Cidara Therapeutics (CDTX) Risk Analysis

Currently, we are not conducting any clinical trials in China nor licensing any products in China but we may do so in the near future in respect of our development of CD388. The pharmaceutical industry in China is subject to comprehensive government regulation and supervision, encompassing the approval, registration, manufacturing, packaging, licensing and marketing of new drugs. For example, in order to conduct a clinical trial in China, sponsors must not only obtain the approval of the National Medical Product Administration of China, but also a separate approval from or filing with the Ministry of Science and Technology under the Administrative Regulations on Human Genetic Resources of the People's Republic of China, or HGR Regulation, for clinical trials involving HGR Materials or Information. Any failure to comply with these requirements could cause any clinical trial to be suspended by governing authorities, may result in fines and also may constitute a breach under our agreements with third parties assisting us in the conduct of the trial in China, such as our CRO. In recent years, the regulatory framework in China regarding the pharmaceutical industry has undergone significant changes, and we expect that it will continue to undergo significant changes. Certain changes or amendments to policy or law may result in increased compliance costs on our business, or cause delays in the timely completion of any trial in China. Chinese authorities have become increasingly vigilant in enforcing laws in the pharmaceutical industry and any failure by us to maintain compliance with applicable laws and regulations or obtain and maintain required licenses and permits may result in the suspension or termination of any clinical activities in China.

We are subject to export control and import laws and regulations, including the U.S. Export Administration Regulations, U.S. Customs regulations, various economic and trade sanctions regulations administered by the U.S. Treasury Department's Office of Foreign Assets Controls, the U.S. Foreign Corrupt Practices Act of 1977, as amended, or FCPA, the U.S. domestic bribery statute contained in 18 U.S.C. § 201, the U.S. Travel Act, the USA PATRIOT Act and other state and national anti-bribery and anti-money laundering laws in the countries in which we conduct activities. Anti-corruption laws are interpreted broadly and prohibit companies and their employees, agents, contractors, and other collaborators from authorizing, promising, offering or providing, directly or indirectly, improper payments or anything else of value to recipients in the public or private sector. The FCPA also requires public companies to make and keep books and records that accurately and fairly reflect the transactions of the corporation and to devise and maintain an adequate system of internal accounting controls. We may engage third parties for clinical trials outside of the U.S., to sell our products abroad once we enter a commercialization phase and/or to obtain necessary permits, licenses, patent registrations, and other regulatory approvals. We have direct or indirect interactions with officials and employees of government agencies or government-affiliated hospitals, universities and other organizations. We can be held liable for the corrupt or other illegal activities of our employees, agents, contractors and other collaborators, even if we do not explicitly authorize or have actual knowledge of such activities. Any violations of the laws and regulations described above may result in substantial civil and criminal fines and penalties, imprisonment, the loss of export or import privileges, debarment, tax reassessments, breach of contract and fraud litigation, reputational harm and other consequences. We are also subject to export control and import laws and regulations. Compliance with applicable regulatory requirements regarding the export of our products may create delays in the introduction of our products in international markets or, in some cases, prevent the export of our products to some countries altogether. Furthermore, U.S. export control laws and economic sanctions prohibit the provision of certain products and services to countries, governments and persons targeted by U.S. sanctions. There is no certainty that all of our employees, agents, suppliers, manufacturers, contractors or collaborators, or those of our affiliates, will comply with all applicable anti-corruption, export and import control, and sanctions laws and regulations. Violations of these laws and regulations could result in fines, criminal sanctions against us, our officers, or our employees, the closing down of facilities, including those of our suppliers and manufacturers, requirements to obtain export licenses, cessation of business activities in sanctioned countries, implementation of compliance programs, and prohibitions on the conduct of our business. Any such violations could include prohibitions on our ability to offer our products in one or more countries as well as difficulties in manufacturing or continuing to develop our products, and could materially damage our reputation, our brand, our international expansion efforts, our ability to attract and retain employees, and our business, prospects, operating results and financial condition.

Healthcare professionals and third-party payors will play a primary role in the recommendation and prescription of any product candidates for which we obtain marketing approval. Our current and future arrangements with customers, healthcare professionals and third-party payors may expose us to broadly applicable fraud and abuse and other healthcare laws and regulations that may constrain the business or financial arrangements and relationships through which we conduct research, market, sell and distribute our medicines for which we obtain marketing approval. Restrictions under applicable federal and state healthcare laws and regulations include the following, among others: - the federal healthcare anti-kickback statute, which prohibits persons and entities from, among other things, knowingly and willfully soliciting, offering, receiving or providing remuneration, directly or indirectly, in cash or in kind, to induce or reward either the referral of an individual for, or the purchase, lease, order or recommendation of, any good, facility, item or service, for which payment may be made under federal and state healthcare programs such as Medicare and Medicaid;- the federal false claims laws, which impose criminal and civil penalties, including civil whistleblower or qui tam actions under the federal civil False Claims Act, against individuals or entities for, among other things, knowingly presenting, or causing to be presented, to the federal government, claims for payment that are false or fraudulent or making a false statement to avoid, decrease or conceal an obligation to pay money to the federal government;- the federal Health Insurance Portability and Accountability Act of 1996, or HIPAA, created additional federal criminal statutes that prohibit, among other actions, knowingly and willfully executing, or attempting to execute, a scheme to defraud any healthcare benefit program, including private third party payors, knowingly and willfully embezzling or stealing from a healthcare benefit program, willfully obstructing a criminal investigation of a healthcare offense, and knowingly and willfully falsifying, concealing or covering up a material fact or making any materially false, fictitious or fraudulent statement in connection with the delivery of or payment for healthcare benefits, items or services. Similar to the U.S. federal anti-kickback statute, a person or entity does not need to have actual knowledge of the statute or specific intent to violate it in order to have committed a violation;- HIPAA, as amended by the Health Information Technology for Economic and Clinical Health Act of 2009, or HITECH, also imposes criminal and civil liability for, among other things, executing a scheme to defraud any healthcare benefit program and also imposes obligations, including mandatory contractual terms, on covered entities, including certain healthcare providers, health plans, and healthcare clearinghouses, and their respective business associates and their covered subcontractors that create, receive, maintain or transmit individually identifiable health information for or on behalf of a covered entity, with respect to safeguarding the privacy, security and transmission of individually identifiable health information;- the federal false statements statute, which prohibits knowingly and willfully falsifying, concealing or covering up a material fact or making any materially false statement in connection with the delivery of or payment for healthcare benefits, items or services;- the federal transparency requirements under the Patient Protection and Affordable Care Act, as amended by the Health Care and Education Reconciliation Act, or collectively, the Affordable Care Act, which require, among other things, certain manufacturers of drugs, devices, biologics and medical supplies to report annually to CMS information related to payments and other transfers of value to physicians (defined to include doctors, dentists, optometrists, podiatrists and chiropractors), other health care professionals (such as physician assistants and nurse practitioners), and teaching hospitals, and information regarding ownership and investment interests, held by physicians and their immediate family members; and - analogous state and foreign laws and regulations, such as state anti-kickback and false claims laws, which may apply to our business activities, including sales or marketing arrangements and claims involving healthcare items or services including, in some states, those reimbursed by non-governmental third-party payors, including private insurers, some state laws which require pharmaceutical companies to comply with the pharmaceutical industry's voluntary compliance guidelines and the relevant compliance guidance promulgated by the federal government in addition to requiring drug manufacturers to report information related to payments or other transfers of value provided to physicians and other health care providers and entities, marketing expenditures, or drug pricing, state and local laws that require the registration of pharmaceutical sales representatives, and state and foreign laws governing the privacy and security of health information in certain circumstances, many of which differ from each other in significant ways and often are not preempted by HIPAA, thus complicating compliance efforts. Efforts to ensure that our business arrangements with third parties will comply with applicable healthcare laws and regulations will involve substantial costs. Interpretations of standards of compliance under these laws and regulations are rapidly changing and subject to varying interpretations and it is possible that governmental authorities will conclude that our business practices may not comply with current or future statutes, regulations or case law involving applicable fraud and abuse or other healthcare laws and regulations. If our operations are found to be in violation of any of these laws or any other laws that may apply to us, we may be subject to significant civil, criminal and administrative penalties, damages, fines, disgorgement, imprisonment, exclusion from government funded healthcare programs, such as Medicare and Medicaid, reputational harm, imprisonment, additional reporting obligations and oversight if we become subject to a corporate integrity agreement or other agreement to resolve allegations of non-compliance with these laws and the curtailment or restructuring of our operations, any of which could diminish our future profits or earnings. If any of the physicians or other providers or entities with whom we expect to do business are found to be not in compliance with applicable laws, they may be subject to criminal, civil or administrative sanctions, including exclusions from government funded healthcare programs.

Any product candidate for which we obtain marketing approval, along with the manufacturing processes and facilities, post-approval clinical data, labeling, advertising and promotional activities for such product, will be subject to continual requirements of and review by the FDA and other regulatory authorities. These requirements include submissions of promotional materials and safety and other post-marketing information and reports, registration and listing requirements, cGMP requirements for product facilities, quality assurance and corresponding maintenance of records and documents and requirements regarding the distribution of samples to physicians and related recordkeeping. Even if marketing approval of a product candidate is granted, the approval may be subject to limitations on the indicated uses for which the product may be marketed or to the conditions of approval or contain requirements for costly post-marketing testing and surveillance to monitor the safety or efficacy of the medicine. The FDA closely regulates the post-approval marketing and promotion of drugs to ensure that they are marketed only for the approved indications and in accordance with the provisions of the approved labeling. However, companies may share truthful and not misleading information that is otherwise consistent with the product's FDA approved labeling. The FDA imposes stringent restrictions on manufacturers' communications regarding off-label use and if we do not comply with these restrictions, we may be subject to enforcement actions. In addition, later discovery of previously unknown problems with our products, manufacturers or manufacturing processes and facilities or failure to comply with regulatory requirements, may result in, among other things: - restrictions on such products, manufacturers or manufacturing processes or facilities;- restrictions on the labeling, marketing, distribution or use of a product;- requirements to conduct post-approval clinical trials, other studies or other post-approval commitments;- warning or untitled letters;- withdrawal of the products from the market;- refusal to approve pending applications or supplements to approved applications that we submit;- recall of products;- fines, restitution or disgorgement of profits or revenue;- suspension or withdrawal of marketing approvals;- refusal to permit the import or export of our products;- product seizure; and - injunctions or the imposition of civil or criminal penalties.

Our product candidates and the activities associated with their development and commercialization, including their design, testing, manufacture, release, safety, efficacy, regulatory filings, recordkeeping, labeling, storage, approval, advertising, promotion, sale and distribution, are subject to comprehensive regulation by the FDA and other regulatory authorities in the U.S. and by comparable authorities in other countries. For example, in order to commence clinical trials of our product candidates in the U.S., we must file an IND and obtain FDA agreement to proceed. The FDA may place our development program on clinical hold and require further preclinical testing prior to allowing our clinical trials to proceed. We must obtain marketing approval in each jurisdiction in which we market our products. Failure to obtain marketing approval for a product candidate will prevent us from commercializing the product candidate. We have only limited experience in filing and supporting the applications necessary to gain marketing approvals and expect to rely on third-party CROs to assist us in this process. As a company we may not be able to prepare our contract manufacturers and clinical sites for inspection associated with NDA review, or appearing before an FDA advisory committee. We may receive a Complete Response Letter rather than approval. Securing regulatory approval requires the submission of extensive preclinical and clinical data and supporting information to the various regulatory authorities for each indication to establish the product candidate's safety and efficacy. Securing regulatory approval also requires the submission of information about the product manufacturing process, testing and release and inspection of manufacturing facilities and personnel by the relevant regulatory authority. Our product candidates may not be effective, may be only moderately effective or may prove to have undesirable or unintended side effects, toxicities or other characteristics that may preclude our obtaining marketing approval or prevent or limit commercial use. The process of obtaining marketing approvals, both in the U.S. and elsewhere, is expensive, may take many years and can vary substantially based upon a variety of factors, including the type, complexity and novelty of the product candidates involved. We cannot assure you that we will ever obtain any marketing approvals in any jurisdiction. Changes in marketing approval policies during the development period, changes in or the enactment of additional statutes or regulations or changes in regulatory review for each submitted product application may cause delays in the approval or rejection of an application. The FDA and comparable authorities in other countries have substantial discretion in the approval process and may refuse to accept any application or may decide that our data is insufficient for approval and require additional preclinical or other studies, changes in the manufacturing process or facilities or clinical trials. Moreover, approval by the FDA or an equivalent foreign authority does not ensure approval by regulatory authorities in any other countries or jurisdictions, but a failure to obtain marketing approval in one jurisdiction may adversely impact the likelihood of approval in other jurisdictions. In addition, varying interpretations of the data obtained from preclinical testing, manufacturing and product testing and clinical trials could delay, limit or prevent marketing approval of a product candidate. Additionally, any marketing approval we ultimately obtain may be limited or subject to restrictions or post-approval commitments that render the approved product not commercially viable.

We must comply with numerous laws and regulations relating to the formation, administration and performance of government contracts, which can make it more difficult for us to retain our rights under our government grant contracts. These laws and regulations affect how we conduct business with government agencies. Among the most significant government contracting regulations that affect our business are: - the Federal Acquisition Regulations, or FAR, and agency-specific regulations supplemental to the FAR, which comprehensively regulate the procurement, formation, administration and performance of government contracts;- business ethics and public integrity obligations, which govern conflicts of interest and the hiring of former government employees, restrict the granting of gratuities and funding of lobbying activities and include other requirements such as the federal Anti-Kickback Statute and Foreign Corrupt Practices Act;- export and import control laws and regulations; and - laws, regulations and executive orders restricting the use and dissemination of information classified for national security purposes and the exportation of certain products and technical data. Any changes in applicable laws and regulations could restrict our ability to obtain new contracts, which could limit our ability to conduct our business and materially adversely affect our results of operations.

In the ordinary course of business, we process sensitive data, and as a result, our data processing activities subject us to numerous data privacy and security obligations, such as various laws, regulations, guidance, industry standards, external and internal privacy and security policies, contractual requirements, and other obligations relating to data privacy and security. In the U.S., federal, state, and local governments have enacted numerous data privacy and security laws, including data breach notification laws, personal data privacy laws, consumer protection laws (e.g., Section 5 of the Federal Trade Commission Act), and other similar laws (e.g., wiretapping laws). For example, HIPAA, as amended by HITECH, and their respective implementing regulations, impose requirements relating to the privacy, security and transmission of individually identifiable health information. Numerous U.S. states have enacted comprehensive privacy laws that impose certain obligations on covered businesses, including providing specific disclosures in privacy notices and affording residents with certain rights concerning their personal data. As applicable, such rights may include the right to access, correct, or delete certain personal data, and to opt-out of certain data processing activities, such as targeted advertising, profiling, and automated decision-making. The exercise of these rights may impact our business and ability to provide our products and services. Certain states also impose stricter requirements for processing certain personal data, including sensitive information, such as conducting data privacy impact assessments. These state laws allow for statutory fines for noncompliance. For example, the California Consumer Privacy Act of 2018, or CCPA, applies to personal data of consumers, business representatives, and employees who are California residents, and requires businesses to provide specific disclosures in privacy notices and honor requests of such individuals to exercise certain privacy rights. The CCPA provides for fines for intentional violations and allows private litigants affected by certain data breaches to recover significant statutory damages. Although the CCPA exempts some data processed in the context of clinical trials, the CCPA increases compliance costs and potential liability with respect to other personal data we maintain about California residents. The CCPA and certain other comprehensive U.S. state privacy laws exempt some data processed in the context of clinical trials, but these developments may further complicate compliance efforts, and increase legal risk and compliance costs for us and the third parties with whom we work. Similar laws are being considered in several other states, as well as at the federal and local levels, and we expect more states to pass similar laws in the future. Outside the U.S., an increasing number of laws, regulations, and industry standards govern data privacy and security. For example, the EU's General Data Protection Regulation, or EU GDPR, the United Kingdom's GDPR, or UK GDPR, and Brazil's General Data Protection Law (Lei Geral de Proteção de Dados Pessoais, or LGPD) (Law No. 13,709/2018) impose strict requirements for processing personal data. For example, under GDPR, companies may face temporary or definitive bans on data processing and other corrective actions; fines of up to 20 million Euros under the EU GDPR, 17.5 million pounds sterling under the UK GDPR or, in each case, 4% of annual global revenue, whichever is greater; or private litigation related to processing of personal data brought by classes of data subjects or consumer protection organizations authorized at law to represent their interests. In addition, we may be unable to transfer personal data from Europe and other jurisdictions to the U.S. or other countries due to data localization requirements or limitations on cross-border data flows. Europe and other jurisdictions have enacted laws requiring data to be localized or limiting the transfer of personal data to other countries. In particular, the European Economic Area, or EEA, and the United Kingdom, or UK, have significantly restricted the transfer of personal data to the U.S. and other countries whose privacy laws it generally believes are inadequate. Other jurisdictions may or have already adopted similarly stringent data localization and cross-border data transfer laws. Although there are currently various mechanisms that may be used to transfer personal data from the EEA and UK to the U.S. in compliance with law, such as the EEA and UK's standard contractual clauses, the UK's International Data Transfer Agreement/Addendum, and the EU-U.S. Data Privacy Framework and the UK extension thereto (which allows for transfers to relevant U.S.-based organizations who self-certify compliance and participate in the Framework), these mechanisms are subject to legal challenges, and there is no assurance that we can satisfy or rely on these measures to lawfully transfer personal data to the U.S. If there is no lawful manner for us to transfer personal data from the EEA, the UK, or other jurisdictions to the U.S., or if the requirements for a legally-compliant transfer are too onerous, we could face significant adverse consequences, including the interruption or degradation of our operations, the need to relocate part of or all of our business or data processing activities to other jurisdictions (such as Europe) at significant expense, increased exposure to regulatory actions, substantial fines and penalties, the inability to transfer data and work with partners, vendors and other third parties, and injunctions against our processing or transferring of personal data necessary to operate our business. Additionally, companies that transfer personal data out of the EEA and UK to other jurisdictions, particularly to the U.S., are subject to increased scrutiny from regulators, individual litigants, and activities groups. Some European regulators have ordered certain companies to suspend or permanently cease certain transfers of personal data out of Europe for allegedly violating the GDPR's cross-border data transfer limitations. Regulators in the United States are also increasingly scrutinizing certain personal data transfers and have proposed and may enact certain personal data transfer and localization requirements. In addition to data privacy and security laws, we are contractually subject to industry standards adopted by industry groups and we are or may become in the future subject to such obligations. We are also bound by other contractual obligations related to data privacy and security, and our efforts to comply with such obligations may not be successful. Our employees and personnel use generative AI technologies to perform their work, and the disclosure and use of personal information in generative AI technologies is subject to various privacy laws and other privacy obligations. Governments have passed and are likely to pass additional laws regulating generative AI. Any use of this technology could result in additional compliance costs, regulatory investigations and actions, and consumer lawsuits. If we are unable to use generative AI, it could make our business less efficient and result in competitive disadvantages. We use AI and machine learning, or ML, to assist us in making certain decisions, which is regulated by certain privacy laws. Due to inaccuracies or flaws in the inputs, outputs, or logic of the AI/ML, the model could be biased and could lead us to make decisions that could bias certain individuals (or classes of individuals), and adversely impact their rights, employment, and ability to obtain certain pricing, products, services, or benefits. We publish privacy policies, marketing materials, and other statements, such as statements related to compliance with certain certifications or self-regulatory principles, concerning data privacy and security. Regulators in the U.S. are increasingly scrutinizing these statements, and if these policies, materials or statements are found to be deficient, lacking in transparency, deceptive, unfair, misleading, or misrepresentative of our practices, we may be subject to investigation, enforcement actions by regulators, or other adverse consequences. Obligations related to data privacy and security (and consumers' data privacy expectations) are quickly changing, becoming increasingly stringent, and creating uncertainty. Additionally, these obligations may be subject to differing applications and interpretations, which may be inconsistent or conflict among jurisdictions. Preparing for and complying with these obligations requires us to devote significant resources and may necessitate changes to our services, information technologies, systems, and practices and to those of any third parties that process personal data on our behalf. We may at times fail (or be perceived to have failed) in our efforts to comply with our data privacy and security obligations. Moreover, despite our efforts, our personnel or third parties with whom we work may fail to comply with such obligations, which could negatively impact our business operations. If we or the third parties with whom we work fail, or are perceived to have failed, to address or comply with applicable data privacy and security obligations, we could face significant consequences, including but not limited to: government enforcement actions (e.g., investigations, fines, penalties, audits,inspections, and similar); litigation (including class-action claims) and mass arbitration demands; additional reporting requirements and/or oversight; bans or restrictions on processing personal data; and orders to destroy or not use personal data. In particular, plaintiffs have become increasingly more active in bringing privacy-related claims against companies, including class claims and mass arbitration demands. Some of these claims allow for the recovery of statutory damages on a per violation basis, and, if viable, carry the potential for monumental statutory damages, depending on the volume of data and the number of violations. Any of these events could have a material adverse effect on our reputation, business, or financial condition, including but not limited to: loss of customers; interruptions or stoppages in our business operations (including, as relevant, clinical trials); inability to process personal data or to operate in certain jurisdictions (including in relation to clinical trials); limited ability to develop or commercialize our products; expenditure of time and resources to defend any claim or inquiry; adverse publicity; or substantial changes to our business model or operations.

We may not be able to complete the ongoing CD388 Phase 2b NAVIGATE trial or enroll a sufficient number of eligible subjects into one or more Phase 3 trials to support regulatory approval of CD388, as required by the FDA or similar regulatory authorities outside the U.S., or if we do not believe that the number of patients required by such regulatory authorities can be enrolled in a reasonable timeframe. Our CD388 clinical development program is a global program and, as such, our ability to timely enroll the clinical trials may be affected by many different factors specific to those global localities, such as, delays in our receipt of approval to commence trials in a particular country from applicable regulatory authorities and ethics committees, timely completion of clinical trial site initiation within each country, delays in local importation and receipt of necessary clinical trial supplies, and our ongoing compliance with local regulations, which may change during the course of the clinical trial. In addition, we are heavily reliant on third-party contractors, including contractors that import clinical trial materials, and contract research organizations, or CROs, that conduct and monitor our clinical trials, and interact with regional or local regulators and ethics committees on our behalf. If we experience significant difficulties with any of our key contractors such that we determine it is in the best interests of the clinical trials to replace a key contractor, this could result in a significant delay in enrollment. In addition, some of our competitors may have ongoing or new clinical trials for product candidates that would treat the same indication as CD388, or be used in the same patients and, therefore, patients who would otherwise be eligible for our clinical trials may instead enroll in clinical trials of our competitors' product candidates. Patient enrollment may also be affected by other factors, including: - eligibility criteria, including regional or local practices that place additional limitations on patient eligibility;- availability, safety and efficacy of approved medications or other investigational medications being studied clinically for the disease under investigation;- perceived risks and benefits of CD388;- efforts to facilitate timely enrollment in clinical trials;- reluctance of physicians to encourage patient participation in clinical trials;- the ability to monitor patients adequately during and after treatment;- the proximity and availability of clinical trial sites for prospective patients;- delays or failures in maintaining an adequate supply of quality drug product for use in clinical trials; and - changing treatment patterns that may reduce the burden of disease which CD388 addresses. Our inability to enroll and retain a sufficient number of patients into Phase 3 clinical trials in a reasonable timeframe may require us to abandon the entire CD388 clinical development program. Any enrollment delays would result in increased development costs, which could cause the value of our company to decline and could limit our ability to obtain necessary additional financing.

Contracts funded by the U.S. government and its agencies include provisions that reflect the government's substantial rights and remedies, many of which are not typically found in commercial contracts, including powers of the government to: - terminate agreements, in whole or in part, for any reason or no reason;- reduce or modify the government's obligations under such agreements without the consent of the other party;- claim rights, including intellectual property rights, in products and data developed under such agreements;- audit contract-related costs and fees, including allocated indirect costs;- suspend the contractor from receiving new contracts pending resolution of alleged violations of procurement laws or regulations;- impose U.S. manufacturing requirements for products that embody inventions conceived or first reduced to practice under such agreements;- suspend or debar the contractor from doing future business with the government;- control and potentially prohibit the export of products; and - pursue criminal or civil remedies under the Federal Civil Monetary Penalties Act and the federal civil False Claims Act and similar remedy provisions specific to government agreements. In addition, government contracts contain additional requirements that may increase our costs of doing business, reduce our profits and expose us to liability for failure to comply with these terms and conditions. These requirements include, for example: - specialized accounting systems unique to government contracts;- mandatory financial audits and potential liability for price adjustments or recoupment of government funds after such funds have been spent;- public disclosures of certain contract information, which may enable competitors to gain insights into our research program; and - mandatory socioeconomic compliance requirements, including labor standards, anti-human-trafficking, non-discrimination, and affirmative action programs and environmental compliance requirements. If we fail to maintain compliance with these requirements, we may be subject to potential liability and to termination of our contracts.

The tax regimes to which we are subject or under which we operate are unsettled and may be subject to significant change. The issuance of additional guidance related to existing or future tax laws, or changes to tax laws or regulations proposed or implemented by the current or a future U.S. presidential administration, Congress, or taxing authorities in other jurisdictions, including jurisdictions outside of the U.S., could materially affect our tax obligations and effective tax rate. To the extent that such changes have a negative impact on us, including as a result of related uncertainty, these changes may adversely impact our business, financial condition, results of operations, and cash flows. The amount of taxes we pay in different jurisdictions depends on the application of the tax laws of various jurisdictions, including the U.S., to our international business activities, tax rates, new or revised tax laws, or interpretations of tax laws and policies, and our ability to operate our business in a manner consistent with our corporate structure and intercompany arrangements. The taxing authorities of the jurisdictions in which we operate may challenge our methodologies for pricing intercompany transactions pursuant to our intercompany arrangements or disagree with our determinations as to the income and expenses attributable to specific jurisdictions. If such a challenge or disagreement were to occur, and our position was not sustained, we could be required to pay additional taxes, interest, and penalties, which could result in one-time tax charges, higher effective tax rates, reduced cash flows, and lower overall profitability of our operations. Our financial statements could fail to reflect adequate reserves to cover such a contingency. Similarly, a taxing authority could assert that we are subject to tax in a jurisdiction where we believe we have not established a taxable connection, often referred to as a "permanent establishment" under international tax treaties, and such an assertion, if successful, could increase our expected tax liability in one or more jurisdictions. The Tax Act eliminated the option to deduct R&D expenses for tax purposes in the year incurred and requires taxpayers to capitalize and subsequently amortize such expenses over five years for research activities conducted in the U.S. and over 15 years for research activities conducted outside the U.S. Although there have been legislative proposals to repeal or defer the capitalization requirement to later years, there can be no assurance that the provision will be repealed or otherwise modified. Future guidance from the Internal Revenue Service and other tax authorities with respect to such legislation may affect us, and certain aspects of such legislation could be repealed or modified in future legislation.

Before obtaining marketing approval from regulatory authorities for the sale of our product candidates, we must complete preclinical development and then conduct extensive clinical trials to demonstrate the safety and efficacy of our product candidates in humans. Clinical testing is expensive, difficult to design and implement, can take many years to complete and is uncertain as to outcome. A delay in starting or completing our clinical trials would materially impact our timelines and our ability to complete development of our product candidates in a timely manner or at all. A failure of one or more clinical trials could occur at any stage of testing. The outcome of preclinical testing and early clinical trials may not be predictive of the success of later clinical trials, and interim results of a particular clinical trial do not necessarily predict final results of that trial. Moreover, preclinical and clinical data are often susceptible to multiple interpretations and analyses. Many companies that have believed their product candidates performed satisfactorily in preclinical studies and clinical trials have nonetheless failed to obtain marketing approval of their products. For example, the historically observed high rate of correlation for clinical efficacy for antivirals based on preclinical data may not apply for our current or future product candidates, and any of the potential benefits that we anticipate for human clinical use may not be realized. We do not know whether clinical trials of CD388 will be completed on schedule. We may experience numerous unforeseen events that could delay or prevent our ability to commence or complete our clinical trials, which could then delay or prevent our ability to receive marketing approval or commercialize CD388, including: - regulators or institutional review boards may not authorize us or our investigators to commence a clinical trial on our expected timeline, or at all, or conduct a clinical trial at a prospective trial site or in a given country;- regulators may disagree with our interpretation of preclinical data, which may impact our ability to commence our trials on our expected timeline or at all;- regulators may require that trials or studies be conducted, or sized or otherwise designed in ways, that were unforeseen in order to begin planned studies or to obtain marketing authorization;- we may have delays in reaching or fail to reach agreement on acceptable clinical trial contracts or clinical trial protocols with prospective trial sites;- clinical trials of our product candidates may produce negative or inconclusive results, and we may decide, or regulators may require us, to conduct additional clinical trials, modify planned clinical trial designs or abandon product development programs;- the number of patients required for clinical trials of our product candidates may be larger than we anticipate;- enrollment in these clinical trials may be slower than we anticipate, clinical sites may drop out of our clinical trials or participants may drop out of these clinical trials at a higher rate than we anticipate;- our third-party contractors may fail to comply with regulatory requirements or meet their contractual obligations to us in a timely manner, or at all;- regulators, institutional review boards or the data safety monitoring board assembled by us to oversee our clinical trials may require that we or our investigators suspend or terminate clinical research for various reasons, including noncompliance with regulatory requirements or a finding that the participants are being exposed to unacceptable health risks due to serious and unexpected side effects;- the cost of clinical trials of our product candidates may be greater than we anticipate;- the FDA or comparable foreign regulatory authorities could require that we perform more studies than, or evaluate clinical endpoints other than, those that we currently expect;- the supply of our product candidates or other materials necessary to conduct clinical trials of our product candidates may be delayed or insufficient, or the quality of such materials may be inadequate; and - we may be required to delay or terminate studies due to financial constraints. If we are required to conduct additional clinical trials, or other tests of our product candidates beyond those that we currently contemplate, if we are unable to complete clinical trials of our product candidates or other tests successfully or in a timely manner, if the results of these trials or tests are not positive or are only modestly positive or if there are safety concerns, we may: - be delayed in obtaining marketing approval for our product candidates;- not obtain marketing approval at all;- obtain approval for indications or patient populations that are not as broad as intended or desired;- obtain approval with labeling that includes significant use or distribution restrictions or safety warnings, including boxed warnings;- be subject to additional post-marketing testing requirements;- be subject to significant restrictions on reimbursement from public and/or private payors; or - have the product removed from the market after obtaining marketing approval. Product development costs will also increase if we experience delays in testing or in receiving marketing approvals. We do not know whether any clinical trials will begin as planned, will need to be restructured or will be completed on schedule, or at all. Significant clinical trial delays also could shorten any periods during which we may have the exclusive right to commercialize our product candidates, could allow our competitors to bring products to market before we do, could increase competition from generics of the same class, and could impair our ability to successfully commercialize our product candidates, any of which may harm our business and results of operations.

Through our Cloudbreak platform, we are developing DFCs for the treatment and prevention of serious diseases, including influenza and various cancers. We have nominated the DFC CD388 as our lead development candidate for influenza, and we have nominated CBO421 as our lead oncology DFC candidate. We do not plan to initiate clinical trials for any oncology product candidates at this time but continue business development discussions for our oncology DFC programs, including CBO421. In applying our Cloudbreak platform, we may not be successful in identifying additional DFCs that could be developed as drug therapies. In addition, our Cloudbreak platform may initially show promise in identifying potential product candidates, yet fail to yield product candidates for clinical development for a number of reasons. In particular, our research methodology used may not be successful in identifying compounds with sufficient potency, bioavailability or efficacy to be potential product candidates. In addition, our potential product candidates may, on further study, be shown to have harmful side effects or other negative characteristics. Research programs to identify new product candidates require substantial technical expertise and human resources. For example, we have limited experience with the use of the Cloudbreak platform applied to influenza and immuno-oncology targets. A failure to optimize our expertise using the Cloudbreak platform for the development of our Cloudbreak program may limit our ability to successfully advance this program and identify future product candidates. Research programs to identify new product candidates also require substantial financial resources. We may choose to expend our financial resources on potential product candidates that ultimately prove to be unsuccessful. If we are unable to identify successful product candidates from our Cloudbreak platform for preclinical and clinical development, we will have spent financial resources on programs that did not yield viable products and therefore generate product revenue, which would harm our financial position and adversely impact our stock price.

From time to time, we publicly disclose interim, preliminary or topline data from our clinical studies, which is based on a preliminary analysis of then-available data, and the results and related findings and conclusions are subject to change following a more comprehensive review of the data related to the particular study or trial. We also make assumptions, estimations, calculations and conclusions as part of our analysis of data, and we may not have received or had the opportunity to fully and carefully evaluate all data. As a result, the topline results that we report may differ from future results of the same studies, or different conclusions or considerations may qualify such results, once additional data have been received and fully evaluated. Topline data also remain subject to audit and verification procedures that may result in the final data being materially different from the preliminary data we previously published. As a result, topline data should be viewed with caution until the final data are available. From time to time, we may also disclose interim data from our clinical studies. Interim data from clinical trials that we may complete are subject to the risk that one or more of the clinical outcomes may materially change as patient enrollment continues and more patient data become available. Adverse differences between preliminary or interim data and final data could significantly harm our business prospects. Further, others, including regulatory authorities, may not accept or agree with our assumptions, estimates, calculations, conclusions or analyses or may interpret or weigh the importance of data differently, which could impact the value of the particular program, the approvability or commercialization of the particular product candidate or product and our company in general. In addition, the information we choose to publicly disclose regarding a particular study or clinical trial is based on what is typically extensive information, and you or others may not agree with what we determine is the material or otherwise appropriate information to include in our disclosure, and any information we determine not to disclose may ultimately be deemed significant with respect to future decisions, conclusions, views, activities or otherwise regarding a particular drug, drug candidate or our business. If the topline data that we report differ from actual results, or if others, including regulatory authorities, disagree with the conclusions reached, our ability to obtain approval for, and commercialize, our product candidates may be harmed, which could harm our business, operating results, prospects or financial condition.

Our trademarks or trade names may be challenged, infringed, circumvented or declared generic or determined to be infringing on other marks. We may not be able to protect our rights to these trademarks and trade names or may be forced to stop using these names, which we need for name recognition by potential partners or customers in our markets of interest. If we are unable to establish name recognition based on our trademarks and trade names, we may not be able to compete effectively and our business may be adversely affected.

We have limited intellectual property rights outside the U.S. Filing, prosecuting and defending patents on product candidates in all countries throughout the world would be prohibitively expensive and our intellectual property rights in some countries outside the U.S. can be less extensive than those in the U.S. In addition, the laws and legal processes of some foreign countries do not protect intellectual property to the same extent as federal and state laws in the U.S. Consequently, we may not be able to prevent third parties from practicing our inventions in all countries outside the U.S. or from selling or importing products made using our inventions in and into the U.S. or other jurisdictions. Competitors may use our technologies in jurisdictions where we have not obtained patents to develop their own products and further, may export otherwise infringing products to territories where we have patents but enforcement is not as strong as that in the U.S. These products may compete with our products and our patents or other intellectual property rights may not be effective or sufficient to prevent them from competing. Many companies have encountered significant problems in protecting and defending intellectual property in foreign jurisdictions. The legal systems of certain countries, particularly China and certain other developing countries, do not favor the enforcement of patents, trade secrets and other intellectual property, particularly those relating to pharmaceutical products, which could make it difficult for us to stop the infringement of our patents or marketing of competing products in violation of our proprietary rights generally. Proceedings to enforce our patent rights in foreign jurisdictions could result in substantial costs and divert our efforts and attention from other aspects of our business, could put any of our patents at risk of being invalidated or interpreted narrowly and our patent applications at risk of not issuing and could provoke third parties to assert claims against us. We may not prevail in any lawsuits that we initiate and the damages or other remedies awarded, if any, may not be commercially meaningful. The requirements for patentability may differ in certain countries, particularly developing countries. Furthermore, generic drug manufacturers or other competitors may challenge the scope, validity or enforceability of any of our current or future patents, requiring us to engage in complex, lengthy and costly litigation or other proceedings. Certain countries in Europe and developing countries, including China and India, have compulsory licensing laws under which a patent owner may be compelled to grant licenses to third parties. In those countries, we may have limited remedies if any of our patents are infringed or if we are compelled to grant a license to a third party, which could materially diminish the value of those patents. This could limit our potential revenue opportunities. Accordingly, our efforts to enforce our intellectual property rights around the world may be inadequate to obtain a significant commercial advantage from the intellectual property that we develop or license.

As is the case with other pharmaceutical companies, our success is heavily dependent on intellectual property, particularly patents. Obtaining and enforcing patents in the pharmaceutical industry involve both technological and legal complexity, and are therefore costly, time-consuming and inherently uncertain. In addition, the U.S. has implemented wide-ranging patent reform legislation, including patent office administrative proceedings that offer broad opportunities to third parties to challenge issued patents. Recent U.S. Supreme Court rulings have narrowed the scope of patent protection available in certain circumstances and weakened the rights of patent owners in certain situations. In addition to increasing uncertainty with regard to our ability to obtain patents in the future, this combination of events has created uncertainty with respect to the value of patents, once obtained. Depending on decisions by the U.S. Congress, the federal courts, the USPTO and foreign governmental bodies and tribunals, the laws and regulations governing patents could change in unpredictable ways that would weaken our ability to obtain new patents or to enforce our existing patents and patents that we might obtain in the future. For example, in Assoc. for Molecular Pathology v. Myriad Genetics, Inc., the U.S. Supreme Court held in 2013 that certain claims to DNA molecules are not patentable and lower courts have since been applying this case in the context of other types of biological subject matter. We cannot predict how future decisions by the courts, the U.S. Congress, the USPTO or foreign governmental bodies or tribunals may impact the value of our patent rights.

If we initiate legal proceedings against a third party to enforce a patent covering one of our product candidates or our technologies, the defendant could counterclaim that the patent covering our product candidate or our technology, as applicable, is invalid and/or unenforceable. In patent litigation in the U.S., defendant counterclaims alleging invalidity and/or unenforceability are commonplace and there are numerous grounds upon which a third party can assert invalidity or unenforceability of a patent. Third parties may also raise similar claims before administrative bodies in the U.S. or abroad, even outside the context of litigation. Such mechanisms include re-examination, post grant review, and equivalent proceedings in foreign jurisdictions (e.g., opposition proceedings). Such proceedings could result in revocation or amendment to our patents in such a way that they no longer cover our product candidates or our technologies. The outcome following legal assertions of invalidity and/or unenforceability is unpredictable. With respect to the validity question, for example, we cannot be certain that there is no invalidating prior art or that prior art that was cited during prosecution, but not relied on by the patent examiner, will not be revisited. If a defendant were to prevail on a legal assertion of invalidity and/or unenforceability, we would lose at least part, and perhaps all, of the patent protection directed to our product candidates or technologies. Such a loss of patent rights could have a material adverse impact on our business.

Competitors may infringe our current or future patents. To counter infringement or unauthorized use, we may be required to file infringement claims, which can be expensive and time-consuming. In addition, in an infringement proceeding, a court may decide that one or more of our asserted patents is not valid or is unenforceable or may refuse to stop the other party from using the technology at issue on the grounds that our patents do not cover the technology in question. An adverse result in any litigation or defense proceedings could put one or more of our patents at risk of being invalidated, held unenforceable or interpreted narrowly and could put our patent applications at risk of not issuing. Pursuit of these claims would involve substantial litigation expense and would be a substantial diversion of management and other employee resources from our business. Interference proceedings or derivative proceedings provoked by third parties or brought by the USPTO may be necessary to determine the entitlement to patent protection with respect to our patents or patent applications. An unfavorable outcome could result in a loss of our patent rights and could require us to cease using the related technology or to attempt to license rights to it from the prevailing party. Our business could be harmed if the prevailing party does not offer us a license on commercially reasonable terms, or at all. Litigation or patent office proceedings may result in a decision adverse to our interests and, even if we are successful, may result in substantial costs and distract our management and other employees. We may not be able to prevent misappropriation of our trade secrets or confidential information, particularly in countries where the laws or legal process may not protect those rights as fully as in the U.S. Furthermore, because of the substantial amount of discovery required in connection with intellectual property litigation, there is a risk that some of our confidential information could be compromised by disclosure during this type of litigation. In addition, there could be public announcements of the results of hearings, motions or other interim proceedings or developments. If securities analysts or investors perceive these results to be negative, it could have a substantial adverse effect on the price of our common stock.

Our commercial success depends in part on our avoiding infringement of the patents and proprietary rights of third parties. Third parties may assert that we are employing their proprietary technology without authorization. There may be third-party patents with claims to materials, methods of manufacture or methods of treatment related to the use or manufacture of our DFCs and/or our other product candidates or compounds. If any third-party patents were held by a court of competent jurisdiction to cover the DFC manufacturing process, any molecules formed during these processes or the final products or any use thereof, the holders of any such patents may be able to block our ability to commercialize the product unless we obtained a license under the applicable patent or patents or until such patents expire. These same issues and risks arise in connection with any other product candidates we develop as well. We cannot predict whether we would be able to obtain a license on commercially reasonable terms, or at all. Any inability to obtain such a license under the applicable patents on commercially reasonable terms, or at all, would have a material adverse effect on our ability to commercialize the affected product until such patents expire. In addition, third parties may obtain patents in the future and claim that our product candidates and/or the use of our technologies infringes upon these patents. Furthermore, parties making claims against us may obtain injunctive or other equitable relief, which could effectively block our ability to further develop and commercialize one or more of our product candidates. Defense of these claims, regardless of their merit, would involve substantial litigation expense and would be a substantial diversion of management and other employee resources from our business. In the event of a successful claim of infringement against us, we may have to pay substantial damages, including treble damages and attorneys' fees in the case of willful infringement, obtain one or more licenses from third parties, pay royalties and/or redesign our infringing products, which may be impossible and/or require substantial time and monetary expenditure. In addition, even in the absence of litigation, we may need to obtain licenses from third parties to advance our research or allow commercialization of one or more of our product candidates. We may fail to obtain any of these licenses at a reasonable cost or on reasonable terms, or at all. In that event, we would not be able to further develop and commercialize such product candidates, which could harm our business significantly.

Any of our product candidates that receive marketing approval may nonetheless fail to gain sufficient market acceptance by hospitals and hospital pharmacies, physicians, patients, third-party payors and others in the medical community for us to achieve commercial success. If our product candidates do not achieve an adequate level of acceptance, we may not generate sufficient product revenue to become profitable. The degree of market acceptance of our product candidates, if approved for commercial sale, will depend on a number of factors, including: - the efficacy and potential advantages compared to alternative therapies;- the size of the markets in the countries in which approvals are obtained;- terms, limitations or warnings contained in any labeling approved by the FDA or other regulatory authority;- our ability to offer any approved products for sale at competitive prices;- convenience and ease of administration compared to alternative treatments;- the willingness of the target patient population to try new therapies or dosing regimens;- the willingness of physicians to prescribe these therapies;- the strength of marketing and distribution support;- the success of competing products and the marketing efforts of our competitors;- sufficient third-party payor coverage and adequate reimbursement; and - the prevalence and severity of any side effects.