Kellanova (K) Risk Analysis

Selling food products involves a number of legal, regulatory and other risks, including product contamination, foreign objects, food-borne illnesses, spoilage, product tampering, allergens, or other adulteration, which could result in product liability claims. We may need to recall some of our products if they become adulterated or misbranded. We may also be liable if the consumption of any of our products causes injury, illness or death. A widespread product recall or market withdrawal could result in significant losses due to their costs, the destruction of product inventory, and lost sales due to the unavailability of product for a period of time. We could also suffer losses from a significant product liability or consumer fraud judgment against us. In addition, we could be the target of claims that our advertising is false or deceptive under U.S. federal and state laws as well as foreign laws, including federal and state consumer protection statutes. Allegations of consumer fraud may result in fines, settlements and litigation expenses. A significant product recall, product liability or consumer fraud case could also result in adverse publicity, damage to our reputation, and a loss of consumer confidence in our food products, which could have a material adverse effect on our business results and the value of our brands. Moreover, even if a product liability or consumer fraud claim is meritless, does not prevail or is not pursued, the negative publicity surrounding assertions against our company and our products or processes could adversely affect our reputation or brands. We could also be adversely affected if consumers lose confidence in the safety and quality of certain food products or ingredients, or the food safety system generally. If another company recalls or experiences negative publicity related to a product in a category in which we compete, consumers might reduce their overall consumption of products in this category. Adverse publicity about these types of concerns, whether or not valid, may discourage consumers from buying our products or cause production and delivery disruptions.

We hold assets and incur liabilities, earn revenue and pay expenses in a variety of currencies other than the U.S. dollar, including the euro, British pound, Australian dollar, Canadian dollar, Mexican peso, Brazilian real, and Nigerian Naira. Because our consolidated financial statements are presented in U.S. dollars, we must translate our assets, liabilities, revenue and expenses into U.S. dollars at then-applicable exchange rates and face exposure to adverse movements in foreign currency exchange rates. For example, during the second quarter of 2023, the Nigerian government removed certain currency restrictions over the Nigerian Naira leading to a significant decline in the exchange rate of the Naira to the U.S. dollar on the official market in Nigeria, with elevated inflation rates continuing. As a result of this decline in the exchange rate, the U.S. dollar value of the assets, liabilities, expenses and revenues of our Nigerian business in our consolidated financial statements decreased significantly compared to prior periods. In the fourth quarter of 2024, we determined that Nigeria is considered a highly inflationary economy for US GAAP purposes.

We face competition across our product lines, including snacks, ready-to-eat cereals and other convenience foods, from other companies that have varying abilities to withstand changes in market conditions. The principal aspects of our business where we face competition include brand recognition, taste, nutritional value, price, promotion, innovation, shelf space, navigating the growing e-commerce marketplace, convenient ordering and delivery to the consumer and customer service. Most of our competitors have substantial financial, marketing, sales and other resources, and some of our competitors may spend more aggressively on advertising and promotional activities than we do. Our competition with other companies in our various markets and product lines could cause us to reduce prices, increase capital, marketing or other expenditures, or lose category share, any of which could have a material adverse effect on our business and financial results. Our ability to compete also depends upon our ability to predict, identify, and interpret the tastes and dietary habits of consumers and to offer products that appeal to those preferences. For example, certain weight loss drugs, which may suppress a person's appetite, may cause competition in our product categories to increase, if consumers reduce purchases of certain types of foods or of food products altogether. There are inherent marketplace risks associated with new product or packaging introductions, including uncertainties about trade and consumer acceptance. If we do not succeed in offering products that consumers want to buy, our sales and market share will decrease, resulting in reduced profitability. If we are unable to accurately predict which shifts in consumer preferences will be long-lasting, or are unable to introduce new and improved products to satisfy those preferences, our sales will decline. In addition, given the variety of backgrounds and identities of consumers in our consumer base, we must offer a sufficient array of products to satisfy the broad spectrum of consumer preferences. Further, if the Company does not innovate and successfully respond to shifting consumer demands, our business may suffer. Successful innovation depends on our ability to correctly anticipate customer and consumer acceptance and respond successfully to technological advances by and intellectual property rights of our competitors, and failure to do so could compromise our competitive position and impact our product sales, financial condition, and operating results. In some cases, our competitors may be able to respond to changing business and economic conditions or consumer preferences more quickly than us. Category share and growth could also be adversely impacted if we are not successful in introducing new products, anticipating changes in consumer preferences with respect to dietary trends or purchasing behaviors or in effectively assessing, changing and setting proper pricing. In addition, in nearly all of our product categories, we compete against branded products as well as private label products. Our products must provide higher value and/or quality to our consumers than alternatives, particularly during periods of economic uncertainty. Consumers may not buy our products if relative differences in value and/or quality between our products and private label products change in favor of competitors' products or if consumers perceive this type of change. If consumers prefer private label products, which are typically sold at lower prices, then we could lose category share or sales volumes or shift our product mix to lower margin offerings, which could have a material effect on our business and consolidated financial position and on the consolidated results of our operations and profitability. Further, our ability to compete may be limited by an inability to secure new retailers or maintain or add shelf and/or retail space for our products. There can be no assurance that retailers will provide sufficient, or any, shelf space, nor that online retailers will provide online access to, or adequate product visibility on, their platform. Unattractive placement or pricing may put our products at a disadvantage compared to those of our competitors. Even if we obtain shelf space or preferable shelf placement, our new and existing products may fail to achieve the sales expectations set by our retailers, potentially causing these retailers to remove our products from their shelves.

We have a number of iconic brands with significant value. Promoting and protecting the value of these brands is critical to the success of our business. Brand value is primarily based on consumer perceptions. Successful promotions and brand value enhancement depends in large part on our ability to provide high-quality products. Brand value could diminish significantly due to a number of factors, including consumer perception that we, or any of our employees or agents, have acted in an irresponsible manner, adverse publicity about our labor relations (whether or not valid), our products (whether or not valid), sponsorship or endorsement relationships (whether or not valid), our failure to maintain the quality of our products, the failure of our products or promotions to deliver consistently positive consumer experiences, the products becoming unavailable to consumers, or the failure to meet the nutrition expectations of our products or particular ingredients in our products (whether or not valid), including the perception of healthfulness of our products or their ingredients. In addition, due to our varied and geographically diverse consumer base, we must be responsive to local consumers, including when and how consumers consume food products and their desire for premium or value offerings and whether to provide an array of products that satisfy the broad spectrum of consumer preferences. Accordingly, we might fail to anticipate consumer preferences with respect to dietary trends or purchasing behaviors, invest sufficiently in maintaining, extending and expanding our brand image or achieve the desired effects of our marketing efforts or use data-driven marketing and advertising to reach consumers at the right time with the right message. The growing use of social and digital media platforms by consumers, Kellanova and third parties increases the speed and extent that information or misinformation and opinions can be shared. Negative posts or comments about Kellanova, our brands, our products, our labor relations or any of our employees or agents on social or digital media platforms could seriously damage our brands, reputation and brand loyalty, regardless of the information's accuracy. Placement of our advertisements in digital media may also result in damage to our brands if the media itself experiences negative publicity itself. The harm may be immediate, and we may not be afforded an opportunity for redress or correction. Brand recognition and loyalty can also be impacted by the effectiveness of our advertising campaigns, marketing programs, influencers and sponsorships, as well as our use of social media. If we do not maintain the favorable perception of our brands, our results could be negatively impacted.

There are a number of trends in consumer preferences which may impact us and the industry as a whole. These include changing consumer dietary trends and consumer concerns regarding the health effects of ingredients such as sodium, trans fats, genetically modified organisms, sugar, or other product ingredients or attributes, or a shift in consumer demand away from processed foods, and the availability of substitute products. Our success is dependent on anticipating changes in consumer preferences and on successful new product and process development and product relaunches in response to such changes. Trends within the food industry change often, and failure to identify and react to changes in these trends could lead to, among other things, reduced loyalty, reduced demand and price reductions for our brands and products. Additionally, certain weight loss drugs, which may suppress a person's appetite, may impact demand for our products. We aim to introduce products or new or improved production processes on a timely basis in order to counteract obsolescence and decreases in sales of existing products. While we devote significant focus to the development of new products and to the research, development and technology process functions of our business, we may not be successful in developing new products or our new products may not be commercially successful. In addition, if sales generated by new products cause a decline in sales of the Company's existing products, the Company's financial condition and results of operations could be materially adversely affected. Our future results and our ability to maintain or improve our competitive position will depend on our capacity to gauge the direction of our key markets and upon our ability to successfully identify, develop, manufacture, market and sell new or improved products in these changing markets, including through the expansion into complementary product categories.

Our intellectual property rights are a significant and valuable aspect of our business and include trademarks, patents, trade secrets, and copyrights owned or licensed under certain licensing agreements. We attempt to protect these intellectual property rights using the appropriate laws and agreements including licenses, development agreements, nondisclosure agreements, and assignments. We also police third party misuses of our intellectual property in traditional retail and digital environments. Our failure to obtain or adequately protect our intellectual property rights may diminish our competitiveness and could materially harm our business. Similarly, changes in applicable laws or other changes that serve to lessen or remove the current legal protections of our intellectual property, may also diminish our competitiveness and could materially harm our business. We may be unaware of intellectual property rights of others that may cover some of our technology, brands or products or operations. In addition, if, in the course of developing new products or improving the quality of existing products, we are found to have infringed the intellectual property rights of others, directly or indirectly, such finding could have an adverse impact on our business, financial condition or results of operations and may limit our ability to introduce new products or improve the quality of existing products. Any litigation regarding intellectual property rights could be costly and time-consuming and could divert the attention of our management and key personnel from our business operations. Third party claims of intellectual property infringement might also require us to enter into costly license agreements. We also may be subject to significant damages or injunctions against development and sale of certain products.

We increasingly rely on information technology systems and third-party service providers, including through the internet, to process, transmit, and store electronic information. For example, our production and distribution facilities and inventory management utilize information technology to increase efficiencies and limit costs. Information technology systems are also integral to the reporting of our results of operations. Furthermore, a significant portion of the communications between, and storage of personal information of, our personnel, customers, consumers and suppliers depends on information technology. Our information technology systems, and the systems of the parties we communicate and collaborate with, may be vulnerable to a variety of interruptions, such as a result of our employees working remotely, the updating of our enterprise platform or due to events beyond our or their control, including, but not limited to, network or hardware failures, malicious or disruptive software, unintentional or malicious actions of employees or contractors, cyberattacks by common hackers, criminal groups or nation-state organizations or social-activist (hacktivist) organizations, geopolitical events, natural disasters, a pandemic illness, failures or impairments of telecommunications networks, or other catastrophic events. Moreover, our computer systems have been, and will likely continue to be subjected to computer viruses, malware, ransomware or other malicious codes, social engineering attacks, unauthorized access attempts, password theft, physical breaches, employee or inside error, malfeasance and cyber- or phishing-attacks. Cyber threats are constantly evolving, are becoming more sophisticated and are being made by groups and individuals with a wide range of expertise and motives, and this increases the difficulty of detecting and successfully defending against them. While we have implemented physical, administrative, and technical controls and taken other preventive actions, such as the maintenance of an information security program that includes updating our technology and security policies, insurance, employee training, and monitoring and routinely testing our information technology systems to reduce the risk of cyber incidents and protect our information technology; however, these measures may be insufficient to prevent physical and electronic break-ins, cyber-attacks or other security breaches to our computer systems. Further, the Company (or third parties it relies on) may not be able to fully, continuously, and effectively implement security controls as intended. We utilize a risk-based approach and judgment to determine the security controls to implement and it is possible we may not implement appropriate controls if we do not recognize or underestimate a particular risk. In addition, security controls, no matter how well designed or implemented, may only mitigate and not fully eliminate risks. Moreover, events detected by security tools or third parties may not always be immediately understood or acted upon. These events could compromise our confidential information, impede or interrupt our business operations, and may result in other negative consequences, including remediation costs, loss of revenue, litigation and reputational damage. If a security incident, breach or other breakdown results in disclosure of confidential or personal information, we may suffer reputational, competitive and/or business harm. To date, we have not experienced a material breach of cyber security. For more information regarding the Company's cybersecurity activities, see Item 1C of this Annual Report on Form 10-K. The Company offers promotions, rebates, customer loyalty and other programs through which it may receive personal information, and it or its vendors could experience cyber incidents, security incidents, privacy breaches, data breaches, security breaches or other incidents that result in unauthorized disclosure of consumer, customer, employee or Company information. The Company must also successfully integrate the technology systems of acquired companies into the Company's existing and future technology systems. In addition, we must comply with increasingly complex and rigorous regulatory standards enacted to protect business and personal information in the United States and other jurisdictions regarding privacy, data protection, and data security, including those related to the collection, storage, handling, use, disclosure, transfer, and security of personal information. There continues to be significant uncertainty with respect to compliance with such privacy and data protection laws and regulations, including with respect to the European Union General Data Protection Regulation (the "GDPR") and the California Consumer Privacy Act of 2018 (the "CCPA") and the California Privacy Rights Act because these laws are continuously evolving and developing and may be interpreted and applied differently from jurisdiction to jurisdiction and may create inconsistent or conflicting requirements. In the United States, several other states have introduced or passed similar privacy legislation, which may impose varying standards and requirements on our data collection, use and processing activities. Our efforts to comply with privacy and data protection laws, including the GDPR, CCPA and CPRA, may impose significant costs and challenges that are likely to increase over time. If the Company suffers a loss as a result of a breach or other breakdown in its technology, including such cyber incidents, security incidents, privacy breaches, data breaches, security breaches, issues with or errors in system maintenance or security, migration of applications to the cloud, power outages, hardware or software failures, denial of service, telecommunication or other incident involving one of the Company's vendors, that result in unauthorized disclosure or significant unavailability of business, financial, personal or stakeholder information, the Company may suffer reputational, competitive and/or business harm and may be exposed to legal liability and government investigations, which may adversely affect the Company's results of operations and/or financial condition. The misuse, leakage or falsification of information could result in violations of data privacy laws and the Company may become subject to legal action and increased regulatory oversight. The Company could also be required to spend significant financial and other resources to remedy the damage caused by a security incident or security breach or to repair or replace networks and information systems. In addition, if the Company's suppliers or customers experience such a security incident, security breach or unauthorized disclosure or system failure, their businesses could be disrupted or otherwise negatively affected, which may result in a disruption in the Company's supply chain or reduced customer orders, which would adversely affect the Company's business operations. We have also outsourced several information technology support services and administrative functions to third-party service providers, including cloud-based service providers, and may outsource other functions in the future to achieve cost savings and efficiencies. If these service providers do not perform effectively due to breach or system failure, we may not be able to achieve the expected benefits and our business may be disrupted.