$IIIV Risk Factor changes from 00/11/25/24/2024 to 00/11/21/25/2025

Item 1A. Risk FactorsOur business faces significant risks and uncertainties. If any of the following risks are realized, our business, financial condition and results of operations could be materially and adversely affected. The following risk factors, some of which contain statements that constitute forward-looking statements, should be read in conjunction with “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and our consolidated financial statements and related notes.Risks Related to Our Business and IndustryUnauthorized disclosure, destruction or modification of data or disruption of our services or other cybersecurity or technological risks, including as a result of a cybersecurity incident, could expose us to liability, protracted and costly litigation and damage our reputation.We are responsible both for our own business and to a significant degree for acts and omissions by certain of our partners under the rules and regulations established by the payment networks, such as Visa and Mastercard, Discover and American Express, and the debit networks. We and other third parties collect, process, store and transmit sensitive data, such as names, addresses, social security numbers, credit or debit card numbers and expiration dates, drivers’ license numbers and bank account numbers, and we have ultimate liability to the payment networks and member financial institutions that register us with the payment networks for our failure, or the failure of certain third parties with whom we contract, to protect this data in accordance with payment network requirements. The loss, destruction or unauthorized modification of customer or cardholder data could result in significant fines, sanctions and proceedings or actions against us by the payment networks, governmental bodies, consumers or others, which could have a material adverse effect on our business, financial condition and results of operations. Any such sanction, fine, proceeding or action could damage our reputation, force us to incur significant expenses in defense of these proceedings, disrupt our operations, distract our management, increase our costs of doing business and may result in the imposition of monetary liability.We are subject to risk associated with information technology and cybersecurity matters. For example, on June 2, 2021, the State of Louisiana, Division of Administration and a putative class of Louisiana law enforcement districts filed a petition in the 19th Judicial District Court for the Parish of East Baton Rouge against i3-Software & Services, LLC (“S&S”), a subsidiary of the Company located in Shreveport, Louisiana, seeking monetary damages related to a third-party remote access software product used in connection with services provided by S&S to certain Louisiana Parish law enforcement districts and alleged inadequacies in the Company’s cybersecurity practices. For additional information about this litigation, see Note 17 to our consolidated financial statements.The current cyber threat environment presents increased risk for all companies, in our industry and otherwise, including as a result of cyberattacks as well as ransomware attacks (through which an attacker renders an organization’s computer files inaccessible and demands a payment to return them or reinstate access), malicious software, advanced persistent threats, phishing and other attempts by malicious threat actors, including nation-state actors, ransomware groups and others to access, acquire, use disclose, shut down or manipulate information, systems, databases, processes and people. Like other companies in our industry, our systems are subject to recurring attempts by third parties to access information, manipulate data or disrupt our operations. Although we proactively employ multiple measures to defend our systems against intrusions and attacks and to protect the data we collect, our measures may not prevent unauthorized access or use of sensitive data. In addition, the cybersecurity-related threats that we face may remain undetected for an extended period of time.While we have experienced cyber threats and incidents, we have not (whether directly or indirectly, including through our third-party vendors, customers or other business relations) been subject to a cybersecurity event of which we are aware that has had a material impact on us, including our business strategy, financial condition or results of operations. However, despite our security measures, there is no assurance that we, or the third parties with which we interact, will not experience a cybersecurity incident in the future that materially impacts us. If such an event were to occur it could materially disrupt our operations, expose us to liability under data breach laws, adversely impact our reputation, impact our customer relationships or subject us to other material losses or 19liability. In addition, a breach of our system or a third-party system upon which we rely may subject us to material losses or liability, including payment network fines, assessments and claims for unauthorized purchases with misappropriated credit, debit or card information, impersonation or other similar fraud claims. A misuse of such data or a cybersecurity breach could harm our reputation and deter our customers and potential customers from using electronic payments generally and our products and services specifically, thus reducing our revenue. In addition, any such misuse or breach could cause us to incur costs to correct the breaches or failures, increase our risk of regulatory scrutiny, subject us to lawsuits and result in the imposition of material penalties and fines under state and federal laws or by the payment networks. These risks may be heightened in connection with employees working from remote work environments, as our dependency on certain service providers, such as video conferencing and web conferencing services, has significantly increased. In addition, to access our network, products and services, customers and other third parties may use personal mobile devices or computing devices that are outside of our network environment and subject to their own security risks. A significant cybersecurity breach could also result in payment networks prohibiting us from processing transactions on their networks or the loss of our financial institution sponsorship that facilitates our participation in the payment networks, either of which could materially impede our ability to conduct business. In addition, as cybersecurity threats continue to evolve, we have expended, and expect to continue to expend, significant resources to continue to modify or enhance our protective measures or to investigate and remediate any information security vulnerabilities, but we still might be unable to successfully prevent certain cyberattacks.Although we generally require that our agreements with third parties who have access to customer data include confidentiality obligations that restrict these parties from using or disclosing any customer data except as necessary to perform their services under the applicable agreements, there can be no assurance that these contractual measures will prevent the unauthorized disclosure of business or customer data, nor can we be sure that such third parties would be willing or able to satisfy liabilities arising from their breach of these agreements. Any failure by such third parties to adequately take these protective measures could result in protracted or costly litigation.In addition, our agreement with our bank sponsor and applicable payment network requirements require us to take certain protective measures to ensure the confidentiality of business and consumer data. Any failure to adequately comply with these protective measures could result in fees, penalties, litigation or termination of our bank sponsor agreement.Any significant unauthorized disclosure of sensitive data entrusted to us would cause significant damage to our reputation, impair our ability to attract new integrated technology and may cause parties with whom we already have such agreements to terminate them.Our software and systems and our third-party providers’ software and systems may fail, or our third-party providers may discontinue providing their services or technology generally or to us specifically, which in either case could interrupt our business, cause us to lose business and increase our costs.Our services are based on software and computing systems that often encounter development delays, and the underlying software may contain undetected errors, viruses or defects. Defects in our software services or errors or delays could result in additional development costs, diversion of technical and other resources from our other development efforts, loss of credibility with current or potential customers, harm to our reputation and exposure to liability claims.Our systems and operations or those of our third-party technology vendors could be exposed to damage or interruption from, among other things, fire, natural disaster, power loss, telecommunications failure, unauthorized entry, computer viruses, denial-of-service attacks, acts of terrorism, human error, vandalism or sabotage, financial insolvency and similar events. Our property and business interruption insurance may not be adequate to compensate us for all losses or failures that may occur. Likewise, while we have disaster recovery policies and arrangements in place, they have not been tested under actual disasters or similar events. Although we seek to minimize these risks through security measures, controls, back-up data centers and emergency planning, there can be no assurance that such efforts will be successful or effective.We rely on third parties for specific services, software and hardware used in providing our products and services. These third parties, including hosting providers such as AWS, are necessary for our internal business needs and for the delivery of various cloud and other hosted solutions to customers. These hosting providers rely on the uninterrupted operation of data centers and the ability to protect computer equipment and information stored in these data centers against unanticipated failures, intrusions, viruses, acts of terrorism and similar damaging events. If one or more of our hosting providers were unable to support our requirements for an extended period, and we are not able to find an alternative solution in a timely fashion, our customer relationships could be at risk of termination, and our business, financial condition and results of operation could be adversely impacted. In addition, to the extent a third party service provider relies on AI, improper processing of data by those service providers could harm our reputation, business and clients, or expose us to legal liability. Failure by these third-party providers to devote an appropriate level of attention to our products and services could result in delays in introducing new products or services, or delays in resolving any issues with existing products or services for which third-party providers provide ongoing support. In addition, the daily activities and productivity of our workforce is tied to key vendors, such as video conferencing services and internet providers, consistently delivering their services without material disruption, malicious attacks or other factors.Some of our solutions contain "open-source" software, and any failure to comply with the terms of one or more of applicable open-source licenses could negatively affect our business.We use certain software licensed under open-source licenses and may continue to use such software in the future. Some open-source licenses require us to make available source code for modifications or derivative works that we create based upon the open source software, and that we license such modifications or derivative works pursuant to a particular open source license or other license allowing further use by third parties. Some open-source licenses could require us to release the source code of our proprietary software if we combine our proprietary software with the open-source software subject to that license. Additionally, the terms of many open-source licenses have not been interpreted by United States or other courts, and there is a risk that these licenses could be construed in a manner that imposes unanticipated conditions or restrictions on our ability to commercialize our solutions. Using open-source software can also be riskier than using software subject to a more restrictive license because open-source licenses generally do not contain such protections as warranties. Many of the risks associated with using open-source software cannot be eliminated and using such software could adversely affect us.We have a history of operating losses and will need to generate significant revenues to attain and maintain profitability and positive cash flow and continue our acquisition program.Since inception in 2012, we have been engaged in growth activities and have made a significant number of acquisitions that have grown our business. This acquisition activity requires substantial capital and other expenditures. in the years ended September 30, 2025 and 2024 as a result of, among other things, the gains associated with the divestitures of our Healthcare RCM Business during fiscal year 2025 and our Merchant Services Business during fiscal year 2024, respectively, we incurred a net loss attributable to i3 Verticals, Inc. A substantial portion of our historical revenue growth has resulted from acquisitions.7% of our total revenues. We expect our cash needs to increase for the next several years as we:•make additional acquisitions; •market our products and services; •expand our customer support and service operations; •hire additional marketing, customer support and administrative personnel; and •implement new and upgraded operational and financial systems, procedures and controls.As a result of these continuing costs and expenses, we need to generate significant revenues to attain and maintain profitability and positive cash flow. If we do not continue to increase our revenues, our business, results of operations and financial condition could be materially and adversely affected. Such competition could adversely affect the revenue we receive, and as a result, our margins, business, financial condition and results of operations. Our growth will largely depend on our ability to increase our market share., Constellation Software, Inc., Verra Mobility Corp, EverCommerce Inc., Roper Technologies, Inc., Axon Enterprise, Inc., Paymentus Holdings, Inc., Flywire Corporation and Cellebrite DI Ltd. Accordingly, if these competitors specifically target our business model, they may be able to offer more attractive solutions to our customers. They also may be able to offer and provide products and services that we do not offer. Additionally, larger financial institutions may decide to perform in-house some or all of the services we provide or could provide, which may give them a competitive advantage in the market. This competition may effectively limit the prices we can charge and requires us to control costs aggressively in order to maintain acceptable profit margins. Competition could also result in a loss of customers and greater difficulty attracting new customers. One or more of these factors could have a material adverse effect on our business, financial condition and results of operations.In addition, we are also subject to risks as a result of changes in business habits of our vendors and customers as they adjust to the competitive marketplace. Because our standing arrangements and agreements with our vendors and customers typically contain no purchase or sale obligations and are terminable by either party upon no or relatively short notice, we are subject to significant risks associated with the loss or change at any time in the business habits and financial condition of key vendors as they adapt to changes in the market. The development of next-generation solutions that utilize advanced features, including AI and machine learning, may require us to make predictions about the willingness of the markets we serve to adopt such offerings. In connection therewith, we may be required to commit significant resources to maintain the competitiveness of our offerings by investing in such technologies before knowing whether we have correctly predicted market responsiveness to them. This market is characterized by rapid technological evolution, new product and service introductions, evolving industry standards, changing customer needs and the entrance of non-traditional competitors. To remain competitive, we continually pursue initiatives to develop new products and services to compete in an effective manner. These projects carry risks, 22such as cost overruns, delays in delivery, performance problems and lack of customer acceptance. In addition, new products and offerings may not perform as intended or generate the business or revenue growth expected. Additionally, we look for acquisition opportunities, investments and alliance relationships with other businesses that will increase our market penetration and enhance our technological capabilities, product offerings and distribution capabilities. Any delay in the delivery of new products and services or the failure to differentiate our products and services or to accurately predict and address market demand could render our products and services less desirable, or even obsolete. Any of the foregoing could have a material and adverse effect on our operating results and financial condition.The continued growth and development of our software and related services will depend on our ability to anticipate and adapt to changes in consumer behavior. For example, our failure to timely integrate emerging payment methods into our software could cause us to lose traction among our customers, resulting in a corresponding loss of revenue.Our payment processing technology offerings in connection with our software must also integrate with a variety of network, hardware, mobile and software platforms and technologies. Any failure to deliver an effective, reliable and secure service or any performance issue that arises could result in significant processing or reporting errors or other losses. If we are unable to develop, adapt to or access technological changes or evolving industry standards on a timely and cost-effective basis, our business, financial condition and results of operations would be materially adversely affected.If we fail to comply with the applicable requirements of the Visa and Mastercard payment networks, those payment networks could seek to fine us, suspend us or terminate our registrations through our bank sponsor.We do not directly access the payment card networks, such as Visa and Mastercard, that enable our acceptance of credit cards and debit cards, including some types of prepaid cards. Accordingly, we must rely on our bank sponsor or other payment processing providers to process transactions and must pay fees for the services. To provide our payment facilitator services, we are registered through our bank sponsor with the Visa and Mastercard networks. The majority of our payment volume in fiscal year 2025 was attributable to transactions processed on the Visa and Mastercard networks. We, our bank sponsor and many of our customers are subject to complex and evolving payment network rules. The payment networks routinely update and modify requirements applicable to payment facilitators, including rules regulating data integrity, third-party relationships (such as those with respect to our bank sponsor), merchant chargeback standards and Payment Card Industry Data Security Standard ("PCI DSS"). The rules of the card networks are set by their boards, which may be influenced by card issuers, some of which offer competing transaction processing services. The PCI Security Standards Council released fulsome revisions in version 4.0, which has been further updated by version 4.0.1, and includes stronger standards that increase the compliance burden on processors and require additional training, education and support tools for processors to support their merchants.If we or our bank sponsor fails to comply with the applicable rules and requirements of the Visa or Mastercard payment networks, Visa or Mastercard could suspend or terminate our member registration or certification, which would make it impossible for us to conduct our business on its current scale. Further, our transaction processing capabilities, including with respect to settlement processes, could be delayed or otherwise disrupted, and recurring non-compliance could result in the payment networks seeking to fine us. In addition, card networks and their member financial institutions regularly update, and generally expand, security expectations and requirements related to the security of cardholder data and environment. Under certain circumstances, we are required to report incidents to the card networks within a specified time frame. We may also be subject to penalties from the payment card networks if we fail to detect that our customers are engaging in activities that are illegal, contrary to the payment card network operating rules, or considered “high-risk.” We must either prevent high-risk merchants from using our products and services or register such merchants with the payment card networks and conduct additional monitoring with respect to such merchants. Such penalties could be material and could result in termination of registration or could require changes in our process for registering new customers. This could materially and adversely affect our business.23Under certain circumstances specified in the payment network rules, we may be required to submit to periodic audits, self-assessments or other assessments of our compliance with the PCI DSS. Such activities may reveal that we have failed to comply with the PCI DSS. In addition, even if we comply with the PCI DSS, there is no assurance that we will be protected from a security breach. The termination of our registration with the payment networks, or any changes in payment network or issuer rules that limit our ability to provide payment facilitation services, could have an adverse effect on our payment processing volumes, revenues and operating costs. If we are unable to comply with the requirements applicable to our settlement activities, the payment networks may no longer allow us to provide these services, which would require us to spend additional resources to obtain settlement services from a third-party provider. In addition, if we were precluded from processing Visa and Mastercard electronic payments, we would lose substantially all of our payments-related revenues.We are also subject to the operating rules of Nacha, a self-regulatory organization which administers and facilitates private-sector operating rules for ACH payments and defines the roles and responsibilities of financial institutions and other ACH network participants. The Nacha Operating Rules impose obligations on us and our partner financial institutions. These obligations include audit and oversight by the financial institutions and the imposition of mandatory corrective action, including termination, for serious violations. If an audit or self-assessment under PCI DSS or Nacha identifies any deficiencies that we need to remediate, the remediation efforts may distract our management team and be expensive and time consuming.If our bank sponsorship is terminated and we are not able to secure or successfully migrate customer portfolios to a new bank sponsor, we will not be able to conduct our business.If the bank that sponsors us with the Visa and Mastercard networks stop sponsoring us, we would need to find other financial institutions to provide those services, which could be difficult and expensive. If we were unable to find a replacement financial institution to provide sponsorship, we could no longer provide processing services to affected customers, which would negatively impact our revenues and earnings. Furthermore, our bank sponsor retains substantial discretion in approving certain aspects of our business practices, including our solicitation, application and qualification procedures for customers and the terms of our agreements with customers. Our bank sponsor's discretionary actions could have a material adverse effect on our business, financial condition, and results of operations.If our processing services agreement with Payroc is terminated and we are not able to enter into replacement processing relationship with another party, our ability to provide payment processing services to our affected software customers may be adversely impacted.In connection with the sale of our Merchant Services Business, we entered into a processing services agreement with Payroc (the “Payroc Processing Agreement”). Under the Payroc Processing Agreement, Payroc agreed to, among other things, process payments for a portion of our software customers in accordance with Payroc’s relationships with certain payment processors and sponsor banks. This processing structure for these specific software customers is intended to be temporary, and we expect such customers will eventually transition into our payment facilitation platform. If, however, the Payroc Processing Agreement is terminated and we are unable to enter into a replacement processing relationship with another party on acceptable terms or in a timely fashion, or if Payroc’s relationship with its processors or sponsor banks is terminated or significantly modified in fashion that is adverse to us or our customers, our ability to provide payment processing services to our affected software customers may be adversely impacted, which could have a material adverse effect on our business, financial condition, and results of operations.Consolidation in the banking and financial services industry could adversely affect our business, results of operations and financial condition.Consolidations have been, and continue to be, active in the banking and financial services industry. It is possible that larger financial institutions that result from consolidations will have increased bargaining power when negotiating, which could result in less favorable contractual terms for us. Larger financial institutions resulting from consolidations may also decide to perform in-house some or all of the services we provide or could provide. These foregoing matters could have an adverse effect on our business, result of operations and financial condition.24We have faced, and may in the future face, chargeback liabilities if our customers refuse or cannot reimburse chargebacks resolved in favor of their customers, and we may not accurately anticipate these liabilities.We have potential liability for chargebacks associated with our customers’ processing transactions. In most circumstances, if a billing dispute between a customer and a cardholder is not ultimately resolved in favor of our customer, the disputed transaction is “charged back” to the customer’s bank and credited to the account of the cardholder. Anytime our customer is unable to satisfy a chargeback, we are responsible for that chargeback.If we are unable to collect the chargeback from the customer’s account or reserve account (if applicable), or if the customer refuses or is financially unable due to bankruptcy or other reasons to reimburse us for the chargeback, we bear the loss for the amount of the refund paid to the cardholder’s bank. While we did not incur material chargeback losses in our 2025 or 2024 fiscal years, any increase in chargebacks not paid by our customers could have a material adverse effect on our business, financial condition and results of operations.We are potentially liable for losses caused by fraudulent card transactions. Card fraud occurs when a customer’s customer uses a stolen or counterfeit credit, debit or prepaid card, card number or other credentials to purchase merchandise or services. In a traditional card-present transaction, if the customer swipes the card, receives authorization for the transaction from the card issuing bank and verifies the signature on the back of the card against the paper receipt signed by the customer, the card issuing bank remains liable for any loss. In a fraudulent card-not-present transaction, even if the customer receives authorization for the transaction, the customer is liable for any loss arising from the transaction. Many of our customers transact a substantial percentage of their transactions over the Internet or in response to telephone orders. Because their sales are card-not-present transactions, these customers are more vulnerable to customer fraud than other customers. Business fraud occurs when a business or organization, rather than a cardholder, knowingly uses a stolen or counterfeit card or card number to record a false sales transaction, or intentionally fails to deliver the merchandise or services sold in an otherwise valid transaction. Business fraud also occurs when employees of businesses change the business demand deposit accounts to their personal bank account numbers, so that payments are improperly credited to the employee’s personal account. We have established systems and procedures to detect and reduce the impact of business fraud, but there can be no assurance that these measures are or will be effective. Incidents of fraud could increase in the future. Failure to effectively manage risk and prevent fraud could increase our chargeback liability and other liability, which could have a material adverse effect on our business, financial condition and results of operations.On occasion, we experience increases in interchange and sponsorship fees; if we cannot pass these increases along to our customers, our profit margins will be reduced.We pay interchange fees or assessments to the issuing bank through the card associations for each transaction that is processed using their credit and debit cards. From time to time, the card associations increase the interchange fees that they charge processors and the sponsoring bank. At their sole discretion, our sponsoring bank may pass increases in interchange fees on to us. In addition, our sponsoring bank may seek to increase its sponsorship fees charged to us, all of which are based upon the dollar amount of the payment transactions we process. If we are not able to pass these fee increases along to customers through corresponding increases in our processing fees, our profit margins will be reduced.Third-party hardware that we sell to our customers is generally procured from a limited number of suppliers. Thus, we are at risk of shortages, price increases, changes, delays or discontinuations of hardware, which could disrupt our business.Some of our solutions require or benefit from the use of third-party hardware products that we sell to our customers, such as kiosks, payment terminals and point of sale equipment. A number of such products come from limited number of suppliers. Due to our reliance on the products produced by a limited number of suppliers, we are subject to the risk of shortages and long lead times in the supply of certain products. In the event of a shortage or supply interruption from suppliers, we may not be able to develop alternate sources quickly, cost-effectively, or at all. Any interruption or delay in manufacturing supply, any increases in costs, or the inability to obtain these products from alternate sources at acceptable prices and within a reasonable amount of time, could harm our ability to provide products to our customers. In connection therewith, U.S. and international markets have been experiencing uncertain and volatile economic and geopolitical conditions, including from the impacts of military conflict in the Middle East, Russian aggression in Ukraine, tariff and trade-related developments, budgetary and political pressures to reduce government spending, inflationary pressures, elevated interest rate levels, possible recession concerns, and supply chain disruptions.For example, the U.S. government has imposed tariffs on certain foreign products and has raised the possibility of imposing significant, additional tariff increases, which has resulted in a deterioration of trade relations of the United States with various countries, including Canada. In connection therewith, we have business operations in Canada, and the determination of Canadian governmental authorities or businesses to cancel or not renew contracts, or otherwise reduce business, with U.S. companies as a result of current trade tensions with the United States, as has been advocated by certain Canadian governmental authorities, could adversely impact our financial results.Additionally, we have a significant number of employees in India who assist us in various respects, primarily in connection with the development of intellectual property. In the event that tensions between India and Pakistan increase, this could limit the ability of these employees to assist us for a significant period of time, disrupt our operations, and otherwise adversely impact our business and financial results.Further, there is ongoing uncertainty regarding government budget and spending levels as a result of political developments and other factors. In this regard, the current presidential administration has been focused on restructuring and streamlining government agencies and reducing or eliminating regulations and federal government programs and other expenditures, which has also given rise to separate efforts at the state level to reduce government spending. As a result of the fact that a significant portion of our revenue is received from state and local governmental authorities, reductions in government spending at the state and local level could adversely impact our financial results and business. Moreover, if these business, macroeconomic or political conditions continue or worsen, our business, financial condition and results of operations could be materially adversely affected.A decline in the use of cards and ACH as payment mechanisms for consumers and businesses or adverse developments in the electronic payment industry in general could adversely affect our business, financial condition and operating results.If consumers and businesses do not continue to use cards or ACH as payment mechanisms for their transactions or if the mix of payments among the types of cards and ACH changes in a way that is adverse to us, it could have a material adverse effect on our business, financial condition and results of operations. Regulatory changes may also result in our customers seeking to charge their customers additional fees for use of credit or debit cards. Additionally, in recent years, increased incidents of security breaches have caused some consumers to lose confidence in the ability of businesses to protect their information, causing certain consumers to discontinue use of electronic payment methods. Security breaches could result in financial institutions canceling large numbers of credit and debit cards, or consumers or businesses electing to cancel their cards following such an incident.We may not be able to successfully execute our strategy of growth through acquisitions. As part of our strategy to expand into new customer bases, we look for acquisition opportunities and partnerships with other businesses that will allow us to increase our market penetration, technological capabilities, product offerings and distribution capabilities.Although we expect to continue to execute our acquisition strategy:•we may not be able to identify suitable acquisition candidates or acquire additional assets on favorable terms;•we may compete with others to acquire assets, which competition may increase, and any level of competition could result in decreased availability or increased prices for acquisition candidates;•we may compete with others for select acquisitions and our competition may consist of larger, better-funded organizations with more resources and easier access to capital;•we may experience difficulty in anticipating the timing and availability of acquisition candidates;•we may not be able to obtain the necessary financing, on favorable terms or at all, to finance any of our potential acquisitions; and•we may not be able to generate cash necessary to execute our acquisition strategy.The occurrence of any of these factors could adversely affect our growth strategy. We may not have adequate financial or technological resources to develop effective and secure services that will satisfy the demands of these new customers. We have received, and may in the future receive, indemnification claims from Payroc. We are not able to predict the ultimate outcome of these or future claims that Payroc may assert against us in connection with the sale of our Merchant Services Business, any of which could have a material adverse effect on our results of operations and financial condition. In addition, pursuant to the Healthcare RCM Purchase Agreement, we agreed to indemnify Infinx with respect to certain matters, which could result in liability to us following the closing.As a result of the sales of our Merchant Services Business and Healthcare RCM Business, we are now highly dependent on the success of our remaining Public Sector business.In evaluating and determining the purchase price for a prospective acquisition, we estimate the future revenues and profits from that acquisition based largely on historical financial performance. Following an acquisition, we may experience some customer attrition. Should the rate of post-acquisition customer attrition exceed the rate forecasted, the revenues and profits from the acquisition may be less than we estimated, which could result in losses or a decline in profits, as well as potential impairment charges.We perform a due diligence review of each of our acquisition partners. This due diligence review, however, may not adequately uncover all of the contingent or undisclosed liabilities we may incur as a consequence of the proposed acquisition, exposing us to potentially significant, unanticipated costs, as well as potential impairment charges. An acquisition may also subject us to additional regulatory burdens that affect our business in potentially unanticipated and significantly negative ways.Integrations that do not occur rapidly and smoothly could divert the attention of management away from other strategic matters, including, but not limited to, acquisitions or product development.In connection with some acquisitions, we may incur non-recurring severance expenses, restructuring charges or change of control payments. These expenses, charges or payments, as well as the initial costs of integrating the personnel and facilities of an acquired business with those of our existing operations, may adversely affect our operating results during the initial financial periods following an acquisition. In addition, the integration of newly acquired companies may lead to diversion of management attention from other ongoing business concerns.We may not be able to successfully manage our intellectual property.Our intellectual property is critical to our future success. We rely on a combination of contractual license rights and copyright, trademark and trade secret laws to establish and protect our proprietary technology. Third parties may challenge, invalidate, circumvent, infringe or misappropriate our intellectual property or the intellectual property of our third-party licensors, or such intellectual property may not be sufficient to permit us to take advantage of current market trends or otherwise to provide competitive advantages, which could result in costly redesign efforts, discontinuance of certain service offerings or other competitive harm. Others, including our competitors, may independently develop similar technology, duplicate our products and services, design around or reverse engineer our intellectual property, and in such cases neither we nor our third-party licensors may be able to assert intellectual property rights against such parties. Further, our contractual license arrangements may be subject to termination or renegotiation with unfavorable terms to us, and our third-party licensors may be subject to bankruptcy, insolvency and other adverse business dynamics, any of which might affect our ability to use and exploit the products licensed to us by these third-party licensors. We may have to litigate to enforce or determine the scope and enforceability of our intellectual property rights (including litigation against our third-party licensors), which is expensive, could cause a diversion of resources and may not prove successful. Moreover, use of AI by our personnel, whether authorized or unauthorized, could increase the risk that our intellectual property and other proprietary information may be unintentionally disclosed. The loss of intellectual property protection or the inability to obtain third-party intellectual property could harm our business and ability to compete.28We may be subject to infringement claims.We may be subject to costly litigation if our products or services are alleged to infringe upon or otherwise violate a third party’s proprietary rights. Third parties may have, or may eventually be issued, patents that could be infringed by our products and services. Any of these third parties could make a claim of infringement against us with respect to our products and services. We may also be subject to claims by third parties for patent infringement, breach of copyright, trademark, license usage or other intellectual property rights. Any claim from third parties may result in a limitation on our ability to use the intellectual property subject to these claims. Additionally, in recent years, individuals and groups have been purchasing intellectual property assets for the sole purpose of making claims of infringement and attempting to extract settlements from companies like ours. Even if we believe that intellectual property related claims are without merit, defending against such claims is resource intensive and expensive and could result in the diversion of the time and attention of our management and employees. Claims of intellectual property infringement also might require us to redesign affected products or services, enter into costly settlement or license agreements, pay costly damage awards for which we may not have insurance, or face a temporary or permanent injunction prohibiting us from marketing or selling certain of our products or services. Even if we have an agreement for indemnification against such costs, the indemnifying party, if any in such circumstances, may be unable to uphold its contractual obligations. If we cannot or do not license the infringed technology on reasonable terms or substitute similar technology from another source, our revenue and earnings could be materially and adversely affected.If we lose key personnel, or if their reputations are damaged, our business, financial condition and results of operations may be adversely affected, and proprietary information of our company could be shared with our competitors.We depend on the ability and experience of a number of our key personnel who have substantial experience with our operations, the rapidly changing payment processing industry and the markets in which we offer our products and services. Many of our key personnel have worked for us for a significant amount of time or were recruited by us specifically due to their experience. It is possible that the loss of the services of one or a combination of our senior executives or key managers could have a material adverse effect on our business, financial condition and results of operations. In addition, contractual obligations related to confidentiality and assignment of intellectual property rights may be ineffective or unenforceable, and departing employees may share our proprietary information with competitors in ways that could adversely impact us.In a dynamic industry like ours, our success and growth depend on our ability to attract, recruit, retain and develop qualified employees.Our business functions at the intersection of rapidly changing technological, social, economic and regulatory developments that require a wide-ranging set of expertise and intellectual capital. For us to continue to successfully compete and grow, we must attract, recruit, develop and retain the necessary personnel who can provide the needed expertise across the entire spectrum of our intellectual capital needs. While we have a number of key personnel who have substantial experience with our operations, we must also develop our personnel to provide succession plans capable of maintaining continuity in the midst of the inevitable unpredictability of human capital. The market for qualified personnel is competitive, and we may not succeed in recruiting additional personnel or may fail to effectively replace current personnel who depart with qualified or effective successors. Our effort to retain and develop personnel may also result in significant additional expenses, which could adversely affect our profitability. We can make no assurances that qualified employees will continue to be employed or that we will be able to attract and retain qualified personnel in the future. Failure to retain or attract key personnel could have a material adverse effect on our business, financial condition and results of operations.29Our operating results and operating metrics are subject to seasonality and volatility, which could result in fluctuations in our quarterly revenues and operating results or in perceptions of our business prospects.We have experienced in the past, and expect to continue to experience, seasonal fluctuations in our revenues. The number of business days in a month or quarter also may affect seasonal fluctuations. Operating expenses show less seasonal fluctuation, with the result that net income is subject to the same seasonal factors as our revenues. The growth in our business may have partially overshadowed seasonal trends to date, and seasonal impacts on our business may be more pronounced in the future. Volatility in our key operating metrics or their rates of growth could have a negative impact on our financial results and investor perceptions of our business prospects.We are the subject of various claims and legal proceedings and may become the subject of claims, litigation or investigations which could have a material adverse effect on our business, financial condition or results of operations.In the ordinary course of business, we are the subject of various claims and legal proceedings and may become the subject of claims, litigation or investigations, including commercial disputes and employee claims, such as claims of age discrimination, sexual harassment, gender discrimination, immigration violations or other local, state and federal labor law violations, and from time to time may be involved in governmental or regulatory investigations, audits or similar matters arising out of our current or future business. Further, any determination of noncompliance with applicable laws and regulations may result in criminal and/or civil penalties. Certain claims may seek injunctive relief, which could disrupt the ordinary conduct of our business and operations or increase our cost of doing business. Our insurance or indemnities may not fully cover all claims that may be asserted against us. Furthermore, there is no guarantee that we will be successful in defending ourselves in pending or future litigation or similar matters under various laws. Any judgments or settlements in any pending litigation or future claims, litigation or investigation could have a material adverse effect on our business, financial condition and results of operations.We are exposed to fluctuations in foreign currency exchange rates, which could negatively affect our financial condition and operating results.Our contracts are primarily denominated in U.S. dollars, and therefore, substantially all of our revenue is not subject to foreign currency risk. However, there has been, and may continue to be, significant volatility in global stock markets and foreign currency exchange rates that result in the strengthening of the U.S. dollar against foreign currencies in which we conduct business. The strengthening of the U.S. dollar increases the real cost of our products to our end-customers outside of the United States and may lead to reduced demand for our services. If the U.S. dollar continues to strengthen, this could adversely affect our financial condition and operating results. Our operating expenses incurred outside the United States and denominated in foreign currencies are increasing and are subject to fluctuations due to changes in foreign currency exchange rates. If we are not able to successfully hedge against the risks associated with foreign currency fluctuations, our financial condition and operating results could be adversely affected.Our international operations subject us to additional risks which could have an adverse effect on our business, operating results, and financial condition.We employ resources in India, to support our onshore operations. Countries outside of the United States may be subject to relatively higher degrees of political and social instability and may lack the infrastructure to withstand political unrest or natural disasters. The occurrence of natural disasters, pandemics, or political or economic instability in these countries could interfere with work performed by these labor sources or could result in our 30having to replace or reduce these labor sources. If countries in which we operate experience civil or political unrest or acts of terrorism, our operations in such countries could be materially impaired. For example, India has experienced civil unrest and terrorism and has experienced historical and recent tensions with Pakistan. The occurrence of any of these circumstances could result in disruptions to our resources in India. Our vendors in other countries could potentially shut down suddenly for any reason, including financial problems or personnel issues. Such disruptions could decrease efficiency, increase our costs and have an adverse effect on our business or results of operations.Further, many foreign data privacy regulations (including India’s Digital Personal Data Protection Act) can be more stringent than those in the United States. These laws and regulations are rapidly evolving and changing and could have an adverse effect on our operations. Our obligations and requirements under these laws and regulations are subject to uncertainty in how they may be interpreted by government authorities and regulators. The costs of compliance with, and the other burdens imposed by, these and other laws or regulatory actions may increase our operational costs, affect our customers’ willingness to permit us to use and store personal data, prevent us from selling our products or services, and/or affect our ability to invest in or jointly develop products. Failure to comply with these laws may result in governmental enforcement actions, private claims, including class action lawsuits, and damage to our reputation. We may also face audits or investigations by one or more foreign government agencies relating to our compliance with these regulations.Risks Related to RegulationWe are subject to extensive laws and government regulation, the costs of compliance with which can be significant, and our actual or perceived failure to comply with such obligations may subject us to penalties and otherwise have an unfavorable impact on our business, financial condition and results of operations. Regulation of our industry has increased significantly in recent years and is constantly evolving. We are also subject to other laws and regulations, including those addressing U.S. financial services, consumer protection, escheat and privacy and information security, among other subjects. Changes to statutes, regulations or industry standards, including interpretation and implementation of statutes, regulations or standards, could increase our cost of doing business or affect the competitive balance. To the extent these laws and regulations negatively impact the business, operations or financial condition of our customers, our business and results of operations could be materially and adversely affected because, among other matters, our customers could have less capacity to purchase products and services from us, could decide to avoid or abandon certain lines of business, or could seek to pass on increased costs to us by negotiating price reductions. In addition, we could be required to invest a significant amount of time and resources in response to new or changes to existing laws, regulations or oversight, or to modify the manner in which we contract with or provide products and services to our customers; and those laws and regulations could directly or indirectly limit how much we can charge for our services. We may not be able to update our existing products and services, or develop new ones, to satisfy our customers’ needs. Any of these events, if realized, could have a material adverse effect on our business, results of operations and financial condition.Various laws and regulations, including those in other industries in which we provide services, even if such laws and regulations are not directed at us, may require us to make significant efforts to change our products and services and may require that we incur additional compliance costs and change how we price our products and services to our customers. Implementing new compliance risk mitigation strategies efforts can be significant with the complexity of regulatory requirements, and we are devoting and will continue to devote significant resources to address compliance requirements. Furthermore, regulatory actions may cause changes in business practices by us and other industry participants which could affect how we market, price and distribute our products and services, and which could materially adversely affect our business, financial condition and results of operations. In addition, even an inadvertent failure to comply with laws and regulations, as well as rapidly evolving social expectations of corporate fairness, could damage our business or our reputation.31Compliance with the Dodd-Frank Act and other federal and state regulations applicable to our business may increase our compliance costs, limit our revenues and otherwise negatively affect our business.Since the enactment of the Dodd-Frank Act, there have been substantial reforms to the supervision and operation of the financial services industry, including numerous new regulations that have imposed additional compliance costs and, in some cases, limited revenue sources for us and our financial institution partners and customers. Among other things, the Dodd-Frank Act established the CFPB, which is empowered to conduct rule-making and supervision related to, and enforcement of, federal consumer financial protection laws. The CFPB has issued guidance that applies to “supervised service providers,” which the CFPB has defined to include service providers, like us, to CFPB supervised banks and nonbanks.In that regard the CFPB July 25, 2024 report entitled The Cost of Electronic Payments in K-12 Schools, the report included discussion on the CFPB’s Fall 2023 edition of their Supervisory Highlights report and a 2014 USDA Policy Memorandum regarding school lunch fees. The CFPB report concluded that certain payment processing practices utilized by the Company and other participants in our industry may violate consumer financial protection laws.The appearance of being involved in unfair trade practices and violating consumer protection laws when offering payment processing services to our customers could harm our reputation with our customers. Further, compliance with emerging sector-specific regulations may negatively impact our business, financial condition and results of operations by requiring us to alter our fee structure or payment processing practices. For example, on May 16, 2025, Suzanne Hess, individually and on behalf of a putative class of citizens of the State of New York, filed a class action compliant in the Supreme Court of the State of New York, Nassau County, against i3 Verticals, LLC and CP-DBS, LLC d/b/a “PaySchools”, a subsidiary of i3 Verticals, LLC, seeking monetary damages and injunctive relief related to services offered by PaySchools that enable parents, guardians and caregivers to fund lunches for students in certain New York school districts and allegedly unlawful practices by PaySchools related to the fees charged for these school lunch services. For additional information about this litigation, see Note 17 to our consolidated financial statements. Cybersecurity regulations and guidance are applicable to large bank holding companies and their subsidiaries, as well as to service providers to those organizations. Any new rules and regulations implemented by the CFPB, state or other authorities or in connection with the Dodd-Frank Act could, among other things, slow our ability to adapt to a rapidly changing industry, require us to make significant additional investments to comply with them, redirect time and resources to compliance obligations, modify our products or services or the manner in which they are provided, or limit or change the amount or types of revenue we are able to generate.Interchange fees, which the payment processor typically pays to the card issuer in connection with credit and debit card transactions, are subject to legal, regulatory and legislative scrutiny. In particular, the Dodd-Frank Act regulates and limits debit card fees charged by certain card issuers and allows businesses and organizations to set minimum dollar amounts for the acceptance of credit cards. Specifically, under the commonly known “Durbin Amendment” to the Dodd-Frank Act, the interchange fees that certain issuers charge businesses and organizations for debit transactions are regulated by the Federal Reserve and must be “reasonable and proportional” to the cost incurred by the issuer in authorizing, clearing and settling the transactions. Rules released by the Federal Reserve in July 2011 to implement the Durbin Amendment mandate a cap on debit transaction interchange fees for card issuers with assets of $10 billion or greater. Effective October 1, 2012, debit card issuers are permitted a fraud-prevention adjustment. Since October 2011, a payment network may not prohibit a card issuer from contracting with any other payment network for the processing of electronic debit transactions involving the card issuer’s debit cards, and card issuers and payment networks may not inhibit the ability of businesses and organizations to direct the routing of debit card transactions over any payment networks that can process the transactions.32Rules implementing the Dodd-Frank Act also contain certain prohibitions on payment network exclusivity and merchant routing restrictions. These restrictions could negatively affect the number of debit transactions processed, and prices charged per transaction, which would negatively affect our business. Further, if we disclose student information in violation of FERPA or PPRA, our access to student information could be suspended.Our systems and solutions must also comply, in certain circumstances, with FERPA and PPRA, as well as with rapidly emerging state student data privacy laws that require schools to protect student data and to adopt privacy policies which can significantly vary from one state to another. FERPA generally prohibits an educational institution from disclosing personally identifiable information from a student’s education records without a parent’s consent unless certain statutory exceptions apply. Our school customers and their students disclose to us, and we may store, certain information that originates from or comprises a student education record under FERPA. PPRA puts limits on “survey, analysis or evaluations” that may come into play when schools employ internet-based educational services. Schools are required to develop policies that address, among other things, the collection, disclosure or use of personal information collected from students for the purpose of marketing or selling that information, and can place restrictions on third parties’ use of that data. As an entity that provides services to educational institutions, we are indirectly subject to FERPA’s and PPRA’s privacy requirements, and we may not transfer or otherwise disclose or use any personally identifiable information from a student record to another party other than on a basis and in a manner permitted under the statutes. If we violate FERPA or PPRA, it could result in a material breach of contract with one or more of our customers and could reduce our revenues or harm our reputation. Further, if we disclose student information in violation of FERPA or PPRA, our access to student information could be suspended, thus inhibiting our business operations. The healthcare industry is governed by extensive and complex laws and regulations at the federal, state and local government levels. These laws and regulations address, among other issues, billing and coding for services and properly handling overpayments, fraud and abuse, and the confidentiality, maintenance, interoperability, exchange and security of health-related and other confidential information. In connection with the healthcare-related operations, including the sale of revenue cycle management software solutions, that we conducted prior to the sale of our Healthcare RCM Business, we could be adversely affected by violations of these laws and regulations. Further, pursuant to the Healthcare RCM Purchase Agreement, we agreed to indemnify Infinx with respect to certain matters, which could result in liability to us.We strived to structure our Healthcare RCM Business to comply with applicable healthcare laws, regulations and other requirements applicable to us directly and to our customers and contractors, but there can be no assurance that we will not be challenged or impacted by enforcement initiatives with respect to conduct occurring prior to the sale of our Healthcare RCM Business. We have been, and in the future may become, involved in governmental investigations, audits, reviews and assessments. Violation of these laws may result in criminal and/or civil penalties, including substantial monetary penalties. Even an unsuccessful challenge by regulatory and other authorities or private whistleblowers could be expensive and time-consuming, could result in loss of business, exposure to adverse publicity and injury to our reputation and could adversely affect our ability to retain and attract customers.33We must comply with laws and regulations prohibiting unfair or deceptive acts or practices, and any failure to do so could materially and adversely affect our business.We and many of our customers are subject to Section 5 of the Federal Trade Commission Act prohibiting unfair or deceptive acts or practices (referred to as "UDAAP"), provisions of the Dodd-Frank Act that prohibit UDAAP, the Telemarketing Sales Act, the Electronic Fund Transfer Act and other laws, rules and or regulations, which may directly impact the activities of certain of our customers. These rules may subject us, as the electronic payment processor or provider of certain services, to investigations, fees, fines and disgorgement of funds if we are deemed to have improperly aided and abetted or otherwise provided the means and instrumentalities to facilitate the illegal or improper activities of the customer through our services. Various federal and state regulatory enforcement agencies including the Federal Trade Commission and state attorneys general have authority to take action against non-banks that engage in UDAAP, or violate other laws, rules and regulations. To the extent we are processing payments or providing products and services for a customer that may be in violation of laws, rules and regulations, we may be subject to enforcement actions and as a result may incur losses and liabilities that may adversely affect our business.We could be adversely affected by violations of the FCPA and similar anti-bribery laws of other countries in which we provide services or have employees.Because of our international operations we could be adversely affected by violations of the US Foreign Corrupt Practices Act (the “FCPA”) and similar anti-bribery laws of other countries in which we provide services or have employees. The FCPA and similar anti-bribery laws generally prohibit companies and their intermediaries from making improper payments to government officials or other third parties for the purpose of obtaining or retaining business or gaining any business advantage. While our policies mandate compliance with these anti-bribery laws, we cannot provide assurance that our internal control policies and procedures always protect us from reckless or criminal acts committed by our employees, contractors or agents. Failure to comply with the FCPA could result in the imposition of civil or criminal fines and penalties and could disrupt our business and adversely affect our results of operations, cash flows and financial condition.Our payment facilitator solutions present certain regulatory challenges, principally those relating to money transmitter issues. To address these challenges we, along with our third-party service providers, use structural arrangements designed to prevent us from receiving or controlling customer funds removing our activities from the scope of money transmitter regulations. There can be no assurance that these structural arrangements will remain effective as money transmitter laws continue to evolve or that the applicable regulatory bodies, particularly state agencies, will view our payment facilitator activities as compliant.Our business may also be subject to the Fair Credit Reporting Act ("FCRA"), which regulates the use and reporting of consumer credit information and imposes disclosure requirements on entities that take adverse action based on information obtained from credit reporting agencies. We could be liable if our practices under the FCRA do not comply with the FCRA or regulations under it.The Housing Assistance Tax Act of 2008 included an amendment to the Internal Revenue Code of 1986, as amended (the “Code”), that requires information returns to be made for each calendar year by payment processing entities and third-party settlement organizations with respect to payments made in settlement of electronic payment transactions and third-party payment network transactions occurring in that calendar year. Reportable transactions are also subject to backup withholding requirements. We could be liable for penalties if our information returns are not in compliance with these regulations.34Our public sector case resolution and fund recovery services may be subject to certain laws, rules and regulations applicable to debt collectors, including, federal and state licensing or bonding requirements. Such laws and regulations are extensive and subject to change. Our failure to comply with these requirements, changing interpretations of existing requirements, or adoption of new requirements, could restrict our ability to offer these non-healthcare revenue cycle management services in certain jurisdictions, which would adversely affect our business, operating results and financial condition.Depending on how our products and services evolve, we may be subject to a variety of additional laws and regulations, including those governing money transmission, gift cards and other prepaid access instruments, electronic funds transfers, anti-money laundering, counter-terrorist financing, restrictions on foreign assets, banking and lending, U.S. Safe Harbor regulations, and import and export restrictions. Additionally, we are contractually required to comply with certain anti-money laundering regulations in connection with our payment processing activities. These regulations are generally governed by the Financial Crimes Enforcement Network ("FinCEN") and the Office of Foreign Assets Control ("OFAC"). Our efforts to comply with these laws and regulations could be costly and result in diversion of management time and effort and may still not guarantee compliance. Regulators continue to increase their scrutiny of compliance with these obligations, which may require us to further revise or expand our compliance program, including the procedures we use to verify the identity of our customers, and to monitor transactions. If we are found to be in violation of any such legal or regulatory requirements, we may be subject to monetary fines or other penalties such as a cease and desist order, or we may be required to make product changes, any of which could have an adverse effect on our business and financial results.Changes in tax laws or their interpretations, or becoming subject to additional U.S., state or local taxes that cannot be passed through to our customers, could negatively affect our business, financial condition and results of operations.We are subject to extensive tax liabilities, including federal and state and transactional taxes such as excise, sales/use, payroll, franchise, withholding, and ad valorem taxes. Changes in tax laws or their interpretations could increase our tax burden and decrease the amount of revenues we receive, the value of any tax loss carryforwards and tax credits recorded on our balance sheet and the amount of our cash flow, and have a material adverse impact on our business, financial condition and results of operations. Some of our tax liabilities are subject to periodic audits by the respective taxing authority which could increase our tax liabilities. Furthermore, companies in the payment processing industry, including us, may become subject to incremental taxation in various tax jurisdictions. Taxing jurisdictions have not yet adopted uniform positions on this topic. If we are required to pay additional taxes and are unable to pass the tax expense through to our customers, our costs would increase and our net income would be reduced, which could have a material adverse effect on our business, financial condition and results of operations.On July 4, 2025, the One Big Beautiful Bill Act (“OBBBA”) was enacted, introducing broad changes to the U.S. tax code, including modifications to federal income tax provisions. The legislation has multiple effective dates, with certain provisions effective in 2025 and others taking effect in later years. The aggregate impact of the OBBBA remains uncertain.Changing laws and governmental rules and regulations designed to protect or limit access to or use of personal information could adversely affect our ability to effectively provide our products and services, and actual or perceived failure to comply with such legal and regulatory obligations may negatively impact our business, financial condition and results of operations. Our operations are subject to certain provisions of these laws. The U.S. Children’s Online Privacy Protection Act also regulates the collection of information by operators of websites and other electronic solutions that are directed to children under 3513 years of age. These laws and regulations restrict the collection, processing, storage, use and disclosure of personal information, require notice to individuals of privacy practices and provide individuals with certain rights to prevent the use and disclosure of protected information. They also impose requirements for safeguarding and proper destruction of personal information through the issuance of data security standards or guidelines. In addition, there are state laws and regulations restricting the ability to collect and utilize certain types of information such as Social Security and driver’s license numbers. Certain states impose similar privacy obligations as well as obligations to provide notification of security breaches of computer databases that contain personal information to affected individuals, state officers and consumer reporting agencies and businesses and governmental agencies that own data.In connection with providing products and services to our customers, we are required by regulations, applicable industry standards, and our contracts with customers and financial institution distribution partners to provide assurances regarding the confidentiality and security of non-public consumer information. These contracts may require periodic audits by independent companies regarding our compliance with applicable standards. The compliance standards relate to the security of our infrastructure, including components and operational procedures designed to safeguard the confidentiality and security of individuals’ non-public personal information that our customers share with us. Our ability to maintain compliance with these standards and satisfy these audits will affect our ability to attract, grow and maintain business in the future. In addition, our relationships and reputation could be harmed, which could inhibit our ability to retain existing customers and obtain new customers.Legal requirements relating to the collection, storage, handling and transfer of personal data continue to evolve at both the federal and state level.Many states have introduced or passed comprehensive consumer privacy laws, which may impose varying standards and requirements on our data collection use and processing activities. These laws require companies (regardless of their location) that process personal information of residents of those states make certain disclosures to consumers about data practices, grant consumers specific rights to their data, and allow consumers to opt out of certain data sharing activities. Additionally, the Federal Trade Commission and many state attorneys general are interpreting federal and state consumer protection laws to impose standards for the online collection, use, dissemination and security of data.Government regulators, industry groups and class action attorneys are increasingly scrutinizing how companies collect, process, use, store, share and transmit personal data. Regulators and courts may expand interpretations of existing laws, thereby further impacting our business. If more restrictive privacy laws or rules and/or inconsistent legal requirements are adopted by authorities in the future on the federal or state level, or regulators' enforcement priorities shift, our compliance costs may increase and our ability to perform due diligence on, and monitor the risk of, our current and potential customers may decrease, which could create liability for us. Many consumer privacy laws provide for civil penalties for violations, and the CCPA and CPRA provide for a private right of action for data breaches that may increase data breach litigation. We may also be exposed to litigation, regulatory fines, penalties or other sanctions if the personal, confidential or proprietary information of our customers is mishandled or misused by any of our suppliers, counterparties or other third parties, or if such third-parties do not have appropriate controls in place to protect such personal, confidential or proprietary information. For additional information on the risks associated with foreign data privacy regulations, see “Our international operations subject us to additional risks which could have an adverse effect on our business, operating results, and financial condition.

Additionally, if we suffer a data breach, other privacy or cybersecurity regulatory compliance failures or are subject to fines, sanctions or proceedings as a result of actual or perceived compliance failures, or any similar event causing reputational harm, our opportunities for growth may be curtailed, and our potential liability for security breaches may increase, all of which could have a material adverse effect on our business, financial condition and results of operations.36These laws and regulations may change rapidly, and it is frequently unclear how they apply to our business. Any failure of our products or services to comply with these laws and regulations could result in substantial civil or criminal liability and could, among other things, adversely affect demand for our services, invalidate all or portions of some of our contracts with our customers and financial institution partners, or require us to change or terminate some portions of our business. Further, reform efforts or changing healthcare regulatory requirements may also render our products or services obsolete or may block us from fully realizing or accomplishing our work or from developing new products or services. This may in turn impose additional costs upon us to adapt to the new operating environment or to further develop or modify our products and services. Such healthcare reforms may also make introduction of new products and service costlier or more time-consuming than we currently anticipate. These changes may also prevent our introduction of new products and services or make the continuation or maintenance of our existing products and services unprofitable or impossible.The evolving legal, ethical and regulatory landscape over AI technologies creates uncertainties. Our inability to successfully or effectively implement AI initiatives, or other deficiencies or failures in our AI systems or initiatives, could subject us to competitive harm, legal and regulatory risk, and increase our cybersecurity, intellectual property, and privacy risks. Additionally, AI-generated outputs may be misleading, insecure, inaccurate, harmful, or otherwise flawed. Further, if we fail to leverage AI technologies as effectively or rapidly as our peers, our competitiveness and financial results could be adversely impacted.There is also uncertainty about the extent to which data privacy laws apply to AI technologies, and any delay in addressing those concerns may result in liability or regulatory investigations and fines, as well as harms to our business and reputation. In addition, issues related to intellectual property rights in AI technologies have not been fully addressed by the courts or regulators. As such, to the extent we implement generative AI technologies into our products and/or services, we may face resulting exposure to claims related to copyright infringement or other intellectual property misappropriation. At the same time, other stakeholders and governmental authorities have increasingly expressed or pursued opposing views, legislation and investment expectations with respect to ESG initiatives. Moreover, we may experience increased costs in order to develop and execute upon any such ESG strategies, which could have an adverse impact on our business and financial condition.In addition, this emphasis on ESG matters has resulted and may result in the adoption of new laws and regulations, including new reporting requirements. If we fail to comply with new laws, regulations or reporting requirements, our reputation and business could be adversely impacted.Risks Related to Our IndebtednessOur indebtedness could adversely affect our financial health and competitive position.On May 8, 2023, i3 Verticals, LLC (the “Borrower”), entered into that certain Credit Agreement (as amended, the “2023 Senior Secured Credit Facility”) with the guarantors and lenders party thereto and JPMorgan Chase Bank, N.A., as administrative agent (“JPMorgan”). The 2023 Senior Secured Credit Facility replaced the prior senior secured credit facility of the Company which was entered into on May 9, 2019 (the "Prior Senior Secured Credit Facility"). Following an amendment to the Credit Facility entered into on May 5, 2025, as described below, the 2023 Senior Secured Credit Facility provides for aggregate commitments of $400 million in the form of a senior secured revolving credit facility (the “Revolver”). Borrowings under the Revolver will be made, at the Borrower’s option, at the Adjusted Term SOFR rate or the base rate, plus, in each case, an applicable margin. The Adjusted Term SOFR rate will be the rate of interest per annum equal to the Term SOFR rate (based upon an 37interest period of one, three or six months), plus 0.10%, plus an applicable margin of 2.00% to 3.00% (2.00% at September 30, 2025). The Adjusted Term SOFR rate shall not be less than 0% in any event. The base rate is a fluctuating rate of interest per annum equal to the highest of (a) the greater of the federal funds rate or the overnight bank funding rate, plus ½ of 1%, (b) Wall Street Journal prime rate and (c) the Adjusted Term SOFR rate for an interest period of one month, plus 1%, plus an applicable margin of 1.00% to 2.00% at September 30, 2025). The base rate shall not be less than 1% in any event. As of September 30, 2025, we had no borrowings outstanding under the 2023 Senior Secured Credit Facility. Although we may enter into interest rate swap agreements in the future, we and our subsidiaries are exposed to interest rate increases on the floating portion of our 2023 Senior Secured Credit Facility that are not covered by interest rate swaps, to the extent we have indebtedness outstanding.

For additional information about our 2023 Senior Secured Credit Facility, see “Management’s Discussion and Analysis of Financial Condition and Results of Operations — Liquidity and Capital Resources” in Part II, Item 7 of this Annual Report on Form 10-K, and “Quantitative and Qualitative Disclosure About Market Risk” in Part II, Item 7A of this Annual Report on Form 10-K. Our ability to generate cash is subject, to a certain extent, to our ability to successfully execute our business strategy, including acquisition activity, as well as general economic, financial, competitive, regulatory and other factors beyond our control. Although we currently expect that our cash flow from operations, current cash and cash equivalents and available borrowing capacity under the 2023 Senior Secured Credit Facility will be sufficient to fund our operations and planned expenditures and to service our debt obligations for at least the next twelve months, there can be no assurance that our business will be able to generate sufficient cash flow from operations or that future borrowings or other financing will be available to us in an amount sufficient to enable us to service our debt and fund our other liquidity needs. To the extent we are required to use our cash flow from operations or the proceeds of any future financing to service our debt instead of funding working capital, capital expenditures, acquisition activity or other general corporate purposes, we will be less able to plan for, or react to, changes in our business, industry and in the economy generally. This will place us at a competitive disadvantage compared to our competitors that have less debt. There can be no assurance that we will be able to refinance any of our debt on commercially reasonable terms or at all, or that the terms of that debt will allow any of the above alternative measures or that these measures would satisfy our scheduled debt service obligations. If we are unable to generate sufficient cash flow to repay or refinance our debt on favorable terms, it could significantly adversely affect our financial condition and the value of our outstanding debt. Our ability to restructure or refinance our debt will depend on the condition of the capital markets and our financial condition. Any refinancing of our debt could be at higher interest rates and may require us to comply with more onerous covenants, which could further restrict our business operations.38In addition, the 2023 Senior Secured Credit Facility contains, and any agreements evidencing or governing other future debt may contain, certain restrictive covenants that limit our ability, among other things, to engage in certain activities that are in our long-term best interests, including our ability to:•incur liens on property, assets or revenues; •incur or assume additional debt or amend our debt and other material agreements;•declare or make distributions and redeem or repurchase equity interests, including making repurchases of Class A common stock pursuant to our share repurchase program, or issue preferred stock;•prepay, redeem or repurchase debt;•make investments;•enter into any sale-and-leaseback of property; •engage in certain business activities; and•engage in mergers and asset sales.The restrictive covenants in our 2023 Senior Secured Credit Facility also require us to maintain specified financial ratios. While we have not previously breached and are not in breach of any of these covenants, there can be no guarantee that we will not breach these covenants in the future. Our ability to comply with these covenants and restrictions may be affected by events and factors beyond our control. Our failure to comply with any of these covenants or restrictions could result in an event of default under our 2023 Senior Secured Credit Facility. An event of default would permit the lending banks under the facility to take certain actions, including terminating all outstanding commitments and declaring all amounts outstanding under our 2023 Senior Secured Credit Facility to be immediately due and payable, including all outstanding borrowings, accrued and unpaid interest thereon, and all other amounts owing or payable with respect to such borrowings and any terminated commitments. In addition, the lenders would have the right to proceed against the collateral we granted to them, which includes substantially all of our assets.We may not be able to secure additional financing on favorable terms, or at all, to meet our future capital needs.In the future, we may require additional capital to respond to business opportunities, challenges, acquisitions or unforeseen circumstances, and may determine to engage in equity or debt financings or enter into credit facilities or refinance existing debt for other reasons. We may not be able to timely secure additional debt or equity financing on favorable terms, or at all. As discussed above, the 2023 Senior Secured Credit Facility contains restrictive covenants that limit our ability to incur additional debt and engage in other capital-raising activities. Any debt financing we obtain in the future could involve covenants that further restrict our capital raising activities and other financial and operational matters, which may make it more difficult for us to operate our business, obtain additional capital and pursue business opportunities, including potential acquisitions. Furthermore, if we raise additional funds by issuing equity or convertible debt or other equity-linked securities, our then-existing stockholders could suffer significant dilution. If we are unable to obtain adequate financing or financing on terms satisfactory to us, when we require it, our ability to continue to grow or support our business and to respond to business challenges could be significantly limited.Risks Related to Our Organizational Structure and Our CompanyWe are a holding company with no operations of our own, and our principal asset is our controlling membership interest in i3 Verticals, LLC. Accordingly, we depend on distributions from i3 Verticals, LLC to pay our taxes and other expenses.We are a holding company with no operations of our own and currently have no significant assets other than our ownership of common units of i3 Verticals, LLC. We currently have no independent means of generating revenue. Consequently, our ability to obtain operating funds depends upon distributions from i3 Verticals, LLC. Furthermore, i3 Verticals, LLC is treated as a partnership for U.S. federal income tax purposes and, as such, is not itself subject to U.S. federal income tax. Instead, its net taxable income is generally allocated to its members, including us, pro rata according to the number of membership interests each member owns. Accordingly, we incur income taxes on our proportionate share of any net taxable income of i3 Verticals, LLC in addition to expenses related to our operations, and our ability to obtain funds to pay these income taxes currently depends upon 39distributions from i3 Verticals, LLC. We intend to cause i3 Verticals, LLC to distribute cash to us in an amount at least equal to the amount necessary to cover our respective tax liabilities, if any, with respect to our allocable share of the net income of i3 Verticals, LLC and to cover cash dividends on our Class A common stock, if any, we declare, and purchases of Class A common stock pursuant to our share repurchase program, as well as any payments due under the Tax Receivable Agreement (the “Tax Receivable Agreement” or "TRA") by and among i3 Verticals, Inc., i3 Verticals, LLC and each of the holders, other than i3 Verticals, Inc., of common units in i3 Verticals, LLC (the “Continuing Equity Owners”). To the extent that we need funds to pay our taxes or other liabilities or to fund our operations, and i3 Verticals, LLC is restricted from making distributions to us under applicable agreements under which it is bound, including its financing agreements, laws or regulations, does not have sufficient cash to make these distributions or is otherwise unable to provide such funds, we may have to borrow funds to meet these obligations and operate our business, and our liquidity and financial condition could be materially adversely affected. To the extent that we are unable to make payments under the Tax Receivable Agreement for any reason, such payments will be deferred and will accrue interest until paid.The interests of the other Continuing Equity Owners in our business may conflict with the interests of holders of shares of our Class A common stock.The Continuing Equity Owners, who collectively hold approximately 27% of the combined voting power of our common stock as of November 20, 2025, may receive payments from us under the Tax Receivable Agreement upon a redemption or exchange of their common units in i3 Verticals, LLC, including the issuance of shares of our Class A common stock upon any such redemption or exchange. In addition, the structuring of future transactions may take into consideration tax or other considerations of the Continuing Equity Owners even in situations where no similar considerations are relevant to the Company itself.We may not be able to realize all or a portion of the tax benefits that are expected to result from future redemptions or exchanges of common units by holders.Our organizational structure, including the Tax Receivable Agreement, confers certain benefits upon the Continuing Equity Owners that will not benefit the holders of our Class A common stock to the same extent as it will benefit the Continuing Equity Owners. Under the Tax Receivable Agreement, we are entitled to retain (a) 15% of the U.S. federal and state income tax savings we realize as a result of increases in tax basis created by any future redemptions or exchanges of common units held by our equity holders that are parties to the Tax Receivable Agreement for shares of our Class A common stock or cash for the tax years following a redemption or exchange covered by the Tax Receivable Agreement, and (b) all of the U.S. federal and state income tax savings we realize from such redemptions or exchanges for tax periods ending after those covered by the Tax Receivable Agreement. Our ability to realize, and benefit from, these tax savings depends on several assumptions, including that we will earn sufficient taxable income each year during the period over which the deductions arising from any such basis increases and payments are available and that there are no adverse changes in applicable law or regulations. If our actual taxable income were insufficient or there were adverse changes in applicable law or regulations, we may be unable to realize all or a portion of these expected benefits, and our cash flows and stockholders’ equity could be negatively affected.40In certain cases, payments under the Tax Receivable Agreement to the Continuing Equity Owners may be accelerated or significantly exceed the actual benefits we realize in respect of the tax attributes subject to the Tax Receivable Agreement.The Tax Receivable Agreement provides that upon certain mergers, asset sales, other forms of business combinations or other changes of control or if, at any time, we elect an early termination of the Tax Receivable Agreement, then our obligations, or our successor’s obligations, under the Tax Receivable Agreement to make payments thereunder would be based on certain assumptions, including an assumption that we would have sufficient taxable income to fully use all potential future tax benefits that are subject to the Tax Receivable Agreement.As a result of the foregoing, (a) we could be required to make payments under the Tax Receivable Agreement that are greater than the specified percentage of the actual benefits we ultimately realize in respect of the tax benefits that are subject to the Tax Receivable Agreement and (b) if we elect to terminate the Tax Receivable Agreement early, we would be required to make an immediate cash payment equal to the present value of the anticipated future tax benefits that are the subject of the Tax Receivable Agreement, which payment may be made significantly in advance of the actual realization, if any, of such future tax benefits. In these situations, our obligations under the Tax Receivable Agreement could have a substantial negative impact on our liquidity and could have the effect of delaying, deferring or preventing certain mergers, asset sales, other forms of business combinations or other changes of control. We may need to incur debt to finance payments under the Tax Receivable Agreement to the extent our cash resources are insufficient to meet our obligations under the Tax Receivable Agreement as a result of timing discrepancies or otherwise. There can be no assurance that we will be able to fund or finance our obligations under the Tax Receivable Agreement.In certain circumstances, i3 Verticals, LLC will be required to make distributions to us and the Continuing Equity Owners, and the distributions that i3 Verticals, LLC will be required to make may be substantial.Funds used by i3 Verticals, LLC to satisfy its tax distribution obligations may not be available for reinvestment in our business. As a result of potential differences in the amount of net taxable income allocable to us and to the Continuing Equity Owners, as well as the use of an assumed tax rate in calculating i3 Verticals, LLC’s distribution obligations, we may receive distributions significantly in excess of our tax liabilities and obligations to make payments under the Tax Receivable Agreement, such as in connection with the 2025 LLC Tax Distribution described below.In this regard, i3 Verticals, LLC made a tax distribution to the Company and the Continuing Equity Owners in January 2025 (the “2025 LLC Tax Distribution”) related to the taxable income associated with the gain on the sale of the Merchant Services Business completed in September 2024 that was anticipated to be recognized for 2024 federal income tax purposes by members of i3 Verticals, LLC. The 2025 LLC Tax Distribution resulted in the Company holding cash in excess of the Company’s tax liabilities, its obligation to make payments under its tax receivables agreement, and any other expected liabilities of the Company. Thereafter, on January 23, 2025, the Company and i3 Verticals, LLC effected certain recapitalization actions in order to reduce excess cash held at the Company following this 2025 LLC Tax Distribution. For additional information regarding the 2025 LLC Tax Distribution and recapitalization actions, see Note 18 to the accompanying consolidated financial statements contained in this report.Our Board of Directors will determine the appropriate uses for excess cash which may be held by the Company following any future tax distributions, which may include, among other uses, after giving effect to the payment of obligations under the Tax Receivable Agreement, effecting a recapitalization transaction similar to the recapitalization transaction associated with the 2025 LLC Tax Distribution as described above, and/or approving the payment of a cash dividend on our Class A common stock. While our Board may choose to take any such actions, our Board is not required to do so, and to the extent, for example, such excess cash balances continue to be held by the Company, the Continuing Equity Owners would benefit from any value attributable to such accumulated cash balances as a result of their ownership of Class A common stock following a redemption or exchange of their common units.We are subject to a requirement, pursuant to Section 404 of the Sarbanes-Oxley Act of 2002 (the “Sarbanes-Oxley Act”), to conduct an annual review and evaluation of our internal control over financial reporting and furnish a report by management on, among other things, our assessment of the effectiveness of our internal control over financial reporting each fiscal year beginning with the year following our first annual report required to be filed with the SEC. Ensuring that we have adequate internal control over financial reporting in place so that we can produce accurate financial statements on a timely basis is a costly and time-consuming effort that must be evaluated frequently. Establishing and maintaining these internal controls is and will continue to be costly and may divert management’s attention.When evaluating our internal control over financial reporting, we may identify material weaknesses that we may not be able to remediate in time to meet the applicable deadline imposed upon us for compliance with the requirements of Section 404 of the Sarbanes-Oxley Act. In addition, if we fail to achieve and maintain the adequacy of our internal control over financial reporting, as such standards are modified, supplemented or amended from time to time, we may not be able to ensure that we can conclude, on an ongoing basis, that we have effective internal control over financial reporting in accordance with Section 404 of the Sarbanes-Oxley Act. We cannot be certain as to the timing of completion of our evaluation, testing and any remediation actions or the impact of the same on our operations. If we have not adequately implemented or complied with the requirements of Section 404 of the Sarbanes-Oxley Act, we may be subject to sanctions or investigation by regulatory authorities, such as the SEC, or suffer other adverse regulatory consequences, including penalties for violation of Nasdaq rules. As a result, there could be a negative reaction in the financial markets due to a loss of confidence in the reliability of our financial statements. A loss of confidence in the reliability of our financial statements also could occur if we or our independent registered public accounting firm were to report one or more material weaknesses in our internal control over financial reporting. In addition, we may be required to incur costs in improving our internal control system, including the costs of the hiring of additional personnel. Any such action could negatively affect our business, financial condition, results of operations and cash flows and could also lead to a decline in the price of our Class A common stock.Certain provisions of Delaware law and anti-takeover provisions in our organizational documents could delay or prevent a change of control.Certain provisions of Delaware law and our amended and restated certificate of incorporation and amended and restated bylaws may have an anti-takeover effect and may delay, defer, or prevent a merger, acquisition, tender offer, takeover attempt, or other change of control transaction that a stockholder might consider in its best interest, including those attempts that might result in a premium over the market price for the shares held by our stockholders.These provisions provide for, among other things:•prohibiting the use of cumulative voting for the election of directors;•advance notice for nominations of directors by stockholders and for stockholders to include matters to be considered at our annual meetings; and•certain limitations on convening special stockholder meetings.Generally, a “business combination” includes a merger, asset or stock sale or other transaction resulting in a financial benefit to the interested stockholder. Subject to certain exceptions, an “interested stockholder” is a person who, together with that person’s affiliates and associates, owns, or within the previous three years owned, 15% or more of the votes of our outstanding voting stock. For purposes of this provision, “voting stock” means any class or series of stock entitled to vote generally in the election of directors.Under certain circumstances, this provision will make it more difficult for a person who would be an “interested stockholder” to effect various business combinations with our company for a three-year period. This provision may encourage companies interested in acquiring our company to negotiate in advance with our Board of Directors because the stockholder approval requirement would be avoided if our Board of Directors approves either the business combination or the transaction that results in the stockholder becoming an interested stockholder. These provisions also may have the effect of preventing changes in our Board of Directors and may make it more difficult to accomplish transactions that stockholders may otherwise deem to be in their best interests.These provisions in our amended and restated certificate of incorporation and amended and restated bylaws may discourage, delay or prevent a transaction involving a change in control of our company that is in the best interest of our minority stockholders. Even in the absence of a takeover attempt, the existence of these provisions may adversely affect the prevailing market price of our Class A common stock if they are viewed as discouraging future takeover attempts. These provisions could also make it more difficult for stockholders to nominate directors for election to our Board of Directors and take other corporate actions.We may issue shares of preferred stock in the future, which could make it difficult for another company to acquire us or could otherwise adversely affect holders of our Class A common stock, which could depress the price of our Class A common stock.Our amended and restated certificate of incorporation authorizes us to issue one or more series of preferred stock. Our Board of Directors has the authority to determine the preferences, limitations and relative rights of the shares of preferred stock and to fix the number of shares constituting any series and the designation of such series, without any further vote or action by our stockholders. Our preferred stock can be issued with voting, liquidation, dividend and other rights superior to the rights of our Class A common stock. The potential issuance of preferred stock may delay or prevent a change in control of us, discourage bids for our Class A common stock at a premium to the market price, and materially and adversely affect the market price and the voting and other rights of the holders of our Class A common stock.As of September 30, 2025, we have an aggregate of 126,016,875 shares of Class A common stock authorized but unissued, including 8,381,681 shares of Class A common stock issuable, at our election, upon redemption of common units of i3 Verticals, LLC that are held by the Continuing Equity Owners. Subject to certain restrictions contained in the LLC Agreement, the Continuing Equity Owners are entitled to have their common units redeemed from time to time at each of their options (subject in certain circumstances to time-based and service-based vesting requirements and other limitations) for newly-issued shares of our Class A common stock on a one-for-one basis or a cash payment equal to a volume weighted average market price of one share of Class A common stock for each Common Unit redeemed, in each case, in accordance with the terms of the LLC Agreement. At our election, however, we may effect a direct exchange by i3 Verticals, Inc. of such Class A common stock or such cash, as applicable, for such common units in lieu of redemption. The Continuing Equity Owners may exercise such redemption right for as long as their common units remain outstanding. We have also entered into a Registration Rights Agreement pursuant to which the shares of Class A common stock issued to certain Continuing Equity Owners upon such redemption and the shares of Class A common stock issued to certain Continuing Equity Owners in connection with the Reorganization Transactions will be eligible for resale registration, subject to certain limitations set forth in the Registration Rights Agreement. We cannot predict the size of future issuances of our Class A common stock or the effect, if any, that future issuances and sales of shares of our Class A common stock may have on the market price of our Class A common stock. Sales or distributions of substantial amounts of our Class A common stock, including shares issued in connection with an acquisition, or the perception that such sales or distributions could occur, may cause the market price of our Class A common stock to decline.Holders of our Class A common stock may be diluted by future issuances of preferred stock or additional Class A common stock or common units in connection with our incentive plans, acquisitions or otherwise; future sales of such shares in the public market, or the expectations that such sales may occur, could lower our stock price.Our amended and restated certificate of incorporation authorizes us to issue shares of our Class A common stock and options, rights, warrants and appreciation rights relating to our Class A common stock for the consideration and on the terms and conditions established by our Board of Directors in its sole discretion. We could issue a significant number of shares of Class A common stock in the future in connection with investments or acquisitions. Any of these issuances could dilute our existing stockholders, and such dilution could be significant. Moreover, such dilution could have a material adverse effect on the market price for the shares of our Class A common stock.The future issuance of shares of preferred stock with voting rights may adversely affect the voting power of the holders of shares of our Class A common stock, either by diluting the voting power of our Class A common stock if the preferred stock votes together with the common stock as a single class, or by giving the holders of any such preferred stock the right to block an action on which they have a separate class vote, even if the action were approved by the holders of our shares of our Class A common stock.The future issuance of shares of preferred stock with dividend or conversion rights, liquidation preferences or other economic terms favorable to the holders of preferred stock could adversely affect the market price for our Class A common stock by making an investment in the Class A common stock less attractive. For example, investors in the Class A common stock may not wish to purchase Class A common stock at a price above the conversion price of a series of convertible preferred stock because the holders of the preferred stock would effectively be entitled to purchase Class A common stock at the lower conversion price, causing economic dilution to the holders of Class A common stock.44Sales of shares of our Class A common stock in connection with the Registration Rights Agreement, or the prospect of any such sales, could materially affect the market price of our Class A common stock and could impair our ability to raise capital through future sales of equity securities.In connection with the completion of our IPO, we entered into a Registration Rights Agreement with certain Continuing Equity Owners. Any sales in connection with the Registration Rights Agreement, or the prospect of any such sales, could materially and adversely impact the market price of our Class A common stock and could impair our ability to raise capital through future sales of equity securities.In the future, we may also issue additional securities if we need to raise capital, including, but not limited to, in connection with acquisitions, which could constitute a material portion of our then-outstanding shares of Class A common stock.Item 1B. Unresolved Staff CommentsNone.Item 1C. While cybersecurity technologies and implementation may differ based on the needs and risk profile of each individual business, we implement standards at the enterprise level and provide centralized oversight work to ensure alignment and consistency. Our cybersecurity team deploys an array of capabilities to ensure the availability, integrity, and confidentiality of key business systems, supported by centrally monitored cyber tools and managed services. Our cybersecurity programs operate in service of the following express principles:•Identify: Intended to ensure that our IT team has a comprehensive understanding of our systems and data environment to effectively manage security risks to key assets, data, and services.•Protect: Implementing controls and safeguards that allow employees to work securely and with confidence, which are intended to enable the continued delivery of essential business services. We deploy systems, capabilities, and processes designed to detect cybersecurity events as early as possible to ensure the resilience of our systems and our ability to identify threats.•Respond & Recover: Equipping the Company with the necessary capabilities to take immediate and effective action against detected threats. Our incident response plan has a structured escalation process for managing and reporting cybersecurity incidents, starting with initial detection and local management review, escalating to enterprise-level teams, and potentially reaching the Audit Committee of the Company's Board of Directors, if the incident is deemed material. •Awareness: Promoting ongoing user awareness and training so that all employees understand their role in managing cybersecurity risks. Mandatory new hire and annual security and privacy training is provided to all employees, including automated monthly phishing campaigns to educate staff on identifying and reporting phishing threats.45•Third Parties: Processes designed to identify and manage cybersecurity risks associated with our use of third-party providers. These include cybersecurity due diligence efforts, targeted risk oversight, monitoring and mitigation efforts and contractual protections, as necessary. Additionally, we engage consulting firms and other third parties to conduct evaluations of our security controls, including penetration testing and independent audits, and to advise the Company's Audit Committee, and our management team on cybersecurity matters.While we have experienced cyber threats and incidents, we have not (whether directly or indirectly, including through our third-party vendors, or customers or other business relations) been subject to a cybersecurity event of which we are aware that has had a material impact on us, including our business strategy, financial condition or results of operations. However, despite our security measures, there is no assurance that we, or the third parties with which we interact, will not experience a cybersecurity incident in the future that materially impacts us. For additional information regarding the risks to us associated with cybersecurity incidents and cybersecurity or technological risks, see “Unauthorized disclosure, destruction or modification of data or disruption of our services or other cybersecurity or technological risks, including as a result of a cybersecurity incident, could expose us to liability, protracted and costly litigation and damage our reputation.

” included in Part I, Item 1A of this Form 10-K.We maintain a cybersecurity insurance policy that provides coverage in connection with cybersecurity incidents. However, such insurance coverage may exclude certain types of claims or otherwise be insufficient to cover all costs and damages associated with cybersecurity incidents, and (to the extent that costs and damages are otherwise covered) are subject to applicable deductibles.GovernanceWhile the Company’s Board of Directors has the ultimate responsibility for risk management, the Board has designated the Audit Committee as being primarily responsible for certain specific categories of risk oversight matters, including the oversight of the Company's privacy, data and cybersecurity risk exposures, such as the steps management has taken to monitor and mitigate such exposures and protect against threats to the Company’s information systems and security. Our cybersecurity risk management processes are integrated into our overall risk management system.At a management level, the Company’s cybersecurity risk management program is led by our Chief Technology Officer (CTO), who reports to the Company’s President and regularly briefs him on developments that impact the program. Our CTO brings over twenty years of executive leadership experience, providing sponsorship for cybersecurity programs and compliance efforts. He has worked to promote a culture of strong IT governance and organizational resilience, collaborating with subject matter experts to advance cybersecurity initiatives and compliance. His hands-on experience integrating security-focused practices as part of technology governance and risk management ensures we prioritize risk management and robust protection of our digital assets. With over twenty years of experience spanning cybersecurity, technology, and data privacy, our SVP-TCSS collaborates with these dedicated security teams to develop and implement organization-wide cybersecurity strategies.Our incident response plan outlines controls and procedures for cybersecurity incidents. This plan includes a cybersecurity incident command team that to conducts initial assessments of incidents. If an incident meets defined criteria, it is reviewed by senior IT security members. The leadership team evaluates the potential impact and the need for public disclosure, and if necessary, escalates the incident to executive management, the Audit Committee, and/or the Board of Directors.On a quarterly basis, the Company’s CTO reports to the Audit Committee regarding the Company’s cybersecurity program, including the status of ongoing proactive efforts to improve the Company’s cybersecurity risk profile. The 46CTO also reports to the Audit Committee on a quarterly basis regarding remediation activities, if any, along with related security metrics, in connection with any areas where cybersecurity threats have been identified..

Recently Filed

Click on a ticker to see risk factors

Ticker *	File Date
GEOS	2 days, 17 hours ago
IIIV	2 days, 17 hours ago
HP	2 days, 18 hours ago
PTC	2 days, 18 hours ago
MATW	2 days, 19 hours ago
UGI	2 days, 19 hours ago
DGII	2 days, 21 hours ago
POST	2 days, 22 hours ago
NFG	2 days, 23 hours ago
IESC	3 days, 2 hours ago
NJR	3 days, 17 hours ago
PXED	3 days, 18 hours ago
TTEK	3 days, 18 hours ago
NTIC	3 days, 18 hours ago
CRNC	3 days, 19 hours ago
EACO	3 days, 20 hours ago
MMS	3 days, 21 hours ago
ASH	3 days, 21 hours ago
LQDT	3 days, 22 hours ago
APD	4 days ago
KLIC	4 days, 1 hour ago
WMG	4 days, 2 hours ago
J	4 days, 3 hours ago
GFF	4 days, 17 hours ago
HI	4 days, 17 hours ago
JACK	4 days, 18 hours ago
ENTA	4 days, 18 hours ago
BV	4 days, 18 hours ago
PACS	4 days, 18 hours ago
DHI	4 days, 20 hours ago
POWL	4 days, 21 hours ago
MWA	4 days, 21 hours ago
FOR	4 days, 22 hours ago
BRBR	5 days, 22 hours ago
EPC	6 days, 13 hours ago
OCSL	6 days, 16 hours ago
HZO	6 days, 17 hours ago
GLAD	6 days, 18 hours ago
TWST	1 week ago
NMEX	1 week, 2 days ago
ATO	1 week, 2 days ago
SONO	1 week, 2 days ago
AWCA	1 week, 2 days ago
SBUX	1 week, 2 days ago
MTSI	1 week, 2 days ago
GAFC	1 week, 2 days ago
SR	1 week, 2 days ago
JCI	1 week, 2 days ago
PLXS	1 week, 3 days ago
QTZM	1 week, 3 days ago

OTHER DATASETS

House Trading

Dashboard

Corporate Flights

Dashboard

App Ratings

Dashboard

Strategies

Alerts

Browse Data

Risk Factors Dashboard

View risk factors by ticker

Search filings by term

Risk Factors - IIIV

-New additions in green
-Changes in blue
-Hover to see similar sentence in last filing

$IIIV Risk Factor changes from 00/11/25/24/2024 to 00/11/21/25/2025

Recently Filed

OTHER DATASETS

House Trading

Corporate Flights

App Ratings

TRADE SMARTER

TRADE SMARTER

Strategies

Alerts

Browse Data

Risk Factors Dashboard

View risk factors by ticker

Search filings by term

Risk Factors - IIIV

-New additions in green-Changes in blue-Hover to see similar sentence in last filing

$IIIV Risk Factor changes from 00/11/25/24/2024 to 00/11/21/25/2025

Recently Filed

OTHER DATASETS

House Trading

Corporate Flights

App Ratings

TRADE SMARTER

TRADE SMARTER

-New additions in green
-Changes in blue
-Hover to see similar sentence in last filing