Risk Factors Dashboard

Neither the foregoing nor the following “Summary of Material Risks” represents an exhaustive list of matters that may be covered by the forward-looking statements contained herein or risk factors that we are faced with. Forward-looking statements necessarily involve risks and uncertainties, and our actual results could differ materially from those anticipated in the forward-looking statements due to a number of factors, including those set forth below under Part I, Item 1A. “Risk Factors” and elsewhere in this Annual Report. All subsequent written and oral forward-looking statements attributable to us or persons acting on our behalf are expressly qualified in their entirety by the cautionary statements contained above and throughout this Annual Report. Prior to investing in our common stock, you should read this Annual Report and the documents we have filed as exhibits to this Annual Report completely and with the understanding that our actual future results may be materially different from what we currently expect.

The Company will continue to file annual, quarterly and current reports, proxy statements and other information with the Securities and Exchange Commission (the “SEC”). You should not place undue reliance on the forward-looking statements included in this report or that may be made elsewhere from time to time by us, or on our behalf. All forward-looking statements attributable to us are expressly qualified by these cautionary statements.

SUMMARY OF MATERIAL RISKS

Investing in our common stock is speculative and involves a high degree of risk. These risks are discussed more fully in Part I, Item 1A. “Risk Factors” and elsewhere in this Annual Report. We urge you to read Part I, Item 1A. “Risk Factors” beginning on page 19 in full. Our significant risks may be summarized as follows:

Risks Related to Our Industry and Business

Risks Related to Intellectual Property, Information Technology, Data Privacy, and Security

Risks Related to Regulation and Compliance

Risks Related to Our Relationships and Business with the Public Sector

General Risk Associated with Our Company

Risks Related to Our Securities

NOTE REGARDING COMPANY REFERENCES

Unless the context indicates otherwise, as used in this Annual Report, the terms “we,” “us,” “our,” “our company,” “Rank One Computing,” “ROC,” and “our business” refer to Rank One Computing Corporation and its subsidiaries.

Table of Contents

Part I

Item 1. Business

Executive Summary

ROC is an independent American artificial intelligence (“AI”) company redefining the global standard for Vision AI in identity, security, and digital forensics. Our Vision AI platform delivers real-time facial recognition, multimodal biometric verification, video analytics, and AI-powered evidence analysis to mission-critical organizations across private and public sectors. ROC’s biometric algorithms are routinely ranked by National Institute of Standards and Technology (“NIST”) as among the most accurate and computationally efficient globally. Our solutions outperform legacy foreign-built systems at a fraction of the cost, with faster deployment and stronger trust. As demand for trusted AI accelerates across law enforcement, defense, and regulated commercial sectors, ROC is scaling rapidly through a growing network of integrators and multi-year deals. We are expanding from a foundation of government leadership into high-growth commercial markets such as access control, physical security, and identity verification. Our international pipeline spans the Middle East, Asia–Pacific (“APAC”), and other strategic regions where national AI and identity investments are surging. With sovereign U.S. development, deep technical leadership, a vertically integrated platform, and proven field results, we believe ROC is positioned to become the category-defining leader in operational Vision AI.

Overview

ROC builds AI that sees, identifies, and interprets the physical world. Our focus is biometric identity, digital forensics, and real-time video analytics. In a market long dominated by foreign-built legacy platforms, ROC is executing a clear mission: to restore the United States as the global leader in Vision AI. We are displacing outdated, overpriced, foreign systems with American-built solutions that are leaner, more efficient, and more affordable. We believe ROC platforms routinely cost a fraction of legacy alternatives, yet deliver higher accuracy, faster deployment, and superior customer support — all while sustaining strong margins. This operational advantage is rooted in our disciplined model: we’ve never taken outside capital, and we build everything with purpose and precision.

ROC uses the term “Vision AI” as a branch of artificial intelligence focused on transforming unstructured visual data into structured, explainable insight. Vision AI is not generative or conversational. It is operational AI, built for accuracy, speed, and auditability. Whether it is deployed in a military checkpoint, a digital evidence lab, or a financial onboarding workflow, Vision AI enables real-time decisions with transparency and accountability. ROC’s product portfolio includes the following:

ROC’s algorithmic efficiency has long been a strategic advantage. Our AI models typically require only a fraction of the compute power that legacy platforms demand, allowing us to deploy faster, operate leaner, and scale without excess infrastructure. For example, an analysis published on February 20, 2024 of the National Institute of Standards and Technology (NIST) Evaluation of Latent Fingerprint Technologies (ELFT) showed that the ROC’s latent fingerprint algorithm was capable of searching a database more than 500 times faster than every other vendor who was benchmarked. Additionally, an analysis on March 8, 2023 of the NIST Face Recognition Vendor Test (FRVT) showed that the ROC face recognition algorithm ranked 61st out of 338 algorithms in hardware efficiency, while none of our key competitors ranked within the top 150 most efficient algorithms. Further, an analysis performed on February 15, 2023 of the NIST Proprietary Fingerprint Template (PFT) benchmarked that the ROC fingerprint algorithms had template comparison speeds that were the fastest of any vendor, and as much as 1000x faster than certain key competitors.

This advantage has enabled us to simplify system architecture while supporting extremely large deployments through our horizontally and vertically scalable enterprise search infrastructure. ROC is routinely measured by NIST as having the most accurate and computationally efficient facial and fingerprint recognition algorithms in the world — a rare combination that enables both unmatched performance and flexible deployment. We support secure, air-gapped installations as well as cloud-native delivery, and are actively attaining Criminal Justice Information Services (“CJIS”) and related compliance standards to support our growing federal and state customer base. Our engineering team includes experts who have built mission-critical systems for the Federal Bureau of Investigation (the “FBI”) and other agencies, ensuring our platforms are secure, interoperable, and optimized for rapid integration through exposed Application Programming Interfaces (“APIs”) and robust reference applications.

ROC’s mission and leadership emerged from the U.S. national security community. Prior to creating ROC, our founders, Brendan Klare and Joshua Klontz, worked within the facial recognition research group at Noblis, Inc., which is a science and technology services provider to leading U.S. national security agencies. Our founders’ work included supporting a major case study for the FBI, regarding the deployment of facial recognition technology during the course of the 2013 Boston Marathon Bombing investigation. Our CEO, B. Scott Swann, served an 18-year career with the FBI, where he fulfilled multiple executive roles, advancing technology to include Special Assistant in the FBI Director’s Office for the Science and Technology Executive Assistant Director; Executive Officer in the Office of the Director of National Intelligence; and Unit Chief at the FBI’s Criminal Justice Information Services Division. Mr. Swann led the FBI’s major case study on the Boston Marathon Bombing, through which he first met and worked with Mr. Klare and Mr. Klontz. Mr. Swann worked closely with the FBI’s CJIS division, the FBI’s central repository and search database for fingerprints and other biometric evidence.

Our growth now includes global financial companies, state and local public safety organizations, and large retail enterprises. We are rapidly expanding in access control, identity verification, and physical security applications — particularly in high-assurance and infrastructure-critical sectors. Our commercial business is scaling through an already mature channel network, and we are seeing increasing demand from global integrators who want to deliver ROC’s technology under their own brands. Our international pipeline is significant, with especially strong momentum in the Middle East and APAC regions, where governments are investing in next-generation identity and surveillance systems. These global opportunities are already driving business today and represent a substantial long-term growth vector.

On November 19, 2019, ROC published the Code of Ethics that addressed the use of our face recognition technology. To our knowledge, ROC was the first biometric vendor to adopt such code of ethics addressing the use of face recognition technology. Subsequently, ROC has incorporated the Code of Ethics into our software licensing agreements to provide a contractual means for limiting access to our technology if a licensee violates the Code of Ethics. From the beginning, we believed that transparency, accountability, and technical rigor must go hand in hand. We build with fairness and explainability in mind and design for environments where decisions must be auditable and justifiable. That said, the broader landscape is also shifting. Adoption of face recognition and Vision AI tools is accelerating across law enforcement, defense, and critical infrastructure. Agencies that once hesitated are now embracing these capabilities — supported by clearer governance, better training, and stronger results. This growing acceptance comes at an ideal time for ROC. We are entering the public markets as demand is breaking open, not just for AI, but for trusted, operationally proven AI.

ROC has been deliberately built from the ground up. Every employee has been carefully selected not just for skill but for alignment with our mission. Our team combines rising stars in artificial intelligence and Vision AI with senior engineers and practitioners who have delivered large-scale systems for the U.S. government and enterprise. We believe in talent density, small teams, and high-trust environments. Every contributor matters, and every contributor has a stake in ROC’s equity. This model has not only helped us outperform technically — it has helped us retain culture, focus, and resilience while competing against far larger and better-funded companies.

Corporate History

In 2015, ROC’s three co-founders filed the initial Articles of Incorporation as a Subchapter S Corporation with the State of Virginia as Rank One Computing Corporation. In 2018, ROC filed a Statement of Conversion with updated Articles of Incorporation with the State of Colorado and issued 10,000 shares of common stock. In 2021, ROC hired B. Scott Swann as ROC’s CEO. In 2022, ROC filed an Amended and Restated Articles of Incorporation with the State of Colorado to effect a 10 for 1 forward stock split and increase the authorized number of shares of common stock to 200,000. In 2024, ROC revoked its Subchapter S election. In 2025, ROC formed a wholly owned single member limited liability company, ROC Federal LLC, in the State of West Virginia. In 2026, ROC filed a Second Amended and Restated Articles of Incorporation with the State of Colorado to, among others, effect a 167 for 1 forward stock split, increase the authorized number of shares of common stock to 100,000,000 shares of common stock, and authorize 1,000,000 shares of preferred stock.

Vision, Industry, and Market Opportunity

ROC’s Vision

ROC operates at the intersection of several large and fast-growing technology markets – computer vision (Vision AI), biometrics, video analytics, and digital evidence management. These segments each experienced robust growth from 2023 through 2025, driven by advances in artificial intelligence (AI), increasing security and efficiency demands, and expanding government and commercial use cases. Below we present an analysis of each market, including U.S. and global market size estimates, growth projections, key demand drivers, emerging use cases, and relevant regulatory or technology trends. Our discussion also highlights how ROC’s strategic strengths – alignment with national security needs, efficiency in edge computing, and a multimodal AI platform – position us to capitalize on these industry dynamics.

ROC calculates our total addressable market (TAM) on a global basis, rather than limiting it to specific geographies, because its products and services address a fundamental and universal need that isn’t geographically constrained. Our digital business model allows for seamless expansion into new regions with minimal capital expenditure, making the entire global market addressable over time. This approach is consistent with industry practice for technology companies with scalable offerings but does present some uncertainties with respect to localized market opportunities. Based on market research provided by leading market researchers, including Fortune Business Insights, Straits Research, Grand View Horizon, and the Edge AI and Vision Alliance, the total addressable market in 2025 for ROC products and services, collectively, was approximately $106 billion, globally:

Vision AI Market

The global Vision AI market is expanding rapidly as AI-powered image and video understanding becomes mainstream across industries. In 2024, the global Vision AI market was estimated at approximately $15.8 billion. Longer-term projections show continued high growth: for example, one study projected the global market to grow from about $23.7 billion in 2025 to $108.9 billion by 2033, a Compound Annual Growth Rate (“CAGR”) of roughly 24.1%. Despite variations in forecasts, there is a broad consensus that Vision AI is a high-growth segment, with double-digit annual expansion expected through the decade.

The U.S. Vision AI market represents a significant portion of this opportunity. North America holds the largest regional share of the Vision AI market, with the United States alone accounting for an estimated 30.6% of global revenue in 2024. U.S. market size is substantial and growing and is driven by strong investment in AI across government and commercial sectors. Notably, North America has recently overtaken Asia-Pacific as the dominant force in the Vision AI market, reflecting increased adoption in the U.S. across applications from defense to retail.

Despite the United States leading the world in AI adoption and infrastructure, some of its biometric screening systems used by government agencies still rely heavily on foreign Vision AI algorithms. A French biometrics company provides fingerprint and facial recognition technology for the FBI’s NGI program, the DOD ABIS, Department of State consular systems, NCTC watchlisting, and many state and local systems. A Japanese biometrics company delivers facial biometric software for DHS entry and exit programs and CBP passenger matching, while another French biometrics company supports additional DHS identity operations. Chinese biometrics companies have significant market presence in Southeast Asia and Africa, often providing technology at extremely low cost or even free in exchange for influence and control over national security systems. Russian companies provide high accuracy facial recognition tools that are deployed globally.

Key growth drivers in Vision AI include:

Emerging use cases are driving incremental growth. For example, in smart cities, Vision AI systems monitor traffic, detect accidents, and enhance public safety. In retail, Vision AI is used for frictionless checkout and shelf stock analysis. Facial recognition and object detection in live video streams are now deployed for access control and threat monitoring in airports, schools, and businesses. Such applications illustrate the proliferation of Vision AI into everyday infrastructure. Notably, the object detection sub-segment is expected to be one of the fastest-growing in coming years, as organizations seek real-time situational awareness from video data.

Technology and regulatory trends are shaping the Vision AI landscape. One significant trend is the shift toward edge computing – moving vision AI processing from cloud data centers to local devices and cameras for lower latency and improved privacy. Modern deployments often demand runtime efficiency on edge hardware (such as surveillance cameras, drones, or mobile devices) rather than reliance on constant cloud connectivity. This plays to ROC’s strength in efficiency at the edge, as our algorithms are optimized for high performance on-device. Indeed, the edge-enabled portion of the video analytics market is projected to grow at approximately 34% annually, far outpacing overall market growth, as organizations embrace on-premise and on-device AI to reduce bandwidth costs and address data sovereignty concerns. Another trend is convergence of multimodal AI – combining Vision AI with other sensor inputs (such as audio or biometrics) to enrich analysis. Our multimodal platform approach aligns with this, allowing clients to integrate face recognition, object tracking, and other modalities in one solution.

Regulatory factors are also coming into focus. There is increasing scrutiny on the use of AI and surveillance. For example, the European Union(“EU”)’s proposed AI Act and various state-level laws in the U.S. aim to ensure transparency and accountability in AI systems, especially those used for facial recognition or security monitoring. Privacy regulations (like the GDPR and U.S. state privacy acts) impose requirements on handling image data, requiring vendors to build compliance (data anonymization, consent management, etc.) into their vision solutions. While such regulations could moderate certain uses (e.g., restricting facial recognition in public spaces), they are also expected to favor vendors with trustworthy practices and high accuracy. ROC’s focus on accuracy and its U.S.-made, trusted technology is a strategic asset as customers navigate these regulatory expectations. Overall, the Vision AI market’s growth trajectory remains strong, underpinned by technological advancement and expanding use cases, and our edge-efficient, security-aligned platform is well positioned to benefit from these trends.

Biometrics Market

The global biometrics market – which includes facial recognition, fingerprint, iris, voice recognition and other identity technologies – is experiencing robust expansion, underpinned by rising security demands and widespread adoption in both government and consumer applications. In 2024, the global biometrics market reached an estimated $50.08 billion in revenue and is predicted to increase from $60.32 billion in 2025 to approximately $307.24 billion by 2034, expanding at a CAGR of 19.89% from 2025 to 2034. This sustained growth outlook reflects how integral biometrics have become in modern security, fintech, and identity systems worldwide.

The U.S. biometrics market is one of the leading national markets, fueled by strong government and commercial uptake of biometric technologies. In 2023, the U.S. biometric technology market generated approximately $7.6 billion in revenue, accounting for about 18% of the global market. U.S. biometrics spending is forecast to accelerate with roughly 18% CAGR through 2030, reaching an estimated $24+ billion by 2030. This suggests the U.S. market could approach an approximately $10 billion annual run-rate by the mid-2020s, given current growth rates. North America as a whole is currently the largest regional market for biometrics, ahead of Asia-Pacific. Key U.S. growth drivers include federal and local government programs (e.g., enhanced border control systems, FBI Next Generation Identification upgrades), financial services deploying biometrics for fraud prevention, and the private sector’s embrace of biometric access control and authentication. ROC’s national security alignment is pertinent here – U.S. government and defense agencies are major buyers of biometric solutions for homeland security and military applications, and there is increasing preference for American-made, reliable technology in these sensitive deployments.

Key demand drivers in biometrics include:

With these drivers in place, emerging use cases for biometrics are expanding beyond traditional security. In financial services, biometrics are used for seamless customer onboarding (eKYC) and transaction authentication (e.g., facial recognition for mobile payments). In healthcare, hospitals use biometrics to verify patient identity and secure access to health records. Workplaces are replacing badge swipes with facial or iris scans for attendance and secure entry. Even the travel industry is rolling out biometric boarding gates and luggage drop-offs to improve passenger flow. Each new application domain introduces biometrics to a wider user base, reinforcing the overall market growth.

Several market dynamics and trends are notable in biometrics. One is the emphasis on privacy and data protection. As biometric data (like fingerprints or face templates) becomes widespread, regulators are enacting laws to protect it. For example, the Illinois Biometric Information Privacy Act (the “BIPA”) in the U.S. imposes strict requirements on private companies collecting biometrics, and Europe’s GDPR treats biometrics as sensitive data. These regulations are prompting the industry to adopt privacy-by-design practices – e.g., on-device processing (so raw biometrics are not sent to the cloud), data encryption, and user consent frameworks. ROC’s efficient edge algorithms are able to address these concerns by enabling biometric matching to occur locally on devices or secure servers, minimizing data exposure. Likewise, accuracy and bias mitigation have become crucial: there is growing regulatory and public scrutiny to ensure facial recognition algorithms are unbiased and accurate across demographics. ROC’s top-tier accuracy (as evidenced by NIST evaluations) and demographic benchmarking (as evidenced by NIST evaluations) position us well as clients demand high-performing solutions.

Another trend is Biometrics-as-a-Service (BaaS) and cloud platforms for biometrics. Enterprises that do not want on-premise infrastructure are turning to cloud-based biometric APIs for functions like identity verification. This is expanding the market to new users (e.g., online retailers adding fingerprint login via a service). ROC’s flexible deployment models – on-premise for sensitive government clients or cloud/containerized for commercial clients – align with this shift. Finally, the convergence of biometrics with broader digital identity ecosystems is accelerating. Biometrics are increasingly used alongside digital wallets and identity documents for a holistic ID solution (for instance, using face recognition to unlock a mobile driver’s license app). This convergence is creating opportunities for platforms that can handle multimodal inputs and integrate with various identity data sources. Overall, the biometrics market’s strong growth is underpinned by its central role in security and convenience, and ROC’s strengths in multimodal, high-accuracy and edge-capable biometrics align tightly with where the industry is headed.

Video Analytics Market

The video analytics market – comprising AI-driven analysis of video feeds for security, surveillance, and business intelligence – is experiencing rapid growth as organizations increasingly seek to extract actionable insights from the vast amounts of video data being collected. Globally, the video analytics market was valued at around $10.25 billion in 2024. This market is on a steep upward trajectory: it is projected to reach approximately $48.94 billion by 2032 according to various forecasts. For example, Fortune Business Insights estimates the global market will grow at a 21.8% CAGR from 2025 to 2032, reaching $48.9 billion by 2032. An even longer-range analysis by Precedence Research projects the market to expand at roughly 22.6% CAGR through 2034, ultimately hitting $94.5 billion by 2034. In summary, industry analysts expect roughly a 20–23% annual growth rate in the video analytics sector over the next several years, making it one of the fastest-growing areas of the AI market.

Within this, the U.S. video analytics market is particularly significant and is growing briskly. North America led the world with about 40% of the global video analytics market share in 2024. The United States, as the largest contributor in North America, had an estimated market size of $3.45 billion in 2024. U.S. video analytics revenue is forecast to grow at approximately 22–23% CAGR going forward, in line with global trends, reaching around $7–8+ billion by 2027 and approximately $27 billion by 2034. This high growth is fueled by the widespread deployment of AI analytics in security systems across U.S. cities, airports, retail stores, and federal projects. In fact, the United States currently utilizes video analytics more than any other country, thanks to strong enterprise investment and public sector spending on smart surveillance. Major U.S.-based technology players and defense integrators in this space (e.g., Cisco, IBM, Motorola Solutions/Avigilon) further catalyze domestic adoption through innovation and large project rollouts. ROC’s close alignment with the U.S. government and law enforcement needs – a segment that heavily uses video analytics for threat detection and situational awareness – gives us strategic advantage in this growing home market.

Key demand drivers in video analytics include:

In terms of emerging trends and use cases, an important development is the integration of video analytics with cloud and edge computing architectures. Many organizations are shifting from purely on-premise video management to hybrid models where some analytics run on camera devices or edge gateways (for immediate response), while heavier processing or aggregated trend analysis runs in cloud platforms. This allows scalability and flexibility – routine tasks can be handled at the edge, reducing bandwidth usage, while cloud systems can apply deeper analytics or archival searches. ROC’s strength in delivering efficient analytics on the edge (e.g., on cameras or mobile devices) aligns with this trend; our solutions can run AI on low-power devices, enabling real-time alerts even when connectivity is limited. Industry forecasts specifically highlight edge-enabled video analytics as a high-growth subsegment (projected to reach approximately $75 billion by 2030 from just $5 billion in 2021), reflecting how vital edge computing is becoming in this market.

Another trend is consolidation and platformization. Initially, the video analytics space saw many niche vendors offering point solutions (license plate recognition, people counting, etc.), but we are now seeing consolidation into more comprehensive platforms. Customers (especially large city or enterprise deployments) prefer integrated suites that can handle multiple analytics functions and camera types under one umbrella. This favors companies like ROC that offer a broad multimodal analytics platform – for example, our software can perform facial recognition, object detection, and forensic video search in one system, whereas a piecemeal approach would require several separate tools. The trend toward unified video analytics and evidence platforms (often tying into video management systems, VMS, used by security teams) plays to our advantage as a one-stop provider.

Regulatory and societal factors also affect the video analytics domain. Public privacy concerns are leading to calls for transparency in how video AI is used. Cities deploying facial recognition in cameras, for instance, have encountered pushback leading to moratoriums in some jurisdictions. We anticipate regulations may require measures like bias testing of algorithms, audit logs for how AI alerts are generated, and perhaps restrictions on certain uses (e.g., real-time face ID in public without warrants). At the same time, regulatory mandates can drive adoption: a growing number of local laws require retention and review of surveillance footage (for accountability), which in practice necessitates intelligent video management. For example, several U.S. states now mandate police body-worn cameras and proper handling of the footage, greatly expanding the volume of video that departments must review and store – a challenge that practically demands advanced video analytics and evidence management tools. ROC’s audit capabilities and high-accuracy algorithms to minimize misidentifications and our strong public safety domain knowledge position us to navigate these regulatory trends. In summary, the video analytics market is expected to continue its strong growth, driven by security imperatives and expanding analytic applications, and ROC’s efficient, comprehensive edge analytics platform is aligned with the key technological and market shifts in this sector.

Digital Evidence Management Market

The digital evidence management market involves software and cloud solutions used by law enforcement, legal agencies, and enterprises to store, manage, analyze, and secure digital evidence. This includes handling data such as surveillance videos, body-camera footage, audio recordings, photos, and electronic documents in a manner that preserves integrity for investigations and court proceedings. With the surge of digital data in policing and compliance, this market has grown into a substantial segment on its own. In 2023, the global digital evidence management (“DEM”) market was valued at around $7.5–7.7 billion. Forecasts predict the global DEM market to climb to approximately $13–15 billion by 2028–2029, and around $19 billion by the early 2030s, equating to a solid double-digit CAGR in the 10–12% range over the next decade. For example, The Business Research Company projects the market to grow at 11.9% CAGR through 2029, reaching $14.8 billion in 2029, while other analysts looking out to 2032–2033 see growth continuing at similar rates to over $19 billion. This indicates a steady and resilient expansion, as managing digital evidence has become mission-critical for modern policing and regulatory compliance.

The U.S. market for digital evidence management is a major component of the global total, given the large number of law enforcement agencies and the early adoption of body cameras and digital forensic tools in the United States. North America is currently the largest regional market for digital evidence management solutions. This leadership is due in part to U.S. public safety agencies investing heavily in body-worn cameras, dashcams, and cloud-based evidence systems in recent years. While exact U.S.-only market size figures for 2023–2025 are less reported, North America’s dominance suggests the U.S. accounts for a significant share (likely on the order of one-third to half of global demand). For context, industry reports note that the global body-worn camera and DEM market reached about $1.85 billion in 2023, much of which is U.S.-driven. Eight U.S. states now have laws mandating police use of body cameras, which directly expands the need for digital evidence storage and analysis. Moreover, leading vendors in this space are U.S.-based (for example, Axon (formerly Taser International) provides the dominant cloud evidence platform for police, and companies like Motorola Solutions and Safe Fleet are key providers), underscoring U.S. market strength. We expect the U.S. will remain a growth engine for DEM, as more agencies phase out old manual evidence processes in favor of modern digital management systems. ROC’s national security alignment and relationships in U.S. law enforcement technology position us well in this regard – our solutions can complement and integrate with digital evidence platforms, adding AI-driven analysis (e.g., face recognition in forensic video) to the evidence management workflow.

Demand drivers in digital evidence management are primarily rooted in the increasing volume and importance of digital evidence in both criminal justice and corporate settings:

Given these drivers, emerging use cases and trends in the DEM market include the integration of advanced analytics and cloud technologies. There is a trend toward embedding AI analytics within evidence management platforms – for example, using face recognition or object detection to automatically index video evidence so investigators can quickly search for a suspect across hours of footage. ROC’s technology contributes here: our algorithms can process video evidence within these systems to identify persons of interest or to redact faces for privacy when releasing footage, adding significant value to the raw storage function of DEM. Another trend is the migration to cloud-based evidence management. Traditionally, evidence was stored on DVDs or on-premises servers, but now many agencies are moving to CJIS-compliant cloud solutions (such as Axon Evidence.com or similar) that offer scalability and remote access. Cloud deployments allow evidence to be accessible “anytime, anywhere” with proper credentials, which proved especially useful during the pandemic and continues to be attractive for distributed law enforcement operations. This has been a major driver for market growth as well, since cloud-based models often operate on subscription, making it easier for smaller agencies to come on board without large upfront IT investments. However, this shift also raises the importance of data security – DEM vendors emphasize encryption and compliance to ensure evidence is secure in the cloud. We anticipate continued growth in cloud and hybrid evidence management models, and ROC’s software is designed to integrate with both on-premise and cloud workflows, aligning with this trend.

On the regulatory side, as mentioned, mandates like body-worn camera requirements in various states directly boost this market. There is also likely to be increasing standardization and certification around digital evidence handling (for example, standards for hashing evidence files to verify integrity, or accreditation of cloud evidence systems for law enforcement use). These create a need for vendors to meet high reliability and security benchmarks. ROC’s focus on national security and law enforcement means we are attuned to these requirements – for instance, our software can operate within air-gapped secure networks and produce logs that support evidentiary standards, which is attractive to government clients facing stringent regulations.

Finally, a noteworthy trend is the convergence of digital evidence management with biometrics and video analytics – essentially building end-to-end solutions from evidence capture to analysis. Agencies increasingly seek a unified platform where, for example, a piece of video evidence can be instantly analyzed for faces or objects and then tagged for easy retrieval in an investigation. ROC’s multimodal analytics abilities position us well in this converging landscape. We can augment digital evidence systems with face recognition (one of our core offerings) to automatically identify individuals across an archive of video evidence, or with AI object search to find vehicles, etc., thereby significantly enhancing the utility of stored evidence. We view this convergence as a key opportunity: the industry is moving toward comprehensive digital policing platforms that incorporate collection, management, and analytic exploitation of evidence. Our edge-efficient algorithms and multimodal approach can plug into these systems, fulfilling agencies’ desire for one integrated solution that covers everything from capturing evidence to drawing investigative insights from it.

In summary, across all four segments – Vision AI, biometrics, video analytics, and digital evidence management – the market dynamics from 2023 through 2025 are characterized by strong growth and evolving needs that align closely with ROC’s strengths. Global and U.S. market sizes in each area are expanding at double-digit CAGRs, fueled by technological advancements and urgent demand for AI-driven security and automation solutions. Key drivers (security requirements, data proliferation, automation, and efficiency imperatives) and emerging uses (from smart cities to forensic analytics) are creating a fertile environment for growth. We expect regulatory developments to continue shaping these markets, with increasing emphasis on trusted and high-performance solutions – precisely the space where ROC focuses. With our American-made, security-centric approach, edge computing efficiency, and multimodal AI platform, we believe we are uniquely positioned to capitalize on these trends. We can serve the growing call for AI at the edge in vision applications, deliver the multi-biometric capabilities that customers increasingly require, and integrate into the digital evidence ecosystems that law enforcement and others are building. This alignment with market direction provides a strong foundation for our growth, giving investors insight into the considerable market opportunity we are targeting and our strategic fit within it.

Sources: Global and U.S. market size estimates and CAGRs are drawn from industry research and forecasts. Key trends and drivers are supported by recent analyses highlighting technology adoption and sector demand factors. These data points underscore the robust growth and dynamic environment in which ROC operates, as detailed in the above industry analysis.

Our Competitive Strengths

Our greatest strength is the caliber of our team - executive leadership (with decades of experience in computer vision and machine learning algorithms, software engineering, and national security), our career professionals (Ph.D.’s in Computer Science and software engineers with multi-decade careers in systems deployment and government research), and our junior team members (elite talent with demonstrated capacity to become future organizational leaders). Our team is built on connections that have spanned long before ROC was ever founded. There is trust and deep connection across our team, which has resulted in the long-term 90% retention of our key talent. Our team further offers us an extreme edge in the recruitment of additional talent as ROC grows.

The byproduct of the caliber of our team is a compounding set of additional competitive strengths that grow each year through the strategic knowledge of customer requirements in national security and public safety sectors possessed by our Chief Executive Officer (“CEO”) and others key leaders. In turn, these requirements and roadmaps fuel our product features which are executed by the research and engineering teams (led by our cofounders and other key leaders). Together, we have been able to build products from the ground up that are designed for mission impact and deliver products that work in the environments where it matters most. Our ability to consistently outperform incumbent vendors, integrate across use cases, and remain cost-efficient gives us a unique position as both a category leader and category disruptor. Across sectors and continents, we are earning trust not just for our performance, but for the way we operate — with precision, accountability, and integrity.

More specifically, there are five key competitive strengths of our business.

First, our products are differentiated through architectural and algorithmic efficiency that directly translates into operational and economic advantages. ROC’s AI models consistently rank among the most accurate and efficient in global government benchmarks, enabling our solutions to perform under constraints where others cannot. Our software can run on smaller, lower-power devices — including mobile systems and edge appliances — without sacrificing performance. That means ROC can deliver identity and visual intelligence at the point of capture, in the field, without relying on constant cloud access or expensive infrastructure. This capability is critical to our customers in defense, public safety, and frontline commercial operations, where connectivity is limited and real-time decision-making is essential. It also translates into lower infrastructure costs, making our solutions attractive not just for their speed and accuracy, but for their long-term affordability and efficiency.

Second, we are not simply a software vendor — we are a platform company. Our system is built from the ground up to unify what has long been fragmented use cases in identity systems and analytics. In the past, for example, governments and enterprises needed one or more vendors for multi-biometrics algorithms (face, finger, iris), another vendor for computer vision algorithms such as license plate recognition or threat detection (e.g., weapons detection). Further, the application systems to deploy these core algorithms are often fragmented across different vendor. ROC consolidates all of these capabilities into a single growing platform that enables wide ranging use-cases from real-time video analytics, national and enterprise scale identification systems, mobile identity verification, and analysis of forensic evidence. Further, our software is designed to easily integrate and operate alongside legacy technologies and systems. Altogether, this means fewer contracts, fewer integration headaches, and a dramatically improved user experience for mission operators. Our modular platform can be deployed on the cloud, on-premises, or on the tactical edge, and integrates easily with existing systems. For many customers, this is the first time they can manage identity, video, and investigative intelligence from a single pane of glass. Most importantly, this architecture is built to scale. ROC powers large-scale enterprise deployments across private and public cloud environments with significantly less infrastructure overhead than our competitors. Whether supporting a single agency or an entire nation, our platform offers the flexibility, performance, and efficiency to meet the mission at any scale.

Third, we are proudly and entirely U.S.-built. While we license our technology globally, our primary customer markets are in the U.S., and these markets have long been dominated by foreign providers and black-box AI models. ROC offers an alternative that is transparent, accountable, and aligned with U.S. national security priorities. Our software is developed and maintained in the United States, with no offshore dependencies. We have earned the trust of customers who operate in the most sensitive environments in the world, including, but not limited to, major components of the U.S. Department of Defense. These institutions do not just buy software; they invest in partners who can meet the highest bars for explainability, privacy, and lawful deployment. We do not take that responsibility lightly. To our knowledge, ROC was the first facial recognition company in the United States to publish a code of ethics addressing the use of face recognition technology. We believe transparency builds trust, and trust builds markets.

Fourth, we are designed to be affordable — not by compromising on performance, but by eliminating unnecessary bloat. ROC has never taken venture capital or debt financing. Unlike many competitors weighed down by too much reliance on investor capital, inflated overhead, or long repayment schedules, our organic growth has allowed us to stay lean, generally profitable, and focused on delivering maximum value to our customers. The efficiency required to operate our business in a cashflow positive manner for the last decade means we know we can generally build our software at less cost and higher effectiveness than our competitors. And this allows us to deliver enterprise-grade systems at a fraction of the cost of legacy vendors. Combined with our algorithmic efficiency, which minimizes compute requirements and infrastructure overhead, ROC delivers one of the lowest total costs of ownership in the market. That matters not only to resource-constrained government agencies and mid-sized enterprises, but also to global partners building large-scale identity and evidence ecosystems. We give our customers more performance, more transparency, and more control — for less.

Finally, we believe that competitive strength starts with people. ROC was built by engineers and practitioners who have spent their careers designing and delivering mission-critical systems. Many of our team members come from the FBI, the military, and top AI research labs. Nearly half of our Company consists of software engineers, with more than 20% holding advanced degrees in artificial intelligence related specialties like machine learning. That technical density enables us to move fast, build securely, and outperform on the hardest problems. Our leadership team combines startup grit with government credibility, and our culture emphasizes shared mission, long-term thinking, and operational discipline. We have remained profitable without raising outside capital and have maintained extremely low turnover, even while scaling. This is not accidental — it’s a reflection of the purpose and pride that defines our work. Our customers feel that difference in every interaction.

Taken together, these strengths — technical, architectural, operational, and cultural — give us a unique and defensible position in the rapidly expanding market for identity and visual intelligence. We are not chasing hype cycles. We are building the infrastructure of trust in the AI era.

Our Challenges

As ROC scales from an organically grown, component-led company into a platform leader in operational AI, we face a series of strategic, operational, and financial challenges that must be addressed with discipline and foresight. While we are confident in the strength of our technology, culture, and customer relationships, we also recognize that our next phase of growth brings new complexities that demand focus and agility.

1. Navigating Rapid Growth While Preserving Culture and Performance

ROC has grown significantly in recent years, and we expect this acceleration to continue. Our transition from a lean, component-driven company to a full-stack platform provider — with global customers and increasingly large contracts — is putting pressure on our internal systems, processes, and team dynamics. As we scale our product offerings and customer base, we must continue to invest in infrastructure, hire talent at a high bar, and maintain the cultural DNA that has powered our success to date. Failure to do so could lead to operational inefficiencies, talent dilution, or delays in execution.

Managing this growth requires thoughtful organizational design. We must preserve the responsiveness and technical rigor that define ROC, even as we adopt more formal structures around delivery, compliance, and quality assurance. We believe we can scale without becoming bureaucratic, but this will require continual calibration of our processes and priorities.

2. Scaling Revenue Across Government and Commercial Sectors

To date, much of ROC’s revenue has been earned through a high volume of smaller contracts — pilot programs, phased deployments, or integrations scoped to single use cases or agencies. While this approach has built strong technical credibility and fostered deep customer relationships across multiple government segments, it has also led to lumpy, non-recurring revenue streams that limit predictability and scale.

We believe the next stage of ROC’s growth will be driven by larger, multi-year government contracts. These engagements will provide stronger revenue foundations, longer contract terms, and higher dollar values per customer. However, a key challenge remains: securing our first wave of anchor reference accounts for full-scale national systems. While we are deeply embedded with many government customers today, these engagements have yet to convert into the flagship, multi-year programs that will define our revenue trajectory. Winning that first set of major, referenceable deployments — particularly in civil ID, public safety, and defense intelligence — is a strategic imperative.

We do not believe this opportunity lies solely in the commercial sector. We anticipate that our federal sector — particularly at the intersection of national security, digital evidence, and identity infrastructure — will unlock larger and more sustained revenue opportunities than any we have seen before. In anticipation of this growth, in 2025, we launched ROC Federal LLC, a wholly owned subsidiary designed to manage sensitive U.S. government programs with enhanced focus and operational discipline. ROC Federal allows us to better isolate classified or sensitive workstreams, maintain rigorous security controls, and operate with the dedicated compliance posture expected by U.S. federal customers. This structure positions us to pursue larger federal contracts with greater agility, scalability, and assurance.

At the same time, our commercial sector brings a different set of challenges. As we transition from selling high-performance biometric components to offering complete platforms — for access control, identity verification, and digital case management — we must compete against both incumbent vendors and internal development teams within large enterprises. Commercial customers often evaluate pricing, integration ease, and support differently than public sector clients. Many of our commercial wins to date have come through channels and integrators, which we will continue to support. But to scale recurring revenue, we must evolve our go-to-market model, emphasize product-led growth strategies, and invest in post-sales success and renewal. The shift from component licensing to full solution sales — and from upfront fees to SaaS and managed services — is an organizational and operational transformation that will take time to fully realize.

3. Winning in a Fragmented and Competitive Market

We operate across several highly competitive technology segments, including biometrics, computer vision, and digital evidence management. Many of our competitors are significantly larger, have deeper entrenchment in government contracts, and/or have operated for years with limited competition due to inertia in procurement processes. While these incumbents have long dominated identity infrastructure and surveillance markets, they are increasingly vulnerable, and ROC is well positioned to challenge them.

In many ways, the legacy players have made our opportunity easier. Several have significantly reduced investment in research and innovation. Their product portfolios are aging, and many rely on monolithic architectures that are expensive to scale and difficult to integrate. Customer satisfaction across these legacy platforms is declining — with persistent complaints around licensing complexity, slow delivery timelines, poor support, and outdated UI/UX design. We are regularly approached by former customers of these providers looking for faster, more transparent, and mission-aligned alternatives.

Yet even in this environment, displacing an incumbent remains difficult. Government agencies and large enterprises often favor the status quo, especially when switching platforms requires retraining, re-certification, or data migration. In the public sector in particular, change requires leadership — and in many cases, courage. Despite clear performance and cost advantages, ROC still encounters instances where agencies bypass competitive bidding in favor of sole-source justifications to foreign providers. These decisions often reflect outdated assumptions or perceived risk mitigation, but they have real consequences: reinforcing dependency on foreign black-box systems and denying emerging U.S. platforms the opportunity to compete on merit.

We do not accept this dynamic as inevitable. ROC is committed to working constructively with government buyers and procurement officers to advocate for open competition, transparency, and accountability. We are not asking for special treatment — only for a fair chance to compete. And in the current political environment, where there is growing bipartisan support for domestic technology alternatives and supply chain sovereignty, we believe this message is resonating.

Winning in this market will require more than technical superiority. It will require strategic persistence, policy engagement, and active partnership with customers willing to lead transformation. We are ready for that challenge — and increasingly, so are our customers.

4. Balancing Focus Across Government, Commercial, and International Markets

Unlike many peers who serve only one sector, ROC is positioned to lead in public sector, commercial, and international markets simultaneously. This is a strength but also a challenge. Each vertical has unique customer expectations, procurement models, pricing sensitivities, and compliance requirements.

Nowhere is this challenge more evident than in our international expansion strategy. Historically, ROC’s global footprint has been anchored by high-performance component sales — primarily SDKs and algorithms integrated by international partners. These wins have built brand recognition across multiple continents, but they did not demand the same level of delivery complexity or support infrastructure required by full-system deployments.

Today, we are seeing robust global demand not only for our multimodal biometric capabilities, but also for ROC’s video analytics platform, particularly in use cases involving border surveillance, forensic triage, and real-time threat detection. Across regions including Southeast Asia, the Middle East, Africa, Canada, and Mexico, governments and integrators are seeking full-stack identity and video solutions that combine ROC’s core engines with complete user-facing systems and infrastructure integration. These markets represent a highly qualified near-term pipeline, but they also require a step-change in how we deliver, support, and maintain our offerings across borders.

Delivering turnkey solutions — including hardware-integrated appliances, cloud or air-gapped deployment, on-site installation, and multiyear support — will require scaling international teams, building regional partnerships, and evolving our internal structures for global compliance and operations. This is a meaningful expansion of our current model. Corporate entity creation, export controls, data sovereignty, channel coordination, and multi-lingual support each add complexity. Moreover, while many of these international opportunities are with allied governments and trusted integrators, geopolitical considerations and regional stability risks must be carefully managed.

If we are to become the global alternative to legacy biometric and surveillance incumbents, we must invest heavily in our international operating model. That includes building delivery infrastructure abroad while preserving our commitment to accuracy, transparency, and ethical deployment at a global scale.

5. Adapting to Public Market Scrutiny and Infrastructure Demands

As a newly-public company, we must adapt to a new level of transparency and operational discipline. This includes building and maintaining Sarbanes–Oxley Act of 2002–compliant internal controls, maturing our financial systems, and expanding our compliance functions. Our leadership team will need to allocate time and resources to these areas, while continuing to drive growth and innovation.

The demands of public company governance, investor relations, and quarterly reporting represent a meaningful shift in how ROC operates. Our ability to meet these expectations, without compromising on speed or customer intimacy, is essential to our long-term success.

6. Navigating Ethical Expectations and AI Risk Perception

We operate in one of the most scrutinized sectors of artificial intelligence. The use of facial recognition, video analytics, and other identity technologies — including automated license plate recognition (“ALPR”) — carries real societal impact and is subject to evolving legal, ethical, and political scrutiny. These technologies, when improperly deployed, raise complex questions about civil liberties, surveillance, and bias. While our products are designed for responsible use, the public discourse surrounding them is often shaped by misinformation, lack of context, or high-profile misuse by others.

We have taken early leadership in articulating clear boundaries and safeguards around how our technologies should be deployed. ROC was an early advocate of the ethical development and use of AI for facial recognition and published the Code of Ethics in November 2019. We continue to build systems that prioritize transparency, explainability, and privacy-by-design principles. But expectations are growing — not just from our customers, but from the public and regulators worldwide.

Laws such as the BIPA in Illinois and the GDPR in the European Union impose stringent requirements on the collection, storage, and use of biometric and personally identifiable information. These laws, along with emerging frameworks in Canada, the U.K., and California (under the CPRA), are shaping how ROC must operate across jurisdictions. While our systems are engineered to comply with these frameworks — including audit logging, access controls, and data minimization features — compliance is not static. As regulation continues to evolve, we must stay ahead of shifting legal interpretations and invest proactively in adaptable architecture and documentation.

In addition, ALPR — one of our fast-growing computer vision capabilities — presents its own set of public acceptance challenges. In some jurisdictions, plate recognition has faced backlash over perceptions of overreach, profiling, or lack of oversight. While ROC’s ALPR technology is built with safeguards and settings parameters, its inclusion in broader surveillance systems may raise questions for civil liberties groups or the press. It is our responsibility to ensure that these technologies are used for legitimate, narrowly defined public safety purposes, and that our customers understand how to deploy them responsibly.

Ultimately, we must continue to lead not just technically, but morally — ensuring that our technology is used responsibly and that we are prepared to respond to any reputational or regulatory challenges. This includes investing in transparency, auditability, and partnerships with stakeholders who shape policy and public trust. The companies that thrive in this space will be those that treat ethical leadership as a competitive advantage. We intend to be one of them.

Competition

We operate in intensely competitive markets that span biometric identity, computer vision, digital evidence, public safety, defense, and identity verification. These sectors are occupied by multinational incumbents, highly capitalized startups, and integrated platform providers with decades-long relationships in both public and commercial sectors, including IDEMIA, NEC, Tech 5, and Paravision. Many benefit from scale and name recognition, but also carry the weight of legacy systems, foreign-sourced AI components, and architectures that no longer meet the evolving standards of performance, security, and transparency.

Ironically, in many cases, these industry giants have made our job easier. Their retreat from sustained research investment, shrinking support teams, and reduced delivery performance have left a noticeable void. Customers often describe stagnant roadmaps, weak responsiveness, or hidden model behaviors that erode trust. As these shortcomings have become more visible, the opportunity for ROC to emerge as a reliable, modern, and mission-aligned alternative has accelerated.

In biometric identity, where precision and speed matter most, ROC delivers top-tier algorithmic performance validated through independent testing—all while maintaining low computational overhead. Our solutions are built to run on edge devices, integrate flexibly with existing infrastructure, and adapt quickly to changing operational conditions. In the realm of video analytics and digital evidence, we deliver unified capabilities—real-time facial recognition, object and license plate detection, threat alerting, and post-event forensic search—in a single, streamlined software stack. These tools are optimized for the frontline user, not just for performance benchmarks.

Public safety deployments are a clear example of where ROC’s simplicity, accuracy, and cost-efficiency have outperformed slower, more complex alternatives. While others require proprietary hardware or siloed platforms to enable their solutions, ROC deploys on existing networks and infrastructure, reducing total cost of ownership and accelerating time to value. We offer edge deployment and local data governance to meet the privacy needs of communities and institutions alike.

In the federal space, we do not view the large systems integrators as competitors, but as vital partners. Most federal programs award implementation and delivery to major integrators who then rely on best-in-class technologies to fulfill mission objectives. ROC is often selected in this capacity—trusted to deliver U.S.-made, testable, and secure AI capabilities that support national security, intelligence, and defense missions. Our alignment with federal objectives and our proven record of operating in classified environments continue to strengthen our position across the government ecosystem.

In the commercial sector, we are seeing growing demand for ROC’s biometric and AI solutions in industries such as financial services, healthcare, logistics, retail, and telecommunications. As identity verification becomes central to digital onboarding, fraud prevention, and customer trust, organizations are moving away from black-box third-party platforms toward solutions that offer transparency, modularity, and compliance. Early commercial providers in this space are now facing mounting pressure from customers who expect significantly lower transaction costs—something these bloated providers struggle to deliver due to complex architectures and deep reliance on third-party components. Many of their systems are cobbled together from multiple vendors, making cost reduction and performance optimization difficult.

By contrast, ROC owns and controls nearly the entire AI stack that powers its biometric and computer vision solutions, with the sole exception of document verification. As discussed above, certain customers who utilize ROC Enroll may choose to offer Identity Document Verification. ROC allows for these COTS products to be integrated into the workflow by third-party providers. Today, ROC purchases and resells these licenses through a single vendor but could support other vendors if required. Our ability to deliver high-accuracy biometrics, privacy-conscious deployments, and flexible integration options makes us a preferred partner for enterprises seeking performance without compromise. Our modular architecture allows commercial clients to adopt ROC components within their existing platforms, helping them meet regulatory, operational, and user experience goals.

Rather than compete on size or brand, we lead with performance, adaptability, and values. We win by solving hard problems with speed, accuracy, and trust. As public scrutiny of AI intensifies and national security concerns escalate, the importance of sovereign, American-made technology has never been more urgent. The United States has, for too long, relied on foreign-built systems for core elements of its identity and biometric infrastructure—leaving critical vulnerabilities in place across both commercial and government applications.

ROC is directly addressing this gap. We develop our AI, algorithms, and biometric systems entirely within the United States, with no dependency on foreign components or opaque model development. This not only enhances trust and transparency but ensures that our customers—whether commercial enterprises or federal agencies—are investing in resilient, future-proof infrastructure that aligns with national interests.

We believe our momentum, mission clarity, and sovereign foundation position us not just as a credible alternative—but as the next-generation leader at the intersection of AI, identity, and public safety.

Intellectual Property

ROC’s primary business activity is creating high value, highly differentiable intellectual property in the form of computer vision and machine learning models, software libraries, applications, and systems, as well as trade secret methodologies for developing and deploying these models and various forms of software. Our secondary activities are marketing, licensing, and deploying this intellectual property.

As of December 31, 2025, our registered intellectual property portfolio consisted of nonprovisional (utility) U.S. patents US 10,839,251 B2 and US 11,354,422 B2 and US trademarks in “ROC”, “RANK ONE”, “ROC ENROLL”, “ROC EXPLORE”, “ROC EXAMINE”, “ROC WATCH”, the “caret design to the left of the stylized word “ROC” and the “caret design” alone, which we use in our branding.

Intellectual property laws, procedures and restrictions provide only limited protection, and any of our intellectual property rights may be challenged, invalidated, circumvented, infringed, misappropriated or otherwise violated (see Part I. Item 1. “Business - Legal Proceedings”). Furthermore, the laws of certain countries do not protect intellectual property and proprietary rights to the same extent as the laws of the United States, and we therefore may be unable to protect our proprietary technology in certain jurisdictions.

Despite our efforts to protect our proprietary rights, unauthorized parties may attempt to copy or obtain and use our technology to develop products and services with the same functionality as our products. Policing unauthorized use of our technology is difficult. Our competitors could also independently develop technologies like ours, and our intellectual property rights may not be broad enough for us to prevent competitors from selling products and services incorporating those technologies. For more information regarding the risks relating to intellectual property, see Part I. Item 1A. “Risk Factors - Risks Related to Intellectual Property, Information Technology, Data Privacy, and Security.”

Research and Development

ROC is fundamentally an engineering- and research-led organization. Since our founding, innovation has been at the core of our identity. The Company was established by a team of machine learning scientists committed to advancing the frontiers of artificial intelligence, Vision AI, and biometric recognition. Today, approximately 50% of ROC’s technical workforce holds advanced degrees in computer science or closely related fields, underscoring our deep expertise and technical leadership.

Our R&D efforts are centered around the development of proprietary Vision-AI technology, built entirely in-house using advanced machine learning and deep learning methodologies. ROC’s commitment to core research and technical excellence has resulted in significant advancements in the field of biometrics, culminating in our algorithms achieving top-tier rankings in independent evaluations conducted by NIST.

In addition to biometrics, our R&D initiatives extend to adjacent areas such as object detection and license plate recognition, where we leverage our foundational AI capabilities to address critical needs in security, identity, and data analytics markets. These capabilities enable us to deliver differentiated, high-performance solutions across a variety of applications and industries.

Looking forward, ROC plans to continue scaling its research and development investments. We intend to grow our R&D team significantly to accelerate innovation, expand our portfolio of AI-driven technologies, and maintain a competitive advantage in a rapidly evolving technological landscape. We believe that sustained investment in research and development will be critical to driving future growth, meeting the emerging needs of our customers, and maintaining our leadership in Vision-AI solutions.

Government Regulation

ROC is subject to complex and evolving laws and regulations in the United States and abroad relating to privacy, data protection, data security, biometrics, artificial intelligence, technology protection, and other matters. These laws and regulations are often subject to change, varying interpretation, and inconsistent enforcement, and could result in claims, modifications to our business practices, monetary penalties, increased operational costs, or other adverse impacts on our business.

We are subject to a range of local, state, federal, and international laws governing the collection, storage, use, transfer, and protection of personal information and data, including privacy and cybersecurity regulations. Foreign data protection laws, in particular, often impose stricter requirements than U.S. laws. These regulatory frameworks are constantly evolving and remain uncertain for the foreseeable future, especially in the rapidly changing fields of software, technology, and artificial intelligence where we operate. Inconsistent interpretation and application of these laws across jurisdictions further complicate compliance efforts.

Several legislative and regulatory developments could significantly impact our operations. For example, ongoing legal challenges in Europe regarding cross-border data transfer mechanisms may restrict the ability to transfer personal data from the European Economic Area to other jurisdictions, including the United States, unless new agreements are reached. In the United States, the CCPA, effective January 1, 2020, imposes significant requirements regarding the processing of personal information of California residents and creates new consumer rights. Enforcement began on July 1, 2020, and additional changes, such as those introduced by the CPRA, may increase compliance obligations and costs. While we are committed to compliance with applicable data privacy laws, the full impact of these laws on our business and operations remains uncertain.

Outside the United States, jurisdictions worldwide are increasingly enacting and enforcing comprehensive data protection laws. For example, the European Union’s GDPR, which took effect in May 2018, imposes strict requirements on the collection, processing, and transfer of personal data, with significant penalties for noncompliance—up to the greater of €20 million or 4% of annual global revenues. Compliance with the GDPR and other emerging laws may require substantial investment in operational changes and ongoing diligence.

U.S. and non-U.S. laws and regulations related to biometric technology and products are at a maturing stage of development and still evolving. The effects of such laws and regulations may impose limitations and add uncertainties to the development and operation of our biometric-related business. For example, the European Union’s GDPR classifies biometric data as “sensitive data” which is subject to heightened protection and its processing is generally prohibited unless specific legal grounds, like explicit consent, are met. As another example, the Illinois BIPA prohibits the collection of biometric data without individualized notice and consent. Laws and regulations focused on the collection, use, and processing of biometric data could result in monetary penalties or other regulatory actions. Several states and municipalities are considering enacting or have already enacted statutes and regulations specifically concerning the collection, use and processing of biometric data, including those focused on consumer privacy and consumer protection. In addition, state data privacy laws and foreign data privacy laws often include heightened protections for biometric data, which may include individualized notice and/or consent requirements. These federal, state, municipal and foreign laws and regulations may impact our ability to deploy biometric software products in certain markets, and may increase our compliance costs.

U.S. and non-U.S. laws and regulations related to AI technology and products are at an early stage of development and still evolving. The effects of such laws and regulations remain unclear and may add uncertainties to the development and operation of our AI-related business. For example, the EU AI Act became effective on August 1, 2024 and will be fully applicable after a two-year transitional period (although certain obligations will take effect at an earlier or later time). The EU AI Act introduces various requirements for AI systems and models placed on the market or put into service in the EU and may impact our ability to train, deploy, or release AI models in the EU. Among other limitations, the EU AI Act prohibits marketing and use of “AI systems that create or expand facial recognition databases through the untargeted scraping of facial images from the internet or CCTV footage.” Laws and regulations focused on the development, use, and provision of AI technologies could result in monetary penalties or other regulatory actions. In the U.S., there is increasing uncertainty as to the federal government’s approach to AI regulation going forward, as the continued applicability of the White House’s 2023 Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence, which lays out a framework for the U.S. government, among other things, to monitor private sector development of certain foundation models, remains subject to regulatory development. Several states are considering enacting or have already enacted statutes and regulations concerning the use of AI technologies, including those focused on consumer protection, and depending on the scope of AI regulation at the federal level, some states may move to regulate AI model development and deployment. As an example, the Colorado AI Act is scheduled to go into effect on June 30, 2026, which introduces various requirements for “high-risk” AI systems that make or significantly influence consequential decisions involving education, employment, financial services, housing, health care or legal services. Several other U.S. states are considering enacting or have already enacted regulations concerning AI technologies, which may impact our ability to train, deploy, or release AI models and our software products, and increase our compliance costs. Further, at the federal and state level, there have been various proposals (and in some cases laws enacted) addressing “deepfakes” and other AI-generated synthetic media.

The complex and evolving nature of global privacy, data protection, biometrics and artificial intelligence laws presents significant compliance challenges. Any failure, whether by us, our employees, our business partners, or our customers, to comply with these laws and regulations—or perceived failures—could result in regulatory investigations, private litigation, reputational damage, and significant financial liabilities.

In addition to formal regulations, we may also be subject to industry standards, self-regulatory frameworks, and contractual obligations related to privacy, security, data protection, biometrics and artificial intelligence. We may make public commitments regarding our privacy, data protection, biometrics and artificial intelligence practices, and any failure to meet those commitments could expose us to legal and reputational risks.

We expect the regulatory landscape to continue to evolve, with new and amended privacy, data protection, biometrics and artificial intelligence laws and standards emerging in the U.S. and internationally. Future changes may require further investment, operational adjustments, and could restrict certain business activities or otherwise adversely affect our operations. In addition, heightened scrutiny, expanding regulatory enforcement, and increasing public attention to privacy, data protection, biometrics and artificial intelligence issues could further impact our business, even where we strive to maintain compliance.

Failure or perceived failure to comply with applicable laws, regulations, contractual requirements, or industry standards—or the occurrence of any security incident involving personal or sensitive data—could result in substantial penalties, adverse publicity, restrictions on our operations, or other negative consequences that could materially and adversely affect our business, financial condition, and results of operations.

Employees

As of December 31, 2025, we had 66 full-time and 16 part-time employees, all employed in the United States. We also engage contractors and consultants.

Corporate Information

We were originally incorporated under the laws of the State of Virginia on May 5, 2015 and subsequently converted to a corporation incorporated under the laws of the State of Colorado on September 18, 2018. Our principal executive office is located at 1290 Broadway, Suite 1200, Denver, CO 80203, and our telephone number is (303) 317-6118. Our website is https://roc.ai/. Information contained on, or available through, our website does not constitute part of, and is not deemed incorporated by reference into this Annual Report, and investors should not rely on such information in deciding whether to purchase shares of our common stock.

Item 1A. Risk Factors.Risk Factors.

You should consider carefully the risks, uncertainties and other factors described below, in addition to the other information set forth in this Form 10-K, before making an investment decision. Any of these risks, uncertainties and other factors could materially and adversely affect our business, financial condition, results of operations, cash flows or prospects. In that case, the market price of our common stock could decline, and you may lose all or part of your investment in our common stock. See also “Cautionary Note Regarding Forward-Looking Statements.”

Risks Related to Our Industry and Business

We have a limited operating history as a public company, and our ability to execute our growth plans depends on maintaining adequate liquidity and capital resources.

As disclosed in our Registration Statement on Form S-1, as amended (File No. 333-291913), which was declared effective by the SEC on January 30, 2026, management had previously concluded that substantial doubt existed about our ability to continue as a going concern as of September 30, 2025, primarily due to our limited cash resources, reliance on collections of concentrated accounts receivable, and outstanding indebtedness under our revolving line of credit. This substantial doubt was alleviated following the completion of our initial public offering in 2026, which raised net proceeds of approximately $21.5 million, including net proceeds from partial exercise of overallotment option.

While the Company’s near-term liquidity position has improved significantly as a result of the initial public offering, we may require additional capital in the future to fund our growth strategy, including product development, expansion of our sales and marketing capabilities, potential acquisitions, and general working capital needs. Our ability to generate sufficient cash from operations depends on a number of factors, including the pace and scale of commercial adoption of our products, the timing of cash collections from customers, and our ability to manage operating expenses. If we are unable to generate adequate cash flows from operations or raise additional capital on acceptable terms when needed, we may need to delay, scale back, or discontinue certain planned initiatives, which could adversely affect our business, financial condition, and results of operations.

There can be no assurance that additional financing will be available on acceptable terms, or at all. Any equity financing may result in dilution to our existing stockholders, and any debt financing may involve restrictive covenants or other terms that limit our operational flexibility.

As an early-stage company, our historic performance is not necessarily an indication of future performance.

Since its inception, our business has expanded organically through the delivery of enhanced solutions and expanded product offerings to our customers. Due to our limited operating history and evolving business, our ability to forecast future results of operations is limited and subject to several uncertainties, including our ability to plan for and model future growth. Our historical revenue growth should not be considered indicative of our future performance. Further, in future periods, our revenue growth could slow. We have encountered and will encounter risks and uncertainties frequently experienced by growing companies in rapidly changing industries, and if our assumptions regarding these risks and uncertainties, which we use to plan our business, prove incorrect or we fail to address these risks effectively, our business could be adversely affected.

We may not be able to sustain our revenue growth rate in the future.

Although our revenue has increased in recent periods, there can be no assurances that it will continue to grow or do so at current rates, and past performance should not be seen as an indicator of future results. Our revenue growth rate may decline in future periods due to various factors, such as increased competition, slowing demand for our platforms from existing and new customers, our failure to capitalize on growth opportunities, terminations of existing contracts by our customers, and the maturation of our business, among others. If our revenue growth rate declines, our business, financial condition, and results of operations could be adversely affected.

Historically, existing customers have expanded their relationships with us, which has resulted in a limited number of customers accounting for a substantial portion of our revenue. If existing customers do not make subsequent purchases or renew their contracts with us, or if our relationships with our largest customers are impaired or terminated, our revenue could decline, and our results of operations would be adversely impacted.

We derive a significant portion of our revenue from existing customers that expand their relationships with us. Increasing the size and number of the deployments of our existing customers is a major part of our growth strategy. We may not be effective in executing this or any other aspect of our growth strategy. Our revenue reflects risks from customer concentration. As noted in the table below, we had two customers that accounted for 10% or more of our revenue as of December 31, 2025, accounting for 43% of total revenue, and one customer that accounted for 10% or more of annual revenue for the year ended December 31, 2024, accounting for 25% of 2024 annual revenue.

Certain of our customers, including customers that represent a significant portion of our business, have in the past reduced their spending with us or terminated their agreements with us, which has reduced our anticipated future payments or revenue from these customers, and which has required us to refund some previously paid amounts to these customers. We cannot predict future demand from our larger customers for our software and services.

There are inherent risks when a large percentage of total revenues are concentrated with a limited number of customers, as this increases the risk of quarterly fluctuations in our operating results and heightens our sensitivity to any material adverse developments affecting those key customers. We cannot predict the future level of demand for our products that will be generated by these customers. The terms of our contracts with these significant customers generally allow them to unilaterally terminate the arrangement at any time, subject to notice and other provisions. The terms and conditions under which we do business generally do not include commitments by those customers to purchase any specific quantities of products from us or to renew their contracts after the initial period. Even when we enter into an arrangement under which a significant customer agrees to purchase an agreed portion of its product or service needs from us (provided we meet our contractual obligations), the arrangement often includes pricing schedules with substantial price concessions and does not guarantee expected purchase volumes. If any major customer faces declining or delayed sales due to market, economic, or competitive factors, we may be pressured to lower our prices or risk losing the customer. Any such development could have an adverse effect on our margins, financial position, sales, results of operations, and the trading price of our common stock. We cannot guarantee that our sales will not continue to be concentrated among a limited number of customers.

Our customers typically enter into shorter-term contracts, such as 12 months, which may not provide for automatic renewal and may require customer to opt-in to extend the term. Our customers are not obligated to renew, upgrade, or expand their agreements after expiration. In addition, many of our customer contracts allow termination with little or no notice. If our customers terminate their contracts with us, whether for convenience, breach, or other contractual reasons, as applicable; if our customers elect not to renew their contracts with us; if our customers renew their contractual arrangements with us for shorter contract lengths; or if our customers otherwise seek to renegotiate terms of existing agreements on terms less favorable to us, our business and results of operations could be adversely affected. This adverse impact would be even more pronounced for customers that represent a material portion of our revenue or business operations.

Our results of operations are likely to fluctuate significantly on a quarterly basis in future periods and may not fully reflect the underlying performance of our business, which makes our future results difficult to predict and could cause our results of operations to fall below expectations.

Our quarterly results of operations, including cash flows, have fluctuated significantly in the past and are likely to continue to do so in the future. Accordingly, the results of any one quarter should not be seen as indicative of future results. Our quarterly results, financial position, and operations are likely to fluctuate as a result of a variety of factors, many of which are outside of our control, and as a result, may not fully reflect the underlying performance of our business. Fluctuations in quarterly results may negatively impact the value of our common stock.

The timing of our sales cycles is unpredictable and is impacted by factors such as government budgeting and appropriation cycles, varying commercial fiscal years, and changing economic conditions. This can impact our ability to plan and manage margins and cash flows. Our sales cycles are often long, and it is difficult to predict exactly when, or if, we will make a sale with a potential customer. The loss or delay of one or more large sales transactions in a quarter would impact our results of operations and cash flow for that quarter and any future quarters in which revenue from that transaction is lost or delayed. In addition, downturns in new sales may not be immediately reflected in our revenue because we generally recognize revenue over the term of our contracts. The timing of customer billing and payment varies from contract to contract. A delay in the timing of receipt of such collections, or a default on a large contract, may negatively impact our liquidity for the period and in the future. Because a substantial portion of our expenses is relatively fixed in the short-term and requires time to adjust, our results of operations and liquidity would suffer if revenue falls below our expectations in a particular period.

Other factors that may cause fluctuations in our quarterly results of operations and financial position include, without limitation, those listed below:

In addition, our contracts generally contain termination for convenience provisions, which may require us to refund prepaid amounts or forgo anticipated revenue if we fail to provide future services as anticipated. These factors make it difficult for us to accurately predict financial metrics for future periods.

The variability and unpredictability of our quarterly results of operations, cash flows, or other operating metrics could result in our failure to meet our expectations or those of analysts that may cover us or investors with respect to revenue or other key metrics for a particular period. If we fail to meet these expectations, our stock price may decline and we could face costly litigation, including securities class actions.

Our software is complex and may have a lengthy implementation process, and any failure of our software to satisfy our customers or perform as desired could harm our business, results of operations, and financial condition.

Our software and services are complex and are deployed in a wide variety of environments. Implementing our software can be a complex and lengthy process, as we often configure our software for each customer’s unique environment. The inability to meet the unique needs of our customers may result in customer dissatisfaction and/or damage to our reputation. Proper use of our software may also require customer training and ongoing technical support.

In addition, if our customers do not use our software correctly or as intended, inadequate performance or outcomes may result. It is possible that our software may also be intentionally misused or abused by customers or their employees, or third parties. Similarly, our software is sometimes used by customers with smaller or less sophisticated IT departments, potentially resulting in sub-optimal performance at a level lower than anticipated by the customer. Because our customers rely on our software to address important business goals and challenges, the improper use or configuration of our software, lack of effective training, or inadequate implementation or maintenance support may result in contract terminations or non-renewals, reduced customer payments, negative publicity, or legal claims against us. Furthermore, if there is substantial turnover of the company or customer personnel responsible for procurement and use of our software, our software may go unused or be adopted less broadly, and our ability to make additional sales may be substantially limited, which could negatively impact our business, results of operations, and growth prospects.

If we do not successfully develop and deploy new technologies to address the needs of our customers, our business and results of operations could suffer.

Our success has been based on our ability to design software that integrates large amounts of data to facilitate advanced data analysis, knowledge management, and decision support in real-time. We invest significant time and resources into developing new technologies and enhancing existing features to meet evolving customer needs. However, there is no guarantee that these enhancements or our new products will be compelling to our customers or gain market acceptance. If our research and development efforts do not align with customer demand or if we fail to develop our software in a timely and cost-effective manner, we may struggle to retain customers or drive new demand.

The introduction of new products by competitors or the development of new technologies to replace existing offerings could make our software obsolete or adversely affect our business, financial condition, and results of operations. We may face difficulties in software development, design, or marketing that could delay the release of new software or features. There can be no assurance that new software, features, or capabilities will be released according to schedule. Any delays could result in adverse publicity, loss of revenue or market acceptance, or claims by customers brought against us, any of which could harm our business. Moreover, the design and development of new software or new features and capabilities to our existing software may require substantial investment, and we cannot ensure that such investments will be successful. If customers do not widely adopt our new software, experiences, features, and capabilities, we may not be able to realize a return on our investment.

Our new and existing software and changes to our existing software could fail to attain sufficient market acceptance for many reasons, including:

If we are not able to continue to identify challenges faced by our customers and develop, license, or acquire new features and capabilities to our software in a timely and cost-effective manner, or if such enhancements do not achieve market acceptance, our business, financial condition, results of operations, and prospects may suffer and our anticipated revenue growth may not be achieved.

If we fail to manage future growth effectively, our business could be harmed.

Since our founding in 2015, we have experienced rapid growth. We operate in a growing market and have experienced, and may continue to experience significant expansion. This growth has strained our resources, including employees, management systems, and finances, as we manage larger, more complex deployments. We have increasingly managed larger and more complex deployments of our software and services with a broader base of government and commercial customers. As we continue to grow, we face challenges of integrating, developing, retaining, and motivating our expanding workforce. In the event of continued growth, our operational resources, including IT systems, employee base, and internal controls and procedures, may not be adequate to support our operations and deployments. Managing our growth may require significant investments and management efforts. If we fail to achieve the necessary level of efficiency in our organization as it grows, our business, financial condition, and results of operations would be harmed. Further, we may continue to find it increasingly difficult to maintain the benefits of our traditional company culture, such as our ability to respond quickly to customers and avoid delays associated with a formal corporate structure, which could negatively affect our business performance or ability to hire or retain personnel.

In addition, our rapid growth may make it difficult to evaluate our future prospects. Our ability to forecast our future results of operations is subject to uncertainties, including our ability to effectively plan for and model future growth. We have encountered, and may encounter in the future, risks and uncertainties frequently experienced by growing companies in rapidly changing industries. If we fail to achieve the necessary level of efficiency, or if we are not able to accurately forecast future growth, our business, financial condition, and results of operations would be harmed.

If we are unable to hire, retain, train, and motivate qualified personnel and senior management and deploy our personnel and resources to meet customer demand around the world, our business could suffer.

Our ability to compete in the highly competitive technology industry depends upon our ability to attract, motivate, and retain qualified personnel. We are highly dependent on the contributions of our management team, including their customer relationships, expertise in science and technology, business development experience, and innovative management in both public and private sectors. Some of our executive officers and key personnel are at-will employees and may terminate their employment relationship with us at any time. The loss of the services of our key personnel and other executive officers, and our inability to find suitable replacements, could result in a decline in sales, delays in product development, and harm to our business and operations.

We have experienced and may continue to experience difficulty in hiring and retaining personnel with appropriate qualifications and may not be able to fill positions in a timely manner or at all. Potential candidates may not view our compensation package, including equity awards, as favorably as those hired before our listing. In addition, our recruiting strategies may need to adapt to a changing candidate pool, and we may not be able to make these adjustments quickly. We may also incur significant costs to attract and recruit skilled personnel, and we may lose new personnel before we realize the benefit of our investment in recruiting and training them. As we move into new geographies, we will need to attract and recruit skilled personnel in those geographic areas, but we may face challenges competing with traditional local employers for talent. In addition, certain personnel may be required to receive various security clearances and substantial training to work on certain customer engagements or to perform certain tasks. Necessary security clearances may be delayed or unsuccessful, which may negatively impact our ability to perform on our U.S. and non-U.S. government contracts in a timely manner or at all. Our success depends on our ability to effectively source and staff people with the right mix of skills and experience. If we are unable to effectively utilize our personnel on a timely basis to fulfill the needs of our customers, our business could suffer.

We face intense competition for qualified personnel, especially software engineers and data scientists, in major U.S. markets, where a large portion of our personnel are based. We incur costs related to attracting, relocating, and retaining qualified personnel in these highly competitive markets, including leasing real estate in prime areas in these locations. Many of the companies with which we compete for qualified personnel have greater resources. If we fail to attract new personnel or to retain our current personnel, our business and operations could be harmed.

We seek to retain and motivate existing personnel through our compensation practices, company culture, and career development opportunities. This may require significant investments in cash and equity, which we may never realize returns on these investments. If the perceived value of our equity awards declines, or if the mix of equity and cash compensation we offer is less attractive than that of our competitors, it may adversely affect our ability to recruit and retain highly skilled personnel. Employees may also be more likely to leave us if their stock or equity awards have either significantly appreciated or lost value. In addition, employees receiving substantial proceeds from selling our stock could become less motivated to stay. Any of these factors could harm our business, financial condition, and results of operations.

If we are unable to successfully deploy our marketing and sales organization in a timely manner, or at all, or to successfully hire, retain, train, and motivate our sales personnel, our growth could be adversely impacted.

We currently have a growing, but limited, direct sales force, and our sales efforts have historically depended on the significant direct involvement of our senior management team. The successful execution of our strategy to increase our sales to existing customers, engage new customers, and enter new markets will depend, among other things, on our ability to build and expand our sales organization and operations. Recruiting, training, and managing sales personnel requires significant time, expense, and involvement from senior management and other key personnel, which could adversely impact our business, financial condition, and results of operations in the short and long term.

In order to successfully scale our sales model, we must continue to increase the size of our direct sales force, both in the United States and outside of the United States, to generate additional revenue from new and existing customers while maintaining our culture and mission. If we do not hire enough qualified sales personnel, our future revenue growth and business could be adversely impacted. It may take a significant period of time before our sales personnel are fully trained and productive, and there is no guarantee we will be successful in adequately training and effectively deploying our sales personnel. In addition, we may need to invest significant resources to enable our sales organization to run effectively and efficiently, including supporting sales strategy planning, sales process optimization, data analytics and reporting, and administering incentive compensation arrangements. Furthermore, hiring personnel in new countries requires additional setup and upfront costs that we may not recover if those personnel fail to achieve full productivity in a timely manner. Our business would be adversely affected if our efforts to build, expand, train, and manage our sales organization are not successful. We periodically adjust our sales structure in response to market opportunities, competitive threats, management changes, product introductions or enhancements, acquisitions, sales performance, increases in sales headcount, cost levels, and other internal and external considerations, and any such sales organization changes may temporarily reduce productivity and negatively affect our rate of growth. Additionally, any changes in sales compensation structures may be disruptive or ineffective. If we are unable to attract, hire, develop, retain, and motivate qualified sales personnel, if our new sales personnel are unable to achieve sufficient sales productivity levels, if our marketing programs are not effective or if we are unable to effectively build, expand, and manage our sales organization and operations, our sales and revenue may grow more slowly than expected or materially decline, and our business may be significantly harmed.

Our ability to sell our software to customers depends on the quality of our offerings, and our failure to maintain the quality of our offerings could have a material adverse effect on our sales and results of operations.

Once our software is deployed and integrated with our customers’ existing information technology investments, our customers depend on our support to resolve any product-related issues. As our software becomes increasingly deployed in large-scale, complex technological environments, our future success will depend on our ability to increase sales of our products within these settings. Our ability to provide timely, efficient, and scalable support may depend in part on our customers’ environments and their ability to maintain and/or modernize their IT infrastructure.

The number of our customers has grown significantly, and increased demand may strain our services teams, and we may not be able to scale quickly enough to meet short-term spikes in demand. In addition, as we continue to grow our operations and expand outside of the United States, we need to be able to provide efficient services that meet our customers’ needs globally at scale, and our services teams may face additional challenges, including those associated with operating the software and delivering support, training, and documentation in multiple languages and providing services across expanded time zones. Failing to do so may hinder our growth, we may need to hire additional service personnel, which could negatively impact our business, financial condition, and results of operations.

Our customers often require proper training to fully realize the benefits and the full potential of our software. If we fail to effectively deploy, update, or upgrade our products, help our customers resolve post-deployment issues, and provide effective ongoing support, it could hinder our ability to sell additional products, damage our reputation, and lead to negative publicity. Many enterprises and government customers require higher levels of services than smaller customers, and failure to meet their requirements could impact our efforts to expand within this segment. As a result, our failure to maintain high-quality services may have a material adverse effect on our business, financial condition, results of operations, and growth prospects.

If we are not able to grow, maintain, and enhance our brand and reputation, along with the impact of inaccurate and damaging media coverage, our relationships with our customers, partners, and employees may be harmed, and our business and results of operations may be adversely affected.

We believe that growing, maintaining, and enhancing our brand identity and reputation is essential to attracting and retaining customers, partners, investors, and employees. The successful promotion of our brand depends upon our ability to continue to offer high-quality software, maintain strong relationships with our customers, the community, and others, while successfully differentiating our software from that of our competitors. Unfavorable media coverage may adversely affect our brand and reputation. We anticipate that as our market becomes increasingly competitive, maintaining our brand may become more challenging and costly. Brand promotional activities may not yield increased revenue, and even if they do, the increased revenue may not offset the expenses we incur in building our brand and reputation. If we fail to strengthen our brand or are unable to sell legacy products under our name, we may struggle to attract key stakeholders, grow our business, or maintain pricing power, all of which could adversely impact our business, financial condition, results of operations, and growth prospects. Additionally, despite our internal efforts to the contrary, we cannot guarantee that our customers will not ultimately use our software for purposes inconsistent with our company values, and such uses may harm our brand and reputation.

Publicly available information regarding our business has historically been limited, in part due to the sensitivity of our work with customers or contractual restrictions that prevent public disclosure of certain customer relationships and activities. As our business and interest in the broader tech industry have grown, we may attract significant attention from news and social media outlets, including unfavorable coverage or unauthorized coverage. This coverage may include inaccurate or misleading reports about our leadership, employees, or the nature of our work, as well as unfounded speculation. If such coverage contains or relies on damaging or incomplete information, it could harm our reputation with customers, employees, and investors, and adversely affect our business, financial condition, results of operations, and growth prospects. In addition, our relationships with government customers and customers engaged in certain sensitive industries may result in public criticism, including political and social activists, and unfavorable coverage in the media. Criticism of such relationships could potentially engender dissatisfaction among potential and existing customers, investors, and employees with how we address political and social concerns in our business activities. Actions we take in response to the activities of our customers, such as terminating our contracts or refusing a particular product use case, could harm our brand and reputation. In either case, the resulting harm to our reputation could cause certain customers to cease doing business with us, impair our ability to attract new customers or expand our relationships with existing customers, diminish our ability to hire or retain employees, undermine our standing in professional communities, or prompt us to cease doing business with certain customers. Any of these factors could adversely impact our business, financial condition, and results of operations. Any of these factors could result in a significant or material adverse effect on our results of operations or financial condition.

Our pricing for our software and services may change to address market conditions.

We expect that we may need to adjust our pricing model in response to general economic conditions, competitor pricing, customer budgets, pricing studies, or how customers use our products and services. Entering new markets may also require tailored pricing strategies. In addition, as competitors introduce new products or services or revise their pricing structures, we may be unable to attract new customers at the same price or based on the same pricing model as we have used historically. Moreover, as we continue to target selling our software to larger organizations, these larger organizations may demand substantial price concessions, and government contracts may require compliance with specific pricing guidelines. If we fail to modify or develop pricing strategies that are attractive to existing and prospective customers, while enabling us to significantly grow our sales and revenue relative to our associated costs and expenses, our business, financial condition, and results of operations may be adversely impacted.

Certain estimates of market opportunity included in this Annual Report may prove to be inaccurate.

This Annual Report includes our internal estimates of the addressable market for our software and services. These estimates, whether obtained from third-party sources or developed internally, are subject to significant uncertainty and are based on assumptions that may not prove to be accurate. The estimates in this Annual Report relating to the size of our target market, market demand and adoption, capacity to address this demand, and pricing may prove to be inaccurate. The addressable market we estimate may not materialize for many years, if ever, and even if the markets in which we compete meet the size estimates in this Annual Report, our business could fail to successfully compete in such markets.

We face intense competition in our markets, and we may lack sufficient financial or other resources to maintain or improve our competitive position.

The markets for our software are very competitive, and we expect such competition to continue or increase in the future. A significant number of companies are developing products that currently, or in the future may, compete with some or all aspects of our proprietary software. We may not be successful in convincing our potential customers to deploy our software in lieu of existing software solutions or in-house software development projects preferred by internal IT teams or other competitors. In addition, our competitors include large enterprise software companies, government contractors, and system integrators, and we may face competition from emerging companies as well as established companies entering this market. To remain competitive, we may need to make substantial investments in our research, development, services, marketing, and sales functions in order to respond to competition, and there can be no assurance that we will be able to compete successfully in the future. Many of our existing competitors have, and some of our potential competitors could have, substantial competitive advantages such as:

In addition, some of our larger competitors have substantially broader and more diverse products and services, allowing them to leverage their relationships with distribution partners and customers based on other products or incorporate functionality into existing products to gain business in a manner that discourages customers from purchasing our software, including by selling at zero or negative margins, product bundling, or offering closed technology platforms. Some customers may also prefer to purchase from their existing provider regardless of software performance or features. As a result, even if the features of our software offer unique advantages, customers may not purchase our software. If we are unable to sufficiently differentiate our software through functionality, performance, or value, we may see a decrease in demand for our offerings. Additionally, innovative start-up companies and larger companies investing heavily in research and development may introduce products that have greater performance or functionality, are easier to implement or use, incorporate new technological advances, or implemented or may invent similar or superior software that competes with our software. Our current and potential competitors may also establish cooperative relationships among themselves or with third parties that may further enhance their resources.

Some of our competitors have made or could make acquisitions of businesses that allow them to offer more competitive and comprehensive solutions. As a result of such acquisitions, our current or potential competitors may be able to accelerate the adoption of new technologies, devote greater resources to bringing these products and services to market, initiate or withstand substantial price competition, or develop and expand their offerings more quickly than we do. These competitive market pressures, or our failure to compete effectively, may result in fewer orders, reduced revenue and margins, and loss of market share. It is also possible that industry consolidation may cause customers to question the viability of smaller or mid-sized software firms, making them less likely to purchase from us.

We may not compete successfully against our current or potential competitors. If we are unable to compete successfully, or if competing successfully requires costly actions, our business, financial condition, and results of operations could be adversely affected. In addition, our competitors may have an entirely different pricing or distribution model. Increased competition could result in fewer customer orders, price reductions, reduced margins, and loss of market share, any of which could harm our business and results of operations.

We may not enter into relationships in select countries or with potential customers if their activities or objectives are inconsistent with our mission or values. We generally do not enter into business with customers or governments whose positions or actions we consider inconsistent with our mission to support Western liberal democracy and its strategic allies. Our decisions not to enter into these relationships may not produce the long-term financial benefits and results that we expect. Although we endeavor to do business with customers and governments that are aligned with our mission and values, we cannot predict how the activities and values of our government and private sector customers will evolve over time, and they may evolve in a manner inconsistent with our mission.

Joint ventures, channel sales relationships, platform partnerships, strategic alliances, or subcontracting opportunities may have a material adverse effect on our business, results of operations, and prospects.

We expect to continue to enter into joint ventures, channel sales relationships, platform partnerships, or strategic alliances as part of our long-term business strategy. Joint ventures, platform partnerships, strategic alliances, and other similar arrangements involve significant investments of both time and resources, and there can be no assurances that they will be successful. They may present significant challenges and risks, including that they may not advance our business strategy, we may get an unsatisfactory return on our investment or lose some or all of our investment, they may distract management and divert resources from our core business, they may expose us to unexpected liabilities, or we may choose a partner that does not cooperate as we expect them to and that fails to meet its obligations or that has economic, business, or legal interests or goals that are inconsistent with ours. Entry into these partnerships now or in the future may be subject to government regulation, including review by U.S. or foreign government entities related to foreign direct investment. Such regulatory review might limit our ability to enter into the desired strategic alliance and thus our ability to carry out our long-term business strategy.

As our joint ventures, channel sales relationships, platform partnerships, and strategic alliances come to an end, we may be unable to renew or replace them on comparable terms, or at all. These partners may be required to undertake some portion of sales, marketing, implementation services, engineering services, or software configuration that we would otherwise provide. In such cases, our partner may be less successful than we would have otherwise been absent the arrangement. In the event we enter into an arrangement with a particular partner, we may be less likely or unable to work with one or more direct competitors of our partner with which we would have worked absent the arrangement. Our interests may not always align with those of our joint venture or strategic partners, which may affect our ability to successfully collaborate with a given partner. Similarly, one or more of our partners may independently suffer a bankruptcy or other economic hardship that negatively affects their ability to continue as a going concern or perform their obligations under the arrangement. In addition, customer satisfaction with our products provided in connection with these arrangements may be less favorable than anticipated, and some of our strategic partners may offer competing products and services or work with our competitors. As a result of these and other factors, many of the companies with which we have partnerships may choose to pursue alternative technologies and develop alternative products in addition to or in lieu of our platforms, either on their own or in collaboration with others, including our competitors. If we are unsuccessful in establishing or maintaining our relationships with these partners, our ability to compete in a given marketplace or to grow our revenue would be impaired, and our results of operations may suffer. Even if we are successful in establishing and maintaining these relationships with our partners, we cannot assure that these relationships will result in increased customer usage of our platforms or increased revenue, and any negative impact on a partner’s brand or products could affect our outcomes in those markets.

In addition, some of our sales to government entities have been made, and in the future may be made, indirectly through our channel partners. For the years ended December 31, 2025 and 2024, channel partners accounted for 37.4% and 54.2% of overall revenue, respectively. In no period has any single channel partner accounted for 10% or more of overall corporate revenue.

Government entities may have statutory, contractual, or other legal rights to terminate contracts with our channel partners for convenience or due to a default, and, in the future, if the portion of government contracts that are subject to renegotiation or termination, our future results could be negatively impacted. In the event of such termination, it may be difficult for us to arrange for another channel partner to sell our products in a timely manner, and we could lose sales opportunities during the transition. Government entities routinely audit government contractors’ administrative processes, and any unfavorable audit could result in the government entity refusing to renew its subscription for our software, a reduction of revenue, or fines or civil or criminal liability if the audit uncovers improper or illegal activities. Further, winding down joint ventures, channel sales relationships, platform partnerships, or other strategic alliances can result in additional costs, litigation, and negative publicity. Any of these events could adversely affect our business, financial condition, results of operations, and growth prospects.

If we are not successful in executing our strategy to increase our sales to larger customers, our results of operations may suffer.

An important part of our growth strategy is to increase sales of our software to large enterprises and government entities, which can involve greater risks than sales to small or mid-sized commercial customers. These risks may include greater leverage held by large customers in negotiating contractual arrangements with us, changes in key decision makers within these organizations that may negatively impact our ability to negotiate in the future, concerns from customers’ IT departments about losing internal control, and the potential for investing resources in prospects that do not convert. Large customers may also impose more stringent contract terms, including stricter service response times, increased penalties for non-compliance. In addition, we may face competition from larger competitors, such as defense contractors, system integrators, or large software companies that traditionally target large enterprises and government entities with existing commitments. Further, large enterprises and government entities often undertake a significant evaluation process that results in a lengthy sales cycle, requiring approvals of multiple management personnel and more technical personnel than would be typical of a smaller organization.

Finally, large enterprises and government entities typically (i) have longer implementation cycles, (ii) require greater product functionality and scalability and a broader range of services, (iii) demand that vendors take on a larger share of risks, (iv) sometimes require acceptance provisions that can lead to a delay in revenue recognition, (v) typically have more complex IT and data environments, and (vi) expect greater payment flexibility from vendors. Customers, and sometimes we, may also engage third parties to be the users of our software, which may result in contractual complexities and risks, require additional investment in time and human resources to train the third parties, and allow them (who may be engaging in various competitive activities) to influence our customers’ perception of our software. All these factors can add further risk to business conducted with these customers. If sales expected from a large customer for a particular quarter are not realized in that quarter or at all, our business, financial condition, results of operations, and growth prospects could be materially and adversely affected.

If the market for our software and services develops more slowly than we expect, our growth may slow or stall, and our business, financial condition, and results of operations could be harmed.

The market for our software is rapidly evolving, and our future success will depend in large part on the growth and expansion of this market, which is difficult to predict and relies on a number of factors. Factors influencing this growth include customer adoption and demand, changing customer needs, competitive products, and customers’ willingness to invest in new software after significant prior investments in legacy data collection, storage, and processing software. The estimates used to calculate our market opportunity are subject to change over time, and there is no guarantee that any particular number or percentage of the organizations covered by our market opportunity estimates will pay for our software at all or generate any particular level of revenue for us. Even if the market meets the size estimates and growth forecasts, we may not achieve expected growth due to factors beyond our control, including increased competition in our industry. Further, if we or other data management and analytics providers experience security incidents, loss of or unauthorized access to customer data, disruptions in delivery, or other problems, this market as a whole, including our software, may be negatively affected. If our solutions fail to achieve widespread adoption, or there is a reduction in demand caused by a lack of customer acceptance, technological challenges, weakening economic conditions, security or privacy concerns, competing products, decreases in corporate spending, or if the market develops but we are unable to continue to penetrate it due to the cost, performance, and perceived value associated with our software, our revenue and overall business performance could be adversely affected.

In the future, we may not be able to secure the financing necessary to operate and grow our business as planned, or to make acquisitions.

In the future, we may seek to raise or borrow additional funds to expand our business development efforts, make acquisitions, or otherwise fund or grow our business and operations. As of December 31, 2025 and 2024, we had approximately $1.8 million and $0.4 million of indebtedness, respectively. Although we currently anticipate that our existing cash and cash equivalents will be sufficient to meet our cash needs for at least the next twelve months, additional funds may be required if our commercial sales do not develop as quickly as planned. If we require additional financing, we may not be able to obtain debt or equity financing on favorable terms, if at all. If we raise equity financing to fund operations or on an opportunistic basis, our stockholders may experience significant dilution of their ownership interests. If adequate funds are not available on acceptable terms, or at all, we may be unable to, among other things:

Our inability to take any of these actions because adequate funds are not available on acceptable terms could have an adverse impact on our business, financial condition, results of operations, and growth prospects.

We may need to raise additional capital, which may not be available on favorable terms, if at all, and which may cause dilution to stockholders, restrict our operations, or adversely affect our ability to operate our business.

Our ability to raise additional capital may be significantly affected by general market conditions, the market price of our common stock, our financial condition, uncertainty about the future commercial success of our products, regulatory developments, the status and scope of our intellectual property, any ongoing arbitration or litigation, our compliance with applicable laws and regulations and other factors, many of which are outside our control. If we are unable to obtain needed financing on acceptable terms, or otherwise, we may not be able to implement our business plan, which could have a material adverse effect on our business, financial condition, and results of operations, including a decline in the trading price of our common stock. Any additional equity financings could result in additional dilution to our then existing stockholders. In addition, we may enter into additional financings that restrict our operations or adversely affect our ability to operate our business, and if we issue equity, debt or other securities to raise additional capital or restructure or refinance our existing indebtedness, the new equity, debt or other securities may have rights, preferences and privileges senior to those of our existing stockholders.