Fiverr International (FVRR) Risk Factors

We report under the Exchange Act as a non-U.S. company with foreign private issuer status. Because we qualify as a foreign private issuer under the Exchange Act, we are exempt from certain provisions of the Exchange Act that are applicable to U.S. domestic public companies, including (1) the sections of the Exchange Act regulating the solicitation of proxies, consents or authorizations in respect of a security registered under the Exchange Act, (2) the sections of the Exchange Act requiring insiders to file public reports of their share ownership and trading activities and liability for insiders who profit from trades made in a short period of time and (3) the rules under the Exchange Act requiring the filing with the SEC of quarterly reports on Form 10-Q containing unaudited financial and other specified information, although we are subject to Israeli laws and regulations with regard to certain of these matters and furnish comparable quarterly information on Form 6-K. In addition, foreign private issuers are not required to file their annual report on Form 20-F until 120 days after the end of each fiscal year, while U.S. domestic issuers that are accelerated filers are required to file their annual report on Form 10-K within 75 days after the end of each fiscal year and U.S. domestic issuers that are large accelerated filers are required to file their annual report on Form 10-K within 60 days after the end of each fiscal year. Foreign private issuers are also exempt from Regulation FD, which is intended to prevent issuers from making selective disclosures of material information. As a result of all of the above, our shareholders may not have the same protections afforded to shareholders of a company that is not a foreign private issuer.

We are subject to export control and import laws and regulations, including the U.S. Export Administration Regulations, U.S. Customs regulations and various economic and trade sanctions regulations administered by the U.S. Treasury Department's Office of Foreign Assets Control. We are also subject to the U.S. Foreign Corrupt Practices Act of 1977, as amended, the U.S. domestic bribery statute contained in 18 U.S.C. § 201, the U.S. Travel Act, the USA PATRIOT Act, the United Kingdom Bribery Act 2010, the Proceeds of Crime Act 2002, Chapter 9 (sub-chapter 5) of the Israeli Penal Law, 1977, the Israeli Prohibition on Money Laundering Law-2000 and possibly other anti-bribery and anti-money laundering laws in countries outside of the United States in which we conduct our activities. Compliance with these laws has been the subject of increasing focus and activity by regulatory authorities, both in the United States and elsewhere, in recent years. Anti-corruption laws are interpreted broadly and prohibit companies and their employees and third-party intermediaries from authorizing, promising, offering, providing, soliciting or accepting, directly or indirectly, improper payments or benefits to or from any person whether in the public or private sector. Further, we historically had some users in Cuba, North Korea and Crimea, countries that are presently the subject of comprehensive sanctions by the United States government ("Sanctioned Countries"). We have taken steps to terminate existing accounts in Sanctioned Countries and have implemented various control mechanisms designed to prevent unauthorized dealings with Sanctioned Countries going forward. Although we endeavor to conduct our business in accordance with applicable laws and regulations, we cannot guarantee compliance. Noncompliance with anti-corruption, anti-money laundering, export control, sanctions and other trade laws could subject us to whistleblower complaints, investigations, sanctions, settlements, prosecution, other enforcement actions, disgorgement of profits, significant fines, damages, other civil and criminal penalties or injunctions, suspension and/or debarment from contracting with certain persons, the loss of export privileges, reputational harm, adverse media coverage and other collateral consequences. If any subpoenas or investigations are launched, or governmental or other sanctions are imposed, or if we do not prevail in any possible civil or criminal litigation, our business, results of operations and financial condition could be materially harmed. Responding to any action will likely result in a materially significant diversion of management's attention and resources and significant defense and compliance costs and other professional fees. In addition, regulatory authorities may seek to hold us liable for successor liability for violations committed by companies in which we invest or that we acquire. As a general matter, enforcement actions and sanctions could harm our business, results of operations and financial condition.

The application of indirect taxes, such as sales and use tax, to our business is a complex and evolving issue. Significant judgment is required to evaluate applicable tax obligations. As a result, amounts recorded may be subject to adjustments by the relevant tax authorities. In many cases, the ultimate tax determination is uncertain because it is not clear how new and existing statutes might apply to our business. One or more states, the U.S. federal government or other countries may seek to impose additional reporting, record-keeping or indirect tax collection obligations on businesses like ours that facilitate e- commerce. For example, state and local taxing authorities in the United States and taxing authorities in other countries have identified e-commerce platforms as a means to calculate, collect and remit indirect taxes for transactions taking place over the internet. Multiple U.S. states have enacted related legislation and other states are now considering such legislation.

We receive, collect, store, process, transfer and use personal data and other user data. The effectiveness of our technology, including our AI and platforms, and our ability to offer our platform to users rely on the collection, storage and use of this data concerning freelancers and other users, including personally identifying or other sensitive data. We have legal and contractual obligations regarding the protection of confidentiality and appropriate use and protection of certain data, including personal information. We are subject to numerous federal, state, local and international laws, directives and regulations regarding privacy, data protection and data security and the collection, storing, sharing, use, processing, transfer, disclosure and protection of personal information and other data, the scope of which are changing, are subject to differing interpretations, and may be inconsistent among jurisdictions or conflict with other legal and regulatory requirements. We are also subject to the terms of our privacy policies and certain contractual obligations to third parties related to privacy, data protection and data security. We strive to comply with our policies and applicable laws, regulations, contractual obligations and other legal obligations relating to privacy, data protection and data security to the extent possible. However, the regulatory framework for privacy, data protection and data security worldwide is changing constantly and is likely to remain uncertain and complex for the foreseeable future, and therefore it is possible that these or other actual or alleged obligations may be interpreted and applied in a manner that we do not anticipate or that is inconsistent from one jurisdiction to another, including across the various jurisdictions in which we operate remotely, and may conflict with other legal obligations or our practices. For example, European legislators adopted the GDPR, which became effective on May 25, 2018, and are now in the process of finalizing the ePrivacy Regulation to replace the European ePrivacy Directive (Directive 2002/58/EC as amended by Directive 2009/136/EC). The GDPR which is supplemented by national laws in individual EU member states, and the guidance of national supervisory authorities and the European Data Protection Board (“EDPB”) (and supplemented by national laws in individual EU member states), imposes more stringent data protection compliance requirements and provides for more significant penalties for noncompliance in the European Economic Area. The GDPR created new compliance obligations applicable to our business and users, which could cause us to change our business practices, and increases penalties for noncompliance (including possible fines of up to the greater of €20 million and 4% of our global annual turnover for the preceding financial year for the most serious violations, as well as the right to compensation for financial or non-financial damages claimed by any individuals under Article 82 of the GDPR and requirements to change our processing operations). We are taking steps to comply with the GDPR, but this is an ongoing compliance process. In addition, as of January 2021, as a result of the United Kingdom’s exit from the European Union, the United Kingdom has brought in its own domestic regime with UK GDPR and amendments to the Data Protection Act, which mirrors the obligations in the GDPR and imposes substantially similar penalties. Additionally, California passed the California Consumer Privacy Act (“CCPA”), which became effective on January 1, 2020. The CCPA provides new data privacy rights for consumers and new operational requirements for companies. California voters also passed the California Privacy Rights Act (“CPRA”) into law on November 3, 2020, which will not take substantial effect until January 1, 2023. The CPRA will significantly modify the CCPA, including adding new privacy rights and increasing regulation on online advertising. In addition, other new domestic data privacy laws, such as the Virginia Consumer Data Protection Act (“VCDPA”), which also goes into effect in January 2023, and the Colorado Privacy Act (“CPA”), which goes into effect in July 2023, similarly impose new privacy rights and obligations. More generally, some observers have noted the CCPA, CPRA, VCDPA, and CPA could mark the beginning of a trend toward more stringent United States federal privacy legislation, which could increase our potential liability and adversely affect our business. Moreover, the CCPA, and eventually the CPRA, VCDPA, CPA, and other legal and regulatory changes are making it easier for certain individuals to opt-out of having their personal data processed and disclosed to third parties through various opt-out mechanisms, which could result in an increase to our operational costs to ensure compliance with such legal and regulatory changes. In recent years, there has also been an increase in attention to and regulation of data protection and data privacy across the globe, including in the United States with the increasingly active approach of the Federal Trade Commission (“FTC”) to enforcing data privacy under the FTC Act Section 5 of the Unfair and Deceptive Acts framework. In addition, failure to comply with the Israeli Privacy Protection Law, 1981 (“Privacy Law”), and its regulations as well as the guidelines of the Israeli Privacy Protection Authority, may expose us to administrative fines, civil claims (including class actions) and in certain cases criminal liability. Current pending legislation may result in a change of the current enforcement measures and sanctions. Further, any failure or perceived failure by us to comply with our posted privacy policies, our privacy-related obligations to users or other third parties, or any other legal obligations or regulatory requirements relating to privacy, data protection or information security may result in governmental investigations or enforcement actions, litigation, claims or public statements against us by consumer advocacy groups or others and could result in significant liability, cause our users to lose trust in us, and otherwise materially and adversely affect our reputation and business. Furthermore, the costs of compliance with, and other burdens imposed by, the laws, regulations and policies that are applicable to the businesses of our users may limit the adoption and use of, and reduce the overall demand for, our platform. Additionally, if third parties we work with violate applicable laws, regulations or agreements, such violations may put our users’ data at risk, could result in governmental investigations or enforcement actions, fines, litigation, claims, or public statements against us by consumer advocacy groups or others and could result in significant liability, cause our users to lose trust in us and otherwise materially and adversely affect our reputation and business. Further, public scrutiny of, or complaints about, technology companies or their data handling or data protection practices, even if unrelated to our business, industry or operations, may lead to increased scrutiny of technology companies, including us, and may cause government agencies to enact additional regulatory requirements, or to modify their enforcement or investigation activities, which may increase our costs and risks. Additionally, certain actions of our users that are deemed to be a misuse of or unauthorized disclosure of another user’s personal data could negatively affect our reputation and brand and impose liability on us. While we have adopted policies regarding the misuse or unauthorized disclosure of personal data obtained through our services by our users and retain authority to put a hold on or permanently disable user accounts, users could nonetheless misuse or disclose another user’s personal data. The safeguards we have in place may not be sufficient to avoid liability on our part or avoid harm to our reputation and brand, especially if such misuse or unauthorized disclosure of personal data was high profile, which could adversely affect our ability to expand our user base, and our business and financial results. If we were found in violation of any applicable privacy or data protection laws or regulations, our business may be materially and adversely affected and we would likely have to change our business practices and potentially the services and features available through our platform. In addition, these laws and regulations could impose significant costs on us and could make it more difficult for us to use our current technology to promote certain Gigs and connect freelancers with buyers. In addition, if a breach of data security were to occur, or other violation of privacy or data protection laws and regulations were to be alleged, solutions may be perceived as less desirable and our business, prospects, financial condition and results of operations could be materially and adversely affected. Finally, any court ruling or other governmental action that imposes liability on providers of online services for the activities of their users and other third parties could harm our business. In such circumstances, we may also be subject to liability under applicable law in a way which may not be fully mitigated by the user terms of service we require our users to agree to. Any liability attributed to us could adversely affect our brand, reputation, our ability to expand our user base and our financial position.

Our ability to maintain the number of visitors directed to our websites is not entirely within our control. We depend in part on various internet search engines and other channels to direct a significant number of users to our website. Search engine companies change their natural search engine algorithms periodically, and our ranking in natural searches may be adversely affected by those changes, as has occurred from time to time. Search engine companies may also determine that we are not in compliance with their guidelines and consequently penalize us in their algorithms as a result. If search engines change or penalize us with their algorithms, terms of service, display or featuring of search results, we may be unable to cost-effectively drive users to our platform. Additionally, our competitors’ search engine optimization efforts may result in their websites receiving a higher search result page ranking than ours. This could decrease user engagement on our website and adversely affect the growth in our user base, and our business, prospects, financial condition and results of operations could be materially and adversely affected.

The size of our community of users, including both buyers and freelancers, is critical to our success. Over the past few years, we have experienced strong growth in the number of users on our platform, including the number of active buyers, but we do not know whether we will be able to achieve similar user growth rates in the future. Freelancers have many different ways of marketing their services and securing buyers, including meeting and contacting prospective buyers through other platforms, advertising to prospective buyers online or offline through other methods, signing up for online or offline third- party agencies or staffing firms or finding employment full-time or part-time through an agency or directly with a business. Buyers have similarly diverse options to find freelancers, such as engaging freelancers directly, finding freelancers through other online or offline platforms or through staffing firms and agencies or hiring temporary, full-time, or part-time employees. Any decrease in the attractiveness of our platform relative to these other options available to buyers and freelancers could lead to decreased engagement on our platform, which could result in a drop in revenue on our platform. In addition, a drop in engagement from buyers, including due to a general decrease in spending or otherwise as a result of the COVID-19 pandemic, could lead to diminished network effects and decrease the attractiveness of our platform to freelancers. If we fail to attract new freelancers or our existing freelancers decrease their use of or cease using our platform, the quality or types of services provided by freelancers that use our platform are not satisfactory to buyers, or freelancers increase their fees for services beyond the level that buyers are willing to pay, buyers may decrease their use of, or cease using, our platform. Key factors in attracting and retaining buyers include our ability to grow our brand awareness, attract and retain high-quality freelancers and increase the quantity and quality of Gigs posted on our core platform. A key factor in attracting and retaining freelancers, in turn, is maintaining and increasing the number of buyers using our platform. Thus, achieving growth in our community of buyers and freelancers may require us to increasingly engage in sophisticated and costly sales and marketing efforts that may not result in additional users. We may also need to modify our pricing model to attract and retain such users. Users can generally decide to cease using our platform at any time. Users may stop using our platform and related services if the quality of the user experience on our platform, including our support capabilities in the event of a problem, does not meet their expectations or keep pace with the quality of the user experience generally offered by competitive products and services. Users may also choose to cease using our platform if they perceive that our pricing model is not in line with the value they derive from our platform or for other reasons. In addition, expenditures by buyers may be cyclical and be affected by adverse changes in overall economic conditions or budgeting patterns. If we fail to attract new users or fail to maintain existing users, our revenue may grow more slowly than expected and our business could be materially and adversely affected.

We rely to some extent on third-party intellectual property, such as licenses to use software to operate our business and certain other copyrighted works. A successful infringement claim against us could result in monetary liability or a material disruption in our business. Although we require our employees not to infringe others’ intellectual property, we cannot be certain that our platform and brand names do not or will not infringe on valid patents, trademarks, copyrights or other intellectual property rights held by third parties. We may be subject to legal proceedings and claims from time to time relating to the intellectual property of others in the ordinary course of our business. We may incur substantial expenses in defending against third party infringement claims, regardless of their merit. Additionally, due to diversion of management time, expenses required to defend against any claim and the potential liability associated with any lawsuit, any significant litigation could significantly harm our business, financial condition and results of operations. If we were found to have infringed on the intellectual property rights of a third party, we could be liable to that party for license fees, royalty payments, lost profits or other damages, and the owner of the intellectual property may be able to obtain injunctive relief to prevent us from using the technology, software or brand name in the future. If the amount of these payments were significant, if we were prevented from incorporating certain technology or software into our platform or if we were prevented from using our brand names, our business, prospects, financial condition and results of operations could be materially and adversely affected.

Mobile devices are increasingly used for marketplace transactions. A growing portion of our users access our platform through mobile devices. There is no guarantee that popular mobile devices will continue to support our platform or that mobile device users will use our platform rather than competing products. We are dependent on the interoperability of our platform with popular mobile operating systems that we do not control, such as Android and iOS, and any changes in such systems that degrade the functionality of our website or apps or give preferential treatment to competitors could adversely affect our platform’s usage on mobile devices. Additionally, in order to deliver a high-quality mobile user experience, it is important that our platform is designed effectively and works well with a range of mobile technologies, systems, networks and standards that we do not control. We may not be successful in developing relationships with key participants in the mobile industry or in developing features that operate effectively with these technologies, systems, networks or standards. In the event that it is more difficult for our users to access and use our platform on their mobile devices or users find our mobile offering does not effectively meet their needs, our competitors develop products and services that are perceived to operate more effectively on mobile devices or our users choose not to access or use our platform on their mobile devices or use mobile products that do not offer access to our platform, our user growth and user engagement could be adversely impacted.

Our users have a global footprint that subjects us to the risks of being found to do business internationally. We have users located in over 160 countries, including some emerging markets where we have limited experience, where challenges can be significantly different from those we have faced in more developed markets and where business practices may create greater internal control risks. Because our platform is generally accessible by users worldwide, one or more jurisdictions may claim that we or our users are required to comply with their laws. Laws outside of the United States and Israel regulating internet, payments, escrow, privacy and data protection, taxation, terms of service, website accessibility, consumer protection, intellectual property ownership, services intermediaries, labor and employment, worker classification, background checks and recruiting and staffing companies, among others, which could be interpreted to apply to us, are often less favorable to us than those in the United States and Israel, giving greater rights to competitors, users and other third parties. Compliance with international laws and regulations may be more costly than expected, may require us to change our business practices or may restrict our service offerings, and the imposition of any such laws or regulations on us, our users or third parties that we or our users utilize to provide services may adversely affect our business, prospects, financial condition and results of operations. In addition, we may be subject to multiple overlapping legal or regulatory regimes that impose conflicting requirements and enhanced legal risks. Analysis of, and compliance with, global laws and regulations may substantially increase our cost of doing business. We may be unable to keep current with changes in laws and regulations as they develop. Although we are in the process of implementing policies and procedures designed to analyze whether these laws apply and, if applicable, ensure compliance with these laws and regulations, there can be no assurance that we will always be in compliance or that all of our employees, contractors, partners, users and agents will comply at all times. Any violations could result in enforcement actions, fines, civil and criminal penalties, interest, costs and fees (including but not limited to legal fees), injunctions, loss of intellectual property rights or reputational harm. If we are unable to comply with these laws and regulations or manage the complexity of global operations and supporting an international user base successfully, our business, prospects, financial condition and results of operations could be materially and adversely affected. In addition, since we operate on a global basis, political, economic and security conditions in countries in which we operate or have users may limit our ability to provide our services. Specifically, the potential conflict between Russia and Ukraine may affect our business and operations in those regions.

A regional or global health pandemic, depending upon its duration and severity, could have a material adverse effect on our business. For example, the COVID-19 pandemic has had numerous effects on the global economy and governmental authorities around the world have implemented measures to reduce the spread of COVID-19. These measures, including shutdowns and “shelter-in-place” orders suggested or mandated by governmental authorities or otherwise elected by companies as a preventive measure, have adversely affected workforces, customers, consumer sentiment, economies and financial markets, and, along with decreased consumer spending, have led to an economic downturn in many of our markets. As a result of the COVID-19 pandemic, we have transitioned many of our employees into a hybrid model, where employees are working remotely for part of the week, and lately, due to widespread infections, many of our employees transitioned to working remotely on a full time basis. The transition has had little impact on our employee productivity and has not caused any interruption to our business. Due to the uncertainty of COVID-19, we will continue to assess the situation, including abiding by any government-imposed restrictions, market by market. As many of our personnel are working remotely, it is possible that this could have a negative impact on the execution of our business plans and operations. If a natural disaster, power outage, connectivity issue, or other event occurred that impacted our employees’ ability to work remotely, it may be difficult or, in certain cases, impossible, for us to continue our business for a substantial period of time. The increase in remote working may also result in consumer privacy, IT security and fraud concerns, heighten the risk of cyber incidents, as well as increase our exposure to potential wage and hour issues. Recently, organizations worldwide, including governments and commercial enterprises, have seen an increase in cyber-attacks, such as phishing and ransomware attacks, by bad actors taking advantage of the pandemic and remote workforces. Our own systems and the systems of third parties that we work with are subject to such increased threats. We are unable to accurately predict the impact that COVID-19 will have on our operations going forward due to uncertainties that will be dictated by the length of time that the pandemic and related disruptions continue, the impact of governmental regulations that might be imposed in response to the pandemic and overall changes in consumer behavior. Numerous state and local jurisdictions have imposed, and others in the future may impose, “shelter-in- place” orders, quarantines, executive orders and similar government orders and restrictions for their residents to control the spread of COVID-19. For example, Israel, federal and state governments in the United States, the United Kingdom and Germany are continuing to impose limitations on gatherings, social distancing measures and restrictions on movement. Such orders or restrictions have and are continuing to result in temporary slowdowns and delays, travel restrictions and cancellation of events, among other effects, any of which may negatively impact workforces, customers, consumer sentiment and the economies in many of our markets, and as a result, may adversely affect our operations. At this point in time, there is significant uncertainty relating to the potential effect of COVID-19 on our business and our business partners, including but not limited, to the size of the labor force, our third parties that collect funds from our buyers, remits payments to our sellers and holds funds in connection with user balances, our payment processors and our disbursement partners. As infections may continue to become more widespread, we could experience a severe negative impact on our business, financial condition and results of operations. Specifically, the COVID-19 pandemic may lead to a global economic downturn and could affect the need or the cadence of need of our buyers to purchase digital services, which could lead to decreased demand across all of our services. A downturn could also have a material adverse impact on our business partners’ stability and financial strength. The COVID-19 pandemic could also have a material impact on the global unemployment rate which could affect the need for our sellers to sell digital services on our platform. Given the uncertainties associated with COVID-19, it is difficult to fully predict the magnitude of potential effects on our business, and our business partners, financial condition and results of operations. To the extent the COVID-19 pandemic adversely affects our business and financial results, it may also have the effect of heightening many of the other risks described in this “Risk factors” section.

We maintain substantial balances of liquid investments, for purposes of financing our operations and acquisitions. Our marketable securities totaled $435.7 million as of December 31, 2021. The performance of the capital markets affects the values of funds that are held in marketable securities. These assets are subject to market fluctuations and various developments, including, without limitation, rating agency downgrades that may impair their value. We generally buy and hold our portfolio positions, while minimizing credit risk by setting limits for minimum credit rating and maximum concentration per issuer. Our investments consist primarily of government and corporate debentures, which are primarily fixed-income securities. Although we believe that we generally adhere to conservative investment guidelines, the continuing turmoil in the financial markets, due to the uncertainties related to the development of COVID-19, may result in impairments of the carrying value of our investment assets. In addition, as our investment portfolio is invested primarily in fixed-income securities it is affected by changes in interest rates. Interest rates are highly sensitive to many factors, including governmental monetary policies and domestic and international economic and political conditions. Any significant decline in our financial income or the value of our investments as a result of the changes in interest rates and interest rate expectations of the financial markets, deterioration in the credit rating of the securities in which we have invested, or general market conditions, could have an adverse effect on our results of operations and financial condition. We classify our investments as available-for-sale. Changes in the fair value of investments classified as available-for-sale are not recognized as income during the period, but rather are recognized as other comprehensive income, or OCI, which is a separate component of equity until realized. Realized losses in our investments portfolio may adversely affect our financial position and results.