Magnite (MGNI) Risk Factors

We face intense competition in the marketplace and are confronted by rapidly changing technology (including advancements in artificial intelligence), evolving industry standards and consumer needs, regulatory changes, and the frequent introduction of new solutions by our competitors to which we must adapt and respond. Our future success will depend in part upon our ability to enhance our existing solution and to develop and introduce competing new solutions in a timely manner with features and pricing that meet changing client and market requirements. Our solutions are complex and require a significant investment of time and resources to develop, test, introduce, and enhance. We schedule and prioritize our development efforts according to a variety of factors, including our perceptions of market trends, client requirements, and resource availability; however, we may encounter unanticipated difficulties that require us to re-direct, scale back, or modify our efforts. If development of our solution becomes significantly more expensive due to changes in regulatory requirements or industry practices, or other factors, we may find ourselves at a disadvantage to larger competitors with more resources to devote to development. These factors place significant demands upon our engineering organization, require complex planning, and can result in acceleration of some initiatives and delay of others. We use outsourced software development for certain development efforts, which may put the company at greater risk with respect to our technology development because we may have less control over the performance of outside programmers and we may be at greater risk of losing their services. To the extent we do not manage our development efforts efficiently and effectively, we may fail to produce solutions that respond appropriately to the needs of buyers and sellers, and competitors may more successfully develop responsive offerings. If our solution is not competitive, buyers and sellers can be expected to shift their business to competing solutions. Buyers and sellers may also resist adopting our new solutions for various reasons, including reluctance to disrupt existing relationships and business practices or to invest in necessary technological integration. Clients, vendors, and competitors may also react negatively to the announcement of new products and offerings, which may have a harmful effect on our relationships and our business.

Our success depends, in part, on our ability to protect proprietary methods and technologies that we develop or otherwise acquire, so that we can prevent others from using our inventions and proprietary information. Establishing trade secret, copyright, trademark, domain name, and patent protection is difficult and expensive. We rely on trademark, copyright, trade secret laws, confidentiality procedures and contractual provisions to protect our proprietary methods and technologies. It may be possible for unauthorized third parties to copy or reverse engineer aspects of our technology or otherwise obtain and use information that we regard as proprietary, or to develop technologies similar or superior to our technology or design around our proprietary rights, despite the steps we have taken to protect our proprietary rights. From time to time, we may take legal action to enforce our intellectual property rights, protect our trade secrets, determine the validity and scope of the proprietary rights of others, or defend against claims of infringement. Such litigation could result in substantial costs and the diversion of limited resources, and might not be successful. If we are unable to protect our proprietary rights (including aspects of our technology solution) we may find ourselves at a competitive disadvantage.

Our revenue depends on the technological ability of our solution to deliver and measure advertising impressions, and the operation of our exchange and our ability to place impressions depend on the continuing and uninterrupted performance of our IT systems. Our platform operates on our data processing equipment that is housed in third-party commercial data centers that we do not control or on servers owned and operated by cloud-based service providers. We rely on multiple bandwidth providers, multiple internet service providers, as well as content delivery network, or CDN providers, and domain name systems, or DNS providers, and mobile networks to deliver video ads. In addition, our systems interact with systems of buyers and sellers and their contractors. Any damage to, or failure of, these systems could result in interruptions to the availability or functionality of our service. Moreover, the failure of our data center hosting facilities or any other third-party providers to meet our capacity requirements, or dramatically increased costs of such resources, could result in interruptions in the availability or functionality of our solutions or impede our ability to scale our operations. All of these facilities and systems are vulnerable to interruption and/or damage from a number of sources, many of which are beyond our control, including, without limitation: (i) loss of adequate power or cooling and telecommunications failures; (ii) fire, flood, earthquake, hurricane, and other natural disasters; (iii) software and hardware errors, failures, or crashes; (iv) financial insolvency; and (v) computer viruses, malware, hacking, terrorism, and similar disruptive problems. In particular, intentional cyber-attacks present a serious issue because they are difficult to prevent and remediate and can be used to defraud our buyers and sellers and their clients and to steal confidential or proprietary data from us, our clients, or their users. The use of artificial intelligence has the potential to further exacerbate these cyber security threats. Further, because our Los Angeles office and San Francisco offices and our California data center sites are in seismically active areas, earthquakes present a particularly serious risk of business disruption. These vulnerabilities may increase with the complexity and scope of our systems and their interactions with buyer and seller systems. Malfunction or failure of our systems, or other systems that interact with our systems, or inaccessibility or corruption of data, could disrupt our operations and negatively affect our business and results of operations to a level in excess of any applicable business interruption insurance, result in potential liability to buyers and sellers, and negatively affect our reputation and ability to sell our solution.

We believe that the elimination of third-party cookies has the potential to shift the programmatic ecosystem from an identity model powered by buyers that are able to aggregate and target audiences through cookies and other tracking technologies to one enabled by sellers that have direct relationships with consumers and are therefore better positioned to obtain user data and consent for implementing first party identifiers. While we believe that our platform and scale position us well to provide the infrastructure and tools needed for a publisher-centric identity model to succeed, there is no guarantee that our efforts will lead to an increase of the use of first-party publisher segments in the ecosystem. It is also possible that the increased use of first-party publisher segments will disproportionately benefit sellers or the large walled gardens that have access to large amounts of first party data. Additionally, these changes could create some variability in our revenue across certain buyers or sellers, depending on the timing of changes and developed solutions, and even if there is an increase in the proliferation of first-party publisher segments, we may still incur substantial re-engineering costs to optimize our solution for use with such segments.

In the mobile and desktop channels, the vast majority of sellers have embraced header bidding technology, a solution by which impressions that would have previously been exposed to different potential sources of demand in a sequence dictated by ad server priorities are instead available for concurrent competitive bidding by demand sources. This can help sellers increase revenue by exposing their inventory to more bidders, thereby allocating more inventory to demand sources that value it most highly. While header bidding has increased our access to certain pools of inventory that otherwise would have been allocated first to other exchanges, thus increasing our revenue opportunity, it has also resulted in a number of challenges for our business. For instance, some sellers may choose not to integrate with us as a header-bidding demand source, or may prioritize other sources of demand, including owners of the header bidding solutions, leaving us at a competitive disadvantage in the auction. In addition, header-bidding has vastly increased the volume of ad requests that need to be processed and analyzed through our system, resulting in increased infrastructure costs. If we are unable to improve the efficiency and effectiveness of our header bidding solutions and installations, we may not fully offset these increased infrastructure costs, and we will not be able to take full advantage of the opportunities made available through current header bidding technology to access a larger addressable market and increase our revenue by capturing a greater share of inventory. In addition, our success in monetizing impressions through header-bidding solutions is dependent on the interoperability of our platform with proprietary header-bidding solutions, some of which are owned by our competitors, including Google. As a result, we may be susceptible to evolution in technology and changes in business practices by the owners of such header-bidding solutions that we cannot predict. While header-bidding technologies have not been largely adopted by CTV sellers, such solutions or similar solutions geared towards increasing demand competition may become more prevalent in the future. If we are not able to effectively offer or adapt our technology to such solutions, it may lead to increased competition for CTV inventory, resulting in reduced opportunities or higher costs to monetize such inventory. We have addressed the market need for such requirements in part, through our ad server, SpringServe, which offers a unified programmatic demand solution for CTV, which leverages our existing programmatic SSP capabilities and connects with third party programmatic demand sources. However, this is a new offering and it may not be adopted by clients, or such clients may adopt competing solutions. While still relatively nascent, as the programmatic market for CTV advertising continues to mature, other ad serving or similar technology platforms are likely to enter the market and/or gain market share, creating additional competitive pressure and attendant risks.

As digital advertising has continued to scale and evolve, the amount of advertising being bought and sold programmatically has increased dramatically. Despite the opportunities created by programmatic advertising, CTV sellers have been slower to adopt programmatic solutions compared to desktop and mobile video sellers. Many CTV sellers have backgrounds in cable or broadcast television and have limited experience with digital advertising, and in particular programmatic advertising. For these sellers, it is extremely important to protect the quality of the viewer experience to maintain brand goodwill and ensure that online advertising efforts do not create sales channel conflicts or otherwise detract from their direct sales force. In this regard, programmatic advertising presents a number of potential challenges, including the ability to ensure that ads are brand safe, comply with business rules around competitive separation, are not overly repetitive, are played at the appropriate volume and do not cause delays in load-time of content. Our platform was designed to address these challenges and we have invested significant time and resources cultivating relationships with CTV sellers to establish best practices and evangelize the benefits of programmatic CTV. While we believe that programmatic advertising will continue to grow as a percentage of overall CTV advertising, there can be no assurance that CTV sellers will adopt programmatic solutions or the speed at which they may adopt such solutions. Any such failure or delay in adoption could negatively impact our finance results and growth prospects.

The European Union Privacy and Electronic Communications Directive (Directive 2002/58/EC), commonly referred to as the "ePrivacy Directive," and the GDPR require consent or another legal basis in order to process personal data for purposes of behavioral advertising, and there is currently significant risk and uncertainty regarding the standard for obtaining valid consent. Current regulatory developments indicate stricter interpretation of the ePrivacy Directive, meaning that data processing without consent will continue to decrease. End-user consent is difficult for ad tech intermediaries like us to obtain because we do not have direct relationships with such end users, so we have historically relied upon sellers to obtain consent for use of our technology. To the extent any seller does not adequately satisfy its consent obligations for our technology, we may face regulatory risk. Further, emerging regulatory guidance in the EU has challenged this method of obtaining consent. In 2018, IAB Europe released a tool, the Transparency and Consent Framework (the "TCF"), in order to assist sellers, advertisers and advertising technology providers, with passing signals related to the legal basis obtained for processing personal data. For example, the TCF is used to indicate in the bidstream when there is consent from end users in accordance with the ePrivacy Directive and GDPR. Following a decision by the Belgian Data Protection Authority ("ADP"), the TCF was revised in 2023. There is still significant uncertainty as to whether the new TCF (or any other) tool to convey legal basis (including consent) is acceptable to regulators as an appropriate mechanism to provide transparency and establish lawful grounds for processing, and a referral case is pending before the CJEU. Depending on its outcome, it may become difficult or impossible for us to rely on standardized solutions to provide transparency and compliance with consent requirements, which may increase costs and risks related to compliance. This legal uncertainty and evolving guidance may result in certain sellers removing personal data from their inventory, which would reduce the value to buyers. Legal standards and regulatory guidance will continue to evolve. National regulators in the UK and EU are evolving their guidance on the use of advertising technologies and compliance with the GDPR and ePrivacy Directive. This guidance may be burdensome or inconsistent across countries, and present challenges to the way we operate. As a result of all of the factors set forth above, our or our clients' ability to serve target advertisements may become significantly impaired or complicated in certain jurisdictions.

Our ability to fully utilize our net operating loss and tax credit carryforwards to offset future taxable income may be limited. At December 31, 2023, we had U.S. federal net operating loss carryforwards, or NOLs, of approximately $324.1 million, state NOLs of approximately $227.9 million, foreign NOLs of approximately $23.3 million, federal research and development tax credit carryforwards of approximately $4.4 million, and state research and development tax credit carryforwards of approximately $10.5 million. A lack of future taxable income would adversely affect our ability to utilize these NOLs and credit carryforwards. In addition, under Sections 382 and 383 of the Internal Revenue Code of 1986, as amended, or the Code, and comparable state income tax laws, a corporation that undergoes an "ownership change" is subject to limitations on its ability to utilize its NOLs and credit carryforwards to offset future taxable income following the ownership change. As a result, future changes in our stock ownership, including because of issuance of shares of common stock in connection with acquisitions or other direct or indirect changes in our ownership that may be outside of our control, could result in limitations on our ability to fully utilize our NOLs and credit carryforwards. The Company had an ownership change on December 31, 2016 subjecting the federal and state NOLs to annual limitations that have expired. Additionally, the Company had an ownership change in January 2008 resulting in not material limitation of federal and state NOLs under Section 382 of the Code and comparable state income tax laws. Moreover, not material federal and state NOLs and federal research and development tax credits were generated during the pre-acquisition period by corporations that we acquired, and thus those NOLs already are subject to limitation under Section 382 and 383 of the Code and comparable state income tax laws. Also,prior to the merger, Telaria acquired corporations with pre-acquisition NOLs that are subject to limitation under Section 382 of the Code and comparable state income tax laws. In addition, the Company and Telaria both underwent ownership changes for tax purposes (i.e. a more than 50% change in stock ownership in aggregated 5% shareholders) on April 1, 2020 due to the Merger. As a result, the use of the Company's total domestic NOL carryforwards and tax credits generated prior to the ownership change will be subject to annual use limitations under Section 382 and Section 383 of the Code and comparable state income tax laws. The Company believes that the ownership changes will not impact the ability to utilize substantially all of our NOLs and state research and development tax credits to the extent we generate taxable income that can be offset by such losses. The Company reasonably expects its federal research and development tax credits will not be recovered prior to expiration. Also, depending on the timing and level of our taxable income, a portion of our NOLs may expire unutilized, which could prevent us from offsetting future taxable income we may generate by the amount of our NOLs and credit carryforwards generated in tax years beginning before December 31, 2018. U.S. federal NOLs generated for tax years beginning before December 31, 2018 can offset 100% of taxable income, however, these NOLs can only be carried forward for 20 years. U.S. federal NOLs generated for tax years beginning after December 31, 2018 can offset 80% of taxable income, however, these NOLs can be carried forward indefinitely. We maintain a partial valuation allowance related to our NOLs, credit carryforwards, and other net deferred tax assets due to the uncertainty of the ultimate realization of the future benefits of those assets. To the extent we determine that all, or a portion of, our valuation allowance is no longer necessary, we will reverse the valuation allowance and recognize an income tax benefit in the reported financial statement earnings in that period. Once the valuation allowance is eliminated or reduced, its reversal will no longer be available to offset our current financial statement income tax provision in future periods. Release of the valuation allowance would result in the recognition of certain net deferred tax assets and a decrease to income tax expense for the period the release is recorded. However, the exact timing and amount of the valuation allowance release are subject to change on the basis of the level of profitability that we are able to actually achieve and the impact of Section 382.

Many local, state, federal, and international laws and regulations apply to the collection, use, retention, protection, disclosure, transfer, and other processing of data collected from and about consumers and devices, and the regulatory framework for privacy issues is evolving worldwide. Various U.S. and foreign governments, consumer agencies, self-regulatory bodies, and public advocacy groups have called for or implemented new regulation directly impacting the digital advertising industry. While California was the first state to enact an omnibus consumer privacy law in 2018, similar laws enacted by four other states became enforceable in 2023, each of which affect the digital advertising ecosystem. Numerous other states have recently passed similar laws, which go into effect throughout 2024 and beyond. In the coming months and years, we expect to see more state regulation, as well as potential federal regulation, aimed at the collection and use of data to target advertisements and communicate with consumers. Such legislation or regulation could affect the costs of doing business online and may adversely affect the demand for or the effectiveness and value of our solution. Recently enacted state laws define "personal information" or "personal data" in ways that capture the types of data that we collect, such as device identifiers and IP addresses. Under these laws, consumers have broad privacy rights (including rights of access and deletion), which bear similarity to some of the data subject rights granted to EEA and UK residents under the GDPR and UK GDPR. In addition, these laws require all businesses that engage in certain advertising uses of consumer personal information to offer and honor an opt-out of such activities, including, in some states, through browser or device-based preference signals. The implementation of these state laws and any corresponding regulations will cause us to incur additional compliance costs and may impose additional restrictions on us and on our industry partners. Separate from these comprehensive state consumer privacy laws, lawmakers continue to focus their efforts on data collection, processing, and disclosures by companies that do not have direct relationships with the consumers whose personal data they process. Several states, including California and Texas, have recently enacted or updated laws restricting the activities of data brokers. Notably, California recently passed the Delete Act, dramatically increasing obligations and potential penalties relative to the state's preexisting data broker statute. Beyond additional transparency requirements, beginning in August 2026, companies registered as data brokers in California (including Magnite), must honor universal deletion requests consumers make of all data brokers via a deletion mechanism the state will create. Beginning in 2028, data brokers must undergo audits verifying their compliance with the Delete Act. These obligations may reduce the data available to Magnite, require us to develop complex and expensive compliance tools and procedures, and may result in reductions in revenue. In the European Economic Area ("EEA") and the United Kingdom ("UK"), the General Data Protection Regulation, Regulation (EU) 2016/679 ("GDPR") and UK General Data Protection Regulation ("UK GDPR") respectively treat much of the end-user information that is critical to programmatic digital advertising as "personal data", subject to significant conditions and restrictions on its collection, use, transfer and disclosure. The GDPR and UK GDPR also set out substantial potential liabilities for certain data protection violations and create a compliance burden for us in the course of delivering our solution in Europe. Compliance stakes are high because penalties for violation of the law can reach up to the greater of 20 million Euros (GDPR)/£17.5 million (UK GDPR) or 4% of total worldwide annual turnover (revenue). Further, many governments are restricting the transmission or storage of information about individuals beyond their national borders. Such restrictions could, depending upon their scope, limit our ability to utilize technology infrastructure consolidation, redundancy, and load-balancing techniques, resulting in increased infrastructure costs, decreased operational efficiencies and performance, and increased risk of system failure. These laws and regulations are continually evolving, not always clear, and not always consistent across the jurisdictions in which we do business. Any failure to protect, and comply with applicable laws and regulations or industry standards applicable to, personal data or other data relating to consumers could result in enforcement action against us, including fines, imprisonment of our officers, and public censure, claims for damages by consumers and other affected individuals, damage to our reputation, and loss of goodwill.

Our success in the mobile channel depends upon the ability of our technology solution to provide advertising for most mobile-connected devices, as well as the major operating systems or Internet browsers that run on them and the thousands of applications that are downloaded onto them. The design of mobile devices and operating systems, applications, or Internet browsers is controlled by third parties. These parties frequently introduce new devices and applications, and from time to time they may introduce new operating systems or Internet browsers or modify existing ones in ways that may significantly affect our business, such as by providing ad-blocking capabilities or by limiting access to Internet user data. Network carriers may also affect the ability to access specified content on mobile devices. To the extent our solution is unable to work on these devices, operating systems, applications, or Internet browsers for any reason, our ability to generate revenue through mobile advertising is significantly impaired, and that impairment may be material. We expect mobile applications to be the largest driver of our mobile business. Many mobile apps utilize software development kits, or SDKs, and other proprietary technology of third parties, such as aggregators, and it is those third parties,not the application providers themselves, that contract with us to provide exchange services to help monetize the inventory. Due to this consolidation, if our relationships with these third parties decline or are terminated, it may result in a larger than usual loss of access to mobile inventory. Any rapid and/or significant decline in the availability of mobile inventory can adversely affect our mobile advertising spend and growth prospects.