Public companies are required to disclose risks that can affect the business and impact the stock. These disclosures are known as “Risk Factors”. Companies disclose these risks in their yearly (Form 10-K), quarterly earnings (Form 10-Q), or “foreign private issuer” reports (Form 20-F). Risk factors show the challenges a company faces. Investors can consider the worst-case scenarios before making an investment. TipRanks’ Risk Analysis categorizes risks based on proprietary classification algorithms and machine learning.

Salesforce disclosed 38 risk factors in its most recent earnings report. Salesforce reported the most risks in the “Finance & Corporate” category.

Risk Overview Q3, 2024

Risk Distribution

29% Finance & Corporate

21% Tech & Innovation

16% Legal & Regulatory

13% Ability to Sell

13% Macro & Political

8% Production

Finance & Corporate - Financial and accounting risks. Risks related to the execution of corporate activity and strategy

This chart displays the stock's most recent risk distribution according to category. TipRanks has identified 6 major categories: Finance & corporate, legal & regulatory, macro & political, production, tech & innovation, and ability to sell.

Risk Change Over Time

2020

S&P500 Average

Sector Average

Risks removed

Risks added

Risks changed

Salesforce Risk Factors

New Risk (0)

Risk Changed (0)

Risk Removed (0)

No changes from previous report

The chart shows the number of risks a company has disclosed. You can compare this to the sector average or S&P 500 average.

The quarters shown in the chart are according to the calendar year (January to December). Businesses set their own financial calendar, known as a fiscal year. For example, Walmart ends their financial year at the end of January to accommodate the holiday season.

Risk Highlights Q3, 2024

Main Risk Category

Finance & Corporate

With 11 Risks

Finance & Corporate

With 11 Risks

Number of Disclosed Risks

No changes from last report

S&P 500 Average: 31

No changes from last report

S&P 500 Average: 31

Recent Changes

0Risks added

0Risks removed

2Risks changed

Since Oct 2024

0Risks added

0Risks removed

2Risks changed

Since Oct 2024

Number of Risk Changed

From last report

S&P 500 Average: 3

From last report

S&P 500 Average: 3

See the risk highlights of Salesforce in the last period.

Risk Word Cloud

The most common phrases about risk factors from the most recent report. Larger texts indicate more widely used phrases.

Risk Factors Full Breakdown - Total Risks 38

Finance & Corporate

Total Risks: 11/38 (29%)Below Sector Average

Share Price & Shareholder Rights2 | 5.3%

Share Price & Shareholder Rights - Risk 1

Provisions in our amended and restated certificate of incorporation and bylaws and Delaware law might discourage, delay or prevent a change of control of the Company or changes in our management and, therefore, depress the market price of our common stock.

Our amended and restated certificate of incorporation and bylaws contain provisions that could depress the market price of our common stock by acting to discourage, delay or prevent a change in control of the Company or changes in our management that the stockholders of the Company may deem advantageous. These provisions among other things: - permit the Board to establish the number of directors;- authorize the issuance of "blank check" preferred stock that our board could use to implement a stockholder rights plan (also known as a "poison pill");- prohibit stockholder action by written consent, which requires all stockholder actions to be taken at a meeting of our stockholders;- provide that the Board is expressly authorized to make, alter or repeal our bylaws; and - establish advance notice requirements for nominations for election to our board or for proposing matters that can be acted upon by stockholders at annual stockholder meetings. In addition, Section 203 of the Delaware General Corporation Law may discourage, delay or prevent a change in control of our company. Section 203 imposes certain restrictions on merger, business combinations and other transactions between us and holders of 15 percent or more of our common stock.

Share Price & Shareholder Rights - Risk 2

The market price of our common stock is likely to be volatile and could subject us to litigation.

The trading prices of the securities of technology companies have historically been highly volatile. Accordingly, the market price of our common stock has been and is likely to continue to be subject to wide fluctuations. Factors affecting the market price of our common stock include: - variations in our operating results, including operating margin, net income per share, cash flows from operating activities, unearned revenue, remaining performance obligation, year-over-year growth rates for individual service offerings and other financial and non-financial metrics, and how those results compare to analyst expectations;- variations in, and limitations of, the various financial and other metrics and modeling used by analysts in their research and reports about our business;- forward-looking guidance to industry and financial analysts related to, for example, future revenue, current remaining performance obligation, cash flows from operating activities, operating margin and net income per share, the accuracy of which may be impacted by various factors, many of which are beyond our control, including general economic and market conditions and unanticipated delays in the integration of acquired companies as a result of regulatory review;- our ability to meet or exceed forward-looking guidance we have given or to meet or exceed the expectations of investors, analysts or others; our ability to give forward-looking guidance consistent with past practices; and changes to or withdrawal of previous guidance or long-range targets;- changes in the estimates of our operating results or changes in recommendations by securities analysts that elect to follow our common stock;- announcements of technological innovations, new services or service enhancements, strategic alliances or significant agreements by us or by our competitors;- announcements by us or by our competitors of mergers or other strategic acquisitions, or rumors of such transactions involving us or our competitors;- announcements of customer additions and customer cancellations or delays in customer purchases;- the coverage of our common stock by the financial media, including television, radio and press reports and blogs;- recruitment or departure of key personnel;- disruptions in our service due to computer hardware, software, network or data center problems;- the economy as a whole, geopolitical conditions, including global trade and health concerns, market conditions in our industry and the industries of our customers, and financial institution instability;- trading activity or positions by a limited number of stockholders who together beneficially own a significant portion of our outstanding common stock, as well as other institutional or activist investors;- the issuance of shares of common stock by us, whether in connection with an acquisition or a capital-raising transaction;- our ability to execute on our Share Repurchase Program as planned, including whether we meet internal or external expectations around the timing or price of share repurchases, and any reductions or discontinuances of repurchases thereunder;- issuance of debt or other convertible securities;- any increase to or reduction, suspension or elimination of dividend payments;- the inability to conclude that our internal controls over financial reporting are effective;- changes to our credit ratings; and - ESG and other issues impacting our reputation. In addition, if the market for technology stocks or the greater securities market in general experience uneven investor confidence, the market price of our common stock has and could in the future decline for reasons unrelated to our business, operating results or financial condition, including as a reaction to events that affect other companies within, or outside, our industry. Some companies that have experienced volatility in the trading price of their stock have been the subject of securities class action litigation, such as the securities litigation against Slack that was brought before our acquisition. Such litigation, whether against us or an acquired subsidiary, could result in substantial costs and a diversion of management's attention and resources and any liability resulting from or the settlement of such litigation could result in material adverse impacts to our operating cash flows or results of operations for a given period.

Accounting & Financial Operations5 | 13.2%

Accounting & Financial Operations - Risk 1

Our quarterly results are likely to fluctuate, which may cause the value of our common stock to decline substantially.

Our quarterly results are likely to fluctuate. Fluctuations have occurred due to known and unknown risks, such as the global economic impact of ongoing conflicts, including the war in Ukraine and the regional conflict in the Middle East, and uncertainty about the interest rate environment. In addition, our fiscal fourth quarter has historically been our strongest quarter for new business and renewals, and the year-over-year compounding effect of this seasonality in billing patterns and overall new business and renewal activity causes the value of invoices that we generate in the fourth quarter to continually increase in proportion to our billings in the other three quarters of our fiscal year. As a result, our fiscal first quarter has typically in the past been our largest collections and operating cash flow quarter. Additionally, some of the important factors that may cause our revenues, operating results and cash flows to fluctuate from quarter to quarter include: - general economic or geopolitical conditions, including the impacts of the war in Ukraine and the regional conflict in the Middle East, financial market conditions, increasing costs of operation and foreign currency exchange rates, any of which can adversely affect either our customers' ability or willingness to purchase additional subscriptions or upgrade their services, or delay prospective customers' purchasing decisions, reduce the value of new subscription contracts, or affect attrition rates;- our ability to retain and increase sales to existing customers, attract new customers and satisfy our customers' requirements;- the attrition rates for our services;- the size and productivity of our sales force;- the length of the sales cycle for our services;- new product and service introductions by our competitors;- our success in selling our services to large enterprises;- changes in unearned revenue and remaining performance obligation, due to seasonality, the timing of and compounding effects of renewals, invoice duration, size and timing, new business linearity between quarters and within a quarter, average contract term, the collectability of invoices related to multi-year agreements, the timing of license software revenue recognition, or fluctuations due to foreign currency movements, all of which may impact implied growth rates;- our ability to realize benefits from strategic partnerships, acquisitions or investments;- our ability to execute and realize benefits from the Restructuring Plan and other workforce reductions, or any similar actions taken in the future;- variations in the revenue mix of our services and growth rates of our subscription and support offerings, including the timing of term software license sales for which the revenue is recognized at a point in time;- the seasonality of our sales cycle, including term software license sales, and timing of contract execution and the corresponding impact on revenue recognized at a point in time;- the seasonality of customer usage for consumption-based product offerings;- changes in our pricing policies and terms of contracts, whether initiated by us or as a result of competition, customer preference or other factors;- expenses associated with our pricing policies and terms of contracts, such as the costs of customer SMS text usage paid by us and the related impacts to our gross margin;- the seasonality of our customers' businesses, especially our Commerce service offering customers, including retailers and branded manufacturers;- fluctuations in foreign currency exchange rates, such as the U.S. Dollar against the Euro and British Pound Sterling;- the amount and timing of operating costs and capital expenditures related to the operations and expansion of our business;- the number of new employees, including the cost to recruit and train such employees;- the timing of commission, bonus and other compensation payments to employees, including decisions to guarantee some portion of commissions payments in connection with extraordinary events;- the cost, timing and management effort required for the introduction of new features to our services;- the costs associated with acquiring new businesses and technologies and the follow-on costs of integration and consolidating the results of acquired businesses;- expenses related to our real estate or changes in the nature or extent of our use of existing real estate, including our office leases and our data center capacity and expansion;- timing of additional investments in our enterprise cloud computing application and platform services and in our consulting services;- expenses related to significant, unusual or discrete events, which are recorded in the period in which the events occur, including litigation or other dispute-related settlement payments;- income tax effects resulting from, but not limited to, tax law changes, court decisions on tax matters, global tax developments applicable to multinational corporations, changes in operations or business structures and acquisition activity;- the timing of payroll and other withholding tax expenses, which are triggered by the payment of bonuses and when employees exercise their vested stock options;- technical difficulties or interruptions in our services;- changes in interest rates and our mix of investments, which impact the return on our investments in cash and marketable securities;- conditions, and particularly sudden changes, in the financial markets, which have impacted and may continue to impact the value and liquidity of our investment portfolio;- changes in the fair value of our strategic investments, including impairments, which could negatively and materially impact our financial results, particularly in periods of significant market fluctuations;- equity or debt issuances, including as consideration in or in conjunction with acquisitions;- the timing of stock awards to employees and the related adverse financial statement impact of having to expense those stock awards over their vesting schedules;- evolving regulations of cloud computing and cross-border data transfer restrictions and similar regulations; and - regulatory compliance and acquisition costs. Many of these factors are outside of our control, and the occurrence of one or more of them might cause our operating results to vary widely. If we fail to meet or exceed operating results expectations or if securities analysts and investors have estimates and forecasts of our future performance that are unrealistic or that we do not meet, the market price of our common stock could decline. In addition, if one or more of the securities analysts who cover us adversely change their recommendations regarding our stock, the market price of our common stock could decline.

Accounting & Financial Operations - Risk 2

Current and future accounting pronouncements and other financial and nonfinancial reporting standards may negatively impact our financial results.

We regularly monitor our compliance with applicable financial and nonfinancial reporting standards and review new pronouncements and interpretations that are relevant to us. As a result of new financial or nonfinancial standards or pronouncements, changes to existing standards or pronouncements and changes in their interpretation, we may be required to change our accounting policies, to alter our operational policies, to implement new or enhance existing systems so that they reflect new or amended financial reporting standards, or to restate our published financial statements. Such changes may have an adverse effect on our business, financial position and operating results, or cause an adverse deviation from our revenue and operating profit targets, which may negatively impact our financial results.

Accounting & Financial Operations - Risk 3

If we experience significant fluctuations in our rate of anticipated growth and fail to balance our expenses with our revenue forecasts, our business could be harmed and the market price of our common stock could decline.

Due to the unpredictability of future general economic and financial market conditions, including from the global economic impact of ongoing conflicts, such as the war in Ukraine and the regional conflict in the Middle East, the pace of change and innovation in enterprise cloud computing services, the impact of foreign currency exchange rate fluctuations, the growing complexity of our business, including the use of multiple pricing and packaging models and the increasing amount of revenue from term software license sales, and our increasing focus on enterprise cloud computing services, we may not be able to realize our projected revenue growth plans. We plan our expense and investment levels based on estimates of future revenue and future anticipated rate of growth. We may not be able to adjust our spending appropriately if the addition of new subscriptions or the renewals of existing subscriptions fall short of our expectations, and unanticipated events may cause us to incur expenses beyond what we anticipated. A portion of our expenses may also be fixed in nature for some minimum amount of time, such as with costs capitalized to obtain revenue contracts, data center and infrastructure service contracts or office leases, so it may not be possible to reduce costs in a timely manner, or at all, without the payment of fees to exit certain obligations early. Additionally, if sales through indirect channels or for consumption-based product offerings increase, this may lead to greater difficulty in forecasting revenue and anticipated rate of growth. As a result, our revenues, operating results and cash flows may fluctuate significantly on a quarterly basis and revenue growth rates may not be sustainable and may decline in the future. If we are not able to provide continued operating margin expansion, our business could be harmed and the market price of our common stock could decline.

Accounting & Financial Operations - Risk 4

Because we generally recognize revenue from subscriptions for our services over the term of the subscription, downturns or upturns in new business may not be immediately reflected in our operating results.

We generally recognize revenue from customers ratably over the terms of their subscription and support agreements, which are typically 12 to 36 months. As a result, most of the revenue we report in each quarter is the result of subscription and support agreements entered into during previous quarters. Consequently, a decline in new or renewed subscriptions in any one quarter may not be reflected in our revenue results for that quarter but will negatively impact our revenue in future quarters. Accordingly, the effect of significant downturns in sales and market acceptance of our services, and changes in our attrition rate, may not be fully reflected in our results of operations until future periods. Our subscription model also makes it difficult for us to rapidly increase our revenue through additional sales in any period, as revenue from new customers must be recognized over the applicable subscription and support term.

Accounting & Financial Operations - Risk 5

There can be no assurance that we will continue to declare cash dividends in any particular amounts, or at all.

Whether we continue to pay cash dividends, as well as the rate at which we pay cash dividends, in the future is subject to continued capital availability, general economic and market conditions, applicable laws and agreements and our Board continuing to determine that the declaration of dividends is in the best interests of the Company and its stockholders. The declaration and payment of any dividend may be discontinued at any time and dividend amounts may be reduced at any time. A discontinuation of or reduction in our dividend payments could have a negative effect on our stock price.

Debt & Financing1 | 2.6%

Debt & Financing - Risk 1

Our debt service obligations, lease commitments and other contractual obligations may adversely affect our financial condition, results of operations and cash flows.

As of October 31, 2024, we had a substantial level of outstanding debt, including our Senior Notes. We are also party to the Revolving Loan Credit Agreement, which provides for our $5.0 billion Credit Facility. Although there were no outstanding borrowings under the Credit Facility as of October 31, 2024, we may use the proceeds of future borrowings under the Credit Facility for general corporate purposes. In addition to the outstanding and potential debt obligations above, we have also recorded substantial liabilities associated with noncancellable future payments on our long-term lease agreements. We also have significant other contractual commitments, including leases that have not yet commenced and commitments with infrastructure service providers, which are not reflected on our condensed consolidated balance sheets. Maintenance of our indebtedness and contractual commitments and any additional issuances of indebtedness could: - impair our ability to obtain additional financing in the future for working capital, capital expenditures, acquisitions, general corporate or other purposes;- cause us to dedicate a substantial portion of our cash flows from operations toward debt service obligations and principal repayments; and - make us more vulnerable to downturns in our business, our industry or the economy in general. Our ability to meet our expenses and debt obligations will depend on our future performance, which will be affected by financial, business, economic, regulatory and other factors. We will not be able to control many of these factors, such as economic conditions and governmental regulations. Further, our operations may not generate sufficient cash to enable us to service our debt or contractual obligations resulting from our leases. If we fail to make a payment on our debt, we could be in default on such debt. If we are at any time unable to generate sufficient cash flows from operations to service our indebtedness when payment is due, we may be required to attempt to renegotiate the terms of the instruments relating to the indebtedness, seek to refinance all or a portion of the indebtedness or obtain additional financing. There can be no assurance that we would be able to successfully renegotiate such terms, that any such refinancing would be possible or that any additional financing could be obtained on terms that are favorable or acceptable to us. Any new or refinanced debt may be subject to substantially higher interest rates, which could adversely affect our financial condition and impact our business. In addition, we may seek debt financing to fund future acquisitions. We can offer no assurance that we can obtain debt financing on terms acceptable to us, if at all. In addition, adverse changes by any rating agency to our credit ratings may negatively impact our reputation, the value and liquidity of both our debt and equity securities, as well as the potential costs associated with a refinancing of our debt. Downgrades in our credit ratings could also affect the terms of any such refinancing or future financing or restrict our ability to obtain additional financing in the future. The indentures governing our Senior Notes and the Revolving Loan Credit Agreement impose restrictions on us and require us to maintain compliance with specified covenants. Our ability to comply with these covenants may be affected by events beyond our control. A failure to comply with the covenants and other provisions of our outstanding debt could result in events of default under such instruments, which could permit acceleration of all of our debt and borrowings. Any required repayment of our debt as a result of a fundamental change or other acceleration would lower our current cash on hand such that we would not have those funds available for use in our business. Lease accounting guidance requires that we record a liability for operating lease activity on our condensed consolidated balance sheet, which increases both our assets and liabilities and therefore may impact our ability to obtain the necessary financing from financial institutions at commercially viable rates or at all. Our lease terms may include options to extend or terminate the lease. Periods beyond the noncancellable term of the lease are included in the measurement of the lease liability and associated asset only when it is reasonably certain that we will exercise the associated extension option or waive the termination option. We reassess the lease term if and when a significant event or change in circumstances occurs within our control. The potential impact of these options to extend could be material to our financial position and financial results.

Corporate Activity and Growth3 | 7.9%

Corporate Activity and Growth - Risk 1

Changed

We are subject to risks associated with our strategic investments, including partial or complete loss of invested capital. Significant changes in the fair value of this portfolio could negatively impact our financial results.

We manage a portfolio of strategic investments in both privately held and publicly traded companies focused primarily on enterprise cloud companies, technology startups and system integrators. While we invest in companies that we believe are digitally transforming their industries, advancing responsible generative AI, improving customer experiences, helping us expand our solution ecosystem or supporting other corporate initiatives, we may still experience unforeseen brand or reputational harm associated with our investments. Our investments range from early to late stage companies, including investments made concurrent with a company's initial public offering. Investments in early stage companies are inherently speculative, as these companies may not yet be revenue-generating and could still be in the process of developing their products and services at the time of our investment. The financial success of our investment in any company is typically dependent on a liquidity event, such as a public offering, acquisition or other favorable market event reflecting appreciation to the cost of our initial investment. Our investments may face challenges from regulatory authorities, including from antitrust authorities who are increasingly scrutinizing technology investments and acquisitions, potentially resulting in unexpected costs, delays, or unfavorable conditions imposed on transactions involving our investment portfolio. In certain cases, our ability to sell these investments may be impacted by contractual obligations to hold the securities for a set period of time after a public offering. All of our investments are subject to a risk of partial or total loss of invested capital. We are exposed to volatility in our condensed consolidated statements of operations due to changes in market prices, observable price changes and impairments of our strategic investments. The measurement of our non-marketable equity and debt securities at fair value is inherently subjective and requires management judgment and estimation. The resulting gains or losses could be material depending on market conditions and events, particularly in periods with economic uncertainty, inflation, geopolitical conflict, volatile public equity markets or unsettled global market conditions.

Corporate Activity and Growth - Risk 2

Supporting our existing and growing customer base could strain our personnel resources and infrastructure, and if we are unable to scale our operations and increase productivity, we may not be able to successfully implement our business plan.

We continue to experience significant growth in our customer base, including through acquisitions, which has placed a strain on and in the future may strain our management, administrative, operational and financial infrastructure. We anticipate that significant additional investments, including in human capital software, will be required to scale our operations and increase productivity, to address the needs of our customers, to further develop and enhance our services, to expand into new geographic areas and to scale with our overall growth. The additional investments we are making will increase our cost base, which will make it more difficult for us to offset any future revenue shortfalls by reducing expenses in the short term. We may not be able to make these investments as quickly or effectively as necessary to successfully scale our operations. We regularly upgrade or replace our various software systems and processes. If the implementations of these new applications are delayed, or if we encounter unforeseen problems with our new systems and processes or in migrating away from our existing systems and processes, our operations and our ability to manage our business could be negatively impacted. For example, our efforts to further automate our processes for customer contracts may be complicated by unanticipated operating difficulties. Our success will depend in part upon the ability of our senior management to plan and manage our projected growth effectively. To do so, we must continue to increase the productivity of our existing employees and to hire, train and manage new employees as needed. Additionally, changes in our work environment and workforce, including those arising from our Restructuring Plan or other restructuring actions or our return to office and remote work policies, may not meet the needs and expectations of our workforce or may create operational and workplace culture challenges, which could negatively impact our ability to increase employee productivity or attract and retain our employees and could adversely affect our operations. Further, reductions in our real estate portfolio resulting from our Restructuring Plan may impede our ability to adequately accommodate employees returning to the office or future headcount growth. To manage the expected domestic and international growth of our operations and personnel, we will need to continue to improve our operational, financial and management controls, our reporting systems and procedures and our utilization of real estate. If we fail to successfully scale our operations and increase productivity, we may be unable to execute our business plan and the value of our common stock could decline.

Corporate Activity and Growth - Risk 3

As we acquire companies or technologies, we may not realize the expected business or financial benefits and the acquisitions could prove difficult to integrate, disrupt our business, dilute stockholder value and adversely affect our operating results and the market value of our common stock.

As part of our business strategy, we periodically acquire complementary businesses, joint ventures, services and technologies and intellectual property rights. We continue to evaluate such opportunities and expect to make such acquisitions in the future. Acquisitions and other transactions and arrangements involve numerous risks and could create unforeseen operating difficulties and expenditures, including: - potential failure to achieve the expected benefits on a timely basis or at all;- potential identified or unknown security vulnerabilities in acquired products that expose us to additional security risks or delay our ability to integrate the product into our service offerings;- difficulties in increasing or maintaining the security standards for acquired technology consistent with our other services, and related costs;- difficulty of transitioning the acquired technology onto our existing platforms and customer acceptance of multiple platforms on a temporary or permanent basis;- augmenting the acquired technologies and platforms to the levels that are consistent with our brand and reputation;- brand or reputational harm associated with our acquired companies;- challenges converting the acquired company's revenue recognition policies and forecasting the related revenues, including subscription-based revenues and term software license revenue, as well as appropriate allocation of the customer consideration to the individual deliverables;- division of financial and managerial resources from existing operations;- challenges entering into new markets in which we have little or no experience or where competitors may have stronger market positions;- currency and regulatory risks associated with foreign countries and potential additional cybersecurity and compliance risks resulting from entry into new markets;- difficulties and strain on resources in integrating acquired operations, technologies, services, platforms and personnel;- regulatory challenges from antitrust or other regulatory authorities that may block, delay or impose conditions (such as divestitures, ownership or operational restrictions or other structural or behavioral remedies) on the completion of transactions or the integration of acquired operations;- failure to fully assimilate, integrate or retrain acquired employees, which may lead to retention risk with respect to both key acquired employees and our existing key employees or disruption to existing teams;- differences between our values and those of our acquired companies, as well as disruptions to our workplace culture;- inability to generate sufficient revenue to offset acquisition costs;- challenges with the acquired company's customers and partners, including the inability to maintain such relationships and changes to perception of the acquired business as a result of the acquisition;- challenges with the acquired company's third-party service providers, including those that are required for ongoing access to third-party data;- potential for acquired products to impact the profitability of existing products;- unanticipated expenses related to acquired technology and its integration into our existing technology;- known and potential unknown liabilities associated with the acquired businesses, including due to litigation;- difficulties in managing, or potential write-offs of, acquired assets, and potential financial and credit risks associated with acquired customers;- negative impact to our results of operations because of the depreciation and amortization of acquired intangible assets, fixed assets and operating lease right-of-use assets;- the loss of acquired unearned revenue and unbilled unearned revenue;- difficulties in and financial costs of addressing acquired compensation structures inconsistent with our compensation structure;- additional stock-based compensation issued or assumed in connection with the acquisition, including the impact on stockholder dilution and our results of operations;- delays in customer purchases due to uncertainty related to any acquisition;- ineffective or inadequate controls, procedures and policies at the acquired company;- in the case of foreign acquisitions, challenges caused by integrating operations over distance, and across different languages, cultures and political environments; and - the tax effects related to integration and business operation changes, realizability of our deferred tax assets, and uncertain tax liabilities. Any of these risks could harm our business or negatively impact our results of operations. In addition, to facilitate acquisitions, we may seek additional equity or debt financing, which may not be available on terms favorable to us or at all, which may affect our ability to complete subsequent acquisitions, and which may affect the risks of owning our common stock. For example, if we finance acquisitions by issuing equity or convertible or other debt securities or loans, our existing stockholders may be diluted, or we could face constraints related to the terms of, and repayment obligation related to, the incurrence of indebtedness that could affect the market price of our common stock. Our ability to acquire other businesses or technologies, or integrate acquired businesses effectively, may be impaired by trade tensions and increased global scrutiny of foreign investments and acquisitions in the technology sector. For example, several countries, including the United States and countries in Europe and the Asia-Pacific region, are considering or have adopted restrictions of varying kinds on transactions involving foreign investments and acquisitions. Antitrust authorities in a number of countries have also reviewed acquisitions in the technology industry with increased scrutiny. Governments may continue to adopt or tighten restrictions of this nature, some of which may apply to acquisitions or integrations of businesses by us, and such restrictions or government actions could negatively impact our business and financial results.

Tech & Innovation

Total Risks: 8/38 (21%)Above Sector Average

Innovation / R&D1 | 2.6%

Innovation / R&D - Risk 1

Our efforts to expand our service offerings and to develop and integrate our existing services in order to keep pace with technological developments may not succeed and may reduce our revenue growth rate and harm our business.

We derive a majority of our revenue from subscriptions to our CRM enterprise cloud computing application services, and we expect this will continue for the foreseeable future. Our efforts to expand our current service offerings may not succeed and may reduce our revenue growth rate. In addition, the markets and monetization strategies for certain offerings, including Agentforce, remain relatively new and uncertain and as a result our expansion into such offerings, and related investments, may present additional risks and challenges. For example, we may increase the number of products that use a consumption-based business model. Due to customer flexibility in the timing of their consumption, we could have less visibility into the timing of revenue recognition for consumption-based offerings than we do for our subscription-based offerings, and there is a risk that customers could consume our products at lower levels than we expect. Further, the introduction of future platform changes and upgrades may not result in long term revenue growth. If we are unable to develop enhancements to, and new features for, our existing or new services that keep pace with rapid technological developments, our business could be harmed. For example, we may be required to continuously enhance our AI offerings to improve the quality of content provided to our customers. The success of enhancements, new features and services depends on several factors, including the timely completion, introduction and market acceptance of the feature, service or enhancement by customers, administrators and developers, as well as our ability to integrate all of our product and service offerings and develop adequate selling capabilities in new markets. Failure in this regard may significantly impair our revenue growth as well as negatively impact our operating results if the additional costs are not offset by additional revenues. In addition, because our services are designed to operate over various network technologies and on a variety of mobile devices, operating systems and computer hardware and software platforms using a standard browser, we will need to continuously modify and enhance our services to keep pace with changes in hardware, software, communication, browser, app development platform and database technologies, as well as continue to maintain and support our services on legacy systems. We may not be successful in either developing these modifications and enhancements or in bringing them to market timely. Additionally, if we fail to anticipate or identify significant technology trends and developments early enough, or if we do not devote appropriate resources to adapting to such trends and developments, our business could be harmed. Uncertainties about the timing and nature of new network platforms or technologies, modifications to existing platforms or technologies, including text messaging capabilities, or changes in customer usage patterns thereof could increase our research and development or service delivery expenses or lead to our increased reliance on certain vendors. Any failure of our services to operate effectively with future network platforms and technologies could reduce the demand for our services, result in customer dissatisfaction and harm our business.

Trade Secrets2 | 5.3%

Trade Secrets - Risk 1

Any failure to obtain registration or protection of our intellectual property rights could impair our ability to protect our proprietary technology and our brand, causing us to incur significant expenses and harm our business.

If we fail to protect our intellectual property rights adequately, our competitors may gain access to our technology, affecting our brand, causing us to incur significant expenses and harming our business. Any of our patents, trademarks or other intellectual property rights may be challenged by others or invalidated through administrative process or litigation. While we have many U.S. patents and pending U.S. and international patent applications, we may be unable to obtain patent protection for the technology covered in our patent applications or the patent protection may not be obtained quickly enough to meet our business needs. In addition, our existing patents and any patents issued in the future may not provide us with competitive advantages, or may be successfully challenged by third parties. Similar uncertainty applies to our U.S. and international trademark registrations and applications. Furthermore, legal standards relating to the validity, enforceability and scope of protection of intellectual property rights are uncertain, and we also may face proposals to change the scope of protection for some intellectual property rights in the U.S. and elsewhere. Additionally, the intellectual property ownership and license rights, including copyright, surrounding AI technologies, which we are increasingly building into our product offerings, has not been fully addressed by U.S. courts or other federal or state laws or regulations, and the use or adoption of AI technologies in our products and services may expose us to copyright infringement or other intellectual property misappropriation claims related to AI training or output. Effective patent, trademark, copyright and trade secret protection may not be available to us in every country in which our services are available and legal changes and uncertainty in various countries' intellectual property regimes may result in making conduct that we believe is lawful to be deemed violative of others' rights. The laws of some foreign countries may not be as protective of intellectual property rights as those in the U.S., and mechanisms for enforcement of intellectual property rights may be inadequate. Also, our involvement in standard-setting activity, our contribution to open source projects, various competition law regimes or the need to obtain licenses from others may require us to license our intellectual property in certain circumstances. Accordingly, despite our efforts, we may be unable to prevent third parties from using our intellectual property. We may be required to spend significant resources and expense to monitor and protect our intellectual property rights. We may initiate claims or litigation against third parties for infringement of our proprietary rights or to establish the validity of our proprietary rights. If we fail to protect our intellectual property rights, it could impact our ability to protect our technology and brand. Furthermore, any litigation, whether or not it is resolved in our favor, could result in significant expense to us, cause us to divert time and resources from our core business, and harm our business.

Trade Secrets - Risk 2

We have been and may in the future be sued by third parties for various claims, including alleged infringement of proprietary rights.

We are involved in various legal matters arising from the normal course of business activities. These include claims, suits, government investigations and other proceedings involving alleged infringement of third-party patents and other intellectual property rights, as well as commercial, corporate and securities, labor and employment, class actions, wage and hour, antitrust, data privacy, cybersecurity and other matters. The software and Internet industries are characterized by the existence of many patents, trademarks, trade secrets and copyrights and by frequent litigation based on allegations of infringement or other violations of intellectual property rights. We have received in the past and may receive in the future communications from third parties, including practicing entities and non-practicing entities, claiming that we have infringed their intellectual property rights. We have also been, and may in the future be, sued by third parties for alleged infringement of their claimed proprietary rights. Our technologies may be subject to injunction if they are found to infringe the rights of a third party or we may be required to pay damages, or both. Further, many of our subscription agreements require us to indemnify our customers for third-party intellectual property infringement claims, which would increase the cost to us of an adverse ruling on such a claim. In addition, we have in the past been, and may in the future be, sued by third parties who seek to target us for actions taken by our customers, including through the use or misuse of our products. For example, we have been subject to allegations in legal proceedings that we should be liable for the use of certain of our products by third parties. Although we believe we have a strong defense for these claims, such claims could cause reputational harm to our brand or result in liability. Our exposure to risks associated with various claims, including claims related to the use of intellectual property as well as securities and related stockholder derivative claims, may be increased as a result of acquisitions of other companies. For example, we are subject to ongoing securities class action litigation and related stockholder derivative claims brought against Slack that remain outstanding, and as to which we may ultimately be subject to liability or settlement costs. Additionally, we may have a lower level of visibility into the development process with respect to intellectual property or the care taken to safeguard against infringement risks with respect to acquired companies or technologies. In addition, third parties have made claims in connection with our acquisitions and may do so in the future, and they may also make infringement and similar or related claims after we have acquired technology that had not been asserted prior to our acquisition. The outcome of any claims or litigation, regardless of the merits, is inherently uncertain. Any claims or lawsuits, and the disposition of such claims and lawsuits, whether through settlement or licensing discussions, or litigation, could be time-consuming and expensive to resolve, divert management attention from executing our business plan, result in efforts to enjoin our activities, lead to attempts on the part of other parties to pursue similar claims and, in the case of intellectual property claims, require us to change our technology, change our business practices, pay monetary damages or enter into short- or long-term royalty or licensing agreements. Any adverse determination or settlement related to intellectual property claims or other litigation could prevent us from offering our services to others, could be material to our financial condition or cash flows, or both, or could otherwise adversely affect our operating results, including our operating cash flow in a particular period. In addition, depending on the nature and timing of any such dispute, an unfavorable resolution of a legal matter could materially affect our current or future results of operations or cash flows in a particular period.

Cyber Security1 | 2.6%

Cyber Security - Risk 1

If our security measures or those of our third-party data center hosting facilities, cloud computing platform providers or third-party service partners, or the underlying infrastructure of the Internet are breached, and unauthorized access is obtained to a customer's data, our data or our IT systems, or authorized access is blocked or disabled, our services may be perceived as not being secure, customers may curtail or stop using our services, and we may incur significant reputational harm, legal exposure and liabilities, or a negative financial impact.

Our services involve the storage and transmission of our customers' and our customers' customers' proprietary and other sensitive data, including financial, health and other personal information. Our services and underlying infrastructure may in the future be materially breached or compromised as a result of the following: - third-party attempts to fraudulently induce our employees, partners or customers to disclose sensitive information such as usernames, passwords or other information to gain access to our customers' data or IT systems, or our data or our IT systems;- efforts by individuals or groups of hackers and sophisticated organizations, such as criminal organizations, state-sponsored organizations or nation-states, to launch coordinated attacks, including ransomware, destructive malware and distributed denial-of-service attacks;- third-party attempts to abuse our marketing, advertising, messaging or social products and functionalities to impersonate persons or organizations and disseminate information that is false, misleading or malicious;- cyberattacks on our internally built infrastructure on which many of our service offerings operate, or on third-party cloud-computing platform providers;- vulnerabilities resulting from enhancements and updates to our existing service offerings;- vulnerabilities in the products or components across the broad ecosystem that our services operate in conjunction with and are dependent on;- vulnerabilities existing within new technologies and infrastructures, including those from acquired companies;- attacks on, or vulnerabilities in, the many different underlying networks and services that power the Internet that our products depend on, most of which are not under our control or the control of our vendors, partners or customers; and - employee or contractor errors or intentional acts that compromise our security systems. These risks are mitigated, to the extent possible, by our ability to maintain and improve business and data governance policies and enhance processes and internal security controls, including our ability to escalate and respond to known and potential risks. Our Board of Directors ("Board"), Cybersecurity and Privacy Committee and executive management are regularly briefed on our cybersecurity policies and practices and ongoing efforts to improve security, as well as updates on cybersecurity events. We can provide no assurances that our security measures, including implemented systems and processes designed to protect our customers' and our customers' customers' proprietary and other sensitive data, will provide absolute security or otherwise be effective or that a material breach will not occur. For example, our ability to mitigate these risks may be impacted by the following: - frequent changes to, and growth in complexity of, the techniques used to breach, obtain unauthorized access to, or sabotage IT systems and infrastructure, including as a result of the increased use of AI technologies by bad actors, which are generally not recognized until launched against a target, and could result in our being unable to anticipate or implement adequate measures to prevent such techniques;- the continued evolution of our internal IT systems as we early adopt new technologies and new ways of sharing data and communicating internally and with partners and customers, which increases the complexity of our IT systems;- the acquisition of new companies, requiring us to incorporate and secure different or more complex IT environments;- authorization by our customers to third-party technology providers to access their customer data, which may lead to our customers' inability to protect their data that is stored on our servers; and - our limited control over our customers or third-party technology providers, or the processing of data by third-party technology providers, which may not allow us to maintain the integrity or security of such transmissions or processing. In the normal course of business, we are and have been the target of malicious cyberattack attempts and have experienced other security incidents. Although, to date, such identified security events have not been material or significant to us, including to our reputation or business operations, or had a material financial impact, there can be no assurance that future cyberattacks will not be material or significant. Additionally, as our market presence grows, we may face increased risks of cyberattack attempts or security threats, and as AI technologies, including generative AI models, develop rapidly, threat actors are using these technologies to create new sophisticated attack methods that are increasingly automated, targeted and coordinated and more difficult to defend against. A security breach or incident could result in unauthorized parties obtaining access to, or the denial of authorized access to, our IT systems or data, or our customers' systems or data, including intellectual property and proprietary, sensitive or other confidential information. A security breach could also result in a loss of confidence in the security of our services, damage our reputation, negatively impact our future sales, disrupt our business and lead to increases in insurance premiums and legal, regulatory and financial exposure and liability. Further, there can be no assurance that our insurance coverage will be sufficient to cover the financial, legal, business, or reputational losses that may result from a cybersecurity incident or breach of our IT systems. Finally, the detection, prevention and remediation of known or potential security vulnerabilities, including those arising from third-party hardware or software, may result in additional financial burdens due to additional direct and indirect costs, such as additional infrastructure capacity spending to mitigate any system degradation and the reallocation of resources from development activities. For example, in April 2022, we learned a threat actor had obtained unauthorized access to several databases on Heroku, a Salesforce platform-as-a-service. The threat actor downloaded stored customer security credentials and passwords for logging into GitHub, a third-party code hosting service used by both Heroku and Heroku customers. The threat actor was also able to download passwords for a subset of customer user accounts and access the encryption key. While we do not believe this incident materially affected our business or financial results, there is no assurance that such circumstances or other similar incidents in the future could not result in a material adverse effect on our business.

Technology4 | 10.5%

Technology - Risk 1

Our ability to deliver our services is dependent on the development and maintenance of the infrastructure of the Internet by third parties.

The Internet's infrastructure comprises many different networks and services that are highly fragmented and distributed by design. This infrastructure is run by a series of independent third-party organizations that work together to provide the infrastructure and supporting services of the Internet under the governance of the Internet Corporation for Assigned Numbers and Names ("ICANN") and the Internet Assigned Numbers Authority, now under the stewardship of ICANN. The Internet has experienced a variety of outages and other delays as a result of damages to portions of its infrastructure, denial-of-service attacks or related cyber incidents, and it could face outages and delays in the future, potentially reducing the availability of the Internet to us or our customers for delivery of our services. Additionally, the availability and reliability of the Internet may vary in certain countries, particularly those in emerging markets, which can result in outages or delays. Any resulting interruptions in our services or the ability of our customers to access our services could result in a loss of potential or existing customers and harm our business. In addition, certain countries have implemented, or may implement, legislative and technological actions that either do or can effectively regulate access to the Internet, including the ability of Internet service providers to limit access to specific websites or content. Other countries have attempted, are attempting or may attempt to change or limit the legal protections available to businesses that depend on the Internet for the delivery of their services. These actions could potentially limit or interrupt access to our services from certain countries or Internet service providers, increase our risk or add liabilities, impede our growth, productivity and operational effectiveness, result in the loss of potential or existing customers and harm our business.

Technology - Risk 2

Defects or disruptions in our services could diminish demand for our services and subject us to substantial liability.

Because our services are complex and incorporate a variety of hardware, proprietary software, third-party and open-source software, our services may have errors or defects that could result in unanticipated downtime for our subscribers and harm to our reputation and our business. Our customers may also use our services in unanticipated ways that may cause a disruption in services for other customers attempting to access their data. Across the industry, cloud services frequently contain undetected errors when first introduced or when new versions or enhancements are released. We may also encounter difficulties integrating acquired or licensed technologies into our services and in augmenting the technologies to meet the quality standards that are consistent with our brand and reputation. As a result, our services may contain errors or defects resulting from the complexities of integrating new technologies. We have from time to time found defects in, and experienced disruptions to, our services and new defects or disruptions may occur in the future. Such defects could be the result of employee, contractor or other third-party acts or inaction, and could negatively affect our brand and reputation. We have experienced and may in the future experience defects in our products that created vulnerabilities that inadvertently permitted access to protected customer data. We can provide no assurance that such product defects or other vulnerabilities will not occur in the future that have a material adverse effect on our business or subject us to substantial liability. Vulnerabilities in open source or any proprietary or third-party product can persist even after security patches have been issued if customers have not installed the most recent updates, or if the attackers exploited the vulnerabilities before patching was complete. In some cases, vulnerabilities may not be immediately detected, which may make it difficult to recover critical services and lead to damaged assets. Since our customers use our services for important aspects of their business, errors, defects, disruptions in service or other performance problems have in the past adversely impacted our customers' businesses and could do so in the future. As a result, customers could elect to not renew our services or delay or withhold payment to us. We could also lose future sales or customers may make warranty or other claims against us, which could result in an increase in our allowance for doubtful accounts, an increase in collection cycles for accounts receivable or the expense and risk of litigation.

Technology - Risk 3

Social and ethical issues, including the use or capabilities of AI in our offerings, may result in reputational harm and liability.

Policies we adopt or choose not to adopt on social and ethical issues, especially regarding the use of our products, may be unpopular with some of our employees or with our customers or potential customers, and have in the past impacted and may in the future impact our ability to attract or retain employees and customers. Our decisions about whether to conduct business with potential customers, or whether to continue or expand business with existing customers, may also impact our ability to attract or retain employees and customers, and could result in negative publicity or reputational harm. Further, actions taken by our customers and employees, including through the use or misuse of our products or new technologies for illegal activities or improper information sharing, may result in reputational harm or possible liability, particularly in light of regulatory requirements like the Digital Services Act ("DSA") from the EU. For example, we have been subject to allegations in legal proceedings that we should be liable for the use of certain of our products by third parties. Although we believe that we have a strong defense against these allegations, legal proceedings can be lengthy, expensive and disruptive to our operations and the outcome of any claims or litigation, regardless of the merits, is inherently uncertain. Regardless of outcome, these types of claims could cause reputational harm to our brand or result in liability. We are increasingly building AI into many of our offerings, including generative and agentic AI. As with many innovations, AI offerings, such as Agentforce, and our Salesforce platform present additional risks and challenges that could affect their adoption and therefore our business. For example, the development of our AI offerings, such as Agentforce, and the Salesforce platform, which provides information regarding our customers' customers, present emerging ethical issues. If we enable or offer solutions that draw controversy due to their perceived or actual impact on human rights, privacy, employment, or in other social contexts, we may experience new or enhanced governmental or regulatory scrutiny, brand or reputational harm, competitive harm or legal liability, especially as geopolitical turmoil creates increasingly volatile political and market conditions. Data practices by us or others that result in controversy could also impair the acceptance of AI solutions. This in turn could undermine confidence in the decisions, predictions, analysis or other content that our AI applications produce, subjecting us to competitive harm, legal liability and brand or reputational harm. The rapid evolution of AI will require the application of resources to develop, test and maintain our products and services to help ensure that AI is implemented ethically in order to minimize unintended, harmful impact. Uncertainty around new and emerging AI applications such as generative AI content creation and AI agents will require additional investment in the licensing or development of proprietary datasets, machine learning models and systems to test for accuracy, bias and other variables, which are often complex, may be costly and could impact our profit margin. Moreover, the move from AI content classification to AI content generation through our development of Agentforce and other generative AI products brings additional risks and responsibility. Known risks of generative AI currently include risks related to accuracy, bias, toxicity, privacy and security and data provenance. For example, AI technologies, including generative AI, may create content that appears correct but is factually inaccurate or flawed, or contains copyrighted or other protected material, and if our customers or others use this flawed or protected content to their detriment, or the owners of such copyrighted material seek to enforce their rights, we may be exposed to brand or reputational harm, competitive harm and/or legal liability. Developing, testing and deploying AI systems may also increase the cost profile of our offerings due to the nature of the computing costs involved in such systems. If we are unable to mitigate these risks, or if we incur excessive expenses in our efforts to do so, our reputation, business, operating results and financial condition may be harmed.

Technology - Risk 4

If third-party developers and providers do not continue to embrace our technology delivery model and enterprise cloud computing services, or if our customers seek warranties from us for third-party applications, integrations, data and content, our business could be harmed.

Our success depends on the willingness of a growing community of third-party developers and technology providers to build applications and provide integrations, data and content that are complementary to our services. Without the continued development of these applications and provision of such integrations, data and content, both current and potential customers may not find our services sufficiently attractive, which could impact future sales. In addition, for those customers who authorize a third-party technology partner to access their data, we do not provide any warranty related to the functionality, security or integrity of the data access, transmission or processing. Despite contract provisions to protect us, customers may look to us to support and provide warranties for the third-party applications, integrations, data and content, even though not developed or sold by us, which may expose us to potential claims, liabilities and obligations, all of which could harm our reputation and our business.

Legal & Regulatory

Total Risks: 6/38 (16%)Below Sector Average

Regulation3 | 7.9%

Regulation - Risk 1

We are subject to governmental sanctions and export and import controls that could impair our ability to compete in international markets and may subject us to liability if we are not in full compliance with applicable laws.

Our solutions are subject to export and import controls where we conduct our business activities, including the U.S. Commerce Department's Export Administration Regulations, U.S. Customs regulations, U.S. supply chain regulations and various economic and trade sanctions regulations established by the U.S. Treasury Department's Office of Foreign Assets Control. If we fail to comply with applicable trade laws, we and certain of our employees could be subject to substantial civil or criminal penalties, including the possible loss of trade privileges; fines, which may be imposed on us and responsible employees or managers; and, in extreme cases, the incarceration of responsible employees or managers. Obtaining necessary authorizations, including any required licenses, may be time-consuming, requires expenditure of corporate resources, is not guaranteed, and may result in the delay or loss of sales opportunities or the ability to realize value from certain acquisitions or engagements. Acquisitions may also subject us to successor liability and other integration compliance risks. Furthermore, export control laws and economic sanctions may prohibit or limit the transfer of certain products and services to embargoed or sanctioned countries, governments and parties. We can provide no assurance that any of the precautions we take to prevent our solutions from being provisioned or provided to sanctions targets in violation of applicable regulations will be effective, and, accordingly, our solutions could be provisioned or provided to those targets, including by our resellers or other third parties, which could have negative consequences for our business, including government investigations, penalties and reputational harm. Changes in our solutions or trade regulations may create delays in the introduction, sale and deployment of our solutions in international markets or prevent the export or import of our solutions to certain countries, governments or persons altogether. Any decreased use of our solutions or limitation on our ability to export or sell our solutions may adversely affect our business, financial condition and results of operations. Sanctions and import and export control regulations in the United States and other countries are subject to change and uncertainty, including as a result of rapidly evolving technology, increased government regulation over AI and cloud service solutions, and geopolitical developments such as events affecting relations between the United States and China, multi-jurisdictional sanctions on Russia, war in Ukraine and the regional conflict in the Middle East. Regulators in the United States and elsewhere have signaled an increased emphasis on sanctions and export control enforcement, including efforts to combat diversion of services to sanctioned countries and parties, several recent high-profile enforcement actions and increased pressure for companies to self-disclose potential violations.

Regulation - Risk 2

We may be subject to risks related to government contracts and related procurement regulations.

Contracting with federal, state, local and foreign governments or state-owned entities subjects us to various procurement regulations and other requirements relating to these contracts' formation, administration and performance, and how we engage with government officials. We are from time to time subject to audits, inquiries and investigations relating to our government contracts, which may result in adverse perceptions of our business. Additionally, any violations could result in various civil and criminal penalties and administrative sanctions, including termination of contracts, refunding or suspending of payments, forfeiture of profits, payment of fines and suspension or debarment from future government business, as well as reputational harm. Such contracts may also provide for termination by the government at any time, without cause. Additionally, our contracting with certain government entities may result in negative publicity or reputational harm. Any of these risks related to contracting with governmental entities could adversely impact our future sales, costs of doing business and operating results.

Regulation - Risk 3

Changed

Industry-specific regulations and other requirements and standards are evolving and industry-specific laws, regulations, interpretive positions or standards could harm our business.

Our customers and potential customers conduct business in a variety of industries, including financial services, the public sector, healthcare and telecommunications. Regulators in certain industries have adopted and may in the future adopt regulations or interpretive positions regarding the use of cloud computing, AI services and other outsourced services. The costs of compliance with, and other burdens imposed by, industry-specific laws, regulations and interpretive positions may limit our customers' use and adoption of our services and reduce overall demand for our services. Compliance with these regulations may also require us to devote greater resources to support certain customers, which may increase costs and lengthen sales cycles. For example, some financial services regulators have imposed guidelines for use of cloud computing services that mandate specific controls or require financial services enterprises to obtain regulatory approval prior to outsourcing certain functions. In the United States, a cybersecurity Executive Order released in May 2021 may heighten future compliance and incident reporting standards in order to obtain certain public sector contracts. If we are unable to comply with these guidelines or controls, or if our customers are unable to obtain regulatory approval to use our services where required, our business may be harmed. In addition, an inability to satisfy the standards of certain voluntary third-party certification bodies that our customers may expect, such as an attestation of compliance with the Payment Card Industry Data Security Standards, may have an adverse impact on our business and results. If in the future we are unable to achieve or maintain industry-specific certifications or other requirements or standards relevant to our customers, it may harm our business and adversely affect our results. Further, in some cases, industry-specific, regionally-specific or product-specific laws, regulations or interpretive positions may impact our ability, as well as the ability of our customers, partners and data providers, to collect, augment, analyze, use, transfer and share personal and other information that is integral to certain services we provide. The interpretation of many of these statutes, regulations and rulings is evolving in the courts and administrative agencies and an inability to comply may have an adverse impact on our business and results. This impact may be particularly acute in countries that have passed or are considering passing legislation that requires data to remain localized "in country," as this may impose financial costs on companies required to store data in jurisdictions not of their choosing and to use nonstandard operational processes that add complexity and are difficult and costly to integrate with global processes. This is also true with respect to the global proliferation of laws regulating the financial services industry, including its use of cloud services. In Europe, the Digital Operational Resilience Act (DORA), which aims to ensure the resilience of the EU financial sectors, including through mandatory risk management, incident reporting, resilience testing and third-party outsourcing restrictions, was formally adopted by the Council of the EU in November 2022. The UK is advancing similar legislation and other countries may follow. Further, countries are applying their data and consumer protection laws to AI, and particularly generative AI, and/or are considering legal frameworks on AI. Any failure or perceived failure by us to comply with such requirements could have an adverse impact on our business. There are various statutes, regulations and rulings relevant to direct email marketing and text-messaging industries, including the Telephone Consumer Protection Act ("TCPA") and related Federal Communication Commission orders, which impose significant restrictions on the ability to utilize telephone calls and text messages to mobile telephone numbers as a means of communication, when the prior consent of the person being contacted has not been obtained. We have been, and may in the future be, subject to one or more class-action lawsuits, as well as individual lawsuits, containing allegations that one of our businesses or customers violated the TCPA. A determination that we or our customers violated the TCPA or other communications-based statutes could expose us to significant damage awards that could, individually or in the aggregate, materially harm our business. In addition, many jurisdictions across the world are currently considering, or have already begun implementing, changes to antitrust and competition laws, regulations or interpretative positions to enhance competition in digital markets and address practices by certain digital platforms that they perceive to be anticompetitive. These regulatory efforts could result in laws, regulations or interpretative positions that may require us to change certain of our business practices, undertake new compliance obligations or otherwise may have an adverse impact on our business and results.

Taxation & Government Incentives1 | 2.6%

Taxation & Government Incentives - Risk 1

Unanticipated changes in our effective tax rate and additional tax liabilities and global tax developments may impact our financial results.

We are subject to income taxes in the United States and various other jurisdictions. Significant judgment is often required in the determination of our worldwide provision for income taxes. Our effective tax rate could be impacted by changes in our earnings and losses in countries with differing statutory tax rates, changes in operations, changes in non-deductible expenses, changes in the tax effects of stock-based compensation expense, changes in the valuation of deferred tax assets and liabilities and our ability to utilize them, the applicability of withholding taxes, effects from acquisitions and changes in accounting principles and tax laws. Any changes, ambiguity or uncertainty in taxing jurisdictions' administrative interpretations, decisions, policies and positions could also materially impact our income tax liabilities. We may also be subject to additional tax liabilities and penalties due to changes in non-income based taxes resulting from changes in federal, state, local or international tax laws, changes in taxing jurisdictions' administrative interpretations, decisions, policies and positions, results of tax examinations, settlements or judicial decisions, changes in accounting principles, or changes to our business operations, including as a result of acquisitions. Any resulting increase in our tax obligation or cash taxes paid could adversely affect our cash flows and financial results. We are also subject to tax examinations or engaged in alternative resolutions in multiple jurisdictions. While we regularly evaluate new information that may change our judgment resulting in recognition, derecognition or changes in measurement of a tax position taken, there can be no assurance that the final determination of any examinations will not have an adverse effect on our operating results or financial position. As our business continues to grow, increasing our brand recognition and profitability, we may be subject to increased scrutiny and corresponding tax disputes, which may impact our cash flows and financial results. Furthermore, our growing prominence may bring public attention to our tax profile, and if perceived negatively, may cause brand or reputational harm. Global tax developments applicable to multinational businesses may have a material impact to our business, cash flows, or financial results. Such developments, for example, may include certain provisions introduced by the Inflation Reduction Act, certain Organization for Economic Co-operation and Development's proposals including the implementation of the global minimum tax under the Pillar Two model rules, and the European Commission's and certain major jurisdictions' heightened interest in and taxation of companies participating in the digital economy. Furthermore, governments' responses to macroeconomic factors and tax revenue needs may lead to tax rule changes that could materially and adversely affect our cash flows and financial results.

Environmental / Social2 | 5.3%

Environmental / Social - Risk 1

Privacy concerns and laws as well as evolving regulation of cloud computing, AI services, cross-border data transfer restrictions and other domestic or foreign regulations may limit the use and adoption of our services and adversely affect our business.

Regulation related to the provision of services over the Internet is evolving, as federal, state and foreign governments continue to adopt new, or modify existing, laws and regulations addressing data privacy, cybersecurity, data protection, data sovereignty and the collection, processing, storage, hosting, transfer and use of data, generally. In some cases, data privacy laws and regulations, such as the EU's General Data Protection Regulation ("GDPR"), impose obligations directly on us as both a data controller and a data processor, as well as on many of our customers. In addition, domestic data privacy laws, such as the California Consumer Privacy Act ("CCPA") as amended by the California Privacy Rights Act ("CPRA"), and laws that have recently passed and/or gone into effect in many other states similarly impose new obligations on us and many of our customers, potentially as both a covered business and service provider. These laws continue to evolve, including, for example, India's Digital Personal Data Protection Act 2023, and as various jurisdictions introduce similar proposals, which often include subsequent rules and regulation, we and our customers become subject to additional regulatory burdens. New EU laws related to the use of data, including in the DSA, the Data Act and AI Act, may impose additional rules and restrictions on the use of the data in our products and services. In addition, various safe harbors have historically been provided to those who hosted content provided by others, such as safe harbors from monetary damages for copyright infringement arising from copyrighted content provided by customers and others and for defamation and other torts arising from information provided by customers and others. There is an increasing demand for repealing or limiting these safe harbors by either judicial decision or legislation, and we have active legal proceedings that have been impacted by the repeal or limiting of safe harbors that were previously available to us. Loss of these safe harbors may require altering or limiting some of our services or may require additional contractual terms to avoid liabilities for our customers' misconduct. Although we monitor the regulatory, judicial and legislative environment and have invested in addressing these developments, these laws may require us to make additional changes to our practices and services to enable us or our customers to meet the new legal requirements, and may also increase our potential liability exposure through new or higher potential penalties for noncompliance, including as a result of penalties, fines and lawsuits related to data breaches. Furthermore, privacy laws and regulations are subject to differing interpretations and may be inconsistent among jurisdictions. These and other requirements are causing increased scrutiny among customers, particularly in the public sector and highly regulated industries, and may be perceived differently from customer to customer. These developments could reduce demand for our services, require us to take on more onerous obligations in our contracts, restrict our ability to store, transfer and process data or, in some cases, impact our ability or our customers' ability to offer our services in certain locations, to deploy our solutions, to reach current and prospective customers, or to derive insights from customer data globally. For example, in July 2020, the Court of Justice of the European Union ("CJEU") invalidated the EU-U.S. Privacy Shield Framework, one of the mechanisms that allowed companies, including us, to transfer personal data from the European Economic Area ("EEA") to the United States. Even though the CJEU decision upheld the Standard Contractual Clauses ("SCCs") as an adequate transfer mechanism, the decision created uncertainty around the validity of all EU-to-U.S. data transfers. While the EU and U.S. governments have since adopted the EU-U.S. Data Privacy Framework to foster EU-to-U.S. data transfers and address the concerns raised in the aforementioned CJEU decision, it is uncertain whether this framework will be overturned in court like the previous two EU-U.S. bilateral cross-border transfer frameworks. As a result, regulators may continue to be inclined to interpret the CJEU's decision, and the logic behind it, as significantly restricting certain cross-border transfers and the cost and complexity of providing our services in certain markets may increase. Certain countries outside of the EEA have also passed or are considering passing laws requiring varying degrees of local data residency. By way of further example, statutory damages available through a private right of action for certain data breaches under the CPRA and potentially other states' laws, may increase our and our customers' potential liability and the demands our customers place on us. The costs of compliance with, and other burdens imposed by, privacy laws, regulations and standards may limit the use and adoption of our services, reduce overall demand for our services, make it more difficult to meet expectations from our commitments to customers and our customers' customers, lead to significant fines, penalties or liabilities for noncompliance,impact our reputation, or slow the pace at which we close sales transactions, in particular where customers request specific warranties and unlimited indemnity for noncompliance with privacy laws, any of which could harm our business. In March 2023, we launched the Hyperforce EU Operating Zone, which is designed to enable storage and processing of customer data solely within the EU. This EU service may enhance our ability to attract and retain customers operating in the EU, but may also increase the cost and complexity of supporting those customers, and our customers may demand similar offerings in other territories. In addition to government activity, privacy advocates and other industry groups have established or may establish new self-regulatory standards that may place additional burdens on our ability to provide our services globally. Our customers expect us to meet voluntary certification and other standards established by third parties. If we are unable to maintain these certifications or meet these standards, it could adversely affect our ability to provide our solutions to certain customers and could harm our business. In addition, we have seen a trend toward the private enforcement of data protection obligations, including through private actions for alleged noncompliance, which could harm our business and negatively impact our reputation. For example, in 2020 we were made a party to a legal proceeding brought by a Dutch privacy advocacy group (the Privacy Collective) on behalf of certain Dutch citizens that claims we violated the GDPR and Dutch Telecommunications Act through the processing and sharing of data in connection with our Audience Studio and Data Studio products. In December 2021, the Amsterdam District Court declared the Privacy Collective's claims against us inadmissible and dismissed the case, however, this ruling was appealed by the Privacy Collective. The appeal hearing took place in the Amsterdam Court of Appeal on February 8, 2024 and we are currently awaiting judgment. We were also named as a defendant in a similar lawsuit brought in the UK, which has subsequently been dismissed. Although we believe we have a strong defense for these claims, these or similar future claims could cause reputational harm to our brand or result in liability. In addition, a shift in consumers' data privacy expectations or other social, economic or political developments could impact the regulatory enforcement of privacy regulations, which could require our cooperation and increase the cost of compliance with the imposed regulations. Furthermore, the uncertain and shifting regulatory environment and trust climate may raise concerns regarding data privacy and cybersecurity, which may cause our customers or our customers' customers to resist providing the data necessary to allow our customers to use our services effectively. In addition, new products we develop or acquire in connection with changing events may expose us to liability or regulatory risk. Even the perception that the privacy and security of personal information are not satisfactorily protected or do not meet regulatory requirements could inhibit sales of our products or services and could limit adoption of our cloud-based solutions.

Environmental / Social - Risk 2

Our aspirations and disclosures related to ESG matters expose us to risks that could adversely affect our reputation and performance.

We have established and publicly announced ESG goals, including our commitments to advancing racial and gender equality within our workforce and reducing greenhouse gas emissions. These statements reflect our current plans and aspirations and are not guarantees that we will be able to achieve them. Our failure to accomplish or accurately track and report on these goals on a timely basis, or at all, could adversely affect our reputation, financial performance and growth, and expose us to increased scrutiny from the investment community as well as enforcement authorities. Our ability to achieve any ESG objective is subject to numerous risks, many of which are outside of our control. Examples of such risks include: - the availability and cost of low- or non-carbon-based energy sources;- the evolving regulatory requirements affecting ESG practices and/or disclosures;- the availability of suppliers that can meet our sustainability, diversity and other ESG standards;- our ability to recruit, develop and retain diverse talent in our labor markets; and - the success of our organic growth and acquisitions, dispositions or restructuring of our businesses or operations. Standards for tracking and reporting ESG matters continue to evolve. Our use of disclosure frameworks and standards, and the interpretation or application of those frameworks and standards, may change from time to time or differ from those of others. This may result in a lack of consistent or meaningful comparative data from period to period or between Salesforce and other companies in the same industry. In addition, our processes and controls may not comply with evolving standards for identifying, measuring and reporting ESG metrics, including ESG-related disclosures that may be required of public companies by the SEC and other regulators, and such standards may change over time, which could result in significant revisions to our current goals, reported progress in achieving such goals, or ability to achieve such goals in the future. For example, the proliferation of climate and other ESG disclosure requirements at the local, national and international levels have required and may continue to require significant effort and resources and could result in changes to our current ESG goals in order to comply with differing requirements. If our ESG practices do not meet evolving investor or other stakeholder expectations and standards, then our reputation, our ability to attract or retain employees, and our attractiveness as an investment, business partner, acquiror or service provider could be negatively impacted. Further, our failure or perceived failure to pursue or fulfill our goals and objectives or to satisfy various reporting standards on a timely basis, or at all, could have similar negative impacts or expose us to government enforcement actions and private litigation.

Ability to Sell

Total Risks: 5/38 (13%)Below Sector Average

Competition1 | 2.6%

Competition - Risk 1

The markets in which we participate are intensely competitive, and if we do not compete effectively, our operating results could be harmed.

The market for enterprise applications and platform services is highly competitive, rapidly evolving, fragmented and subject to changing technology, low barriers to entry, shifting customer needs and frequent introductions of new products and services. Many prospective customers have invested substantial personnel and financial resources to implement and integrate their current enterprise software into their businesses and therefore may be reluctant or unwilling to migrate away from their current solution to a different enterprise software service. Additionally, third-party developers may be reluctant to build application services on our platform since they have invested in other competing technology platforms. Our current competitors include: - vendors of packaged business software, as well as companies offering enterprise apps delivered through on-premises offerings from enterprise software application vendors and cloud computing application service providers, either individually or with others;- software companies that provide their product or service free of charge as a single product or when bundled with other offerings, or only charge a premium for advanced features and functionality, as well as companies that offer solutions that are sold without a direct sales organization;- vendors who offer software tailored to specific services, industries or market segments, as opposed to our full suite of service offerings, including suppliers of traditional business intelligence and data preparation products, integration software vendors, marketing vendors, e-commerce solutions vendors or data platform vendors;- productivity tool and email providers, unified communications providers and consumer application companies that have entered the business software market; and - traditional platform development environment companies and cloud computing development platform companies who may develop toolsets and products that allow customers to build new apps that run on the customers' current infrastructure or as hosted services, as well as would-be customers who may develop enterprise applications for internal use. In addition, we may face more competition as we expand our product offerings. Some of our current and potential competitors may have competitive advantages, such as greater name recognition, longer operating histories, more significant installed bases, broader geographic scope, broader suites of service offerings and larger marketing budgets, as well as substantially greater financial, technical, personnel and other resources. In addition, many of our current and potential competitors have established marketing relationships and access to larger customer bases, and have major distribution agreements with consultants, system integrators and resellers. We also experience competition from smaller, younger competitors that may be more agile in responding to customers' demands and offer more targeted and simplified solutions. Our competitors may be able to respond more quickly and effectively than we can to new or changing opportunities, technologies, standards or customer requirements, or provide competitive pricing, more flexible contracts or faster implementations. Additionally, we are building AI into many of our offerings, and we are facing increased competition as AI technologies are integrated into the markets in which we compete. Our competitors may be able to develop new AI offerings that disrupt workforce needs and negatively impact demand for our offerings, or incorporate AI into their offerings more successfully than we do and achieve greater and faster adoption. As a result, even if our services are more effective than the products and services that our competitors offer, potential customers might select competitive products and services in lieu of purchasing our services. For all of these reasons, we may not be able to compete successfully against our current and future competitors, which could negatively impact our future sales and harm our business.

Demand1 | 2.6%

Demand - Risk 1

If our customers do not renew their subscriptions for our services or if they reduce the number of paying subscriptions at the time of renewal, our revenue and current remaining performance obligation could decline and our business may suffer. If we cannot accurately predict subscription renewals or upgrade rates, we may not meet our revenue targets, which may adversely affect the market price of our common stock.

Our customers have no obligation to renew their subscriptions for our services after the expiration of their contractual subscription period, which is typically 12 to 36 months, and in the normal course of business, some customers have elected not to renew. In addition, our customers may renew for fewer subscriptions, renew for shorter contract lengths or switch to lower cost offerings of our services, particularly in times of general economic uncertainty. Additionally, due to our largely subscription-based business model, recent economic uncertainty may not be fully reflected in our results of operations until future periods. It is difficult to predict attrition rates given our varied customer base and the number of multi-year subscription contracts. Our attrition rates may increase or fluctuate as a result of various factors, including customer dissatisfaction with our services, customers' spending levels, mix of customer base, decreases in the number of users at our customers, competition, pricing increases or changes and deteriorating general economic conditions. Our future success also depends in part on our ability to sell additional features and services, more subscriptions or enhanced editions of our services to our current customers. This may also require increasingly sophisticated and costly sales efforts that are targeted at senior management. Similarly, the rate at which our customers purchase new or enhanced services depends on a number of factors, including general economic conditions and customer receptiveness to any price changes related to these additional features and services.

Sales & Marketing2 | 5.3%

Sales & Marketing - Risk 1

Periodic changes to our sales organization can be disruptive and may reduce our rate of growth.

We periodically change and make adjustments to our sales organization in response to market opportunities, competitive threats, management changes, product introductions or enhancements, acquisitions, sales performance, increases in sales headcount, cost levels and other internal and external considerations. Such sales organization changes have in some periods resulted in, and may in the future result in, a reduction of productivity, which could negatively impact our rate of growth in the current and future quarters and operating results, including revenue. For example, the Restructuring Plan and other restructuring actions involved such changes to our sales organization, which could negatively impact our productivity, growth rate and operating results, which may adversely affect the market price of our common stock. In addition, any significant change to the way we structure our compensation of our sales organization may be disruptive and may affect our revenue growth.

Sales & Marketing - Risk 2

As more of our sales efforts are targeted at larger enterprise customers, our sales cycle may become more time-consuming and expensive, we may encounter pricing pressure and implementation and configuration challenges, and we may have to delay revenue recognition for some complex transactions, all of which could harm our business and operating results.

As we target more of our sales efforts at larger enterprise customers, including governmental entities, and specific industries, such as financial services and healthcare and life sciences, we may face greater costs, longer sales cycles, greater competition and less predictability in completing some of our sales. In these market segments, the customer's decision to use our services is often an enterprise-wide decision and, if so, may require us to provide greater levels of education regarding the use and benefits of our services, as well as addressing concerns regarding privacy and data protection laws and regulations of prospective customers with international operations or whose own customers operate internationally. In addition, larger customers and governmental entities often demand more configuration, integration services and features. As a result of these factors, these sales opportunities often require us to devote greater sales support and professional services resources to individual customers, driving up costs and time required to complete sales and diverting our own sales and professional services resources to a smaller number of larger transactions, while potentially requiring us to delay revenue recognition on some of these transactions until the technical or implementation requirements have been met. Pricing and packaging strategies for enterprise and other customers for subscriptions to our existing and future service offerings, including for our AI offerings such as Agentforce, may not be widely accepted by new or existing customers. Our adoption of or failure to adopt, as well as the manner and time of, changes to our pricing and packaging models and strategies may harm our business.

Brand / Reputation1 | 2.6%

Brand / Reputation - Risk 1

Our continued success depends on our ability to maintain and enhance our brands.

We believe that the brand identities we have developed, including associations with trust, customer success, innovation, equality and sustainability have significantly contributed to the success of our business. Maintaining and enhancing the Salesforce brand and our other brands is critical to expanding our base of customers, partners and employees. Our brand strength, particularly for our core services, depends largely on our ability to remain a technology leader and to continue to provide high-quality innovative products, services and features in a secure, reliable manner that enhances our customers' success even as we scale and expand our services. In order to maintain and enhance the strength of our brands, we have made and may in the future make substantial investments to expand or improve our product offerings and services, or we may enter new markets that may be accompanied by initial complications or ultimately prove to be unsuccessful. In addition, we have secured the naming rights to facilities controlled by third parties, such as office towers and a transit center, and any negative events or publicity arising in connection with these facilities could adversely impact our brand. Further, entry into markets with weaker protection of brands or changes in the legal systems in countries we operate may impact our ability to protect our brands. If we fail to maintain, enhance or protect our brands, or if we incur excessive expenses in our efforts to do so, our business, operating results and financial condition may be materially and adversely affected.

Macro & Political

Total Risks: 5/38 (13%)Above Sector Average

Economy & Political Environment1 | 2.6%

Economy & Political Environment - Risk 1

Volatile and significantly weakened global economic conditions have in the past and may in the future adversely affect our industry, business and results of operations.

Our overall performance depends in part on worldwide economic and geopolitical conditions. The United States and other key international economies have experienced significant economic and market downturns in the past, and are likely to experience additional cyclical downturns from time to time in which economic activity is impacted by falling demand for a variety of goods and services, restricted credit, poor liquidity, reduced corporate profitability, volatility in credit, equity and foreign exchange markets, inflation, bankruptcies and overall uncertainty with respect to the economy. These economic conditions can arise suddenly and the full impact of such conditions can be difficult to predict. In addition, geopolitical and domestic political developments, such as existing and potential trade wars and other events beyond our control, such as war in Ukraine and the regional conflict in the Middle East, have increased and may continue to increase levels of political and economic unpredictability globally and the volatility of global financial markets. Moreover, these conditions have affected and may continue to affect the rate of IT spending; could adversely affect our customers' ability or willingness to attend our events or to purchase our enterprise cloud computing services; have delayed and may delay customer purchasing decisions; and have reduced and may in the future reduce the value and duration of customer subscription contracts or cause our customers to seek to modify their existing subscription contracts. All of these risks and conditions could materially adversely affect our future sales, attrition rates and operating results.

International Operations1 | 2.6%

International Operations - Risk 1

Sales to customers outside the United States expose us to risks inherent in international operations.

We sell our services throughout the world and are subject to risks and challenges associated with international business. We intend to seek to continue to expand our international sales efforts. The risks and challenges associated with sales to customers outside the United States or those that can affect international operations generally, include: - regional economic and political conditions, natural disasters, acts of war, terrorism and actual or threatened public health emergencies;- localization of our services, including translation into foreign languages and associated expenses;- regulatory frameworks or business practices favoring local competitors;- pressure on the creditworthiness of sovereign nations, where we have customers and a balance of our cash, cash equivalents and marketable securities;- foreign currency fluctuations and controls, which may make our services more expensive for international customers and could add volatility to or negatively impact our operating results, including, for example, the impact of Argentina's 2023 amendments to foreign exchange controls;- compliance with multiple, conflicting, ambiguous or evolving governmental laws and regulations, including employment, tax, privacy, anti-corruption, import/export, customs, anti-boycott, sanctions and embargoes, antitrust, data privacy, transfer, storage and protection, cybersecurity, ESG and industry-specific laws and regulations, including rules related to compliance by our third-party resellers and our ability to identify and respond timely to compliance issues when they occur;- liquidity issues or political actions by sovereign nations, including nations with a controlled currency environment, could result in decreased values of these balances or potential difficulties protecting our foreign assets or satisfying local obligations;- vetting and monitoring our third-party resellers in new and evolving markets to confirm they maintain standards consistent with our brand and reputation;- treatment of revenue from international sources, evolving domestic and international tax environments and changes to tax codes, including being subject to foreign tax laws and being liable for paying withholding taxes in foreign jurisdictions;- uncertainty regarding the imposition of and changes in the United States' and other governments' trade regulations, trade wars, tariffs, other restrictions or other geopolitical events, including the evolving relations between the United States and China, the United States and Russia, and ongoing conflicts, such as the war in Ukraine and the regional conflict in the Middle East;- perceptions of regions or governments in the regions where we operate or plan to operate, resulting in negative publicity or reputational harm;- regional data privacy laws and other regulatory requirements that apply to outsourced service providers and to the transmission of our customers' data across international borders, which grow more complex as we scale, expand into new markets and enhance the breadth of our service offerings;- different pricing environments;- difficulties in staffing and managing foreign operations;- different or lesser protection of our intellectual property, including increased risk of theft of our proprietary technology and other intellectual property, and more prevalent cybersecurity risks, particularly in jurisdictions in which we have historically chosen not to operate; and - longer accounts receivable payment cycles and other collection difficulties. Any of these factors could negatively impact our business and results of operations. The above factors may also negatively impact our ability to successfully expand into emerging market countries, where we have little or no operating experience, where it can be costly and challenging to establish and maintain operations, including hiring and managing required personnel, and difficult to promote our brand, and where we may not benefit from any first-to-market advantage or otherwise succeed.

Natural and Human Disruptions2 | 5.3%

Natural and Human Disruptions - Risk 1

Climate change may have an impact on our business.

While we seek to mitigate our business risks associated with climate change by establishing robust environmental programs and partnering with organizations who are also focused on mitigating their own climate-related risks, we recognize that there are inherent climate-related risks wherever business is conducted. Any of our primary locations may be vulnerable to the adverse effects of climate change. For example, our offices globally have historically experienced, and are projected to continue to experience, climate-related events at an increasing frequency, including drought, water scarcity, heat waves, cold waves, flooding, wildfires and resultant air quality impacts and power shutoffs associated with climate-related events. These events in turn have impacts on inflation risks, food security, water security (including for water availability for data center cooling), energy security and on our employees' health and well-being. Furthermore, it is more difficult to mitigate the impact of these events on our employees working remotely or at client sites. Changing market dynamics, global policy developments and the increasing frequency and impact of extreme weather events on critical infrastructure in the United States and elsewhere have the potential to disrupt our business, the business of companies we invest in, the business of third-party providers or suppliers that we rely on to conduct our business and the business of our customers, and may cause us to experience higher attrition, losses and additional costs to maintain or resume operations. In particular, climate-related events, energy market volatility, and power grid disruptions may increase the operational costs of data centers for us or our third-party providers. Additionally, failure to uphold, meet or make timely forward progress against our public commitments and goals related to climate action could adversely affect our reputation with investors, suppliers and customers, our financial performance or our ability to recruit and retain talent.

Natural and Human Disruptions - Risk 2

Natural disasters and other events beyond our control have in the past and may in the future materially adversely affect us.

Natural disasters or other catastrophic events have in the past and may in the future cause damage or disruption to our people, operations, international commerce and the global economy, and thus could have a strong negative effect on us. Our business operations, the business operations of third-party providers or suppliers that we rely on to conduct our business and the business operations of our customers are subject to interruption by natural disasters, fire, power shutoffs or shortages, actual or threatened public health emergencies and other events beyond our control. For example, the occurrence of regional conflicts, epidemics or a global pandemic, such as COVID-19, have in the past and may in the future materially affect how we and our customers operate our businesses, as well as our operating results and cash flows. Although we maintain crisis management and disaster response plans, such events could make it difficult or impossible for us to deliver our services to our customers, and could decrease demand for our services. Our corporate headquarters, and a significant portion of our personnel, research and development activities and other critical business operations, are located near major seismic faults in the San Francisco Bay Area. Because we do not carry earthquake insurance for direct earthquake-related losses and significant recovery time could be required to resume operations, our financial condition and operating results could be materially and adversely affected in the event of a major earthquake or catastrophic event, and the adverse effects of any such catastrophic event would be exacerbated if experienced at the same time as another unexpected and adverse event.

Capital Markets1 | 2.6%

Capital Markets - Risk 1

We are exposed to fluctuations in currency exchange rates that have in the past and could in the future negatively impact our financial results and cash flows from changes in the value of the U.S. Dollar versus local currencies.

We primarily conduct our business in the following regions: the Americas, Europe and Asia Pacific. The expanding global scope of our business exposes us to risk of fluctuations in foreign currency markets, including in emerging markets. This exposure is the result of selling in multiple currencies, growth in our international investments, additional headcount in foreign locations, and operating in countries where the functional currency is the local currency. Specifically, our results of operations and cash flows are subject to currency fluctuations primarily in Euro, British Pound Sterling, Japanese Yen, Canadian Dollar, Australian Dollar, Brazilian Real and Indian Rupee against the U.S. Dollar. These exposures may change over time as business practices evolve, economic and political conditions change and evolving tax regulations come into effect. The fluctuations of currencies in which we conduct business can both increase and decrease our overall revenue and expenses for any given fiscal period. Furthermore, fluctuations in foreign currency exchange rates, combined with the seasonality of our business, could affect our ability to accurately predict our future results and earnings. Additionally, global events as well as geopolitical developments, including war in Ukraine and the regional conflict in the Middle East, fluctuating commodity prices, trade tariff developments and inflation have caused, and may in the future cause, global economic uncertainty and uncertainty about the interest rate environment, which has and could in the future amplify the volatility of currency fluctuations. Although we attempt to mitigate some of this volatility and related risks through foreign currency hedging, our hedging activities are limited in scope and may not effectively offset the adverse financial impacts that may result from unfavorable movements in foreign currency exchange rates, which could adversely impact our financial condition or results of operations.

Production

Total Risks: 3/38 (8%)Below Sector Average

Manufacturing1 | 2.6%

Manufacturing - Risk 1

Any failure in the delivery of high-quality professional and technical support services related to our online applications may adversely affect our relationships with our customers and our financial results.

Our customers sometimes require highly skilled and trained service professionals to successfully implement our applications and depend on our support organization to resolve technical issues relating to our applications. Implementation services may be performed by us, our customers, a third party, or a combination thereof. Our strategy is to work with third parties to increase the breadth of capability and depth of capacity for delivery of these services to our customers. If customers are not satisfied with the quality and timing of work by us or a third party or with the type of services or solutions delivered, we could incur additional costs to address the situation, the profitability of that work might be impaired, our revenue recognition could be impacted and the customer's dissatisfaction with the services received could negatively impact our ability to sell our other offerings to that customer or retain existing customers. In addition, negative publicity related to our customer relationships, regardless of its accuracy, may further damage our business by affecting our ability to compete for new business with current or prospective customers. We may be unable to respond quickly enough to accommodate short-term increases in customer demand for support services across our varying and diverse offerings. In addition, our sales process is highly dependent on our applications and business reputation and on positive recommendations from our existing customers. Any failure to maintain high-quality professional and technical support services, or a market perception that we do not maintain high-quality professional and technical support services, could adversely affect our reputation, our ability to sell our service offerings to existing and prospective customers, and our business, operating results and financial position.

Employment / Personnel1 | 2.6%

Employment / Personnel - Risk 1

We may lose key members of our management team or development and operations personnel, and may be unable to attract and retain employees we need to support our operations and growth.

Our success depends substantially upon the continued services of our executive officers and other key members of management, particularly our chief executive officer. From time to time, there may be changes in our management team resulting from the hiring, departure or realignment of executives. Such changes may be disruptive to our business. We are also substantially dependent on the continued service of our existing development and operations personnel because of the complexity of our services and technologies. Our executive officers, key management, development or operations personnel could terminate their employment with us at any time. Effective succession planning for management is important to our long-term success. If we do not develop adequate succession planning for our key personnel, the loss of one or more of our key employees or groups of employees could seriously harm our business. The technology industry is subject to substantial and continuous competition for engineers with high levels of experience in designing, developing and managing software and technology services, as well as competition for sales executives, data scientists and operations personnel. We have experienced, and currently experience, challenges with significant competition in talent recruitment and retention, and may not in the future be successful in recruiting or retaining talent or achieving the workforce diversity goals we have set publicly. We have from time to time experienced, and we expect to continue to experience, difficulty in hiring, developing, integrating and retaining highly skilled employees with appropriate qualifications. These difficulties may be amplified by evolving restrictions on immigration, travel, or availability of visas for skilled technology workers. Additionally, our compensation arrangements and benefits may not always be successful in attracting new employees or retaining and motivating our existing personnel. If we fail to attract new personnel or fail to retain and motivate our current personnel, our business and future growth prospects could be severely harmed. In January 2023, we announced the Restructuring Plan, which was intended to reduce operating costs, improve operating margins and continue advancing our ongoing commitment to profitable growth. The Restructuring Plan included a reduction of our workforce, which was substantially completed by the end of fiscal 2024, and select real estate exits and office space reductions within certain markets, which are expected to be completed by the end of fiscal 2026. In the first half of fiscal 2025, we initiated further targeted workforce and office space reductions, which are expected to be substantially complete in fiscal 2025. The Restructuring Plan and other recent workforce reductions, or any similar actions taken in the future, could negatively impact our ability to attract, integrate, retain and motivate key employees. In addition, we believe in the importance of our corporate culture, which fosters dialogue, collaboration, recognition, equality and a sense of family. As our organization has grown and expanded globally, and as our workplace plans have developed, including, for example, workforce and office space reductions enacted under the Restructuring Plan, we have in the past and may in the future find it increasingly difficult to maintain the beneficial aspects of our corporate culture globally, including managing the complexities of communicating with all employees. Any inability to maintain our corporate culture could negatively impact our ability to attract and retain employees, harm our reputation with customers or negatively impact our future growth.

Supply Chain1 | 2.6%

Supply Chain - Risk 1

Any interruptions or delays in services from third parties, including data center hosting facilities, cloud computing platform providers and other hardware and software vendors, or from our inability to adequately plan for and manage service interruptions or infrastructure capacity requirements, could impair the delivery of our services and harm our business.

We currently rely on third-party data center hosting facilities and cloud computing platform providers located in the United States and other countries to deliver our products, services and business operations and to operate critical business systems. We also rely on computer hardware purchased or leased from, software licensed from, and cloud computing platforms provided by, third parties in order to offer our services, including database software, hardware and data from a variety of vendors. Any disruption or damage to, or failure of our systems generally, including the systems of our third-party platform providers, could result in interruptions in our services and harm our business. We have from time to time experienced interruptions in our services and such interruptions may occur in the future. As we increase our reliance on these third-party systems, particularly with respect to third-party cloud computing platforms, our exposure to damage from service interruptions or other performance or quality issues may increase. Interruptions in our services or other performance or quality issues may cause us to issue credits or pay penalties, cause customers to make warranty or other claims against us or to terminate their subscriptions, and adversely affect our attrition rates and our ability to attract new customers, all of which would reduce our revenue. Our business and reputation would also be harmed if our customers and potential customers believe our services are unreliable. For many of our offerings, our production environment and customers' data are replicated in a separate facility located elsewhere. Certain offerings, including some offerings of companies added through acquisitions, may be served through alternate facilities or arrangements. We do not control the operation of any of these facilities, and they may be vulnerable to damage or interruption from earthquakes, floods, fires, power loss, telecommunications failures and similar events. They may also be subject to break-ins, sabotage, intentional acts of destruction or vandalism or similar misconduct, as well as local administrative actions (including shelter-in-place or similar orders), changes to legal or permitting requirements and litigation to stop, limit or delay operation. In addition, supply chain disruptions due to geopolitical developments in Europe may lead to power disruptions in regions where our facilities are located. Despite precautions taken at these facilities, such as disaster recovery and business continuity arrangements, the occurrence of any of the foregoing events or risks, or a natural disaster or public health emergency, an act of terrorism, a decision to close the facilities without adequate notice or other unanticipated problems or operational failures at these facilities could result in lengthy interruptions in our services, and no assurance can be provided that any such interruptions would be remediated without significant cost or in a timely manner or at all. The hardware, software, data and cloud computing platforms that we rely on, including, for example, the large language models leveraged in our AI offerings, may not continue to be available at reasonable prices, on commercially reasonable terms or at all. Any loss of the right to use any of these hardware, software, data or cloud computing platforms could significantly increase our expenses and disrupt or otherwise result in delays in the provisioning of our services until equivalent technology is either developed by us, or, if available, is identified, obtained through purchase or license and integrated into our services, and no assurance can be provided that such equivalent technology would be developed or obtained in a timely manner or at all. As we scale our operations, the amount and type of information transferred on our offerings continues to evolve, including as a result of the deployment of AI technologies, and our infrastructure capacity requirements, including network capacity and computing power, may increase as a result. If we do not accurately plan for our infrastructure capacity requirements and we experience significant strains on our data center capacity, our customers could experience performance degradation or service outages that may subject us to financial liabilities, result in customer losses and harm our reputation and business. As we add data centers and capacity and continue to move to cloud computing platform providers, we move or transfer our data and our customers' data from time to time. Despite precautions taken during this process, any unsuccessful data transfers may impair the delivery of our services, which may damage our business.

See a full breakdown of risk according to category and subcategory. The list starts with the category with the most risk. Click on subcategories to read relevant extracts from the most recent report.

FAQ

What are “Risk Factors”?

Risk factors are any situations or occurrences that could make investing in a company risky.

The Securities and Exchange Commission (SEC) requires that publicly traded companies disclose their most significant risk factors. This is so that potential investors can consider any risks before they make an investment.

They also offer companies protection, as a company can use risk factors as liability protection. This could happen if a company underperforms and investors take legal action as a result.

It is worth noting that smaller companies, that is those with a public float of under $75 million on the last business day, do not have to include risk factors in their 10-K and 10-Q forms, although some may choose to do so.

How do companies disclose their risk factors?

Publicly traded companies initially disclose their risk factors to the SEC through their S-1 filings as part of the IPO process.

Additionally, companies must provide a complete list of risk factors in their Annual Reports (Form 10-K) or (Form 20-F) for “foreign private issuers”.

Quarterly Reports also include a section on risk factors (Form 10-Q) where companies are only required to update any changes since the previous report.

According to the SEC, risk factors should be reported concisely, logically and in “plain English” so investors can understand them.

How can I use TipRanks risk factors in my stock research?

Use the Risk Factors tab to get data about the risk factors of any company in which you are considering investing.

You can easily see the most significant risks a company is facing. Additionally, you can find out which risk factors a company has added, removed or adjusted since its previous disclosure. You can also see how a company’s risk factors compare to others in its sector.

Without reading company reports or participating in conference calls, you would most likely not have access to this sort of information, which is usually not included in press releases or other public announcements.

A simplified analysis of risk factors is unique to TipRanks.

What are all the risk factor categories?

TipRanks has identified 6 major categories of risk factors and a number of subcategories for each. You can see how these categories are broken down in the list below.

1. Financial & Corporate

Accounting & Financial Operations - risks related to accounting loss, value of intangible assets, financial statements, value of intangible assets, financial reporting, estimates, guidance, company profitability, dividends, fluctuating results.
Share Price & Shareholder Rights – risks related to things that impact share prices and the rights of shareholders, including analyst ratings, major shareholder activity, trade volatility, liquidity of shares, anti-takeover provisions, international listing, dual listing.
Debt & Financing – risks related to debt, funding, financing and interest rates, financial investments.
Corporate Activity and Growth – risks related to restructuring, M&As, joint ventures, execution of corporate strategy, strategic alliances.

2. Legal & Regulatory

Litigation and Legal Liabilities – risks related to litigation/ lawsuits against the company.
Regulation – risks related to compliance, GDPR, and new legislation.
Environmental / Social – risks related to environmental regulation and to data privacy.
Taxation & Government Incentives – risks related to taxation and changes in government incentives.

3. Production

Costs – risks related to costs of production including commodity prices, future contracts, inventory.
Supply Chain – risks related to the company’s suppliers.
Manufacturing – risks related to the company’s manufacturing process including product quality and product recalls.
Human Capital – risks related to recruitment, training and retention of key employees, employee relationships & unions labor disputes, pension, and post retirement benefits, medical, health and welfare benefits, employee misconduct, employee litigation.

4. Technology & Innovation

Innovation / R&D – risks related to innovation and new product development.
Technology – risks related to the company’s reliance on technology.
Cyber Security – risks related to securing the company’s digital assets and from cyber attacks.
Trade Secrets & Patents – risks related to the company’s ability to protect its intellectual property and to infringement claims against the company as well as piracy and unlicensed copying.

5. Ability to Sell

Demand – risks related to the demand of the company’s goods and services including seasonality, reliance on key customers.
Competition – risks related to the company’s competition including substitutes.
Sales & Marketing – risks related to sales, marketing, and distribution channels, pricing, and market penetration.
Brand & Reputation – risks related to the company’s brand and reputation.

6. Macro & Political

Economy & Political Environment – risks related to changes in economic and political conditions.
Natural and Human Disruptions – risks related to catastrophes, floods, storms, terror, earthquakes, coronavirus pandemic/COVID-19.
International Operations – risks related to the global nature of the company.
Capital Markets – risks related to exchange rates and trade, cryptocurrency.

Become an Expert with TipRanks Premium

What am I Missing?

Make informed decisions based on Top Analysts' activity

Know what industry insiders are buying

Get actionable alerts from top Wall Street Analysts

Find out before anyone else which stock is going to shoot up

Get powerful stock screeners & detailed portfolio analysis

Subscribe Now See Plans & Pricing