TKO Group Holdings (TKO) Risk Factors

We act as a principal by owning and managing live events for which we sell media and sponsorship rights, ticketing and hospitality. Organizing and operating a live event involves significant financial risk as we bear all or most event costs, including a significant amount of up-front costs. In addition, we typically book our live events many months in advance of holding the event and often incur expenses prior to receiving any related revenue. Accordingly, if a planned event fails to occur or there is any disruption in our ability to live stream or otherwise distribute, whether as a result of technical difficulties or otherwise, we could lose a substantial amount of these costs, fail to generate the anticipated revenue, and could be forced to issue refunds for ticket or PPV sales and generate lower than expected media rights, sponsorship and licensing fees. If we are forced to postpone a planned event, we could incur substantial additional costs in order to stage the event on a new date, may have reduced attendance and revenue, and may have to refund fees. We could be compelled to cancel or postpone all or part of an event for many reasons, including severe weather conditions, issues with obtaining permits or government regulation, athletes failing to participate, as well as operational challenges caused by extraordinary incidents, such as terrorist or other security incidents, mass-casualty incidents, natural disasters, public health concerns including pandemics, or similar events. Such incidents have been shown to cause a nationwide and global disruption of commercial and leisure activities. In some United States and foreign jurisdictions, athletic commissions and other applicable regulatory agencies require us to obtain licenses for promoters, medical clearances and/or other permits or licenses for performers and/or permits for events in order for us to promote and conduct our live events. Foreign jurisdictions require visas for personnel and talent at international live events. In international markets, third-party promoters generally oversee permitting and regulatory matters. In the event that we fail to comply with the regulations of a particular jurisdiction, whether through our acts or omissions or those of our third-party promoters, we may be prohibited from promoting and conducting our live events in that jurisdiction. The inability to present our live events in jurisdiction(s), in addition to the lost revenues and expenses of the missed event(s), could lead to a decline in various revenue streams in such jurisdiction(s). We often have cancellation insurance policies in place to cover a portion of our losses if we are compelled to cancel an event, but our coverage may not be sufficient, may no longer cover a pandemic and is subject to deductibles. If the live events that we own and manage are not financially successful, we could suffer an adverse effect on our business, financial condition and results of operations.

Production of video programming by independent producers is generally not directly regulated by the federal or state governments in the United States. SmackDown is currently on broadcast television on the Fox Network and will move to USA Network beginning October 2024, NBCU currently carries Raw, which will move to Netflix beginning January 2025, and certain of our other programming is distributed on-demand via cable and satellite operators. We are responsible, directly or indirectly, for compliance with certain additional FCC regulations and statutory requirements applicable to programming distributed over television broadcast stations, cable and satellite, as well as for certain of our programming distributed via online platforms that has been televised via broadcast television,cable or satellite. Any failure to remain in compliance with these requirements could expose us to substantial costs and adverse publicity which could impact our operating results. Changes in FCC regulations, and the ongoing reallocation of satellite spectrum for "5G" next generation wireless broadband use, could impact the availability of satellite transmission spectrum for video programming distribution, which could increase the transmission costs of certain of our programming and/or affect transmission quality and reliability. The markets for programming in the United States and internationally may be substantially affected by government regulations applicable to, as well as social and political influences on, television stations and networks. We voluntarily designate the suitability of each of our television and WWE Network programs using standard industry ratings. Domestic and foreign governmental and private-sector initiatives relating to the production and distribution of video programming are announced from time to time. Compliance by our licensees with these initiatives and/or their noncompliance of governmental policies could restrict our program distribution and adversely affect our levels of viewership, result in adverse publicity and/or otherwise impact our operating results.

Our operations are subject to federal, state and local laws, statutes, rules, regulations, policies, and procedures in the United States and around the world, which are subject to change at any time, governing matters such as: ?licensing laws for athletes and the promotion and operation of MMA events;?licensing laws for the supply of sports betting data and other related products to gambling operators;?licensing, permitting and zoning requirements for operation of our offices, locations, venues, and other facilities;?health, safety, and sanitation requirements;?the service of food and alcoholic beverages;?working conditions, labor, minimum wage and hour, citizenship, immigration, visas, harassment and discrimination, and other labor and employment related considerations;?human rights and human trafficking, including compliance with the U.K. Modern Slavery Act and similar current and future legislation;?employment of youth workers and compliance with child labor laws;?compliance with the U.S. Americans with Disabilities Act of 1990 and the U.K.'s Disability Discrimination Act 1995;?compliance with the U.S. Foreign Corrupt Practices Act of 1977, as amended (the "FCPA"), the U.K. Bribery Act 2010 (the "Bribery Act") and similar regulations in other countries;?compliance with applicable antitrust and fair competition laws;?compliance with international trade controls, including applicable import/export regulations, and sanctions and international embargoes that may limit or prohibit our ability to do business with specific individuals or entities or in specific countries or territories;?compliance with anti-money laundering and countering terrorist financing rules, currency control regulations, and statutes prohibiting tax evasion and the aiding or abetting of tax evasion;?marketing activities, including the placement of gambling-related advertising at and around MMA events;?environmental protection regulations;?compliance with current and future privacy and data protection laws imposing requirements for the collecting, processing, storing and protection of personal or sensitive information, including the Federal Trade Commission Act, the CCPA and other state privacy laws, the GDPR and the E.U. e-Privacy Regulation;?compliance with cybersecurity laws imposing country-specific requirements relating to information systems and network design, security, operations, and use;?tax laws; and ?imposition by foreign countries of trade restrictions, restrictions on the manner in which content is currently licensed and distributed, ownership restrictions, or currency exchange controls. Noncompliance with these laws could subject us to whistleblower complaints, investigations, sanctions, settlements, prosecution, other enforcement actions, disgorgement of profits, significant fines, damages, other civil and criminal penalties or injunctions, reputational harm, adverse media coverage, and other collateral consequences. Multiple or repeated failures by us to comply with these laws and regulations could result in increased fines or proceedings against us, including suspension or revocation proceedings relating to licenses we are required to maintain to conduct our business. If any subpoenas or investigations are launched, or governmental or other sanctions are imposed, or if we do not prevail in any possible civil or criminal litigation, our business, results of operations, and financial condition could be materially harmed. In addition, responding to any action will likely result in a materially significant diversion of management's attention and resources and significant defense costs and other professional fees. Enforcement actions and sanctions could further harm our business, results of operations, and financial condition. There can be no assurance that a law or regulation will not be interpreted or enforced in a manner contrary to our current understanding. In addition, the promulgation of new laws, rules, and regulations could restrict or unfavorably impact our business, which could decrease demand for our events or content, reduce revenue, increase costs, or subject us to additional liabilities. For example, some legislatures have proposed laws in the past that would impose potential liability on us and other promoters and producers of live events for incidents that occur at their events, particularly relating to drugs and alcohol. In the United States and certain foreign jurisdictions, we may have direct and indirect interactions with government agencies and state-affiliated entities in the ordinary course of our business. In particular, athletic commissions and other applicable regulatory agencies require us to obtain licenses for promoters, medical clearances, licenses for athletes, or permits for events in order for us to promote and conduct our live events and productions. In the event that we fail to comply with the regulations of a particular jurisdiction, whether through our acts or omissions or those of third parties, we may be prohibited from promoting and conducting our live events and productions in that jurisdiction. The inability to present our live events and productions in jurisdictions could lead to a decline in various revenue streams in such jurisdictions, which could have an adverse effect on our business, financial condition, and results of operations. We are subject to the FCPA, and other anti-bribery and anti-money laundering laws in countries outside of the United States in which we conduct our activities. The FCPA generally prohibits companies and their intermediaries from making, promising, authorizing or offering improper payments or other things of value to foreign government officials for the purpose of obtaining or retaining business, directing business to any person, or securing any improper business advantage. The FCPA also requires U.S. issuers to make and keep books and records that accurately and fairly reflect the transactions of the corporation and to devise and maintain an adequate system of internal accounting controls. Other countries in which we operate also have anti-bribery laws, some of which prohibit improper payments to government and non-government persons and entities. We operate in a number of countries which are considered to be at a heightened risk for corruption. Additionally, we operate adjacent to industry segments, such as sports marketing, that have been the subject of past anti-corruption enforcement efforts. As a global company, a risk exists that our employees, contractors, agents, managers, or other business partners or representatives could engage in business practices prohibited by applicable U.S. laws and regulations, such as the FCPA, as well as the laws and regulations of other countries prohibiting corrupt payments to government officials and others, such as the Bribery Act. There can be no guarantee that our compliance programs will prevent corrupt business practices by one or more of our employees, contractors, agents, managers, or vendors, or that regulators in the U.S. or in other markets will view our program as adequate should any such issue arise. Any actual or alleged violation of the FCPA or other applicable anti-corruption laws could result in whistleblower complaints, sanctions, settlements, prosecution, enforcement actions, fines, damages, adverse media coverage, investigations, loss of export privileges, severe criminal or civil sanctions, or in the case of the FCPA, suspension or debarment from U.S. government contracts, any of which could have a material adverse effect on our reputation, as well as our business, financial condition, results of operations and prospects. Responding to any investigation or action would also likely result in a materially significant diversion of management's attention and resources and significant defense costs and other professional fees. In addition, the U.S. government may seek to hold us liable for successor liability for FCPA violations committed by companies in which we invest or that we acquire. We are also required to comply with economic sanctions laws imposed by the United States or by other jurisdictions where we do business, which may restrict our transactions in certain markets, and with certain customers, business partners, and other persons and entities. As a result, we may be prohibited from, directly or indirectly (including through a third-party intermediary), procuring goods, services, or technology from, or engaging in transactions with, individuals and entities subject to sanctions, including sanctions arising from the conflict involving Russia and Ukraine. We cannot guarantee that our efforts to remain in compliance with sanctions requirements will be successful. Any violation of sanctions laws could result in fines, civil and criminal sanctions against us or our employees, prohibitions on the conduct of our business (e.g., debarment from doing business with International Development Banks and similar organizations), and damage to our reputation, which could have an adverse effect on our business, financial condition, and results of operations.

Our results may be affected by the outcome of pending and future litigation, investigations, claims and other disputes. Unfavorable rulings in our legal proceedings could result in material liability to us or have a negative impact on our reputation or relations with our employees or third parties. The outcome of litigation, including class action lawsuits, is difficult to assess or quantify. Plaintiffs in class action lawsuits may seek recovery of very large or indeterminate amounts and the magnitude of the potential loss relating to such lawsuits may remain unknown for substantial periods of time. Zuffa is currently named as a defendant in multiple class-action lawsuits alleging that we violated Section 2 of the Sherman Act by monopsonizing an alleged market for the services of elite professional MMA athletes. The fighter plaintiffs claim that Zuffa's alleged conduct injured them by artificially depressing the compensation they received for their services, and they seek treble damages under the antitrust laws, as well as attorneys' fees and costs, and, in some instances, injunctive relief. On August 9, 2023, the lawsuit encompassing the period from December 16, 2010 to June 30, 2017 was certified as a class action. The court has set a trial date of April 15, 2024 for this case. An amended complaint in another lawsuit covering the period from July 1, 2017 to the present was recently filed. The defendants in that case are Zuffa, Endeavor and TKO OpCo. Discovery recently opened and will continue at least through mid-2025. If we are unable to resolve these or other matters favorably, our business, operating results, and our financial condition may be adversely affected. In addition, we are currently, and from time to time in the future may be, subject to various other claims, investigations, legal and administrative cases and proceedings (whether civil or criminal), or lawsuits by governmental agencies or private parties. In addition, allegations against or improper conduct by current or former employees, contractors or partners could damage our reputation and/or lead to litigation or legal proceedings that could result in civil or criminal penalties, including substantial monetary fines. If the results of these claims, allegations, investigations, proceedings, or suits are unfavorable to us or if we are unable to successfully defend against third-party lawsuits, we may be required to pay monetary damages or may be subject to fines, penalties, injunctions, or other censure that could have an adverse effect on our business, financial condition, and results of operations. Even if we adequately address the issues raised by an investigation or proceeding or successfully defend a third-party lawsuit or counterclaim, we may have to devote significant financial and management resources to address these issues, which could have an adverse effect on our business, results of operations, and financial condition. In addition, publicity from these matters could negatively impact our business, reputation and competitive position and reduce investor demand for our Class A common stock and negatively impact the trading price of such stock.

Our businesses, conducted through TKO OpCo and its subsidiaries, will be subject to income taxation in the United States, as well as in many tax jurisdictions throughout the world. Tax rates in these jurisdictions may be subject to significant change. If our effective tax rate increases, our operating results and cash flow could be adversely affected. Our effective income tax rate may vary significantly between periods due to a number of complex factors including, but not limited to, projected levels of taxable income, pre-tax income being lower than anticipated in countries with lower statutory rates or higher than anticipated in countries with higher statutory rates, increases or decreases to valuation allowances that need to be recorded against deferred tax assets, tax audits conducted and settled by various tax authorities, adjustments to income taxes upon finalization of income tax returns, the ability to claim foreign tax credits, and changes in tax laws and their interpretations in countries in which we will be subject to taxation.

Our business operations involve the collection, transfer, use, disclosure, storage, disposal and other processing of personal or sensitive information around the world, including the United States and the United Kingdom and the European Economic Area ("EEA"). We collect, store, transmit, and use personal information relating to, among others, our employees, consumers, and event participants. As a result, our business is subject to complex and continually evolving (and at times conflicting) U.S. (federal, state and local) and international laws and regulations regarding data privacy and data protection. Many of these laws and regulations are subject to change and uncertain interpretation and could result in claims, changes to our business practices, penalties, increased cost of operations, or otherwise harm our business. For example, in Europe, member states have adopted or modified data privacy and security laws and regulations that may apply to our business, such as the General Data Protection Regulation 2016/679 and applicable national supplementing laws ("EU GDPR") and in the United Kingdom, the United Kingdom data protection regime consisting primarily of the U.K. General Data Protection Regulation and Data Protection Act of 2018 ("UK GDPR", and together with the EU GDPR, the "GDPR"). The GDPR imposes comprehensive data privacy compliance obligations and creates requirements for in-scope businesses regarding the processing of personal data, broadly defined as information relating to an identifiable person including a principle of accountability and the obligation to demonstrate compliance through policies, procedure, training and audit. Under the GDPR, and other privacy regimes globally, we are subject to rules regarding cross-border transfers of personal data. Recent legal developments in Europe have created complexity and uncertainty regarding transfers of personal data from the EEA and United Kingdom to the U.S. and other jurisdictions. For example, in 2020, the Court of Justice of the European Union invalidated the EU-US Privacy Shield Framework, under which personal data could be transferred from the EEA to relevant self-certified U.S. entities, and further noted that reliance on the standard contractual clauses alone (a standard, non-negotiable form of contract approved by the European Commission) may not necessarily be sufficient in all circumstances and that transfers must be assessed on a case-by-case basis. Subsequent European court and regulatory decisions have taken a restrictive approach to international data transfers. The UK regulator has adopted a similar approach to data export outside of the UK and, in 2022, the international data transfer agreement and the international data transfer addendum to the European Commission's standard contractual clauses for international data transfers came into force. The UK regulator also recommends, consistent with the European Commission approach, a documented transfer risk assessment is undertaken. We currently generally rely on the standard contractual clauses as well as other data sharing agreements and conduct transfer impact assessments to transfer personal information outside the EEA and the UK, including to the United States. A replacement for the Privacy Shield Framework, the EU-US Data Privacy Framework, became effective in 2023; however, this framework is already facing challenges similar to those that resulted in the invalidation of the Privacy Shield Framework. We expect the existing legal complexity and uncertainty regarding international data transfers to continue. As supervisory authorities within the EEA issue further guidance on international data transfers under the GDPR, and as enforcement actions continue, we could suffer additional costs, complaints and/or regulatory investigations or fines, and/or it could affect our operations and the manner in which we provide our services (for example, we may have to stop using certain tools and vendors and make other operational changes). In particular, given the complexity and constantly evolving nature of our cross-border data transfers, the standard contractual clauses will need to be updated over time to fully legitimize our data transfers, and a failure to do so could result in enforcement action from regulators. There can be no assurances that we will be successful in our efforts to comply with the GDPR or other privacy and data protection laws and regulations, or that violations will not occur, particularly given the complexity of both these laws and our business, as well as the uncertainties that accompany new laws. In addition, in recent years, in the United States certain states have adopted or modified data privacy and security laws and regulations that may apply to our business. For example, the CCPA requires businesses that process the personal information of California residents to among other things provide certain disclosures to California residents regarding the business's collection, use and disclosure of their personal information; receive and respond to requests from California residents to access, delete, and correct their personal information, and opt-out of certain disclosures of their personal information; and enter into specific contractual provisions with service provider that process California resident personal information on the business's behalf. The effects of this legislation are far-reaching and have required and may continue to require us to modify our data processing practices and policies and to incur significant costs and expenses in an effort to comply. The enactment of the CCPA has also prompted a wave of similar data privacy laws in other states across the United States. For example, since the CCPA went into effect, general data privacy statutes that share similarities with the CCPA are now in effect and enforceable in Virginia, Colorado, Connecticut, and Utah, and will soon be enforceable in several other states as well. Similar laws have been proposed in many other states and at the federal level as well. Recent, new, and proposed state and federal legislation relating to data privacy may add additional complexity, variation in requirements, restrictions and potential legal risk, require additional compliance programs, could impact strategies and availability of previously useful information, and could result in increased compliance costs and/or changes in business practices and policies. Besides the UK, EEA and the United States, our global reach means we may be or become subject to other privacy regimes, and new laws are being enacted regularly, including laws which may have potentially conflicting requirements that would make compliance challenging. If the trend of increasing enforcement by regulators of such laws as reflected in recent guidance and decisions continues, this could lead to substantial costs, require significant systems changes, limit the effectiveness of our marketing activities, divert the attention of our technology personnel, adversely affect our margins, increase costs and subject us to additional liabilities. For example, UFC operates a UFC Performance Institute, among other significant operations, in China. As such, we may be subject to various aspects of the country's onerous data compliance regime, which can include the Cybersecurity Law, the Data Security Law and the Personal Information Protection Law ("PIPL"). In addition, the relevant government authorities of China promulgated several regulations or released a number of draft regulations for public comments that are designed to provide further implementation guidance in accordance with these laws. We cannot predict what impact the new laws and regulations or the increased costs of compliance, if any, will have on our operations in China, in particular the Data Security Law or PIPL, due to their recent enactment and the limited guidance available. It is also generally unclear how the laws will be interpreted and enforced in practice by the relevant government authorities as these laws are drafted broadly and, thus, leave great discretion to the relevant government authorities to exercise. Further, we are subject to laws, regulations and standards in the United States covering marketing, advertising, cookies, tracking technologies, e-marketing, and other activities conducted by telephone, email, mobile devices and the internet, such as the Federal Communications Act, the Federal Wiretap Act, the Electronic Communications Privacy Act, the Telephone Consumer Protection Act, the Children's Online Privacy Protection Act, the Controlling the Assault of Non-Solicited Pornography and Marketing Act, the Video Privacy Protection Act (the "VPPA"), and similar state consumer protection and communication privacy laws. Numerous class-action suits under federal and state laws have been filed in recent years against companies who conduct telemarketing and/or SMS texting programs, with many resulting in multi-million-dollar settlements to the plaintiffs. We have received one or more claims of violation of the VPPA, though none resulting in significant liability or expense. Finally, regulation of cookies and similar technologies, and any use of cookies or similar online tracking technologies as a means to identify and potentially target users, may lead to broader restrictions and impairments on our marketing and personalization activities and may negatively impact our efforts to better understand users. Recent U.S. and European court and regulator decisions are driving increased attention to cookies and tracking technologies and privacy activists are referring non-compliant companies to regulators. In the EU and the UK, informed consent is required for the placement of certain cookies or similar technologies on a customer's or user's device and for direct electronic marketing. The GDPR also imposes conditions on obtaining valid consent, such as a prohibition on pre-checked consents and a requirement to ensure separate consents are sought for each type of cookie or similar technology. Regulators are increasingly focusing on compliance with current national laws that implement the ePrivacy Directive, and which may be replaced by an EU regulation known as the ePrivacy Regulation, which will significantly increase fines for non-compliance. If the trend of increasing enforcement by regulators of the strict approach including opt-in consent for all but essential use cases, as seen in recent guidance and decisions continues, this could lead to substantial costs, require significant systems changes, limit the effectiveness of our marketing activities, divert the attention of our technology personnel, adversely affect our margins, and subject us to additional liabilities. The effects of any applicable U.S. federal, state and local laws and regulations, and international laws and regulations that are currently in effect or that may go into effect in the future, are significant (and may be assessed based on a percentage of revenue) and may require us to modify our data processing practices and policies and to incur substantial costs and potential liability in an effort to comply with such laws and regulations. Responding to allegations of non-compliance, whether or not true, could be costly, time consuming, distracting to management, and cause reputational harm. In addition to government regulation, privacy advocates and industry groups may propose new and different self-regulatory standards. Because the interpretation and application of privacy and data protection laws are still uncertain, it is possible that these laws may be interpreted and applied in a manner that is inconsistent with one another or inconsistent with our existing data management practices or the features of our products and services. Any actual or perceived failure to comply with these and other data protection and privacy laws and regulations could result in regulatory scrutiny and increased exposure to the risks of litigation (including class action lawsuits) or the imposition of consent orders, enforcement notices, assessment notices (for a compulsory audit), resolution agreements, orders to cease/change our processing of personal data, requirements to take particular actions with respect to training, policies or other activities, and civil and criminal penalties, including fines, which could harm our business. In addition, we or our third-party service providers could be required to fundamentally change our business activities and practices or modify our products and services, which could harm our or our third-party service providers' businesses. Any of the foregoing could result in additional cost and liability to us, damage our reputation, inhibit sales, and harm our business.

Though our businesses are not subject to collective bargaining agreements, our businesses may be interrupted as a result of labor disputes by outside unions, or internal efforts, attempting to unionize one or more groups of employees. There have also been efforts to organize the athletes that participate in our events. A work stoppage or other labor disruption at one or more of our operated venues or at our promoted events could have an adverse effect on our business, financial condition, and results of operations. We cannot predict the effect that a potential work stoppage or other labor disruption would have on our business.

Our performance is substantially dependent on the continued services of executive management and other key employees as well as our relationship with our parent company, Endeavor, with whom we have various service agreements. We cannot be sure that any adverse effect on Endeavor's business would not also have an adverse effect on our business, financial condition, and results of operations. Further, members of our or Endeavor's executive management may not remain with Endeavor or us and may compete with us in the future. The loss of any member of our or Endeavor's executive management teams could impair our ability to execute our business plan and growth strategy, have a negative impact on our business, financial condition, and results of operations, or cause employee morale problems or the loss of additional key employees.