Adtran (ADTN) Risk Analysis

Our products are highly complex, and we cannot ensure that our extensive product development, manufacturing and integration testing will be adequate to detect all defects, errors, failures and quality issues. Material quality or performance problems for products covered under warranty could adversely impact our reputation and negatively affect our operating results, financial position and cash flows. The development and production of new products with high complexity often involves problems with software, components and manufacturing methods. If significant warranty obligations arise due to reliability or quality issues arising from defects in software, faulty components or manufacturing methods, our operating results, financial position and cash flows could be negatively impacted by: - costs associated with fixing software or hardware defects;- costs associated with internal or third-party installation errors;- high service and warranty expenses;- costs associated with recalling and replacing products with software or hardware defects, including costs from writing-off defective products recalled or recovering expenses from our suppliers;- high inventory obsolescence expense;- delays in collecting accounts receivable;- payment of liquidated damages for performance failures;- extended performance bond expenses; and - a decline in revenue from existing customers.

Our business has grown significantly since its inception. Our success is dependent in large part on the continued employment of our executive officers, including Thomas R. Stanton, our Chief Executive Officer, and other key management personnel. There have been, and may continue to be, changes in our management team resulting from the hiring or departure of key personnel, and we have recently made, and may continue to make, changes in compensation that may be viewed as disruptive by our key personnel. These changes may result in increased attrition or reduced productivity of our key personnel as new reporting relationships are established, and as other companies may increasingly target our executives and other key personnel, particularly during the current highly competitive market for qualified personnel. Such changes have and may continue to result in a loss of institutional knowledge, and they may cause disruptions to our business, impede our ability to achieve our objectives, or distract or result in diminished morale in, or the loss of, key personnel. In addition, for Adtran to continue as a successful entity we must also be able to attract and retain key engineers and software developers and architects whose expertise helps us maintain competitive advantages. We believe that our future success will depend, in large part, upon our ability to continue to attract, retain, train and motivate highly-skilled employees who are in great demand. Stock awards are designed to reward employees for their long-term contributions and to provide incentives for them to remain with us. Changes to our overall compensation program, including changes in salaries and our stock incentive program, may adversely affect our ability to retain key employees. Properly managing our continued growth, avoiding the problems often resulting from such growth and expansion and continuing to operate in the manner which has proven successful to us to date remains critical to the future success of our business.

Our future success depends in part upon our proprietary technology. Although we attempt to protect our proprietary technology by contract, trademark, copyright and patent registration and internal security, including trade secret protection, these protections may not be adequate. Furthermore, our competitors can develop similar technology independently without violating our proprietary rights. From time to time, we receive and may continue to receive notices of claims alleging that we are infringing upon patents or other intellectual property. Any of these claims, whether with or without merit, could result in significant legal fees, divert our management's time, attention and resources, delay our product shipments or require us to enter into royalty or licensing agreements. We cannot predict whether we will prevail in any claims or litigation over alleged infringements, or whether we will be able to license any valid and infringed patents, or other intellectual property, on commercially reasonable terms. If claims of intellectual property infringement against us are successful and we fail to obtain a license or develop or license non-infringing technology, our business, operating results, financial condition and cash flows could be materially adversely affected.

We maintain sensitive data on our information systems and the networks of third-party providers, including intellectual property, financial data and proprietary or confidential business information relating to our business, customers, suppliers, and business partners. We also produce networking equipment solutions and software used by network operators to ensure security and reliability in their management and transmission of data. Our customers, particularly those in regulated industries, are increasingly focused on the security features of our technology solutions. Maintaining the security of information sensitive to us and our business partners is critical to our business and reputation. We rely upon several internal business processes and information systems to support key operations and financial functions, and the efficient operation of these processes and systems is critical. Companies are increasingly subjected to cyberattacks and other attempts to gain unauthorized access. Specifically, our network and storage applications and those systems and applications maintained by our third-party providers may be targeted by cyberattacks or potentially breached due to operator error, fraudulent activity, or other system disruptions. Furthermore, we, our employees and some of our third-party Service Providers have been, and anticipate continuing to be, the targets of various cybersecurity threats. These include hacking attacks, social engineering schemes such as "phishing," and business email compromise attacks, wherein attackers impersonate company executives or colleagues in emails to trick employees into transferring funds or revealing sensitive information. Our information systems are designed to reflect industry standards and are engineered to reduce downtime in the event of power outages, weather or climate events and cybersecurity issues. To date, these threats have not had a significant effect on our financial condition or operational results; however, we cannot ensure that future cybersecurity threats might not have a material impact on our business. Unauthorized access to or disclosure of our information could compromise our intellectual property and expose sensitive business information. Additionally, a significant failure or other compromise of our systems due to these issues could result in significant remediation costs, disrupt business operations, and divert management attention, which could result in harm to our business reputation, operating results, financial condition, and cash flows. These risks, as well as the number and frequency of cybersecurity events globally, may also be heightened during times of geopolitical tension or instability between countries. For example, a number of recent cybersecurity events have been alleged to have originated from the ongoing military conflict in Ukraine and in Israel and its surrounding areas. Further, we have incurred, and will continue to incur, expenses to comply with cybersecurity, privacy, and data protection standards and protocols imposed by law, regulation, industry standards and contractual obligations. Continued increases in legislation and regulation from a variety of international, federal and state authorities regarding cybersecurity incidents, including risk assessment, notification obligations, regulatory reporting and other requirements, could increase our cost of compliance and could subject us to additional liability and reputational harm. And while we may be entitled to damages if our third-party providers fail to satisfy their security-related obligations to us, any award may be insufficient to cover our damages, or we may be unable to recover such award. Additionally, while we have purchased cybersecurity insurance, there are no assurances that the coverage would be adequate in relation to any incurred losses or not subject to any exclusions. Moreover, as cyberattacks increase in frequency and magnitude, we may be unable to obtain cybersecurity insurance in amounts and on terms we view as adequate for our operations. For information on our cybersecurity risk management, strategy and governance, see Part I, Item 1C of this report.

We are subject to laws and regulations that govern conduct by our Company, our employees and agents and the manufacture, sale and use of our products. Our inability to comply with current and evolving laws and regulations governing our business domestically and internationally may adversely affect our revenue, results of operations, financial conditions and cash flows. New and changing laws, regulations and industry practices could require us to modify our business, products or services offered, potentially in a material manner, and may limit our ability to develop new products, services and features. If we violate these laws and regulations, governmental authorities in the U.S. and in foreign jurisdictions could seek to impose civil and/or criminal fines and penalties which could have an adverse effect on our reputation, as well as our results of operations, financial condition and cash flows. These laws and regulations include, but are not limited to: - various regulations and regional standards established by communications authorities and import/export control authorities that govern the manufacture, sale and use of our products. Changes in domestic or international communications regulations, tariffs, potential changes in trade policies by the U.S. and other nations, application requirements, import/export controls or expansion of regulation to new areas, including access, communications or commerce over the internet, may affect customer demand for our products or slow the adoption of new technologies which may affect our revenue. Further, the cost of complying with the evolving standards and regulations, including the cost of product re-design if necessary, or the failure to obtain timely domestic or foreign regulatory approvals or certification such that we may not be able to sell our products where these standards or regulations apply, may adversely affect our revenue, results of operations, financial condition and cash flows. - compliance with a wide variety of provincial, state, national and international laws and regulations applicable to the collection, use, retention, protection, disclosure, transfer and other processing of data, including personal data. Foreign data protection, privacy and other laws and regulations, including GDPR, are often more restrictive than those in the U.S. These data protection and privacy-related laws and regulations are varied, evolving, can be subject to significant change, may be augmented or replaced by new or additional laws and regulations and may result in ever-increasing regulatory and public scrutiny and escalating levels of enforcement and sanctions. For example, within the past three years, numerous states have adopted or are in the process of adopting various privacy-related laws and regulations. In addition, on July 16, 2020, the Court of Justice of the European Union issued a decision that invalidated the EU-U.S. Privacy Shield framework as a basis for transfers of personal data from the EU to the U.S., resulting in uncertainty and potential additional compliance obligations to ensure that a valid basis under the GDPR exists for these data transfers. Since that time, the E.U. and U.S. have developed the successor E.U.-U.S. Data Privacy Framework to address the 2020 decision, and on July 10, 2023, the European Commission issued an adequacy decision for the EU-US Data Privacy Framework, which entered in force on July 11, 2023; however, there are indications there may be legal challenges to the decision. Additionally, the European Commission published revised standard contractual clauses for data transfers from the European Economic Area in 2021, which were required to go into effect by December 2022. Finally, the U.K. has enacted a version of the GDPR the implementation of which occurred by way of the Data Protection Act 2018, collectively referred to as the "U.K. GDPR." Uncertainty remains, however, regarding how aspects of data protection in the U.K. will be handled in the medium to long term. There is also a risk that we, directly or as the result of a third-party Service Provider we use, could be found to have failed to comply with the laws and regulations applicable in a jurisdiction regarding the collection, consent, handling, transfer or disposal of personal data. In addition to the U.S. and Europe, we do business in numerous other countries around the globe. Those countries and jurisdictions may have, currently or in the future, data protection or privacy laws or regulations with similar or additional requirements, resulting in increased compliance costs and regulatory risk. - the FCPA, which prohibits U.S. companies and their intermediaries from making corrupt payments to foreign officials for the purpose of directing, obtaining or keeping business, and requires companies to maintain reasonable books and records and a system of internal accounting controls. The FCPA applies to companies, individual directors, officers, employees and agents. Under the FCPA, U.S. companies may be held liable for the corrupt actions taken by employees, strategic or local partners or other representatives. On February 10, 2025, the U.S. government temporarily paused the enforcement of the FCPA. Whether FCPA enforcement will resume in the future and the extent to which it will be enforced remains uncertain. - environmental, health and safety regulations governing the manufacture, assembly and testing of our products, including without limitation regulations governing the use of hazardous materials. Our failure or the failure of our contract manufacturers to properly manage the use, transportation, emission, discharge, storage, recycling or disposal of hazardous materials could subject us to increased costs or liabilities. Existing and future environmental regulations may restrict our use of certain materials to manufacture, assemble and test products. - requirements by the SEC governing the disclosure regarding the use of conflict minerals mined from the Democratic Republic of the Congo and adjoining countries (the "DRC") and disclosure with respect to procedures regarding a manufacturer's efforts to prevent the sourcing of such minerals from the DRC. Certain of these minerals are present in our products. SEC rules implementing these requirements may have the effect of reducing the pool of suppliers that can supply "conflict free" components and parts, and we may not be able to obtain conflict free products or supplies in sufficient quantities for our operations. Because our supply chain is complex, we may face reputational challenges with our customers, stockholders and other stakeholders if we are unable to verify sufficiently the origins for the conflict minerals used in our products and cannot assert that our products are "conflict free." Environmental or similar social initiatives may also make it difficult to obtain supply of compliant components or may require us to write off non-compliant inventory, which could have an adverse effect on our business and operating results. - the insider trading prohibitions and the respective directors' dealing rules, as well as disclosure and reporting obligations under the German Securities Trading Act (Wertpapierhandelsgesetz) and Regulation (EU) No. 596/2014 of the European Parliament and of the Council of April 16, 2014, and other applicable regulations. Moreover, changes in the U.S. political landscape can significantly impact our business. The recent changes in the U.S. government administration may result in substantial modifications to laws and regulations, including, but not limited to, those related to trade policies, tariffs, export controls and technology transfers. New executive orders and legislative actions could alter the business environment in which we operate.

We are subject to taxation in various jurisdictions, both domestically and internationally, in which we conduct business. Significant judgment is required in the determination of our provision for income taxes, and this determination requires the interpretation and application of complex and sometimes uncertain tax laws and regulations. Our effective tax rate may be adversely impacted by changes in the mix of earnings between jurisdictions with different statutory tax rates, in the valuation of our deferred tax assets, and by changes in tax rules and regulations. We continually monitor our deferred tax assets and when it becomes more likely than not that a tax benefit will not be recognized, a valuation allowance is recorded against those assets. In addition, we are subject to examination of our income tax returns by the Internal Revenue Service and various other tax authorities in the jurisdictions in which we conduct business. We regularly assess the likelihood of adverse outcomes resulting from these examinations to determine the adequacy of our provision for income taxes. There can be no assurance that the outcomes from these continuous examinations will not have an adverse effect on our results of operations, financial condition and cash flow. Additionally, we continually review the adequacy of the valuation allowance and recognize the benefits of deferred tax assets only as the reassessment indicates that it is more likely than not that the deferred tax assets will be recognized. As such, we may release a portion of the valuation allowance or establish a new valuation allowance based on operations in the jurisdictions in which these assets arose. Management continues to evaluate all evidence including historical operating results, the existence of losses in the most recent year, forecasted earnings, future taxable income and tax planning strategies. Should management determine that a valuation allowance is needed in the future due to not being able to absorb deferred tax assets, it would have a material impact on our consolidated financial statements. In August 2022, the Inflation Reduction Act was signed into law, which made a number of changes to the Internal Revenue Code, including adding a 1% excise tax on stock buybacks by publicly traded corporations and a 15% corporate minimum tax on adjusted financial statement income of certain large companies. The impact of these provisions on our effective tax rate will also depend on additional guidance to be issued by the Secretary of the U.S. Department of the Treasury. We are currently evaluating the impact of these provisions on our effective tax rate. Further, the Tax Act amended the Internal Revenue Code to require that specific research and experimental ("R&E") expenditures be capitalized and amortized over five years (U.S. R&E) or fifteen years (non-U.S. R&E), which began in fiscal 2023. Although the U.S. Congress has considered legislation that would defer, modify, or repeal the capitalization and amortization requirement, there is no assurance that the provision will be deferred, repealed, or otherwise modified. If the requirement is not repealed or otherwise modified, it may increase our effective tax rate. Additionally, the Organization for Economic Co-operation and Development (the "OECD"), the G20, and other invited countries developed a global tax framework inclusive of a 15% global minimum tax under the Pillar Two Global Anti-Base Erosion Rules ("Pillar Two"). On December 15, 2022, the Council of the European Union ("EU") formally adopted the OECD's framework to achieve a coordinated implementation amongst EU Member States consistent with EU law. The EU's Pillar Two Directive effective dates are January 1, 2024, and January 1, 2025, for different aspects of the directive. Various countries have enacted or are in the process of enacting legislation to adopt certain parts of the OECD's proposals. We have assessed the framework including OECD administrative guidance and expect, based upon available guidance, that these changes will not have a material impact to our results of operations; however, any future changes in OECD guidance or interpretations, could impact our initial assessment. Many aspects of the minimum tax directive will be effective beginning in fiscal 2025, with certain remaining impacts to be effective beginning in fiscal 2026. While it is uncertain whether the U.S. will enact legislation to adopt the minimum tax directive, certain countries in which we operate have adopted legislation, and other countries are in the process of introducing legislation to implement the minimum tax directive.

Many governments, regulators, investors, employees, customers and other stakeholders are increasingly focused on ESG considerations relating to businesses, including climate change and greenhouse gas emissions, human and civil rights, and diversity, equity and inclusion. In addition, we may make statements about our ESG goals and initiatives through our website, press statements and other communications. Responding to these environmental, social and governance considerations and implementation of these goals and initiatives involves risks and uncertainties, requires investments, and depends in part on third-party performance or data that is outside of our control. Any failure, or perceived failure, by us to achieve our targets, further our initiatives, adhere to our public statements, comply with federal, state or international ESG laws and regulations, or meet evolving and varied stakeholder expectations and standards could result in legal and regulatory proceedings against us and materially adversely affect our business, reputation, results of operations, financial condition and stock price. In addition, simultaneous, disparate and divergent sentiments on ESG-related matters from multiple stakeholder groups must be considered. For example, there is an increasing number of anti-ESG initiatives in the U.S. that may conflict with other regulatory requirements or our various stakeholders' expectations. Such divergent, sometimes conflicting views on ESG-related matters increase the risk that any action or lack thereof by us on such matters will be perceived negatively by some stakeholders.

The markets for our products are intensely competitive. New manufacturers have entered the markets in recent years to offer products in competition with us. Additionally, certain companies have, in recent years, developed the ability to deliver competing products using coaxial cable and cellular transmission, especially in high-density metropolitan areas. Competition will further increase if new companies enter the market or existing competitors expand their product lines. Some of these potential competitors may have greater financial, technological, manufacturing, sales and marketing, and personnel resources. As a result, these competitors may be able to respond more rapidly or effectively to new or emerging technologies and changes in customer requirements, withstand significant price decreases, or devote greater resources to the development, promotion and sale of their products. Furthermore, we face aggressive price competition and may continue to do so. As a consequence of higher supply chain and manufacturing costs, we have in the past increased the prices of many of our products and services to maintain or improve our revenue and gross margin, and we may do so again in the future. In addition, competitors who have a greater presence in some of the lower-cost markets in which we compete, or who can obtain better pricing, more favorable contractual terms and conditions, or more favorable allocations of products and components during periods of limited supply may be able to offer lower prices than we are able to offer. Our cash flows, results of operations, and financial condition may be adversely affected by these and other industry-wide pricing pressures. In addition, our present and future competitors may be able to enter our existing or future markets with products or technologies comparable or superior to those that we offer. An increase in competition could cause us to reduce prices, decrease our market share, require increased spending by us on product development and sales and marketing, or cause delays or cancellations in customer orders, any one of which could reduce our gross profit margins and adversely affect our business and results of operations.

Historically, a large percentage of our revenue has been made to major Service Providers and larger independent communications companies. As long as the major and larger independent communications companies represent such a substantial percentage of our total revenue, our future success will significantly depend upon certain factors which are not within our control, including: - the timing and size of future purchase orders, if any, from these customers;- changes in strategic plans and capital budgets of these customers;- the product requirements of these customers;- the subscriber take rate, including subscriber loss or churn, of our customers;- the financial and operational success of these customers;- the impact of legislative and regulatory changes on these customers;- consolidation, acquisition of, or corporate reorganization among these customers;- the success of these customers' services deployed using our products; and - the impact of work stoppages at these customers. In the past, revenue generated by our large customers has fluctuated significantly from quarter to quarter and year to year, and it may continue to fluctuate in the future. The loss of, or a significant reduction or delay in, revenue to any such customer or the occurrence of revenue fluctuations could have a material adverse effect on our business and results of operations. Further, any attempt by a major or other Service Provider to seek out additional or alternative suppliers or to undertake, as permitted under applicable regulations, the production of these products internally, could have a material adverse effect on our operating results. There has been a trend toward industry consolidation in our markets for several years. We expect this trend to continue as companies attempt to strengthen or hold their market positions or are unable to continue operations. This could lead to variability in our operating results and could have a material adverse effect on our business, operating results, financial condition and cash flow. In addition,particularly in the Service Provider market, rapid consolidation will lead to fewer customers, with the effect that a loss of a major customer could have a material impact on our results that we would not have anticipated in a marketplace composed of more numerous participants.

Ongoing inflationary pressures have resulted and may continue to result in decreased demand for our products and services, increased manufacturing and operating costs (including our labor costs), reduced liquidity, and limitations on our ability to access credit or otherwise raise debt and equity capital. In the current inflationary environment, because certain of our customer contracts provide for fixed pricing and/or due to our competitor's pricing strategies, we are not always been able to raise the sales prices of our products and services at or above the rate at which our costs increase, which has reduced our profit and operating margins and has and could continue to have a material adverse effect on our financial results. We also may experience lower than expected sales and potential adverse impacts on our competitive position if there is a decrease in customer spending or a negative reaction to any price increases we are able to implement. A reduction in our revenue would be detrimental to our profitability and financial condition and could also have an adverse impact on our future growth.

International sales represented 56.8% and 59.8% of our net revenue for the years ended December 31, 2024 and 2023. We have a significant international presence, and our international presence may continue to grow. If we continue to expand our presence in international markets, we expect to continue to experience increased revenue and operating costs in these markets. Furthermore, international expansion may continue to increase our operational risks and impact our results of operations, including: - foreign currency exchange rate volatility has had and may continue to have an unfavorable impact on our cash flows, financial condition and results of operations;- exposure to unfavorable commercial terms in certain countries;- the time and cost to staff and manage foreign operations, including the time and cost to maintain good relationships with employee associations and work councils;- the time and cost to ensure adequate business interruption controls, processes and facilities;- the time and cost to manage and evolve financial reporting systems, maintain effective financial disclosure controls and procedures, and comply with corporate governance requirements in multiple jurisdictions;- the cost to collect accounts receivable and extension of collection periods;- the cost and potential disruption of facilities transitions required in some business acquisitions;- risks as a result of less regulation of patents or other safeguards of intellectual property in certain countries;- the potential impact of adverse tax, customs regulations and transfer-pricing issues;- exposure to increased price competition from additional competitors in some countries;- exposure to global social, political and economic instability, changes in economic conditions and foreign currency exchange rate movements;- potential exposure to liability or damage of reputation resulting from a higher incidence of corruption or unethical business practices in some countries;- potential regulations on data protection, regarding the collection, use, disclosure and security of data;- potential trade protection measures, export compliance issues, domestic preference procurement requirements, qualification to transact business and additional regulatory requirements;- potential exposure to natural disasters, epidemics and pandemics (and government regulations in response thereto) and acts of war or terrorism; and - potential exposure to ongoing military conflicts, including the conflict in Ukraine and in Israel and surrounding regions. The U.S. and certain other countries-imposed sanctions on Russia in connection with the conflict in Ukraine and could impose further sanctions against it, which could damage or disrupt international commerce and the global economy. Other potential consequences of such military conflicts include, but are not limited to, a heightened risk of cyber-warfare, biological warfare or nuclear warfare, growth in the number of popular uprisings in the affected regions, increased political discontent, especially in the regions most affected by the conflicts or economic sanctions, continued displacement of persons to regions close to the areas of conflict and an increase in the number of refugees, among other unforeseen social and humanitarian effects which could impact our business, customers, and suppliers.