Apple Hospitality REIT (APLE) Risk Analysis

In order for the Company to maintain its qualification as a REIT under the Code, not more than 50% in value of its outstanding shares may be owned, directly or indirectly, by five or fewer individuals (as defined in the Code to include certain entities) at any time during the last half of each taxable year following the Company's first year (the "5/50 Test"). Additionally, at least 100 persons must beneficially own the Company's shares during at least 335 days of each taxable year (the "100 Shareholder Test"). The Company's amended and restated articles of incorporation (the "Charter"), with certain exceptions, authorizes the Company's Board of Directors to take the actions that are necessary and desirable to preserve its qualification as a REIT. In addition to the 5/50 Test and the 100 Shareholder Test, the Company's Charter provides that no person or entity may directly or indirectly, beneficially or constructively, own more than 9.8% of the aggregate of its outstanding common shares or 9.8% of the aggregate of the outstanding preferred shares of any class or series ("share ownership limits"). The Company's Board of Directors may, in its sole discretion, grant an exemption to the share ownership limits, subject to certain conditions and the receipt by the Board of Directors of certain representations and undertakings. In addition, the Board of Directors may change the share ownership limits. The share ownership limits contained in the Charter key off the ownership at any time by any "person," which term includes entities, and take into account direct and indirect ownership as determined under various ownership attribution rules in the Code. The share ownership limits might delay or prevent a transaction or a change in the Company's control that might involve a premium price for the Company's common shares or otherwise be in the best interests of its shareholders.

The Company may seek in the future to distribute taxable dividends that are payable in cash and common shares, at the election of each shareholder. Taxable shareholders receiving such dividends will be required to include the full amount of the dividend as ordinary income to the extent of the Company's current and accumulated earnings and profits for U.S. federal income tax purposes, however, generally a shareholder will receive a taxable income deduction for 20% of all ordinary dividends received from a REIT. As a result, shareholders may be required to pay income taxes with respect to such dividends in excess of the cash dividends received. If a U.S. shareholder sells the common shares that it receives as a dividend in order to pay this tax, the sales proceeds may be less than the amount included in income with respect to the dividend, depending on the market price of common shares at the time of the sale. In addition, in such case, a U.S. shareholder could have a capital loss with respect to the common shares sold that could not be used to offset such dividend income. Furthermore, with respect to certain non-U.S. shareholders, the Company may be required to withhold U.S. federal income tax with respect to such dividends, including in respect of all or a portion of such dividend that is payable in common shares. In addition, such a taxable share dividend could be viewed as equivalent to a reduction in the Company's cash distributions, and that factor, as well as the possibility that a significant number of the Company's shareholders could determine to sell the common shares in order to pay taxes owed on dividends, may put downward pressure on the market price of the Company's common shares.

Although the Company anticipates maintaining relatively low levels of debt, it may periodically use, and has used, financing to acquire properties, perform renovations to its properties, or make shareholder distributions or share repurchases in periods of fluctuating income from its properties. The credit markets have historically been volatile and subject to increased regulation, and as a result, the Company may not be able to obtain debt financing to meet its cash requirements, including refinancing any scheduled debt maturities, which may adversely affect its ability to execute its business strategy. If the Company refinances debt, such refinancing may not be in the same amount or on terms as favorable as the terms of the existing debt being refinanced. If the Company is unable to refinance its debt, it may be forced to dispose of hotels or issue equity at inopportune times or on disadvantageous terms, which could result in higher costs of capital and may reduce the Company's profitability. The Company is also subject to risks associated with increases in interest rates with respect to the Company's variable-rate debt which could reduce cash from operations and adversely affect its ability to make distributions to shareholders. In addition, the Company has used interest rate swaps to manage its interest rate risks on a portion of its variable-rate debt, and in the future, it may use hedging arrangements, such as interest rate swaps, to manage its exposure to interest rate volatility. The Company's actual hedging decisions are determined in light of the facts and circumstances existing at the time of the hedge. There is no assurance that the Company's hedging strategy will achieve its objectives, and the Company may be subject to costs, such as transaction fees or breakage costs, if it terminates these hedging arrangements.

The Company's business strategy includes identifying and completing accretive hotel acquisitions. The Company competes with other investors who are engaged in the acquisition of hotels, and these competitors may affect the supply and demand dynamics and, accordingly, increase the price the Company must pay for hotels it seeks to acquire, or these competitors may succeed in acquiring those hotels. Any delay or failure on the Company's part to identify, negotiate, finance on favorable terms, consummate and integrate such acquisitions could materially impede the Company's growth. The Company may also incur costs that it cannot recover if it abandons a potential acquisition. Also, if the Company does not reinvest proceeds received from hotel dispositions into new properties in a timely manner, the Company's profitability could be negatively impacted. The Company's profitability may also suffer because hotel acquisitions may not yield the returns the Company expects and the integration of such acquisitions may disrupt the Company's business or may take longer than projected. Furthermore, the Company may be subject to unknown or contingent liabilities related to hotels it acquires.

Rent paid by a lessee that is a "related party tenant" of the Company generally will not be qualifying income for purposes of the two gross income tests applicable to REITs. An exception is provided, however, for leases of "qualified lodging facilities" to a TRS so long as the hotels are managed by an "eligible independent contractor" and certain other requirements are satisfied. The Company intends to continue to take advantage of this exception. A "qualified lodging facility" is a hotel, motel, or other establishment more than one-half of the dwelling units in which are used on a transient basis, including customary amenities and facilities, provided that no wagering activities are conducted at or in connection with such facility by any person who is engaged in the business of accepting wagers and who is legally authorized to engage in such business at or in connection with such facility. Although the Company intends to monitor future acquisitions and improvements of hotels, the REIT provisions of the Code provide only limited guidance for making determinations under the requirements for "qualified lodging facilities," and there can be no assurance that these requirements will be satisfied in all cases. In addition, the Company's TRS lessees have engaged hotel management companies that are intended to qualify as "eligible independent contractors." Among other requirements, in order to qualify as an "eligible independent contractor," the hotel management company must not own, directly or through its shareholders, more than 35% of the Company's outstanding shares, and no person or group of persons can own more than 35% of the Company's outstanding shares and the shares (or ownership interest) of the hotel management company (taking into account certain ownership attribution rules). The ownership attribution rules that apply for purposes of these 35% thresholds are complex, and monitoring actual and constructive ownership of the Company's shares by the hotel management companies and their owners may not be practical. Accordingly, there can be no assurance that these ownership levels will not be exceeded. In addition, for a hotel management company to qualify as an "eligible independent contractor," such company or a related person must be actively engaged in the trade or business of operating "qualified lodging facilities" (as defined above) for one or more persons not related to the REIT or its TRSs at each time that such company enters into a hotel management contract with a TRS. As of the date hereof, the Company believes the hotel management companies operate "qualified lodging facilities" for certain persons who are not related to the Company or its TRSs. However, no assurances can be provided that this will continue to be the case or that any other hotel management companies that the Company may engage in the future will in fact comply with this requirement in the future.

As of December 31, 2025, 14 of the Company's properties were subject to ground leases, not including the Company's three parking lot ground leases. Accordingly, the Company effectively only owns a long-term leasehold interest in these properties. If the Company is found to be in breach of a ground lease, it could lose the right to use the property. In addition, unless the Company can purchase a fee interest in the underlying land or renew the terms of these leases before their expiration, as to which no assurance can be given, the Company will lose its right to operate these properties and its interest in the property, including any investment that it made in the property. The Company's ability to exercise any extension options relating to its ground leases is subject to the condition that the Company is not in default under the terms of the ground lease at the time that it exercises such options, and the Company can provide no assurances that it will be able to exercise any available options at such time. If the Company were to lose the right to use a property due to a breach or non-renewal of a ground lease, it would be unable to derive income from such property. Finally, the Company may not be permitted to sell or finance a property subject to a ground lease without the consent of the lessor.

The success of the Company's hotels depends largely on the hotel operators' ability to adapt to dominant trends and risks in the hotel industry, both nationally and in individual local markets. These risks could adversely affect hotel occupancy and the rates that can be charged for hotel rooms as well as hotel operating expenses. The following is a summary of risks that may affect the hotel industry in general and as a result may affect the Company: - over-building of hotels in the markets in which the Company operates, resulting in an increase in supply of hotel rooms that exceeds increases in demand;- competition from other hotels and lodging alternatives in the markets in which the Company operates;- a downturn in the hospitality industry;- dependence on business and leisure travel;- increases in travel-related expenses, including gas prices, which may affect travel patterns and reduce business and leisure travel;- reduced business and leisure travel due to geo-political uncertainty, including terrorism and acts of war, government shutdowns, travel-related health concerns, including widespread outbreaks of infectious or contagious diseases in the U.S. and the related impacts, inclement weather conditions, including natural disasters such as hurricanes, earthquakes and wildfires, airline strikes or equipment failures, or other disruptions;- reduced travel due to adverse national, regional or local economic, political and market conditions;- seasonality of the hotel industry may cause quarterly fluctuations in operating results;- changes in marketing and distribution for the hospitality industry, including the cost and the ability of third-party internet and other travel intermediaries to attract and retain customers;- changes in hotel room demand generators in a local market;- ability of a hotel franchisor to fulfill its obligations to franchisees;- brand expansion;- the performance of third-party managers of the Company's hotels;- increases in operating costs, including ground lease payments, renovation projects, property and casualty insurance, utilities and real estate and personal property taxes, due to inflation, climate change, supply chain disruptions, tariffs, natural disasters, regulatory compliance and other factors that may not be offset by increases in room rates or room revenue;- inflation which could adversely affect consumer confidence thereby reducing consumer purchasing power and demand for lodging;- labor shortages and other increases in the cost of labor due to low unemployment rates or to government regulations surrounding work rules, wage rates, health care coverage, immigration policies and other benefits;- supply chain disruptions and broader inflationary pressures throughout the overall economy and global tensions driving shortages and cost increases for materials and supplies such as food and equipment;- changes in governmental laws and regulations, fiscal policies and zoning ordinances and the related costs of compliance with applicable laws and regulations;- business interruptions, regulatory costs, financial loss and equipment loss due to cyber-attacks and other technological events;- requirements for periodic capital reinvestment to repair and upgrade hotels;- limited alternative uses for hotel buildings; and - condemnation or uninsured losses. Any of these factors, among others, may reduce the Company's operating results, the value of the properties that the Company owns, and the availability of capital to the Company.

The Company and its hotel managers and franchisors rely on information technology networks and systems, including the Internet, to process, transmit and store electronic information, and to manage or support a variety of business processes, including financial transactions and records, personally identifiable information, reservations, billing and operating data. The Company and its hotel managers and franchisors rely on commercially available and internally developed systems, software, tools and monitoring to provide security for processing, transmission and storage of confidential data. Such data may include employee, operator and customer information, such as personally identifiable information, and information relating to payroll and financial accounts. The Company's corporate information technology systems are not used to process business transactions with its hotel guests, and those systems currently have no connectivity to hotel and/or third-party management and brand technology platforms. A number of hospitality and consumer-facing brands have been subject to successful cyber-attacks, including those seeking guest credit card information. Moreover, the risk of a cybersecurity incident or disruption, particularly through cyber-attack or cyber intrusion, including by computer hackers, nation-state affiliated actors and cyber terrorists, has generally increased as the number, intensity and sophistication of attempted attacks and intrusions from around the world have increased. The safety and security measures taken by the Company and its hotel managers, third-party vendors and franchisors have not been, and in the future may not be, able to completely prevent damage to the technology networks or systems, ensure their proper functioning, or prevent against cybersecurity incidents, including those resulting in unauthorized access to or disclosure of personally identifiable information. Cybersecurity incidents, including intentional or unintentional physical or electronic break-ins, cyber-attacks, cyber intrusions or the deployment of ransomware or other extortion tactics, malware, computer viruses, attachments to emails, social engineering or phishing schemes, or fraudulent schemes, have created and may in the future create system disruptions, shutdowns, deployment of malware or ransomware, theft of the Company's data, or unauthorized access to or disclosure of confidential information. Any failure to maintain proper function, security and availability of information systems could interrupt operations, interfere with the Company's ability to comply with financial reporting requirements, damage the reputations of the Company, the Company's hotel managers or franchisors, and subject the Company to liability claims, notification and monitoring requirements or regulatory penalties that may not be fully covered by insurance, all of which could have a material adverse effect on the business, financial condition and results of operations of the Company. The Company has incurred, and will continue to incur, expenses to comply with data protection standards and protocols imposed by law, regulation, industry standards and contractual obligations. Increased regulation of data collection, use and retention practices, including self-regulation and industry standards, changes in existing laws and regulations, enactment of new laws and regulations, increased enforcement activity, and changes in interpretation of laws, could increase the Company's cost of compliance and operation, limit its ability to grow its business or otherwise harm its business. Due to the complexity and interconnectedness of the Company's information systems and networks, and those upon which the Company and its hotel managers and franchisors rely, the process of upgrading or patching protective measures could itself create a risk of cybersecurity issues or system disruptions for the Company, as well as for its hotel managers, franchisors, and others who rely upon, or have exposure to, such information systems and networks. Further, adoption of artificial intelligence ("AI") tools by the Company or by third parties may pose new cybersecurity challenges. Threat actors may use AI tools to automate and enhance cybersecurity attacks against the Company. The Company uses software and platforms designed to detect such cybersecurity threats, including AI-based tools, but these threats could become more sophisticated and harder to detect and counteract, which may pose significant risks to the Company's data security and systems. In addition, unauthorized access to, disclosure of, or loss of personally identifiable information or confidential or proprietary information could result in damage to the Company or the hotel management company's or franchisor's reputation, a loss of confidence among hotel guests, reputational harm for the Company's hotels, legal liability, potential litigation, and increased regulatory oversight, including governmental investigations, enforcement actions, and regulatory fines, investigatory costs and costs to comply with notification and monitoring requirements. In the conduct of its business, both the Company and its hotel managers and franchisors rely on relationships with third parties, including cloud data storage and other information technology service providers, suppliers, distributors, contractors and other external business partners, for certain functions or for services in support of key portions of the Company's operations. These third-party entities are subject to similar risks related to cybersecurity, privacy violations, and business interruption, and a cybersecurity incident or disruption affecting the Company's third-party service providers or partners could have a material adverse effect on the Company's business. While the Company may be entitled to damages if its third-party service providers fail to satisfy their cybersecurity-related obligations to the Company, any award may be insufficient to cover the Company's damages, or the Company may be unable to recover such award. The Company has processes in place to deter, detect, report, and respond to cybersecurity incidents but there can be no guaranty that those processes will be successful in preventing every attempted intrusion or attack. While the Company is not aware of any cybersecurity incidents, including third-party incidents, that have materially affected it as of December 31, 2025, there can be no guarantee that the Company will not be the subject of future attacks, threats or cybersecurity incidents that may have a material impact on its business strategy, results of operations or financial condition. The Company maintains cybersecurity insurance, but there can be no assurances that the coverage would be adequate in relation to any incurred losses. Moreover, as cyber-attacks increase in frequency and magnitude, the Company may be unable to retain or obtain cybersecurity insurance in amounts and on terms it views as adequate for its operations.