Formula Systems (FORTY) Risk Analysis

Because certain of our solutions are complex and require rigorous testing, development cycles can be lengthy, taking us up to two years to develop and introduce new, enhanced or modified solutions. Moreover, development projects can be technically challenging and expensive. The nature of these development cycles may cause us to experience delays between the time we incur expenses associated with research and development and the time we generate revenues, if any, from such expenses. We may not have, in the future, sufficient funds or other resources to make the required investments in product development. Furthermore, we may invest substantial resources in the development of solutions that do not achieve market acceptance or commercial success. Even where we succeed in our sales efforts and obtain new orders from customers, the complexity involved in delivering our solutions to such customers makes it more difficult for us to consummate delivery in a timely manner and to recognize revenue and maximize profitability. Failure to deliver our solutions in a timely manner could result in order cancellations, damage our reputations and require us to indemnify our customers. Any of these risks relating to our lengthy and expensive development cycle could have a material adverse effect on our business, financial conditions and results of operations.

We use technology and intellectual property licensed from unaffiliated third parties in certain of our products, and we may license additional third-party technology and intellectual property in the future. Any errors or defects in this third-party technology and intellectual property could result in errors that could harm our brand and business. In addition, licensed technology and intellectual property may not continue to be available on commercially reasonable terms, or at all. The loss of the right to license and distribute this third party technology could limit the functionality of our products and might require us to redesign our products. Further, although we believe that there are currently adequate replacements for the third-party technology and intellectual property we presently use and distribute, the loss of our right to use any of this technology and intellectual property could result in delays in producing or delivering affected products until equivalent technology or intellectual property is identified, licensed or otherwise procured, and integrated. Our business would be disrupted if any technology and intellectual property we license from others or functional equivalents of this software were either no longer available to us or no longer offered to us on commercially reasonable terms. In either case, we would be required either to attempt to redesign our products to function with technology and intellectual property available from other parties or to develop these components ourselves, which would result in increased costs and could result in delays in product sales and the release of new product offerings. Alternatively, we might be forced to limit the features available in affected products. Any of these results could harm our business and impact our results of operations.

Maintaining the security of the software solutions and related services that we offer is a critical issue for us and our customers. Security researchers, criminal hackers and other third parties regularly develop new techniques to penetrate our customers' end points, information systems and network security measures. Cyber threats are constantly evolving and becoming increasingly sophisticated and complex, making it increasingly difficult to detect and successfully defend against them. Unauthorized parties have, in the past, infiltrated Sapiens' internal IT systems, gaining access to certain proprietary information. If they were to similarly breach the security related to, and misuse, software solutions that we offer, they might access the authentication, payment and personal information of our customers. In addition, cyber-attackers (which may include individuals or groups, as well as sophisticated groups such as nation-state and state-sponsored attackers, which can deploy significant resources to plan and carry out exploits) also develop and deploy viruses, worms, credential stuffing attack tools and other malicious software programs, some of which may be specifically designed to attack the solutions and services that we offer. Software and operating system applications that we develop have contained and may contain defects in design or manufacture, including bugs, vulnerabilities and other problems that could unexpectedly compromise the security of the software or impair a customer's ability to operate or use our solutions. The costs to prevent, eliminate, mitigate, or alleviate cyber- or other security problems, bugs, viruses, worms, malicious software programs and security vulnerabilities are significant, and our efforts to address these problems, including notifying affected parties, may not be successful or may be delayed and could result in interruptions, delays, cessation of service and loss of existing or potential customers. It is impossible to predict the extent, frequency or impact these problems may have on us. Actual and potential breaches of our security measures and the accidental loss, inadvertent disclosure or unauthorized dissemination of proprietary information or sensitive, personal or confidential data about our customers, including the potential loss or disclosure of such information or data as a result of hacking, fraud, trickery or other forms of deception, could expose our customers to a risk of loss or misuse of this information. This may result in litigation and liability or fines, our compliance with costly and time-intensive notice requirements, governmental inquiry or oversight or a loss of customer confidence, any of which could harm our business or damage our brand and reputation, thereby requiring time and resources to mitigate these impacts. From time to time we have identified, and in the future we may identify other, vulnerabilities in some of our solutions and services. We devote significant resources to address security vulnerabilities through engineering more secure solutions, enhancing security and reliability features in our solutions and services, code hardening, conducting rigorous penetration tests, deploying updates to address security vulnerabilities, regularly reviewing our solutions' security controls, reviewing and auditing our solutions against independent security control frameworks (such as ISO 27001, SOC 2), providing resources such as security training for our customers' workforces and improving our incident response time, but security vulnerabilities cannot be totally eliminated. The cost of these steps could reduce our subsidiaries' or our operating margins, and we may be unable to implement these measures quickly enough to prevent cyber-attackers from gaining unauthorized access into our solutions. Despite our preventative efforts, actual or perceived security vulnerabilities in our solutions may harm our subsidiaries' or our reputation or lead to claims against our subsidiaries (and have in the past led to such claims) or us, and could lead some customers to stop using certain systems or services, to reduce or delay future purchases of solutions or services, or to use competing solutions or services. If we do not make the appropriate level of investment in our solutions or if our solutions become out-of-date or obsolete and we are not able to deliver the quality of data security our customers require, our business could be adversely affected. Customers may also adopt security measures designed to protect their existing computer systems from attack, which could delay their adoption of our new solutions. Moreover, delayed sales, lower margins or lost customers resulting from disruptions caused by cyber-attacks and implementation of preventative measures could adversely affect our financial results, share price and reputation.

Some of our services and technologies may incorporate software licensed under so-called "open source" licenses, including, but not limited to, the GNU General Public License and the GNU Lesser General Public License. In addition to risks related to license requirements, usage of open source software can lead to greater risks than use of third-party commercial software, as open source licensors generally do not provide warranties or controls on origin of the software. Additionally, open source licenses typically require that source code subject to the license be made available to the public and that any modifications or derivative works to open source software continue to be licensed under open source licenses. These open source licenses typically mandate that proprietary software, when combined in specific ways with open source software, become subject to the open source license. If we combine our proprietary software with open source software, we could be required to release the source code of our proprietary software. We take steps to ensure that our proprietary software is not combined with, and does not incorporate, open source software in ways that would require our proprietary software to be subject to an open source license. However, few courts have interpreted open source licenses, and the manner in which these licenses may be interpreted and enforced is therefore subject to some uncertainty. Additionally, we rely on multiple software programmers to design our proprietary technologies, and although we take steps to prevent our programmers from including open source software in the technologies and software code that they design, write and modify, we do not exercise complete control over the development efforts of our programmers and we cannot be certain that our programmers have not incorporated open source software into our proprietary products and technologies or that they will not do so in the future. In the event that portions of our proprietary technology are determined to be subject to an open source license, we could be required to publicly release the affected portions of our source code, re-engineer all or a portion of our technologies, or otherwise be limited in the licensing of our technologies, each of which could reduce or eliminate the value of our services and technologies and materially and adversely affect our business, results of operations and prospects.

Our business is, in part, characterized by relatively large, complex implementation projects or engagements that can have a material impact on our total revenue and cost of revenue from quarter to quarter. A material percentage of our expenses, particularly employee compensation, are relatively fixed. Therefore, variations in the timing of the initiation, estimated scope of work, progress or completion of projects or engagements can cause significant variations in operating results from quarter to quarter. This is particularly the case for fixed-price contracts, where our delivery requirements sometimes span more than one year. For a highly complex, fixed-price project that requires customization, we may not be able to accurately estimate our actual costs of completing the project. We are sometimes dependent on the assistance of third-parties (such as our customers' vendors or IT employees, or our system integrator partners) in implementing such projects, which may not be provided in a timely manner. If our actual cost-to-completion of a project significantly exceeds the estimated costs, we could experience a loss on the related contract, which (when multiplied by multiple projects) could have an adverse effect on our results of operations, financial position and cash flow. Similarly, delays in implementation projects (whether fixed price or not) may affect our revenue and cause our operating results to vary. Some of our solutions are delivered over periods of time ranging from several months to a few years. Payment terms for those solutions are generally based on periodic payments or on the achievement of milestones. Any delays in payment or in the achievement of milestones may have an adverse effect on our results of operations, financial position or cash flows. For non-fixed price contracts, we generally provide our customers with up-front estimates regarding the duration, budget and costs associated with the implementation of their project. Due to the complexities described above, however, we may not meet those upfront estimates and/or the expectations of our customers, which could lead to a dispute with a client. In the past, these disputes have sometimes arisen with significant customers of Sapiens that have accounted for a significant portion of its revenues, and the settlement of these disputes reduced its revenues and operating profit relative to its prior estimates. In 2023 and 2022, certain customers of Sapiens canceled projects with us at the stage of implementation, resulting in the loss of potential future revenues from those customers. We expect that we may have similar cancellations by our customers in the future, during the implementation phase. These cancellations, if coupled with disputes with significant customers in the future, whether or not due to failure on our part, could result in lost revenues, lower profit margins, legal claims against us and even the refund of the customers' money and could harm our reputation, thereby adversely affecting our ability to attract new customers and to sell additional solutions and services to existing customers.

As we seek to expand the marketing and offering of our products into new territories, because insurance regulations vary by legal jurisdiction, the investment required to adapt our solutions to the legal and language requirements of such territories may prevent or delay us from effectively expanding into such territories. Such adaptation process requires the retention of new, additional skilled personnel with knowledge of the particular market and applicable regulatory regime. Such skilled personnel may not be available at a reasonable cost relative to the additional revenues that we expect to recognize in those territories or may not be available at all. However, since insurance carriers are regularly required to adopt their systems and software to comply with the changing regulations, this provides an additional revenue source for Sapiens by providing related services for compliance.

Our Matrix and Magic Software subsidiaries and our TSG affiliate perform work for a wide range of Israeli governmental agencies and related subcontractors. Any reduction or elimination for political or economic reasons of total Israeli government spending (that could happen for example as a result of the "Iron Sword War" or political instability, or cuts in Israel's future state budget, or a pandemic, like it previously happened with COVID-19) may reduce our revenues and profitability. In addition, the Government of Israel has experienced significant delays in the approval of its annual budget in recent years. Such delays in the future could negatively affect our cash flows by delaying the receipt of payments from the government of Israel for services performed.

Because a material part of our and our subsidiaries' operations are conducted in Israel and certain members of our board of directors and management as well as many of our subsidiaries' employees and consultants', including employees of our service providers, are located in Israel, our business and operations, as well as those of our subsidiaries, are directly affected by economic, political, geopolitical and military conditions in Israel. Since the establishment of the State of Israel in 1948, a number of armed conflicts have occurred between Israel and its neighboring countries and terrorist organizations active in the region. These conflicts have involved missile strikes, hostile infiltrations and terrorism against civilian targets in various parts of Israel, which have negatively affected business conditions in Israel. In October 2023, Hamas terrorists infiltrated Israel's southern border from the Gaza Strip and conducted a series of attacks on civilian and military targets which, according to the data known today, claimed the lives of over 1,400 Israelis and injured thousands more. In addition, over 130 Israeli citizens and soldiers are defined as abductees at this time. Hamas also launched extensive rocket attacks on Israeli population and industrial centers located along Israel's border with the Gaza Strip and in other areas within the State of Israel. These attacks resulted in extensive deaths, injuries and kidnapping of civilians and soldiers. Following the attack, Israel's security cabinet declared war against Hamas and a military campaign against these terrorist organizations commenced in parallel to their continued rocket and terror attacks. In addition, since the commencement of these events, there have been continued hostilities along Israel's northern border with Lebanon (with the Hezbollah terror organization) and southern border (with the Houthi movement in Yemen, as described below). Furthermore, and more recently Iran also initiated missiles and rockets attack against Israeli military sites in southern Israel. As such, relations between Israel and Iran continue to be seriously strained, especially with regard to Iran's nuclear program and Iran has targeted cyber-attacks against Israeli entities. It is possible that hostilities with Hezbollah in Lebanon will escalate, and that other terrorist organizations, including Palestinian military organizations in the West Bank as well as other hostile countries, such as Iran, will join the hostilities. Such clashes may escalate in the future into a greater regional conflict. As of the date of the report, and close to the date of publication of the report, approximately 600 and approximately 350 (respectively) of the Formula Group's employees are recruited into the reserves, and this is after the peak of the company's employees recruited into the reserves reached over 900. The intensity and duration of Israel's current war against Hamas is difficult to predict, as are such war's economic implications on the Company's business and operations, as well of those of our subsidiaries, and on Israel's economy in general. These events may be intertwined with wider macroeconomic indications of a deterioration of Israel's economic standing that may involve a downgrade in Israel's credit rating by rating agencies (such as the recent downgrade by Moody's of its credit rating of Israel from A1 to A2, as well as the downgrade of its outlook rating from "stable" to "negative") and S&P Global Ratings downgraded its rating by one notch from AA- to A+ with a negative outlook, which altogether may have a material adverse effect on our and our subsidiaries future results of operations and on our collective ability to effectively conduct our operations. In connection with the Israeli security cabinet's declaration of war against Hamas and possible hostilities with other organizations, several hundred thousand Israeli military reservists were drafted to perform immediate military service. Although many of such military reservists have since been released, they may be called up for additional reserve duty, depending on developments in the war in Gaza and along Israel's other borders. Certain of our employees and consultants in Israel, as well as those of our subsidiaries', in addition to employees of our service providers located in Israel, have been called, and additional employees may be called, for service in the current or future wars or other armed conflicts with Hamas as well as the other pending or future armed conflicts in which Israel is or may become engaged, and such persons may be absent for an extended period of time. As a result, our operations may be disrupted by such absences, which disruption may materially and adversely affect our business and results of operations. Additionally, the absence of employees of our Israeli suppliers and contract manufacturers due to their military service in the current or future wars or other armed conflicts may disrupt their operations, which in turn may materially and adversely affect our ability to deliver or provide products and services to customers. The hostilities with Hamas, Hezbollah and other organizations and countries have included and may include terror, missile and drone attacks. In the event that our facilities are damaged as a result of hostile actions, or hostilities otherwise disrupt our ongoing operations, our ability to deliver or provide products and services in a timely manner to meet our contractual obligations towards customers and vendors could be materially and adversely affected. Our commercial insurance does not cover losses that may occur as a result of events associated with war and terrorism. Although the Israeli government currently covers the reinstatement value of direct damages that are caused by terrorist attacks or acts of war, we cannot assure you that such government coverage will be maintained or that it will sufficiently cover our potential damages. Any losses or damages incurred by us could have a material adverse effect on our business. In addition, some countries around the world restrict doing business with Israel and Israeli companies, and additional countries may impose restrictions on doing business with Israel and Israeli companies if hostilities in Israel or political instability in the region continue or increase. These restrictions may limit materially our ability to obtain raw materials from these countries or sell our products and provide our services to companies and customers in these countries. In addition, there have been increased efforts by countries, activists and organizations to cause companies and consumers to boycott Israeli goods and services. In addition, in January 2024 the International Court of Justice, or ICJ, issued an interim ruling in a case filed by South Africa against Israel in December 2023, making allegations of genocide amid and in connection with the war in Gaza, and ordered Israel, among other things, to take measures to prevent genocidal acts, prevent and punish incitement to genocide, and take steps to provide basic services and humanitarian aid to civilians in Gaza. There are concerns that companies and businesses will terminate, and may have already terminated, certain commercial relationships with Israeli companies following the ICJ decision. The foregoing efforts by countries, activists and organizations, particularly if they become more widespread, as well as the ICJ rulings and future rulings and orders of other tribunals against Israel (if handed), may materially and adversely impact our ability to sell and provide our products and services outside of Israel. Furthermore, following Hamas' attack on Israel and Israel's security cabinet declaration of war against Hamas, the Houthi movement, which controls parts of Yemen, launched a number of attacks on marine vessels traversing the Red Sea, which marine vessels were thought to either be in route towards Israel or to be partly owned by Israeli businessmen. The Red Sea is a vital maritime route for international trade traveling to or from Israel. As a result of such disruptions, we have experienced in the past and may experience in the future delays in supplier deliveries (including electronic components and other products upon which we rely), extended lead times, and increased cost of freight, increased insurance costs, purchased materials and manufacturing labor costs. The risk of ongoing supply disruptions may further result in delayed deliveries of our products and may also have adverse impact on economic conditions in Israel. Finally, political conditions within Israel may affect our operations. Israel has held five general elections between 2019 and 2022, and prior to October 2023, the Israeli government pursued extensive changes to Israel's judicial system, which sparked extensive political debate and unrest. In response to such initiative, many individuals, organizations and institutions, both within and outside of Israel, voiced concerns that the proposed changes may negatively impact the business environment in Israel including due to reluctance of foreign investors to invest or transact business in Israel, as well as to increased currency fluctuations, downgrades in credit rating, increased interest rates, increased volatility in security markets and other changes in macroeconomic conditions. To date, these initiatives have been substantially put on hold. If such changes to Israel's judicial system are again pursued by the government and approved by the parliament, this may have an adverse effect on our business, our results of operations and our ability to raise additional funds, if deemed necessary by our management and board of directors.

Approximately forty-six percent (47%) of Sapiens' employees and approximately 5% of Magic Software employees are currently located in India. Our significant presence in India, in particular Sapiens' Research & Development personnel and its personnel for the delivery of its professional services, poses a number of challenges. Those challenges are related to more volatile economic conditions, poor protection of intellectual property, inadequate protection against crime (including counterfeiting, corruption and fraud), lack of due process, and inadvertent breaches of local laws or regulations. In addition, local business practices may be inconsistent with international regulatory requirements, such as anti-corruption and anti-bribery laws and regulations (including the U.S. Foreign Corrupt Practices Act and the U.K. Bribery Act) to which we are subject. It is possible that some of Sapiens' employees, subcontractors, agents or partners may violate such legal and regulatory requirements, which may expose it to criminal or civil enforcement actions, including penalties and suspension or disqualification from U.S. federal procurement contracting. If Sapiens fails to comply with such legal and regulatory requirements, our business and reputation may be harmed. Conducting business in India involves unique challenges, including potential political instability; threats of terrorism; the transparency, consistency and effectiveness of business regulation; corruption; the protection of intellectual property; and the availability of sufficient qualified local personnel. Any of these or other challenges associated with operating in India may adversely affect our business or operations. Terrorist activity in India and Pakistan has contributed to tensions between those countries and our operations in India may be adversely affected by future political and other events in the region.

Many of our subsidiaries derive revenues from international operations that are conducted in local currencies. Those operations are conducted in currencies that include the U.S. dollar, British pound sterling, or GBP, Euro, NIS, Danish Krone, or DKK, and Swedish Krona, or SEK. In some territories, like in Israel, India, and Poland, in some of our operations, our cost of operations in local currency is and may continue to be in the future higher than the revenues derived from such operations. In other territories, such as in the United Kingdom and Europe, in some of our operations, revenues are higher and may continue to be higher in the future than our cost of operations in local currency. Because exchange rates between the NIS, GBP, Euro, Indian Rupee, or INR, and the Polish Zloty, or PLN, against the US dollar fluctuate continuously, exchange rate fluctuations and especially larger periodic devaluations could negatively affect our revenue and profitability. In 2023, the GBP and Euro appreciated relative to the U.S. dollar by 1% and 3% (based on the average exchange rates over the course of 2023 as compared to 2022), respectively, thereby increasing the U.S. dollar value of the revenues that we generated in those other currencies. However, in 2022, those European currencies depreciated relative to the U.S. dollar by 14% and 13%, respectively, which had an adverse impact on our revenues and results of operations. Furthermore, in 2023 and in 2022, the NIS depreciated relative to the U.S. dollar by 9.7% (based on the average exchange rates over the course of 2023 as compared to 2022 and 2022 as compared to 2021, respectively), thereby decreasing the U.S. dollar value of our revenues thereby having a negative impact on our revenues and on our results of operations. However, in 2021, the NIS appreciated relative to the U.S. dollar by 6% which had positive impact on our revenues and our results of operations. Any continuation of that trend in future periods would have a similar adverse impact. In certain locations, we engage in currency-hedging transactions intended to reduce the effect of fluctuations in foreign currency exchange rates on our financial position and results of operations. However, there can be no assurance that any such hedging transactions will materially reduce the effect of fluctuation in foreign currency exchange rates on such results. In addition, if for any reason exchange or price controls or other restrictions on the conversion of foreign currencies were imposed, our financial position and results of operations could be adversely affected. For additional information relating to the exchange rates between different relevant currencies, see "Item 5. Operating and Financial Review and Prospects- Overview- Our Functional and Reporting Currency."

Some of our Israeli subsidiaries derive and expect to continue to derive significant benefits from various programs, including Israeli tax benefits relating to our "Preferred Technological Enterprise", or PTE, and our "Special Preferred Technological Enterprise," or SPTE, programs. To be eligible for tax benefits as a PTE or SPTE, these Israeli subsidiaries must continue to meet certain conditions including, with respect to Sapiens, consolidated group revenue at the level of Asseco (its and our controlling shareholder) of at least NIS 10 billion. If they do not meet the conditions stipulated in the Israeli Law for the Encouragement of Capital Investments, 5719-1959, or the Investment Law and the regulations promulgated thereunder, as amended, for the PTE, any of the associated tax benefits may be cancelled and they would be required to repay the amount of such benefits, in whole or in part, including interest and consumer price index, or CPI, linkage (or other monetary penalties). Further, in the future these tax benefits may be reduced or discontinued. While we believe that certain of our Israeli subsidiaries have met and continue to meet the conditions that entitle then to previously-obtained Israeli tax benefits, there can be no assurance that the Israeli Tax Authority will agree (for example, with respect to Sapiens and Magic Software, in case the overall revenue at the Asseco group level is lower than NIS 10 billion, or if Asseco no longer controls Sapiens).