Public companies are required to disclose risks that can affect the business and impact the stock. These disclosures are known as “Risk Factors”. Companies disclose these risks in their yearly (Form 10-K), quarterly earnings (Form 10-Q), or “foreign private issuer” reports (Form 20-F). Risk factors show the challenges a company faces. Investors can consider the worst-case scenarios before making an investment. TipRanks’ Risk Analysis categorizes risks based on proprietary classification algorithms and machine learning.

Data Storage disclosed 33 risk factors in its most recent earnings report. Data Storage reported the most risks in the “Finance & Corporate” category.

Risk Overview Q3, 2024

Risk Distribution

42% Finance & Corporate

21% Ability to Sell

18% Tech & Innovation

9% Production

6% Legal & Regulatory

3% Macro & Political

Finance & Corporate - Financial and accounting risks. Risks related to the execution of corporate activity and strategy

This chart displays the stock's most recent risk distribution according to category. TipRanks has identified 6 major categories: Finance & corporate, legal & regulatory, macro & political, production, tech & innovation, and ability to sell.

Risk Change Over Time

S&P500 Average

Sector Average

Risks removed

Risks added

Risks changed

Data Storage Risk Factors

New Risk (0)

Risk Changed (0)

Risk Removed (0)

No changes from previous report

The chart shows the number of risks a company has disclosed. You can compare this to the sector average or S&P 500 average.

The quarters shown in the chart are according to the calendar year (January to December). Businesses set their own financial calendar, known as a fiscal year. For example, Walmart ends their financial year at the end of January to accommodate the holiday season.

Risk Highlights Q3, 2024

Main Risk Category

Finance & Corporate

With 14 Risks

Finance & Corporate

With 14 Risks

Number of Disclosed Risks

No changes from last report

S&P 500 Average: 31

No changes from last report

S&P 500 Average: 31

Recent Changes

0Risks added

0Risks removed

3Risks changed

Since Sep 2024

0Risks added

0Risks removed

3Risks changed

Since Sep 2024

Number of Risk Changed

No changes from last report

S&P 500 Average: 3

No changes from last report

S&P 500 Average: 3

See the risk highlights of Data Storage in the last period.

Risk Word Cloud

The most common phrases about risk factors from the most recent report. Larger texts indicate more widely used phrases.

Risk Factors Full Breakdown - Total Risks 33

Finance & Corporate

Total Risks: 14/33 (42%)Below Sector Average

Share Price & Shareholder Rights7 | 21.2%

Share Price & Shareholder Rights - Risk 1

Changed

We cannot be assured that we will be able to maintain our listing on the Nasdaq Capital Market.

Our securities are listed on The Nasdaq Capital Market, a national securities exchange. We cannot be assured that we will continue to comply with the rules, regulations or requirements governing the listing of our common stock on The Nasdaq Capital Market or that our securities will continue to be listed on Nasdaq Capital Market in the future. If Nasdaq should determine at any time that we fail to meet Nasdaq requirements, we may be subject to a delisting action by Nasdaq. On January 18, 2024, Nasdaq notified the Company that due to the passing of Mr. Hoffman, a member of our Board of Directors and member of our Audit Committee, the Company was no longer compliant with Nasdaq's audit committee requirements as set forth in Rule 5605(c)(2)(A) of the Nasdaq listing standards. Nasdaq further notified the Company that, consistent with Rule 5605(c)(4) of the Nasdaq listing standards, Nasdaq provided the Company a cure period in order to regain compliance until the earlier of the Company's next annual meeting of shareholders or December 30, 2024 or, if the next annual meeting of shareholders is held before June 27, 2024, then the Company must provide evidence of compliance no later than June 27, 2024. On April 2, 2024, the Company received a letter (the "Notification Letter") from Nasdaq stating that, based on the information regarding the appointment of Nancy M. Stallone, CPA to the Company's Board of Directors and Audit Committee, Nasdaq has determined that the Company complies with the Audit Committee requirement for continued listing on The Nasdaq Capital Market set forth in Listing Rules 5605(c)(2), which requires that the Company maintain an audit committee of at least three members, each of whom must meet specified criteria, including certain independence criteria. Accordingly, the Nasdaq staff has determined that the Company has regained compliance with Nasdaq Listing Rule 5605(c)(2) and has indicated that the matter is now closed. If Nasdaq delists our securities from trading on its exchange at some future date, we could face significant material adverse consequences, including: - a limited availability of market quotations for our securities;- reduced liquidity with respect to our securities;- a determination that our common stock is a "penny stock" which will require brokers trading in our common stock to adhere to more stringent rules, possibly resulting in a reduced level of trading activity in the secondary trading market for our common stock;- a limited amount of news and analyst coverage for our company; and - a decreased ability to issue additional securities or obtain additional financing in the future.

Share Price & Shareholder Rights - Risk 2

Changed

Upon exercise of the Company's outstanding options or warrants, it will be obligated to issue a substantial number of additional shares of common stock which will dilute its present shareholders.

The Company is obligated to issue additional shares of its common stock in connection with any exercise or conversion, as applicable, of its outstanding options, warrants, and shares of its convertible preferred stock. As of September 30, 2024, there were options and warrants outstanding convertible into an aggregate of 3,145,014 shares of common stock. The exercise of warrants or options will cause the Company to issue additional shares of its common stock and will dilute the percentage ownership of its shareholders. In addition, the Company has in the past, and may in the future, exchange outstanding securities for other securities on terms that are dilutive to the securities held by other shareholders not participating in such an exchange.

Share Price & Shareholder Rights - Risk 3

Provisions of Nevada law could delay or prevent an acquisition of Data Storage, even if the acquisition would be beneficial to its stockholders and could make it more difficult for stockholders to change Data Storage's management.

Data Storage Corporation is subject to anti-takeover provisions under Nevada law, which could delay or prevent a change of control. Together, these provisions may make more difficult the removal of management and may discourage transactions that otherwise could involve payment of a premium over prevailing market prices for the Company's securities. These provisions include: limitations on the ability to engage in any "combination" with an "interested stockholder" (each, as defined in the Nevada Revised Statutes ("NRS")) for two years from the date the person first becomes an "interested stockholder"; being subject to Sections 78.378 to 78.3793 of the NRS and allowing an "acquiring person" to obtain voting rights in "control shares" without shareholder approval; the ability of the Board to issue shares of currently undesignated and unissued preferred stock without prior stockholder approval; limitations on the ability of stockholders to call special meetings; and the ability of the Board to amend its amended Bylaws without stockholder approval.

Share Price & Shareholder Rights - Risk 4

Because the Company may issue preferred stock without the approval of its shareholders and have other anti-takeover defenses, it may be more difficult for a third party to acquire the Company and could depress its stock price.

In general, the Company's Board may issue, without a vote of its shareholders, one or more additional series of preferred stock that has more than one vote per share. Without these restrictions, the Company's Board could issue preferred stock to investors who support it and its management and give effective control of its business to its management. Additionally, the issuance of preferred stock could block an acquisition resulting in both a drop in the Company's stock price and a decline in interest of its common stock. This could make it more difficult for shareholders to sell their common stock. This could also cause the market price of the Company's common stock shares to drop significantly, even if its business is performing well.

Share Price & Shareholder Rights - Risk 5

Offers or availability for sale of a substantial number of shares of the Company's common stock may cause the price of its common stock to decline.

Sales of large blocks of the Company's common stock could depress the price of its common stock. The existence of these shares and shares of common stock that may be issuable upon conversion or exercise, as applicable, of outstanding shares of convertible preferred stock, warrants and options create a circumstance commonly referred to as an "overhang" which can act as a depressant to the Company's common stock price. The existence of an overhang, whether or not sales have occurred or are occurring, also could make the Company's ability to raise additional financing through the sale of equity or equity-linked securities more difficult in the future at a time and price that the Company deems reasonable or appropriate. If the Company's existing shareholders and investors seek to convert or exercise such securities or sell a substantial number of shares of its common stock, such selling efforts may cause significant declines in the market price of its common stock. In addition, the shares of the Company's common stock included in the Units and underlying warrants sold in the offering will be freely tradable without restriction or further registration under the Securities Act. As a result, a substantial number of shares of the Company's common stock may be sold in the public market following this offering. If there are significantly more shares of common stock offered for sale than buyers are willing to purchase, then the market price of the Company's common stock may decline to a market price at which buyers are willing to purchase the offered common stock and sellers remain willing to sell its common stock.

Share Price & Shareholder Rights - Risk 6

The Company's stock price has fluctuated in the past and may be volatile in the future, and as a result, investors in its common stock could incur substantial losses.

The Company's stock price has fluctuated in the past, has recently been volatile, and may be volatile in the future. By way of example, on September 1, 2023, the reported low sale price of the Company's common stock was $3.21, and the reported high sales price was $3.75. For comparison purposes, on January 12, 2023, the price of the Company's common stock closed at $1.61 per share, on October 17, 2023, its stock price closed at $3.49 per share, and on August 11, 2023, its stock price closed at $2.59 per share with no discernable announcements or developments by the Company or third parties (other than the filing of the Quarterly Report on Form 10-Q). The Company may incur rapid and substantial decreases in its stock price in the foreseeable future that are unrelated to its operating performance or prospects. The stock market has experienced extreme volatility that has often been unrelated to the operating performance of particular companies. As a result of this volatility, investors may experience losses on their investment in the Company's common stock. The market price for the Company's common stock may be influenced by many factors, including the following: - investor reaction to the Company's business strategy;- the success of competitive products or technologies;- regulatory or legal developments in the United States and other countries, especially changes in laws or regulations applicable to the Company's products;- variations in the Company's financial results or those of companies that are perceived to be similar to the Company;- the Company's ability or inability to raise additional capital and the terms on which it raises it;- declines in the market prices of stocks generally;- the Company's public disclosure of the terms of any financing which it consummates in the future;- an announcement that the Company has effected a reverse split of the Company's common stock and treasury stock;- the Company's failure to be profitable;- the Company's failure to raise working capital;- any acquisitions we may consummate, including, but not limited to, the Merger;- announcements by the Company or its competitors of significant contracts, new services, acquisitions, commercial relationships, joint ventures or capital commitments;- cancellation of key contracts;- the Company's failure to meet financial forecasts it publicly discloses;- trading volume of the Company's common stock;- sales of the Company's common stock by it or its stockholders;- general economic, industry and market conditions; and - other events or factors, including those resulting from such events, or the prospect of such events, including war, terrorism and other international conflicts, public health issues including health epidemics or pandemics, such as the COVID-19 pandemic, and natural disasters such as hurricanes, floods, fires, earthquakes, tornadoes or other adverse weather and climate conditions, whether occurring in the United States or elsewhere, could disrupt the Company's operations, disrupt the operations of its suppliers or result in political or economic instability. These broad market and industry factors may seriously harm the market price of the Company's common stock, regardless of its operating performance. Since the stock price of its common stock has fluctuated in the past, has been volatile recently and may be volatile in the future, investors in its common stock could incur substantial losses. In the past, following periods of volatility in the market, securities class-action litigation has often been instituted against companies. Such litigation, if instituted against the Company, could result in substantial costs and diversion of management's attention and resources, which could materially and adversely affect its business, financial condition, results of operations and growth prospects. There can be no guarantee that the Company's stock price will remain at current prices or that future sales of its common stock will not be at prices lower than those sold to investors. Additionally, recently, securities of certain companies have experienced significant and extreme volatility in stock price due to short sellers of shares of common stock, known as a "short squeeze." These short squeezes have caused extreme volatility in those companies and in the market and have led to the price per share of those companies to trade at a significantly inflated rate that is disconnected from the underlying value of the company. Many investors who have purchased shares in those companies at an inflated rate face the risk of losing a significant portion of their original investment as the price per share has declined steadily as interest in those stocks has abated. While the Company has no reason to believe its shares would be the target of a short squeeze, there can be no assurance that it won't be in the future, and you may lose a significant portion or all of your investment if you purchase the Company's shares at a rate that is significantly disconnected from its underlying value.

Share Price & Shareholder Rights - Risk 7

The Company is controlled by three principal stockholders who serve as its executive officers and directors.

As of March 27, 2024, through their aggregate voting power, Messrs. Piluso, Schwartz and Kempster control approximately 37% of the Company's outstanding common stock, giving them the ability to control a significant portion of the votes for the Company's directors and all other matters requiring the approval of its stockholders, including the election of all its directors and the approval of a reverse stock split.

Accounting & Financial Operations3 | 9.1%

Accounting & Financial Operations - Risk 1

The Company may fail to maintain an effective system of internal controls, which may result in material misstatements of its consolidated financial statements or cause it to fail to meet its periodic reporting obligations.

As a public company, we are required to maintain internal control over financial reporting and to report any material weaknesses in such internal controls. Section 404 requires an annual management assessment of the effectiveness of our internal control over financial reporting. The rules governing the standards that must be met for management to assess our internal control over financial reporting are complex and require significant documentation, testing, and possible remediation. The Company previously identified material weaknesses in its internal control over financial reporting, concluding that its disclosure controls were not effective, based on material weaknesses which ultimately contributed to the Company not designing and maintaining formal controls to analyze, account for, and disclose complex transactions, including the accounting for certain consideration received from a vendor. These material weaknesses resulted in the restatement of the Company's previously filed quarterly condensed consolidated financial information for the period ended June 30, 2022, related to accrued expenses, cost of goods sold, gross profit, loss from operations, net loss, earnings per share and the related disclosures. As of March 31, 2023, the material weaknesses has been remediated. In response to such material weaknesses, management has expended and will continue to expand a substantial amount of effort and resources for the remediation of material weaknesses in internal control over financial reporting. In November of 2022, management and its advisors began evaluating and documenting the design and operating effectiveness of our internal control over financial reporting, and their work is ongoing. The Company can give no assurance that additional material weaknesses will not be identified in the future. The Company's failure to implement and maintain effective internal control over financial reporting could result in errors in its consolidated financial statements that could result in a restatement of its financial statements and could cause it to fail to meet its reporting obligations, any of which could diminish investor confidence in the Company and cause a decline in the price of its common stock.

Accounting & Financial Operations - Risk 2

The Company does not expect to declare any common stock cash dividends in the foreseeable future.

The Company does not anticipate declaring any cash dividends to holders of Data Storage common stock in the foreseeable future. Consequently, common stockholders may need to rely on sales of their shares after price appreciation, which may never occur, as the only way to realize any future gains on their investment.

Accounting & Financial Operations - Risk 3

Changed

The Company has not generated a significant amount of net income and it may not be able to sustain profitability in the future.

As reflected in the consolidated financial statements, the Company had net income attributable to common shareholders of $235,259 for the nine months ended September 30, 2024, and $381,575 for the year ended December 31, 2023. As of September 30, 2024, the Company had cash of $513,718, marketable securities of $11,374,769, and working capital of $11,583,279. There can be no assurance that the Company will continue to generate income in the future.

Corporate Activity and Growth4 | 12.1%

Corporate Activity and Growth - Risk 1

The Company faces many risks associated with its growth and plans to expand, which could harm its business, financial condition, and operating results.

The Company continues to experience sales growth in its business. This growth has placed, and may continue to place, significant demands on its management and its operational and financial infrastructure. As the Company's operations grow in size, scope, and complexity, it will need to improve and upgrade its systems and infrastructure to attract, service, and retain an increasing number of customers. The expansion of its systems and infrastructure will require the Company to commit substantial financial, operational, and technical resources in advance of an increase in the volume of business, with no assurance that the volume of business will increase. Any such additional capital investments will increase the Company's cost base. Continued growth could also strain the Company's ability to maintain reliable service levels for its customers, develop and improve its operational, financial, and management controls, enhance its reporting systems and procedures, and recruit, train, and retain highly skilled personnel. If the Company fails to achieve the necessary level of efficiency in its organization as it grows, its business, financial condition, and operating results could be harmed. The Company has office locations in New York, Florida, and Texas, and data centers in New York, Massachusetts, North Carolina, Texas, and Canada. If the Company is unable to effectively manage a large and geographically dispersed group of employees and contractors or to anticipate its future growth and personnel needs, its business may be adversely affected. As the Company expands its business, it adds complexity to its organization and must expand and adapt its operational infrastructure and effectively coordinate throughout its organization. As a result, the Company has incurred and expects to continue to incur additional expenses related to its continued growth. The Company also anticipates that its efforts to expand internationally will entail the marketing and advertising of its services and brand and the development of localized websites. The Company does not have substantial experience in selling its solutions in international markets or in conforming to the local cultures, standards, or policies necessary to successfully compete in those markets, and it must invest significant resources in order to do so. The Company may not succeed in these efforts or achieve its customer acquisition or other goals. For some international markets, customer preferences and buying behaviors may be different, and the Company may use business or pricing models that are different from its traditional subscription model to provide cloud backup and related services to customers. The Company's revenue from new foreign markets may not exceed the costs of establishing, marketing, and maintaining its international solutions, and therefore may not be profitable on a sustained basis, if at all.

Corporate Activity and Growth - Risk 2

We may not realize the anticipated benefits of the merger with Flagship or successfully integrate our businesses

On May 31, 2021, the Company completed the Merger. The Company expects that Flagship's business will be synergistic with its existing IBM business and anticipates meaningful operation efficiency and that the Merger will provide a comprehensive one-stop provider to cross-sell solutions across each organization's respective enterprise, as well as middle-market customers. Key offerings for the combined companies are expected to include a wide array of multi-cloud information technology solutions in highly secure, reliable enterprise level cloud services for companies using IBM Power systems, Microsoft Windows, and Linux, including Infrastructure as a Service (IaaS), Disaster Recovery of digital information as a Service (DRaaS), and Cyber Security as a Service (CSaaS). Since having completed the merger, however, the Company still faces risks and unknowns associated with the Merger. Ultimately, the Company may not realize the anticipated benefits of the merger with Flagship and integrating and operating Data Storage's and Flagship's business may be more difficult, time-consuming, or costly than expected. Additionally, integrating and operating the Flagship business could result in higher capital expenditures than anticipated, which could result in the Company's need to raise additional capital for its operations.

Corporate Activity and Growth - Risk 3

Integration of an acquired company's operations may present challenges.

The integration of an acquired company requires, among other things, coordination of administrative, sales and marketing, accounting and finance functions, and expansion of information and management systems. Integration may prove to be difficult due to the necessity of coordinating geographically separate organizations and integrating personnel with disparate business backgrounds and accustomed to different corporate cultures. The Company may not be able to retain key employees of an acquired company. Additionally, the process of integrating a new solution or service may require a disproportionate amount of time and attention of the Company's management and financial and other resources. Any difficulties or problems encountered in the integration of a new solution or service could have a material adverse effect on the Company's business. The Company intends to continue to acquire businesses that it believes will help achieve its business objectives. As a result, the Company's operating costs will likely continue to grow. The integration of an acquired company may cost more than the Company anticipates, and it is possible that the Company will incur significant additional unforeseen costs in connection with such integration, which may negatively impact its earnings. In addition, the Company may only be able to conduct limited due diligence on an acquired company's operations. Following an acquisition, the Company may be subject to liabilities arising from an acquired company's past or present operations, including liabilities related to data security, encryption and privacy of customer data, and these liabilities may be greater than the warranty and indemnity limitations that the Company negotiates. Any liability that is greater than these warranty and indemnity limitations could have a negative impact on the Company's financial condition. Even if successfully integrated, there can be no assurance that the Company's operating performance after an acquisition will be successful or will fulfill management's objectives.

Corporate Activity and Growth - Risk 4

The Company expects to continue to acquire or invest in other companies, which may divert its management's attention, result in additional dilution to its stockholders, and consume resources that are necessary to sustain its business.

Having completed the merger with Flagship, the Company expects to continue to acquire complementary solutions, services, technologies, or businesses in the future. The Company may also enter into relationships with other businesses to expand its portfolio of solutions or its ability to provide its solutions in foreign jurisdictions, which could involve preferred or exclusive licenses, additional channels of distribution, discount pricing, or investments in other companies. Negotiating these transactions can be time-consuming, difficult, and expensive, and its ability to complete these transactions may often be subject to conditions or approvals that are beyond its control. Consequently, these transactions, even if a definitive purchase agreement is executed and announced, may not close. Acquisitions may also disrupt the Company's business, divert its resources, and require significant management attention that would otherwise be available for the development of its business. Moreover, the anticipated benefits of any acquisition, investment, or business relationship may not be realized on a timely basis or at all or the Company may be exposed to known or unknown liabilities, including litigation against the companies that it may acquire. In connection with any such transaction, the Company may: - issue additional equity securities that would dilute its stockholders;- use cash that the Company may need in the future to operate its business;- incur debt on terms unfavorable to the Company, that it may be unable to repay, or that may place burdensome restrictions on its operations;- incur large charges or substantial liabilities; or - become subject to adverse tax consequences or substantial depreciation, deferred compensation, or other acquisition-related accounting charges. Any of these risks could harm the Company's business and operating results.

Ability to Sell

Total Risks: 7/33 (21%)Above Sector Average

Competition1 | 3.0%

Competition - Risk 1

The market for cloud solutions is highly competitive, and if the Company does not compete effectively, its operating results will be harmed.

The market for the Company's services is highly competitive, quickly evolving and subject to rapid changes in technology. The Company expects to continue to face intense competition from its existing competitors as well as additional competition from new market entrants in the future as the market for its services continues to grow. The Company competes with cloud backup and infrastructure providers and providers of traditional hardware-based systems and IBM Power Systems. Its current and potential competitors vary by size, service offerings, and geographic region. These competitors may elect to partner with each other or with focused companies to grow their businesses. They include: - in-house IT departments of its customers and potential customers;- traditional global infrastructure providers, including, but not limited to, large multi-national providers, such as IBM, Microsoft, Google, and Amazon Web Services (AWS);- cloud and software service providers and digital systems integrators;- regional managed services providers; and - colocation solutions providers, such as Equinix, Rackspace and TierPoint. Many of these competitors benefit from significant competitive advantages over the Company, given their desire to enter this niche marketplace, such as greater name recognition, longer operating histories, more varied services, and larger marketing budgets, as well as greater financial, technical, and other resources. In addition, many of these competitors have established marketing relationships and major distribution agreements with computer manufacturers, internet service providers, and resellers, giving them access to larger customer bases. Some of these competitors may make acquisitions or enter strategic relationships to offer a more comprehensive service than the Company does. As a result, some of these competitors may be able to: - develop superior products or services, gain greater market acceptance, and expand their service offerings more efficiently or more rapidly;- adapt to new or emerging technologies and changes in customer requirements more quickly;- bundle their offerings, including hosting services with other services they provide at reduced prices;- streamline their operational structure, obtain better pricing, or secure more favorable contractual terms, allowing them to deliver services and products at a lower cost;- take advantage of acquisition, joint ventures, and other opportunities more readily;- adopt more aggressive pricing policies and devote greater resources to the promotion, marketing, and sales of their services, which could cause us to have to lower prices for certain services to remain competitive in the market; and - devote greater resources to the research and development of their products and services. In addition, demand for the Company's cloud solutions is sensitive to price. Many factors, including the Company's customer acquisition, advertising and technology costs, and its current and future competitors' pricing and marketing strategies, can significantly affect its pricing strategies. Certain of the Company's competitors offer, or may in the future offer, lower-priced or free solutions that compete with its solutions. Additionally, consolidation activity through strategic mergers, acquisitions and joint ventures may result in new competitors that can offer a broader range of products and services, may have a greater scale or a lower cost structure. To the extent such consolidation results in the ability of vertically integrated companies to offer more integrated services to customers than the Company can, customers may prefer the single-source approach and direct more business to such competitors, thereby impairing the Company's competitive position. Furthermore, new entrants not currently considered to be competitors may enter the market through acquisitions, partnerships, or strategic relationships. As the Company looks to market and sell its services to potential customers, the Company must convince its internal stakeholders that the Company's services are superior to their current solutions. If the Company is unable to anticipate or react to these competitive challenges, its competitive position would weaken, which could adversely affect its business, financial condition, and results of operations. These combinations may make it more difficult for the Company to compete effectively and its inability to compete effectively would negatively impact its operating results. In addition, there can be no assurance that the Company will not be forced to engage in price-cutting initiatives, or to increase its advertising and other expenses to attract and retain customers in response to competitive pressures, either of which could have a material adverse effect on the Company's revenue and operating results.

Demand1 | 3.0%

Demand - Risk 1

A decline in demand for the Company's cyber security, disaster recovery, and/or infrastructure solutions, in general, would cause its revenue to decline.

The Company derives, and expects to continue to derive, a significant portion of its revenue from subscription services for business continuity, such as data protection solutions including its disaster recovery backup, replication, archive, and infrastructure as a service offering. Some of the potential factors that could affect interest in and demand for cloud solutions include: - awareness of the Company's brand and the cloud solutions category generally;- the appeal and reliability of the Company's solutions;- the price, performance, features, and availability of competing solutions and services;- public concern regarding privacy and data security;- the Company's ability to maintain high levels of customer satisfaction; and - the rate of growth in cloud solutions generally. In addition, substantially all of the Company's revenue is currently derived from customers in the U.S. Consequently, a decrease of interest in and demand for the Company's solutions in the U.S. could have a disproportionately greater impact on it than if its geographic mix of revenue was less concentrated.

Sales & Marketing3 | 9.1%

Sales & Marketing - Risk 1

If the Company is unable to retain its existing customers, its business, financial condition, and operating results would be adversely affected.

If the Company's efforts to satisfy its existing customers are not successful, it may not be able to retain them, and as a result, its revenue and ability to grow would be adversely affected. The Company may not be able to accurately predict future trends in customer renewals. Customers choose not to renew their subscriptions for many reasons, including if customer service issues are not satisfactorily resolved, a desire to reduce discretionary spending, or a perception that they do not use the service sufficiently, that the solution is a poor value, or that competitive services provide a better value or experience. If the Company's approximate 94% retention rate significantly decreases, it may need to increase the rate at which it adds new customers in order to maintain and grow its revenue, which may require it to incur significantly higher advertising and marketing expenses than it currently anticipates, or its revenue may decline. A significant decrease in the Company's retention rate would therefore have an adverse effect on its business, financial condition, and operating results. The Company's estimates of the number of employees it retains, and advertising costs are based to a large extent upon its subscription contracts, which may be terminated by customers typically upon 90 days' notice prior to the ending term of their contract for services.

Sales & Marketing - Risk 2

If the Company is unable to attract new customers to its infrastructure and disaster recovery/cloud subscription services on a cost-effective basis, its revenue and operating results would be adversely affected.

The Company generates the majority of its revenue from the sale of subscriptions to its infrastructure and disaster recovery/cloud solutions as well as contracted managed services and software and hardware renewals. In order to grow, the Company must continue to reach the many businesses in need of our unique services, many of whom may have not previously used infrastructure as a service and cloud disaster recovery backup solutions. The Company uses and periodically adjusts a diverse mix of advertising and marketing programs to promote its solutions. Significant increases in the pricing of one or more of the Company's advertising channels would increase its advertising costs or cause it to choose less expensive and perhaps fewer effective channels. As the Company adds to or changes the mix of its advertising and marketing strategies, it may expand into channels with significantly higher costs than its current programs, which could adversely affect its operating results. The Company may incur advertising and marketing expenses significantly in advance of the time it anticipates recognizing any revenue generated by such expenses, and it may only at a later date, or never, experience an increase in revenue or brand awareness as a result of such expenditures. Additionally, because the Company recognizes revenue from customers over the terms of their subscriptions, a large portion of its revenue for each quarter reflects deferred revenue from subscriptions entered into during previous quarters, and downturns or upturns in subscription sales or renewals may not be reflected in the Company's operating results until later periods. It has made in the past, and may make in the future, significant investments to test new advertising, and there can be no assurance that any such investments will lead to the cost-effective acquisition of additional customers. If the Company is unable to maintain effective advertising programs, its ability to attract new customers could be adversely affected, its advertising and marketing expenses could increase substantially, and its operating results may suffer. A portion of the Company's potential customers locate its website through search engines, such as Google, Bing, and Yahoo!. The Company's ability to maintain the number of visitors directed to its website is not entirely within its control. If search engine companies modify their search algorithms in a manner that reduces the prominence of the Company's listing, or if its competitors' search engine optimization efforts are more successful than the Company's, fewer potential customers may click through to its website. In addition, the cost of purchased listings has increased in the past and may increase in the future. A decrease in website traffic or an increase in search costs could adversely affect the Company's customer acquisition efforts and its operating results.

Sales & Marketing - Risk 3

If the Company is unable to expand its base of business customers, its future growth and operating results could be adversely affected.

The Company has committed and continues to commit substantial resources to the expansion and increased marketing of its business solutions. If the Company is unable to market and sell its solutions to businesses with competitive pricing and in a cost-effective manner its ability to grow its revenue and achieve profitability may be harmed.

Brand / Reputation2 | 6.1%

Brand / Reputation - Risk 1

If the Company is unable to sustain market recognition of and loyalty to its brand, or if its reputation were to be harmed, it could lose customers or fail to increase the number of its customers, which could harm its business, financial condition, and operating results.

Given the Company's market focus, maintaining and enhancing its brand is critical to its success. The Company believes that the importance of brand recognition and loyalty will increase in light of the increasing competition in its markets. The Company plans to continue investing substantial resources to promote its brand, both domestically and internationally, but there is no guarantee that its brand development strategies will enhance the recognition of its brand. Some of the Company's existing and potential competitors have well-established brands with greater recognition than it has. If the Company's efforts to promote and maintain the Company's brand are not successful, the Company's operating results and its ability to attract and retain customers may be adversely affected. In addition, even if the Company's brand recognition and loyalty increase, it may not result in increased use of its solutions or higher revenue. The Company's solutions, as well as those of its competitors, are regularly reviewed in computer and business publications. Negative reviews, or reviews in which the Company's competitors' solutions and services are rated more highly than its solutions, could negatively affect its brand and reputation. From time to time, the Company's customers express dissatisfaction with its solutions, including, among other things, dissatisfaction with its customer support, its billing policies, and the way its solutions operate. If the Company does not handle customer complaints effectively, its brand and reputation may suffer, it may lose its customers' confidence, and they may choose not to renew their subscriptions. In addition, many of the Company's customers participate in online blogs about computers and internet services, including the Company's solutions, and its success depends in part on its ability to generate positive customer feedback through such online channels where consumers seek and share information. If actions that the Company takes or changes that it makes to its solutions upset these customers, their blogging could negatively affect its brand and reputation. Complaints or negative publicity about the Company's solutions or billing practices could adversely impact its ability to attract and retain customers and its business, financial condition, and operating results.

Brand / Reputation - Risk 2

Errors, failures, bugs in or unavailability of the Company's solutions released by it could result in negative publicity, damage to its brand, returns, loss of or delay in market acceptance of its solutions, loss of competitive position, or claims by customers or others.

The Company offers solutions that operate in a wide variety of environments, systems, applications, and configurations, that are often installed and used in large-scale computing environments with different operating systems, system management software, and equipment and networking configurations. The Company's customers' computing environments are often characterized by a wide variety of standard and non-standard configurations that can make pre-release testing for programming or compatibility errors very difficult and time-consuming. In addition, despite testing by the Company and others, errors, failures, or bugs may not be found in new solutions or releases until after distribution. In the past, when the Company has discovered any software errors, failures or bugs in certain of its solution offerings after their introduction or when new versions are released, it, in some cases, has experienced delayed or lost revenues as a result of these errors. In addition, the Company relies on hardware purchased or leased and software licensed from third parties to offer its solutions, and any defects in, or unavailability of, its third-party software or hardware could cause interruptions to the availability of its solutions. Errors, failures, bugs in or unavailability of the Company's solutions released by it could result in negative publicity, damage to its brand, returns, loss of or delay in market acceptance of its solutions, loss of competitive position, or claims by customers or others. Many of the Company's end-user customers use its solutions in applications that are critical to their business and may have a greater sensitivity to defects in its solutions than to defects in other, less critical, software solutions. In addition, if an actual or perceived breach of information integrity or availability occurs in one of its end-user customer's systems, regardless of whether the breach is attributable to its solutions, the market perception of the effectiveness of its solutions could be harmed. Alleviating any of these problems could require significant expenditures of the Company's capital and other resources and could cause interruptions, delays, or cessation of its solution licensing, which could cause it to lose existing or potential customers and could adversely affect its operating results.

Tech & Innovation

Total Risks: 6/33 (18%)Below Sector Average

Trade Secrets2 | 6.1%

Trade Secrets - Risk 1

Assertions by a third party that the Company's solutions infringe its intellectual property, whether correct, could subject the Company to costly and time-consuming litigation or expensive licenses.

There is frequent litigation in the software and technology industries based on allegations of infringement or other violations of intellectual property rights. Any such claims or litigation may be time-consuming and costly, divert management resources, require the Company to change its services, require it to credit or refund subscription fees, or have other adverse effects on its business. Many companies are devoting significant resources to obtaining patents that could affect many aspects of the Company's business. Third parties may claim that the Company's technologies or solutions infringe or otherwise violate their patents or other intellectual property rights. If the Company is forced to defend itself against intellectual property infringement claims, whether they have merit or are determined in its favor, it may face costly litigation, diversion of technical and management personnel, limitations on its ability to use its current websites and technologies, and an inability to market or provide its solutions. As a result of any such claim, the Company may have to develop or acquire non-infringing technologies, pay damages, enter into royalty or licensing agreements, cease providing certain services, adjust its marketing and advertising activities, or take other actions to resolve the claims. These actions, if required, may be costly or unavailable on terms acceptable to the Company, or at all. Furthermore, the Company has licensed proprietary technologies from third parties that it uses in its technologies and business, and it cannot be certain that the owners' rights in their technologies will not be challenged, invalidated, or circumvented. In addition to the general risks described above associated with intellectual property and other proprietary rights, the Company is subject to the additional risk that the seller of such technologies may not have appropriately created, maintained, or enforced their rights in such technology.

Trade Secrets - Risk 2

If the Company is unable to protect its domain names, its reputation, brand, customer base, and revenue, as well as its business and operating results, could be adversely affected.

The Company has registered domain names for websites ("URLs") that it uses in its business, such as www.datastoragecorp.com. If the Company is unable to maintain its rights in these domain names, its competitors or other third parties could capitalize on the Company's brand recognition by using these domain names for their own benefit. In addition, although the Company owns the Company's domain name under various global top-level domains such as .com and .net, as well as under various country-specific domains, it might not be able to, or may choose not to, acquire or maintain other country-specific versions of the Company's domain name or other potentially similar URLs. Domain names similar to the Company have already been registered in the U.S. and elsewhere, and its competitors or other third parties could capitalize on its brand recognition by using domain names similar to the Company's. The regulation of domain names in the U.S. and elsewhere is generally conducted by internet regulatory bodies and is subject to change. If the Company loses the ability to use a domain name in a particular country, it may be forced to either incur significant additional expenses to market its solutions within that country, including the development of a new brand and the creation of new promotional materials, or elect not to sell its solutions in that country. Either result could substantially harm its business and operating results. Regulatory bodies could establish additional top-level domains, appoint additional domain name registrars, or modify the requirements for holding domain names. As a result, the Company may not be able to acquire or maintain the domain names that utilize the Company's name in all of the countries in which it currently conducts or intends to conduct business. Further, the relationship between regulations governing domain names and laws protecting trademarks and similar proprietary rights varies among jurisdictions and is unclear in some jurisdictions. The Company may be unable to prevent third parties from acquiring and using domain names that infringe, are similar to, or otherwise decrease the value of, its brand or its trademarks. Protecting and enforcing the Company's rights in its domain names and determining the rights of others may require litigation, which could result in substantial costs, divert management attention, and not be decided favorably to the Company.

Cyber Security2 | 6.1%

Cyber Security - Risk 1

Security vulnerabilities, data protection breaches and cyberattacks could disrupt the Company's data protection platform and solutions, and any such disruption could increase its expenses, damage its reputation, harm its business, and adversely affect its stock price.

The Company relies on third-party providers for several critical aspects of its infrastructure cloud and disaster recovery business continuity services, and consequently, it does not maintain direct control over the security or stability of the associated systems. Furthermore, the firmware, software and/or open-source software that its data protection solutions may utilize could be susceptible to hacking or misuse. In the event of the discovery of a significant security vulnerability, the Company would incur additional substantial expenses and its business would be harmed. The Company's customers rely on its solutions for production, replication, and storage of digital copies of their files, including financial records, business information, photos, and other personally meaningful content. The Company also stores credit card information and other personal information about its customers. An actual or perceived breach of the Company's network security and systems or other cybersecurity related events that cause the loss or public disclosure of, or access by third parties to, its customers' stored files could have serious negative consequences for its business, including possible fines, penalties and damages, reduced demand for its solutions, an unwillingness of customers to provide the Company with their credit card or payment information, an unwillingness of its customers to use its solutions, harm to its reputation and brand, loss of its ability to accept and process customer credit card orders, and time-consuming and expensive litigation. If this occurs, the Company's business and operating results could be adversely affected. Third parties may be able to circumvent the Company's security by deploying viruses, worms, and other malicious software programs that are designed to attack or attempt to infiltrate its systems and networks and it may not immediately discover these attacks or attempted infiltrations. Further, outside parties may attempt to fraudulently induce the Company's employees, consultants, or affiliates to disclose sensitive information in order to gain access to its information or its customers' information. The techniques used to obtain unauthorized access, disable or degrade service, or sabotage systems change frequently, often are not recognized until launched against a target, and may originate from less regulated or remote areas around the world. As a result, the Company may be unable to proactively address these techniques or to implement adequate preventative or reactionary measures. In addition, employee or consultant error, malfeasance, or other errors in the storage, use, or transmission of personal information could result in a breach of customer or employee privacy. The Company maintains insurance coverage to mitigate the potential financial impact of these risks; however, its insurance may not cover all such events or may be insufficient to compensate it for the potentially significant losses, including the potential damage to the future growth of its business, that may result from the breach of customer or employee privacy. If the Company or its third-party providers are unable to successfully prevent breaches of security relating to its solutions or customer private information, it could result in litigation and potential liability for the Company, cause damage to its brand and reputation, or otherwise harm its business and its stock price. Many states have enacted laws requiring companies to notify consumers of data security breaches involving their personal data. In addition, the SEC now also requires disclosure of material data security breaches. These mandatory disclosures regarding a security breach often lead to widespread negative publicity, which may cause the Company's customers to lose confidence in the effectiveness of its data security measures. Any security breach, whether successful or not, would harm the Company's reputation and could cause the loss of customers. Similarly, if a publicized breach of data security at any other cloud backup service provider or other major consumer website were to occur, there could be a general public loss of confidence in the use of the internet for cloud backup services or commercial transactions generally. Any of these events could have material adverse effects on the Company's business, financial condition, and operating results.

Cyber Security - Risk 2

If a cyberattack was able to breach the Company's security protocols and disrupt its data protection platform and solutions, any such disruption could increase its expenses, damage its reputation, harm its business and adversely affect its stock price.

The Company has implemented various protocols and regularly monitors its systems via security software to reduce any security vulnerabilities. The Company also relies on third-party providers for several critical aspects of its infrastructure cloud and disaster recovery business continuity services, and consequently, it does not maintain direct control over the security or stability of those associated systems. Furthermore, the firmware, software, and/or open-source software that its data protection solutions may utilize could be susceptible to hacking or misuse. In the event of the discovery of a significant security vulnerability, the Company would incur additional substantial expenses and its business would be harmed. The process of developing new technologies is complex and uncertain, and if the Company fails to accurately predict customers' changing needs and emerging technological trends or if the Company fails to achieve the benefits expected from its investments, its business could be harmed. The Company believes that it must continue to dedicate a significant amount of resources to its research and development efforts to maintain its competitive position and it must commit significant resources to develop new solutions before knowing whether its investments will result in solutions the market will accept. The Company's new solutions or solution enhancements could fail to attain sufficient market acceptance or harm its business for many reasons, including: - delays in releasing its new solutions or enhancements to the market;- failure to accurately predict market demand or customer demands;- inability to protect against new types of attacks or techniques used by hackers;- difficulties with software development, design, or marketing that could delay or prevent its development, introduction, or implementation of new solutions and enhancements;- defects, errors or failures in its design or performance;- negative publicity about its performance or effectiveness;- introduction or anticipated introduction of competing solutions by its competitors;- poor business conditions for its customers, causing them to delay information technology purchases;- the perceived value of its solutions or enhancements relative to their cost; and - easing of regulatory requirements around security or storage. In addition, new technologies have the risk of defects that may not be discovered until after the product launches, resulting in adverse publicity, loss of revenue or harm to the Company's business and reputation.

Technology2 | 6.1%

Technology - Risk 1

The Company's ability to provide services to its customers depends on its customers' continued high-speed access to the internet and the continued reliability of the internet infrastructure.

The Company's business depends on its customers' continued high-speed access to the internet, as well as the continued maintenance and development of the internet infrastructure. While the Company also provides broadband internet services, many of its clients depend on third-party internet service providers to expand high-speed internet access, to maintain a reliable network with the necessary speed, data capacity, and security, and to develop complementary solutions and services, including high-speed solutions, for providing reliable and timely internet access and services. All of these factors are out of the Company's control. To the extent that the internet continues to experience an increased number of users, frequency of use, or bandwidth requirements, the internet may become congested and be unable to support the demands placed on it, and its performance or reliability may decline. Any internet outages or delays could adversely affect the Company's ability to provide services to its customers. Currently, internet access is provided by telecommunications companies and internet access service providers that have significant and increasing market power in the broadband and internet access marketplace. In the absence of government regulation, these providers could take measures that affect their customers' ability to use the Company's products and services, such as attempting to charge their customers more for using the Company's products and services. To the extent that internet service providers implement usage-based pricing, including meaningful bandwidth caps, or otherwise try to monetize access to their networks, the Company could incur greater operating expenses and customer acquisition and retention could be negatively impacted. Furthermore, to the extent network operators were to create tiers of internet access service and either charge the Company for or prohibit the Company's services from being available to its customers through these tiers, its business could be negatively impacted. Some of these providers also offer products and services that directly compete with the Company's own offerings, which could potentially give them a competitive advantage.

Technology - Risk 2

Any significant disruption in service in the Company's computer systems, or caused by its third-party storage and system providers, could damage its reputation and result in a loss of customers, which would harm its business, financial condition, and operating results.

The Company's reputation, and ability to attract, retain and serve its customers is dependent upon the reliable performance of its network infrastructure and payment systems, and its customers' ability to readily access their stored files. The Company has experienced interruptions in these systems in the past, including server failures that temporarily slowed down its customers' ability to access their stored files, or made the Company's infrastructure inaccessible, and it may experience interruptions or outages in the future. In addition, while the Company both operates and maintains elements of network infrastructure, some elements of this complex system are operated by third parties that the Company does not control and that would require significant time to replace. The Company expects this dependence on third parties to increase. In particular, the Company utilizes IBM and Intel to provide equipment and support. All of these third-party systems are located in data center facilities operated by third parties. While these data centers are of the highest level, Tier 3, there can be no assurance that they will not experience disruptions that will adversely impact the Company's ability to service its customers. The Company's data center leases expire at various times between 2023 and 2024 with rights of extension. If the Company were unable to renew these agreements on commercially reasonable terms, it may be required to transfer that portion of its computing and storage capacity to new data center facilities, and it may incur significant costs and possible service interruption in connection with doing so. The Company also relies upon third-party colocation providers to host its main servers. If these providers are unable to handle current or higher volumes of use, experience any interruption in operations or cease operations for any reason or if the Company is unable to agree on satisfactory terms for continued hosting relationships, the Company would be forced to enter into a relationship with other service providers or assume hosting responsibilities itself. If the Company is forced to switch data center facilities, which in itself is a competitive industry, it may not be successful in finding an alternative service provider on acceptable terms or in hosting the computer servers itself. The Company may also be limited in its remedies against these providers in the event of a failure of service. Interruptions, outages and/or failures in the Company's own systems, the third-party systems and facilities on which we rely, or the use of its data center facilities, whether due to system failures, computer viruses, cybersecurity attacks, physical or electronic break-ins, damage or interruption from human error, power losses, natural disasters or terrorist attacks, hardware failures, systems failures, telecommunications failures or other factors, could affect the security or availability of infrastructure, prevent the Company from being able to continuously back up its customers' data or its customers from accessing their stored data, and may damage or delete its customers' stored files. If this were to occur, the Company's reputation could be compromised, and it could be subject to liability to the customers that were affected. Any financial difficulties, such as bankruptcy, faced by the Company's third-party data center operators, its third-party colocation providers, or any of the service providers with whom the Company or they contract, may have negative effects on its business, the nature and extent of which are difficult to predict. Moreover, if its third-party data center providers or its third-party colocation providers are unable to keep up with the Company's growing needs for capacity, this could have an adverse effect on the Company's business. Interruptions in the Company's services might reduce its revenue, cause it to issue credits or refunds to customers, subject it to potential liability, or harm its renewal rates. In addition, prolonged delays or unforeseen difficulties in connection with adding storage capacity or upgrading its network architecture when required may cause the Company's service quality to suffer. Problems with the reliability or security of the Company's systems could harm its reputation, and the cost of remedying these problems could negatively affect the Company's business, financial condition, and operating results.

Production

Total Risks: 3/33 (9%)Below Sector Average

Employment / Personnel1 | 3.0%

Employment / Personnel - Risk 1

The loss of the Company's key personnel, or its failure to attract, integrate, and retain other highly qualified personnel, could harm its business and growth prospects.

The Company depends on the continued service and performance of its key personnel. In addition, many of the Company's key technologies and systems are custom-made for its business by its personnel. The loss of key personnel, including key members of the Company's management team, as well as certain of its key marketing, sales, product development, or technology personnel, could disrupt its operations and have an adverse effect on its ability to grow its business. In addition, several of the Company's key personnel have only recently been employed by it, and the Company is still in the process of integrating these personnel into its operations. The Company's failure to successfully integrate these key employees into its business could adversely affect its business. To execute the Company's growth plan, it must attract and retain highly qualified personnel. Competition for these employees is intense, and the Company may not be successful in attracting and retaining qualified personnel. The Company, from time to time in the past, experienced, and it expects to continue to experience, difficulty in hiring and retaining highly-skilled employees with appropriate qualifications. New hires require significant training and, in most cases, take significant time before they achieve full productivity. The Company's recent hires and planned hires may not become as productive as it expects, and it may be unable to hire or retain sufficient numbers of qualified individuals. Many of the companies with which it competes for experienced personnel have greater resources than it has. In addition, in making employment decisions, particularly in the internet and high-technology industries, job candidates often consider the value of the equity that they are to receive in connection with their employment. In addition, employees may be more likely to voluntarily exit the Company if the shares underlying their vested and unvested options, as well as unvested restricted stock units, have significantly depreciated in value resulting in the options they are holding potentially being significantly above the market price of the Company's common stock and the value of the restricted stock units decreasing. If the Company fails to attract new personnel, or fails to retain and motivate its current personnel, its business and growth prospects could be severely harmed.

Supply Chain2 | 6.1%

Supply Chain - Risk 1

The Company relies on third-party software to develop and provide its solutions, including server software and licenses from third parties to use patented intellectual property.

The Company relies on software licensed from third parties to develop and offer its solutions. In addition, the Company may need to obtain future licenses from third parties to use intellectual property associated with the development of its solutions, which might not be available to the Company on acceptable terms, or at all. Any loss of the right to use any software required for the development and maintenance of the Company's solutions could result in delays in the provision of its solutions until equivalent technology is either developed by the Company, or, if available from others, is identified, obtained, and integrated, which delay could harm its business. Any errors or defects in third-party software could result in errors or a failure of its solutions, which could harm its business.

Supply Chain - Risk 2

The Company primarily depends upon third-party distribution companies to generate new customers. The Company's relationships with its partners and distributors may be terminated or may not continue to be beneficial in generating new customers, which could adversely affect its ability to increase its customer base.

The Company maintains a network of distributors, which refer customers to it through links on their websites or promotion to their customers. The number of customers that the Company can add through these relationships is dependent on the marketing efforts of distributors, over which it has little control. If the Company is unable to maintain its relationships, or renew contracts on favorable terms, with existing partners and distributors or establish new contractual relationships with potential partners and distributors, it may experience delays and increased costs in adding customers, which could have a material adverse effect on the Company. The Company's distributors also provide services to other third parties and therefore may not devote their full time and attention to promoting the Company's products and services.

Legal & Regulatory

Total Risks: 2/33 (6%)Below Sector Average

Environmental / Social2 | 6.1%

Environmental / Social - Risk 1

The Company's solutions are used by customers in the health care industry, and it must comply with numerous federal and state laws related to patient privacy in connection with providing its solutions to these customers. In particular, the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), and the Health Information Technology for Economic and Clinical Health Act ("HITECH") include privacy standards that protect individual privacy by limiting the uses and disclosures of individually identifiable health information and implementing data security standards. Because the Company's solutions may backup individually identifiable health information for its customers, its customers are mandated by HIPAA to enter into written agreements with us known as business associate agreements that require the Company to safeguard individually identifiable health information. Business associate agreements typically include: - a description of the Company's permitted uses of individually identifiable health information;- a covenant not to disclose that information except as permitted under the agreement and to make the Company's subcontractors, if any, subject to the same restrictions;- assurances that appropriate administrative, physical, and technical safeguards are in place to prevent misuse of that information;- an obligation to report to the Company's customers any use or disclosure of that information other than as provided for in the agreement;- a prohibition against the Company's use or disclosure of that information if a similar use or disclosure by its customers would violate the HIPAA standards;- the ability of the Company's customers to terminate their subscription to its solution if the Company breaches a material term of the business associate agreement and are unable to cure the breach;- the requirement to return or destroy all individually identifiable health information at the end of the customer's subscription; and - access by the Department of Health and Human Services to the Company's internal practices, books, and records to validate that we are safeguarding individually identifiable health information. The Company may not be able to adequately address the business risks created by HIPAA or HITECH implementation or comply with its obligations under its business associate agreements. Furthermore, the Company is unable to predict what changes to HIPAA, HITECH or other laws or regulations might be made in the future or how those changes could affect its business or the costs of compliance. Failure by the Company to comply with any of the federal and state standards regarding patient privacy may subject the Company to penalties, including civil monetary penalties and, in some circumstances, criminal penalties, which could have an adverse effect on its business, financial condition, and operating results.

Environmental / Social - Risk 2

The Company is subject to governmental regulation and other legal obligations related to privacy, and any actual or perceived failure to comply with such obligations would harm its business.

The Company receives, stores, and processes personal information and other customer data and maintains specific protocols and procedures to help safeguard the privacy of that personal information and customer data. Personal privacy has become a significant issue in the United States and in many other countries where the Company may offer its offering of solutions. The regulatory framework for privacy issues worldwide is currently complex and evolving, and it is likely to remain uncertain for the foreseeable future. There are numerous federal, state, local, and foreign laws regarding privacy and the storing, sharing, use, processing, disclosure and protection of personal information and other customer data, the scope of which are changing, subject to differing interpretations, and may be inconsistent among countries or conflict with other rules. The Company generally seeks to comply with industry standards and is subject to the terms of its privacy policies and privacy-related obligations to third parties. The Company strives to comply with all applicable laws, policies, legal obligations, and industry codes of conduct relating to privacy and data protection to the extent possible. However, it is possible that these obligations may be interpreted and applied in a manner that is inconsistent from one jurisdiction to another and may conflict with other rules or the Company's practices. Any failure or perceived failure by the Company to comply with its privacy policies, its privacy-related obligations to customers or other third parties, its privacy-related legal obligations, or any compromise of security that results in the unauthorized release or transfer of personally identifiable information or other customer data, may result in governmental enforcement actions, litigation, or public statements against the Company by consumer advocacy groups or others and could cause its customers to lose trust in the Company, which could have an adverse effect on the Company's reputation and business. The Company's customers may also accidentally disclose their passwords or store them on a mobile device that is lost or stolen, creating the perception that its systems are not secure against third-party access. Additionally, if third parties that the Company works with, such as vendors or developers, violate applicable laws or its policies, such violations may also put its customers' information at risk and could in turn have an adverse effect on its business. Any significant change to applicable laws, regulations, or industry practices regarding the use or disclosure of the Company's customers' data, or regarding the manner in which the express or implied consent of customers for the use and disclosure of such data is obtained, could require it to modify its solutions and features, possibly in a material manner, and may limit its ability to develop new services and features that make use of the data that its customers voluntarily share with the Company.

Macro & Political

Total Risks: 1/33 (3%)Below Sector Average

International Operations1 | 3.0%

International Operations - Risk 1

The Company's intended international expansion will subject it to risks typically encountered when operating internationally.

The Company intends to expand internationally which subjects it to new risks that it has not generally faced in the United States. These risks include: - localization of the Company's solutions, including translation into foreign languages and adaptation for local practices and regulatory requirements;- lack of experience in other geographic markets;- strong local competitors;- cost and burden of complying with, lack of familiarity with, and unexpected changes in foreign legal and regulatory requirements, including consumer and data privacy laws;- difficulties in managing and staffing international operations;- potentially adverse tax consequences, including the complexities of transfer pricing, foreign value added or other tax systems, double taxation, and restrictions, and/or taxes on the repatriation of earnings;- dependence on third parties, including channel partners with whom we do not have extensive experience;- compliance with the Foreign Corrupt Practices Act, economic sanction laws and regulations, export controls, and other U.S. laws and regulations regarding international business operations;- increased financial accounting and reporting burdens and complexities;- political, social, and economic instability abroad, terrorist attacks, and security concerns in general; and - reduced or varied protection for intellectual property rights in some countries. Operating in international markets also requires significant management attention and financial resources. The investment and additional resources required to establish operations and manage growth in other countries may not produce desired levels of revenue or profitability. The Company's software contains encryption technologies, certain types of which are subject to U.S. and foreign export control regulations and, in some foreign countries, restrictions on importation and/or use. Any failure on the Company's part to comply with encryption or other applicable export control requirements could result in financial penalties or other sanctions under the U.S. export regulations, including restrictions on future export activities, which could harm its business and operating results. Regulatory restrictions could impair the Company's access to technologies that it seeks for improving its solutions and may also limit or reduce the demand for its solutions outside of the U.S.

See a full breakdown of risk according to category and subcategory. The list starts with the category with the most risk. Click on subcategories to read relevant extracts from the most recent report.

FAQ

What are “Risk Factors”?

Risk factors are any situations or occurrences that could make investing in a company risky.

The Securities and Exchange Commission (SEC) requires that publicly traded companies disclose their most significant risk factors. This is so that potential investors can consider any risks before they make an investment.

They also offer companies protection, as a company can use risk factors as liability protection. This could happen if a company underperforms and investors take legal action as a result.

It is worth noting that smaller companies, that is those with a public float of under $75 million on the last business day, do not have to include risk factors in their 10-K and 10-Q forms, although some may choose to do so.

How do companies disclose their risk factors?

Publicly traded companies initially disclose their risk factors to the SEC through their S-1 filings as part of the IPO process.

Additionally, companies must provide a complete list of risk factors in their Annual Reports (Form 10-K) or (Form 20-F) for “foreign private issuers”.

Quarterly Reports also include a section on risk factors (Form 10-Q) where companies are only required to update any changes since the previous report.

According to the SEC, risk factors should be reported concisely, logically and in “plain English” so investors can understand them.

How can I use TipRanks risk factors in my stock research?

Use the Risk Factors tab to get data about the risk factors of any company in which you are considering investing.

You can easily see the most significant risks a company is facing. Additionally, you can find out which risk factors a company has added, removed or adjusted since its previous disclosure. You can also see how a company’s risk factors compare to others in its sector.

Without reading company reports or participating in conference calls, you would most likely not have access to this sort of information, which is usually not included in press releases or other public announcements.

A simplified analysis of risk factors is unique to TipRanks.

What are all the risk factor categories?

TipRanks has identified 6 major categories of risk factors and a number of subcategories for each. You can see how these categories are broken down in the list below.

1. Financial & Corporate

Accounting & Financial Operations - risks related to accounting loss, value of intangible assets, financial statements, value of intangible assets, financial reporting, estimates, guidance, company profitability, dividends, fluctuating results.
Share Price & Shareholder Rights – risks related to things that impact share prices and the rights of shareholders, including analyst ratings, major shareholder activity, trade volatility, liquidity of shares, anti-takeover provisions, international listing, dual listing.
Debt & Financing – risks related to debt, funding, financing and interest rates, financial investments.
Corporate Activity and Growth – risks related to restructuring, M&As, joint ventures, execution of corporate strategy, strategic alliances.

2. Legal & Regulatory

Litigation and Legal Liabilities – risks related to litigation/ lawsuits against the company.
Regulation – risks related to compliance, GDPR, and new legislation.
Environmental / Social – risks related to environmental regulation and to data privacy.
Taxation & Government Incentives – risks related to taxation and changes in government incentives.

3. Production

Costs – risks related to costs of production including commodity prices, future contracts, inventory.
Supply Chain – risks related to the company’s suppliers.
Manufacturing – risks related to the company’s manufacturing process including product quality and product recalls.
Human Capital – risks related to recruitment, training and retention of key employees, employee relationships & unions labor disputes, pension, and post retirement benefits, medical, health and welfare benefits, employee misconduct, employee litigation.

4. Technology & Innovation

Innovation / R&D – risks related to innovation and new product development.
Technology – risks related to the company’s reliance on technology.
Cyber Security – risks related to securing the company’s digital assets and from cyber attacks.
Trade Secrets & Patents – risks related to the company’s ability to protect its intellectual property and to infringement claims against the company as well as piracy and unlicensed copying.

5. Ability to Sell

Demand – risks related to the demand of the company’s goods and services including seasonality, reliance on key customers.
Competition – risks related to the company’s competition including substitutes.
Sales & Marketing – risks related to sales, marketing, and distribution channels, pricing, and market penetration.
Brand & Reputation – risks related to the company’s brand and reputation.

6. Macro & Political

Economy & Political Environment – risks related to changes in economic and political conditions.
Natural and Human Disruptions – risks related to catastrophes, floods, storms, terror, earthquakes, coronavirus pandemic/COVID-19.
International Operations – risks related to the global nature of the company.
Capital Markets – risks related to exchange rates and trade, cryptocurrency.

Become an Expert with TipRanks Premium

What am I Missing?

Make informed decisions based on Top Analysts' activity

Know what industry insiders are buying

Get actionable alerts from top Wall Street Analysts

Find out before anyone else which stock is going to shoot up

Get powerful stock screeners & detailed portfolio analysis

Subscribe Now See Plans & Pricing