VF (VFC) Risk Analysis

VF's policy is to evaluate indefinite-lived intangible assets and goodwill for possible impairment as of the beginning of the fourth quarter of each year, or whenever events or changes in circumstances indicate that the fair value of such assets may be below their carrying amount. In addition, intangible assets that are being amortized are tested for impairment whenever events or circumstances indicate that their carrying value may not be recoverable. For these impairment tests, we use various valuation methods to estimate the fair value of our business units and intangible assets. If the fair value of an asset is less than its carrying value, we would recognize an impairment charge for the difference. During the third quarter of Fiscal 2025, due to the continued downturn in the Dickies financial results and projections, combined with expectations of a slower recovery than previously anticipated, VF determined that a triggering event had occurred requiring impairment testing of the Dickies indefinite-lived trademark intangible asset. As a result of the impairment testing performed, VF recorded an impairment charge of $51.0 million to the Dickies indefinite-lived trademark intangible asset. The impairment primarily related to the reduction in financial projections for Dickies. It is possible that we could have another impairment charge for goodwill or trademark and trade name intangible assets in future periods if (i) the businesses do not perform as projected, (ii) overall economic conditions in Fiscal 2025 or future years vary from our current assumptions (including changes in discount rates and foreign currency exchange rates), (iii) business conditions or our strategies for a specific business unit change from our current assumptions, (iv) investors require higher rates of return on equity investments in the marketplace, or (v) enterprise values of comparable publicly traded companies, or of actual sales transactions of comparable companies, were to decline, resulting in lower comparable multiples of revenues and earnings before interest, taxes, depreciation and amortization and, accordingly, lower implied values of goodwill and intangible assets. Any future impairment charge for goodwill or intangible assets could have a material effect on our consolidated financial position or results of operations.

As of March 30, 2024, VF had approximately $6.0 billion of debt outstanding. VF's debt and interest payment requirements could have important consequences on its business, financial condition and results of operations. For example, they could: - require VF to dedicate a substantial portion of its cash flow from operations to repaying its indebtedness, which would reduce the availability of its cash flow to fund working capital requirements, capital expenditures, future acquisitions, dividends, repurchase VF's common stock and for other general corporate purposes;- limit VF's flexibility in planning for or reacting to general adverse economic conditions or changes in its business and the industries in which it operates;- place VF at a competitive disadvantage compared to its competitors that have less indebtedness outstanding; and - negatively affect VF's credit ratings and limit, along with the financial and other restrictive covenants in VF's debt documents and its ability to borrow additional funds. VF's credit ratings may impact the cost and availability of future borrowings. As a result of recent downgrades by S&P Global Inc. and Moody's Investor Services, Inc., VF's global credit facility and term loan were subject to interest rate adjustments. In addition, VF may incur substantial additional indebtedness in the future to fund acquisitions, repurchase common stock or fund other activities for general business purposes. If VF incurs additional indebtedness, it may limit VF's ability to access the debt capital markets or other forms of financing in the future and may result in increased borrowing costs. Although VF has historically declared and paid quarterly cash dividends on its common stock and has been authorized to repurchase its stock subject to certain limitations under its share repurchase programs, any determinations by the Board of Directors to continue to declare and pay cash dividends on VF's common stock or to repurchase VF's common stock will be based primarily upon VF's financial condition, results of operations and business requirements, its access to debt capital markets or other forms of financing, the price of its common stock in the case of the repurchase program and the Board of Directors' continuing determination that the repurchase programs and the declaration and payment of dividends are in the best interests of VF's shareholders and are in compliance with all laws and agreements applicable to the repurchase and dividend programs. Our cash dividend payments may change from time to time, and we cannot provide assurance that we will increase our cash dividend payment or declare cash dividends in any particular amount or at all. A reduction in the amount or suspension of our cash dividend payments or a reduction in the level or discontinuation of our share repurchases could have a negative effect on VF's stock price. Beginning in the fourth quarter of Fiscal 2023, we reduced the cash dividend, which is expected to support the return to VF's target leverage ratio and provide additional financial flexibility. In addition, under VF's $2.25 billion senior unsecured revolving line of credit, the total amount of certain payments, including cash dividends, is limited to $500.0 million annually, on a calendar-year basis. VF is required to comply with certain financial and other restrictive debt covenants in its debt documents. Failure by VF to comply with these covenants could result in an event of default that, if not cured or waived, could have a material adverse effect on VF if the lenders declare any outstanding obligations to be immediately due and payable.VF is subject to the risk that its licensees may not generate expected sales or maintain the value of VF's brands.During Fiscal 2024, $67.1 million of VF's revenues were derived from licensing royalties. Although VF generally has significant control over its licensees' products and advertising, we rely on our licensees for, among other things, operational and financial controls over their businesses. Failure of our licensees to successfully market licensed products or our inability to replace existing licensees, if necessary, could adversely affect VF's revenues, both directly from reduced royalties received and indirectly from reduced sales of our other products. Risks are also associated with a licensee's ability to:- obtain capital;- manage its labor relations;- maintain relationships with its suppliers;- manage its credit risk effectively;- maintain relationships with its customers; and- adhere to VF's Global Compliance Principles.In addition, VF relies on its licensees to help preserve the value of its brands. Although we attempt to protect VF's brands through approval rights over design, production processes, quality, packaging, merchandising, distribution, advertising and promotion of our licensed products, we cannot completely control the use of licensed VF brands by our licensees. The misuse of a brand by a licensee, including through the marketing of products under one of our brand names that do not meet our quality standards, could have a material adverse effect on that brand and on VF.Volatility in securities markets, interest rates and other economic factors could substantially increase VF's defined benefit pension costs.VF currently has obligations under its defined benefit pension plans. The funded status of the pension plans is dependent on many factors, including returns on invested assets and the discount rates used to determine pension obligations. Unfavorable impacts from returns on plan assets, changes in discount rates, changes in plan demographics or revisions in the applicable laws or regulations could materially change the timing and amount of pension funding requirements, which could reduce cash available for VF's business.VF's operating performance also may be negatively impacted by the amount of expense recorded for its pension plans. Pension expense is calculated using actuarial valuations that incorporate assumptions and estimates about financial market, economic and demographic conditions. Differences between estimated and actual results give rise to gains and losses that are deferred and amortized as part of future pension expense, which can create volatility that adversely impacts VF's future operating results. VF is required to comply with certain financial and other restrictive debt covenants in its debt documents. Failure by VF to comply with these covenants could result in an event of default that, if not cured or waived, could have a material adverse effect on VF if the lenders declare any outstanding obligations to be immediately due and payable.

Any acquisitions, divestitures or mergers by VF, including our completed sale of the Supreme brand business to EssilorLuxottica, will be accompanied by the risks commonly encountered in acquisitions or divestitures of companies, businesses or brands. These risks include, among other things, higher than anticipated acquisition or divestiture costs and expenses, the difficulty and expense of integrating or separating the operations, systems and personnel of the companies, businesses or brands, the loss of key employees and consumers as a result of changes in management or ownership, and slower progress toward environmental, social and governance goals given challenges with data acquisition and integration, the difficulty of accessing and disclosing sufficient environmental, social and governance data to comply with current and emerging environmental, social and governance regulations, and integration of environmental, social and governance initiatives overall. In addition, geographic distances may make integration of acquired businesses more difficult. We may not be successful in overcoming these risks or any other problems encountered in connection with any acquisitions or divestitures. Moreover,failure to effectively manage VF's portfolio of brands in line with growth targets and shareholder expectations, including acquisition choices, integration approach, transaction pricing and divestiture timing could result in unfavorable impacts to growth and value creation. Our acquisitions and divestitures may cause large one-time expenses or create goodwill or other intangible assets that could result in significant impairment charges. We also make certain estimates and assumptions in order to determine purchase price allocation and estimate the fair value of assets acquired and liabilities assumed. If our estimates or assumptions used to value these assets and liabilities are not accurate, we may be exposed to losses that may be material. On July 17, 2024, we announced that we entered into a definitive agreement for EssilorLuxottica to acquire the Supreme brand business from VF for $1.5 billion in cash, subject to customary adjustments for cash, indebtedness, working capital and transaction expenses. On October 1, 2024, we completed the Supreme sale. We may not realize some or all of the expected benefits from the sale of Supreme.

In the normal course of business, we collect, retain and transmit certain sensitive and confidential consumer information, including payment information, and employee information, over public networks. There is a significant concern by consumers and employees over the security of personal information, identity theft and user privacy. Data and information security breaches are increasingly sophisticated, and can be difficult to detect for long periods of time. Accordingly, if unauthorized parties gain access to our networks or databases, such as with the incident reported by VF in December 2023, or those of third parties on which we rely, they have, and could continue to, be able to steal, publish, delete, hold ransom or modify our private and sensitive information, including payment information, personal information, and confidential or other proprietary business information. We are subject to frequent cyber-attacks of varying levels of severity and threats to our business from a variety of bad actors, many of whom attempt to gain unauthorized access to, steal or compromise our confidential information and systems. For example, we detected unauthorized occurrences on a portion of our information technology systems in December 2023. We have incurred, and may continue to incur, certain costs related to this attack which may not be covered by our cyber liability insurance. While we have implemented systems and processes designed to protect against unauthorized access to or use of personal information and other confidential information, and rely on encryption and authentication technologies to effectively secure transmission of such information, including payment information, there is no guarantee that they will be able to prevent unauthorized access to our systems and information in the future. Our facilities and systems, and those of third parties on which we rely, are frequently the target of cyber-attacks of varying levels of severity and have been, and may in the future be vulnerable, and we may be unable to prevent, anticipate or detect security breaches and data loss. In addition, we face amplified cybersecurity risks as a result of the number of employees we employ, including a number of employees working remotely. These amplified risks include increased demand on our information technology resources and systems and an increase in the number of points of potential attack on networks that we do not control, such as home WiFi networks. Employees may intentionally or inadvertently cause cybersecurity breaches that result in the unauthorized access to our systems or the unauthorized release of personal or confidential information. VF and its consumers and customers could suffer harm if valuable business data, or employee, consumer, customer and other confidential and proprietary information were corrupted, lost, accessed or misappropriated by third parties due to a cyber-attack, a security failure in VF's systems, or due to one of our third-party service providers or our employees. Any such breach, including, without limitation, the incident reported by VF in December 2023, has and could require significant expenditures to remediate; could cause damage to our reputation, to confidence in our e-commerce platforms and to our relationships with customers, consumers, employees and third parties on whom we rely; has and could result in business disruption, negative media attention and lost sales; and could expose us to risks of litigation, liability and increased scrutiny from regulatory entities. In addition, as a result of recent security breaches at a number of prominent retailers and other companies, media and public scrutiny of information security and privacy has become more intense and the regulatory environment has become increasingly uncertain, rigorous and complex. As a result, we may incur significant costs to comply with laws regarding the privacy and security of personal information and we may not be able to comply with new data protection laws and regulations being adopted around the world. theft and user privacy. Data and information security breaches are increasingly sophisticated, and can be difficult to detect for long periods of time. Accordingly, if unauthorized parties gain access to our networks or databases, such as with the incident reported by VF in December 2023, or those of third parties on which we rely, they have, and could continue to, be able to steal, publish, delete, hold ransom or modify our private and sensitive information, including payment information, personal information, and confidential or other proprietary business information. We are subject to frequent cyber-attacks of varying levels of severity and threats to our business from a variety of bad actors, many of whom attempt to gain unauthorized access to, steal or compromise our confidential information and systems. For example, we detected unauthorized occurrences on a portion of our information technology systems in December 2023. We have incurred, and may continue to incur, certain costs related to this attack which may not be covered by our cyber liability insurance. While we have implemented systems and processes designed to protect against unauthorized access to or use of personal information and other confidential information, and rely on encryption and authentication technologies to effectively secure transmission of such information, including payment information, there is no guarantee that they will be able to prevent unauthorized access to our systems and information in the future. Our facilities and systems, and those of third parties on which we rely, are frequently the target of cyber-attacks of varying levels of severity and have been, and may in the future be vulnerable, and we may be unable to prevent, anticipate or detect security breaches and data loss. In addition, we face amplified cybersecurity risks as a result of the number of employees we employ, including a number of employees working remotely. These amplified risks include increased demand on our information technology resources and systems and an increase in the number of points of potential attack on networks that we do not control, such as home WiFi networks. Employees may intentionally or inadvertently cause cybersecurity breaches that result in the unauthorized access to our systems or the unauthorized release of personal or confidential information. VF and its consumers and customers could suffer harm if valuable business data, or employee, consumer, customer and other confidential and proprietary information were corrupted, lost, accessed or misappropriated by third parties due to a cyber-attack, a security failure in VF's systems, or due to one of our third-party service providers or our employees. Any such breach, including, without limitation, the incident reported by VF in December 2023, has and could require significant expenditures to remediate; could cause damage to our reputation, to confidence in our e-commerce platforms and to our relationships with customers, consumers, employees and third parties on whom we rely; has and could result in business disruption, negative media attention and lost sales; and could expose us to risks of litigation, liability and increased scrutiny from regulatory entities. In addition, as a result of recent security breaches at a number of prominent retailers and other companies, media and public scrutiny of information security and privacy has become more intense and the regulatory environment has become increasingly uncertain, rigorous and complex. As a result, we may incur significant costs to comply with laws regarding the privacy and security of personal information and we may not be able to comply with new data protection laws and regulations being adopted around the world. Any failure to comply with the laws and regulations and consumer expectations surrounding the privacy and security of personal information could subject us to legal and reputational risk, including significant fines and/or litigation for non-compliance in multiple jurisdictions, negative media coverage, diminished consumer confidence and decreased attraction to our brands, any of which could have a negative impact on revenues and profits. In addition, while we maintain cyber insurance policies, those existing insurance policies may not adequately protect VF from all of the adverse effects and damages that could be caused by a security breach, including the incident reported by VF in December 2023. Moreover, if our associates or vendors, intentionally or inadvertently, misuse consumer data or are not transparent with consumers about how we use their data, our brands, reputation and relationships with consumers could be damaged.We experienced a significant data security breach in December 2023 which could result in a number of potentially unknown outcomes, including but not limited to, litigation, regulatory investigations or enforcement actions, or reputational harm, any of which could have a material impact on our business operations, financial condition, or results of operations.The cybersecurity incident we experienced in December 2023 included the encryption of certain information technology systems and the theft of certain personal information and business information through unauthorized access to our information technology systems. As a result of the cybersecurity incident, we may be subject to governmental investigations, private litigation or other claims, which could result in fines, other monetary relief, or injunctive relief that could materially increase our data security costs, adversely impact how we operate our systems and collect and use personal information. If, as a result of any such governmental investigation, other investigation or claim, we are found to be in violation of applicable laws and regulations including, without limitation, any applicable data privacy and information security laws or regulations, we could be subject to legal risk, including government enforcement action and civil litigation, which could adversely affect our business, reputation, financial condition or results of operations. Defending any such litigation claim or enforcement action, regardless of merit, and whether successful or unsuccessful, and cooperating with regulatory investigations, could be expensive and time-consuming and adversely affect our business, reputation, results of operations or financial condition. In addition, we may be adversely impacted by reputational harm or a loss of confidence in the security and integrity of our information technology systems among consumers, customers, employees and business partners.The development and use of AI, and the failure to use AI, present risks and challenges that may negatively impact our business.Our business is highly-competitive, and our success may require the adoption of new and emerging technologies, such as AI, and specifically generative AI, by us or our business partners. Failure to adapt to a rapidly-changing technological environment could result in negative impacts to our business.We also face risks from the adoption of new technologies such as AI if we or our business partners use them incorrectly or in ways that introduce new risks. Our business partners may incorporate AI tools into their offerings which may not meet existing or rapidly-changing regulatory or industry standards Any failure to comply with the laws and regulations and consumer expectations surrounding the privacy and security of personal information could subject us to legal and reputational risk, including significant fines and/or litigation for non-compliance in multiple jurisdictions, negative media coverage, diminished consumer confidence and decreased attraction to our brands, any of which could have a negative impact on revenues and profits. In addition, while we maintain cyber insurance policies, those existing insurance policies may not adequately protect VF from all of the adverse effects and damages that could be caused by a security breach, including the incident reported by VF in December 2023. Moreover, if our associates or vendors, intentionally or inadvertently, misuse consumer data or are not transparent with consumers about how we use their data, our brands, reputation and relationships with consumers could be damaged.

Our business is highly-competitive, and our success may require the adoption of new and emerging technologies, such as AI, and specifically generative AI, by us or our business partners. Failure to adapt to a rapidly-changing technological environment could result in negative impacts to our business. We also face risks from the adoption of new technologies such as AI if we or our business partners use them incorrectly or in ways that introduce new risks. Our business partners may incorporate AI tools into their offerings which may not meet existing or rapidly-changing regulatory or industry standards and may inhibit our or our business partners' ability to maintain an adequate level of service.The development of AI technologies is complex, and there are technical challenges associated with achieving the desired level of accuracy, efficiency, and reliability. The algorithms and models utilized in generative AI systems may have limitations, including biases, errors, or inability to handle certain data types or scenarios. Furthermore, there is a risk of system failures, disruptions, or vulnerabilities that could compromise the integrity, security, or privacy of data inputs or the generated content. These limitations or failures could result in reputational harm, legal liabilities, or loss of consumer, customer, employee or business partner confidence.If we or our business partners use AI to make decisions that affect consumers, employees or job applicants, the AI may be subject to biases or other types of unfair decision-making that may negatively impact those individuals and create legal or reputational risk for us. If we or our business partners use AI to create intellectual property (IP), such as product designs, trademarks, or copyrightable text or code, we may be subject to IP rights claims from third parties claiming ownership of, or demanding rights to the IP that we or our business partners have developed using AI, or we may face the risk of not being able to adequately secure the rights to the IP created.Cybersecurity threat actors may use AI tools, including generative AI, to deploy increasingly advanced attacks on our and our business partners' information technology systems. The increasing sophistication of cybersecurity attacks, including through the use of AI, may create a demand for us to use more and more sophisticated AI in our cybersecurity defense efforts. We face risks that we will fail to combat the offensive use of AI sufficiently or that we will fail to deploy defensive tools using AI adequately, either because we are unable to anticipate the risks accurately in a rapidly-evolving landscape or because we lack the knowledge or resources to adequately address the cybersecurity threats and opportunities associated with AI.Uncertainty in the legal regulatory regime relating to AI may require significant resources to modify and maintain business practices to comply with U.S. and non-U.S. laws, the nature of which cannot be determined at this time. Several jurisdictions around the globe, including the EU and certain U.S. states, have already proposed or enacted laws governing AI. Other jurisdictions may decide to adopt similar or more restrictive legislation that may render the use of such technologies challenging. These obligations may make it harder for us to conduct our business using AI, lead to regulatory fines or penalties, require us to change our business practices, or prevent or limit our use of AI. If we or our business partners cannot use AI, or that use is restricted, our business may be less efficient, or we may be at a competitive disadvantage. Any of these factors could adversely affect our business, financial condition, and results of operations.There are risks associated with VF's acquisitions, divestitures and portfolio management.Any acquisitions, divestitures or mergers by VF will be accompanied by the risks commonly encountered in acquisitions or divestitures of companies, businesses or brands. These risks include, among other things, higher than anticipated acquisition or divestiture costs and expenses, the difficulty and expense of and may inhibit our or our business partners' ability to maintain an adequate level of service. The development of AI technologies is complex, and there are technical challenges associated with achieving the desired level of accuracy, efficiency, and reliability. The algorithms and models utilized in generative AI systems may have limitations, including biases, errors, or inability to handle certain data types or scenarios. Furthermore, there is a risk of system failures, disruptions, or vulnerabilities that could compromise the integrity, security, or privacy of data inputs or the generated content. These limitations or failures could result in reputational harm, legal liabilities, or loss of consumer, customer, employee or business partner confidence. If we or our business partners use AI to make decisions that affect consumers, employees or job applicants, the AI may be subject to biases or other types of unfair decision-making that may negatively impact those individuals and create legal or reputational risk for us. If we or our business partners use AI to create intellectual property (IP), such as product designs, trademarks, or copyrightable text or code, we may be subject to IP rights claims from third parties claiming ownership of, or demanding rights to the IP that we or our business partners have developed using AI, or we may face the risk of not being able to adequately secure the rights to the IP created. Cybersecurity threat actors may use AI tools, including generative AI, to deploy increasingly advanced attacks on our and our business partners' information technology systems. The increasing sophistication of cybersecurity attacks, including through the use of AI, may create a demand for us to use more and more sophisticated AI in our cybersecurity defense efforts. We face risks that we will fail to combat the offensive use of AI sufficiently or that we will fail to deploy defensive tools using AI adequately, either because we are unable to anticipate the risks accurately in a rapidly-evolving landscape or because we lack the knowledge or resources to adequately address the cybersecurity threats and opportunities associated with AI. Uncertainty in the legal regulatory regime relating to AI may require significant resources to modify and maintain business practices to comply with U.S. and non-U.S. laws, the nature of which cannot be determined at this time. Several jurisdictions around the globe, including the EU and certain U.S. states, have already proposed or enacted laws governing AI. Other jurisdictions may decide to adopt similar or more restrictive legislation that may render the use of such technologies challenging. These obligations may make it harder for us to conduct our business using AI, lead to regulatory fines or penalties, require us to change our business practices, or prevent or limit our use of AI. If we or our business partners cannot use AI, or that use is restricted, our business may be less efficient, or we may be at a competitive disadvantage. Any of these factors could adversely affect our business, financial condition, and results of operations.

The occurrence of regional epidemics or a global pandemic may adversely affect our business, financial condition and results of operations. For example, the COVID-19 pandemic has and could continue to materially and adversely affect our business, financial condition and results of operation. Our business has been, and could continue to be, impacted by the effects of the COVID-19 pandemic in countries and territories where we operate and where our employees, suppliers, third-party service providers, consumers or customers are located. Our operations may be closed again or experience operational restrictions if and where there is a resurgence in COVID-19 or new variants of the virus emerge. We may continue to experience significant reductions in demand and significant volatility in demand for our products by consumers and customers, resulting in reduced orders, order cancellations, lower revenues, higher discounts, increased inventories, decreased value of inventories and lower gross margins. We may be negatively impacted by significant uncertainty and turmoil in global economic and financial market conditions causing, among other things: decreased consumer confidence and decreased consumer spending, inability to access financing in the credit and capital markets (including the commercial paper market) at reasonable rates (or at all), increased exposure to fluctuations in foreign currency exchange rates relative to the U.S. Dollar, and volatility in the availability and prices for commodities and raw materials we use for our products and in our supply chain. We may continue to fail to meet our consumers' and customers' needs for inventory production and fulfillment due to disruptions in our supply chain and increased costs associated with mitigating the effects of the pandemic. These impacts have placed, and could continue to place limitations on our ability to execute our business plan and materially and adversely affect our business, financial condition and results of operations. Measures to contain a global pandemic, including COVID-19, may exacerbate other risks discussed in this "Risk Factors" section, any of which could have a material effect on us. The extent of the impact of the COVID-19 pandemic will depend on future developments, including the duration, severity and any resurgences of COVID-19, which are uncertain and cannot be predicted. ITEM 1C.    CYBERSECURITY. Our business operations and relationships with consumers, customers, employees and business partners rely heavily on information technology ("IT") systems and data. We also recognize the need to continually assess cybersecurity risk and evolve our management approach in the face of a rapidly and ever-changing environment. Accordingly, we aim to protect our business operations, including consumer, employee and confidential business records and information, against known and evolving cybersecurity threats. We have established processes for identifying, assessing, and managing material risks from cybersecurity threats using a systematic framework intended to protect the confidentiality, integrity, and availability of the Company's important IT systems and data. Oversight responsibility in this area is shared by the Board, its Audit Committee, and management. Management receives a cybersecurity and information security maturity assessment from a third-party assessor biannually to gain a third-party view of our cybersecurity and information security program. We have integrated the identification, assessment and management of cybersecurity risks into VF's enterprise risk management program, ensuring alignment with our overall approach to risk oversight by the Board, its committees, and management. The Board receives an annual update from VF senior leadership on cybersecurity and information security matters. The Audit Committee receives regular reports from VF senior leadership, including the CISO, on cyber threats, information security risks and controls, and other program updates, as well as enterprise risk management program updates. The Audit Committee regularly briefs the Board on these cybersecurity matters, and the Board also receives periodic briefings on cyber threats and best practices to enhance our directors' literacy on cybersecurity and information security issues. We place a high priority on securing confidential business information and the sensitive personal information we receive and store about our consumers, customers and employees. We have systems in place to securely receive and store that information and to detect, contain, and respond to cybersecurity incidents. We also have processes to manage risk from cybersecurity threats associated with third parties, including service providers, such as risk assessments and contractual requirements that include cybersecurity measures. In addition, we have a cybersecurity and information security training and compliance program in place to support our teams who work in areas of cybersecurity and information security risk. As part of this program, VF associates who have access to confidential information receive training at least annually on cybersecurity and information security. To respond to the threat of security breaches and cyberattacks, VF maintains a program, overseen by VF's CISO and CSBDO, that is designed to protect and preserve the confidentiality, integrity and continued availability of all information and systems owned by, or in the care of, VF. This program also includes a cyber incident response plan that provides processes for timely and accurate reporting of any material cybersecurity incident. Our CISO has over thirty years of experience as a cybersecurity professional, including experience as the CISO of two large retailers, and reports to our CSBDO, who leads our digital and technology functions and has nearly twenty years of experience enabling digital transformation for global companies. In addition, members of VF's information security, IT and privacy teams have broad experience and expertise in selecting, deploying and operating cybersecurity technologies, initiatives and processes around the world. VF also engages service providers, consultants and other third parties in connection with these processes to provide augmented cybersecurity capabilities, deliver strategic advice, provide assurance regarding the effectiveness of certain processes and assist in cybersecurity incident response efforts, as needed. VF also maintains a cybersecurity risk insurance policy. VF's IT systems have been subject to cybersecurity incidents in the past, including the previously disclosed December 2023 cybersecurity incident (the "Cyber Incident"). We believe the impacts of the Cyber Incident were not material to VF's financial condition or results of operations. In addition, we do not believe that risks from cybersecurity threats have materially affected VF's business strategy, financial condition, or results of operations. However, there is no guarantee that future cybersecurity incidents will not have a material impact in the future. Furthermore, processes designed to manage cyber risks, including those described herein, may not be effective. To learn more about risks from cybersecurity threats, as well as risks from the Cyber Incident, see the following risk factors in Item 1A of this Part I, under the headings, "VF relies significantly on information technology. Any inadequacy, interruption, integration failure or security failure of this technology could harm VF's ability to effectively operate its business," "VF is subject to data and information security and privacy risks that could negatively affect its business operations, results of operations or reputation," and "We experienced a significant data security breach in December 2023 which could result in a number of potentially unknown outcomes, including but not limited to, litigation, regulatory investigations or enforcement actions, or reputational harm, any of which could have a material impact on our business operations, financial condition, or results of operations." Additional risks and uncertainties not currently known or that may currently be deemed to be immaterial also may materially adversely affect VF's business strategy, financial condition, or results of operations. VF is seeking reimbursement of costs, expenses and losses stemming from the Cyber Incident by submitting claims to VF's cybersecurity insurers. The timing and amount of any such reimbursements are not known at this time.

Changes in U.S. or international social, political, regulatory and economic conditions or in laws and policies governing foreign trade, manufacturing, development and investment in the territories or countries where we currently sell our products or conduct our business, as well as any negative sentiment toward the U.S. as a result of such changes, could adversely affect our business. For example, the U.S. government has instituted changes in trade policies imposing higher tariffs on imports into the U.S. from China. Tariffs and other changes in U.S. trade policy have in the past and could continue to trigger retaliatory actions by affected countries, and certain foreign governments have instituted, considered or are considering imposing retaliatory measures on certain U.S. goods. VF, similar to many other multinational corporations, does a significant amount of business that would be impacted by changes to the trade policies of the U.S. and foreign countries (including governmental action related to tariffs, international trade agreements, or economic sanctions). Such changes have the potential to adversely impact the U.S. economy or certain sectors thereof, our industry and the global demand for our products, and as a result, could have a material adverse effect on our business, financial condition and results of operations. In addition, the Uyghur Forced Labor Prevention Act and other similar laws may lead to greater supply chain compliance costs and delays to us and to our suppliers and customers.

We are subject to taxation in the U.S. and numerous foreign jurisdictions. The current U.S. Presidential Administration has proposed a higher U.S. federal corporate tax rate and increased taxation of offshore income. Such action could have a material effect on our financial position and results of operations. In addition, many countries in the EU and around the globe have adopted and/or proposed changes to current tax laws. Further, organizations such as the Organisation for Economic Co-operation and Development ("OECD") have published action plans that, if adopted by countries where we do business, could increase our tax obligations and compliance costs in these countries. More specifically, the OECD has released rules to address tax challenges arising from the digitalization of the economy (i.e., Global Anti Base Erosion ("GloBE") model rules or "Pillar Two"). Certain members have already begun to enact at least portions of the model rules that are effective for tax years beginning on or after January 1, 2024. The ultimate outcome of these rules that are enacted into law in each country may result in a material financial impact to VF. Due to the large scale of our U.S. and international business activities, many of these enacted and proposed changes to the taxation of our activities could increase our worldwide effective tax rate and harm our financial position and results of operations.

Our business is subject to comprehensive national, state and local laws and regulations on a wide range of matters such as environmental, climate change, consumer protection, social, employment, privacy, safety and other matters. VF could be adversely affected by costs of compliance with or violations of those laws and regulations. In addition, while we do not control their business practices, we require third-party suppliers to operate in compliance with applicable laws, rules and regulations regarding working conditions, safety, employment practices, the environment and other areas. The costs of products purchased by VF from independent contractors could increase due to the costs of compliance by those contractors. Failure by VF or its third-party suppliers to comply with such laws and regulations, as well as with ethical, social, product, safety, labor and environmental standards, or related political considerations, could result in a material adverse effect on our financial condition, results of operations or cash flows, including resulting in interruption of finished goods shipments to VF, extensive remediation efforts, cancellation of orders by customers and termination of relationships. If VF or one of our independent contractors violates labor or other laws, implements improper labor or other business practices or takes other actions that are generally regarded as unethical, it could result in unwanted or negative media attention, jeopardize our reputation and potentially lead to various adverse consumer actions, including boycotts that may reduce demand for VF's merchandise. Damage to VF's reputation or loss of consumer confidence for any of these or other reasons could have a material adverse effect on VF's results of operations, financial condition and cash flows, as well as require additional resources to rebuild VF's reputation. Our operations are also subject to compliance with the U.S. Foreign Corrupt Practices Act (the "FCPA") and other anti-bribery laws applicable to our operations. Although we have policies and procedures to address compliance with the FCPA and similar laws, there can be no assurance that all of our employees, agents and other partners will not take actions in violation of our policies. Any such violation could subject us to sanctions or other penalties that could negatively affect our reputation, business and operating results.Climate change and increased focus by governmental and non-governmental organizations, customers, consumers and investors on sustainability issues, including those related to climate change and socially responsible activities, may adversely affect our business and financial results and damage our reputation.Climate change is occurring around the world and may impact our business in numerous ways. Failure to monitor, adapt, build resilience, and develop solutions against the physical and transitional impacts from climate change may lead to revenue loss, market share loss, business interruptions, physical damage to our facilities, and rising costs. Climate change could lead to increased volatility due to physical impacts of climate change on the supply chain, including the availability, quality and cost of raw materials. Increased frequency and severity of extreme weather events (such as storms and floods) could cause increased incidence of disruption to the production and distribution of our products, increased costs for our business, including maintenance, repair, utilities and insurance costs, and an adverse impact on consumer demand and spending. Investor advocacy groups, certain institutional investors, investment funds, other market participants, shareholders, and other stakeholders, including non-governmental organizations, employees, and consumers, have focused increasingly on social and environmental and related sustainability practices of companies. These parties have placed increased importance on the implications of the social cost of their investments and/or have higher expectations of corporate conduct. If our environmental, social and governance practices do not meet investor or other stakeholder expectations and standards, including related to climate change, sustainability, social impact, and human rights, and do not meet related regulations and expectations for increased transparency, which continue to evolve, our brands, reputation and employee retention may be negatively impacted. In addition, governmental and self-regulatory organizations, including the Securities and Exchange Commission ("SEC"), the New York Stock Exchange ("NYSE") and the European Financial Reporting Advisory Group ("EFRAG"), promulgate rapidly changing rules and regulations addressing environmental, social and governance topics. These rules and regulations continue to evolve in scope and complexity and have resulted in, and are likely to continue to result in, increased expenses and increased management time and attention spent complying with or meeting such rules and regulations. For example, collection of environmental, social and governance sanctions or other penalties that could negatively affect our reputation, business and operating results.

Fluctuations in the price, availability and quality of purchased finished goods or the fabrics, leather, cotton or other raw materials used therein could have a material adverse effect on VF's cost of goods sold or its ability to meet its customers' demands. Prices of purchased finished products may depend on wage rate increases required by legal or industry standards in Asia and other geographic areas where our independent contractors are located, as well as increasing freight costs from those regions. Inflation, including as a result of inflationary pressures related to global supply chain disruptions, can also have a long-term impact on us because increasing costs of materials and labor may impact our ability to maintain satisfactory margins. For example, the cost and availability of the materials that are used in our products, such as oil-related commodity prices and other raw materials, such as cotton, dyes and chemical and other costs, such as fuel, energy and utility costs, can fluctuate significantly as a result of inflation in addition to many other factors, including general economic conditions and demand, crop yields, energy prices, weather patterns, water supply quality and availability, public health issues (such as the COVID-19 pandemic) and speculation in the commodities markets. A significant portion of our products also are manufactured in other countries and declines in the values of the U.S. dollar may result in higher manufacturing costs. In the future, VF may not be able to offset cost increases with other cost reductions or efficiencies or to pass higher costs on to its customers. This could have a material adverse effect on VF's results of operations, liquidity and financial condition.VF's business is exposed to the risks of foreign currency exchange rate fluctuations. VF's hedging strategies may not be effective in mitigating those risks.A growing percentage of VF's total revenues (approximately 54% in Fiscal 2024) is derived from markets outside the U.S. Many of VF's international businesses operate in functional currencies other than the U.S. dollar. Changes in currency exchange rates affect the U.S. dollar value of the foreign currency-denominated amounts at which VF's international businesses purchase products, incur costs or sell products. In addition, for VF's U.S.-based businesses, the majority of products are sourced from independent contractors located in foreign countries. As a result, the costs of these products are affected by changes in the value of the relevant currencies. Furthermore, much of VF's licensing revenue is derived from sales in foreign currencies. Changes in foreign currency exchange rates could have an adverse impact on VF's financial condition, results of operations and cash flows.In accordance with our operating practices, we hedge a significant portion of our foreign currency transaction exposures arising in the ordinary course of business to reduce risks in our cash flows and earnings. Our hedging strategy may not be effective in reducing all risks, and no hedging strategy can completely insulate VF from foreign exchange risk. Further, our use of derivative financial instruments may expose VF to counterparty risks. Although VF only enters into hedging contracts with counterparties having investment grade credit ratings, it is possible that the credit quality of a counterparty could be downgraded or a counterparty could default on its obligations, which could have a material adverse impact on VF's financial condition, results of operations and cash flows.Our ability to obtain financing on favorable terms, if needed, could be adversely affected by geopolitical risk and volatility in the capital markets, including interest rate risks.Any disruption in the capital markets could limit the availability of funds or the ability or willingness of financial institutions to extend capital to VF in the future. Future volatility in the financial and credit markets, including adverse interest rates, could make it more difficult for us to obtain financing or refinance existing debt, on terms that would be acceptable to us. This disruption or volatility could adversely affect our liquidity and funding resources or significantly increase our cost of capital. An inability to access capital and credit markets may have an adverse effect on our business, results of operations, financial condition and cash flows. In addition, if the U.S. or another material country's government were to default on its debt obligations, the U.S. and global capital markets would be adversely affected and our liquidity and cost of capital would be adversely impacted. are manufactured in other countries and declines in the values of the U.S. dollar may result in higher manufacturing costs. In the future, VF may not be able to offset cost increases with other cost reductions or efficiencies or to pass higher costs on to its customers. This could have a material adverse effect on VF's results of operations, liquidity and financial condition.