Matterport (MTTR) Risk Factors

We are subject to various employment-related laws in the jurisdictions in which our employees are based. We face risks if we fail to comply with applicable United States federal or state employment laws, or employment laws applicable to our employees outside of the United States. In addition, we implemented a reduction in force and furloughed employees in 2020, and the attendant layoffs and/or furloughs could create an additional risk of claims being made on behalf of affected employees. Any violation of applicable wage laws or other employment-related laws could result in complaints by current or former employees, adverse media coverage, investigations, and damages or penalties which could have a materially adverse effect on our reputation, business, operating results and prospects. In addition, responding to any such proceedings may result in a significant diversion of management's attention and resources, significant defense costs, and other professional fees.

We are a U.S. corporation that will be subject to U.S. corporate income tax on our worldwide operations. Moreover, most of our operations and customers are located in the United States, and as a result, we are subject to various U.S. federal, state and local taxes. New U.S. laws and policy relating to taxes may have an adverse effect on our business and future profitability. Further, existing U.S. tax laws, statutes, rules, regulations or ordinances could be interpreted, changed, modified or applied adversely to us.

As part of our normal business activities, we collect, store, retain, process, transmit, and use data, some of which contains personal information. As such, we are subject to various federal, state, and foreign laws and regulations, industry standards, and other legal obligations regarding data privacy and security matters. In addition, these existing laws and regulations are constantly evolving, and new laws and regulations that apply to our business are being introduced at every level of government in the United States, as well as internationally. The legislative and regulatory landscape will be even more complex in 2024 as some countries work to implement laws finalized last year - such as India's Personal Data Protection Law - while others launch or continue discussions around potential privacy legislation. As we seek to expand our business, we are, and may increasingly become subject to various laws, regulations, standards, and regulatory guidance relating to data privacy and security in the jurisdictions in which we operate. Any failure, or perceived failure, by us to comply with any federal or state privacy or security laws, regulations, regulatory guidance, industry standards, or other legal obligations relating to data privacy or security could adversely affect our reputation, results of operations or financial condition, and may result in claims, liabilities, proceedings or actions against us by governmental entities, customers or others. In the United States, there are numerous federal and state data privacy and security laws, rules, and regulations governing the collection, storage, retention, transmission, use, retention, security, transfer, storage, and other processing of personal information, including federal and state data privacy laws, data breach notification laws, and consumer protection laws. For example, the Federal Trade Commission ("FTC") and many state attorneys general are interpreting federal and state consumer protection laws to impose standards for the online collection, use, dissemination, and security of data. Such standards require us to publish statements that describe how we handle personal data and choices individuals may have about the way we handle their personal data. If such information that we publish is considered untrue or inaccurate, we may be subject to government claims of unfair or deceptive trade practices, which could lead to significant liabilities and consequences. Moreover, according to the FTC, violating consumers' privacy rights or failing to take appropriate steps to keep consumers' personal data secure may constitute unfair acts or practices in or affecting commerce in violation of Section 5(a) of the Federal Trade Commission Act. State consumer protection laws provide similar causes of action for unfair or deceptive practices. Some states, such as California and Massachusetts, have passed specific laws mandating reasonable security measures for the handling of consumer data. Further, privacy advocates and industry groups have regularly proposed and sometimes approved, and may propose and approve in the future, self-regulatory standards with which we must legally comply or that contractually apply to us. Our communications with our customers are subject to certain laws and regulations, including the Controlling the Assault of Non-Solicited Pornography and Marketing ("CAN-SPAM") Act of 2003, the Telephone Consumer Protection Act of 1991 (the "TCPA"), and the Telemarketing Sales Rule and analogous state laws, that could expose us to significant damages awards, fines and other penalties that could materially impact our business. For example, the TCPA imposes various consumer consent requirements and other restrictions in connection with certain telemarketing activity and other communication with consumers by phone, fax or text message. The CAN-SPAM Act and the Telemarketing Sales Rule and analogous state laws also impose various restrictions on marketing conducted use of email, telephone, fax or text message. As laws and regulations, including FTC enforcement, rapidly evolve to govern the use of these communications and marketing platforms, the failure by us, our employees or third parties acting at our direction to abide by applicable laws and regulations could adversely impact our business, financial condition and results of operations or subject us to fines or other penalties. In addition, many state legislatures have adopted legislation that regulates how businesses operate online, including measures relating to privacy, data security, and data breaches. Such legislation includes the California Consumer Privacy Act ("CCPA"), which increases privacy rights for California consumers and imposes obligations on companies that process their personal information. Among other things, the CCPA gives California consumers expanded rights related to their personal information, including the right to access and delete their personal information and receive detailed information about how their personal information is used and shared. The CCPA also provides California consumers the right to opt-out of certain sales of personal information and may restrict the use of cookies and similar technologies for advertising purposes. The CCPA prohibits discrimination against individuals who exercise their privacy rights and provides for civil penalties for violations enforceable by the California Attorney General as well as a private right of action for certain data breaches that result in the loss of personal information. This private right of action is expected to increase the likelihood of, and risks associated with, data breach litigation. Additionally, in November 2020, California passed the California Privacy Rights Act (the "CPRA"), which expands the CCPA significantly, including by expanding California consumers' rights with respect to certain personal information and creating a new state agency to oversee implementation and enforcement efforts, potentially resulting in further uncertainty and requiring us to incur additional costs and expenses in an effort to comply. Many of the CPRA's provisions became effective on January 1, 2023. The costs of compliance with, and the other burdens imposed by, these and other laws or regulatory actions may increase our operational costs, and/or result in interruptions or delays in the availability of systems. Other states have enacted similar bills. Four states have passed laws that are now enforceable by such states' Attorney General and/or district attorney. The Virginia Consumer Data Protection Act ("VCDPA") became enforceable on January 1, 2023 and gives consumers rights similar to the CCPA and also requires covered businesses to implement security measures and conduct data protection assessments. The Colorado Privacy Act ( "CPA") became enforceable on July 1, 2023 and closely resembles the VCDPA. The Connecticut Personal Data Privacy and Online Monitoring Act and the Utah Consumer Privacy Act are also now enforceable. Seven other states passed laws in 2023 that will become enforceable 2024, 2025 and 2026 – the Oregon Consumer Privacy Act, the Texas Data Privacy and Security Act, the Montana Consumer Data Protection Act, the Iowa Consumer Data Protection Act, the Tennessee Information Protection Act, the Indiana Consumer Data Protection, and the Delaware Personal Data Privacy Act. We must comply with these state laws if our operations fall within the scope of these laws, which may increase our compliance costs and potential liability. Similar laws have been proposed in other states and at the federal level, reflecting a trend toward more stringent privacy legislation in the United States. This legislation may add additional complexity, variation in requirements, restrictions and potential legal risk, require additional investment in resources to compliance programs, could impact strategies and availability of previously useful data, and could result in increased compliance costs and/or changes in business practices and policies. In addition, some laws may require us to notify governmental authorities and/or affected individuals of data breaches involving certain personal information or other unauthorized or inadvertent access to or disclosure of such information. We may need to notify governmental authorities and affected individuals with respect to such incidents. For example, laws in all 50 U.S. states may require businesses to provide notice to consumers whose personal information has been disclosed as a result of a data breach. These laws are not consistent with each other, and compliance in the event of a widespread data breach may be difficult and costly. On July 26, 2023, the SEC adopted a suite of new cybersecurity disclosure requirements, including a requirement to disclose material cybersecurity incidents within four business days of the Company's determination that the cybersecurity incident is material. We also may be contractually required to notify consumers or other counterparties of a security incident, including a breach. Regardless of our contractual protections, any actual or perceived security incident or breach, or breach of our contractual obligations, could harm our reputation and brand, expose us to potential liability or require us to expend significant resources on data security and in responding to any such actual or perceived breach. In the EEA, we are subject to the General Data Protection Regulation 2016/679 ("GDPR")and in the United Kingdom, we are subject to the United Kingdom data protection regime consisting primarily of the UK General Data Protection Regulation and the UK Data Protection Act 2018. The GDPR, and national supplementing legislation in EEA member states, and the United Kingdom regime, impose a strict data protection compliance regime. For example, we are subject to European Union and United Kingdom rules with respect to cross-border transfers of personal data out of the EEA and the United Kingdom, respectively. Recent legal developments in Europe have created complexity and uncertainty regarding transfers of personal information from the EEA and the United Kingdom to the United States. On July 16, 2020, the Court of Justice of the European Union ("CJEU") invalidated the EU-US Privacy Shield Framework ("Privacy Shield") under which personal information could be transferred from the EEA to US entities who had self-certified under the Privacy Shield scheme. Use of the standard contractual clauses must be assessed on a case-by-case basis taking into account the legal regime applicable in the destination country, in particular applicable surveillance laws and rights of individuals, and additional measures and/or contractual provisions may need to be put in place. The European Commission has published revised standard contractual clauses for data transfers from the EEA: the revised clauses have been mandatory for relevant transfers since September 27, 2021, and in the United Kingdom, the Information Commissioner's Office has published new data transfer standard contracts for transfers from the UK under the UK GDPR, which are mandatory for relevant transfers from September 21, 2022. On July 10, 2023, the EU-US Data Privacy Framework ("DPF"), the successor to Privacy Shield, became effective and the European Commission issued an adequacy decision relating to the DPF. These recent developments mean we have to review and may need to change the legal mechanisms by which we transfer data outside of the European Union and United Kingdom, including to the United States. As supervisory authorities issue further guidance on personal data export mechanisms, we could suffer additional costs, complaints and/or regulatory investigations or fines, and/or if we are otherwise unable to transfer personal data between and among countries and regions in which we operate, it could affect the manner in which we provide our services, and could adversely affect our financial results. We are also subject to evolving EU and UK privacy laws on cookies, tracking technologies and e-marketing. In the EU and the UK under national laws derived from the ePrivacy Directive, informed consent is required for the placement of a cookie or similar technologies on a user's device and for direct electronic marketing to individuals (as opposed to businesses). The current national laws that implement the ePrivacy Directive are highly likely to be replaced across the EU (but not directly in the UK) by an EU regulation known as the ePrivacy Regulation which will significantly increase fines for non-compliance. Recent European court and regulatory decisions, as well as actions by NYOB (a not-for-profit privacy activist group), are driving increased attention to cookies and tracking technologies, and if this continues, this could lead to substantial costs, require significant systems changes, limit the effectiveness of our marketing activities, increase costs and subject us to additional liabilities. We are subject to the supervision of local data protection authorities in the United Kingdom and those EEA jurisdictions where we are established or otherwise subject to the GDPR. Fines for certain breaches of the GDPR and the UK data protection regime are significant: up to the greater of €20 million / £17.5 million or 4 % of total global annual turnover. In addition to the foregoing, a breach of the GDPR or UK GDPR could result in regulatory investigations, reputational damage, orders to cease/ change our processing of our data, enforcement notices, and/ or assessment notices (for a compulsory audit). We may also face civil claims including representative actions and other class action type litigation (where individuals have suffered harm), potentially amounting to significant compensation or damages liabilities, as well as associated costs, diversion of internal resources, and reputational harm. Outside of the US and EU, many countries and territories have laws, regulations, or other requirements relating to privacy, data protection, information security, localized storage of data, and consumer protection, and new countries and territories are adopting such legislation or other obligations with increasing frequency. Many of these laws may require consent from consumers for the use of data for various purposes, including marketing, which may reduce our ability to market our products. There is no harmonized approach to these laws and regulations globally. Consequently, we would increase our risk of non-compliance with applicable foreign data protection laws by expanding internationally. We may need to change and limit the way we use personal information in operating our business and may have difficulty maintaining a single operating model that is compliant. Further, because we accept debit and credit cards for payment, we are subject to the Payment Card Industry Data Security Standard, or the PCI Standard, issued by the Payment Card Industry Security Standards Council, with respect to payment card information. The PCI Standard contains compliance guidelines with our security surrounding the physical and electronic storage, processing and transmission of cardholder data. Compliance with the PCI Standard and implementing related procedures, technology and information security measures requires significant resources and ongoing attention. Costs and potential problems and interruptions associated with the implementation of new or upgraded systems and technology, such as those necessary to achieve compliance with the PCI Standard or with maintenance or adequate support of existing systems could also disrupt or reduce the efficiency of our operations. Any material interruptions or failures in our payment-related systems could have a material adverse effect on our business, results of operations and financial condition. If there are amendments to the PCI Standard, the cost of recompliance could also be substantial and we may suffer loss of critical data and interruptions or delays in our operations as a result. If we are unable to comply with the security standards established by banks and the payment card industry, we may be subject to fines, restrictions, and expulsion from card acceptance programs, which could materially and adversely affect our business. Lastly, the global landscape of artificial intelligence (AI) legislation and regulation is rapidly evolving as governments and regulatory bodies seek to balance innovation with ethical considerations, privacy, security, and accountability. In the European Union, the proposed AI Act represents a comprehensive effort to regulate AI, focusing on risk-based categories and setting strict requirements for high-risk applications. The United States, while lacking a unified federal framework, has seen regulatory guidance from agencies like the National Institute of Standards and Technology (NIST) and sector-specific policies addressing AI's ethical use. China has also introduced regulations aimed at enhancing data security and the ethical development of AI, emphasizing the importance of controlling AI's social impacts. Elsewhere, countries like the United Kingdom, Canada, and Australia are developing frameworks that address AI governance, ethics, and safety standards. As global AI regulations continue to evolve and expand, legislation could impose significant compliance costs and operational challenges on our business. Should we fail to adhere to these emerging standards and requirements, we could face legal penalties, operational restrictions, and potentially severe reputational damage. This evolving regulatory landscape underscores the importance of proactive compliance and strategic planning to mitigate risks associated with AI deployment, ensuring that our business operations remain resilient and competitive in a rapidly changing legal environment. Any failure or perceived failure by us to comply with our posted privacy policies, our privacy-related obligations to users or other third parties, or any other legal obligations or regulatory requirements relating to privacy, data protection, or data security, may result in governmental investigations or enforcement actions, litigation (including customer class actions), claims, or public statements against us by consumer advocacy groups or others and could result in significant liability, cause our users to lose trust in us, and otherwise materially and adversely affect our reputation and business. Furthermore, the costs of compliance with, and other burdens imposed by, the laws, regulations, other obligations, and policies that are applicable to the businesses of our users may limit the adoption and use of, and reduce the overall demand for, our platform. Additionally, if third parties we work with violate applicable laws, regulations, or contractual obligations, such violations may put our users' data at risk, could result in governmental investigations or enforcement actions, fines, litigation, claims, or public statements against us by consumer advocacy groups or others and could result in significant liability, cause our users to lose trust in us, and otherwise materially and adversely affect our reputation and business.

Technology companies are frequently subject to litigation based on allegations of infringement or other violations of intellectual property rights. From time to time, the holders of intellectual property rights have previously and may in the future assert their rights and urge us to take licenses, and/or bring suits alleging infringement or misappropriation of such rights. There can be no assurance that we will be able to mitigate the risk of potential suits or other legal demands by such third parties. Although we may have meritorious defenses, there can be no assurance that we will be successful in defending against these allegations or in reaching business resolutions that are satisfactory to us. In addition, if we are determined to have infringed, or believe there is a high likelihood that we have infringed upon a third party's intellectual property rights, we may be required to cease making, selling or incorporating key components or intellectual property into the products and services we offer, to pay substantial damages and/or royalties, to redesign our products and services, and/or to establish and maintain alternative branding. Any litigation may also involve non-practicing entities or other adverse patent owners that have no relevant solution revenue, and therefore, our patent portfolio may provide little or no deterrence as we would not be able to assert our patents against such entities or individuals. To the extent that our subscribers and business partners become the subject of allegations or claims regarding the infringement or misappropriation of intellectual property rights related to our products and services, we have previously and may in the future be required to indemnify such subscribers and business partners. For example, we are currently indemnifying our client Redfin Corporation in a lawsuit brought by Appliance Computing III d/b/a Surefield. Specifically, Appliance Computing III d/b/a Surefield has asserted that Redfin's use of our 3D-Walkthrough technology infringes four patents. The matter went to jury trial in May 2022 and resulted in a jury verdict finding that Redfin had not infringed upon any of the asserted patent claims and that all asserted patent claims were invalid. Final judgment was entered on August 15, 2022. On September 12, 2022, Surefield filed post trial motions seeking to reverse the jury verdict. Redfin has filed oppositions to the motions. In addition, on May 16, 2022, the Company filed a declaratory judgment action against Appliance Computing III, Inc., d/b/a Surefield, seeking a declaratory judgment that the Company had not infringed upon the four patents asserted against Redfin and one additional, related patent. The matter is pending in the Western District of Washington and captioned Matterport, Inc. v. Appliance Computing III, Inc. d/b/a Surefield, Case No. 2:22-cv-00669 (W.D. Wash.). Surefield has filed a motion to dismiss or in the alternative transfer the case to the United States District Court for the Western District of Texas. The Company filed an opposition to the motion. On August 28, 2023, the Court denied Surefield's motion to dismiss the Washington case but stayed the action pending the resolution of the Texas case. Our agreements with customers, channel partners and certain vendors include indemnification provisions under which we agree to indemnify them for losses suffered or incurred as a result of claims of intellectual property infringement pertaining to our products and technology. Some of these indemnity agreements provide for uncapped liability and some indemnity provisions survive termination or expiration of the applicable agreement. Any claim of infringement by a third party, even one without merit, whether against us or for which we are required to provide indemnification, could cause us to incur substantial costs defending against the claim, could distract our management from our business, and could require us to cease use of such intellectual property or develop a non-infringing design-around. Further, because of the substantial amount of discovery required in connection with intellectual property litigation, we risk compromising our confidential information during this type of litigation. Any dispute with a customer with respect to these intellectual property indemnification obligations could have adverse effects on our relationship with that customer and other existing or new customers, and harm our business and operating results. We may be required to make substantial payments for legal fees, settlement fees, damages, royalties, or other fees in connection with a claimant securing a judgment against us, we may be subject to an injunction or other restrictions that cause us to cease selling subscriptions to our products, we may be subject to an injunction or other restrictions that cause us to rebrand or otherwise cease using certain trademarks in specified jurisdictions, or we may be required to redesign any allegedly infringing portion of our products or we may agree to a settlement that prevents us from distributing our platform or a portion thereof, any of which could adversely affect our business, financial condition and results of operations. In addition, although we carry insurance, our insurance may not be adequate to indemnify us for all liability that may be imposed, or otherwise protect us from liabilities or damages, and any such coverage may not continue to be available to us on acceptable terms or at all. Even if we are not a party to any litigation between a subscriber or business partner and a third party relating to infringement by our products, an adverse outcome in any such litigation could make it more difficult for us to defend our products against intellectual property infringement claims in subsequent litigation in which we are a named party. If we are required to take one or more such actions, our business, prospects, brand, operating results and financial condition could be materially and adversely affected. In addition, any litigation or claims, whether or not valid, could result in substantial costs, negative publicity and diversion of resources and management attention. With respect to any intellectual property rights claim, we may have to seek a license to continue operations that are found or alleged to violate such rights. Such licenses may not be available, or if available, may not be available on favorable or commercially reasonable terms and may significantly increase our operating expenses. Some licenses may be non-exclusive, and therefore our competitors may have access to the same technology licensed to us. If a third party does not offer us a license to its intellectual property on reasonable terms, or at all, we may be required to develop alternative, non-infringing technology, which could require significant time (during which we would be unable to continue to offer our affected offerings), effort and expense and may ultimately not be successful. Any of these events could adversely affect our business, results of operations and financial condition.

We increasingly rely on information technology systems to process, transmit and store electronic information. A significant portion of the communication between personnel, customers, business partners and suppliers depends on information technology. We use information technology systems and networks in our operations and supporting departments such as marketing, accounting, finance, and human resources. We also rely on third party technology and systems for a variety of reasons, including, without limitation, authentication technology, employee email, content delivery to customers, back-office support, and other functions. The future operation, success and growth of our business depends on streamlined processes made available through our uninhibited access to information systems, global communications, internet activity and other network processes. Like most companies, despite our current security measures, our information technology systems, and those of our third-party service providers, may be vulnerable to information security breaches, malware, viruses, physical or electronic break-ins and similar disruptions, which could lead to interruption and delays in our services and operations and loss, misuse or theft of data. Computer malware, viruses, hacking and phishing attacks against online networks have become more prevalent and may occur on our systems in the future. Ransomware attacks, including those from organized criminal threat actors, nation-states, and nation-state supported actors, are becoming increasingly prevalent and severe, and can lead to significant interruptions in our operations, loss of data and income, reputational loss, diversion of funds, and may result in fines, litigation and unwanted media attention. Extortion payments may alleviate the negative impact of a ransomware attack, but we may be unwilling or unable to make such payments due to, for example, applicable laws or regulations prohibiting payments. Further, stored data might be improperly accessed due to a variety of events beyond our control, including, but not limited to, natural disasters, terrorist attacks, telecommunications failures, computer viruses, hackers and other security issues. Hackers and data thieves are increasingly sophisticated and operate large-scale and complex automated attacks which may remain undetected until after they occur. Any attempts by cyber attackers to disrupt our services or systems or those of our third party service providers could result in mandated user notifications, litigation, government investigations, significant fines and expenditures; product fulfillment delays, key personnel being unable to perform duties or communicate throughout the organization, loss of internet sales, significant costs for data restoration; damage our brand and reputation; and materially adversely affect our business and results of operations. Efforts to prevent cyber attackers from entering computer systems are expensive to implement, and we may not be able to avoid attacks that arise through computer systems of our third-party vendors. Despite our existing security procedures and controls, if our network were compromised, it could give rise to unwanted media attention, materially damage our customer relationships, harm our business, reputation, results of operations, cash flows and financial condition, result in fines or litigation, and may increase the costs we incur to protect against such information security breaches, such as increased investment in technology, the costs of compliance with consumer protection laws and costs resulting from consumer fraud. We have not experienced any material attacks, disruptions, outages and other performance problems, but may do so in the future, due to a variety of factors, including infrastructure changes, third-party service providers, human or software errors and capacity constraints. When we have experienced such incidents, we have implemented controls and taken other preventative actions to further strengthen our systems against future attacks. However, we cannot assure you that such measures will provide absolute security, that we will be able to react in a timely manner, or that our remediation efforts following an attack will be successful. We have processes and procedures in place designed to enable us to recover from a disaster or catastrophe and continue business operations and have tested this capability under controlled circumstances. However, there are several factors ranging from human error to data corruption that could materially impact the efficacy of such processes and procedures, including by lengthening the time services are partially or fully unavailable to customers and users. It may be difficult or impossible to perform some or all recovery steps and continue normal business operations due to the nature of a particular disaster or catastrophe, especially during peak periods, which could cause additional reputational damages, or loss of revenues, any of which would adversely affect our business and financial results. Moreover, while we maintain cyber insurance that may help provide coverage for these types of incidents, we cannot assure you that our insurance will be adequate to cover costs and liabilities related to security incidents or breaches. The successful assertion of one or more large claims against us that exceeds our available insurance coverage, or results in changes to our insurance policies (including premium increases or the imposition of large deductible or co-insurance requirements), could have an adverse effect on our business. In addition, we cannot be sure that our existing insurance coverage will continue to be available on acceptable terms or that our insurers will not deny coverage as to any future claim.

We have international operations with sales outside the U.S., and we have plans to expand internationally. In addition, our global supply chain is large and complex and the majority of our supplier facilities are located outside the U.S. As a result, our operations and performance depend significantly on global and regional economic conditions. Adverse macroeconomic conditions, including inflation, slower growth or recession, new or increased tariffs and other barriers to trade, changes to fiscal and monetary policy, tighter credit, higher interest rates, high unemployment and currency fluctuations can adversely impact consumer confidence and spending and materially adversely affect demand for our products and services. In addition, consumer confidence and spending can be materially adversely affected in response to financial market volatility, negative financial news, conditions in the real estate and mortgage markets, declines in income or asset values, energy shortages and cost increases, labor and healthcare costs and other economic factors. In addition to an adverse impact on demand for our products and services, uncertainty about, or a decline in, global or regional economic conditions can have a significant impact on our suppliers and subscribers. These and other economic factors can negatively adversely affect our business, results of operations, financial condition and stock price. Additionally, turmoil in the global banking system has the potential to impact our business, results of operations, financial condition and stock price. For example, on March 10, 2023, Silicon Valley Bank (SVB), one of our banking partners, was closed by the California Department of Financial Protection and Innovation, which appointed the FDIC as receiver. On March 27, 2023, First Citizens Bank & Trust Company assumed all of SVB's customer deposits and certain other liabilities and acquired substantially all of SVB's loans and certain other assets from the FDIC. We held a minimal amount of cash directly at SVB and, since that date, the FDIC has stated that all depositors of SVB will be made whole, and First Citizens Bank & Trust Company has assumed our deposits from SVB. However, there is no guarantee that the federal government would guarantee all depositors as they did with SVB depositors in the event of further bank closures, and continued instability in the global banking system may adversely impact our business and financial condition as well as the financial condition of our customers and suppliers.