation. The technology systems we use remain vulnerable to denial of service attacks, unauthorized access, computer viruses, potential human errors and other events and circumstances that may have a security impact, such as an external or internal hacker attack by one or more cyber criminals (including through the use of phishing attacks, malware, ransomware and other methods and activities maliciously designed to obtain and exploit confidential information and to cause system and service disruption and other damage) or our personnel or vendors inadvertently or recklessly causing us to release confidential information, which could materially harm our operations and reputation.
Moreover, while we take precautions to password protect and encrypt our laptops and sensitive information on our other mobile electronic devices, if such devices are stolen, misplaced or left unattended, they may become vulnerable to hacking or other unauthorized use, creating a possible security risk, which may require us to incur additional administrative costs and/or take remedial actions. Further, although we take precautions to password protect and encrypt our laptops and sensitive information on our mobile electronic devices, if such devices are stolen, misplaced or left unattended, they may become vulnerable to hacking or other 22Table of Contentsunauthorized use, creating a possible security risk, which may require us to incur additional administrative costs and/or take remedial actions. In addition, our or our third-party providers’ failure to manage and operate properly the data centers and third-party cloud storage and computing application services we use could have an adverse impact on our business. In addition, failure to manage and operate properly the data centers and third-party cloud storage and computing application services we use could have an adverse impact on our business.
System disruptions, failures or breaches of the technology we use or the security infrastructure we rely upon, including third-party applications and services, or our failure effectively and timely to identify, detect, manage, mitigate, disclose or communicate a cybersecurity incident, could result in: (i) material financial loss or costs, (ii) delays in clients’ ability to access account information or in our ability to process transactions, (iii) the unauthorized disclosure or
22
modification of sensitive or confidential client and business information, (iv) loss of valuable information, (v) breach of client and vendor contracts, (vi) liability for stolen assets, information or identity, (vii) remediation costs to repair damage caused by the failure or breach, (viii) additional security and organizational costs to mitigate against future incidents, (ix) reputational harm, (x) loss of confidence in our business and products, (xi) liability for failure to review and disclose applicable incidents or provide relevant updated disclosure properly and timely, (xii) regulatory investigations or actions, and/or (xiii) legal claims, litigation, and liability costs, any one or more of which may be material. Moreover, loss or unauthorized disclosure or transfer of confidential and proprietary data or confidential customer identification information could further harm our reputation and subject us to liability under laws that protect confidential data and personal information, resulting in increased costs or a decline in our revenues or common stock price.
Our inability to recover successfully, should we experience a disaster or other business continuity problem, could cause material financial loss, regulatory actions, legal liability, and/or reputational harm.
Should we experience a local or regional disaster or other business continuity problem, such as an earthquake, hurricane, tsunami, terrorist attack, public health crisis, pandemic or other natural or man-made disaster, our continued success will depend, in part, on the safety and availability of our personnel, our office facilities and infrastructure, and the proper functioning of our technology, computer, telecommunication and other systems and operations that are critical to our business. While our operational size, the diversity of locations from which we operate, and our various back-up systems provide us with an advantage, should we experience a local or regional disaster or other business continuity event, we could still experience operational challenges, in particular depending upon how such a local or regional event may affect our personnel across our operations or with regard to particular aspects of our operations, such as key executives or personnel in our technology groups. Moreover, as we grow our operations in new geographic regions, the potential for particular types of natural or man-made disasters, political, economic or infrastructure instabilities, information, technology or security limitations or breaches, or other country- or region-specific business continuity risks increases. Past disaster recovery efforts have demonstrated that even seemingly localized events may require broader disaster recovery efforts throughout our operations and, consequently, we regularly assess and take steps to improve upon our existing business continuity plans. However, a disaster on a significant scale or affecting certain of our key operating areas within or across regions, or our inability to recover successfully following a disaster or other business continuity problem, could adversely impact our business and operations, and could result in regulatory actions, legal liability and/or reputational harm. However, a disaster on a significant scale or affecting certain of our key operating areas within or across regions, or our inability to recover successfully following a disaster or other business continuity problem, could adversely impact our business and operations.
Developing regulatory treatment of AI, and failure to adequately address AI-related challenges, creates a risk of reputational harm and an impediment to growth.
Artificial Intelligence (AI) is used in many areas of our business and we plan to further incorporate AI into additional areas. The use of AI offers efficiencies, but also introduces significant challenges related to data security, privacy, intellectual property, regulatory compliance, accuracy and bias concerns, and reputational harm, among others. For example, AI technologies, including generative AI, may create content that appears correct but is factually inaccurate or flawed. AI technologies evolve at a rapid pace and their usage requires integration with other technology applications, data platforms and business processes. Globally, courts and regulatory agencies are developing approaches to dealing with AI-related issues, which creates uncertainty around the use of the technology. Use of AI technologies requires ongoing operational controls and procedures, and the development and implementation of appropriate protections and safeguards. Failure to successfully integrate AI technologies, respond to client or market demands, identify or address applicable legal or regulatory issues or effectively manage related risks could result in legal and regulatory liabilities and harm our reputation and growth.
HUMAN CAPITAL RISKS
We depend on key personnel and our financial performance could be negatively affected by the loss of their services.
The success of our business will continue to depend upon our key personnel, including our portfolio managers, investment analysts, sales and management personnel and other professionals as well as our executive officers and business unit heads. Competition for qualified, motivated, and highly skilled executives, professionals and other key personnel in the investment management industry remains significant. Competition for qualified, motivated, and highly-skilled executives, professionals and other key personnel in the investment management industry remains significant. Our success depends to a substantial degree upon our ability to find, attract, retain and motivate qualified individuals, including through competitive compensation packages, and upon the continued contributions of these people. Global and/or local laws and regulations could impose restrictions on compensation paid by financial institutions, which could restrict our ability to compete effectively for qualified professionals. As our business develops, we may need to increase the number of individuals that we employ. Moreover, in order to retain certain key personnel, we may be required to increase compensation to such individuals and increase our key
23
management succession planning, resulting in additional expense without a corresponding increase in potential revenues. There is no assurance that we will be successful in finding, attracting and retaining qualified individuals, and the departure of key investment personnel, in particular, could cause us to lose clients, which could have a material adverse effect on our financial condition, results of operations and business prospects. In addition, due to the global nature of our business, our key personnel may, from time to time, have reasons to travel to regions susceptible to higher risk of civil unrest, organized crime or terrorism, and we may be unable to ensure the safety of our personnel traveling to such regions.
CASH MANAGEMENT RISKS
Our ability to meet cash needs depends upon certain factors, including the market value of our assets, our operating cash flows and our perceived creditworthiness.
If we are unable to obtain cash, financing or access to the capital markets in a timely manner, we may be forced to incur unanticipated costs or revise our business plans, and our business could be adversely impacted. Further, our access to the capital markets depends significantly on our credit ratings. A reduction in our long- or short-term credit ratings could increase our borrowing costs and limit our access to the capital markets. Volatility in the global financing markets also may impact our ability to access the capital markets should we seek to do so, and may have an adverse effect on investors’ willingness to purchase our securities, interest rates, credit spreads and/or the valuation levels of equity markets.
We are dependent on the earnings of our subsidiaries.
Substantially all of our operations are conducted through our subsidiaries. As a result, our cash flow and our ability to fund operations are dependent upon the earnings of our subsidiaries and the distribution of earnings, loans or other payments by our subsidiaries. Our subsidiaries are separate and distinct legal entities and have no obligation to fund our payment obligations, whether by dividends, distributions, loans or other payments. Any payments to us by our subsidiaries could be subject to statutory or contractual restrictions and are contingent upon our subsidiaries’ earnings and business considerations. Certain of our subsidiaries are subject to regulatory restrictions that may limit their ability to transfer assets to their parent companies. Our financial condition could be adversely affected if certain of our subsidiaries are unable to distribute assets to us.
LEGAL AND REGULATORY RISKS
For a more extensive discussion of certain laws, regulations (including certain pending regulatory reforms) and regulators to which we are subject, as well as certain defined terms referenced below, see “Regulation” under Item 1, Business, in Part I of this Annual Report.
We are subject to extensive, complex, overlapping and frequently changing rules, regulations, policies, and legal interpretations.
There is uncertainty associated with the regulatory and compliance environments in which we operate. Our business is subject to extensive and complex, overlapping and/or conflicting, and frequently changing and increasing rules, regulations, policies and legal interpretations, around the world. Political and electoral changes, developments and conflicts have in the past introduced, and may in the future introduce, additional uncertainty. Our regulatory and compliance obligations impose significant operational and cost burdens on us and cover a broad range of requirements related to financial reporting and other disclosure matters, securities and other financial instruments, investment and advisory matters, accounting, tax, compensation, ethics, intellectual property, privacy and data protection, sanctions programs, and escheatment requirements. We may be adversely affected by a failure to comply with applicable laws, regulations and changes in the countries in which we operate.
We may be adversely affected as a result of new or revised legislation or regulations or by changes in the interpretation of existing laws and regulations, in the U.S. and other jurisdictions.
The laws and regulations applicable to our business generally involve restrictions and requirements in connection with a variety of technical, specialized, and expanding matters and concerns. Over the years, the U.S. federal corporate governance and securities laws, and laws in other jurisdictions, have been augmented substantially and made significantly more complex by various legislation. As we continue to address our legal and regulatory requirements or focus on meeting new or expanded requirements, we may need to continue to expend a substantial amount of additional time, costs and resources. Regulatory reforms may add further complexity to our business and operations and could require us to alter our investment management services and related activities, which could be costly, impede our growth and adversely impact our
24
AUM, revenues and income. Regulatory reforms also may impact our clients, which could cause them to change their investment strategies or allocations in a manner adverse to our business. Certain key regulatory reforms and proposals in the U.S. and other jurisdictions that may impact or relate to our business, and may cause us to incur additional obligations, include regulatory matters related to antitrust rules and disclosure, cybersecurity disclosure, sustainability, privacy and data protection, SIFIs, financial products, fiduciary and fund-related reforms, digital assets, tax compliance, and other investment management disclosure and compliance requirements. The impacts of these and other regulatory reforms on us, now and in the future, could be significant. We expect that the regulatory requirements and developments applicable to us will cause us to continue to incur additional compliance and administrative burdens and costs. Any inability to meet applicable requirements within the required timeframes may subject us to sanctions or other restrictions by governments and/or regulators that could adversely impact our broader business objectives.
Global regulatory and legislative actions and reforms have made compliance in the regulatory environment in which we operate more costly and future actions and reforms could adversely impact our financial condition and results of operations.
As in the U.S., regulatory and legislative actions outside the U.S. have been, and continue to be, augmented substantially and made more complex. Further, ongoing changes in the EU’s regulatory framework applicable to our business, including any new changes in the composition of the EU’s member states, may add further complexity to our global risks and operations. Moreover, the adoption of new laws, regulations or standards and changes in the interpretation or enforcement of existing laws, regulations or standards have directly affected, and will continue to affect, our business. With new laws and changes in interpretation of existing requirements, the associated time we must dedicate to and related costs we must incur in meeting the regulatory complexities of our business have increased. We may be required to continue to invest significant additional management time and resources to address new and changing regulations and laws. Outlays associated with meeting regulatory complexities have also increased as we expand our business into new jurisdictions.
The EU’s GDPR strengthened and unified data protection rules for individuals within the EU and addresses export of personal data outside the EU. The failure to comply properly with GDPR rules on a timely basis and to maintain ongoing compliance with such rules may subject us to enforcement proceedings and significant fines and costs. For example, a failure to comply with GDPR could result in fines up to 4% of our annual global revenues.
Compliance activities to address these and other new legal requirements have required, and will continue to require, us to expend additional time and resources, and, consequently, we are incurring increased costs of doing business, which may negatively impact our profitability and future financial results. Finally, any further regulatory and legislative actions and reforms affecting the investment management industry, including compliance initiatives, may negatively impact revenues by increasing our costs of accessing or operating in financial markets or by making certain investment offerings less favorable to our clients.
Failure to comply with the laws, rules or regulations in any of the jurisdictions in which we operate could result in substantial harm to our reputation and results of operations.
As with all investment management companies, our activities are highly regulated in almost all countries in which we conduct business. Failure to comply with the applicable laws, rules, regulations, codes, directives, notices or guidelines in any of our jurisdictions could result in regulatory enforcement, civil liability, criminal liability and/or the imposition of a range of sanctions or orders against us, including, as applicable, monetary damages, injunctions, disgorgements, fines, penalties, cease and desist orders, censures, reprimands, and the revocation, cancellation, suspension or restriction of licenses, registration status or approvals held by us or our business in a jurisdiction or market, any of which could adversely affect our reputation and operations. Moreover, any errors, whether financial or otherwise, if material, could damage our reputation and adversely affect our business. Moreover, any potential accounting or reporting errors, whether financial or otherwise, if material, could damage our reputation and adversely affect our business. While management has focused attention and resources on our compliance policies, procedures and practices, the regulatory environments of the jurisdictions where we conduct our business, or where our products are organized or sold, are complex, uncertain and subject to change. Local regulatory environments may vary widely and place additional demands on our sales, investment, legal and compliance personnel. In recent years, the regulatory environments in which we operate have seen significant increased and evolving regulations, which have imposed and may continue to impose additional compliance and operational requirements and costs on us in the applicable jurisdictions. Regulators could also change their policies or laws in a manner that might restrict or otherwise impede our ability to offer our services and products in their respective markets, or we may be unable to keep up with, or adapt to, the ever changing, complex regulatory requirements in such jurisdictions or markets, which could further negatively impact our business.
25
Changes in tax laws or exposure to additional income tax liabilities could have a material impact on our financial condition, revenues and income.
We are subject to complex tax regimes, changing tax laws, income taxes, non-income-based taxes, and ongoing tax audits, in the various jurisdictions in which we operate. Tax authorities may disagree with certain positions we have taken and assess additional taxes. We regularly assess the likely outcomes of these audits in order to determine the appropriateness of our tax provision. However, there can be no assurance that we will accurately predict the outcomes of these audits and the actual outcomes could have a material impact on our financial condition. Changes in tax laws or rulings, including corporate tax rate increases, capital gains rate increases for fund investors and other tax rate increases impacting our clients and their willingness to invest in our products, may at times materially impact our revenues and income.
Regulatory and governmental examinations and/or investigations, litigation and the legal risks associated with our business, could adversely impact our AUM, increase costs and negatively impact our profitability and/or our future financial results.25Table of ContentsRegulatory and governmental examinations and/or investigations, litigation and the legal risks associated with our business, could adversely impact our AUM, increase costs and negatively impact our profitability and/or our future financial results.
We operate in a highly regulated industry and have received and routinely receive and respond to regulatory and governmental requests for documents or other information, subpoenas, examinations and, in some instances, investigations in connection with our business activities.We operate in a highly regulated industry and routinely receive and respond to regulatory and governmental requests for documents or other information, subpoenas, examinations and, in some instances, investigations in connection with our business activities. For example, as noted in the “Legal Proceedings” section in Note 15 - Commitments and Contingencies, our subsidiary, Western Asset Management Company (“WAM”) remains the subject of parallel investigations by the SEC and the DOJ. Further, regulatory or governmental examinations or investigations that have been inactive could become active. In addition, we are named as a party in litigation in the ordinary course of business. Claims made against us, including those without merit, have resulted and may continue to result in reputational harm and responding to such matters is an expensive process. Risks associated with legal liability often are difficult to assess or quantify and their existence and magnitude can remain unknown for significant periods of time. Regulatory enforcement and civil litigation matters can result in the imposition of a range of sanctions or orders against us, including, as applicable, monetary damages, injunctions, disgorgements, fines, penalties, cease and desist orders, censures, reprimands, and the revocation, cancellations, suspension or restriction of licenses, registration status or approvals held by us or our business. In addition, we may be obligated, and under our certificate of incorporation, bylaws and form of director indemnification agreement are obligated under certain conditions, or may choose, to indemnify directors, officers or personnel against liabilities and expenses they may incur in connection with such matters to the extent permitted under applicable law. Financial exposures, including AUM outflows, from and expenses incurred relating to any examinations, investigations, enforcement actions, litigation, and/or settlements have and may continue to adversely impact our AUM, increase costs, and negatively impact our reputation, profitability, and revenue any of which could have a material negative impact on our financial results. Eventual financial exposures from and expenses incurred relating to any examinations, investigations, enforcement actions, litigation, and/or settlements could adversely impact our AUM, increase costs, and negatively impact our reputation, profitability, and revenue any of which could have a material negative impact on our financial results. For a discussion of certain legal proceedings and regulatory matters in which we are involved, see “Legal Proceedings” in Note 15 - Commitments and Contingencies in the notes to consolidated financial statements in Item 8 of Part II of this Annual Report. For a discussion of certain legal proceedings and regulatory matters in which we are involved, see the “Legal Proceedings” section in Note 15 - Commitments and Contingencies in the notes to consolidated financial statements in Item 8 of Part II of this Annual Report.
Our contractual obligations may subject us to indemnification costs and liability to third parties.
In the ordinary course of business, we enter into contracts with third parties, including, without limitation, clients, vendors, and other service providers, that contain a variety of representations and warranties and that provide for indemnifications by us in certain circumstances. Pursuant to such contractual arrangements, we may be subject to indemnification costs and liability to third parties if, for example, we breach any material obligations under the agreements or agreed standards of care, or in the event such third parties have certain legal claims asserted against them. The terms of these indemnities vary from contract to contract, and future indemnification claims against us could negatively impact our financial condition.
Failure to protect our intellectual property may negatively impact our business.
Although we take steps to safeguard and protect our intellectual property, including but not limited to our trademarks, patents, copyrights and trade secrets, there can be no assurance that we will be able to effectively protect our rights. If our intellectual property rights were violated, we could be subject to economic and reputational harm that could negatively impact our business and competitiveness in the marketplace. Conversely, while we take efforts to avoid infringement of the intellectual property of third parties, if we are deemed to infringe on a third party’s intellectual property rights it could expose us to litigation risks, license fees, liability and reputational harm.
26
Item 1B. Unresolved Staff Comments.
None.
Item 1C. Cybersecurity.
Risk Management and Strategy
We recognize the importance of assessing, identifying and managing material risks from cybersecurity threats. Our cybersecurity program focuses on (i) identification of and protection from cybersecurity risks, (ii) detection and analysis of cybersecurity events, (iii) response to and recovery from cybersecurity incidents, and (iv) education and awareness. Under our program, designated personnel are responsible for:
•assessing the severity of a cybersecurity incident and associated threat;
•containing the threat;
•remediating the threat, including recovery of data and access to systems;
•analyzing the reporting obligations associated with the incident; and
•performing post-incident analysis and program improvements.
Detection and Analysis. Cybersecurity incidents may be detected through a variety of means, which include, but are not limited to, automated event-detection notifications or similar technologies that are monitored by our security operations team, as well as notifications from employees or third-party providers. Once a cybersecurity incident is identified, including third-party cybersecurity events, our incident response team investigates the incident, determines the nature of the event and assesses the severity of the event, including any operational impact and sensitivity of any compromised data.
Response and Recovery. In the event of a cybersecurity incident, our initial focus is to contain the cybersecurity incident as quickly as possible consistent with our incident response plan. Once a cybersecurity incident is contained, we focus on remediation and recovery activities, which depend on the nature of the cybersecurity incident. We have relationships with third-party providers to assist with cybersecurity containment and remediation efforts, including for example, forensic investigations and incident response management. If a cybersecurity incident materially impacts us, or is expected to materially impact us, we promptly notify senior management, the Franklin Board of Directors (“Board”) and/or Franklin Audit Committee, as appropriate based on the severity of the incident. Our response plan also addresses engagement with appropriate individuals and committees with respect to disclosure determinations related to cybersecurity incidents. We review and, if necessary, update our cyber security incident response plan at least annually.
27
Governance
28
Recently Filed
Click on a ticker to see risk factors
| Ticker * | File Date |
|---|---|
| RMR | 8 hours ago |
| FC | 8 hours ago |
| TDG | 8 hours ago |
| PCYO | 8 hours ago |
| ROK | 10 hours ago |
| EVOH | 13 hours ago |
| CMTL | 2 days, 7 hours ago |
| TEL | 2 days, 8 hours ago |
| EMR | 2 days, 8 hours ago |
| BEN | 2 days, 10 hours ago |
| TSN | 2 days, 16 hours ago |
| SKLZ | 6 days, 7 hours ago |
| KRUS | 6 days, 7 hours ago |
| V | 6 days, 8 hours ago |
| DEVS | 1 week ago |
| QCOM | 1 week ago |
| CHSCP | 1 week ago |
| TRXA | 1 week, 5 days ago |
| AAPL | 1 week, 5 days ago |
| PSMT | 1 week, 6 days ago |
| RFL | 2 weeks ago |
| ODYY | 2 weeks ago |
| CLEV | 2 weeks ago |
| SSGC | 2 weeks ago |
| PURE | 2 weeks ago |
| HMMR | 2 weeks ago |
| UNF | 2 weeks ago |
| RYES | 2 weeks ago |
| GBX | 2 weeks, 1 day ago |
| ZDGE | 2 weeks, 1 day ago |
| SMPL | 2 weeks, 1 day ago |
| KMFG | 2 weeks, 1 day ago |
| AZO | 2 weeks, 2 days ago |
| AYI | 2 weeks, 2 days ago |
| WDFC | 2 weeks, 2 days ago |
| VGES | 2 weeks, 5 days ago |
| VRDR | 2 weeks, 6 days ago |
| LNN | 2 weeks, 6 days ago |
| MSM | 2 weeks, 6 days ago |
| IIIN | 2 weeks, 6 days ago |
| MAYS | 2 weeks, 6 days ago |
| WGO | 3 weeks ago |
| FDS | 3 weeks ago |
| PENG | 3 weeks, 1 day ago |
| LEEN | 3 weeks, 1 day ago |
| ENFY | 3 weeks, 1 day ago |
| DHAI | 3 weeks, 2 days ago |
| LMMY | 3 weeks, 5 days ago |
| JBL | 3 weeks, 5 days ago |
| CMC | 3 weeks, 6 days ago |
