Public companies are required to disclose risks that can affect the business and impact the stock. These disclosures are known as “Risk Factors”. Companies disclose these risks in their yearly (Form 10-K), quarterly earnings (Form 10-Q), or “foreign private issuer” reports (Form 20-F). Risk factors show the challenges a company faces. Investors can consider the worst-case scenarios before making an investment. TipRanks’ Risk Analysis categorizes risks based on proprietary classification algorithms and machine learning.

Marpai disclosed 23 risk factors in its most recent earnings report. Marpai reported the most risks in the “Finance & Corporate” category.

Risk Overview Q3, 2024

Risk Distribution

48% Finance & Corporate

22% Tech & Innovation

17% Legal & Regulatory

9% Production

4% Ability to Sell

0% Macro & Political

Finance & Corporate - Financial and accounting risks. Risks related to the execution of corporate activity and strategy

This chart displays the stock's most recent risk distribution according to category. TipRanks has identified 6 major categories: Finance & corporate, legal & regulatory, macro & political, production, tech & innovation, and ability to sell.

Risk Change Over Time

2022

S&P500 Average

Sector Average

Risks removed

Risks added

Risks changed

Marpai Risk Factors

New Risk (0)

Risk Changed (0)

Risk Removed (0)

No changes from previous report

The chart shows the number of risks a company has disclosed. You can compare this to the sector average or S&P 500 average.

The quarters shown in the chart are according to the calendar year (January to December). Businesses set their own financial calendar, known as a fiscal year. For example, Walmart ends their financial year at the end of January to accommodate the holiday season.

Risk Highlights Q3, 2024

Main Risk Category

Finance & Corporate

With 11 Risks

Finance & Corporate

With 11 Risks

Number of Disclosed Risks

No changes from last report

S&P 500 Average: 31

No changes from last report

S&P 500 Average: 31

Recent Changes

2Risks added

0Risks removed

0Risks changed

Since Sep 2024

2Risks added

0Risks removed

0Risks changed

Since Sep 2024

Number of Risk Changed

No changes from last report

S&P 500 Average: 3

No changes from last report

S&P 500 Average: 3

See the risk highlights of Marpai in the last period.

Risk Word Cloud

The most common phrases about risk factors from the most recent report. Larger texts indicate more widely used phrases.

Risk Factors Full Breakdown - Total Risks 23

Finance & Corporate

Total Risks: 11/23 (48%)Above Sector Average

Share Price & Shareholder Rights8 | 34.8%

Share Price & Shareholder Rights - Risk 1

If we are deemed to be a "controlled company" under the rules of the Nasdaq Capital Market, we will be exempt from certain corporate governance requirements that could have an adverse effect on our shareholders.

Certain of our shareholders including HillCour Investment Fund, LLC, collectively beneficially own 38.8% of our total voting power. As such, we meet the definition of a "controlled company" under the corporate governance standards for Nasdaq listed companies and may be eligible to utilize certain exemptions from the corporate governance requirements of the Nasdaq Stock Market. We are a "controlled company" within the meaning of Nasdaq Listing Rule 5615(c). As a controlled company, we qualify for, and our board of directors, the composition of which is and will be controlled by these shareholders may rely upon, exemptions from several of Nasdaq's corporate governance requirements, including requirements that: - most of the board of directors consist of independent directors - compensation of officers be determined or recommended to the board of directors by a majority of its independent directors or by a compensation committee comprised solely of independent directors; and - director nominees be selected or recommended to the board of directors by a majority of its independent directors or by a nominating committee that is composed entirely of independent directors As long as our officers and directors, either individually or in the aggregate, own at least 50% of the voting power of our Company, we are a "controlled company" as defined under Nasdaq Marketplace Rules. Accordingly, to the extent that we choose to rely on one or more of these exemptions, our shareholders would not be afforded the same protections generally as shareholders of other Nasdaq-listed companies for so long as these shareholders are collectively able to control the composition of our board and our board determines to rely upon one or more of such exemptions. We do not currently intend to rely on the "controlled company" exemption under the Nasdaq listing rules. However, we may elect to avail ourselves of these exemptions in the future.

Share Price & Shareholder Rights - Risk 2

Our failure to meet the continued listing requirements of The Nasdaq Capital Market could result in a de-listing of our common stock.

Our shares of common stock are listed for trading on The Nasdaq Capital Market under the symbol "MRAI." If we fail to satisfy the continued listing requirements of The Nasdaq Capital Market such as the corporate governance requirements, the stockholder's equity requirement or the minimum closing bid price requirement, The Nasdaq Capital Market may take steps to de-list our common stock or warrants. Such a de-listing or even notification of failure to comply with such requirements would likely have a negative effect on the price of our common stock and warrants would impair your ability to sell or purchase our common stock when you wish to do so. In the event of a de-listing, we would take actions to restore our compliance with The Nasdaq Capital Market's listing requirements, but we can provide no assurance that any such action taken by us would allow our common stock become listed again, stabilize the market price or improve the liquidity of our common stock, prevent our common stock from dropping below The Nasdaq Capital Market, minimum bid price requirement or prevent future non-compliance with The Nasdaq Capital Market's listing requirements. The National Securities Markets Improvement Act of 1996, which is a federal statute, prevents or preempts the states from regulating the sale of certain securities, which are referred to as "covered securities." Because our common stock is listed on The Nasdaq Capital Market, our common stock is covered securities. Although the states are preempted from regulating the sale of covered securities, the federal statute does allow the states to investigate companies if there is a suspicion of fraud, and, if there is a finding of fraudulent activity, then the states can regulate or bar the sale of covered securities in a particular case. Further, if we were to be delisted from The Nasdaq Capital Market, our common stock would cease to be recognized as covered securities and we would be subject to regulation in each state in which we offer our securities.

Share Price & Shareholder Rights - Risk 3

Our Amended and Restated Certificate of Incorporation provides that derivative actions brought on our behalf, actions against our directors, officers, employees, or agent for breach of fiduciary duty and certain other actions may be brought only in the Court of Chancery in the State of Delaware and the stockholders shall be deemed to have consented to this choice of forum provision, which may have the effect of discouraging lawsuits against our directors, officers, other employees or agents.

Our Certificate of Incorporation provides that, unless we consent in writing to the selection of an alternative forum, the Court of Chancery of the State of Delaware will be the sole and exclusive forum for any stockholder for (a) any derivative action or proceeding brought on our behalf, (c) any action asserting a claim of breach of a fiduciary duty owed by, or other wrongdoing by, any director, officer, employee or agent of the Company to the Company or the Company's stockholders, (c) any action asserting a claim arising pursuant to any provision of the DGCL or the Company's Certificate of Incorporation or bylaws, (d) any action to interpret, apply, enforce or determine the validity of the Company's Certificate of Incorporation or bylaws, or (e) any action asserting a claim governed by the internal affairs doctrine. The federal district courts of the United States of America shall be the exclusive forum for the resolution of any complaint, claim or proceeding asserting a cause of action arising under the Exchange Act or the Securities Act. Furthermore, Section 22 of the Securities Act creates concurrent jurisdiction for federal and state courts over all suits brought to enforce any duty or liability created by the Securities Act or the rules and regulations thereunder. Stockholders cannot waive compliance with the federal securities laws and the rules and regulations thereunder. Any person or entity purchasing or otherwise acquiring or holding any interest in shares of our capital stock shall be deemed to have notice of and consented to the forum provision in our Certificate of Incorporation. The choice-of-forum provision may limit a stockholder's ability to bring a claim in a judicial forum that it finds favorable for disputes with us or our directors, officers or other employees, and may result in increased costs to a stockholder who has to bring a claim in a forum that is not convenient to the stockholder, which may discourage such lawsuits. Although under Section 115 of the DGCL, exclusive forum provisions may be included in a company's certificate of incorporation, the enforceability of similar forum provisions in other companies' certificates or incorporation or bylaws has been challenged in legal proceedings, and it is possible that a court could find these types of provisions to be inapplicable or unenforceable. If a court were to find the exclusive forum provision of our Certificate of Incorporation inapplicable or unenforceable with respect to one or more of the specified types of actions or proceedings, we may incur additional costs associated with resolving such matters in other jurisdictions, which could materially and adversely affect our business, financial condition and results of operations and result in a diversion of the time and resources of our management and Board.

Share Price & Shareholder Rights - Risk 4

Our bylaws designate a state or federal court located within the State of Delaware as the exclusive forum for certain litigation that may be initiated by our stockholders, which could limit stockholders' ability to obtain a favorable judicial forum for disputes with us.

Our bylaws provide, to the fullest extent permitted by law, that a state or federal court located within the State of Delaware will be the exclusive forum for the following types of actions or proceedings under Delaware statutory or common law: - any derivative action or proceeding brought on our behalf;- any action asserting a breach of fiduciary duty;- any action asserting a claim against us arising pursuant to the DGCL, our amended and restated certificate of incorporation, or our bylaws; or - any action asserting a claim against us that is governed by the internal affairs doctrine. This exclusive forum provision will not apply to any causes of action arising under the Securities Act or the Exchange Act or any other claim for which the federal courts have exclusive jurisdiction. Nothing in our bylaws precludes stockholders that assert claims under the Securities Act or the Exchange Act from bringing such claims in state or federal court, subject to applicable law. This choice of forum provision may limit a stockholder's ability to bring a claim in a judicial forum that it finds favorable for disputes with us or any of our directors, officers, or other employees, which may discourage lawsuits with respect to such claims. Alternatively, if a court were to find the choice of forum provision which will be contained in us bylaws to be inapplicable or unenforceable in an action, we may incur additional costs associated with resolving such action in other jurisdictions, which could harm our business, results of operations, and financial condition.

Share Price & Shareholder Rights - Risk 5

A possible "short squeeze" due to a sudden increase in demand of our common stock that largely exceeds supply may lead to price volatility in our common stock.

Investors may purchase our common stock to hedge existing exposure in our common stock or to speculate on the price of our common stock. Speculation on the price of our common stock may involve long and short exposures. To the extent aggregate short exposure exceeds the number of shares of our common stock available for purchase in the open market, investors with short exposure may have to pay a premium to repurchase our common stock for delivery to lenders of our common stock. Those repurchases may in turn dramatically increase the price of us common stock until investors with short exposure can purchase additional common stock to cover their short position. This is often referred to as a "short squeeze." A short squeeze could lead to volatile price movements in our common stock that are not directly correlated to the performance, or prospects of our common stock and once investors purchase the shares of common stock necessary to cover their short position the price of our common stock may decline. Provisions in our charter documents and under Delaware law could make an acquisition of our company more difficult, limit attempts by our stockholders to replace or remove our current Board and limit the market price of our Class A common stock. Provisions in our second amended and restated certificate of incorporation (the "Certificate of Incorporation") and bylaws may have the effect of delaying or preventing a change of control or changes in our management. Our amended and restated certificate of incorporation and bylaws, include provisions that: - permit the board of directors to establish the number of directors and fill any vacancies and newly created directorships; and;- provide that the board of directors is expressly authorized to make, alter, or repeal our bylaws. Moreover, Section 203 of the Delaware General Corporation Law ("DGCL") may discourage, delay, or prevent a change in control of our company. Section 203 imposes certain restrictions on mergers, business combinations, and other transactions between us and holders of 15% or more of our common stock.

Share Price & Shareholder Rights - Risk 6

The market price of our common stock may be volatile and may decline regardless of our operating performance, and you may lose all or part of your investments.

The market price of our common stock may fluctuate significantly in response to numerous factors, many of which are beyond our control, including: - overall performance of the equity markets and/or publicly listed technology companies;- actual or anticipated fluctuations in our net revenue or other operating metrics;- changes in the financial projections we provide to the public or our failure to meet these projections;- failure of securities analysts to initiate or maintain coverage of us, changes in financial estimates by any securities analysts who follow our company, or our failure to meet the estimates or the expectations of investors;- the economy as a whole and market conditions in our industry;- rumors and market speculation involving us or other companies in our industry;- announcements by us or our competitors of significant innovations, acquisitions, strategic partnerships, joint ventures, or capital commitments;- new laws or regulations or new interpretations of existing laws or regulations applicable to our business;- lawsuits threatened or filed against us;- recruitment or departure of key personnel;- other events or factors, including those resulting from war, incidents of terrorism, or responses to these events; and - the expiration of contractual lock-up or market standoff agreements. In addition, extreme price and volume fluctuations in the stock markets have affected and continue to affect many technology companies' stock prices. Often, their stock prices have fluctuated in ways unrelated or disproportionate to the companies' operating performance. In the past, securities class action litigation has often been brought against a company following a decline in the market price of its securities. This risk is especially relevant for us because technology and healthcare technology companies have experienced significant stock price volatility in recent years. If we face such litigation, it could result in substantial costs and a diversion of management's attention and resources, which could harm our business.

Share Price & Shareholder Rights - Risk 7

We have been notified by The Nasdaq Stock Market LLC of our failure to comply with certain continued listing requirements and, if we are unable to regain compliance with all applicable continued listing requirements and standards of Nasdaq, our common stock could be delisted from Nasdaq.

As we previously disclosed, on May 31, 2023, Nasdaq Listing Qualifications staff ("Staff") notified us that the market value of our listed securities ("MVLS") was below the minimum $35,000,000 required for continued listing as set forth in Listing Rule 5550(b)(2). In accordance with Listing Rule 5810(c)(3)(C), we were provided 180 calendar days, or until November 27, 2023, to regain compliance. On November 28, 2023, the Staff notified us that it had determined to delist us as we did not comply with the MVLS requirement for listing on Nasdaq. On November 29, 2023, we requested a hearing. A hearing on the matter was held on February 22, 2024, where we presented our compliance plan. Subject to our meeting certain requirements by March 31, 2024, the Hearings Panel granted us an extension until May 28, 2024, to regain compliance with the Market Value of Listed Securities ("MVLS") requirement of $35,000,000 or satisfy any of the alternative requirements in Listing Rule 5550(b). Notwithstanding the foregoing, there can be no assurance that we will be able to meet these deadlines or ultimately regain compliance with all applicable requirements for continued listing.

Share Price & Shareholder Rights - Risk 8

Our issuance of additional capital stock in connection with financing, acquisitions, investments, the 2021 Plan or otherwise will dilute all other stockholders.

We expect that we will need to raise additional capital through equity and possibly debt financing to fund our ongoing operations and possible acquisitions. If we raise capital through equity financing in the future, that will result in dilution to all other stockholders. If we raise debt in the future, this debt may be perceived as increasing the risk associated with investing in our Class A Common Stock which may have a negative impact on the price of the stock. We also expect to grant substantial equity awards to employees, directors, and consultants under the 2021 Plan and we expect to ask our shareholders to approve a substantial increase to this incentive plan which will enable our board of directors to grant additional equity grants in the future, all of which will result in dilution or potential dilution to all the stockholders. As part of our business strategy, we may acquire or make investments in complementary companies, products, or technologies and issue equity securities to pay for any such acquisition or investment. Any such issuances of additional capital stock may cause stockholders to experience significant dilution of their ownership interests and the per-share value of our common stock to decline.

Accounting & Financial Operations1 | 4.3%

Accounting & Financial Operations - Risk 1

We do not intend to pay dividends on our common stock and, consequently, the ability of common stockholders to achieve a return on investment will depend on appreciation, if any, in the price of our Class A common stock.

You should not rely on an investment in our common stock to provide dividend income. We do not plan to declare or pay any dividends on our capital stock in the foreseeable future. Instead, we intend to retain any earnings to finance the operation and expansion of our business. As a result, common stockholders may only receive a return on their investment if the market price of our common stock increases.

Corporate Activity and Growth2 | 8.7%

Corporate Activity and Growth - Risk 1

The requirements of being a public company may strain our resources, divert management's attention, and affect our ability to attract and retain executive management and qualified board members.

As a public company, we are subject to the reporting requirements of the Exchange Act, the listing standards of Nasdaq and other applicable securities rules and regulations. We expect that the requirements of these rules and regulations will continue to increase our legal, accounting, and financial compliance costs, make some activities more difficult, time-consuming, and costly, and place significant strain on our personnel, systems, and resources. For example, the Exchange Act requires, among other things, that we file annual, quarterly, and current reports with respect to our business and results of operations. As a result of the complexity involved in complying with the rules and regulations applicable to public companies, our management's attention may be diverted from other business concerns, which could harm our business, results of operations, and financial condition. We also expect that being a public company and these rules and regulations will make it more expensive for us to obtain director and officer liability insurance, and we may be required to accept reduced coverage or incur substantially higher costs to obtain coverage. These factors could also make it more difficult for us to attract and retain qualified members of our board of directors, particularly to serve on our audit committee and compensation committee, and qualified executive officers. As a result of disclosure of information in filings required of a public company, our business and financial condition is more visible, which may result in an increased risk of threatened or actual litigation, including by competitors and other third parties. If such claims are successful, our business and results of operations could be harmed, and even if the claims do not result in litigation or are resolved in our favor, these claims, and the time and resources necessary to resolve them, could divert the resources of our management and harm our business, results of operations, and financial condition.

Corporate Activity and Growth - Risk 2

Added

We are reviewing strategic alternatives and there can be no assurance that we will be successful in identifying or completing any strategic transaction, that any such strategic transaction will result in additional value for our stockholders or that the process will not have an adverse impact on our business.

The process of reviewing strategic alternatives may be costly, time consuming and disruptive to our business operations and, if we are unable to effectively manage the process, our business, financial condition and results of operations could be adversely affected. We may incur significant costs associated with identifying, evaluating and negotiating potential strategic alternatives, such as legal, financial advisor and accounting fees and expenses and other related charges. We may also incur additional unanticipated expenses in connection with this process. A considerable portion of these costs will be incurred regardless of whether any such course of action is implemented or transaction is completed, decreasing cash available for use in our business. There can be no assurance that any potential transaction, or series of transactions, or other strategic alternative, if found and if consummated, will provide greater value to our stockholders than that reflected in the current price of our common stock. Until the review process is concluded, perceived uncertainties related to our future may impact our business performance and volatility in the market price of our common stock and may make it more difficult for us to attract and retain qualified personnel and key employees. Our Board has not set a timetable for the conclusion of this review, nor has it made any definitive decisions related to taking any further actions or potential strategic options at this time or at all.

Tech & Innovation

Total Risks: 5/23 (22%)Below Sector Average

Trade Secrets3 | 13.0%

Trade Secrets - Risk 1

We may be sued by third parties for alleged infringement of their proprietary rights or misappropriation of intellectual property.

There is considerable patent and other intellectual property development activity in our industry. Our future success depends in part on not infringing upon the intellectual property rights of others. Our competitors, as well as a number of other entities and individuals, including so-called non-practicing entities, may own or claim to own intellectual property relating to our member guidance program. Not all employees and our contractors have signed non-compete and non-disclosure agreements with the Company. From time to time, third parties may claim that we are infringing upon their intellectual property rights or that we have misappropriated their intellectual property. For example, in some cases, very broad patents are granted that may be interpreted as covering a wide field of healthcare data storage and analytics solutions or machine learning and predictive modeling methods in healthcare. As competition in our market grows, the possibility of patent infringement, trademark infringement, and other intellectual property claims against us increases. In the future, we expect others to claim that our Member guidance program and underlying technology infringe or violate their intellectual property rights. In a patent infringement claim against us, we may assert, as a defense, that we do not infringe the relevant patent claims, that the patent is invalid or both. The strength of our defenses will depend on the patents asserted, the interpretation of these patents, and our ability to invalidate the asserted patents. However, we could be unsuccessful in advancing non-infringement and/or invalidity arguments in our defense. In the United States, issued patents enjoy a presumption of validity, and the party challenging the validity of a patent claim must present clear and convincing evidence of invalidity, which is a high burden of proof. Conversely, the patent owner need only prove infringement by a preponderance of the evidence, which is a lower burden of proof. We may be unaware of the intellectual property rights that others may claim cover some or all our technology or services. Because patent applications can take years to issue and are often afforded confidentiality for some period there may currently be pending applications, unknown to us, that later result in issued patents that could cover one or more aspects of our technology and services. Any claims or litigation could cause us to incur significant expenses and, whether successfully asserted against us, could require that we pay substantial damages, ongoing royalty or license payments, or settlement fees, prevent us from offering our Member guidance program or using certain technologies, require us to re-engineer all or a portion of our platform, or require that we comply with other unfavorable terms. We may also be obligated to indemnify our clients or business partners or pay substantial settlement costs, including royalty payments, in connection with any such claim or litigation and to obtain licenses, modify applications, or refund fees, which could be costly. Even if we were to prevail in such a dispute, any litigation regarding our intellectual property could be costly and time-consuming and divert the attention of our management and key personnel from our business operations.

Trade Secrets - Risk 2

We may not be able to adequately defend against piracy of intellectual property in foreign jurisdictions.

Considerable research in AI is being performed in countries outside of the United States, and several potential competitors are in these countries. The laws protecting intellectual property in some of those countries may not provide adequate protection to prevent our competitors from misappropriating our intellectual property. Several of these potential competitors may be further along in the process of product development and operate large, company-funded research and development programs. As a result, our competitors may develop more competitive or affordable products, or achieve earlier patent protection or product commercialization than we are able to achieve. Competitive products may render any products or product candidates that we develop obsolete.

Trade Secrets - Risk 3

Any failure to protect our intellectual property rights could impair our ability to protect our proprietary technology and our brand.

Our success and ability to compete depend largely upon our intellectual property. To date, we have three patent applications pending in the U.S. We take reasonable steps to protect our intellectual property, especially when working with third parties. However, the steps we take to protect our intellectual property rights may be inadequate. For example, other parties, including our competitors, may independently develop similar technology, duplicate our services, or design around our intellectual property and, in such cases, we may not be able to assert our intellectual property rights against such parties. Further, our contractual arrangements may not effectively prevent disclosure of our confidential information or provide an adequate remedy in the event of unauthorized disclosure of our confidential information, and we may be unable to detect the unauthorized use of, or take appropriate steps to enforce, our intellectual property rights. We make business decisions about when to seek patent protection for a particular technology and when to rely upon trade secret protection, and the approach we select may ultimately prove to be inadequate. Even in cases where we seek patent protection, there is no assurance that the resulting patents will effectively protect every significant feature of our model, technology, or proprietary information, or provide us with any competitive advantages. Moreover, we cannot guarantee that any of our pending patent applications will issue or be approved. The United States Patent and Trademark Office and various foreign governmental patent agencies also require compliance with several procedural, documentary, fee payment, and other similar provisions during the patent application process and after a patent has issued. There are situations in which noncompliance can result in abandonment or lapse of the patent, or patent application, resulting in partial or complete loss of patent rights in the relevant jurisdiction. If this occurs, our competitors might be able to enter the market, which would have a material adverse effect on our business. Effective trademark, copyright, patent, and trade secret protection may not be available in every country in which we conduct business. Further, intellectual property law, including statutory and case law, particularly in the United States, is constantly developing, and any changes in the law could make it harder for us to enforce our rights. To protect our intellectual property rights, we may be required to spend significant resources to monitor and protect these rights. Litigation brought to protect and enforce our intellectual property rights could be costly, time-consuming, and distracting to management and could result in the impairment or loss of portions of our intellectual property. Furthermore, our efforts to enforce our intellectual property rights may be met with defenses, counterclaims, and countersuits attacking the validity and enforceability of our intellectual property rights. An adverse determination of any litigation proceedings could put our intellectual property at risk of being invalidated or interpreted narrowly and could put our related pending patent applications at risk of not being issued. Furthermore, because of the substantial amount of discovery required in connection with intellectual property litigation, there is a risk that some of our confidential or sensitive information could be compromised by disclosure in the event of litigation. In addition, during litigation, there could be public announcements of the results of hearings, motions or other interim proceedings or developments. If securities analysts or investors perceive these results to be negative, it could have a substantial adverse effect on the price of our common stock. Negative publicity related to a decision by us to initiate such enforcement actions against a client or former client, regardless of its accuracy, may adversely impact our other client relationships or prospective client relationships, harm our brand and business, and could cause the market price of our common stock to decline. Our failure to secure, protect, and enforce our intellectual property rights could adversely affect our brand and our business.

Technology2 | 8.7%

Technology - Risk 1

We rely on Internet infrastructure, bandwidth providers, data center providers, other third parties, and our own systems for providing services to our users, and any failure or interruption in the services provided by these third parties or our own systems could expose us to litigation, potentially require us to issue credits to our Clients, and negatively impact our relationships with Members or Clients, adversely affecting our brand and our business.

In addition to the services we provide from our offices, we serve our Clients primarily from third-party data-hosting facilities. These facilities are vulnerable to damage or interruption from earthquakes, floods, fires, power loss, telecommunications failures, and similar events. They are also subject to break-ins, sabotage, intentional acts of vandalism, and similar misconduct. Their systems and servers could also be subject to hacking, spamming, ransomware, computer viruses or other malicious software, denial of service attacks, service disruptions, including the inability to process certain transactions, phishing attacks and unauthorized access attempts, including third parties gaining access to Members' accounts using stolen or inferred credentials or other means, and may use such access to prevent use of Members' accounts. Despite precautions taken at these facilities, the occurrence of a natural disaster or an act of terrorism, a decision to close the facilities without adequate notice, or other unanticipated problems at two or more of the facilities could result in lengthy interruptions in our services. Even with our disaster recovery arrangements, our services could be interrupted. Our ability to deliver our Internet- and telecommunications-based services is dependent on the development and maintenance of the infrastructure of the Internet and other telecommunications services by third parties. This includes maintenance of a reliable network backbone with the necessary speed, data capacity, and security for providing reliable Internet access and services and reliable mobile device, telephone, facsimile, and pager systems, all at a predictable and reasonable cost. We have experienced and expect that we will experience interruptions and delays in services and availability from time to time. We rely on internal systems as well as third-party vendors, including data center, bandwidth, and telecommunications equipment or service providers, to provide our services. We do not maintain redundant systems or facilities for some of these services. In the event of a catastrophic event with respect to one or more of these systems or facilities, we may experience an extended period of system unavailability, which could negatively impact our relationship with users or clients. To operate without interruption, both we and our service providers must guard against: - damage from fire, power loss, and other natural disasters;- communications failures;- security breaches, computer viruses, ransomware, and similar disruptive problems; and - other potential interruptions. Any disruption in the network access, telecommunications, or co-location services provided by these third-party providers or any failure of or by these third-party providers or our own systems to handle the current or higher volume of use could significantly harm our business. We exercise limited control over these third-party vendors, which increases our vulnerability to problems with the services they provide. Any errors, failures, interruptions, or delays experienced in connection with these third-party technologies and information services, or our own systems could negatively impact our relationships with users and clients, adversely affect our brands and business, and expose us to third-party liabilities. The insurance coverage under our policies may not be adequate to compensate us for all losses that may occur. In addition, we cannot provide assurance that we will continue to be able to obtain adequate insurance coverage at an acceptable cost. The reliability and performance of the Internet may be harmed by increased usage or by denial-of-service attacks. The Internet has experienced a variety of outages and other delays because of damage to portions of its infrastructure, and it could face outages and delays in the future. These outages and delays could reduce the level of Internet usage as well as the availability of the Internet to us for delivery of our Internet-based services. We typically provide service level commitments under our client contracts. If we fail to meet these contractual commitments, we could be obligated to provide credits or refunds for prepaid amounts related to unused subscription services or face contract terminations, which could adversely affect the results of operations. Finally, recent changes in law could impact the cost and availability of necessary Internet infrastructure. Increased costs and/or decreased availability would negatively affect the results of operations.

Technology - Risk 2

Our Member guidance program utilizes open-source software, and any failure to comply with the terms of one or more of these open-source licenses could adversely affect our business.

We use software modules licensed to us by third-party authors under "open-source" licenses in our Member guidance program. Some open-source licenses contain affirmative obligations or restrictive terms that could adversely impact our business, such as restrictions on commercialization or obligations to make available modified or derivative works of certain open-source code. If we were to combine our proprietary software with certain open-source software subject to these licenses in a certain manner, we could, under certain open-source licenses, be required to release or otherwise make available the source code to us proprietary software to the public. This would allow our competitors to create similar products with lower development effort and time and ultimately could result in a loss of sales for us. Although we employ practices designed to manage our compliance with open-source licenses and protect our proprietary source code, we may inadvertently use open-source software in a manner we do not intend and that could expose us to claims for breach of contract and intellectual property infringement. If we are held to have breached the terms of an open-source software license, we could be required to, among other things, seek licenses from third parties to continue offering our products on terms that are not economically feasible, pay damages to third parties, to re-engineer our products, to discontinue the sale of our products if re-engineering cannot be accomplished on a timely basis,or to make generally available, in source code form, a portion of our proprietary code, any of which could adversely affect our business, results of operations, and financial condition. The terms of many open-source licenses have not been interpreted by U.S. courts, and, as a result, there is a risk that such licenses could be construed in a manner that imposes unanticipated conditions or restrictions on our ability to commercialize our member guidance program.

Legal & Regulatory

Total Risks: 4/23 (17%)Below Sector Average

Regulation4 | 17.4%

Regulation - Risk 1

Our business could be adversely impacted by changes in laws and regulations related to the Internet or changes in access to the Internet generally.

The future success of our business depends upon the continued use of the Internet as a primary medium for communication, business applications, and commerce. Federal or state government bodies or agencies have in the past adopted, and may in the future adopt, laws or regulations affecting the use of the Internet as a commercial medium. Legislators, regulators, government bodies or agencies may also make legal or regulatory changes or interpret or apply existing laws or regulations that relate to the use of the Internet in new and materially different ways. Changes in these laws, regulations or interpretations could require us to modify our platform to comply with these changes, to incur substantial additional costs or divert resources that could otherwise be deployed to grow our business, or expose us to unanticipated civil or criminal liability, among other things. In addition, government agencies and private organizations have imposed, and may in the future impose, additional taxes, fees, or other charges for accessing the Internet or commerce conducted via the Internet. Internet access is frequently provided by companies that have significant market power and could take actions that degrade, disrupt, or increase the cost of our clients' use of our platform, which could negatively impact our business. Net neutrality rules, which were designed to ensure that all online content is treated the same by Internet service providers and other companies that provide broadband services were repealed by the Federal Communications Commission effective June 2018. The repeal of the net neutrality rules could force us to incur greater operating expenses or our clients' use of our platform could be adversely affected, either of which could harm our business and the results of operations. These developments could limit the growth of Internet-related commerce or communications generally or result in reductions in the demand for Internet-based platforms and services such as ours, increased costs to us or the disruption of our business. In addition, as the Internet continues to experience growth in the numbers of users, frequency of use and amount of data transmitted, the use of the Internet as a business tool could be adversely affected due to delays in the development or adoption of new standards and protocols to handle increased demands of Internet activity, security, reliability, cost, ease-of-use, accessibility, and quality of service. The performance of the Internet and its acceptance as a business tool has been adversely affected by "viruses," "worms," and similar malicious programs and the Internet has experienced a variety of outages and other delays because of damage to portions of its infrastructure. If the use of the Internet generally, or our platform specifically, is adversely affected by these or other issues, we could be forced to incur substantial costs, demand for our platform could decline, and our results of operations and financial condition could be harmed.

Regulation - Risk 2

The healthcare regulatory and political framework is uncertain and evolving.

Healthcare laws and regulations are rapidly evolving and may change significantly in the future, which could adversely affect our financial condition and results of operations. For example, in March 2010, the Patient Protection and ACA was adopted, which is a healthcare reform measure that provides healthcare insurance for approximately 30 million more Americans. The ACA includes a variety of healthcare reform provisions and requirements that substantially changed the way healthcare is financed by both governmental and private insurers, which may significantly impact our industry and our business. Many of the provisions of the ACA phase in over the course of the next several years, and we may be unable to predict accurately what effect the ACA or other healthcare reform measures that may be adopted in the future,including amendments to the ACA, will have on our business. On December 14, 2018, a U.S. District Court Judge in the Northern District of Texas, ruled that the individual mandate is a critical and inseverable feature of the ACA, and therefore, because it was repealed as part of the Tax Act, the remaining provisions of the ACA are invalid as well. On December 18, 2019, the Fifth Circuit U.S. Court of Appeals held that the individual mandate is unconstitutional and remanded the case to the lower court to reconsider its earlier invalidation of the full ACA. Pending review, the ACA remains in effect, but it is unclear at this time what effect the latest ruling will have on the status of the ACA. Nevertheless, upon review by the U.S. Supreme Court, the plaintiffs in the Texas action were determined to lack standing, and as such, the case was reversed and remanded.

Regulation - Risk 3

We may be unable to obtain and maintain the proper licensure and authorizations required for us to conduct TPA business.

The State of Wisconsin did not renew our TPA license on August 1, 2023. We are actively pursuing alternatives to renewing our license in Wisconsin. A failure to renew our license may restrict our ability to conduct our TPA business or otherwise have an adverse effect on our operations.

Regulation - Risk 4

Government regulation of the healthcare industry creates risks and challenges with respect to our compliance efforts and our business strategies.

In the United States and some foreign jurisdictions, there have been, and continue to be, several legislative and regulatory changes and proposed changes regarding the healthcare system that could create unexpected liabilities for us, cause us to incur additional costs, and restrict our operations. Among policy makers and payors in the United States and elsewhere, there is significant interest in promoting changes in healthcare systems with the stated goals of containing healthcare costs, improving quality and/or expanding access. Many healthcare laws are complex, and their application to specific services and relationships may not be clear. In particular, many existing healthcare laws and regulations, when enacted, did not anticipate the data analytics and improvement services that we provide, and these laws and regulations may be applied to our product and service offerings in ways that we do not anticipate, particularly as we develop and release new and more sophisticated solutions. Certain changes to laws impacting our industry, or perceived intentions to do so, could affect our business and the results of operations. Some of the risks we face from healthcare regulation are described below: False Claims Laws. There are numerous federal and state laws that prohibit submission of false information, or the failure to disclose information, in connection with submission (or causing the submission) and payment of claims for reimbursement. For example, the federal civil False Claims Act prohibits, among other things, individuals or entities from knowingly presenting, or causing to be presented, to the U.S. federal government, claims for payment or approval that are false or fraudulent, or knowingly making, using or causing to be made or used, a false record or statement material to a false or fraudulent claim. In addition, the government may assert that a claim including items and services resulting from a violation of the U.S. federal Anti-Kickback Statute constitutes a false or fraudulent claim for purposes of the civil False Claims Act. If our advisory services to clients are associated with action by clients that is determined or alleged to be in violation of these laws and regulations, it is possible that an enforcement agency would also try to hold us accountable. Any determination by a court or regulatory agency that we have violated these laws could subject us to significant civil or criminal penalties, invalidate all or portions of some of our client contracts, require us to change or terminate some portions of our business, require us to refund portions of us services fees, subject us to additional reporting requirements and oversight under a corporate integrity agreement or similar agreement to resolve allegations of noncompliance with these laws, cause us to be disqualified from serving clients doing business with government payers, and have an adverse effect on our business. Our Clients' failure to comply with these laws and regulations in connection with our services could result in substantial liability (including, but not limited to, criminal liability), adversely affect - demand for our services, and force us to expend significant capital, research and development, and other resources to address the failure. - Health Data Privacy Laws. There are numerous federal and state laws related to health information privacy. In particular, the federal Health Insurance Portability and Accountability Act of 1996, as amended by the HITECH and their implementing regulations, which we collectively refer to as "HIPAA," include privacy standards that protect individual privacy by limiting the uses and disclosures of PHI and implementing data security standards that require covered entities to implement administrative, physical, and technological safeguards to ensure the confidentiality, integrity, availability, and security of PHI in electronic form. In addition to enforcement actions initiated by regulatory bodies under HIPAA, violations or breaches caused by us or our contractors may result in related claims against us by clients, which may be predicated upon underlying contractual responsibilities, and by Members, which may be predicated upon tort law or state privacy claims, as HIPAA does not contain a private right of action. HIPAA also specifies formats that must be used in certain electronic transactions, such as admission and discharge messages and limits the fees that may be charged for certain transactions, including claim payment transactions. By processing and maintaining PHI on behalf of our covered entity clients, we are a HIPAA business associate and mandated by HIPAA to enter into written agreements with our covered entity clients?-?known as Business Associate Agreements ("BAAs")?-?that require us to safeguard PHI. BAAs typically include;- a description of our permitted uses of PHI;- a covenant not to disclose that information except as permitted under the BAAs and to require that our subcontractors, if any, are subject to the substantially similar restrictions;- assurances that reasonable and appropriate administrative, physical, and technical safeguards are in place to prevent misuse of PHI;- an obligation to report to our client any use or disclosure of PHI other than as provided for in the BAAs;- a prohibition against our use or disclosure of PHI if a similar use or disclosure by our client would violate the HIPAA standards;- the ability of our clients to terminate the underlying support agreement if we breach a material term of the BAAs and are unable to cure the breach;- the requirement to return or destroy all PHI at the end of our services agreement; and - access by the Department of Health and Human Services ("HHS") to our internal practices, books, and records to validate that we are safeguarding PHI. In addition, we are also required to maintain BAAs, which contain similar provisions, with our subcontractors that access or otherwise process PHI on our behalf. We may not be able to adequately address the business risks created by HIPAA implementation, and meet the requirements imposed by HIPAA. Furthermore, we are unable to predict what changes to HIPAA or other laws or regulations might be made in the future or how those changes could affect our business or the costs of compliance. For example, in 2018, the HHS Office for Civil Rights published a Request for Information in the Federal Register seeking comments on several areas in which HHS is considering making both minor and significant modifications to the HIPAA privacy and security standards to, among other things, improve care coordination. We are unable to predict what, if any, impact the changes in such standards will have on our compliance costs or our product and service offerings. We will also require large sets of de-identified information to enable us to continue to develop AI algorithms that enhance our product and service offerings. If we are unable to secure these rights in Client BAAs or because of any future changes to HIPAA or other applicable laws, we may face limitations on the use of PHI and our ability to use de-identified information that could negatively affect the scope of our product and service offering as well as impair our ability to provide upgrades and enhancements to our services. We outsource important aspects of the storage and transmission of client and member information, and thus rely on third parties to manage functions that have material cyber-security risks. We attempt to address these risks by requiring outsourcing subcontractors who handle client information to sign BAAs contractually requiring those subcontractors to adequately safeguard PHI in a similar manner that applies to us and in some cases by requiring such outsourcing subcontractors to undergo third-party security examinations as well as to protect the confidentiality of other sensitive client information. In addition, we periodically hire third-party security experts to assess and test our security measures. However, we cannot be assured that these contractual measures and other safeguards will adequately protect us from the risks associated with the storage and transmission of client proprietary information and PHI. Centers for Medicare and Medicaid Services ("CMS") takes the position that an electronic fund transfer ("EFT") payment to a health care provider is a "standard transaction" under HIPAA. As a "standard transaction", these provider payments may be subject to certain limitations on the fees that may be charged for an EFT payment transaction with a health care provider. We outsource important aspects of our EFT payments to health care providers and thus rely on third parties to manage the EFT transactions and assure that the fees charged comply with HIPAA. The application of HIPAA to EFT payments is complex, and their application to specific value-added services for health care providers may not be clear. Our failure to accurately anticipate the application of HIPAA's fee restrictions on certain standard transactions could create significant liability for us, resulting in negative publicity, and material adverse effect on our business and operating results. In addition to the HIPAA privacy and security standards, most states have enacted patient confidentiality laws that protect against the disclosure of confidential medical and other personally identifiable information ("PII") and many states have adopted or are considering new privacy laws, including legislation that would mandate new privacy safeguards, security standards, and data security breach notification requirements. Such state laws, if more stringent than HIPAA requirements, are not preempted by the federal requirements, and we are required to comply with them. In addition, the Federal Trade Commission, and analogous state agencies, may apply consumer protection laws to the context of data privacy. For example, the Federal Trade Commission has sanctioned companies for unfair trade practices when they failed to implement adequate security protection measures for sensitive personal information, or when they provided inadequate disclosures to consumers about the expansive scope of data mined from consumer activity. Failure by us to comply with any of the federal and state standards regarding patient privacy and/or privacy more generally may subject us to penalties, including significant civil monetary penalties and, in some circumstances, criminal penalties. In addition, such failure may injure our reputation and adversely affect our ability to retain clients and attract new clients. Even an unsuccessful challenge by regulatory authorities of our activities could result in adverse publicity and could require a costly response from us. - Anti-Kickback and Anti-Bribery Laws. There are federal and state laws that prohibit payment for patient referrals, patient brokering, remuneration of Members, or billing based on referrals between individuals or entities that have various financial, ownership, or other business relationships with healthcare providers. In particular, the federal Anti-Kickback law prohibits offering, paying, soliciting, or receiving anything of value, directly or indirectly, for the referral of members covered by Medicare, Medicaid, and other federal healthcare programs or the leasing, purchasing, ordering, or arranging for or recommending the lease, purchase, or order of any item, good, facility, or service covered by these programs. A person or entity does not need to have actual knowledge of the statute or specific intent to violate it to have committed a violation. Some enforcement activities focus on below or above market payments for federally reimbursable health care items or services as evidence of the intent to provide a kickback. Many states also have similar anti-kickback laws, some of which are applicable to all patients and that are not necessarily limited to items or services for which payment is made by a federal healthcare program. In addition, the federal physician self-referral prohibition -?the Stark Law?-?is very complex in its application and prohibits physicians (and certain other healthcare professionals) from making a referral for a designated health service to a provider in which the referring healthcare professional (or spouse or any immediate family member) has a financial or ownership interest, unless an enumerated exception applies. The Stark Law also prohibits the billing for services rendered resulting from an impermissible referral. Many states also have similar anti-referral laws that are not necessarily limited to items or services for which payment is made by a federal healthcare program and may include patient disclosure requirements. Moreover, both federal and state laws prohibit bribery and similar behavior. Any determination by a state or federal regulatory agency that we or any of our clients, vendors, or partners violate or have violated any of these laws could subject us to significant civil or criminal penalties, require us to change or terminate some portions of our business, require us to refund portions of our services fees, subject us to additional reporting requirements and oversight under a corporate integrity agreement or similar agreement to resolve allegations of noncompliance with these laws, cause us to be disqualified from serving clients doing business with government payers, and have an adverse effect on our business. Even an unsuccessful challenge by regulatory authorities of our activities could result in adverse publicity and could require a costly response from us. - Corporate Practice of Medicine Laws and Fee-Splitting Laws. Many states have enacted laws prohibiting physicians from practicing medicine in partnership with non-physicians, such as business corporations. In addition, many states prohibit certain licensed professionals, such as physicians, from splitting professional fees with non-licensees. As we do not engage in the practice of medicine, we do not contract with providers to render medical care, and we do not split fees with any medical professionals, we do not believe these laws restrict our business. Our activities involve only monitoring and analyzing historical claims data, including our Members' interactions with licensed healthcare professionals, and recommending the most suitable healthcare providers and/or sources of treatment. We do not provide medical prognosis or healthcare. In accordance with various states' corporate practice of medicine laws and states' laws and regulations which define the practice of medicine, our call center staff are prohibited from providing Members with any evaluation of any medical condition, diagnosis, prescription, care and/or treatment. Rather, our call center staff can only provide Members with general and publicly available information that is non-specific to the Members' medical conditions and statistical information about the prevalence of medical conditions within certain populations or under certain circumstances. Our call center staff do not discuss Members' individual medical conditions and are prohibited from asking Members for any additional PHI as such term is defined under HIPAA. Our call center staff have been trained and instructed to always inform Members that they are not licensed medical professionals, are not providing medical advice, and that Members should reach out to their medical provider for any medical advice. - Medical professional regulation. The practice of most healthcare professions requires licensing under applicable state law. In addition, the laws in some states prohibit business entities from practicing medicine. In the future, we may contract with physicians, nurses, and nurse practitioners, who will assist our clients with the clients' care coordination, care management, population health management, and patient safety activities that do not constitute the practice of medicine. We do not intend to provide medical care, treatment, or advice. However, any determination that we are acting in the capacity of a healthcare provider and acted improperly as a healthcare provider may result in additional compliance requirements, expense, and liability to us, and require us to change or terminate some portions of our business, including the use of licensed professionals to conduct the foregoing activities. - Medical Device Laws. The U.S. Food and Drug Administration ("FDA") may regulate medical or health-related software, including machine learning functionality and predictive algorithms, if such software falls within the definition of a "device" under the federal Food, Drug, and Cosmetic Act ("FDCA"). However, the FDA exercises enforcement discretion for certain low-risk software, as described in its guidance documents for Mobile Medical Applications, General Wellness: Policy for Low-Risk Devices, and Medical Device Data Systems, Medical Image Storage Devices, and Medical Image Communications Devices. In addition, in December of 2016, President Obama signed into law the 21st Century Cures Act, which included exemptions for certain medical-related software, including software used for administrative support functions at a healthcare facility, software intended for maintaining or encouraging a healthy lifestyle, electronic health record ("EHR software"), software for transferring, storing, or displaying medical device data or in vitro diagnostic data, and certain clinical decision support software. The FDA has also issued draft guidance documents to clarify how it intends to interpret and apply the new exemptions under the 21st Century Cures Act. Although we believe that our software products are currently not subject to active FDA regulation, we continue to follow the FDA's developments in this area. There is a risk that the FDA could disagree with our determination or that the FDA could develop new final guidance documents that would subject our Product to active FDA oversight. If the FDA determines that any of our current or future analytics applications are regulated as medical devices, we would become subject to various requirements under the FDCA and the FDA's implementing regulations. Depending on the functionality and FDA classification of our analytics applications, we may be required to: - register and list our AI products with the FDA;- notify the FDA and demonstrate substantial equivalence to other products on the market before marketing our analytics applications;- submit a de novo request to the FDA to down-classify our analytics applications prior to marketing; or - obtain FDA approval by demonstrating safety and effectiveness before marketing our analytics applications. The FDA can impose extensive requirements governing pre- and post-market conditions, such as service investigation and others relating to approval, labeling, and manufacturing. In addition, the FDA can impose extensive requirements governing software development controls and quality assurance processes. The AI algorithm has undergone testing to follow the Quality System regulation (that includes camp's) (good manufacturing practices) and quality controls in the design, development, AI training and testing. Marpai AI algorithms have been validated by our R&D team to determine generalizability, accuracy and reliability and are monitored carefully. Additionally, the algorithms were trained on large, diverse patient datasets to ensure they are not biased and that they perform as assumed across diverse sets of patients and settings. The regulatory landscape is evolving, and the FDA is in the process of issuing a comprehensive guidance on AI software which may change how our product is regulated. Many states have licensing and other regulatory requirements requiring licensing of businesses which provide medical review services. These laws typically establish minimum standards for qualifications of personnel, confidentiality, internal quality control, and dispute resolution procedures. To the extent we are governed by these regulations, these regulatory programs may result in increased costs of operation for us, which may have an adverse impact upon our ability to compete with other available alternatives for healthcare cost control. In addition, new laws regulating the operation of managed care provider networks have been adopted by several states. These laws may apply to managed care provider networks we have contracts with. To the extent we are governed by these regulations, we may be subject to additional licensing requirements, financial and operational oversight and procedural standards for beneficiaries and providers. These laws and regulations may change rapidly, and it is frequently unclear how they apply to our business. Any failure of our products or services to comply with these laws and regulations could result in substantial civil or criminal liability and could, among other things, adversely affect demand for our services, force us to expend significant capital, research and development, and other resources to address the failure, invalidate all or portions of some of our contracts with our clients, require us to change or terminate some portions of our business, require us to refund portions of our revenue, cause us to be disqualified from serving clients doing business with government payers, and give our clients the right to terminate our contracts with them, any one of which could have an adverse effect on our business. Additionally, the introduction of new services may require us to comply with additional, yet undetermined, laws and regulations. The security measures that we and our third-party vendors and subcontractors have in place to ensure compliance with privacy and data protection laws may not protect our facilities and systems from security breaches, acts of vandalism or theft, computer viruses, misplaced or lost data, programming and human errors, or other similar events. Under the HITECH Act, as a business associate, we may also be liable for privacy and security breaches and failures of our subcontractors, in addition to those that may be caused by us. Even though we provide for appropriate protections through our agreements with our subcontractors, we still have limited control over their actions and practices. A breach of privacy or security of individually identifiable health information by a subcontractor may result in an enforcement action, including criminal and civil liability, against us. We are not able to predict the extent of the impact such incidents may have on our business. Our failure to comply may result in criminal and civil liability because the potential for enforcement action against business associates is now greater. Enforcement actions against us could be costly and could interrupt regular operations, which may adversely affect our business. While we have not received any notices of violation of the applicable privacy and data protection laws and believe we are in compliance with such laws, there can be no assurances that we will not receive such notices in the future or suffer a breach. Any failure or perceived failure by us to comply with federal or state laws or regulations, industry standards, or other legal obligations, or any actual or suspected security incident, whether or not resulting in unauthorized access to, or acquisition, release, or transfer of personally identifiable information or other data, may result in governmental enforcement actions and prosecutions, private litigation, fines, and penalties or adverse publicity and could cause our clients to lose trust in us, which could have an adverse effect on our reputation and business. We may be unable to make such changes and modifications in a commercially reasonable manner or at all, and our ability to develop new products and features could be limited. Any of these developments could harm our business, financial condition, and results of operations. Privacy and data security concerns, whether valid or not valid, may inhibit market adoption of our platform.

Production

Total Risks: 2/23 (9%)Below Sector Average

Supply Chain2 | 8.7%

Supply Chain - Risk 1

We employ third-party licensed software and software components for use in or with our member guidance program, and the inability to maintain these licenses or the presence of errors in the software we license could limit the functionality of our member guidance program and result in increased costs or reduced service levels, which would adversely affect our business.

Our software applications might incorporate or interact with certain third-party software and software components (other than open-source software), such as claims processing software, obtained under licenses from other companies. We pay these third parties a license fee or royalty payment. We anticipate that we will continue to use such third-party software in the future. Although we believe that there are commercially reasonable alternatives to the third-party software, we currently make available, this may not always be the case, or it may be difficult or costly to replace. Furthermore, these third parties may increase the price for licensing their software, which could negatively impact the results of operations. Our use of additional or alternative third-party software could require clients to enter into license agreements with third parties. In addition, if the third-party software we make available has errors or otherwise malfunctions, or if the third-party terminates its agreement with us, the functionality of our member guidance program may be negatively impacted, and our business may suffer.

Supply Chain - Risk 2

We rely on third-party providers, including Amazon Web Services, for computing infrastructure, network connectivity, and other technology-related services needed to deliver our service offerings. Any disruption in the services provided by such third-party providers could adversely affect our business and subject us to liability.

Our member guidance program is hosted from and use computing infrastructure provided by third parties, including Amazon Web Services, and other computing infrastructure service providers. Our computing infrastructure service providers have no obligation to renew their agreements with us on commercially reasonable terms or at all. If we are unable to renew these agreements on commercially reasonable terms, or if one of our computing infrastructure service providers is acquired, we may be required to transition to a new provider and we may incur significant costs and possible service interruption in connection with doing so. Problems faced by our computing infrastructure service providers, including those operated by Amazon Web Services, could adversely affect the experience of our Clients. Amazon Web Services has also had and may in the future experience significant service outages. Additionally, if our computing infrastructure service providers are unable to keep up with our growing needs for capacity, this could have an adverse effect on our business. For example, a rapid expansion of our business could affect our service levels or cause our third-party hosted systems to fail. Our agreements with third-party computing infrastructure service providers may not entitle us to service level credits that correspond with those we offer to our Clients. Any changes in third-party service levels at our computing infrastructure service providers, or any related disruptions or performance problems with our product and service offering, could adversely affect our reputation and may damage our clients' stored files, result in lengthy interruptions in our services, or result in potential losses of client data. Interruptions in our services might reduce our revenue, cause us to issue refunds to clients for prepaid and unused subscriptions, subject us to service level credit claims and potential liability, allow our clients to terminate their contracts with us, or adversely affect our renewal rates.

Ability to Sell

Total Risks: 1/23 (4%)Below Sector Average

Demand1 | 4.3%

Demand - Risk 1

Added

Currently, our revenues are concentrated with one major customer and our revenues may decrease significantly if we were to lose our major customer.

Due to our limited operating history, we have a limited customer base and have depended on a major customer for a significant portion of our revenue. For the three month periods ended September 30, 2024 and 2023, we had one customer that accounted for 14.6% and 11.3% of total revenue, respectively. For the nine month periods ended September 30, 2024 and 2023, we had one customer that had 15.4% and 10.9% of total revenue, respectively. At September 30, 2024, two customers accounted for 51.4%, and 11.3% of accounts receivable. At December 31, 2023, two customers accounted for 16.6% and 14.0% of accounts receivable. If our major customers were to terminate their agreement with us, or if we fail to adequately perform under our agreement, and if we are unable to diversify our customer base, our revenue could decline, and our results of operations could be adversely affected.

See a full breakdown of risk according to category and subcategory. The list starts with the category with the most risk. Click on subcategories to read relevant extracts from the most recent report.

FAQ

What are “Risk Factors”?

Risk factors are any situations or occurrences that could make investing in a company risky.

The Securities and Exchange Commission (SEC) requires that publicly traded companies disclose their most significant risk factors. This is so that potential investors can consider any risks before they make an investment.

They also offer companies protection, as a company can use risk factors as liability protection. This could happen if a company underperforms and investors take legal action as a result.

It is worth noting that smaller companies, that is those with a public float of under $75 million on the last business day, do not have to include risk factors in their 10-K and 10-Q forms, although some may choose to do so.

How do companies disclose their risk factors?

Publicly traded companies initially disclose their risk factors to the SEC through their S-1 filings as part of the IPO process.

Additionally, companies must provide a complete list of risk factors in their Annual Reports (Form 10-K) or (Form 20-F) for “foreign private issuers”.

Quarterly Reports also include a section on risk factors (Form 10-Q) where companies are only required to update any changes since the previous report.

According to the SEC, risk factors should be reported concisely, logically and in “plain English” so investors can understand them.

How can I use TipRanks risk factors in my stock research?

Use the Risk Factors tab to get data about the risk factors of any company in which you are considering investing.

You can easily see the most significant risks a company is facing. Additionally, you can find out which risk factors a company has added, removed or adjusted since its previous disclosure. You can also see how a company’s risk factors compare to others in its sector.

Without reading company reports or participating in conference calls, you would most likely not have access to this sort of information, which is usually not included in press releases or other public announcements.

A simplified analysis of risk factors is unique to TipRanks.

What are all the risk factor categories?

TipRanks has identified 6 major categories of risk factors and a number of subcategories for each. You can see how these categories are broken down in the list below.

1. Financial & Corporate

Accounting & Financial Operations - risks related to accounting loss, value of intangible assets, financial statements, value of intangible assets, financial reporting, estimates, guidance, company profitability, dividends, fluctuating results.
Share Price & Shareholder Rights – risks related to things that impact share prices and the rights of shareholders, including analyst ratings, major shareholder activity, trade volatility, liquidity of shares, anti-takeover provisions, international listing, dual listing.
Debt & Financing – risks related to debt, funding, financing and interest rates, financial investments.
Corporate Activity and Growth – risks related to restructuring, M&As, joint ventures, execution of corporate strategy, strategic alliances.

2. Legal & Regulatory

Litigation and Legal Liabilities – risks related to litigation/ lawsuits against the company.
Regulation – risks related to compliance, GDPR, and new legislation.
Environmental / Social – risks related to environmental regulation and to data privacy.
Taxation & Government Incentives – risks related to taxation and changes in government incentives.

3. Production

Costs – risks related to costs of production including commodity prices, future contracts, inventory.
Supply Chain – risks related to the company’s suppliers.
Manufacturing – risks related to the company’s manufacturing process including product quality and product recalls.
Human Capital – risks related to recruitment, training and retention of key employees, employee relationships & unions labor disputes, pension, and post retirement benefits, medical, health and welfare benefits, employee misconduct, employee litigation.

4. Technology & Innovation

Innovation / R&D – risks related to innovation and new product development.
Technology – risks related to the company’s reliance on technology.
Cyber Security – risks related to securing the company’s digital assets and from cyber attacks.
Trade Secrets & Patents – risks related to the company’s ability to protect its intellectual property and to infringement claims against the company as well as piracy and unlicensed copying.

5. Ability to Sell

Demand – risks related to the demand of the company’s goods and services including seasonality, reliance on key customers.
Competition – risks related to the company’s competition including substitutes.
Sales & Marketing – risks related to sales, marketing, and distribution channels, pricing, and market penetration.
Brand & Reputation – risks related to the company’s brand and reputation.

6. Macro & Political

Economy & Political Environment – risks related to changes in economic and political conditions.
Natural and Human Disruptions – risks related to catastrophes, floods, storms, terror, earthquakes, coronavirus pandemic/COVID-19.
International Operations – risks related to the global nature of the company.
Capital Markets – risks related to exchange rates and trade, cryptocurrency.

Become an Expert with TipRanks Premium

What am I Missing?

Make informed decisions based on Top Analysts' activity

Know what industry insiders are buying

Get actionable alerts from top Wall Street Analysts

Find out before anyone else which stock is going to shoot up

Get powerful stock screeners & detailed portfolio analysis

Subscribe Now See Plans & Pricing