Lemonade (LMND) Risk Analysis

As of December 31, 2025, we were licensed to sell renters, homeowners, pet and/or car insurance policies in 50 states of the United States, and operate in 41 of those states, and Washington, D.C. We also hold a pan-European license, which enables us to sell in 30 countries across Europe, and currently operate in Germany, the Netherlands, France. In addition, we also hold branch authorization permits in the UK which allows us to operate on a permanent basis in the UK market. In the United States, each state regulator retains the authority to license insurers in their states, and an insurer generally may not operate in a state in which it is not licensed. Accordingly, we are not permitted to sell insurance to residents of the remaining states and territories of the United States, which is likely to put us at a disadvantage among many of our competitors that have been in business much longer than us and are licensed to sell their insurance products in most, if not all, U.S. jurisdictions. We have a reinsurance captive subsidiary, Lemonade Re SPC, domiciled in the Cayman Islands which is subject to inspections by the Cayman Islands Monetary Authority. We are subject to extensive regulation and supervision in the states in which we transact business by the individual state insurance departments. This regulation is generally designed to protect the interests of customers, and not necessarily the interests of insurers or agents, their shareholders or other investors. Numerous aspects of our insurance business are subject to regulation, including, but not limited to, premium rates, mandatory covered risks, limitations on the ability to renew or elect not to renew business, prohibited exclusions, licensing and appointment of agents, restrictions on the size of risks that may be insured under a single policy, reserves and provisions for unearned premiums, losses and other obligations, deposits of securities for the benefit of customers, investments and capital, policy forms and coverages, advertising and other conduct, including restrictions on the use of credit information and other factors in underwriting, as well as other underwriting and claims practices. To the extent we decide to expand our current product offerings to include other insurance products, this would subject us to additional regulatory requirements and scrutiny in each state in which we elect to offer such products. States have also adopted legislation defining and prohibiting unfair methods of competition and unfair or deceptive acts and practices in the business of insurance. Prohibited practices include, but are not limited to, misrepresentations, false advertising, coercion, disparaging other insurers, unfair claims settlement procedures, and discrimination in the business of insurance. Noncompliance with any of such state statutes may subject us to regulatory action by the relevant state insurance regulator, and, in certain states, private litigation. States also regulate various aspects of the contractual relationships between insurers and independent agents. Such laws, rules and regulations are usually overseen and enforced by the various state insurance departments, as well as through private rights of action and by state attorneys general. Such regulations or enforcement actions are often responsive to current consumer and political sensitivities, such as homeowners insurance rates and coverage forms, or which may arise after a major event. Such rules and regulations may result in rate suppression, limit our ability to manage our exposure to unprofitable or volatile risks, or lead to fines, premium refunds or other adverse consequences. The federal government also may regulate aspects of our businesses, such as the protection of consumer confidential information or the use of consumer insurance (credit) scores to underwrite and assess the risk of customers under the Fair Credit Reporting Act ("FCRA"). Among other things, the FCRA requires insurance companies to have a permissible purpose before obtaining and using a consumer report for underwriting purposes, as well as comply with related notice and recordkeeping requirements. Failure to comply with federal requirements under the FCRA or any other applicable federal laws would subject us to regulatory fines and other sanctions. In addition, given our short operating history to-date and rapid speed of growth, we are particularly vulnerable to regulators identifying errors in the policy forms we use, the rates we charge, and our customer communications. As a result of such noncompliance, regulators could impose fines, rebates or other penalties, including cease-and-desist orders for an individual state, or all states, until the identified noncompliance is rectified. Our ability to retain state licenses depends on our ability to meet licensing requirements established by the NAIC and adopted by each state, subject to variations across states. If we are unable to satisfy the applicable licensing requirements of any particular state, we could lose our license to do business in such state, which would result in the temporary or permanent cessation of our operations in that state. Alternatively, if we are unable to satisfy applicable state licensing requirements, we may be subject to additional regulatory oversight, have our license suspended, or be subject to seizure of assets. Any such events could adversely affect our business, results of operations or financial condition. See "Regulation - Required Licensing." In addition, as a condition to writing business in certain states, insurers are required to participate in various pools or risk sharing mechanisms or to accept certain classes of risk, regardless of whether such risks meet their underwriting requirements for voluntary business. Some states also limit or impose restrictions on the ability of an insurer to withdraw from certain classes of business. New York, among other states, imposes significant restrictions on a company's ability to materially reduce its exposures or to withdraw from certain lines of business. The state insurance departments can impose significant charges on an insurer in connection with a market withdrawal or refuse to approve withdrawal plans on the grounds that they could lead to market disruption. Laws and regulations that limit cancellation and non-renewal of policies or that subject withdrawal plans to prior approval requirements may significantly restrict our ability to exit unprofitable markets. Such actions and related regulatory restrictions may limit our ability to reduce our potential exposure to hurricane-related losses. Our European insurance entities, Lemonade Insurance N.V., Lemonade Agency B.V. and Lemonade B.V., are subject to primary supervision by the Dutch Central Bank (De Nederlandsche Bank, "DNB") as the supervisory authority of its home member state, the Dutch Authority for the Financial Markets (Autoriteit Financiële Markten, "AFM"), and the German Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht, "BaFin") as the supervisory authority of a host member state. DNB and AFM expect firms to avoid actions that jeopardize compliance with their statutory objectives and applicable rules and regulations and have extensive powers to intervene in the affairs of a regulated firm. When DNB is concerned that an insurer may present a risk, this may lead to negative consequences, including the requirement to maintain a higher level of regulatory capital (via capital "add-ons" under the Solvency II Directive) to match the higher perceived risks and enforcement action where the risks identified breach applicable rules and regulations. In the case of a breach of our license requirements or obligations arising from the applicable rules and regulations, we may be subject to the DNB and the AFM's sanctions, including (public) formal warnings, orders to adopt a certain course of conduct, incremental penalties and administrative fines, revocation of an undertaking license and, in the case of insurers, where the breach relates to material prudential shortcomings, emergency measures (including the appointment of an administrator or the imposition of measures aimed at winding-up the undertaking). Any such events could adversely affect our business, results of operations or financial condition. See "Business - Regulation - European Regulation.

We must accurately and timely evaluate and pay claims that are made under our policies. Many factors affect our ability to pay claims accurately and timely, including the efficacy of our artificial intelligence claims processing, the training and experience of our claims adjusters, including our third-party claims administrators, and our ability to develop or select and implement appropriate procedures and systems to support our claims functions. The speed by which our artificial intelligence technology allows us to process and pay claims is a differentiating factor for our business and an increase in the average time to process claims could undermine our reputation and position in the insurance marketplace. Any failure to pay claims accurately or timely could also lead to regulatory and administrative actions or material litigation, or result in damage to our reputation, any one of which could materially and adversely affect our business, financial condition, results of operations, and prospects. If our claims adjusters or third party claims administrators are unable to effectively process our volume of non-automated claims, our ability to grow our business while maintaining high levels of customer satisfaction could be compromised, which in turn, could adversely affect our operating margins.

The GDPR applies to the processing of personal data by our business in the context of our establishments in the European Union and/or the UK. In addition, all portions of our business established outside the European Union and the UK may be required to comply with the requirements of the GDPR with respect to the offering of products or services to individuals in the European Union or UK. The GDPR could also apply to our establishments of business outside the European Union and the UK if we were to monitor the activities of individuals. The GDPR increases the maximum level of fines for the most serious compliance failures to the greater of four percent of annual worldwide turnover or €20,000,000 / GBP17,500,000, respectively. We may also be subject to the local privacy and data protection laws of the E.U. Member States in which we offer products or services, which can carry penalties and potential criminal sanctions. The regulatory requirements and restrictions set out in the GDPR include, among others, the following: - The GDPR imposes a number of principles with respect to the processing of personal data, including requirements to process personal data lawfully, fairly, and in a transparent manner, to process personal data only to the extent necessary for the purposes required, maintain the accuracy of personal data, limit the retention of personal data for no longer than is necessary, and maintain appropriate technical and organizational security measures against unauthorized processing or accidental loss, destruction, or damage. We are implementing external and internal policies and procedures, technical measures and internal training designed to adhere to those principles;- In relation to the transparency principle, the GDPR requires us to provide individuals in the European Union and the UK whose personal data we process ("data subjects") with certain information regarding the processing of their personal data by us, and we have an EU and UK privacy policy, which can be found at https://www.lemonade.com/de/en/privacy-policy (with respect to Germany), https://www.lemonade.com/nl/en/privacy-policy (with respect to the Netherlands) and http://www.lemonade.com/fr/en/privacy-policy (with respect to France); and https://www.lemonade.com/uk/privacy-policy (with respect to UK);- The GDPR requires us to maintain internal records of our processing activities and to make those records available to regulators on demand;- The GDPR requires us to include mandatory terms in our agreements with third parties that process personal data subject to the GDPR on our behalf ("Processors"). To comply with this requirement, we enter into Data Processing Addenda ("DPA's") with Processors to contractually ensure they process data only according to our instructions. If a third party violates the terms of the DPA, it could lead to regulatory penalties or an an adverse impact on our business;- The GDPR grants data subjects various rights, including the right to access, copy, or object to the processing of their personal data. as well as the right to erasure {"right to be forgotten"). We have implemented internal policies and procedures, including specific response timelines and data retention protocols, designed to systematically address and fulfill these requests in compliance with regulatory requirements;- The GDPR prohibits automated decision making, i.e. a decision evaluating a data subject's personal aspects based solely on automated processing that produces legal effects or other significant effects for that data subject, except where such decision making is necessary for entering into or performing a contract or is based on the data subject's explicit consent. There is not yet any clear precedent as to whether use of artificial intelligence to make insurance offers to individuals will be considered necessary even though it is integral to our business model. If our automated decision making processes cannot meet this necessity threshold, we cannot use these processes with E.U. data subjects unless we obtain their explicit consent. Notably for the UK, in 2025, the Data Use and Access Act ("DUAA") came into force, which relaxed the restrictions around automated decision-making to only apply when the decision involves special category data such as health, race, region, or biometric data. However, this change under UK law does not alter the fact that automated decision-making of non-special category data must still be communicated to the data subject. Relying on consent to conduct this type of processing holds its own risks because consent must be considered freely given (commentators argue that seeking consent by tying it to a service may be problematic) and consent can be withdrawn by a data subject at any time. We are continually monitoring for updates to guidance in this area, however, if subsequent guidance and/or decisions limit our ability to use our artificial intelligence models, that may decrease our operational efficiency and result in an increase to the costs of operating our business. Automated decision making also attracts a higher regulatory burden under the GDPR, which requires the existence of such automated decision making be disclosed to the data subject including a meaningful explanation of the logic used in such decision making, and safeguards must be implemented to safeguard individual rights, including the right to obtain human intervention and to contest any decision. Further obligations in terms of transparency have and are likely to continue to be imposed under new laws regulating AI, including the EU AI Act with the majority of its substantive requirements applying from August 2, 2026. See "We rely on artificial intelligence, telematics, mobile technology, and our digital platforms to collect data that we evaluate in pricing and underwriting our insurance policies, managing claims and customer support, and improving business processes, and any legal or regulatory requirements that prohibit or restrict our ability to collect or use this data could materially and adversely affect our business, financial condition, results of operations and prospects"; and - The GDPR also places limits on the profiling of individuals, i.e. processing of personal data to evaluate certain personal aspects, like analyzing or predicting aspects of a person's economic situation, health, personal preferences, location, etc. There is increasing enforcement related to the lawfulness, fairness and transparency of this processing, and there is still uncertainty about the relevant lawful basis for this activity (i.e., consent or legitimate interests) and, in the case of legitimate interests, it is unclear what kind of opt-out or objection mechanism would be required to achieve GDPR compliance. We are continually monitoring for updates to guidance in this area, however, if subsequent guidance and/or decisions limit our ability to engage in profiling, that may decrease our operational efficiency and result in an increase to the costs of operating our business. The DUAA brought about other key changes as well. For instance, there is a new lawful basis for data processing in the form of "recognized legitimate interests." These recognized legitimate interests are specific types of processing activities that are automatically considered lawful, for example, fraud detection and prevention, information security, crime prevention, and public health and safety. Contrary to regular legitimate interests, recognized legitimate interests do not require the controller to conduct and document a legitimate interest assessment to ensure that processing activities fulfil the contemplated purpose, are necessary, and override the interests and fundamental rights and freedoms of a data subject. A considerable number of Lemonade's processing activities serve the purpose of fraud detection/prevention. In the future, when Lemonade seeks a lawful basis for its UK processing activities that serve a recognized legitimate interest, it will not need to conduct a legitimate interest assessment. We are also subject to European Union rules with respect to cross-border transfers of personal data out of the European Economic Area ("EEA") and the UK. We currently rely on the EU standard contractual clauses and the UK Addendum to the EU standard contractual clauses and the UK International Data Transfer Agreement as relevant to transfer personal data outside the EEA and the UK with respect to both intragroup and third party transfers. We expect the existing legal complexity and uncertainty regarding international personal data transfers to continue and international transfers to the United States and to other jurisdictions more generally to continue to be subject to enhanced scrutiny by regulators. As the regulatory guidance and enforcement landscape in relation to data transfers continue to develop, we could suffer additional costs, complaints and/or regulatory investigations or fines; we may have to stop using certain tools and vendors and make other operational changes; we may have to implement revised standard contractual clauses for existing intragroup, customer and vendor arrangements within required time frames; and/or it could otherwise affect the manner in which we provide our services, and could adversely affect our business, operations and financial condition. In respect of the GDPR's obligations, we rely on positions and interpretations of the law that have yet to be fully tested before the relevant courts and regulators. If a regulator or court of competent jurisdiction determined that one or more of our compliance efforts does not satisfy the applicable requirements of the GDPR, or if any party brought a claim in this regard, there could be potential governmental or regulatory investigations, enforcement actions, regulatory fines, compliance orders, litigation or public statements against us by consumer advocacy groups or others, and that could cause customers to lose trust in us and damage our reputation. Likewise, a change in guidance could be costly and have an adverse effect on our business. We are also subject to evolving EU and UK privacy laws on cookies, tracking technologies and e-marketing. Recent European court and regulator decisions are driving increased attention to cookies and tracking technologies. If the trend of increasing enforcement by regulators of the strict approach to opt-in consent for all but essential use cases, as seen in recent guidance and decisions continues this may increase the cost of operating our business and lead to a decline in revenues and impair our ability to collect user information. However, note that pursuant to the DUAA, consent will no longer be required for the placement of certain types of storage and access technologies (e.g., cookies), including analytics, site optimization, and website functionality. In addition, legal uncertainties about the legality of cookies and other tracking technologies may lead to regulatory scrutiny and increase potential civil liability under data protection or consumer protection laws. Any such changes may force us to incur substantial costs or require us to change our business practices which could compromise our ability to pursue our growth strategy effectively and may adversely affect our ability to acquire customers or otherwise harm our business, financial condition and operating results. In light of the complex and evolving nature of EU, EU Member State and UK privacy laws on cookies and tracking technologies be successful in our efforts to comply with such laws; violations of such laws could result in regulatory investigations, fines, orders to cease/ change our use of such technologies, as well as civil claims including class actions, and reputational damage. In August 2025, Amendment 13 to the Israeli Protection of Privacy Law, 5741-1981, came into force, significantly reforming Israeli privacy laws. The Amendment expanded the enforcement powers of the Israeli Privacy Protection Authority, including its authority to impose substantial financial fines of up to 5% of an organization's annual turnover. It also introduced additional requirements for the processing of personal data, broadened certain existing obligations, and expanded the authority of the courts to award statutory damages without proof of damage for violations. The Amendment therefore could affect our operations in Israel regarding the processing of personal data. We also continue to monitor developments in private litigation in the U.S. arising from the use of online tracking technologies. Over the past several years, plaintiffs' firms have filed numerous class action lawsuits alleging that website operators deploy third-party analytics or targeted advertising tools without first obtaining users' affirmative consent. These suits generally assert that, by allowing such third-party trackers to collect data, the website operator has facilitated the unlawful interception of user communications in violation of the California Invasion of Privacy Act ("CIPA"), the federal Electronic Communications Privacy Act ("ECPA"), and similar state statutes. More recently, plaintiffs have advanced related theories claiming that the use of these tracking technologies constitutes the operation of an unlawful pen register or trap-and-trace process under these same laws. Although these statutes are criminal in nature, they provide private rights of action that may include statutory damages on a per-violation basis (for example, up to $5,000 per alleged violation under CIPA). These claims remain active and continue to evolve, and adverse outcomes could result in significant monetary exposure or injunctive obligations. Any significant change to applicable laws, regulations, interpretations of laws or regulations, or market practices, regarding the use of personal data, or regarding the manner in which we seek to comply with applicable laws and regulations, could require us to make modifications to our products, services, policies, procedures, notices, and business practices, including potentially material changes. Such changes could potentially have an adverse impact on our business.

Our ability to increase revenue depends on our capacity to successfully launch new product offerings and expand into new geographic markets. Since 2020, we have diversified our portfolio by launching pet, life, and car insurance to complement our core renters and homeowners products, and in 2024, we expanded our offerings in the UK and France to include buildings insurance. However, entering these complex markets requires substantial investments of time and capital to gain a deep understanding of unique business challenges and customer needs; we may not be successful in these efforts. Furthermore, insurance regulations may limit our ability to introduce new products or restrict the states and countries in which we operate and regulatory approvals may take months to be obtained or may be rejected entirely. Even if we successfully expand, managing this growth effectively presents significant operational risks. Our revenue grew from $429.8 million for the year ended December 31, 2023 to $526.5 million for the year ended December 31, 2024 and $737.9 million for the year ended December 31, 2025, placing substantial demands on our management, employees, and financial resources. As we add staff and enhance our internal controls, our organizational structure will become increasingly complex. This expansion requires significant capital expenditures and the allocation of management resources to ensure that our corporate culture of innovation and the quality of our customer experience are not undermined. If we cannot maintain the efficiency of our insurance-buying experience as we scale, our brand could be harmed, and our business, results of operations, and financial condition could be materially and adversely affected.

Our success is dependent in part on protecting our intellectual property rights and technology (such as source code, information, data, processes and other forms of information, knowhow and technology). We rely on a combination of copyrights, trademarks, service marks, trade secret laws and contractual restrictions to establish and protect our intellectual property. However, there are steps that we have not yet taken to protect our intellectual property on a global basis. Additionally, the steps that we have already taken to protect our intellectual property may not be sufficient or effective. Even if we do detect violations, we may need to engage in litigation to enforce our rights. While we take precautions designed to protect our intellectual property, it may still be possible for competitors and other unauthorized third parties to copy our technology and use our proprietary brand, content and information to create or enhance competing solutions and services, which could adversely affect our competitive position in our rapidly evolving and highly competitive industry. Some license provisions that protect against unauthorized use, copying, transfer and disclosure of our technology may be unenforceable under the laws of certain jurisdictions and foreign countries. We enter into confidentiality and invention assignment agreements with our employees and consultants and enter into confidentiality agreements with our third-party providers and strategic partners. We cannot assure you that these agreements will be effective in controlling access to, and use and distribution of, our platform and proprietary information. Further, these agreements do not prevent our competitors from independently developing technologies that are substantially equivalent or superior to our offerings. Such arrangements may limit our ability to protect, maintain, enforce or commercialize such intellectual property rights, including requiring agreement with or payment to our joint development partners before protecting, maintaining, licensing or initiating enforcement of such intellectual property rights, and may allow such joint development partners to register, maintain, enforce or license such intellectual property rights in a manner that may affect the value of the jointly-owned intellectual property or our ability to compete in the market. We have filed, and may continue in the future to file, applications to protect certain of our innovations and intellectual property. We do not know whether any of our applications will result in the issuance of a patent, trademark or copyright, as applicable, or whether the examination process will require us to narrow our claims. In addition, we may not receive competitive advantages from the rights granted under our intellectual property. Our existing intellectual property, and any intellectual property granted to us or that we otherwise acquire in the future, may be contested, circumvented or invalidated, and we may not be able to prevent third parties from infringing our rights to our intellectual property. Therefore, the exact effect of the protection of this intellectual property cannot be predicted with certainty. In addition, given the costs, effort, risks and downside of obtaining patent protection, including the requirement to ultimately disclose the invention to the public, we may choose not to seek patent protection for certain innovations. Any failure to adequately obtain such patent protection, or other intellectual property protection, could later prove to adversely impact our business. We currently hold various domain names relating to our brand, including Lemonade and Lemonade.com. Failure to protect our domain names could adversely affect our reputation and brand and make it more difficult for users to find our website and our online app. We may be unable, without significant cost or at all, to prevent third parties from acquiring domain names that are similar to, infringe upon or otherwise decrease the value of our trademarks and other proprietary rights. We may be required to spend significant resources in order to monitor and protect our intellectual property rights, and some violations may be difficult or impossible to detect. Litigation to protect and enforce our intellectual property rights could be costly, time-consuming and distracting to management and could result in the impairment or loss of portions of our intellectual property. Our efforts to enforce our intellectual property rights may be met with defenses, counterclaims and countersuits attacking the validity and enforceability of our intellectual property rights. Our inability to protect our proprietary technology against unauthorized copying or use, as well as any costly litigation or diversion of our management's attention and resources, could impair the functionality of our platform, delay introductions of enhancements to our platform, result in our substituting inferior or more costly technologies into our platform or harm our reputation or brand. In addition, we may be required to license additional technology from third parties to develop and market new offerings or platform features, which may not be on commercially reasonable terms or at all and could adversely affect our ability to compete. If we are unable to prevent the unauthorized use or exploitation of our intellectual property, the value of our brand, content, and other intangible assets may be diminished, competitors may be able to more effectively mimic our service and methods of operations, the perception of our business and service to customers and potential customers may become confused, and our ability to attract customers may be adversely affected. Any inability or failure to protect our intellectual property could adversely impact our business, results of operations and financial condition.

We use artificial intelligence ("AI") machine learning, and automated decision-making technologies, including proprietary AI and machine learning algorithms and models, (collectively "AI Technologies") throughout our business, and are making significant investments in this area. For example, we utilize the data gathered from the insurance application process to determine whether or not to write a particular policy and, if so, how to price that particular policy. Similarly, we use proprietary AI Technologies to process many of our claims. The data that we gather through our interactions with our customers is evaluated and curated by proprietary AI Technologies. We expect that increased investment will be required in the future to continuously improve our use of AI Technologies. As with many technological innovations, there are significant risks involved in developing, maintaining and deploying these technologies and there can be no assurance that the usage of or our investments in such technologies will always enhance our products or services or be beneficial to our business, including our efficiency or profitability. In particular, if the models underlying our AI Technologies are incorrectly designed or implemented; trained or reliant on incomplete, inadequate, inaccurate, biased or otherwise poor quality data, or on data to which we do not have sufficient rights or in relation to which we and/or the providers of such data have not implemented sufficient legal compliance measures; used without sufficient oversight and governance to ensure their responsible use; and/or adversely impacted by unforeseen defects, technical challenges, cybersecurity threats or material performance issues, the performance of our business, as well as our reputation could suffer or we could incur liability resulting from the violation of laws or contracts to which we are a party or civil claims. In addition, we may incorrectly price insurance products for our customers or incorrectly pay or deny claims made by our customers, either of which could result in customer dissatisfaction with us, which could cause customers to cancel their insurance policies with us, prevent prospective customers from obtaining new insurance policies, or cause us to underprice policies or overpay claims.

The markets in which we provide insurance are highly competitive. We compete against large traditional carriers who possess significant advantages in name recognition, financial ratings, capital resources, and the ability to offer "bundled" policies coverage at scale. Our future growth depends heavily on our ability to compete in all markets, including the homeowners and auto market where these traditional advantages are most pronounced. Furthermore, we face intense competition in specialized lines from Embrace and Trupanion in pet insurance, and from Progressive and GEICO in car insurance. We also face increasing pressure from technology companies entering the insurance space, as well as traditional carriers adopting technology similar to ours to erode our current market advantages. These competitors may offer more aggressive pricing or superior resources, and our ability to counter them may be hindered if our new products face regulatory delays or fail to receive approval. If we are unable to compete effectively against both established insurance giants and tech-first entrants, our business and financial results will be materially and adversely affected.

Our future growth and prospects depend on our ability to increase the premium per customer, as described in the section titled "Management's Discussion and Analysis of Financial Condition and Results of Operations." Our business model is premised on the expectation we can win customers early in their financial lives and retain them throughout their insurance life cycle. - Failure to Retain Customers During Life Transitions: The purchase of a home or a new vehicle is a significant life event where customers are exposed to third-party service providers (such as mortgage brokers, real estate agents, or car dealers) who may influence their insurance choices in ways we cannot. If we cannot successfully transition our core renters base into higher-premium products like homeowners or car insurance, our ability to increase premium per customer will be materially impaired. - Perception of Brand Quality vs. Incumbents: While we are a preferred brand among the next generation of buyers, as customers' assets grow, they may perceive traditional, larger insurers as offering higher quality or more "stable" coverage due to their longevity and financial ratings. If this perception leads customers to switch to incumbents as their insurance expenditures increase, we will fail to capture the anticipated growth. - Competitive Pricing Sensitivity: During major purchasing decisions, such as buying a home, the relative price difference between our products and those of our competitors may appear less significant to a consumer. If we are unable to maintain a competitive edge in both price and user experience during these transitions, our growth prospects will suffer. - Acquisition of New High-Value Customers: Beyond retaining existing customers, our growth depends on successfully acquiring new homeowners and car owners directly or through partners. If we are unable to penetrate these higher-priced segments effectively, our revenue growth may stagnate. If we fail to effectively manage these transitions or if our customers do not "graduate" to higher-premium products as expected, our results of operations and financial condition could be materially and adversely affected.

Some parts of our business depend on our relationships and contractual arrangements with third parties. If our third parties terminate business arrangements with us, or renew contracts on terms less favorable to us, we may fail to meet our business objectives and targets, and our cash flows, results of operations and financial condition could be adversely affected. For example, our life insurance product is offered through an arrangement with a life insurance provider. In these relationships, we rely on the third-party's internal controls, to manage the product. Our monitoring efforts of the third party providers and other service providers may not be adequate, or our providers could exceed their authorities or otherwise breach obligations owed to us, which could result in operational disruption, reputational damage and regulatory intervention and otherwise have a material adverse effect on our results of operation and financial condition. Furthermore, these third parties are subject to many of the same risks that we face, including those related to cybersecurity and fraudulent claims. These parties also experience intense competition in the segments of the insurance industry in which they operate. They may be acquired or form alliances with our competitors thereby reducing or eliminating their business with us. If we are unsuccessful in our ability to maintain successful relationships with these third-party service providers and implement our arrangements with them for any of these reasons, our business may be adversely affected.

Historically, insurers have experienced significant fluctuations in operating results due to competition, frequency and severity of catastrophic events, levels of capacity, adverse litigation trends, regulatory constraints, general economic conditions, and other factors. The supply of insurance is related to prevailing prices, the level of insured losses and the level of capital available to the industry that, in turn, may fluctuate in response to changes in rates of return on investments being earned in the insurance industry. As a result, the insurance business historically has been a cyclical industry characterized by periods of intense price competition due to excessive underwriting capacity as well as periods when shortages of capacity increased premium levels. Demand for insurance depends on numerous factors, including the frequency and severity of catastrophic events, levels of capacity, the introduction of new capital providers and general economic conditions. All of these factors fluctuate and may contribute to price declines generally in the insurance industry. We cannot predict with certainty whether market conditions will improve, remain constant or deteriorate. Negative market conditions may impair our ability to underwrite insurance at rates we consider appropriate and commensurate relative to the risk assumed. Additionally, negative market conditions could result in a decline in policies sold, an increase in the frequency of claims and premium defaults, and an uptick in the frequency of falsification of claims. If we cannot underwrite insurance at appropriate rates, our ability to transact business will be materially and adversely affected. Any of these factors could lead to an adverse effect on our business, results of operations and financial condition. Our revenue and results of operations may vary significantly from period to period due to a variety of factors, some of which are outside of our control, including changes in the number of customers purchasing our products and fluctuations in the timing and amount of our expenses. The insurance industry, and particularly renters and homeowners insurance, is also subject to seasonal patterns and volatility, including weather-related events that may be seasonal and may result in variability in claims reporting and payment patterns. As a result, period-to-period comparisons of our operating results may not be meaningful, and the results of any single period should not be relied upon as an indication of future performance. If our results of operations do not meet the expectations of investors or research analysts, our stock price could be adversely affected. We have experienced, and expect to continue to experience, seasonal fluctuations in revenues and growth rates driven by insurance purchasing patterns. For example, our revenues may be disproportionately higher in our third fiscal quarter due to seasonality in renter and homeowner move-in activity, which historically occurs in July, August, and September, and our growth may also be greater during that period. As our business expands and matures, additional seasonality trends may develop, and the seasonality and customer behavior we experience may change. Volatility in our key operating metrics, or failure to meet quarterly guidance or the expectations of research analysts or investors, could adversely affect our financial results and investor perceptions of our business prospects and cause our stock price to decline.