Telesis Bio (TBIO) Risk Factors

We rely, and will continue to rely, on multiple information technology systems to operate the systems that allow our company to function, including cloud-based and on-premises information technology systems. We rely extensively on information technology systems to facilitate our principal company activities, including to operate the cloud-based platform on which the services offered to our customers rely. In addition, we also use information technology systems for a variety of key business functions, including to keep financial records, facilitate our research and development initiatives, manage our manufacturing operations, maintain quality control, fulfill customer orders, maintain corporate records, communicate with staff and external parties, and operate other critical functions. Like all companies that rely on information technology systems, our information technology systems and those of our vendors and partners are potentially vulnerable to failures of confidentiality, integrity, and availability. Such failures could include, for example, malicious intrusion, corruption of data, and disruptive events, including but not limited to natural disasters and catastrophes. Such failures, if they occur, could compromise company, vendor or partner systems and employee, company, vendor, or partner data. A wide range of cyber attacks, including cyber intrusions, denial of service, and other malicious internet-based activity, such as social engineering and phishing scams, continue to increase. Cloud-based platform providers of services have been and are expected to continue to be targeted by a variety of threat actors, including sophisticated nation-state and nation-state-supported actors. Such threat actors use attack methods that change frequently, are increasingly complex and sophisticated, including social engineering and phishing scams, and can originate from a wide variety of sources, including insider threats or external actors. In addition to traditional computer "hackers," malicious code, such as viruses and worms, employee theft or misuse, denial-of-service attacks and sophisticated nation-state and nation-state supported actors now engage in attacks, including advanced persistent threat intrusions. In addition, we have not finalized our information technology and data security policies and procedures and therefore, our information technology systems may be more susceptible to such failures and attacks than if such security policies and procedures were finalized. Despite our efforts to create security barriers to such threats, it is virtually impossible for us to entirely mitigate these risks and there is no guarantee that our efforts are or will be adequate to safeguard against all such threats. Moreover, despite our current and future efforts, it is possible that we may not be able to anticipate, detect, appropriately react and respond to, or implement effective preventative measures against, all cybersecurity incidents. Such cybersecurity incidents can be difficult to detect and any delay in identifying such incidents may lead to increased harm and legal exposure of the type described below. If our security measures, or those of our vendors and partners, are compromised for any reason, including negligence, error, or malfeasance, our principal company activities could cease to function, or be significantly degraded, until such cybersecurity incidents are remediated. Further, our business could be harmed, our reputation could be damaged, and we could become subject to regulatory inquiries or litigation, all of which could result in significant liability. In addition, if we were to experience a prolonged system disruption in our information technology systems or those of certain of our vendors and partners, it could negatively impact our ability to serve our customers, which could adversely impact our business, financial condition, results of operations and prospects. If operations at our facilities were disrupted and could not be promptly restored, such disruption could cause a material disruption in our business, financial condition, results of operations, and prospects. Moreover, there could be public announcements regarding any cybersecurity incidents and, if securities analysts or investors perceive these announcements to be negative, it could, among other things, have a material adverse effect on our business, reputation, financial condition, results of operations and prospects. Our information technology systems, and those of our vendors and partners, are potentially vulnerable to cybersecurity incidents such as data security breaches, which could lead to the loss and exposure of information, including personal, sensitive, and confidential data, to unauthorized persons, resulting in a data security breach. Any such data security breaches could, among other things, lead to the loss of trade secrets or other intellectual property, or could lead to the exposure of personal information, including sensitive personal information, of our employees, customers and others, any of which could have a material adverse effect on our business, reputation, financial condition, results of operations and prospects. In addition, any such data security breaches could result in legal claims or proceedings, regulatory inquiries, investigations, or actions, and other types of liability under laws that protect the privacy and security of personal information, including federal, state and foreign data protection, privacy, data security, and consumer protection regulations, violations of which could result in significant penalties and fines. Additionally, the introduction and passage of new privacy laws, including but not limited to the California Privacy Rights Act (CPRA), which went into effect on January 1,2023 and modifies the California Consumer Privacy Act (CCPA), potentially resulting in further uncertainty and may require us to incur additional costs and expenses in an effort to comply. The CPRA restricts use of certain categories of sensitive personal information that we may handle, establish restrictions on the retention of personal information, expand the types of data breaches subject to the private right of action, and establish the California Privacy Protection Agency to implement and enforce the new law and impose administrative fines. Additional compliance investment and potential business process changes will likely be required. Similar laws have been proposed in other states and at the federal level, reflecting a trend toward more stringent data privacy and security legislation in the United States. For example, other states, including Virginia, Colorado, Utah, Indiana, Iowa, Tennessee, Montana, Texas, and Connecticut have enacted privacy laws similar to the CCPA that impose new obligations or limitations in areas affecting our business and we continue to assess the impact of these state legislation, on our business as additional information and guidance becomes available. Aspects of these state privacy statutes remain unclear, resulting in further uncertainty and potentially requiring us to modify our data practices and policies and to incur substantial additional costs and expenses in an effort to comply. In addition, U.S. and international laws and regulations that have been applied to protect user privacy (including laws regarding unfair and deceptive practices in the U.S. and General Data Protection Regulation (GDPR) in the EU/UK) may be subject to evolving interpretations or applications. This area of law is continuing to evolve and is subject to significant uncertainty, which may require us to incur additional costs and expenses in order to comply. Furthermore, responding to a legal claim or proceeding or a regulatory inquiry, investigation, or action, regardless of its merit, could be costly, divert management's attention and harm our reputation. Compliance with these laws and regulations is difficult, constantly evolving, time consuming, and requires a flexible cybersecurity framework and substantial resources. Compliance efforts will likely be an increasing and substantial cost in the future. Although we have not experienced any major cybersecurity incidents to date, if we do experience an incident, the cost of protecting against, investigating, mitigating and responding to these cybersecurity incidents and data security breaches, and complying with applicable breach notification obligations to individuals, regulators, vendors, partners, and others can be significant. As threats related to cybersecurity incidents and data security breaches continue to evolve, we may be required to expend significant additional resources to continue to modify or enhance our protective measures or to detect, appropriately react to, and respond to such cybersecurity incidents and data security breaches. The inability to implement, maintain and upgrade adequate safeguards could have a material adverse effect on our business, financial condition, results of operations and prospects. Should such disruptions occur, our current insurance policies may not be adequate to compensate us for the potential costs and other losses arising from such disruptions, failures, or security breaches and it is possible that an insurer could deny coverage on any future claim. In addition, such insurance may not be available to us in the future on economically reasonable terms or at all. The successful assertion of one or more large claims against us that exceed available insurance coverage, or the occurrence of changes in our insurance policies, including premium increases or the imposition of large deductible or co-insurance requirements, could have a material adverse effect on our business, financial condition, results of operations and prospects.

We face significant competition in the synthetic biology technology market. We currently compete with synthetic biology technology companies and the companies that are supplying components, products and services that serve customers engaged in synthetic biology research. These companies include, among others, Thermo Fisher Scientific Inc.; Danaher Corporation; Azenta; GenScript Biotech Corporation; SAS; Integrated DNA Technologies, Inc.; Molecular Assemblies, Inc.; Nuclera Nucleics Ltd; Nutcracker Therapeutics, Inc.; Twist Bioscience Corporation; Aldevron, LLC; TriLink BioTechnologies, Inc.; Evonetix Ltd.; Eurofins Scientific; Synthego Corporation; Illumina, Inc.; and Roche AG. Some of our current competitors are large, publicly-traded companies, or are divisions of large publicly-traded companies, and may enjoy a number of competitive advantages over us, including: ?greater name and brand recognition;?greater financial and human resources;?broader product lines;?larger sales forces and more established distributor networks;?substantial intellectual property portfolios;?larger and more established customer bases and relationships; and ?better established, larger scale and lower cost manufacturing capabilities. We cannot assure investors that our products will compete favorably or that we will be successful in the face of increasing competition from products and technologies introduced by our existing or future competitors or companies entering our markets. In addition, we cannot assure investors that our competitors do not have or will not develop products or technologies that currently or in the future will enable them to produce competitive products with greater capabilities or at lower costs than ours. Any failure to compete effectively could materially and adversely affect our business, financial condition and operating results.

As of December 31, 2023, we had U.S. federal and state net operating loss carryforwards (NOLs) of $109.6 million and $76.0 million, respectively. The federal NOLs of $1.3 million, generated before January 1, 2018, will begin to expire in 2034, but can be used to offset up to 100% of taxable income. Amounts generated after December 31, 2017 will carryforward indefinitely, but will be subject to a 80% taxable income limitation beginning in tax years after December 31, 2020, as provided by the Coronavirus Aid, Relief, and Economic Security Act. State NOLs, if not utilized, will begin to expire in 2029. We may use these NOLs to offset against taxable income for U.S. federal and state income tax purposes. Additionally, Section 382 of the Internal Revenue Code of 1986, as amended, may limit the NOLs we may use in any year for U.S. federal income tax purposes in the event of certain changes in ownership of our company. A Section 382 "ownership change" generally occurs if one or more stockholders or groups of stockholders who own at least 5% of a company's stock increase their ownership by more than 50 percentage points over their lowest ownership percentage within a rolling three-year period. Similar rules may apply under state tax laws. We have not conducted a 382 study to determine whether the use of our NOLs is impaired. We may have previously undergone an "ownership change." In addition, future issuances or sales of our stock, including certain transactions involving our stock that are outside of our control, could result in future "ownership changes." "Ownership changes" that have occurred in the past or that may occur in the future could result in the imposition of an annual limit on the amount of pre-ownership change NOLs and other tax attributes we can use to reduce our taxable income, potentially increasing and accelerating our liability for income taxes, and also potentially causing those tax attributes to expire unused. States may impose other limitations on the use of our NOLs. Any limitation on using NOLs could, depending on the extent of such limitation and the NOLs previously used, result in our retaining less cash after payment of U.S. federal and state income taxes during any year in which we have taxable income, rather than losses, than we would be entitled to retain if such NOLs were available as an offset against such income for U.S. federal and state income tax reporting purposes, which could adversely impact our operating results.

Our future success depends upon our ability to recruit, train, retain and motivate key personnel. Our senior management team, including Eric Esser, our President and Chief Executive Officer; William Kullback, our Chief Financial Officer; and Daniel Gibson, Ph.D., our Chief Technology Officer, is critical to our vision, strategic direction, product development and commercialization efforts. We have entered into at-will employment agreements with each of Mr. Esser, Mr. Kullback, and Dr. Gibson, and such agreements may be terminated by either party at any time without cause. The departure of one or more of our executive officers, senior management team members or other key employees could be disruptive to our business unless we are able to hire qualified successors. We do not maintain "key man" life insurance on our senior management team. Our continued growth depends, in part, on attracting, retaining and motivating qualified personnel, including highly trained sales personnel with the necessary scientific background and ability to understand our systems at a technical level to effectively identify and sell to potential new customers. New hires require significant training and, in most cases, take significant time before they achieve full productivity. Our failure to successfully integrate these key personnel into our business could adversely affect our business. In addition, competition for qualified personnel is intense, particularly in the San Diego area, where our operations are headquartered. We compete for qualified scientific and information technology personnel with other life science and information technology companies as well as academic institutions and research institutions. We do not maintain fixed-term employment contracts with any of our employees. As a result, our employees could leave our company with little or no prior notice and would be free to work for a competitor. Due to the complex and technical nature of our products and technology and the dynamic market in which we compete, any failure to attract, train, retain and motivate qualified personnel could materially harm our business, results of operations, financial condition and prospects.

The COVID-19 pandemic resulted in, and may continue to result in, extreme volatility and disruptions in the capital and credit markets in general and has negatively impacted our stock price since becoming a public company in 2021. Should this impact continue, our ability to raise additional capital through equity, equity-linked or debt financings, will be reduced, which could negatively impact our short-term and long-term liquidity and our ability to operate in accordance with our operating plan, or at all. Additionally, our results of operations could be adversely affected by general conditions in the global economy, including inflation, and financial markets. The capital markets or general economic conditions may be adversely affected by geopolitical risks, hostilities, terrorist attacks or wars, including the current war between Russia and Ukraine and ongoing hostilities in the Middle East. A severe or prolonged economic downturn could result in a variety of risks to our business, including weakened demand for our products and our ability to raise additional capital when needed on favorable terms, if at all. A weak or declining economy could strain our customers' budgets or cause delays in their payments to us. Any of the foregoing could harm our business. We cannot anticipate all of the ways in which the current economic climate and financial market conditions could adversely impact our ability to raise capital, business, results of operations and financial condition.