Insight Enterprises (NSIT) Risk Analysis

To protect our intellectual property, we rely on copyright, trademark and trade secret laws, unpatented proprietary know-how, and patents, as well as confidentiality, invention assignment, non-solicitation and non-competition agreements. There can be no assurance that these measures will afford us sufficient protection of our intellectual property, and it is possible that third parties may copy or otherwise obtain and use our proprietary information without authorization or otherwise infringe on our intellectual property rights. The disclosure of our trade secrets could impair our competitive position and could have a material adverse effect on our business, financial condition and results of operations. In addition, our registered trademarks and trade names are subject to challenge by third parties. This may impact our ability to continue using those marks and names. Likewise, many businesses are actively investing in, developing and seeking protection for intellectual property in the areas of search, indexing, e-commerce and other Web-related technologies, as well as a variety of on-line business models and methods, all of which are in addition to traditional research and development efforts for IT products and application software, and non-practicing entities continue to invest in acquiring patent portfolios for the purpose of turning the portfolios into income-generating assets, whether through licensing campaigns or litigation. If there is a determination that we have infringed the proprietary rights of others, we could incur substantial monetary liability, be forced to stop selling infringing products or providing infringing services, be required to enter into costly royalty or licensing agreements, if available, or be prevented from using the rights, which could force us to change our business practices or hardware, software or services offerings in the future. These types of claims and challenges could have a material adverse effect on our business, financial condition and results of operations.

We are dependent upon automated information technology processes. Privacy, security, and compliance concerns have continued to increase as technology has evolved to facilitate commerce and as cross-border commerce increases. As part of our normal business activities, we collect and store or have access to certain proprietary confidential, and personal information, including information about teammates and information about partners, vendors, and clients which may be entitled to protection under a number of regulatory regimes. In the course of normal and customary business practice, we may share some of this information with vendors and partners who assist us with certain aspects of our business. Moreover, the success of our operations depends upon the secure transmission of confidential and personal data over public networks, including the use of cashless payments. The protection and security of our network systems, our clients' systems, applications, and platforms to which we have access, and our own information, as well as information relating to our clients, partners, vendors, and teammates, is vitally important to us as the compromise, loss, theft, misuse, or unauthorized access to such networks or information could lead to significant reputational or competitive harm, result in litigation involving us or our business partners, expose us to regulatory proceedings, and cause us to incur substantial liability or expenses. As with many other businesses, we, our third-party service providers and a number of our vendors have been and are continually subject to cyberattacks and the risk of data security incidents, the frequency, intensity, and sophistication of which continue to increase year over year. Due to the constant risk of these types of attacks and incidents, we expend significant resources on information technology and data security tools, measures, and processes designed to protect our networks, systems, services, and the personal, confidential or proprietary information in our possession, and to ensure an effective response to any cyber-attack or data security incident. We have privacy and data security policies in place that are designed to detect, prevent, and/or mitigate cyberattacks and data security incidents. Whether or not these policies, tools, and measures are ultimately successful, the expenditures could have an adverse impact on our financial condition and results of operations, and divert management's attention from pursuing our strategic objectives. As newer technologies evolve, and the portfolio of the service providers we share confidential information with grows, we could be exposed to increased risks from cyberattacks, data security events, and data breaches, including those from human error, negligence or mismanagement or from illegal or fraudulent acts. Although we take the security of our network systems and information very seriously, there can be no assurance that the security measures we employ will effectively prevent unauthorized persons from obtaining unauthorized access to our systems and information due to the evolving nature and intensity of cyberattacks and threats to data security. New and sophisticated tools and methods are constantly being developed by criminals and cyber terrorists to penetrate and compromise systems, including computer viruses, malware, ransomware, phishing, misrepresentation, social engineering and forgery, which make it increasingly challenging to anticipate, harder to detect, and more difficult to adequately mitigate these risks. Malicious individuals, organizations, and nation-state threat actors have and may continue to attempt to penetrate or compromise our network systems, the products we sell, or services we and our third-party contractors provide in order to access, acquire, misappropriate, disclose, alter, or otherwise compromise our teammates', clients', and partners' proprietary, confidential, technical business, and/or personal information in our possession or to which we have access, create system disruptions, cause system or operations shutdowns or perpetrate secondary attacks against our clients, partners, and teammates. Such individuals or organizations also may develop or deploy viruses, worms, ransomware or otherwise exploit security vulnerabilities of our systems or our product offerings, or attempt to fraudulently induce our employees, clients or others to disclose passwords or other sensitive information or unwittingly provide access to our systems, data, or client environments. Any failure on the part of us, our third-party service providers or our vendors to maintain the security of our network systems and the proprietary, confidential, and personal data in our possession, including via the penetration of our network security and attempted or actual misappropriation, disclosure, alteration, or compromise of proprietary, confidential and personal information, could disrupt the security of our systems and business applications, as well as impair our ability to provide services to our clients and protect the privacy of their data. These disruptions could further result in costly investigations and remediation, business disruption, damage to our reputation, financial obligations to third parties, fines, penalties, regulatory proceedings and private litigation with potentially large costs, and also result in deterioration in our teammates', partners' and clients' confidence in us and other competitive disadvantages, and thus could have a material adverse effect on our business, financial condition and results of operations. Some of the hardware and software products we resell could have defects, viruses, vulnerabilities, or otherwise be the subject of cyberattacks, data security events, or data breaches. We would consider the consequences of such attacks to be the responsibility of the respective manufacturers and publishers of such products, however, if such circumstances were to arise, we may be required to notify clients, regulators and individuals and thereby could be subject to litigation, regulatory inquiry, loss of business, and reputational harm.

We believe that our success to date has been, and future results of operations will be, dependent in large part upon our ability to provide prompt and efficient service to our clients. Our ability to provide that level of service is largely dependent on the ease of use, accuracy, quality and utilization of our IT systems, which impacts our ability to manage our sales, client service, distribution, inventories and accounting systems, and the reliability of our voice and data networks and managed services offerings. If our current technology is determined to have a shorter economic life or the value of our current system is impaired, or necessary improvements to our technology are significantly delayed, we could incur additional expense and/or charges. The continuing development of our IT systems is crucial for our success. Accordingly, some of our IT systems are subject to ongoing IT projects designed to streamline or optimize the information systems. In addition, a substantial interruption in our IT systems or in our voice and data networks, however caused, could occur and could have a material adverse effect on our business, financial condition and results of operations.

Competition in the industry is based on price, product availability, speed of delivery, credit availability, quality and breadth of product lines, and, increasingly, on the ability to provide services and tailor specific solutions to meet client needs. Many of our manufacturer and publisher partners are also our competitors, as many sell directly to business customers, particularly large enterprise and corporate customers. In addition to the manufacturers and publishers of products we sell, we compete with a large number and wide variety of providers and resellers of IT hardware, software and services. We believe our industry will see further consolidation as product resellers and direct marketers combine operations or acquire or merge with other resellers, service providers and direct marketers to increase efficiency, service capabilities and market share. Moreover, current and potential competitors have established or may establish cooperative relationships among themselves or with third parties to enhance their product and service offerings. Accordingly, it is possible that new competitors or alliances among competitors may emerge and acquire significant market share. The competitive landscape in which we operate continues to change as new technologies are developed. While innovation helps our business as it creates new offerings for us to sell, it can also disrupt our business model and create new and stronger competitors. For instance, while cloud-based solutions present an opportunity for us and make up a significant part of our business and future, cloud-based solutions and technologies developed by manufacturer and publisher partners are alternatively marketed directly to customers without utilizing solutions providers like us, which can reduce the volume of hardware, software or services we sell, leading to a reduction in our sales and/or profitability. Accordingly, we are dependent on continued innovations by our current vendor partners and our ability to partner with new and emerging technology providers. Generally, pricing competition is very aggressive in the industry, and we expect pricing pressures to continue. There can be no assurance that we will be able to negotiate prices as favorable as those negotiated by our competitors or that we will be able to offset the effects of price reductions with an increase in the number of clients, higher net sales, cost reductions or higher sales of services, which are typically at higher gross margins, or otherwise. Price reductions by our competitors that we either cannot or choose not to match could result in an erosion of our market share and/or reduced sales or, to the extent we match such reductions, could result in reduced operating margins or inventory impairment charges, any of which could have a material adverse effect on our business, financial condition and results of operations. Some of our competitors in each of our operating segments may have greater technical, marketing and other resources than we do. In addition, some of these competitors may be able to respond more quickly to new or changing opportunities, technologies and client requirements. Many current and potential competitors also may have greater name recognition and engage in more extensive promotional activities, offer more attractive terms to their customers and adopt more aggressive pricing policies than we do. Additionally, some of our competitors have higher margins and/or lower operating cost structures, allowing them to price more aggressively. There can be no assurance that we will be able to compete effectively with current or future competitors or that the competitive pressures we face will not have a material adverse effect on our business, financial condition and results of operations.

Our results of operations are influenced by a variety of factors, including the condition of the IT industry, shifts in demand for, or availability of, IT hardware, software, peripherals and services, and industry innovation and the introduction of new products and technologies. The IT industry is characterized by rapid technological change and the frequent introduction of new products and changing delivery channels and models, which can decrease demand for current products and services and can disrupt purchasing patterns. If we fail to react effectively and in a timely manner to such changes, we may experience lower sales and, with respect to hardware, as has occurred we may have to record write-downs of obsolete inventory. In addition, in order to satisfy client demand, protect ourselves against product shortages, obtain greater purchasing discounts and react to changes in original equipment manufacturers' terms and conditions, we may decide to carry inventory of products that may have limited or no return privileges. There can be no assurance that we will be able to avoid losses related to inventory obsolescence on these products. Additionally, if purchasing power within our clients shifts from centralized procurement functions to business units or individual end users and we are unable to react timely to any such changes, these shifts in purchasing power could have a material adverse effect on our business, financial conditions and results of operations. The cloud and "as-a-service" models are transforming the IT market and introducing new products, services and competitors to the market. In many cases, these new distribution models allow enterprises to obtain the benefits of commercially licensed, internally operated software with less complexity and lower initial set-up, operational and licensing costs, which increases competition for us. There can be no assurance that we will be able to adapt to, or compete effectively with, current or future distribution channels or competitors or that the competitive pressures we face will not have a material adverse effect on our business, financial condition and results of operations.

Revenue from public sector contracts is derived from sales to federal, state and local governmental entities, as well as to educational institutions, through open market sales and various contractual frameworks and programs. Non-compliance with requisite procurement, billing or ordinance-specific administrative rules,procedures, and processes could subject our contracts to protest or make them voidable regardless of whether we bear any responsibility for non-compliance. This could also subject us to debarment, suspension, or disqualification from doing business with governmental entities, and could also result in civil, criminal, and administrative liability. Public sector contracts can contain one-sided provisions and certifications in favor of public sector clients, including broad indemnification obligations, uncapped liability or liquidated damages obligations, which can impose financial risks that are beyond those associated with ordinary course commercial contracts with non-public sector clients. In addition, public sector contracts may be subject to audits and investigations by government agencies. Public sector contracts are generally terminable at any time for convenience and in some instances contracting agencies are subject to non-appropriation of funding which impairs their ability to pay us for multi-year contract obligations. Any of the foregoing or any other reduction in revenue from public sector clients could have a material adverse effect on our business, financial condition, and results of operations.

We rely on key management and qualified engineering, marketing, and sales teammates to execute our strategy to grow profitable market share. Competition for skilled and non-skilled workers in the IT industry is intense and there are risks of sustained labor shortages in key digital areas across various regions. If we are unable to continue to attract and retain highly qualified executives, management, sales, service and technical teammates, it could have a material adverse effect on our business, financial condition and results of operations. We make significant investments, and incur significant costs, in the recruitment and development of our leadership team, sales executives, solution architects, services engineers, project managers and other IT resources. If we are not able to retain such personnel or to train them quickly enough to meet changing market conditions, we could experience a drop in the overall quality and efficiency of our teammates, which could have a material adverse effect on our business, financial condition and results of operations. Furthermore, if we are unable to maintain an environment for teammates that is competitive and appealing, it could have an adverse effect on engagement and retention, and a material adverse effect on our business.

Weak economic conditions generally or any broad-based reduction in IT spending would adversely affect our business, operating results and financial condition. A prolonged slowdown in the global economy, including the possibility of recession or financial market instability or similar crisis, or in a particular region or business or industry sector, or the tightening of credit markets, could cause our clients to have difficulty accessing capital and credit sources, delay contractual payments, or delay or forgo decisions to upgrade or add to their existing IT environments, license new software or purchase products or services (particularly with respect to discretionary spending for hardware, software and services). Such events could have a material adverse effect on our business, financial condition and results of operations. Economic or industry downturns could result in longer payment cycles, increased collection costs and defaults in excess of our expectations. A significant deterioration in our ability to collect on accounts receivable could also impact the cost or availability of financing under our accounts receivable securitization program. Our sales to public sector clients are also impacted by government spending policies, government shutdowns, budget priorities and revenue levels. An adverse change in government spending policies (including budget cuts at the federal, state and local level), budget priorities or revenue levels could cause our public sector clients to reduce their purchases or to terminate or not renew their contracts with us. These possible actions or the adoption of new or modified procurement regulations or practices could have a material adverse effect on our business, financial position and results of operations. Worldwide economic conditions and market volatility as a result of political leadership in certain countries and other disruptions to global and regional economies and markets, including continuing increases in inflation and interest rates, the possibility of recession, or financial market instability, may impact future business activities. External factors, such as potential terrorist attacks, acts of war, geopolitical and social turmoil or epidemics and other similar outbreaks in many parts of the world, could prevent or hinder our ability to do business, increase our costs and negatively affect our stock price. More generally, these geopolitical, social and economic conditions could result in increased volatility in the United States and worldwide in financial markets and in the economy, as well as other adverse impacts. Potential impacts related to conflicts, such as those ongoing in Ukraine and Gaza, include further market disruptions, including significant volatility in commodity prices, credit and capital markets, supply chain and logistics disruptions, adverse global economic conditions resulting from escalating geopolitical tensions, volatility and fluctuations in foreign currency exchange rates and interest rates, inflationary pressures on raw materials and heightened cybersecurity threats, all of which could adversely impact our business, particularly our European operations.

Outside of the United States, we have operation centers in Armenia, Australia, Canada, France, Germany, India, the Netherlands, the Philippines, Ukraine and the United Kingdom, as well as sales offices throughout EMEA and APAC. In the regions in which we do not currently have a physical presence, we serve our clients through strategic relationships. In implementing our international strategy, we may face barriers to entry and competition from local companies and other companies that already have established global businesses, as well as the risks generally associated with conducting business internationally. The success and profitability of international operations are subject to numerous risks and uncertainties, many of which are outside of our control, such as: - political or economic instability, including the possibility of recession or financial market instability, or acts of war;- changes in governmental regulation or taxation (foreign and domestic);- currency exchange fluctuations;- changes in import/export laws, regulations, customs, duties and tariffs (foreign and domestic);- trade restrictions (foreign and domestic);- difficulties of conducting business, managing operations, and costs of staffing in certain foreign countries;- work stoppages or other changes in labor conditions;- taxes and other restrictions on repatriating foreign profits back to the United States;- extended payment terms;- seasonal reductions in business activity in some parts of the world; and - natural disasters, terrorism, civil unrest, public health issues such as pandemics or endemics and other geopolitical uncertainties. In addition, changes in policies and/or laws of the United States or foreign governments, including data privacy restrictions such as the General Data Protection Regulation ("GDPR") resulting in, among other changes, higher taxation, tariffs or similar protectionist laws, currency conversion limitations, limitations on business operations, or the nationalization of private enterprises could reduce the anticipated benefits of international operations and could have a material adverse effect on our business, financial condition and results of operations. We have currency exposure arising from both sales and purchases denominated in foreign currencies, including intercompany transactions outside the United States. International operations also expose us to currency fluctuations as we translate the financial statements of our foreign operations to the U.S. dollar, which has been very strong in recent years in foreign currency exchange rates and which has, at times, adversely impacted our results of operations and cash flows from our operations in EMEA. In addition, some currencies may be subject to limitations on conversion into other currencies, which can limit the ability to otherwise react to rapid foreign currency devaluations. While we currently engage in certain hedging activities to limit our exposure to currency fluctuations, we cannot predict with precision the effect of future exchange-rate fluctuations, and significant rate fluctuations could have a material adverse effect on our business, financial condition and results of operations.

We have warehouse and distribution facilities in the United States and Canada and in the United Kingdom and Germany. If the warehouse and distribution equipment at one of our distribution centers were to be seriously damaged, or negatively impacted, by a natural disaster, act of terrorism, or public health issue or other adverse occurrence, we could utilize another distribution center or third-party distributors to ship products to our clients. However, this may not be sufficient to avoid interruptions in our service and may not enable us to meet all of the needs of our clients and would cause us to incur incremental operating costs. In addition, we operate numerous sales offices which may contain both business-critical data and confidential information of our clients. A natural disaster, act of terrorism, or public health issue or other adverse occurrence at any of our major sales offices could also negatively impact our business, results of operations or cash flows.

We are party to various legal proceedings that arise in the ordinary course of our business, which include commercial, employment, tort and other litigation. Because of our significant sales to governmental entities, we also are subject to audits by federal, state, international, national, provincial and local authorities in the ordinary course of our business. We also are subject to and currently engaged in audits by various vendor partners and large clients, including government agencies, relating to purchases and sales under various contracts. In addition, we are subject to indemnification claims under various contracts. Current and future litigation, infringement claims, governmental proceedings and investigations, audits or indemnification claims that we face may result in substantial costs and expenses and significantly divert the attention of our management regardless of the outcome. Additionally, our operations are subject to numerous U.S. and foreign laws and regulations in a number of areas including areas of labor and employment, advertising, e-commerce, tax, import and export requirements, anti-corruption, data privacy requirements, including data privacy restrictions such as the GDPR or the California Consumer Privacy Act ("CCPA"), data breach notification laws, and certain data security regulations, anti-competition, and environmental, health, and safety. Compliance with these laws, regulations and similar requirements may be onerous and expensive, and they may be inconsistent from jurisdiction to jurisdiction, further increasing the cost of compliance and doing business, and the risk of noncompliance. We have implemented policies and procedures designed to help ensure compliance with applicable laws and regulations, but there can be no guarantee against teammates, contractors, or agents violating such laws and regulations or our policies and procedures.

We conduct business globally and file tax returns in various U.S. and foreign tax jurisdictions. Our effective income tax rate could be adversely affected by various factors, many of which are outside of our control, including: - changes in pre-tax income in various jurisdictions in which we operate that have differing statutory tax rates;- increases in corporate tax rates and the availability of deductions or credits in the United States and elsewhere;- changes in tax laws, regulations, and/or interpretations of such tax laws in multiple jurisdictions, including but not limited to U.S. federal and state regulations or interpretations and enforcement trends;- tax effects related to acquisition accounting; and - resolutions of issues arising from tax examinations and any related interest or penalties. The determination of our worldwide provision for income taxes and other tax liabilities requires estimation, judgment and complex calculations in situations where the ultimate tax determination may not be certain. Our determination of tax liabilities is always subject to review or examination by tax authorities in various jurisdictions. Any adverse outcome of such review or examination could have a material adverse effect on our financial condition and results of operations.