Nexters (GDEV) Risk Factors

We collect, process, store, use and share data, some of which contains personal information, including the personal information of our players. Our business is therefore subject to a number of federal, state, local and foreign laws, regulations, regulatory codes and guidelines governing data privacy, data protection and security, including with respect to the collection, storage, use, processing, transmission, sharing and protection of personal information. Such laws, regulations, regulatory codes and guidelines are complex, may be inconsistent across jurisdictions or conflict with other rules and their interpretation is rapidly evolving, making implementation and enforcement, and thus compliance requirements, ambiguous, uncertain, and potentially inconsistent. Compliance with such laws may require changes to our data collection, use, transfer, disclosure, other processing, and certain other related business practices and may thereby increase compliance costs or have other material adverse effects on our business. As the scope of data privacy and security regulations worldwide continues to evolve, we believe that the adoption of increasingly restrictive regulations in this area is likely within the United States and other jurisdictions. For example, in the United States, a number of state-level data privacy laws have or will soon go into effect that introduce new data privacy rights for consumers and new operational requirements for companies. For instance, the California Consumer Privacy Act ("CCPA") provides data privacy rights for California residents and operational requirements for covered companies. Among other things, companies covered by the CCPA must provide new disclosures to California residents and afford such residents certain privacy rights relating to their personal information. The CCPA provides for civil penalties for violations, as well as a private right of action for data breaches that is expected to increase data breach litigation. In addition, the California Privacy Rights Act ("CPRA"), which took effect in January 2023, expanded the rights granted under the CCPA, created a new enforcement agency, the California Privacy Protection Agency, and imposed additional obligations on covered companies. Additionally, other U.S. states have implemented, or are in the process of implementing, similar new laws or regulations. For example, the Virginia Consumer Data Protection Act ("VCDPA"), which took effect on January 1, 2023, the Colorado Privacy Act ("CPA") and the Connecticut Data Privacy Act ("CTDPA"), which both took effect on July 1, 2023, and the Utah Consumer Privacy Act ("UCPA"), which took effect on December 31, 2023, similarly impose new privacy rights and obligations on covered companies. In addition to the CCPA, the VCDPA, CPA, CTDPA and UCPA provide for civil penalties for violations that are enforceable by the Attorney General of its respective state, which could range into the millions of dollars. More generally, the enactment of the CCPA, VCDPA, CPA, CTDPA and UCPA could mark the beginning of a trend toward more stringent United States federal privacy legislation, which could increase our potential liability and adversely affect our business. We cannot fully predict the impact of these laws, or subsequent guidance, regulations or rules on our business or operations, including those that are still in draft form, but they may increase our compliance costs and potential liability, particularly in the event of a data breach, and could have a material adverse effect on our business, including how we use personal information, our financial condition, and the results of our operations or prospects. Further, if we become subject to other state-level data privacy laws, guidelines or regulations, we may be required again to modify our data collection or processing practices and policies and to incur substantial costs and expenses in an effort to comply and increase our potential exposure to regulatory enforcement and/or litigation. Outside of the United States, many countries have also adopted comprehensive data protection and security laws. In the BVI we are subject to the Data Protection Act, 2021 (the "BVI DPA") The DPA establishes a framework of rights and duties designed to safeguard individuals' personal data, balanced against the need of public authorities, businesses and organizations to collect and use personal data for lawful purposes. The BVI DPA is centered around seven data protection principles (the General Principle, the Notice and Choice Principle, the Disclosure Principle, the Security Principle, the Retention Principle, the Data Integrity Principle and the Access Principle). The BVI DPA is however based on the original UK Data Protection Act 1998 and therefore less comprehensive than the GDPR (defined below) and UK GDPR (defined below) to which we are also subject. We are also subject to the EU General Data Protection Regulation 2016/679 (the "GDPR") in the European Economic Area (the "EEA"), and, following the withdrawal of the United Kingdom from the European Union, we have had to comply with the GDPR as implemented in the United Kingdom, which together with the amended United Kingdom Data Protection Act 2018 (together, the "UK GDPR"), retains in large part the GDPR in United Kingdom national law. The GDPR and the UK GDPR (collectively, the "Applicable UK/EU Data Protection Laws") impose comprehensive data privacy compliance obligations on controllers and processors of personal data in the EEA and the United Kingdom, including, for example, specific standards for obtaining consent from individuals to process their personal data, robust disclosures to individuals and a comprehensive individual data rights regime, and defined timelines for data breach notifications. The Applicable UK/EU Data Protection Laws create compliance obligations applicable to our business and some of our players, which can be uncertain given rapidly developing guidance and case law, and could change our business practices, expose us to significant reputational damage, regulatory enforcement actions or assessment notices (for a compulsory audit), orders to cease/change our data processing activities, and/or civil lawsuits (including class action or similar representative lawsuits) by consumers or consumer organizations, amongst others, for alleged breach of data protection laws. The Applicable UK/EU Data Protection Laws include financial penalties for noncompliance including possible fines of up to the greater of 4% of global annual revenues for the preceding financial year or €20 million, or £17.5 million in the United Kingdom, for the most serious violations. Many geographies in which we operate, including Australia, Brazil, Canada and India, have passed or are in the process of passing comparable or other robust data privacy legislation or regulation, which may lead to additional costs and increase our overall risk exposure. We are also subject to EU and UK rules with respect to cross-border transfers of personal data out of the EEA and the UK, respectively, and recent legal developments and guidance have created complexity and uncertainty regarding such transfers to other countries, in particular in relation to transfers to the United States. In July 2020, the Court of Justice of the European Union ("CJEU") invalidated the EU-US Privacy Shield and further noted that reliance on the standard contractual clauses (a standard form of contract approved by the European Commission as an adequate personal data transfer mechanism and potential alternative to the Privacy Shield) alone may not necessarily be sufficient in all circumstances and that transfers must be assessed on a case-by-case basis. A replacement for the Privacy Shield Framework was introduced, the EU-US Data Privacy Framework ("DPF"); however, this framework may also face challenges. The European Commission adopted its adequacy decision in 2023 rendering the DPF effective as an EU GDPR transfer mechanism to U.S. entities self-certified under the DPF. On October 12, 2023, the UK Extension to the DPF came into effect (as approved by the UK Government) as a UK GDPR data transfer mechanism to U.S. entities self-certified under the UK Extension to the DPF. There has been increased regulatory action and attention in relation to international data transfers. We currently rely on the standard contractual clauses to transfer personal information outside the EEA and the UK, including to the United States, with respect to both intragroup and third party transfers. As the enforcement landscape further develops, and supervisory authorities issue further decisions and guidance on personal information export mechanisms, we could suffer additional costs, complaints and/or regulatory investigations or fines, we may have to stop using certain tools and vendors and make other operational changes, we have had to and will have to implement revised standard contractual clauses for existing intragroup, customer and vendor arrangements within required time frames, and/or if we are otherwise unable to transfer personal information between and among countries and regions in which we operate, it could affect the manner in which we provide our services, the geographical location or segregation of our relevant systems and operations, and could materially adversely affect our business, results of operations and financial condition. In particular, given the complexity and constantly evolving nature of our cross-border data transfers, our standard contractual clauses will need to be updated over time to fully legitimize our data transfers, and a failure to do so could result in enforcement action from regulators. There can be no assurances that we will be successful in our efforts to comply with the GDPR or other privacy and data protection laws and regulations, or that violations will not occur, particularly given the complexity of both these laws and our business, as well as the uncertainties that accompany new laws. Our business also increasingly relies on machine learning, artificial intelligence and automated decision making to improve our services and tailor our interactions with our customers (see "-Risks Related to the Company's Intellectual Property-Use of generative artificial intelligence tools in our business may result in significant reputational harm and liability"). However, in recent years use of these methods has come under increased regulatory scrutiny. New laws, guidance and/or decisions in this area may limit our ability to use our machine learning and artificial intelligence, or require us to make changes to our platform or operations that may decrease our operational efficiency, result in an increase to operating costs and/or hinder our ability to improve our services. For example, there are specific rules on the use of automated decision making under the Applicable UK/EU Data Protection Laws that require the existence of automated decision making to be disclosed to the data subject with a meaningful explanation of the logic used in such decision making in certain circumstances, and safeguards must be implemented to safeguard individual rights, including the right to obtain human intervention and to contest any decision. Equally, the regulatory framework around the development and use of machine learning, artificial intelligence and automated decision making is evolving. In Europe, European Union legislators recently reached a political agreement on the EU Artificial Intelligence Act ("EU AI Act"), which establishes a comprehensive, risk-based governance framework for artificial intelligence in the EU market. The EU AI Act is expected to enter into force in 2024, and the majority of the substantive requirements will apply two years later. The EU AI Act will apply to companies that develop, use and/or provide artificial intelligence in the EU and includes requirements around transparency, conformity assessments and monitoring, risk assessments, human oversight, security, accuracy, general purpose artificial intelligence and foundation models, and proposes fines for breach of up to 7% of worldwide annual turnover. In addition, on September 28, 2022, the European Commission proposed two Directives seeking to establish a harmonized civil liability regime for artificial intelligence in the EU in order to facilitate civil claims in respect of harm caused by artificial intelligence and to include artificial intelligence-enabled products within the scope of the EU's existing strict liability regime. Once fully applicable, the EU AI Act will have a material impact on the way artificial intelligence is regulated in the EU, and together with developing guidance and/or decisions in this area, may affect our use of artificial intelligence and our ability to provide and to improve our services, require additional compliance measures and changes to our operations and processes, result in increased compliance costs and potential increases in civil claims against us, and could adversely affect our business, operations and financial condition. Any failure or perceived failure by us to comply with our posted privacy policies, our privacy-related obligations to players or other third parties, or any other legal obligations or regulatory requirements relating to privacy, data protection, or information security may result in governmental investigations or enforcement actions, litigation, claims (including class actions), or public statements against us by consumer advocacy groups or others and could result in significant liability, cause our players to lose trust in us, and otherwise materially and adversely affect our reputation and business. Furthermore, the costs of compliance with, and other burdens imposed by, the laws, regulations, and policies that are applicable to us may limit the adoption and use of, and reduce the overall demand for, our games. Additionally, if third parties we work with, such as our service providers or data sharing partners, violate applicable laws, regulations, or agreements, such violations may put our players' and/or employees' data at risk, could result in governmental investigations or enforcement actions, fines, litigation, claims (including class action claims) or public statements against us by consumer advocacy groups or others and could result in significant liability, cause our players to lose trust in us and otherwise materially and adversely affect our reputation and business. Further, public scrutiny of, or complaints about, technology companies or their data handling or data protection practices, even if unrelated to our business, industry or operations, may lead to increased scrutiny of technology companies, including us, and may cause government agencies to enact additional regulatory requirements, or to modify their enforcement or investigation activities, which may increase our costs and risks. In addition, in some cases, we are dependent upon our platform providers to solicit, collect and provide us with information regarding our players that is necessary for compliance with these various types of regulations. Our business, including our ability to operate and expand internationally, could be adversely affected if laws or regulations are adopted, interpreted or implemented in a manner that is inconsistent with our current business practices and that require changes to these practices, the design of our games, features or our privacy policy. These platform providers may dictate rules, conduct or technical features that do not properly comply with federal, state, local and foreign laws, regulations and regulatory codes and guidelines governing data privacy, data protection and security, including with respect to the collection, storage, use, processing, transmission, sharing and protection of personal information and other consumer data. In addition, these platforms may dictate rules, conduct or technical features relating to the collection, storage, use, transmission, sharing and protection of personal information and other consumer data, which may result in substantial costs and may necessitate changes to our business practices, which in turn may compromise our growth strategy, adversely affect our ability to attract, monetize or retain players, and otherwise adversely affect our business, reputation, legal exposures, financial condition and results of operations. Any failure or perceived failure by us to comply with these platform-dictated rules, conduct or technical features may result in platform-led investigations or enforcement actions, litigation, or public statements against us, which in turn could result in significant liability or temporary or permanent suspension of our business activities with these platforms, cause our players to lose trust in us, and otherwise compromise our growth strategy, adversely affect our ability to attract, monetize or retain players, and otherwise adversely affect our business, reputation, legal exposures, financial condition and results of operations. Player interaction with our games is subject to our privacy policy and terms of service. If we fail to comply with our posted privacy policy or terms of service or if we fail to comply with existing privacy-related or data protection laws and regulations, it could result in complaints by data subjects or proceedings or litigation against us by governmental authorities or others, which could result in fines or judgments against us, damage our reputation, non-availability of our services, impact our financial condition and harm our business. If regulators, the media or consumers raise any concerns about our privacy and data protection or consumer protection practices, even if unfounded, this could also result in fines or judgments against us, damage our reputation, and negatively impact our financial condition and damage our business. In the area of information security and data protection, many jurisdictions have passed laws requiring notification when there is a security breach for personal information or requiring the adoption of minimum information security standards that are often vaguely defined and difficult to implement. Our security measures and standards may not be sufficient to protect personal information and we cannot guarantee that our security measures will prevent security breaches, cyber-attacks, acts of vandalism, computer viruses, malware, ransomware, denial-of-service attacks, human error issues or other similar events that lead to misplaced or lost information, programming and/or other similar issues. A security breach that compromises personal information could harm our reputation and result in a loss of player and/or employee confidence in our games and ultimately in a loss of players, which could adversely affect our business and impact our financial condition. A security breach could also involve loss or unavailability of business-critical data, and could require us to spend significant resources to mitigate and repair the breach, which in turn could compromise our growth and adversely affect our ability to attract, monetize or retain players. These risks could also subject us to liability under applicable security breach-related laws and regulations and could result in additional compliance costs, costs related to regulatory inquiries and investigations, and an inability to conduct our business. See "-If we sustain cyber-attacks or other privacy or data security incidents that result in security breaches, we could suffer a loss of sales and increased costs, exposure to significant liability, reputational harm and other negative consequences."

Based on our current plans and market conditions, we believe that cash flows generated from our operations will be sufficient to satisfy our anticipated cash requirements in the ordinary course of business for the foreseeable future. However, we intend to continue to make significant investments to support our business growth and may require additional funds to respond to business challenges, including the need to develop new games and features or enhance our existing games, improve our operating infrastructure or acquire complementary businesses, personnel and technologies. Accordingly, we may need to engage in equity or debt financings to secure additional funds. If we raise additional funds through future issuances of equity or convertible debt securities, our existing shareholders could suffer significant dilution, and any new equity securities we issue could have rights, preferences and privileges superior to those of holders of our ordinary shares. Any debt financing we secure in the future could include restrictive covenants relating to our capital raising activities and other financial and operational matters, which may make it more difficult for us to obtain additional capital and to pursue business opportunities, including potential acquisitions. We may not be able to obtain additional financing on terms favorable to us, if at all. If we are unable to obtain adequate financing or financing on terms satisfactory to us when we require it, our ability to continue to support our business growth and to respond to business challenges could be significantly impaired, and our business may be harmed.

Our brand name, image and the goodwill that exists in both are integral to the growth of our business and to the implementation of our strategies for expanding our business. We believe that our brand image has significantly contributed to the success of our business and is critical to maintaining and expanding our customer base. Maintaining and enhancing our brand and goodwill may require us to make substantial investments in areas such as research and development, marketing and customer experience, and these investments may not be successful. Acquisitions of new businesses in accordance with our acquisition strategy may put additional pressure on our existing and newly acquired brands, and require us to invest more resources in developing, maintaining and further enhancing our brands. We anticipate that, as our business expands into new markets, we launch new game offerings and the industry in which we operate becomes increasingly competitive, maintaining and enhancing our brand may become difficult and expensive. For example, consumers in any new international markets into which we expand may not know our brand and/or may not accept our brand, resulting in increased costs to market and attract customers to our brand. Our brand may also be adversely affected if our public image or reputation is tarnished by negative publicity, including negative social media campaigns, poor reviews of our products or negative customer experiences. For example, we receive complaints from users regarding various aspect of our games, our policies and our practices. In particular, we have received complaints regarding inappropriate behavior and content posted in our in-game chats and via private messages among game players. Although we have implemented internal mechanisms to track and react to inappropriate behavior by our customers, we can provide no assurance that we will be able to react to such behavior in a timely manner in the future. This inability to react to such behavior in a timely manner may become increasingly problematic as legislation is being implemented in various jurisdictions in order to implement controls over harmful online behavior and increase the responsibility of platforms (see "-Risks Related to the Company's Information Technology and Data Security-Our business, products, and distribution are subject to increasing regulation of content. If we do not successfully respond to these regulations, our business, financial condition and results of operations could be materially adversely affected" above for further detail). In addition, we can provide no assurance that we will not be party to further claims and actions by either the customers affected by any inappropriate behavior or the customers who have been restricted or banned from our in-game chats for such behavior. Additionally, in light of Russia's ongoing military conflict in Ukraine, our brand may be adversely affected by our historical association with Russia. Our nexus to Russia was limited even prior to the Ukraine conflict, and we have minimized our exposure to Russia since its outbreak. The Issuer is incorporated in the British Virgin Islands and maintains its principal place of business in Cyprus. Moreover, the senior management team functions and the majority of the critical operations for the Company are conducted from Cyprus. While the Company draws upon personnel located in many other jurisdictions, which historically included Russia, the Company has relocated all personnel to jurisdictions outside Russia, Ukraine and Belarus and has divested itself of all subsidiaries in Russia. The Company has fully implemented its plan to eliminate, to the maximum extent possible within its control, all remaining connections to Russia. Notwithstanding these facts, any action or inaction taken by the Company arising from or relating to the Russian military conflict in Ukraine, including in respect of our former presence in Russia or our past association with Russia, could adversely affect our brand and could be negatively viewed by our investors, users or employees. Any of the foregoing could have a material adverse effect on our business, financial condition (including our liquidity position) and results of operations. Furthermore, ineffective marketing, product diversion to unauthorized distribution channels, product defects, unfair competition practices, unfair labor practices and failure to protect our intellectual property rights are among the potential threats to the strength of our brand, and those and other factors could rapidly and severely diminish consumer confidence in us and our brand. Failure to maintain the strength of our brand could have a material adverse effect on our business, financial condition and results of operations.

Our functional currency is the U.S. Dollar and our expenses are primarily denominated in U.S. Dollars. However, a substantial portion of our revenue are denominated in euros and other currencies. This foreign currency exposure gives rise to market risk associated with weakening of these other currencies versus the U.S. Dollar. Users of our games pay for in game purchases with their local currencies in the jurisdictions in which we operate. We receive Bookings from third-party platforms that distribute our games, which convert payments received in local currencies into U.S. Dollars and/or euros at spot rates that are outside of our control. For example, in the past, we have experienced a reduction of our Bookings due to a fast depreciation in Japanese yen. Should exchange rates change dramatically, this could have a material adverse effect on our results of operations. In addition, increased international sales in the future may result in greater foreign currency denominated sales, increasing our foreign currency risk. Moreover, operating expenses incurred outside the United States and denominated in foreign currencies are increasing and are subject to fluctuations due to changes in foreign currency exchange rates. If we are not able to successfully hedge against the risks associated with currency fluctuations, our financial condition and results of operations could be adversely affected. To date, we have not entered into any hedging transactions in an effort to reduce our exposure to foreign currency exchange risk. While we may decide to enter into hedging transactions in the future, the availability and effectiveness of these hedging transactions may be limited and we may not be able to successfully hedge our exposure, which could adversely affect our financial condition and results of operations.

We primarily rely on our highly skilled, technically trained and creative employees to develop new technologies and create innovative games. Such employees, particularly game designers, engineers and project managers with desirable skill sets are in high demand, and we devote significant resources to identifying, hiring, training, successfully integrating and retaining these employees. The loss of employees or the inability to hire additional skilled employees as necessary could result in significant disruptions to our business, and the integration of replacement personnel could be time-consuming and expensive and cause additional disruptions to our business. We are highly dependent on the continued services and performance of our key personnel, including, in particular Andrey Fadeev, one of our co-founders, Anton Reinhold, our Chief Operating Officer, and our other executive officers as well as our senior management team. Moreover, our success is highly dependent on the abilities of our senior managers' decision-making process with respect to the day-to-day and ongoing needs of our business, as well as their more fundamental understanding of our Company. Although we have entered into employment agreements with our senior managers, such agreements may be terminated, subject to certain agreed notice periods and post-termination restrictive covenants. We do not maintain key-man insurance for any executive officer or member of our senior management team. In addition, our games are created, developed, enhanced and supported in our in-house game studios. The loss of key game studio personnel, including members of management as well as key engineering, game development, artists, product, marketing and sales personnel, could disrupt our current games, delay new game development or game enhancements, and decrease player retention, which would have an adverse effect on our business. As we continue to grow, we cannot guarantee we will continue to attract the personnel we need to maintain our competitive position. In particular, we expect to face significant competition from other companies in hiring such personnel as well as recruiting well-qualified staff in multiple international jurisdictions. Furthermore, our competitors may lure away our existing personnel by offering them employment terms that our personnel view as more favorable. As we mature, the incentives to attract, retain and motivate our staff provided by our equity awards or by future arrangements, such as through cash bonuses, may not be as effective as in the past. If we do not succeed in attracting, hiring and integrating excellent personnel, or retaining and motivating existing personnel, we may be unable to grow effectively.

Our games are primarily accessed and operated through Apple, Facebook, Google, Xsolla and Huawei, which also serve as significant online distribution platforms for our games. Substantially all of the virtual items that we or our distributors sell to paying players are purchased using the payment processing systems of these platforms. Consequently, our prospects and expansion depend on our continued relationships with these providers, and any other emerging platform providers that are widely adopted by our target players. We and our distributors are subject to the standard terms and conditions of these platform providers for application developers, which govern the content, promotion, distribution, operation of games and other applications on their platforms, as well as the terms of the payment processing services provided by the platforms, and which the platform providers can change unilaterally with little or no notice. Our business would be harmed if: - the platform providers discontinue or limit our or our distributors' access to their platforms;- governments or private parties, such as internet providers, impose bandwidth restrictions or increase charges or restrict or prohibit access to those platforms;- governments or private parties impose restrictions, prohibitions or conditions in relation to payments;- the platforms increase the fees they charge us or our distributors;- the platforms modify their algorithms, communication channels available to developers, respective terms of service or other policies;- the platforms decline in popularity;- the platforms adopt changes or updates to their technology that impede integration with other software systems or otherwise require us to modify our technology or update our games in order to ensure players can continue to access our games and content with ease;- the platforms elect or are required to change how they label free-to-play games or take payment for in-game purchases;- the platforms block or limit access to the genres of games that we or our distributors provide in any jurisdiction;- the platforms impose restrictions or spending caps or make it more difficult for players to make in-game purchases of virtual items;- the platforms change how the personal information of players is made available to developers or develop or expand their own competitive offerings; or - we or our distributors are unable to comply with the platform providers' terms of service. If our platform providers do not perform their obligations in accordance with our platform agreements, we could be adversely impacted. For example, in the past, some of these platform providers have been unavailable for short periods of time, unexpectedly changed their terms and conditions, or experienced issues with their features that permit our players to purchase virtual items. Additionally, we rely on Xsolla, a third-party online payment service provider, to process any payments generated on games accessed and operated on our own proprietary platform. If this third-party service provider is unable to process payments, even for a short period of time, our business would be harmed. These platforms and our third-party online payment service provider may also experience security breaches or other issues with their functionalities, which could expose us to data breaches and could result in negative publicity, loss of customer confidence, fines from regulators and exposure to litigation. In addition, if we do not adhere to the terms and conditions of our platform providers, the platform providers may take actions to limit the operations of, suspend or remove our games from the platform, and/or we may be exposed to liability or litigation. For example, in August 2020, Epic Games, Inc., or Epic Games, attempted to bypass Apple and Google's payment systems for in-game purchases with an update that allowed users to make purchases directly through Epic Games in its game, Fortnite. Apple and Google promptly removed Fortnite from their respective app stores, and Apple filed a lawsuit seeking injunctive relief to block the use of Epic Games' payment system and seeking monetary damages to recover funds made while the updated version of Fortnite was active. In September 2021, a court ruled that Apple must provide other payment options for in-app game purchases within a certain time, however, Apple is not required to allow Fortnite back on its app store. On appeal by both parties, the Ninth Circuit in April 2023 upheld the lower court's ruling, and the Supreme Court declined to hear a further appeal by both parties of the Ninth Circuit's ruling. If any events described above or similar to those described above were to occur on a short-term or long-term basis, or if these third-party platforms and our online payment service provider otherwise experience issues that impact the ability of players to download or access our games, access social features, or make in-game purchases, they could have a material adverse effect on our brands and reputation, as well as our business, financial condition and results of operations.

We generally do not maintain insurance coverage other than director and officer liability insurance and certain limited professional indemnity insurance, as we believe that the majority of the risks that we face cannot be insured against or cannot be insured on economically reasonable terms. Therefore, any losses that we incur generally would not benefit from insurance coverage, and such losses could adversely affect our business prospects, results of operations, cash flows and financial condition.