P10 Holdings (PX) Risk Analysis

The Tax Cuts and Jobs Act, or the TCJA, enacted on December 22, 2017, significantly affected U.S. tax law, including by changing how the U.S. imposes tax on certain types of income of corporations and by reducing the U.S. federal corporate income tax rate to 21%. It also imposed new limitations on several tax benefits, including deductions for business interest, use of NOL carryforwards, taxation of foreign income, and the foreign tax credit, among others. The CARES Act, enacted on March 27, 2020, in response to the COVID-19 pandemic, further amended the U.S. federal tax code, including in respect of certain changes that were made by the TCJA, generally on a temporary basis. There can be no assurance that future tax law changes will not increase the rate of the corporate income tax significantly, impose new limitations on deductions, credits or other tax benefits, or make other changes that may adversely affect our business, cash flows or financial performance. In addition, the IRS has yet to issue guidance on a few important issues regarding the changes made by the TCJA and the CARES Act. In the absence of such guidance, we will take positions with respect to several unsettled issues. There is no assurance that the IRS or a court will agree with the positions taken by us, in which case tax penalties and interest may be imposed that could adversely affect our business, cash flows or financial performance. Changes in tax laws or regulations, or the interpretation thereof, tax policy initiatives and reforms under consideration and the practices of tax authorities could adversely affect us. Such changes may include (but are not limited to) the tax rate applicable to operating income, investment income, dividends received or (in the specific context of withholding tax) dividends paid, or the taxation of partnerships and other passthrough entities. For example, in August 2022, the U.S. enacted a 1% excise tax on stock buybacks by public companies and a 15% alternative minimum tax on adjusted financial statement income as part of the Inflation Reduction Act of 2022. We are unable to predict what tax reform may be proposed or enacted in the future or what effect such changes would have on our business, but such changes could affect our financial position and overall or effective tax rates in the future, reduce after-tax returns to our stockholders, and increase the complexity, burden and cost of tax compliance. If our effective tax rate increases, our operating results and cash flow could be adversely affected. Our effective income tax rate can vary significantly between periods due to a few complex factors including, but not limited to, projected levels of taxable income, tax audits conducted and settled by tax authorities, and adjustments to income taxes upon finalization of income tax returns.

We are subject to numerous data privacy and protection obligations such as various federal, state, local and foreign laws, regulations and guidance; industry standards; external and internal privacy notices and policies; contracts; and other obligations that apply to the collection, transmission, storage, use and other processing of personal information by us and on our behalf. These obligations may change, are subject to differing interpretations and may be inconsistent among relevant jurisdictions in which we operate or from which we collect personal information. The data privacy and protection landscape continues to evolve in jurisdictions worldwide, and there has been an increasing focus on data privacy and protection issues with the potential to impact our business. This evolution may create uncertainty in our business; affect us or our collaborators', service providers', and others' ability to operate in certain jurisdictions or to collect, store, transfer, use, share and otherwise process personal information; necessitate the acceptance of more onerous obligations in our contracts; cause us to modify our business operations; result in liabilities; or otherwise impose additional compliance costs on us. The cost of compliance with these obligations is high and is likely to increase in the future, and includes a series of operational measures such as: preparing data maps or records of our sources, usage, storage and sharing of personal information; maintaining and updating detailed disclosures in our privacy policies; conducting risk assessments for the use of sensitive personal information; ensuring we have adequate data security measures to protect personal information; auditing the data security of our service providers; and establishing mechanisms to respond to consumers' data access, deletion, portability, and opt-out requests.. Although we endeavor to comply with all applicable data privacy and protection obligations, we may at times fail to do so or may be perceived to have failed to do so. Moreover, despite our efforts, we may not be successful in achieving compliance if our personnel or third parties upon whom we rely fail to comply with such obligations. For example, any failure by a service provider to comply with applicable data privacy or protection law, regulations, contractual or other obligations could result in adverse impacts against us. If we fail, or are perceived to have failed, to address or comply with data privacy and protection obligations, we could face significant consequences. These consequences may include, but are not limited to, government enforcement actions (e.g., investigations, fines, penalties, audits, inspections and similar activities); litigation (including class-related claims); additional reporting requirements and/or oversight; bans on processing personal information; orders to destroy or not use personal information; imprisonment of company officials; public censure; damage to our reputation; loss of revenue and profits; loss of goodwill; and other adverse business impacts, any of which could materially and adversely affect our business, financial condition and results of operations. In the U.S., there are numerous U.S. federal and state laws and regulations relating to personal information privacy and protection. For example, at a federal level, we may be subject to the Gramm-Leach-Bliley Act ("GLBA") that applies to financial institutions and requires regulated entities to implement and maintain certain data privacy and security safeguards. In addition, the SEC recently changed its disclosure requirements regarding cybersecurity risk management, strategy, governance and incident reporting. These changes require companies to investigate all cybersecurity incidents without unreasonable delay, determine their level of materiality, and report specific details about any material cybersecurity incidents in a separate filing within four business days. These changes also require additional information in annual disclosures regarding companies' cybersecurity risk management and reporting processes, as well as the cybersecurity expertise of relevant personnel and third-party service providers or auditors. At the state level, certain states have enacted comprehensive laws governing personal information of consumers, employees and business representatives. For example, we may be subject to the California Consumer Privacy Act ("CCPA"), as amended. The CCPA, similar to other state privacy laws, imposes obligations that include, but are not limited to, providing specific disclosures in privacy notices and affording residents certain rights related to their personal information. The CCPA allows for statutory fines for noncompliance and provides that a new government agency may implement and enforce the CCPA which could increase the risk of an enforcement action. Colorado, Virginia, Utah, and Connecticut also passed comprehensive privacy laws, modeled in part after the CCPA, that took effect in 2023. Eight other states have passed similar privacy laws that will take effect between 2024 and 2026, including Texas, Delaware, Oregon, Tennessee, Iowa, Indiana, New Jersey, and Montana. Failure to comply with these privacy laws can result in civil penalties. These state privacy laws have some provisions and requirements similar to the CCPA. However, preparing to comply with the varying requirements of these laws has already subjected us to costs and legal fees and will subject us to additional costs and risks as they take effect. For example, these laws may limit the ways in which we may use certain categories of personal information, may require us to obtain additional permissions from individuals, and may require revision of our contracts with service providers with whom we share personal information. While these state privacy laws may contain limited exceptions for financial institutions subject to, for example, the GLBA, these laws' implementation standards and enforcement practices are likely to remain uncertain for the foreseeable future. If we are or may become subject to state data privacy laws, the risk of enforcement actions against us could increase because we may be subject to additional obligations, and the number of individuals or entities that can initiate actions against us may increase (including individuals via a private right of action and state actors). Further, certain state laws may be more stringent or broader in scope, or offer greater individual rights, with respect to personal information than federal, foreign or other state laws, and such laws may differ from each other, which may complicate our compliance efforts. In addition, 50 U.S. states, the District of Columbia and certain other foreign jurisdictions have enacted data breach notification laws that may require us to notify investors, employees, regulators and others in the event of a security breach (for example, unauthorized access to or disclosure of personal information experienced by us or our service providers). These laws may not be consistent, and compliance in the event of a widespread data breach may be difficult and costly. We may also be contractually required or otherwise obligated to notify investors and others of a security breach. Although we may have contractual protections against our service providers should they experience a security breach, any actual or perceived security breach could harm our reputation and brand, expose us to potential liability and require us to expend significant resources on data security as well as in responding to any such actual or perceived breach. Any contractual protections we may have against relevant counterparties may not be sufficient to protect adequately us from any such liabilities and losses, and we may be unable to enforce any such contractual protections. Internationally, many jurisdictions have established their own data privacy and protection legal frameworks with which we may need to comply. For example, the EU GDPR imposes strict requirements on the processing of personal information. Under the EU GDPR, government regulators may impose temporary or definitive bans on personal information processing. Potential monetary fines for noncompliance with the EU GDPR are significant - up to the greater of €20 million or 4% of global turnover. The EU GDPR provides that EU member states may introduce further conditions, including limitations, to make their own further laws and regulations limiting the processing of personal information which could limit our ability to collect, use and share European personal information, or could cause our compliance costs to increase, ultimately having an adverse impact on our business, and harm our business and financial condition. The United Kingdom adopted its own General Data Protection Regulation that has similar provisions, requirements, and penalties for non-compliance as the EU GDPR. Certain jurisdictions, including the EU, UK and China, have enacted data localization laws and cross-border personal information transfer laws, which may make it more difficult to transfer personal information across jurisdictions (such as transferring or receiving personal information that originates in the EU or in other foreign jurisdictions). Existing mechanisms that facilitate cross-border personal information transfers may change or be invalidated. If we cannot implement and maintain valid compliance mechanisms for cross-border personal information transfers, we may face increased exposure to regulatory actions, substantial fines and injunctions against processing or transferring personal information from Europe or elsewhere. We may have to implement different personal information processing activities to address these data localization and cross-border personal information transfer laws. As we expand into countries and jurisdictions outside the U.S., we may be subject to additional data privacy and protection laws and regulations that may affect how we conduct business.

Our revenue is comprised virtually entirely of management and advisory fees from our registered investment adviser subsidiaries (each, an "Adviser"), with the vast majority of fees earned on committed capital that is typically subject to between 10 and 15 year lock up agreements, although in many cases, the contractual fees decline over the period, after the investment period of three to five years ends. Our investors engage us across multiple private markets solutions through different vehicles, including primary investment funds, direct and co-investment funds and secondary funds. Primary investment funds and direct and co-investment funds include both commingled investment vehicles with multiple investors as well as customizable separate accounts, which typically include one customer. Our revenue in any given period is dependent on the number of fee-paying investors in such period. For our specialized, commingled funds, our fees may terminate if we are removed for certain cause events such as a key person event or without cause by a super majority of investors. Our customized separate account and advisory account business operates in a highly competitive environment. While clients of our separate account and advisory account businesses may have multi-year contracts, certain of these contracts only provide for fees to the extent a client elects to make an investment. In addition, the separate accounts and advisory contracts may be terminated by the client for cause or without cause upon advance notice to us. In connection with these terminable contracts, we may lose clients as a result of the sale or merger of a client, a change in a client's senior management, competition from other financial advisors and financial institutions and other causes. Moreover, certain of our contracts with state government-sponsored clients are secured through such government's request for proposal process, and can be subject to renewal. If multiple clients were to exercise their termination rights or fail to renew their existing contracts or investors removed us from managing a fund and we were unable to secure new clients, our fees would decline. In the case of any such events, the management fees and advisory fees we earn in connection with managing such account or fund would immediately cease, which could result in an adverse effect on our revenues. If we experience a change of control (as defined under the Investment Advisers Act of 1940, as amended (the "Investment Advisers Act"), or as otherwise set forth in the governing documents of our funds), continuation of the investment management agreements with our funds and our separate account clients would be subject to investor or client consent. We cannot assure you that required consents will be obtained if such a change of control occurs.

Investor and institutional recognition of the P10 trademark and related brands and the association of these brands with our products and services are an integral part of our business. The occurrence of any events or rumors that cause investors and/or institutions to no longer associate these brands with our products and services may materially adversely affect the value of our brand names and demand for our products and services. In addition, trademarks or trade names that we own now or in the future may be challenged, infringed, declared generic, or determined to be infringing on or dilutive of other marks. We may not be able to protect our rights in these trademarks and trade names, which we need to build name recognition with potential investors. Moreover, third parties may file for registration of trademarks similar or identical to our trademarks; if they succeed in registering or developing common law rights in such trademarks, and if we are not successful in challenging such third-party rights, we may not be able to use these trademarks to develop brand recognition of our products and services. Furthermore, there could be potential trade name or trademark infringement claims brought by owners of other registered trademarks or trademarks that incorporate variations of our registered or unregistered trademarks or trade names. If we are unable to establish name recognition based on our trademarks and trade names, we may not be able to compete effectively, which could materially and adversely affect our business, financial condition or results of operations.

Since 2008, there has been continued volatility and disruption in the global financial markets. Volatility and disruption in the equity and credit markets could adversely affect the portfolio companies in which the private markets funds invest, which, in turn, would adversely affect the performance of our specialized investment vehicles and advisory accounts. For example, the lack of available credit or the increased cost of credit may materially and adversely affect the performance of funds that rely heavily on leverage such as leveraged buyout funds. Disruptions in the debt and equity markets may make it more difficult for funds to exit and realize value from their investments, because potential buyers of portfolio companies may not be able to finance acquisitions and the equity markets may become unfavorable for initial public offerings. In addition, the volatility will directly affect the market prices of securities issued by many companies for reasons unrelated to their operating performance and may adversely affect the valuation of the investments of our specialized investment vehicles and advisory accounts. Any or all of these factors may result in lower investment returns. Governmental authorities have undertaken, and may continue to undertake, a variety of initiatives designed to strengthen and stabilize the economy and the financial markets. However, there can be no assurance that these initiatives will be successful, and there is no way to predict the ultimate impact of the disruption or the effect that these initiatives will have on the performance of our specialized investment vehicles or advisory accounts. Investments in many industries have experienced significant volatility over the last several years. The ability to realize investments depends not only on our investments and the investments made by the private markets funds and portfolio companies in which we invest and their respective results and prospects, but also on political and economic conditions, which are out of our control. Continued volatility in political or economic conditions, including an outbreak or escalation of major hostilities, declarations of war, terrorist actions or other substantial national or international calamities or emergencies, could have a material adverse effect on our business, financial condition and results of operations.

We intend to grow our non-U.S. business, including growth into new regions with which we have less familiarity and experience, and this growth is important to our overall success. While we have a significant presence within the middle and lower middle-market private markets industry in North America, where the majority of our capital is currently being deployed, we intend to leverage our differentiated solutions to serve our global investors. Our international operations, presently in existence or which we may establish in the future, carry special financial and business risks, which could include the following: - greater difficulties in managing and staffing foreign operations;- fluctuations in foreign currency exchange rates that could adversely affect our results;- unexpected changes in trading policies, regulatory requirements, tariffs and other barriers;- longer transaction cycles;- higher operating costs;- local labor, protections conditions and regulations;- adverse consequences or restrictions on the repatriation of earnings;- potentially adverse tax consequences, such as trapped foreign losses;- less stable political and economic environments;- terrorism, political hostilities, war, outbreak of disease and other civil disturbances or other catastrophic events that reduce business activity;- cultural and language barriers and the need to adopt different business practices in different geographic areas; and - difficulty collecting fees and, if necessary, enforcing judgments. As part of our day-to-day operations outside the U.S., we are required to create compensation programs, employment policies, compliance policies and procedures and other administrative programs that comply with the laws of multiple countries. We also are required to communicate and monitor standards and directives across our global operations. Our failure to successfully manage and grow our geographically diverse operations could impair our ability to react quickly to changing business and market conditions and to enforce compliance with non-U.S. standards and procedures. Any payment of distributions, loans or advances to and from our subsidiaries could be subject to restrictions on or taxation of dividends or repatriation of earnings under applicable local law, monetary transfer restrictions, foreign currency exchange regulations in the jurisdictions in which our subsidiaries operate or other restrictions imposed by current or future agreements, including debt instruments, to which our non-U.S. subsidiaries may be a party. Our business, financial condition and results of operations could be adversely impacted, possibly materially, if we are unable to successfully manage these and other risks of international operations in a volatile environment. If our international business increases relative to our total business, these factors could have a more pronounced effect on our operating results or growth prospects.

There is evidence of global climate change. Climate change creates physical and financial risk and some of our products and their investments may be adversely affected by climate change. For example, the needs of customers of energy companies vary with weather conditions, primarily temperature and humidity. To the extent weather conditions are affected by climate change, energy use could increase or decrease depending on the duration and magnitude of any changes. Increases in the cost of energy could adversely affect the cost of operations of our investments if the use of energy products or services is material to their business. A decrease in energy use due to weather changes may affect some of our investments' financial condition through, for example, decreased revenues. Extreme weather conditions in general require more system backup, adding to costs, and can contribute to increased system stresses, including service interruptions.

The future global market and economic climate may deteriorate because of many factors beyond our control, including rising interest rates or inflation, reduced availability of credit, changes in laws and regulation, international conflicts, terrorism or political uncertainty and severe public health events. In addition, volatility and disruption in the equity and credit markets can adversely affect the portfolio companies in which private markets funds invest and adversely affect the investment performance of our funds and advisory accounts. We may not be able to or may choose not to manage our exposure to these market conditions. Market deterioration could cause us, the specialized investment vehicles we manage or the funds in which they invest to experience tightening of liquidity, reduced earnings and cash flow, and impairment charges, as well as challenges in raising additional capital, obtaining investment financing and making investments on attractive terms. These market conditions can also have an impact on our ability and the ability of funds in which we and our investors invest to liquidate positions in a timely and efficient manner. More costly and restrictive financing also may adversely impact the returns of our co-investments in leveraged buyout transactions and therefore, adversely affect the results of operations and financial condition of our co-investment funds. Our business could generate lower revenue in a general economic downturn or a tightening of global credit markets. These conditions may result in reduced opportunities to find suitable investments and make it more difficult for us, or for the funds in which we and our investors invest, to exit and realize value from existing investments, potentially resulting in a decline in the value of the investments held in our investors' portfolios. Such a decline could cause our revenue and net income to decline by causing some of our investors to reduce their investments in private markets in favor of investments they perceive as offering greater opportunity or lower risk, which would result in lower fees being paid to us. A general economic downturn, prolonged periods of inflation, increased interest rates or a tightening of global credit markets may also reduce the commitments our investors are able to devote to alternative investments generally and make it more difficult for the funds in which we invest to obtain funding for additional investments at attractive rates, which would further reduce our profitability. While our financial profile features a highly predictable, recurring revenue stream of most management and advisory fees, earned primarily on committed capital from long-term, contractually locked up funds, our profitability may be adversely affected by our fixed costs and the possibility that we would be unable to scale back other costs within a time frame sufficient to match any decreases in revenue relating to changes in market and economic conditions. If our revenue declines without a commensurate reduction in our expenses, our net income will be reduced. Accordingly, difficult market conditions could materially and adversely affect our business, financial condition and results of operations.

Many of our funds depend on the services of custodians, counterparties, administrators and other agents to carry out certain securities and derivatives transactions and other administrative services. We are subject to risks of errors and mistakes made by these third parties, which may be attributed to us and subject us or our investors to reputational damage, penalties or losses. The terms of the contracts with these third-party service providers are often customized and complex, and many of these arrangements occur in markets or relate to products that are not subject to regulatory oversight. We may be unsuccessful in seeking reimbursement or indemnification from these third-party service providers. Our funds are subject to the risk that the counterparty to one or more of these contracts defaults, either voluntarily or involuntarily, on its performance under the contract. Any such default may occur suddenly and without notice to us. Moreover, if a counterparty defaults, we may be unable to take action to cover our exposure, either because we lack contractual recourse or because market conditions make it difficult to take effective action. This inability could occur in times of market stress, which is when defaults are most likely to occur. In addition, our risk-management models may not accurately anticipate the effects of market stress or counterparty financial condition, and as a result, we may not have taken sufficient action to reduce our risks effectively. Default risk may arise from events or circumstances that are difficult to detect, foresee or evaluate. In addition, concerns about, or a default by, one large participant could lead to significant liquidity problems for other participants, which may in turn expose us to significant losses. In the event of a counterparty default, particularly a default by a major investment bank or a default by a counterparty to a significant number of our contracts, one or more of our funds may have outstanding trades that they cannot settle or are delayed in settling. As a result, these funds could incur material losses and the resulting market impact of a major counterparty default could harm our business, financial condition and results of operation. In the event of the insolvency of a custodian, counterparty or any other party that is holding assets of our funds as collateral, our funds might not be able to recover equivalent assets in full as they will rank among the custodian's or counterparty's unsecured creditors in relation to the assets held as collateral. In addition, our funds' cash held with a custodian or counterparty generally will not be segregated from the custodian's or counterparty's own cash, and our funds may therefore rank as unsecured creditors in relation thereto.

We rely heavily on our financial, accounting, compliance, monitoring, reporting and other data processing systems. In the ordinary course of business, we collect, store and transmit confidential information including but not limited to intellectual property, proprietary business information and personal information. It is critical that we do so in a secure manner to maintain the confidentiality and integrity of such confidential information. A failure or interruption of our systems, including the loss of data, whether caused by fire, other natural disaster, power or telecommunications failure, service interruptions, system malfunction, unauthorized access, computer viruses, acts of terrorism or war or otherwise, could result in a disruption of our business, liability to investors, regulatory intervention or reputational damage, and thus materially and adversely affect our business. Although we have back-up systems in place, including back-up data storage, our back-up procedures and capabilities in the event of a failure or interruption may not be adequate. In recent years, we have substantially upgraded and expanded the capabilities of our data processing systems and other operating technology, and we expect that we will need to continue to upgrade and expand these capabilities in the future to avoid disruption of, or constraints on, our operations. We may incur significant costs to further upgrade our data processing systems and other operating technology in the future. We are dependent on the effectiveness of our information security policies, procedures and capabilities to protect our computer and telecommunications systems and the data such systems contain or transmit. An external information security breach, such as a "hacker attack," a virus or worm, or an internal problem with information protection, including inadvertent or intentional actions by our employees such as failure to control access to sensitive systems, could materially interrupt our business operations or cause disclosure or modification of sensitive or confidential information. The risk of a security breach or disruption, particularly through cyberattacks or cyber intrusion, including by computer hackers, foreign governments, and cyber terrorists, has generally increased as the number, intensity, and sophistication of attempted attacks and intrusions from around the world have increased. We may not be able to anticipate all types of security threats, and we may not be able to implement preventive measures effective against all such security threats. The techniques used by cyber criminals change frequently, may not be recognized until launched, and can originate from a wide variety of sources, including outside groups such as third-party service providers, organized crime affiliates, terrorist organizations, or hostile foreign governments or agencies. Any such failure or breach could result in material financial loss, regulatory actions, breach of investor contracts, reputational harm or legal liability. The costs related to significant security breaches or disruptions could be material and exceed the limits of the cybersecurity insurance we maintain against such risks. As cyber threats continue to evolve, we may be required to expend additional resources to comply with new cyber-related regulations, continue to enhance our information security measures or investigate and remediate any information security vulnerabilities. Our remediation efforts may not be successful and could result in interruptions, delays or cessation of service. This could also impact the cost and availability of cyber insurance to us. In the event we incur a cyber breach and it is advisable to disclose, such disclosure could cause harm to our operations. Furthermore, significant disruptions of our information technology systems or security breaches could result in the loss, misappropriation, and/or unauthorized access, use, or disclosure of, or the prevention of access to, confidential information, which could result in financial, legal, business, and reputational harm to us. For example, any such event that leads to unauthorized access, use, or disclosure of personal information, including personal information regarding our investors or employees, could harm our reputation directly, compel us to comply with federal and/or state breach notification laws and foreign law equivalents, subject us to mandatory corrective action, and otherwise subject us to liability under laws and regulations that protect the privacy and security of personal information, which could result in significant legal and financial exposure and reputational damages that could adversely affect our business, financial condition and results of operations. Finally, we rely on third-party service providers for certain aspects of our business, including for certain information systems and technology and administration of our specialized funds. If the information technology systems of our third-party service providers become subject to disruptions or security breaches, or if our third-party service providers mishandle personal information that they received from us, we may have insufficient recourse against such third parties and we may have to expend significant resources to mitigate the impact of such an event, and to develop and implement protections to prevent future events of this nature from occurring. Any interruption or deterioration in the performance of these third parties, or failures of their information systems and technology or their data privacy programs, could impair the quality of the funds' operations and could affect our reputation and hence adversely affect our business, financial condition and results of operations.