MarketWise (MKTW) Risk Factors

Under Sections 3(a)(1)(A) and (C) of the U.S. Investment Company Act of 1940, as amended (the "Investment Company Act"), a company generally will be deemed to be an "investment company" for purposes of the Investment Company Act if (1) it is, or holds itself out as being, engaged primarily, or proposes to engage primarily, in the business of investing, reinvesting, or trading in securities or (2) it engages, or proposes to engage, in the business of investing, reinvesting, owning, holding, or trading in securities and it owns or proposes to acquire investment securities having a value exceeding 40% of the value of its total assets (exclusive of U.S. government securities and cash items) on an unconsolidated basis. MarketWise, Inc. does not believe that it is an "investment company" as such term is defined in either of those sections of the Investment Company Act. As the sole managing member of MarketWise, LLC, MarketWise, Inc. will control MarketWise, LLC. On that basis, MarketWise, Inc. believes that its interest in MarketWise, LLC is not an "investment security" as that term is used in the Investment Company Act. However, if MarketWise, Inc. were to cease participation in the management of MarketWise, LLC, its interest in MarketWise, LLC could be deemed an "investment security" for purposes of the Investment Company Act. MarketWise, Inc. and MarketWise, LLC intend to conduct their respective operations so that MarketWise, Inc. will not be deemed an investment company. However, if MarketWise, Inc. were to be deemed an investment company, restrictions imposed by the Investment Company Act, including limitations on MarketWise's capital structure and its ability to transact with affiliates, could make it impractical for us to continue our business as contemplated and could have a material adverse effect on our business.

We may be subject to claims for securities law violations, defamation (including libel and slander), negligence, or other claims relating to the information we publish, including our research. For example, investors may take legal action against us if they rely on published information that contains an error, or a company may claim that we have made a defamatory statement about it or its employees. We rely on a variety of outside parties as the original sources for the information we use in our published data. These sources include securities exchanges and other data providers. We also incorporate data from a variety of third-party sources. Accordingly, in addition to possible exposure for publishing incorrect information that results directly from our own errors, we could face liability based on inaccurate data provided to us by others. We could be subject to claims by providers of publicly available data and information we compile from websites and other sources that we have improperly obtained that data in violation of the source's copyrights or terms of use or based on the provisions of legislation that limit the bases on which businesses can collect personal information from and about individuals. We could also be subject to claims from third parties, such as securities exchanges, from which we license and redistribute data and information that we have used or redistributed the data or information in ways not permitted by our license rights, or that we have inadequately permitted our subscribers to use such data. The agreements with such exchanges and other data providers give them extensive data use audit rights, and such audits can be expensive and time consuming and potentially result in substantial fines. Defending claims based on the information we publish could be expensive and time-consuming and could adversely impact our business, operating results, and financial condition.

Our provision for income taxes is subject to volatility and could be adversely affected by a number of factors, including earnings differing materially from our projections, changes in the valuation of our deferred tax assets and liabilities, expected timing and amount of the release of any tax valuation allowances, tax effects of share-based compensation, outcomes as a result of tax examinations, or changes in tax laws, regulations, accounting principles, including accounting for uncertain tax positions, or interpretations thereof. To the extent that our provision for income taxes is subject to volatility or adverse outcomes as a result of tax examinations, our operating results could be harmed. Significant judgment is required to determine the recognition and measurement attribute prescribed in GAAP relating to accounting for income taxes. In addition, we are subject to examinations of our income tax returns by the U.S. Internal Revenue Service (the "IRS") and other tax authorities. We assess the likelihood of adverse outcomes resulting from these examinations to determine the adequacy of our provision for income taxes. There may be exposure that the outcomes from these examinations will have an adverse effect on our business, financial condition, and results of operations.

Our products and websites routinely collect, store, process, and transmit personal information about an individual, including personally identifiable information and personal financial information such as credit card information. We are subject to various laws and related regulations relating to data privacy, data protection, and information security. Such laws and regulations restrict and set standards for how personal information is collected, processed, stored, used, and disclosed, and mandate certain security requirements, implement notice requirements regarding privacy practices, and provide individuals with certain rights regarding the maintenance, use, disclosure, and sale of their protected personal information. If we are found to have breached any such laws, regulations, or industry standards, we may be subject to enforcement actions that require us to change our business practices in a manner that may negatively impact our revenue, as well as expose us to litigation, fines, regulatory enforcement, injunctive orders to cease or change our data processing activities, civil and/or criminal penalties, and adverse publicity that could cause our customers to lose trust in us, negatively impacting our reputation and business in a manner that harms our financial position. In the United States, both federal and various state governments have adopted or are considering, laws, guidelines, or rules for the collection, distribution, use, and storage of information collected from or about consumers or their devices. For example, California enacted the California Consumer Privacy Act of 2018 (the "CCPA"), which came into force in 2020. The CCPA creates a broad range of individual privacy rights for California residents and increases the privacy and security obligations of businesses handling personal information. The CCPA is enforceable by the California Attorney General and the California Privacy Protection Agency (as described below), and there is also a private right of action relating to certain data security incidents that may increase security breach litigation. Furthermore, California voters approved the California Privacy Rights Act (the "CPRA") on November 3, 2020, which further amends and expands the CCPA, and became effective on January 1, 2023. The CPRA's amendments to the CCPA impose additional data protection obligations on covered companies, including certain consumer rights processes, the right to correct personal information, and opt-outs for certain uses of sensitive personal information and the sharing of personal information for targeted advertising purposes; such requirements look back to January 2022. The CPRA's amendments also created a new enforcement bureau, the California Privacy Protection Agency. In addition, starting January 1, 2023, personal information collected about California's residents acting in a personnel/employee or business-to-business context came fully within scope of the CCPA. The CCPA has also encouraged similar laws in other states across the country. For example, Virginia enacted the Virginia Consumer Data Protection Act (the "VCDPA"), another comprehensive state privacy law, which also became effective January 1, 2023. Also in 2021, Colorado enacted the Colorado Privacy Act (the "CPA") and Connecticut enacted the Connecticut Data Privacy Rights Act (the "CTDPA"), both of which go into effect July 1, 2023, and Utah enacted the Utah Consumer Privacy Act (the "UCPA"), which went into effect December 31, 2023. Additional states are continuing to adopt similar laws and others are continuing to consider the adoption of similar laws. A number of other proposals exist for new federal and state privacy legislation that, if passed, could increase our potential liability, increase our compliance costs, modify our data processing practices and materially and adversely affect our business, prospects, financial condition and operating results. Our compliance with these changing and increasingly burdensome, and sometimes conflicting regulations and requirements, may cause us to incur substantial costs or require us to change our business practices, which may impact financial results. If we fail to comply with these regulations or requirements, we may be exposed to litigation expenses and possible significant liability, fees, or fines. We cannot fully predict the impact of the CCPA, VCDPA, CPA, CTDPA and UCPA, or subsequent guidance, regulations or rules on our business or operations, including those that are still in draft form, but it may increase our compliance costs and potential liability, particularly in the event of a data breach, and could have a material adverse effect on our business, including how we use personal information, our financial condition, and the results of our operations or prospects. We are also subject to payment card association operating rules, certification requirements, and rules governing electronic funds transfers, including the Payment Card Industry Data Security Standard (the "PCI DSS"), a security standard applicable to companies that collect, store, or transmit certain data regarding credit and debit cards, holders, and transactions. Under the PCI DSS and our contracts with our card processors, if there is a breach of payment card information that we store, we could be liable to the banks that issue the payment cards for their related expenses and penalties. In addition, if we fail to follow payment card industry data security standards, even if there is no compromise of customer information, we could incur significant fines, have significant reserves imposed on our accounts, or lose our ability to give our customers the option of using payment cards. If we were unable to accept payment cards, our business would be materially harmed. In addition, laws in countries outside of the United States create significant compliance obligations and liability. For example, to the extent our operations are subject to the EU General Data Protection Regulation (Regulation 2016/679 and applicable national supplementing laws and the UK data protection regime consisting primarily of the UK General Data Protection Regulation and the UK Data Protection Act 2018 (together referred to as the "GDPR"), this will create an ongoing compliance commitment and substantial costs, in relation to our collection, processing, sharing, disclosure, transfer and other use of personal data. Ensuring compliance with the GDPR could involve substantial costs, and it is possible that, despite our efforts, competent authorities or third parties will assert that our business practices fail to comply. If our operations are found to be in violation of the GDPR, we may be required to change our business practices and/or be subject to significant civil penalties, regulatory enforcement, business disruption, and reputational harm, any of which could have a material adverse effect on our business. In particular, if we or our vendors fail to comply with the GDPR and the applicable national data protection laws of the EU or European Economic Area member states, or if regulators assert we have failed to comply with these laws, it may lead to regulatory enforcement actions, which can result in significant monetary penalties and other administrative penalties. We are also subject to evolving EU and UK privacy laws on cookies, tracking technologies and e-marketing practices. Recent European court decisions, and regulators' recent decisions and guidance are driving increased attention to cookies, tracking technologies, and e-marketing practices. If the trend of increasing enforcement continues, this could increase our liability exposure and lead to substantial costs. It could also require significant systems changes, limit the effectiveness of our marketing activities, divert the attention of our technology personnel, adversely affect our margins, increase costs and subject us to additional liabilities. It may lead to broader restrictions and impairments on our marketing and personalization activities and may negatively impact our efforts to understand users. As we continue to expand into other foreign countries and jurisdictions, we may also be subject to additional laws and regulations that may affect how we conduct business. For example, Brazil enacted the General Data Protection Law, New Zealand enacted the New Zealand Privacy Act, China enacted its Personal Information Protection Law, and Canada introduced the Digital Charter Implementation Act. We make disclosures and statements regarding our use of personal information through our privacy policies and statements through our products and websites as required by privacy or data protection regulations. Failure (or perceived failure) to comply with our public statements or to adequately disclose our privacy or data protection practices could result in costly investigations by governmental authorities, litigation, and fines, as well as reputational damage and customer loss, which could have material impacts on our revenue and operations. This includes, but is not limited to, lawsuits and enforcement actions brought under the federal FTC Act, state unfair competition laws, state wiretap statutes, and similar laws and regulations. We also from time to time acquire other companies that collect and process personal information. While we perform due diligence on the technology systems of these companies, there can be no assurance that such companies have not suffered data breaches or system intrusions prior to, or continuing after, our acquisition for which we may be liable. While we maintain insurance coverage that is intended to address certain aspects of cybersecurity and data protection risks, such coverage may not be sufficient to cover all or the majority of the costs, losses, or types of claims. Our insurance covers reimbursement for lost net profits or increased net loss of profits resulting from adverse publicity concerning an actual or alleged network impairment or privacy event. While it does not cover the costs for improvements to our systems, it does cover costs to restore our system operations. Our use of AI may create significant compliance obligations and liability. For example, the EU is about to adopt a proposed regulation related to AI which will impose onerous obligations on developers, manufacturers,importers and users of AI systems. Other jurisdictions are also considering adopting regulation on AI. Our use of this technology could thus result in additional compliance costs, regulatory investigations and actions, and consumer lawsuits. Further, our use of AI may conflict with certain privacy laws and could create liability risks.

Our subscribers pay for our services using a variety of different payment methods, including credit and debit cards, prepaid gift cards, and direct debit. We rely on internal systems, as well as those of third parties, to process payments. Acceptance and processing of these payment methods are subject to certain rules and regulations, including additional authentication requirements for certain payment methods, and require payment of interchange and other fees, which may increase over time and raise our operating costs and lower our profit margins. For example, we have in the past experienced higher transaction fees from our third-party processors as a result of chargebacks on credit card transactions. Frequently changing credit card company terms and conditions may result in the way we accept payments being deemed non-compliant and potentially cause us to be suspended or terminated by our payment processors. To the extent there are increases in payment processing fees or the cash reserves required by third party payment processors, material changes in the payment ecosystem, such as large re-issuances of payment cards, changes in public perception and confidence in the payment systems we are utilizing, delays in receiving payments from payment processors, changes to rules or regulations concerning payments, loss of payment partners, and/or disruptions or failures in our payment processing systems, partner systems, or payment products, including products we use to update payment information, our revenue, operating expenses, and results of operations could be adversely impacted. In addition, from time to time, we encounter fraudulent use of payment methods, which could impact our results of operations and, if not adequately controlled and managed, could create negative consumer perceptions of our products and services. If we are unable to maintain our fraud and chargeback rate at acceptable levels, card networks may impose fines and/or reserves, our card approval rate may be impacted, and we may be subject to additional card authentication requirements. The termination of our ability to process payments on any major payment method would significantly impair our ability to operate our business.

Our ability to compete in the marketplace depends upon our ability to recruit and retain key employees, including executives to operate our business, technology personnel to run our publishing, commerce, communications, video, and other systems, direct marketers to sell subscriptions, and salespersons to sell our subscriptions, and financial editors and analysts to fulfill our editorial products. Several of our employees are bound by agreements containing non-competition provisions. There are rapidly evolving laws governing the effectiveness and usage of non-competition provisions. There can be no assurances that these arrangements with key employees will provide adequate protections to us or will not result in management changes that would have material adverse impact on us. In addition, we may incur increased costs to continue to compensate our key executives, as well as other employees, through competitive salaries, stock ownership, and bonus plans. Nevertheless, we can make no assurances that these programs will allow us to retain our management or key employees or hire new employees. The loss of one or more of our key employees, or our inability to attract experienced and qualified replacements, could materially adversely affect our business, results of operations, and financial condition. In addition, some of our products, particularly our editorial products, reflect the talents, efforts, personalities, investing skills, portfolio returns, and reputations of their respective editors and analysts. As a result, the services of these key editors and analysts form an essential element of our revenue. There is a limited pool of editors and analysts who have the requisite personality, skills, training, and education necessary to meet our standard for our editorial products. We compete with many businesses and organizations that are seeking skilled individuals, particularly those with experience in the financial industry and those with degrees in technical fields, who are particularly critical to our editorial products. Competition for such professionals can be intense, as other companies seek to enhance their positions in the markets we serve. If we are unable to retain key editors and analysts, or should we lose the services of one or more of them to death, disability, loss of reputation, or any other reason, or should their popularity diminish or their investing returns and investing ideas fail to meet or exceed benchmarks and investor expectations, we may fail to attract new editors and analysts acceptable to our subscribers. Therefore, the loss of services of one or more of our key editors and analysts could have a material adverse effect on our business, results of operations, and financial condition.