tiprankstipranks
Semrush Holdings, Inc. (SEMR)
:SEMR
US Market

SEMrush Holdings (SEMR) Risk Analysis

Compare
295 Followers
Public companies are required to disclose risks that can affect the business and impact the stock. These disclosures are known as “Risk Factors”. Companies disclose these risks in their yearly (Form 10-K), quarterly earnings (Form 10-Q), or “foreign private issuer” reports (Form 20-F). Risk factors show the challenges a company faces. Investors can consider the worst-case scenarios before making an investment. TipRanks’ Risk Analysis categorizes risks based on proprietary classification algorithms and machine learning.

SEMrush Holdings disclosed 42 risk factors in its most recent earnings report. SEMrush Holdings reported the most risks in the “Finance & Corporate” category.

Risk Overview Q4, 2024

Risk Distribution
42Risks
26% Finance & Corporate
24% Tech & Innovation
17% Legal & Regulatory
17% Ability to Sell
12% Production
5% Macro & Political
Finance & Corporate - Financial and accounting risks. Risks related to the execution of corporate activity and strategy
This chart displays the stock's most recent risk distribution according to category. TipRanks has identified 6 major categories: Finance & corporate, legal & regulatory, macro & political, production, tech & innovation, and ability to sell.

Risk Change Over Time

2022
Q4
S&P500 Average
Sector Average
Risks removed
Risks added
Risks changed
SEMrush Holdings Risk Factors
New Risk (0)
Risk Changed (0)
Risk Removed (0)
No changes from previous report
The chart shows the number of risks a company has disclosed. You can compare this to the sector average or S&P 500 average.

The quarters shown in the chart are according to the calendar year (January to December). Businesses set their own financial calendar, known as a fiscal year. For example, Walmart ends their financial year at the end of January to accommodate the holiday season.

Risk Highlights Q4, 2024

Main Risk Category
Finance & Corporate
With 11 Risks
Finance & Corporate
With 11 Risks
Number of Disclosed Risks
42
-2
From last report
S&P 500 Average: 31
42
-2
From last report
S&P 500 Average: 31
Recent Changes
1Risks added
3Risks removed
9Risks changed
Since Dec 2024
1Risks added
3Risks removed
9Risks changed
Since Dec 2024
Number of Risk Changed
9
+9
From last report
S&P 500 Average: 3
9
+9
From last report
S&P 500 Average: 3
See the risk highlights of SEMrush Holdings in the last period.

Risk Word Cloud

The most common phrases about risk factors from the most recent report. Larger texts indicate more widely used phrases.

Risk Factors Full Breakdown - Total Risks 42

Finance & Corporate
Total Risks: 11/42 (26%)Below Sector Average
Share Price & Shareholder Rights6 | 14.3%
Share Price & Shareholder Rights - Risk 1
Changed
aggregate 79% of the voting power of our capital stock, which will limit your ability to influence corporate matters.
Our Class B common stock has ten votes per share, and our Class A common stock has one vote per share. As of December 31, 2024, our directors, executive officers, and their affiliates, held in the aggregate 79% of the voting power of our capital stock. Because of the ten-to-one voting ratio between our Class B common stock and Class A common stock, the holders of our Class B common stock collectively will continue to control a majority of the combined voting power of our common stock and therefore will be able to control all matters submitted to our stockholders for approval until the earlier of (a) March 29, 2028, (b) such time as the outstanding shares of Class B common stock represent less than ten percent of the aggregate number of shares of our outstanding common stock and (c) the date the holders of two-thirds of our Class B common stock elect to convert the Class B common stock to Class A common stock. Our dual class structure and concentrated control may limit or preclude your ability to influence corporate matters for the foreseeable future, including the election of directors, amendments of our organizational documents, and any merger, consolidation, sale of all or substantially all of our assets, or other major corporate transaction requiring stockholder approval. In addition, this may prevent or discourage unsolicited acquisition proposals or offers for our capital stock that you may feel are in your best interest as one of our stockholders, and may suppress our stock price, for example by making us ineligible for inclusion on certain market indices. Future transfers by holders of Class B common stock will generally result in those shares converting to Class A common stock, subject to limited exceptions, such as certain transfers effected for estate planning purposes. The conversion of Class B common stock to Class A common stock will have the effect, over time, of increasing the relative voting power of those holders of Class B common stock who retain their shares in the long term.
Share Price & Shareholder Rights - Risk 2
Our third amended and restated bylaws designate certain courts as the sole and exclusive forum for certain types of actions and proceedings that may be initiated by our stockholders, which could limit our stockholders' ability to obtain a favorable judicial forum for disputes with us or our directors, officers, or employees.
Our third amended and restated bylaws provide that, unless we consent in writing to an alternative forum, the Court of Chancery of the State of Delaware will be the sole and exclusive forum for any state law claim for (i) any derivative action or proceeding brought on our behalf, (ii) any action asserting a claim of breach of or based on a fiduciary duty owed by any of our current or former directors, officers, or employees to us or our stockholders, (iii) any action asserting a claim arising pursuant to any provision of the Delaware General Corporation Law, our amended and restated certificate of incorporation or our third amended and restated bylaws (including the interpretation, validity or enforceability thereof) or (iv) any action asserting a claim that is governed by the internal affairs doctrine (the "Delaware Forum Provision"). The Delaware Forum Provision will not apply to any causes of action arising under the Securities Act or the Exchange Act. Our third amended and restated bylaws further provide that, unless we consent in writing to the selection of an alternative forum, the federal district courts of the United States shall be the sole and exclusive forum for resolving any complaint asserting a cause of action arising under the Securities Act (the "Federal Forum Provision"). In addition, our third amended and restated bylaws provide that any person or entity purchasing or otherwise acquiring any interest in shares of our common stock is deemed to have notice of and consented to the foregoing provisions; provided, however, that stockholders cannot and will not be deemed to have waived our compliance with the federal securities laws and the rules and regulations thereunder. While the Delaware Supreme Court and other courts have upheld the validity of provisions purporting to require claims under the Securities Act be brought in federal court, it is possible that a court could find these types of provisions to be inapplicable or unenforceable. The Delaware Forum Provision and the Federal Forum Provision in our third amended and restated bylaws may impose additional litigation costs on stockholders in pursuing any such claims. Additionally,the forum selection clauses in our third amended and restated bylaws may limit our stockholders' ability to bring a claim in a forum that they find favorable for disputes with us or our directors, officers or employees, which may discourage such lawsuits against us and our directors, officers and employees even though an action, if successful, might benefit our stockholders. In addition, while the Delaware Supreme Court and other state courts have upheld the validity of federal forum selection provisions purporting to require claims under the Securities Act be brought in federal court, there is uncertainty as to whether other courts will enforce our Federal Forum Provision. If the Federal Forum Provision is found to be unenforceable, we may incur additional costs associated with resolving such matters. The Federal Forum Provision may also impose additional litigation costs on stockholders who assert that the provision is not enforceable or invalid. The Court of Chancery of the State of Delaware and the federal district courts of the United States may also reach different judgments or results than would other courts, including courts where a stockholder considering an action may be located or would otherwise choose to bring the action, and such judgments may be more or less favorable to us than our stockholders.
Share Price & Shareholder Rights - Risk 3
Provisions in our charter documents and under Delaware law could make an acquisition of our company more difficult, limit attempts by our stockholders to replace or remove our current Board, and limit the market price of our Class A common stock.
Provisions in our amended and restated certificate of incorporation and third amended and restated bylaws may have the effect of delaying or preventing a change of control or changes in our management. Our amended and restated certificate of incorporation and third amended and restated bylaws, include provisions that: - provide that the authorized but unissued shares of our common stock and our preferred stock are available for future issuance without stockholder approval;- provide that our Board is classified into three classes of directors with staggered three-year terms;- permit the Board to establish the number of directors and fill any vacancies and newly created directorships;- require super-majority voting to amend some provisions in our amended and restated certificate of incorporation and third amended and restated bylaws;- authorize the issuance of "blank check" preferred stock that our Board could use to implement a stockholder rights plan;- provide that only the Chairperson of our Board, our Chief Executive Officer, or a majority of our Board will be authorized to call a special meeting of stockholders;- provide for a dual class common stock structure in which holders of our Class B common stock have the ability to control the outcome of matters requiring stockholder approval, even if they own significantly less than a majority of the outstanding shares of our Class A and Class B common stock, including the election of directors and significant corporate transactions, such as a merger or other sale of our company or its assets;- prohibit stockholder action by written consent, which requires all stockholder actions to be taken at a meeting of our stockholders;- provide that the Board is expressly authorized to make, alter or repeal our bylaws; and - advance notice requirements for nominations for election to our Board or for proposing matters that can be acted upon by stockholders at annual stockholder meetings. Moreover, Section 203 of the Delaware General Corporation Law may discourage, delay, or prevent a change in control of our company. Section 203 imposes certain restrictions on mergers, business combinations, and other transactions between us and holders of 15% or more of our common stock.
Share Price & Shareholder Rights - Risk 4
If we do not meet the expectations of equity research analysts, if they do not publish research or reports about our business or if they issue unfavorable commentary or downgrade our Class A common stock, the price of our Class A common stock could decline.
The trading market for our Class A common stock will depend in part on the research and reports that equity research analysts publish about us and our business. The analysts' estimates are based upon their own opinions and are often different from our estimates or expectations. If our results of operations are below the estimates or expectations of public market analysts and investors, our stock price could decline. Moreover, the price of our Class A common stock could decline if one or more securities analysts downgrade our Class A common stock or if those analysts issue other unfavorable commentary or cease publishing reports about us or our business.
Share Price & Shareholder Rights - Risk 5
The issuance of additional stock in connection with financings, acquisitions, investments, our stock incentive plans or otherwise will dilute all other stockholders.
Our amended and restated certificate of incorporation authorizes us to issue up to 1,000,000,000 shares of Class A common stock and up to 100,000,000 shares of preferred stock with such rights and preferences as may be determined by our Board. Subject to compliance with applicable rules and regulations, we may issue our shares of Class A common stock or securities convertible into our Class A common stock from time to time in connection with a financing, acquisition, investment, our stock incentive plans or otherwise. Any such issuance could result in substantial dilution to our existing stockholders and cause the trading price of our Class A common stock to decline.
Share Price & Shareholder Rights - Risk 6
An active public market for our Class A common stock may not be sustained and could be highly volatile, and you may not be able to resell your shares at or above your original purchase price, if at all. You may lose all or part of your investment.
We have a limited trading history. Since shares of our Class A common stock were sold in our initial public offering on March 24, 2021 at a price of $14.00 per share, our stock price has ranged from $7.16 to $32.48 through December 31, 2024. If you purchase shares of our Class A common stock, you may not be able to resell those shares at or above the price you paid. The market prices of the securities of other newly public companies have historically been highly volatile. The market price of our Class A common stock may fluctuate significantly in response to numerous factors, many of which are beyond our control, including: - actual or anticipated fluctuations in our results of operations;- variance in our results of operations from the expectations of market analysts;- announcements by us or our competitors of significant business developments, changes in service provider relationships, acquisitions or expansion plans;- changes in the prices of our products;- our involvement in litigation;- our sale of Class A common stock or other securities in the future;- market conditions in our industry;- changes in key personnel;- the trading volume of our Class A common stock;- changes in the estimation of the future size and growth rate of our markets; and - general economic and market conditions. In addition, the stock markets have experienced extreme price and volume fluctuations. Broad market and industry factors may materially harm the market price of our Class A common stock, regardless of our results of operation. In the past, following periods of volatility in the market price of a company's securities, securities class action litigation has often been instituted against that company. If we were involved in any similar litigation we could incur substantial costs, and our management's attention and resources could be diverted. If you purchase shares of our Class A common stock, you may not be able to resell those shares at or above the price you originally paid. An active or liquid market in our Class A common stock may not be sustainable, which could adversely affect your ability to sell your shares and could depress the market price of our Class A common stock.
Accounting & Financial Operations3 | 7.1%
Accounting & Financial Operations - Risk 1
We do not expect to declare any dividends in the foreseeable future.
We do not anticipate declaring any cash dividends to holders of our common stock in the foreseeable future. Consequently, investors may need to rely on sales of their Class A common stock after price appreciation, which may never occur, as the only way to realize any future gains on their investment. Investors seeking cash dividends should not purchase our Class A common stock.
Accounting & Financial Operations - Risk 2
Changed
Failure to maintain effective internal controls over financial reporting in accordance with Section 404 of Sarbanes-Oxley Act of 2002, as amended ("SOX") could impair our ability to produce timely and accurate financial statements or comply with applicable regulations and have a material adverse effect on our business. In the future, our disclosure controls and procedures may not prevent or detect all errors or acts of fraud.
As a public company, we are subject to certain reporting requirements of the Exchange Act and have significant requirements for enhanced financial reporting and internal controls. Our disclosure controls and procedures are designed to reasonably assure that information required to be disclosed by us in reports we file or submit under the Exchange Act is accumulated and communicated to management, recorded, processed, summarized, and reported within the time periods specified in the rules and forms of the SEC. The process of designing and implementing effective internal controls is a continuous effort that requires us to anticipate and react to changes in our business and the economic and regulatory environments, and to expend significant resources to maintain a system of internal controls that is adequate to satisfy our reporting obligations as a public company. If we are unable to maintain appropriate internal financial reporting controls and procedures, it could cause us to fail to meet our reporting obligations on a timely basis, result in material misstatements in our consolidated financial statements, cause us to have to clawback incentive-based compensation from our executives, and harm our operating results. We believe that any disclosure controls and procedures or internal controls and procedures, no matter how well conceived and operated, can provide only reasonable, not absolute, assurance that the objectives of the control system are met. These inherent limitations include the realities that judgments in decision-making can be faulty, and that breakdowns can occur because of simple error or mistake. Additionally, controls can be circumvented by the individual acts of some persons, by collusion of two or more people or by an unauthorized override of the controls. Accordingly, because of the inherent limitations in our control system, misstatements or insufficient disclosures due to error or fraud may occur and not be detected. In addition, as of December 31, 2024, we were no longer considered to be an emerging growth company, and are now required to comply with Section 404(b) of SOX. We are required to disclose changes made in our internal controls and procedures on a quarterly basis and our management is required to assess the effectiveness of these controls annually. Our independent registered public accounting firm is required to attest to the effectiveness of our internal controls over financial reporting pursuant to Section 404(b) of SOX. An independent assessment of the effectiveness of our internal controls over financial reporting could detect problems that our management's assessment might not. Undetected material weaknesses in our internal controls over financial reporting could lead to restatements of our financial statements and require us to incur the expense of remediation. Matters impacting our internal controls may cause us to be unable to report our financial information on a timely basis and thereby subject us to adverse regulatory consequences, including sanctions by the SEC or violations of applicable stock exchange listing rules, which may result in a breach of the covenants under future financing arrangements. There also could be a negative reaction in the financial markets due to a loss of investor confidence in us and the reliability of our consolidated financial statements. Confidence in the reliability of our consolidated financial statements also could suffer if we or our independent registered public accounting firm report a material weakness in our internal controls over financial reporting. This could materially adversely affect us and lead to a decline in the market price of our Class A common stock. We expect to continue our efforts to improve our control processes, though there can be no assurance that our efforts will be successful or avoid potential future material weaknesses, and we expect to incur additional costs as a result of these efforts. If we are unable to successfully remediate future material weaknesses in our internal control over financial reporting the accuracy and timing of our financial reporting may be adversely affected, we may be unable to maintain compliance with securities law requirements regarding timely filing of periodic reports in addition to applicable stock exchange listing requirements, investors may lose confidence in our financial reporting, and our stock price may decline as a result. We also could become subject to investigations by the New York Stock Exchange ("NYSE"), the SEC or other regulatory authorities.
Accounting & Financial Operations - Risk 3
We have incurred losses in the past and may not consistently maintain profitability in the future.
We have incurred net losses in the past and, although we have achieved profitability in certain periods, we may not be able to achieve or sustain profitability in the future. We generated a net loss of $33.8 million for the year ended December 31, 2022, and net income of $1.0 million and $7.4 million for the years ended December 31, 2023 and 2024, respectively. We had an accumulated deficit of $63.8 million as of December 31, 2024. We plan to continue to invest in our research and development, and sales and marketing efforts, and we anticipate that our operating expenses will continue to increase as we scale our business and expand our operations. We also expect our general and administrative expenses to increase as a result of our growth and operating as a public company. Our ability to achieve and sustain profitability in future periods is based on numerous factors, many of which are beyond our control.
Debt & Financing1 | 2.4%
Debt & Financing - Risk 1
Our failure to raise additional capital or generate cash flows necessary to expand our operations and invest in new technologies in the future could reduce our ability to compete successfully and harm our results of operations.
We may require additional financing, and we may not be able to obtain debt or equity financing on favorable terms, if at all. Any debt financing obtained by us could involve restrictive covenants relating to financial and operational matters, which may make it more difficult for us to obtain additional capital and to pursue business opportunities, including potential acquisitions. If we raise additional funds through further issuances of equity, convertible debt securities or other securities convertible into equity, our existing stockholders could experience significant dilution, and any new equity securities we issue could have rights, preferences, and privileges senior to those of holders of our Class A common stock. The terms of any debt financing may include liquidity requirements, restrict our ability to pay dividends, and require us to comply with other covenants restrictions. If we need additional capital and cannot raise it on acceptable terms, or at all, we may not be able to, among other things: - develop new features, integrations, capabilities, and enhancements;- continue to expand our product and development, and sales and marketing teams;- hire, train, and retain employees;- respond to competitive pressures or unanticipated working capital requirements; or - pursue acquisition opportunities.
Corporate Activity and Growth1 | 2.4%
Corporate Activity and Growth - Risk 1
Added
As we acquire and invest in companies or technologies, we may not realize expected business or financial benefits and the acquisitions or investments could prove difficult to integrate, disrupt our business, dilute stockholder value and adversely affect our business, results of operations, and financial condition.
As part of our business strategy, we evaluate and may make investments in, or acquisitions of, complementary companies, services, databases, and technologies, and we expect that we will continue to evaluate and pursue such investments and acquisitions in the future to further grow and augment our business, our platform, and product offerings. For example, we acquired Backlinko in January 2022, Kompyte in March 2022, Traffic Think Tank in February 2023, a majority stake in Datos in December 2023, a majority stake in Brand 24 in April 2024, Ryte in July 2024, Exploding Topics in August 2024, and Third Door Media in October 2024 to expand our technological capabilities and solutions offerings. We have incurred and will continue to incur costs to integrate the businesses of the companies we acquire or invest in into our business and to integrate their products into our platform, such as software and security related integration expenses and costs related to the renegotiation of redundant vendor agreements, and we expect to incur similar costs to integrate future acquisitions. We may have difficulty effectively integrating the personnel, businesses, and technologies of these acquisitions into our company and platform and product offerings and achieving the strategic goals of those acquisitions. Addressing such integration difficulties may involve significant diversion of internal resources, which may be costly and time consuming. We may not be able to find suitable acquisition candidates, and we may not be able to complete acquisitions on favorable terms, if at all. Acquired assets, data, or companies may not be successfully integrated into our operations, costs in connection with acquisitions and integrations may be higher than expected, and we may also incur unanticipated acquisition-related costs or liabilities. These costs or liabilities could adversely affect our financial condition, results of operations, or prospects. Any acquisition we complete could be viewed negatively by customers, users, developers, and other employees, partners, or investors, and could have adverse effects on our existing business relationships and company culture. In addition, to facilitate these acquisitions or investments, we may seek additional equity or debt financing, which may not be available on terms favorable to us or at all, may affect our ability to complete subsequent acquisitions or investments and may affect the risks of owning our Class A common stock. For example, if we finance acquisitions by issuing equity or convertible debt securities or loans, our existing stockholders may be diluted, or we could face constraints related to the terms of, and repayment obligations related to, the incurrence of indebtedness that could affect the market price of our Class A common stock.
Tech & Innovation
Total Risks: 10/42 (24%)Above Sector Average
Innovation / R&D2 | 4.8%
Innovation / R&D - Risk 1
Changed
If we fail to maintain and improve our methods and technologies, or fail to anticipate new methods or technologies for data collection and analysis, hardware, software, and software-related technologies, competing products and services could surpass ours in depth, breadth, or accuracy of our data, the insights that we offer or in other respects, which could result in a loss of customers, impact our ability to acquire new customers, and harm our business and financial results.
We expect continuous development in the market with respect to data matching, data filtering, data predicting, algorithms, machine learning, artificial intelligence, and other related technologies and methods for gathering, cataloging, updating, processing, analyzing, and communicating data and other information about how consumers find, interact with, and digest digital content. Similarly, we expect continuous changes in computer hardware and software, network operating systems, programming tools, programming languages, operating systems, the use of the internet, and the variety of network, hardware, browser, mobile, and browser-side platforms, and related technologies with which our platform and products must integrate. Further, changes in customer preferences, including greater adoption of artificial intelligence, or regulatory requirements may require changes in the technology used to gather and process the data necessary to deliver our customers the insights that they expect. As a result, we may be required to commit significant resources to developing new products, software, and services before knowing whether such investments will result in products or services that the market will accept. Any of these developments and changes could also create opportunities for a competitor to create products or a platform comparable or superior to ours, or that takes material market share from us in one or more product categories, and create challenges and risks for us if we are unable to successfully modify and enhance our products to adapt accordingly.
Innovation / R&D - Risk 2
Our ability to introduce new products, tools, and add-ons is dependent on adequate research and development resources. If we do not adequately fund our research and development efforts or use product and development teams effectively, our business and operating results may be harmed.
To remain competitive, we must continue to develop new product offerings, as well as features and enhancements to our existing platform and products. Maintaining adequate research and development personnel and resources to meet the demands of the market is essential. If we experience high turnover of our product and development personnel, a lack of management ability to guide our research and development, or a lack of other research and development resources, we may miss or fail to execute on new product development and strategic opportunities and consequently lose potential and actual market share. The success of our business is dependent on our product and development teams developing and executing on a product roadmap that allows us to retain and increase the spending of our existing customers, attract new customers, and upgrade our free customers to premium subscriptions. Our failure to maintain adequate research and development resources, to use our research and development resources efficiently and effectively, or to address the demands and anticipate future demands of our prospective and actual customers could materially adversely affect our business.
Trade Secrets2 | 4.8%
Trade Secrets - Risk 1
If third parties claim that we infringe upon or otherwise violate their intellectual property rights, our business could be adversely affected.
We have in the past and may in the future be subject to claims that we have infringed or otherwise violated third parties' intellectual property rights. There is patent, copyright, and other intellectual property development and enforcement activity in our industry and relating to the technology we use in our business. Our future success depends in part on not infringing upon or otherwise violating the intellectual property rights of others. From time to time, our competitors or other third parties (including non-practicing entities and patent holding companies) may claim that we are infringing upon or otherwise violating their intellectual property rights, and we may be found to be infringing upon or otherwise violating such rights. In addition, we do not own any issued patents, nor do we have any pending patents, which limits our ability to deter patent infringement claims by competitors and other third parties who hold patents. We may be unaware of the intellectual property rights of others that may cover some or all of our current or future technology or conflict with our rights, and the patent, copyright, and other intellectual property rights of others may limit our ability to improve our technology and compete effectively. Any claims of intellectual property infringement or other intellectual property violations, even those without merit, could: - be expensive and time consuming to defend;- cause us to cease making, licensing or using our platform or products that incorporate the challenged intellectual property;- require us to modify, redesign, reengineer or rebrand our platform or products, if feasible;- divert management's attention and resources; or - require us to enter into royalty or licensing agreements to obtain the right to use a third-party's intellectual property. Any royalty or licensing agreements, if required, may not be available to us on acceptable terms or at all. A successful claim of infringement against us could result in our being required to pay significant damages, enter into costly settlement agreements, or prevent us from offering our platform or products, any of which could have a negative impact on our operating profits and harm our future prospects. We may also be obligated to indemnify our customers or business partners in connection with any such litigation and to obtain licenses, modify our platform or products, or refund premium subscription fees, which could further exhaust our resources. Such disputes could also disrupt our platform or products, adversely affecting our customer satisfaction and ability to attract customers.
Trade Secrets - Risk 2
We may not be able to adequately protect our proprietary and intellectual property rights in our data or technology.
Our success is dependent, in part, upon protecting our proprietary information and technology. Our intellectual property portfolio primarily consists of registered and unregistered trademarks, unregistered copyrights, domain names, know-how, and trade secrets. We may be unsuccessful in adequately protecting our intellectual property. No assurance can be given that confidentiality, non-disclosure, or invention or copyright assignment agreements with employees, consultants, partners or other parties have been entered into, will not be breached, or will otherwise be effective in establishing our rights in intellectual property and in controlling access to and distribution of our platform, or certain aspects of our platform, and proprietary information. Further, these agreements do not prevent our competitors from independently developing technologies that are substantially equivalent or superior to our platform. Additionally, certain unauthorized use of our intellectual property may go undetected, or we may face legal or practical barriers to enforcing our legal rights even where unauthorized use is detected. Current laws may not provide for adequate protection of our platform or data, especially in foreign jurisdictions which may have laws that provide insufficient protections to companies. Moreover, our exposure to unauthorized copying of certain aspects of our platform, or our data may increase. As our platform and products increasingly integrate with artificial intelligence, the impact of the uncertainties regarding the applicability of intellectual property laws and rights to outputs generated through the use of artificial intelligence becomes more material and increases the risk that we may not be able to adequately protect our platform or data. Further, competitors, foreign governments, foreign government-backed actors, criminals, or other third parties may gain unauthorized access to our proprietary information and technology. Accordingly, despite our efforts, we may be unable to prevent third parties from infringing upon or misappropriating our technology and intellectual property or claiming that we infringe upon or misappropriate their technology and intellectual property. To protect our intellectual property rights, we may be required to spend significant resources to monitor, protect, and defend these rights, and we may or may not be able to detect infringement by our customers or third parties. Litigation has been and may be necessary in the future to enforce our intellectual property rights and to protect our trade secrets. Such litigation could be costly, time consuming, and distracting to management and could result in the impairment or loss of portions of our intellectual property. Our inability to protect our proprietary technology against unauthorized copying or use, as well as any costly litigation or diversion of our management's attention and resources, could delay further sales or the implementation of our platform, impair the functionality of our platform, delay introductions of new features, integrations, and capabilities, result in our substituting inferior or more costly technologies into our platform, or injure our reputation.
Cyber Security2 | 4.8%
Cyber Security - Risk 1
Changed
business including by posing security and other risks to our confidential information, proprietary information and personal information, and as a result we may be exposed to reputational harm and liability.
We continue to build and integrate artificial intelligence into our platform and products, and this innovation presents risks and challenges that could affect its adoption, and therefore our business. The use of certain artificial intelligence technology can give rise to intellectual property risks, including compromises to proprietary intellectual property and intellectual property infringement, and data protection related risks, including the use of data to train artificial intelligence models. Additionally, we expect to see increasing government and supranational regulation related to artificial intelligence use and ethics, which may also significantly increase the burden and cost of research, development and compliance in this area, which may give rise to increased contractual and technical requirements from our customers thereby impacting the time required to, and our ability to, acquire and retain customers. For example, the EU's Artificial Intelligence Act ("EU AI Act") - the world's first comprehensive AI law - entered into force in August 2024 and most provisions will become effective on August 2, 2026. The EU AI Act imposes significant obligations on providers and deployers of high risk artificial intelligence systems, and encourages providers and deployers of artificial intelligence systems to account for EU ethical principles in their development and use of these systems. Additionally, the EU Commission is developing a Code of Practice for providers of general-purpose artificial intelligence ("GPAI") models, which will address critical areas such as transparency, copyright-related rules and risk management, which Code of Practice is expected to be finalized by April 2025 and enter into application in August 2025. In the United States, a number of states have proposed and passed laws regulating various uses of AI, and federal regulators have issued guidance affecting the use of AI in regulated sectors. Outside of the EU and the United States, other countries such as Peru, China, South Korea and Thailand have adopted AI related laws and regulations, and many other countries such as Canada, the United Kingdom and Brazil have draft laws, regulations and guidance in various stages of drafting, introduction and adoption. If we develop or use AI systems that are governed by the EU AI Act, or other applicable AI related laws and regulations, it may necessitate ensuring higher standards of data quality, transparency, and human oversight, as well as adhering to specific and potentially burdensome and costly ethical, accountability, administrative and contractual requirements. The rapid evolution of artificial intelligence will require the application of significant resources to design, develop, test and maintain our products and services to help ensure that artificial intelligence is implemented in accordance with applicable law and regulation and in a socially responsible manner and to minimize any real or perceived unintended harmful impacts. Our vendors may in turn incorporate artificial intelligence tools into their own offerings, and the providers of these artificial intelligence tools may not meet existing or rapidly evolving regulatory or industry standards, including with respect to privacy and data security. Further, bad actors around the world use increasingly sophisticated methods, including the use of artificial intelligence, to engage in illegal activities involving the theft and misuse of personal information, confidential information and intellectual property. Other new and evolving technologies may result in similar risks to those currently arising in the artificial intelligence context. Any of these effects could damage our reputation, result in the loss of valuable property and information, cause us to breach applicable laws and regulations, and adversely impact our business. If we enable or offer solutions that draw controversy due to perceived or actual negative societal impact, we may experience brand or reputational harm, competitive harm or legal liability.
Cyber Security - Risk 2
If the security of the confidential information or personal information of our customers on our platform is breached or otherwise subjected to unauthorized access or disclosure, our reputation may be harmed, and we may be exposed to significant liability.
With consent from our customers, we obtain personal, confidential, and other customer data from our customers' websites, social media accounts, and Google Analytics' accounts to operate certain functionality on our platform or within products that we offer. In addition, with consent from our customers, we collect and store certain personally identifiable information ("personal data"), credit card information, and other data needed to create, support, and administer the customer account, to collect premium subscription fees, conduct our business, and comply with legal obligations, including rules imposed by the Payment Card Industry networks. We take reasonable steps designed to protect the security, confidentiality, integrity, and availability of the information we and our third-party service providers hold, but there is no guarantee that despite our efforts, inadvertent disclosure (such as may arise from software bugs or other technical malfunctions, employee or vendor error or malfeasance, improper use of third-party artificial intelligence services, or other factors) or unauthorized access, acquisition, misuse, disclosure or loss of personal or other confidential information will not occur or that third parties will not gain unauthorized access to this information or disrupt or disable our systems or infrastructure. Attacks on information technology systems are increasing in their frequency, levels of persistence, sophistication and intensity, and they are being conducted by increasingly sophisticated and organized groups and individuals with a wide range of motives and expertise, including nation-state actors. Such attacks could include the deployment of harmful malware, system-disrupting ransomware, denial-of-service attacks, social engineering (including phishing attacks) and other means to affect service reliability and threaten the confidentiality, integrity and availability of information. Further, the prevalence of remote work by our employees and those of our third-party service providers creates increased risk that a cybersecurity incident or data breach may occur. Like other companies in our industry, we, and our third party vendors, have experienced and expect to continue to experience threats and cybersecurity incidents relating to our information technology systems and infrastructure. For example, we have been the target of attempts to identify and exploit system vulnerabilities and/or penetrate or bypass our security measures to gain unauthorized access to our systems. Since techniques used to conduct malicious cyber activities change frequently, we and our third-party service providers may be unable to anticipate these techniques or to implement adequate measures to prevent or detect them. If our security measures or the security measures of our third-party service providers fail, or if vulnerabilities in our software are exposed and exploited, and, as a result, a third party disrupts the operations of our systems or obtains unauthorized access to any customers' data, our relationships with our customers may be damaged, and we could incur liability. Further, our customers with annual subscription terms may have the right to terminate their subscriptions before the end of the subscription term due to our uncured material breach of agreement, including with respect to our data security obligations. It is also possible that unauthorized access to customer data may be obtained through inadequate use of security controls by customers, suppliers or other vendors. While we are not currently aware of any impact that supply chain attacks may have had on our business, these events are complex, difficult to defend against, and of unknown scope, therefore we could face a level of ongoing residual risk of data breaches or other cybersecurity incidents resulting from this type of event. We may also be subject to additional liability risks for failing to disclose data breaches or other cybersecurity incidents under state data breach notification laws or under the private right of action granted to individuals under certain data privacy laws for actions arising from certain data breaches or cybersecurity incidents, such as the California Consumer Privacy Act ("CCPA") (which is further discussed below in this "Risk Factors" section). In addition, some regions, such as the EU, the United Kingdom ("UK"), and the United States, have enacted mandatory notification requirements which require companies to notify data protection authorities, state and federal agencies, or affected stakeholders, including affected individuals, of cybersecurity incidents or data breaches. We may also be contractually required to notify certain customers in the event of a cybersecurity incident or data breach pursuant to the applicable customer agreement. These mandatory disclosures regarding a cybersecurity incident or data breach may lead to negative publicity and may cause our customers to lose confidence in the effectiveness of our data security measures. Any cybersecurity incident or data breach, whether actual or perceived, may harm our reputation, and we could lose customers or fail to acquire new customers. Federal, state, and provincial regulators and industry groups may also consider and implement from time to time new privacy and security requirements that apply to our business, such as the long established Massachusetts data security regulations and the New York Stop Hacks and Improve Electronic Data Act, both of which establish administrative, technical, and physical data security requirements for companies, and permit civil penalties for each violation. Compliance with evolving privacy and security laws, requirements, and regulations may result in cost increases due to necessary systems changes, new limitations or constraints on our business models and the development of new administrative processes. They also may impose further restrictions on our collection, disclosure, and use of personal data kept in our databases or those of our vendors. If our security measures fail to protect credit card information adequately, we could be liable to both our customers and their users for their losses, as well as the vendors under our agreements with them such that we could be subject to fines and higher transaction fees, we could face regulatory action, and our customers and vendors could end their relationships with us, any of which could harm our business, results of operations or financial condition. Any intentional or inadvertent cybersecurity incidents, data breaches or other unauthorized access to or disclosure of personal data could expose us to enforcement actions, regulatory or governmental audits, investigations, litigation, fines, penalties, adverse publicity, downtime of our systems, and other possible liabilities. There can be no assurance that the limitations of liability in our contracts would be enforceable or adequate or would otherwise protect us from any such liabilities or damages with respect to any particular claim. In addition, our cybersecurity insurance coverage may be inadequate to cover all costs and expenses associated with a security incident that may occur in the future. We may need to devote significant resources to defend against, respond to and recover from cybersecurity incidents and data breaches, diverting resources from the growth and expansion of our business.
Technology4 | 9.5%
Technology - Risk 1
Technical problems or disruptions that affect either our customers' (and their users') ability to access our platform and products, or the software, internal applications, database, and network systems underlying our platform and products, could damage our reputation and brands, lead to reduced demand for our platform and products, lower revenues, and increased costs.
Our business, brands, reputation, and ability to attract and retain customers depend upon the satisfactory performance, reliability, and availability of our platform and products, which in turn depend upon the availability of the internet and our third-party service providers. Interruptions in these systems, whether due to system failures, computer viruses, software errors, physical or electronic break-ins, malicious hacks or attacks on our systems (such as denial of service attacks), or force majeure events, could affect the security and availability of our platform and products and prevent or inhibit the ability of customers to access our platform and products. In addition, the software, internal applications, and systems underlying our platform and products are complex and may not be error-free. We may encounter technical problems when we attempt to perform routine maintenance or enhance our software, internal applications, and systems. In addition, our platform may be negatively impacted by technical issues experienced by our third-party service providers. Any inefficiencies, errors, or technical problems with our software, internal applications, and systems could reduce the quality of our platform and products or interfere with our customers' (and their users') use of our platform and products, which could negatively impact our brand, reduce demand, trigger termination rights or other financial recourse for our paying customers under our customer agreements, lower our revenues, and increase our costs.
Technology - Risk 2
If third-party applications change such that we do not or cannot maintain the compatibility of our platform with these applications or if we fail to integrate with or provide third-party applications that our customers desire to use with our products, demand for our solutions and platform could decline.
The attractiveness of our platform depends, in part, on our ability to integrate via APIs with third-party applications that our customers desire to use with our products, such as Google, Facebook, Instagram, X, YouTube, LinkedIn, Pinterest, AIOSEO, Monday.com, Pagecloud, Renderforest, Scalenut, SurferSEO, Wix, Quickblog, Zoho and others. Third-party application providers may change the features of their applications and platforms, including their APIs, or alter the terms governing use of their applications and platforms in an adverse manner. Further, third-party application providers may refuse to partner with us, may implement an expensive fee based model for API integration, or otherwise limit or restrict our access to their applications and platforms. Such changes could functionally limit or terminate our ability to use these third-party applications with our platform, which could negatively impact our offerings and the customer experience, and ultimately harm our business. If we fail to integrate our platform with new third-party applications that our customers desire, or to adapt to the data transfer requirements of such third-party applications and platforms, we may not be able to offer the functionality that our customers expect, which would negatively impact our offerings and, as a result, harm our business. Additionally, our business could be harmed if our customers have negative experiences in using the third-party integrations that we offer.
Technology - Risk 3
Changes by search engines, social networking sites, and other third-party services to their underlying technology configurations or policies regarding the use of their platforms and/or technologies for commercial purposes, including anti-spam policies, may limit the efficacy of certain of our products, tools, and add-ons and as a result, our business may suffer.
Our online visibility management SaaS platform is designed to help our customers connect with consumers across a variety of digital channels, search engines, social networking sites, and other third-party services. These third-party services may adapt and change their strategies and policies over time. Search engines typically provide two types of search results, organic (i.e., non-paid) and purchased listings. Organic search results are determined and organized solely by automated criteria set by the search engine, and a ranking level cannot be purchased. Search engines revise their algorithms from time to time in an attempt to optimize their search result listings, and typically do not publicize the full extent of what has changed in their algorithm (although certain changes may be publicly announced). Changes to search engine algorithms may diminish the efficacy of certain of our products, tools, and add-ons, and potentially render them obsolete. For example, if a given search engine stopped using backlinks in its ranking algorithm, our customers' perception of our backlink analytics tool, which enables customers to analyze and monitor the backlink profile of their own and other websites, may be adversely impacted. Similarly, if a search engine ceases to manually penalize or take action against web pages for unnatural backlinks, then our customers may determine that auditing their backlinks is unnecessary which could cause them to devalue our backlink audit tool, which enables companies to check whether malicious websites have links to their sites, or cease using it altogether. Additionally, increased adoption of artificial intelligence for use and responses to internet search queries may result in significant changes to how search engines rank, return, and display responses. As a result of these types of changes we may be required to recalibrate our solutions, products and add-ons by reducing prices, discontinuing the affected product or tool, or otherwise develop new products or tools to meet the needs of our customers. These responses may be costly, may not be effective, and our business may suffer. Additionally, search engines, social networking sites, third-party artificial intelligence services and other third-party services typically have terms of service, guidelines, and other policies to which its users are contractually obligated to adhere. For example, Google's Gmail offering has a spam and abuse policy that prohibits sending spam, distributing viruses, or otherwise abusing the service. Our email distribution tool enables our customers to send emails to their desired recipients, such as journalists and bloggers. Our email distribution tool relies on a DMARC integration which enables our customers to send emails using our platform as if they were sending emails directly from their email provider, and our product involves emails initiated by customers over our servers. Our customers' actions using either the link building tool or email distribution tool could be flagged under Google's spam and abuse policy or in the future such actions may be prohibited by subsequent changes to Google's policies. Any change to the policies of the third-party services with which our products, tools, and add-ons integrate or interact, or with which our products are intended to be used, including any anti-spam policies, or any actions taken by these third-party service providers under their policies could adversely impact the efficacy and perceived value of our products, tools, and add-ons, and as a result, our business may be harmed.
Technology - Risk 4
Our use of "open source" software could negatively affect our ability to offer and sell access to our platform and products, and subject us to possible litigation.
We use open source software in our platform and products, and expect to continue to use open source software in the future. There are uncertainties regarding the proper interpretation of and compliance with open source licenses, and there is a risk that such licenses could be construed in a manner that imposes unanticipated conditions or restrictions on our ability to use such open source software, and consequently to provide or distribute our platform and products. Although use of open source software has historically been free, recently several open source providers have begun to charge license fees for use of their software. If our current open source providers were to begin to charge for these licenses or increase their license fees significantly, we would have to choose between paying such license fees or incurring the expense to replace the open source software with other software or with our own software, which would increase our research and development costs, and have a negative impact on our results of operations and financial condition. Additionally, we may from time to time face claims from third parties claiming ownership of, or seeking to enforce the terms of, an open source license, including by demanding release of source code for the open source software, derivative works or our proprietary source code that was developed using or that is distributed with such open source software. These claims could also result in litigation and could require us to make our proprietary software source code freely available, require us to devote additional research and development resources to change our platform or incur additional costs and expenses, any of which could result in reputational harm and would have a negative effect on our business and operating results. In addition, if the license terms for the open source software we utilize change, we may be forced to reengineer our platform or incur additional costs to comply with the changed license terms or to replace the affected open source software. Further, use of certain open source software can lead to greater risks than use of third-party commercial software, as open source licensors generally do not provide warranties or controls on the origin of software or indemnification for third-party infringement claims. Although we have implemented policies to regulate the use and incorporation of open source software into our platform and products, we cannot be certain that we have not incorporated open source software in our platform and products in a manner that is inconsistent with such policies.
Legal & Regulatory
Total Risks: 7/42 (17%)Below Sector Average
Regulation3 | 7.1%
Regulation - Risk 1
We are required to comply with U.S. economic sanctions, export control and anti-corruption laws, and regulations that could impair our ability to compete in international markets or expose us to liability if we were to violate such laws and regulations.
We are required to comply with U.S. economic sanctions and export control laws and regulations that prohibit the provision of certain products and services to certain targeted countries, governments, and persons. We have adopted a company-wide Trade Compliance Policy and implemented certain precautions to prevent our platform and products from being exported or accessed in violation of U.S. export controls or U.S. sanctions laws and regulations. However, we cannot be certain that each of our employees will fully comply with the Trade Compliance Policy, nor can we be certain that the precautions we take will prevent all violations of these laws. We have previously identified, and may in the future identify, customer accounts for our platform and products that may originate from, or are intended to benefit, persons in countries that are subject to U.S. embargoes, including transactions or events in or relating to Cuba, Iran, North Korea, Syria, the Crimea region of Ukraine and the so-called Donetsk People's Republic and Luhansk People's Republic regions of Ukraine. If we are found to be in violation of U.S. sanctions or export control laws, we may be fined or other penalties could be imposed. Furthermore, the laws and regulations concerning export controls and economic sanctions are complex and constantly changing. Changes in export control or economic sanctions laws and enforcement could also result in increased compliance requirements and related costs, which could materially adversely affect our business, results of operations, financial condition, and/or cash flows. We are also subject to various U.S. and international anti-corruption laws, such as the U.S. Foreign Corrupt Practices Act and the UK Bribery Act, as well as other similar anti-bribery and anti-kickback laws and regulations. These laws and regulations generally prohibit companies and their employees and intermediaries from authorizing, offering, or providing improper payments or benefits to government officials and other recipients for improper purposes. Our exposure for violating these laws may increase as we continue to expand our international presence, and any failure to comply with such laws could harm our business.
Regulation - Risk 2
If the use of cookies or other tracking technologies becomes subject to unfavorable legislation or regulation, is restricted by internet users or other third parties or is blocked or limited by users or by technical changes on end users' devices, our activities could be restricted including, our ability to attract new customers, convert traffic to paying customers and to develop and provide certain products could be diminished or eliminated.
We rely on cookies and other technologies, such as web beacons (collectively, "cookies") which are placed on internet browsers to gather data regarding the content of a user's web browsing activity. We use cookies to store users' settings between sessions and to enable visitors to our website to use certain features, such as gaining access to secure areas of the website. We also use cookies, including cookies placed by third-party services with which we integrate, to enable us to gather statistics about our visitors' use of our website and to allow our website visitors to connect our platform to their social networking sites, which enables us to advertise our products to them using retargeting methods. The availability of this data may be limited by numerous potential factors, including government legislation or regulation restricting the use of cookies for certain purposes, such as retargeting, browser limitations on the collection or use of cookies, or internet users deleting or blocking cookies on their web browsers or on our website. Our ability, like those of other technology companies, to collect, augment, analyze, use, and share information collected through the use of third-party cookies for online behavioral advertising is governed by U.S. and foreign laws and regulations which change from time to time, such as those regulating the level of consumer notice and consent required before a company can employ cookies to collect data about interactions with users online. In the United States, both state and federal legislation govern activities such as the collection and use of data, and privacy in the advertising technology industry has frequently been subject to review, and occasional enforcement, by the Federal Trade Commission (the "FTC"), U.S. Congress, and individual states. Our use of online tracking technologies are regulated by the CCPA and other state privacy laws that require companies to offer consumers the right to opt out of certain tracking activities. As our business is global, our activities are also subject to foreign legislation and regulation. In the EU, the EU Directive 2002/58/EC (as amended by Directive 2009/136/EC), commonly referred to as the e-Privacy Directive, and related implementing legislation in the EU member states, and in the UK, the Privacy and Electronic Communications (EC Directive) Regulations 2003, require that accessing or storing information on an internet user's device, such as through a cookie, is allowed only if the internet user has been informed thereof, and provided prior unambiguous, specific, and informed consent for the placement of a cookie on a user's device. A new e-Privacy Regulation is currently under discussion by EU member states to replace the e-Privacy Directive. Although it remains under debate, the proposed e-Privacy Regulation would amend rules on third-party cookies and significantly increase penalties for non-compliance. We cannot yet determine the impact such future laws, regulations, and standards may have on our use of third-party cookies. Additionally, the use of third-party cookies in the digital advertising ecosystem, particularly in the context of real-time bidding advertising auctions, is subject to increased regulatory scrutiny in the EU and the UK. Several European data protection authorities (including in Belgium, Ireland, UK, Poland, Spain, Luxembourg, and the Netherlands) have launched investigations or inquiries over Google's and other AdTech companies' practices concerning the collection and sharing of consumer data through cookies, the outcome of which is still uncertain. These investigations or inquiries could result in the imposition of more stringent standards around consent to place cookies or otherwise restrict the use of third-party cookies for online behavioral advertising. We have also received inquiries from, and engaged in correspondence with, European data protection authorities regarding our practices regarding cookies used on our websites, and the outcome of these inquiries is still uncertain. Additionally, new and expanding "Do Not Track" regulations have been enacted or proposed that protect users' right to choose whether or not to be tracked online. These regulations seek, among other things, to allow end users to have greater control over the use of private information collected online, to forbid the collection or use of online information, to demand a business to comply with their choice to opt out of such collection or use, and to place limits upon the disclosure of information to third-party websites. Continued regulation of cookies, and changes in the interpretation and enforcement of existing laws, regulations, standards, and other obligations, as well as increased enforcement by industry groups or data protection authorities, could restrict our activities, such as efforts to understand users' internet usage and engage in marketing activities, or require changes to our practices. New and evolving laws and regulations, and public perception concerning data protection, privacy and cybersecurity, or changes in the interpretation or patterns of enforcement of existing laws and regulations, could impair our efforts to maintain and expand our customer base, impact the manner in which we can interact with our current and prospective customers or users, or impair the ability of our customers and users to use our platform and some or all of our products. Compliance efforts may be costly, and breaches of laws and regulations concerning data protection privacy and cybersecurity could impact our reputation, expose us to significant fines and other penalties, and impact our ability to successfully run our business. We collect and process personal data about a variety of individuals, such as our customers, users, employees, contractors, and business partners, in connection with our relationship with such individuals,including to collect and process payment from our customers, provide our products and services to our customers, communicate with and recommend products to our customers and prospective customers through our marketing and advertising efforts, comply with legal obligations, and for other internal business purposes. Such processing of personal data is increasingly subject to new and rapidly evolving legislation and regulation globally. In the United States, we are subject to rules and regulations promulgated under the authority of the Federal Trade Commission, the CCPA and similar state privacy laws, and state breach notification laws. At the federal level, failing to take appropriate steps to keep consumers' personal information secure may constitute unfair acts or practices in or affecting commerce in violation of Section 5(a) of the Federal Trade Commission Act (the FTCA), 15 U.S.C § 45(a). The FTC expects a company's data security measures to be reasonable and appropriate in light of the sensitivity and volume of consumer information it holds, the size and complexity of its business and the cost of available tools to improve security and reduce vulnerabilities. Through executive and legislative action, the federal government has also taken steps to restrict data transactions involving certain sensitive data categories with persons affiliated with China, Russia, and other countries of concern. In addition, certain state laws govern privacy and security of personal information. The CCPA (as amended by the California Privacy Rights Act ("CPRA")), for example, broadly defines personal information and provides an expansive meaning to activity considered to be a sale of personal information, requires covered companies to provide specific disclosures to California residents, and gives California residents expanded privacy rights and protections, including the right to opt out of the sale or sharing of personal information. The CCPA also provides for civil penalties for violations and a private right of action for certain data breaches involving personal information, which may increase our exposure to litigation. The CPRA, which went into effect January 1, 2023, imposed additional obligations on companies covered by the legislation, including by expanding consumer rights with respect to certain categories of sensitive information. Additionally, similar comprehensive privacy laws have passed in many other states. Other states have also proposed new privacy laws which, if enacted, may add additional complexity, variation in requirements, restrictions and potential legal risk, require additional investment of resources in compliance programs, impact strategies and the availability of previously useful data and could result in increased compliance costs and/or changes in business practices and policies. U.S. state privacy laws are changing rapidly and the U.S. Congress has also contemplated federal data privacy legislation to which we could become subject to, if enacted. Many foreign jurisdictions in which we do business, including the European Union ("EU"), European Economic Area ("EEA"), United Kingdom ("UK"), Canada, Australia, Japan and others have laws and regulations addressing the collection and use of personal data obtained in connection with their territories, which are more restrictive in certain respects than those in the U.S. We maintain offices in the EU (including Cyprus, the Czech Republic, Germany, the Netherlands, Poland, and Spain), and we have customers in the EEA and the UK. Accordingly, we are subject to the General Data Protection Regulation (EU) 2016/679 (the "EU GDPR"), the UK General Data Protection Regulation ("UK GDPR"), and related or otherwise applicable data protection laws in effect in the member states of the EEA and in the UK (together, the "European Data Protection Law") in connection with the activities of our establishments in the EEA and UK, our offering of goods or services to individuals in the EEA and the UK, and the monitoring of their behavior in these regions. European Data Protection Law places a number of obligations on controllers and processors of personal data, while also establishing rights for individuals with respect to their personal data, including rights of access and deletion in certain circumstances. These obligations include the requirement to obtain consent from individuals in specific situations, provide additional disclosures to individuals regarding data processing activities, implement safeguards to protect the security and confidentiality of personal data, limit personal data retention periods, conduct mandatory data breach notifications in certain circumstances, and put in place specific measures (including contractual requirements) when engaging third-party service providers. European Data Protection Law also imposes strict rules on the transfer of personal data out of the EEA/UK to third countries deemed to lack adequate privacy protections, including the United States in certain circumstances, unless a derogation applies, or an appropriate transfer safeguard specified by the European Data Protection Law is implemented, such as the Standard Contractual Clauses ("SCCs") approved by the European Commission and the "International Data Transfer Agreement or Addendum ("IDTA") approved by the UK Information Commissioner's Office. International transfers made pursuant to the SCCs and IDTA also need to be analyzed on a case-by-case basis to ensure EEA/UK standards of data protection are met in the jurisdiction where the data importer is based. Any inability to transfer personal data from the EEA/UK to the United States in compliance with data protection laws may impede our operations. Following the UK's exit from the EU or Brexit, there will be increasing scope for divergence in application, interpretation and enforcement of the data protection laws between these territories. For example, the UK has introduced the Data Reform Bill into the UK legislative process with the intention for this bill to reform the UK's data protection regime following Brexit. If passed, the final version of the Data Reform Bill may have the effect of further altering the similarities between the UK and EEA data protection regimes and threaten the UK adequacy decision from the EU Commission allowing the free flow of personal data from the UK to the EEA, which may lead to additional compliance costs and could increase our overall risk. This lack of clarity on future UK laws and regulations and their interaction with those of the EEA could add legal risk, uncertainty, complexity, and cost to our handling of European personal data and our privacy and security compliance programs, and could require us to implement different compliance measures for the UK and EEA. Following the UK's exit from the EU, or Brexit, there will be increasing scope for divergence in application, interpretation and enforcement of the data protection laws between these territories. For example, the UK has introduced the Data (Use and Access) Bill into the UK legislative process with the intention for this bill to reform the UK's data protection regime following Brexit. If passed, the final version of the bill may have the effect of further altering the similarities between the UK and EEA data protection regimes and threaten the UK adequacy decision from the EU Commission allowing the free flow of personal data from the UK to the EEA, which may lead to additional compliance costs and could increase our overall risk. This lack of clarity on future UK laws and regulations and their interaction with those of the EEA could add legal risk, uncertainty, complexity, and cost to our handling of European personal data and our privacy and security compliance programs, and could require us to implement different compliance measures for the UK and EEA. We have implemented measures designed to comply with the requirements of applicable data protection, privacy and cybersecurity laws and regulations. In respect of these measures, we rely on positions and interpretations of the law that have yet to be fully tested before the relevant courts and regulators. If a regulator or court of competent jurisdiction determines that one or more of our compliance efforts (such as our data collection and processing consents) does not satisfy the applicable requirements of the law, or if any party brought a claim in this regard, we could be subject to governmental or regulatory investigations, enforcement actions, regulatory fines, compliance orders, litigation or public statements against us by consumer advocacy groups or others, any of which could restrict our ability to collect or otherwise process personal data, cause customers to lose trust in us, or otherwise damage our reputation and business. Likewise, a change in guidance could be costly and have an adverse effect on our business. With regards to data that we license or otherwise receive from third parties, we may not be able to verify with complete certainty the source of such data, how it was collected, and that such data was collected and is being shared with us in compliance with all applicable data protection and privacy laws. Our use of personal data obtained from third-party vendors could result in potential regulatory investigations, fines, penalties, compliance orders, liability, litigation, and remediation costs, as well as reputational harm, any of which could materially adversely affect our business and financial results. The requirements of laws and regulations (including European Data Protection Law) pertaining to the licensing of data or obtaining such data from third parties are not entirely clear in all cases. It is possible that third parties may bring claims against us, alleging non-compliance with such requirements, and seeking damages, seeking to prevent us from using certain data, or seeking to prevent us from using data in particular ways. Such claims could potentially adversely affect our ability to provide our services and the current level of functionality of our platform in such circumstances, which could adversely affect our results of operations. These new and evolving laws and regulations may, among other things, complicate our compliance efforts and impact how we collect and process personal data, conduct data protection assessments, and transfer personal data to affiliates and other third parties, which could in turn require us to make changes to our platform or products in order to comply, increase the cost of delivering our platform and products in some markets, reduce our ability to lawfully collect personal data used in our platform and products, impact how we respond to consumer rights requests, restrict our ability to reach current and prospective customers, increase the likelihood that we may be subject to enforcement actions or otherwise incur liability for noncompliance, and limit our ability to derive insights from data globally. A new Data (Use and Access) Bill (UK Bill) has now been introduced into parliament. The uncertain and shifting regulatory environment and trust climate may cause concerns regarding data privacy and may cause our vendors, customers and users to resist providing the data necessary to allow us to offer our platform and products to our customers and users effectively, or could prompt individuals to opt out of our collection of their personal data. Even the perception that the privacy of personal data is not satisfactorily protected or does not meet regulatory requirements could discourage prospective customers from subscribing to our products or discourage current customers from renewing their subscriptions. Additionally, the evolving nature and complexity of privacy and data security legislation may further increase our risk of litigation, adverse publicity and regulatory or governmental enforcement actions, including fines for non-compliance. For example, CCPA allows for fines of up to $7,500 for each violation, while European Data Protection Law imposes fines up to the greater of €20 million (£17.5 million for the UK) and 4% of worldwide gross annual revenue, also conferring a private right of action on data subjects and consumer associations to lodge complaints with supervisory authorities, seek judicial remedies, and obtain compensation for damages resulting from violations of European Data Protection Law. Our compliance efforts could reduce demand for our platform or products and compliance itself could require us to take on more onerous obligations in our contracts which may expose us to more contractual risk, and may slow the pace at which we close sales transactions. Taken as a whole, these complexities and the evolving nature of data protection and privacy and cybersecurity laws and regulations could have a material adverse effect on our reputation, business and financial results.
Regulation - Risk 3
Changed
Federal, state, and foreign laws regulate internet tracking software, the sending of commercial emails and text messages, sales activities, and other activities, which could impact the use of our platform and products, and potentially subject us to regulatory enforcement or private litigation.
Federal, state, and foreign laws in the jurisdictions in which we operate regulate various aspects regarding the development and commercialization of our platform and products, including the use of internet tracking software, the sending of commercial emails and text messages, and how we contract with our customers and sell our products, amongst other areas, all of which could impact the use of our platform and products by our customers, and potentially subject us to regulatory enforcement or private litigation. As a provider of subscription-based products and services, we may be impacted by laws or regulations that govern or regulate how businesses may periodically charge its customers for subscription renewals and how customers may cancel or get out of such subscriptions. While we operate as a business-to-business ("B2B") company whose customers consist of other businesses looking to utilize our platform and products for search engine optimization, content marketing, competitive analysis and other related services, laws and regulations that were historically aimed at protecting consumers only (in the "business-to-consumer" or "B2C" context) may be expanded, or new laws and regulations adopted, to address conversion, renewal and cancellations of subscriptions in the B2B context as well. For example, the FTC adopted its Pre-Notification Negative Option Rule in 2024 (with most provisions of the rule to take effect in April 2025) which imposes additional requirements on the marketing and sale of subscription-based products and services. We are closely monitoring this rule, which is currently being challenged in the federal circuit court system, to determine if we may be required to make changes to the manner in which we market and sell our subscription-based products and services. Compliance with the proposed rule could be costly, and related changes to our platform, products, marketing strategies and administrative processes could adversely affect free to paid customer conversion, upgrades and renewal rates. We are subject to laws and regulations that govern sending marketing and advertising by electronic means, such as email and telephone. For example, in the United States, the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (the "CAN-SPAM Act"), among other things, obligates the sender of commercial emails to provide recipients with the ability to opt out of receiving future commercial emails from the sender. In addition, the Telephone Consumer Protection Act (the "TCPA") imposes certain notice, consent, and opt-out obligations on companies that send telephone or text communications using automatic telephone dialing systems, or artificial or prerecorded voice to consumers, and provides consumers with private rights of action for violations. The FCC and the FTC have responsibility for regulating various aspects of these laws. Among other requirements, the TCPA requires us to obtain prior express written consent for certain telemarketing calls. Many states have similar consumer protection laws regulating telemarketing. These laws limit our ability to communicate with potential customers and reduce the effectiveness of our marketing programs. The TCPA does not currently distinguish between voice and data, and, as such, SMS/MMS messages are also "calls" for the purpose of TCPA obligations and restrictions. For violations of the TCPA, the law provides for a private right of action under which a plaintiff may recover monetary damages of $500 for each call or text made in violation of the prohibitions on calls made using an "artificial or pre-recorded voice" or an automatic telephone dialing system. Various state law equivalents of the TCPA may also provide for monetary damages in amounts greater than those provided for under the TCPA. A court may also treble the amount of damages upon a finding of a "willful or knowing" violation. There is no statutory cap on maximum aggregate exposure. An action may be brought by the FCC, a state attorney general, an individual, or a class of individuals. If in the future we are found to have violated the TCPA, or a state law equivalent, the amount of damages and potential liability could be extensive and adversely impact our business. Accordingly, were such a class certified or if we are unable to successfully defend such a suit, then TCPA or other state law damages could have a material adverse effect on our results of operations and financial condition. Further, certain states and foreign jurisdictions, such as Australia, Canada, and the EU, have enacted laws that prohibit sending unsolicited marketing emails unless the recipient has provided its prior consent to receipt of such email, or in other words has "opted-in" to receiving it. A requirement that recipients opt into, or the ability of recipients to opt out of, receiving commercial emails may minimize the effectiveness of our marketing, which could adversely affect our ability to attract new customers or entice existing customers to upgrade their subscriptions.
Litigation & Legal Liabilities1 | 2.4%
Litigation & Legal Liabilities - Risk 1
We may be subject to litigation for any of a variety of claims, which could harm our reputation and adversely affect our business, results of operations, and financial condition.
In the ordinary course of business, we may be involved in and subject to litigation for a variety of claims or disputes and receive regulatory inquiries. These claims, lawsuits, and proceedings could include labor and employment, wage and hour, income tax, commercial, data privacy, intellectual property, antitrust, alleged securities law violations or other investor claims, and other matters. The number and significance of these potential claims and disputes may increase as our business expands. Any claim against us, regardless of its merit, could be costly, divert management's attention and operational resources, and harm our reputation. As litigation is inherently unpredictable, we cannot assure you that any potential claims or disputes will not have a material adverse effect on our business, results of operations, and financial condition. Any claims or litigation, even if fully indemnified or insured, could make it more difficult to compete effectively or to obtain adequate insurance in the future. In addition, we may be required to spend significant resources to monitor and protect our contractual, intellectual property, and other rights, including collection of payments and fees. Litigation has been and may be necessary in the future to enforce such rights. Such litigation could be costly, time consuming, and distracting to management and could result in the impairment or loss of our rights. Furthermore, our efforts to enforce our rights may be met with defenses, counterclaims, and countersuits attacking the validity and enforceability of such rights. Our inability to protect our rights, as well as any costly litigation or diversion of our management's attention and resources, could have an adverse effect on our business, results of operations, and financial condition or harm our reputation.
Taxation & Government Incentives3 | 7.1%
Taxation & Government Incentives - Risk 1
We could be required to collect additional sales and other similar taxes or be subject to other tax liabilities that may increase the costs our customers would have to pay for our subscriptions and adversely affect our operating results.
Sales and use, value-added, goods and services, and similar tax laws and rates are complicated and vary greatly by jurisdiction. There is significant uncertainty as to what constitutes sufficient nexus for a national, state or local jurisdiction to levy taxes, fees, and surcharges for sales made over the internet, as well as whether our subscriptions are subject to tax in various jurisdictions. Certain countries and the vast majority of states have considered or adopted laws that impose tax collection obligations on out-of-state companies. Additionally, online sellers can be required to collect sales and use tax despite not having a physical presence in the buyer's nation or state, and nations, states, or local governments may enforce laws requiring us to calculate, collect, and remit taxes on sales in their jurisdictions. We have not always collected sales and other similar taxes in all jurisdictions in which we are required to. We may be obligated to collect and remit sales tax in jurisdictions in which we have not previously collected and remitted sales tax. We could also be subject to audits in states and non-U.S. jurisdictions for which we have not accrued tax liabilities. A successful assertion by one or more countries or states requiring us to collect taxes where we historically have not or presently do not do so could result in substantial tax liabilities, including taxes on past sales, as well as penalties and interest. The imposition by national, state or local governments of sales tax collection obligations on out-of-state sellers could also create additional administrative burdens for us and decrease our future sales, which could adversely affect our business and operating results.
Taxation & Government Incentives - Risk 2
Our international operations may subject us to greater than anticipated tax liabilities.
We are expanding our international operations to better support our growth into international markets. We are also hiring workers in several jurisdictions outside our local offices. Our corporate structure and associated transfer pricing policies contemplate future growth in international markets, and consider the functions, risks, and assets of the various entities involved in intercompany transactions. The amount of taxes we pay in different jurisdictions may depend on the application of the tax laws of various jurisdictions, including the United States, to our international business activities, changes in tax rates, new or revised tax laws or interpretations of existing tax laws and policies, and our ability to operate our business in a manner consistent with our corporate structure and intercompany arrangements. The taxing authorities of the jurisdictions in which we operate may challenge our methodologies for pricing intercompany transactions pursuant to our intercompany arrangements or disagree with our determinations as to the income and expenses attributable to specific jurisdictions. If such a challenge or disagreement were to occur, and our position was not sustained, we could be required to pay additional taxes, interest, and penalties, which could result in one-time tax charges, higher effective tax rates, reduced cash flows, and lower overall profitability of our operations and we may be required to revise our intercompany agreements. Our consolidated financial statements could fail to reflect adequate reserves to cover such a contingency.
Taxation & Government Incentives - Risk 3
Unanticipated changes in our effective tax rate and additional tax liabilities may impact our financial results.
We are subject to income taxes in the United States and various jurisdictions outside of the United States. Our income tax obligations are generally determined based on our business operations in these jurisdictions. Significant judgment is often required in the determination of our worldwide provision for income taxes. Our effective tax rate could be impacted by changes in the earnings and losses in countries with differing statutory tax rates, changes in non-deductible expenses, changes in excess tax benefits of stock-based compensation, changes in the valuation of deferred tax assets and liabilities and our ability to utilize them, the applicability of withholding taxes, effects from acquisitions, changes in accounting principles, and changes in tax laws in jurisdictions where we operate, such as Section 174 of the Code. Any changes, ambiguity, or uncertainty in taxing jurisdictions' administrative interpretations, decisions, policies, and positions could also materially impact our income tax liabilities. As our business continues to grow and if we become more profitable, we anticipate that our income tax obligations could significantly increase. If our existing tax credits and net operating loss carry-forwards become fully utilized, we may be unable to offset or otherwise mitigate our tax obligations to the same extent as in prior years. This could have a material impact to our future cash flows or operating results. As of December 31, 2024, 54 countries in Europe, Eurasia, the Middle East, Africa, Asia-Pacific, and the Americas have enacted various aspects of the Organization for Economic Co-operation and Development's Base Erosion and Profit Shifting ("BEPS") 2.0 Pillar Two global minimum tax (GMT). In 35 of those countries, the GMT is effective beginning in 2024. Based on currently enacted law, the impact of GMT on our 2024 results is not expected to be material, however, the impact could change in the future. In addition, recent global tax developments applicable to multinational companies, including certain approaches of addressing taxation of digital economy recently proposed or enacted by the Organisation for Economic Co-operation and Development, the European Commission or certain major jurisdictions where we operate or might in the future operate, might have a material impact to our business and future cash flow from operating activities, or future financial results. We are also subject to tax examinations in multiple jurisdictions. While we regularly evaluate new information that may change our judgment resulting in recognition, derecognition, or changes in measurement of a tax position taken, there can be no assurance that the final determination of any examinations will not have an adverse effect on our operating results and financial position. In addition, our operations may change, which may impact our tax liabilities. As our brand becomes increasingly recognizable both domestically and internationally, our tax planning structure and corresponding profile may be subject to increased scrutiny, and if we are perceived negatively, we may experience brand or reputational harm. We may also be subject to additional tax liabilities and penalties due to changes in non-income based taxes resulting from changes in federal, state, or international tax laws, changes in taxing jurisdictions' administrative interpretations, decisions, policies and positions, results of tax examinations, settlements or judicial decisions, changes in accounting principles, and changes to the business operations, including acquisitions, as well as the evaluation of new information that results in a change to a tax position taken in a prior period. Any resulting increase in our tax obligation or cash taxes paid could adversely affect our cash flows and financial results.
Ability to Sell
Total Risks: 7/42 (17%)Above Sector Average
Competition1 | 2.4%
Competition - Risk 1
Changed
The market in which we operate is intensely competitive, and if we do not innovate and compete effectively, our ability to attract and retain customers could be harmed, which would negatively impact our business and operating results.
Our business environment is rapidly evolving and intensely competitive. We also face changing technologies, shifting user needs, and frequent introductions of rival products and services. To compete successfully, we must accurately anticipate technology developments and deliver innovative, relevant and useful products, services, and technologies in a timely manner. Likewise, we anticipate continuing pressure to innovate and develop a wider range of products and services. This will result in us needing to expend significant resources in research and development and potentially acquisitions of other companies or assets, to enhance our technology and new and existing products and services. To remain competitive and to acquire and retain new customers, we must deliver features and functionality that enhance the utility and perceived value of our platform, products, and add-ons to our prospective and existing customers. Our platform, products, and add-ons must (i) operate without the presence of material software defects, whether actual or perceived, (ii) maintain deep, rich and continuously improving data sources, (iii) adapt to the changing needs of our current and prospective customers including by developing new technology, (iv) adapt to changing functionality and provide interoperability with third-party APIs, (v) maintain and develop integrations with complementary third-party services that provide value to our customers, (vi) be easy to use and visually pleasing, (vii) deliver rapid and quantifiable return on investment to our customers across multiple functions within their organizations, and (viii) be delivered with a superior customer support experience. We may not be successful in delivering on some or all of the foregoing or in doing so while maintaining competitive pricing, which could result in customer dissatisfaction leading to termination, non-renewals or downgrades of premium subscriptions, fewer new customers, fewer subscription upgrades or lower dollar-based net revenue retention rates, prospective customers' selection of our competitors' products over our own, and other adverse effects on our business. Some of our current and future competitors may benefit from competitive advantages over us, such as greater name recognition, longer operating histories, more targeted products for specific use cases, larger sales and more established relationships or integrations with third-party data providers, search engines, online retail platforms, and social media networking sites, and more established relationships with customers in the market. Additionally, many of our competitors may expend a considerably greater amount of funds on their research and development efforts, and those that do not may be acquired by larger companies that would allocate greater resources to our competitors' research and development programs. Demand for our platform is also price sensitive. Many factors, including our marketing, sales and technology costs, and the pricing and marketing strategies of our competitors, can significantly affect our pricing strategies. Certain competitors offer, or may in the future offer, lower-priced or free products that compete with our platform, products, and/or add-ons, or may bundle their solutions with other companies' offerings to provide a broader range of functionality at reduced volume pricing. Similarly, certain competitors may use marketing strategies that enable them to acquire customers at a lower cost than we do. Even if such competitive products do not include all the features and functionality that our platform provides, we could face pricing pressure to the extent that customers find such alternative products to be sufficient to meet their needs or do not perceive a material return on investment from the additional features and functionality they would obtain by purchasing our platform relative to the competitive point solutions. Additionally, our competitors may further drive down the price through strategic business combinations. We may be forced to engage in price-cutting initiatives, offer other discounts, limit or curtail price increases, or increase our sales and marketing and other expenses to attract and retain free and paying customers in response to competitive pressures, any of which would harm our business and operating results.
Demand2 | 4.8%
Demand - Risk 1
Changed
Our business and operating results may be negatively affected if our paying customers do not upgrade and/or retain their premium subscriptions or if they fail to purchase additional products.
Our future financial performance also depends in part on our ability to continue to upgrade paying customers to higher-price point subscriptions and sell additional user licenses, and products such as social media, data & intelligence, local marketing, brand marketing, content marketing, and paid advertising products. In 2024, we also launched the general availability of our Enterprise SEO solution, which is tailored for larger sized businesses, and is typically sold at a significantly higher subscription fee (as compared to our other solution subscriptions) and typically with at least an annual subscription term. Conversely, our paying customers may also convert to lower-cost or free subscriptions at the end of their subscription term if they do not perceive value in continuing to pay for our higher-price point subscriptions, thereby impacting our ability to increase revenue. For example, a paying customer subscribing to our SEO solution through a "Business" subscription may downgrade to the "Guru" subscription if they do not deem the additional features and functionality of "Business" worth the incremental costs. Our customers'decisions as to whether to upgrade their subscriptions or not is driven by a number of factors, including customer satisfaction with the additional features and functionality, performance, security and reliability of our platform and products, the perceived quality of our customer service, general economic conditions, the price and functionality of our platform and products relative to those of our competitors, and customer reaction to the price for the upgraded subscription. If our efforts to expand our relationships with our existing paying and free customers are not successful, our revenue growth rate may decline and our business and operating results will be adversely affected.
Demand - Risk 2
We derive, and expect to continue to derive, substantially all of our revenue and cash flows from our paying customers with premium subscriptions, and our business and operating results may be negatively affected if our paying customers do not renew their premium subscriptions.
We derive, and expect to continue to derive, substantially all of our revenue and cash flows from our paying customers with premium subscriptions. Our business and financial results depend on our paying customers renewing their subscriptions for our products when existing contract terms expire. Although our customer agreements generally provide for auto-renewal of subscriptions, our paying customers have no obligation to renew their premium subscriptions if they provide proper notice of their desire not to renew, and we cannot guarantee that they will renew their premium subscriptions for the same or longer terms, the same or a greater number of user licenses or products and add-ons, or at all. We offer premium subscriptions on a monthly, annual or multi-year basis with our annual and multi-year subscriptions typically receiving a discount for the longer-term commitment. Our paying customers predominantly choose monthly subscription terms, which allow them to terminate or adjust their premium subscriptions on a monthly basis. Because of the short-term nature of these agreements, paying customers can, and sometimes do, terminate with little to no notice and these terminations could cause our results of operations to fluctuate significantly from quarter to quarter. Our renewal rates, including our dollar-based net revenue retention rate, may decline or fluctuate as a result of a number of factors, including customer satisfaction with our platform and products, reliability of our products, our customer success and support experience, the price and functionality of our platform, products and add-ons relative to those of our competitors, mergers and acquisitions affecting our customer base, the effects of global economic conditions and other external factors, or reductions in our customers' spending levels. For example, we believe recent macro-economic pressures affecting some customers in the lower end of our market have contributed to decreased renewal rates and/or lower spending among such customers, impacting our financial results. Our business and operating results will be adversely affected if our paying customers do not renew or downgrade their premium subscriptions.
Sales & Marketing2 | 4.8%
Sales & Marketing - Risk 1
We are exposed to risks associated with payment processing and any disruption to such processing systems could adversely affect our business and results of operations.
We significantly rely on our own billing systems to manage our subscriptions and billing frequencies, and we use third-party subscription management and payment processing platforms for some of our products. If we or any of our third-party vendors were to experience an interruption, delay, or outage in service and availability, we may be unable to process new and renewals of subscriptions and our ability to process such subscription and credit card payments would be delayed while we activate an alternative billing platform. Although alternative third-party providers may be available to us, we may incur significant expenses and research and development efforts to deploy any alternative providers. To the extent there are disruptions in our billing systems or third-party subscription and payment processing systems, we could experience revenue loss, accounting issues, and harm to our reputation and customer relationships, which would adversely affect our business and results of operations. We are subject to a number of risks related to credit and debit card payments, including: - we pay interchange and other fees, which may increase over time and could require us to either increase the prices we charge for our products or experience an increase in our operating expenses;- if our billing systems fail to work properly and the failure has an adverse effect on our customer satisfaction, causes credit and debit card issuers to disallow our continued use of their payment products, or, does not permit us to automatically charge our paying customers' credit and debit cards on a timely basis or at all, we could lose or experience a delay in collection of customer payments;- if we are unable to maintain our chargeback rate at acceptable levels, we may face civil liability, diminished public perception of our security measures and our credit card fees for chargeback transactions or our fees for other credit and debit card transactions or issuers may increase, or issuers may terminate their relationship with us; and - we could be significantly impaired in our ability to operate our business if we lose our ability to process payments on any major credit or debit card.
Sales & Marketing - Risk 2
Changed
If we fail to attract new potential customers, register them for free trials, and convert them into paying customers, our operating results would be negatively affected. Additionally, our sales expenses may increase and our average sales cycles may lengthen and become less predictable as our customer base continues to expand to include larger enterprise customers.
The number of new customers we attract, whether as free or paying customers, is a key factor in growing our customer and premium subscription base, which customer base drives our revenues and collections. We utilize various unpaid content marketing strategies, including blogs, webinars, thought leadership, and social media engagement, as well as paid advertising, to attract visitors to our websites. We cannot guarantee that these unpaid or paid marketing efforts will continue to attract the same volume and quality of traffic to our websites or will continue to result in the same level of registrations for free or premium subscriptions as they have in the past. In the future, we may be required to increase our marketing spend to maintain the same volume and quality of traffic. Moreover, we cannot be certain that increased sales and marketing spend will generate more paying customers without increasing our customer acquisition costs on a per paying customer basis. We have materially grown our number of paying customers through the provision of free subscriptions and through trials of a premium version of our platform and products. Trial subscriptions automatically become premium subscriptions if the customer does not opt out of the trial subscription after the trial period is over, and such trial subscriptions can be upgraded to obtain additional features, functionality, entitlements, and varying levels of access and report generating capabilities. In the future, we may be required to provide additional functionality to our free subscriptions to attract visitors to our websites and incent visitors to sign up for free subscriptions. In addition, we encourage our free customers to upgrade to premium subscriptions through in-product prompts and notifications, by recommending additional features and functionality, and by providing customer support to explain such additional features and functionality. Our failure to attract new free customers and convert them into paying customers could have a material adverse effect on our operating results as our business may be adversely affected by the costs of, and sales lost from, making certain of our products available on a free basis. Our strategy is to sell premium subscriptions of our platform, including our Enterprise SEO solution, to paying customers of all sizes, from sole proprietors, to SMBs, to large enterprise customers. Selling monthly premium subscriptions to SMBs generally involves lower or plateauing premium subscription upgrade potential, lower retention rates (especially in times of economic uncertainty where marketing and sales budgets are subject to increased scrutiny and reduction), and more limited interaction with our sales and other personnel than sales to large enterprises. Conversely, sales to large enterprises generally entail longer sales cycles, more significant and costly selling and support efforts, and greater uncertainty of completing the sale than sales to SMBs. As our paying customer base continues to expand to include more large enterprise customers, our sales expenses may increase, sales cycles may lengthen and become less predictable, and we may see a greater number of paying customers with longer terms and extended payment terms which, in turn, may increase our paying customer acquisition costs, increase our credit risk, and may in other ways adversely affect our financial results.
Brand / Reputation2 | 4.8%
Brand / Reputation - Risk 1
If we fail to anticipate and adapt to new and increasingly prevalent social media platforms, and the growing use of artificial intelligence platforms, other competing products and services that do so more effectively could surpass us and lead to decreased demand for our platform and products.
The use of both social media and artificial intelligence platforms, such as ChatGPT, throughout the world is pervasive and growing. The social media industry has experienced, and is likely to continue to experience, rapid change due to the evolving trends, tastes and preferences of users. Likewise, we expect to see continued and rapid growth of chatbot platforms that leverage the use of artificial intelligence and could result in lower demand for traditional search engine technologies. If consumers widely adopt new social media networks and artificial intelligence platforms, we will need to develop integrations and functionality related to these new networks and platforms. These development efforts may require significant compliance, research and development, and sales and marketing resources, as well as licensing fees, all of which could adversely affect our business and operating results. In addition, new social media networks and artificial intelligence platforms may not provide us with sufficient access to data from their networks and platforms, preventing us from building effective integrations with our platform and products, or preventing us from building products and offerings that provide our customers with useful insights from such new social media networks and artificial intelligence platforms. Changing consumer tastes may also render our current integrations or functionality obsolete and the financial terms, if any, under which we would obtain integrations or functionality, unfavorable. Any failure of our products to operate effectively with the social media networks used most frequently by consumers, or emerging artificial intelligence platforms, could reduce the demand for our products. If we are unable to respond to these changes in a cost-effective and timely manner, our products and aspects of our platform may become less marketable and less competitive or obsolete, and our operating results may be negatively affected.
Brand / Reputation - Risk 2
If we are unable to maintain and enhance our brand, or if events occur that damage our reputation and brand, our ability to maintain and expand our customer base may be impaired, and our business and financial results may be harmed.
Maintaining, promoting, and enhancing our brand is critical to maintaining and expanding our customer base. We seek to build our brand through a mix of free and paid initiatives. We market our platform and products through free information resources on our website, including our blog and online digital marketing courses (including through our Semrush Academy), pay-per-click advertisements on search engines and social networking sites, participation in social networking sites, free and paid banner advertisements on other websites, participation at annual industry conferences, and by hosting our own marketing conference (Spotlight by Semrush). The strength of our brand further drives free traffic sources, including customer referrals, word-of-mouth, and direct searches for our "Semrush" name, or web presence solutions, in search engines. In addition, we maintain relationships with agencies and affiliates to further increase brand awareness and generate customer demand. To the extent that new customers are increasingly derived from paid as opposed to free marketing initiatives, our customer acquisition cost will increase. Beyond direct sales and marketing efforts, maintaining and enhancing our brand will depend largely on our ability to continue to provide a well-designed, useful, reliable, and innovative platform, efficient sales process, and high-quality customer service, which we may not do successfully.
Production
Total Risks: 5/42 (12%)Below Sector Average
Employment / Personnel3 | 7.1%
Employment / Personnel - Risk 1
Our business would be adversely affected if our contract workers were classified as employees.
The classification of contractors is being challenged across many industries by courts, by legislatures, by government agencies in the United States and abroad, as well as by the contractors themselves. Though we are not currently involved in any material legal disputes regarding contractor work, a determination in, or settlement of, any legal proceeding that results in the reclassification of contractors as employees could cause harm to our business, financial condition and results of operations, including as a result of, monetary exposure arising from or relating to failure to withhold and remit taxes, unpaid wages and wage and hour laws and requirements (such as those pertaining to failure to pay minimum wage and overtime, or to provide required breaks and wage statements), expense reimbursement, litigation costs, statutory and punitive damages, penalties, or other regulatory restrictions on our business.
Employment / Personnel - Risk 2
Increases in labor costs, including wages, and an overall tightening of the labor market, could adversely affect our business, results of operations or financial condition.
The labor costs associated with our business are subject to several external factors, including unemployment levels and the quality and the size of the labor market, prevailing wage rates, minimum wage laws, wages and other forms of remuneration and benefits offered to prospective employees by competitor employers, potential collective bargaining arrangements, health insurance costs and other insurance costs and changes in employment and labor legislation or other workplace regulation From time to time, the labor market becomes increasingly competitive. Although we have not experienced any material labor shortage to date, we have observed an overall tightening and increasingly competitive labor market and have recently experienced and expect to continue to experience some labor cost pressures. Furthermore, we have recently experienced costs and operational complexities with relocating personnel. Any of these factors or events, if not mitigated, could negatively impact us, for example by increasing our labor costs, making it more difficult to acquire and retain talent, creating customer service issues, or requiring us to increase our prices, the result of which could have an adverse effect on our business, results of operations or financial condition.
Employment / Personnel - Risk 3
We depend on our executive officers and other key employees, and the loss of one or more of these employees could harm our business.
Our success depends largely upon the continued services of our executive officers and other key employees. We rely on our leadership team in the areas of research and development, operations, security, marketing, sales, customer service, and general and administrative functions, and on individual contributors and team leaders in our research and development and operations. From time to time, there may be changes in our executive management team resulting from the hiring or departure of executives, which could disrupt our business. For example, on February 26, 2025, we announced that Bill Wagner, a current member of our Board of Directors, has been named the new CEO, effective March 10, 2025, and Oleg Shchegolev, our current CEO, will assume the role of CTO. Additionally, effective March 10, 2025, Vitalii Obischenko will transition from Chief Operating Officer to Chief Product Officer. We cannot provide assurances that we will effectively manage this transition. While we will strive to make this transition as smooth as possible, the loss or transition in roles of one or more of our executive officers or key employees might significantly delay or prevent the achievement of our business objective and could materially harm our business. Changes in our executive management team may also cause disruptions in, and harm to, our business. If we fail to develop effective succession plans for our senior management team, and to identify, recruit, onboard, train and integrate strategic hires, our business, operating results, and financial condition could be adversely affected.
Supply Chain2 | 4.8%
Supply Chain - Risk 1
Failures or loss of, or material changes with respect to, the third-party hardware, software, and infrastructure on which we rely, including third-party data center hosting facilities and third-party distribution channels to support our operations, could adversely affect our business.
We rely on leased and third-party owned and managed hardware, software and infrastructure, including third-party data centers and virtual cloud environments and third-party distribution channels to support our operations. With respect to customer data stored in our platform, we primarily use two data centers in the US, as well as Google Cloud and AWS locations in the US. Additionally, for other company data and for certain of our other products, we also use Google Cloud and AWS locations elsewhere in the United States and western Europe, and a data center located in Poland. If any of our cloud or data center suppliers experience disruptions or failures, it would take time for the applicable backup data center to become fully functioning, and we would likely experience delays in delivering the affected products and segments of our platform, which may involve incurring significant additional expenses. Furthermore, the owners and operators of our cloud and data center facilities do not guarantee that access to our platform will be uninterrupted or error-free. We do not control the operation of these third-party providers' facilities, which could be subject to break-ins, cybersecurity incidents (including system-encrypting ransomware), sabotage, intentional acts of vandalism and other misconduct. Further, health epidemics, natural disasters, terrorist attacks, power loss, telecommunications failures or similar catastrophic events could cause our third-party data center hosting facilities, leased servers, and cloud computing platform providers, which are critical to our infrastructure, to shut down their operations, experience technical or security incidents that delay or disrupt performance or delivery of services to us, or experience interference with the supply chain of hardware required by their systems and services, any of which could materially adversely affect our business. For example, we previously experienced delays in migrating to our data center in Virginia, due to the limited availability of certain required hardware components resulting from supply chain delays caused by the COVID-19 pandemic. If there were to be a significant outage or disaster that rendered one of our servers or data centers inoperable for any length of time, we would have to undertake recovery operations for the impacted products, which could interrupt the availability of our platform. If we were unable to restore the availability of our platform and products within a reasonable period of time, our customer satisfaction could suffer, damaging our reputation as a result, our customers may invoke contractual termination rights or other service credit rights that are triggered upon material downtime, and we could lose customers to our competition, which would materially and adversely affect our business and results of operations. In addition, third-party data hosting and transmission services comprise a significant portion of our operating costs. If the costs for such services increase due to vendor consolidation, regulation, contract renegotiation, or otherwise, we may not be able to increase the fees for our platform or products to cover the changes, which would have a negative impact on our results of operations.
Supply Chain - Risk 2
Changed
Our platform and products depend in part on publicly available, internally developed, and paid third-party data sources, and, if we lose access to data provided by such data sources or the terms and conditions on which we obtain such access become less favorable, our business could suffer.
We developed our platform, products, and add-ons to rely in part on access to data from third-party sources. The primary sources of third-party data include data collected from third-party websites algorithmically through our proprietary data collection techniques, including web crawling of third-party websites, data purchased from independent third-party data providers, which includes clickstream data, search engine data, online advertising data and data from social media sources, and reference data that our customers grant us access to, which includes our customers' website and social media data. We obtain social media data through APIs that connect to social media platform operators, including Facebook, X, Instagram, Pinterest, and LinkedIn. We also collect data from our customers in connection with their use of our platform and other products. To date, our relationships with most data providers (including social media platforms) are governed by such data providers' respective standard terms and conditions, which govern the availability and access to, and permitted uses of such data (including via APIs), and which are subject to change. Similarly, our access to publicly available data may depend on restrictions that website owners may impose through technical measures or otherwise, including restrictions on automated data collection. We cannot accurately predict the impact of changes in the terms of data providers that may impede our access to the data. If these data providers or websites choose not to make their data available on the same terms, or at all, we would have to seek alternative sources, which could prove expensive and time-consuming, and may be less efficient or effective. We also rely on negotiated agreements with other data providers from whom we purchase independently sourced data, including clickstream data, search engine data, online advertising data, data from social media, and other sources. These negotiated agreements provide access to additional data that allow us to provide a more comprehensive solution for our customers. These agreements are subject to termination in certain circumstances, and there can be no assurance that we will be able to renew those agreements or that the terms of any such renewal, including pricing and levels of service, will be favorable. In addition, there can be no assurance that we will not be required to enter into new negotiated agreements with data providers in the future to maintain or enhance the level of functionality of our platform and products, or that the terms and conditions of such agreements, including pricing and levels of service, will not be less favorable, which could adversely affect our results of operations. If we are not able to obtain data, including third-party data, on commercially reasonable terms, if data providers stop making their data available to us, if there are changes or limits in how we may use such data, if currently publicly available data ceases to be available, if we are limited in our ability to collect data from consumers, or if our competitors are able to purchase such data on better terms, the functionality of our platform and our ability to compete could be harmed.
Macro & Political
Total Risks: 2/42 (5%)Below Sector Average
Economy & Political Environment1 | 2.4%
Economy & Political Environment - Risk 1
Adverse or weakened general economic and market conditions may reduce spending on sales and marketing technology and information technology, which could harm our revenue, results of operations, and cash flows.
Our revenue, results of operations, and cash flows depend on the overall demand for and use of technology and information for sales and marketing, which depends in part on the amount of spending allocated by our paying customers or potential paying customers on sales and marketing technology and information. In addition to the internal strategy of our paying customers, which is not predictable and is subject to change, this spending depends on worldwide economic and geopolitical conditions. As we continue to see increased economic uncertainty in the United States and abroad, we may see customers, especially SMBs that are disproportionately impacted by these conditions, reduce or stop spending on our products. Specifically, most of our paying customers are on month-to-month premium subscriptions that can be canceled at any time. Furthermore, the spending patterns of the SMBs that make up a portion of our paying customer base are difficult to predict and are typically more susceptible to the adverse effects of economic fluctuations. Adverse changes in the economic environment or business failures of our SMB customers may have a greater impact on us than our competitors who do not focus on SMBs to the extent that we do.
International Operations1 | 2.4%
International Operations - Risk 1
A significant portion of our operations is located outside of the United States, which subjects us to additional risks, including increased complexity, the costs of managing international operations, geopolitical instability, and fluctuations in currency exchange rates.
The design and development of our products is primarily conducted by our subsidiaries in the Czech Republic, Cyprus, Spain, Serbia, Armenia, Germany, the Netherlands, and Poland. We also have marketing and administrative operations in the same jurisdictions. In addition, members of our sales force are located in Europe, the United Kingdom, and Asia. Approximately 55% and 52% of our revenue for the years ended December 31, 2024 and 2023, respectively, was generated from sales to paying customers located outside the United States including indirect sales through our resellers outside of the United States. Additionally, approximately 30% of our expenses are denominated in Euros. As a result of our international operations and sales efforts, we face numerous challenges and risks that could harm our international operations, delay new product releases, increase our operating costs, and hinder our ability to grow and detect underlying trends in our operations and business, and consequently adversely impact our business, financial condition, and results of operations. Such risks include but are not limited to the following: - geopolitical and economic instability in and impacting the localities where we have foreign operations;- rising inflation impacting the stability of our workforce and foreign operations;- military conflicts impacting the localities where we have foreign operations;- limited protection for, and vulnerability to theft of, our intellectual property rights, including our trade secrets;- compliance with local laws and regulations, and unanticipated changes in local laws and regulations, including tax laws and regulations;- trade and foreign exchange restrictions and higher tariffs;- the complexity of managing international trade sanctions and export restrictions imposed by the United States government and other jurisdictions in which we have foreign operations;- fluctuations in foreign currency exchange rates which may make our premium subscriptions more expensive for international paying customers and which may increase our expenses for employee compensation and other operating expenses that are paid in currencies other than U.S. dollars;- difficulties in staffing international operations;- changes in immigration policies which may impact our ability to hire personnel;- differing employment practices, laws, and labor relations; and - regional health issues and the impact of public health epidemics and pandemics on employees and the global economy. Further, it is possible that governments of one or more foreign countries may seek to limit access to the internet or our platform, products or certain features in their countries, or impose other restrictions that may affect the availability of our platform, products, or certain features in their countries for an extended period of time or indefinitely. For example, China is among a number of countries that have blocked certain online services, including Amazon Web Services, making it difficult for such services to access those markets. In addition, governments in certain countries may seek to restrict or prohibit access to our platform if they consider us to be in violation of their laws (including privacy laws) and may require us to disclose or provide access to information in our possession. If we fail to anticipate developments in the law or fail for any reason to comply with relevant laws, our platforms could be further blocked or restricted and we could be exposed to significant liability that could harm our business. In the event that access to our platform is restricted, in whole or in part, in one or more countries or our competitors are able to successfully penetrate geographic markets that we cannot access, our ability to acquire new customers or renew or grow the premium subscriptions of existing paying customers may be adversely affected, we may not be able to maintain or grow our revenue as anticipated and our business, results of operations, and financial condition could be adversely affected.
See a full breakdown of risk according to category and subcategory. The list starts with the category with the most risk. Click on subcategories to read relevant extracts from the most recent report.

FAQ

What are “Risk Factors”?
Risk factors are any situations or occurrences that could make investing in a company risky.
    The Securities and Exchange Commission (SEC) requires that publicly traded companies disclose their most significant risk factors. This is so that potential investors can consider any risks before they make an investment.
      They also offer companies protection, as a company can use risk factors as liability protection. This could happen if a company underperforms and investors take legal action as a result.
        It is worth noting that smaller companies, that is those with a public float of under $75 million on the last business day, do not have to include risk factors in their 10-K and 10-Q forms, although some may choose to do so.
          How do companies disclose their risk factors?
          Publicly traded companies initially disclose their risk factors to the SEC through their S-1 filings as part of the IPO process.
            Additionally, companies must provide a complete list of risk factors in their Annual Reports (Form 10-K) or (Form 20-F) for “foreign private issuers”.
              Quarterly Reports also include a section on risk factors (Form 10-Q) where companies are only required to update any changes since the previous report.
                According to the SEC, risk factors should be reported concisely, logically and in “plain English” so investors can understand them.
                  How can I use TipRanks risk factors in my stock research?
                  Use the Risk Factors tab to get data about the risk factors of any company in which you are considering investing.
                    You can easily see the most significant risks a company is facing. Additionally, you can find out which risk factors a company has added, removed or adjusted since its previous disclosure. You can also see how a company’s risk factors compare to others in its sector.
                      Without reading company reports or participating in conference calls, you would most likely not have access to this sort of information, which is usually not included in press releases or other public announcements.
                        A simplified analysis of risk factors is unique to TipRanks.
                          What are all the risk factor categories?
                          TipRanks has identified 6 major categories of risk factors and a number of subcategories for each. You can see how these categories are broken down in the list below.
                          1. Financial & Corporate
                          • Accounting & Financial Operations - risks related to accounting loss, value of intangible assets, financial statements, value of intangible assets, financial reporting, estimates, guidance, company profitability, dividends, fluctuating results.
                          • Share Price & Shareholder Rights – risks related to things that impact share prices and the rights of shareholders, including analyst ratings, major shareholder activity, trade volatility, liquidity of shares, anti-takeover provisions, international listing, dual listing.
                          • Debt & Financing – risks related to debt, funding, financing and interest rates, financial investments.
                          • Corporate Activity and Growth – risks related to restructuring, M&As, joint ventures, execution of corporate strategy, strategic alliances.
                          2. Legal & Regulatory
                          • Litigation and Legal Liabilities – risks related to litigation/ lawsuits against the company.
                          • Regulation – risks related to compliance, GDPR, and new legislation.
                          • Environmental / Social – risks related to environmental regulation and to data privacy.
                          • Taxation & Government Incentives – risks related to taxation and changes in government incentives.
                          3. Production
                          • Costs – risks related to costs of production including commodity prices, future contracts, inventory.
                          • Supply Chain – risks related to the company’s suppliers.
                          • Manufacturing – risks related to the company’s manufacturing process including product quality and product recalls.
                          • Human Capital – risks related to recruitment, training and retention of key employees, employee relationships & unions labor disputes, pension, and post retirement benefits, medical, health and welfare benefits, employee misconduct, employee litigation.
                          4. Technology & Innovation
                          • Innovation / R&D – risks related to innovation and new product development.
                          • Technology – risks related to the company’s reliance on technology.
                          • Cyber Security – risks related to securing the company’s digital assets and from cyber attacks.
                          • Trade Secrets & Patents – risks related to the company’s ability to protect its intellectual property and to infringement claims against the company as well as piracy and unlicensed copying.
                          5. Ability to Sell
                          • Demand – risks related to the demand of the company’s goods and services including seasonality, reliance on key customers.
                          • Competition – risks related to the company’s competition including substitutes.
                          • Sales & Marketing – risks related to sales, marketing, and distribution channels, pricing, and market penetration.
                          • Brand & Reputation – risks related to the company’s brand and reputation.
                          6. Macro & Political
                          • Economy & Political Environment – risks related to changes in economic and political conditions.
                          • Natural and Human Disruptions – risks related to catastrophes, floods, storms, terror, earthquakes, coronavirus pandemic/COVID-19.
                          • International Operations – risks related to the global nature of the company.
                          • Capital Markets – risks related to exchange rates and trade, cryptocurrency.
                          What am I Missing?
                          Make informed decisions based on Top Analysts' activity
                          Know what industry insiders are buying
                          Get actionable alerts from top Wall Street Analysts
                          Find out before anyone else which stock is going to shoot up
                          Get powerful stock screeners & detailed portfolio analysis