X3 Holdings (XTKG) Risk Factors

The software application and technology service industry in China is developing rapidly and related technology trends are constantly evolving. This results in the frequent introduction of new services and significant price competition from our competitors. We may be unable to offset the effect of declining average sales prices through increased sales volumes and/or reductions in our costs. Furthermore, we may be forced to reduce the prices of our services in response to offerings made by our competitors. Finally, we may not have the same level of bargaining power we have enjoyed in the past when it comes to negotiating for the prices of our services, all of which could lead to reduced revenues and profitability.

we generate our revenues from the sales of our cryptocurrency mining machines. We may continue to generate a portion of our revenue from the sales of our cryptocurrency mining machines in the foreseeable future. If the market for cryptocurrency mining machines ceases to exist or diminishes significantly, we would experience a significant loss of sales, cancelation of orders, or loss of customers for our cryptocurrency mining machines. Adverse factors that may affect the market for cryptocurrency mining machines include that, for example, cryptocurrency fails to gain wide market acceptance and fails to become a generally accepted medium of exchange in the global economy due to certain inherent limitations to cryptocurrencies, thereby causing value loss or become worthless, which could adversely affect the sustainability of our business; or over time, the reward for cryptocurrency mining (in terms of the amount of cryptocurrency awarded) will decline, which may reduce the incentive to mine cryptocurrencies. Specifically, the amount of Bitcoin awarded for solving each block is designed to decline approximately every four years, with the most recent halving event occurred in May 2020, and the next halving event expected to take place in 2024, and Bitcoins are expected to be fully mined out by the year 2140. Therefore, Bitcoin mining machines may become less productive as the available rewards for Bitcoin mining decrease. If we cannot maintain the scale and profitability of our cryptocurrency mining machines, results of operations and ability to continue to grow will suffer. Furthermore, excess inventories, inventory markdowns, brand image deterioration and margin squeeze caused by declining economic returns for miners or pricing competition for our cryptocurrency mining machines could all have a material adverse impact on our business, financial condition and results of operations.

Our ability to retain existing customers and attract new customers depends on our ability to maintain a consistently high level of customer service and technical support. Our customers depend on our service support team to assist them in utilizing our services effectively and to help them to resolve issues quickly and to provide ongoing support. If we are unable to hire and train sufficient support resources or are otherwise unsuccessful in assisting our customers effectively, it could adversely affect our ability to retain existing customers and could prevent prospective customers from adopting to our services. We may be unable to respond quickly enough to accommodate short-term increases in demand for customer support. We also may be unable to modify the nature, scope and delivery of our customer support to compete with changes in the support services provided by our competitors. Increased demand for customer support, without corresponding revenue, could increase our costs and adversely affect our business, results of operations and financial condition. Our sales are highly dependent on our business reputation and on positive recommendations from customers. Any failure to maintain high-quality customer support, or a market perception that we do not maintain high-quality customer support, could adversely affect our reputation, business, results of operations and financial condition.

Complaints, litigation, regulatory actions or other negative publicity that arise from the advertising industry in general or our company in particular, including on the quality, effectiveness and reliability of privacy and security practices, and advertising content, even if inaccurate, could adversely affect our reputation and client confidence in, and the use of, our solutions. Harm to our reputation and client confidence can also arise for many other reasons, including employee misconduct, misconduct of our data and content distribution channel partners, data center providers or other counterparties, failure by these persons or entities to meet minimum quality standards or otherwise fulfill their contractual obligations or to comply with applicable laws and regulations. Additionally, negative publicity with respect to our data or content distribution channel partners could also affect our business and results of operation to the extent that we rely on these partners or if marketers or marketing agencies associate our company with such partners.

The Chinese government has significant authority to exert influence on our operations in mainland China in various aspects in accordance with laws and regulations. There are uncertainties regarding the interpretation and application of PRC laws and regulations from time to time, including, but not limited to, the laws and regulations governing our business, or the enforcement and performance of our contractual arrangements with borrowers in the event of the imposition of statutory liens, death, bankruptcy or criminal proceedings. Our ability to operate in China may be harmed by changes in its laws and regulations, including those relating to taxation, environmental regulations, land use rights, property and other matters. The central or local governments of these jurisdictions may impose new, stricter regulations or interpretations of existing regulations that would require additional expenditures and efforts on our part to ensure our compliance with such regulations or interpretations. Accordingly, government actions in the future, including any decision not to continue to support recent economic reforms and to return to a more centrally planned economy or regional or local variations in the implementation of economic policies, could have a significant effect on economic conditions in China or particular regions thereof, and could require us to divest ourselves of any interest we then hold in Chinese properties. Changes in China's economic, political or social conditions, or government policies could materially and adversely affect our business, financial condition, and results of operations. We cannot predict whether the resulting changes will have any adverse effect on our current or future business, financial condition or results of operations. Despite these economic reforms and measures, the PRC government continues to play a significant role in regulating industrial development, allocation of natural and other resources, production, pricing and management of currency, and there can be no assurance that the PRC government will continue to pursue a policy of economic reform or that the direction of reform will continue to be market friendly. Our ability to successfully expand business operations in the PRC depends on a number of factors, including macro-economic and other market conditions. Demand for our future products in the Chinese market and our business, financial condition and results of operations may be materially and adversely affected by the following factors, which might be affected by a number of variables that are beyond our control: - changes in political or social conditions of the PRC;- changes in laws, regulations, and administrative directives or the interpretation thereof;- measures which may be introduced to control inflation or deflation; and - changes in the rate or method of taxation. The General Office of the Central Committee of the Communist Party of China and the General Office of the State Council jointly issued the Opinions on Severely Cracking Down on Illegal Securities Activities. According to Law, (the "Opinions"), which was made available to the public on July 6, 2021. The Opinions emphasized the need to strengthen the administration over illegal securities activities, and the need to strengthen the supervision over overseas listings by Chinese companies. Effective measures, such as promoting the construction of relevant regulatory systems, will be taken to deal with the risks and incidents of China-concept overseas listed companies. As of the date of this Annual Report, we have not received any inquiry, notice, warning, or sanctions from PRC government authorities in connection with the Opinions. On June 10, 2021, the Standing Committee of the National People's Congress of China (the "SCNPC"), promulgated the PRC Data Security Law, which took effect in September 2021. The PRC Data Security Law imposes data security and privacy obligations on entities and individuals carrying out data activities, and introduces a data classification and hierarchical protection system based on the importance of data in economic and social development, and the degree of harm it will cause to national security, public interests, or legitimate rights and interests of individuals or organizations when such data is tampered with, destroyed, leaked, illegally acquired or used. The PRC Data Security Law also provides for a national security review procedure for data activities that may affect national security and imposes export restrictions on certain data an information. In early July 2021, regulatory authorities in China launched cybersecurity investigations with regard to several China-based companies that are listed in the United States. The Chinese cybersecurity regulator announced on July 2, 2021 that it had begun an investigation of Didi Global Inc. (NYSE: DIDI) and two days later ordered that the company's app be removed from smartphone app stores. On July 5, 2021, the Chinese cybersecurity regulator launched the same investigation on two other Internet platforms, China's Full Truck Alliance of Full Truck Alliance Co. Ltd. (NYSE: YMM) and KANZHUN LIMITED (Nasdaq: BZ). On July 24, 2021, the General Office of the Communist Party of China Central Committee and the General Office of the State Council jointly released the Guidelines for Further Easing the Burden of Excessive Homework and Off-campus Tutoring for Students at the Stage of Compulsory Education, pursuant to which foreign investment in such firms via mergers and acquisitions, franchise development, and variable interest entities are banned from this sector. On August 17, 2021, the State Council promulgated the Regulations on the Protection of the Security of Critical Information Infrastructure (the "Regulations"), which took effect on September 1, 2021. The Regulations supplemented and specified the provisions on the security of critical information infrastructure as stated in the Cybersecurity Review Measures. The Regulations provide, among others, that protection department of certain industry or sector shall notify the operator of the critical information infrastructure in time after the identification of certain critical information infrastructure. On August 20, 2021, the SCNPC promulgated the Personal Information Protection Law of the PRC (the "Personal Information Protection Law"), which took effect in November 2021. As the first systematic and comprehensive law specifically for the protection of personal information in the PRC, the Personal Information Protection Law provides, among others, that (i) an individual's consent shall be obtained to use sensitive personal information, such as biometric characteristics and individual location tracking; (ii) personal information operators using sensitive personal information shall notify individuals of the necessity of such use and impact on the individual's rights; and (iii) where personal information operators reject an individual's request to exercise his or her rights, the individual may file a lawsuit with a People's Court. As such, the Company's business segments may be subject to various government and regulatory interference in the provinces in which they operate. The Company could be subject to regulations by various political and regulatory entities, including various local and municipal agencies and government sub-divisions. The Company may incur increased costs necessary to comply with the existing and newly adopted laws and regulations or penalties for any failure to comply. Additionally, the governmental and regulatory interference could significantly limit or completely hinder our ability to offer or continue to offer securities to investors and cause the value of such securities to significantly decline or be worthless. Furthermore, we are required to file with the CSRC within 3 working days after the subsequent securities offering is completed and we might face warnings or fines if we fail to fulfill related filing procedure. Although there are still uncertainties regarding the interpretation and implementation of relevant regulatory guidance, our operations could be adversely affected, directly or indirectly, by existing or future laws and regulations relating to its business or industry. On February 17, 2023, the China Securities Regulatory Commission, or the CSRC, promulgated Trial Administrative Measures of the Overseas Securities Offering and Listing by Domestic Companies (the "Overseas Listing Trial Measures") and five relevant guidelines which became effective on March 31, 2023. The Overseas Listing Trial Measures regulate both direct and indirect overseas offering and listing by PRC domestic companies by adopting a filing-based regulatory regime. The Overseas Listing Trial Measures provide that if the issuer both meets the following criteria, the overseas securities offering and listing conducted by such issuer will be deemed as indirect overseas offering subject to the filing procedure set forth under the Overseas Listing Trial Measures: (i) 50% or more of the issuer's operating revenue, total profit, total assets or net assets as documented in its audited consolidated financial statements for the most recent fiscal year is accounted for by the issuer's domestic companies; and (ii) the issuer's business activities are substantially conducted in mainland China, or its principal place of business are located in mainland China, or the senior managers in charge of its business operations and management are mostly Chinese citizens or domiciled in mainland China. The determination as to whether or not an overseas offering and listing by domestic companies is indirect, shall be made on a substance over form basis. On the same day, the CSRC also held a press conference for the release of the Trial Measures and issued the Notice on Administration for the Filing of Overseas Offering and Listing by Domestic Companies, which, among others, clarifies that on or prior to the effective date of the Overseas Listing Trial Measures, domestic companies that have been completed their overseas offering and listing, which are called as "the stock enterprises". As a stock enterprise, we shall file with the CSRC within 3 working days after the subsequent securities offering is completed. The CSRC shall order rectification, issue warnings and impose fines to the company fails to fulfill filing procedure as stipulated in Overseas Listing Trial Measures. In addition, the CSRC published the Provisions on Strengthening Confidentiality and Archives Administration in Respect of Overseas Issuance and Listing of Securities by Domestic Enterprises on February 24, 2023, which became effective on March 31, 2023. The CSRC stipulates domestic enterprises, securities companies and securities service agencies which provide the corresponding services in the course of overseas issuance and listing of domestic enterprises, shall strengthen legal awareness of confidentiality of State secrets and archives administration, establish a sound system for confidentiality and archives work, adopt the requisite measures to perform the responsibilities of confidentiality and archives administration. As there are still uncertainties regarding the interpretation and implementation of such regulatory guidance, we cannot assure you that we will always be able to comply with new regulatory requirements relating to our future overseas capital-raising activities. We may become subject to more stringent requirements with respect to matters including cross-border investigation and enforcement of legal claims. In addition, on December 28, 2021, the CAC, the National Development and Reform Commission ("NDRC"), and several other administrations jointly issued the revised Measures for Cybersecurity Review (the "Revised Review Measures"), which became effective and replaced the Measures for Cybersecurity Review on February 15, 2022. According to the Revised Review Measures, if an "online platform operator" that is in possession of personal data of more than one million users intends to list in a foreign country, it must apply for a cybersecurity review. Based on a set of Q&A published on the official website of the State Cipher Code Administration in connection with the issuance of the Revised Review Measures, an official of the said administration indicated that an online platform operator should apply for a cybersecurity review prior to the submission of its listing application with non-PRC securities regulators. Given the recency of the issuance of the Revised Review Measures, there is a general lack of guidance and substantial uncertainties exist with respect to their interpretation and implementation. For example, it is unclear whether the requirement of cybersecurity review applies to follow-on offerings by an "online platform operator" that is in possession of personal data of more than one million users where the offshore holding company of such operator that is already listed overseas. Furthermore, the CAC released the draft of the Regulations on Network Data Security Management (the "Draft Regulations") in November 2021 for public consultation, which among other things, stipulates that a data processor listed overseas must conduct an annual data security review by itself or by engaging a data security service provider and submit the annual data security review report for a given year to the municipal cybersecurity department before January 31 of the following year. On July 7, 2022, CAC promulgated Measures for the Security Assessment of Outbound Data Transfers, (the "Data Cross Border Measures"), which became effective on September 1, 2022 and provide that a data processor is required to apply for security assessment for cross-border data transfer in any of the following circumstances: (i) where a data processor provides critical data to offshore entities and individuals; (ii) where a CIIO or a data processor which processes personal information of more than one million individuals provides personal information to offshore entities and individuals; (iii) where a data processor has provided personal information in the aggregate of more than 100,000 individuals or sensitive personal information of more than 10,000 individuals in total to offshore entities and individuals since January 1 of the previous year; or (iv) other circumstances prescribed by the CAC for which declaration for security assessment for cross-board transfer of data is required. Furthermore, on August 31, 2022, the CAC promulgated the Guidelines for filing the Outbound Data Transfer Security Assessment (Version 1), which provides that acts of outbound data transfer include (i) overseas transmission and storage by data processors of data generated during mainland China domestic operations; (ii) the access to, use, download or export of the data collected and generated by data processors and stored in mainland China by overseas institutions, organizations or individuals; and (iii) other acts as specified by the CAC. The Revised Review Measures and the Draft Regulations remain unclear on whether the relevant requirements will be applicable to companies, which have been listed in the United States, such as us. They also remain uncertain whether the future regulatory changes would impose additional restrictions on companies like us. We cannot predict the impact of the Revised Review Measures and the Draft Regulations, if any, at this stage, and we will closely monitor and assess any development in the rule-making process. We have been closely monitoring the development in the regulatory landscape in China, particularly regarding the requirement of approvals, including on a retrospective basis, from the CSRC, the CAC or other PRC authorities, as well as regarding any annual data security review or other procedures that may be imposed on us. If any approval, review or other procedure is in fact required, we are not able to guarantee that we will obtain such approval or complete such review or other procedure timely or at all. For any approval that we may be able to obtain, it could nevertheless be revoked and the terms of its issuance may impose restrictions on our operations and offerings relating to our securities.

The Enterprise Income Tax Law provides that enterprises established outside of China whose "de facto management bodies" are located in China are considered PRC tax resident enterprises and will generally be subject to the uniform 25% PRC enterprise income tax rate on their global income. In addition, a tax circular issued by the State Administration of Taxation on April 22, 2009 regarding the standards used to classify certain Chinese-invested enterprises established outside of China as resident enterprises clarified that dividends and other income paid by such resident enterprises will be considered to be PRC source income, subject to PRC withholding tax, currently at a rate of 10%, when recognized by non-PRC enterprise shareholders. This recent circular also subjects such resident enterprises to various reporting requirements with the PRC tax authorities. Under the implementation rules to the Enterprise Income Tax Law, a de facto management body is defined as a body that has material and overall management and control over the manufacturing and business operations, personnel and human resources, finances and other assets of an enterprise. In addition, the tax circular mentioned above details that certain Chinese-invested enterprises will be classified as resident enterprises if the following are located or resident in China: senior management personnel and departments that are responsible for daily production, operation and management; financial and personnel decision making bodies; key properties, accounting books, company seal, and minutes of board meetings and shareholders' meetings; and half or more of the senior management or directors having voting rights. Currently, there are no detailed rules or precedents governing the procedures and specific criteria for determining de facto management bodies which are applicable to our company or our overseas subsidiaries. We do not believe that we meet all of the conditions required for PRC resident enterprise. The Company is a company incorporated outside the PRC. As a holding company, its key assets are its ownership interests in its subsidiaries, and its key assets are located, and its records (including the resolutions of its Board and the resolutions of its shareholders) are maintained, outside the PRC. For the same reasons, we believe our other entities outside of China are not PRC resident enterprises either. However, the tax resident status of an enterprise is subject to determination by the PRC tax authorities and uncertainties remain with respect to the interpretation of the term "de facto management body". There can be no assurance that the PRC government will ultimately take a view that is consistent with ours. However, if the PRC tax authorities determine that we are a PRC resident enterprise for enterprise income tax purposes, we may be required to withhold a 10% withholding tax from dividends we pay to our shareholders that are non-resident enterprises. Such 10% tax rate could be reduced by applicable tax treaties or similar arrangements between China and the jurisdiction of our shareholders. For example, for shareholders eligible for the benefits of the tax treaty between China and Hong Kong, the tax rate is reduced to 5% for dividends if relevant conditions are met. In addition, non-resident enterprise shareholders may be subject to a 10% PRC tax on gains realized on the sale or other disposition of ordinary shares, if such income is treated as sourced from within the PRC. It is unclear whether our non-PRC individual shareholders would be subject to any PRC tax on dividends or gains obtained by such non-PRC individual shareholders in the event we are determined to be a PRC resident enterprise. If any PRC tax were to apply to such dividends or gains, it would generally apply at a rate of 20% unless a reduced rate is available under an applicable tax treaty. However, it is also unclear whether non-PRC shareholders of the Company would be able to claim the benefits of any tax treaties between their country of tax residence and the PRC in the event that the Company is treated as a PRC resident enterprise. Provided that our Cayman Islands holding company, we, are not deemed to be a PRC resident enterprise, our shareholders who are not PRC residents will not be subject to PRC income tax on dividends distributed by us or gains realized from the sale or other disposition of our shares. However, under Circular 7, where a non-resident enterprise conducts an "indirect transfer" by transferring taxable assets, including, in particular, equity interests in a PRC resident enterprise, indirectly by disposing of the equity interests of an overseas holding company, the non-resident enterprise, being the transferor, or the transferee or the PRC entity which directly owned such taxable assets may report to the relevant tax authority such indirect transfer. Using a "substance over form" principle, the PRC tax authority may disregard the existence of the overseas holding company if it lacks a reasonable commercial purpose and was established for the purpose of reducing, avoiding or deferring PRC tax. As a result, gains derived from such indirect transfer may be subject to PRC enterprise income tax, and the transferee would be obligated to withhold the applicable taxes, currently at a rate of 10% for the transfer of equity interests in a PRC resident enterprise. We and our non-PRC resident investors may be at risk of being required to file a return and being taxed under Circular 7, and we may be required to expend valuable resources to comply with Bulletin 37, or to establish that we should not be taxed under Circular 7 and Bulletin 37. In addition to the uncertainty in how the new resident enterprise classification could apply, it is also possible that the rules may change in the future, possibly with retroactive effect. If we are required under the Enterprise Income Tax law to withhold PRC income tax on our dividends payable to our foreign shareholders, or if you are required to pay PRC income tax on the transfer of our shares under the circumstances mentioned above, the value of your investment in our shares may be materially and adversely affected. These rates may be reduced by an applicable tax treaty, but it is unclear whether, if we are considered a PRC resident enterprise, holders of our shares would be able to claim the benefit of income tax treaties or agreements entered into between China and other countries or areas. Any such tax may reduce the returns on your investment in our shares.

We are subject to complex and evolving statutory and regulatory requirements relating to cybersecurity, information security, privacy and data protection. Regulatory authorities in mainland China have enhanced data protection and cybersecurity regulatory requirements. These laws continue to develop, and the PRC government may adopt other rules and restrictions in the future. Non-compliance could result in penalties or other significant legal liabilities. The PRC Cybersecurity Law, which took effect in June 2017, created China's first national-level data protection framework for "network operators." It is relatively new and subject to interpretations by the regulator. It requires, among other things, that network operators take security measures to protect the network from unauthorized interference, damage and unauthorized access and prevent data from being divulged, stolen or tampered with. Network operators are also required to collect and use personal information in compliance with the principles of legitimacy, properness and necessity, and strictly within the scope of authorization by the subject of personal information unless otherwise prescribed by laws or regulations. Significant capital, managerial and human resources are required to comply with legal requirements, enhance information security and address any issues caused by security failures. The Measures for Cybersecurity Review promulgated in April 2020 provides that critical information infrastructure operators must pass a cybersecurity review when purchasing network products and services which do or may affect national security. Pursuant to the Revised Cybersecurity Review Measures that took effect on February 15, 2022, operators of critical information infrastructure that intend to purchase network products and services that affect or may affect national security must apply for a cybersecurity review. However, as advised by our PRC counsel, as such new laws, regulations and rules were only recently promulgated, their interpretation and implementation shall be determined in accordance with the laws and regulations in force at the time. As of the date of this Annual Report, we have not been involved in any investigations or become subject to a cybersecurity review initiated by the CAC, and we have not received any inquiry, notice, warning, sanctions in such respect or any regulatory objections to our listing status from the CAC. The Regulations on Security Protection of Critical Information Infrastructure that took effect on September 1, 2021 defines critical information infrastructure and its operators, who must adhere to specific security requirements. As this regulation is newly issued, the governmental authorities, including the administration departments for each critical industry and sector, may further formulate detailed rules or explanations with respect to the interpretation and implementation of this regulation. The PRC Personal Information Protection Law, effective since November 2021, sets stringent rules for processing personal and sensitive information, which significantly affects our data handling practices. Some information we collect, such as location and mobile numbers, may be deemed to be sensitive personal information under the Personal Information Protection Law. As the interpretation and implementation of the Personal Information Protection Law shall be determined in accordance with the laws and regulations in force at the time, we cannot assure you that we will be able to comply with the Personal Information Protection Law in all respects, or that regulatory authorities will not order us to rectify or terminate our current practice of collecting and processing sensitive personal information. We may also become subject to fines and other penalties under the Personal Information Protection Law, which may have material adverse effect on our business, operations and financial condition. On November 14, 2021, the CAC published a discussion draft of Regulations on the Administration of Cyber Data Security for public comments. These measures, if and when formalized, could impose additional cybersecurity review requirements for data processors, especially those involving national security concerns. Based on the facts that, (i) the Revised Cybersecurity Review Measures were newly adopted and the discussion draft of Regulations on the Administration of Cyber Data Security have not been formally adopted, and the implementation and interpretation of both are subject to uncertainties, and (ii) we have not been involved in any investigations on cyber security review made by the CAC on such basis, nor have we received any inquiries, notices, warnings, or sanctions from any competent PRC regulatory authorities related to cybersecurity, data security and personal data protection, we believe, as of the date of this annual report, we are in compliance with the existing PRC laws and regulations on cybersecurity, data security and personal data protection issued by the CAC. The PRC government authorities also further enhanced the supervision and regulation of cross-border data transmission. On July 7, 2022, the CAC promulgated the Measures for the Security Assessment of Cross-border Data Transfer, which took effect on September 1, 2022. In accordance with such measures, data processors will be subject to security assessment conducted by the CAC prior to any cross-border transfer of data if the transfer involves (i) important data; (ii) personal information transferred overseas by operators of critical information infrastructure or a data processor that has processed personal data of more than one million persons; (iii) personal information transferred overseas by a data processor which has already provided personal data of 100,000 persons or sensitive personal data of 10,000 persons overseas since January 1 of the preceding year; or (iv) other circumstances as required by the CAC. In addition, any cross-border data transfer activities conducted in violation of the Measures for the Security Assessment of Cross-border Data Transfer before the effectiveness of such measures are required to be rectified within six months of the effectiveness date thereof. Since these measures are relatively new, there are still substantial uncertainties with respect to the interpretation and implementation of these measures in practice and how they will affect our business operation. In addition, internet information in mainland China is regulated from a national security standpoint. According to the PRC National Security Law, institutions and mechanisms for national security review and administration will be established to conduct national security review on key technologies and IT products and services that affect or may affect national security. The PRC Data Security Law took effect in September 2021 and provides for a security review procedure for the data activities that may affect national security. It also introduces a data classification and hierarchical protection system based on the importance of data in economic and social development, as well as the degree of harm it will cause to national security, public interests, or legitimate rights and interests of individuals or organizations when such data is tampered with, destroyed, leaked, or illegally acquired or used. The appropriate level of protection measures is required to be taken for each respective category of data. While we take measures to comply with applicable data privacy and protection laws and regulations, we cannot guarantee the effectiveness of the measures undertaken and those implemented by us. In addition, we could be subject to new laws or regulations or the interpretation and application of existing consumer and data protection laws or regulations. These new laws, regulations and interpretations are often uncertain and in flux and may be inconsistent with our practices. We cannot guarantee that we will be able to maintain compliance at all times, especially in light of the fact that laws and regulations on cybersecurity and data protection are evolving. Complying with these new or additional laws, regulations and requirements could cause us to incur substantial costs or require us to change our business practices in a manner materially adverse to our business.

Our gross margin and profitability are significantly impacted by our utilization levels of human resources as well as our ability to increase our productivity levels. We have expanded our operations in recent years through organic growth, which has resulted in a significant increase in our headcount and fixed overhead costs. We may face difficulties maintaining high levels of utilization. Although we try to use all commercially reasonable efforts to accurately estimate service and resource requirements from our customers, we may overestimate or underestimate, which may result in unexpected cost and strain or redundancy of our human capital and adversely impact our utilization levels. In addition, some of our professionals are trained to work for specific customers or on specific projects and some of our sales are dedicated to specific customers or specific projects. Our ability to continually increase our productivity levels depends significantly on our ability to recruit, train, develop and retain high-performing professionals and project staffs appropriately and optimize our mix of services and delivery methods. If we experience a slowdown or stoppage of service for any customer or on any project for which we have dedicated professionals or project staffs, we may not be able to efficiently reallocate these professionals and project staffs to other customers and projects to keep their utilization and productivity levels high. If we are not able to maintain high resource utilization levels without corresponding cost reductions or price increases, our profitability will suffer.

Our future success heavily depends upon the continued services of our senior executives and other key employees. If one or more of our senior executives or key employees are unable or unwilling to continue in their present positions, it could disrupt our business operations, and we may not be able to replace them easily or at all. In addition, competition for senior executives and key personnel in our industry is intense, and we may be unable to retain our senior executives and key personnel or attract and retain new senior executive and key personnel in the future, in which case our business may be severely disrupted, and our financial condition and results of operations may be materially and adversely affected. If any of our senior executives or key personnel joins a competitor or forms a competing company, we may lose customers, suppliers, know-how and key professionals and staff members to them. Also, if any of our business development managers, who generally keep a close relationship with our customers, joins a competitor or forms a competing company, we may lose customers, and our revenues may be materially and adversely affected. Additionally, there could be unauthorized disclosure or use of our technical knowledge, practices or procedures by such personnel. All of our executives and key personnel have entered into employment agreements with us that contain non-competition provisions, non-solicitation and nondisclosure covenants. However, if any dispute arises among our executive officers, key personnel and us, such non-competition, non-solicitation and nondisclosure provisions might not provide effective protection to us, especially in China, where most of these executive officers and key employees reside, in light of the uncertainties with respect to the interpretation and enforcement of PRC laws, rules and regulations.

As we rely on limited numbers of third-party foundry partners, we cannot guarantee that they will be able to meet our manufacturing requirements. The ability of our third-party foundry partners to provide us with foundry services is limited by their technology migration, available capacity, existing obligations and global semiconductor supply. In particular, we have experienced a global shortage in semiconductors beginning 2021, which may have adversely impacted the production activity and capacity of our third-party foundry partners. If these third-party foundry partners fail to succeed in their technology migration or secure enough semiconductors, they will not be able to deliver to us qualified products in a sufficient amount, which will significantly affect our technological advancement and shipment of cryptocurrency mining machines. This could in turn result in lost sales and have a material adverse effect on our relationships with our customers and on our business and financial condition. In addition, we do not have a guaranteed level of production capacity from our third-party foundry partners. We do not have long-term contracts with them, and we source our supplies on a purchase order basis and prepay the purchase amount. As a result, we depend on our third-party foundry partners to allocate to us a portion of their manufacturing capacity sufficient to meet our needs, to produce products of acceptable quality and at acceptable final test yields and to deliver those products to us on a timely basis and at acceptable prices. If our third-party foundry partners raise their prices or are unable to meet our required capacity for any reason, such as shortages or delays in the shipment of semiconductor equipment, or if our business relationships with them deteriorate, we may not be able to obtain the required capacity and would have to seek alternative foundries, which may not be available on commercially reasonable terms, or at all. Moreover, it is possible that other customers of our third-party foundry partners that are larger and/or better financed than we are, or that have long-term contracts with them, may receive preferential treatment in terms of capacity allocation or pricing. In addition, if we do not accurately forecast our capacity needs, our third-party foundry partners may not have available capacity to meet our immediate needs or we may be required to pay higher costs to fulfill those needs, either of which could materially and adversely affect our business, operating results or financial condition. Other risks associated with our dependence on a few third-party foundry partners include limited control over delivery schedules and quality assurance, lack of capacity in periods of excess demand, unauthorized use of our intellectual property and limited ability to manage inventory and parts. Moreover, if any of our third-party foundry partners suffers any damage to its facilities, suspends manufacturing operations, loses benefits under material agreements, experiences power outages or computer virus attacks, lacks sufficient capacity to manufacture our products, encounters financial difficulties, is unable to secure necessary raw materials from its suppliers or suffers any other disruption or reduction in efficiency, we may encounter supply delays or disruptions.

To operate our business successfully and meet our customers' demands and expectations, we must maintain a certain level of finished goods inventory to ensure immediate delivery when required. Furthermore, we are required to maintain an appropriate level of inventory of parts and components for our production. However, forecasts are inherently uncertain. If our forecasted demand is lower than actual demand, we may not be able to maintain an adequate inventory level of our finished goods or produce our products in a timely manner, and we may lose sales and market share to our competitors. On the other hand, we may also be exposed to increased inventory risks due to accumulated excess inventory of our products or raw materials, parts and components for our products. Excess inventory levels may lead to increases in inventory holding costs, risks of inventory obsolescence and write-down.

The software application and technology service industry are particularly sensitive to the economic environment, both in China and globally, and tend to decline during general economic downturns. Accordingly, our results of operations, financial condition and prospects are subject to a significant degree to the economic environment, especially for regions in which we and our customers operate. During an economic downturn, our customers may cancel, reduce or defer their technology spending or change their technology strategy, and reduce their purchases from us. The recent global economic slowdown, any future economic slowdown, and the resulting diminution in technology spending, could also lead to increased pricing pressure from our customers. The trade war between the U.S. and China which may lead to higher percentage of tariff to be placed on Chinese and American goods and services could also lead to a reduction of import and export volume for some of our customers resulting in reduced purchases of our services from these customers. The occurrence of any of these events could materially and adversely affect our revenues and results of operations.

If we make errors in the course of delivering services to our customers or fail to consistently meet service requirements of a customer, these errors or failures could disrupt the customer's business, which could result in a reduction in our net revenues or a claim for substantial damages against us. In addition, a failure or inability to meet a contractual requirement could seriously damage our reputation and affect our ability to attract new business. The services we provide are often critical to our customers' businesses. We generally provide customer support after our customized application is delivered. Certain of our customer contracts require us to comply with security obligations including maintaining system security, ensuring our system is virus-free, maintaining business continuity procedures, and verifying the integrity of employees that work with our customers by conducting background checks. Any failure in a customer's system or breach of security relating to the services we provide to the customer could damage our reputation or result in a claim for substantial damages against us. Any significant failure of our systems could impede our ability to provide services to our customers, have a negative impact on our reputation, cause us to lose customers, reduce our revenues and harm our business.

The PRC government imposes control on the convertibility of the RMB into foreign currencies and, in certain cases, the remittance of currency out of China. We receive a majority of our revenues in Renminbi, which currently is not a freely convertible currency. Restrictions on currency conversion imposed by the PRC government may limit our ability to use revenues generated in Renminbi to fund our expenditures denominated in foreign currencies or our business activities outside China. Under China's existing foreign exchange regulations, Renminbi may be freely converted into foreign currency for payments relating to current account transactions, which include among other things dividend payments and payments for the import of goods and services, by complying with certain procedural requirements. Our PRC subsidiary is able to pay dividends in foreign currencies to us without prior approval from SAFE, by complying with certain procedural requirements. Our PRC subsidiary may also retain foreign currency in their respective current account bank accounts for use in payment of international current account transactions. However, we cannot assure you that the PRC government will not take measures in the future to restrict access to foreign currencies for current account transactions. Conversion of Renminbi into foreign currencies, and of foreign currencies into Renminbi, for payments relating to capital account transactions, which principally includes investments and loans, generally requires the approval of SAFE and other relevant PRC governmental authorities. Restrictions on the convertibility of the Renminbi for capital account transactions could affect the ability of our PRC subsidiary to make investments overseas or to obtain foreign currency through debt or equity financing, including by means of loans or capital contributions from us.

We spend substantial amounts of time and money to research and develop new enhancements of our services to incorporate additional features, improve functionality or other enhancements in order to meet our customers' rapidly evolving demands. When we develop an enhancement to our services, we typically incur expenses and expend resources upfront to develop, market and promote the new enhancements. Therefore, when we develop and introduce new enhancements to our services, they must achieve high levels of market acceptance in order to justify the amount of our investment in developing and bringing them to market. If our new enhancements to our services do not garner widespread market adoption and implementation, our growth prospects, future financial results and competitive position could suffer.

We rely on a combination of patent, copyright, trademark, software registration, anti-unfair competition and trade secret laws, as well as confidentiality agreements and other methods to protect our intellectual property rights. To protect our trade secrets and other proprietary information, employees, customers, subcontractors, consultants, advisors and collaborators are required to enter into confidential agreements. These agreements might not provide effective protection for the trade secrets, know-how or other proprietary information in the event of any unauthorized use, misappropriation or disclosure of such trade secrets, know-how or other proprietary information. Our patent applications may not issue as patents or may not issue as patents that provide meaningful protection against third parties. Policing unauthorized use of proprietary technology is difficult and expensive. The steps we have taken may be inadequate to prevent the misappropriation of our proprietary technology. Reverse engineering, unauthorized copying, other misappropriation, or negligent or accidental leakage of our proprietary technologies could enable third parties to benefit from our technologies without obtaining our consent or paying us for doing so, which could harm our business and competitive position. Though we are not currently involved in any litigation with respect to intellectual property, we may need to enforce our intellectual property rights through litigations. Litigations relating to our intellectual property may not prove successful and might result in substantial costs and diversion of resources and management attention.

Our continued growth depends in part on the ability of our existing customers and new customers to access our SaaS services, at any time and within an acceptable amount of time. We may in the future experience service disruptions, outages and other performance problems due to a variety of factors, including infrastructure changes, human or software errors or capacity constraints. In some instances, we may not be able to identify the cause or causes of these performance problems within an acceptable period of time. It may become increasingly difficult to maintain and improve our performance as our SaaS services become more complex. If our services are unavailable or if our customers are unable to access features of our services within a reasonable amount of time or at all, our business would be negatively affected. We currently provide our SaaS services via designated data centers and we intend to outsource our cloud infrastructure to commercially available cloud infrastructure as a service providers ("IaaS"), which can host our services. Our customers need to be able to access our services at any time, without interruption or degradation of performance. IaaS providers run their own platforms that we access, and we are, therefore, vulnerable to service interruptions. We expect that in the future we may experience interruptions, delays and outages in service and availability from time to time due to a variety of factors, including infrastructure changes, human or software errors, website hosting disruptions and capacity constraints. Capacity constraints could be due to a number of potential causes including technical failures, natural disasters, fraud or security attacks. In addition, if our security, or that of IaaS providers, is compromised, our services are unavailable or our customers are unable to use our services within a reasonable amount of time or at all, then our business, results of operations and financial condition could be adversely affected. In some instances, we expect that we may not be able to identify the cause or causes of these performance problems within a period of time acceptable to our customers. It may become increasingly difficult to maintain and improve our service performance, especially during peak usage times, as the features of our services become more complex and the usage of our services increases. Any of the above circumstances or events may harm our reputation, cause customers to stop using our services, impair our ability to increase revenue from existing customers, impair our ability to grow our customer base and otherwise harm our business, results of operations, and financial condition.