Risk Factors Dashboard
Once a year, publicly traded companies issue a comprehensive report of their business, called a 10-K. A component mandated in the 10-K is the ‘Risk Factors’ section, where companies disclose any major potential risks that they may face. This dashboard highlights all major changes and additions in new 10K reports, allowing investors to quickly identify new potential risks and opportunities.
View risk factors by ticker
Search filings by term
Risk Factors - EVLV
-New additions in green
-Changes in blue
-Hover to see similar sentence in last filing
ITEM 1A. RISK FACTORS
Our cybersecurity risk management program is integrated into our overall enterprise risk management program, and shares common methodologies, reporting channels and governance processes that apply across the enterprise risk management program to other legal, compliance, strategic, operational, and financial risk areas. We have not identified risks from known cybersecurity threats, including as a result of any prior cybersecurity incidents, that have materially affected us, including our operations, business strategy, results of operations, or financial condition. We face certain ongoing risks from cybersecurity threats that, if realized, are reasonably likely to materially affect us, including our operations, business strategy, results of operations, or financial condition. See “Risk Factors – Because our products collect and store visitor and related information and images, domestic and international privacy and cybersecurity concerns, and other laws and regulations, could result in additional costs and liabilities to us or inhibit sales of our products.”
The Audit Committee reports to the full Board regarding its activities, including those related to cybersecurity. Our Vice President of Cybersecurity and Information Technology is responsible for assessing and managing our material risks from cybersecurity threats and has primary responsibility for our overall cybersecurity risk management program and supervises both our internal cybersecurity personnel and our retained external cybersecurity consultants.Our Vice President of Cybersecurity and Information Technology has served in that position since 2022, and has extensive experience assessing and managing cybersecurity programs and technology risk. Prior to joining Evolv, our Vice President of Cybersecurity and Information Technology was the Leader of Global Information Security for New Balance. Our Vice President of Cybersecurity and Information Technology supervises efforts to prevent, detect, mitigate, and remediate cybersecurity risks and incidents through various means, which may include briefings from internal security personnel; threat intelligence and other information obtained from governmental, public or private sources, including external consultants engaged by us; and alerts and reports produced by security tools deployed in the IT environment. 
Our business involves significant risks and uncertainties, some of which are described below. You should carefully consider the risks and uncertainties described below as well as in Management's Discussion and Analysis of Financial Condition and Results of Operations, Legal Proceedings, and Controls and Procedures and of this Annual Report on Form 10-K. The realization of any of these risks and uncertainties could have a material adverse effect on our reputation, business, financial condition, results of operations, growth, and future prospects as well as our ability to accomplish our strategic objectives. The realization of any of these risks and uncertainties could have a material adverse effect on our reputation, business, financial condition, results of operations, growth and future prospects as well as our ability to accomplish our strategic objectives. In that event, the market price of our common stock could decline and you could lose part or all of your investment.
Summary Risk Factors
The principal risks and uncertainties affecting our business include, among other, things the following:
•We identified certain misstatements to our previously issued financial statements and have restated the financial statements described below, which has exposed us to a number of additional risks and uncertainties.
•We have identified material weaknesses in our internal control over financial reporting.
•Our failure to prepare and timely file our periodic reports with the SEC limits our access to the public markets to raise debt or equity capital.
•We have not been profitable historically and may not achieve or maintain profitability in the future.
•Our operating results may fluctuate for a variety of reasons.
•If we fail to maintain successful relationships with our reseller partners, or if our partners fail to perform, our ability to market, sell and distribute our products will be limited.
•Increases in component costs, long lead times, and supply shortages and changes could disrupt our supply chain.
•Delays in production, increases in prices charged or the loss of a limited or sole source supplier could have an adverse effect on our business, financial condition and operating results.
•We recognize a substantial portion of our revenue ratably over the term of our agreements with customers and, as a result, downturns or upturns in sales may not be immediately reflected in our operating results.
•If we are unable to compete effectively with new entrants and other potential competitors, our sales and profitability could be adversely affected.
•A portion of our revenue is generated by sales to government entities, which are subject to challenges and risks.
•If we are not able to maintain and enhance our brand or reputation as an industry leader, our business and operating results may be adversely affected.
•We may acquire or invest in other companies or technologies in the future, which brings with it risks.
•If our products fail or are perceived to fail to detect threats, or if our products contain undetected errors or defects, these failures or errors could result in injury or loss of life.
•If our customers are unable to implement our products successfully, or if we fail to effectively assist our customers in installing our products and provide effective ongoing support and training, customer perceptions of our products may be impaired, or our reputation and brand may suffer.
•The loss of designation of our Evolv Express system as a Qualified Anti-Terrorism Technology under the Homeland Security SAFETY Act could result in adverse reputational and financial consequences.
•The AI-based weapons detection for security screening market is new and evolving and may not grow as expected or may develop more slowly or differently than we expect.16 Table of ContentsThe AI-based weapons detection for security screening market is new and evolving and may not grow as expected or may develop more slowly or differently than we expect.
13
•We use AI and machine learning in our development process and in our AI-based weapon detection products.
•We may be unable to acquire new customers or sell additional products to our customers and maintain retention rates.
•We may not successfully anticipate market needs and enhance our existing products or develop new products that meet those needs on a timely basis.
•We incorporate technology and components from third parties into our products, and our inability to obtain or maintain rights to the technology could harm our business.
•Our use of “open source” software could subject our proprietary software to certain disclosure obligations, negatively affect our ability to offer our products and subject us to possible litigation. Our use of “open source” software could subject our proprietary software to general release, negatively affect our ability to offer our products and subject us to possible litigation.
•Our products collect and store personal data about individuals.
•If we do not effectively expand, train, and retain qualified sales and marketing personnel, we may be unable to acquire new customers or sell additional products to successfully pursue our growth strategy.
•We are dependent on the continued services and performance of our senior management and other key employees, as well as on our ability to successfully hire, train, manage, and retain qualified personnel.
•Our intellectual property rights are valuable and any inability to protect our proprietary technology and intellectual property rights could substantially harm our business and operating results.
•Assertions by third parties of infringement or other violations by us of their intellectual property rights, whether or not correct, could result in significant costs and harm to our business and operating results.
•Confidentiality arrangements may not prevent disclosure of trade secrets and other proprietary information.
•We are subject to government regulation and other legal obligations, particularly related to privacy, data protection, information security, and product marketing and our actual or perceived failure to comply with such obligations could harm our business.
•Our operating results may be harmed if we are required to collect sales and use or other related taxes for our products in jurisdictions where it has not historically done so.
•Failure to comply with applicable anti-corruption legislation, export controls, economic sanctions and other governmental laws and regulations could result in fines and criminal penalties.
•We are and may in the future be subject to legal proceedings, claims and investigations.
•We may be subject to litigation and regulatory examinations, investigations, proceedings or orders as a result of or relating to the Investigation and our failure to timely file our periodic reports with the SEC.
•There are risks related to our ability to utilize net operating loss carryforwards as well as research and development tax credit carryforwards to offset future taxable income.
•We may require additional capital to support business growth, which might not be available.
•The market price of our common stock and warrants has been highly and may continue to be highly volatile.
•Certain of our warrants, earn-out shares, and founders shares are accounted for as liabilities and the changes in value of such securities could have a material effect on our financial results.
•We do not intend to pay any cash dividends for the foreseeable future.
•Future sales, or the perception of future sales, of common stock by our existing security holders in the public market may cause the market price of our securities to decline.•Future sales, or the perception of future sales, of our common stock by us or our existing stockholders in the public market could cause the market price for our common stock to decline.
•Increasing attention to, and evolving expectations for, sustainability initiatives could increase our costs, harm our reputation, or otherwise adversely impact our business.
14
•Our reported financial results may be adversely affected by changes in accounting principles.
•Securities or industry analysts do not publish research or reports about us, or publish negative reports.
•Our business operations are vulnerable to disruption due to natural or other disasters, including climate-related events, strikes and other events beyond our control.
Risks Related to Our Restatement and Internal Controls
We identified certain misstatements to our previously issued financial statements and have restated the financial statements described below, which has exposed us to a number of additional risks and uncertainties.
As discussed in the Explanatory Note, in Note 2, Restatement of Previously Issued Consolidated Financial Statements, and in Note 23, Restatement of Quarterly Financial Information (Unaudited), we restated our previously issued consolidated financial statements and other financial data for the fiscal years ended December 31, 2022 and December 31, 2023 contained in our Annual Report on Form 10-K, and our condensed consolidated financial statements for the quarters and year-to-date periods ended June 30, 2022, September 30, 2022, March 31, 2023, June 30, 2023, September 30, 2023, March 31, 2024 and June 30, 2024 contained in our Quarterly Reports on Form 10-Q. In our Quarterly Report on Form 10-Q for the quarterly period ended September 30, 2024, we also restated our unaudited financial statements for the quarterly and year-to-date periods ended September 30, 2023. We concluded that the Non-Reliance Periods should be restated because the accounting for certain sales transactions was materially inaccurate and that, among other things, revenue was prematurely or incorrectly recognized in connection with financial statements prepared for the Non-Reliance Periods. Other previously reported metrics that are a function of revenue were also misstated as a result of these revenue misstatements.
As a result of the misstatements and the restatement, we have become subject to a number of additional risks and uncertainties and unanticipated costs for accounting, legal and other fees and expenses, including as a result of a pending class-action lawsuit, derivative actions, and a stockholder request for inspection of our books and records. For more detailed discussion, see Part I, Item 3, "Legal Proceedings" and Note 20 (Commitments and Contingencies) to our consolidated financial statements for the year ended December 31, 2024. We may become subject to enforcement proceedings brought by the SEC or other regulatory or governmental authorities, or subject to other legal proceedings, as a result of the events leading to our internal investigation, the misstatements or the related restatement, and actions and proceedings could also be brought against our current and former employees, officers, or directors. These actions, lawsuits or other legal proceedings related to the misstatements or the restatement could result in reputational harm, additional defense and other costs, regardless of the outcome of the lawsuit or proceeding. If we do not prevail in any such lawsuit or proceeding, we could be subject to substantial damages or settlement costs, criminal and civil penalties and other remedial measures, including, but not limited to, injunctive relief, disgorgement, civil and criminal fines and penalties. In addition, we continue to be at risk for loss of investor confidence, loss of key employees, changes in management or our board of directors and other reputational issues, all of which could have a material adverse effect on our business, financial position and results of operations.
We have identified material weaknesses in our internal control over financial reporting, which have led to restatements and caused us to fail to meet our periodic reporting obligations, and this could occur again the future.We have identified material weaknesses in our internal control over financial reporting.
As disclosed in Part II, Item 9A – Controls and Procedures, of this Annual Report on Form 10-K, management determined that material weaknesses in the control environment, including the lack of a sufficient complement of personnel, risk assessment and information and communication components of internal control, as well as the material weakness related to revenue control activities, resulted in the restatement of the consolidated financial statements for the annual periods ended December 31, 2022 and 2023, and the quarterly periods included in such fiscal years beginning with the second quarter of 2022, and for the quarterly periods as of and for the periods ended March 31, 2024 and June 30, 2024; as well as adjustments to the consolidated annual financial statements for the year-ended December 31, 2024, and the quarterly period ended September 30, 2024, that were recorded prior to the issuance of those financial statements. These material weaknesses are in addition to previously disclosed material weaknesses, which had resulted in adjustments and certain immaterial misstatements in the consolidated financial statements for the years ended December 31, 2019, 2020, 2021, 2022, 2023, and 2024 as well as certain quarterly periods within those years; the revision of the Company's previously issued 2020 annual financial statements, 2021 quarterly and annual financial statements, and quarterly financial statements for the three months ended March 31, 2022; as well as the restatement of the Company’s financial statements as of and for the three and six months ended June 30, 2023.
15
The material weaknesses will not be considered remediated until management completes the design and implementation of such measures and the controls operate for a sufficient period of time, and we have concluded, through testing, that these controls are operating effectively. At this time, we cannot predict the success of our remediation efforts or the outcome of our assessment of such efforts. At this time, we cannot predict the success of such efforts or the outcome of our assessment of the remediation efforts. We can give no assurance that our efforts will remediate these material weaknesses in our internal control over financial reporting, or that additional material weaknesses will not be identified in the future. The effectiveness of our internal control over financial reporting is subject to various inherent limitations, including cost limitations, judgments used in decision making, assumptions about the likelihood of future events, the possibility of human error and the risk of fraud.The effectiveness of our internal control over financial reporting is subject to various inherent limitations, including cost limitations, judgments used in decision making, assumptions about the likelihood of future events, the possibility of human error and the risk of fraud. If we are unable to remediate the material weaknesses, our ability to record, process, and report financial information accurately, and to prepare financial statements within the time periods specified by the rules and regulations of the SEC, could continue to be adversely affected which, in turn, may result in future misstatements, revisions, and/or restatements or adversely affect our reputation and business and the trading price of our common stock. If we are unable to remediate the material weaknesses, our ability to record, process and report financial information accurately, and to prepare the consolidated financial statements within the time periods specified by the rules and regulations of the SEC, could be adversely affected which, in turn, may adversely affect our reputation and business and the trading price of our common stock. In addition, any such failures could result in litigation or regulatory actions by the SEC or other regulatory authorities, which could further result in loss of investor confidence, a decline in the price of our common stock, delisting of our securities, harm to our reputation and financial condition and/or diversion of financial and management resources from the operation of our business. In addition, any such failures could result in litigation or regulatory actions by the SEC or other regulatory authorities, loss of investor confidence, delisting of our securities and harm to our reputation and financial condition, or diversion of financial and management resources from the operation of our business.
Our failure to prepare and timely file our periodic reports with the SEC limits our access to the public markets to raise debt or equity capital.
We did not file our Quarterly Report on Form 10-Q for the quarterly period ended September 30, 2024 or this Annual Report on Form 10-K within the timeframe required by the SEC; thus, we have not remained current in our reporting requirements with the SEC. Although we regained status as a current filer on April 28, 2025 by filing this Annual Report on Form 10-K and our Quarterly Report on Form 10-Q for the quarterly period ended September 30, 2024, we are not currently eligible to use a registration statement on Form S-3 that would allow us to continuously incorporate by reference our SEC reports into the registration statement, or to use “shelf” registration statements to conduct offerings, until approximately one year from the date we regained and maintain status as a current filer. If we wish to pursue an offering now, we would be required to conduct the offering on an exempt basis, such as in accordance with Rule 144A, or file a registration statement on Form S-1. Using a Form S-1 registration statement for a public offering would likely take significantly longer than using a registration statement on Form S-3 and increase our transaction costs, and could, to the extent we are not able to conduct offerings using alternative methods, adversely impact our ability to raise capital or complete acquisitions of other companies in a timely manner.
Risks Related to Our Business and Operations
We have a history of losses. We have not been profitable historically and may not achieve or maintain profitability in the future.
We have a history of losses. We have incurred net losses of $54.0 million and $108.0 million for the years ended December 31, 2024 and 2023, respectively. As of December 31, 2024, we had an accumulated deficit of $354.7 million. Our ability to forecast our future operating results is subject to a number of uncertainties, including our ability to plan for and model future growth. We have encountered and will continue to encounter risks and uncertainties frequently experienced by growing companies in rapidly evolving industries. If our assumptions regarding these risks and uncertainties, which we use to plan our business, are incorrect or change in reaction to changes in our markets, or if we do not address these risks successfully, our operating and financial results could differ materially from expectations, our business could suffer, and the trading price of our stock may decline. If our assumptions regarding these uncertainties, which we use to plan our business, are incorrect or change in reaction to changes in our markets, or if we do not address these risks successfully, our operating and financial results could differ materially from expectations, our business could suffer and the trading price of our stock may decline.
We are not certain whether or when we will obtain a high enough volume of sales of our products to sustain or increase our growth or achieve or maintain profitability in the future. We are not certain whether or when we will obtain a high enough volume of sales of our products to sustain or increase our growth or achieve or maintain profitability in the future. We expect our costs to increase in future periods, which could negatively affect our future operating results if our revenue does not increase. In particular, we expect to continue to expend substantial financial and other resources on:
•research and development related to our products, including investments in expanding our research and development team;
•sales and marketing, including a significant expansion of our sales organization, both direct and through reseller partners;
16
•continued expansion of our business into new and adjacent vertical markets and the launch of new product offerings; and
•general administration expenses, including legal and accounting expenses related to being a public company and transitioning to large accelerated filer status and remediation of our material weaknesses.
These investments may not result in increased revenue or growth in our business. If we are unable to increase our revenue at a rate sufficient to offset the expected increase in our costs, our business, financial position, and results of operations will be harmed, and we may not be able to achieve or maintain profitability over the long term. Additionally, we may encounter unforeseen operating expenses, difficulties, complications, delays, and other unknown factors that may result in losses in future periods. If our revenue growth does not meet our expectations in future periods, our financial performance may be harmed, and we may not be able to achieve or maintain profitability in the future.
Our operating results may fluctuate for a variety of reasons, including our failure to close large volume opportunity customer sales.Our operating results may fluctuate for a variety of reasons, including our failure to close significant customer sales.
A meaningful portion of our revenue is generated by product sales to new customers and sales of additional products to existing customers. The timing of certain large volume opportunities can impact our results from quarter to quarter. The timing of certain large opportunities can impact the Company’s results from quarter to quarter. In addition, the sales cycle can last several months from initial engagement to contract negotiation and execution, culminating in delivery of our products to our customers, and this sales cycle can be even longer, less predictable and more resource-intensive for both larger volume sales as well as sales to customers in certain market segments. In addition, the sales cycle can last several months from initial engagement to contract negotiation, to delivery of our solution to our customers, and this sales cycle can be even longer, less predictable and more resource-intensive for larger sales. Customers may also require additional internal approvals or seek to pilot our products for a longer trial period before deciding to purchase our solutions. Customers may also require additional internal approvals or seek to test our products for a longer trial period before deciding to purchase our solutions. As a result, the timing of individual sales can be difficult to predict. In some cases, sales have occurred in a quarter subsequent to when anticipated, or have not occurred at all, which can significantly impact our quarterly financial results and make it more difficult to meet market expectations. See “Management’s Discussion and Analysis of Financial Condition and Results of Operations — Critical Accounting Policies — Revenue Recognition.”
We also regularly assess our sales and fulfillment models to ensure they align with customer preferences, operational scalability, and long-term business objectives. We expect our revenue, gross profit, gross margin, and overall profitability in any given fiscal period to be influenced by customer demand for our various sales and fulfillment models as well as any future strategic management decisions affecting our sales and fulfillment models that may result from such assessments. Any failure to successfully adjust to changes in customer demand for our various sales and fulfillment models or implement strategic decisions relating to these models could have a material adverse impact on our financial results.
In addition to the sales cycle- and sales model-related fluctuations noted above, our financial results, including our billings and deferred revenue, may continue to vary from period to period as a result of numerous factors, many of which are outside of our control and may be difficult to predict, including:
•our ability to attract and retain new customers;
•our ability to sell additional Evolv products to existing customers;
•unforeseen changes or delays in our supply chain or third-party manufacturing partners;
•our ability to expand into adjacent and complementary markets;
•changes in customer or reseller partner requirements or market needs;
•changes in the growth rate of the next-generation security screening market;
•the timing and success of new product introductions by us or our competitors, or any other change in the competitive landscape of the next-generation security screening market, including consolidation among our customers or competitors or significant price competition;
•a disruption in, or termination of, any of our relationships with reseller partners;
•our ability to successfully expand our business globally;
17
•reductions in customer retention rates, especially at subscription term expiration;
•changes in our pricing policies or those of our competitors;
•changes in financial markets or macroeconomic conditions, including, for example, due to the effects of recessionary trends, slow economic growth, or political elections in the United States and abroad, inflation and high interest rates, fuel prices, international currency fluctuations, tariffs, corruption, political instability, continuing social concerns and divisions in the United States and abroad, acts of war, including the conflicts in Europe and the Middle East, and acts of terrorism, both domestic and international;
•future accounting pronouncements or changes in our accounting policies or practices;
•the amount and timing of our operating costs, including cost of goods sold;
•the impact of any pandemic, epidemic, or future outbreak of disease or similar public health concern on our existing and new customers, partners, employees, and supply chain; and
•increases or decreases in our revenue and expenses caused by fluctuations in foreign currency exchange rates.
Any of the above factors, individually or in the aggregate, may result in significant fluctuations in our financial and other operating results from period to period. These fluctuations could result in our failure to meet our operating plan or the expectations of investors or analysts for any period. If we fail to meet such expectations for these or other reasons, the trading price of our common stock could fall substantially, and we could face costly lawsuits, including securities class action suits.
If we fail to maintain successful relationships with our reseller partners, or if our partners fail to perform, our ability to market, sell and distribute our products will be limited.
In addition to our direct sales force, we rely on our reseller partners to sell our products. We expect to continue to focus on generating sales to new and existing customers through our reseller partners as a part of our growth strategy, who may not be successful in marketing, selling, and supporting our products. We expect to continue to focus on generating sales to new and existing customers through our reseller partners as a part of our growth strategy.
If we are unable to develop and maintain effective sales incentive programs for our third-party reseller partners, we may not be able to incentivize these partners to sell our products to customers and, in particular, to high profile public and private venues and institutions. If we are unable to develop and maintain effective sales incentive programs for our third-party reseller partners, we may not be able to incentivize these partners to sell our products to customers and, in particular, to high profile public and private venues and institutions. Our agreements with our reseller partners are generally non-exclusive and these partners may also market, sell and support products that are competitive with us and may devote more resources to the marketing, sales and support of such competitive products. These partners may have incentives to promote our competitors’ products to the detriment of ours or may cease selling our products altogether. Our reseller partners may cease or de-emphasize the marketing of our products with limited or no notice and with little or no penalty. Our agreements with our reseller partners may generally be terminated for any reason by either party with advance notice prior to each annual renewal date. It cannot be certain that we will retain these reseller partners or that we will be able to secure additional or replacement reseller partners. The loss of one or more of our significant reseller partners or a decline in the number or size of orders from them could harm our operating results. In addition, any new reseller partner requires extensive training and may take several months or more to achieve productivity. Our reseller partner sales structure could subject us to lawsuits, potential liability and reputational harm if, for example, any of our reseller partners misrepresent the functionality of our products, subscriptions or services to customers, or violate laws or our corporate and marketing policies.
If we fail to effectively manage our existing resellers, or if our reseller partners are unsuccessful in fulfilling the orders for our products, or if we are unable to enter into arrangements with, and retain a sufficient number of, high quality reseller partners in each of the regions in which it sells products and keep them motivated to sell our products, our ability to sell our products and operating results will be harmed. The termination of our relationship with any significant reseller partner may also adversely impact our sales and operating results.
Increases in component costs, long lead times, supply shortages, and supply changes could disrupt our supply chain and have an adverse effect on our business, financial condition, and operating results.
We acquire certain of our materials, which are critical to the ongoing operation and future growth of our business, from several third parties, both foreign and domestic. Generally, our third-party contract manufacturers contract directly
18
with component suppliers, and we rely on our contract manufacturers to manage their supply chains. Our contract manufacturers have experienced, and may in the future experience, supply chain disruptions as a result of health crises, geopolitical tensions, trade restrictions, as well as other global economic impacts or other changes in macroeconomic trends. In the event our contract manufacturers are unable to adequately manage their supply chain or our relationships with our contract manufacturers terminate or are restricted, we could experience delays, which could negatively impact our business, customer relationships, and margins. We have experienced, and may in the future experience, disruptions, outages and other performance problems due to a variety of factors, including infrastructure changes, equipment failure, human or software errors, capacity constraints, and fraud or cybersecurity attacks. We also source some materials and components directly from suppliers. While most components and materials for our products are available from multiple suppliers, certain of those items are only available from limited or sole sources. Should any of these suppliers become unavailable or inadequate, or impose terms unacceptable to us, such as increased pricing terms, we could be required to spend a significant amount of time and expense to develop alternate sources of supply, and may not be successful in doing so on terms acceptable to it, or at all. As a result, the loss of a limited or sole source supplier could adversely affect our manufacturing capacity, and relationships with our customers, as well as our results of operations and financial condition.
Since early 2025, the current presidential administration has signed a series of executive orders imposing sweeping tariffs on almost all imports into the United States, with certain tariffs already in effect and some which have been delayed. The administration has also stated plans to impose additional new tariffs or further increase or expand existing tariffs. In addition to the impacts to our business stemming from the tariffs imposed by the administration, we may also be materially impacted by retaliatory tariffs and other penalties or trade restrictions that may be imposed against the United States.
There continues to be significant uncertainty regarding these recent changes and potential future developments. Increased trade restrictions, tariffs or taxes on imports or exports relating to countries where we manufacture, source, or sell materials or products, could have a material adverse effect on our business and financial results. If we cannot find ways to mitigate the potential impacts from tariffs or trade restrictions successfully or in a timely manner, these additional tariffs and policies could have a significant impact on our business and results of operations. The exact magnitude of any potential impact remains uncertain, as there may be further changes to tariffs and policies and, consequently, potential increased tension between the U.S. and targeted countries. For example, our risk exposure may increase further if any countries levy additional retaliatory tariffs, taxes, or other trade restrictions or penalties against the United States or U.S. companies.
Delays in production, increases in prices charged or the loss of a limited or sole source supplier could have an adverse effect on our business, financial condition and operating results.
We depend on our primary third-party contract manufacturer for the production of our security screening systems.We depend on a third-party contract manufacturer for the production of our touchless security screening systems. While there are several potential contract manufacturers for most of these products, all our systems are currently manufactured, assembled, tested, and packaged by Columbia Tech. While there are several potential manufacturers for most of these products, all our products are currently manufactured, assembled, tested and, packaged by this third-party manufacturer located in Massachusetts. In most cases, we rely on this manufacturer to procure components and, in some cases, provide manufacturing engineering work. Our current reliance on one contract manufacturer involves several risks, including:
•unexpected increases in manufacturing and repair costs;
•inability to control the quality and reliability of finished systems;
•inability to control delivery schedules;
•potential liability for expenses incurred by the third-party contract manufacturer in reliance on our forecasts that later prove to be inaccurate;
•potential lack of adequate capacity to manufacture all components or parts of the products we require;
•potential labor unrest or unavailability affecting the ability of the third-party manufacturers to produce our systems; and
•the occurrence of unforeseen force majeure events affecting the third-party manufacturer.
We also use a third-party contract manufacturer located in Massachusetts and the U.K. as a second source for the production of a key sensor component used in our security screening systems. If our third-party contract manufacturers experience a delay, disruption, or quality control problems in their operations or if the third-party contract manufacturers do not renew or terminate our agreement with them, our operations could be significantly disrupted and our product
19
shipments could be delayed. Qualifying new manufacturers and commencing volume production is expensive and time consuming. Qualifying a new manufacturer and commencing volume production is expensive and time consuming. Ensuring that a contract manufacturer is qualified to manufacture our products or components to our standards is time consuming. Ensuring that a contract manufacturer is qualified to manufacture our products to our standards is time consuming. In addition, if our contract manufacturers cannot scale their production of our products or components at the volumes and in the quality that we require, we may have to move production for the products or components to a new or existing third-party manufacturer, which would take significant effort and our business, results of operations and financial condition could be materially adversely affected. If we do not succeed in convincing customers that our products should be an integral part of their overall approach to security and that a fixed portion of their annual security budgets should be allocated to our products, general reductions in security spending by our customers are likely to have a disproportionate impact on our business, results of operations and financial condition.
As we contemplate moving manufacturing into different jurisdictions, we may be subject to additional and significant challenges in ensuring that quality, processes, and costs, among other issues, are consistent with our expectations. For example, we may not be able to collect reimbursements from our third-party contract manufacturers for penalties assessed on us because of excessive failures of products or warranty claims, which causes us to take on additional risk for potential failures of our products.
In addition, because we currently use third-party contract manufacturers to produce our security screening systems and certain key components, increases in the prices charged may have an adverse effect on our results of operations, as we may be unable to find contract manufacturers who can supply us at a lower price.In addition, because we currently use a single third-party contract manufacturer, increases in the prices charged may have an adverse effect on our results of operations, as we may be unable to find a contract manufacturer who can supply us at a lower price. As a result, the loss of a limited or sole source supplier could adversely affect our relationships with our customers and our results of operations and financial condition.
We recognize a substantial portion of our revenue ratably over the term of our agreements with customers and, as a result, downturns or upturns in sales may not be immediately reflected in our operating results.
We recognize a substantial portion of our revenue ratably over the terms of our agreements with customers, which generally occurs over a four-year period. As a result, a substantial portion of the revenue that we report in each period will be derived from the recognition of deferred revenue relating to agreements entered into during previous periods. Consequently, a decline in new sales or renewals in any one period may not be immediately reflected in our revenue results for that period. This decline, however, will negatively affect our revenue in future periods. Accordingly, the effect of significant downturns in sales and market acceptance of our products, and potential changes in our rate of renewals may not be fully reflected in our results of operations until future periods. Our model also makes it difficult to rapidly increase our revenue through additional sales in any period, as revenue from new customers generally will be recognized over the term of the applicable agreement.
We also intend to make strategic investments in research and development, sales and marketing, and general and administrative functions and other areas to grow our business.We also intend to increase our investment in research and development, sales and marketing and general and administrative functions and other areas to grow our business. These costs are generally expensed as incurred (with the exception of sales commissions), as compared to our revenue, a substantial portion of which is recognized ratably in future periods. We are likely to recognize the costs associated with these increased investments earlier than some of the anticipated benefits and the return on these investments may be lower, or may develop more slowly, than we expect, which could adversely affect our operating results.
If we are unable to compete effectively with new entrants and other potential competitors, our sales and profitability could be adversely affected.
The sales prices for our products and services may decline for a variety of reasons, including competitive pricing pressures, discounts, a change in our mix of products and services, anticipation of the introduction of new products or promotional programs. Competition continues to increase in the market segments in which we participate, and we expect competition to further increase in the future, thereby leading to increased pricing pressures. Larger competitors with more diverse product and service offerings may reduce the price of products that compete with theirs or may bundle them with other products and services. Additionally, currency fluctuations in certain countries and regions may negatively impact prices that partners and customers are willing to pay in those countries and regions. We cannot be certain that we will be successful in developing and introducing new products with enhanced functionality on a timely basis, or that our new product offerings, if introduced, will enable it to maintain our prices and gross profits at levels that will allow us to maintain positive gross margins and achieve profitability.
A portion of our revenue is generated by sales to government entities and such sales are subject to a number of challenges and risks.
Selling to government entities can be highly competitive, expensive, and time-consuming, and often requires significant upfront time investment and expense without any assurance of winning a sales contract. Selling to government entities can be highly competitive, expensive, and time-consuming, and often requires significant upfront time and expense without any assurance that it will win a sale. Government demand
20
and payment for our solutions may also be impacted by changes in fiscal or contracting policies, changes in government programs or applicable requirements, the adoption of new laws or regulations or changes to existing laws or regulations, public sector budgetary cycles and funding authorizations, with funding reductions or delays adversely affecting public sector demand for our solutions. Accordingly, increasing sales of our products to government entities may be more challenging than selling to commercial organizations, especially given extensive certification, compliance, clearance, and security requirements. Government agencies may have statutory, contractual, or other legal rights to terminate contracts with us or reseller partners. Further, in the course of providing our solutions to government entities, our employees and those of our reseller partners may be exposed to sensitive government information. Any failure by us or our reseller partners to safeguard and maintain the confidentiality of such information could subject us to liability and reputational harm, which could materially and adversely affect our results of operations and financial performance. Governments routinely investigate and audit government contractors’ administrative processes, and any unfavorable audit may cause the government to shift away from our solutions and may result in a reduction of revenue, fines or civil or criminal liability if the audit uncovers improper or illegal activities, which could adversely impact our results or operations.
We could lose customers and revenue if there are changes in the spending policies or budget priorities for government funding of colleges, universities, K-12 schools and other education providers.
Our customers include colleges, universities, K-12 schools and other education providers, many of which depend substantially on government funding. Accordingly, any general decrease, delay or change in federal, state or local funding for colleges, universities, schools and other education providers could cause our current and potential customers to reduce their purchases of our products, or decide not to renew their subscriptions, any of which could cause us to lose customers and revenue.
If we are not able to maintain and enhance our brand or reputation as an industry leader, our business and operating results may be adversely affected.
We believe that maintaining and enhancing our reputation as a leader in next-generation AI-based weapons detection for security screening is critical to our relationship with our existing end-user customers and reseller partners and our ability to attract new customers and reseller partners.We believe that maintaining and enhancing our reputation as the leader in next-generation AI-based weapons detection for security screening is critical to our relationship with our existing end-user customers and reseller partners and our ability to attract new customers and reseller partners. The successful promotion of our brand will depend on multiple factors, including our marketing efforts, our ability to continue to deliver an excellent customer experience and develop high-quality features for our products, and our ability to successfully differentiate our products from those of our competitors. The successful promotion of our brand will depend on multiple factors, including our marketing efforts, our ability to continue to deliver a superior customer experience and develop high-quality features for our products and our ability to successfully differentiate our products from those of our competitors. Our brand promotion activities may not be successful or yield increased revenue. Additionally, the performance of our reseller partners may affect our brand and reputation if customers do not have a positive experience with our products as implemented by our reseller partners or with the implementation generally. The promotion of our brand requires us to make substantial expenditures, and we anticipate that the expenditures will increase as our market becomes more competitive, as we expand into new geographies and vertical markets and as more sales are generated through our reseller partners. To the extent that these activities yield increased revenue, such increase in revenue may not offset the corresponding increase in expenses we incur. To the extent that these activities yield increased revenue, this revenue may not offset the increased expenses we incur. If we do not successfully maintain and enhance our brand and reputation, our business and operating results may be adversely affected.
We may acquire or invest in other companies or technologies in the future, which could divert management’s attention, fail to meet our expectations, result in additional dilution to our stockholders, increase expenses, disrupt our operations or otherwise harm our operating results.
We may in the future acquire or invest in businesses, products, or technologies that we believe could complement or expand our platform, enhance our technical capabilities, or otherwise offer growth opportunities. The pursuit of potential acquisitions may divert the attention of management and cause us to incur various expenses related to identifying, investigating, and pursuing suitable acquisitions, whether or not they are consummated. Even if they are consummated, we may not be able to fully realize the anticipated benefits of any future acquisitions or anticipated benefits may not transpire.
There are inherent risks in integrating and managing acquisitions. If we acquire additional businesses, we may not be able to assimilate or integrate the acquired personnel, operations, products, services, and technologies successfully or effectively manage the combined business following the acquisition and our management may be distracted from operating our business. We also may not achieve the anticipated benefits from the acquired business due to a number of factors, including, without limitation:
•unanticipated costs or liabilities associated with the acquisition;
21
•incurrence of acquisition-related costs, which would be recognized as a current period expense;
•inability to generate sufficient revenue to offset acquisition or investment costs;
•inability to maintain relationships with customers and partners of the acquired business;
•difficulty of incorporating acquired technology and rights into our platform and of maintaining quality and security standards consistent with our brand;
•delays in customer purchases due to uncertainty related to any acquisition;
•the potential loss of key employees;
•use of resources that are needed in other parts of our business and diversion of management and employee resources;
•inability to recognize acquired deferred revenue in accordance with our revenue recognition policies; and
•use of substantial portions of our available cash and equity or the incurrence of debt to consummate the acquisition.
Acquisitions also increase the risk of unforeseen legal liability, including potential shareholder suits or potential violations of applicable law or industry rules and regulations, arising from prior or ongoing acts or omissions by the acquired businesses that are not discovered by due diligence during the acquisition process or new regulatory restrictions at the federal, state, or local levels. Acquisitions also increase the risk of unforeseen legal liability, including for potential shareholder suits or potential violations of applicable law or industry rules and regulations, arising from prior or ongoing acts or omissions by the acquired businesses that are not discovered by due diligence during the acquisition process or new regulatory restrictions at the federal, state, or local levels. Generally, if an acquired business fails to meet our expectations, our operating results, business, and financial condition may suffer. Acquisitions could also result in dilutive issuances of equity securities or the incurrence of debt, which could adversely affect our business, results of operations and financial condition. Acquisitions could also result in dilutive issuances of equity 25 Table of Contentssecurities or the incurrence of debt, which could adversely affect our business, results of operations and financial condition.
In addition, a significant portion of the purchase price of companies we acquire may be allocated to goodwill and other intangible assets, which must be assessed for impairment at least annually.In addition, a significant portion of the purchase price of companies it acquires may be allocated to goodwill and other intangible assets, which must be assessed for impairment at least annually. If our acquisitions do not ultimately yield expected returns, we may be required to take charges to our operating results based on our impairment assessment process, which could harm our results of operations.
Risks Related to Our Industry and Products
If our products fail or are perceived to fail to detect threats such as a firearm or other potential weapon or explosive device, or if our products contain undetected errors or defects, this could have an adverse effect on our business and results of operations.
If our products fail or are perceived to fail to detect and prevent attacks or if our products fail to identify and respond to new and increasingly complex and unpredictable methods of attacks, our business and reputation may suffer. There is no guarantee that our products will detect and prevent all attacks, especially in light of the rapidly changing security landscape to which it must respond, as well as unique factors that may be present in our customers’ operating environments. Additionally, our products may falsely detect items that do not actually represent threats. These false positives may impair the perceived reliability of our products and may therefore adversely impact market acceptance of our products, which could, in turn, result in negative publicity and damage to our brand and reputation, loss of customers and sales, and increased costs to remedy any problem. These false positives may impair the perceived reliability of our products, and may therefore adversely impact market acceptance of our products, and could result in negative publicity, loss of customers and sales and increased costs to remedy any problem.
Our products, which are complex, may also contain undetected errors or defects when first introduced or as new versions are released. We have experienced these errors or defects in the past in connection with new products and product upgrades. We expect that these errors or defects will be found from time to time in the future in new or enhanced products after commercial release. Defects may result in increased vulnerability to attacks, cause our products to fail to detect security threats, or temporarily interrupt our products’ ability to screen visitors in a customer’s location. Any errors, defects, disruptions in service or other performance problems with our products may damage our customers’ business and could harm our reputation. If our products fail to detect security threats for any reason, including failures due to customer personnel or security processes, it may result in significant costs, the attention of our key personnel could be diverted and our customers may delay or withhold payment to us, elect not to renew or cause other significant customer relations problems to arise. If our products fail to detect security threats for any reason, it may incur significant costs, the attention of our key personnel could be diverted, our customers may delay or withhold payment to us or elect not to renew or cause other significant customer relations problems to arise.
22
We may also be subject to liability claims for damages related to errors or defects in our products. For example, if our products fail to detect weapons or explosive devices that are subsequently used by terrorists, criminals, or unbalanced individuals to cause casualties at a high profile, public venue, we could incur financial damages and our reputation could also be significantly harmed. For example, if our products fail to detect weapons or explosive devices that are subsequently used by terrorists, criminals or unbalanced individuals to cause casualties at a high profile, public venue, our reputation could be significantly harmed. A material liability claim or other occurrence that harms our reputation or decreases market acceptance of our products may harm our business and operating results. The limitation of liability provisions in our terms and conditions of sale may not fully or effectively protect us from claims as a result of federal, state, or local laws or ordinances, or unfavorable judicial decisions in the United States or other countries. Although we have limitation of liability provisions in our terms and conditions of sale, they may not fully or effectively protect us from claims as a result of federal, state, or local laws or ordinances, or unfavorable judicial decisions in the United States or other countries. The sale and support of our products also entails the risk of product liability claims. Our insurance coverage may not adequately cover any claim asserted against us. In addition, even claims that ultimately are unsuccessful could result in our expenditure of funds in litigation, divert or distract management’s time and other resources, and harm our business and reputation.
If our customers are unable to implement our products successfully, or if we fail to effectively assist our customers in installing our products and provide effective ongoing support and training, customer perceptions of our products may be impaired, or our reputation and brand may suffer.
Our products are deployed in a wide variety of indoor and outdoor environments, including large venues with multiple entry points. Some of our customers have experienced difficulties implementing our products in the past and may experience implementation difficulties in the future. If our customers are unable to implement our products successfully, customer perceptions of our products may be impaired, or our reputation and brand may suffer.
Any failure by our customers to appropriately implement our products or any failure of our products to effectively integrate and operate within our customers’ operating environments could result in customer dissatisfaction, impact the perceived reliability of our products, result in negative press coverage, negatively affect our reputation, and harm our financial results.
Successful deployment and operation of our products depend on the knowledge and skill of the customer security personnel or implementation contractors charged with setting up, configuring, monitoring, and troubleshooting the equipment in their own environment. Many of our customers experience relatively high turnover in their security personnel, creating opportunities for knowledge and skill gaps that can result, and have resulted, in configuration, sensitivity setting, or operational errors that allow prohibited threats into customer facilities. In these situations, customers can perceive, and have perceived, that our products have failed to perform as designed until and unless we have been able to demonstrate otherwise. We or our implementation partners may not successfully isolate and identify failures due to customer error in the future, and this could result in customer dissatisfaction, impact the perceived reliability of our products, result in negative press coverage, negatively affect our reputation, and harm our financial results. There can be no assurance that we or our implementation partners will successfully isolate and identify failures due to customer error in the future, and this could result in customer dissatisfaction, impact the perceived reliability of our products, result in negative press coverage, negatively affect our reputation and harm our financial results.
Our customers depend in large part on customer support delivered by us to resolve issues relating to the use of our products. However, even with our support, our customers are ultimately responsible for effectively using our products and ensuring that their staff is properly trained in the use of our products. The failure of our customers to correctly use our products, or our failure to effectively assist customers in installing our products and provide effective ongoing support and training, may result in an increase in the vulnerability of our customers’ facilities and visitors to security threats. It can take significant time and resources to recruit, hire and train qualified technical support and service employees and contractors. We may not be able to keep up with demand, particularly if the sales of our products exceed our internal forecasts. To the extent that we are unsuccessful in hiring, training, and retaining adequate support resources, our ability to provide adequate and timely support to our customers may be negatively impacted, and our customers’ satisfaction with our products may be adversely affected. To the extent that we are unsuccessful in hiring, training and retaining adequate support resources, our ability to provide adequate and timely support to our customers may be negatively impacted, and our customers’ satisfaction with our products may be adversely affected. Additionally, in unusual circumstances, if we needed to rely on our sales engineers to provide post-sales support while growing our service organization, our sales productivity may be negatively impacted. Additionally, in unusual circumstances, if it were to need to rely on our sales engineers to provide post-sales support while we are growing our service organization, our sales productivity may be negatively impacted. Accordingly, any failure by us to provide satisfactory maintenance and technical support services could have a material and adverse effect on our business and results of operations. 22 Table of ContentsAccordingly, any failure by us to provide satisfactory maintenance and technical support services could have a material and adverse effect on our business and results of operations.
The loss of designation of our Evolv Express system as a Qualified Anti-Terrorism Technology under the Homeland Security SAFETY Act could result in adverse reputational and financial consequences.
Our Evolv Express system has been awarded the DHS SAFETY Act Designation as a Qualified Anti-Terrorism Technology. Any amendments or interpretive guidance related to the SAFETY Act may affect our ability to retain our SAFETY Act Designation, may increase the costs of compliance, and/or may negatively impact our ability to attract new customers. The Safety Act Designation provides us with certain liability protections for claims relating to, arising out of or resulting from an act of terrorism, and the loss of these protections could materially impact our risk and our business. Any claim of infringement, misappropriation or other violation of intellectual property rights by a third party, even those without merit, could cause us to incur substantial costs defending against the claim and could distract our management from our business. Because we view our SAFETY Act Designation as a differentiating factor among our industry peers, if laws and
23
regulations change relating to the SAFETY Act or if we fail to comply with the SAFETY Act's requirements, our business, financial condition, results of operations, customer retention and stock price could be materially and adversely affected.
The AI-based weapons detection for security screening market is new and evolving and may not grow as expected or may develop more slowly or differently than we expect.16 Table of ContentsThe AI-based weapons detection for security screening market is new and evolving and may not grow as expected or may develop more slowly or differently than we expect.
We believe our future success will depend in large part on the growth in the market for AI-based weapons detection for security screening solutions. This market is new and evolving, and as such, it is difficult to predict important market trends. This market is new and evolving, and as such, it is difficult to predict important market trends, including our potential growth, if any. To date, enterprise and corporate security budgets have allocated a majority of dollars to conventional security solutions, such as lower priced walk-through metal detectors. Organizations that use these security products may be satisfied with them or slow to adapt to technological advances and, as a result, these organizations may not adopt our solutions in addition to, or in lieu of, security products they currently use. Organizations that use these security products may be satisfied with them or slow to adapt to technical advances and, as a result, these organizations may not adopt our solutions in addition to, or in lieu of, security products they currently use.
Further, sophisticated attackers are skilled at adapting to new technologies and developing new methods of breaching organizations’ security systems, and changes in the nature of security threats could result in a shift in budgets away from products such as ours. In addition, while recent high visibility attacks at publicly and privately-owned venues and schools have increased market awareness of mass shootings, terrorist, or other attacks, if such attacks were to decline, or enterprises or governments perceived that the general level of attacks has declined, our ability to attract new customers and expand our sales to existing customers could be materially and adversely affected. If products such as ours are not viewed by organizations as necessary, or if customers do not recognize the benefit of our products as a critical element of an effective security strategy, our revenue may not grow as quickly as expected, or may decline, and the trading price of our stock could suffer.
In addition, it is difficult to predict customer adoption and retention rates, customer demand for our products, the size and growth rate of the market for AI-based weapons detection for security screening, the entry of competitive products, or the success of existing competitive products. Any expansion in our market depends on a number of factors, including the cost, performance, and perceived value associated with our products and those of our competitors. If these products do not achieve widespread adoption or there is a reduction in demand for products in our market caused by a lack of customer acceptance, technological challenges, regulatory restrictions, competing technologies or products, decreases in corporate spending, weakening economic conditions or otherwise, it could result in reduced customer orders, early terminations, reduced customer retention rates or decreased revenue, any of which would adversely affect our business operations and financial results. If these products do not achieve widespread adoption or there is a reduction in demand for products in our market caused by a lack of customer acceptance, technological challenges, competing technologies or products, decreases in corporate spending, weakening economic conditions or otherwise, it could result in reduced customer orders, early terminations, reduced customer retention rates or decreased revenue, any of which would adversely affect our business operations and financial results.
We use AI and machine learning in our development process and in our AI-based weapon detection products.
We use AI and machine learning technologies, including propriety AI and machine learning algorithms, in the development and operation of our AI-based weapons detection products for security screening. There are significant risks involved in developing, maintaining, and deploying AI and machine learning technologies and there can be no assurance that the usage of such technologies will always enhance our products or services or be beneficial to our business, including our efficiency or profitability. Furthermore, the rapid pace of AI development may require the continued investment of significant resources for us to remain competitive, and we may not receive commensurate returns if we are not successful in achieving the outcomes we expect (either on the timelines we expect or at all). In addition, our competitors may incorporate AI into their products more quickly or more successfully than us, which could impair our ability to compete effectively.
Some uses of AI pose emerging ethical issues and present a number of risks that cannot be fully mitigated. Using AI while the technology is still developing may expose us to additional liability, reputational harm and threats of litigation, in particular, if these AI or machine learning models are incorrectly designed, developed or implemented, produce errors, AI bias, discrimination or AI hallucinations, result in intellectual property infringement or misappropriation or are adversely impacted by unforeseen defects, technical challenges, data privacy issues, cyber security threats, material performance issues, or otherwise do not function as intended. For example, AI technologies are highly reliant on the collection and analysis of large amounts of data, which may be overbroad, incomplete, inadequate, inaccurate, biased, or otherwise of poor quality. The accuracy of these data inputs and their subsequent effects on the outputs of AI technologies cannot always be verified, potentially leading to outputs that incorporate or are based on inaccurate or erroneous information. If any of the foregoing were to occur, the performance of our products, services, and business, as well as our reputation and the reputations of our customers, could suffer or we could incur liability.
24
Because AI is a developing technology in its infancy, legal frameworks for AI governance are unsettled, quickly developing, and unpredictable. The use of AI could also lead to legal and regulatory investigations and enforcement actions, or may give rise to specific obligations, including required notices, consents and opt-outs, under various data privacy, protection and cybersecurity laws and regulations in a number of jurisdictions. Further, there is no assurance that new laws and regulations will not restrict the ways we can use the AI we have adopted, including by limiting or changing global AI adoption trends that may impede our strategy. For example, Florida has proposed legislation designed to ban the use of AI for firearm detection in certain public spaces. If such legislation is adopted in Florida or similar legislation is proposed and adopted in any other states, our operations in such states could be disrupted, which could have a material adverse effect on our business, financial condition and results of operations. Moreover, regulations relating to AI technologies may also impose certain obligations on organizations, and the costs of monitoring and responding to such regulations, as well as the consequences of non-compliance, could have an adverse effect on our operations or financial condition. Unfavorable legal and regulatory developments could also impact our vendors, suppliers and industry as a whole, and we may be exposed to increased risk of liability, reputational harm, and other significant costs if we need to make business and operational changes in response to such developments.
In particular, many U.S. federal, state, and foreign government bodies and agencies have introduced, and are currently considering, additional laws and regulations, including related to the development and integration of AI, machine learning, and additional emerging data technologies while mitigating or controlling for bias and discrimination in the context of AI and machine learning. For example, the California Privacy Protection Agency is currently in the process of finalizing regulations under the California Consumer Privacy Act (as amended by the California Privacy Rights Act) (“CCPA”), regarding the use of automated decision making, which focuses on notice and transparency requirements, opt-out and access rights and performance of risk assessments. Additionally, Colorado and California have recently passed legislation, and legislation is pending in Virginia, that, among other obligations, will require disclosure and transparency obligations with respect to certain AI systems. Furthermore, in Europe, the Artificial Intelligence Act (“EU AI Act”), which entered into force on August 1, 2024, provides rights and duties designed to ensure the safe and ethical deployment of AI. The EU AI Act categorizes AI systems based on their level of risk, prohibiting certain uses of AI (which provisions applied as of February 2, 2025), and introduces strict requirements for high-risk AI applications (which provisions apply from August 2, 2027). It is intended to apply to companies that develop, use and/or provide AI in the EU and includes requirements around transparency, conformity assessments and monitoring, risk assessments, human oversight, security and accuracy and introduces significant fines for noncompliance. There are also specific rules on the use of automated decision making under the General Data Protection Regulation (“GDPR”) that provide the data subject the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her. Additionally, the existence of automated decision making must be disclosed to the data subject with a meaningful explanation of the logic used in such decision making in certain circumstances and safeguards must be implemented to safeguard individual rights, including the right to obtain human intervention and to contest any decision. We will likely incur additional expenses and costs associated with complying with existing and evolving laws, as well as face heightened potential liability if we are unable to comply with such laws. If passed, we will likely incur additional expenses and costs associated with complying with such laws, as well as face heightened potential liability if we are unable to comply with these laws. While we strive to minimize any physical bias in our product’s identification of threats because our product’s AI does not process or analyze an individual’s physical characteristics, we may not be able to identify such issues in advance, or if identified, we may not be able to identify mechanisms for effectively mitigating such issues.
Our failure, or perceived failure, to comply fully with developing interpretations of AI laws and regulations or meet evolving and varied stakeholder expectations and industry standards, could harm our business, reputation, financial condition and results of operation. See – “We are subject to government regulation and other legal obligations, particularly related to privacy, data protection, information security, and product marketing and our actual or perceived failure to comply with such obligations could harm our business.”
Further, our ability to continue to develop or use such technologies may be dependent on access to specific third-party software and infrastructure, such as processing hardware or third-party AI models, and we cannot control the availability or pricing of such third party software and infrastructure, especially in a highly competitive environment. In addition, market acceptance and consumer perceptions of AI and machine learning technologies are uncertain.
A number of aspects of intellectual property protection in the field of AI and machine learning are currently under development, and there is uncertainty and ongoing litigation in different jurisdictions as to the degree and extent of protection warranted for the output of AI and machine learning systems. See – “Our intellectual property rights are valuable and any inability to protect our proprietary technology and intellectual property rights substantially harm our business and operating results.”
25
We may be unable to acquire new customers, sell additional products to our customers, or retain our existing customers.
Our success depends on our ability to acquire new customers in new and existing vertical markets, and in new and existing geographic markets. If we are unable to attract a sufficient number of new customers and retain our existing customers, we may be unable to generate revenue growth at desired rates. If we are unable to attract a sufficient number of new customers outside the United States, we may be unable to generate revenue growth at desired rates. The physical security solutions market is competitive, and many of our competitors have significantly greater financial, personnel, and other resources than we do and may be able to devote greater resources to their efforts to develop solutions and attract customers. While we take measures to protect the security of personal information, it is possible that our security controls over personal information and other practices we follow may not prevent the unauthorized access to, or the unintended release of, personal information. As a result, it may be difficult for us to add new customers to our customer base. Competition in the marketplace may also lead us to win fewer new customers or result in us providing discounts and other commercial incentives to win new customers or retain our existing customers. Competition in the marketplace may also lead us to win fewer new customers or result in us providing discounts and other commercial incentives. Additional factors that impact our ability to acquire new customers and retain existing customers include the perceived need for AI-based weapons detection for security solutions, the size of our prospective customers’ security budgets, the availability of government funding, the utility and efficacy of our existing and new products or product enhancements, whether proven or perceived, and general economic conditions. Additional factors that impact our ability to acquire new customers include the perceived need for AI-based weapons detection for security solutions, the size of our prospective customers’ security budgets, the utility and efficacy of our existing and new products, whether proven or perceived, and general economic conditions. These factors may have a meaningful negative impact on our future revenues and operating results. These factors may have a meaningful negative impact on future revenues and operating results.
In addition, our future success depends, in part, on our ability to expand the deployment of our products with existing customers by selling them additional products and, in part, on our ability to maintain and increase subscriptions for our proprietary products as they generate recurring revenues. This may require increasingly sophisticated and costly sales efforts and may not result in additional sales. Existing and future customers of our products may not purchase our subscriptions for our proprietary products at the same rate at which customers currently purchase those subscriptions. In addition, the rate at which our customers purchase additional products depends on a number of factors, including the perceived need for additional security screening solutions as well as general economic conditions. If our efforts to sell additional products to our customers are not successful or our customers purchase a lower volume of subscriptions, our business may suffer. If our efforts to sell additional products to our customers are not successful, our business may suffer.
While our immediate focus is on the United States market, our long-term success in part depends on our ability to acquire new customers outside the United States. The United States has significantly more privately owned firearms than any other country. If customers in other countries do not perceive the threat of firearms and weapons to be significant enough to justify the purchase of our products, we will be unable to establish a meaningful business outside the United States. If customers in other countries do not perceive 17 Table of Contentsthe threat of firearms and weapons to be significant enough to justify the purchase of our products, we will be unable to establish a meaningful business outside the United States. If we are unable to attract a sufficient number of new customers outside the United States, we may be unable to generate future revenue growth at desired rates in the long term. If we are unable to attract a sufficient number of new customers outside the United States, we may be unable to generate revenue growth at desired rates.
If we do not successfully anticipate market needs and enhance our existing products or develop new products that meet those needs on a timely basis, we may not be able to compete effectively and our ability to generate revenues will suffer.18 Table of ContentsIf we do not successfully anticipate market needs and enhance our existing products or develop new products that meet those needs on a timely basis, we may not be able to compete effectively and our ability to generate revenues will suffer.
Our customers face evolving security risks that require them to adapt to increasingly complex infrastructures that incorporate a variety of security solutions. We face significant challenges in ensuring that our products effectively identify and respond to these security risks without disrupting the performance of our customers’ infrastructures. As a result, we must continually modify and improve our products in response to changes in our customers’ infrastructures.
We cannot guarantee that we will be able to anticipate future market needs and opportunities or be able to develop product enhancements or new products to meet such needs or opportunities in a timely manner, if at all. There can be no assurance that enhancements or new products will achieve widespread market acceptance.
New products, as well as enhancements to our existing products, could fail to attain sufficient market acceptance for many reasons, including:
•delays in releasing new products or product enhancements;
•failure to accurately predict market demand and to supply products that meet this demand in a timely fashion;
•inability to protect against new types of attacks or techniques used by terrorists or other threat sources;
•defects in our products, errors or failures of our products;
•negative publicity or perceptions about the performance or effectiveness of our products;
•introduction or anticipated introduction of competing products by our competitors;
26
•installation, configuration, sensitivity setting, or usage errors by our customers; and
•easing or changing of regulatory requirements at the federal, state, and/or local levels related to security or other aspects of our business.
If we fail to anticipate market requirements or fail to develop and introduce product enhancements or new products to meet those needs in a timely manner, it could cause us to lose existing customers and prevent us from gaining new customers, which would significantly harm our business, financial condition, and results of operations. If we fail to anticipate market requirements or fail to develop and introduce product enhancements or new products to meet those needs in a timely manner, it could cause us to lose existing customers and prevent us from gaining new customers, which would significantly harm our business, financial condition and results of operations.
While we continue to invest significant resources in research and development to enable our products to continue to address the security risks that our customers face, the introduction of products embodying new technologies could also render our existing products or services obsolete or less attractive to customers. If we spend significant time and effort on research and development and are unable to generate an adequate return on our investment, our business and results of operations may be materially and adversely affected.
We incorporate technology and components from third parties into our products, and our inability to obtain or maintain rights to the technology could harm our business.
We have incorporated, and may in the future incorporate, technology and components from third parties into our products. We cannot be certain that our suppliers and licensors are not infringing the intellectual property rights of third parties or that the suppliers and licensors have sufficient rights to the technology in all jurisdictions in which it may sell our products. We may not be able to rely on indemnification obligations of third parties, to the extent they offer them. We may not be able to rely on indemnification obligations of third parties if some of our agreements with our suppliers and licensors may be terminated for convenience by them. If our implementation or ongoing use of such technology is limited because of intellectual property infringement claims brought by third parties against our suppliers or licensors or against us, or if we are unable to continue to obtain such technology or enter into new agreements therefor on commercially reasonable terms, our ability to develop and sell products, subscriptions, and services containing such technology could be severely limited, and our business could be harmed. If we are unable to obtain or maintain rights to any of this technology because of intellectual property infringement claims brought by third parties against our suppliers and licensors or against us, or if we are unable to continue to obtain such technology or enter into new agreements on commercially reasonable terms, our ability to develop and sell products, subscriptions and services containing such technology could be severely limited, and our business could be harmed. Disputes with suppliers and licensors could result in the payment of additional royalties or penalties by us, cancellation or non-renewal of the underlying license or litigation. Disputes with suppliers and licensors over uses or terms could result in the payment of additional royalties or penalties by us, cancellation or non-renewal of the underlying license or litigation. In the event that we cannot renew existing licenses, or enter into new licenses of comparable technology, we may be required to discontinue or limit our use of the operations, products, or offerings that include or incorporate the licensed intellectual property. In the event that we cannot renew and/or expand existing licenses, we may be required to discontinue or limit our use of the operations, products, or offerings that include or incorporate the licensed intellectual property. Any such discontinuation or limitation could have a material and adverse impact on our business, financial condition, and results of operation. Additionally, if we are unable to obtain necessary technology and components from third parties at all, including certain sole suppliers, we may be forced to acquire or develop alternative technology or components, which may require significant time, cost, and effort and may be of lower quality or performance standards. Additionally, if we are unable to obtain necessary technology and components from third parties, including certain sole suppliers, we may be forced to acquire or develop alternative technology or components, which may require significant time, cost and effort and may be of lower quality or performance standards. This could limit or delay our ability to offer new or competitive products and increase our costs of production. This would limit or delay our ability to offer new or competitive products and increase our costs of production. If alternative technology or components cannot be obtained or developed, we may not be able to offer certain functionality as part of our products, subscriptions, and services. As a result, our margins, market share and results of operations could be significantly harmed.
Our use of “open source” software could subject our proprietary software to certain disclosure obligations, negatively affect our ability to offer our products and subject us to possible litigation. Our use of “open source” software could subject our proprietary software to general release, negatively affect our ability to offer our products and subject us to possible litigation.
We have used “open source” software in connection with the development and deployment of our software products, and we expect to continue to use open source software in the future. We have used “open source” software in connection with the development and deployment of our software products, and we expect to continue to use open source software in the future. Open source software is licensed by its authors or other third parties under open source licenses, which in some instances may subject us to certain unfavorable conditions, including requirements that we offer the software that incorporates, is based on or that links to the open source software for no cost, that we make publicly available all or part of the source code for any modifications or derivative works we create based upon or that incorporate, link to or otherwise use the open source software, or that we license such modifications or derivative works under the terms of the particular open source license. Open source software is licensed by its authors or other third parties under open source licenses, which in some instances may subject us to certain unfavorable conditions, including requirements that we offer our products that incorporate the open source software for no cost, that we make publicly available all or part of the source code for any modifications or derivative works we create based upon, incorporating or using the open source software, or that we license such modifications or derivative works under the terms of the particular open source license. Additionally, the AI technologies used to develop or write software used operations may be trained on data sets that include open source software or may draw from sources that might subject such software developed using AI technologies to certain license restrictions or other obligations. Additionally, if we decide to use AI technologies to develop or write software in our product offerings the AI may be trained on data sets that include open source software or may draw from sources that might subject such software developed using AI technologies to certain license restrictions or other obligations.
Companies that incorporate or use open source software in their products have, from time to time, faced claims challenging the use of open source software and compliance with open source license terms. Companies that incorporate open source software into their products have, from time to time, faced claims challenging the use of open source software and compliance with open source license terms. As a result, we could be subject to suits by parties claiming ownership of what we believe to be open source software or claiming noncompliance with open source licensing terms. While we monitor our use of open source software and try to ensure that none is used in
27
a manner that would subject our proprietary software to open source licensing terms (including requiring us to disclose our proprietary source code) or that would otherwise breach the terms of an open source agreement, we cannot guarantee that we will be successful, that all open source software is reviewed prior to use in our products, that our developers have not incorporated open source software into our products that we are unaware of or that they will not do so in the future. Further, use of open source AI technologies poses additional risks relating to the underlying training data sets, including an increased risk in intellectual property infringement or non-compliance with open source license terms as a result of such training data sets potentially derived from data sourced without permission or outside the scope of the underlying open source license.
Furthermore, there are an increasing number of open source software license types, almost none of which have been interpreted by U.S. or foreign courts, resulting in a dearth of guidance regarding the proper legal interpretation of such licenses. As a result, there is a risk that open source software licenses could be construed in a manner that imposes unanticipated conditions or restrictions on our ability to market or provide our products and services. If we are held to have breached or failed to fully comply with all the terms and conditions of an open source software license, we could face infringement claims or other liability, or be required to seek costly licenses from third parties to continue providing our offerings on terms that are not economically feasible, if at all, to re-engineer all or a portion of our products, to discontinue or delay the provision of our offerings if re-engineering could not be accomplished on a timely basis or to make generally available, in source code form, our proprietary code. If we are held to have breached or failed to fully comply with all the terms and conditions of an open source software license, we could 24 Table of Contentsface infringement claims or other liability, or be required to seek costly licenses from third parties to continue providing our offerings on terms that are not economically feasible, if at all, to re-engineer all or a portion of our products, to discontinue or delay the provision of our offerings if re-engineering could not be accomplished on a timely basis or to make generally available, in source code form, our proprietary code. Further, in addition to risks related to license requirements, use of certain open source software carries greater technical and legal risks than does the use of third-party commercial software. For example, open source software is generally provided without any support or warranties or other contractual protections regarding infringement or the quality of the code, including the existence of security vulnerabilities. To the extent that our products depend upon the successful operation of open source software, any undetected errors or defects in open source software that we use could prevent the deployment or impair the functionality of our systems and injure our reputation. To the extent that our products depends upon the successful operation of open source software, any undetected errors or defects in open source software that we use could prevent the deployment or impair the functionality of our systems and injure our reputation. In addition, the public availability of such software may make it easier for others to compromise our products. Any of the foregoing risks could materially and adversely affect our business, financial condition, and results of operations.
Our products collect and store personal data about individuals, including our customers, their visitors, and our employees, as well as other proprietary business and confidential information.
In the ordinary course of our business, we collect, store and otherwise process personal data about individuals, such as our customers, our customers’ visitors and our employees, as well as proprietary business and confidential information and intellectual property of ours and that of our customers. Additionally, we rely on third parties and their security procedures for the storage, processing, maintenance, and transmission of information that is critical to our operations. Additionally, we rely on third-parties and their security procedures for the secure storage, processing, maintenance, and transmission of information that is critical to our operations. Remote and hybrid working arrangements also increase cybersecurity risks due to the challenges associated with managing remote computing assets and security vulnerabilities that are present in many non-corporate and home networks.
Cybersecurity threats as well as the tools (including AI) used to breach security safeguards, circumvent security controls, evade detection, and remove forensic evidence, are constantly evolving and may originate from remote areas increasing the difficulty of detecting and successfully defending against them. For instance, cyber criminals or insiders may target us or third parties with which we have business relationships to gain access to data, or in a manner that disrupts our operations or compromises our products or the systems into which our products are integrated. For instance, cyber criminals or insiders may target us or third parties with which we have business relationships to obtain data, or in a manner that disrupts our operations or compromises our products or the systems into which our products are integrated. Protecting against such threats may require us to spend additional resources to further strengthen our defenses. In addition, events such as power losses, telecommunications failures, earthquakes, fires and other natural disasters could result in failures of our, or our third-party vendors’, systems.
Cybersecurity incidents affecting us or our third-party vendors can vary widely, from errors on the part of our personnel, to uncoordinated individual attempts to gain unauthorized access to IT systems, to sophisticated and targeted measures known as advanced persistent threats. Cybersecurity incidents directed at us or our third-party vendors can range from uncoordinated individual attempts to gain unauthorized access to information technology systems to sophisticated and targeted measures known as advanced persistent threats. These incidents could be caused by insiders (acting inadvertently or maliciously) or malicious third parties (including nation-states or nation-state supported actors). Attack methods can include sophisticated, targeted methods to circumvent firewalls, encryption, and other security defenses, including hacking, fraud, trickery (such as phishing or social engineering), or other forms of deception.
Despite measures designed to prevent, detect, address, and mitigate cybersecurity incidents (including our cybersecurity risk management program and processes, such as our policies, controls, or procedures), we cannot guarantee that such measures will be implemented, complied with or effective in protecting our systems and information. Incidents such as spam, spyware, ransomware, viruses, worms, malware, DDoS attacks, password attacks, impersonation of employees or officers, and other threats may nevertheless occur to us or our third-party providers and, depending on their
28
nature and scope, could potentially result in the misappropriation, destruction, corruption or unavailability of critical data and confidential or proprietary information (our own or that of third parties, including personal data of our customers, our customers’ visitors and our employees) and the disruption of our business operations.
In fact, we and our third-party vendors have experienced, and expect to continue to experience, cyber-attacks, such as through phishing scams and ransomware attempts. Although none of these actual or attempted cyber-attacks has had a material adverse impact on our operations or financial condition, we cannot guarantee that any such incidents will not have such an impact in the future.
Due to concerns about data security and integrity, a growing number of legislative and regulatory bodies have adopted breach notification and other requirements in the event that information subject to such laws is accessed by unauthorized persons and may continue to adopt additional regulations regarding the use, access, accuracy, and security of such data. For example, in the United States, we are subject to laws in all states and numerous territories that require notification of a qualifying data breach. In addition, the SEC has recently adopted rules on the Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies that enhances and standardizes disclosures for public companies with regards to their cybersecurity risk strategy, management, and governance. Complying with such numerous and complex regulations in the event of unauthorized access would be expensive and difficult, and failure to comply with these regulations could subject us to regulatory scrutiny and additional liability. See – “We are subject to government regulation and other legal obligations, particularly related to privacy, data protection, information security, and product marketing and our actual or perceived failure to comply with such obligations could harm our business.”
In addition, any actual or alleged security breaches could result in mandated user notifications, litigation (including class actions), government investigations, regulatory action, significant fines, and expenditures; divert management’s attention from operations; deter people from using our platform; damage our brand and reputation; and materially and adversely affect our business, results of operations, and financial condition. Defending against claims or litigation based on any security breach or incident, regardless of their merit, would be costly and may cause reputational harm. In addition, we may incur significant costs for remediation that may include liability for stolen assets or information, repair of system damage, and compensation to customers, employees, and business partners. The successful assertion of one or more large claims against us that exceed available insurance coverage, denial of coverage as to any specific claim, or any change or cessation in our insurance policies and coverages, including premium increases or the imposition of large deductible requirements, could have a material adverse effect on our business, results of operations, and financial condition.
Risks Related to Our Human Capital
If we do not effectively expand, train, and retain qualified sales and marketing personnel, we may be unable to acquire new customers or sell additional products to successfully pursue our growth strategy.
We depend significantly on our sales force to attract new customers and expand sales to existing customers. As a result, our ability to grow our revenue depends in part on our success in recruiting, training, and retaining sufficient numbers of sales personnel to support our growth, particularly in the United States and, to a more limited extent, internationally. As a result, our ability to grow our revenue depends in part on our success in recruiting, training and retaining sufficient numbers of sales personnel to support our growth, particularly in the United States, Europe, and, to a more limited extent, in Asia Pacific. The number of our sales and marketing personnel decreased from 139 as of December 31, 2023 to 124 as of December 31, 2024. We expect to selectively expand our sales and marketing personnel and face a number of challenges in achieving our hiring and integration goals. The number of our sales and marketing personnel increased from 19 as of December 31, 2020 to 91 as of December 31, 2021. We expect to continue to expand our sales and marketing personnel significantly and face a number of challenges in achieving our hiring and integration goals. There is intense competition for individuals with sales training and experience. In addition, the training and integration of a large number of sales and marketing personnel in a short time requires the allocation of significant internal resources. We invest significant time and resources in training new sales force personnel to understand our products, platform, and our growth strategy. Based on our past experience, it takes approximately six to 12 months before a new sales force member operates at target performance levels, depending on their role. However, we may be unable to achieve or maintain our target performance levels with large numbers of new sales personnel as quickly as we have done in the past. Our failure to hire a sufficient number of qualified sales force members and train them to operate at target performance levels may materially and adversely impact our projected growth rate.
We are dependent on the continued services and performance of our senior management and other key employees, as well as on our ability to successfully hire, train, manage, and retain qualified personnel, especially those in sales and marketing and research and development.
29
Our future performance depends on the continued services and contributions of our senior management, particularly John Kedzierski, our President and Chief Executive Officer, and other key employees to execute on our business plan and to identify and pursue new opportunities and product innovations. We do not maintain key man insurance for any of our executive officers or key employees. From time to time, there may be changes in our senior management team resulting from the termination or departure of our executive officers and key employees. Our senior management and key employees are generally employed on an at-will basis, which means that they could terminate their employment with us at any time. The loss of the services of our senior management, particularly Mr. Kedzierski and other key employees for any reason could significantly delay or prevent our development or the achievement of our strategic objectives and harm our business, financial condition, and results of operations. George, or other key employees for any reason could significantly delay or prevent our development or the achievement of our strategic objectives and harm our business, financial condition and results of operations.
Our ability to successfully pursue our growth strategy will also depend on our ability to attract, motivate, and retain our personnel, especially those in sales and marketing and research and development. We face escalating compensation demands from new and prospective employees, as well as intense competition for these employees from numerous technology, software, and other companies, especially in certain geographic areas in which we operate, and we cannot ensure that we will be able to attract, motivate and/or retain additional qualified employees in the future. If we are unable to attract new employees and retain our current employees, we may not be able to adequately develop and maintain new products, or market our existing products at the same levels as our competitors, which may lead us to lose customers and market share. Our failure to attract and retain personnel, especially those in sales and marketing, research and development, and engineering positions, could have an adverse effect on our ability to execute our business objectives. Even if we are able to identify and recruit a sufficient number of new hires, these new hires will require significant training before they achieve full productivity and they may not become productive as quickly as we would like, or at all. Any of these factors may adversely impact our ability to compete and cause our revenue to decrease and our operating results to suffer.
Risks Related to Our Intellectual Property
Our intellectual property rights are valuable and any inability to protect our proprietary technology and intellectual property rights could substantially harm our business and operating results.
Our future success and competitive position depend in part on our ability to protect our intellectual property and proprietary technologies. To safeguard these rights, we rely on a combination of patent, trademark, copyright, and trade secret laws and contractual protections in the United States and other jurisdictions, all of which provide only limited protection and may not now or in the future provide us with a competitive advantage. We maintain a program of identifying technology appropriate for patent protection. Our practice is to require employees and consultants to execute non-disclosure and proprietary rights agreements upon commencement of employment or consulting arrangements. Where applicable, these agreements acknowledge our exclusive ownership of, and assign to us, all intellectual property developed by such individuals or third parties in connection with their work for us and require that all proprietary information disclosed to them by us (or on our behalf) will remain confidential. Such agreements may not be enforceable in full or in part in all jurisdictions and any breach could have a negative effect on our business and our remedy for such breach may be limited. See – “Confidentiality arrangements with employees and others may not adequately prevent disclosure of trade secrets and other proprietary information.”
As of March 26, 2025, we own or co-own nine issued U.S. patents and 27 issued foreign patents and have 21 pending or allowed patent applications relating to our products. It cannot be certain that any patents will issue from any patent applications, that patents that issue from such applications will give us the protection that we seek or that any such patents will not be challenged, invalidated, or circumvented. Any patents that may issue in the future from our pending or future patent applications may not provide sufficiently broad protection and may not be enforceable in actions against alleged infringers. Further, our use of AI technologies in connection with the creation or development of intellectual property may present challenges in asserting ownership over the resulting output given the position of courts and intellectual property offices in the U.S. and in some other jurisdictions that sufficient human inventorship is required for patent protection of an AI-generated invention and sufficient human authorship is required for copyright protection of an AI-generated work of authorship. Additionally, inventions or works of authorship created through the use of AI may be based or rely on, or contain, materials that were used in the training of such AI technologies and which are subject to third-party intellectual property, which could further limit our ability to obtain intellectual property protection in such inventions or works of authorship.
We have registered the Evolv®, Evolv Technology®, Evolv Express®, Evolv Insights®, Evolv Cortex AI®, and Evolv Edge® trademarks in the United States and certain other countries. We also have registrations and/or pending
30
applications for additional marks in the United States and other countries. We cannot be certain that any pending or future applications will issue as registered trademarks or that any registered trademarks will be enforceable or provide adequate protection of our proprietary rights.
If we are unable to maintain sufficient intellectual property protection for our proprietary technologies or if the scope of the intellectual property protection obtained is not sufficiently broad, our competitors and other third parties could develop and commercialize technologies similar or identical to ours, and our ability to successfully commercialize our technologies may be impaired.
The steps we take to protect our intellectual property may be inadequate to prevent infringement, misappropriation, or other violations of our intellectual property rights.While we take steps to protect our intellectual property, the steps we take may be inadequate to prevent infringement, misappropriation or other violations of our intellectual property rights. We will not be able to protect our intellectual property if we are unable to enforce our rights or if we do not detect unauthorized use of our intellectual property. Any of our patents or other intellectual property rights may be challenged by others or invalidated through administrative process or litigation. Furthermore, legal standards relating to the validity, enforceability, and scope of protection of intellectual property rights are uncertain. Some license provisions protecting against unauthorized use, copying, transfer, and disclosure of our offerings may be unenforceable under the laws of certain jurisdictions and foreign countries. In addition, the laws of some countries do not protect proprietary rights to the same extent as the laws of the United States, and mechanisms for enforcement of intellectual property rights in some foreign countries may be inadequate. Changes in the law or adverse court rulings may also negatively affect our ability to prevent others from using our technology. To the extent we expand our international activities, our exposure to unauthorized copying and use of our technology and proprietary information may increase.
We may be required to spend significant resources to monitor and protect our intellectual property rights. From time to time, legal action by us may be necessary to enforce our patents and other intellectual property rights (including to protect our trade secrets), to protect our trade secrets, to determine the validity and scope of the intellectual property rights of others or to defend against claims of infringement or invalidity. From time to time, legal action by us may be necessary to enforce our patents and other intellectual property rights, to protect our trade secrets, to determine the validity and scope of the intellectual property rights of others or to defend against 26 Table of Contentsclaims of infringement or invalidity. Such litigation could result in substantial costs and diversion of resources and could negatively affect our business, operating results, and financial condition. Furthermore, our efforts to enforce our intellectual property rights may be met with defenses, counterclaims, and countersuits attacking the validity and enforceability of our intellectual property rights.
Any such significant impairment of our intellectual property rights or our inability to protect our proprietary technology against unauthorized copying or use, as well as any costly litigation, could delay further sales or the implementation of our products and offerings, impair the functionality of our products and offerings, delay introductions of new features or enhancements, result in our substituting inferior or more costly technologies into our products and offerings, or injure our reputation.
Assertions by third parties of infringement or other violations by us of their intellectual property rights, whether or not correct, could result in significant costs and harm to our business and operating results.
Third parties may in the future assert claims of infringement, misappropriation, or other violations of intellectual property rights against us. There can be no assurance that we will not be found to infringe or otherwise violate any third-party intellectual property rights or to have done so in the past.
If we are not successful in defending any such claims, we may be required to:
•pay substantial damages, including treble damages, if we are found to have willfully infringed a third party’s patents or copyrights;
•make substantial payments for legal fees, settlement payments or other costs or damages;
•cease selling, making, licensing, or using products that are alleged to infringe or misappropriate the intellectual property of others;
•expend additional development resources to attempt to redesign our products or otherwise develop non-infringing technology, which may not be successful;
•enter into potentially unfavorable royalty or license agreements to obtain the right to use necessary technologies or intellectual property rights (which may be unavailable on terms acceptable to us, or at all,
31
may require significant royalty payments and other expenditures and may be non-exclusive, and therefore our competitors may have access to the same technology licensed to us);
•defend against any allegations of infringement; and
•indemnify our partners and other third parties.
Third parties may also assert claims against our customers or reseller partners, whom we typically indemnify, that our products infringe, misappropriate, or otherwise violate the intellectual property rights of such third parties. They may also assert such claims against our customers or reseller partners, whom we typically indemnify against claims that our products infringe, misappropriate or otherwise violate the intellectual property rights of third parties. As the number of products and competitors in our market increase and overlaps occur, claims of infringement, misappropriation, and other violations of intellectual property rights may increase. Furthermore, future assertions of patent rights by third parties, and any resulting litigation, may involve patent holding companies or other adverse patent owners who have no relevant product revenues and against whom our own patents may therefore provide little or no deterrence or protection.Future assertions of patent rights by third parties, and any resulting litigation, may involve patent holding companies or other adverse patent owners who have no relevant product revenues and against whom our own patents may therefore provide little or no deterrence or protection. In addition, the use of AI technologies in our operations may result in claims by third parties of infringement, misappropriation or other violations of intellectual property, including based on the use of large datasets to train the AI technologies, or the use of output generated by AI technologies, in either case which may contain or be substantially similar to third-party material protected by intellectual property, including patents, copyrights or trademarks.
In addition, royalty or licensing agreements, if required or desirable, may be unavailable on terms acceptable to us, or at all, and may require significant royalty payments and other expenditures. Some licenses may also be non-exclusive, and therefore our competitors may have access to the same technology licensed to us. Any of the foregoing events could seriously harm our business, financial condition, and results of operations.
Even if the claims do not result in litigation or are resolved in our favor, these claims, and the time and resources necessary to resolve them, could divert the resources of our management and harm our business and operating results. Moreover, there could be public announcements of the results of hearings, motions, or other interim proceedings or developments and if securities analysts or investors perceive these results to be negative, it could have a substantial adverse effect on the price of our ordinary shares. Moreover, there could be public announcements of the results of hearings, motions or other interim proceedings or 27 Table of Contentsdevelopments and if securities analysts or investors perceive these results to be negative, it could have a substantial adverse effect on the price of our ordinary shares. We expect that the occurrence of infringement claims is likely to grow as the market for our products and solutions grows. Accordingly, our exposure to damages resulting from infringement claims could increase and this could further exhaust our financial and management resources.
Confidentiality arrangements with employees and others may not adequately prevent disclosure of trade secrets and other proprietary information.
We have devoted substantial resources to the development of our technology, business operations, and business plans. We cannot guarantee that we have entered into confidentiality arrangements with each party that may have or has had access to our trade secrets or proprietary technology and processes. However, we cannot guarantee that we have entered into such agreements with each party that may have or has had access to our trade secrets or proprietary technology and processes. These efforts may also not be effective to prevent disclosure of confidential information, including trade secrets, and may not provide an adequate remedy in the event of unauthorized disclosure of confidential information. Further, despite these efforts, these arrangements may not be effective to prevent disclosure of confidential information, including trade secrets, and may not provide an adequate remedy in the event of unauthorized disclosure of confidential information. For example, our employees or others with whom we have shared confidential information or trade secrets could input such information into AI applications, resulting in such information becoming accessible by third parties, including our competitors or in a loss of trade secret status of such information. Unauthorized parties may also attempt to copy or reverse engineer certain aspects of our technologies that we consider proprietary. In addition, if others independently develop equivalent knowledge, methods, and know-how, we would not be able to assert trade secret rights against such parties, and our competitive position could be materially and adversely harmed. In addition, if others independently develop equivalent knowledge, methods and know-how, we would not be able to assert trade secret rights against such parties. Monitoring unauthorized uses and disclosures is difficult, and we do not know whether the steps we have taken to protect our proprietary information will be effective.
Moreover, enforcing a claim that a party illegally disclosed or misappropriated a trade secret are difficult, expensive, time-consuming, and the outcome is unpredictable. In addition, effective trade secret protection may not be available in every country in which our products are available or where we have employees or independent contractors as some courts inside and outside the United States are less willing or unwilling to protect trade secrets. In addition, any changes in, or unexpected interpretations of, the trade secret and employment laws in any country in which we operate may compromise our ability to enforce our trade secret and intellectual property rights. Costly and time-consuming litigation could be necessary to enforce and determine the scope of our proprietary rights, and failure to obtain or maintain trade secret protection could adversely affect our competitive business position.
Legal and Regulatory Risks
32
We are subject to government regulation and other legal obligations, particularly related to privacy, data protection, information security, and product marketing and our actual or perceived failure to comply with such obligations could harm our business.
We, our reseller partners, and our customers are subject to a number of domestic and international laws and regulations that apply to the processing of certain types of information as well as cloud services and the internet generally.We, our reseller partners and our customers are subject to a number of domestic and international laws and regulations that apply to cloud services and the internet generally. These laws, rules, and regulations address a range of issues including data privacy and cyber security, breach notification and restrictions or technological requirements regarding the processing of personal data. The regulatory framework for online services, data privacy and cybersecurity issues worldwide can vary substantially from jurisdiction to jurisdiction, is rapidly evolving and is likely to remain uncertain for the foreseeable future. The regulatory framework for online services, data privacy and cyber security issues worldwide can vary substantially from jurisdiction to jurisdiction, is rapidly evolving and is likely to remain uncertain for the foreseeable future. New laws and regulations that apply to our business are being introduced at every level of government in the United States, as well as internationally. As we seek to expand our business, we are, and may increasingly become subject to various laws, regulations, and standards in the jurisdictions in which we operate, and may be subject to contractual obligations relating to data privacy and security in the jurisdictions in which we operate. As we seek to expand our business, we are, and may increasingly become subject to various laws, regulations, and standards, and may be subject to contractual obligations relating to data privacy and security in the jurisdictions in which we operate.
For example, in the United States, there are numerous data privacy and security laws, rules, and regulations governing the collection, use, disclosure, retention, security, transfer, storage, and other processing of personal data (as defined in such laws), including state data privacy laws, state data breach notification laws, and federal and state consumer protection laws. The U.S. Federal Trade Commission ("FTC") and many state attorneys general are interpreting federal and state consumer protection laws to impose standards for the online collection, use, dissemination, and security of data. Such standards require us to publish statements that describe how we handle personal data and choices individuals may have about the way we handle their personal data. If such information that we publish is considered untrue or inaccurate, we may be subject to claims of unfair or deceptive trade practices, which could lead to significant liabilities and consequences. If such information that we publish is considered untrue or inaccurate, we may be subject to government claims of unfair or deceptive trade practices, which could lead to significant liabilities and consequences. Moreover, according to the FTC, violating consumers’ privacy rights or failing to take appropriate steps to keep consumers’ personal data secure may constitute unfair or deceptive acts or practices in or affecting commerce in violation of Section 5(a) of the Federal Trade Commission Act. Moreover, according to the FTC, violating consumers’ privacy rights or failing to take appropriate steps to keep consumers’ personal data secure may constitute unfair acts or practices in or affecting commerce in violation of Section 5(a) of the Federal Trade Commission Act. State consumer protection laws provide similar causes of action for unfair or deceptive practices.
Our failure, or perceived failure, to comply fully with developing interpretations of AI laws and regulations or meet evolving and varied stakeholder expectations and industry standards, could harm our business, reputation, financial condition and results of operation.
Further, some laws may require us to notify governmental authorities and/or affected individuals of data breaches involving certain personal data or other unauthorized or inadvertent access to or disclosure of such information.In addition, some laws may require us to notify governmental authorities and/or affected individuals of data breaches involving certain personal information or other unauthorized or inadvertent access to or disclosure of such information. For example, laws in all 50 U.S. states may require businesses to provide notice to consumers whose personal data has been disclosed as a result of a data breach. These laws are not consistent, and compliance in the event of a widespread data breach may be difficult and costly. Any actual or perceived security breach could harm our reputation and brand, expose us to potential liability or require us to expend significant resources.
Internationally, virtually every jurisdiction in which we operate, have customers or have prospective customers has established its own data security and privacy legal frameworks with which we, our reseller partners or our customers must comply.Internationally, virtually every jurisdiction in which we operate and has customers and/or have prospective customers to which we market has established its own data security and privacy legal frameworks with which we, our reseller partners or our customers must comply.
For example, in the European Union, the GDPR imposes requirements on controllers and processors of personal data, including, for example, higher standards for obtaining consent from individuals to process their personal data, more robust disclosures to individuals, a strong individual rights regime, shortened timelines for data breach notifications and restrictions on the transfer of personal data outside of the European Economic Area. Following its departure from the European Union, the United Kingdom has adopted a separate regime based on the GDPR (“UK GDPR”) that imposes similarly onerous requirements. Companies that violate the EU or UK regime can face regulatory investigations, private litigation, prohibitions on data processing, and fines. Other EU and UK data protection laws and evolving regulatory guidance restrict the ability of companies to market electronically, including through the use of cookies and similar technologies, and companies are increasingly subject to strict enforcement action including fines for noncompliance.
Certain data privacy legislation restricts the cross-border transfer of personal data and some countries introduced data localization into their laws. Specifically, the GDPR, the UK GDPR and other European and UK data protection laws generally prohibit the transfer of personal data from Europe, including the European Economic Area, United Kingdom and Switzerland, to third countries, unless the transfer is to a country deemed to provide adequate protection or the parties to the transfer have implemented specific safeguards to protect the transferred personal data. European case law and guidance
33
have imposed additional onerous requirements in relation to data transfers, and we expect the existing legal complexity and uncertainty regarding international personal data transfers to continue in Europe and globally. If we do not implement the relevant transfer mechanism to transfer personal data, we may violate or infringe data privacy legislation requirements, and we may be exposed to regulatory proceedings or litigation and increased exposure to fines, penalties, or commercial liabilities, as well as reputational damages.
We strive to comply with all applicable laws, policies, legal obligations relating to privacy and data protection to the extent possible.We strive to comply with all applicable laws, policies, legal obligations and industry codes of conduct relating to privacy and data protection to the extent possible. Because the interpretation and application of privacy and data protection laws are still uncertain, it is possible that these laws may be interpreted and applied in a manner that is inconsistent from one jurisdiction to another, and which makes our compliance requirements and the enforcement of those requirements ambiguous, uncertain, and potentially inconsistent. Because the interpretation and application of privacy and data protection laws are still uncertain, it is possible that these laws may be interpreted and applied in a manner that is inconsistent from one jurisdiction to another or with our existing practices or the features of our products and may conflict with other rules or regulations, making enforcement, and thus compliance requirements, ambiguous, uncertain, 33 Table of Contentsand potentially inconsistent. Any significant change to applicable laws, regulations or industry practices, or how each is interpreted, regarding the use or disclosure of personal data, or regarding the manner in which the express or implied consent of customers for the use and disclosure of personal data is obtained, could require us to modify our products and features, possibly in a material manner and subject to increased compliance costs, which may limit our ability to develop new products and features that make use of the personal data that our customers voluntarily share. Any significant change to applicable laws, regulations or industry practices regarding the use or disclosure of personal information, or regarding the manner in which the express or implied consent of customers for the use and disclosure of personal information is obtained, could require us to modify our products and features, possibly in a material manner and subject to increased compliance costs, which may limit our ability to develop new products and features that make use of the personal information that our customers voluntarily share. Any failure or perceived failure by us to comply with our privacy policies, privacy-related obligations to customers or other third parties, or our privacy-related legal obligations, or any compromise of security that results in the unauthorized access to or unintended release or access of personal data or other customer data, may result in governmental enforcement actions, litigation, or public statements against us by consumer advocacy groups or others. Any failure or perceived failure by us to comply with our privacy policies, privacy-related obligations to customers or other third parties, or our privacy-related legal obligations, or any compromise of security that results in the unauthorized access to or unintended release of personally identifiable information or other customer data, may result in governmental enforcement actions, litigation, or public statements against us by consumer advocacy groups or others. Any of these events could cause us to incur significant costs in investigating and defending such claims and, if found liable, pay significant fines or damages. Further, these proceedings and any subsequent adverse outcomes may cause our customers to lose trust in us, which could have an adverse effect on our reputation and business.
We may also be subject to claims of liability or responsibility for the actions of third parties with whom we interact or upon whom we rely in relation to various products, including but not limited to vendors and business partners. We may also be subject to claims of liability or responsibility for the actions of third parties with whom we interact or upon whom it relies in relation to various products, including but not limited to vendors and business partners. If so, in addition to the possibility of fines, lawsuits and other claims, we could be required to fundamentally change our business activities and practices or modify our products, which could have an adverse effect on our business. Any inability to adequately address privacy and/or data concerns, even if unfounded, or comply with applicable privacy or data protection laws, regulations, and policies, could result in additional cost and liability to us, damage our reputation, inhibit sales and adversely affect our business.
The costs of compliance with, and other burdens imposed by, the laws, rules, regulations, and policies that are applicable to the businesses of our customers may limit the use and adoption of, and reduce the overall demand for, our product.The costs of compliance with, and other burdens imposed by, the laws, rules, regulations and policies that are applicable to the businesses of our customers may limit the use and adoption of, and reduce the overall demand for, our software. Even the perception of privacy or discrimination concerns, whether or not valid, may harm our reputation, inhibit adoption of our products by current and future customers, or adversely impact our ability to attract and retain workforce talent. Even the perception of privacy concerns, whether or not valid, may harm our reputation, inhibit adoption of our products by current and future customers, or adversely impact our ability to attract and retain workforce talent. Our failure to comply with applicable laws and regulations, or to protect data governed by applicable laws, could result in enforcement action against us, including fines, imprisonment of company officials and public censure, claims for damages by customers and other affected individuals, damage to our reputation and loss of goodwill (both in relation to existing customers and prospective customers), any of which could have a material adverse effect on our operations, financial performance and business. Our failure to comply with applicable laws and regulations, or to protect such data, could result in enforcement action against us, including fines, imprisonment of company officials and public censure, claims for damages by customers and other affected individuals, damage to our reputation and loss of goodwill (both in relation to existing customers and prospective customers), any of which could have a material adverse effect on our operations, financial performance and business. We may also have costs associated with engaging with stakeholders, including investors, insurance providers, and other capital providers, on such issues.
Our operating results may be harmed if we are required to collect sales and use or other related taxes for our products in jurisdictions where it has not historically done so.
Taxing jurisdictions, including state, local, and foreign taxing authorities, have differing rules and regulations governing sales and use or other taxes, and these rules and regulations are subject to varying interpretations that may change over time.Taxing jurisdictions, including state, local and foreign taxing authorities, have differing rules and regulations governing sales and use or other taxes, and these rules and regulations are subject to varying interpretations that may change over time. In particular, significant judgment is required in evaluating our tax positions and our worldwide provision for taxes. While we believe that we are in material compliance with our obligations under applicable taxing regimes, one or more states, localities, or countries may seek to impose additional sales or other tax collection obligations on us, including for past sales by us or our reseller partners. It is possible that we could face sales tax audits and that such audits could result in tax-related liabilities for which it has not accrued. A successful assertion that it should be collecting additional sales or other taxes on our products in jurisdictions where it has not historically done so and do not accrue for sales taxes could result in substantial tax liabilities for past sales, discourage customers from purchasing our products or otherwise harm our business and operating results.
In addition, our tax obligations and effective tax rates could be adversely affected by changes in the relevant tax, accounting and other laws, regulations, principles and interpretations (such as the recent United States Inflation Reduction
34
Act which, among other changes, introduced a 15% corporate minimum tax on certain United States corporations and a 1% excise tax on certain stock redemptions by United States corporations), including those relating to income tax nexus, jurisdictional mix of profits at varying statutory tax rates, by changes in foreign currency exchange rates, or by changes in the valuation of our deferred tax assets and liabilities. Although we believe our tax estimates are reasonable, the final determination of any tax audits or litigation could be materially different from our historical tax provisions and accruals, which could have a material adverse effect on our operating results or cash flows in the period or periods for which a determination is made. For example, in 2021 we established a new wholly owned subsidiary of Evolv Technologies Holdings, Inc., Give Evolv LLC, a Delaware limited liability company, to (1) promote our core mission in locations that might not otherwise be able to afford our weapons detection security screening systems and related products and services, (2) make public venues and institutions safer for all patrons, students, visitors, and other attendees, and (3) carry out charitable efforts consistent with the foregoing mission, for which historical tax data does not exist.
Failure to comply with applicable anti-corruption legislation, export controls, economic sanctions and other governmental laws and regulations could result in fines and criminal penalties and materially adversely affect our business, financial condition, and results of operations.
We are required to comply with anti-corruption and anti-bribery laws in the jurisdictions in which we operate, including the FCPA in the United States, the Bribery Act, and other similar laws in other countries in which we do business.We are required to comply with anti-corruption and anti-bribery laws in the jurisdictions in which we operate, including the Foreign Corrupt Practices Act, or FCPA, in the United States, the UK Bribery Act, or the Bribery Act, and other similar laws in other countries in which we do business. The FCPA prohibits us or any third party acting on our behalf from corruptly promising, authorizing, making, offering, or providing anything of value to foreign officials for the purposes of obtaining or retaining business or securing any improper business advantage. The FCPA prohibits us or any third party acting on our behalf from promising, authorizing, making, offering, or providing anything of value to foreign officials for the purposes of obtaining or retaining business or securing any improper business advantage. The FCPA further requires us to keep and maintain books and records that accurately reflect transactions and dispositions of assets and to maintain a system of internal accounting controls. The Bribery Act also prohibits “commercial” bribery not involving foreign officials, facilitation payments, and the receipt of bribes, while providing a defense to a charge of failure to prevent bribery to companies that demonstrate they had in place adequate procedures to prevent bribery. The Bribery Act also prohibits “commercial” bribery not involving foreign officials, facilitation payments, the receipt of bribes, and requires companies to implement adequate procedures to prevent bribery. We may deal with both governments and state-owned business enterprises, the employees of which are considered foreign officials for purposes of the FCPA. Some of the international locations in which we will operate have developing legal systems and may have higher levels of corruption than more developed nations. As a result of doing business in foreign countries, including through reseller partners and agents, we will be exposed to a risk of violating anti-corruption laws.
We are also required to comply with applicable export controls and economic and trade sanctions laws and regulations, such as those administered and enforced by OFAC, the U.S. Department of State, and the U.S. Department of Commerce. Our global operations expose us to the risk of violating or being accused of violating these laws.
Our policies or procedures may not work effectively at all times or protect us against liability under these or other laws for actions taken by our employees, reseller partners, and other third parties who are acting on our behalf with respect to our business. If we are not in compliance with anti-corruption laws and other laws governing the conduct of business with government entities and/or officials (including local laws) or export controls and economic and trade sanction laws and regulations, we may be subject to criminal and civil penalties and other remedial measures, which could harm our business, financial condition, results of operations, cash flows, and prospects. If we are not in compliance with anti-corruption laws and other laws governing the conduct of business with government entities and/or officials (including local laws), we may be subject to criminal and civil penalties and other remedial measures, which could harm our business, financial condition, results of operations, cash flows and prospects. In addition, investigations of any actual or alleged violations of such laws or policies related to us could harm our business, financial condition, results of operations, cash flows, and prospects.
We are and may in the future be subject to legal proceedings, claims and investigations in or outside the ordinary course of business.
We are, and may in the future become, subject to various legal proceedings, claims and investigations that arise in or outside the ordinary course of business as discussed in Part I, Item 3, "Legal Proceedings" and Note 20 (Commitments and Contingencies) to our consolidated financial statements for the year ended December 31, 2024. In addition, securities class action litigation has often been brought against a company following a decline in the market price of its securities or the completion of a merger. We may be the target of this type of litigation in the future. These proceedings, as well as any pending or future government investigation or proceeding may result in substantial costs or liabilities, as well as a diversion of management’s attention and resources, which could harm our business, result in a decline in the market price of our common stock and impact our financing efforts. If we fail to anticipate market requirements or fail to develop and introduce product enhancements or new products to meet those needs in a timely manner, it could cause us to lose existing customers and prevent us from gaining new customers, which would significantly harm our business, financial condition and results of operations.
The potential costs and liabilities associated with legal proceedings, claims and investigations involving us or members of our leadership team is uncertain, and the results of such legal proceedings, claims and investigations cannot be predicted with certainty. Lawsuits and other administrative or legal proceedings that may arise can involve substantial
35
costs, including the costs associated with investigation, litigation and possible settlement, judgment, penalty or fine. In addition, lawsuits and other legal proceedings may be time consuming to defend or prosecute and may require a commitment of management and personnel resources that will be diverted from our normal business operations. In addition, the rate at which our customers purchase additional products depends on a number of factors, including the perceived need for additional touchless security screening solutions as well as general economic conditions. Also, our insurance coverage may be insufficient, our assets may be insufficient to cover any amounts that exceed our insurance coverage, and we may have to pay damage awards or otherwise may enter into settlement arrangements in connection with such claims. We may also be subject to fines or penalties that are not covered by insurance. Moreover, we may be unable to continue to maintain our existing insurance at a reasonable cost, if at all, or to secure additional coverage, which may result in costs associated with lawsuits and other legal proceedings being uninsured. As we seek to expand our business, we are, and may increasingly become subject to various laws, regulations, and standards, and may be subject to contractual obligations relating to data privacy and security in the jurisdictions in which we operate. Any such payments or settlement arrangements in current or future litigation could have a material adverse effect on our business, operating results or financial condition. Even if the plaintiffs’ claims are not successful, current or future litigation could result in substantial costs and significantly and adversely impact our reputation and divert management’s attention and resources, which could have a material adverse effect on our business, operating results and financial condition, and negatively affect the price of our common stock. Our failure to design and maintain effective internal control over financial reporting could result in errors in our consolidated financial statements that could result in a restatement of our financial statements, and could cause us to fail to meet our reporting obligations, any of which could diminish investor confidence in us and cause a decline in the price of our common stock. In addition, such lawsuits may make it more difficult to finance our operations.
Furthermore, the marketing and sale of our products are also subject to extensive regulation by various federal agencies, including the FTC, as well as various other federal, state, provincial, local, and international regulatory authorities in the countries in which our products are distributed or sold and industry codes of conduct. From time to time, we receive government regulatory inquiries and requests for information and our approach is to be cooperative and educate the requesting government bodies about our company and products. For example, on October 12, 2023, the Company announced that the U.S. Federal Trade Commission (the “FTC”) had requested information about certain aspects of its marketing practices. The Company reached a settlement with the FTC and on December 5, 2024, a Stipulated Order for Permanent Injunction and Other Relief (the “Order”) was entered in the United States District Court for the District of Massachusetts Eastern Division. The Order (i) required that we permit a limited cohort of school customers to cancel their contracts, (ii) required that we take certain compliance actions and meet record keeping obligations, and (iii) enjoined we from making misleading or unsubstantiated marketing claims. The Order did not include any monetary relief. The period during which eligible customers could have cancelled closed on March 30, 2025. Any inability to adequately comply with the terms of the Order could result in enforcement actions or penalties imposed by the FTC. As previously disclosed, in February 2024, the Company received a subpoena from the Division of Enforcement of the Securities and Exchange Commission, requesting documents and information relating to certain aspects of the Company’s marketing practices, and the Company has since received additional related requests. The Company is cooperating with the SEC’s investigation. For more detailed discussion, see Note 20 (Commitments and Contingencies) to our consolidated financial statements for the year ended December 31, 2024 for additional information.
In September 2024, the Company commenced an investigation of the Company’s sales practices, including whether certain sales of products and subscriptions to channel partners and end users were subject to extra-contractual terms and conditions that impacted revenue recognition and other metrics, and if so, when senior Company personnel became aware of these issues (referred to in the “Explanatory Note” preceding Item 1, Business as the Investigation). In November 2024, the Company self-reported the Investigation to the Division of Enforcement of the SEC. The Company has since received requests for documents and information from the SEC relating to this matter. The Company received a voluntary document request from the U.S. Attorney’s Office of the Southern District of New York relating to these same issues and has since received additional requests for documents and information relating to this matter. The Company is cooperating with these inquiries. See also Note 20 (Commitments and Contingencies) to our consolidated financial statements for the year ended December 31, 2024 for additional information.
We can offer no assurances as to the outcome of these inquiries or their potential effect, if any, on us or our results of operations. Any inability to adequately address the FTC or the SEC's concerns or comply with applicable laws, regulations, and policies, could result in litigation, enforcement actions or significant penalties or claims, which could, in turn, divert financial and management resources, damage our reputation, inhibit sales, and otherwise adversely affect our business. Any resolution or litigation with the SEC or other parties could ultimately result in monetary and/or injunctive relief that may impose costs on us and/or require us to make changes to our business practices and marketing activities and could adversely impact our customer relationships. In addition to the possibility of fines, injunctive relief, lawsuits and other claims, as a result of any pending or any future regulatory enforcement proceedings or inquiries we could be required to fundamentally change our business practices. Responding to these or other investigations alone can be costly and time-consuming. Any of these events could materially adversely affect our operating results and financial condition. Any of the foregoing risks could materially and adversely affect our business, financial condition and results of operations.
We are and may in the future be subject to litigation and regulatory examinations, investigations, proceedings or orders as a result of or relating to the Investigation and our failure to timely file our periodic reports with the SEC.
36
As a result of the misstatements and related material weaknesses, as described above in the Explanatory Note, we are and may in the future become subject to enforcement proceedings brought by the SEC or other regulatory or governmental authorities as a result of the events leading to our internal investigation, the misstatements or the related restatement, and actions and proceedings could also be brought against our current and former employees, officers, or directors. Additionally, a shareholder derivative lawsuit was filed against us alleging that we violated federal securities laws by making false or misleading statements relating to the effectiveness of certain products and our revenue recognition following the announcement of the Investigation and related restatement and we have an additional securities class action lawsuit and shareholder derivative lawsuit based on the same allegations. These actions, lawsuits or other legal proceedings related to the misstatements or the restatement and our failure to timely file our periodic reports with the SEC could result in reputational harm, additional defense and other costs, regardless of the outcome of the lawsuit or proceeding. Our management has devoted and may be required to devote significant time and attention to these matters. If we do not prevail in any such lawsuit or proceeding, we could be subject to substantial damages or settlement costs, criminal and civil penalties and other remedial measures, including, but not limited to, injunctive relief, disgorgement, civil and criminal fines and penalties. In addition, we continue to be at risk for loss of investor confidence, loss of key employees, changes in management or our board of directors and other reputational issues, all of which could have a material adverse effect on our business, financial position and results of operations. Additionally, while we cannot estimate our potential exposure to these matters at this time, we have already expended a significant amount of time and resources investigating the claims underlying and defending these matters and expect to continue to need to expend our resources to conclude these matters. Although we maintain information technology measures designed to protect us against intellectual property theft, data breaches and other cyber incidents, such measures will require updates and improvements, and we cannot guarantee that such measures will be adequate to detect, prevent or mitigate cyber incidents. For further information, see Part I, Item 3, "Legal Proceedings" and Note 20 (Commitments and Contingencies) to our consolidated financial statements for the year ended December 31, 2024.
Risks Related to Our Financial Condition and Liquidity
There are risks related to our ability to utilize net operating loss carryforwards as well as research and development tax credit carryforwards to offset future taxable income or tax liabilities.
As of December 31, 2024, we had federal net operating loss carryforwards of $20.1 million, which begin to expire in 2033. These losses were generated before 2018 and are subject to a 20-year carryforward period under the tax rules in effect at that time. We also had federal net operating loss carryforwards of $203.3 million as of December 31, 2024, which do not expire but are generally limited to offsetting up to 80% of taxable income in any given year. These amounts were generated after 2017 and are subject to the provisions of the Tax Cuts and Jobs Act, which eliminated the expiration period but imposed a limitation on usage.
We had state net operating loss carryforwards of $201.1 million as of December 31, 2024 which may be available to offset future state taxable income and which begin to expire in 2033, depending on jurisdiction-specific rules. Additionally, as of December 31, 2024, we had United Kingdom net operating loss carryforwards of approximately $1.7 million which do not expire under current UK tax law.
As of December 31, 2024, we had gross U.S. federal and state research and development and other tax credit carryforwards of $2.4 million and $1.5 million, respectively, which may be available to offset future tax liabilities and the majority of which begin to expire in 2033 and 2030, respectively.
Utilization of the U.S. federal and state net operating loss carryforwards and research and development tax credit carryforwards may be subject to a substantial annual limitation under Sections 382 and 383 of the Internal Revenue Code of 1986, and corresponding provisions of state law, due to ownership changes that have occurred previously or that could occur in the future. These ownership changes may limit the amount of carryforwards that can be utilized annually to offset future taxable income or tax liabilities. In general, an ownership change, as defined by Section 382, results from transactions increasing the ownership of certain stockholders or public groups in the stock of a corporation by more than 50% over a three-year period. If we have experienced a change of control, as defined by Section 382, at any time since inception, utilization of the net operating loss carryforwards or research and development tax credit carryforwards would be subject to an annual limitation under Section 382, which is determined by first multiplying the value of our stock at the time of the ownership change by the applicable long-term tax-exempt rate, and then could be subject to additional adjustments. Any limitation may result in the expiration of a portion of the net operating loss carryforwards or research and development tax credit carryforwards before utilization.
Refer to Note 17 “Income Taxes” in the notes to the consolidated financial statements in this Form 10-K for additional information.
37
We may require additional capital to support business growth, and this capital might not be available on acceptable terms, if at all.
We intend to continue to make investments to support our business growth and may require additional funds to respond to business challenges, including the need to develop new features or enhance our products, improve our operating infrastructure, or acquire complementary businesses and technologies. Accordingly, we may need to engage in equity or debt financings to secure additional funds. If we raise additional funds through future issuances of equity or convertible debt securities, our existing stockholders could suffer significant dilution, and any new equity securities we issue could have rights, preferences, and privileges superior to those of holders of our common stock. Any debt financing that we may secure in the future could involve restrictive covenants relating to our capital raising activities and other financial and operational matters, which may make it more difficult for us to obtain additional capital and to pursue business opportunities, including potential acquisitions. We may not be able to obtain additional financing on terms favorable to it, if at all. Additionally, events related to the Investigation may expose us to higher interest rates for additional indebtedness, whether as a result of credit rating downgrades or otherwise, and could restrict our ability to obtain additional or replacement financing on acceptable terms or at all. If we are unable to obtain adequate financing or financing on terms satisfactory to it when we require it, our ability to continue to support our business growth and to respond to business challenges could be significantly impaired, and our business may be adversely affected.
Risks Related to Our Common Stock and Warrants
The market price of our common stock and warrants has been highly and may continue to be highly volatile, and you may lose some or all of your investment.
The trading price of our common stock as well as warrants has been highly volatile since their initial listing on the Nasdaq and may continue to fluctuate widely in response to a variety of factors, including the following:
•actual or anticipated fluctuations in our financial condition and results of operations;
•the financial projections we may provide to the public, any changes in these projections or our failure to meet these projections;
•failure of securities analysts to initiate or maintain coverage of our company, changes in financial estimates or ratings by any securities analysts who follow our company, or our failure to meet these estimates or the expectations of investors;
•changes in financial markets, macroeconomic conditions, or global instability;
•changes in market valuations of similar companies;
•the impact of a pandemic, epidemic or a similar future outbreak of disease or public health concern on our business;
•competition in our industry, our ability to grow and manage growth profitability, and retain our key employees;
•lawsuits threatened or filed against us;
•anticipated or actual changes in laws, or regulations or government policies applicable to our business;
•announcements that our previously issued financial statements cannot be relied upon or that our financial statements must be restated;
•delays in the filing of our required SEC reports;
•the announcement of restructuring activities;
•changes in executive leadership;
38
•increases in compliance or enforcement inquiries and government inquiries or investigations (such as the ongoing SEC matter and enforcement of the FTC Order);
•risks related to the organic and inorganic growth of our business and the timing of expected business milestones;
•short sales, hedging, and other derivative transactions involving our common stock; and
•the other factors described in this "Risk Factors" section of this Annual Report on Form 10-K.
Furthermore, short sellers or those that directly or indirectly assist short sellers may attempt to engage in manipulative activity intended to drive down the market price of a target company's stock. We have in the past been the subject of negative public attacks by certain non-governmental entities purporting to be objective media outlets, and we may in the future become subject to similar attacks, which may lead to increased volatility in the price of our common stock.
In addition, the stock market has experienced extreme price and volume fluctuations that have affected and continue to affect the market prices of equity securities of many companies.In addition, the stock markets have experienced extreme price and volume fluctuations that have affected and continue to affect the market prices of equity securities of many companies. These fluctuations have often been unrelated or disproportionate to the operating performance of those companies.
Certain of our warrants are accounted for as liabilities and the changes in value of such warrants could have a material effect on our financial results.
We classify our public warrants as derivative liabilities measured at fair value, with changes in fair value each period reported in earnings. Due to the recurring fair value measurement, we recognize non-cash gains or losses on our public warrants each reporting period. The amount of such gains or losses could be material.
Certain of our earn-out shares and founder shares are accounted for as liabilities and the changes in value of such shares could have a material effect on our financial results.
We evaluated the accounting treatment of (i) our earn-out shares and (ii) 4,312,500 shares of NHIC Class B common stock owned by certain NHIC stockholders which were converted into shares of the Company's stock in connection with the Merger, (the "Founder Shares") and determined to classify such shares as liabilities measured at fair value, with changes in fair value each period reported in earnings. Due to the recurring fair value measurement, we recognize non-cash gains or losses on our earn-out and founder shares each reporting period. The amount of such gains or losses could be material.
Because we do not intend to pay any cash dividends for the foreseeable future, capital appreciation, if any, would be your sole source of gain.
We currently intend to retain any future earnings for the development, operation and expansion of our business and do not intend to declare or pay any cash dividends for the foreseeable future.We currently anticipate that it will retain future earnings for the development, operation and expansion of our business and we do not anticipate declaring or paying any cash dividends for the foreseeable future. As a result, capital appreciation, if any, of our common stock would be your sole source of gain on an investment in such shares for the foreseeable future.
Future sales, or the perception of future sales, of common stock by our existing security holders in the public market may cause the market price of our securities to decline.•Future sales, or the perception of future sales, of our common stock by us or our existing stockholders in the public market could cause the market price for our common stock to decline.
Future sales of a substantial number of our common stock into the public market, particularly sales by our directors and executive officers or by holders of Founder Shares, or the perception that these sales might occur, could cause the market price of our common stock to decline. Certain of the Founder Shares are also subject to certain performance-based vesting provisions where 25% of the Founder Shares will vest on or before July 16, 2026 if the closing share price of the common stock equals or exceeds $12.50 over any 20 trading days within a 30-day trading period and the remaining 25% will vest on or before July 16, 2026 if the closing share price of the common stock equals or exceeds $15.00 over any 20 trading days within any 30-day trading period. In addition, as of December 31, 2024, we had stock options, restricted stock units (“RSUs”), and performance stock units ("PSUs") outstanding that, if fully exercised or vested, would result in the issuance of 30,241,594 shares of our common stock.
General Risk Factors
39
Increasing attention to, and evolving expectations for, sustainability initiatives could increase our costs, harm our reputation, or otherwise adversely impact our business.
Companies across industries are facing increasing scrutiny from a variety of stakeholders related to their sustainability practices. Changing rules, regulations as well as customer, employee and stakeholder expectations have resulted in, and are likely to continue to result in, increased general and administrative expenses and increased management time and attention spent complying with or meeting such regulations and expectations. For example, developing and acting on evolving sustainability reporting standards, including California’s climate-related disclosure laws, and the European Union's Corporate Sustainability Reporting Directive as well as customer requirements may be costly, difficult and time consuming. These initiatives and goals could be difficult and expensive to implement, the technologies needed to implement them may not be cost effective and may not advance at a sufficient pace, and ensuring the accuracy, adequacy, or completeness of the disclosure of our sustainability initiatives can be costly, difficult and time consuming. This and other regulations will likely lead to increased costs as well as scrutiny that could heighten all of the risks identified in this risk factor. Moreover, changing federal enforcement priorities and legal interpretations regarding diversity, equity, and inclusion programs present unknown and evolving risks, particularly the new focus on federal contractors and DEI certifications. Additionally, many of our customers and suppliers may be subject to similar expectations, which may augment or create additional risks, including risks that may not be known to us. In addition, we could be criticized by stockholders, stakeholders, regulators, or other interested parties for the scope or nature of our sustainability practices.
Our reported financial results may be adversely affected by changes in accounting principles generally accepted in the United States.
U.S. Generally Accepted Accounting Principles ("GAAP") are subject to interpretation by the Financial Accounting Standards Board (FASB), the SEC, and various bodies formed to promulgate and interpret appropriate accounting principles. A change in these principles or interpretations could have a significant effect on our reported results of operations and could affect the reporting of transactions already completed before the announcement of such change.
If securities or industry analysts do not publish research or reports about us, or publish negative reports, our stock price and trading volume could decline.
The trading market for our common stock will depend, in part, on the research and reports that securities or industry analysts publish about us. We do not have any control over these analysts reports. If our financial performance fails to meet analyst estimates or one or more of the analysts who cover us downgrade our common stock, change their opinion, or reduce their target stock price on us, our stock price would likely decline. If one or more of these analysts cease coverage of our company or fail to regularly publish reports about us, we could lose visibility in the financial markets, which could cause our stock price or trading volume to decline. If one or more of these analysts cease coverage of us or fail to regularly publish reports on us, we could lose visibility in the financial markets, which could cause our stock price or trading volume to decline.
Our business operations are vulnerable to disruption due to natural or other disasters, including climate-related events, strikes and other events beyond our control.
A major earthquake, fire, tsunami, hurricane, cyclone, or other disaster, such as a major flood, seasonal storms, drought, extreme temperatures, nuclear event, or terrorist attack affecting our facilities or the areas in which we are located, or affecting those of our customers or third-party manufacturers or suppliers, could significantly disrupt our or their operations and delay or prevent product shipment or installation during the time required to repair, reinforce, rebuild or replace our or their damaged manufacturing facilities.A major earthquake, fire, tsunami, hurricane, cyclone, or other disaster, such as a major flood, seasonal storms, nuclear event, or terrorist attack affecting our facilities or the areas in which we are located, or affecting those of our customers or third-party manufacturers or suppliers, could significantly disrupt our or their operations and delay or prevent product shipment or installation during the time required to repair, rebuild or replace our or their damaged manufacturing facilities. These delays could be lengthy and costly. Additionally, customers may delay purchases of our products until operations return to normal. Climate change may contribute to increased frequency or intensity of certain of these events, including increasing frequency and severity of storms, floods, drought, water scarcity, heat waves, wildfires and resultant air quality impacts and power shutoffs associated with these types of events, or a significant power outage as well as contribute to chronic changes in the physical environment (such as changes to ambient temperature and precipitation patterns or sea-level rise) that may impair the operating conditions of these facilities, or otherwise adversely impact our operations. Climate-related events, including the increasing frequency of extreme weather events and their impact on critical infrastructure in the United States and elsewhere, have the potential to disrupt businesses in general and may cause us to experience higher attrition, losses, and additional costs to maintain and resume operations.
In addition, concerns about terrorism, the effects of a terrorist attack, political turmoil, strikes or other labor unrest, war, including in Europe and the Middle East, and the related geopolitical impacts, or the outbreak of epidemic diseases (such as the COVID-19 pandemic) could have a negative effect on the operations of our facilities and those of our
40
contract manufacturers, suppliers and customers, resulting in delays or other challenges in the deployment of our products and services, among others, and thereby negatively impact our sales.
ITEM 1B. UNRESOLVED STAFF COMMENTS
None.
ITEM 1C.ITEM 1B. CYBERSECURITY
Cybersecurity Risk Management and Strategy
We have developed and implemented a cybersecurity risk management program intended to protect the confidentiality, integrity, and availability of our critical systems and information.
We design and assess our program based on the National Institute of Standards and Technology Cybersecurity Framework ("NIST CSF") and SOC 2 trust principles on security. This does not imply that we meet any particular technical standards, specifications, or requirements, only that we use these frameworks as a guide to help us identify, assess, and manage cybersecurity risks relevant to our business.
Key elements of our cybersecurity risk management program include:
•risk assessments designed to help identify material cybersecurity risks to our critical systems, information, products, services, and our broader enterprise IT environment;
•a security team principally responsible for managing (1) our cybersecurity risk assessment processes, (2) our security controls, and (3) our response to cybersecurity incidents;
•the use of external service providers, where appropriate, to assess, test or otherwise assist with aspects of our security controls;
•cybersecurity awareness training of our employees, incident response personnel, and senior management;
•a cybersecurity incident response plan that includes procedures for responding to cybersecurity incidents; and
•a third-party risk management process for service providers that includes a diligence and contracting process depending on our assessment of each provider's respective criticality and risk profile.
Cybersecurity Governance
Our Board considers cybersecurity risk as part of its risk oversight function and has delegated to the Audit Committee ("Audit Committee") oversight of cybersecurity and other IT risks. The Audit Committee oversees management’s implementation of our cybersecurity risk management program.
The Audit Committee receives periodic reports from our Vice President of Cybersecurity and Information Technology on our cybersecurity risks, updates, as necessary, regarding any cybersecurity incidents, as well as any incidents with lesser impact potential.
41
Recently Filed
Click on a ticker to see risk factors
| Ticker * | File Date |
|---|---|
| STRG | 11 hours ago |
| JMTM | 15 hours ago |
| NTRB | 15 hours ago |
| EVLV | 15 hours ago |
| QIND | 22 hours ago |
| CASK | 1 day, 1 hour ago |
| GDLG | 3 days, 16 hours ago |
| TRMB | 3 days, 17 hours ago |
| MIND | 3 days, 18 hours ago |
| MVNC | 3 days, 21 hours ago |
| NBBI | 3 days, 23 hours ago |
| APOG | 4 days, 19 hours ago |
| HELE | 5 days, 2 hours ago |
| BKYI | 5 days, 16 hours ago |
| TOGI | 5 days, 16 hours ago |
| STZ | 5 days, 19 hours ago |
| AYR | 5 days, 20 hours ago |
| CCTC | 5 days, 21 hours ago |
| OSRH | 6 days, 18 hours ago |
| COPR | 6 days, 20 hours ago |
| AZZ | 1 week ago |
| ACI | 1 week ago |
| BSPK | 1 week ago |
| LTRY | 1 week, 1 day ago |
| HOFT | 1 week, 3 days ago |
| STCB | 1 week, 3 days ago |
| SCS | 1 week, 3 days ago |
| WNLV | 1 week, 4 days ago |
| TGAAF | 1 week, 4 days ago |
| PLCE | 1 week, 4 days ago |
| BBW | 1 week, 4 days ago |
| SEVCF | 1 week, 5 days ago |
| CYCU | 1 week, 5 days ago |
| NUGN | 1 week, 5 days ago |
| KOPN | 1 week, 5 days ago |
| LAKE | 1 week, 5 days ago |
| CBDS | 1 week, 5 days ago |
| IVCA | 1 week, 5 days ago |
| CTRN | 1 week, 5 days ago |
| VPRB | 1 week, 5 days ago |
| QRON | 1 week, 5 days ago |
| MOV | 1 week, 5 days ago |
| SNBH | 1 week, 6 days ago |
| MLRT | 1 week, 6 days ago |
| BOTY | 2 weeks, 3 days ago |
| BEEM | 2 weeks, 3 days ago |
| URG | 2 weeks, 3 days ago |
| CSLMF | 2 weeks, 3 days ago |
| GES | 2 weeks, 3 days ago |
| GURE | 2 weeks, 3 days ago |
