Rigetti Computing (RGTI) Risk Analysis

Our success depends, in significant part, on our ability to obtain, maintain, enforce and defend our intellectual property rights, including patents and trade secrets. We rely upon a combination of the intellectual property protections afforded by patent, copyright, trademark and trade secret laws in the United States and other jurisdictions, as well as license agreements and other contractual protections, to establish, maintain and enforce rights in our proprietary technologies. In addition, we seek to protect our intellectual property rights through nondisclosure and invention assignment agreements with our employees and consultants, and through non-disclosure agreements with business partners and other third parties. However, we may not be able to prevent unauthorized use of our intellectual property. Our trade secrets may also be compromised, which could cause us to lose our competitive advantage. Third parties may attempt to copy or otherwise obtain, use or infringe our intellectual property. Monitoring and detecting unauthorized use of our intellectual property is difficult and costly, and the steps we have taken or will take to prevent infringement or misappropriation may not be sufficient. Any enforcement efforts we undertake, including litigation, could be time-consuming and expensive and could divert management's attention, which could harm our business, results of operations, and financial condition. In addition, existing intellectual property laws and contractual remedies may afford less protection than needed to safeguard our intellectual property portfolio, and third parties may develop competitive offerings in a manner that leaves us with limited means to enforce our intellectual property rights against them. Patent, copyright, trademark and trade secret laws vary significantly throughout the world. A number of foreign countries do not protect intellectual property rights to the same extent as do the laws of the United States. Therefore, our intellectual property rights may not be as strong or as easily enforced outside of the United States and efforts to protect against the unauthorized use of our intellectual property rights, technology and other proprietary rights may be more expensive and difficult outside of the United States. Failure to adequately protect our intellectual property rights could result in our competitors using our intellectual property to offer products, potentially resulting in the loss of some of our competitive advantage and a decrease in our revenue, which would adversely affect our business, financial condition and operating results.

The application and registration of patents involves complex legal and factual questions. As a result, we cannot be certain that the patent applications that we file will result in patents being issued, or that our patents and any future patents that do issue will afford protection against competitors with similar technology. Numerous patents and pending patent applications owned by others exist in the fields in which we have developed and are developing our technology, and this may make it difficult for us to obtain certain patent coverage on our own. Any of our existing or pending patents may also be challenged by others on the basis that they are otherwise invalid or unenforceable. Furthermore, patent applications filed in foreign countries are subject to laws, rules and procedures that differ from those of the United States, and thus we cannot be certain that foreign patent applications related to issued U.S. patents will be issued. Even if our patent applications succeed, it is still uncertain whether these patents will be contested, circumvented, invalidated or limited in scope in the future. The rights granted under any issued patents may not provide us with meaningful protection or competitive advantages. The intellectual property rights of others could bar us from licensing and exploiting any patents that issue from our pending applications, and the claims under any patents that issue from our patent applications may not be broad enough to prevent others from developing technologies that are similar or that achieve results similar to ours. In addition, patents issued to us may be infringed upon or designed around by others and others may obtain patents that require license or design around, either of which would increase costs and may adversely affect our business, prospects, financial condition and operating results.

Our business depends on our quantum computing systems being available. We have experienced and may in the future experience, disruptions, outages, defects and other performance and quality problems with our systems. We have also experienced and may in the future experience, disruptions, outages, defects and other performance and quality problems with the public cloud and internet infrastructure on which our systems rely. These problems can be caused by a variety of factors, including failed introductions of new functionality, vulnerabilities and defects in proprietary and open-source software, hardware components, human error or misconduct, capacity constraints, design limitations, or denial of service attacks or other security-related incidents. We do not have a contractual right with our public cloud providers that compensates us for any losses due to availability interruptions in the public cloud. Any disruptions, outages, defects and other performance and quality problems with our quantum computing systems or with the public cloud and internet infrastructure on which we rely, could result in reduced use of our systems, increased expenses, including service credit obligations, and harm to our brand and reputation, any of which could have a material adverse effect on our business, financial condition and results of operations.

We currently offer access to quantum computing as a service ("Quantum Computing as a Service" or "QCaaS"), both directly to our end users with our own Quantum Cloud Services ("QCS") and indirectly to end users through public cloud providers such as Amazon Braket ("AWS") and Microsoft Azure Quantum ("Azure"), who integrate our QCS into their own quantum computing platforms. These public cloud providers operate a service in direct competition with our providing direct access to QCS. In addition, we intend to partner with additional providers to provide access to our QCaaS. Cloud computing partnerships could be terminated, or not scale as anticipated, or at all. There is risk that one or more of the public cloud providers, such as AWS and Azure, could use their respective control of their public clouds to control market pricing of the services, restrict access, embed innovations or privileged interoperating capabilities in competing products, bundle competing products and leverage their public cloud customer relationships to exclude us from opportunities. Further, these public cloud providers have the resources to acquire or partner with existing and emerging providers of competing technology and thereby accelerate adoption of those competing technologies, all of which could make it difficult or impossible for us to provide products and services that compete favorably with those of the public cloud providers. Any material change in our contractual and other business relationships with our cloud providers could result in reduced use of our systems, increased expenses, including service credit obligations, and harm our brand and reputation, any of which could have a material adverse effect on our business, financial condition and results of operations. Further, if our contractual and other business relationships with our partners are terminated, either by the counterparty or by us, suspended or suffer a material change to which we are unable to adapt, such as the elimination of services or features on which we depend, we would be unable to provide our QCaaS business at the same scale and would experience significant delays and incur additional expense in transitioning customers to a different public cloud provider. Currently, our customer agreement with AWS remains in effect until (i) terminated for convenience, which we may do for any reason by providing AWS notice and closing our account and which AWS may do for any reason by providing us at least 30 days' notice or (ii) terminated for cause, which either party may do if the other party has an uncured material breach and which AWS may do immediately upon notice. Although alternative data center providers could host our business on a substantially similar basis to AWS, transitioning the cloud infrastructure currently hosted by AWS to alternative providers could potentially be disruptive, and we could incur significant one-time costs. If we are unable to renew our agreement with AWS on commercially acceptable terms, our agreement with AWS is prematurely terminated, or it adds additional infrastructure providers, we may experience costs or downtime in connection with the transfer to, or the addition of, new data center providers. If AWS or other infrastructure providers increase the costs of their services, our business, financial condition, or results of operations could be materially and adversely affected. Any material change in our contractual and other business relationships with our partners, could result in reduced use of our systems, increased expenses, including service credit obligations, and harm to our brand and reputation, any of which could have a material adverse effect on our business, financial condition and results of operations.

Our products and technologies are subject to U.S. export control and import laws and regulations, including the U.S. Export Administration Regulations, U.S. Customs regulations, and various economic and trade sanctions regulations administered by the U.S. Treasury Department's Office of Foreign Assets Controls. U.S. export control and economic sanctions laws include restrictions or prohibitions on the sale or supply of certain products, technologies, and services to U.S. Government embargoed or sanctioned countries, governments, persons and entities. In addition, certain of our products and technology are subject to export licensing or approval requirements. Exports of our products and technology must be made in compliance with export control and sanctions laws and regulations. If we fail to comply with these laws and regulations, we and certain of our employees could be subject to substantial civil or criminal penalties, including the possible loss of export or import privileges; fines, which may be imposed on us and responsible employees or managers; and, in extreme cases, the incarceration of responsible employees or managers. In addition, changes in our products or technologies or changes in applicable export or import laws and regulations may create delays in the introduction and sale of our products and technologies in international markets or, in some cases, prevent the export or import of our products and technologies to certain countries, governments or persons altogether. Any change in export or import laws and regulations, shift in the enforcement or scope of existing laws and regulations, or change in the countries, governments, persons or technologies targeted by such laws and regulations, could also result in decreased use of our products and technologies, or in our decreased ability to export or sell our products and technologies to existing or potential customers. Any decreased use of our products and technologies or limitation on our ability to export or sell our products and technologies would likely adversely affect our business, financial condition and results of operations. Further, the operation of our products within a fully operational quantum system may depend on products and technologies supplied by third parties. Changes in third party products or technologies or changes in applicable export or import laws and regulations may create delays in the introduction and sale of our products and technologies to customers or, in some cases, prevent sales of our products and technologies to certain countries, governments or persons altogether. Any change in export or import laws and regulations, shift in the enforcement or scope of existing laws and regulations, or change in the countries, governments, persons or technologies targeted by such laws and regulations, could also result in decreased use of our products and technologies, or in our decreased ability to sell our products and technologies to existing or potential customers. Any decreased use of our products and technologies or limitation on our ability to sell our products and technologies would likely adversely affect our business, financial condition and results of operations. We expect to incur significant costs in complying with these regulations. Regulations related to quantum computing are currently evolving and we face risks associated with changes to these regulations.

We collect, receive, store, process, generate, use, transfer, disclose, make accessible, protect, secure, dispose of, transmit, and share (collectively, "process") personal data and other sensitive information. In the United States, federal, state, and local governments have enacted numerous data privacy and security laws, including data breach notification laws, personal data privacy laws, consumer protection laws, and other similar laws. In recent years, numerous U.S. states have enacted comprehensive privacy laws that impose certain obligations on covered businesses, including providing specific disclosures in privacy notices and their personal data rights. As applicable, such rights may include the right to access, correct, or delete certain personal data, and to opt-out of certain data processing activities, such as targeted advertising, profiling, and automated decision-making. The exercise of these rights may impact our business and ability to provide our products and services. Certain jurisdictions also impose stricter requirements for processing certain personal data, including sensitive information, such as conducting data privacy impact assessments. These laws allow for statutory fines for noncompliance. Our employees and personnel may use generative AI technologies to perform their work, and the disclosure and use of personal information in generative AI technologies is subject to various privacy laws and other privacy obligations. Additionally, several states and localities have enacted measures related to the use of AI and machine learning in products and services. These developments may further complicate compliance efforts and may increase legal risk and compliance costs for us, the third parties upon whom we rely, and our customers. Outside of the United States, foreign governments also have similar or sometimes more stringent data protection laws. In particular, the United Kingdom's GDPR ("UK GDPR") imposes strict requirements for processing personal data. For example, under the UK GDPR, companies may face temporary or definitive bans on data processing and other corrective actions; fines of up to 17.5 million pounds or 4% of annual global revenue, whichever is greater; or private litigation related to processing of personal data brought by classes of data subjects or consumer protection organizations authorized at law to represent their interests. In Canada, the Personal Information Protection and Electronic Documents Act ("PIPEDA") and various related provincial laws, as well as Canada's Anti-Spam Legislation ("CASL"), may apply to our operations. In the ordinary course of business, we may transfer personal data from the United Kingdom (UK), Canada, Australia and other jurisdictions to the United States or other countries. The UK and other jurisdictions have enacted laws requiring data to be localized or limiting the transfer of personal data to other countries. In particular, the UK has significantly restricted the transfer of personal data to the United States and other countries whose privacy laws it believes are inadequate. Other jurisdictions may adopt similarly stringent interpretations of their data localization and cross-border data transfer laws. Although there are currently various mechanisms that may be used to transfer personal data from the UK to the United States in compliance with law, such as the UK's international data transfer addendum, these mechanisms are subject to legal challenges, and there is no assurance that we can satisfy or rely on these measures to lawfully transfer personal data to the United States. If there is no lawful manner for us to transfer personal data from the UK or other jurisdictions to the United States, or if the requirements for a legally-compliant transfer are too onerous, we could face significant adverse consequences, including the interruption or degradation of our operations, the need to relocate part of or all of our business or data processing activities to other jurisdictions at significant expense, increased exposure to regulatory actions, substantial fines and penalties, the inability to transfer data and work with partners, vendors and other third parties, and injunctions against our processing or transferring of personal data necessary to operate our business. Additionally, companies that transfer personal data out of the UK to other jurisdictions, particularly to the United States, are subject to increased scrutiny from regulators, individual litigants, and activist groups. We are also bound by contractual obligations related to data privacy and security, and our efforts to comply with such obligations may not be successful. For example, certain privacy laws, such as the UK GDPR and California Consumer Privacy Act ("CCPA"), require our customers to impose specific contractual restrictions on their service providers. We publish privacy policies, marketing materials and other statements, such as compliance with certain certifications or self-regulatory principles, regarding data privacy and security. If these policies, materials or statements are found to be deficient, lacking in transparency, deceptive, unfair, or misrepresentative of our practices, we may be subject to investigation, enforcement actions by regulators or other adverse consequences. Obligations related to data privacy and security are quickly changing, becoming increasingly stringent, and creating regulatory uncertainty. Additionally, these obligations may be subject to differing applications and interpretations, which may be inconsistent or conflict among jurisdictions. Preparing for and complying with these obligations requires us to devote significant resources, which may necessitate changes to our services, information technologies, systems, and practices and to those of any third parties that process personal data on our behalf. In addition, these obligations may require us to change our business model. We may at times fail (or be perceived to have failed) in our efforts to comply with our data privacy and security obligations. Moreover, despite our efforts, our personnel or third parties on whom we rely may fail to comply with such obligations, which could negatively impact our business operations. If we or the third parties on which we rely fail, or are perceived to have failed, to address or comply with applicable data privacy and security obligations, we could face significant consequences, including but not limited to: government enforcement actions (e.g., investigations, fines, penalties, audits, inspections, and similar); litigation (including class-action claims); additional reporting requirements and/or oversight; bans on processing personal data; orders to destroy or not use personal data; and imprisonment of company officials. Any of these events could have a material adverse effect on our reputation, business, or financial condition, including but not limited to: loss of customers; interruptions or stoppages in our business operations; interruptions or stoppages of data collection needed to train our algorithms; inability to process personal data or to operate in certain jurisdictions; limited ability to develop or commercialize our products; expenditure of time and resources to defend any claim or inquiry; adverse publicity; or substantial changes to our business model or operations.

We may become subject to product liability claims, even those without merit, which could harm our business prospects, operating results, and financial condition. We may face an inherent risk of exposure to claims in the event our quantum computers do not perform as expected or malfunction. A successful product liability claim against us could require us to pay a substantial monetary award. Moreover, a product liability claim could generate substantial negative publicity about our quantum computers and business and inhibit or prevent the commercialization of other future quantum computers, which would have material adverse effects on our brand, business, prospects and operating results. Any insurance coverage might not be sufficient to cover all potential product liability claims. Any lawsuit seeking significant monetary damages either in excess of our coverage, or outside of our coverage, may have a material adverse effect on our reputation, business and financial condition. We may not be able to secure additional product liability insurance coverage on commercially acceptable terms or at reasonable costs when needed, particularly if we do face liability for our products and are forced to make a claim under our policy.

The markets in which we operate are rapidly evolving and highly competitive. As the marketplace continues to mature and new technologies and competitors enter, we expect competition to intensify. Our current competitors include: - large, well-established tech companies that generally compete across our products, including Google, Microsoft, Amazon and IBM;- large research organizations funded by sovereign nations such as China, Russia, Canada, Australia and the United Kingdom, and those in the European Union as of the date of this Annual Report on Form 10-K and we believe additional countries in the future;- less-established public and private companies with competing technology, including companies located outside the United States; and - new or emerging entrants seeking to develop competing technologies. We compete based on various factors, including technology, performance, open architecture, multi-cloud availability, brand recognition and reputation, customer support and differentiated capabilities, including ease of administration and use, scalability and reliability, data governance and security. Many of our competitors have substantially greater brand recognition, customer relationships, and financial, technical and other resources, including an experienced sales force and customer service organization and sophisticated supply chain management. They may be able to respond more effectively than us to new or changing opportunities, technologies, standards, customer requirements and buying practices. In addition, many countries are focused on developing quantum computing solutions either in the private or public sector and may subsidize quantum computers which may make it difficult for us to compete. Many of these competitors do not face the same challenges we do in growing our business. In addition, other competitors might be able to compete with us by bundling their other products in a way that does not allow us to offer a competitive solution. Further, our competitors may win government contracts, and we may not. Additionally, we must be able to achieve our objectives in a timely manner such that we do not lose ground to competitors, including competing technologies. For example, our competitors may achieve certain narrow and/or broad quantum milestones faster than us, which may negatively impact our business and prospects. Because there are a large number of market participants, including certain sovereign nations, focused on developing quantum computing technology, we must dedicate significant resources to achieving any technical objectives on the timelines established by our management team. Any failure to achieve objectives in a timely manner could adversely affect our business, operating results and financial condition. In addition, the market for quantum computers is still rapidly evolving, characterized by rapidly changing technologies, competitive pricing and competitive factors, evolving government regulation and industry standards, and changing customer demands and behaviors. If the market for quantum computers in general does not develop as expected, develops more slowly than expected, develops in a manner that does not require use of our quantum computers, encounters negative publicity or if our quantum computers do not drive commercial engagement, then our business, prospects, financial condition and operating results could be harmed. If our clients and partners do not perceive the benefits of quantum computer solutions, or if our solutions do not drive member engagement, then demand for our products may not develop at all, or it may develop slower than we expect. If any of these events occur, it could have a material adverse effect on our business, financial condition or results of operations. If progress towards quantum advantage ever slows relative to expectations, it could adversely impact revenues and customer confidence to continue to pay for testing, access and "quantum readiness." This would harm or even eliminate revenues in the period before quantum advantage. For all of these reasons, the development of the market for quantum computers and competition may have a negative impact on our ability to maintain and grow demand for our platform or put downward pressure on our prices and gross margins, any of which could materially harm our reputation, business, results of operations, and financial condition.