$CXM Risk Factor changes from 00/04/03/23/2023 to 00/03/28/24/2024

Item 1A. Risk Factors.

You should consider and read carefully all of the risks and uncertainties described below, together with all of the other information contained in this Form 10-K, including the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and our consolidated financial statements and the related notes. The occurrence of any of the following risks or additional risks and uncertainties not presently known to us or that we currently believe to be immaterial could materially and adversely affect our business, financial condition or results of operations. In such case, the trading price of our Class A common stock could decline and stockholders may lose all or part of their investment.Summary of Selected Risk Factors Associated with Our BusinessThe following is only a summary of the principal risks associated with an investment in our Class A common stock. Material risks that may adversely affect our business, financial condition or results of operations include, but are not limited to, the following:•Our recent rapid growth may not be indicative of our future growth. Our rapid growth also makes it difficult to evaluate our future prospects and may increase the risk that we will not be successful.•We have incurred significant net losses in recent years, we may incur losses in the future and we may not be able to generate sufficient revenue to achieve and maintain profitability.•If we fail to effectively manage our growth and organizational change, our business and results of operations could be harmed.•Our actual operating results may differ significantly from any guidance provided. As a result, we may fail to meet or exceed the expectations of investors or securities analysts, which could cause our stock price to decline.•Our business depends on our customers renewing their subscriptions and on us expanding our sales to existing customers. Any decline in our customer renewals or expansion would harm our business, results of operations and financial condition.•We use artificial intelligence in our products, which may result in operational challenges, legal liability, reputational concerns and competitive risks.•Our business and growth depend in part on the success of our strategic relationships with third parties, as well as on the continued availability and quality of feedback data from third parties over whom we do not have control.•Any failure to obtain, maintain, protect, defend or enforce our intellectual property rights could impair our ability to protect our proprietary technology and our brand and adversely affect our business, financial condition and results of operations.•We are subject to stringent and changing obligations related to data privacy and security.•Our stock price may be volatile, and the value of our Class A common stock may decline. Our rapid growth also makes it difficult to evaluate our future prospects and may increase the risk that we will not be successful.Our revenue was $732. You should not rely on the revenue growth of any prior quarterly or annual period as an indication of our future performance. Even if our revenue continues to increase, our revenue growth rate may decline in the future as a result of a variety of factors, including the maturation of our business. If the assumptions that we use to plan our business are incorrect or change in reaction to changes in the markets in which we operate, or if we are unable to maintain consistent revenue or revenue growth, our stock price could be volatile, and it may be difficult to achieve and maintain profitability. You should not rely on our revenue for any prior quarterly or annual periods as an indication of our future revenue or revenue growth.We have incurred significant net losses in recent years, we may incur losses in the future and we may not be able to generate sufficient revenue to achieve and maintain profitability. We had an accumulated deficit of $474.6 million as of January 31, 2024 and 2023, respectively. We expect that our costs will increase over time and our losses may continue, as we expect to invest significant additional funds in our business and incur costs relating to operating as a public company. To date, we have financed our operations principally through subscription payments by customers for use of our Unified-CXM platform and equity and debt financings.These investments may be more costly than we expect and may not result in increased revenue or growth in our business. Any failure to increase our revenue sufficiently to keep pace with our investments and other expenses could prevent us from achieving and maintaining profitability or positive cash flow on a consistent basis. If we are unable to successfully address these risks and challenges as we encounter them, our business, results of operations and financial condition would be adversely affected. In the event that we fail to achieve or maintain profitability, the value of our Class A common stock could decline.If we fail to effectively manage our growth and organizational change, our business and results of operations could be harmed. In addition, we operate globally and sell subscriptions in more than 80 countries. We plan to continue to expand our international operations into other countries in the future, which will place additional demands on our resources and operations. We also have experienced significant growth in the number of enterprises, end users, transactions and amount of data that our Unified-CXM platform and our associated hosting infrastructure support. In order to grow our business, we must continue to attract new customers in a cost-effective manner and enable such customers to realize the benefits associated with our Unified-CXM platform. We may not be able to attract new customers to our Unified-CXM platform for a variety of reasons, including as a result of their use of traditional approaches to customer experience management, their 18internal timing or budget or the pricing of our Unified-CXM platform compared to products and services offered by our competitors. After a customer makes a purchasing decision, we often must also help them successfully implement our Unified-CXM platform in their organization, a process that can last several months.S. federal, state, and local, as well as foreign, governmental agency customers. Growing our business by increasing the number of governmental agency customers we service would subject us to a number of challenges and risks. Selling to such agencies can be highly competitive and time-consuming, often requiring significant upfront time and expenses without any assurance that these efforts will generate a sale. We may not satisfy certain government contracting requirements necessary to attain certification to sell our Unified-CXM platform to certain governmental agency customers. Such government contracting requirements may change and in doing so restrict our ability to sell into the government sector until we have attained the revised certification. Government demand and payment for our products are affected by public sector budgetary cycles and funding authorizations, with funding reductions or delays adversely affecting public sector demand for our products and services. Finally, sales of our Unified-CXM platform to governmental agency customers that are engaged in certain sensitive industries, including organizations whose products or activities are perceived to be harmful, could result in public criticism and reputational risks, which could engender dissatisfaction among potential customers, investors and employees with how we address political and social concerns in our business activities. If we are unable to grow our business by increasing the number of governmental agency customers we service, or if we fail to overcome the challenges and risks associated with selling to such entities, our business, results of operations and financial condition may be adversely affected.Risks Related to Our Business and IndustryOur actual operating results may differ significantly from any guidance provided.Our guidance, including forward-looking statements, is prepared by management and is qualified by, and subject to, a number of assumptions and estimates that, while presented with numerical specificity, are inherently subject to significant business, economic and competitive uncertainties and contingencies. Many of these uncertainties and contingencies are beyond our control and are based upon specific assumptions with respect to future business decisions, some of which will change. We generally state possible outcomes as high and low ranges, which are intended to provide a sensitivity analysis as variables are changed but are not intended to represent that actual results could not fall outside of the suggested ranges.Guidance is necessarily speculative in nature, and it can be expected that some or all of the assumptions of the guidance furnished by us will not materialize or will vary significantly from actual results. In particular, guidance offered in periods of extreme uncertainty, such as the uncertainty caused by macroeconomic conditions, is inherently more speculative in nature than guidance offered in periods of relative stability. Accordingly, any guidance with respect to our projected financial performance is necessarily only an estimate of what management believes is realizable as of the date the guidance is given. Actual results will vary from the guidance and the variations may be material. Investors should also recognize that the reliability of any forecasted financial data will diminish the farther in the future that the data is forecasted.Actual operating results may be different from our guidance, and such differences may be adverse and material. In light of the foregoing, investors are urged to put the guidance in context and not to place undue reliance on it. If our actual results of operations fall below the expectations of investors or securities analysts, the price of our Class A common stock could decline substantially. As a result, we may fail to meet or exceed the expectations of investors or securities analysts, which could cause our stock price to decline. As a result, period-to-period comparisons of our results of operations may not be meaningful, and the results of any one period should not be relied upon as an indication of future performance. Our results of operations may fluctuate as a result of a variety of factors, many of which are outside of our control, and, as a result, may not fully reflect the underlying performance of our business. Fluctuation in results of operations may negatively impact the value of our Class A common stock. This variability and unpredictability also could result in our failing to meet the expectations of industry or financial analysts or investors for any period. If our revenue or results of operations fall below the expectations of analysts or investors or below any guidance we may provide, or if the guidance we provide is below the expectations of analysts or investors, the price of our Class A common stock could decline substantially. Such a stock price decline could occur even if we have met any previously publicly stated guidance we may provide. As such, the market acceptance of our Unified-CXM platform is critical to our success. Demand for our Unified-CXM platform is affected by a number of factors, many of which are beyond our control, including the extension of our Unified-CXM platform for new use cases, the timing of development and release of new products, features and functionality introduced by us or our competitors, technological change and the growth or contraction of the market in which we compete. We believe that enterprises increasingly are looking for flexible solutions that bridge across traditionally separate systems for experience management, marketing automation and customer relationship management. If we are unable to meet this demand to manage customer experiences through flexible solutions designed to address a broad range of needs, or if we otherwise fail to achieve more widespread market acceptance of our Unified-CXM platform, our business, results of operations, financial condition and growth prospects may be adversely affected.We believe that our success and growth will depend to a substantial extent on the widespread acceptance and adoption of Unified-CXM solutions in general, and of our Unified-CXM platform in particular. The market for Unified-CXM solutions is new and rapidly evolving, and if this market fails to grow or grows more slowly than we currently anticipate, demand for our Unified-CXM platform could be adversely affected. The Customer Experience Management (“CXM”) market also is subject to rapidly changing user demand and trends. As a result, it is difficult to predict enterprise adoption rates and demand for our Unified-CXM platform, the future growth rate and size of our market or the impact of competitive solutions. If Unified-CXM solutions do not continue to achieve market acceptance, or if there is a reduction in demand for Unified-CXM solutions for any reason, including a lack of category or use case awareness, technological challenges, weakening economic conditions, data security or privacy concerns, competing technologies and products or decreases in information technology spending, our business, results of operations and financial condition may be adversely affected.The market for Unified-CXM solutions is also highly competitive. Our competitors may be able to respond more quickly and effectively than we can to new or changing opportunities, technologies, standards or enterprise requirements. With the introduction of new technologies, the evolution of our Unified-CXM platform and new market entrants, we expect competition to intensify in the future. Pricing pressures and increased competition generally could result in reduced sales, reduced margins, losses or the failure of our Unified-CXM platform to achieve or maintain more widespread market acceptance, any one of which could harm our business. Our main competitors include, among others, experience management solutions, including solution media solutions, home-grown solutions and tools, adjacent Unified-CXM solutions, such as social messaging, customer service and support solutions, traditional marketing, advertising and consulting firms and customer relationship management and enterprise resource planning solutions. Further, other established SaaS providers and other technology companies not currently focused on Unified-CXM may expand their services to compete with us. Some of our competitors may be able to offer products or functionality similar to ours at a more attractive price than we can or do, including by integrating or bundling such products with their other product offerings. Additionally, some potential customers, particularly large organizations, have elected, and may in the future elect, to develop their own internal Unified-CXM solutions. Acquisitions, partnerships and consolidation in our industry may provide our competitors even more resources or may increase the likelihood of our competitors offering bundled or integrated products that we may not be able to effectively compete against. In particular, as we rely on the availability and accuracy of various forms of customer feedback and input data, the acquisition of any such data providers or sources by our competitors could affect our ability to continue accessing such data. Furthermore, we also are subject to the risk of future disruptive technologies. If new technologies emerge that are able to collect and process experience data, or otherwise develop Unified-CXM solutions at lower prices, more efficiently, more conveniently or with functionality and features enterprises prefer to ours, such technologies could adversely impact our ability to compete. If we are not able to compete successfully against our current and future competitors, our business, results of operations and financial condition may be adversely affected.Our business depends on our customers renewing their subscriptions and on us expanding our sales to existing customers. Any decline in our customer renewals or expansion would harm our business, results of operations and financial condition. Our customers are not obligated to, and may elect not to, renew their subscriptions on the same or similar terms after their existing subscriptions expire. Some of our customers have in the past elected, and may in the future elect, not to renew their agreements with us or otherwise reduce the scope of their subscriptions, and we do not have sufficient operating history with our business model and pricing strategy to accurately predict long-term customer renewal rates. In addition, the growth of our business depends in part on our customers expanding their use of our Unified-CXM platform, which can be difficult to predict. If our customers do not renew their subscriptions, renew on less favorable terms or reduce the scope of their subscriptions, our revenue may decline and we may not realize improved results of operations from our customer base, and, as a result, our business and financial condition could be adversely affected. Some of these facilities may be located in areas prone to natural disasters and may experience events such as earthquakes, floods, fires, severe weather events, power loss, computer or telecommunication failures, service outages or losses, and similar events. They also may be subject to break-ins, sabotage, intentional acts of vandalism and similar misconduct or cybersecurity issues, human error, terrorism, improper operation, unauthorized entry and data loss. In the event of significant physical damage to one of these data centers, it may take a significant period of time to achieve full resumption of our services, and our disaster recovery planning may not account for all eventualities. We also may incur significant costs for using alternative equipment or taking other actions in preparation for, or in reaction to, events that damage the data centers that we use. Although we carry business interruption insurance, it may not be sufficient to compensate us for the potentially significant losses, including the potential harm to the future growth of our business that may result from interruptions in our services or products. Despite precautions taken during this process, any unsuccessful data transfers may impair the delivery of our Unified-CXM platform. Any damage to, or failure of, our systems, or those of our third-party data centers or cloud computing providers or the systems of a customer that hosts our software in their private cloud, could result in interruptions on our Unified-CXM platform or damage to, or loss or compromise of, our data and our customers’ data, including personal data. Any impairment of our or our customers’ data or interruptions in the functioning of our Unified-CXM platform, whether due to damage to, or failure of, third-party data centers, cloud computing providers or the cloud computing providers of our customers or unsuccessful data transfers, may reduce our revenue, result in significant fines, cause us to issue credits or pay penalties, subject us to claims for indemnification and other claims, litigation or 21disputes, result in regulatory investigations or other inquiries, cause our customers to terminate their subscriptions and adversely affect our reputation, renewal rates and our ability to attract new customers. Our business will also be harmed if our existing and potential customers believe that our Unified-CXM platform is unreliable or not secure. Additionally, certain of our data center and clouding computing provider agreements may be terminable for convenience by the counterparty. If services are interrupted at any of these facilities or providers, such agreements are terminated, or we are unable to renew these agreements on commercially reasonable terms or at all, or if one of our data center or cloud computing providers is acquired or encounters financial difficulties, including bankruptcy, we may be required to transfer our servers and other infrastructure to new data centers and cloud computing providers, and we may incur significant costs and possible service interruptions in connection with doing so. In addition, if we do not accurately plan for our data center and cloud computing capacity requirements and we experience significant strains on our data center and cloud computing capacity, we may experience delays and additional expenses in arranging new data center and cloud computing arrangements, and our customers could experience service outages that may subject us to financial liabilities, result in customer losses and dissatisfaction, and materially adversely affect our business, operating results and financial condition. To attract new customers and increase revenue from our existing customers, we will need to enhance and improve our existing platform and introduce new products, features and functionality. Enhancements and new products that we develop may not be introduced in a timely or cost-effective manner, may contain errors or defects, and may have interoperability difficulties with our Unified-CXM platform or other products. We have in the past experienced delays in our internally planned release dates of new products, features and functionality, and there can be no assurance that these developments will be released according to schedule. We also have invested, and may continue to invest, in the acquisition of complementary businesses and technologies that we believe will enhance our Unified-CXM platform. However, we may not be able to integrate these acquisitions successfully or achieve the expected benefits of such acquisitions. We are devoting valuable resources to solutions related to mobile usage, but we cannot assure you that these solutions will be successful. If the mobile solutions we have developed for our Unified-CXM platform do not meet the needs of current or prospective customers, or if our solutions are difficult to access, customers or users may reduce their usage of our Unified-CXM platform or cease using our Unified-CXM platform altogether and our business could suffer. In addition, because our Unified-CXM platform is designed to operate on a variety of networks, applications, systems and devices, we will need to continually modify and enhance our Unified-CXM platform to keep pace with technological advancements in such networks, applications, systems and devices. If we are unable to respond in a timely, user-friendly and cost-effective manner to these rapid technological developments, our Unified-CXM platform may become less marketable and less competitive or obsolete, and our business, results of operations and financial condition may be adversely affected.We use artificial intelligence in our products and operations, which may result in operational challenges, legal liability, reputational concerns and competitive risks.In addition to the use of our own artificial intelligence (“AI”) features within our products, we have also incorporated generative artificial intelligence (“Generative AI”) processes and algorithms into our product offerings and internal operations through third-party partners integrated with our products and tools, which may result in adverse effects to our financial condition, results or reputation. Generative AI features and services leverage existing and widely available technologies, such as those owned by OpenAI or alternative large language model providers. The use of Generative AI processes at scale is relatively new and may lead to challenges, concerns and risks that are significant or that we may not be able to predict, especially if our use of these technologies in our products and services becomes more important to our operations over time.Use of AI or Generative AI in our products and services may be difficult to deploy successfully due to operational issues inherent to the nature of such technologies, including the development, maintenance and operation of deep learning datasets, and our customers failing to adopt or implement our new products as intended. For example, AI and Generative AI algorithms use machine learning and/or content creation which, depending on the reliability of the model, may lead to flawed, biased, unexplained, and inaccurate results, which could lead to customer rejection or skepticism of such products. Emerging ethical issues surround the use of AI or Generative AI, and if our deployment or use of AI or Generative AI becomes controversial or is challenged by our current or prospective 22customers, we may be subject to reputational risk. Additionally, where the product ingests personal data or where it makes connections using such data, these AI or Generative AI processes may reveal other personal or sensitive information generated by the AI or Generative AI solution, or could lead us to be unable to fulfill certain data subject requests in compliance with certain privacy laws, such as requests to delete certain personal data ingested by the product. Further, unauthorized use or misuse of Generative AI by our employees or others, including violation of internal policies or procedures or guidelines, may result in disclosure of confidential company and customer data, reputational harm, privacy law violations, legal liability, or regulatory actions, including algorithmic disgorgement. Improper use of AI and Generative AI could result in biased results and could lead us to make decisions that could bias certain individuals (or classes of individuals), and adversely impact their rights, employment, and ability to obtain certain pricing, products, services, or benefits. In addition, our use of Generative AI may also lead to novel and urgent cybersecurity risks (such as if a bad actor “poisons” the Generative AI with bad inputs or logic), including the misuse of personal or business confidential data, which may adversely affect our operations and reputation. As a result, the integration of Generative AI into our products and operations may not be successful despite expending significant time and monetary resources to attempt to do so. Our investments in deploying such technologies may be substantial, and they may be more expensive than anticipated. If we fail to deploy Generative AI as intended, our competitors may incorporate Generative AI technology into their products or services more successfully than we do, which may impair our ability to effectively compete in the market. Uncertainty in the legal regulatory regime relating to AI may require significant resources to modify and maintain business practices to comply with U.S. and foreign laws, the nature of which cannot be determined at this time as they continue to evolve and solidify. Several jurisdictions around the globe have already proposed or enacted laws or guidelines governing AI. For example, the Biden administration recently issued an executive order on AI that requires companies developing certain types of AI models to notify the federal government of certain safety test results and other information. As another example, European regulators have proposed an AI regulation that imposes onerous obligations related to the use of AI-related systems, and we expect that other jurisdictions will adopt similar laws. Other jurisdictions may decide to adopt similar or more restrictive legislation that may render the use of such technologies challenging. Additionally, certain privacy laws extend rights to consumers (such as the right to delete certain personal data) and regulate automated decision making, which may be incompatible with our AI features or our use of Generative AI. These obligations may make it harder for us to conduct our business using AI or Generative AI, lead to regulatory fines or penalties, require us to change our business practices, retrain our AI, prevent or limit our use of AI or Generative AI, or delete or disgorge certain algorithms. For example, the US Federal Trade Commission has required other companies to turn over or delete or disgorge valuable insights or trainings generated through the use of AI, or the AI models or algorithms themselves, where they allege the company has violated privacy and consumer protection laws. If we cannot use AI or Generative AI, or that use is restricted, our business may be less efficient, or we may be at a competitive disadvantage. Further, intellectual property ownership and liability for violation of open source licenses, infringement or misappropriation of intellectual property and violation of privacy or publicity rights are issues arising from the use of AI technologies that legislators are still attempting to establish and with which courts are still grappling. Therefore, the use of AI technologies in connection with our products or operations may result in the inability to establish ownership of intellectual property or exposure to claims relating to the foregoing.Moreover, our employee and personnel use Generative AI technologies to perform their work, and the disclosure and use of personal data, is subject to various privacy laws and other privacy obligations. Our use of this technology could result in additional compliance costs, regulatory investigations and actions, and lawsuits if we do not use (or are perceived to not use it) it in accordance with our internal policies and governance, applicable laws or other obligations. Output from Generative AI systems that we use may infringe on third party intellectual property rights without us being aware. However, if we are unable to use Generative AI, it could make our business less efficient and result in competitive disadvantages. Additionally, sensitive information of the Company or our customers could be leaked, disclosed, or revealed as a result of or in connection with our employees’, personnel’s, or vendors’ use of Generative AI technologies.Our business and growth depend in part on the success of our strategic relationships with third parties, as well as on the continued availability and quality of feedback data from third parties over whom we do not have control. Failure of any of these technology companies to maintain, support or secure their technology platforms in general, and our integrations in particular, or errors or defects in their technologies or products, could adversely affect our relationships with our customers, damage our brand and reputation and result in delays or difficulties in our ability to provide our Unified-CXM platform. We also rely on the availability and accuracy of various forms of client feedback and input data, including data solicited via survey or based on data sources across modern channels, and any changes in the availability or accuracy of such data could adversely impact our business and results of operations and harm our reputation and brand. In some cases, we rely on negotiated agreements with social media networks and other data providers. These negotiated agreements may provide increased access to application programming interfaces (“APIs”) and data that allow us to provide 23a more comprehensive solution for our customers. These agreements are subject to termination in certain circumstances, and there can be no assurance that we will be able to renew those agreements or that the terms of any such renewal, including pricing and levels of service, will be favorable. We cannot accurately predict the potential impact of the termination of any of our agreements with social media networks and other data providers, including the impact on our access to the related APIs. There can be no assurance that following any such termination we would be able to maintain the current level of functionality of our platform in such circumstances, as a result of more limited access to APIs or otherwise, which could adversely affect our results of operations. In addition, there can be no assurance that we will not be required to enter into new negotiated agreements with data providers in the future to maintain or enhance the level of functionality of our platform, or that the terms and conditions of such agreements, including pricing and levels of service, will not be less favorable, which could adversely affect our results of operations. If we do not spend our research and development budget efficiently or effectively, our business may be harmed and we may not realize the expected benefits of our strategy. Moreover, research and development projects can be technically challenging, time-consuming and expensive. The nature of these research and development cycles may cause us to experience delays between the time we incur expenses associated with research and development and the time we are able to offer compelling platform updates and generate revenue, if any, from such investment. Additionally, anticipated enterprise demand for a solution or solutions we are developing could decrease after the development cycle has commenced, and we would nonetheless be unable to avoid substantial costs associated with the development of any such solutions or solution. If we expend a significant amount of resources on research and development and our efforts do not lead to the successful introduction or improvement of solutions that are competitive in our current or future markets, our business and results of operations would be adversely affected. Although we have developed relationships with certain channel partners, such as referral partners, resellers and integration partners, these channels have resulted in limited revenue to date. We believe that continued growth in our business is dependent upon identifying, developing and maintaining strategic relationships with additional channel partners that can drive additional revenue. Our agreements with our existing channel partners are non-exclusive, meaning our channel partners may offer enterprises the products of several different companies, including products that compete with ours. They also may cease marketing our Unified-CXM platform with limited notice and with little or no penalty. We expect that any additional channel partners we identify and develop will be similarly non-exclusive and not bound by any requirement to continue to market our Unified-CXM platform. If we fail to identify additional channel partners in a timely and cost-effective manner, or at all, if we are unable to assist our current and future channel partners in independently selling and implementing our Unified-CXM platform, or if our channel partners choose to use greater efforts to market their own products or those of our competitors, our business, results of operations and financial condition could be adversely affected. Furthermore, if our channel partners do not effectively market and sell our Unified-CXM platform, or fail to meet the needs of our customers, our reputation and ability to grow our business also may be adversely affected.Sales by channel partners are more likely than direct sales to involve collection issues, in particular sales by our channel partners into developing markets, and, accordingly, variations in the mix between revenue attributable to sales by channel partners and revenue attributable to direct sales may result in fluctuations in our results of operations. The successful promotion of our brand depends on a number of factors, including the effectiveness of our marketing efforts, our ability to continue to develop a high-quality platform, our ability to provide reliable services that continue to meet the needs of our customers, our ability to maintain our customers’ trust and our ability to successfully differentiate our Unified-CXM platform from competitive solutions, which we may not be able to do effectively. We do not have sufficient operating history to know 24whether our brand promotion activities will ultimately be successful or yield increased revenue, and, if they are not successful, our business may be adversely affected. Any unfavorable publicity of our business or platform generally, for example, relating to our privacy practices, terms of service, service quality, litigation, regulatory activity, the actions of our employees, partners or customers or the actions of other companies that provide similar solutions to us, all of which can be difficult to predict, could adversely affect our reputation and brand. In addition, independent industry analysts often provide reviews of our Unified-CXM platform, as well as solutions offered by our competitors, and our brand and perception of our Unified-CXM platform in the marketplace may be significantly influenced by these reviews. If these reviews are negative, or less positive compared to those of our competitors’ solutions, our brand and market position may be adversely affected. It also may be difficult to maintain and enhance our brand as we expand our marketing and sales efforts through channel or strategic partners.The promotion of our brand also requires us to make substantial expenditures. We anticipate that these expenditures will increase as our market becomes more competitive, as we expand into new markets and as more sales are generated through our channel partners. To the extent that these activities yield increased revenue, this revenue may not offset the increased expenses we incur. If we do not successfully maintain and enhance our brand or incur substantial expenses in unsuccessful attempts to promote and maintain our brand, our business may not grow, we may have reduced pricing power relative to competitors and we could lose customers and key employees or fail to attract potential customers or talented personnel, all of which would adversely affect our business, results of operations and financial condition. Consequently, increases or decreases in new sales may not be immediately reflected in our results of operations and may be difficult to discern. As a result, a portion of the revenue we report in each quarter is derived from the recognition of deferred revenue relating to subscriptions entered into during previous quarters. Consequently, a decline in new or renewed subscriptions in any single quarter may have a small impact on our revenue results for that quarter. However, such a decline will negatively affect our revenue in future quarters. Accordingly, the effect of significant downturns in sales and market acceptance of our Unified-CXM platform and potential changes in our pricing policies or rate of expansion or retention may not be fully reflected in our results of operations until future periods. We also may be unable to reduce our cost structure in line with a significant deterioration in sales. In addition, a significant majority of our costs are expensed as incurred, while revenue is recognized over the term of the agreements with our customers. As a result, increased growth in the number of our customers could continue to result in our recognition of more costs than revenue in the earlier periods of the terms of our agreements. Our subscription model also makes it difficult for us to rapidly increase our revenue through additional sales in any period, as revenue from new customers must be recognized over the applicable subscription term.We may acquire or invest in companies, which may divert our management’s attention and result in additional dilution to our stockholders. We may be unable to integrate acquired businesses and technologies successfully or achieve the expected benefits of such acquisitions. We have in the past, and we may in the future, attempt to do so through strategic transactions, including acquisitions of, or investments in, businesses, technologies, services, products and other assets that we believe could complement, expand or enhance our Unified-CXM platform or otherwise offer growth opportunities. We also may enter into relationships with other businesses to expand our Unified-CXM platform, which could involve preferred or exclusive licenses, additional channels of distribution, discount pricing or investments in other companies. Identifying and negotiating these transactions can be time-consuming, difficult and expensive, and our ability to complete these transactions may often be subject to approvals that are beyond our control. We cannot predict the number, timing or size of these transactions. These transactions, even if announced, may not be completed. Any acquisition, investment or business relationship may result in unforeseen operating difficulties and expenditures. In particular, we may encounter difficulties assimilating or integrating the businesses, technologies, products, personnel or operations of the acquired companies, particularly if the key personnel of the acquired company choose not to work for us, their software is not easily adapted to work with our Unified-CXM platform or we have difficulty retaining the customers of any acquired business due to changes in ownership, management or otherwise. Acquisitions, investments or other business relationships also may disrupt our business, divert our resources and require significant management attention that would otherwise be available for development of our existing business. Moreover, the anticipated benefits of any acquisition, investment or business relationship may not be realized or we may be exposed to unknown risks or liabilities.Our international sales and operations, including our planned business development activities outside of the United States, subject us to additional risks and challenges that can adversely affect our business, results of operations and financial condition. As part of our growth strategy, we expect to continue to expand our international operations, which may include opening additional offices in new 25jurisdictions and providing our Unified-CXM platform in additional languages and on-boarding new customers outside the United States. Any new markets or countries into which we attempt to sell subscriptions to our Unified-CXM platform may not be receptive to our business development activities. We currently have sales personnel and sales and customer and product support operations in the United States and certain countries across Europe, the Asia Pacific region and the Americas. We believe that our ability to attract new customers to our Unified-CXM platform and to convince existing customers to renew or expand their use of our Unified-CXM platform is directly correlated to the level of engagement we achieve with our customers in their home countries. To the extent that we are unable to effectively engage with non-U.S. customers, we may be unable to effectively grow in international markets.S. data privacy, protection and security laws, rules and regulations, including data localization requirements, and the risks and costs of non-compliance;•longer payment cycles and difficulties enforcing agreements, collecting accounts receivable or satisfying revenue recognition criteria, especially in emerging markets;•hiring, training, motivating and retaining highly-qualified personnel, while maintaining our unique corporate culture;•increased financial accounting and reporting burdens and complexities;•longer sales cycle and more time required to educate enterprises on the benefits of our Unified-CXM platform outside of the United States;•requirements or preferences for domestic products;•limitations on our ability to sell our Unified-CXM platform and for our solution to be effective in non-U.S.S. operations, including anti-bribery laws, import and export control laws, tariffs, trade barriers, economic sanctions and other regulatory or contractual limitations on our ability to sell our Unified-CXM platform and develop our business in certain non-U.S.S. We may be unable to keep current with changes in government requirements as they change from time to time. Failure to comply with these regulations could have adverse effects on our business. In many foreign countries it is common for others to engage in business practices that are prohibited by our internal policies and procedures or U.S. or other regulations applicable to us. Although we have implemented policies and procedures designed to ensure compliance with these laws and policies, there can be no assurance that our employees, contractors, partners and agents will comply with these laws and policies. Violations of laws or our policies by our employees, contractors, partners or agents could result in delays in revenue recognition, financial reporting misstatements, enforcement actions, disgorgement of profits, fines, civil and criminal penalties, damages, injunctions, other collateral consequences and increased costs, including the costs associated with defending against such actions, or the prohibition of the importation or exportation of our Unified-CXM platform and related services, each of which could adversely affect our business, results of operations and financial condition.S. dollars, could be adversely affected.S. dollar. While we have primarily transacted with customers and vendors in U.S. dollars to date, from time to time we have transacted in foreign currencies for subscriptions to our Unified-CXM platform and may significantly expand the number of transactions with customers that are denominated in foreign currencies in the future. The majority of our international costs are also denominated in local currencies. In addition, our international subsidiaries maintain net assets or liabilities that are denominated in currencies other than the functional operating currencies of these entities. Accordingly, changes in the value of foreign currencies relative to the U.S. dollar can affect our revenue and results of operations due to transactional and translational remeasurements that are reflected in our results of operations. As a result of such foreign currency exchange rate fluctuations, it could be more difficult to detect underlying trends in our business and results of operations. The future use of hedging instruments may introduce additional risks if we are unable to structure effective hedges with such instruments. There can be no assurance that we will be successful in managing our exposure to currency exchange rate risks, which may adversely affect our business, results of operations and financial condition. Some open source software licenses require users who distribute open source software as part of their software to publicly disclose all or part of the source code to such software or make available any derivative works of the open source code (which may include our modifications or product code into which such open source software has been integrated) on unfavorable terms allowing further modification and redistribution and at no or nominal cost, and we may be subject to such terms. The terms of many open source licenses have not been interpreted by U.S. or foreign courts, and there is a risk that these open source licenses could be construed in a way that imposes unanticipated conditions or restrictions on our ability to commercialize our products. While we monitor our use of open source software and try to ensure that none is used in a manner that would require us to disclose source code that we have decided to maintain as proprietary or that would otherwise breach the terms or fail to meet the conditions of an open source license or third-party contract, such use could inadvertently occur, or could be claimed to have occurred, in part because open source license terms are often ambiguous. We could be subject to suits by parties claiming ownership of or demanding release of the open source software or derivative works that we developed using such software, which could include our proprietary source code, or otherwise seeking to enforce the applicable open source licensing terms or alleging that our use of such software infringes, misappropriates or otherwise violates a third party’s intellectual property rights. We may as a result be subject to claims for breach of contract, infringement of intellectual property rights, or indemnity, required to release our proprietary source code, pay damages, royalties, or license fees or other amounts, seek licenses, re-engineer our applications, discontinue sales in the event re-engineering cannot be accomplished on a timely basis or take other remedial action that may divert resources away from our development efforts, any of which could adversely affect our business. Any actual or claimed requirement to disclose our proprietary source code or pay damages for breach of the applicable license could harm our business and could help third parties, including our competitors, develop products and services that are similar to or better than ours. There is typically no support available for open source software, and we cannot ensure that the authors of such open source software will implement or push updates to address security risks or will not abandon further development and maintenance. Many of the risks associated with the use of open source software, such as the lack of warranties or assurances of title or performance, cannot be eliminated, and could, if not properly addressed, negatively affect our business. We have processes to help alleviate these risks, including a review process for screening requests from our developers for the use of open source software, but we cannot be sure that all open source software is identified or submitted for approval prior to use in our products and services. Any of these risks could be difficult to eliminate or manage, and, if not addressed, could have an adverse effect on our business, financial condition, and results of operations.Any failure to obtain, maintain, protect, defend or enforce our intellectual property rights could impair our ability to protect our proprietary technology and our brand and adversely affect our business, financial condition and results of operations.S. issued patents and 10 pending non-provisional or provisional U.S. patent applications. We rely on a combination of patent, copyright, trademark and trade secret laws in the United States and internationally, as well as technological measures and contractual provisions, such as confidentiality or license agreements with our employees, customers, partners, and other third parties, to establish and protect our brand, maintain our competitive position and protect our intellectual property rights from infringement, misappropriation or other violation. However, the steps we take to protect our intellectual property rights may be inadequate or ineffective, and our intellectual property may be challenged, invalidated, narrowed in scope or rendered unenforceable through administrative processes, including re-examination, inter partes review, interference and derivation proceedings and equivalent proceedings in foreign jurisdictions (e.g., opposition proceedings) or litigation. The steps we take to protect our intellectual property rights may not be sufficient to effectively prevent third parties from infringing, misappropriating or otherwise violating our intellectual property or to prevent unauthorized disclosure or unauthorized use of our trade secrets or other confidential information. We cannot guarantee that any of our pending applications will issue or be approved or that our existing and future intellectual property rights will be sufficiently broad to protect our proprietary technology. Further, intellectual property law, including statutory and case law, particularly in the United States, is constantly developing, and any changes in the law could make it harder for us to enforce our rights. Failure to comply with applicable procedural, documentary, fee payment and other similar requirements with the United States Patent and Trademark Office and various similar foreign governmental agencies could result in abandonment or lapse of the affected patent, trademark or application. If this occurs, our competitors might be more successful in their efforts to compete with us. Effective protection of intellectual property rights is expensive and difficult to maintain, both in terms of application and registration costs, as well as the costs of defending and enforcing those rights. However, we cannot guarantee that we have entered into such agreements with each party who has developed intellectual property on our behalf and each party that has or may have had access to our confidential information, know-how and trade secrets. These agreements may be insufficient or breached, or may not effectively prevent unauthorized access to or unauthorized use, disclosure, misappropriation or reverse engineering of, our confidential information, intellectual property, or technology. There can be no assurance that these agreements will be self-executing or otherwise provide meaningful protection for our trade secrets or other intellectual property or proprietary information. Enforcing a claim that a party illegally disclosed or misappropriated a trade secret or know-how is difficult, expensive, and time-consuming, and the outcome is unpredictable. In addition, trade secrets and know-how can be difficult to protect, and some courts inside and outside the United States are less willing or unwilling to protect trade secrets and know-how. If any of our trade secrets were to be lawfully obtained or independently developed by a competitor or other third party, we would have no right to prevent them from using that technology or information to compete with us, and our competitive position would be materially and adversely harmed. The loss of trade secret protection could make it easier for third parties to compete with our products and services by copying functionality. Additionally, individuals not subject to invention assignment agreements may make adverse ownership claims to our current and future intellectual property, and, to the extent that our employees, independent contractors or other third parties with whom we do business use intellectual property owned by others in their work for us, disputes may arise as to the rights in related or resulting know-how and inventions. There is also a risk that we do not establish an unbroken chain of title from inventors to us. An inventorship or ownership dispute could arise that may permit one or more third parties to practice or enforce our intellectual property rights, including possible efforts to enforce rights against us. Additionally, errors in inventorship or ownership can sometimes also impact priority claims, and if 28we were to lose our ability to claim priority for certain patent filings, intervening art or other events may preclude us from issuing patents. Furthermore, we may not always detect infringement, misappropriation or other violation of our intellectual property rights, and any infringement, misappropriation or other violation of our intellectual property rights, even if successfully detected, prosecuted and enjoined, could be costly to deal with and could harm our business. In addition, there can be no assurance that our intellectual property rights will be sufficient to protect against others offering products or services that are substantially similar to ours and competing with our business, and third parties, including our competitors, may independently develop similar technology, duplicate our services or design around our intellectual property and, in such cases, we may not be able to successfully assert our intellectual property rights against such parties. Further, our contractual arrangements may not effectively prevent disclosure of our trade secrets or confidential information or provide an adequate remedy in the event of unauthorized disclosure of our trade secrets or confidential information, and we may be unable to detect the unauthorized use of, or take appropriate steps to enforce, such trade secrets, confidential information and other intellectual property rights. Any of the foregoing could adversely affect our business, results of operations and financial condition. Litigation brought to protect and enforce our intellectual property rights could be costly, time-consuming and distracting to management, and could result in the impairment or loss of portions of our intellectual property. Uncertainties resulting from the initiation and continuation of patent litigation or other proceedings could have a material adverse effect on our ability to compete in the marketplace. Furthermore, our efforts to enforce our intellectual property rights may be met with defenses, counterclaims and countersuits attacking the validity and enforceability of our intellectual property rights, which could result in the impairment or loss of portions of our intellectual property portfolio. An adverse determination of any litigation proceedings could put our intellectual property at risk of being invalidated or interpreted narrowly and could put our related patents, pending patent applications and trademark filings at risk of being invalidated, not issuing or being cancelled. Furthermore, because of the substantial amount of discovery required in connection with intellectual property litigation, there is a risk that some of our confidential or sensitive information could be compromised by disclosure in the event of litigation. In addition, during the course of litigation there could be public announcements of the results of hearings, motions or other interim proceedings or developments. Despite our efforts, we may not be able to prevent third parties from infringing, misappropriating or otherwise violating, or from successfully challenging, our intellectual property rights. If securities analysts or investors perceive these results to be negative, it could have a substantial adverse effect on the price of our Class A common stock. Such litigation or proceedings could substantially increase our operating losses and reduce the resources available for development activities or any future sales, marketing or distribution activities. Our failure to obtain, maintain, protect, defend and enforce our intellectual property rights could adversely affect our brand and business, financial condition and results of operations. Our future success depends in part on our ability to develop and commercialize our products and services without infringing, misappropriating or otherwise violating the intellectual property and proprietary rights of others. From time to time, we have received and may in the future receive claims from third parties, including our competitors, alleging that our Unified-CXM platform and underlying technology infringe, misappropriate or otherwise violate such third party’s intellectual property rights, including their trade secrets, and we may be found to be infringing upon such rights. For example, on February 25, 2022, we agreed to settle all outstanding claims with Opal Labs Inc. (“Opal”) with respect to Opal’s complaints alleging breach of contract and violation of Oregon’s Uniform Trade Secrets Act, among other claims, and, on March 1, 2022, the court dismissed those claims with prejudice. The Company and Opal finalized the settlement on March 15, 2022, and it was paid on March 30, 2022. It is possible that we may be unsuccessful in such proceedings, resulting in a loss of some portion or all of our patent rights. Any claims or litigation, regardless of their merit, could cause us to incur significant expenses, pay substantial amounts in costs or damages, ongoing royalty or license fees or other payments, or could prevent us from offering all or aspects of our Unified-CXM platform or using certain technologies, require us to re-engineer all or a portion of our Unified-CXM platform, force us to implement expensive workarounds or re-designs, distract management from our business or require that we comply with other unfavorable terms. If any of our technologies, products or services are found to infringe, misappropriate or violate a third party’s intellectual property rights, we may seek to obtain a license under such third party’s intellectual property rights in order to bring an end to certain claims or actions asserted against us to continue commercializing or using such technologies, products and services. However, we may not be able to obtain such a license on commercially reasonable terms or at all. Even if we were able to obtain a 29license, it could be non-exclusive, thereby giving our competitors and other third parties access to the same technologies licensed to us, and it could require us to make substantial licensing and royalty payments. Such “non-practicing entities” and other intellectual property rights holders may attempt to assert intellectual property claims against us or seek to monetize the intellectual property rights they own to extract value through licensing or other settlements. We have in the past and may in the future be requested to and/or obligated to indemnify our customers or business partners in connection with any such litigation and to obtain licenses or refund subscription fees, which could further exhaust our resources. Even if we were to prevail in the event of claims or litigation against us, any claim or litigation regarding our technology or intellectual property, with or without merit, could be unpredictable, costly and time-consuming, and divert significant resources and the attention of our management and other employees from our business operations. Such disputes also could disrupt our Unified-CXM platform and products, which would adversely impact our client satisfaction and ability to attract customers. In the case of infringement, misappropriation or other violation caused by technology that we obtain from third parties, any indemnification or other contractual protections we obtain from such third parties, if any, may be insufficient to cover the liabilities we incur as a result of such infringement or misappropriation. The strength of our defenses will depend on the patents asserted, the interpretation of these patents, and our ability to invalidate the asserted patents. However, we could be unsuccessful in advancing non-infringement or invalidity arguments in our defense. In the United States, issued patents enjoy a presumption of validity, and the party challenging the validity of a patent claim must present clear and convincing evidence of invalidity, which is a high burden of proof. Conversely, the patent owner need only prove infringement by a preponderance of the evidence, which is a lower burden of proof. We also may be unaware of the intellectual property rights of others that may cover some or all of our technology. Because patent applications can take years to issue and are often afforded confidentiality for some period of time, there may currently be pending applications, unknown to us, that later result in issued patents that could cover one or more of our products. If we are required to make substantial payments or undertake any of the other actions noted above as a result of any intellectual property infringement, misappropriation or violation claims against us, such payments, costs or actions could have a material adverse effect on our competitive position, business, financial condition and results of operations. We have in the past and may in the future receive indemnification requests from our customers related to such claims. In addition, customers typically require us to indemnify or otherwise be liable to them for breach of confidentiality or failure to implement adequate security measures with respect to their data stored, transmitted or processed by our Unified-CXM platform. The terms of these contractual provisions often survive termination or expiration of the applicable agreement. Large indemnity payments or damage claims from contractual breach could harm our business, results of operations and financial condition. Although we generally attempt to contractually limit the scope of our liability with respect to such obligations, we are not always successful, and we may incur substantial liability related to them. Any dispute with a customer with respect to such obligations could have adverse effects on our relationship with that customer and other current and prospective customers, reduce demand for our Unified-CXM platform and harm our business, financial condition and results of operations. Under these source code escrow agreements, our source code may be released to the customer upon the occurrence of specified events, such as in situations of our bankruptcy or insolvency or our failure to support or maintain our solutions. Disclosing the content of our source code may limit the intellectual property protection we can obtain or maintain for our source code or our solutions containing that source code and may facilitate intellectual property infringement, misappropriation or other violation claims against us. Additionally, following any such release, customers may be able to create derivative works based on our source code and may own such derivative works. Any increase in the number of people familiar with our source code as a result of any such release also may increase the risk of a successful hacking attempt. Each of these could have a material adverse effect on our business, financial condition and results of operations.30Risks Related to Litigation, Regulatory Compliance and Governmental MattersOur business and operations could be negatively affected if we become subject to any securities litigation or stockholder activism.In the past, securities class action litigation often has been brought against a company following a decline in the market price of its securities. In addition, stockholder activism, which could take many forms and arise in a variety of situations, has been increasing recently, and new universal proxy rules could significantly lower the cost and further increase the ease and likelihood of stockholder activism. This risk is especially relevant for us because technology companies have experienced significant stock price volatility in recent years. Volatility in our stock price or other reasons may in the future cause us to become the target of securities litigation or stockholder activism. Securities litigation and stockholder activism, including potential proxy contests, could result in substantial costs, including significant legal fees and other expenses, and divert our management and board of directors’ attention and resources from our business. Additionally, securities litigation and stockholder activism could give rise to perceived uncertainties as to our future, adversely affect our relationships with customers and business partners, adversely affect our reputation, and make it more difficult to attract and retain qualified personnel. Our stock price could also be subject to significant fluctuation or otherwise be adversely affected by the events, risks and uncertainties of any securities litigation and stockholder activism.We are subject to governmental export and import controls and economic sanctions laws and regulations that could impair our ability to compete in international markets and subject us to liability if we are not in full compliance with applicable laws.S. export and similar laws and regulations, including the United States Department of Commerce’s Export Administration Regulations and various economic and trade sanctions regulations administered by the United States Treasury Department’s Office of Foreign Assets Controls. The U.S. export control laws and economic sanctions laws include restrictions or prohibitions on the sale or supply of certain products and services to certain embargoed or sanctioned countries, governments, persons and entities. In addition, we may incorporate encryption technology into certain of our offerings, and encryption offerings and the underlying technology may be exported outside of the United States only with the required export authorizations, including by license, and we cannot guarantee that any required authorization will be obtained. If we are found to be in violation of U.S. economic sanctions or export control laws, it could result in substantial fines and penalties for us and for the individuals working for us. We also may experience other adverse effects, including reputational harm and loss of access to certain markets. Changes in our Unified-CXM platform or future changes in export and import regulations may prevent our customers with international operations from utilizing our Unified-CXM platform globally or, in some cases, prevent the export or import of our Unified-CXM platform to certain countries, governments or persons altogether. Any decreased use of our Unified-CXM platform or limitation on our ability to export or sell our Unified-CXM platform could adversely affect our business, results of operations and financial condition.S. Foreign Corrupt Practices Act of 1977, as amended (the “FCPA”), the U.K. Bribery Act and other anti-corruption, anti-bribery and anti-money laundering laws in the jurisdictions in which we do business, both domestic and abroad. These laws generally prohibit us and our employees from improperly influencing government officials or commercial parties in order to obtain or retain business, direct business to any person or gain any advantage. The FCPA, U.K. Bribery Act and other applicable anti-bribery and anti-corruption laws also may hold us liable for acts of corruption and bribery committed by our third-party business partners, representatives and agents. In addition to our own sales force, we leverage third parties to sell our products and conduct our business abroad. We and our third-party business partners, representatives and agents may have direct or indirect interactions with officials and employees of government agencies or state-owned or affiliated entities and we may be held liable for the corrupt or other illegal activities of these third-party business partners and intermediaries, our employees, representatives, contractors, channel partners and agents, even if we do not explicitly authorize such activities. These laws also require that we keep accurate books and records and maintain internal controls and compliance procedures designed to prevent any such actions. While we have policies and procedures to address compliance with such laws, we cannot assure you that our employees and agents will not take actions in violation of our policies or applicable law, for which we may be ultimately held responsible and our exposure for violating these laws increases as our international presence expands and as we increase sales and operations in foreign jurisdictions. Any violation of the FCPA, U.K. Bribery Act or other applicable anti-bribery, anti-corruption laws and anti-money laundering laws could result in whistleblower complaints, adverse media coverage, investigations, imposition of significant legal fees, loss of export privileges, severe criminal or civil sanctions or suspension or debarment from U.S. government contracts, substantial diversion of management’s attention, a decline 31in the market price of our Class A common stock or overall adverse consequences to our reputation and business, all of which may have an adverse effect on our results of operations and financial condition. Federal or state government bodies or agencies have in the past adopted, and may in the future adopt, laws or regulations affecting the use of the Internet as a commercial medium. Legislators, regulators or government bodies or agencies also may make legal or regulatory changes or interpret or apply existing laws or regulations that relate to the use of the Internet in new and materially different ways. Changes in these laws, regulations or interpretations could require us to modify our Unified-CXM platform in order to comply with these changes, to incur substantial additional costs or divert resources that could otherwise be deployed to grow our business, or expose us to unanticipated civil or criminal liability, among other things.In addition, government agencies and private organizations have imposed, and may in the future impose, additional taxes, fees or other charges for accessing the Internet or commerce conducted via the Internet. Internet access is frequently provided by companies that have significant market power and could take actions that degrade, disrupt or increase the cost of our customers’ use of our Unified-CXM platform, which could negatively impact our business. In December 2017, the Federal Communications Commission (“FCC”), voted to repeal its “net neutrality” Open Internet rules, effective June 2018. The rules were designed to ensure that all online content is treated the same by internet service providers and other companies that provide broadband services. The FCC’s new rules, which took effect on June 11, 2018, repealed the neutrality obligations imposed by the Open Internet rules and granted providers of broadband internet access services greater freedom to make changes to their services, including, potentially, changes that may discriminate against or harm our business. In October 2023, the FCC voted to begin the process of reinstating substantially all of the net neutrality rules that had been in place prior to the 2018 repeal. We cannot predict the actions that the FCC may take, whether any new FCC order or state initiatives regulating providers will be modified, overturned, or vacated by legal action, federal legislation, or the FCC itself, or the degree to which further regulatory action - or inaction - may adversely affect our business.These developments could limit the growth of Internet-related commerce or communications generally or result in reductions in the demand for Internet-based platforms and services such as ours, increased costs to us or the disruption of our business. In addition, as the Internet continues to experience growth in the numbers of users, frequency of use and amount of data transmitted, the use of the Internet as a business tool could be adversely affected due to delays in the development or adoption of new standards and protocols to handle increased demands of Internet activity, security, reliability, cost, ease-of-use, accessibility and quality of service. The performance of the Internet and its acceptance as a business tool has been adversely affected by data security and privacy issues, and the Internet has experienced a variety of outages and other degradations as a result of damage to portions of its infrastructure. If the use of the Internet generally, or our Unified-CXM platform specifically, is adversely affected by these or other issues, we could be forced to incur substantial costs, demand for our Unified-CXM platform could decline and our results of operations and financial condition could be harmed.Risks Related to Privacy, Information Technology and CybersecurityInterruptions in availability or suboptimal performance associated with our technology and infrastructure may adversely affect our business, results of operations and financial condition.We seek to maintain the integrity and availability of our products and confidentiality of our confidential information through certain controls, such as business continuity and disaster recovery plans, redundant designs of operational systems and processes, training and availability of key employees, contractual and technical assurances by our third-party service providers to maintain their services to us, regular tests and audits of critical systems and plans, capacity planning for current and future system and process needs, enterprise risk management, and periodic review of our plans. We are exposed to threats and resulting risks that may result in a significant disruption of our ability to deliver our products to our customers. Our Unified-CXM platform is proprietary, and we are dependent on the expertise and efforts of members of our engineering, operations and software development teams for its continued performance. We have experienced, and may in the future experience, service disruptions, outages and other performance problems due to a variety of factors, including infrastructure changes, introductions of new functionality, human or software errors, capacity constraints due to an overwhelming number of users accessing our Unified-CXM platform concurrently and denial of service attacks or other security-related incidents. Frequent or persistent interruptions in our products and services could cause customers to believe that our products and services are unreliable, leading them to switch to our competitors or to avoid our products and services. Additionally, our insurance policies may be insufficient to cover a claim made against us by any such customers affected by any 32errors, defects or other infrastructure problems. In some instances, we may not be able to rectify, remediate or even identify the cause or causes of these performance issues within an acceptable period of time. It may become increasingly difficult to maintain and improve our performance, especially during peak usage times, as our Unified-CXM platform becomes more complex and our user traffic increases. If our Unified-CXM platform is unavailable or if users are unable to access our Unified-CXM platform within a reasonable amount of time, or at all, our business, results of operations and financial condition would be adversely affected. Moreover, some of our customer agreements include performance guarantees and service-level standards that obligate us to provide credits or termination rights in the event of a significant disruption in the functioning of our Unified-CXM platform.We are subject to stringent and changing obligations related to data privacy and security. Our data processing activities subject us to numerous data privacy and security obligations, such as various laws, regulations, guidance, industry standards, external and internal privacy and security policies, contracts, and other obligations that govern the processing of confidential information by us and on our behalf. For example, some of our data processing practices may be challenged under wiretapping laws, as we obtain customer information from third parties through various methods, including chatbot and session replay providers, or via third-party marketing pixels. In the past few years, numerous U.S. states—including California, Virginia, Colorado, Connecticut, and Utah—have enacted comprehensive privacy laws that impose certain obligations on covered businesses, including providing specific disclosures in privacy notices and affording residents with certain rights concerning their personal data. As applicable, such rights may include the right to access, correct, or delete certain personal data, and to opt-out of certain data processing activities, such as targeted advertising, profiling, and automated decision-making. The exercise of these rights may impact our business and ability to provide our products and services. These state laws also allow for statutory fines for noncompliance. For example, under the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, “CCPA”) noncompliance may carry fines of up to $7,500 per intentional violation; the CCPA also allows for a private right of action for certain data breaches. These laws, as well as other laws or regulations relating to data privacy and security, particularly any new or modified laws or regulations that require enhanced protection of certain types of data or new obligations with regard to data retention, transfer or disclosure, may result in further uncertainty with respect to data privacy and security issues, and will require us to incur additional resource, costs and expenses in an effort to comply. The enactment of such laws has prompted similar legislative developments in other states, which could create the potential for a patchwork of overlapping but different state laws, as certain state laws may be more stringent, broader in scope or offer greater individual rights with respect to personal data than federal, foreign or other state laws, which may complicate compliance efforts. The federal government is also considering comprehensive privacy legislation.In addition, as we continue to expand our business activities, we are accessing additional types and greater volumes of potentially confidential information that may subject us to additional privacy and security laws and obligations. For example, in certain limited instances, we may agree with specific customers to permit the exchange of protected health information through certain approved platform components. Our access to protected health information for specific agreed use cases on behalf of those customers that are covered entities and therefore subject to the Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act (collectively, “HIPAA”), may subject us to HIPAA’s specific requirements relating to the privacy, security, and transmission of protected health information. To the extent that we become subject to HIPAA, our failure to comply could result in significant penalties. Additionally, to the extent that additional customers with whom we did not agree to permit the exchange of protected health information through our platforms in their capacity as covered entities nonetheless provide such information in violation of their contractual obligations with us, we could also be subject to additional 33compliance risks. Similar privacy, security, and transmission obligations may apply to us outside the United States if we process health information and other categories of confidential information and our failure to comply could result in significant penalties.As another example, we process an increasing amount of credit card data, and we have entered contractual relationships requiring us to comply with the Payment Card Industry Data Security Standard (“PCI DSS”). The PCI DSS requires companies to adopt certain measures to ensure the security of cardholder information, including using and maintaining firewalls, adopting proper password protections for certain devices and software, and restricting data access. Noncompliance with PCI-DSS can result in penalties ranging from $5,000 to $100,000 per month by credit card companies, litigation, damage to our reputation, and revenue losses. Some examples of these laws include the European Union’s General Data Protection Regulation (“EU GDPR”), the United Kingdom’s GDPR (“UK GDPR” and, together with EU GDPR, “GDPR”), Brazil’s General Data Protection Law (Lei Geral de Proteção de Dados Pessoais) (Law No. These laws all impose strict requirements for processing personal data.5 million or 4% of global annual turnover) and can result in data processing bans, other administrative penalties and litigation brought by classes of data subjects or consumer protection organizations authorized at law to represent their interests, together with associated damage to our reputation. In particular, European and other data protection laws, including the GDPR, restrict the ability of companies to transfer personal data to the United States and other countries, and there are rigorous restrictions regarding transfers of personal data from China. Although there are currently various mechanisms that may be used to enable the transfer of personal data from the European Economic Area (“EEA”) and UK to the United States in compliance with the law, such as the EU-US Data Privacy Framework and the UK extension thereto (to which we are an active participant) and the EU’s standard contractual clauses, these mechanisms are subject to legal challenges, and there is no continued assurance that we can satisfy or rely on these measures to lawfully transfer personal data to the United States or other countries with “inadequate” data protection regimes without the potential for future challenge. Additionally, companies that transfer personal data out of the EEA and UK to other jurisdictions, particularly to the United States, are subject to increased scrutiny from regulators, individual litigants, and activist groups.We may also become subject to new laws in the EEA that regulate cybersecurity and non-personal data, such as the European Data Act. Enforcement of these requirements has increased, and a new regulation proposed in the European Union, known as the ePrivacy Regulation, makes these requirements, as well as requirements around tracking technologies, such as cookies, more stringent and increases the penalties for violating them. Such restrictions could increase our exposure to regulatory enforcement action, increase our compliance costs, and adversely affect our business. Therefore, obtaining information from third parties carries risk to us as a data purchaser. Additionally, the California Delete Act requires the California Privacy Protection Agency to establish by January 1, 2026 a mechanism to allow California consumers to submit a single, verifiable request to delete all of their personal data held by all registered data brokers and their service providers. Moreover, third-party data suppliers have recently been subject to increased 34litigation under various claims of violating certain state privacy laws. These laws and challenges may make it so difficult for our suppliers to provide data to us that the costs associated with the data materially increase or may materially decrease the availability of data that our data suppliers can provide us.In addition to data privacy and security laws, our contractual obligations relating to data privacy and security have become increasingly stringent due to changes in data privacy and security and the expansion of our service offerings.Moreover, we are certified or assessed to be compliant with UK Cyberessentials, System and Organization Controls (“SOC”) 1, SOC 2, SOC 3, ISO 27001, PCI-DSS 3.2, HIPAA (under Statements on Standards for Attestation Engagements (“SSAE”) 21 reporting), and maintain a Federal Risk and Authorizations Management Program (“FedRAMP”) LI-SaaS Authority to Operate (“ATO”). If we are unable to maintain these certifications or meet these standards, it could adversely affect our ability to provide our solutions to certain customers and could harm our business. Although we endeavor to comply with our public statements and documentation, we may at times fail to do so or be alleged to have failed to do so. Our privacy policies and other statements regarding data privacy and security can subject us to potential government or legal action if they are found to be deceptive, unfair, or misrepresentative of our actual practices. Should any of these statements prove to be untrue or be perceived as untrue, even though circumstances beyond our reasonable control, we may face litigation, disputes, claims, investigations, inquiries or other proceedings including, without limitation, by the U.S. Federal Trade Commission, federal, state and foreign regulators, our customers and private litigants, which could adversely affect our business, reputation, results of operations and financial condition. In particular, plaintiffs have become increasingly more active in bringing privacy-related claims against companies, including class claims and mass arbitration demands. Some of these claims allow for the recovery of statutory damages on a per violation basis, and, if viable, carry the potential for monumental statutory damages, depending on the volume of data and the number of violations. Even the perception of privacy concerns, whether or not valid, may inhibit market adoption, effectiveness or use of our applications. Use of our Unified-CXM platform also involves processing our customers’ information, including personal data regarding their customers, employees or other individuals. Further, these threats are becoming increasingly difficult to detect and come from a variety of sources, including traditional computer “hackers,” threat actors, “hacktivists,” organized crime threat actors, personnel (such as through theft or misuse), sophisticated nation-states, and nation-state-supported actors. In particular, ransomware attacks, including by organized criminal threat actors, nation-states, and nation-state-supported actors, are prevalent and severe and can lead to significant interruptions in our operations, loss of data and income, reputational harm, and diversion of funds. Extortion payments may alleviate the negative impact of a ransomware attack, but we may be unwilling or unable to make such payments due to, for example, applicable laws or regulations prohibiting such payments. Adware, telecommunications failures, earthquakes, fires, floods, adverse weather events, and man-made disasters may also impact the availability of our systems and operations. Furthermore, our services are critical to the internal processes of a large number of companies worldwide and, as a result, if our products are compromised, a significant number or, in some instances, all of our customers and their data could be simultaneously affected, which could cause serious disruption and harm. The potential liability and associated consequences we could suffer as a result could be significant. Future or past business transactions (such as acquisitions or integrations) could expose us to additional cybersecurity risks and vulnerabilities, as our systems could be negatively affected by vulnerabilities present in acquired or integrated entities’ systems and technologies. We may also discover security issues that were not identified during due diligence of such acquired or integrated entities, and it may be difficult to integrate other companies into our information technology environment and security program. We take steps designed to detect, mitigate, and remediate vulnerabilities in our information systems (such as our hardware, software, and products, and those of the third parties upon which we rely). We have not always been able in the past and may be unable in the future to detect and remediate all such vulnerabilities in 36our information systems including on a timely basis. Further, in some cases, these vulnerabilities may require immediate attention, but we may still experience delays in developing and deploying remedial measures designed to address any such vulnerabilities. Even if we have issued or otherwise made patches or information for vulnerabilities in our information systems, our customers may be unwilling or unable to deploy such patches and use such information effectively and in a timely manner. Vulnerabilities could be exploited and result in a security incident.Any of the previously identified or similar threats could cause a security incident or other interruption that could result in unauthorized, unlawful, or accidental acquisition, modification, destruction, loss, alteration, encryption, disclosure of, or access to our confidential information. A security incident or other interruption could disrupt our ability (and that of third parties upon which we rely) to provide our Unified-CXM platform and our services. We may expend significant resources or modify our business activities to try to protect against security incidents. We have in the past and may in the future be subject to attempted or successful cybersecurity attacks by third parties seeking unauthorized access to our or our customers’ confidential information or to disrupt our ability to provide our Unified-CXM platform.We operate our products for the benefit of our customers who have documented responsibilities to maintain certain security controls, such as provisioning and deprovisioning users, in their respective environments without oversight or control by us. Our customers may weaken or incorrectly configure security controls provided by us to maintain the security of their environments, resulting in a loss of confidentiality or integrity of such customer’s data or processes. Such an event may also result in a compromise to our information technology systems or a security incident. Such notifications are costly, and the notifications or the failure to comply with such requirements could lead to adverse consequences. These consequences may include: government enforcement actions (for example, investigations, fines, penalties, audits, and inspections); additional reporting requirements and/or oversight; restrictions on processing confidential information (including personal data); litigation (including class claims); indemnification obligations; negative publicity; reputational harm; monetary fund diversions; interruptions in our operations (including availability of data); financial loss; and other similar harms.Our contracts may not contain limitations of liability, and even where they do, there can be no assurance that limitations of liability in our contracts are sufficient to protect us from liabilities, damages, or claims related to our data privacy and security obligations.We cannot be sure that our insurance coverage will be adequate or sufficient to protect us from or to mitigate liabilities arising out of our privacy and security practices, that such coverage will continue to be available on commercially reasonable terms or at all, or that such coverage will pay future claims.In addition to experiencing a security incident, third parties may gather, collect, or infer sensitive information about us from public sources, data brokers, or other means that reveals competitively sensitive details about our organization and could be used to undermine our competitive advantage or market position. The application of these tax laws to services provided electronically is evolving. In particular, the applicability of sales taxes to our products and services in various jurisdictions is unclear.Furthermore, an increasing number of states have considered or adopted laws that attempt to impose tax collection obligations on out-of-state companies. The Supreme Court of the United States ruled in South Dakota v. Wayfair, Inc. et al (“Wayfair”), that online sellers can be required to collect sales and use tax despite not having a physical presence in the buyer’s state or “economic nexus.” In response to Wayfair, or for other reasons, states or local governments have adopted and begun to enforce, and other states or local 37governments may adopt, or begin to enforce, laws requiring us to calculate, collect, and remit taxes on sales in their jurisdictions. Similarly, many non-U.S. jurisdictions have considered or adopted laws that impose VAT, digital service, or similar taxes, on companies despite not having a physical presence in the non-U.S. jurisdiction. It is possible, however, that we could face sales tax, VAT, GST or similar tax audits and that our liability for these taxes could exceed our estimates if state, local, and non-U.S. tax authorities assert that we are obligated to collect additional tax amounts from our customers and remit those taxes to those authorities. We also could be subject to audits in state, local and non-U.S. jurisdictions for which we have not accrued tax liabilities. A successful assertion by one or more states, localities or non-U.S. jurisdictions requiring us to collect taxes where we presently do not do so, or to collect more taxes in a jurisdiction in which we currently do collect some taxes, could result in substantial tax liabilities, including taxes on past sales, as well as penalties and interest. Such tax assessments, penalties, and interest, or future requirements may adversely affect our results of operations. Our intercompany relationships are subject to complex transfer pricing regulations administered by taxing authorities in various jurisdictions. The relevant taxing authorities may disagree with our determinations as to the value of assets sold or acquired or the income and expenses attributable to specific jurisdictions. If such a disagreement were to occur and our position were not sustained, we could be required to pay additional taxes, interest and penalties, which could result in one-time tax charges, higher effective tax rates, reduced cash flows and lower overall profitability of our operations. Due to the expansion of our international business activity, any such changes could increase our worldwide effective tax rate and adversely affect our business, results of operations and financial condition. For example, recent legislation in the United States, commonly referred to as the Inflation Reduction Act, enacts a minimum tax equal to 15 percent of the adjusted financial statement income of certain large U.S. corporations, as well as a one percent excise tax on stock repurchases imposed on public corporations making such repurchases. It is possible that the Inflation Reduction Act could increase our tax liability. The current or future U.S. presidential administration could propose or enact changes to U.S. tax laws that we cannot currently predict and that could materially affect our business, results of operations and financial condition. Additionally, the Organization for Economic Co-operation and Development (“OECD”) has released guidance covering various topics, including transfer pricing, country-by-country reporting and definitional changes to permanent establishment that could ultimately impact our tax liabilities as countries adopt the OECD’s guidance. An adverse outcome of any such audit or examination by the IRS or other tax authority could have a material adverse effect on our results of operations and financial condition. As a result, we have received, and may in the future receive, assessments in multiple jurisdictions on various tax-related matters. Taxing authorities also have challenged, and may in the future challenge, our tax positions and methodologies on various matters. We regularly assess the likelihood of adverse outcomes resulting from ongoing tax examinations to determine the adequacy of our provision for income taxes. These assessments can require considerable estimates and judgments. There can be no assurance that our tax positions and methodologies are accurate or that the outcomes of ongoing and future tax examinations will not have an adverse effect on our results of operations and financial condition.Our ability to use our net operating losses and other tax assets to offset future taxable income or tax liability be subject to certain limitations.S. federal and state net operating loss (“NOL”) carryforwards as a result of prior period losses, some of which, if not utilized, may expire. Such an “ownership change” generally occurs if there is a greater than 50 percentage point change (by value) in our equity ownership by one or more stockholders or groups of stockholders who own at least 5% of our stock over a three-year period. We have experienced ownership changes in the past and may experience ownership changes in the 38future as a result of subsequent shifts in our stock ownership. As a result, if we earn net taxable income, our ability to use our pre-change net operating loss carryforwards and other pre-change tax attributes to offset U.S. federal and state taxable income or tax liability may be subject to limitations, which could potentially result in increased future tax liability to us. Furthermore, under the current U.S. Under current U.S. federal tax laws, net operating losses generally are not permitted to be carried back to prior taxable years. There is also a risk that, due to regulatory changes, such as suspensions of the use of NOLs, or other unforeseen reasons, our existing NOLs could expire or otherwise be unavailable to offset future income tax liabilities. For these reasons, we may not be able to realize a tax benefit from the use of our NOLs, whether or not we attain profitability. These fluctuations have often been unrelated or disproportionate to the operating performance of these companies. Broad market and industry fluctuations, as well as general economic, political, regulatory and market conditions, may continue to negatively impact investor confidence and the market price of equity securities, including our Class A common stock. In the past, following periods of volatility in the trading price of a company’s securities, securities class action litigation has often been brought against that company. If the market price of our Class A common stock is volatile, we may become the target of securities litigation. Securities litigation could result in substantial costs and divert our management’s attention and resources from our business. This could have an adverse effect on our business, results of operations and financial condition.6% of our outstanding capital stock, but controlled approximately 89.0% of the voting power of our outstanding capital stock. Therefore, the holders of Class B common stock have control over our management and affairs and over all matters requiring stockholder approval, including election of directors and significant corporate transactions, such as a merger or other sale of us or our assets, for the foreseeable future. This concentrated control will limit your ability to influence corporate matters for the foreseeable future, and, as a result, the market price of our Class A common stock could be adversely affected.0% of our Class B common stock, and controlled approximately 88.8% of the voting power of our outstanding capital stock. This concentration of ownership will limit the ability of other stockholders to influence corporate matters and may cause us to make strategic decisions that could involve risk to holders of our Class A common stock or that may not be aligned to the interest of holders of our Class A common stock, including decisions to delay, prevent or discourage acquisition proposals or other offers for our capital stock that you may feel are in your best interest as a stockholder and ultimately could deprive you of an opportunity to receive a premium for your Class A common stock as part of a sale of our company, which in turn might adversely affect the market price of our common stock.We cannot guarantee that our share repurchase program will be fully consummated or that it will enhance long-term stockholder value. Share repurchases could also increase the volatility of the trading price of our common stock and could diminish our cash reserves.Our board of directors has approved a share repurchase program to repurchase up to $200 million of our Class A common stock through December 31, 2024 in open market purchases at prevailing market prices or in negotiated transactions off the market, including, without limitation, accelerated share repurchase transactions, collared accelerated share repurchase transactions, volume weighted average purchase prepaid forward transactions and similar arrangements (the “2024 repurchase program”). Although our board of directors has authorized the 2024 repurchase program, it does not obligate us to repurchase any specific dollar amount or to acquire any specific number of shares. The 2024 repurchase program may be modified, suspended, or terminated at any time, and we cannot guarantee that the program will be fully consummated or that it will enhance long-term stockholder value. The 2024 repurchase program could affect the trading price of our stock and increase volatility, and any announcement of a termination of this program may result in a decrease in the trading price of our stock. In addition, the 2024 repurchase program could diminish our cash and cash equivalents and marketable securities. If we fail to maintain an effective system of disclosure controls and internal control over financial reporting, our ability to produce timely and accurate financial statements or comply with applicable regulations could be impaired. The Sarbanes-Oxley Act requires, among other things, that we maintain effective disclosure controls and procedures and internal control over financial reporting. We have expended, and anticipate that we will continue to expend, significant resources in order to maintain and improve the effectiveness of our disclosure controls and procedures and internal control over financial reporting.Our current controls and any new controls that we develop may become inadequate because of changes in the conditions in our business, including increased complexity resulting from our international expansion. Further, weaknesses in our disclosure controls or our internal control over financial reporting have been and may be discovered in the future. Any failure to develop or maintain effective controls, or any difficulties encountered in their implementation or improvement, could harm our results of operations or cause us to fail to meet our reporting obligations and may result in a restatement of our financial statements for prior periods. Any 40failure to implement and maintain effective internal control over financial reporting also could adversely affect the results of periodic management evaluations and annual independent registered public accounting firm attestation reports regarding the effectiveness of our internal control over financial reporting that we will eventually be required to include in our periodic reports that will be filed with the SEC. Ineffective disclosure controls and procedures and internal control over financial reporting also could cause investors to lose confidence in our reported financial and other information, which would likely adversely affect the market price of our Class A common stock. In addition, if we are unable to continue to meet these requirements, we may not be able to remain listed on the New York Stock Exchange. Any failure to maintain effective disclosure controls and internal control over financial reporting could have an adverse effect on our business, results of operations and financial condition and could cause a decline in the market price of our Class A common stock.The global economy, including credit and financial markets, has experienced extreme volatility and disruptions, including severely diminished liquidity and credit availability, declines in consumer confidence, declines in economic growth, increases in unemployment rates, increases in inflation rates, higher interest rates, disruptions in access to bank deposits or lending commitments due to bank failures and uncertainty about economic stability. For example, the COVID-19 pandemic resulted in widespread unemployment, economic slowdown and extreme volatility in the capital markets. Similarly, the Russia-Ukraine war has also added to, and the Israel-Hamas war and related regional tensions may add to, the extreme volatility in the global capital markets and is expected to have further global economic consequences, including disruptions of the global supply chain and energy markets. In addition, rising inflation and other macroeconomic pressures in the U.S. and the global economy could exacerbate extreme volatility in the global capital markets and heighten unstable market conditions. Any such volatility and disruptions may have adverse consequences on us or the third parties on whom we rely. If the equity and credit markets continue to deteriorate, including as a result of recent bank closures, public health crises, or political unrest, war or a global or domestic recession or the fear thereof, it may make any necessary debt or equity financing more difficult to obtain in a timely manner or on favorable terms, more costly or more dilutive. Increased inflation rates can adversely affect us by increasing our costs, including labor and employee benefit costs. In addition, higher inflation also could increase our customers’ operating costs, which could result in reduced marketing budgets for our customers and potentially less demand for our platform. Any significant increases in inflation and related increase in interest rates could have a material adverse effect on our business, results of operations and financial condition. Moreover, customers and potential customers may require extended billing terms and other financial concessions, which would limit our ability to grow our business and adversely affect our business, results of operations and financial condition. We also rely on our employees and key personnel to meet the demands of our customers and run our day-to-day operations. In the event of a catastrophic event, the functionality of our employees could be negatively impacted, which could have an adverse effect on our business, financial condition and results of operations. In addition, natural disasters, cybersecurity attacks, market manipulations, supply chain disruptions, acts of terrorism or other catastrophic events could cause disruptions in our or our customers’ businesses, national economies or the world economy as a whole. These provisions also could discourage proxy contests and make it more difficult for stockholders to elect directors of their choosing and to cause us to take other corporate actions they desire, any of which, under certain circumstances, could limit the opportunity for our stockholders to receive a premium for their shares of our capital stock, and also could affect the price that some investors are willing to pay for our Class A common stock. This exclusive forum provision will not apply to any causes of action arising under the Securities Act or the Exchange Act or any other claim for which the federal courts have exclusive jurisdiction. This provision is intended to benefit and may be enforced by us, our officers and directors, the underwriters to any offering giving rise to such complaint, and any other professional entity whose profession gives authority to a statement made by that person or entity and who has prepared or certified any part of the documents underlying the offering. Any person or entity purchasing or otherwise acquiring any interest in any of our securities shall be deemed to have notice of and consented to this provision. This exclusive-forum provision may limit a stockholder’s ability to bring a claim in a judicial forum of its choosing for disputes with us or our directors, officers or other employees, which may discourage lawsuits against us and our directors, officers and other employees.Item 1B. Unresolved Staff CommentsNone. CybersecurityRisk management and strategyWe have implemented and maintain various information security processes designed to identify, assess and manage material risks from cybersecurity threats to our critical computer networks, third-party hosted services, communications systems, hardware and software, and our critical data, including intellectual property, confidential information that is proprietary, strategic or competitive in nature, and customer data (“Information Systems and Data”). Our information security and enterprise risk management function, led by our Chief Information Security Officer (“CISO”) and Chief Compliance Officer (“CCO”), helps identify, assess and manage the Company’s cybersecurity threats and risks, including through the use of the Company’s information security risk register. The information security function helps to identify, assess, and mitigate risks from cybersecurity threats by monitoring and evaluating the relevant threat environment and the Company’s security risk posture using various methods including, for example deploying manual and automated tools in certain environments and systems, subscribing to reports and services that identify certain cybersecurity threats, analyzing reports of certain cybersecurity threats and actors, conducting manual and automated scans of certain environments, evaluating our industry’s risk profile, evaluating certain threats reported to us, coordinating with law enforcement concerning certain threats, conducting internal audits and threat assessments in certain environments and systems, conducting vulnerability assessments in certain environments and systems, and engaging third parties to assist with tabletop incident response exercises.Depending on the results of the assessments and the sensitivity of the respective environments and systems, we implement and maintain various technical, physical, and organizational measures, processes, standards and policies designed to manage and mitigate material risks from cybersecurity threats to our Information Systems and Data, including, for example, incident response plan, vulnerability management standard, disaster recovery and business continuity plans, risk assessments, encryption of certain data, segregation of certain data, network security and access controls in certain environments, asset management, systems monitoring in certain systems, vendor risk management program, employee training, penetration testing, and cybersecurity insurance.Our assessment and management of material risks from cybersecurity threats are integrated into our overall risk management processes. Cybersecurity risk is identified in our risk register, and our information security function works with management to prioritize our risk management processes and mitigate cybersecurity threats that are more likely to lead to a material impact to our business. We use third-party service providers to assist us from time to time to identify, assess, and manage material risks from cybersecurity threats, including, for example professional services firms (including legal counsel), cybersecurity management consultants, cybersecurity software providers, penetration testing firms, and forensic investigators. We also use third-party service providers to perform a variety of functions throughout our business, such as application providers, hosting companies, and supply chain resources. We have a vendor management standard and underlying processes to manage cybersecurity risks associated with our use of these providers. The processes include risk assessments, security documentation reviews, and review of security questionnaires for certain vendors and security audits of certain vendors. Depending on the nature of the services provided, the sensitivity of the Information Systems and Data at issue, and the identity of the provider, our vendor management process may involve different levels of assessment designed to help identify cybersecurity risks associated with a provider and impose contractual obligations related to cybersecurity on the provider. For a description of the risks from cybersecurity threats that may materially affect us and how they may do so, see our risk factors under “Part I. Item 1A.

”GovernanceOur board of directors addresses our cybersecurity risk management as part of its general oversight function. The board of directors’ audit committee is responsible for overseeing our cybersecurity risk management processes, including oversight of mitigation of risks from cybersecurity threats.Our cybersecurity risk assessment and management processes are implemented and maintained by certain members of management, including our CISO, Chief Compliance Officer and General Counsel. Our CISO, who reports to our General Counsel and has the primary responsibility for our cybersecurity risk assessment and management processes, has over a decade of experience as CISO for public companies, as well as in U.S. government security compliance, architecture and design, and systems and standards development.Our CISO is responsible for hiring appropriate personnel, managing the security budget, helping to integrate cybersecurity risk considerations into our overall risk management strategy, communicating key priorities to relevant personnel, providing security and 43security-related risk guidance to leadership relating to product management, development, and operations, helping prepare for cybersecurity incidents, approving cybersecurity processes, and reviewing security assessments and other security-related reports.Our incident response and crisis communications plans are designed to escalate certain cybersecurity incidents to members of the crisis management team depending on the circumstances, which includes our CISO, Chief Compliance Officer, General Counsel, corporate communications team and executive leadership as needed. This group works with our incident response team to help triage, contain, remediate, and recover from cybersecurity incidents of which they are notified. In addition, our incident response and crisis management plans include reporting to the audit committee of the board of directors for certain cybersecurity incidents.The audit committee receives periodic reports from the CISO concerning any significant cybersecurity threats and risks and the processes we have implemented to address them. The audit committee also has access to various reports, summaries or presentations related to cybersecurity threats, risk and mitigation..

Recently Filed

Click on a ticker to see risk factors

Ticker *	File Date
EAWD	19 hours ago
ARAT	20 hours ago
IONM	20 hours ago
NHWK	21 hours ago
GBBK	21 hours ago
APOG	22 hours ago
FWAV	1 day ago
JRSS	1 day, 1 hour ago
PPIH	1 day, 3 hours ago
WAVS	1 day, 17 hours ago
GBNH	1 day, 18 hours ago
ACCD	1 day, 19 hours ago
EFSH	1 day, 21 hours ago
RFAC	1 day, 21 hours ago
GXXM	2 days ago
PGY	2 days, 4 hours ago
KPLT	2 days, 20 hours ago
MSB	2 days, 21 hours ago
MMMB	2 days, 21 hours ago
LVPA	2 days, 23 hours ago
HELE	3 days, 6 hours ago
RILY	3 days, 15 hours ago
BHAC	3 days, 21 hours ago
STZ	4 days ago
ARMT	4 days, 4 hours ago
ARMT	4 days, 5 hours ago
RCFA	4 days, 17 hours ago
FSR	4 days, 18 hours ago
TPIA	4 days, 19 hours ago
MEDS	4 days, 19 hours ago
PVNC	4 days, 20 hours ago
CDTX	4 days, 20 hours ago
ENCP	4 days, 20 hours ago
ACI	5 days, 4 hours ago
AZZ	5 days, 7 hours ago
DGWR	5 days, 7 hours ago
AURX	1 week ago
CIRX	1 week ago
GTCH	1 week ago
HWNI	1 week ago
CSSE	1 week ago
WNLV	1 week ago
RBTK	2 weeks ago
BTTR	2 weeks ago
ROYL	2 weeks ago
VIRC	2 weeks ago
SCS	2 weeks ago
DHAC	2 weeks, 1 day ago
ALOT	2 weeks, 1 day ago
NUBI	2 weeks, 1 day ago

OTHER DATASETS

House Trading

Dashboard

Corporate Flights

Dashboard

App Ratings

Dashboard

Strategies

Alerts

Browse Data

Risk Factors Dashboard

View risk factors by ticker

Search filings by term

Risk Factors - CXM

-New additions in green
-Changes in blue
-Hover to see similar sentence in last filing

$CXM Risk Factor changes from 00/04/03/23/2023 to 00/03/28/24/2024

Recently Filed

OTHER DATASETS

House Trading

Corporate Flights

App Ratings

TRADE SMARTER

TRADE SMARTER

Strategies

Alerts

Browse Data

Risk Factors Dashboard

View risk factors by ticker

Search filings by term

Risk Factors - CXM

-New additions in green-Changes in blue-Hover to see similar sentence in last filing

$CXM Risk Factor changes from 00/04/03/23/2023 to 00/03/28/24/2024

Recently Filed

OTHER DATASETS

House Trading

Corporate Flights

App Ratings

TRADE SMARTER

TRADE SMARTER

-New additions in green
-Changes in blue
-Hover to see similar sentence in last filing