C3ai (AI) Risk Factors

As of October 31, 2024, our technology is protected by a broad patent portfolio, with 26 issued patents in the United States, 17 issued counterpart patents in a number of international jurisdictions, over 50 patent applications pending in the United States, and 100 patent applications pending internationally. Our issued patents expire beginning in 2033 through 2043. We continually review our development efforts to assess the existence and patentability of new intellectual property. The pending patent applications are presently undergoing examination or expected to undergo examination in the near future. These patents and patent applications seek to protect our proprietary inventions relevant to our business, in addition to other proprietary technologies which are maintained as trade secrets. We intend to pursue additional intellectual property protection to the extent we believe it would be beneficial and cost-effective. We make business decisions about when to seek patent protection for a particular technology and when to rely upon copyright or trade secret protection, and the approach we select may ultimately prove to be inadequate. Even in cases where we seek patent protection, there is no assurance that the resulting patents will effectively protect every significant feature of our C3 AI Software. In addition, we believe that the protection of our trademark rights is an important factor in AI platform and application recognition, protecting our brand and maintaining goodwill. If we do not adequately protect our rights in our trademarks from infringement and unauthorized use, any goodwill that we have developed in those trademarks could be lost or impaired, which could harm our brand and our business. Third parties may knowingly or unknowingly infringe our proprietary rights, third parties may challenge our proprietary rights, pending and future patent, trademark and copyright applications may not be approved, and we may not be able to defend against or prevent infringement without incurring substantial expense. We have also devoted substantial resources to the development of our proprietary technologies and related processes. In order to protect our proprietary technologies and processes, we rely in part on trade secret laws and confidentiality agreements with our employees, consultants, and third parties. These agreements may not effectively prevent unauthorized disclosure of confidential information and may not provide an adequate remedy in the event of unauthorized disclosure of confidential information. In addition, others may independently discover our trade secrets, in which case we would not be able to assert trade secret rights or develop similar technologies and processes. Further, laws in certain jurisdictions may afford little or no trade secret protection, and any changes in, or unexpected interpretations of, the intellectual property laws in any country in which we operate may compromise our ability to enforce our intellectual property rights. Our patents, copyrights, trademarks, or other intellectual property rights could be challenged or invalidated by others through administrative processes or litigation. Costly and time-consuming litigation could be necessary to enforce and determine the scope of our proprietary rights with risks of possible counterclaims from suspected infringers. If the protection of our proprietary rights is inadequate to prevent use or appropriation by third parties, the value of our C3 AI Software, brand, and other intangible assets may be diminished, and competitors may be able to replicate our C3 AI Software more effectively. Any of these events would harm our business.

Our business depends on our C3 AI Software to be available without disruption. We and the third parties with whom we work have experienced, or may in the future experience, disruptions, outages, defects, and other performance and quality problems related to our C3 AI Software. We have also experienced, and may in the future experience, disruptions, outages, defects, and other performance and quality problems with the public cloud and internet infrastructure on which our C3 AI Software relies. These problems can be caused by a variety of factors, including introductions of new functionality, vulnerabilities, coding errors, software defects and defects in proprietary and open source software, human error or misconduct, capacity constraints, design limitations, as well as from internal and external security breaches, malware and viruses, ransomware, cyber events, denial or degradation of service attacks or other security-related incidents. Further, if our contractual and other business relationships with our public cloud providers are terminated, suspended, or suffer a material change to which we are unable to adapt, such as the elimination of services or features on which we depend, we could be unable to provide our C3 AI Software and could experience significant delays and incur additional expense in transitioning customers to a different public cloud provider. Any disruptions, outages, defects, and other security performance and quality problems with our C3 AI Software or with the public cloud, internet infrastructure, or other technology on which it relies, or any material change in our contractual and other business relationships with our public cloud providers, could result in reduced use of our C3 AI Software, increased expenses, including significant, unplanned capital investments and/or service credit obligations, and harm to our brand and reputation, any of which could have a material adverse effect on our business, financial condition, reputation and results of operations.

We collect, receive, store, process, generate, use, transfer, disclose, make accessible, protect, secure, dispose of, transmit, and share (collectively, Process) personal data and other sensitive information, including proprietary and confidential business data, trade secrets, intellectual property, sensitive third-party data, protected health information, and financial data. Our data processing activities subject us to numerous data privacy and security obligations, such as various laws, regulations, guidance, industry standards, external and internal privacy and security policies, contractual requirements, and other obligations that govern the processing of personal data by us and on our behalf. In the United States, federal, state, and local governments have enacted numerous data privacy and security laws, including data breach notification laws, personal data privacy laws, consumer protection laws (e.g., Section 5 of the Federal Trade Commission Act), and other similar laws (e.g., wiretapping laws). For example, the federal Health Insurance Portability and Accountability Act of 1996, or HIPAA, as amended by the Health Information Technology for Economic and Clinical Health Act, or HITECH, imposes specific requirements relating to the privacy, security and transmission of individually identifiable health information. In the past few years, numerous U.S. states - including California, Virginia, Colorado, Connecticut, and Utah - have enacted comprehensive privacy laws that impose certain obligations on covered businesses, including providing specific disclosures in privacy notices and affording residents with certain rights concerning their personal data. As applicable, such rights may include the right to access, correct, or delete certain personal data, and to opt-out of certain data processing activities, such as targeted advertising, profiling, and automated decision-making. The exercise of these rights may impact our business and ability to provide our products and services. Certain states also impose strict requirements for processing certain personal data, including sensitive information, such as conducting data privacy impact assessments. These state laws allow for statutory fines for noncompliance. For example, the California Consumer Privacy Act of 2018 (CCPA), applies to personal data of consumers, business representatives and employees who are California residents, and imposes obligations on covered businesses, including, but not limited to, providing specific disclosures in privacy notices and honoring requests of such individuals to exercise certain privacy rights related to their personal data. The CCPA provides for statutory fines for noncompliance (up to $7,500 per intentional violation) and allows private litigants affected by certain data breaches to recover significant statutory damages. Similar laws are being considered in several other states and at the federal level and local levels, and we expect more states to pass similar laws in the future, reflecting a trend toward more stringent privacy legislation in the United States. These new laws could further complicate compliance efforts and increase legal risk and compliance costs for us, the third parties with whom we work, and our customers. Outside the United States, an increasing number of laws, regulations, and industry standards apply to data privacy and security. In Canada, the Personal Information Protection and Electronic Documents Act, or PIPEDA, and various related provincial laws, as well as Canada's Anti-Spam Legislation, or CASL, may apply to our operations. We also target customers in Asia and have operations in Japan and Singapore and may be subject to new and emerging data privacy regimes in Asia, including Singapore's Personal Data Protection Act. In the European Economic Area, or EEA, we are subject to the European General Data Protection Regulation, or GDPR, and in the United Kingdom, or UK, we are subject to the UK data protection regime, or UK GDPR (EU GDPR and UK GDPR, collectively GDPR). Companies that must comply with the GDPR face increased compliance obligations and risk, including more robust regulatory enforcement of data protection requirements, with violations potentially resulting in an order prohibiting the processing of personal data and/or fines of up to the greater of €20 million or 4% of the annual global revenues of the noncompliant company in the European Union, and up to the greater of GBP 17.5 million or 4% of the annual global revenues in the UK; or private litigation related to processing of personal data brought by classes of data subjects or consumer protection organizations authorized at law to represent their interests. In the ordinary course of business, we may transfer personal data from Europe and other jurisdictions to the United States or other countries. European and other data protection laws, including the GDPR also restrict the ability of companies to transfer personal data to the United States and other countries. Although there are currently various mechanisms that may be used to transfer personal data from the EEA and the UK to the United States in compliance with law, such as the EEA's standard contractual clauses, the UK's International Data Transfer Agreement/Addendum, and the Transatlantic Privacy Framework (which allows for transfers to relevant U.S.-based organizations who self-certify compliance and participate in the Framework), these mechanisms are subject to legal challenges, and there is no assurance that we can satisfy or rely on these measures to lawfully transfer personal data to the United States. It is unclear how data transfers from countries such as the EEA and UK to the United States will be regulated in the long term, which measures must be put in place for onward transfers, and whether or not the Transatlantic Data Privacy Framework will provide a long-term solution to managing flows of personal data from the EEA and the UK to the United States. As such, we, or our vendors, may be unable to implement measures sufficient to lawfully transfer personal data in a manner necessary to provide our services in certain regions without incurring significant cost, or at all. If we cannot implement a valid compliance mechanism for cross-border data transfers, we may face significant adverse consequences, including the interruption or degradation of our operations, increased exposure to regulatory actions, substantial fines and penalties, and injunctions against processing or transferring personal data from Europe or other foreign jurisdictions. The inability to import personal data to the United States could significantly and negatively impact our business operations, including by limiting our ability to collaborate with parties that are subject to such cross-border data transfer or localization laws; or requiring us to increase our personal data processing capabilities and infrastructure in foreign jurisdictions at significant expense. Additionally, companies that transfer personal data outside of the EEA and UK to other jurisdictions, particularly the United States, are subject to increased scrutiny from regulators, individual litigants and activist groups. Some European regulators have significantly restricted some companies' data processing activities, including ordering certain companies to suspend or permanently cease the transfer of certain personal data out of Europe for allegedly violating the GDPR's cross-border data transfer limitations, which has materially impacted companies' operations revenues. For example, in May 2023, the Irish Data Protection Commission determined that a major social media company's use of the standard contractual clauses to transfer personal data from Europe to the United States was insufficient and levied a 1.2 billion Euro fine against the company and prohibited the company from transferring personal data to the United States. Regulators in the United States are also increasingly scrutinizing personal data transfers and may also impose certain data localization requirements, particularly if we transfer personal data to, or process personal data of residents of, high risk or sanctioned jurisdictions, pursuant to, for example, the Biden Administration's executive order Preventing Access to Americans' Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern. Other data protection laws in the EEA and the UK, such as those implementing the ePrivacy Directive, restrict the use of cookies and similar technologies on which our website and product rely. Regulators are increasingly focused on compliance with requirements in the online tracking ecosystem, and current national laws implementing the ePrivacy Directive are likely to be replaced in the EU by a regulation known as the ePrivacy Regulation, which will significantly increase fines for non-compliance. Other countries outside of Europe increasingly emulate European data protection laws. As a result, operating our business or offering our services in Europe or other countries with similar data protection laws would subject us to substantial compliance costs and potential liability and may require changes to the ways we collect and use personal data. We may also become subject to new laws that regulate non-personal data. For example, the European Union's Data Act imposes certain data and cloud service interoperability and switching obligations to enable users to switch between cloud service providers without undue delay or cost, as well as certain requirements concerning cross-border international transfers of, and governmental access to, non-personal data outside the EEA. Depending on how this Act and any similar laws are implemented and interpreted, we may have to adapt our business practices, contractual arrangements, and C3 AI Software to comply with such obligations. In addition to data privacy and security laws, we are also subject to the terms of external and internal privacy and security policies, codes, representations, certifications, industry standards adopted by industry groups, publications and frameworks, contractual obligations to third parties, and other statements related to privacy, information security, and data processing. If these policies, materials or statements are found to be deficient, lacking in transparency, deceptive, unfair, or misrepresentative of our practices, we may be subject to investigation, enforcement actions by regulators or other adverse consequences. We are subject to contractual obligations to indemnify and hold harmless third parties from the costs or consequences of non-compliance with data protection laws or other obligations. We are also bound by contractual obligations related to data privacy and security, and our efforts to comply with such obligations may not be successful. For example, certain privacy laws, such as the GDPR and the CCPA, require our customers to impose specific contractual restrictions on their service providers. Our use of artificial intelligence, or AI, and machine learning, or ML, technologies, collectively, AI/ML technologies, may also subject us to certain privacy obligations. There is increasing U.S. and foreign activity in the regulation of AI and other similar uses of technology. In Europe, the EU AI Act entered into force on August 1, 2024 and will become fully applicable on August 2, 2026, with some provisions already applying from February 2025. Although we do not engage in developing or providing AI systems that would qualify as "prohibited AI practices", restrictions and obligations under this regulation, to the extent applicable to us, could increase the costs and burdens to us and our customers, delay or halt deployment of new products and services, and may reduce the number of new customers, negatively impacting our business and financial results. We expect other jurisdictions will adopt similar laws. In the United States, several states and localities have enacted measures related to the use of AI and ML in products and services. We may have to change our business practices to comply with such obligations. For example, our employees and personnel use generative AI technologies to perform their work. Our use of this technology could result in additional compliance costs, regulatory investigations and actions, and lawsuits. If we are unable to use generative AI, it could make our business less efficient and result in competitive disadvantages. We also use AI and ML technologies in our products and services. Our use of this technology could result in additional compliance costs, regulatory investigations and actions, and consumer lawsuits. Depending on how these AI laws and regulations are interpreted, we may have to make changes to our business practices and products, including our C3 AI Software, to comply with such obligations. These obligations may make it harder for us to conduct our business using AI/ML, lead to regulatory fines or penalties, require us retrain our AI/ML, or prevent or limit our use of AI/ML. Additionally, certain privacy laws extend rights to consumers (such as the right to delete certain personal data) and regulate automated decision making, which may be incompatible with our use of AI/ML. Further, under privacy laws and other obligations, we may be required to obtain certain consents to process personal data and our inability or failure to do so could result in adverse consequences. For example, the FTC has required other companies to turn over (or disgorge) valuable insights or trainings generated through the use of AI/ML where they allege the company has violated privacy and consumer protection laws. If we cannot use AI/ML or that use is restricted, our business may be less efficient, or we may be at a competitive disadvantage. We may also be subject to new laws governing the privacy of consumer health data, including reproductive, sexual orientation, and gender identity privacy rights. For example, Washington's My Health My Data Act (MHMD) broadly defines consumer health data, places restrictions on processing consumer health data (including imposing stringent requirements for consents), provides consumers certain rights with respect to their health data, and creates a private right of action to allow individuals to sue for violations of the law. Other states are considering and may adopt similar laws. Obligations related to data privacy and security (and consumers' data privacy expectations) are quickly changing in an increasingly stringent fashion, creating some uncertainty as to the effective future legal framework. Additionally, these obligations may be subject to differing applications and interpretations, which may be inconsistent or conflict among jurisdictions. Preparing for and complying with these obligations requires significant resources, which may necessitate changes to our information technologies, systems, and practices, including our C3 AI Software, possibly limiting our ability to develop new applications and features, and to those of any third parties with whom we work. Although we endeavor to comply with all applicable data privacy and security obligations, we may at times fail (or be perceived to have failed) to do so. Moreover, despite our efforts, our personnel or that of the third parties with whom we work may fail to comply with such obligations, which could negatively impact our business operations and compliance posture. For example, any failure by a third-party processor to comply with applicable law, regulations, or contractual obligations could result in adverse effects, including inability to or interruption in our ability to operate our business and proceedings against us by governmental entities or others. If we fail, or are perceived to have failed, to address or comply with data privacy and security obligations, we could face significant consequences. These consequences may include, but are not limited to, government enforcement actions (e.g., investigations, fines, penalties, audits, inspections, and similar); litigation (including class action claims) and mass arbitration demands; additional reporting requirements and/or oversight; bans or restrictions on processing personal data; orders to destroy or not use personal data; and imprisonment of company officials. In particular, plaintiffs have become increasingly more active in bringing privacy-related claims against companies, including class claims and mass arbitration demands. Some of these claims allow for the recovery of statutory damages on a per violation basis, and, if viable, carry the potential for monumental statutory damages, depending on the volume of data and the number of violations. Any of these events could have a material adverse effect on our reputation, business, or financial condition, including but not limited to: loss of customers; interruptions or stoppages in our business operations; interruptions or stoppages of data collection needed to train our algorithms; inability to process personal data or to operate in certain jurisdictions; limited ability to develop or commercialize our product; expenditure of time and resources to defend any claim or inquiry; adverse publicity; revision or restructuring of our operations; or reduced demand for our C3 AI Software. Governments and regulators in certain jurisdictions, including Europe, are increasingly seeking to regulate cybersecurity and the use, transfer, and other processing of non-personal information (for example, under the European Union's Data Act), an area which has typically been the subject of very limited or no specific regulation. This means that, if and to the extent such regulations are relevant to our operations or those of our customers, certain of the risks and considerations may apply equally to our processing of both personal and non-personal information.

We are subject to the FCPA, U.S. domestic bribery laws, the UK Bribery Act, and other anti-corruption and similar laws in the countries in which we conduct activities. Anti-corruption and anti-bribery laws have been enforced aggressively in recent years and are interpreted broadly to generally prohibit companies, their employees, and their third-party business partners or intermediaries, representatives, and agents from authorizing, offering, or providing, directly or indirectly, improper payments or other benefits to government officials or others in the private sector in order to influence official action, direct business to any person, gain any improper advantage, or obtain or retain business. As we increase our international sales and business, our risks under these laws may increase. As we increase our international sales and business and sales to the public sector, we may engage with third-party business partners and intermediaries to market our C3 AI Software and to obtain necessary permits, licenses, and other regulatory approvals. In addition, we or our third-party business partners or intermediaries may have direct or indirect interactions with officials and employees of government agencies or state-owned or affiliated entities. We can be held liable for the corrupt or other illegal activities of our third-party business partners or intermediaries, our employees, representatives, contractors, and agents, even if we do not explicitly authorize such activities. These laws also require that we keep accurate books and records and maintain internal controls and compliance procedures designed to prevent any such actions. While we have policies and procedures to address compliance with such laws, our third-party business partners or intermediaries, employees, representatives, contractors, and agents may take actions in violation of our policies and applicable law, for which we may be ultimately held responsible. Detecting, investigating, and resolving actual or alleged violations of anti-corruption laws can require a significant diversion of time, resources, and attention from senior management, as well as significant defense costs and other professional fees. In addition, noncompliance with anti-corruption, or anti-bribery laws could subject us to whistleblower complaints, investigations, sanctions, settlements, prosecution, enforcement actions, fines, damages, other civil or criminal penalties or injunctions against us, our officers, or our employees, disgorgement of profits, suspension or debarment from contracting with the U.S. government or other persons, reputational harm, adverse media coverage, and other collateral consequences. If any subpoenas or investigations are launched, or governmental or other sanctions are imposed, or if we do not prevail in any possible civil or criminal proceeding, our reputation, business, stock price, financial condition, prospects and results of operations could be harmed.

As of April 30, 2024, we had net operating loss carryforwards, or NOLs, for U.S. federal and state purposes of $599.3 million and $249.3 million, respectively, which may be available to offset taxable income in the future, and portions of which expire in various years beginning in 2029. A lack of future taxable income would adversely affect our ability to utilize these NOLs before they expire. Under the Tax Cuts and Jobs Act of 2017, or the Tax Act, as modified by the Coronavirus Aid, Relief, and Economic Security Act, or CARES Act, federal NOLs incurred in tax years beginning after December 31, 2017 may be carried forward indefinitely, but the deductibility of such federal NOLs in tax years beginning after December 31, 2020 is limited to 80% of taxable income. It is uncertain if and to what extent various states will conform to the Tax Act or the CARES Act. In addition, under Section 382 of the Internal Revenue Code of 1986, as amended, or the Code, a corporation that undergoes an "ownership change" (as defined under Sections 382 and 383 of the Code and applicable Treasury Regulations) is subject to limitations on its ability to utilize its pre-change NOLs and certain other tax attributes to offset post-change taxable income or taxes. We may experience a future ownership change under Section 382 of the Code that could affect our ability to utilize our NOLs to offset our income. Furthermore, our ability to utilize NOLs of companies that we have acquired or may acquire in the future may be subject to limitations. In addition, at the state level, there may be periods during which the use of NOLs is suspended or otherwise limited, which could accelerate or permanently increase state taxes owed. For example, on June 29, 2020, the Governor of California signed into law the 2020 Budget Act which temporarily suspended the utilization of NOLs and limits the utilization of research credits to $5.0 million annually for 2020, 2021, and 2022. For these reasons, we may not be able to utilize a material portion of the NOLs reflected on our balance sheet, even if we attain profitability, which could potentially result in increased future tax liability to us and could adversely affect our operating results and financial condition.

There is increasing focus from investors, regulators, and other corporate stakeholders on corporate policies addressing environmental, employment, social, and governance matters. Stakeholder expectations regarding appropriate corporate conduct on these matters are continually evolving, as are expectations regarding appropriate methods and types of related corporate disclosure. Investors, regulators, or other corporate stakeholders may not be satisfied with our existing environmental, employment, social, and governance practices or those of our customers, strategic partners, or vendors. These stakeholders may also be dissatisfied with the pace at which any revisions to our practices or the practices of our customers, strategic partners, or vendors are adopted and implemented. Further, investors and other stakeholders may object to the societal costs or ethical or other implications, or the perceived costs or implications, associated with the use of our products made by one or more of our customers. If any of these events were to occur, our reputation, our ability to retain employees, and the willingness of customers and others to do business with us may be materially and adversely impacted. We may also incur additional costs and require additional resources, which could be material, to monitor, report, and comply with related corporate disclosure obligations in the future, whether those obligations are imposed by law, regulation, or market expectation. Furthermore, if our competitors' corporate social responsibility performance is perceived to be better than ours, potential or current investors may elect to invest with our competitors instead. In addition, in the event that we communicate certain initiatives and goals regarding ESG matters, we could fail, or be perceived to fail, in our achievement of such initiatives or goals, or we could be criticized for the scope of such initiatives or goals. If we fail to satisfy the expectations of investors, employees and other stakeholders or our initiatives are not executed as planned, our business, financial condition, results of operations, and prospects could be materially and adversely affected.

One of the characteristics of open source software is that the governing license terms generally allow liberal modifications of the code and distribution thereof to a wide group of companies and/or individuals. As a result, others could easily develop new platforms and applications based upon those open source programs that compete with existing open source software that we support and incorporate into our C3 AI Software. Such competition with use of the open source projects that we utilize can materialize without the same degree of overhead and lead time required by us, particularly if the customers do not value the differentiation of our proprietary components. It is possible for new and existing competitors with greater resources than ours to develop their own open source software or hybrid proprietary and open source software offerings, potentially reducing the demand for, and putting price pressure on, our C3 AI Software. In addition, some competitors make open source software available for free download and use or may position competing open source software as a loss leader. We cannot guarantee that we will be able to compete successfully against current and future competitors or that competitive pressure and/or the availability of open source software will not result in price reductions, reduced operating margins and loss of market share, any one of which could seriously harm our business.

It is difficult to predict customer adoption rates and demand for our C3 AI Software, the entry of competitive platforms, or the future growth rate and size of the cloud-based software and software-as-a-service business software markets. A substantial majority of our revenue has come from sales of our subscription-based software products, which we expect to continue for the foreseeable future. Although demand for data management, ML, and analytics platforms and applications has grown in recent years, the market for these platforms and applications continues to evolve. We cannot be sure that this market will continue to grow or, even if it does grow, that businesses will adopt our C3 AI Software. Our future success will depend in large part on our ability to further penetrate the existing market for Enterprise AI software, as well as the continued growth and expansion of what we believe to be an emerging market for Enterprise AI platforms and applications that are faster, easier to adopt, and easier to use. Our ability to further penetrate the Enterprise AI market depends on a number of factors, including the cost, performance, and perceived value associated with our C3 AI Software, as well as customers' willingness to adopt a different approach to data analysis. We have spent, and intend to keep spending, considerable resources to educate potential customers about digital transformation, AI, and ML in general and our C3 AI Software in particular. However, we cannot be sure that these expenditures will help our C3 AI Software achieve any additional market acceptance. Furthermore, potential customers may have made significant investments in legacy analytics software systems and may be unwilling to invest in new platforms and applications. If the market fails to grow or grows more slowly than we currently expect or businesses fail to adopt our C3 AI Software, our business, operating results, and financial condition could be adversely affected.

We derive and expect to continue for the foreseeable future to derive substantially all of our revenue from subscriptions to our C3 AI Software and Center of Excellence support services. As such, the market acceptance of Enterprise AI solutions in general, and our C3 AI Software in particular, are critical to our continued success. Market acceptance of an Enterprise AI solution depends in part on market awareness of the benefits that Enterprise AI can provide over legacy products, emerging point products, and manual processes. In addition, in order for cloud-based Enterprise AI solutions to be widely accepted, organizations must overcome any concerns with placing sensitive information on a cloud-based platform. Demand for our C3 AI Software in particular is affected by a number of other factors, some of which are beyond our control. These factors include continued market acceptance of our C3 AI Software, the pace at which existing customers realize benefits from the use of our C3 AI Software and decide to expand deployment of our C3 AI Software across their business, the timing of development and release of new products by our competitors, technological change, reliability and security, the pace at which enterprises undergo digital transformation, and developments in data privacy regulations. We expect that the needs of our customers will continue to rapidly change and increase in complexity. We will need to improve the functionality and performance of our C3 AI Software continually to meet those rapidly changing, complex demands. If we are unable to continue to meet customer demands or to achieve more widespread market acceptance of Enterprise AI solutions in general or our C3 AI Software in particular, our business operations, financial results, and growth prospects will be materially and adversely affected.

To execute our business strategy, we must attract and retain highly qualified personnel. Competition for executives, data scientists, engineers, software developers, sales personnel, and other key employees in our industry is intense. In particular, we compete with many other companies for employees with high levels of expertise in designing, developing and managing platforms and applications for data management, ML, and analytics technologies, as well as for skilled data scientists, sales, and operations professionals. In addition, we are extremely selective in our hiring process which requires significant investment of time and resources from internal stakeholders and management. At times, we have experienced, and we may continue to experience, difficulty in hiring personnel who meet the demands of our selection process and with appropriate qualifications, experience, or expertise, and we may not be able to fill positions as quickly as desired. We completed our initial public offering in December 2020 and potential candidates may not perceive our compensation package, including our equity awards, as favorably as employees hired prior to our initial public offering. In addition, our recruiting personnel, methodology, and approach may need to be altered to address a changing candidate pool and profile. We may not be able to identify or implement such changes in a timely manner. Many of the companies with which we compete for experienced personnel have greater resources than we have, and some of these companies may offer more attractive compensation packages. If the perceived value of our equity awards declines, or if the mix of equity and cash compensation that we offer is unattractive, it may adversely affect our ability to recruit and retain highly skilled employees. Job candidates may also be threatened with legal action under agreements with their existing employers if we attempt to hire them, which could impact hiring and result in a diversion of our time and resources. Additionally, laws and regulations, such as restrictive immigration laws, or export control laws, may limit our ability to recruit internationally. We must also continue to retain and motivate existing employees through our compensation practices, company culture, and career development opportunities. We believe that a critical component to our success and our ability to retain our best people is our culture. As we continue to grow and develop a public company infrastructure, we may find it difficult to maintain our company culture. In addition, many of our employees may be able to receive significant proceeds from sales of our equity in the public markets, which may reduce their motivation to continue to work for us. Moreover, the proceeds from our recent initial public offering could create disparities in wealth among our employees, which may harm our culture and relations among employees and our business. If we fail to attract new personnel or to retain our current personnel, our business would be harmed.