Singular Genomics Systems (OMIC) Risk Analysis

We commercially launched the G4 and began recognizing revenue on sales of the G4 in the fourth quarter of 2022. While we have continued to support our existing G4 customers, we are currently focusing our activities primarily on completing the development of and commercializing our G4X instrument and consumables and delivering spatial biology services. We commenced development of the G4X and are currently developing certain spatial biology service offerings, which are subject to all the risks and uncertainties associated with the development of highly complex and novel life sciences products and services. We have not met a number of technical and performance metrics that we believe will be necessary to achieve prior to commercialization. If we do not achieve the required technical specifications and performance metrics for the G4X or our spatial biology service offerings or if development work is delayed, reprioritized, or otherwise not performed according to schedule, then we may not be successful in completing development of the G4X or our spatial biology service offerings and their commercial launch may be adversely affected, delayed or not occur at all. Additionally, the G4X and/or our spatial biology service offerings could be subject to redesign or further improvements, which could result in delays in finalizing development and commencing commercialization, after feedback from collaborators and KOLs. Any delay or failure by us to successfully develop, release, commercialize and maintain the G4X, our spatial biology service offerings, or other multiomic technologies could have a substantial adverse effect on our business and results of operations.

We rely on patent, trademark, copyright, trade secret and other intellectual property rights and contractual restrictions to protect our proprietary products, services and technologies, all of which provide limited protection and may not adequately protect our rights or permit us to gain or keep any competitive advantage. As of September 30, 2024, we have over 70 issued utility patents covering various aspects of our proprietary NGS and spatial multiomics technologies. If we fail to obtain additional patent protection for our products and technology and maintain and protect our intellectual property rights, third parties may be able to compete more effectively against us. In addition, we may incur substantial litigation costs in our attempts to recover or restrict use of our intellectual property. Further, if we are unable to obtain and maintain sufficient intellectual property protection for our products, services and technology, or if the scope of the intellectual property protection obtained is not sufficiently broad, our ability to successfully commercialize our products and services may be impaired. We have and intend to continue to apply for patents covering our products, service offerings and technologies and uses thereof, as we deem appropriate. However, obtaining and enforcing patents is costly, time-consuming and complex, and we may fail to apply for patents on important products and technologies in a timely fashion or at all, or we may fail to apply for patents in potentially relevant jurisdictions. We may not be able to file and prosecute all necessary or desirable patent applications, or maintain, enforce and license any patents that may issue from such patent applications, at a reasonable cost or in a timely manner or in all jurisdictions. It is also possible that we will fail to identify patentable aspects of our research and development output before it is too late to obtain patent protection. Moreover, we may not develop additional proprietary products, methods, services and technologies that are patentable. We may not have the right to control the preparation, filing and prosecution of patent applications, or to maintain the rights to patents licensed from or to third parties. Therefore, these patents and applications may not be prosecuted and enforced by such third parties in a manner consistent with the best interests of our business. In addition, the patent position of life sciences technology companies such as ours is generally highly uncertain, involves complex legal and factual questions, and our industry has experienced widespread and intense litigation in recent years. Changes in either the patent laws or in interpretations of patent laws in the United States or other countries or regions may diminish the value of our intellectual property. As a result, the issuance, scope, validity, enforceability, and commercial value of our patent rights are highly uncertain. It is possible that none of our pending patent applications will result in issued patents in a timely fashion or at all, and even if patents are granted, they may not provide a basis for intellectual property protection of commercially viable products, services or technologies, may not provide us with any competitive advantages, or may be challenged, narrowed and invalidated by third parties. We cannot predict the breadth of claims that may be allowed or enforced in our patents or in third-party patents. It is possible that third parties will design around our current or future patents such that we cannot prevent such third parties from using similar technologies and commercializing similar products or services to compete with us. Some of our owned or licensed patents or patent applications may be challenged at a future point in time and we may not be successful in defending any such challenges made against our patents or patent applications. Any successful third-party challenge to our patents could result in the narrowing, unenforceability or invalidity of such patents and increased competition to our business. The outcome of patent litigation or other proceeding can be uncertain, and any attempt by us to enforce our patent rights against others or to challenge the patent rights of others may not be successful, or, regardless of success, may take substantial time and result in substantial cost, and may divert our efforts and attention from other aspects of our business. Any of the foregoing events could have a material adverse effect on our business, financial condition and results of operations.

We use open source software in our products and services and anticipate that we will continue to use open source software in the future. The licenses applicable to our use of open source software may require that source code that is developed using open source software be made available to the public and that any modifications or derivative works to certain open source software continue to be licensed under open source licenses. From time to time, we may face claims from third parties claiming infringement of their intellectual property rights, or demanding the release or license of the open source software or derivative works that we developed using such software (which could include our proprietary source code) or otherwise seeking to enforce the terms of the applicable open source license. These claims could result in litigation and could require us to purchase a costly license, publicly release the affected portions of our source code, be limited in or cease using the implicated software unless and until we can re-engineer such software to avoid infringement or change the use of, or remove, the implicated open source software. Our use of open source software may also present additional security risks because the source code for open source software is publicly available. Any of these risks could be difficult to eliminate or manage, and, if not addressed, could have a material adverse effect on our business, results of operations, financial condition, and prospects.

We must successfully increase our manufacturing output to meet our long-term commercialization plans. We currently manufacture our instruments and consumables in our facilities in San Diego, California. In order to manufacture sufficient instruments and consumables to meet our commercialization plans, we will need to hire and train a sufficient number of manufacturing, engineering and quality personnel. Manufacturing our instruments and consumables requires complex processes, and depends on the skill and experience of our manufacturing personnel. The manufacturing process for our instruments and consumables also includes sourcing components from various third-party suppliers and then assembling and testing the final product offerings. We must manufacture our instruments and consumables in compliance with our demanding specifications in a timely and efficient manner and at an acceptable cost in order to achieve and maintain profitability. We have a limited history of manufacturing and assembling our instruments and consumables, and, as a result, we may have difficulty manufacturing and assembling sufficient quantities of such products in a timely and cost-effective manner. For example, we had previously experienced delays in the scale-up of our manufacturing process when producing our first commercial units of the G4, and we have since improved this process. In addition, to manage our manufacturing operations and the supply of components from our third-party suppliers, we will need to forecast anticipated demand to predict our inventory needs from six months to a year in advance and enter into purchase orders on the basis of these requirements. Our limited manufacturing history may not provide us with enough data to allow us to accurately and effectively predict our manufacturing capacity requirements or our need for components from our third-party suppliers, including appropriately anticipating supply shortages or unavailability and fluctuations in the pricing of required components. We may experience delays in obtaining components required for our instruments and consumables, including due to recent supply chain challenges being experienced in the economy generally, or not have sufficient manufacturing capabilities and personnel for such products, which could impede our ability to manufacture and assemble these products on our expected timeline. As a result of this or any other delays, we may encounter difficulties in instrument and/or consumable production, including problems with quality control and assurance, component supply shortages or surpluses, increased costs, shortages of qualified personnel and difficulties associated with compliance with local, state, federal and foreign regulatory requirements. Our costs may also significantly increase as a result of inflation, and we may not be able to offset those higher costs by increasing our prices to our customers to the extent we have generated sales. Our operating costs have increased, and may continue to increase, due to the recent growth in inflation, which could have an adverse effect on our results of operation and financial condition.

We have employed and expect to employ individuals who were previously employed at universities, research institutions or other companies, including our competitors or potential competitors. Although we seek to protect our ownership of intellectual property rights by ensuring that our agreements with our employees, collaborators, and other third parties with whom we do business include provisions requiring such parties to not disclose the confidential information of their previous employers or other third parties, we may be subject to claims that we or our employees, consultants or independent contractors have inadvertently or otherwise used or disclosed confidential information of our employees' former employers or other third parties. We or our licensors may also be subject to claims that former employers or other third parties have an ownership interest in our patents. Litigation may be necessary to defend against these claims. There is no guarantee of success in defending these claims, and if we or our licensors fail in defending any such claims, in addition to paying monetary damages, we may lose valuable intellectual property rights, such as exclusive ownership of, or right to use, valuable intellectual property. Even if we are successful, litigation could result in substantial cost and be a distraction to our management and other employees.

We do not have long-term contracts with third-party suppliers from whom we obtain some components to manufacture our instruments and consumables. We are, therefore, subject to the risk that these third-party suppliers will not continue to provide us with components that meet our specifications, quality standards and delivery schedules. Factors that could impact our suppliers' willingness and ability to continue to provide us with the required components include disruption at or affecting our suppliers' facilities, such as work stoppages or natural disasters, demand for and availability of raw materials and subcomponents, adverse weather or other conditions that affect their supply, the financial condition of our suppliers and deterioration in our relationships with these suppliers. In addition, we cannot be sure that we will be able to obtain these components on satisfactory terms. Any increase in component costs could reduce any potential future sales of our products or services and harm our gross margins. While we have qualified second sources for several of our critical components, including flow cells, optics and oligonucleotides, we do not have qualified secondary sources for all components that we source through a single supplier and we cannot assure investors that the qualification of a secondary supplier will prevent future supply issues. Disruption in the supply of materials or components would impair our ability to sell our products, perform services and meet customer demand, and also could delay the launch of new products or services, any of which could harm our business and results of operations. If we were to have to change suppliers, the new supplier may not be able to provide us components in a timely manner and in adequate quantities that are consistent with our quality standards and on satisfactory pricing terms. In addition, alternative sources of supply may not be available for components for which there are a limited number of suppliers which could result in a requirement to redesign certain aspects of our products and adversely affect our service offerings. Further, supply shortages could require us to redesign our products to be compatible with components that are more readily available, which could lead to manufacturing, commercialization, and service delivery delays.

We have commercially launched the G4 and began recognizing revenue on sales of the G4 in the fourth quarter of 2022 and have commenced development of the G4X, which is a platform we designed to target the spatial multiomics market. We are also developing certain spatial biology service offerings using the G4X. While we have continued to support our existing G4 customers, we are currently focusing our activities primarily on completing the development of and commercializing our G4X instrument and consumables and delivering spatial biology services. As a result, we expect to generate substantially all of our revenue in the near term from the sale of spatial biology services and the sale of the G4X and its consumables, once commercially launched. There can be no assurance of the following: that we will be able to successfully complete the development of, or commercialize, the G4X or any other future products, services or product enhancements we elect to pursue; that the G4X and our spatial biology service offerings will meet the expectations of our customers, including those relating to cost, reliability, performance and features, or otherwise gain market acceptance; that we can manufacture the G4X in commercial quantities; that we will be able to successfully commercialize the G4X and deliver competitive spatial biology service offerings; or that we will be able to service and maintain the products that we have sold. To date, we have limited experience simultaneously designing, testing, manufacturing and selling products or offering services and there can be no assurances we will be successful in doing so or doing so on our intended timelines. In addition, as technologies change in the life sciences research tools marketplace in general, and in the omics technologies marketplace specifically, we will be expected to upgrade or adapt our products and service offerings in order to keep up with the latest technology. Further, our competitors may offer or develop products or technologies that cause the G4, G4X, our spatial biology service offerings, or other future products to not be commercially attractive to our customers.

We cannot guarantee that customer experiences or reviews of the G4, the G4X and/or our spatial biology service offerings from our customers will be favorable. Initial negative perception of the G4, G4X and/or our spatial biology service offerings by customers could irreparably damage our reputation and ability to successfully commercialize the G4, G4X, our spatial biology services, or any of our other future products or services. Further, the life sciences scientific community is comprised of a small number of early adopters and key opinion leaders ("KOLs") who significantly influence the rest of the community and the marketplace in general. The success of life sciences products and services is due, in large part, to acceptance by the scientific community and their adoption of certain products as best practice in the applicable field of research. The current system of academic and scientific research views publishing in a peer-reviewed journal as a measure of success. In such journal publications, the researchers will describe not only their discoveries, but also the methods and typically the products and/or services used to fuel such discoveries. Mentions in peer-reviewed journal publications are a good barometer for the general acceptance of our products and/or services as best practices. Ensuring that early adopters and KOLs publish research involving the use of our products and/or services is critical to ensuring they gain widespread acceptance and market growth. Continuing to maintain good relationships with such KOLs is vital to growing the acceptance of our products and services in the marketplace. If early adopters and KOLs do not favorably describe the use of our products and services, do not compare our products and/or services favorably to existing products and technologies, or negatively describe the use and operation of our products and/or services in publications, it may drive potential customers away from our products and services and prevent broader market acceptance of our products and services, which could harm our business, financial condition and results of operations.

The G4 is, and the G4X will be, sold as an RUO product, and we do not currently expect either the G4 or G4X to be subject to the clearance or approval of the FDA, as they are not intended to be used for the diagnosis, treatment or prevention of disease. However, as we expand our product line and the applications and uses of our products into new fields, certain of our future products could become subject to regulation by the FDA, or comparable international agencies, including requirements for regulatory clearance or approval of such products before they can be marketed. Also, even if our products are labeled, promoted, and intended as RUO, the FDA or comparable agencies of other countries could disagree with our conclusion that our products are intended for RUO or deem our sales, marketing and promotional efforts as being inconsistent with RUO products. For example, our customers may independently elect to use our RUO labeled products in their own laboratory developed tests ("LDTs") for clinical diagnostic use, which could subject our products to government regulation, and the regulatory clearance or approval and maintenance process for such products may be uncertain, expensive and time-consuming. Regulatory requirements related to marketing, selling and distribution of RUO products could change or be uncertain, even if clinical uses of our RUO products by our customers were done without our consent. Further, regulations may change causing RUO products to be subject to regulatory clearance or approval. If the FDA or other regulatory authorities assert that any of our RUO products are subject to regulatory clearance or approval, our business, financial condition, or results of operations could be adversely affected. The FDA has historically exercised enforcement discretion in not enforcing the medical device regulations against laboratories offering LDTs. However, on October 3, 2014, the FDA issued two draft guidance documents that set forth the FDA's proposed risk-based framework for regulating LDTs, which are designed, manufactured, and used within a single laboratory. The draft guidance documents provide the anticipated details through which the FDA would propose to establish an LDT oversight framework, including premarket review for higher-risk LDTs, such as those that have the same intended use as FDA-approved or cleared companion diagnostic tests currently on the market. In January 2017, the FDA announced that it would not issue final guidance on the oversight of LDTs and manufacturers of products used for LDTs, but would seek further public discussion on an appropriate oversight approach, and give Congress an opportunity to develop a legislative solution. More recently, the FDA has issued warning letters to certain genomics labs for illegally marketing genetic tests that claim to predict patients' responses to specific medications, noting that the FDA has not created a legal "carve-out" for LDTs and retains discretion to take action when appropriate, such as when certain genomic tests raise significant public health concerns. Further, in September 2023, the FDA published a proposed rule that would change decades of LDT regulation by expressly considering LDTs as in vitro diagnostics medical devices. The proposed rule would require companies performing LDTs to comply with medical device statutes and regulations, including submission requirements, quality system regulations, medical device reporting, registration and listing, and manufacturing standards. If and when the proposed rule takes effect, the FDA would gradually phase out its current general enforcement discretion approach of many LDTs. As manufacturers develop more complex diagnostic tests and diagnostic software, the FDA may increase its regulation of LDTs. Any future legislative or administrative rule-making or oversight of LDTs, if and when finalized, may impact the sales of our products and how customers use our products, and may require us to change our business model in order to maintain compliance with these laws. We cannot predict how these various efforts will be resolved, how Congress or the FDA will regulate LDTs in the future, or how that regulatory system will impact our business. Changes to the current regulatory framework, including the imposition of additional or new regulations, including regulation of our products, could arise at any time during the development or marketing of our products, which may negatively affect our ability to obtain or maintain FDA or comparable regulatory approval of our products, if required. Further, sales of devices for diagnostic purposes may subject us to additional healthcare regulation and enforcement by the applicable government agencies. Such laws include, without limitation, state and federal anti-kickback or anti-referral laws, healthcare fraud and abuse laws, false claims laws, privacy and security laws, Physician Payments Sunshine Act and related transparency and manufacturer reporting laws, and other laws and regulations applicable to medical device manufacturers. Our operations may subject us to certain of these health care laws through our customers who use our platform for the development or sale of diagnostic tests. Failure to comply with such laws and regulations, as applicable, may result in substantial penalties. Additionally, on November 25, 2013, the FDA issued Final Guidance "Distribution of In Vitro Diagnostic Products Labeled for Research Use Only." The guidance emphasizes that the FDA will review the totality of the circumstances when it comes to evaluating whether equipment and testing components are properly labeled as RUO. The final guidance states that merely including a labeling statement that the product is for RUO will not necessarily render the device exempt from the FDA's clearance, approval, and other regulatory requirements if the circumstances surrounding the distribution, marketing and promotional practices indicate that the manufacturer knows its products are, or intends for its products to be, used for clinical diagnostic purposes. These circumstances may include written or verbal sales and marketing claims or links to articles regarding a product's performance in clinical applications and a manufacturer's provision of technical support for clinical applications. As part of the previous Administration's efforts to combat COVID-19 and consistent with former President Trump's direction in Executive Orders 13771 and 13924, the Department of Health and Human Services ("HHS") announced rescission of guidance and other informal issuances of the FDA regarding premarket review of LDTs absent notice-and-comment rulemaking, stating that, absent notice-and-comment rulemaking, those seeking approval or clearance of, or an emergency use authorization, for an LDT may nonetheless voluntarily submit a premarket approval application, premarket notification or an Emergency Use Authorization request, respectively, but are not required to do so. However, laboratories opting to use LDTs without FDA premarket review or authorization would not be eligible for liability protection under the Public Readiness and Emergency Preparedness Act. While this action by HHS is expected to reduce the regulatory burden on clinical laboratories certified under the Clinical Laboratory Improvement Amendments of 1988 that develop LDTs, it is unclear how this action as well as future legislation by federal and state governments and the FDA will impact the industry, including our business and that of our customers. Such HHS measure may compel the FDA to formalize earlier enforcement discretionary policies and informal guidance through notice-and-comment rulemaking and/or impose further restrictions on LDTs. HHS' rescission policy may change over time and we cannot be certain if the new administration will withdraw Executive Orders 13771 and 13924. Congress could also enact legislation restricting LDTs. Any restrictions on LDTs by the FDA, HHS, Congress, or state regulatory authorities may decrease the demand for our products. The adoption of new restrictions on RUO products, whether by the FDA or Congress, could adversely affect demand for our specialized reagents and instruments. Further, we could be required to obtain premarket clearance or approval before we can sell our products to certain customers. Additionally, in the United States and some foreign jurisdictions there have been, and continue to be, several legislative and regulatory changes and proposed reforms of the healthcare system in an effort to contain costs, improve quality, and expand access to care. Further, third-party payors have attempted to control costs by limiting coverage and the amount of reimbursement for medications and other health care products and services. Our ability to commercialize any of our products successfully, and our customers' ability to commercialize their products successfully, will depend in part on the extent to which coverage and adequate reimbursement for these products and will be available from third-party payors. As such, cost containment reform efforts may result in an adverse effect on our operations.

In the ordinary course of our business, we currently, and in the future will, collect, store, transfer, use or process sensitive data, including personally identifiable information of employees, and intellectual property and proprietary business information owned or controlled by ourselves and other parties. The secure processing, storage, maintenance, and transmission of this critical information is vital to our operations and business strategy. We are, and may increasingly become, subject to various laws and regulations, as well as contractual obligations, relating to data privacy and security in the jurisdictions in which we operate. The regulatory environment related to data privacy and security is increasingly rigorous, with new and constantly changing requirements applicable to our business, and enforcement practices are likely to remain uncertain for the foreseeable future. These laws and regulations may be interpreted and applied differently and inconsistently over time and from jurisdiction to jurisdiction, and it is possible that they will be interpreted and applied in ways that may have a material adverse effect on our business, financial condition, results of operations and prospects. In the United States, various federal and state regulators, including governmental agencies like the Consumer Financial Protection Bureau and the Federal Trade Commission, have adopted, or are considering adopting, laws and regulations concerning personal information and data security. Certain state laws may be more stringent or broader in scope, or offer greater individual rights, with respect to personal information than federal, international or other state laws, and such laws may differ from each other, all of which may complicate compliance efforts. For example, the California Consumer Privacy Act ("CCPA"), which increases privacy rights for California residents and imposes obligations on companies that process their personal information, came into effect on January 1, 2020. Among other things, the CCPA requires covered companies to provide new disclosures to California consumers and provide such consumers new data protection and privacy rights, including the ability to opt-out of certain sales of personal information. The CCPA provides for civil penalties for violations, as well as a private right of action for certain data breaches that result in the loss of personal information. This private right of action may increase the likelihood of, and risks associated with, data breach litigation. In addition, laws in all 50 U.S. states require businesses to provide notice to consumers whose personal information has been disclosed as a result of a data breach. State laws are changing rapidly and there is discussion in the U.S. Congress of a new comprehensive federal data privacy law to which we would become subject if it is enacted. Additionally, California voters approved a new privacy law, the California Privacy Rights Act ("CPRA"), in the November 3, 2020 election. Effective on January 1, 2023, the CPRA will significantly modify the CCPA, including by expanding consumers' rights with respect to certain sensitive personal information. The CPRA also creates a new state agency that will be vested with authority to implement and enforce the CCPA and the CPRA. New legislation proposed or enacted in various other states will continue to shape the data privacy environment nationally. Certain state laws may be more stringent or broader in scope, or offer greater individual rights, with respect to confidential, sensitive and personal information than federal, international or other state laws, and such laws may differ from each other, which may complicate compliance efforts. Further, regulations promulgated pursuant to the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), establish privacy and security standards that limit the use and disclosure of individually identifiable health information (known as "protected health information" or "PHI") and require the implementation of administrative, physical and technological safeguards to protect the privacy of PHI and ensure the confidentiality, integrity and availability of electronic PHI. Determining whether protected health information has been handled in compliance with applicable privacy standards and our contractual obligations can require complex factual and statistical analyses and may be subject to changing interpretation. Although we take measures to protect sensitive data from unauthorized access, use or disclosure, our information technology and infrastructure may be vulnerable to attacks by hackers or viruses or breached due to employee error, malfeasance or other malicious or inadvertent disruptions. Any such breach or interruption could compromise our networks and the information stored there could be accessed by unauthorized parties, manipulated, publicly disclosed, lost or stolen. Any such access, breach or other loss of information could result in legal claims or proceedings, liability under federal or state laws that protect the privacy of personal information (such as the HIPAA and the Health Information Technology for Economic and Clinical Health Act ("HITECH"), and regulatory penalties. Notice of breaches must be made to affected individuals, the Secretary of the Department of Health and Human Services, and for extensive breaches, notice may need to be made to the media or State Attorneys General. Such a notice could harm our reputation and our ability to compete. In Europe, the collection, use, storage, disclosure, transfer, or other processing of personal data regarding individuals in the European Economic Area ("EEA"), including personal health data, is subject to the GDPR, which became effective on May 25, 2018. The GDPR is wide-ranging in scope and imposes numerous requirements on companies that process personal data, including requirements relating to processing health and other sensitive data, obtaining consent of the individuals to whom the personal data relates, providing information to individuals regarding data processing activities, implementing safeguards to protect the security and confidentiality of personal data, providing notification of data breaches and taking certain measures when engaging third-party processors. The GDPR also imposes strict rules on the transfer of personal data to countries outside the EEA, including the United States, and permits data protection authorities to impose large penalties for violations of the GDPR, including potential fines of up to €20 million or 4% of annual global revenues, whichever is greater. The GDPR also confers a private right of action on data subjects and consumer associations to lodge complaints with supervisory authorities, seek judicial remedies and obtain compensation for damages resulting from violations of the GDPR. In addition, the GDPR includes restrictions on cross-border data transfers. The GDPR may increase our responsibility and liability in relation to personal data that we process where such processing is subject to the GDPR, and we may be required to put in place additional mechanisms to ensure compliance with the GDPR, including as implemented by individual countries. Compliance with the GDPR will be a rigorous and time- intensive process that may increase our cost of doing business or require us to change our business practices, and despite those efforts, there is a risk that we may be subject to fines and penalties, litigation and reputational harm in connection with our European activities. The exit of the United Kingdom ("UK") from the EU, often referred to as Brexit, also has created uncertainty with regard to data protection regulation in the UK. Specifically, the UK exited the EU on January 1, 2020, subject to a transition period that ended December 31, 2020. Under the post-Brexit Trade and Cooperation Agreement between the EU and the UK, the UK and EU have agreed that transfers of personal data to the UK from EEA member states will not be treated as ‘restricted transfers' to a non-EEA country for a period of up to four months from January 1, 2021, plus a potential further two months extension (the "Extended Adequacy Assessment Period"). Although the current maximum duration of the Extended Adequacy Assessment Period is six months, it may end sooner, for example, in the event that the European Commission adopts an adequacy decision in respect of the UK, or the UK amends the UK GDPR and/or makes certain changes regarding data transfers under the UK GDPR/Data Protection Act 2018 without the consent of the EU (unless those amendments or decisions are made simply to keep relevant UK laws aligned with the EU's data protection regime). If the European Commission does not adopt an ‘adequacy decision' in respect of the UK prior to the expiry of the Extended Adequacy Assessment Period, from that point onwards the UK will be an ‘inadequate third country' under the GDPR and transfers of personal data from the EEA to the UK will require a ‘transfer mechanism' such as the Standard Contractual Clauses. Further, the European Court of Justice ("ECJ") invalidated the EU-U.S. Privacy Shield, which had enabled the transfer of personal data from the EU to the U.S. for companies that had self-certified to the Privacy Shield in July 2020. The ECJ decision also raised questions about the continued validity of one of the primary alternatives to the EU-U.S. Privacy Shield, namely the European Commission's Standard Contractual Clauses, and EU regulators have issued additional guidance regarding considerations and requirements that we and other companies must consider and undertake when using the Standard Contractual Clauses. Although the EU has presented a new draft set of contractual clauses, at present, there are few, if any, viable alternatives to the EU-U.S. Privacy Shield and the Standard Contractual Clauses. To the extent that we were to rely on the EU-U.S. or Swiss-U.S. Privacy Shield programs, we will not be able to do so in the future, and the ECJ's decision and other regulatory guidance or developments otherwise may impose additional obligations with respect to the transfer of personal data from the EU and Switzerland to the U.S., each of which could restrict our activities in those jurisdictions, limit our ability to provide our products and services in those jurisdictions, or increase our costs and obligations and impose limitations upon our ability to efficiently transfer personal data from the EU and Switzerland to the U.S. We are in the process of evaluating compliance needs and are still finalizing formal policies and procedures related to the storage, collection and processing of information, and we still need to conduct internal or external data privacy audits, to ensure our compliance with all applicable data protection laws and regulations. Additionally, we still need to assess our third-party vendors' compliance with applicable data protection laws and regulations. All of these evolving compliance and operational requirements impose significant costs, such as costs related to organizational changes, implementing additional protection technologies, training employees and engaging consultants, which are likely to increase over time. In addition, such requirements may require us to modify our data processing practices and policies, distract management or divert resources from other initiatives and projects, all of which could have a material adverse effect on our business, financial condition, results of operations and prospects. Any failure or perceived failure by us or our third-party vendors, collaborators, contractors and consultants to comply with any applicable federal, state or similar foreign laws and regulations relating to data privacy and security could result in damage to our reputation, as well as proceedings or litigation by governmental agencies or other third parties, including class action privacy litigation in certain jurisdictions, which could subject us to significant fines, sanctions, awards, penalties or judgments, all of which could have a material adverse effect on our business, financial condition, results of operations and prospects.