Arthur J Gallagher & Co (AJG) Risk Analysis

We operate in various jurisdictions and are subject to changes in applicable tax laws, treaties, or regulations in those jurisdictions. A material change in the tax laws, treaties, or regulations, or their interpretation, of any jurisdiction with which we do business, or in which we have significant operations, could adversely affect us. For example, the OECD continues to issue reports and recommendations as part of its Base Erosion and Profit Shifting project (which we refer to as BEPS) and in 2021, it announced that 136 countries and tax jurisdictions agreed to implement a new Pillar 2 approach to international taxation. Pillar 1 exempts regulated financial institutions and we believe we qualify for such exemption. Pillar 2 will establish a global minimum tax rate of 15%, such that multinational enterprises with an effective tax rate in a jurisdiction below this minimum rate will need to pay additional tax, which could be collected by the parent company's tax authorities if that parent country adopts Pillar 2 or by those in other countries, depending on whether and how each country implements the OECD's approach in its tax treaties and domestic tax legislation. The first detailed draft rules under that approach were published in December 2021. The new approach came into effect in 2023 in certain jurisdictions, and different countries have implemented the necessary rules in different ways, through their individual agreement to tax treaty changes and through changes to their own domestic tax laws. Many countries in which we do business have adopted, or are expected to adopt, these rules which will change various aspects of the existing framework under which our tax obligations are determined. For example, the U.K., the majority of the EU, Canada, Australia and New Zealand have now adopted nearly all aspects of these rules with limited variation from the OECD model rules. Other jurisdictions in which we do business are also reacting to these efforts; for example, Bermuda enacted a corporate tax regime for the first time in 2023, which has become effective starting 2025. We anticipate further significant developments across several jurisdictions in which we operate in 2025 and 2026. Depending on how the jurisdictions in which we operate, and those in which we and our subsidiaries are based, choose to implement the OECD's approach in their tax treaties and domestic tax laws, particularly if the U.S. does not adopt Pillar 2, we could be adversely affected due to our income being taxed at higher effective rates, once these new rules come into force.

We generated tax credits under IRC Section 45 from 2009 to 2021. As of December 31, 2024, we had generated a total of $1,706.1 million in IRC Section 45 tax credits, of which approximately $1,003.9 million have been used to offset U.S. federal tax liabilities and $702.2 million remain unused and available to offset future U.S. federal tax liabilities. Our ability to use tax credits under IRC Section 45 depends upon the operations in which we invested having satisfied the conditions set forth in IRC Section 45. These include, among others, the "placed-in-service" condition and requirements relating to qualified emissions reductions, coal sales to unrelated parties and at least one of the operations' owners qualifying as a "producer" of refined coal. While we have received some degree of confirmation from the IRS relating to our ability to claim these tax credits, the IRS could ultimately determine that the operations did not satisfy the conditions set forth in IRC Section 45. The IRS audited a number of these operations. Such audits were either closed with no adjustments or, in one instance, the relevant partnership defended its position in court and prevailed. The ongoing implementation of Pillar 2 in the U.S. and around the world could also negatively impact our ability to use these tax credits in the timeframe and manner that would be beneficial to us. Similarly, the law permitting us to claim IRC Section 29 tax credits (related to our prior synthetic coal operations) expired on December 31, 2007. At December 31, 2024, we had exposure with respect to $108.0 million of previously earned tax credits under IRC Section 29. We believe our claim for IRC Section 29 tax credits in 2007 and prior years was in accordance with IRC Section 29 and four private letter rulings previously obtained by IRC Section 29 related limited liability companies in which we had an interest. We understand these private letter rulings were consistent with those issued to other taxpayers and we have received no indication from the IRS that it will seek to revoke or modify them. In addition, the IRS audited certain of the IRC Section 29 facilities without requiring any changes. There is a risk that foreign laws will not protect the intellectual property associated with The Chem-Mod™ Solution to the same extent as U.S. laws, leaving us vulnerable to companies outside the U.S. who may attempt to copy such intellectual property. In addition, other companies may make claims of intellectual property infringement with respect to The Chem-Mod™ Solution. Litigation is inherently uncertain and it is not possible for us to predict the ultimate outcome of any future claims against us by other parties.

We cannot guarantee that trade secret, trademark and copyright law protections, or our internal policies and procedures regarding our management of intellectual property, are adequate to deter misappropriation of our intellectual property. Existing laws of some countries in which we provide services or products may offer only limited protection of our intellectual property rights. Also, we may be unable to detect the unauthorized use of our intellectual property and take the necessary steps to enforce our rights, which may have a material adverse impact on our business, financial condition or results of operations. We cannot be sure that our services and products, or the products of others that we offer to our clients, do not infringe on the intellectual property rights of third parties, and we may have infringement claims asserted against us or our clients. These claims may harm our reputation, result in financial liability, consume financial resources to pursue or defend, and prevent us from offering some services or products. In addition, these claims, whether with or without merit, could be expensive, take significant time and divert management's focus and resources from business operations. Successful challenges against us could require us to modify or discontinue our use of technology or business processes where such use is found to infringe or violate the rights of others, or require us to purchase licenses from third parties, any of which could adversely affect our business, financial condition and operating results.

We collect, use, store, transmit and otherwise process, confidential, personal and proprietary information relating to our Company, acquisition targets, our employees and our clients. This information includes personally identifiable information, protected health information, financial information, mergers and acquisitions information and intellectual property. We maintain policies, procedures and technical safeguards designed to protect the security and privacy of confidential, personal and proprietary information. Nonetheless, we cannot eliminate the risk of human error, malfeasance or highly sophisticated cyber-attacks, which are heightened as a result of the armed conflicts in Ukraine and in the Middle East or other cybersecurity incidents. In addition, our increased reliance on technologies that support remote and hybrid work and our employees' more frequent use of personal devices and non-standard business processing as well as the increasing prevalence of sophisticated cyber-attacks using AI, such as "deep fakes," may increase the risk of cybersecurity or data breaches from circumvention of security systems, denial-of-service attacks or other cyber-attacks, hacking, "phishing" attacks (including digital or telephonic impersonation), computer viruses, ransomware, malware, malicious or destructive code, employee or insider error, malfeasance, social engineering, physical breaches or other actions. It is possible that our preventive, detective, containment or remedial security controls, employee training and other aspects of our cybersecurity safeguards are not effective. We have and continue to invest in technology security initiatives, policies, resources and employee training. The cost and operational consequences of implementing, maintaining and enhancing appropriate technical measures is high. Given the continuously evolving cyber threat landscape, it will become increasingly difficult to detect, defend against and remediate cybersecurity incidents and data breaches. If we are unable to effectively maintain and enhance our system safeguards in line with evolving cyber threats, including in connection with the integration of acquisitions, we may incur unexpected costs, including litigation costs, regulatory enforcement action, loss of clients, reputational damage, and certain of our systems may become more vulnerable to unauthorized access. We rely on IT and third party vendors some of which have direct access to our systems, to support our business activities, including our secure processing of personal, confidential, sensitive, proprietary and other types of information. Despite ongoing efforts to improve our and our vendors' ability to protect and defend against cyber-attacks, we may not be able to protect all of our data. From time to time, cybersecurity incidents and data breaches of certain systems on which we rely have occurred, such as computer viruses, unauthorized parties gaining access to our information technology systems, and privacy incidents, such as loss or inadvertent transmission of data, although to date we have not been materially impacted by such events. In the future, breaches of any third-party or internal systems may result from circumvention of security systems, denial-of-service, hacking, "phishing", computer viruses, ransomware, malware, or other cyber-attacks, employee or insider error, malfeasance, social engineering, physical breaches or other actions. Furthermore, the risk from threat actors has increased due to the rapid development of AI capabilities. We are an acquisitive organization. The process of integrating information systems of businesses we acquire is complex and exposes us to additional risk as we might not adequately identify weaknesses in the targets' information systems or information handling, privacy and security policies and protocols, which could expose us to unexpected liabilities or make our own systems and data more vulnerable to employee or insider error, malfeasance or cybersecurity incidents. These risks may be exacerbated in connection with the integration of AssuredPartners. Any future, material cybersecurity or data incident, may cause us to experience unauthorized access, exfiltration, manipulation, corruption, loss or disclosure of our proprietary, client, employee, or other data, reputational harm, the inability to render services due to system outages or other business disruptions, loss of clients and revenue, regulatory action and scrutiny, sanctions or other statutory penalties, litigation, liability for failure to safeguard clients' information, increases in cybersecurity costs or financial losses. Any of the foregoing may be exacerbated by a delay or failure to detect a cybersecurity incident or the full extent of such incident. In addition, disclosure or media reports of actual or perceived security vulnerabilities to our systems or those of our third-party service providers, even if no breach has been attempted or occurred, could lead to reputational harm, loss of customers and revenue, or increased regulatory actions oversight and scrutiny. Such incidents could result in confidential, personal or proprietary information being lost or stolen, used to perpetuate fraud, maliciously made public, surreptitiously modified, or rendered inaccessible for a period of time. We cannot ensure that any limitations of liability provisions in our agreements with clients, vendors and other third parties with which we do business would be enforceable or adequate or would otherwise protect us from any liability with respect to claims arising from a cybersecurity, data or similar incident. During a cybersecurity incident, we might have to take our systems offline, which could interfere with services to our clients or damage our reputation. While we endeavor to design and implement technologies, policies and procedures to identify such incidents as quickly as possible, any response would take substantial time, and there may be extensive delays before we obtain full and reliable information. During such time we would not necessarily know the extent of the harm or how best to remediate it, and certain errors or actions could be repeated or compounded before they are discovered and remediated, all of which may further increase the costs and consequences of such incident. Any of these losses may not be insured against or be fully covered by insurance we maintain. Further, we cannot ensure that our and our third-party vendors' existing insurance coverage will continue to be available on acceptable terms or at all. Certain regulations and contractual obligations require us to inform regulators or affected persons in the event of a breach of confidential, personal or proprietary information on our or our third-party vendors' systems, which we may need to deliver before we fully understand the impact of such breach resulting in damage to our reputation and our relationship with regulators and clients. In addition, the competition for talent is high in the cybersecurity and privacy space, and we may not be able to hire, develop or retain suitable talent that we need to be capable of minimizing, identifying, mitigating or remediating these risks. With respect to our commercial arrangements with third party vendors, we have processes designed to require third party IT outsourcing, offsite storage and other vendors to agree to maintain certain standards with respect to their storage, protection and transfer of confidential, personal and proprietary information. However, we have limited control over their security, privacy and data governance practices so there can be no assurance that we can prevent, mitigate, or remediate a potential failure of those standards and we remain at risk of a cyber or data incident due to the intentional or unintentional non-compliance by a vendor's employee or agent, the breakdown of a vendor's processes, or a cybersecurity incident involving vendor's information systems. We cannot ensure that any provisions in our agreements with these vendors would be enforceable or adequate or would otherwise protect us from any liability in connection with these incidents. Any of the foregoing may have a material adverse effect on our business, financial condition and reputation.

In 2024, we generated approximately 36% of our combined brokerage and risk management revenues outside the U.S. Our business outside the U.S. presents operational, regulatory, economic and other risks that are different from, or greater than, the risks we face doing comparable business in the U.S. These include, among others, risks relating to: - Maintaining awareness of and complying with a wide variety of labor practices and foreign laws, including those relating to labor and employment, data privacy requirements, AI regulations, prohibitions on corrupt payments to government officials, export and import duties, environmental policies, sustainability disclosures, as well as laws and regulations applicable to U.S. business operations abroad;- Our employees, our agents, or our affiliated entities, or their respective officers, directors, employees and agents, may take actions in violation of any local laws, regulations or policies, for which we might be held responsible. Actual or alleged violations could result in substantial fines, sanctions, civil or criminal penalties, debarment from government contracts, curtailment of operations in certain jurisdictions, competitive or reputational harm, litigation or regulatory action and other consequences that might adversely affect our results of operations, financial condition or strategic objectives;- We expect relations with work councils and trade unions in these countries will continue to be satisfactory, however, work stoppages could occur and we may not be successful in negotiating new collective bargaining agreements. In addition, collective bargaining negotiations may (1) result in significant increases in the cost of labor, (2) divert management's attention away from operating the business or (3) break down and result in the disruption of operations. See also "Regulatory, Legal and Accounting Risks";- We own interests in firms where we do not exercise management control (such as Casanueva Perez S.A.P.I. de C.V. in Mexico and Renomia, A.S. in the Czech Republic) and are therefore unable to direct or manage the business to realize the anticipated benefits, including mitigation of risks, that could be achieved through full ownership;- The potential costs, difficulties and risks associated with local regulations across the globe, including the risk of personal liability for directors and officers (for example, in the U.K.) and "piercing the corporate veil" risks under the corporate law regimes of certain countries;- Difficulties in staffing and managing foreign operations. For example, we are growing our Latin America operations through acquisitions of local family-owned insurance brokerage firms. If we lose a local key employee, hiring and retaining talent locally or finding an internal candidate qualified to transfer to such location could be difficult;- Less flexible employee relationships, which in certain circumstances have limited our ability to prohibit employees from competing with us after they are no longer employed with us or recover damages, and made it more difficult and expensive to terminate their employment;- Certain of our non-U.S. subsidiaries receive revenues or incur obligations in currencies that differ from their functional currencies. We must also translate the financial results of our non-U.S. subsidiaries into U.S. dollars. Although we have used foreign currency hedging strategies in the past and currently have some in place, such risks cannot be eliminated entirely, and significant changes in exchange rates may adversely affect our results of operations;- Conflicting regulations in the countries in which we do business;- Political and economic instability (including risks relating to undeveloped or evolving legal systems, unstable governments, acts of terrorism, military actions and armed conflicts, including between Russia and Ukraine and in the Middle East). See also "Global economic conditions and geopolitical events may impact the countries, regions or industries in which we operate and adversely affect our business, results of operations and financial condition";- Coordinating our communications, policies and logistics across geographic distances, multiple time zones and in different languages, including during times of crisis management;- Risks relating to our post-Brexit plan to address the loss of passporting rights between the U.K. and the European Economic Area (which we refer to as EEA) with respect to insurance brokerage services. The plan we implemented in 2020 involved transferring the EEA clients of our U.K.-based regulated entities to a Swedish subsidiary authorized in the EEA, and providing some services through a U.K. branch of such subsidiary. Although this "reverse branch" model is typical of other brokers of a similar size, EEA regulators continue to assess their approach to this model, including as a result of, among other developments, the supervisory statement issued by the European Insurance and Occupational Pensions Authority (EIOPA) in February 2023. While we are continuously assessing the impact of these developments, it is difficult to predict such impact on our current plan;- Unfavorable audits and exposure to additional liabilities relating to various non-income taxes (such as payroll, sales, use, value-added, net worth, property and goods and services taxes) in non-U.S. jurisdictions. In addition, our future effective tax rates could be unfavorably affected by changes in tax rates, discriminatory or confiscatory taxation, changes in the valuation of our deferred tax assets or liabilities, changes in tax laws or their interpretation and the financial results of our non-U.S. subsidiaries. See also "Changes in tax laws could adversely affect us";- Legal or political constraints on our ability to maintain or increase prices;- Cash balances held in foreign banks and institutions where governments have not specifically enacted formal guarantee programs;- Epidemics or pandemics at a regional or global level;- Lost business or other financial harm due to protectionism in the U.S. and in countries around the world, including adverse trade policies, tariffs, trade wars and other governmental actions affecting the flow of goods, services or currency, and governmental restrictions on the transfer of funds to us from our operations outside the U.S.; for example, the practice of using off-shore labor has come under increased scrutiny in the U.S. and governmental authorities or insurance carriers could seek to impose financial costs or restrictions on the use of off-shore centers of excellence such as the ones we operate in India and other international jurisdictions (see also "Business disruptions could have a material adverse effect on our operations, damage our reputation and impact client relationships"); and - Increased tensions between countries such as the U.S., China and Russia and related trade and military policies of the U.S. government that may cause retaliation or countermeasures from other countries or regions, could further develop in ways that exacerbate the risks described above, or introduce new risks for our non-U.S. operations, such as increasing the potential that sanctions, tariffs, global mobility restrictions or other related measures may impact our business. If any of these risks materialize, our results of operations and financial condition could be adversely affected.

Our ability to conduct business may be adversely affected by a disruption in the infrastructure that supports our business. This includes infrastructure controlled by third-party vendors and suppliers. Such disruptions could be caused by various factors, such as cybersecurity incidents, security breaches, human error, capacity constraints, hardware failures or defects, natural disasters, climate and weather events, pandemics, fires, power outages, telecommunication failures, break-ins, sabotage, intentional acts of vandalism, acts of terrorism, civil disruption, political violence and unrest, military actions or war. While we have disaster recovery procedures in place, they may not be effective. Additionally, insurance covering such disruptions may not continue to be available at reasonable prices and may not address all potential losses or compensate us for the possible loss of clients or increase in claims and lawsuits directed against us. Further, because we do not control infrastructure owned by third parties, we cannot guarantee that such parties have effective recovery procedures, or sufficient funds or insurance to recover any damages, losses or other liabilities that we may incur due to business interruptions caused by disruptions to their infrastructure. The risk of business disruption is more pronounced in certain geographic areas where a significant portion of our business is concentrated. For example, we have substantial operations in India that provide important client support and other services for our global organization. To date, the dispute between India and Pakistan involving the Kashmir region, rising tensions between India and China, incidents of terrorism in India, the potential for civil unrest and general geopolitical uncertainties have not adversely affected our operations in India. However, such factors could potentially affect our operations there in the future. If our access to these services is disrupted, our client relationships could be harmed, our liability for E&O could increase, and our reputation could be damaged, causing our business, operating results and financial condition to be adversely affected.

We derive much of our revenue from commissions and fees for our brokerage services. We do not determine the premiums on which our commissions are generally based. Moreover, premiums are cyclical in nature and may vary widely based on market conditions. Because of market cycles for insurance and reinsurance product pricing, which we cannot predict or control, our brokerage revenues and profitability can be volatile or remain depressed for significant periods of time. Underwriting enterprises may seek to minimize their expenses by reducing the commission rates payable to agents or brokers such as us. The reduction of these commission rates, along with general volatility and/or declines in premiums, may significantly affect our profitability. Because we do not determine the timing or extent of premium pricing changes, it is difficult to forecast our commission revenues precisely, including whether they will significantly decline. As a result, we may have to adjust our budgets for future acquisitions, capital expenditures, dividend payments, debt repayments and other expenditures to account for unexpected changes in revenues, and any decreases in premium rates may adversely affect the results of our operations. In addition, there have been and may continue to be various trends in the insurance and reinsurance markets toward alternative insurance markets including, among other things, greater levels of self-insurance, captives, rent-a-captives, risk retention groups and non-insurance capital markets-based solutions to traditional insurance. While historically we have been able to participate in certain of these activities on behalf of our clients and obtain fee revenue for such services, there can be no assurance that we will realize revenues and profitability as favorable as those realized from our traditional brokerage activities. Our ability to generate premium based commission revenue may also be challenged by the growing desire of some clients to compensate brokers based upon flat fees rather than a percentage of premium. This could negatively impact us because fees are generally not indexed for inflation and might not increase with premiums as commissions do or with the level of service provided.

The insurance brokerage, reinsurance brokerage and employee benefit consulting businesses are highly competitive and many insurance brokerage, reinsurance brokerage and employee benefit consulting organizations actively compete with us in one or more areas of our business around the world. Two of the firms we compete with in the global brokerage and risk management markets have larger revenues than ours. In addition, many other smaller firms that operate nationally or that are strong in a particular country, region or locality may have, in that country, region or locality, an office with revenues as large as or larger than those of our corresponding local office. Our third party claims administration operation also faces significant competition from stand-alone firms as well as divisions of larger firms. Over the past decade or more, private equity sponsors have invested heavily in the insurance brokerage and third party claims administration industries, creating new competitors and strengthening existing ones. Across all of our operations, Insurtech and technology-based start-ups are entering the business. In most cases, these businesses complement or enhance our offerings, but in some cases, they compete with us. We believe that the primary factors determining our competitive position with other organizations in our industry are the quality of the services we render, our data analytics capabilities, the personalized attention we provide, the individual and corporate expertise of the brokers and consultants providing the actual service to the client, and our ability to help our clients manage their overall risk exposure and insurance or reinsurance costs. Losing business to competitors offering similar services or products at a lower cost or having other competitive advantages would adversely affect our business. Consolidation among our existing competitors could create additional competitive pressure on us as such firms grow their market share, take advantage of strategic and operational synergies and develop lower cost structures. In addition, any increase in competition due to new legislative or industry developments could adversely affect us. These developments include: - Increased capital-raising by underwriting enterprises, which could result in new risk-taking capital in the industry, which in turn may lead to lower insurance premiums and commissions;- Underwriting enterprises selling insurance directly to insureds without the involvement of a broker or other intermediary;- Changes in our business compensation model as a result of regulatory developments;- Federal and state governments establishing programs to provide health insurance (such as a single-payer system) or, in certain cases, property insurance in catastrophe-prone areas or other alternative market types of coverage, that compete with, or completely replace, insurance products currently offered by underwriting enterprises;- Sustainability regulations in the U.S. and around the world, particularly those promoting the transition to a low-carbon economy, which could create new competitive pressures around climate resilience consulting services and innovative insurance solutions;- Continued consolidation in the financial services industry, leading to large financial services institutions offering a wider variety of services including insurance brokerage and risk management services;- Increased competition from new market participants such as banks, accounting firms, consulting firms and Internet or other technology firms offering risk management or insurance brokerage services, or new distribution channels for insurance such as payroll firms and professional employer organizations; and - Third party capital providers entering the insurance and reinsurance risk transfer market offering products and capital directly to our clients. Their presence in the market has increased the competitive pressures that we face. New competition as a result of these or other legislative or industry developments could cause the demand for our products and services to decrease, which could in turn adversely affect our results of operations and financial condition.

Our third party claims administration operations face a variety of risks distinct from those faced by the rest of our business, including the risks that: - Epidemics and pandemics that reduce in-person business activity have a greater negative impact because they result in a reduction in the number of claims processed, as experienced during the years 2020, 2021, and the beginning of 2022. If a new epidemic or pandemic were to emerge, these operations could face similar negative impacts in the future;- RISX-FACS, our proprietary risk management information system, on which our ability to provide clients with insurance claim settlement and administration services is highly dependent, becomes inoperable for some reason. In addition, we are increasing our use of cloud storage and cloud computing application services supported, upgraded and maintained by third-party vendors. A disruption affecting RISX-FACS, third-party cloud services or any other infrastructure supporting our business, including key client relationship management software, could have a material adverse effect on our operations, cause reputational harm and damage our employee and client relationships;- The favorable trend among both underwriting enterprises and self-insured entities toward outsourcing various types of claims administration and risk management services will reverse or slow causing our revenues or revenue growth to decline;- Concentration of large amounts of revenue with certain clients results in greater exposure to the potential negative effects of lost business due to changes in management at such clients or changes in state government policies, in the case of our government-entity clients, or for other reasons;- Contracting terms will become less favorable or the margins on our services will decrease due to increased competition, regulatory constraints or other developments;- We do not satisfy regulatory requirements related to third party administrators or that regulatory developments impose additional burdens, costs or business restrictions that make our business less profitable; for example, regulations relating to security, cybersecurity, AI and data privacy as we manage a large amount of highly sensitive and confidential information including personally identifiable information, protected health information and financial information;- Volatility in our case volumes, which are dependent upon a number of factors and difficult to forecast accurately, could impact our revenues;- Wage inflation, difficulty attracting and retaining talent, and rising technology costs, may impact our ability to remain competitive in the marketplace and profitably fulfill our existing contracts (other than those that provide cost-plus or other margin protection);- We may be unable to develop further efficiencies in our claims-handling business and may be unable to obtain or retain certain clients if we fail to make adequate improvements in technology or operations; and - Underwriting enterprises or certain large self-insured entities may create in-house servicing capabilities, including as a result of the adoption of AI, that compete with our third party administration and other administration, servicing and risk management products, and we could face additional competition from potential new entrants into the global claims management services market. See also "We are subject to risks associated with AI." If any of these risks materialize, our results of operations and financial condition could be adversely affected.

Our reputation is one of our key assets. We advise our clients on and provide services related to a wide range of subjects and our ability to attract acquisition partners and attract and retain clients and employees is highly dependent upon perceptions of our expertise, level of service, ability to protect client information, trustworthiness, business practices, financial condition and other subjective qualities such as ethics, culture and values. We believe that our culture has been a critical component of our growth and success since our founding nearly 100 years ago and the failure to uphold our culture as we grow could negatively impact our reputation. Negative perceptions or publicity, including our association with clients or business partners with damaged reputations, as a result of actions taken by companies we acquire before the acquisition, as a result of marketing partnerships (for example, with a sports team or league), or from actual or alleged conduct by us or our employees, including corruption or bribery allegations or cybersecurity incidents, could damage our reputation. Negative publicity may be posted on social media or other Internet forums, whether or not true, and the speed and pervasiveness with which information can be disseminated through these channels, in particular social media, may magnify the risks noted above. Our success is also dependent on maintaining a good reputation with investors, regulators and the communities in which we operate. As we enter new jurisdictions and markets globally, negative reputational events (whether arising from regulatory matters or otherwise) may have a disproportionate impact in locations or markets where our employee and client presence is limited. Any negative publicity could potentially hinder our growth prospects in such locations or markets. Any of these matters could have a material adverse effect on our business, financial condition and results of operations. See below for additional risk factors regarding sustainability initiatives and disclosures.