Morningstar (MORN) Risk Analysis

321 Followers

Public companies are required to disclose risks that can affect the business and impact the stock. These disclosures are known as “Risk Factors”. Companies disclose these risks in their yearly (Form 10-K), quarterly earnings (Form 10-Q), or “foreign private issuer” reports (Form 20-F). Risk factors show the challenges a company faces. Investors can consider the worst-case scenarios before making an investment. TipRanks’ Risk Analysis categorizes risks based on proprietary classification algorithms and machine learning.

Morningstar disclosed 24 risk factors in its most recent earnings report. Morningstar reported the most risks in the “Finance & Corporate” category.

Risk Overview Q4, 2024

Risk Distribution

33% Finance & Corporate

25% Legal & Regulatory

21% Tech & Innovation

8% Production

8% Macro & Political

4% Ability to Sell

Finance & Corporate - Financial and accounting risks. Risks related to the execution of corporate activity and strategy

This chart displays the stock's most recent risk distribution according to category. TipRanks has identified 6 major categories: Finance & corporate, legal & regulatory, macro & political, production, tech & innovation, and ability to sell.

Risk Change Over Time

2022

S&P500 Average

Sector Average

Risks removed

Risks added

Risks changed

Morningstar Risk Factors

New Risk (0)

Risk Changed (0)

Risk Removed (0)

No changes from previous report

The chart shows the number of risks a company has disclosed. You can compare this to the sector average or S&P 500 average.

The quarters shown in the chart are according to the calendar year (January to December). Businesses set their own financial calendar, known as a fiscal year. For example, Walmart ends their financial year at the end of January to accommodate the holiday season.

Risk Highlights Q4, 2024

Main Risk Category

Finance & Corporate

With 8 Risks

Finance & Corporate

With 8 Risks

Number of Disclosed Risks

-1

From last report

S&P 500 Average: 32

-1

From last report

S&P 500 Average: 32

Recent Changes

1Risks added

2Risks removed

10Risks changed

Since Dec 2024

1Risks added

2Risks removed

10Risks changed

Since Dec 2024

Number of Risk Changed

+10

From last report

S&P 500 Average: 4

+10

From last report

S&P 500 Average: 4

See the risk highlights of Morningstar in the last period.

Risk Word Cloud

The most common phrases about risk factors from the most recent report. Larger texts indicate more widely used phrases.

Risk Factors Full Breakdown - Total Risks 24

Finance & Corporate

Total Risks: 8/24 (33%)Below Sector Average

Share Price & Shareholder Rights2 | 8.3%

Share Price & Shareholder Rights - Risk 1

The concentrated ownership position of Joe Mansueto could adversely affect our other shareholders.

As of December 31, 2024, Joe Mansueto, our Executive Chairman and Chairman of the Board, owned approximately 35.8% of our outstanding common stock. While Joe has reduced his percentage ownership of the company in recent years as part of a personal plan to diversify his assets, his concentrated ownership position gives him substantial influence over substantially all matters submitted to our shareholders for approval, including the election and removal of directors and any merger, consolidation, or sale of our assets. This concentration of ownership may disincentivize other shareholders from proposing the election of other persons to our board of directors, delay or prevent a change in control, impede a merger, consolidation, takeover, or other business combination involving Morningstar, discourage a potential acquirer from making a tender offer or otherwise attempting to obtain control of the company, or result in actions that may be opposed by other shareholders.

Share Price & Shareholder Rights - Risk 2

Changed

Future sales of our common stock and fluctuations in our operating results may negatively affect our stock price.

We believe our business has relatively high fixed costs, principally for compensation and benefits, and low variable costs, which has historically heightened the impact of revenue fluctuations on our operating results. As a result, a decline in our revenue may lead to a proportionally larger decline in operating income. Additionally, as a result of managing our business with a long-term perspective, we generally don't make significant adjustments to our strategy or cost structure in response to short-term factors. For example, if the US economy were to experience current inflationary pressures over a prolonged period, increased compensation and other expenses could adversely impact our operating results. In addition, as we do not provide earnings guidance and our executive team generally doesn't take one-on-one meetings with investors and research analysts, and given limited analyst coverage of our stock, our stock price may not, now or in the future, reflect the intrinsic value of our business and assets. If our operating results or other operating metrics fail to meet the expectations of outside research analysts and investors, the market price and trading volume of our common stock may decline. Additionally, our stock price may be susceptible to decline if our significant shareholders, including Joe Mansueto, were to sell substantial amounts of our common stock. A significant reduction in ownership by Joe or any other large shareholder over a short period of time could cause the market price of our common stock to fall.

Accounting & Financial Operations2 | 8.3%

Accounting & Financial Operations - Risk 1

The goodwill of our business and other intangible assets from our acquisitions could be impaired as a result of business conditions in the future, requiring us to record substantial impairments that would impact our operating income.

We assess the recoverability of recorded goodwill amounts on an annual basis or when evidence of potential impairment exists. Intangible assets are evaluated when events or changes in circumstances arise that indicate the carrying value of the asset may be unrecoverable. The impairment testing is based on several factors which require judgement from management. In general, changes in our business condition or changes in fair market valuations and our operating performance may result in future impairments of goodwill or intangible assets which could have a material adverse impact on our operating results. Additionally, our goodwill and intangible assets may become impaired if we fail to obtain our anticipated operating efficiencies associated with our acquisitions.

Accounting & Financial Operations - Risk 2

We cannot guarantee we will pay dividends in the future or make any repurchases of our common stock under our repurchase program.

We have historically paid cash dividends on our common stock, but there is no guarantee that such dividends will continue in the future. Whether our Board authorizes future dividends will depend on a number of factors, including, our results of operations, financial condition, contractual restrictions, restrictions imposed by applicable law, and other factors. Moreover, our Board may determine not to repurchase shares of our common stock pursuant to the share repurchase program we authorized on December 6, 2022. Refer to Note 18 of our Notes to our Consolidated Financial Statements for more information regarding our share repurchase program. Any failure to repurchase stock after we have announced our intention to do so may adversely impact our reputation and investor confidence in us and may adversely impact our stock price. The existence of our share repurchase program could cause our stock price to be higher than it otherwise would and could potentially reduce the market liquidity for our stock. Repurchase programs are also subject to potential excise tax as under the Inflation Reduction Act of 2022.

Debt & Financing2 | 8.3%

Debt & Financing - Risk 1

Changed

Our indebtedness could adversely affect our cash flow and financial flexibility. Our variable rate indebtedness could subject us to interest rate risk, which could cause our debt service obligations to increase significantly.

For an overview of our current outstanding indebtedness, refer to Item 7 - Management's Discussion and Analysis of Financial Condition and Results of Operations- Liquidity and Capital Resources below. Our long-term debt was $698.6 million at December 31, 2024. While our business has historically generated strong cash flow and we are in compliance with all of our debt covenants, borrowings under our current credit facility are floating rate. As a result, our annual debt service requirements are affected by rising interest rates and we cannot provide assurance that we will generate and maintain cash flows sufficient to permit us to service our indebtedness. Our ability to make payments on our indebtedness and to fund planned capital expenditures depends on our ability to generate and access cash in the future, which, in turn, is subject to general economic, financial, competitive, regulatory, tax and other factors, many of which are beyond our control. If we cannot refinance or otherwise pay our obligations as they mature and fund our liquidity needs, our business, financial condition, results of operations, cash flows, liquidity, ability to obtain financing and ability to compete in our industry could be materially adversely affected. In addition, any borrowings under our current credit facility bear interest at fluctuating interest rates based on the Secured Overnight Financing Rate (SOFR) which replaced London Interbank Offered Rate (LIBOR) as the reference rate under our credit facility. While SOFR is a secured rate, LIBOR was an unsecured rate, thus, there can be no assurance that SOFR will perform in the same way as LIBOR would have at any time, which may result in increased volatility in the interest rates payable under our credit facility and potentially increase our funding costs. Furthermore, the terms of our debt agreements include restrictive covenants that limit, among other things, our and our subsidiaries' financial flexibility and ability to implement certain transactions. If we are unable to comply with the restrictions and covenants in our debt agreements, there could be a default that, in some cases, if continuing, could result in the accelerated payment of our debt obligations or the termination of borrowing commitments on the part of the lenders under our Credit Agreement. Additionally, our current credit facility matures in September 2027. We may not be able to renegotiate or obtain additional or new financing on a timely basis or on terms favorable or acceptable to us. If we are unable to refinance or otherwise fund our liquidity needs, our business, financial condition, results of operations, cash flows, liquidity, and ability to compete in our industry could be materially adversely affected. Refer to Item 7-Management's Discussion and Analysis of Financial Condition and Results of Operations-Liquidity and Capital Resources for a description of the restrictive covenants in our debt agreements.

Debt & Financing - Risk 2

Added

Our insurance coverage may be inadequate or expensive.

We maintain voluntary and required insurance coverage, including, among others, general liability, property, director and officer, errors and omissions, network cybersecurity and privacy, employee practices liability, fidelity bond and fiduciary liability insurance and insurance required under ERISA at a significant annual cost, which is generally expected to increase over time. Further, while we endeavor to maintain coverage that we feel is appropriate to operations, size and general assessment of our risk, we are unable to predict with certainty the frequency, nature or magnitude of claims under these policies and our claims recovery experience. Our business may be negatively affected if insurance coverage proves to be inadequate or unavailable on acceptable terms or at all.

Corporate Activity and Growth2 | 8.3%

Corporate Activity and Growth - Risk 1

Our business is complex and has experienced significant growth in recent years which could strain our resources and infrastructure, and if we are unable to effectively scale our operations and increase productivity, we may not be able to successfully implement our business plan.

Our business has and continues to experience significant growth in our wide array of products and services and operational scale, which has placed a strain on and in the future may stress the capabilities of our management, administrative, operational and financial infrastructure. Significant additional investments, both in terms of management attention and one-time and annual costs, have been and are expected to continue to be required to effectively scale our operations and increase productivity across our organization, to address the needs of our customers, to further develop and enhance our products and services, to expand into new geographic areas, and to increase our operating margin over time. Such additional investments will increase our cost base, making it more difficult for us to offset any future revenue shortfalls by reducing expenses in the short term. We may not be able to make these investments as quickly or effectively as necessary to successfully and competitively scale our operations. Additionally, we have and may continue to dispose of businesses and reallocate resources to our other businesses and products we believe will help scale our business. In 2024, we made the decision to sunset our US TAMP and enter into a strategic alliance with AssetMark where they own the technology platform, allowing us to reallocate resources that would otherwise be used to maintain and improve our platform, to the expansion of our professionally managed investments products to more advisors across the US, which we believe is the best way to scale our business in the US. In 2024, we also made a strategic decision to dispose of our Commodity and Energy Data business, as we believed it was not a strategic focus for our business, allowing us to focus on other areas of our business. While we believe these strategic decisions will allow us to best scale our business, we cannot be certain that such reallocations will be successful in doing so. We regularly upgrade or replace our various software and data offerings and our operating systems and processes. If implementations are delayed, or if we encounter unforeseen problems with our upgraded or new offerings, systems and processes or in migrating away from existing offerings, systems and processes, our operations and our ability to manage our business could be negatively impacted. Our growth also places increasing demands on our functional resources to scale and optimize globally and to balance global consistency with local flexibility. Our sales and marketing teams are focused on multi-product-based strategies to bring the breadth of our offerings and the full value of our intellectual property to our customers. However, such sales efforts can breed customer confusion, implicate regulatory limits on how certain products or services can be sold and by whom in certain jurisdictions, and if coupled with misaligned incentive structures, can create opportunities for misconduct or excessive risk taking. Additional complexity also creates a need for clear responsibilities and ownership across various global teams within our company, which we may not be successful in implementing. We cannot be certain that growth or profitability will be at the same or higher level given the headwinds of deglobalization and political, regulatory, and cultural fragmentation. Our success will depend in part upon the ability of our senior management – including the senior management of any companies we acquire - to manage our business and strategies efficiently. To do so, we must continue to increase the productivity and effectiveness of our existing employee base and to hire, train and manage new employees who can meet or exceed our standards. If we fail to successfully scale our operations and increase productivity, we may be unable to execute our business plan and the value of our company could decline. The investment we make and additional resources we use to expand our operations, target new international customers and expand our presence globally may not produce desired levels of revenue or profitability, which could adversely affect our business and operating results.

Corporate Activity and Growth - Risk 2

Changed

Our strategic transactions, acquisitions and investments in companies or technologies may not result in the expected business or financial benefits, ultimately having an adverse effect on our operating results and our ability to deliver long-term value to our shareholders.

As a means to implement our business strategy, we periodically evaluate and make investments in, or acquisitions of, complementary businesses, services and technologies, and intellectual property rights, and expect to continue to make such investments and acquisitions in the future. However, there can be no assurance we can identify suitable investment or acquisition candidates at acceptable prices. In addition, although we conduct robust due diligence through cross-functional teams when making an acquisition, each acquisition presents potential challenges and risks, including the following: –difficulties in assimilating, integrating, or retraining acquired employees;–differences between our values and those of our acquired companies, as well as disruptions to our workplace culture;–diversion of financial and managerial resources from existing operations;–challenges relating to the potential entry into new markets in which we have little experience or where competitors may have stronger market positions;–difficulties in integrating acquired operations, including challenges with the acquired company's customers and partners;–challenges with the acquired company's third-party service providers;–challenges with integrating the acquired companies' technology, and –challenges and costs relating to known and potential unknown liabilities, technology or security vulnerabilities or regulatory investigations associated with the acquired businesses. From time to time, we engage in dispositions and divestitures of assets and entities, as a means to implement our business strategy, including the recent disposal of certain of our US TAMP assets and the sale of our Commodity and Energy Data business in 2024. The strategic transactions we ultimately pursue may be subject to various closing conditions, including review or approval by foreign and domestic regulatory authorities, which we may not obtain on a timely basis or at all, which could adversely impact our financial and operating results. In addition, strategic transactions may present financial, managerial and operational challenges such as diversion of managerial resources from core business functions, increased expenses associated with the transaction, potential disputes with customers, suppliers, or acquirers of disposed assets, and failure to achieve the expected economic benefits of the transaction, any of which could have a material adverse effect on our business and operating results. We also have made, and expect to continue to make, various investments in companies where we do not have or obtain a controlling interest. Such investments are motivated both by their prospective financial return and the access they give us to certain new technologies, products, business ideas, and management teams. While we obtain various rights in connection with such investments, the future value of such investments is highly dependent on the management skill of the managers of those companies, among other factors. Our ability to acquire or dispose of other businesses or technologies, make strategic investments or integrate acquired businesses effectively may be impaired by trade tensions and increased global scrutiny of foreign investments and acquisitions and investments in the technology sector. For example, several countries, including the US and countries in Europe and the Asia-Pacific region, are considering or have adopted restrictions of varying kinds on transactions involving foreign investments. Antitrust authorities in a number of countries have also reviewed acquisitions and investments in the technology industry with increased scrutiny. Governments may continue to adopt or tighten restrictions of this nature, and such restrictions or government actions could negatively impact our acquisition and investment opportunities, business and financial results. Acquisitions or divestitures may expose us to litigation from our shareholders or other third parties, which, even if unsuccessful, could be costly to defend and serve as a distraction to management.

Legal & Regulatory

Total Risks: 6/24 (25%)Above Sector Average

Regulation3 | 12.5%

Regulation - Risk 1

Compliance failures, regulatory action, or changes in laws could adversely affect our business.

The laws, rules, and regulations, and their interpretations, applicable to our business are extensive, may change in the future and may be inconsistent or vary by jurisdiction. We have not always been able to, and in the future may not be able to, comply with changes or variances in the laws, rules and regulations applicable to our businesses without making extensive changes to our business practices. In the recent past, the scope and pace of global regulatory change has both increased and involved shorter compliance time frames, which has increased the risk that we may fail to properly and timely identify, and adequately respond to the regulatory changes applicable to our operations. Regulations aimed at increasing transparency for investors or providing individuals greater control over their own data may devalue the investments we have made in our data sets or reduce their use cases. In addition, the broad, diverse and global scope of our business operations makes it more difficult to monitor areas that may be subject to regulatory and compliance risk, as well as monitor and implement changes that may vary by jurisdiction. If we fail to comply with any applicable law, rule, or regulation, we could be fined, sanctioned, or barred from providing certain products and services in the future, which could adversely affect our reputation, business and financial results. We are subject to various anti-corruption laws that prohibit improper payments or benefits or offers of payments or benefits to foreign governments and their officials and, in some cases, to employees of a business for the purpose of directing, obtaining or retaining business. We conduct business in countries and regions with anti-corruption laws that may vary in substance, complexity and application when compared to that of the US, which could result in unauthorized payments or offers of payments by our employees or agents that may be in violation of anti-corruption laws. While we have implemented policies and trainings to prohibit these types of practices by our employees and agents, they may prove to be less than fully effective, and our employees or agents may engage in conduct for which we might be held responsible. If employees violate our policies or we fail to maintain adequate record-keeping and internal accounting practices to accurately record our transactions, we may be subject to regulatory fines, sanctions, damages or other penalties or costs, and may incur expenses relating to government investigations, inquires, or subpoenas, which could have a material adverse effect on our business, operating results, or financial condition and may damage our brand and reputation. Additionally, as we engage in global business activities, we are subject to international trade restraints, including economic and financial sanction laws and embargoes administered by the US Treasury Department's Office of Foreign Assets Controls, which prohibit or restrict the sale or supplying of certain products and services to embargoed or sanctioned countries, regions, governments, individuals, and entities. Although we have policies and procedures in place to promote compliance with such laws, there can be no assurance that they will be followed at all times or effectively detect and prevent all violations of such laws. These restraints have impacted, and may in the future impact our ability to continue to market and/or sell our products and services in these geographies, resulting in loss in revenue, and subject us to significant fines and penalties or cause us to incur expenses relating to government investigations, inquiries, or subpoenas if we fail to comply. While we have established policies and trainings aimed at preventing these types of activities, they may be ineffective. Furthermore, new, and additional trade restrictions may be introduced at any time and may require us to change our operations and increase our risk of noncompliance, and may expose us to increased compliance costs, which could have a material adverse effect on our business, operations, and financial results.

Regulation - Risk 2

Several of our businesses are highly regulated throughout the world and the regulatory environment is increasingly complicated and rapidly evolving.

The expansion of our business over time, including through acquisitions, has resulted in greater exposure to governmental regulation across our product lines. In some cases, such as with our credit ratings business, interactions with regulators are extensive and continuous, which is increasingly costly and resource intensive to manage. To the extent any of those interactions result in a finding of noncompliance, they could pose a significant reputational risk to us, expose us to fines, sanction and penalties and negatively impact our business. Regardless of source, allegations of improper conduct, whether the ultimate outcome is favorable or unfavorable to us, as well as negative publicity or media reports about Morningstar and its relationships with third parties, whether valid or not, may harm our brand and reputation and damage our business. Morningstar DBRS, our credit ratings business, operates in a highly regulated environment in Canada, the US, the UK, and the EU, requiring substantial ongoing compliance obligations with laws and regulations that govern credit ratings. At times, the scope, interpretation, and administration of these laws and regulations may also be uncertain, inconsistent across geographies and difficult to fully reconcile in a cost-efficient manner. Further, many aspects of credit ratings agency policies and practices and their compliance with applicable law, regulations, contracts and license arrangements are not the subject of definitive regulatory guidance or case law. Maintaining compliance with any expanded requirements that may be imposed by these laws and regulations can be time consuming and require significant resources. Morningstar DBRS is also subject to regular regulatory examinations and occasional investigations, which are time consuming and can impact day-to-day operations. Three of our subsidiaries, Morningstar Investment Management LLC (MIM), Morningstar Investment Services LLC, and Morningstar Research Services LLC, are registered as investment advisers with the SEC under the Advisers Act, which subjects them to requirements related to record-keeping, reporting and standards of care, in addition to fiduciary obligations owed to their clients. Morningstar Investment Services is also a broker/dealer registered under the Exchange Act and is subject to the rules of FINRA. The Morningstar Funds Trust is a registered open-end mutual fund for which MIM acts as the investment advisor under an investment management agreement, and, as a result, also subjects MIM to regulation under the Investment Company Act of 1940 and the Commodity Exchange Act. As registered investment advisers, these subsidiaries are subject to on-site examination by the SEC. In addition, in cases where these subsidiaries provide investment advisory services to retirement plans and their participants, they may be acting as fiduciaries under ERISA, which requires them to meet and uphold various fiduciary obligations. We may face liabilities for actual or claimed breaches of our fiduciary duties, particularly in areas where we provide retirement or investment advice and managed retirement accounts. In some of our retirement contracts, we act as an ERISA fiduciary by, for example, selecting and monitoring a broad range of diversified plan options. We also provide a managed account service for retirement plan participants who elect to have their accounts managed by our programs. Such activities are, and in the future may again be, the subject of class action litigation, including one such proceeding in which we have been named. Many of our asset management and financial advisor clients are similarly regulated. If our license products and services fail to satisfy the regulatory requirements applicable to these clients, we may lose their business. Our regulated investment services operations are subject to regulation in markets outside the US. Post Brexit, we made a strategic decision to restrict the provision of regulated investment management activity to EU domiciled clients in part to reduce regulatory risk. The UK-based Morningstar Wealth Platform (Platform) has regulatory compliance obligations related to, among other things, the safeguarding and administration of client monies and assets, due to the offering of regulated products and services in the UK. The Platform business has offices in Jersey, South Africa, and the United Arab Emirates, all of which are or have been subject to the Financial Action Task Force (FATF) grey list. Increased regulatory scrutiny in Jersey, which was recently removed from the FATF grey list, and South Africa, which is currently on the FATF grey list, increase compliance costs and exposes us to potential reputational harm. Our index business, Morningstar Indexes, is subject to regulations related to the oversight of the provision of benchmark administration services in the UK and EU. Specifically, the EU Benchmarks Regulation seeks to improve governance and controls over the benchmark process, in order to ensure that administrators effectively manage conflicts of interest. Furthermore, the regulations require administrators to improve the quality of input data and methodologies and ensure that contributors to benchmarks and the data they provide are subject to adequate controls. In addition, Morningstar Indexes has continued to monitor previously identified developments whereby the SEC sought comment on whether index providers, model portfolio providers and pricing services should be regulated as investment advisers or outsourced service providers in the US. These potential developments could increase regulatory exposure and compliance costs if and when adopted. Our Morningstar Sustainalytics business could be negatively affected by enhanced regulation of its research, ratings and data activities and other reporting requirements. The EU regulation for registering and supervising companies acting as external reviewers for green bonds aligned with the European Green Bond Standards (EuGBS) framework,and the EU legislation for registering and supervising companies that provide ESG ratings both require significant investments to build, implement and maintain appropriate operational and governance structures, internal controls and compliance processes. As legislation is evolving in the EU, other jurisdictions are also running consultation processes to put in place regulatory frameworks for these ratings, data and/or SPO providers, which contemplate governance policies, quality assurance and other internal control program requirements that may not be consistent with the EU. The final form of any of these regulations or other measures is still uncertain. Such regulatory regimes could impose significant compliance burdens and costs on Morningstar Sustainalytics and, as with all new regulation, could be subject to ambiguous interpretation that could result in inadvertent noncompliance. Furthermore, as our Morningstar Sustainalytics business operates globally we may be subject to additional future regulation in multiple jurisdictions, which may be inconsistent. Conversely, deregulation could lead to reduced demand for our Morningstar Sustainalytics products, which could impact our operating results and financial condition. Compliance failures by any of these highly regulated businesses could lead to negative publicity, fines, settlements, and/or temporary or permanent operating restrictions, which could have a material adverse impact on our operating results or financial condition. New and changing laws, regulations and regulatory implementation guidance may also affect the day-to-day operation of these businesses and our customers, including by imposing new or expanded requirements. Any failure to timely or adequately address these changes could have a material adverse impact on our business, operations and financial results.

Regulation - Risk 3

Changed

Changes in geopolitics and the regulatory landscape could adversely affect our ability to expand (and the demand for) our product and service offerings.

Morningstar's business plan involves, in part, expansion into new and adjacent product lines to anticipate and meet our customers' needs. Our ability to realize those opportunities in one of our businesses, however, may be hindered by regulatory requirements governing different businesses within the Morningstar group. In certain cases, regulatory sanctions against one of our businesses could affect our ability to continue to operate in unrelated regulated areas. In addition, the day-to-day sharing and optimization of the value of our intellectual property across our product lines can be affected by regulatory concerns. Similarly, differences in data privacy regimes and governmental surveillance rights applicable in specific countries significantly affect our workforce location strategy and technology infrastructure in relation to cross-border processing of personally identifiable information of customers, employees and other third parties. Such limitations, which seem likely to proliferate as global consensus regarding regulatory principles wanes, may impact our ability to execute on our strategy. The dynamics of today's geopolitical discourse may also impact business opportunities across different markets. European markets have more rapidly adopted environmental, social and governance focused products than in other parts of the world, and there is more agreement on these taxonomies, methodologies, and acceptable sources of data in that market. This has in part been driven by developing mandatory sustainable finance disclosure and anti-greenwashing regimes in the EU and UK. In the US, legislation, litigation, investigations or regulatory action or enforcement activities aimed at curbing these investing practices or penalizing institutions perceived as prioritizing these considerations could reduce the marketability of our products and adversely affect our ability to expand our product and service offerings. Stakeholder and customer opinions about such products, or preferences regarding their methodology or approach, are at times impacted by regional or national political trends which may differ significantly. Preferred terminology and information sources may similarly differ from place to place. In such an environment, Morningstar may struggle to maintain its reputation for methodological transparency and consistency which underpins the value and reputation of our research. The already fragmented global landscape of sustainable finance and ESG regulation is facing further disruption. The EU's plan to review and potentially revise its core sustainable finance and ESG frameworks adds another layer of complexity. These potential regulatory shifts could, depending on the final form they take, lead to a decrease in demand for certain of our products, including those offered by Morningstar Sustainalytics, which could have a material adverse effect on our operating results and financial condition. Increasingly, different stakeholder groups have divergent views on ESG matters, which increases the risk that any action or lack thereof will be perceived negatively by at least some stakeholders and adversely impact our reputation. As we continue to evaluate our own policies based on emerging regulations, the perceived failure to take actions at the company level that are, or seem, inconsistent with our own sustainability and corporate risk data, could adversely impact our brand and reputation.

Taxation & Government Incentives1 | 4.2%

Taxation & Government Incentives - Risk 1

As a global taxpayer, we face challenges due to increasing complexities in accounting for taxes (e.g., base erosion, minimum taxes, and tax transparency), which are high priorities in jurisdictions in which we operate and could materially affect our tax obligations and effective tax rate.

Our effective tax rate is based on the mix of income and losses in our US and non-US operations, statutory tax rates, and tax-planning opportunities available in the various jurisdictions in which we operate. We could be subject to changes in our tax rates, the adoption of new US or non-US tax legislation or exposure to additional tax liabilities. Due to economic and political conditions, tax rates in various jurisdictions may be subject to significant change. Our future effective tax rates could be affected by changes in the mix of earnings in countries with differing statutory tax rates including, impacts related to transfer pricing, changes in the valuation of deferred tax assets and liabilities, or changes in tax laws or their interpretation by relevant authorities. Significant judgment is required to evaluate our tax positions. Corporate tax reform, base-erosion efforts, and tax transparency continue to be high priorities in many jurisdictions in which we operate. In October 2021, the Organization for Economic Co-operation and Development (OECD) agreed to a two-pillar approach to global taxation focusing on global profit allocation (Pillar One) and a global minimum tax rate (Pillar Two). In December 2022, the EU member states agreed to implement the OECD's global corporate minimum tax rate of 15% under Pillar Two to be effective in January 2024. Other countries are also considering changes to their tax laws to adopt certain parts of the OECD's proposals. This legislation represents a significant change in the international tax regime and could result in increases to our effective tax rate as a result of the imposition of minimum taxes. While the Pillar Two minimum tax requirement is not anticipated to have a material impact on our current effective tax rate, we continue to monitor developments and administrative guidance in addition to evaluating the potential impact on our consolidated financial statements for future periods.

Environmental / Social2 | 8.3%

Environmental / Social - Risk 1

Changed

Environmental, social, and governance considerations could result in enhanced regulatory obligations and expose us to potential liabilities and increased costs.

In response to market demand we offer products, including those offered by Morningstar Sustainalytics, that could expose us to potential liability and increased regulatory costs. We are subject to laws, regulations, and other measures that govern a wide range of topics, including those related to matters beyond our core business. New laws, regulations, policies, and international agreements relating to environmental, social and governance matters are being developed, formalized and amended or revoked in the EU, the US, and elsewhere globally, which requires us to comply with specific, target-driven frameworks, disclosure and other requirements in jurisdictions. For instance, the European Union Corporate Sustainability Reporting Directive (CSRD), in its current form, applies to both EU and non-EU in-scope entities and requires such entities to provide expansive disclosures on various sustainability topics including climate change, biodiversity, workforce, supply chain, and business ethics. We expect CSRD will apply to our operations in the future. As such, we have assessed our obligations under CSRD, and we expect that compliance with CSRD will require significant effort in future years. In contrast, the future of any US regulation of sustainability matters is uncertain and if adopted may not align with the disclosures required by CSRD or other legal and regulatory requirements. Similarly, a number of US states have passed, or are in the process of adopting, broad climate change disclosure requirements. We believe we have implemented reporting frameworks and principles that we are currently subject to. We have also announced a number of goals and initiatives with the advice from external consultants, including on our decarbonization efforts, in accordance with standards, including, but not limited to, Task Force on Climate-Related Financial Disclosure (TCFD), Sustainability Accounting Standards Board (SASB), and Global Reporting Initiative (GRI). Morningstar has committed to decarbonize 50% of our scope 1 and scope 2 greenhouse gas emissions by 2030 and to publicly disclose our emissions annually. The practical implementation of initiatives, as well as compliance with emerging or amended mandatory regulations may require the expenditure of unanticipated or significant resources, management time and expense. Any failure, or perceived failure, by us to comply fully with mandatory ESG laws and regulations could harm our business, operating results, and financial condition.

Environmental / Social - Risk 2

Changed

We could face liability for failing to properly protect or use the information and data we collect, store, use, create, and distribute or the reports and other documents we publish or that are produced by our software products.

We may be subject to claims for securities law violations, defamation (including libel and slander), negligence, or other claims relating to the information we publish, including our research and ratings. For example, investors may take legal action against us if they rely on published information that contains an error, or a company may claim that we have made a defamatory statement about it or its employees. In addition, in our business unit containing our credit ratings offerings, we have access to significant amounts of material nonpublic information on issuers of securities and if such information is inadvertently disclosed or misappropriated by employees or others, we could be exposed to various liabilities under securities and other laws. Less significant errors could still require us to remove ratings, research, or data temporarily which could diminish the perceived value of the product or cause us to be deficient in our service-level agreements with clients that require us to meet certain obligations for delivering time-sensitive, up-to-date data and information. Some of our products support the investment processes or the client account reporting practices and other activities of our clients who manage significant assets of other parties. Use of our products as part of such activities creates the risk that clients, or the parties whose assets are managed by our clients, may pursue claims against us for losses that may have some connection to our products, and we may be subject to investigation of our products and their use by government regulators who regulate the business of our clients. In the case of software products, even though most of our contracts for such products contain limitations of our liability in such cases, we may be required to compensate such clients or their customers for losses in order to maintain our business relationships. We could also be subject to claims based on the content that is accessible from our website through links to other websites. Products and enhancements we develop or license have contained, and in the future may contain, undetected errors or defects despite testing or other quality assurance practices. Use of our products or services as part of the investment process and other activities creates the risk that our customers, investors, the companies that we rate or assess across our products, or the shareholders of those companies, may pursue claims against us based on even a small error in our data, calculations, methodologies, input, or analysis, or a malfunction or failure in our systems, products or services. We could be subject to claims by providers of data and information we compile from websites and other sources that we have improperly obtained that data in violation of the source's copyrights or terms of use. We could also be subject to claims from third parties, such as securities exchanges from which we license and redistribute data and information, that we have used or redistributed the data or information in ways not permitted by our license rights or that we have inadequately permissioned our clients to use such data. The agreements with such exchanges and other data providers give them extensive data use audit rights, and such audits can be expensive and time consuming and potentially result in substantial fees becoming payable. We could also be subject to claims from regulators that we have mishandled private ratings or nonpublic data and information, in particular in our business unit containing our credit ratings products. These regulatory bodies have audit rights regarding our data use which could have similar adverse consequences in terms of time, expense, or fines. Defending claims based on the information we publish could be expensive and time-consuming and could adversely impact our business, operating results, and financial condition. Additionally, we use and incorporate open-source code in our software development and our products, which could expose us to additional security risks, impede our ability to commercialize our products and services, and lead to additional costs. Security vulnerabilities with the use of open-source software could impact our products and services, which may result in the need for change control, testing and potential re-engineering efforts that could increase costs and impact our software development and products. Generally, open-source licenses will not contain warranties against infringement claims, or covering the quality or security of the code, and some licenses contain provisions requiring the public release of our proprietary source code if it is combined with the open-source code in a certain manner. The public release of our proprietary source code will put us at a competitive disadvantage, allowing competitors to develop similar products in less time and with minimal development efforts. In addition, many open-source licenses contain provisions which are ambiguous and have not been interpreted by US or other courts. Any unanticipated restrictions or conditions on our ability to use, or claims involving our use of, open-source licenses could require us to seek alternative third-party licenses at increased costs or reduced scope, re-engineer products or systems, or discontinue the licensing of certain products. Finally, our global business regularly seeks to optimize our data storage in order to improve information accuracy and streamline the technology, which supports our business operations. These efforts may be constrained by data privacy legislation, such as the General Data Protection Regulation (GDPR), which includes obligations regarding storage, transfer, and use of personal information from and about individuals, and which may limit the processing of information about individuals outside their home jurisdictions. Legislation aimed at protecting material nonpublic information or mitigating potential conflicts of interest further define how certain information can be accessed and retained which may result in less efficient or higher cost technological processes and infrastructure.

Tech & Innovation

Total Risks: 5/24 (21%)Above Sector Average

Innovation / R&D1 | 4.2%

Innovation / R&D - Risk 1

Changed

Failing to create innovative, proprietary and insightful product and service offerings, keep pace with new investor requirements, technology developments, and trends, or anticipate our clients' changing needs may negatively affect our competitive position and business results.

We believe innovation in financial information services and investable products available to investors and the various advisers and other intermediaries who serve them continues to accelerate. Developments in technology are fundamentally changing the ways investors, financial intermediaries, and other market participants access data and content, allowing for greater personalization of products customized to individual investor profiles and interests. These developments can render our existing products less competitive, obsolete or unmarketable. As a result, our future success will continue to depend upon our ability to identify and develop new products and enhancements that address the future needs of our current and target markets and to deliver them in ways that support our customers' investing needs and business models, and on our ability to keep pace with the competitive landscape for our products. Our core competencies are data, research, design, and technology, and we employ each of these to create products built on the depth and breadth of our data that are designed to clearly convey complex investment information. Our customers have access to our research, data and ratings directly on our proprietary desktop or web-based software platforms, or through subscriptions, data feeds, and third-party distributors. Our financial technology solutions also allow advisors to serve investors at all stages of the investing process. Morningstar's managed portfolio offerings help advisors outsource investment selection and asset allocation through proprietary portfolio strategies based on Morningstar's valuation-driven, fundamentals-based approach to investing. Applying its expertise in asset allocation, investment selection, and portfolio construction, our global investment team creates long-term investment strategies built on Morningstar's data and ratings. We also help retirement plan sponsors build high-quality savings programs for employees and advise participants in retirement plans on saving for retirement and choosing plan investments. We believe the breadth and depth of our current service offerings set us apart from our competitors, which we believe is a significant competitive advantage. If we fail to continuously innovate, incorporate, deploy and develop, as applicable, new datasets, research, methodologies, AI technologies, content or software to meet the needs of our customers, or fail to successfully communicate such innovations and developments in our offerings to our customers, our competitive position and business results may suffer. In addition, our reputation could be harmed if we are perceived as not moving quickly enough to meet the changing needs of investors or their financial advisors and may sacrifice new business opportunities or renewals from existing customers. These changing needs include a greater expectation that advice be delivered with a high degree of personalization. Investors are also increasingly focused on the security of data we collect from them, as well as the sharing of their data with third parties. Increased interest in alternative asset classes, including a focus on private market offerings, has also created a need for applicable datasets, research and analytical expertise. Our competitive position and business results may suffer if other companies have greater breadth of product offerings or are able to successfully and more quickly introduce innovative, proprietary research tools and software, including through the application of AI technologies. Further, despite our investments in, and commitment of resources to, leveraging AI in our products and activities, we may not be successful in generating revenues, creating efficiencies in our processes or generating cost savings from these efforts. The development of any new or updated products or capabilities can involve material investment, execution risks and challenges and we cannot guarantee that we will successfully adapt our product offerings to meet evolving customer needs or that the transition to such new offerings will be seamless. If we are unable to manage these investments and transitions successfully, our business, financial condition, and results of operations could be materially and adversely affected. As our financial intermediary customers further automate their business processes, their need for our products may change and the technological flexibility and interoperability of our systems may become more important. In addition, there has been an increasing focus on technology not merely supplying additional tools for users, but also offering solutions to specific client problems, such as those we are seeking to address for wealth advisors through bringing together our multiple wealth management capabilities around asset management, data aggregation and client portfolio management software. We have a myriad of potential technology investments across our product lines and need to prioritize scarce technology development resources to focus on products that best anticipate the needs and priorities of our customers. For example, in 2024 we made a strategic decision to sunset the Morningstar Wealth TAMP which was expected to require significant resources to maintain and improve, and instead have turned our focus to marketing our professionally managed investments products to more advisors across the US. Our technology is also heavily dependent on the quality and comprehensiveness of our data and our ability to successfully build analytics, research, and other intellectual property around that data. For example, in order to provide the personalized holistic advice that clients value, we need to collect and organize large, heterogeneous datasets and synthesize and effectively analyze the insights offered by this data. We are investing significant resources in consolidating our various data assets and improving their usability and deliverability across our platform of products. Our competitive position and business results may suffer if we fail to realize the value and potential of our data assets.

Trade Secrets1 | 4.2%

Trade Secrets - Risk 1

Failure to protect our intellectual property rights, or claims of intellectual property infringement against us, could harm our brand, our financial performance and our ability to compete effectively.

We rely primarily on patent, trademark, copyright, and trade secret rights, as well as contractual protections and technical safeguards, to protect our intellectual property rights and proprietary information. However, these steps may not be adequate to safeguard our brand, proprietary information and competitive advantage, and third parties may still be able to challenge, invalidate, or circumvent our rights or improperly obtain our proprietary information. Further, we may not be able to effectively utilize trademark, copyright, and trade secret protection in every country in which we offer our services or utilize our intellectual property. We believe our trademark rights with respect to the "Morningstar" name and logo, along with our subsidiaries' names and logos represent materially valuable intangible assets. We have encountered and may continue to encounter jurisdictions in which one or more third parties have a pre-existing trademark registration in certain relevant international trademark classes that may prevent us from registering these or other marks in those jurisdictions. Our continued ability to use the "Morningstar" name or logo, either on a stand-alone basis or in association with certain products or services, could be compromised in those jurisdictions because of these pre-existing registrations. Similarly, we have encountered and may continue to encounter situations in certain jurisdictions where one or more third parties are already using the "Morningstar" name, either as part of a registered corporate name, a registered domain name, or otherwise. Our ability to effectively market certain products and/or services or obtain adequate trademark protection in those locations could be adversely affected by these pre-existing usages. We have been and may continue to be subject to claims by third parties alleging infringement of their intellectual property rights. Such claims can also be alleged against clients, customers, or distributors of our products or services whom we have agreed to indemnify against third party claims of infringement. The defense of such claims can be costly and consume valuable management time and attention. We may be forced to settle such claims on unfavorable terms, which can include the payment of damages, the entry into royalty or licensing arrangements on commercially unfavorable terms, or the suspension of our ability to offer affected products or services. If litigation were to arise from any such claim, there can be no certainty we would prevail in it. If any of these risks were to materialize, it could have a material adverse effect on our business, financial condition, operating results or reputation. In addition, we are and continue to be susceptible to website spoofing attacks, where fraudulent websites are created to closely resemble our brand, products and offerings and are designed to lure potential clients to share personal sensitive information, such as login credentials, social security numbers, credit card information, bank account numbers, and in some instances send money to individuals portraying to be associated with our entities and brands. In addition to individual losses triggered by these attacks, these spoofing attacks could harm our brand and reputation, and negatively impact our ability to attract new clients and customers.

Cyber Security1 | 4.2%

Cyber Security - Risk 1

We could face significant reputational and financial consequences relating to cybersecurity and the protection of confidential information, including personal information about individuals.

Our business requires that we securely collect, process, store, and transmit confidential information, including personal information, relating to our operations, customers, employees, and other third parties. We continuously invest in systems, processes, controls, and other security measures designed to guard against the risk of improper access to or release of such information. However, these measures do not guarantee absolute security, and improper access to or the release of confidential information may still occur through employee error or malfeasance, system error, inadvertent release, failure to properly purge and protect data, failure to apply consistent security measures throughout our business, or cyberattack. We may also be subject to specific obligations relating to personal information and personal financial information. In certain cases, our products and websites collect, store, process, and transmit personal information about an individual, including financial information such as portfolio holdings, account numbers, and credit card information. Our business also operates across national borders and routinely moves personal information from one jurisdiction to another. Regulators and political leaders in various countries are increasingly interested in restricting cross-border data transfers that they perceive as problematic. We are and our customers often are subject to federal, state, and foreign laws relating to privacy, cybersecurity, and data protection. The scope of applicable laws may be uncertain and require practices that may be inconsistent with laws of other jurisdictions. In addition, the proliferation of personal information privacy regimes across the globe has made scalable and comprehensive compliance practices more complex and costly to implement. Consequently, our business is subject to a variety of continuously evolving and possibly conflicting regulations and customer requirements. Our compliance with these changing and increasingly burdensome regulations and requirements may cause us to incur substantial costs or require us to change our business practices, which may impact our financial results. If we fail to timely or adequately comply with these regulations or requirements, we may be exposed to litigation expenses and possible significant liability, fees, or fines. One of our core strengths is our ability to collect data and enrich it with data from another part of our business to provide valuable information and insights to investors. As data is accessible across our products, consistent data privacy practices and disclosure becomes more important and challenging. Failure to comply with our public statements or to adequately disclose our privacy or data protection practices could result in costly investigations by governmental authorities, litigation, and fines, as well as reputational damage and customer loss. We may be targeted by actors who are more sophisticated and have more resources than the actors our security program is designed to protect against. These actors may seek to attack our products and services or penetrate our network infrastructure to gain access to intellectual property, confidential or personal information, or to facilitate distributed denial of service attacks. While we have dedicated resources responsible for cybersecurity and have implemented systems and processes intended to help identify cyberattacks and protect and remediate security issues in our software and network infrastructure, these attacks have become increasingly frequent, sophisticated, and difficult to detect. Even in cases where an attack is ultimately detected, based on industry data, incidents may go undetected for several months. Our measures may not be adequate or designed to prevent all eventualities or all types or sources of attacks, and we may be vulnerable to circumvention of security systems, denial of service attacks or other cyberattacks, hacking including "hacktivism", "phishing" or other social engineering attacks, computer viruses, ransomware or malware, employee or insider error, employee or vendor malfeasance, physical breaches or other malicious actions. We offer a hybrid work environment, which provides employees with the flexibility to work remotely (and use personal devices) which introduces additional and unique risk management challenges. We may also be impacted by a cyberattack targeting one of our vendors or within our technology supply chain or infrastructure, including cloud providers. Our information technology systems interact with those of customers, vendors, and service providers and collect an increasing amount of confidential and other proprietary data as we expand our product and service offerings. As a result, inadequacies of third-party security technologies and practices introduce additional risk to our business in the event of ineffective cybersecurity programs and/or monitoring by these third parties. From time to time, we have acquired, and may in the future acquire, other businesses, and while we conduct due diligence on the technology systems and practices of these companies, there can be no assurance that acquired companies have not suffered data breaches or system intrusions prior to and potentially continuing after our acquisition for which we may be liable. We may face potential identified or unknown security vulnerabilities in acquired products that expose us to additional security risks and penalties, or that delay our ability to integrate the product into our service offerings; difficulties in increasing or maintaining at an acceptable cost the security standards for acquired technology consistent with our other services; difficulty in transitioning the acquired technology onto our existing platforms and customer acceptance of multiple platforms on a temporary or permanent basis; and challenges augmenting the acquired technologies and platforms to the levels that are consistent with our brand and reputation. In addition, acquired businesses may not have invested as heavily in security measures or data privacy controls as we have, and they may introduce additional cybersecurity and data privacy risks as their systems are integrated with ours. Any failure to safeguard confidential information or any material cybersecurity failures or incidents in our systems (or the systems of a customer, vendor, or service provider which stores or processes confidential information for which we are responsible, including cloud providers) could result in reputational harm, loss of customers, regulatory actions, sanctions or other statutory penalties, litigation, or financial losses and increased expenses related to addressing or mitigating the risks associated with any such material cybersecurity failures or incidents, which could have a material adverse effect on our operating results and financial condition.

Technology2 | 8.3%

Technology - Risk 1

Changed

AI technologies may present business, legal, and reputational risks as they are incorporated into our products and tools.

We use, and may continue to expand our use of, machine learning and AI technologies into certain of our products and processes. If we fail to keep pace with rapidly evolving AI technological developments or if other firms implement AI technologies more effectively than we do, our competitive position and business results may suffer. As AI technology is highly complex and rapidly evolving, and our ability to foresee all the legal, operational or technological risks that may arise from our use of AI is limited. Use of AI is also the subject to an evolving governmental and regulatory landscape, which may subject the company to additional scrutiny. The introduction of AI technologies, particularly generative AI, into new or existing offerings may result in errors and new or expanded risks and liabilities, including enhanced compliance obligations and regulatory scrutiny, litigation, ethical concerns, confidentiality or security risks, that could adversely affect our business, reputation, and financial results. For example, AI technologies can lead to unintended consequences and errors, including generating content that appears correct but is factually inaccurate, misleading or otherwise flawed, or that results in unintended biases and discriminatory outcomes, which could harm our reputation and expose us to liability. Laws, regulations or industry standards that develop in response to the use of AI may be burdensome or may significantly restrict the deployment of AI, particularly generative AI technologies, in our products or processes. We have taken steps designed to manage risks related to our adoption of AI; however, these steps may not sufficiently mitigate these risks, which include but are not limited to risks related to employee error or malfeasance, the loss of intellectual property, claims of bias or discrimination, or product liability claims. We may be subject to specific obligations relating to the use of AI technologies in our operations or the incorporation of AI technologies in our products and services, including the EU Artificial Intelligence Act (EU AI Act). We expect that regulators in the various global locations we do business in will pursue new rules governing AI, whether through regulations specific to AI or through updating existing laws to incorporate new AI-specific provisions. This evolving regulatory environment may cause us to incur substantial costs or require us to change our business practices, which may impact our financial results. Any failure to timely or adequately address these regulations, or any future changes to or expanded regulations, may expose us to significant compliance costs, potential liabilities or fines. AI technologies may use or incorporate data from third-party sources, which may expose us to risks associated with data rights and protection and may also lead to the unintended consequences of using AI discussed above. Current laws and court decisions governing intellectual property ownership and license rights may not address new questions relating to AI technologies, which may negatively affect our ability to safeguard our intellectual property, as well as increase the compliance costs associated with navigating an uncertain legal and regulatory environment. The use or adoption of AI technologies into our products may expose us to claims of copyright infringement or other intellectual property misappropriation by third parties, which may require us to pay compensation or license fees. In addition to the implementation of AI in our tools and products, there is risk associated with the implementation of AI technologies by competitors or disruptors. The value of our products and services may be negatively affected by the increasing amount of information and external tools that are available for free, or at low cost, through Internet sources that use AI to scrape data – including our own content – from the Internet. These technologies integrate machine learning abilities and other AI systems to process and organize large data sets aggregated from products that previously were paid for, posing an external risk to our product suite. The rapidly evolving regulatory environment for AI technologies may also impact our ability to protect our own data and intellectual property against infringement through these AI external tools.

Technology - Risk 2

Errors in our automated advisory tools may subject us to liability for any losses that result.

We rely on automated investment technology for our retirement advice and managed retirement accounts services. The Wealth Forecasting Engine is our core advice and managed accounts engine that determines appropriate asset allocations for retirement plan participants and assigns individuals to portfolios. We also rely on automated portfolio construction tools. As these become more interconnected with other product offerings, including the technology of clients and other third parties, the increasing complexity of the technology requires more expertise and efforts to manage and test. Problems could arise if these programs do not work as intended, particularly if we failed to detect program errors over an extended period and are found to be liable for such errors, which may include liability for breach of our fiduciary duty or applicable law. Such program errors may not be detected despite our quality assurance practices. There is a need to continually invest in training to develop and maintain in-house expertise to manage these systems effectively and to educate recordkeeper and retirement plan clients and participants in the capabilities, proper use, and competitive differentiation of these offerings, which can be costly and time consuming. We seek to constantly innovate and improve our retirement services offering, for example to add new capabilities around modeling and advising on income generating products, and in doing so, we regularly release new versions of the technology and update our methodology. Additional customer support may be needed to ensure that clients implement the new versions and updates properly and understand the implications for their plan participants, including issues concerning suitability of certain strategies. More resources may also be required to continue to support legacy versions of the Wealth Forecasting Engine that continue to be used by certain clients. If we make an error, we may be subject to potentially large liabilities for make-whole payments and/or litigation.

Production

Total Risks: 2/24 (8%)Below Sector Average

Employment / Personnel1 | 4.2%

Employment / Personnel - Risk 1

Our future success depends on our ability to recruit, develop, and retain qualified employees.

Our ability to identify, attract, hire, and on-board new qualified employees is integral to our continued success. Many of our key product offerings require employees with specific skills sets in a variety of disciplines such as engineering, research, quantitative, fixed income data and credit analysis as well as in emerging areas of strategic focus. As many of these skill sets are widely and highly sought after, we experience competition for talent from other companies. The development, maintenance, and support of our products and services are also dependent upon the knowledge, skills, experience, and abilities of our existing employees. As a global business with a broad workforce location strategy, we have experienced and may continue to experience recruiting challenges in nearly all our global locations. Maintaining a global workforce also introduces inherent challenges, including the ability to effectively manage employees over large geographic distances, as well external factors such as geopolitical unrest in countries where our employees work, resulting in the need to implement appropriate systems, policies, benefits and compliance programs. Additionally, we have been and may continue to be exposed to rising wage scales in many of the employment markets in which our facilities are located, which negatively affect our compensation costs. Inflationary pressures, strong stock performance in our sector, immigration policy, regulatory changes and shortages of applicants with certain skills put upward pressure on wages and may make it difficult to retain and attract adequately skilled and qualified employees. We invest in the continued growth and development of our employees through various programs such as learning tools and educational stipends and are thoughtful about employee engagement. Changes in the labor markets, such as a move by some companies to fully remote work, or hybrid work models, or away from remote work or hybrid work models, may make it more difficult for us to retain existing employees. Similarly, the integration of new businesses we acquire or the sunsetting of existing brands may impact our workplace as the culture of the acquired businesses or the values of the sunset brands are diminished and polices are updated to align with our current company policies, which may impact the morale of retained employees and may result in unforeseen attrition. We believe the continued and future success of our business relies upon the continued service of our executive officers, including Joe Mansueto, our executive chairman, and Kunal Kapoor, our chief executive officer, senior business and functional leaders and other key employees. However, the talents and experience of these individuals make them attractive candidates to many of our competitors, as well as to early-stage companies that can offer the potential for outsize financial rewards if they are successful. Thus, the loss of such business leaders or our failure to adequately plan for such a loss, could pose substantial challenges to our business. We may not be able to retain these leaders and employees or to develop and retain similar highly qualified personnel in the future, which may cause us to lose potential or existing clients, and which could adversely impact our operating results and financial condition.

Supply Chain1 | 4.2%

Supply Chain - Risk 1

We are dependent on third-party service providers in our operations.

We rely on a variety of outside parties as the original sources for the information we use in our published data and research. These sources include securities exchanges, fund companies, hedge funds, transfer agents, issuers, and other data providers. We also incorporate data from a variety of third-party sources for many of our products. There is a sole source dependency risk on certain data suppliers for data feeds that are not diversified. A degradation in their service could have a negative impact on our products, exposing us to downstream risk in the event of their failure. In addition, these external data sources may contain errors, which could impact the accuracy and quality of our products, which could in turn have the potential to erode customer confidence and our brand. Our ability to continue to innovate and develop new products is reliant on the products of other vendors, including data, software and services vendors. Some of our products and offerings are dependent upon obtaining updates from data vendors as well as dependent on continuing access to current and historical data. Furthermore, many of our vendors are also competitors, and our ability to continue to provide our products and develop new products could be impacted if the vendors terminate our agreements with them or decide to change the terms or restrict use of the data and products, which could materially harm our business. We use AI technologies from third parties, which may include open-source software. If we are unable to maintain rights to use these AI technologies on commercially reasonable terms, we may be forced to acquire or develop alternate AI technologies, which may limit or delay our ability to provide competitive offerings and may increase our costs. We utilize numerous third-party service providers in our operations, including for the provision of contract labor in several locations and backup facilities for our data. A failure by a third-party service provider could expose us to an inability to provide contractual services to our clients in a timely manner. Additionally, if a third-party service provider is unable to provide these services, we may incur significant costs to either internalize some of these services or find a suitable alternative. We are subject to regulatory expectations for the oversight of vendors and service providers, including the EU's Digital Operational Resilience Act, which further increase our compliance obligations and costs. A failure in the performance of our due diligence processes and controls related to the supervision and oversight of these firms in detecting and addressing conflicts of interest, fraudulent activity, data breaches and cyberattacks or noncompliance with relevant securities and other laws could cause us to suffer financial loss, expose us to regulatory sanctions or damage to our reputation.

Macro & Political

Total Risks: 2/24 (8%)Below Sector Average

Capital Markets2 | 8.3%

Capital Markets - Risk 1

Prolonged volatility or downturns affecting the financial sector, global financial markets, and the global economy may impact our financial results.

Our business results are partly driven by factors outside of our control including, but not limited to, general economic and financial market trends which may be impacted by availability of credit, changes in laws, trade barriers, currency exchange rates and controls, and national and international geopolitical circumstances and uncertainties. Prolonged economic and financial downturns, sustained volatility in the financial markets, interest and inflation rate fluctuations and periods of stagflation, among other conditions impacting investor sentiment can reduce investor interest and investment activity and have, and may in the future, decrease demand for our software, data, analyst ratings, research products, and decrease net flows of funds into our investment management products. We cannot predict the occurrence, timing or duration of any economic cycle generally or in the markets in which our businesses operate. Fluctuations in interest rates and rate uncertainty brought on by central bank decisions that have reduced credit issuance in prior periods may in the future put negative pressure on our credit ratings business. Our credit ratings business, as well as our SPO business, have been, and may again be, impacted by volatility in US and international financial markets due to their dependence on the number and dollar volume of debt securities issued in the capital markets. Market disruptions, rising interest rates, widening credit spreads, and economic slowdowns historically have impacted and may in the future impact the volume of debt securities issued in global capital markets and the demand for credit ratings. Demand for credit ratings can also be negatively affected by negative publicity about the credit ratings business, regulatory and political developments, growth in the use of alternative sources of credit, and defaults by significant issuers. Our ability to reduce costs in the event of such adverse developments can be negatively impacted by, among other things, our obligations to monitor and maintain outstanding ratings. Declines or other changes in the markets for debt securities may materially and adversely affect our business, operating results, and financial condition. For our license-based businesses, many of our customers are asset management and financial advisory firms and other financial-services companies, who are also subject to global market trends. The ascendance of passive investment strategies may affect both the profitability of asset managers that focus on actively managed strategies, on whose success we in part depend, and the perceived value of our research regarding actively managed such strategies. A sustained global recession or other financial downturn or crisis would likely lead to material spending cutbacks among certain of our clients, and create longer sales cycles. Consolidation in the financial services sector reduces the number of potential clients for our products and services. Further, clients may discontinue their use of our products and services should they fail and/or merge with or become acquired by other entities that are not our clients or that use fewer of our products and services. These trends could impact demand for our products and services or change the financial services landscape in which we operate, resulting in lower revenue and operating income. Our PitchBook business is also subject to cyclical trends specific to the private capital markets. Many of PitchBook's clients are investment banks and other participants in the capital and M&A markets, which are subject to periodic business downturns driven by changes in such markets. During these downturns, they often seek to reduce spending on third-party services, as well as the number of employees, which would directly and adversely affect the number of prospective users for the PitchBook platform. The amount of asset-based revenue we earn primarily depends on the value of assets on which we provide advisory services, and the size of our asset base can increase or decrease based on market performance. Our revenue from asset-based fees has been, and may in the future be, adversely affected by market declines. Asset levels can also be affected if inflows into the portfolios for which we provide investment advisory services drop or if these portfolios experience redemptions. A drop in inflows or an increase in redemptions can result from a variety of factors, including overall market conditions or uncompetitive investment performance. If the level of assets on which we provide investment advisory or investment management services declines, we would expect our fee-based revenue to show a corresponding decline. The industrywide trend toward lower asset-based fees may also impact our fee-based revenue. A shift by investors to non-traditional asset classes such as cryptocurrencies, private debt, real estate, structured products, and collectibles may affect our assets under management if we are unable to incorporate them into our investment strategies or if they fail to perform in the manner that our research anticipates.

Capital Markets - Risk 2

Changed

Our revenues, expenses, assets, and liabilities are subject to fluctuations in foreign currency exchange rates.

As a business with international business activities, we are subject to risks related to fluctuations in foreign currency exchange rates. Movements in the exchange rates can impact the US dollar reported value of our revenues, expenses, assets, and liabilities denominated in non-US dollar currencies or where the currency of such items is different than the functional currency of the entity where these items were recorded. In addition, the value of assets in indexed investment products can fluctuate significantly over short periods of time and such volatility may be further impacted by fluctuations in foreign currency exchange rates. We incur expenses for employee compensation and other operating expenses at our non-US locations in the local currency. In the future, if there is an increase or decrease in our international business activities that recorded in local currencies, our exposure to fluctuations in foreign currency exchange rates may correspondingly increase or decrease, which could materially adversely affect our business, financial condition, or operating results. Although we may in the future decide to undertake foreign exchange hedging transactions, to date, we have not engaged in currency hedging, and we do not currently have any positions in derivative instruments to hedge our currency risk.

Ability to Sell

Total Risks: 1/24 (4%)Below Sector Average

Brand / Reputation1 | 4.2%

Brand / Reputation - Risk 1

Changed

Failing to maintain and protect our brand, independence, and reputation may harm our business. Our reputation and business may also be negatively impacted by allegations made about possible conflicts of interest, or by other negative publicity or media reports.

We believe that the reputation of our company and our brand generally, as well as the perception of our research and ratings products and services, is based on the trust that users of our products and services have in our commitment to our mission to empower investor success underscored by principles of independence, transparency and long-term focus. Any failures by us to instill in our employees the expectation of independence and integrity may devalue our reputation over time and negatively affect both hiring and retention efforts. Any failure to uphold these standards, and any real or perceived failure of our customers to have consistently positive experiences with us could damage our reputation. Our reputation may also be harmed if any errors are found in our products or services. As our business has evolved, we have entered, and may in the future enter into, lines of business and business arrangements that may give rise to allegations of conflicts of interest or perceived failures of our independence and objectivity. For example, we provide ratings, analyst research, and investment recommendations on mutual funds, ETFs and other investment products offered by our institutional clients. While we don't charge asset management firms for their products to be rated, we do charge licensing fees for the use of our ratings. We also provide investment advisory and investment management services, including through our own series of mutual funds, which expose us to the claim that we are acting as both a referee and a player in the investment management industry. In our credit ratings business and Morningstar Sustainalytics' Sustainable Finance Solutions products we are participants in an issuer-pay business model under which we receive payments from issuers for our ratings rather than from the investors who consume such ratings. These payments may create the perception that our ratings and research in these areas are not independently determined. Certain of our product offerings such as those offered by Morningstar Sustainalytics have, and may in future, put us at the center of public debate over a variety of issues surrounding sustainability, social concerns, and corporate governance. Scrutiny over sustainability, social concerns and corporate governance may impact the demand for our products. This could lead to negative media coverage, reputational harm or increased government or regulatory scrutiny. Failure to successfully navigate these issues as they arise may have an adverse effect on our reputation and our business. In addition our methodology may be scrutinized or may attract negative publicity. Our reputation may also be harmed by factors outside of our control, such as news reports about our clients, consultants, or suppliers, regulatory scrutiny, and adverse publicity about certain types of investment and ratings products generally. Scrutiny of our competitors could damage the reputation of the industries that we operate in, which could harm the reputation of the company or certain of our products and services. We may also suffer brand dilution as our brand becomes associated with an increasingly broad array of products and services that may align less directly with our corporate mission.

See a full breakdown of risk according to category and subcategory. The list starts with the category with the most risk. Click on subcategories to read relevant extracts from the most recent report.

FAQ

What are “Risk Factors”?

Risk factors are any situations or occurrences that could make investing in a company risky.

The Securities and Exchange Commission (SEC) requires that publicly traded companies disclose their most significant risk factors. This is so that potential investors can consider any risks before they make an investment.

They also offer companies protection, as a company can use risk factors as liability protection. This could happen if a company underperforms and investors take legal action as a result.

It is worth noting that smaller companies, that is those with a public float of under $75 million on the last business day, do not have to include risk factors in their 10-K and 10-Q forms, although some may choose to do so.

How do companies disclose their risk factors?

Publicly traded companies initially disclose their risk factors to the SEC through their S-1 filings as part of the IPO process.

Additionally, companies must provide a complete list of risk factors in their Annual Reports (Form 10-K) or (Form 20-F) for “foreign private issuers”.

Quarterly Reports also include a section on risk factors (Form 10-Q) where companies are only required to update any changes since the previous report.

According to the SEC, risk factors should be reported concisely, logically and in “plain English” so investors can understand them.

How can I use TipRanks risk factors in my stock research?

Use the Risk Factors tab to get data about the risk factors of any company in which you are considering investing.

You can easily see the most significant risks a company is facing. Additionally, you can find out which risk factors a company has added, removed or adjusted since its previous disclosure. You can also see how a company’s risk factors compare to others in its sector.

Without reading company reports or participating in conference calls, you would most likely not have access to this sort of information, which is usually not included in press releases or other public announcements.

A simplified analysis of risk factors is unique to TipRanks.

What are all the risk factor categories?

TipRanks has identified 6 major categories of risk factors and a number of subcategories for each. You can see how these categories are broken down in the list below.

1. Financial & Corporate

Accounting & Financial Operations - risks related to accounting loss, value of intangible assets, financial statements, value of intangible assets, financial reporting, estimates, guidance, company profitability, dividends, fluctuating results.
Share Price & Shareholder Rights – risks related to things that impact share prices and the rights of shareholders, including analyst ratings, major shareholder activity, trade volatility, liquidity of shares, anti-takeover provisions, international listing, dual listing.
Debt & Financing – risks related to debt, funding, financing and interest rates, financial investments.
Corporate Activity and Growth – risks related to restructuring, M&As, joint ventures, execution of corporate strategy, strategic alliances.

2. Legal & Regulatory

Litigation and Legal Liabilities – risks related to litigation/ lawsuits against the company.
Regulation – risks related to compliance, GDPR, and new legislation.
Environmental / Social – risks related to environmental regulation and to data privacy.
Taxation & Government Incentives – risks related to taxation and changes in government incentives.

3. Production

Costs – risks related to costs of production including commodity prices, future contracts, inventory.
Supply Chain – risks related to the company’s suppliers.
Manufacturing – risks related to the company’s manufacturing process including product quality and product recalls.
Human Capital – risks related to recruitment, training and retention of key employees, employee relationships & unions labor disputes, pension, and post retirement benefits, medical, health and welfare benefits, employee misconduct, employee litigation.

4. Technology & Innovation

Innovation / R&D – risks related to innovation and new product development.
Technology – risks related to the company’s reliance on technology.
Cyber Security – risks related to securing the company’s digital assets and from cyber attacks.
Trade Secrets & Patents – risks related to the company’s ability to protect its intellectual property and to infringement claims against the company as well as piracy and unlicensed copying.

5. Ability to Sell

Demand – risks related to the demand of the company’s goods and services including seasonality, reliance on key customers.
Competition – risks related to the company’s competition including substitutes.
Sales & Marketing – risks related to sales, marketing, and distribution channels, pricing, and market penetration.
Brand & Reputation – risks related to the company’s brand and reputation.

6. Macro & Political

Economy & Political Environment – risks related to changes in economic and political conditions.
Natural and Human Disruptions – risks related to catastrophes, floods, storms, terror, earthquakes, coronavirus pandemic/COVID-19.
International Operations – risks related to the global nature of the company.
Capital Markets – risks related to exchange rates and trade, cryptocurrency.

Become an Expert with TipRanks Premium

What am I Missing?

Make informed decisions based on Top Analysts' activity

Know what industry insiders are buying

Get actionable alerts from top Wall Street Analysts

Find out before anyone else which stock is going to shoot up

Get powerful stock screeners & detailed portfolio analysis

Subscribe Now See Plans & Pricing