$KLDI Risk Factor changes from 00/03/17/22/2022 to 00/03/28/24/2024

Item 1A. Risk Factors. RISK FACTORS An investment in our securities carries a significant degree of risk.

You should carefully consider the risks described below, together with the financial and other information contained in this Annual Report on Form 10-K, including the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and our consolidated financial statements and related notes, before you make an investment decision regarding our securities. Any one of these risks and uncertainties has the potential to cause material adverse effects on our business, prospects, financial condition and operating results which could cause actual results to differ materially from any forward-looking statements expressed by us and a significant decrease in the value of our securities. Additionally, macroeconomic conditions may amplify many of the risks discussed below to which we are subject and may materially and adversely affect us in ways that are not anticipated by or known to us or that we do not currently consider to present material risk. We may not be successful in preventing the material adverse effects that any of the following risks and uncertainties may cause. These potential risks and uncertainties may not be a complete list of the risks and uncertainties facing us. There may be additional risks and uncertainties that we are presently unaware of, or presently consider immaterial, that may become material in the future and have a material adverse effect on us. You could lose all or a significant portion of your investment due to any of these risks and uncertainties. Privacy and Cybersecurity Risks We collect, store, transmit, use, disclose and otherwise process personal and other regulated or confidential data, primarily on behalf of our clients, which subjects us to laws, governmental regulation and other legal and contractual obligations related to privacy and information security, and our actual or perceived failure to comply with such obligations could adversely affect our business and reputation. The GDPR applies to the processing of personal information carried out by companies established in the European Union (E.U.) but also to the processing carried out by companies not established in the E.U., where such processing relates to (a) the offering of goods or services to data subjects who are in the E.U., or (b) the monitoring of the behavior of data subjects who are in the E.U.. The GDPR imposes several stringent requirements for controllers and processors of personal information (including non-E.U.U. Failure to comply with the requirements of the GDPR and the applicable national data protection laws of the E.U. member states may result in fines of up to €20 million or up to 4% of the total worldwide annual turnover of the preceding financial year, whichever is higher, and other administrative penalties. Complying with the GDPR has required us to implement additional internal processes to seek to ensure that we Process personal information in a compliant way and we have regularly re-drafted all our standard contracts to meet specific articles within the GDPR and new interpretations of 25 the GDPR. As we continue to operate under the GDPR, compliance may become onerous and adversely affect our business, financial condition, results of operations and prospects.5 million (sterling) or 4% of total annual worldwide turnover in the preceding financial year, whichever is higher.U. to the United States. In particular, in July 2020, the E.U.-U.S. Privacy Shield Framework, which allowed for the transfer of personal information from the E.U. to the U.S., was invalidated by the Court of Justice of the European Union, or CJEU, and this was followed in September 2020 by the invalidation of the equivalent Swiss-US Privacy Shield Framework. Three of our group companies were accredited under the E.U.-U.S.U. to the United States. Although the CJEU upheld the adequacy of the standard contractual clauses (a standard form of contract approved by the European Commission as an adequate personal information transfer mechanism) upon which we rely for intra group transfers of personal information (and which is the most widely used transfer mechanism by our clients), it made clear that use of the standard contractual clauses must now be assessed on a case-by-case basis taking into account the legal regime applicable in the destination country, in particular applicable surveillance laws and rights of individuals.U.) has issued guidance concerning data transfers following this CJEU decision which places a higher burden on compliance for data transfers. In June 2021, the European Union has issued a new version of the standard contractual clauses. On July 10, 2023, the European Commission adopted its adequacy decision for the new E.U.-U.S. Data Privacy Framework. This decision concludes that the U.S. ensure an adequate level of protection for personal information transferred from the E.U. to U.S. companies which have self-certified their compliance with the new E.U.-U.S. Data Privacy Framework. The United Kingdom’s exit from the European Union has also imposed different requirements on personal information transfers with the introduction of the International Data Transfer Agreement and the Addendum to the E.U. standard contractual clauses in March 2022. Given these legal developments and the United Kingdom’s potential long-term divergence from E.U. law, the long-term validity of United Kingdom data protection measures remains uncertain, and we could be impacted by changes in law, including any future review of transfer mechanisms by the European courts or any supervisory authorities, which could require us to undertake substantial additional review of agreements on a going forward basis. On September 21, 2023 the UK Secretary of State for Science, Innovation and Technology laid regulations in the UK Parliament to give effect to the decision to establish a UK-U.S. Data Bridge.S. Data Bridge came into effect on 12 October 2023 and permits organizations in the UK to transfer personal information to U.S. organizations which have certified to the UK Extension to the E.U.-U.S. Data Privacy Framework. If we are unable to transfer personal information between and among countries and regions in which we operate, it could affect the manner in which we provide our solutions or could adversely affect our financial results. In the United States, certain state laws, such as the California Consumer Protection Act of 2018 as amended by the California Privacy Rights Act of 2020, or collectively, the CCPA, have established a privacy framework, which applies to entities that conduct business in California. The CCPA includes a private right of action for certain data breaches, with potential for severe statutory damages. Similar comprehensive state privacy laws are also in effect in Virginia [and] Colorado[, Connecticut and Utah].While these laws are substantively similar to the CCPA in many respects, they also include their own unique compliance requirements. The effects of such laws could be significant and may require us to modify our data Processing practices and policies and incur substantial compliance-related costs and expenses. Furthermore, any failure, or perceived failure, by us to comply with any federal, state, local or international data privacy or security laws, regulations, orders, industry self-regulatory standards or principles or privacy-related obligations to clients or other third parties that either legally or contractually apply to our clients or us—including any data security incidents, breaches, or other unauthorized access, acquisition, or disclosure of information affecting us or our third-party service providers—could result in investigations, enforcement actions, regulatory inquiries, fines, litigation, proceedings or other actions against us, injunctive restrictions on data processing, a loss of client confidence, damage to our brand and reputation or a loss of clients, any of which could have an adverse effect on our business. In addition, various federal, state and foreign legislative or regulatory bodies may enact new or additional laws, regulations, directives or industry practices concerning data privacy and security, which may impose new requirements. Significant changes could require us to modify our solutions and features, possibly in a material manner, and may limit our ability to develop new solutions and features that make use of the data that our clients voluntarily share with us. For example, some countries have adopted laws mandating that personal information regarding clients in their country be maintained solely in their country. Having to maintain local data centers and redesign product, service and business operations to limit personal information Processing to within individual countries could increase our operating costs significantly and require that we establish a physical presence in a country or region where we otherwise may not have opened any facilities. Additionally, in connection with some of our product initiatives, we expect that our clients may increasingly use our cloud services to Process personal information and other regulated data. In addition, the increased attention focused upon any liability we may have as a result of lawsuits or regulatory actions could also harm our reputation or otherwise impact the growth of our business. Furthermore, although we market and sell products to our clients to help them comply with federal, state, local and foreign laws, regulations and directives, including the GDPR, our clients are responsible for ensuring they are in compliance with such laws, regulations and directives. Our standard terms of business include caps on liability, where legally permitted, but these may be challenged by clients and disapplied by a court in any judgment against the Company. Our products, SaaS offerings, website and networks are from time to time subject to intentional or accidental disruption and may be subject to unauthorized access, either of which could adversely affect our reputation and business. Despite our precautions and significant ongoing investments to protect against security risks such as data breaches, cyber-attacks and other intentional or accidental disruptions of or unauthorized access to our products, offerings and networks, in light of our business and types and sensitivity of the information we store on behalf of clients, we have been and expect to continue to be an ongoing target of attacks specifically designed to breach or interrupt our networks and systems, which could harm our reputation and result in litigation, fines and penalties. Such cyber-attacks threaten to misappropriate our or our clients’ proprietary or personal information and cause interruptions of our information 27 technology solutions. Because the techniques used by unauthorized persons to access or sabotage networks change frequently and may not be recognized until launched against a target, we may be unable to anticipate or detect these techniques. Further, if unauthorized access or sabotage remains undetected for an extended period of time, the effects of such breach could be exacerbated. In addition, sophisticated hardware and operating system software and applications that we produce or procure from third parties can contain defects in design or manufacture, including “bugs” and other problems that could unexpectedly interfere with the operation of our systems and networks. We have experienced and defended against threats to our systems and security including malware, phishing attacks and Distributed Denial of Service attacks. For example, in 2020 a phishing attack resulted in certain client correspondence being made available to an unauthorized email account for a period of time. This incident was remediated and the investigation showed that the phishing attack did not affect any of our other computer systems, databases or networks, including those systems used to host or transfer client data, and that it was an isolated incident. While this incident and other unsuccessful attempts have not had a material adverse effect on our business to date, we may experience more serious incidents in the future. Our exposure to cybersecurity threats and negative consequences of cybersecurity breaches will likely increase as we store increasing amounts of our clients’ data in cloud-based environments. We outsource a number of our internal business functions to third-party contractors, and some of our client facing business operations depend, in part, on the success of our contractors’ own cybersecurity measures. We also partner with cloud service providers for some client solutions. Similarly, particularly for the Data & Storage Technology business, we rely upon distributors, resellers, system vendors and systems integrators to sell our products and our sales operations depend, in part, on the reliability of their cybersecurity measures. Additionally, we depend upon our employees to appropriately handle confidential information and deploy our IT resources in a safe and secure fashion and in accordance with our policies so as not to expose our network systems to security breaches and the loss of or unauthorized access to data. Should any of the above events occur, we could be subject to significant claims for liability from our clients, consumers and other third parties and regulatory actions from governmental agencies, our ability to protect our intellectual property rights could be compromised and our reputation and competitive position could be significantly harmed. Consequently, our business, financial condition and results of operations would be adversely affected. The markets for our products and solutions are highly competitive and are subject to rapid technological changes and evolving client demands and needs. We compete on the basis of various factors, including product functionality, product integration, platform coverage, quality of service interoperability with third-party technologies, ability to scale and price products and solutions, worldwide sales infrastructure, global technical support, name recognition and reputation. Our competitors vary in size, scope and breadth of the products and solutions they offer and include software vendors that offer software products that directly compete with our product offerings. In our Data & Storage Technology business, we face growing competition from network equipment, computer hardware manufacturers, large operating system providers and other technology companies that increasingly develop and incorporate into their products storage, server management software and backup that compete at some levels with our product offerings. Our competitive position could be materially adversely affected if our clients perceive the functionality incorporated into these products as a replacement for our products. We also compete with smaller and sometimes newer companies, some of which are specialized with a narrower focus than our company, and face competition from other eDiscovery and data management solutions providers. Our competitors invest significantly in research and development as well as sales and marketing. We also face competition from the backup solutions offered by cloud IT providers. It is also possible that certain of our clients have the resources to develop their own products or solutions that could be competitive with our offerings. Our competitors may be able to more quickly adopt new or emerging technologies or address client requirements and new and emerging technologies may allow startup companies to more quickly enter the market than in the past. We may also face increased competition from companies that provide more in-depth offerings, adapting their products and solutions to meet the demands of their clients or combining with one of their competitors to enhance their products and solutions. A number of our principal competitors may continue to make acquisitions to improve the competitiveness of their offerings. Increased competition could cause, among other things, price reductions of our products, reduced profitability and loss of market share. If we fail to effectively compete, our business, financial condition and results of operations would be adversely affected. Nebula is a relatively new offering and we have not derived a significant percentage of our Company’s historical revenue from its sales. The commercial success of Nebula or other new solutions we may offer will depend, in part, upon the degree of market acceptance by our existing and prospective client base. The degree of market acceptance of Nebula and any other solution we may develop in the future will depend on several factors, including the potential and perceived advantages of that solution as compared to other existing alternatives, our ability to offer the solution at competitive prices, the convenience and ease of use of the solution and the strength of our marketing and sales efforts. Any new or otherwise novel solution that we commercialize may not gain acceptance with one or more client groups, meaning we may not generate significant incremental revenue from Nebula. Efforts to educate our existing and prospective clients on the benefits of Nebula, or any other new offering we may develop as compared to other solutions we and our competitors offer, will require committing significant financial and other resources, including the time of our management, sales and marketing teams, and these efforts may not be successful. Further, even if Nebula or another new solution gains some market acceptance, it may nonetheless fail to gain sufficient traction to generate significant additional revenue. We may also over-estimate the size of the potential market for new products such as Nebula. Further, the means by which we make new solutions available to clients, such as the partner channel for Nebula, may not be successful. If Nebula does not achieve widespread acceptance, or in the future if there is a reduction in demand for Nebula caused by a lack of client acceptance, technological challenges, weakening economic conditions, security or privacy concerns, competing technologies and products, decreases in corporate spending, or otherwise, our business, financial condition and results of operations could be adversely affected. Our business depends on clients increasing their use of our solutions and services and any decline in their use of our solutions and services or failure to grow revenues with existing clients could adversely affect our business. Our ability to grow and generate incremental revenue depends, in part, on our ability to maintain our relationships with existing clients and to grow their usage of our solutions and services. Most of our clients do not have long-term contractual financial commitments to us and, therefore, most of our clients, particularly those under usage-based or project-based arrangements, may reduce or cease their use of our solutions and services at any time, with little or no notice and without incurring any financial penalties. Clients on subscription-based arrangements may choose not to renew their agreement with us. Clients may reduce or terminate their use of our solutions and services or choose not to renew their agreement(s) with us for any number of reasons, including the settlement or other resolution of legal matters, reductions in the volume of major legal matters, budget constraints, dissatisfaction or negative perceptions regarding the reliability of our solutions and services, changes in our clients’ underlying businesses and financial conditions, changes in the type and size of our clients, pricing changes, legal industry trends from litigation toward alternative forms of dispute resolution, competitive conditions and general economic conditions. In addition, even if our clients expand their usage of our solutions and services, we cannot guarantee that they will maintain those usage levels for any meaningful period of time. Existing clients may also negotiate lower rates for their usage in exchange for an agreement to renew, enter into a subscription agreement, expand their usage in the future or adopt new solutions and services. As a result, the revenue we derive from consistent usage levels may decrease over time. If existing clients reduce their usage of or rates of payment for, or do not continue to use our solutions and services, our business, financial condition and results of operations could be adversely affected. Our future growth and financial performance also depends in part on our ability to expand our existing client relationships by increasing usage, increasing the number of clients on subscription-based agreements and selling additional solutions and services to our existing clients. The rate at which our clients purchase solutions and services from us depends on a number of factors, including our ability to develop additional solutions and services and the quality of such applications, general economic conditions and pricing and services offered by our competitors. If our efforts to increase usage, increase the number of clients on subscription-based agreements and sell additional solutions and services to our clients are not successful, our business, financial condition and results of operations may be adversely affected. We must attract new clients to continue to grow our business and our success in doing so will depend to a substantial extent on the widespread adoption of our solutions and services, including Nebula, by new clients. Achieving new client growth may require significant and costly sales efforts and will depend on the effectiveness of our sales organization. A number of factors, many of which are beyond our control, could impact our ability to acquire new clients, including, but not limited to, our competitors’ offerings, prospective new clients’ commitments to other providers, the real or perceived cost of switching to our solutions or services, our failure to develop and maintain relationships with prospective clients and our partner ecosystem, our failure to help clients successfully deploy our solutions and services, negative media or industry commentary regarding us or our offerings, the general level of litigation activity, and our failure to expand, retain and motivate our sales and marketing personnel. Any failure to grow our existing client base as a result of these or other factors could adversely affect our business, financial condition and results of operations. We may need to change our pricing models in order to compete successfully. General economic and business conditions together with intense competition in the sales of our products and solutions place pressure on us to reduce prices for our software and solutions, and we frequently encounter aggressive price competition. If our competitors offer deep discounts on certain products or solutions or develop products that the marketplace considers more valuable than ours, we may need to lower our prices or offer other incentives in order to compete successfully. Any such changes may reduce margins and could adversely affect operating results or require that we offer our products or solutions at, or in certain cases, below our cost. Additionally, the increasing prevalence of cloud and SaaS delivery models offered by us and our competitors may unfavorably impact pricing of both our on-site software business and our cloud business, as well as overall demand for our on-site software product and solutions, which could reduce our revenues and profitability. Industry pricing models are evolving, and we anticipate that clients may increasingly request alternative pricing models. Moreover, the use of evolving technology by our clients to develop more complex pricing models may lead to additional pricing pressures. If we are unable to adapt our operations to these evolving pricing models, our results of operations may be adversely affected or we may not be able to offer pricing that is attractive relative to our competitors. Any broad-based change to our prices and pricing policies could cause our revenues to decline or be delayed as our sales force implements, and our clients adjust to, such new pricing policies. Some of our competitors may bundle products for promotional purposes or as a long-term pricing strategy or provide guarantees of prices and product implementations. These practices could, over time, significantly constrain the prices that we can charge for certain of our products. If we do not adapt our pricing models to reflect changes in client use of our products or changes in client demand, our revenues could decrease. An increase in open source software distribution may also cause us to change our pricing models. Any of the foregoing risks with respect to our pricing policies could adversely affect our business, financial condition and results of operations. Our clients depend upon our client service and support staff to meet their eDiscovery needs and they demand high-quality support services. Failure to meet that demand could negatively affect our reputation in the marketplace and could adversely affect sales of our services and solutions. Further, we may be unable to respond quickly enough to accommodate short-term increases in client demand for support services. We also may be unable to modify the format of our support services to compete with changes in support services provided by competitors or successfully 31 integrate support for our clients. Further client demand for these services could increase our costs and adversely affect our operating results. Any failure to respond to the foregoing or other related risks could adversely affect our business, financial condition and results of operations. If we are unable to develop new and enhanced products and solutions that achieve widespread market acceptance, or if we are unable to continually improve the performance, features and reliability of our existing products and solutions or adapt our business model to keep pace with industry trends, our business could be adversely affected. The markets in which we compete are characterized by rapid technological change, frequent new product introductions, evolving industry standards and changing client needs. We believe that key competitive factors in the markets we serve include the breadth and quality of professional services, system and software solutions, product integration, platform coverage, the stability of our information systems, the features and capabilities of our product and solutions, the pricing of our products and solutions, and the potential for future product and solution enhancements. Our future success depends in part on our ability to keep pace with technological changes and to respond to the rapidly changing needs of our clients by developing or introducing new products, product upgrades and solutions on a timely and cost-effective basis. We have in the past incurred, and will continue to incur, significant research and development expenses as we strive to remain competitive. Clients may require features and capabilities that our current products and solutions do not have, such as remote collections from mobile phones. We need to successfully respond to significant market challenges to our existing product portfolio as well as invest in new growth areas based on our core technical capabilities. Our failure to develop products and solutions that satisfy client preferences in a timely and cost-effective manner may harm our ability to maintain relationships with existing clients, as well as our ability to create or increase demand for our products and solutions, and may materially adversely affect our operating results. As competition in the IT industry increases, it may become increasingly difficult for us to maintain a technological advantage and to leverage that advantage toward increased revenues and profits. If we are not successful in managing these risks and challenges, if our new products, product upgrades and solutions are not technologically competitive or do not achieve market acceptance, or if our efforts are more costly or resource-intensive than anticipated or fail to achieve the expected outcomes, our business, financial condition and results of operations could be adversely affected. We are heavily reliant on our technology and infrastructure to provide our products and solutions to our clients. For example, we provide solutions through computer hardware that is located in our 9 global data centers around the world as well as in cloud-based data centers offered through the Microsoft Azure Cloud. Our physical data centers are vulnerable to damage, interruption or performance problems from earthquakes, floods, fires, power loss, terrorist attacks, telecommunications failures and similar events. They are also subject to break-ins, computer viruses, sabotage, intentional acts of vandalism and similar misconduct. The occurrence of any of these events, a decision to close a data center, or other unanticipated problems could result in interruptions in the delivery of certain of our products and solutions. Any errors, defects, disruptions or other performance problems with our systems, products and solutions could reduce our revenue, cause us to issue credits or pay penalties, cause clients to terminate their agreements with us, commence or threaten litigation against us, harm our reputation and damage our clients’ businesses. We have experienced and may in the future experience disruptions, outages and other performance problems due to a variety of factors, including infrastructure changes, natural disasters, power outages, human or software errors, capacity constraints due to an overwhelming number of users accessing our website simultaneously, fraud or security attacks. Further, use of our solutions typically requires network and internet connectivity and our clients may experience disruptions, outages and other performance problems with their network or internet access independent of whether our systems are operating normally, which could affect their ability to use our products and solutions. In some instances, we may not be able to identify the cause or causes of these performance problems within an acceptable period of time or at all. Interruptions in our products and solutions could cause clients to cease doing business with us and adversely affect our reputation. In addition, our business would be harmed if any events of this nature caused our clients and potential clients to believe our solutions are unreliable. Our operations are dependent upon our ability to protect our technology infrastructure against damage from business continuity events that could have a significant disruptive effect on our operations and any failure to do so could adversely affect our business, financial condition and results of operations. Certain of our products and solutions utilize software solutions developed by us or third parties for our clients’ needs, and new releases of software products are issued to our clients periodically. Complex software products, such as those we offer, may contain undetected errors or defects, especially when they are first introduced or new versions are released. Despite testing, these undetected errors may be discovered only after a product has been installed and used either in our internal processing system or by our clients, and could result in unanticipated service interruptions or other performance problems and cause damage to our clients’ businesses. If that occurs, clients could elect not to renew with us, to delay or withhold payment to us, or to make warranty or other claims against us, and we could be obligated to provide service credits based on our failure to meet service level commitments, which could result in additional expense and risk of litigation. Promotion and enhancement of our name will depend largely on our success in continuing to provide effective products and solutions. The occurrence of errors in our products or solutions, the discovery of security vulnerabilities or the detection of bugs by our clients may damage our reputation in the market and our relationships with our existing clients, and as a result, we may be unable to attract or retain clients. In addition, because our products and solutions are used to manage data that is often critical to our clients, they may have a greater sensitivity to defects in our products than to defects in other, less critical, applications. As a result, the licensing and support of our products and solutions involve the risk of product liability claims. Our license agreements with our clients typically contain provisions designed to limit our exposure to potential product liability claims. However, the limitation of liability provisions contained in our license agreements vary and may not be effective as a result of existing or future national, federal, state or local laws or ordinances or unfavorable judicial decisions. Although we have not experienced any material product liability claims to date, the sale and support of our products entail the risk of such claims, which could be substantial in light of the use of our products in enterprise-wide environments. In addition, our insurance against product liability may not be adequate to cover all potential claims. Any of the foregoing risks or others related to defects, disruptions, or performance problems related to the provision of our product and solutions could adversely affect our business, financial condition and results of operations. A large number of our proprietary software and applications are built on commonly used “open source” licenses, which carries its own unique risks. Some open source licenses contain terms that may, depending on how the licensed software is used or modified, require that we make available source code for modifications or derivative works we create based upon the licensed open source software, authorize further modification and redistribution of that source code, make that source code available at little or no cost, or grant other licenses to our intellectual property. If we combine, distribute, link or convey our proprietary software together with open source software in a certain manner, we could, under certain open source licenses, be required to release the source code of our proprietary software. These scenarios could enable our competitors to create similar offerings with lower development effort and time and ultimately could result in a loss of our competitive advantages. Alternatively, to avoid the release of the affected portions of our source code, we could be required to purchase additional licenses, expend substantial time and resources to re-engineer some or all of our software or cease use or distribution of some or all of our software until we can adequately address the concerns. Use of open source software can also present additional security risks because the public availability of such software may make it easier for hackers and other third parties to determine how to compromise our systems. In addition, use and distribution of open source software may entail greater risks than use of third-party commercial software, as open source licensors generally do not provide support, warranties, indemnification, or other contractual protections regarding infringement claims or the quality of the code. Any of the foregoing or other risks related to the use of open source software could adversely affect our business, financial condition and results of operations. The terms of many open source licenses have not been interpreted by U.S. or foreign courts and there is a risk that these licenses could be construed in a way that could impose unanticipated conditions or restrictions on our ability to provide or distribute our products and solutions. From time to time, there have been claims challenging the ownership of open source software against companies that incorporate open source software into their solutions. As a result, we could be subject to lawsuits by parties claiming ownership of what we believe to be open source software. We license certain eDiscovery-related software from third parties and incorporate or integrate such components into and with our solutions and products. For instance, we integrate third-party solutions licensed from certain providers such as Relativity, a key supplier of one of our eDiscovery platforms, with our eDiscovery solutions and products. While we have developed our own proprietary platforms, certain third-party software, such as that licensed from Relativity, has become central to the operation and delivery of our eDiscovery solutions and products. Certain of our third-party software license contracts expire within the next one to three years and may be renewed only by mutual consent. For instance, our license agreement with Relativity expires on June 30, 2027. There is no assurance that we will be able to renew these contracts as they expire or that such renewals will be on the same or substantially similar terms or on conditions that are commercially reasonable to us. If we fail to renew these contracts as they expire, we may be unable to offer certain eDiscovery-related solutions and products to our clients. In addition, our third-party software licenses are non-exclusive. For example, all of our primary competitors in the eDiscovery business use Relativity in connection with their eDiscovery platforms (in addition to any proprietary platforms that they may own themselves). If certain of our third-party licensors were to terminate our licenses, change their product offerings, cease actively supporting their existing technologies, fail to update and enhance their technologies to keep pace with changing industry standards, encounter technical difficulties in the continued development of their technologies, significantly increase prices, suffer significant capacity or supply chain constraints or suffer other disruptions, we would need to identify alternative suppliers and incur additional internal and/or external development costs to ensure continued performance of our eDiscovery-related solutions and products. Such alternatives may not be available on attractive terms, or at all, or may not be as widely accepted or as effective as the software provided by our existing suppliers. If the cost of licensing or maintaining this third-party technology significantly increases, our margins could significantly decrease. In addition, interruptions in the functionality of our solutions and products resulting from changes in or with our third-party licensors could adversely affect our commitments to clients, reputation, future sales of our services and products solutions, and materially and adversely affect our business, financial condition and results of operations. We utilize various web service providers, such as Microsoft Azure, for the delivery of our cloud-based products. These solutions are operated by third parties that we do not control and that could require significant time to replace. We expect this dependence on third parties to continue. These systems are vulnerable to damage or interruption and have experienced interruptions in the past. A prolonged web service disruption affecting our cloud-based offerings for any of the foregoing reasons would negatively impact our ability to serve our clients and could damage our reputation with current and potential clients, expose us to liability, cause us to lose clients or otherwise harm our business. We may also incur significant costs for using alternative equipment or taking other actions in preparation for, or in reaction to, events that damage the web services we use. Interruptions in these third party-services on which we rely could affect the security or availability of our products and cloud infrastructure and could have a material adverse effect on our business. In addition, these web services providers may generally terminate our agreements for convenience upon providing some nominal period of notice and may terminate our agreements for cause if a breach by us has not been cured within a short time period. We rely on our IT to help us effectively manage our client relationships, sales information, order processing and support and marketing services, and we anticipate that the implementation of new consolidated business systems will improve our processes. However, implementations such as these are complex and time-consuming projects that require transformations of business and finance processes, and there is a risk that implementation of these new systems will not achieve these expected benefits as quickly as anticipated or at all. In addition, there can be no assurance that there will not be errors, delays or other related issues resulting from the transition to our new business systems and adjustments to associated business processes, or that we will be able to fix any error or issue. These risks include loss of information, the compromise of data integrity and control systems and the potential disruption to our normal business operations and financial reporting processes. Additionally, if the new system does not operate as intended, the effectiveness of our internal control over financial reporting could be adversely affected and our ability to assess those controls adequately could be delayed. Such errors, interruptions, delays or other issues may also result in unanticipated costs or expenditures and divert the attention of key senior management away from other aspects of our business, any of which may adversely affect our business, financial condition and results of operations. If we do not protect our proprietary rights and information and prevent third parties from making unauthorized use of our products and technology, our business could be adversely affected. Most of our products and underlying technology is proprietary. We seek to protect our proprietary rights through a combination of confidentiality agreements and procedures, and through copyright, patent, trademark and trade secret laws of the United States and international jurisdictions. In addition, we use licenses, non-disclosure agreements and other agreements to restrict the use of our products by our clients and other third parties. However, all of these measures afford only limited protection and may be challenged, invalidated, disregarded, declared unenforceable or circumvented by third parties, subject to government march-in or sovereign rights or compulsory licensing, sunshine laws or be subject to freedom of information requests or court-ordered public disclosure, and we may not have effective remedies to protect our proprietary rights. Third parties may copy, reverse engineer all or portions of our products and underlying technology or otherwise misappropriate, disparage, dilute, steal, otherwise improperly use, distribute or sell our proprietary technology without authorization. Moreover, we may not be able to obtain effective protection for the technology underlying our new products and solutions as they are developed. For example, any of our pending or future patent applications, whether or not being currently challenged, may not be issued with the scope of the protection we seek, if at all. Furthermore, confidentiality procedures and contractual provisions can be difficult to enforce and, even if successfully enforced, may not have effective remedies available to ameliorate unauthorized use or disclosure of our intellectual property. Third parties may also develop similar or superior technology by designing around our patents and the other intellectual property protections or independently developing technology that does not infringe, misappropriate or violate our intellectual property rights. Our intellectual property may also be replaced or rendered obsolete by new technologies to which we have no right of use or can only acquire such use at unreasonable or unsustainable costs. Furthermore, the laws of some foreign countries do not offer the same level of protection or enforcement of our proprietary rights as the laws of the United States, and we may not be able to prevent unauthorized use of our products in those countries. For example, for some of our products, we rely on “shrink-wrap” or “click-wrap” licenses, which may be unenforceable in whole or in part in some jurisdictions in which we operate. The unauthorized sale, distribution or use of our products or proprietary technology could result in reduced sales of our products, or diminish our brand and reputation. In addition, any legal action we engage in to protect our proprietary technology could be costly, may distract management from day-to-day operations and may lead to additional claims against us, and we may not succeed; any of which could adversely affect our business, financial condition and results of operations. The software and internet industries are characterized by frequent litigation based on allegations of infringement or other violations of intellectual property rights. We have received in the past, and may receive in the future, communications from third parties alleging infringement of their intellectual property rights, including claims regarding patents, copyrights, trade secrets and trademarks. We also incorporate technology from third parties into our software and systems and, as such, cannot be certain that these licensors are not infringing the intellectual property rights of others or that the suppliers and licensors have sufficient rights to the technology in all jurisdictions in which we may offer our products and solutions. Because of the constant technological change in the markets in which we compete and the extensive coverage of intellectual property protection for existing technologies, including software patents, it is possible that the number of these claims may grow. In addition, former employers of our former, current or future employees may assert claims that such employees have improperly disclosed to us the confidential or proprietary information of these former employers. Many potential litigants, including some of our competitors and patent-holding companies, have the ability to dedicate substantial resources to assert their intellectual property rights. Any such intellectual property claim, with or without merit, could result in costly litigation and distract management from day-to-day operations, and the outcomes of such claims are inherently uncertain. Also, because of the significant amount of discovery required in connection with intellectual property litigation, we may risk compromising confidential or proprietary information if litigation ensued. If we are not successful in defending such claims, we may be subject to an injunction or other restrictions that could require us to stop selling, delay shipments of or redesign our products, stop offering (or temporarily stop offering) our solutions to others, pay royalties, fines or other monetary amounts as damages, enter into royalty or licensing arrangements or satisfy indemnification obligations that we have with some of our clients. There is no assurance that any royalty or licensing arrangements we may seek in such circumstances will be available on commercially reasonable terms or at all. In addition, certain client agreements require us to indemnify our clients for third-party intellectual property infringement claims, which would increase the cost to us of an adverse ruling on such a claim. While our standard client agreements include contractual caps on liability, there is no guarantee that these would be upheld by a court. At times, even if we believe a suit is without merit, we may determine it is prudent to settle it in a way that restricts our use of the technology or requires us to pay monetary amounts. We have made and expect to continue making significant expenditures to preempt, investigate, defend and settle claims related to the use of technology and intellectual property rights, including trademarks, as part of our strategy to manage this risk. However, any alleged infringement or other violation of a third party’s intellectual property rights could adversely affect our business, financial condition and results of operations. Other Business Risks We have a history of losses and may not be able to achieve or sustain profitability in the future. We may not be able to increase the amount of revenues or cash flow we generate, and we might continue to incur net losses for some time as we continue to grow. We have experienced net losses for a number of years, including net losses of $(34. As of December 31, 2023, we had an accumulated deficit of $394.0 million. If we fail to increase our revenue to offset the increases in our operating expenses, we may not achieve or sustain profitability in the future. Our future success depends upon the continued service and performance of our senior management team and key technical and sales personnel. If we lose any of our senior management team or key technical and sales personnel, we may be unable to effectively manage our current and future operations, including maintaining and growing existing, and developing new, client relationships. Our ability to increase our client base and usage of our solutions, including Nebula, will significantly depend on our ability to successfully retain our sales and marketing teams and execute our sales strategy. Further, our top three sales representatives were responsible for approximately 29% of our sales for the twelve-months ended December 31, 2023. If any of our top sales personnel cease working for us, we may lose existing business from clients who had relationships with specific sales representatives and we may not be able to grow our business as quickly, or to the extent, we expect. There is a limited pool of employees who have the requisite skills, training and education. We face intense competition for qualified individuals from numerous technology, software, startup and emerging growth companies, which are active in many of the technical areas and geographic regions in which we conduct product development. Attracting and retaining highly skilled employees will be costly as we offer competitive compensation packages to prospective and current employees. For example, we have agreed to provide payments to various current employees in connection with certain changes of control, and such payments may, in the aggregate, be material to us. Further, because our common stock is not listed on a national securities exchange, our ability to use equity compensation may be more limited, and this type of compensation may not be as attractive to a prospective employee as it would if we were listed on an exchange. If we are unable to continue to successfully recruit and retain the most skilled and capable senior managers and key technical and sales employees, particularly in connection with our current plan to significantly increase our sales and marketing and research and development teams, our ability to implement our business plan, growth strategy and develop and maintain our software and solutions, including Nebula, could be adversely affected, any of which could adversely affect our business, financial condition and results of operations. If we are unable to maintain, promote or expand our brand through effective marketing practices, our brand and business could be adversely affected. We believe that maintaining and promoting our brand in a cost-effective manner is critical to retaining and expanding our client base. We have invested considerable money and resources in the establishment and maintenance of our brand, and we will continue to invest resources in brand marketing and other efforts to continue to preserve and enhance consumer awareness. If we fail to successfully promote and maintain our brand or if we incur excessive expenses in this effort, our business, financial condition and results of operations could be adversely affected. We utilize internet search engines such as Google, principally through the purchase of keywords, to generate additional traffic to our websites. The number of users we attract from search engines to our websites is due in large part to how links to our websites are displayed on search engine results pages. Search engines frequently update and change the algorithm that determines the placement and display of results of a user’s search, such that the purchased or algorithmic placement of links to our websites can be negatively affected. In addition, a significant amount of traffic is directed to our websites through our participation in pay-per-click and display advertising campaigns on search engines. If a major search engine changes its algorithms or results in a manner that negatively affects the search engine ranking, paid or unpaid, of our websites, our business, financial conditions and results of operations would be adversely affected. We have acquired businesses in the past, and we may consider opportunities in the future to acquire other companies, assets or product lines that complement or expand our business. Risks related to acquisitions and the integration of businesses we may acquire could have an adverse effect on our business. Achieving the anticipated benefits of any acquisitions depends on a number of factors, including whether we can identify and execute on suitable acquisition targets as well as integrate new businesses in an efficient and effective manner. Because of difficulties in combining operations and systems which may not be fully compatible and may be geographically distant, we may not be able to achieve the financial strength and growth and other benefits we anticipate from an acquisition. Any failure to integrate acquired businesses and operations efficiently and effectively or fail to realize the benefits we anticipate could adversely affect our business, financial condition and results of operations. Our international business operations subject our business to additional risks. We have significant international operations with 26 locations in 17 countries, including data centers in Canada, England, France, Germany, Ireland and Japan. We may expand our international operations if we identify growth opportunities.S. Foreign operations bring increased complexity and the costs of managing or overseeing foreign operations, including adapting and localizing solutions or systems to specific regions and countries, can be material. Our overall success as a global business depends, in part, on our ability to anticipate and effectively manage these risks, and there can be no assurance that we will be able to do so without incurring unexpected costs. If we are not able to manage the risks related to our international operations, our business, financial condition and results of operations may be materially affected. We may need to recognize impairment charges related to goodwill, identified intangible assets and fixed assets. We have substantial balances of goodwill and identified intangible assets. We are required to test goodwill and any other intangible assets with an indefinite life for possible impairment on an annual basis, or more frequently when circumstances indicate that impairment may have occurred. We are also required to evaluate amortizable intangible assets and fixed assets for impairment if there are indicators of a possible impairment. There is significant judgment required in the analysis of a potential impairment of goodwill, identified intangible assets and fixed assets. If, as a result of a general economic slowdown, deterioration in one or more of the markets in which we operate or impairment in our financial performance and/or future outlook, the estimated fair value of our long-lived assets decreases, we may determine that one or more of our long-lived assets is impaired. An impairment charge would be recorded if the estimated fair value of the assets is lower than the carrying value and any such impairment charge could have a material adverse effect on our results of operations and financial position. For example, we recorded an impairment charge of $22.5 million in 2021 associated with our intangible assets. The insurance coverage that we purchase may prove to be inadequate or unavailable when we need the coverage. We carry liability, property, directors and officers, business interruption, Cyber and other insurance policies to cover insurable risks to our company. We select the types of insurance, the limits and the deductibles based on our specific risk profile, the cost of the insurance coverage versus its perceived benefit and general industry standards. Our insurance policies contain industry standard exclusions for events such as war. Although we generally attempt to select reputable insurance carriers, any economic disruptions may prevent us from using our insurance if the counterparty does not have the capital necessary to meet the coverage. In addition, our agreements with clients also contain obligations to carry comprehensive general liability, property, workers’ compensation, and automobile liability insurance. Any of the limits of insurance that we purchase could prove to be inadequate, which could materially and adversely impact our business, financial condition and results of operations. Our sales cycles with clients can be long and unpredictable and our sales efforts require significant time and expense. The timing of our sales with our clients and related revenue recognition is difficult to predict due to the length and unpredictability of the sales cycle for our clients. In addition, the lengthy sales cycle for the evaluation and implementation of our solutions may also cause us to experience a delay between incurring expenses for such sales efforts and the generation of corresponding revenue. The length of our sales cycle can vary substantially from client to client. Our sales efforts, include educating our clients about the use, technical capabilities and benefits of our solution. The clients we serve often undertake a prolonged evaluation process, which frequently involves not only our solution but also those of our competitors. In addition, the size of potential clients may lead to longer sales cycles. During the sales cycle, we expend significant time and resources on sales and marketing and contract negotiation activities, which may not result in a completed sale. Further, some of our potential clients may undertake a significant evaluation and negotiation process due to size, organizational structure and approval requirements, all of which can lengthen our sales cycle. We may also face unexpected deployment challenges or more complicated deployment of our solution. These clients may demand additional features, support services and pricing concessions or require additional security management or control features. We may spend substantial time, effort and money on sales efforts to our potential clients without any assurance that our efforts will produce any sales. As a result, it is difficult to predict exactly when, or even if, we will make a sale to a potential client or if we can increase sales to our existing clients. Any of the foregoing could have an adverse effect on our business, financial condition and results of operations. Our business activities are subject to various export controls and trade and economic sanctions laws and regulations, including, without limitation, the U.S. Commerce Department’s Export Administration Regulations, the U.S. Treasury Department’s Office of Foreign Assets Control’s trade and economic sanctions programs, the United Nations Security Council, and other laws and regulations of a similar nature administered and enforced by relevant government authorities (collectively, “Trade Controls”). Such Trade Controls may prohibit or restrict our ability to, directly or indirectly, conduct activities or dealings in or with certain countries, as well as with individuals or entities that are the subject of Trade Controls-related prohibitions and restrictions. For example, our ability to procure items necessary for our business activities could be adversely impacted by the imposition of export or sanctions-related prohibitions or restrictions on our contractual counterparties. Similarly, our sales of certain commodities, software and technology, and our provision of solutions to persons located outside the United States may be subject to certain regulatory prohibitions, restrictions or other requirements, including certain licensing or reporting requirements. Similarly, our ability to procure such items necessary for our business activities could be adversely impacted by the imposition of export or sanctions-related prohibitions or restrictions on our contractual counterparties. Our failure to successfully comply with applicable Trade Controls may expose us to negative legal and business consequences, including civil or criminal penalties, government investigations, disgorgement of profits, injunctions and suspension or debarment from government contracts, other remedial measures, and reputational harm. Investigations of alleged violations can be expensive and disruptive. Doing business on a worldwide basis requires us to comply with anti-corruption laws and regulations imposed by governments around the world with jurisdiction over our operations, which may include the Foreign Corrupt Practices Act, or the FCPA, and the U.K. Bribery Act 2010, as well as the laws of the countries where we do business. These laws and regulations apply to companies, individual directors, officers, employees and agents, and may restrict our operations, trade practices, investment decisions and partnering activities. Where they apply, the FCPA and the U.K. Bribery Act prohibit us and our officers, directors, employees and business partners acting on our behalf, including joint venture partners and agents, from corruptly offering, promising, authorizing or providing anything of value to “foreign officials” for the purposes of influencing official decisions or obtaining or retaining business or otherwise obtaining favorable treatment. The U.K. Bribery Act also prohibits non-governmental “commercial” bribery and accepting bribes. As part of our business, we may deal with governments and state-owned business enterprises, the employees and representatives of which may be considered “foreign officials” for purposes of the FCPA and the U.K. Bribery Act. We also are subject to the jurisdiction of various governments and regulatory agencies around the world, which may bring our personnel and agents into contact with “foreign officials” responsible for issuing or renewing permits, licenses or approvals or for enforcing other governmental regulations. In addition, some of the international locations in which we operate lack a developed legal system and have elevated levels of corruption. Our global operations expose us to the risk of violating, or being accused of violating, anti-corruption laws and regulations. Our failure to successfully comply with these laws and regulations may expose us to reputational harm as well as significant sanctions, including criminal fines, imprisonment, civil penalties, disgorgement of profits, injunctions and suspension or debarment from government contracts, as well as other remedial measures. Investigations of alleged violations can be expensive and disruptive. Despite our compliance efforts and activities, we cannot assure compliance by our employees or representatives for which we may be held responsible, and any such violation could materially adversely affect our reputation, business, financial condition and results of operations. The legal industry is highly regulated and we are or may become subject to a wide range of foreign, federal, state and local laws, rules and regulations, and any failure to comply with these laws, rules and regulations may adversely affect our business. The legal industry is and will continue to be subject to extensive and evolving U.S. federal, state and foreign laws, rules and regulations, including the rules and regulations of the organizations and other authorities governing the legal profession in the jurisdictions in which we or our clients operate. These laws, rules and regulations can vary significantly from jurisdiction to jurisdiction. For example, in the United States, each state has adopted laws, regulations and codes of ethics that provide for the licensure of attorneys, generally grant licensed attorneys the exclusive right to practice law in that state and place restrictions upon the activities of licensed attorneys. As a company, we are not authorized to practice law. In the United States, we may not provide legal advice to our clients, primarily because we do not meet the ethical and regulatory requirements, present in nearly every U.S. jurisdiction, of being exclusively owned by licensed attorneys. Although we believe that our operations are either compliant with, or not subject to, these and other regulatory requirements of the jurisdictions in which we or our clients operate, regulators or other authorities of such jurisdictions could disagree. In such circumstances, regulators may enjoin our operations, subject us to rules governing conflicts of interests, require registration, seek to impose punitive fines or sanctions or take other disciplinary actions against us, our employees or our clients, any of which may inhibit our ability to do business in those jurisdictions. In addition, we are subject to regulations and laws specifically governing the internet and the collection, storage, processing, transfer and other use of personal information and other client data. We are also subject to laws and regulations involving taxes, import/export, privacy and data security, anti-spam, content protection, electronic contracts and communications, mobile communications, unencumbered internet access to our products and solutions, the design and operation of websites and internet neutrality. Any failure to comply with these rules and regulations, or any allegations of our failure to comply whether or not we believe they have merit, could adversely affect our business, financial condition and results of operations. 42 The foregoing description of laws, rules and regulations to which we are or may be subject is not exhaustive and the regulatory framework governing our operations is subject to evolving interpretations and continuous change. Moreover, if we expand into additional jurisdictions, we will be subject to additional laws and regulations. Litigation and other legal and regulatory claims and proceedings could have an adverse effect on us. From time to time we have been and may in the future be involved in litigation and other legal and regulatory claims or proceedings that arise in and outside the ordinary course of business, some of which could be material. We expect that the number, frequency and significance of these matters may increase as our business continues to expand, including entering new jurisdictions, and we grow as a company. In addition to the types of claims discussed in elsewhere in “—Legal and Regulatory Risks,” we have been, and may in the future be, subject to claims involving commercial disputes, intellectual property matters, labor and employment matters, such as complaints filed with the U.S. Equal Employment Opportunity Commission or claims brought under the Fair Labor Standards Act, and other matters. We may also be exposed to potential claims arising from the conduct of our employees for which we may be liable. In addition to more general litigation, because of the nature of our business and the fact that most client projects utilizing our offerings are legal matters, at times we are also a named party in these matters because of the use of our services and solutions, including with respect to billing matters. Any legal or regulatory claims against us or investigation into our business, whether meritorious or not, can be time consuming, result in significant legal and other expenses, require significant amounts of management’s time and divert significant operational resources. Class action lawsuits are often particularly burdensome given the breadth of claims, large potential damages and significant defense costs. Claims and proceedings can also impact client confidence and the general public’s perception of our company, even if the underlying allegations are proven false. While we from time to time establish legal reserves that we believe to be reasonable under the facts known, the outcomes of litigation and other legal and regulatory claims and proceedings are often hard to reliably predict, making the timing and amount of any reserves difficult to determine and, if a reserve is established, often subject to future revision. Although we carry general liability insurance coverage, our insurance may not cover all potential losses to which we may be subject as a result of litigation and other claims. Any claims or proceedings, particularly those in which we are unsuccessful or for which we did not establish adequate reserves or are not adequately insured, could have an adverse effect on our business, financial condition and results of operations. Our ability to use our net operating loss carryforwards and certain other tax attributes may be limited and could adversely affect our business, financial condition and operating results. Under Sections 382 and 383 of the Internal Revenue Code of 1986, as amended, the Code, if a corporation undergoes an “ownership change,” the corporation’s ability to use its pre-change net operating loss, or NOL, carryforwards and other pre-change tax attributes to offset its post-change income and taxes may be limited. In general, an “ownership change” occurs if there is a cumulative change in our ownership by one or more “5% shareholders” (as defined under U.S. income tax laws) that exceeds 50 percentage points over a rolling three-year period. Similar rules apply under state tax laws. We believe it is possible that we may experience an ownership change in the future as a result of future offerings or subsequent shifts in our stock ownership, some of which are outside our control, in which case we may be limited in our ability to use our net operating loss carryforwards and other tax assets to reduce taxes owed on the net taxable income that we earn. If finalized, Treasury Regulations currently proposed under Section 382 of the Code may further limit our ability to utilize our pre-change NOL and tax credit carryforwards if we undergo such an ownership change.

See Note 13 – Income Taxes to our audited consolidated financial statements included elsewhere in this Annual Report on Form 10-K. We are subject to income taxes in the United States and various non-U.S. jurisdictions. Our effective tax rate could be adversely affected by changes in the allocation of our pre-tax earnings and losses among countries with differing statutory tax rates, in certain non-deductible expenses as a result of acquisitions, in the valuation of our deferred tax assets and liabilities, or in federal, state, local or non-U.S. Increases in our effective tax rate would adversely affect our operating results. In addition, we may be subject to income tax audits by various tax jurisdictions throughout the world. The application of tax laws in such jurisdictions may be subject to diverging and sometimes conflicting interpretations by tax authorities in these jurisdictions. Although we believe our income tax liabilities are reasonably estimated and accounted for in accordance with applicable laws and principles, an adverse resolution of one or more uncertain tax positions in any period could have a material impact on the results of operations for that period. We have not historically filed sales and use tax returns or collected sales and use taxes in all jurisdictions in which we have sales, based on our belief that such taxes are not applicable. Taxing authorities may seek to impose such taxes on us, including for past sales, which could result in penalties and interest. Any such tax assessments may adversely affect the results of our operations. We conduct integrated operations internationally through subsidiaries in various tax jurisdictions pursuant to transfer pricing arrangements between our subsidiaries and between our subsidiaries and us. If two or more affiliated companies are located in different countries, the tax laws or regulations of each country generally require that transfer prices be the same as those between unrelated companies dealing at arm’s length and that contemporaneous documentation is maintained to support the transfer prices. While we believe that we operate in compliance with applicable transfer pricing laws and intend to continue to do so, our transfer pricing procedures are not binding on applicable tax authorities. If tax authorities in any of these countries were to successfully challenge our transfer prices as not reflecting arms’ length transactions, they could require us to adjust our transfer prices and thereby reallocate our income to reflect these revised transfer prices, which could result in a higher tax liability to us. Such reallocations may subject us to interest and penalties that would increase our consolidated tax liability and could adversely affect our financial condition, results of operations and cash flows. Risks Related to our Substantial Indebtedness Our current debt maturities raise substantial doubt about our ability to continue as a going concern, which may materially and adversely affect our business, financial condition and results of operations. As of December 31, 2023, we had approximately $552.7 million of indebtedness, including $260.8 million under the 2021 Credit Agreement that matures on February 8, 2026, unless the Debentures are outstanding six months prior to the December 19, 2024 maturity date thereof, in which case the 2021 Credit Agreement matures on June 19, 2024. In addition, we borrowed $15.0 million under our revolving credit facility under the 2021 Credit Agreement in March 2024. Pursuant to ASC 205, Presentation of Financial Statements, we are required to and do evaluate at each annual and interim financial statement period whether there are conditions or events, considered in the aggregate, that raise substantial doubt about our ability to meet our obligations when they come due within one year after the issuance date of the consolidated financial statements. Based on the pending maturity of our indebtedness, we currently project that we will not have sufficient cash on hand or available liquidity to repay the Amended 2021 Credit Agreement at the accelerated maturity date in June 2024 or to repay the Debentures, which raises substantial doubt about our ability to continue as a going concern. We are reviewing potential alternatives, including renegotiating the terms of the Debentures and/or the Amended 2021 Credit Agreement and identifying alternative sources of cash or additional financing. However, we may not be successful in restructuring our existing debt or identifying potential new sources of liquidity. Whether we will be able to successfully complete any such refinancing will depend on market conditions, the negotiations with those lenders and the Debenture holders, and our financial performance. Further, to the extent we are able to obtain new 44 financing, this financing may lead to increased costs, increased interest rates, additional and more restrictive financial covenants and other lender protections. See Part I, Item 2, “Management’s Discussion and Analysis of Financial Condition and Results of Operations—Liquidity and Capital Resources” and Note 1, Liquidity and Going Concern Evaluation in our consolidated financial statements. We cannot provide any assurance that we will be able to identify and raise funds from alternative sources, or renegotiate, refinance or repay our indebtedness and continue as a going concern. If we are unable to restructure or refinance our indebtedness, we may not be able to continue to operate our business pursuant to our current business plan, which could require us to modify our operations to reduce spending by, among other things, delaying, scaling back or eliminating some or all of our ongoing or planned investments in corporate infrastructure, business development, sales and marketing, product development and other activities, selling the company or one or more business lines or assets, or we may be forced to seek protection under applicable bankruptcy or insolvency laws, discontinue our operations entirely and/or liquidate our assets, in which case it is likely that equity investors may suffer the loss of all or a substantial portion of their investment. Trading in our securities is highly speculative and poses substantial risks relating to the potential of bankruptcy proceedings. Trading prices for our securities may bear little or no relationship to the actual recovery, if any, by holders of our securities in bankruptcy proceedings, if any. Our substantial levels of indebtedness, a significant portion of which could mature as early as June 2024, could adversely affect our business. As of December 31, 2023, we had approximately $552.7 million of indebtedness, which did not include any amounts under our revolving credit facility. As of March 28, 2024, we had $15.0 million outstanding under our revolving credit facility.

Additionally, subject to outstanding letters of credit, we may borrow up to another $25 million under our revolving credit facility, as described in Note 6 – Long term debt in our audited consolidated financial statements included elsewhere in this Annual Report on Form 10-K. We may not be able to effect any of these actions on a timely basis, on commercially reasonable terms, or at all, and these actions may not be sufficient to meet our capital requirements. Our ability to make payments on debt, to repay existing or future indebtedness when due, to fund operations and significant planned capital expenditures and to support our growth strategy will depend on our ability to generate cash in the future.

Our ability to produce cash from operations is, and will be, subject to a number of risks, including those described above in “—Risks Related to Our Business and Industry” and elsewhere in this Annual Report on Form 10-K. Our ability to repay debt will also depend on external factors that are outside of our control, including economic, financial, competitive, legislative, regulatory and other factors. If we determine that we will not be able to meet our anticipated cash needs to continue our operations or to make required interest and principal payments on our indebtedness, we may decide to seek protection under applicable bankruptcy laws, in which case it is likely that equity investors may suffer the loss of all or a substantial portion of their investment. There can be no guarantees that our stockholders will receive any recovery from any bankruptcy proceeding. Although our debt agreements contain restrictions on the incurrence of additional indebtedness, the amount of indebtedness that could be incurred in the future in compliance with these restrictions could be substantial, thereby exacerbating the risks associated with our high level of indebtedness. Any of the foregoing risks could adversely affect our business, financial condition and results of operations.

For additional information on our indebtedness, see “Management’s Discussion and Analysis of Financial Condition and Results of Operations—Liquidity and Capital Resources”, and Note 6 – Long term debt in our audited consolidated financial statements included elsewhere in this Annual Report on Form 10-K. The terms and covenants in our existing indebtedness restricts our ability to engage in some business and financial transactions, which could adversely affect our business. In addition, our credit facility contains a financial maintenance covenant that, among other things, requires the loan parties to not exceed a specified net leverage ratio tested at the end of each quarter. Among other things, we may not be able to borrow money under our credit facility if we are unable to comply with the financial and other covenants included therein. Our credit facility also contains certain customary representations and warranties, affirmative covenants and events of default (including, among other things, an event of default upon a change of control). If an event of default occurs, our lenders will be entitled to take various actions, including the acceleration of amounts due under our credit facility and all actions permitted to be taken by a secured creditor. These restrictions could limit our ability to obtain debt financing, repurchase stock, pay dividends, refinance or pay principal on our outstanding debt, complete acquisitions for cash or debt or react to changes in our operating environment or the economy. For example, the inclusion of a going concern qualification in the report of our independent registered public accounting firm on our consolidated financial statements for the year ended December 31, 2023 (as discussed above in “—Our current debt maturities raise substantial doubt about our ability to continue as a going concern, which may materially and adversely affect our business, financial condition and results of operations” and in Note 1) would have implicated certain covenants under the 2021 Credit Agreement and certain default provisions thereunder prior to our amendment of the 2021 Credit Agreement on March 7, 2024 to provide that such a going concern qualification would not result in a default under the 2021 Credit Agreement. We cannot be certain that we will be able to remedy any defaults and, if our indebtedness is accelerated, we cannot be certain that we will have sufficient funds available to pay the accelerated indebtedness or that we will have the ability to refinance the accelerated indebtedness on terms favorable to us or at all, any of which could have a material adverse effect on our business, financial condition and results of operations.

Risks Related to our Common Stock There is currently no active public market for our common stock and an active, liquid and orderly trading market for our common stock may not develop or be maintained. Our common stock currently trades in over-the-counter markets and is quoted on the OTC Pink Sheet Market under the ticker symbol “KLDI.” An active, liquid and orderly trading market for our common stock may not develop or be maintained. On December 19, 2019 we received notification from the NYSE regarding the delisting of our common stock following consummation of the Business Combination for failing to meet the listing requirement to have 400 minimum round lot shareholders (holders of 100 shares or more) and, on January 7, 2020, our common stock was delisted. If an active market for our common stock with meaningful trading volume does not develop in the future or is not maintained for any reason, the market price of our common stock may decline materially and you may not be able to sell your shares or get accurate price quotations on our common stock. Further, to the extent our common stock is determined to be a “penny stock” (an equity security with a price of less than $5.00 that is not registered on certain national securities exchanges or authorized for quotation on certain automated quotation systems meeting certain requirements), brokers trading in our common stock would be required to adhere to different rules, possibly resulting in a reduced level of trading activity in the secondary trading market for our common stock. The market price of our common stock may be highly volatile and could fluctuate significantly due to a number of factors, some of which are beyond our control.

The stock markets in general have experienced extreme price and volume volatility often unrelated to the operating performance of particular companies. These broad market fluctuations may adversely affect the trading price of our common stock and other companies in our industry, often without regard to the operating performance of the affected companies. Securities class action litigation has often been instituted against companies following periods of volatility in the overall market and in the market price of a company’s securities. Such litigation, if instituted against us, could result in substantial costs, divert our management’s attention and resources and harm our business, operating results, financial condition and reputation. In addition, the Business Combination resulted in our merging with a special purpose acquisition company, or SPAC, which can cause additional volatility in the price of our common stock. We expect that the price of our common stock and of that of SPACs in general may be more volatile compared to the stock price of an operating company. Therefore, factors that have little or nothing to do with us could cause the price and trading volume of our common stock to fluctuate, and these fluctuations or any fluctuations related to our company could cause the market price of our common stock to decline materially. Our stock price may be exposed to additional risks because our business became a public company through a “de-SPAC” transaction. The market for our common stock will be influenced in part by the research and other reports that industry or securities analysts may publish about us or our business or industry. We do not currently have, and may never obtain, research coverage by industry or financial analysts. If no or few analysts commence coverage of us, the trading price and volume of our stock would likely be negatively impacted. If analysts do cover us and one or more of them downgrade our stock, or if they issue other unfavorable commentary about us or our industry or inaccurate research, our stock price would likely decline. Furthermore, if one or more of these analysts cease coverage or fail to regularly publish reports on us, we could lose visibility in the financial markets. Any of the foregoing would likely cause our stock price and trading volume to decline. We have warrants outstanding to purchase up to an aggregate of 29,350,000 shares of common stock at an exercise price of $11.50 per share. To the extent the price of our common stock rises above the exercise price of these warrants and they are exercised, an existing stockholder’s investment in the company will be diluted. Further, the warrants that were issued in a private placement concurrent with the consummation of the IPO, or the Private Warrants, can be exercised on a cashless basis, meaning we would not receive any cash proceeds in connection with any such exercise. We also may issue an aggregate of 2,200,000 shares of common stock to certain of our stockholders if the reported closing sale price of our common stock equals or exceeds $13.50 per share for any 20 consecutive trading days during the five-year period following the closing of the Business Combination on December 19, 2019. We have filed registration statements on Form S-8 under the Securities Act registering these shares under our 2019 Plan and outstanding awards issued under our 2019 Plan. Subject to the terms of the awards pursuant to which these shares have been or may be granted, and except for shares held by affiliates who will be subject to the resale restrictions described below, the shares issuable pursuant to awards granted under our stock incentive plans will be available for sale in the public market immediately. Additionally, in the event we voluntarily prepay all or a portion of the Debentures prior to maturity, the holders of such prepaid Debentures will have the right to purchase shares of our common stock in amount commensurate in value to the pre-payment at a price of $18 per share, subject to adjustment. The holders of the Debentures also have the option to convert the Debentures into shares of our common stock at the same price at any time. The number of shares that may be issued in such a circumstance cannot be determined at this time. We may issue additional shares of common stock or other equity securities of equal or senior rank in the future in connection with, among other things, future acquisitions or repayment of outstanding indebtedness, without stockholder approval, in a number of circumstances. The issuance of additional shares of common stock or other equity securities of equal or senior rank would dilute the ownership interests of existing stockholders and could cause the market price of our common stock to decline. We are an emerging growth company and a smaller reporting company, and any decision on our part to comply with certain reduced reporting and disclosure requirements available to us could make our common stock less attractive to investors.

We are an emerging growth company and a smaller reporting company, and, for as long as we continue to be either, we intend to take advantage of exemptions from various reporting requirements applicable to other public companies but not to emerging growth companies or smaller reporting companies, including, but not limited to: including only two years of audited financial statements in our Annual Reports on Form 10-K and Securities Act registration statements; not being required to have our independent registered public accounting firm audit our internal control over financial reporting under Section 404 of the Sarbanes-Oxley Act; reduced disclosure obligations regarding our business, executive compensation, corporate governance and other matters in our registration statements, periodic reports and proxy statements; and exemptions from the requirements of holding a nonbinding advisory vote on executive compensation and stockholder approval of any golden parachute payments not previously approved. Under the JOBS Act, emerging growth companies can also delay adopting new or revised accounting standards until such time as those standards apply to private companies. We have chosen to “opt in” to this extended transition period for complying with new or revised accounting standards and, as a result, we are not be subject to the same new or revised accounting standards as other public companies that comply with such new or revised standards on a non-delayed basis.0 billion in non-convertible debt securities. We will cease being a smaller reporting company as of the last business day of the second fiscal quarter of any fiscal year on which either (i) the market value of our common stock held by non-affiliates is $250.0 million or more as of such date or (ii) both our annual revenue was $100 million or more during the most recently completed fiscal year and the market value of our common stock held by non-affiliates is $700 million or more as of such date.

Therefore, we may continue to qualify as a smaller reporting company even after we cease to be an emerging growth company. We cannot predict if investors will find our common stock less attractive because we have chosen to rely on these exemptions. If some investors find our common stock less attractive as a result of any choices to reduce future disclosure, there may be a less active trading market for our common stock and the price of our common stock may decline or be more volatile. The trading price of our common stock may decline if our stockholders sell a large number of shares of our common stock or if we issue a large number of new shares of our common stock or shares convertible into our common stock. A majority of our outstanding shares of common stock are held by a relatively small number of our stockholders, including one or more affiliates of the Carlyle Group, L.P., or TCG, Revolution Growth III, L.P., or Revolution Growth, and Pivotal. All shares held by our affiliates are eligible for resale in the public market, subject to applicable securities laws, including the Securities Act. Rule 144 of the Securities Act provides a safe harbor under which affiliates of an issuer may resell their securities into the public market, subject to volume limitations and other restrictions. However, TCG has the right to demand that we register its shares under the Securities Act and it and other stockholders have the right to include their shares in any registration statement that we file with the SEC, subject to certain exceptions. Any registration of these or other shares would enable those shares to be sold in the public market. A sale of a substantial number of our shares in the public market by our significant stockholders or pursuant to new issuances by us or the perception that one or more of these sales or issuances could occur could depress the market price of our common stock and impair our ability to raise capital through the sale of additional equity securities. Concentration of ownership among our large stockholders and their affiliates may limit the influence of smaller stockholders on corporate decisions and the interests of such large stockholders may not align with those of the smaller stockholders. Currently, a majority of our outstanding shares are held by a relatively small number of our stockholders, including one or more affiliates of TCG, Revolution Growth and Pivotal. Additionally, TCG and Revolution Growth have the right together to nominate for election up to six members of our Board of Directors, depending on the parties’ aggregate beneficial ownership of our common stock. As a result, if some of these stockholders vote in an aligned manner, they could meaningfully influence the outcome of matters submitted to our stockholders for approval, including the election of directors, amendments to our certificate of incorporation and bylaws and approval of significant corporate transactions, such as a merger or sale of our company or its assets and make some transactions that might otherwise give our other stockholders the opportunity to realize a premium over the then-prevailing market price of our common stock more difficult or impossible without their support. This concentration of ownership could limit the ability of other stockholders to influence corporate matters and may delay or preclude an acquisition. These stockholders may transfer significant voting blocks of our common stock to a third-party by transferring their common stock, which would not require the approval of our Board of Directors or other stockholders. Some of these persons or entities may have interests that may materially differ from the rest of our stockholders. This concentration of ownership may also adversely affect our share price. Additionally, TCG, Revolution Growth, Pivotal and certain current and former directors, including Kevin Griffin, and, in each case, and their respective affiliates, are in the business of making investments in companies and may from time to time acquire and hold interests in businesses that compete directly or indirectly with us. These parties may also pursue acquisition opportunities that may be complementary to our business, and as a result, those acquisition opportunities may not be available to us. In the context of this waiver, a corporate opportunity will not be deemed to belong to us if it is a business opportunity that we are not financially or legally able or contractually permitted to undertake, or that is, from its nature, not in our line of business or is of no practical advantage to us or that is one in which we have no interest or reasonable expectancy. These potential conflicts of interest could have a material adverse effect on our business, financial condition and results of operations if, among other things, attractive corporate opportunities are allocated by these parties to themselves or one of their respective affiliates. We have never paid dividends on our common stock, and we do not anticipate paying any cash dividends on our common stock in the foreseeable future. We have never declared or paid cash dividends on our common stock. We do not anticipate paying any cash dividends on our common stock in the foreseeable future. We currently intend to retain all available funds and any future earnings to fund the development and growth of our business. Any determination to pay dividends to holders of our common stock will be at the discretion of our Board of Directors and will depend upon many factors, including our financial condition, results of operations, projections, liquidity, earnings, legal requirements, restrictions in our credit facility, agreements governing any other indebtedness we may enter into and other factors that our Board of Directors deems relevant. See “Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities—Dividend Policy.” Accordingly, our stockholders may need to sell their shares of our common stock to realize a return on their investment, and they may not be able to sell their shares at or above the price they paid for them. As a result, capital appreciation, if any, of our common stock will be our stockholders’ sole source of gain for the foreseeable future. Our ability to raise capital in the future may be limited and we may not be able to secure additional financing on terms that are acceptable to us, or at all. In order for us to grow and successfully execute our business plan, we will require additional financing. Additionally, our business and operations may consume resources faster than we anticipate. Therefore, in the future, we expect we will raise additional funds through various financings that may include the issuance of new equity securities, debt or a combination of both. However, any sale or perception of a possible sale by one or more of our significant stockholders or our other affiliates, and any related decline in the market price of our common stock, could impair our ability to raise capital. Further, additional financing, whether debt or equity, may not be available on favorable terms, or at all. If adequate funds are not available on acceptable terms, we may be unable to fund our capital requirements. If we issue new debt securities, the debt holders would have rights senior to stockholders to make claims on our assets, and the terms of any debt could restrict our operations, including our ability to pay dividends on our common stock. Because our decision to issue securities in any future offering will depend on market conditions and other factors beyond our control, we cannot predict or estimate the amount, timing or nature of our future offerings. Thus, our stockholders bear the risk of our future securities offerings reducing the market price of our common stock and diluting their interest. Other Miscellaneous Risks Any failure to maintain an effective internal control over financial reporting could adversely affect our business and stock price. As a public company, we are subject to the reporting requirements of the Exchange Act and the Sarbanes-Oxley Act of 2002. The Sarbanes-Oxley Act requires, among other things, that we establish and maintain effective internal control over financial reporting. In particular, Section 404 of the Sarbanes-Oxley Act requires us to furnish annually a report by management on the effectiveness of our internal control over financial reporting. At such time, our independent registered public accounting firm may issue a report that is adverse in the event it is not satisfied with the level at which our internal control over financial reporting is documented, designed or operating. Further, the additional work required of our independent registered public accounting firm will increase our costs, in the first year of compliance in particular. We expect that the requirements of these rules and regulations will continue to increase our legal, accounting and financial compliance costs, make some activities more difficult, time-consuming and costly and place significant strain on our personnel, systems and resources. Testing and maintaining internal controls can also divert our management’s attention from other matters that are important to the operation of our business. Our current controls and any new controls that we develop may become inadequate because of changes in conditions in our business. Additionally, a control system, no matter how well designed and operated, can provide only reasonable, not absolute, assurance that the control system’s objectives will be met. Because of the inherent limitations in all control systems, no evaluation of controls can provide absolute assurance that misstatements due to error or fraud will not occur or that all control issues and instances of fraud will be detected. Therefore, our internal control over financial reporting will not prevent or detect all errors and all fraud. Any failure to develop or maintain effective controls could harm our results of operations or make it more difficult to record, process, produce and report financial information accurately, and to prepare financial statements on a timely basis as required by SEC rules, which could cause us to fail to meet our reporting obligations and may result in a restatement of our consolidated financial statements for prior periods. Any failure to maintain effective internal control over financial reporting could adversely affect our business, financial condition and results of operations. Ineffective internal control over financial reporting could also cause investors to lose confidence in our reported financial and other information, subject us to civil and criminal investigations and penalties and adversely effect on the trading price of our common stock. We had identified a material weakness in our internal control over financial reporting. If we are unable to develop and maintain an effective system of internal control over financial reporting, we may not be able to accurately report our financial results in a timely manner, which may adversely affect investor confidence in us and materially and adversely affect our business and operating results. We had identified a material weakness in our internal control over financial reporting in the past and other significant deficiencies and material weaknesses may be discovered in the future. A material weakness is a deficiency, or a combination of deficiencies, in internal control over financial reporting such that there is a reasonable possibility that a material misstatement of our annual or interim financial statements will not be prevented or detected on a timely basis. Following the April 12, 2021 issuance of the SEC “Staff Statement on Accounting and Reporting Considerations for Warrants Issued by Special Purpose Acquisition Companies (“SPACs”)” and after consultation with our independent registered public accounting firm, our management and our audit committee concluded that, in light of the SEC Staff statement, the Private Warrants, which we had been accounting for as a component of equity in the 2020 and 2019 financial statements should have been recorded as a liability at fair value. As part of such process, we had identified a material weakness in our internal control over financial reporting. Although we believe we have remediated this material weakness, we may need to take additional measures to address the material weakness or modify remediation steps taken, and we cannot be certain that the measures we have taken, will be sufficient to address the issues identified, to ensure that our internal controls are effective or to ensure that the identified material weakness will not result in a material misstatement of our consolidated financial statements. Moreover, we cannot assure you that we will not identify additional material weaknesses in our internal controls over financial reporting in the future. Further, as a result of this material weakness, and other matters raised or that may in the future be raised by the SEC, we face potential for litigation or other disputes which may include, among others, claims invoking the federal and state securities laws, contractual claims or other claims arising from the material weakness in our internal control over financial reporting and the preparation of our financial statements.

However, we can provide no assurance that such litigation or dispute will not arise in the future. Any such litigation or dispute, whether successful or not, could have a material adverse effect on our business, financial condition and results of operations. Our second amended and restated certificate of incorporation contains anti-takeover provisions that could adversely affect the rights of our stockholders. These provisions could have the effect of depriving our stockholders of an opportunity to sell their common stock at a premium over prevailing market prices by discouraging third parties from seeking to obtain control of our company in a tender offer or similar transaction. With our staggered Board of Directors, at least two annual or special meetings of stockholders will generally be required in order to effect a change in a majority of our directors. Our staggered Board of Directors can discourage proxy contests for the election of our directors and purchases of substantial blocks of our shares by making it more difficult for a potential acquirer to gain control of our Board of Directors in a relatively short period of time. Our second amended and restated certificate of incorporation provides, subject to limited exceptions, that the Court of Chancery of the State of Delaware will be the sole and exclusive forum for certain stockholder litigation matters, which could limit our stockholders’ ability to obtain a favorable judicial forum for disputes with us or our directors, officers, employees or stockholders. Any person or entity purchasing or otherwise acquiring any interest in shares of our capital stock shall be deemed to have notice of and consented to the forum provisions in the second amended and restated certificate of incorporation. This choice of forum provision may limit a stockholder’s ability to bring a claim in a judicial forum that it finds favorable for disputes with us or any of our directors, officers, other employees or stockholders, which may 53 discourage lawsuits with respect to such claims. We cannot be certain that a court will decide that this provision is either applicable or enforceable, and if a court were to find the choice of forum provision contained in our second amended and restated certificate of incorporation to be inapplicable or unenforceable in an action, we may incur additional costs associated with resolving such action in other jurisdictions, which could harm our business, operating results and financial condition. Our second amended and restated certificate of incorporation provides that the exclusive forum provision will be applicable to the fullest extent permitted by applicable law. Notwithstanding the foregoing, Section 27 of the Exchange Act creates exclusive federal jurisdiction over all suits brought to enforce any duty or liability created by the Exchange Act or the rules and regulations thereunder. As a result, the exclusive forum provision will not apply to suits brought to enforce any duty or liability created by the Exchange Act or any other claim for which the federal courts have exclusive jurisdiction. An outbreak of disease or similar public health threat, such as the COVID-19 pandemic, could have an ongoing adverse effect on the Company’s business. We are vulnerable to the general economic effects of disease outbreaks and similar public health threats. For example, primarily due to the impact of COVID-19, our revenues decreased 7.2% for the year ended December 31, 2020 as compared to the prior year as many clients delayed new litigation and court systems closed for a period of time and were slow to reopen. Pandemics can adversely affect economies and financial markets, with the slowdown reducing production, decreasing demand for a broad variety of goods and services, diminishing trade levels and causing corporate downsizing and increased unemployment. A pandemic could also lead to extreme volatility in the global capital markets, which could increase the cost of, or entirely restrict access to, capital. The impact of future pandemics on the United States and world economies could be similar, or worse, as compared to the COVID-19 pandemic and could impact all segments of the global economy, resulting in a significant recession or worse, any of which could impact our business. Unresolved Staff Comments. None. Cybersecurity. To meet our business objectives, we rely on both internal information technology (IT) systems and networks, and those of third parties and their vendors, to process and store sensitive data, including confidential research, business plans, financial information, intellectual property, and personal data of ours and our customers that may be subject to legal protection, and promote the continuity of our Company’s supply chain. In the ordinary course of our business, we receive, process, use, store, and share digitally large amounts of data, including user data as well as confidential, sensitive, proprietary, and personal information. Maintaining the integrity and availability of our IT systems and this information, as well as appropriate limitations on access and confidentiality of such information, is important to our operations and business strategy. To this end, we have implemented an Information Security Management System (ISMS) within which cybersecurity and risk management strategies are an integral part. The ISMS Committee, which is comprised of companywide and IT department senior management, creates and manages the processes, policies, and procedures for managing the overall security of the organization. The ISMS includes a risk management program designed to assess, identify, track, treat, manage and prevent strategic and operational risks that may impact our company’s business model or operations with a focus on information security, including but not limited to cybersecurity risk, physical security risk, liability risk, innovative risk, competitive risk, and other potential unauthorized occurrences on or through our 54 IT systems that may result in adverse effects on the confidentiality, integrity, and availability of these systems and the data residing therein. The Risk Subcommittee, a subcommittee of the ISMS Committee, comprised of IT and Information Security senior leadership, maintains a risk register of cybersecurity risks that are regularly monitored and meets once a month to discuss remediation plans and treatment progress for existing risks. New potential risks are submitted to the Risk Subcommittee as they are identified by personnel from across the Company, including executive leadership, managers, directors, analysts, and others. In compliance with our Risk Management Standard and Process policy, new potential risks are evaluated by the Risk Subcommittee to determine whether each risk is to be added to the risk register and analyzed for treatment. The Risk Subcommittee invites subject matter experts from across the Company to participate in remediation planning and treatment progress reporting sessions as part of the monthly Risk Subcommittee meetings. Members of the ISMS committee and the Risk Subcommittee report directly to the Chief Executive Officer who, in turn, reports to our Board. Our ISMS is informed by internationally recognized standards and is vetted and validated annually by external advisors or consultants. We engage and consult with external assessors and consultants, on a regular basis, to evaluate our cybersecurity processes, including to anticipate future threats and trends, and their impact on the Company’s risk environment. We have implemented a robust information security internal and external audit program that operates throughout the year. Our environment is tested annually against internationally recognized standards as well as locally (domestic) applicable standards. Findings and opportunities for improvement that result from such external audits are remediated to help our security posture remain current. Prior to and/or periodically throughout and engagement, we work closely with our clients and vendors on various security assessments that test our processes compliance with contractual requirements. We have also engaged a third-party vendor to conduct regular employee trainings on cyber and information security, among other topics. We have established a Third Party Vendor Management program to oversee and identify material risks arising from cybersecurity threats associated with our use of third-party service providers. Our Third Party Vendor Management program includes a vendor risk assessment that is designed to ensure third parties engaged by us are monitored for suitability, sustainability, risk, performance of regulatory/contractual requirements and, upon reassessment, the continual ability to perform or outperform such evaluations. Risks associated with cybersecurity threats identified during the vendor risk assessment may be submitted to the Risk Subcommittee for evaluation and analysis. Informed by an internationally recognized information technology (IT) risk management standard and framework, we identify, analyze, evaluate, and remediate/treat information and cybersecurity related risks, and risks posed by third-party providers throughout the year in addition to the annual external audits and various client assessments we undergo. We maintain a threat intelligence program that drives informed decision making and strategy development within our organization’s Information Security Program. The threat intelligence program includes the review of cybersecurity incidents including root-causes-analysis and the deployment of tools and technologies to help prevent future incidents from occurring. Risks associated with cybersecurity threats are evaluated as part of our Risk Management process to determine, among other things, if the risks will materially affect our ability to adequately secure client data throughout the engagement. When deemed appropriate, business strategies are re-evaluated with risk from cybersecurity threats taken into consideration. Our Board of Directors exercises oversight of the most significant cybersecurity risks, and for our processes to identify, prioritize, assess, manage, and mitigate those risks, through the review of Information Security reports presented by the Executive Vice President of Global IT and eDiscovery Operations, who has over 20 years of industry experience, and the Vice President and Chief Information Security Officer, who has over 20 years of industry experience and holds a wide array of industry certifications. We consider cybersecurity, along with other significant risks that we face, within our overall enterprise risk management framework. When and where applicable, the Board of Directors provides input regarding the ISMS in response to the information security reports and as part of their corporate oversight responsibilities. The Board of Directors’ input is leveraged by Senior Information Security leadership as they evaluate and develop plans for continuous improvements of our ISMS to 55 address an evolving landscape of cybersecurity threats. The execution of the Information Security Management System is the responsibility of our Senior Information leadership and the Information Security team. Our risk management program is led by senior management who meet regularly to assess, analyze, evaluate, propose, and approve treatment and or remediation projects for identified information technology risks (including cybersecurity risks and vulnerabilities). Our Executive Vice President of Global IT and eDiscovery Operations, who is a member of the Risk Subcommittee, reports to our Board of Directors via our Chief Executive Officer. Our Vice President and Chief Information Security Officer (VP, CISO) is responsible for the identification of cybersecurity risks and the performance of vulnerabilities assessments. Risks and vulnerabilities are assigned to key stakeholders and senior management staff who possess the technical know-how to own these identified risks and vulnerabilities. In accordance with this process, the VP, CISO collaborates and works closely with risk owners to ensure the timely remediation and treatment of risks and vulnerabilities. As of December 31, 2023, we have not identified any risks from known cybersecurity threats, including as a result of any previous cybersecurity incidents, that have materially affected or are reasonably likely to materially affect us, including our business strategy, results of operations or financial condition. However, we face certain ongoing cybersecurity threats that, if realized, are reasonably likely to materially affect us. Additional information on cybersecurity risks we face is discussed in Part I, Item 1A, “Risk Factors,” under the heading “Privacy and Cybersecurity Risks.” .

Recently Filed

Click on a ticker to see risk factors

Ticker *	File Date
EAWD	20 hours ago
ARAT	21 hours ago
IONM	21 hours ago
NHWK	22 hours ago
GBBK	22 hours ago
APOG	23 hours ago
FWAV	1 day, 1 hour ago
JRSS	1 day, 2 hours ago
PPIH	1 day, 4 hours ago
WAVS	1 day, 18 hours ago
GBNH	1 day, 19 hours ago
ACCD	1 day, 20 hours ago
EFSH	1 day, 22 hours ago
RFAC	1 day, 22 hours ago
GXXM	2 days, 1 hour ago
PGY	2 days, 5 hours ago
KPLT	2 days, 21 hours ago
MSB	2 days, 21 hours ago
MMMB	2 days, 22 hours ago
LVPA	3 days ago
HELE	3 days, 7 hours ago
RILY	3 days, 16 hours ago
BHAC	3 days, 22 hours ago
STZ	4 days, 1 hour ago
ARMT	4 days, 5 hours ago
ARMT	4 days, 6 hours ago
RCFA	4 days, 18 hours ago
FSR	4 days, 19 hours ago
TPIA	4 days, 20 hours ago
MEDS	4 days, 20 hours ago
PVNC	4 days, 21 hours ago
CDTX	4 days, 21 hours ago
ENCP	4 days, 21 hours ago
ACI	5 days, 5 hours ago
AZZ	5 days, 7 hours ago
DGWR	5 days, 8 hours ago
AURX	1 week ago
CIRX	1 week ago
GTCH	1 week ago
HWNI	1 week ago
CSSE	1 week ago
WNLV	1 week ago
RBTK	2 weeks ago
BTTR	2 weeks ago
ROYL	2 weeks ago
VIRC	2 weeks ago
SCS	2 weeks, 1 day ago
DHAC	2 weeks, 1 day ago
ALOT	2 weeks, 1 day ago
NUBI	2 weeks, 1 day ago

OTHER DATASETS

House Trading

Dashboard

Corporate Flights

Dashboard

App Ratings

Dashboard

Strategies

Alerts

Browse Data

Risk Factors Dashboard

View risk factors by ticker

Search filings by term

Risk Factors - KLDI

-New additions in green
-Changes in blue
-Hover to see similar sentence in last filing

$KLDI Risk Factor changes from 00/03/17/22/2022 to 00/03/28/24/2024

Recently Filed

OTHER DATASETS

House Trading

Corporate Flights

App Ratings

TRADE SMARTER

TRADE SMARTER

Strategies

Alerts

Browse Data

Risk Factors Dashboard

View risk factors by ticker

Search filings by term

Risk Factors - KLDI

-New additions in green-Changes in blue-Hover to see similar sentence in last filing

$KLDI Risk Factor changes from 00/03/17/22/2022 to 00/03/28/24/2024

Recently Filed

OTHER DATASETS

House Trading

Corporate Flights

App Ratings

TRADE SMARTER

TRADE SMARTER

-New additions in green
-Changes in blue
-Hover to see similar sentence in last filing