MINISO Group Holding (MNSO) Risk Factors

The retail industry is intensely competitive and has low entry barriers. We compete for consumers, product suppliers and IP licensors. Our current or potential competitors include (i) traditional retailers, including specialty retail stores, supermarkets, and department stores; (ii) online retailers; and (iii) variety retailers competing with us locally. See "Item 4. Information on the Company-B. Business Overview-Competition." In addition, new and enhanced technologies may increase the competition in the retail industry. New competitive business models may appear, for example based on new forms of social media or social commerce. Increased competition may reduce our margins and market share and impact brand recognition, or result in significant losses. Some of our current or future competitors may have more operating experience, greater brand recognition, better supplier relationships, larger consumer bases, higher penetration in certain regions or greater financial, technical or marketing resources than we do. Those smaller companies or new entrants may be acquired by, receive investment from or enter into strategic relationships with well-established and well-financed companies or investors which would help enhance their competitive positions. Some of our competitors may be able to secure more favorable terms from suppliers, devote greater resources to marketing and promotional campaigns, adopt more aggressive pricing or inventory policies and devote substantially more resources to their websites, mobile apps and systems development than us. We cannot assure you that we will be able to compete successfully against current or future competitors, and competitive pressures may have a material and adverse effect on our business, financial condition and results of operations.

Products that we sell could become subject to contamination, product tampering, mislabeling, recall or other damage. Products that we sell could also lead to personal injuries. Product liability or personal injury claims may be asserted against us with respect to any of the products we sell. A successful product liability claim against us could require us to pay a substantial monetary award and the coverage limits under our insurance programs and the indemnification amounts available to us may not be adequate to protect us against these claims. We may also not be able to maintain insurance against such claims on acceptable terms in the future. Our agreements with our suppliers generally require our suppliers to deposit certain amount of money in our bank accounts to ensure their compliance with the agreements with us and compensate us for any losses we may incur as a result of product defects. However, such limited amounts may not be sufficient to cover our losses arising from product liability issues. Although we may seek indemnification or contribution from our suppliers in certain circumstances, we cannot assure you that we will be able to receive indemnification or contribution in full in a timely manner, or at all. In addition, the PRC government, media outlets and public advocacy groups have been increasingly focused on consumer protection in recent years. The products sold by us may be defectively designed, manufactured or of quality issue, or cause harm and adverse effect to the health of our customers. The offerings of such products by us may expose us to liabilities associated with consumer protection laws. Pursuant to the Consumers Rights and Interests Protection Law of the PRC, or the Consumers Rights and Interests Protection Law, business operators must guarantee that the commodities they sell satisfy the requirements for personal safety, provide consumers with authentic information about the commodities, and guarantee the quality, function, usage and term of validity of the commodities. Failure to comply with the Consumer Rights and Interests Protection Law may subject business operators to civil liabilities such as refunding purchase prices, replacement of commodities, repairing, ceasing damages, compensation, and restoring reputation, and even subject the business operators or to criminal penalties when personal damages are involved or if the circumstances are severe. Although we would have legal recourse against the supplier or manufacturer of such products under the PRC law if the liabilities are attributable to the supplier or manufacturer, attempting to enforce our rights against the supplier or manufacturer may be expensive, time-consuming and ultimately futile. Moreover, government investigations of or other regulatory measures regarding product quality issues or product liability or personal injury claims, even if unsuccessful or not fully pursued, could generate substantial negative publicity about our products and business, which would have material adverse effects on our reputation, brand, business, prospects and operating results, and these effects could persist over a long term. We have historically initiated voluntary product recalls. In August 2019, Shanghai Food and Drug Administration found that a batch of "peelable nail polish" sold in MINISO stores in Shanghai containing chloroform that exceeded the highest acceptable level under relevant PRC laws. We then voluntarily recalled the product. A total of 980 bottles of nail polish were recalled and returned to the supplier of this batch of product. We did not incur any financial loss in connection with the voluntary product recall because pursuant to the terms of the agreement with the supplier, the supplier is responsible for any losses incurred as a result of product returns arising from product quality issues. We may in the future, voluntarily or involuntarily, initiate product recalls if any of our products is proven to be defective or non-compliant with applicable laws and regulations. Such recalls, whether voluntary or involuntary, could involve significant expenses and could adversely affect our brand image in our target markets, as well as our business, prospects, financial condition and results of operations. Our return and exchange policies allow consumers to return or exchange products they purchased. For example, in China, consumers can return products with defects they purchased within seven days of purchase or exchange products with defects they purchased within 15 days of purchase. In addition, we provide warranties for most of the products we sell, subject to certain conditions, such as warranty only applies to normal use. The length of warranty period varies between different categories of products. For example, in China, we generally provide a warranty term of six months for electronic accessories we sell to consumers. The occurrence of any material defects in our products could make us liable for damages and warranty claims. In addition, we could incur significant costs to correct any defects, warranty claims or other problems, including costs related to product recalls. Any negative publicity related to the perceived quality of our products could affect our brand image, decrease distributor and consumer demand, and adversely affect our operating results and financial condition. While our warranty is limited to repairs and returns, warranty claims may result in litigation, the occurrence of which could adversely affect our business and operating results.

We source our products from third-party suppliers. As of June 30, 2023, we had approximately 1,500 domestic and overseas suppliers. Our suppliers work closely with our designers and product managers in product design and manufacturing so that we can seamlessly provide consumers with ever-changing merchandises across the globe. We strive to establish mutually beneficial relationships with our suppliers. We typically enter into two-year framework agreements with our suppliers and place orders under these framework agreements. These framework agreements are usually renewable upon mutual agreement between us and our suppliers. We cannot assure you that our current suppliers will continue to sell products to us on commercially acceptable terms, or at all, after the expiration of the current agreements. Even if we maintain good relationships with our suppliers, their ability to supply products to us in sufficient quantity, in a timely manner and at competitive prices may be adversely affected by economic conditions, labor actions, regulatory or legal decisions, customs and import restrictions, natural disasters or other causes. For example, the outbreak of COVID-19 in China in early 2020 resulted in temporary business closures of certain of our suppliers and tight liquidity of a few of our suppliers, which led to delays in supplying products to our stores. As the COVID-19 pandemic is still evolving, we cannot assure you that product supply delays would not happen again. In addition, in the event that we are not able to purchase a sufficient quantity of merchandise at favorable prices, our revenues and cost of revenues may be materially and adversely affected. We require our suppliers to comply with confidentiality provisions in our agreements with them to protect our interest. However, we cannot assure you that our suppliers will fully comply with these requirements. Failure to comply with such obligations may lead to a leakage of confidential information that is critical to our product design and business operations or otherwise harm our competitive positions and business operations. Our suppliers typically provide us a payment term of 30 to 60 days. If our suppliers cease to provide us with favorable payment terms, our requirements for working capital may increase and our operations may be materially and adversely affected. We will also need to establish new supplier relationships to ensure that we have access to a steady supply of products on favorable commercial terms. If we are unable to develop and maintain good relationships with suppliers that would allow us to obtain a sufficient amount and variety of quality merchandise on acceptable commercial terms, it may inhibit our ability to offer sufficient products sought by consumers, or to offer these products at competitive prices. Any adverse developments in our relationships with suppliers could materially and adversely affect our business and growth prospects. Any disputes with suppliers could adversely affect our reputation and subject us to damages and negative publicity. Furthermore, we purchased products on an arm's length basis from related-party suppliers and may continue to do so in the future. We cannot rule out the possibility that there will be other parties alleging that these transactions were not conducted on an arm's length basis. In addition, as part of our growth strategy, we plan to further expand our product offerings. If we fail to manage our relationship with existing suppliers and attract new suppliers to cooperate with us for any reason, our business and growth prospects may be materially and adversely affected. In addition, our agreements with suppliers have various provisions on other topics such as employment and workplace safety. However, we do not have direct control over our suppliers or other business partners. Any non-compliance with these provisions by the suppliers could result in negative publicity against us, which could materially and adversely affect our reputation, brand image, business operations and results of operations.

Our business and financial performance have been adversely affected by the outbreaks of COVID-19. During the fiscal year ended June 30, 2023, our business operations have been gradually recovering from the COVID-19 pandemic. In our home market, China began to modify its zero-COVID policy at the end of 2022, and most of the travel restrictions and quarantine requirements were lifted in December. There were surges of cases in many cities during this time which caused disruption to our and our suppliers' operations. However, we also witnessed a reduce in confirmed cases and a general recovery from the pandemic since January 2023. As we gradually recovered from the pandemic during the fiscal year ended June 30, 2023, our revenue generated from overseas markets increased by 44.6% from RMB2,643.5 million in the fiscal year ended June 30, 2022 to RMB3,822.4 million (US$527.1 million) in the fiscal year ended June 30, 2023. In China, we also realize a growth in revenue of 2.8% from RMB7,442.2 million in the fiscal year ended June 30, 2022 to RMB7,650.8 million (US$1,055.1 million) in the fiscal year ended June 30, 2023. However, there are still uncertainties with respect to future development of the COVID-19 pandemic. The extent to which the pandemic impacts our results of operations going forward will depend on future development of the pandemic, which are highly uncertain and unpredictable, including the frequency, duration and extent of outbreaks of COVID-19, the appearance of new variants with different characteristics, the effectiveness of efforts to contain or treat cases, and future actions that may be taken in response to these developments. We may also have to adopt measures in response to the negative impact of the COVID-19 pandemic in the future, including sales promotions. These measures, if adopted, would have negative impacts on our gross profit margin for the sales of products. Our MINISO Retail Partners are also affected by the COVID-19 pandemic. Our MINISO Retail Partners in China experienced a longer time to recover their store investment after store opening. There are still uncertainties with respect to future development of the COVID-19 pandemic. We cannot assure you that the continual impact of the pandemic and the control measures taken in response would not cause further prolonged investment recovery period for our MINISO Retail Partners. The COVID-19 pandemic also negatively affected our supply chain such as manufacturing, warehousing and shipping of our products. See "-We are subject to certain risks relating to the warehousing and shipment of our products" and "-We rely on third-party suppliers to provide products to us. If we fail to manage or expand our relationships with third-party suppliers, or otherwise fail to procure products on favorable terms, our business and growth prospects may suffer" for more information. In addition, our inventory level was also negatively affected. See "-If we fail to manage our inventory effectively, our results of operations, financial condition and liquidity may be materially and adversely affected" for more information. In addition to the impact of COVID-19, natural disasters, such as fires, earthquakes, hurricanes, floods, tornadoes, unusual weather conditions, power outages, other pandemic outbreaks, terrorist acts or disruptive global political events, or similar disruptions could materially adversely affect our business and financial performance. Uncharacteristic or significant weather conditions can affect consumer shopping patterns, which could lead to lost sales or greater than expected markdowns and materially adversely affect our results of operations. These events could result in server interruptions, breakdowns, system failures, technology platform failures or internet failures, which could cause the loss or corruption of data or malfunctions of software or hardware as well as adversely affect our ability to operate our platforms and sell our products. These events could also result in increases in fuel (or other energy) prices or a fuel shortage, delays in opening new stores, the temporary lack of an adequate work force in a market, the temporary or long-term disruption in the supply of products from some domestic and overseas suppliers, the temporary disruption in the transport of goods to overseas, delay or increased transportation costs in the delivery of goods to our warehouses or stores, the inability of consumers to reach or have transportation to stores directly affected by such events, the temporary reduction in the availability of products in stores and disruption of our utility services or to our information systems. These events also can have indirect consequences such as increases in the costs of insurance if they result in significant loss of property or other insurable damage. To the extent these events result in the closure of one or more of stores or our administrative offices or impact one or more of our key suppliers, our operations and financial performance could be materially adversely affected. Our headquarters is located in Guangzhou, where most of our directors and management and the majority of our employees currently reside. Most of our system hardware and back-up systems are hosted in facilities located in Guangzhou. Consequently, if any natural disasters, health epidemics or other public safety concerns were to affect Guangzhou, our operation may experience material disruptions, which may materially and adversely affect our business, financial condition and results of operations.

The protection of consumer, employee, supplier, MINISO Retail Partner, local distributors and company data is critical to our business. A significant breach of consumer, employee, supplier, MINISO Retail Partner, local distributor or company data could attract a substantial amount of media attention, damage our relationships with consumers and our reputation and result in lost sales, fines or lawsuits. Throughout our operations, we receive, retain and transmit certain personal information that consumers provide to purchase products or services, enroll in promotional programs, participate in our membership program, or otherwise communicate and interact with us. During such information collection process, we take necessary steps and strive to comply with relevant PRC laws and regulations with respect to privacy and personal data protection. If we fail to fully comply with applicable privacy, data security and personal information protection laws, regulations, policies or other requirements, we may be subject to civil or regulatory liabilities or challenged for a potential infringement which may subject us to significant legal, financial and operational consequences. In March 2021, two MINISO stores owned and operated by MINISO Retail Partners were investigated by the relevant local government authorities and a fine of RMB200,000 was subsequently imposed on each store, for their unlawful collection of customer information by using cameras for face recognition purpose. Those penalties were fully settled by these MINISO Retail Partners in June 2021. To our knowledge, those two stores have removed the cameras for face recognition purpose following the investigation. We cannot assure you that all stores operated under our brands would be able to fully comply with applicable laws regulating privacy, data security and personal information protection or other statutory requirements at all times. If any of these stores fails to do so, it could harm our reputation and expose us to regulatory actions or claims from third parties, all of which could materially and adversely affect our business, financial position and results of operations. In addition, such failure could incur extra costs for us and possibly disrupt our business. In addition, certain aspects of our operations depend upon the secure transmission of confidential information over public networks. Although we deploy a layered approach to address information security threats and vulnerabilities designed to protect confidential information against data security breaches, a compromise of our data security systems or of those of businesses with whom we interact, which results in confidential information being accessed, obtained, damaged or used by unauthorized or improper persons, could harm our reputation and expose us to regulatory actions and claims from consumers, financial institutions, payment card associations and other persons, any of which could materially and adversely affect our business, financial position and results of operations. In addition, a security breach could require that we expend substantial additional resources related to the security of information systems and disrupt our business. As we implement our e-commerce initiative, we face heightened risks in the secure storage of personal information or confidential information and its secure transmission over public networks. From time to time, we collect, store and process certain volume of consumers' personal information through our self-operated e-commerce channels to sell our products or provide our services, and we receive information of orders of and payments by consumers through third-party e-commerce channels in the course of our fulfillment of such orders. Online payments for our products are settled through third-party online payment services. We also share certain personal information about consumers with contracted third-party couriers, such as their names, addresses, and phone numbers. In addition, we have accumulated a large volume of data, which cover consumer's browsing and consumption behavior information, product manufacturing and sales information, warehousing and distribution information, consumer service information, among others. Maintaining complete security for the storage and transmission of confidential information on our technology system is essential to maintaining our operating efficiency and consumer confidence as well as complying with the applicable laws and standards. We have adopted security policies and measures to protect our proprietary data and consumer information. However, advances in technology, the expertise of hackers, improper use or sharing of data, new discoveries in the field of cryptography or other events or developments could result in a compromise or breach of the technology that we use to protect confidential information. Our security measures may be undermined due to the actions of outside parties, employee error, malfeasance, or otherwise, and, as a result, an unauthorized party may obtain access to our data systems and misappropriate business and personal information. Because the techniques used to obtain unauthorized access, disable or degrade service, or sabotage systems change frequently and may not immediately produce signs of intrusion, we may be unable to anticipate these techniques or to implement adequate preventative measures. Any such breach or unauthorized access could result in significant legal and financial exposure, damage to our reputation, and potentially have an adverse effect on our business. The regulatory environment surrounding information security and privacy is increasingly demanding, and it frequently imposes new and changing requirements. In China, the PRC Constitution, the PRC Criminal Law, the PRC Civil Code, the PRC Data Security Law and the PRC Cyber Security Law protect individual privacy in general, which require certain authorization or consent from Internet users prior to collection, use or disclosure of their personal data and also protection of the security of the personal data of such users. On June 10, 2021, Standing Committee of the PRC National People's Congress published the Data Security Law of the PRC, effective on September 1, 2021, which lays out the lawful methods and security requirements by which entities or individuals may collect and process data. Moreover, the PRC Data Security Law provides a national data security review system, under which data processing activities that affect or may affect national security shall be reviewed, but it does not set forth details on how the data security review will be implemented. Any organizational or individual data processing activities that violate the PRC Data Security Law shall bear the corresponding civil, administrative or criminal liabilities depending on specific circumstances. In early July 2021, regulatory authorities in China launched cybersecurity investigations in several China-based companies that are listed in the United States. Subsequently, on November 14, 2021, the Cyberspace Administration of China, or the CAC, issued the Regulations on the Administration of Cyber Data Security (Draft for Comments), or the Draft Data Security Regulations, for public comments pursuant to which data processors carrying out the following activities must, in accordance with the relevant national regulations, apply for a cybersecurity review: (i) the merger, reorganization or spin-off of internet platform operators that possess a large number of data resources related to national security, economic development and public interests that affect or may affect national security; (ii) listing in a foreign country by data processors that process the personal information of more than one million users; (iii) listing in Hong Kong of data processors that affect or may affect national security; and (iv) other data processing activities that affect or may affect national security. The scope of and threshold for determining what "affects or may affect national security" is still subject to uncertainty and further elaboration by the CAC. On December 28, 2021, the CAC and other twelve PRC regulatory authorities jointly issued the Cybersecurity Review Measures, which require that (i) any procurement of network products and services by critical information infrastructure operators, which affects or may affect national security, or (ii) any data processing activities by network platform operators, which affect or may affect national security, or (iii) any network platform operator which has personal information of more than one million users and is going to be listed in a foreign country, shall be subject to cybersecurity review. Since the measures are relatively new, there exists uncertainties with respect to their interpretation and implementation. In anticipation of the strengthened implementation of cybersecurity laws and regulations and the continued expansion of our business, we cannot rule out the possibility that we may be deemed to be a "critical information infrastructure operator" or a "network platform operator" that affects or may affect national security under the Cybersecurity Review Measures. If that were to happen, we would be required to follow cybersecurity review procedures. In addition to laws, regulations and other applicable rules regarding data privacy and cybersecurity, industry associations may propose new and different privacy standards. See "Item 4. Information on the Company-B. Business Overview-Regulations." There have also been other significant developments in the PRC regulatory and enforcement regime regarding cybersecurity, information security, privacy and data protection. On July 6, 2021, the General Office of the CPC Central Committee and the General Office of the State Council jointly promulgated the Opinions on Strictly Cracking Down on Illegal Securities Activities in Accordance with the Law, which emphasized the need to strengthen cross-border regulatory collaboration and to improve relevant laws and regulations on data security, cross-border data transmission, and confidential information management, and provided that efforts will be made to amend the regulations on strengthening the confidentiality and file management framework relating to the offering and listing of securities overseas, to enforce the responsibility of overseas listed companies with respect to information security, and to strengthen and standardize the management of cross-border information transmission mechanisms and procedures. In addition, on August 20, 2021, the SCNPC promulgated the Personal Information Protection Law, which integrates the scattered rules with respect to personal information rights and privacy protection and took effect in November 2021. The Personal Information Protection Law aims at protecting the personal information rights and interests, regulating the processing of personal information, ensuring the orderly and free flow of personal information in accordance with the law and promoting the reasonable use of personal information. The Personal Information Protection Law applies to the processing of personal information within China, as well as certain personal information processing activities outside China, including those for the provision of products and services to individuals within China or for the analysis and assessment of acts of individuals within China. Processors processing personal information exceeding the threshold to be set by the relevant authorities and operators of critical information infrastructure are required to store, within the PRC territory, all personal information collected and produced within the PRC. These laws and regulations are relatively new, and there remain uncertainties with respect to their interpretation and implementation. In addition, additional laws or regulations on this subject matter may be promulgated in the future which may in turn impose further requirements on us. We are constantly in the process of evaluating the potential impact of the PRC Cyber Security Law, the Data Security Law, the Personal Information Protection Law and other laws, regulations and policies relating to cybersecurity, privacy, data protection and information security on our current business practices. All these laws and regulations may result in additional expenses and obligations to us and subject us to negative publicity, which could harm our reputation and negatively affect the trading price of the ADSs. We expect that these areas will receive greater public scrutiny and attention from regulators and more frequent and rigid investigation or review by regulators, which may increase our compliance costs and subject us to heightened risks and challenges. Despite our efforts to comply with applicable laws, regulations and other obligations relating to cybersecurity, privacy, data protection and information security, it is possible that our practices, offerings or services could fail to meet all of the requirements imposed on us by such laws, regulations or obligations. We have not experienced any material breaches of any of our cybersecurity measures and we have not been subject to any penalties, fines, suspensions, or investigations from the CAC. However, as uncertainties remain with respect to the interpretation and implementation of these laws, regulations and policies regarding cybersecurity, privacy, data protection and information security and how these laws, regulations and policies will be implemented in practice, we cannot assure you that we will comply with such laws, regulations and policies and we may be ordered to rectify or terminate any actions that are deemed illegal by regulatory authorities. Any failure or perceived failure to comply with these laws, regulations or policy may result in inquiries and other proceedings or actions against us by governmental authorities, users, consumers or others, such as warnings, fines, penalties, required rectifications, service suspension or removal of mobile apps from the relevant app stores and/or other sanctions, as well as negative publicity and damage to our reputation, which could cause us to lose customers and business partners and have an adverse effect on our business and results of operations. As we implement our e-commerce initiative and promote our loyalty programs in overseas market, we may become subject to new laws and regulations applying to the solicitation, collection, processing or use of personal or consumer information that could affect how we store, process and share data with consumers, suppliers and other third parties. For example, in May 2018 the European Union's new regulation governing data practices and privacy called the General Data Protection Regulation, or the GDPR, became effective and substantially replaced the data protection laws of the individual European Union member states. The law requires companies to meet more stringent requirements regarding the handling of personal data of individuals in the EU than were required under predecessor EU requirements. In the United Kingdom, a Data Protection Bill that substantially implements the GDPR also became law in May 2018. The law also increases the penalties for non-compliance, which may result in monetary penalties of up to 20.0 million Euros or 4% of a company's worldwide turnover, whichever is higher. In the United States, various federal, state and foreign legislative and regulatory bodies, or self-regulatory organizations, may expand current laws or regulations, enact new laws or regulations or issue revised rules or guidance regarding privacy, data protection, information security. For example, California recently enacted the California Consumer Privacy Act, which, among other things, requires new disclosures to California consumers and afford such consumers new abilities to opt out of certain sales of personal information. Outside of the European Union and the U.S., many countries and territories have laws, regulations, or other requirements relating to privacy, data protection, information security, and consumer protection, and new countries and territories are adopting such legislation or other obligations with increasing frequency. Compliance with changes in privacy and information security laws and standards may result in significant expense due to increased investment in technology and the development of new operational processes. If we or those with whom we share information fail to comply with these laws and regulations or experience a data security breach, our reputation could be damaged and we could be subject to additional litigation and regulatory risks.