Risk Factors Dashboard

Once a year, publicly traded companies issue a comprehensive report of their business, called a 10-K. A component mandated in the 10-K is the ‘Risk Factors’ section, where companies disclose any major potential risks that they may face. This dashboard highlights all major changes and additions in new 10K reports, allowing investors to quickly identify new potential risks and opportunities.

Risk Factors - ORCL

-New additions in green
-Changes in blue
-Hover to see similar sentence in last filing

$ORCL Risk Factor changes from 00/06/20/23/2023 to 00/06/20/24/2024

Item 1A. Risk Factors We operate in rapidly changing economic and technological environments that present numerous risks, many of which are driven by factors that we cannot control or predict. The following discussion, as well as our discussion in Item 7 Management’s Discussion and Analysis of Financial Condition and Results of Operations, highlights some of these risks. The risks described below are not exhaustive and you should carefully consider these risks and uncertainties before investing in our securities. Business and Operational Risks We may be unsuccessful in developing and selling new products and services, integrating acquired products and services and enhancing our existing products and services. Our industry is characterized by rapid technological advances, intense competition, changing delivery models, evolving standards in communications infrastructure, increasingly sophisticated customer needs and frequent new product introductions and enhancements. We have continued to refresh and release new offerings of our cloud products and services, but if we are unable to develop new or sufficiently differentiated products and services, enhance and improve our product offerings and support services in a timely manner or position and price our products and services to meet demand, customers may not purchase or subscribe to our license, hardware or cloud offerings or renew license support, hardware support or cloud subscriptions contracts. Renewals of these contracts are important to our future success. In addition, we cannot provide any assurance that the standards on which we choose to develop new products will allow us to compete effectively for business opportunities in emerging areas. In addition, our business may be adversely affected if: •we do not continue to develop and release new or enhanced products and services within the anticipated time frames; •infrastructure costs to deliver new or enhanced products and services take longer or result in greater costs than anticipated; •we are unable to increase our existing data center capacity or establish data centers in new geographic locations in a timely manner to meet current or expected customer demand; •we fail to meet our contractual service level commitments; •there is a delay in market acceptance of and difficulty in transitioning new and existing customers to new, enhanced or acquired product lines or services; •sanctions, export controls or other regulatory, legislative or other barriers prevent us from serving certain customers or restrict our customers from operating in specific jurisdictions; •there are changes in IT trends that we do not adequately anticipate or timely address with our product development efforts; •we do not optimize complementary product lines and services in a timely manner; or •we fail to adequately integrate, support or enhance acquired product lines or services. In addition, our profitability and revenues could be adversely impacted if we lose one or more of our key customers for any reason, including as a result of any of the factors discussed above. Any such loss could also limit or reduce our growth in future periods. Our AI products may not operate as anticipated, which could adversely affect our reputation, revenues and profitability. Machine learning and AI, including generative AI, are increasingly driving innovations in technology, and AI technology and services are highly competitive and rapidly evolving. We have invested, and expect to continue to invest, significant resources to build and support our AI products, and if our AI products fail to operate as anticipated or as well as competing products or otherwise do not meet customer needs or if our competitors’ AI products achieve higher market acceptance than ours, we may fail to recoup our investments in AI and our business and reputation may be harmed. In addition, AI technologies are rapidly evolving and present emerging legal and ethical issues, including claims of bias, discrimination, a perceived lack of transparency, as well as sometimes unpredictable behaviors or improper use of copyrighted or other protected material, such as personal and patient health information, any of which could expose us or our customers to reputational or legal risk and inhibit adoption of our AI products. We depend on suppliers to develop, manufacture and deliver on a timely basis the necessary technologies and components for our hardware products that we market and sell to our customers and that we use as a part of our cloud infrastructure to deliver our cloud offerings, and there are some technologies and components that can only be purchased from a single vendor due to price, quality, technology, availability or other business constraints. Regulatory uncertainty, including the lack of comprehensive federal legislation, a patchwork of existing and proposed frameworks, and emerging regulatory initiatives, may expose us to compliance challenges and 19 Table of ContentsIndex to Financial Statements uncertainties. Our failure to adapt to these changes could result in legal and reputational consequences including, but not limited to, being required to adjust or limit our product offerings or our use of AI in certain jurisdictions to comply with new and evolving AI laws and regulations. If we do not successfully execute our Oracle Cloud strategy, including our offerings of Oracle Cloud Services, our revenues and profitability may decline. We provide our cloud and other offerings to customers worldwide via a variety of deployment models, including via our cloud-based SaaS and OCI offerings. As these business models continue to evolve, we may not be able to compete effectively, generate significant revenues or maintain the profitability of our cloud offerings. Additionally, the increasing prevalence of various cloud offering models by us and our competitors may unfavorably impact the pricing of our cloud and license offerings. Additionally, the increasing prevalence of cloud and SaaS delivery models offered by us and our competitors may unfavorably impact the pricing of our cloud and license offerings. If we do not successfully execute our cloud computing strategy or anticipate the cloud computing needs of our customers, our reputation as a cloud services provider could be harmed and our revenues and profitability could decline. As customer demand for our cloud offerings increases, we experience volatility in our reported revenues and operating results due to the differences in timing of revenue recognition between our cloud license and on-premise license, and hardware product arrangements relative to our cloud offering arrangements. Customers predominantly purchase our cloud offerings on a subscription basis, and revenues from these offerings are generally recognized ratably or as services are consumed over the terms of the subscriptions. Consequently, any deterioration in sales activity associated with our cloud offerings may not be immediately observable in our consolidated statement of operations. This is in contrast to revenues associated with our license and hardware product arrangements, which are generally recognized in full at the time of delivery of the related licenses and hardware products. In addition, we may not be able to accurately anticipate customer transitions from or be able to sufficiently backfill reduced customer demand for our license, hardware and support offerings relative to the expected increase in customer adoption of and demand for our Oracle Cloud Services, which could adversely affect our revenues and profitability. If we are unable to secure data center capacity at affordable rates or do not accurately plan for our infrastructure capacity requirements, our profitability may decline. As a part of our Oracle Cloud strategy, we plan our investment levels based on estimates of future revenues and future anticipated rates of growth. As a part of our Oracle Cloud strategy, we plan our investment levels based on estimates of future revenues and future anticipated rates of growth. In recent periods, our cloud services and license support expenses have grown to meet current and expected demand for our cloud offerings, including investments to increase our existing data center capacity and to establish data centers in new geographic locations. In connection with these investments, we entered, and expect to continue to enter, into long-term operating lease commitments with third-party data center providers that generally require us to pay significant contract termination fees to early exit such obligations should our strategies change, which could adversely impact our profitability and cash flows. In connection with these investments, we entered, and expect to continue to enter, into long-term operating lease commitments with third party data center providers that generally require us to pay significant contract termination fees to early exit such obligations should our strategies change, which could adversely impact our profitability and cash flows. Data centers in geographies that we rely on may also be unavailable on commercially reasonable terms or at all. Moreover, we do not control the operation of these third-party data centers, and they may suffer interruptions in service from events beyond our control, including from acts of government, natural events, power loss, break-ins or misconduct by those third parties. In addition, we rely on third-party suppliers to provide equipment and components required to outfit these data centers on a timely basis. Ongoing or future delays could cause the loss of additional sales, delay our revenue recognition or increase our costs, all of which could adversely affect the margins of our business. We typically depreciate these assets over their estimated useful lives, which could be shortened should our cloud strategies change, which could adversely affect our profitability. Our products and services may not function properly if we experience significant coding, manufacturing or configuration errors in our cloud, license and hardware offerings. Despite testing prior to the release and throughout the lifecycle of a product or service, our cloud, license and hardware offerings sometimes contain coding, manufacturing or configuration errors that can impact their function, performance and security, and result in other negative consequences. The detection and correction of any errors in released cloud, license or hardware offerings can be time consuming and costly. Errors in our cloud, license or hardware offerings, or errors embedded in third-party software products or services incorporated into our own products, could affect their ability to properly function, integrate or operate with other cloud, license or hardware offerings, could result in service interruptions, delays or outages of our cloud offerings, could create security vulnerabilities in our products or services, could delay the development or release of new products or services or new versions of products or services, and could adversely affect market acceptance of our products or services. Errors in our cloud, license or hardware offerings could affect their ability to properly function, integrate or operate with other cloud, license or hardware offerings, could result in service interruptions, delays or outages of our cloud offerings, could create security vulnerabilities in our products or services, could delay the development or release of new products or services or new versions of products or services, and could adversely affect market acceptance of our products or services. If we experience any of these errors, or if there are delays in releasing our cloud, license or hardware offerings or new versions of these offerings, our sales could be affected and revenues could decline. In addition, we run Oracle’s business operations as well as cloud and other services that we offer to our customers on our products and networks. Therefore, any flaws could affect our and our customers’ 20 Table of ContentsIndex to Financial Statements abilities to conduct business operations and to ensure accuracy in financial processes and reporting, and may result in unanticipated costs and interruptions. Therefore, any flaws could affect our and our customers’ abilities to conduct business operations and to ensure accuracy in financial processes and reporting, and may result in unanticipated costs and interruptions. Enterprise customers rely on our cloud, license and hardware offerings and related services to run their businesses, and errors in our cloud, license and hardware offerings and related services could expose us to product liability, performance and warranty claims as well as significant harm to our brand and reputation, which could impact our future sales. Enterprise customers rely on our cloud, license and hardware offerings and related services to run their businesses, and errors in our cloud, license and hardware offerings and related services 18 Table of Contents Index to Financial Statements could expose us to product liability, performance and warranty claims as well as significant harm to our brand and reputation, which could impact our future sales. If we are unable to compete effectively, the results of operations and prospects for our business could be harmed. We face intense competition in all aspects of our business. The nature of the IT industry creates a competitive landscape that is constantly evolving as firms emerge, expand or are acquired, as technology evolves and as delivery models change. Our enterprise cloud, license and hardware offerings compete directly with certain offerings from some of the largest and most competitive companies in the world. In addition, due to the low barriers to entry in many of our market segments, new technologies and new and growing competitors frequently emerge to challenge our offerings. We believe many vendors spend amounts in excess of what Oracle spends to develop and market applications and infrastructure technologies including databases, middleware products, application development tools, business applications, collaboration products and business intelligence, compute, storage and networking products, among others, which compete with Oracle applications and infrastructure offerings. In addition, use of our competitors’ technologies can influence a customer’s purchasing decision or create an environment that makes it less efficient to utilize or migrate to Oracle products and services. For example, we offer our customers multicloud services whereby our customers can combine cloud services from multiple clouds with the goal of optimizing cost, functionality and performance. OCI’s multicloud services work with a number of our competitors’ products, including Microsoft Azure, Amazon Web Services and Google Cloud Platform. This multicloud strategy could lead our customers to migrate away from our cloud offerings to our competitors’ products or limit their purchases of additional Oracle products, either of which could adversely affect our revenues and profitability. This multicloud strategy could lead our customers to migrate away from our cloud offerings to our competitors’ products, which could adversely affect our revenues and profitability. Our competitors may also adopt business practices that provide customers access to competing products and services on terms that we may not generally find acceptable, which may convince customers to purchase competitor products and services. We could lose customers if our competitors introduce new competitive products, add new functionality, acquire competitive products, reduce prices, better execute on their sales and marketing strategies, offer more flexible business practices, provide debt or equity financing to customers or form strategic alliances with other companies. Mergers, consolidations or alliances among our competitors, or acquisitions of our competitors by large companies may result in increased competition. If our competitors offer deep discounts on certain products or services or develop products that the marketplace considers more valuable, we may need to lower prices, introduce pricing models and offerings or offer other terms that are less favorable to us to compete successfully. Any such changes may reduce revenues and margins and could adversely affect operating results. Additionally, the increasing prevalence of cloud delivery models offered by us and our competitors may unfavorably impact the pricing of our other cloud and license, hardware and services offerings, and we may also incur increased cloud delivery expenses as we expand our cloud operations and update our infrastructure, all of which could reduce our revenues and profitability. Our license support fees and hardware support fees are generally priced as a percentage of our net license fees and net new hardware products fees, respectively. Our competitors may offer lower pricing on their support offerings, which could put pressure on us to further discount our offerings. If we do not adapt our pricing models to reflect changes in customer use of our products, changes in customer demand or increased competition, our revenues could decrease. If we do not adapt our pricing models to reflect changes in customer use of our products or changes in customer demand, our revenues could decrease. Any failure to offer high-quality technical support services may adversely affect our relationships with our customers and our financial results. Our customers depend on our support organization to resolve technical issues relating to our applications and infrastructure offerings. We may be unable to respond quickly enough to accommodate short-term increases in customer demand for support services or may be inefficient in our resolution of customer support issues. Increased customer demand for these services, without corresponding revenues, could increase costs and adversely affect our operating results. Any failure to maintain high-quality technical support, or a market perception that we do not maintain high-quality technical support, could adversely affect our reputation, our ability to sell and renew our applications and infrastructure offerings to existing and prospective customers, and our business, operating results, and financial position. Any failure to maintain high-quality technical support, or a market perception that we do not maintain high-quality technical support, could adversely affect our reputation, 19 Table of Contents Index to Financial Statements our ability to sell and renew our applications and infrastructure offerings to existing and prospective customers, and our business, operating results, and financial position. We may not receive significant revenues from our current research and development efforts for several years, if at all. Developing our various product offerings is expensive and the investment in the development of these 21 Table of ContentsIndex to Financial Statements offerings often involves a long return on investment cycle. Developing our various product offerings is expensive and the investment in the development of these offerings often involves a long return on investment cycle. An important element of our corporate strategy is to continue to dedicate a significant amount of resources to research and development and related product and service opportunities, both through internal investments and the acquisition of intellectual property from acquired companies. Accelerated product and service introductions and short lifecycles require high levels of expenditures for research and development that could adversely affect our operating results if not offset by revenue increases. We believe that we must continue to dedicate a significant amount of resources to our research and development efforts to maintain our competitive position. However, we do not expect to receive significant revenues from these investments for several years, if at all. Our cloud offerings and hardware offerings are complex, and if we cannot successfully manage this complexity, including the sourcing of technologies and components, the results of these businesses will suffer. We depend on suppliers to develop, manufacture and deliver on a timely basis the necessary technologies and components for our hardware products that we market and sell to our customers and that we use as a part of our cloud infrastructure to deliver our cloud offerings, and there are some technologies and components that can only be purchased from a single vendor due to price, quality, technology, availability or other business constraints. Our supply chain operations are affected by industry consolidation and component constraints or shortages, natural disasters, political unrest (such as the tensions between China and Taiwan), public health crises, changes to trade laws or regulations, port stoppages, shipping interruptions or other transportation disruptions or slowdowns, and other factors affecting the countries or regions where these single source component vendors are located or where the products are being shipped. Our supply chain operations could be disrupted by industry consolidation and component constraints or shortages, natural disasters, political unrest, public health crises, changes to trade laws or regulations, port stoppages or other transportation disruptions or slowdowns, or other factors affecting the countries or regions where these single source component vendors are located or where the products are being shipped (such as the tensions between China and Taiwan). If disruption caused by one or more of the risks described above occurs, our cloud and license business and hardware business and related operating results could be materially and adversely affected. If one or more of the risks described above occurs, our cloud and license business and hardware business and related operating results could be materially and adversely affected. Supply chain shortages have in some instances resulted in increases to the costs of production of our hardware products that we may not be able to pass on to our customers. In addition, we have in some instances responded to such shortages by committing to higher purchases and balances of hardware products that we market and sell to our customers and that we use as a part of our cloud infrastructure to deliver our cloud offerings, relative to our historical positions. While this permits us to secure manufacturing capacity, it has increased excess and obsolescence risk of such hardware products and could adversely impact our profitability and cash flows. We expect these factors will continue to impact us in the future. We outsource most of our manufacturing, assembly, delivery and technology of, and certain component designs for, our hardware products to a variety of companies, many of which are located outside the U. We outsource a majority of our manufacturing, assembly, delivery and technology of, and certain component designs for, our hardware products to a variety of companies, many of which are located outside the U. S. From time to time, these partners experience production problems, delays or cannot meet our demand for products. Ongoing or future delays in manufacturing could cause the loss of additional sales, delayed revenue recognition or an increase in our hardware products expenses, all of which could adversely affect the margins of our cloud and license business and hardware business. These challenges could arise if we alter our manufacturing strategies, suppliers, or locations. Our periodic workforce restructurings and reorganizations can be disruptive. We periodically restructure or make other adjustments to our workforce in response to management changes, product changes, performance issues, changes in strategies, acquisitions and other internal and external considerations. These types of restructurings have resulted, and may in the future result, in increased restructuring costs and temporary reduced productivity while employees adjust to the restructuring. These types of restructurings have resulted, and may in the future result, in increased restructuring costs and temporary reduced productivity while the employees adjusted to their new roles and responsibilities. These types of restructurings may also lead to a shortage of sufficiently skilled employees in certain roles. In addition, we may not achieve or sustain the expected growth, resource redeployment or cost savings benefits of these restructurings, or may not do so within the expected timeframe. These effects could recur in connection with future acquisitions and other restructurings, and our revenues and other results of operations could be negatively affected. We may lose key employees or may be unable to hire enough qualified employees. We rely on hiring qualified employees and the continued service of our senior management, including our Chairman of the Board of Directors, Chief Technology Officer and founder; our Chief Executive Officer; other members of our executive team; and other key employees. In the technology industry, there is substantial and continuous competition for highly skilled business, product development and technical personnel, particularly in the AI field. In the technology industry, there is substantial and continuous competition for highly skilled business, product development, technical and other personnel. Hiring freezes or slowdowns may result in decreased productivity while existing employees take on additional roles and responsibilities, and may also lead to a shortage of sufficiently skilled employees in certain roles. We may also experience increased compensation costs that are not offset by either improved productivity or higher sales. We may not be successful in recruiting new personnel and in retaining and motivating existing personnel. With 22 Table of ContentsIndex to Financial Statements rare exceptions, we do not have long-term employment or non-competition agreements with our employees. Members of our senior management team have left Oracle over the years for a variety of reasons, and any future departures may be disruptive to our operations. We continually focus on improving our cost structure by hiring personnel in countries where advanced technical and other expertise are available at lower costs. We continually focus on improving our cost structure by hiring personnel in countries where advanced technical expertise and other expertise are available at lower costs. When we make adjustments to our workforce, we may incur expenses associated with workforce reductions that delay the benefit of a more efficient workforce structure. We are experiencing increased competition for employees in these countries as the trend toward globalization continues, which has affected our employee retention efforts and increased our expenses in an effort to offer a competitive compensation program. In addition, changes to immigration and labor law policies may adversely impact our access to technical and professional talent. Our general compensation program includes restricted stock units (RSUs) and performance-based equity, which are important tools in attracting and retaining employees in our industry. Our general compensation program includes restricted stock units and performance-based equity, which are important tools in attracting and retaining employees in our industry. If our stock price performs poorly, it may adversely affect our ability to retain or attract employees. We continually evaluate our compensation practices and consider changes from time to time, which may have an impact on our ability to retain employees and the amount of stock-based compensation expense that we record. Any changes in our compensation practices or those of our competitors could affect our ability to retain and motivate existing personnel and recruit new personnel. There are risks associated with our cloud and license and hardware indirect sales channels which could affect our future operating results. Our cloud and license and hardware indirect channel networks are comprised primarily of resellers, system integrators/implementers, consultants, education providers, internet service providers, network integrators and ISVs. Our cloud and license, and hardware indirect channel networks are comprised primarily of resellers, system integrators/implementers, consultants, education providers, internet service providers, network integrators and independent software vendors. Our relationships with these channel participants are important elements of our cloud, software and hardware marketing and sales efforts. Our financial results could be adversely affected if: •our contracts with channel participants were terminated or our relationships with channel participants were to deteriorate; •any of our competitors enter into strategic relationships with or acquire a significant channel participant; •the financial condition or operations of our channel participants were to weaken; or •the level of demand for our channel participants’ products and services were to decrease. There can be no assurance that we will be successful in maintaining, expanding or developing our relationships with channel participants. If we are not successful, we may lose sales opportunities, customers and revenues. In addition, we do not control channel participants, some of which operate in jurisdictions with high levels of corruption, and our compliance policies and procedures may fail to prevent or detect violations of anti-corruption or other laws for which we may be held responsible. Acquisitions present many risks and we may not achieve the financial and strategic goals that were contemplated at the time of a transaction. Acquisitions present many risks and we may not achieve the financial and strategic goals that were contemplated at the time of a transaction. We review and consider strategic acquisitions of companies, products, services and technologies. We have a selective and active acquisition program and we expect to continue to make acquisitions in the future because acquisitions have been an important element of our overall corporate strategy. Risks we may face in connection with our acquisition program include: •our ongoing business may be disrupted and our management’s attention may be diverted by acquisition, transition or integration activities; •we may have difficulties (1) managing an acquired company’s technologies or lines of business; (2) entering new markets where we have no, or limited, direct prior experience or where competitors may have stronger market positions; or (3) retaining key personnel from the acquired companies; •an acquisition may not further our business strategy as we expected, we may not integrate an acquired company or technology as successfully as we expected, we may impose our business practices or alter go-to-market strategies that adversely impact the acquired business or we may overpay for, or otherwise not realize the expected return on our investments, each or all of which could adversely affect our business or operating results and potentially cause impairment to assets that we recorded as a part of an acquisition, including intangible assets and goodwill; •our operating results or financial condition may be adversely impacted by (1) claims or liabilities that we assume from an acquired company or technology or that are otherwise related to an acquisition; (2) pre-existing contractual relationships that we assume from an acquired company, the termination or 23 Table of ContentsIndex to Financial Statements modification of which may be costly or disruptive to our business; and (3) unfavorable revenue recognition or other accounting treatment as a result of an acquired company’s business practices; •we may fail to identify or assess the magnitude of certain liabilities, shortcomings or other circumstances prior to acquiring a company or technology; •we may not realize any anticipated increase in our revenues from an acquisition for a number of reasons, including (1) if a larger than predicted number of customers decline to renew or terminate their contracts with the acquired company; (2) if we are unable to sell the acquired products or service offerings to our customer base; (3) if acquired customers do not elect to purchase our technologies due to differing business practices; or (4) if contract models utilized by an acquired company do not allow us to recognize revenues in a manner that is consistent with our current accounting practices; •we may have difficulty integrating acquired technologies, products, services and their related supply chain operations with our existing lines of business and related infrastructures; •we may have multiple product lines or services offerings as a result of our acquisitions that are offered, priced, delivered and supported differently, which could cause customer confusion and delays; •we may incur higher than anticipated costs (1) to support, develop and deliver acquired products or services; (2) for general and administrative functions that support new business models; or (3) to comply with regulations applicable to an acquired business that are more complicated than we had anticipated; •we may be unable to obtain timely approvals from, or may otherwise have certain limitations, restrictions, penalties or other sanctions imposed on us by worker councils or similar bodies under applicable employment laws as a result of an acquisition; •we may be unable to obtain required approvals from governmental authorities under foreign direct investment, foreign subsidy, competition and antitrust laws on a timely basis, if at all, and we may need to divest or dispose of assets or businesses or take other actions to obtain such approvals; •our use of cash to pay for acquisitions may limit other potential uses of our cash; and •we may have to incur additional debt to pay for acquisitions or have to delay or not proceed with an acquisition if we cannot obtain the necessary funding to complete the acquisition in a timely manner or on favorable terms. Risks we may face in connection with our acquisition program include: •our ongoing business may be disrupted and our management’s attention may be diverted by acquisition, transition or integration activities; •we may have difficulties (1) managing an acquired company’s technologies or lines of business; (2) entering new markets where we have no, or limited, direct prior experience or where competitors may have stronger market positions; or (3) retaining key personnel from the acquired companies; •an acquisition may not further our business strategy as we expected, we may not integrate an acquired company or technology as successfully as we expected, we may impose our business practices or alter 21 Table of Contents Index to Financial Statements go-to-market strategies that adversely impact the acquired business or we may overpay for, or otherwise not realize the expected return on our investments, each or all of which could adversely affect our business or operating results and potentially cause impairment to assets that we recorded as a part of an acquisition, including intangible assets and goodwill; •our operating results or financial condition may be adversely impacted by (1) claims or liabilities that we assume from an acquired company or technology or that are otherwise related to an acquisition; (2) pre-existing contractual relationships that we assume from an acquired company, the termination or modification of which may be costly or disruptive to our business; and (3) unfavorable revenue recognition or other accounting treatment as a result of an acquired company’s business practices; •we may fail to identify or assess the magnitude of certain liabilities, shortcomings or other circumstances prior to acquiring a company or technology; •we may not realize any anticipated increase in our revenues from an acquisition for a number of reasons, including (1) if a larger than predicted number of customers decline to renew or terminate their contracts with the acquired company; (2) if we are unable to sell the acquired products or service offerings to our customer base; (3) if acquired customers do not elect to purchase our technologies due to differing business practices; or (4) if contract models utilized by an acquired company do not allow us to recognize revenues in a manner that is consistent with our current accounting practices; •we may have difficulty integrating acquired technologies, products, services and their related supply chain operations with our existing lines of business and related infrastructures; •we may have multiple product lines or services offerings as a result of our acquisitions that are offered, priced, delivered and supported differently, which could cause customer confusion and delays; •we may incur higher than anticipated costs (1) to support, develop and deliver acquired products or services; (2) for general and administrative functions that support new business models; or (3) to comply with regulations applicable to an acquired business that are more complicated than we had anticipated; •we may be unable to obtain timely approvals from, or may otherwise have certain limitations, restrictions, penalties or other sanctions imposed on us by worker councils or similar bodies under applicable employment laws as a result of an acquisition; •we may be unable to obtain required approvals from governmental authorities under competition and antitrust laws on a timely basis, if at all, and we may need to divest or dispose of assets or businesses or take other actions in order to obtain such approvals; •our use of cash to pay for acquisitions may limit other potential uses of our cash; •we incurred additional debt to finance our acquisition of Cerner in fiscal 2023 and in the future, we may have to incur additional debt to pay for other acquisitions or have to delay or not proceed with an acquisition if we cannot obtain the necessary funding to complete the acquisition in a timely manner or on favorable terms; and •we may experience additional or unexpected changes in how we are required to account for our acquisitions pursuant to U. The occurrence of any of these risks could have a material adverse effect on our business, results of operations, financial condition or cash flows, particularly in the case of a larger acquisition or several concurrent acquisitions. Data Privacy, Cybersecurity and Intellectual Property Risks If our security measures for our products and services are compromised and as a result, our data, our customers’ data or our IT systems are accessed improperly, made unavailable, or improperly modified, our products and services may be perceived as vulnerable, our brand and reputation could be damaged, the IT services we provide to our customers could be disrupted, and customers may stop using our products and services, any of which could reduce our revenue and earnings, increase our expenses and expose us to legal claims and regulatory actions. 22 Table of Contents Index to Financial Statements Data Privacy, Cybersecurity and Intellectual Property Risks If our security measures for our products and services are compromised and as a result, our data, our customers’ data or our IT systems are accessed improperly, made unavailable, or improperly modified, our products and services may be perceived as vulnerable, our brand and reputation could be damaged, the IT services we provide to our customers could be disrupted, and customers may stop using our products and services, any of which could reduce our revenue and earnings, increase our expenses and expose us to legal claims and regulatory actions. Our products and services, including Oracle Cloud Services, store, retrieve, process and manage third-party data, such as our customers’ data, as well as our own data. Our products and services, including Oracle Cloud Services, store, retrieve, manipulate and manage third-party data, such as our customers’ information and data, as well as our own data. We believe that Oracle is a target for computer hackers, cyber threats and other bad actors because Oracle stores and processes large amounts of data, including sensitive data such as health sciences (including patient health information), financial services, retail, hospitality, telecommunications and government data. We believe that Oracle in particular is a target for computer hackers and other bad actors because Oracle stores and processes large amounts of data, including in customer sectors involving particularly sensitive data such as health sciences (including patient health information), financial services, retail, hospitality and the government. We and our third-party vendors are regularly subject to attempts by third parties (which may include individuals or groups of hackers and sophisticated organizations, such as state-sponsored organizations, nation-states and individuals sponsored by them) to identify and exploit product and service vulnerabilities, penetrate or bypass our security measures, and gain unauthorized access to our or our customers’, partners’ and suppliers’ software, hardware and cloud offerings, networks and systems. Successful attempts by one of these malicious actors can lead to the compromise of personal information or the confidential information or data of Oracle or our customers. Attempts of this nature typically involve IT-related viruses, worms, and other malicious software programs that attack networks, systems, products and services, exploit potential security vulnerabilities of networks, systems, products and services, create system disruptions and cause shutdowns or denials of service. Third parties may attempt to fraudulently induce customers, partners, employees or suppliers into disclosing sensitive information such as user names, passwords or other information to gain access to our data, our customers’, suppliers’ or partners’ data or the IT systems of Oracle, our customers, suppliers or partners. Third parties may attempt to fraudulently induce customers, partners, employees or suppliers into disclosing sensitive information such as user names, passwords or other information in order to gain access to our data, our customers’, suppliers’ or partners’ data or the IT systems of Oracle, our customers, suppliers or partners. Our products and 24 Table of ContentsIndex to Financial Statements services, including our Oracle Cloud Services, may also be accessed or modified improperly as a result of customer, partner, employee, contractor or supplier error or malfeasance. If a cyber-attack or other security incident results in unauthorized access to, or modification or exfiltration of, our customers’ or suppliers’ data, other external data, our own data or our IT systems, or if the services we provide to our customers are disrupted, or if our products or services are reported to have (or are perceived as having) security vulnerabilities, we could incur significant expenses and suffer substantial damage to our brand and reputation. If a cyber-attack or other security incident results in unauthorized access to or modification of our customers’ or suppliers’ data, other external data, our own data or our IT systems, or if the services we provide to our customers are disrupted, or if our products or services are reported to have (or are perceived as having) security vulnerabilities, we could incur significant expenses and suffer substantial damage to our brand and reputation. If our customers lose confidence in the security and reliability of our products and services, including our cloud offerings, and perceive them to not be secure, they may decide to reduce or terminate their spend with us. In addition, cyber-attacks and other security incidents could lead to considerable investigation and remediation costs, loss or destruction of information, interruption of our operations, inappropriate use of proprietary and sensitive data, lawsuits, indemnity obligations, regulatory investigations and financial penalties, and claims and increased legal liability, including in some cases contractual costs related to customer notification and fraud monitoring. Our remediation efforts may not be successful. Because the techniques used to obtain unauthorized access to, or sabotage IT systems, change frequently, grow more complex over time, and often are not recognized until launched against a target, we may be unable to anticipate or implement adequate measures to prevent such techniques. Our internal IT systems continue to evolve and we are often early adopters of new technologies. However, our business policies and internal security controls may not keep pace with these changes as new threats emerge. We may not discover any security breach and loss of information for a significant period of time after the security breach. Our products operate in conjunction with and are dependent on a wide variety of third-party products, components and services. If there is a security vulnerability in one of these components, and if there is a security exploit targeting it, we could face increased costs, liability claims, customer dissatisfaction, reduced revenue, or harm to our reputation or competitive position. We also have an active acquisition program and have acquired a number of companies, products, services and technologies over the years. While we make significant efforts to address any IT security issues with respect to our acquired companies, we may still inherit such risks when we integrate these companies within Oracle. Our business practices with respect to data could give rise to operational interruption, liabilities or reputational harm as a result of governmental regulation, legal requirements or industry standards relating to privacy and data protection. As regulatory focus on privacy issues continues to increase and worldwide laws and regulations concerning the handling of personal information expand and become more complex and stringent, potential risks related to data collection and use within our business will intensify. As regulatory focus on privacy issues continues to increase and worldwide laws and regulations concerning the handling of personal information expand and become more complex, potential risks related to data collection and use within our business will intensify. In addition, U.S. federal and state as well as foreign governments have enacted or are considering enacting legislation or regulations, or may in the near future interpret existing legislation or regulations, in a manner that could significantly impact our ability, as well as the ability of our customers, partners and data providers, to collect, augment, analyze, use, transfer (including across national borders) and share personal and other information that is integral to certain services we provide. and foreign governments have enacted or are considering enacting legislation or regulations, or may in the near future interpret existing legislation or regulations, in a manner that could significantly impact our ability, as well as the ability of our customers, partners and data providers, to collect, augment, analyze, use, transfer (including across national borders) and share personal and other information that is integral to certain services we provide. We are also subject to data privacy and other related regulations governing the healthcare industry and patient information, including but not limited to regulations governing electronic health data transmissions, the processing of patient information, healthcare fraud and healthcare information sharing. Our acquisition of Cerner during fiscal 2023 also subjects us to additional data privacy and other related regulations governing the healthcare industry and patient information, including but not limited to regulations governing electronic health data transmissions, the processing of patient information, healthcare fraud and healthcare information sharing. Following the European Union’s (EU) General Data Protection Regulation (GDPR), the rate of global consideration and adoption of privacy laws has increased, giving rise to more global jurisdictions in which regulatory inquiries and audits may be requested of Oracle, and if we are not deemed to be in compliance, could result in enforcement actions and/or fines. This is true in the U.S. where, for example, a number of states have enacted privacy laws, the U.S. Congress is considering several privacy and security-related bills at the federal level, the federal government is pursuing a range of cybersecurity initiatives pertaining to critical infrastructure companies and government contractors, and a number of other state legislatures are considering privacy laws. Regulators globally are also imposing greater monetary fines for privacy violations. The GDPR provides for monetary penalties of up to €20 million, or up to 4% of an organization’s worldwide revenue of the preceding financial year, whichever is greater. These penalties can be significant. For example, a U. For example, the U. S.-based technology company was fined €1.2 billion for alleged GDPR violations in 2023.2 billion for alleged GDPR violations. The U.S. Federal Trade Commission continues to fine companies for unfair and deceptive data protection practices, and these fines may increase in size. Taken together, the laws or regulations associated with the enhanced protection of personal and other types of data could greatly increase the size of potential fines related to data protection, and our cost of providing our products and services could result in changes to our business 25 Table of ContentsIndex to Financial Statements practices or even prevent us from offering certain services in jurisdictions in which we operate. Taken together, the laws or regulations associated with the enhanced protection of personal and other types of data could greatly increase the size of potential fines related to data protection, and our cost of providing our products and services could result in changes to our business practices or even prevent us from offering certain services in jurisdictions in which we operate. Although we have implemented contracts, diligence programs, policies and procedures designed to address compliance with applicable laws and regulations, there can be no assurance that our employees, contractors, partners, suppliers, data providers or agents will not violate such laws and regulations or our contracts, policies and procedures. Although we have implemented contracts, diligence programs, policies and procedures designed to ensure compliance with applicable laws and regulations, there can be no assurance that our employees, contractors, partners, suppliers, data providers or agents will not violate such laws and regulations or our contracts, policies and procedures. Additionally, public perception and standards related to the privacy of personal information can shift rapidly, in ways that may affect our reputation or influence regulators to enact regulations and laws that may limit our ability to provide certain products and services. For example, numerous jurisdictions, including the EU, are considering laws and regulations that would impose additional data privacy and other compliance requirements on the use of AI and could require us to adjust or limit our product offerings in such jurisdictions. We make statements about our use and disclosure of personal information through our privacy policy, information provided on our website and press statements. Any failure, or perceived failure, by us to comply with these public statements or with U.S. federal, state, or foreign laws and regulations, including laws and regulations regulating privacy, data security, or consumer protection, public perception, standards, self-regulatory requirements or legal obligations, could result in lost or restricted business, proceedings, actions or fines brought against us or levied by governmental entities or others, or could adversely affect our business and harm our reputation. Third parties have claimed, and in the future may claim, infringement or misuse of intellectual property rights and/or breach of license agreement provisions. We periodically receive notices from, or have lawsuits filed against us by, third parties claiming infringement or other misuse of their intellectual property rights and/or breach of our agreements with them. These third parties include entities that do not design, manufacture, or distribute products or services or that acquire intellectual property for the sole purpose of monetization through infringement assertions. We expect to continue to receive such claims as: •we continue to expand into new businesses and acquire companies; •the number of products and competitors in our industry segments grows; •the use and support of third-party code (including open source code) becomes more prevalent in the industry; •the volume of issued patents continues to increase; and •non-practicing entities continue to assert intellectual property infringement in our industry segments. We expect to continue to receive such claims as: •we continue to expand into new businesses and acquire companies; •the number of products and competitors in our industry segments grows; •the use and support of third-party code (including open source code) becomes more prevalent in the industry; •the volume of issued patents continues to increase; and 24 Table of Contents Index to Financial Statements •non-practicing entities continue to assert intellectual property infringement in our industry segments. Responding to any such claim, regardless of its validity, could: •be time consuming, costly and result in litigation; •divert management’s time and attention from developing our business; •require us to pay monetary damages or enter into royalty and licensing agreements that we would not normally find acceptable; •require us to stop selling or to redesign certain of our products; •require us to release source code to third parties, possibly under open source license terms; •require us to satisfy indemnification obligations to our customers; or •otherwise adversely affect our business, results of operations, financial condition or cash flows. We may not be able to protect our intellectual property rights. We rely on copyright, trademark, patent and trade secret laws, confidentiality procedures, controls and contractual commitments to protect our intellectual property. Despite our efforts, these protections may be limited. Unauthorized third parties may try to copy or reverse engineer our products or otherwise use our intellectual property. Our patents may be invalidated or circumvented. Any of our pending or future patent applications may not be issued with the claim scope we seek, if at all. In addition, the laws of some countries do not provide the same level of intellectual property protection as U.S. laws and courts. If we cannot protect our intellectual property against unauthorized copying or use, or other misappropriation, we may not remain competitive. Legal and Regulatory Risks Adverse litigation results could affect our business. We are subject to various legal proceedings. Litigation can be lengthy, expensive and disruptive to our operations, and can divert our management’s attention away from running our core business. The results of our litigation also cannot be predicted with certainty. Even a favorable judgment 26 Table of ContentsIndex to Financial Statements may be subject to appeals leading to protracted litigation, additional costs and the prospect that our desired outcome will be overturned. An adverse decision could result in monetary damages or injunctive relief that could affect our business, operating results or financial condition. Additional information regarding certain of the lawsuits we are involved in is discussed under Note 16 of Notes to Consolidated Financial Statements included elsewhere in this Annual Report. We may be subjected to increased taxes due to changes in U.S. or international tax laws or from adverse resolutions of tax audits and controversies. As a multinational corporation, we incur income taxes as well as non-income based taxes (such as payroll, sales, use, property and value-added taxes) in both the U.S. and various foreign jurisdictions. Significant uncertainties exist with respect to the application of the various taxes to the businesses in which we engage, often requiring that we make judgments in determining our tax liabilities and worldwide provision for income taxes. We are regularly under audit by tax authorities in the U.S. and internationally, which has led to disagreements regarding our treatment of various items, including our intercompany transfer prices and calculations and the applicability of withholding taxes to our cross-border transactions. Any unfavorable resolution of these tax audits and controversies could cause our tax liabilities to increase and may have a material and adverse impact on our provision for income taxes and effective tax rate. Although we believe that our income and non-income based tax estimates are reasonable, there is no assurance that the final determination of tax audits or disputes will not be different from what is reflected in our historical income tax provisions and tax accruals. Although we believe that our income and non-income based 25 Table of Contents Index to Financial Statements tax estimates are reasonable, there is no assurance that the final determination of tax audits or disputes will not be different from what is reflected in our historical income tax provisions and tax accruals. Countries around the world continually consider and make changes to relevant tax, accounting and other laws, treaties, regulations, guidance and interpretations. In the U.S., various legislative proposals, if enacted, may substantially raise U.S. income taxes on our domestic and international profits. Such unfavorable tax proposals, the prospects for which depend to a significant degree on the U.S. political landscape, create the potential for added volatility in our quarterly provision for income taxes and could have a material adverse impact on our future income tax provisions and effective tax rate. political landscape and economic environment create the potential for added volatility in our quarterly provision for income taxes and could have a material adverse impact on our future income tax provisions and effective tax rate. Other countries also continue to consider changes to their tax laws that could negatively affect us by increasing taxes imposed on our international revenue streams, operations and cross-border transactions, including the imposition of taxes targeted at digital technology businesses and changes in withholding tax rules. The Organisation for Economic Co-operation and Development (OECD) and the Group of Twenty (G20), together with over 140 participating countries, have developed a two-pillar framework calling for a 15% global minimum tax on multinational corporate groups, which has been adopted in many jurisdictions, and that would provide greater taxing rights to market jurisdictions where customers or users are located. These changes may materially increase the level of income tax on our international profits. Our future income tax provisions and effective tax rate could materially increase under the tax changes discussed above or if other changes are made to applicable tax laws and rules in the U.S. or in other countries in which we do business. Our provision for income taxes also could be adversely affected by changes in the mix of income earned or losses incurred in jurisdictions with differing statutory tax rates, fluctuations in our stock price and level of stock-based compensation expense, changes in the valuation of our deferred tax assets or liabilities and by other factors. Our international sales and operations and global customer base subject us to additional risks that can adversely affect our operating results. We derive a substantial portion of our revenues from, and have significant operations, outside of the U.S., and in both our U.S. and non-U.S. operations we serve customers based in or with ties to numerous jurisdictions around the world. Compliance with international and U.S. laws and regulations that apply to our international operations increases our cost of doing business. These laws and regulations include data privacy requirements, labor relations laws, tax laws, foreign currency-related regulations, competition/antitrust regulations, anti-bribery laws and other laws prohibiting payments to governmental officials such as the U.S. Foreign Corrupt Practices Act (FCPA), market access regulations, tariffs, and import, export and general trade regulations, including but not limited to economic sanctions and embargos. Violations of these laws and regulations could result in monetary fines, civil and/or criminal penalties, enforcement actions against us, our officers or our employees, and prohibitions on the conduct of our business, including disgorgement, the loss of trade privileges, and other remedial measures. Any such violations could result in prohibitions on our ability to offer our products and services in one or more countries or territories or to certain entities, could delay or prevent potential acquisitions and could also materially damage our reputation, our brand, our international expansion efforts, our ability to attract and retain employees, our business and our operating results. 27 Table of ContentsIndex to Financial Statements Changes to sanctions or export control regulations in the U.S. and the other jurisdictions where we currently operate or have dealings, or in the future may operate or have dealings, can require suspension or termination of business (including financial transactions) in or with certain countries and territories or with certain customers. and the other jurisdictions where we currently operate or have dealings, or in the future may operate or have dealings, can require suspension or termination of business, including financial transactions, in certain countries, territories or with certain customers and any such action in the future could adversely affect our business, financial condition and results of operations. In addition, we continue to monitor relations between the U.S. and the Russian Federation, the Republic of Belarus and the People’s Republic of China, among others. It is difficult to anticipate the effect international relations may have on us. It is difficult to anticipate the effect such relations may have on us. Compliance with any further economic sanctions, export controls or other regulatory restrictions (and any countermeasures thereto) taken by the U. Compliance with any further economic sanctions, export controls or other regulatory restrictions (and any retaliatory responses thereto) taken by the U. S. or other countries could prevent us from serving certain customers or restrict us or our customers from operating in specific jurisdictions, which could have an adverse effect on our operations and results of operations. or other countries could prevent us from serving certain customers or restrict our customers from operating in specific jurisdictions, which could have an adverse effect on our operations and results of operations. For example, in April 2024, the U. For example, in the U. S. President signed into law a bill that will make it unlawful to provide internet hosting services to TikTok that are used to enable the distribution, maintenance, or updating of TikTok for users within the U.S. if certain steps are not taken by TikTok’s owners within a set time frame. If we are unable to provide those services to TikTok, and if we cannot redeploy that capacity in a timely manner, our revenues and profits would be adversely impacted. Compliance with these laws may increase our expenses as we engage specialized or other additional resources to assist us with our compliance efforts. Our success depends, in part, on our ability to anticipate these risks and manage these difficulties. We monitor our operations and investigate allegations of improprieties relating to transactions and the way in which such transactions are recorded. Where circumstances warrant, we provide information and report our findings to government authorities, and in some circumstances such authorities conduct their own investigations and we respond to their requests or demands for information. No assurance can be given that action will not be taken by such authorities or that our compliance program will prove effective. We are also subject to a variety of other risks and challenges in managing an organization operating globally, including those related to: •general economic conditions in each country or region; •political unrest, terrorism and war, including but not limited to the current Russia-Ukraine war, the economic impact thereof and the potential to subject our business to materially adverse consequences should the situation escalate beyond its current scope, including, among other potential impacts, the geographic proximity of the situation relative to the rest of Europe, where a material portion of our business is carried out; •the potential for other hostilities, including but not limited to further destabilization in the Middle East and tensions between China and Taiwan; •public health risks, social risks and supporting infrastructure stability risks, particularly in areas in which we have significant operations; •fluctuations in currency exchange rates and related impacts on customer demand and our operating results; •difficulties in accessing or transferring funds from or converting currencies in certain countries that could lead to a devaluation of our net assets, in particular our cash assets, in that country’s currency; •regulatory changes, including government austerity measures in certain countries that we may not be able to sufficiently plan for or avoid that may unexpectedly impair bank deposits or other cash assets that we hold in these countries or that impose additional taxes that we may be required to pay in these countries; •common local business behaviors or regulatory requirements that conflict with our business ethics, practices and conduct policies; •longer payment cycles and difficulties in collecting accounts receivable; •overlapping tax regimes; and •reduced protection for intellectual property rights in some countries. We are also subject to a variety of other risks and challenges in managing an organization operating globally, including those related to: •general economic conditions in each country or region; •political unrest, terrorism and war, including but not limited to the current Russia-Ukraine war, the economic impact thereof and the potential to subject our business to materially adverse consequences should the situation escalate beyond its current scope, including, among other potential impacts, the geographic proximity of the situation relative to the rest of Europe, where a material portion of our business is carried out; •the potential for other hostilities, including but not limited to escalating tensions between China and Taiwan; •public health risks, social risks and supporting infrastructure stability risks, particularly in areas in which we have significant operations; •fluctuations in currency exchange rates and related impacts on customer demand and our operating results; •difficulties in accessing or transferring funds from or converting currencies in certain countries that could lead to a devaluation of our net assets, in particular our cash assets, in that country’s currency; •regulatory changes, including government austerity measures in certain countries that we may not be able to sufficiently plan for or avoid that may unexpectedly impair bank deposits or other cash assets that we hold in these countries or that impose additional taxes that we may be required to pay in these countries; •common local business behaviors or regulatory requirements that conflict with our business ethics, practices and conduct policies; •longer payment cycles and difficulties in collecting accounts receivable; •overlapping tax regimes; and •reduced protection for intellectual property rights in some countries. The variety of risks and challenges listed above could also disrupt or otherwise negatively impact our supply chain operations and sales of our products and services in affected countries or regions. As the majority shareholder of Oracle Financial Services Software Limited, a publicly traded company in India, and Oracle Corporation Japan, a publicly traded company in Japan, we face several additional risks, including being subject to local securities regulations and being unable to exert full control that we would otherwise have if these entities were wholly-owned subsidiaries. 28 Table of ContentsIndex to Financial Statements The healthcare industry is highly regulated, and thus, we are subject to several laws, regulations and industry initiatives, non-compliance with certain of which could adversely affect our healthcare business. As a participant in the healthcare industry, certain of our operations and relationships, and those of our customers, are regulated by several U.S. federal, state, local and foreign governmental entities. The impact of these regulations on us is both direct and also indirect, in terms of government program requirements applicable to our customers for the use of health IT. Even though we may not be directly regulated by specific healthcare laws and regulations, our products and services must be capable of being used by our customers in a way that complies with those laws and regulations. There are significant, wide-ranging and rapidly evolving regulations both within and outside the U.S., such as regulations in the areas of healthcare fraud, information sharing, e-prescribing, claims processing and transmission, healthcare devices, the security and privacy of patient data and interoperability standards, that may be directly or indirectly applicable to our operations and relationships or the business practices of our customers. Specific risks include, but are not limited to, the following: •The U.S. and other countries have regulations in place related to medical devices that now, or may in the future, apply to certain of our healthcare products and services. If any of our healthcare products and services are deemed to be actively regulated medical devices by regulatory agencies in countries where we do business, we could be subject to extensive requirements governing pre- and post-marketing activities, including pre-market notification clearance. •Various U.S. federal, state and non-government agencies continue to generate requirements for the use of certified electronic health record technology (CEHRT), and CEHRT continues to be a requirement of participation in federal healthcare programs in order to receive reimbursement for health items and services provided by certain of our customers to Medicare and Medicaid beneficiaries. We expect the regulations establishing the certification and interoperability standards for CEHRT will continue to be updated to emphasize interoperability, consumer engagement, patient safety and health information privacy and security. Complying with these regulations globally is expensive and could subject us to unanticipated and significant delays. If we fail to comply sufficiently with these and other regulations, it could negatively impact our ability to continue to develop, distribute and deliver certain of our healthcare products and services, and we could suffer fines or penalties. If our customers lose confidence in the security and reliability of our products and services, including our cloud offerings, and perceive them to not be secure, they may decide to reduce or terminate their spend with us. Our sales to local, state, federal and foreign government customers expose us to business volatility and risks, including government budgeting cycles and appropriations, government shutdowns, procurement regulations, governmental policy shifts, early termination of contracts, audits, investigations, sanctions and penalties. Our sales to local, state, federal and foreign government customers expose us to business volatility and risks, including government budgeting cycles and appropriations, procurement regulations, governmental policy shifts, early termination of contracts, audits, investigations, sanctions and penalties. We derive revenues from contracts with the U.S. government, state and local governments, and foreign governments and are subject to procurement laws relating to the award, administration and performance of those contracts. Governmental entities are variously pursuing policies that affect our ability to sell our products and services. Changes in government procurement policy, priorities, regulations, technology initiatives and/or requirements may negatively impact our potential for growth in the government sector. For example, the U.S. government imposes evolving cybersecurity requirements, including, for example, the FedRAMP authorization process and the Department of Defense (DoD) Cybersecurity Maturity Model Certification. These requirements may impact our lines of business in the U.S. federal government market. Compliance with these cybersecurity requirements is complex and costly, and failure to meet, or delays in meeting, the required security controls could limit our ability to sell products and services, directly or indirectly, to the DoD and other federal and state government entities that implement similar cybersecurity requirements. Compliance with these cybersecurity requirements is complex and costly, and failure to meet, or delays in meeting, the required security controls could limit our ability to sell 27 Table of Contents Index to Financial Statements products and services, directly or indirectly, to the DoD and other federal and state government entities that implement similar cybersecurity requirements. We are also subject to early termination of our contracts. Many governmental entities have the right to terminate contracts at any time for a variety of reasons, including without cause. For example, the U.S. federal government may terminate any of our government contracts and subcontracts at its convenience, or for default based on our performance. U.S. federal, state and local government and foreign government contracts are generally subject to government funding authorizations/appropriations. Contracts may also be terminated due to a lack of government funds. There is increased pressure on governments and their agencies, both domestically and internationally, to reduce spending as governments continue to face significant deficit reduction pressures. This may adversely impact spending on government programs. In addition, an extended federal government shutdown in the U.S. could cause delays in approvals and decision making, which could negatively impact our results of operations. 29 Table of ContentsIndex to Financial Statements Government contracts laws and regulations impose certain risks, and contracts are generally subject to audits and investigations. If violations of law are found, they could result in civil and criminal penalties and administrative sanctions, including termination of contracts, refund of a portion of fees received, forfeiture of profits, suspension of payments, fines and suspensions or debarment from future government business. Environmental and other related laws and regulations subject us to a number of risks and could result in significant liabilities and costs. Our cloud and hardware operations are subject to state, federal and international laws governing protection of the environment, proper handling and disposal of materials used for these operations, human health and safety, the use of certain chemical substances and the labor practices of suppliers, as well as local testing and labeling requirements. Our cloud and hardware operations are subject to state, federal and international laws governing protection of the environment, proper handling and disposal of materials used for these products, human health and safety, the use of certain chemical substances and the labor practices of suppliers, as well as local testing and labeling requirements. Regulatory, market, carbon tax and competitive pressures regarding the greenhouse gas emissions and energy mix for our data center operations may also grow. Regulatory, market, and competitive pressures regarding the greenhouse gas emissions and energy mix for our data center operations may also grow. Approximately half of our hardware revenues come from international sales. Environmental legislation, such as the EU Waste Electrical and Electronic Equipment Directive, China’s regulation on Management Methods for Controlling Pollution Caused by Electronic Information Products and the EU carbon border adjustment mechanism, among others, may increase our cost of doing business internationally and impact our hardware revenues from the EU, China and other countries with similar environmental legislation as we endeavor to comply with and implement these requirements. Environmental legislation, such as the EU Directive on Restriction of Hazardous Substances (RoHS), the EU Waste Electrical and Electronic Equipment Directive (WEEE Directive) and China’s regulation on Management Methods for Controlling Pollution Caused by Electronic Information Products, among others, may increase our cost of doing business internationally and impact our hardware revenues from the EU, China and other countries with similar environmental legislation as we endeavor to comply with and implement these requirements. Compliance with these ever-changing environmental and other laws in a timely manner could increase our product design, development, procurement, manufacturing, delivery, cloud operations, insurance premiums and administration costs, limit our ability to manage excess and obsolete non-compliant inventory, change our sales activities, or otherwise impact future financial results of our cloud and hardware businesses. Compliance with these ever-changing environmental and other laws in a timely manner could increase our product design, development, procurement, manufacturing, delivery, cloud operations and administration costs, limit our ability to manage excess and obsolete non-compliant inventory, change our sales activities, or otherwise impact future financial results of our cloud and hardware businesses. Any violation of these laws can subject us to significant liability, including fines, penalties and possible prohibition of sales of our products and services into one or more states or countries and result in a material adverse effect on the financial condition or operations of our cloud and hardware businesses. The Nomination and Governance Committee of our Board of Directors oversees and periodically reviews our environmental, social and governance (ESG) programs, including environmental sustainability. We also have an Environmental Steering Committee (ESC) comprised of senior individuals from a wide range of Oracle business units, including our Chief Sustainability Officer who oversees our overall sustainability strategy, including climate related risk mitigation. We have an Environmental Steering Committee (ESC) comprised of senior individuals from a wide range of Oracle business units, including our Chief Sustainability Officer who oversees our overall sustainability strategy, including climate related risk mitigation. The ESC evaluates if climate or environmental risks have the potential for significant chronic or acute impact on our core and/or strategic business functions, including service delivery and support, product development and deployment, supply chain management, facility operations, employee recruitment and retention, or brand reputation. Any failure to identify and assess these risks could adversely affect our reputation, business, financial performance and growth. A failure by the ESC to identify and assess these risks could adversely affect our reputation, business, financial performance and growth. We publish an annual Social Impact Report, which includes disclosure of our ESG matters and goals. Our disclosures on these matters, and standards we set for ourselves or a failure to meet these standards, may potentially harm our reputation and brand. By electing to set and share publicly these corporate ESG standards, our business may also face increased scrutiny related to ESG initiatives and activities. Further, new laws, regulations, policies, and international accords relating to ESG matters, including sustainability, climate change, human capital and diversity, some of which require specific, target-driven frameworks or disclosure requirements, are being developed, formalized and implemented in many jurisdictions. Further, new laws, regulations, policies, and international accords relating to ESG matters, including sustainability, climate change, human capital, and diversity, are being developed and formalized in the U. Standards for reporting ESG metrics, including ESG-related disclosures, are complex and evolving, and the implementation and oversight of controls to comply with applicable reporting and disclosure standards could impose significant compliance costs. Standards for reporting ESG metrics, including ESG-related disclosures that may be required by the SEC or other regulators, are complex and evolving, and the implementation and oversight of controls to comply with applicable reporting and disclosure standards could impose significant compliance costs. In addition, such disclosure requirements could result in revisions to our previous ESG-related disclosure or challenges in meeting evolving and varied regulatory and other stakeholder expectations and standards, which could expose us to liability or harm our reputation and prospects. Financial Risks Our operations can be difficult for us to predict because our quarterly results of operations may fluctuate significantly based on a number of factors. Our revenues, particularly certain of our cloud license and on-premise license revenues and hardware revenues, can be difficult to forecast. A substantial portion of our cloud license, on-premise license and hardware contracts is completed in the latter part of a quarter. Because a significant portion of our cost structure is largely fixed in the short term, sales and revenue shortfalls tend to have a disproportionately negative impact on our profitability. We typically have a number of large transactions each quarter, which increases 30 Table of ContentsIndex to Financial Statements the risk of fluctuations in our quarterly results. If we lose one or more of our key customers for any reason, or we experience a delay in even a small number of these large transactions, our quarterly sales, revenues and profitability could fall significantly short of our predictions. In addition, sudden shifts in regional or global economic or political activity may cause our sales forecasts to be inaccurate. In addition, we hold a portfolio of publicly traded equity investments and privately held debt and equity investments, including investments in Ampere Computing Holdings LLC (Ampere), a privately held related party entity in which we had an ownership interest of approximately 29% as of May 31, 2024. Any impairment charges and effect of changes in the fair values of certain of these investments are recorded as unrealized gains or losses as a component of consolidated net income in each period. The timing and amount of impairment charges or changes in fair value, if any, of these investments depends on factors beyond our control, including the perceived and actual performance of the companies or funds in which we invest, and are also subject to the general conditions of public and private equity markets, which are uncertain and have in the past varied, and may in the future vary, materially by period. Changes in the fair values of these investments, including Ampere, have contributed, and may in the future contribute, to volatility in our net income that is not reflective of our core businesses. Changes in the fair values of these investments have contributed, and may in the future contribute, to volatility in our net income that is not reflective of our core businesses. The amount of our investments in Ampere could increase in future periods for a variety of reasons, including due to the potential exercise of put options by our co-investors or call options by us. If either of these options are exercised by us or our co-investors, we would acquire control of Ampere and its results would be consolidated with our results of operations. Ampere has generated net losses in the past and we currently expect such entity to generate net losses in future periods that we may need to consolidate into our results of operations in future periods. Changes in currency exchange rates can adversely affect customer demand and our revenue and profitability. We conduct a significant number of transactions and hold cash in currencies other than the U.S. Dollar. Changes in the values of major foreign currencies, particularly the Australian Dollar, British Pound, Brazilian Real, Canadian Dollar, Euro, Indian Rupee, Japanese Yen and Saudi Riyal, relative to the U.S. Dollar can significantly affect our total assets, revenues, operating results and cash flows, which are reported in U.S. Dollars. Fluctuations in foreign currency rates, including the strengthening of the U.S. Dollar against the Euro and most other major international currencies, adversely affects our revenue growth in terms of the amounts that we report in U.S. Dollars after converting our foreign currency results into U.S. Dollars and in terms of actual demand for our products and services as certain of these products may become relatively more expensive for foreign currency-based enterprises to purchase. In addition, currency variations can adversely affect margins on sales of our products in countries outside of the U.S. Generally, our reported revenues and operating results are adversely affected when the dollar strengthens relative to other currencies and are positively affected when the dollar weakens. In addition, our reported assets generally are adversely affected when the dollar strengthens relative to other currencies as a portion of our consolidated cash and bank deposits, among other assets, are held in foreign currencies and reported in U.S. Dollars. In addition, we incur foreign currency transaction gains and losses, primarily related to sublicense fees and other intercompany agreements among us and our subsidiaries that we expect to cash settle in the near term, which are charged to earnings in the period incurred. We have a program which primarily utilizes foreign currency forward contracts designed to offset the risks associated with certain foreign currency exposures. We may suspend the program from time to time. As part of this program, we enter into foreign currency forward contracts so that increases or decreases in our foreign currency exposures are offset at least in part by gains or losses on the foreign currency forward contracts in an effort to mitigate the risks and volatility associated with our foreign currency transaction gains or losses. A large portion of our consolidated operations are international, and we expect that we will continue to realize gains or losses with respect to our foreign currency exposures, net of gains or losses from our foreign currency forward contracts, including the cost to obtain such contracts. For example, we will experience foreign currency gains and losses in certain instances if it is not possible or cost-effective to hedge our foreign currency exposures, if our hedging efforts are ineffective, or should we suspend our foreign currency forward contract program. For example, we will experience 29 Table of Contents Index to Financial Statements foreign currency gains and losses in certain instances if it is not possible or cost-effective to hedge our foreign currency exposures, if our hedging efforts are ineffective, or should we suspend our foreign currency forward contract program. Our ultimate realized loss or gain with respect to currency fluctuations will generally depend on the size and type of cross-currency exposures that we enter into, the currency exchange rates associated with these exposures and changes in those rates, whether we have entered into foreign currency forward contracts to offset these exposures and any related fees paid to purchase such contracts, and other factors. All of these factors could materially impact our results of operations, financial position and cash flows. 31 Table of ContentsIndex to Financial Statements We have incurred foreign currency losses associated with the devaluation of currencies in certain highly inflationary economies relative to the U.S. Dollar. We could incur future losses in emerging market countries and other countries where we do business should their currencies become designated as highly inflationary. There are risks associated with our outstanding and future indebtedness. As of May 31, 2024, we had an aggregate of $86.9 billion of outstanding indebtedness that will mature between calendar year 2024 and calendar year 2061. Our ability to pay interest and repay the principal for our indebtedness is dependent upon our ability to manage our business operations, generate sufficient cash flows to service such debt and the other factors discussed in this Risk Factors section. There can be no assurance that we will be able to manage any of these risks successfully. We expect to refinance a portion of our outstanding debt as it matures. There is a risk that we may not be able to refinance existing debt or that the terms of any refinancing may not be as favorable as the terms of our existing debt. Furthermore, if prevailing interest rates or other factors at the time of refinancing result in higher interest rates upon refinancing, then the interest expense relating to that refinanced indebtedness would increase. Should we incur future increases in interest expense, our ability to utilize certain of our foreign tax credits to reduce our U.S. federal income tax could be limited, which could unfavorably affect our provision for income taxes and effective tax rate. In addition, changes to our outlook or credit rating or a withdrawal by any rating agency could negatively affect the value of both our debt and equity securities and increase the interest amounts we pay on certain outstanding or future debt. These risks could adversely affect our financial condition and results of operations. Risks Related to Our Common Stock Our stock price could become more volatile and your investment could lose value. All of the factors discussed within this Risk Factors section could affect our stock price. The timing of announcements in the public market by us or by our competitors regarding new cloud services, products, product enhancements, technological advances, acquisitions or major transactions could also affect our stock price. Changes in the amounts and frequency of stock repurchases or dividends could affect our stock price. Our stock price could also be affected by factors, some of which are beyond our control, including, among others: speculation in the press, social media and the analyst community; changes in recommendations or earnings related estimates by financial analysts; changes in investors’ or analysts’ valuation measures for our stock; negative analyst surveys or channel check surveys; earnings announcements where our financial results differ from our guidance or investors’ expectations; our credit ratings; dissemination of inaccurate information or misinformation about our business and results of operations (including through the malicious use of generative AI tools); and market trends unrelated to our performance. Our stock price could also be affected by factors, some of which are beyond our control, including, among others: speculation in the press, social media and the analyst community; changes in recommendations or earnings related estimates by financial analysts; changes in investors’ or analysts’ valuation measures for our stock; negative analyst surveys or channel check surveys; earnings announcements where our financial results differ from our guidance or investors’ expectations; our credit ratings and market trends unrelated to our performance. The stock market in general, and the market for technology companies in particular, has experienced extreme price and volume fluctuations that have often been unrelated or disproportionate to the operating performance of those companies. A significant drop in our stock price could also expose us to the risk of securities class action lawsuits, which could result in substantial costs and divert management’s attention and resources, which could adversely affect our business. We cannot guarantee that our stock repurchase program will be fully implemented or that it will enhance long-term stockholder