Sentage Holdings (SNTG) Risk Analysis

As prepaid payment network services is a subcategory third-party payment services, we are subject to the regulations applicable to the third-party payment services industry, which is implemented and monitored by several regulatory authorities, such as the PBOC, the China Securities Regulatory Commission ("CSRC"), the State Administration of Foreign Exchange ("SAFE"), the National Development and Reform Commission ("NDRC") and the China Banking and Insurance Regulatory Commission ("CBIRC"). There are laws and regulations that cover different aspects of the industry including entry into such businesses, scope of permitted activities, licenses and permits for various operations and pricing. Major laws and regulations that govern our prepaid payment network business include or may in the future include those relating to payment services, such as payment processing and settlement, money transfer, foreign exchange, anti-money laundering and financial consumer protection, insurance and financial services. See "Regulations-Regulations on Prepaid Payment Network Services." As the third-party payment services industry in China is emerging and evolving, the applicable laws, rules, and regulations are continually developing and evolving. Any changes in the relevant rules and regulations may result in an increase in our cost of compliance or might restrict our business activities. If we fail to continuously comply with the applicable rules, regulations, we may face fines or restrictions on our business activities, or even a suspension or revocation of some or all of our licenses that allow us to carry on our business activities. Furthermore, the PRC government may institute new licensing regimes covering our current and future services offerings. If such a licensing regime were introduced, we cannot assure you that we would be able to obtain any newly required license in a timely manner, or at all, which could materially and adversely affect our business and impede our ability to continue our operations.

As a company incorporated under the laws of the Cayman Islands, we conduct a majority of our operations in China and a majority of our assets are located in China. In addition, almost all our senior executive officers reside within China for a significant portion of the time and are PRC nationals. As a result, it may be difficult for you to effect service of process upon those persons inside mainland China. It may be difficult for you to enforce judgements obtained in U.S. courts based on civil liability provisions of the U.S. federal securities laws against us and our officers and directors, as none of them currently resides in the U.S. or has substantial assets in the U.S. In addition, there is uncertainty as to whether the courts of the Cayman Islands or the PRC would recognize or enforce judgments of U.S. courts against us or such persons predicated upon the civil liability provisions of the securities laws of the U.S. or any state. The recognition and enforcement of foreign judgments are provided for under the PRC Civil Procedures Law. PRC courts may recognize and enforce foreign judgments in accordance with the requirements of the PRC Civil Procedures Law based either on treaties between China and the country where the judgment is made or on principles of reciprocity between jurisdictions. China does not have any treaties or other forms of written arrangement with the United States that provide for the reciprocal recognition and enforcement of foreign judgments. In addition, according to the PRC Civil Procedures Law, the PRC courts will not enforce a foreign judgment against us or our directors and officers if they decide that the judgment violates the basic principles of PRC laws or national sovereignty, security, or public interest. As a result, it is uncertain whether and on what basis a PRC court would enforce a judgment rendered by a court in the United States. See "Enforceability of Civil Liabilities."

Under the EIT Law and its implementation rules, the profits of a foreign invested enterprise generated through operations, which are distributed to its immediate holding company outside the PRC, will be subject to a withholding tax rate of 10%. Pursuant to the Arrangement between the Mainland China and the Hong Kong Special Administrative Region for the Avoidance of Double Taxation and Tax Evasion on Income, or the "Double Tax Avoidance Arrangement," a withholding tax rate of 10% may be lowered to 5% if the PRC enterprise is at least 25% held by a Hong Kong enterprise for at least 12 consecutive months prior to distribution of the dividends and is determined by the relevant PRC tax authority to have satisfied other conditions and requirements under the Double Tax Avoidance Arrangement and other applicable PRC laws. However, based on the Circular on Certain Issues with Respect to the Enforcement of Dividend Provisions in Tax Treaties, or the "SAT Circular 81," which became effective on February 20, 2009, if the relevant PRC tax authorities determine, in their discretion, that a company benefits from such reduced income tax rate due to a structure or arrangement that is primarily tax-driven, such PRC tax authorities may adjust the preferential tax treatment. According to Circular on Several Issues regarding the "Beneficial Owner" in Tax Treaties, which became effective as of April 1, 2018, when determining an applicant's status as the "beneficial owner" regarding tax treatments in connection with dividends, interests, or royalties in the tax treaties, several factors will be taken into account. Such factors include whether the business operated by the applicant constitutes actual business activities, and whether the counterparty country or region to the tax treaties does not levy any tax, grant tax exemption on relevant incomes, or levy tax at an extremely low rate. This circular further requires any applicant who intends to be proved of being the "beneficial owner" to file relevant documents with the relevant tax authorities. Our PRC subsidiary is wholly owned by our Hong Kong subsidiary. However, we cannot assure you that our determination regarding our qualification to enjoy the preferential tax treatment will not be challenged by the relevant PRC tax authority or we will be able to complete the necessary filings with the relevant PRC tax authority and enjoy the preferential withholding tax rate of 5% under the Double Tax Avoidance Arrangement with respect to dividends to be paid by Senage WFOE to our Hong Kong subsidiary, in which case, we would be subject to the higher withdrawing tax rate of 10% on dividends received.

The Sentage Operating Companies' business involves collecting and retaining certain internal data and customer information. The integrity and protection of student information and company data is crucial to the operating entities. The customers expect that we will adequately protect their personal information. The operating entities are required by applicable laws to keep strictly confidential the personal information that they collect, and to take adequate security measures to safeguard such information. The PRC Criminal Law, as amended by its Amendment 7 (effective on February 28, 2009) and Amendment 9 (effective on November 1, 2015), prohibits institutions, companies and their employees from selling or otherwise illegally disclosing a citizen's personal information obtained in performing duties or providing services or obtaining such information through theft or other illegal ways. On November 7, 2016, the Standing Committee of the PRC National People's Congress issued the Cyber Security Law of the PRC, or Cyber Security Law, which became effective on June 1, 2017. Pursuant to the Cyber Security Law, network operators must not, without users' consent, collect their personal information, and may only collect users' personal information necessary to provide their services. Providers are also obliged to provide security maintenance for their products and services and shall comply with provisions regarding the protection of personal information as stipulated under the relevant laws and regulations. The Civil Code of the PRC (issued by the PRC National People's Congress on May 28, 2020 and effective from January 1, 2021) provides legal basis for privacy and personal information infringement claims under the Chinese civil laws. PRC regulators, including the Cyberspace Administration of China (the "CAC"), the Ministry of Industry and Information Technology, and the Ministry of Public Security, have been increasingly focused on regulation in data security and data protection. On June 10, 2021, the Standing Committee of the National People's Congress of China, or the SCNPC, promulgated the PRC Data Security Law («????????????»), which became effective in September 2021. The PRC Data Security Law imposes data security and privacy obligations on entities and individuals carrying out data activities, and introduces a data classification and hierarchical protection system based on the importance of data in economic and social development, and the degree of harm it will cause to national security, public interests, or legitimate rights and interests of individuals or organizations when such data is tampered with, destroyed, leaked, illegally acquired or used. The PRC Data Security Law also provides for a national security review procedure for data activities that may affect national security and imposes export restrictions on certain data and information. The Personal Information Protection Law of the PRC («??????????????»), (issued by Standing Committee of the National People's Congress Standing Committee of the National People's Congress and became effective on November 1, 2021) provides that critical information infrastructure operators ("CIIOs") and personal information processors whose quantity of processing of personal information reaches that as prescribed by the CAC must store personal information collected and generated within the territory of the People's Republic of China. Where it is necessary to provide such information and data to an overseas party, such provision are required to pass the security evaluation organized by the CAC, unless otherwise waived by laws or administrative regulations. On December 28, 2021, the CAC, together with 12 other governmental departments of the PRC, jointly promulgated the Cybersecurity Review Measures («????????»), which became effective on February 15, 2022. The Cybersecurity Review Measures provide that, in addition to CIIOs that intend to purchase Internet products and services, data processing operators engaging in data processing activities that affect or may affect national security must be subject to cybersecurity review by the Cybersecurity Review Office of the PRC. According to the Cybersecurity Review Measures, a cybersecurity review assesses potential national security risks that may be brought about by any procurement, data processing, or overseas listing. The Cybersecurity Review Measures further require that CIIOs and data processing operators that possess personal data of at least one million users must apply for a review by the Cybersecurity Review Office of the PRC before conducting listings in foreign countries. On November 14, 2021, the CAC published the Draft Regulations on the Network Data Security Administration (Draft for Comments) (the "Security Administration Draft") («??????????(?????)»), which provides that data processing operators engaging in data processing activities that affect or may affect national security must be subject to cybersecurity review by the relevant Cyberspace Administration of the PRC. According to the Cybersecurity Review Measures, which provides that data processing operators who possess personal data of at least one million users conducting listings in foreign countries or process data that affects or may affect national security must be subject to cybersecurity review by the relevant Cyberspace Administration of the PRC. The deadline for public comments on the Security Administration Draft was December 13, 2021. On July 7, 2022, the CAC published the Measures for the Security Assessment of Outbound Data Transfer («??????????»), which were effected on September 1, 2022. The measures apply to the security assessment of important data and personal information collected and generated during operation within the territory of the People's Republic of China and transferred abroad by a data handler. According to the Measures, if a data handler transfers data abroad under any of the following circumstances, it shall file with the State Cyberspace Administration for security assessment via the Province Cyberspace Administration: (i) a data handler who transfers important data abroad; (ii) a critical information infrastructure operator, or a data handler processing the personal information of more than one million individuals transfers personal information to abroad;(iii) since January 1 of the previous year, a data handler cumulatively transferred abroad the personal information of more than 100,000 individuals, or the sensitive personal information of more than 10,000 individuals, or;(iv) other circumstances where the security assessment for the outbound data transfer is required by the State Cyberspace Administration. As of the date of this annual report, our PRC operating entities have not received any notice from any authorities identifying the operating entities as a CIIO or requiring the operating entities to go through cybersecurity review or network data security review by the CAC. Nor our PRC operating entities have been involved in any investigations on cybersecurity review initiated by the CAC or related governmental regulatory authorities. Our operating entities have not received any inquiry, notice, warning, or sanction in such respect. We believe that our PRC operating entities are in compliance with the aforementioned regulations and policies that have been issued by the CAC. However, as uncertainties remain regarding the interpretation and enforcement of relevant PRC cybersecurity laws and regulations, the operating entities could be subject to cybersecurity review, and if so, the operating entities may not be able to pass such review. In addition, our PRC operating entities could become subject to enhanced cybersecurity review or investigations launched by PRC regulators in the future. Any failure or delay in the completion of the cybersecurity review procedures or any other non-compliance with the related laws and regulations may result in fines or other penalties, including suspension of business, website closure, removal of the operating entities' app from the relevant app stores, and revocation of prerequisite licenses, as well as reputational damage or legal proceedings or actions against the operating entities, which may have material adverse effect on the operating entities' business, financial condition or results of operations.

To achieve market acceptance of our recommendation services, it is essential for us to maintain and enhance our ability to match and recommend suitable mortgage products for our borrowers and the effectiveness of our credit assessment and property valuation process. If we are unable to respond to changes in borrower preference and deliver satisfactory and distinguishable borrower experience, existing borrowers and prospective borrowers may prefer services provided by competitors or obtain mortgage products directly from funding providers. As a result, loan recommendation applications will decrease, and our services and solutions will be less attractive to funding partners, and our business, financial performance, and prospects will be materially and adversely affected. Our loan recommendation services could fail to attain sufficient market acceptance for many reasons, including: - borrowers may not find the features of available mortgage loan products, such as the prices and credit limits, competitive or appealing;- we may fail to predict market demand accurately and recommend mortgage products that meet this demand in a timely fashion;- borrowers and funding partners using our services may not like, find useful, or agree with the changes we make;- there may be defects, errors, or failures in our credit assessment and risk management process;- there may be negative publicity about our recommendation services;- regulatory authorities may take the view that our existing and new recommendation services do not comply with PRC laws, regulations or rules applicable to us; and - there may be competing products or services introduced or anticipated to be introduced by our competitors. If our loan recommendation services do not maintain or achieve adequate acceptance in the market, our competitive position, results of operations and financial condition could be materially and adversely affected.

We are subject to the risk of fraudulent activity associated with borrowers and parties handling borrower or funding partner information. Our resources, technologies and fraud detection tools may be insufficient to accurately detect and prevent fraud. Even if we identify a fraudulent borrower and reject her loan recommendation application, such borrower may re-apply by using fraudulent information. We may fail to identify such behavior, despite our measures to verify personal identification information provided by borrowers. Furthermore, we may not be able to recoup funds underlying transactions made in connection with fraudulent activities. A significant increase in fraudulent activities could negatively impact our brands and reputation, discourage funding partners from collaborating with us, reduce the total amount of loans originated by funding partners, and lead us to take additional steps to reduce fraud risk, which could increase our costs. High profile fraudulent activity could even lead to regulatory intervention and may divert our management's attention and cause us to incur additional expenses and costs. Although we have not experienced any material business or reputational harm as a result of fraudulent activities in the past, we cannot rule out the possibility that fraudulent activities may materially and adversely affect our business, financial condition, and results of operations in the future.

U.S. public companies that have substantially all of their operations in China have been the subject of intense scrutiny, criticism, and negative publicity by investors, financial commentators, and regulatory agencies, such as the SEC. Much of the scrutiny, criticism, and negative publicity has centered on financial and accounting irregularities and mistakes, a lack of effective internal controls over financial accounting, inadequate corporate governance policies or a lack of adherence thereto and, in many cases, allegations of fraud. As a result of the scrutiny, criticism, and negative publicity, the publicly traded stock of many U.S. listed Chinese companies sharply decreased in value and, in some cases, has become virtually worthless. Many of these companies are now subject to shareholder lawsuits and SEC enforcement actions and are conducting internal and external investigations into the allegations. It is not clear what effect this sector-wide scrutiny, criticism, and negative publicity will have on us, our business, and the price of our Ordinary Shares. If we become the subject of any unfavorable allegations, whether such allegations are proven to be true or untrue, we will have to expend significant resources to investigate such allegations and/or defend our company. This situation will be costly and time consuming and distract our management from developing our business. If such allegations are not proven to be groundless, we and our business operations will be severely affected and you could sustain a significant decline in the value of our Ordinary Shares.

We cannot be certain that our operations or any aspects of our business do not or will not infringe upon or otherwise violate trademarks, copyrights, know-how, proprietary technologies or other intellectual property rights held by other parties. We may be from time to time in the future subject to legal proceedings and claims relating to the intellectual property rights of others. In addition, there may be other parties' trademarks, copyrights, know-how, proprietary technologies or other intellectual property rights that are infringed by our products and services or other aspects of our business without our awareness. Holders of such intellectual property rights may seek to enforce such intellectual property rights against us in China, the United States or other jurisdictions. If any infringement claims are brought against us, we may be forced to divert management's time and other resources from our business and operations to defend against these claims, regardless of their merits. Additionally, the application and interpretation of China's intellectual property right laws and the procedures and standards for granting trademarks, copyrights, know-how, proprietary technologies or other intellectual property rights in China are still evolving and are uncertain, and we cannot assure you that PRC courts or regulatory authorities would agree with our analysis. If we were found to have violated the intellectual property rights of others, we may be subject to liability for our infringement activities or may be prohibited from using such intellectual property, and we may incur licensing fees or be forced to develop alternatives of our own. As a result, our business and results of operations may be materially and adversely affected.

Our success depends in a large part on our technology and IT infrastructure. We use these systems to identify, locate and contact borrowers and record the results of our collection efforts, manage merchant accounts and behavior and transaction data, and store and analyze borrower information to establish a comprehensive borrower profile for prospective borrowers who submitted their loan recommendation applications. If we are not able to respond to advances in telecommunications and computer technologies in a timely manner, we may not be able to remain competitive. We have made significant investments in technology to remain competitive and we anticipate that it will be necessary to continue to do so in the future. Although we will continue to devote significant resources to enhance and develop our technologies, we cannot assure you that we will have the capital resources available to invest in new technologies, and we may not be able to implement technology updates on a timely basis, or at all. In addition, new technologies may not succeed or integrate well with our existing systems and infrastructure, and even if integrated, may not function as expected. As telecommunications and computer technologies are changing rapidly and are characterized by short product life cycles, we may not be successful in anticipating new technology trends or adopt technological changes on a timely basis. If any of the foregoing were to occur in the future, our business and results of operation could be materially adversely affected.

The operating entities are exposed to many types of operational risks, including the risk of misconduct and errors by the Sentage Operating Companies' employees and third-party service providers. Our business depends on the Sentage Operating Companies' employees and third-party service providers for a variety of business activities, which including, but are not limited to interacting with potential and existing customers, processing large numbers of transactions, and supporting the loan repayment and collection management process, all of which involve the use and disclosure of personal information. We could be materially adversely affected if transactions were redirected, misappropriated or otherwise improperly executed, if personal information was disclosed to unintended recipients or if an operational breakdown or failure in the processing of transactions occurred, whether as a result of human error, purposeful sabotage or fraudulent manipulation of our operations or systems. In addition, the manner in which we store and use certain personal information and interact with customers is governed by various PRC laws. It is not always possible to identify and deter misconduct or errors by employees or third-party service providers, and the precautions we take to detect and prevent this activity may not be effective in controlling unknown or unmanaged risks or losses. If any of the Sentage Operating Companies' employees or third-party service providers take, convert or misuse funds, documents or data or fail to follow protocol when interacting with the customers, we could be liable for damages and subject to regulatory actions and penalties. We could also be perceived to have originated or participated in the illegal misappropriation of funds, documents or data, or the failure to follow protocol, and therefore be subject to civil or criminal liability. Furthermore, we rely on certain third-party service providers, such as borrower acquisition partners, data providers, and third-party collection agencies, to conduct our business. If these service providers fail to function properly, we cannot assure you that we would be able to find an alternative in a timely and cost-efficient manner or at all. Even though the third-party services we engage are usually subject to pay-per-use schedules, we do maintain a few fixed-term contracts, and we cannot assure you that we can renew them once they expire, or we can renew them with the term we desire. Such service providers may also be demanded by their customers not to work with us, or form alliances to seek better terms dealing with us. Even though our business does not substantially depend on any particular third-party service providers, the above-mentioned occurrences may result in our diminished ability to operate our business, potential liability to borrowers, inability to attract borrowers, reputational damage, regulatory intervention, and financial harm. Such occurrences could negatively impact our business, financial condition, and results of operations.

A substantial part of our current revenue and net income is derived from the Sentage Operating Companies. We do not have an equity interest in any of the Sentage Operating Companies but their financial results have been consolidated by us in accordance with U.S. GAAP, due to us being deemed to have effective control over, and be the primary beneficiary of, these companies for accounting purposes, via the VIE Agreements, which VIE Agreements have not been tested in a court of law in China. The VIE Agreements may not be as effective in providing us with the necessary control over the Sentage Operating Companies and their operations. Any deficiency in these VIE Agreements may result in our loss of control over the management and operations of the Sentage Operating Companies, which will result in a significant loss in the value of an investment in our company. We rely on contractual rights through the VIE Agreements to effect control over and management of the Sentage Operating Companies, which exposes us to the risk of potential breach of contract by the Sentage Operating Companies Shareholders. As all of the VIE agreements with the Sentage Operating Companies are governed by PRC laws and provide for the resolution of disputes through arbitration in the PRC, they would be interpreted in accordance with PRC law and any disputes would be resolved in accordance with PRC legal procedures. Disputes arising from these VIE agreements between us and any of the Sentage Operating Companies will be resolved through arbitration in the PRC, although these disputes do not include claims arising under the United States federal securities law and thus do not prevent you from pursuing claims under the United States federal securities law. The legal environment in the PRC is not as developed as in the United States. As a result, uncertainties in the PRC legal system could further limit our ability to enforce these VIE agreements, through arbitration, litigation, and other legal proceedings in the PRC, which could limit our ability to exert effective control over the Sentage Operating Companies. Furthermore, these contracts may not be enforceable in the PRC if the PRC government authorities or courts take a view that such contracts contravene PRC laws and regulations or are otherwise not enforceable for public policy reasons. In the event we are unable to enforce these VIE agreements, we may not be able to exert effective control over the Sentage Operating Companies, and our ability to conduct our business through the operating entities may be materially and adversely affected.

We believe we maintain insurance coverage that is customary for businesses of our size and type. However, we may be unable to insure against certain types of losses or claims, or the cost of such insurance may be prohibitive. Uninsured losses or claims, if they occur, could have a material adverse effect on our reputation, business, results of operations, financial condition, or prospects.

Payment services depend upon the overall level of economic conditions and consumer spending in China. A sustained deterioration in the general economic conditions in China, including any turmoil in the economy, reductions in household disposable income, distresses in financial markets, or reduced market liquidity, as well as increased government intervention, may reduce the number of our customers. Small-to-medium size business owners, in particular, are more susceptible to adverse changes in market, economic and regulatory conditions and the level of consumption in China. As a result, the demand for our existing and new payment services could decrease, and our financial performance could be adversely affected. Adverse market trends may affect our financial performance. Such trends may include, but are not limited to, the following: - fluctuations in consumer demand, which reflect the prevailing economic and demographic conditions;- low levels of consumer and business confidence associated with recessionary environments which may in turn reduce consumer spending;- financial institutions restricting credit lines to cardholders or limiting the issuance of new cards to mitigate cardholder defaults; and - government intervention and regulation, and/or reduction in government investments in our customers, and that may reduce their desire to use our products and services.

The value of the RMB against the U.S. dollar and other currencies may fluctuate and is affected by, among other things, changes in political and economic conditions in China and by China's foreign exchange policies. On July 21, 2005, the PRC government changed its decade-old policy of pegging the value of the RMB to the U.S. dollar, and the RMB appreciated more than 20% against the U.S. dollar over the following three years. Between July 2008 and June 2010, this appreciation halted and the exchange rate between the RMB and the U.S. dollar remained within a narrow band. Since June 2010, the RMB has fluctuated against the U.S. dollar, at times significantly and unpredictably. It is difficult to predict how market forces or PRC or U.S. government policy may impact the exchange rate between the RMB and the U.S. dollar in the future. Since we sell a majority of the products of our brand partners in the U.S., the fluctuations in exchange rates would have a negative effect on our business and results of operations and financial condition. Our business is conducted in the PRC, and our books and records are maintained in RMB, which is the currency of the PRC. The financial statements that we file with the SEC and provide to our shareholders are presented in U.S. dollars. Changes in the exchange rates between the RMB and U.S. dollar affect the value of our assets and the results of our operations, when presented in U.S. dollars. The value of the RMB against the U.S. dollar and other currencies may fluctuate and is affected by, among other things, changes in the PRC's political and economic conditions and perceived changes in the economy of the PRC and the United States. Any significant revaluation of the RMB may materially and adversely affect our cash flows, revenue, and financial condition. Further, our Ordinary Shares offered by our initial public offering were offered in U.S. dollars, we will need to convert the net proceeds we receive into RMB in order to use the funds for our business. Changes in the conversion rate among the U.S. dollar and the RMB will affect the amount of proceeds we will have available for our business. Very limited hedging options are available in China to reduce our exposure to exchange rate fluctuations. To date, we have not entered into any hedging transactions in an effort to reduce our exposure to foreign currency exchange risk. While we may decide to enter into more hedging transactions in the future, the availability and effectiveness of these hedges may be limited and we may not be able to adequately hedge our exposure or at all. In addition, our currency exchange losses may be magnified by PRC exchange control regulations that restrict our ability to convert RMB into foreign currency. As a result, fluctuations in exchange rates may have a material adverse effect on your investment.