Red Robin Gourmet (RRGB) Risk Analysis

We dedicate substantial resources to ensuring our guests enjoy safe, quality food products. Nonetheless, restaurant businesses such as ours can be adversely affected by publicity resulting from complaints or litigation regarding poor food quality, food-borne illness, personal injury, food tampering, communicable disease, adverse health effects of consumption of various food products or high-calorie foods, or other concerns. Food safety issues also could be caused by food suppliers or distributors and, as a result, could be out of our control. Regardless of the source or cause, any report of food-borne illnesses such as E. coli, norovirus, listeria, hepatitis A, salmonella, or trichinosis, as well as other food safety issues including food tampering or contamination, at one of our or a franchisee's restaurants, could adversely affect our reputation and have a negative impact on our sales. Even instances of food-borne illness, food tampering or food contamination occurring solely at our competitors' restaurants, suppliers or distributors (even if we do not work with them) could result in negative publicity about the food service industry generally and adversely impact our sales. The occurrence of food safety issues could also adversely affect the price and availability of affected ingredients, resulting in higher costs and lower margins.

Our restaurants depend on frequent deliveries of fresh produce, food, beverages, and other products. This subjects us to the risk of interruptions in food and beverage supplies that may result from a variety of causes including, but not limited to, outbreaks of food-borne illness, disruption of operation of production facilities, transportation disruptions or delays, financial difficulties, including bankruptcy of our suppliers or other unforeseen circumstances, especially where a product comes from a single or small number of suppliers. Such shortages could adversely affect our revenue and profits. Our restaurants bear risks associated with the timeliness of deliveries by suppliers and distributors as well as the solvency, reputation, labor relationships, freight rates, and health and safety standards of each supplier and distributor. We strive to have multiple approved suppliers on key items; however, the Company is undertaking initiatives to consolidate suppliers and there are situations where we only have one approved supplier, which increases the risk to our supply chain if something were to happen to interrupt the supplier's ability to continue supplying the Company. Other significant risks associated with our suppliers and distributors include improper handling of food and beverage products, and/or the adulteration or contamination of such food and beverage products.

Competition in the restaurant industry is intense and barriers to entry are low. Our competitors include a large and diverse group of restaurants in all segments ranging from quick serve and fast casual to polished casual and those verging on fine dining. These competitors range from independent local operators that have opened restaurants in various markets, high growth targeted "better" burger concepts in the quick serve and fast casual space, to the well-capitalized national restaurant companies. Many of these concepts have already captured segments of the market that we are targeting, and are expanding faster than we are, penetrating both desirable geographic and demographic markets. Many of our competitors are well established in the casual dining market segment and in certain geographic locations and some of our competitors have substantially greater financial, marketing, and other resources than we have available. Accordingly, they may be better equipped than us to invest in improving and expanding restaurants and infrastructure, increase marketing, or to take other measures to maintain their competitive position, including the use of significant discount offers to attract guests. Additionally, our guests may choose alternatives to restaurants, including meal kit and food delivery service providers or purchasing meals at supermarkets, delis, or other food retailers.

We routinely refine our communication, advertising, branding, and other marketing strategies to effectively target and compete for customers, but there is no assurance these strategies will be effective. The Red Robin Royalty™ loyalty program has historically contributed to sales and guest count growth. We continue to evolve this program, including the structure, rewards, and guest participation requirements. These changes may not achieve their intended objectives and could result in reduced guest engagement, lower visit frequency, or decreased brand loyalty. We increasingly rely on data, analytics, and digital tools to inform our marketing, promotional, and guest engagement strategies, including micro-targeting, personalization, and measurement of marketing effectiveness. These strategies depend on the accuracy, completeness, and timeliness of the data we collect and the assumptions and models we use to analyze that data. If our data is incomplete, inaccurate, or not effectively analyzed, or if our marketing strategies based on such data do not resonate with guests, our marketing investments may not generate the expected levels of guest traffic or sales. In addition, our ability to use guest data is subject to evolving privacy laws, regulatory requirements, platform policies, and consumer preferences, which may limit data collection, sharing, or usage and reduce the effectiveness of targeted marketing initiatives, and any failure to comply could subject us to liability.

Maintaining and enhancing our brand image and reputation is critical to our success. Unfavorable events or rumors, poorly received advertising, negative publicity, and negative information disseminated through social and digital media could impact our brand image and reputation. As part of our marketing efforts, we use social media platforms to promote our concepts and attract and retain guests. Social media provides consumers, employees, and others with the ability to communicate approval or displeasure with a business, in near real time, and provides any individual with the ability to reach a broad audience and with comments that are often not filtered or checked for accuracy. If we are unable to quickly and effectively respond, any negative publicity could "go viral" causing nearly immediate and potentially significant harm to our brand and reputation, whether or not factually accurate. In addition, social media can facilitate the improper disclosure of proprietary information, exposure of personally identifiable information, fraud, or out-of-date information. The inappropriate use of social media by our guests or team members could increase our costs, lead to litigation, or result in negative publicity that could damage our reputation.

Our business prospects will depend in part on our ability to protect our proprietary information and intellectual property, including the Red Robin, Red Robin Gourmet Burgers, Red Robin America's Gourmet Burgers & Spirits, YUMMM, Red Robin Gourmet Burgers and BrewsTM, and Red Robin RoyaltyTM names and logos. We have registered or filed applications for trademarks for these names and logos, among others, with the United States Patent and Trademark Office and in Canada and we have applied to register various trademarks in certain other international jurisdictions. Our trademarks could be infringed in ways that leave us without redress, such as by imitation or by filings by others in jurisdictions where we are not currently registered. In addition, we rely on trade secrets and proprietary know-how in operating our restaurants, and we employ various methods to protect these trade secrets and proprietary know-how. However, such methods may not afford adequate protection, and others could independently develop similar know-how or obtain access to our know-how, concepts, and recipes. Consequently, our business could be negatively affected and less profitable if we are unable to successfully defend and protect our intellectual property.

Protecting guest, team member, and Company data is critical. We are subject to numerous privacy and data protection laws and regulations and the regulatory environment surrounding information security and privacy is increasingly demanding, with the frequent imposition of new and constantly changing requirements including the California Consumer Privacy Act, the California Privacy Rights Act, and other similar legislative initiatives. Compliance with these requirements may result in cost increases due to necessary system changes and the development of new administrative processes, and if we fail to comply, we could be exposed to risks of fines, investigations, litigation, and disruption of our operations. Our software and information technology systems, as well as those of third parties on which we rely, may contain material vulnerabilities. In the ordinary course of our business, we collect, store, and process personal and payment information relating to our guests, team members, and vendors. We also collect, store, and process sales data, financial information, human resources information, and other sensitive business data. Despite the cybersecurity measures we have implemented, we have experienced cybersecurity incidents in the past and may experience future incidents, including data breaches, phishing attacks, or other unauthorized access to our systems or those of our third-party service providers. In addition, the rapid evolution and increased adoption of artificial intelligence technologies may intensify cybersecurity risks. Our efforts to identify and remediate system vulnerabilities may not prevent or promptly resolve such incidents, which could result in the theft, loss, or unauthorized disclosure of confidential or proprietary information, disruption of restaurant or corporate operations or our supply chain, loss of guest confidence, reputational harm, and significant remediation, legal, regulatory, or other costs. We maintain a separate insurance policy covering cyber security risks and such insurance coverage may, subject to policy terms and conditions, cover certain aspects of cyber risks, but is subject to a retention amount and may not be applicable to a particular incident or otherwise may be insufficient to cover all our losses beyond any retention. Because of the number of credit card transactions we process, we are required to maintain PCI Data Security Standard compliance at our Restaurant Support Center and Company-owned restaurants. If we do not maintain the required level of PCI compliance, we could be subject to costly fines or additional fees from the card brands that we accept or lose our ability to accept those payment cards. Our franchisees are separate businesses that have different levels of compliance required depending on the number of credit card transactions processed. If our franchisees fail to maintain the appropriate level of PCI compliance or they experience a security breach, it could negatively impact their business operations, and we could face a loss of royalties or other payments they are required to remit to us, and it could adversely affect our reputation and guest confidence.

Our business is subject to extensive and frequently changing government laws and regulations, including, among others, those relating to our employees, public health and safety, food safety, alcoholic beverage control, public accommodations, data privacy and security, securities regulation, and consumer health regulations, including those pertaining to nutritional content and menu labeling. Compliance with these laws and regulations can be complex, costly, and time-consuming, and we may not be able to maintain compliance in all circumstances despite our efforts. Changes in applicable laws or regulatory requirements, or failure to comply with them, could result in increased litigation, governmental investigations or enforcement actions, revocation of required licenses or permits, fines, penalties, or civil or criminal liability, any of which could increase our costs or interfere with our ability to operate our business and execute our strategies. Various employment and labor laws govern our relationship with team members and effect operating costs. These laws govern employee classification, wage rates, fair scheduling and payment requirements including tip credit laws and overtime pay, meal and rest breaks, unemployment and other taxes, health care and benefits, workers' compensation rates, labor relations, work authorization regulations, and discriminatory conduct. Changes in these laws, increased enforcement, or failure to comply could require operational changes that harm our operating results, increase labor costs, disrupt our workforce, or result in litigation or penalties. For example, we rely on team members to provide accurate work authorization documentation and to report gratuities received, which we use for payroll and FICA tax reporting purposes. Inaccurate reporting or noncompliance could subject us to monetary or other liabilities. In addition, our operating results could be adversely affected by increases in minimum or tipped wages, overtime requirements, paid leave mandates, health benefit obligations, tax reporting requirements related to gratuities, reductions in the availability of tip credits, or increased employee litigation, including claims under federal or state wage and hour laws. In recent years, there has been an evolving public focus on corporate responsibility, including environmental, social, and governance matters. As a result, we have experienced increased expectations and costs to provide expanded disclosure and make commitments, establish goals or set targets with respect to various corporate responsibility issues, such as the reduction of greenhouse gases, and to take the actions necessary to meet those commitments, goals and targets, and these expectations and costs have and may continue to vary across jurisdictions in which we operate. If we are not effective in addressing these matters, consumer trust in our brand may suffer. As public and political sentiment regarding corporate responsibility has evolved, we may now also face the additional risk of reputational harm, litigation, or other challenges from stakeholders opposed to corporate responsibility initiatives. Our results of operation and financial condition could be adversely impacted if we are unable to effectively manage the risks and costs associated with corporate responsibility matters. We are subject to "dram shop" statutes in some states. These statutes generally allow a person injured by an intoxicated person to recover damages from an establishment that wrongfully served alcoholic beverages to such intoxicated person. Failure to comply with alcoholic beverage control or dram shop regulations could subject us to liability and could negatively affect our business.

We are primarily subject to income and other taxes in the United States. Our effective income tax rate and other taxes could be adversely affected by a number of factors, including changes in the valuation of deferred tax assets and liabilities, changes in tax laws, regulations, interpretations, or enforcement practices, and the outcome of income tax or other tax audits. Future change to tax laws could have a negative impact to the Company's effective tax rate and cash tax refunds. Additionally, while we believe our tax estimates are reasonable, the final determination of tax audits and tax litigation could be materially different from our historical income tax provisions and accruals. The results of a tax audit could have a material effect on our results of operations or cash flows in the period which the final determination is made.

We are subject to a number of significant risks that might cause our quarterly and annual results to fluctuate significantly or be negatively affected. Adverse weather conditions, natural disasters (such as earthquakes, hurricanes, and wildfires), climate change, pandemics, or catastrophic events, such as terrorist acts, can adversely impact restaurant sales, as they may keep customers in the affected area from dining out, adversely affect consumer spending and confidence levels. These events may also impact the cost and availability of key commodities such as beef, poultry, potatoes, and other important ingredients in our products; cause material disruptions in our supply chain; impact borrowings and interest rates; cause damage to or closure of restaurants, or result in lost opportunities for our restaurants. Moreover, our business fluctuates seasonally. Historically, sales in most of our restaurants have been higher during the spring and summer months and winter holiday season due to factors including our retail-oriented location and family appeal. The timing of holidays and school vacations may affect the seasonal operating results in the areas impacted. As a result, our quarterly and annual operating results and comparable restaurant sales may fluctuate significantly as a result of seasonality and the factors outside of our control discussed above. Accordingly, results for any one quarter or year are not necessarily indicative of results to be expected for any other quarter or for any year, and comparable restaurant sales for any particular future period may decrease.