Education

Personal Finance How To Use TipRanks TipRanks Labs Webinar Center Glossary FAQs

About Us

About TipRanks Contact Us Careers Reviews Mobile APP

Working with TipRanks

Enterprise Solutions Advertise with Us Top Online Brokers Become an Affiliate TipRanks News Wire Arrived EquityMultiple

TOOLS

Technical Analysis Screener

Top Analyst Stocks

Popular

Top Smart Score Stocks

Daily Analyst Ratings

Daily Insiders Trades

Dividend Stocks

ETF Center

Top Gainers/losers/active ETFs

Dividend Calculator

Options Profit Calculator

Dollar Cost Averaging

Best High Yield Dividend Stocks

Dividend Aristocrats

Dividend Stock Comparison

New

Dividend Calculator

Dividend Returns Comparison

Dividend Calendar

Top Analysts

Top Financial Bloggers

Top-Performing Corporate Insiders

Top Hedge Fund Managers

Top Research Firms

Top Individual Investors

Personal Finance Center

Mortgages

Loans

Investing & Retirement

Spending & Savings

Real Estate

Top Online Brokers

Compound Interest Calculator

Mortgage Calculator

Auto Loan Calculator

Student Loan Calculator

401k Retirement Calculator

Education

About Us

Working with TipRanks

STOCKS

R1 RCM Inc. (RCM)

:RCM

RCM

R1 RCM

RESEARCH TOOLS

Top Smart Score Stocks

Stock Screener

reports

R1 RCM (RCM) Risk Analysis

Compare

― Followers

Public companies are required to disclose risks that can affect the business and impact the stock. These disclosures are known as “Risk Factors”. Companies disclose these risks in their yearly (Form 10-K), quarterly earnings (Form 10-Q), or “foreign private issuer” reports (Form 20-F). Risk factors show the challenges a company faces. Investors can consider the worst-case scenarios before making an investment. TipRanks’ Risk Analysis categorizes risks based on proprietary classification algorithms and machine learning.

R1 RCM disclosed 38 risk factors in its most recent earnings report. R1 RCM reported the most risks in the “Finance & Corporate” category.

Risk Overview Q3, 2024

Risk Distribution

29% Finance & Corporate

24% Legal & Regulatory

21% Ability to Sell

13% Tech & Innovation

8% Macro & Political

5% Production

Finance & Corporate - Financial and accounting risks. Risks related to the execution of corporate activity and strategy

This chart displays the stock's most recent risk distribution according to category. TipRanks has identified 6 major categories: Finance & corporate, legal & regulatory, macro & political, production, tech & innovation, and ability to sell.

Risk Change Over Time

S&P500 Average

Sector Average

Risks removed

Risks added

Risks changed

R1 RCM Risk Factors

New Risk (0)

Risk Changed (0)

Risk Removed (0)

No changes from previous report

The chart shows the number of risks a company has disclosed. You can compare this to the sector average or S&P 500 average.

The quarters shown in the chart are according to the calendar year (January to December). Businesses set their own financial calendar, known as a fiscal year. For example, Walmart ends their financial year at the end of January to accommodate the holiday season.

Risk Highlights Q3, 2024

Main Risk Category

Finance & Corporate

With 11 Risks

Finance & Corporate

With 11 Risks

Number of Disclosed Risks

From last report

S&P 500 Average: 31

From last report

S&P 500 Average: 31

Recent Changes

5Risks added

0Risks removed

1Risks changed

Since Sep 2024

5Risks added

0Risks removed

1Risks changed

Since Sep 2024

Number of Risk Changed

No changes from last report

S&P 500 Average: 3

No changes from last report

S&P 500 Average: 3

See the risk highlights of R1 RCM in the last period.

Risk Word Cloud

The most common phrases about risk factors from the most recent report. Larger texts indicate more widely used phrases.

Risk Factors Full Breakdown - Total Risks 38

Finance & Corporate

Total Risks: 11/38 (29%)Above Sector Average

Share Price & Shareholder Rights3 | 7.9%

Share Price & Shareholder Rights - Risk 1

As a result of the delayed filing of our Quarterly Report on Form 10-Q for the quarter ended September 30, 2023, we face limitations in registering securities for a public offering or acquisitions, which could adversely affect our business.

Due to our inability to file our Quarterly Report on Form 10-Q for the quarter ended September 30, 2023 on or prior to its due date, we generally are ineligible to use "short-form" registration statements, or Form S-3, that would allow us to incorporate by reference our SEC reports into our registration statements, or to use automatic shelf registration statements, until we have filed all of our periodic reports in a timely manner for a period of 12 months. Our inability to register our securities on Form S-3 could increase the costs of selling securities publicly, significantly delay such sales and adversely affect our business.

Share Price & Shareholder Rights - Risk 2

The trading price of our common stock has been and may continue to be highly volatile.

During 2023, our common stock has traded at a price per share as high as $18.71 and as low as $9.55. The trading price of our common stock may be highly volatile in the future and could be subject to wide fluctuations in response to various factors. In addition to the risks described in this section, factors that have caused, and may in the future cause, the market price of our common stock to fluctuate include: fluctuations in our quarterly financial results or the quarterly financial results of companies perceived to be similar to us; changes in estimates of our financial results or recommendations by securities analysts, if any, who cover our common stock, or failure to meet expectations of such securities analysts; the loss of service agreements with customers; lawsuits filed against us by governmental authorities or stockholders; unfavorable publicity concerning our operations or business practices; investors' general perception of us; changes in local, regional or national economic conditions; changes in demographic trends; increased labor costs, including healthcare, unemployment insurance, and minimum wage requirements; the entry into, or termination of, material agreements; changes in general economic, industry, regulatory, and market conditions not related to us or our business; the availability of experienced management and hourly-paid employees; issues in operating the company; future sales of our securities, including sales by our significant stockholders; and other potentially negative financial announcements, including delisting of our common stock from The Nasdaq Global Select Market, changes in accounting treatment or restatement of previously reported financial results, delays in our filings with the SEC or failure to maintain effective internal control over financial reporting. In addition, the stock markets have experienced extreme price and volume fluctuations that have affected, and continue to affect, the market prices of equity securities of many companies. In the past, stockholders have instituted securities class action litigation or launched activist campaigns following periods of market volatility. If we were involved in securities litigation or an activist campaign, we could incur substantial costs, and our resources and the attention of management could be diverted from our business.

Share Price & Shareholder Rights - Risk 3

TCP-ASC and New Mountain Capital are significant shareholders in R1 and may have conflicts of interest with us or other stockholders in the future.

TCP-ASC ACHI Series LLLP ("TCP-ASC") and certain entities affiliated with New Mountain Capital, L.L.C. (collectively, the "Principal Stockholders") beneficially own approximately 62% of our common stock as of February 23, 2024, which means that the Principal Stockholders control the vote of all matters submitted to a vote of our Board of Directors (the "Board") or stockholders, which will enable them to control the election of the members of the Board and certain significant corporate decisions. Even when the Principal Stockholders cease to own shares of our common stock representing a majority of the total voting power, for so long as the Principal Stockholders continue to own a significant portion of our common stock, they will have significant influence with respect to our management, business plans and policies, including the appointment and removal of our officers, raising capital and amending our charter and bylaws, which govern the rights attached to our common stock. The concentration of ownership could deprive our other stockholders of an opportunity to receive a premium for their shares of common stock as part of a sale of us and ultimately might affect the market price of our common stock. The interests of the Principal Stockholders and their affiliates may differ from our other stockholders in material respects. For example, the Principal Stockholders may have an interest in pursuing acquisitions, divestitures, financings, or other transactions that, in their judgment, could enhance their equity investments, even though such transactions might involve risks to other stockholders. Additionally, Ascension is an affiliate of TCP-ASC and as our largest customer Ascension's interests may differ from other stockholders' interests. The Principal Stockholders, their affiliates, and their advisors are also in the business of making or advising on investments in companies, and may from time to time acquire interests in, or provide advice to, companies that directly or indirectly compete with certain portions of our business or are suppliers or customers of ours. They may pursue acquisition opportunities that may be complementary to our business and, as a result, those acquisition opportunities may not be available to us. Due to the Principal Stockholders' ownership level, certain actions of the Principal Stockholders or their affiliates could negatively impact our stock price. Other stockholders should consider that the interests of the Principal Stockholders or their affiliates may differ from theirs in material respects.

Accounting & Financial Operations2 | 5.3%

Accounting & Financial Operations - Risk 1

If we fail to maintain proper and effective internal control and remediate any future material weaknesses or significant deficiencies, our ability to produce accurate and timely financial statements could be impaired, which could harm our operating results, our ability to operate our business and our reputation with investors.

In 2023, we identified a material weakness in the design and operating effectiveness of our internal controls over financial reporting relating to the controls over business combinations impacting the accounting for acquiree compensation arrangements, and also determined that our disclosure controls and procedures were not effective, as of December 31, 2022 and 2021. Although such material weakness has been remediated at December 31, 2023, there can be no assurance that similar internal control issues will not be identified in the future. If we cannot remediate future material weaknesses or significant deficiencies in a timely manner, or if we identify additional control deficiencies that individually or together constitute significant deficiencies or material weaknesses, our ability to accurately record, process, and report financial information, and our ability to prepare financial statements within required time periods, could be adversely affected. Failure to maintain effective internal controls could result in violations of applicable securities laws, stock exchange listing requirements, and the covenants under our debt agreements, subject us to litigation and investigations, negatively affect investor confidence in our financial statements, and adversely impact our stock price and our ability to access capital markets.

Accounting & Financial Operations - Risk 2

We face risks related to the restatement of our previously issued financial statements.

In December 2023, we restated certain information in our previously issued consolidated financial statements for the years ended December 31, 2022 and 2021, for each of the quarters within 2022 and 2021, and for the quarters ended June 30, 2023 and March 31, 2023. As a result, we could be subject to additional risks and uncertainties, which could affect investor confidence in the accuracy of our financial disclosures. We could face litigation under the federal and state securities laws or other claims arising from the restatements. The cost of defending against any such claims and the ultimate outcome of any such litigation could materially affect our results of operations. In addition, we could discover additional material or immaterial errors in our financial statements, and our financial statements remain subject to the risk of future restatement.

Debt & Financing1 | 2.6%

Debt & Financing - Risk 1

We have a substantial amount of indebtedness, which could adversely affect us, including by decreasing our business flexibility. The agreement that governs our indebtedness contains covenants that could impact our ability to perform certain transactions without obtaining pre-approval from our lenders.

Our consolidated indebtedness as of December 31, 2023 was approximately $1.7 billion. In conjunction with the Acclara Acquisition on January 17, 2024, we entered into Amendment No. 2 (the "Second Amendment") to the Second Amended and Restated Credit Agreement, dated as of June 21, 2022, by and among the Company and certain of its subsidiaries, Bank of America, N.A., as administrative agent, and the lenders named therein (the "Second A&R Credit Agreement"), which, combined with borrowings of $80 million under our senior secured revolving credit facility (the "Senior Revolver") to finance the acquisition, increased our consolidated indebtedness by $655.0 million. The loan agreement for this indebtedness contains certain customary representations and warranties, affirmative and negative financial covenants, indemnity obligations, and events of default. The amount of debt and related covenants could have significant consequences to us, including: - affecting our ability to obtain additional financing, if necessary, for working capital, capital expenditures, acquisitions, share repurchases and dividends, or other purposes may be impaired or such financing may not be available on favorable terms, or at all;- negative financial covenants contained in the debt agreement require us to meet financial tests that may affect our flexibility in planning for, and reacting to, changes in our business, including possible acquisition opportunities;- a substantial portion of our cash flow is required to make principal and interest payments on our indebtedness, reducing the funds that would otherwise be available for operations and future business opportunities; and - level of indebtedness makes us more vulnerable than our less leveraged competitors to competitive pressures or a downturn in our business or the economy generally. Our ability to comply with the provisions of the debt agreement may be affected by events beyond our control. Failure to comply with these covenants could result in an event of default, which, if not cured or waived, could accelerate our debt repayment obligations.

Corporate Activity and Growth5 | 13.2%

Corporate Activity and Growth - Risk 1

If we do not realize the anticipated benefits from the Acclara Acquisition, which closed on January 17, 2024, and commercial agreements with Providence, our business could suffer materially and our stock price could decline.

We expect the Acclara Acquisition, and 10-year commercial agreements with Providence, to result in financial and operational benefits, including enhanced revenue, earnings, and cash flows. If we are unable to achieve these objectives within the anticipated timeframe or at all, the anticipated benefits may not be realized in full or at all, our financial results may differ from our expectations or the expectations of the investment community, and the value of our common stock may decline as a result.

Corporate Activity and Growth - Risk 2

We may fail to realize the success of acquisitions, strategic initiatives and other investments.

The benefits we achieve from acquisitions, including the acquisition of the RCM business ("Acclara") of Providence Health & Services – Washington ("Providence") and certain of its affiliates (the "Acclara Acquisition"), strategic initiatives, and other investments depend on, among other things, our ability to realize anticipated synergies, cost savings, and operational benefits of corresponding activity, which benefits are subject to, among others, the following risks: - the incurrence of additional indebtedness in connection with the financing of an acquisition may have an adverse effect on our liquidity;- we may fail to retain key employees of the acquired company;- we may be unable to successfully integrate personnel from acquired companies, while at the same time attempting to provide consistent, high-quality services;- we may fail to realize the anticipated synergies and cost savings we expect from an acquisition;- future developments may impair the value of our purchased goodwill or intangible assets;- we may face difficulties establishing, integrating, or combining operations and systems;- we may face challenges retaining the customers of an acquired business;- we may encounter unforeseen internal control, regulatory or compliance issues; and - we may face other additional risks related to regulatory matters, legal proceedings, or tax laws or positions. If any of these risks occurs, we may not be able to realize the anticipated benefits of an acquisition, or they may take longer to realize than expected. The integration process could result in the distraction of our management, the disruption of our ongoing business, or inconsistencies in our services, standards, controls, procedures, and policies, any of which could adversely affect our ability to maintain relationships with customers, vendors, and employees or to achieve the anticipated benefits of an acquisition, or could otherwise adversely affect our business and operating results.

Corporate Activity and Growth - Risk 3

Added

The Merger Agreement contains provisions that limit our ability to pursue alternatives to the Merger.

Under the Merger Agreement, we are restricted from soliciting alternative acquisition proposals from third parties and providing information to, or participating in discussions or engaging in negotiations with, third parties regarding any alternative acquisition proposals, subject to a customary "fiduciary out" provision. These provisions could discourage a third party that may have an interest in acquiring all or a significant part of our business from considering or proposing that acquisition, even if such third party were prepared to pay consideration with a higher value than the value of the consideration in the Merger.

Corporate Activity and Growth - Risk 4

Added

Failure to complete the Merger could adversely affect our business and the trading price of our common stock.

The closing of the Merger may not occur on the expected timeline or at all. The Merger Agreement contains customary termination provisions for both us and Parent, and provides that, in connection with the termination of the Merger Agreement under specified circumstances, including termination by us to accept and enter into an agreement with respect to a Superior Proposal (as defined in the Merger Agreement), we will pay Parent a termination fee of $250.0 million. If we are required to pay this termination fee, such fee, together with costs incurred to execute the Merger Agreement and pursue the Merger, would have a material adverse effect on our operating results and financial condition. If the Merger Agreement is terminated and the Merger is not consummated, investor confidence could decline; stockholder litigation could be brought against us, our directors and officers; relationships with existing and prospective customers, vendors, investors, lenders and other business partners may be adversely impacted; we may be unable to attract or retain key personnel; our employees could be distracted and their productivity could decline; and profitability may be adversely impacted due to costs incurred in connection with the Merger. We may also experience negative reactions from the financial markets, including a decline in the trading price of our common stock and you may not recover your investment or receive a price for your shares similar to what has been offered pursuant to the Merger. In addition, the trading price of our common stock has in the past and may continue to fluctuate substantially in the event that the Merger is not consummated. Factors affecting the trading price of our common stock may include: fluctuations in our quarterly financial results or the quarterly financial results of companies perceived to be similar to us; changes in estimates of our financial results or recommendations by securities analysts, if any, who cover our common stock, or failure to meet expectations of such securities analysts; the loss of service agreements with customers; lawsuits filed against us by governmental authorities or stockholders; unfavorable publicity concerning our operations or business practices; investors' general perception of us; changes in local, regional or national economic conditions; changes in demographic trends; increased labor costs, including healthcare, unemployment insurance, and minimum wage requirements; the entry into, or termination of, material agreements; changes in general economic, industry, regulatory, and market conditions not related to us or our business; the availability of experienced management and hourly-paid employees; issues in operating the company; future sales of our securities, including sales by our significant stockholders; and other potentially negative financial announcements, including delisting of our common stock from The Nasdaq Global Select Market, changes in accounting treatment or restatement of previously reported financial results, delays in our filings with the SEC or failure to maintain effective internal control over financial reporting. In addition, the stock markets have experienced extreme price and volume fluctuations that have affected, and continue to affect, the market prices of equity securities of many companies. In the past, stockholders have instituted securities class action litigation or launched activist campaigns following periods of market volatility. If we were involved in securities litigation or an activist campaign, we could incur substantial costs, and our resources and the attention of management could be diverted from our business.

Corporate Activity and Growth - Risk 5

Added

Uncertainties associated with the Merger could adversely affect our business, operating results, financial condition and the trading price of our common stock.

On July 31, 2024, we entered into the Merger Agreement pursuant to which, if all of the conditions to closing are satisfied or waived, we will become a wholly owned subsidiary of Parent, and our common stock will be delisted from The Nasdaq Global Select Market and we will cease to be a reporting company. On September 13, 2024, the waiting period applicable to the Merger under the Hart-Scott-Rodino Antitrust Improvements Act of 1976, as amended, expired. The consummation of the Merger remains subject to customary conditions as set forth in the Merger Agreement, including, but not limited to, the: (i) affirmative vote of the holders of a majority of all of the outstanding shares of our common stock to adopt the Merger Agreement; and (ii) the absence of any law or order restraining, enjoining or otherwise prohibiting the Merger. In addition, the obligation of each party to consummate the Merger is conditioned upon the other party's representations and warranties being true and correct (subject to certain customary materiality exceptions) and the other party having performed in all material respects its covenants, obligations and conditions under the Merger Agreement. The obligation of the buyer parties to consummate the Merger is also subject to the absence of a Company Material Adverse Effect (as defined in the Merger Agreement). Many of the conditions to completion of the Merger are not within our control, and we cannot predict when or if these conditions will be satisfied (or waived, if permitted by the Merger Agreement and applicable law). In addition, the Merger may fail to close for other reasons. The pending Merger as well as any delays in the expected timeframe, could cause disruption in and create uncertainties, which could have an adverse effect on our business, operating results, financial condition and trading price of our common stock, regardless of whether the Merger is completed, and could cause us not to realize some or all of the benefits that we expect to achieve if the Merger is successfully completed within its expected timeframe. These risks include, but are not limited to: - the completion of the Transaction on anticipated terms and timing or at all, including obtaining required stockholder approval, and the satisfaction of other conditions to the completion of the Transaction;- litigation relating to the Transaction instituted against parties involved in the Merger or their respective directors, managers or officers, including the effects of any outcomes related thereto;- disruptions from the Transaction, including the diversion of management's attention from our ongoing business operations and the previously disclosed expected Chief Executive Officer succession in connection with the closing of the Merger;- our ability to retain and hire key personnel in light of the Transaction;- potential adverse reactions or changes to business relationships with our vendors, customers and employees resulting from the announcement or completion of the Transaction, including if our customers, vendors, employees or others attempt to negotiate changes in existing business relationships, consider entering into business relationships with parties other than us, delay or defer decisions concerning their business with us, or terminate their existing business relationships with us while the Merger is pending;- significant transaction costs, including the possibility that the Transaction may be more expensive to complete than anticipated, including as a result of unexpected factors or events, and the requirement that we pay a termination fee of $250.0 million if the Merger Agreement is terminated under certain circumstances;- the occurrence of any event, change or other circumstance that could give rise to the termination of the Transaction, including in circumstances requiring us to pay a termination fee or other expenses;- competitive responses to the Transaction, including the possibility that competing offers or acquisition proposals for us will be made;- being subject to certain restrictions on the conduct of our business, resulting in possibly foregoing certain business opportunities that we might otherwise pursue absent the Merger;- impacts on the price of our common stock; and - developments beyond our control, including, but not limited to, developments in macro-economic and industry conditions that may affect the timing or success of the Merger. Even if successfully completed, there are certain risks to our stockholders from the Merger, including: - the per share consideration is fixed and will not be adjusted for changes in our business, assets, liabilities, prospects, outlook, financial condition or operating results or in the event of any change in the market price of, analyst estimates of, or projections relating to, our common stock;- the fact that receipt of the all-cash per share consideration under the Merger Agreement is taxable to stockholders that are treated as U.S. holders for U.S. federal income tax purposes; and - the fact that, if the Merger is completed, our stockholders (other than those stockholders that will contribute their shares of common stock pursuant to Rollover Agreements, if any (as defined in the Merger Agreement)) will not participate in any future growth potential or benefit from any future increase in the value of our company.

Legal & Regulatory

Total Risks: 9/38 (24%)Above Sector Average

Regulation5 | 13.2%

Regulation - Risk 1

Added

We are subject to certain restrictions on the conduct of our business under the terms of the Merger Agreement.

Under the terms of the Merger Agreement, we have agreed to certain restrictions on the operations of our business. We have agreed to limit the conduct of our business to those actions undertaken in the ordinary course of business and to refrain from engaging in certain activities, including but not limited to: amending organizational documents; issuing, selling or delivering securities; incurring debt; mortgaging or pledging assets; entering into, adopting, amending, modifying or terminating any employee plans; settling certain pending or threatened legal proceedings; changing our methods, procedures, principles or practices of financial accounting; resolving, settling, compromising, or abandoning any material tax action; and incurring certain capital expenditures. Because of these restrictions, we may be prevented from undertaking certain actions with respect to the conduct of our business that we might otherwise have taken if not for the Merger Agreement. Such restrictions could prevent us from pursuing certain business opportunities that arise prior to the effective time of the Merger and are outside the ordinary course of business, and could otherwise adversely affect our business and operations prior to completion of the Merger.

Regulation - Risk 2

We cannot be certain that governmental officials responsible for enforcing EMTALA, or other parties, will not assert that our customers are in violation of EMTALA, and defending and settling allegations of EMTALA violations could have a material adverse effect on our business even if we are ultimately not found to have contributed to such violations.

Although EMTALA is not directly applicable to us because we are not a Medicare participating hospital, we cannot be certain that governmental officials responsible for enforcing EMTALA, or other parties, will not assert that our customers are in violation of EMTALA. If our customers are found to have violated EMTALA, they may assert claims that our management practices contributed to the violation. Defending and settling allegations of EMTALA violations could have a material adverse effect on our business even if we ultimately are not found guilty of a violation.

Regulation - Risk 3

Our failure to comply with debt collection and other consumer protection laws and regulations could subject us to fines and other liabilities, which could harm our reputation and business, and could make it more difficult to retain existing customers or attract new customers, extend the time it takes to enter into service agreements with new customers, or result in a material adverse effect on our business, operating results, and financial condition.

Our business practices involve collecting or assisting our customers in collecting non-defaulted amounts owed by patients for current and prior services activities, which may subject us to the FDCPA. The FDCPA and the TCPA restrict the methods that we may use to contact and seek payment from consumer debtors regarding past due accounts. Many states impose additional requirements on debt collection practices, and some of those requirements may be more stringent than the federal requirements. Moreover, regulations governing debt collection are subject to changing interpretations that may be inconsistent among different jurisdictions. We could incur costs or could be subject to fines or other penalties under the TCPA, the FDCPA and the FTC Act if we are determined to have violated the provisions of those authorities during the course of conducting our operations. Any perceived breach of the FDCPA could result in us being required to change aspects of our business practices, make it more difficult to retain existing customers or attract new customers, extend the time it takes to enter into service agreements with new customers, or result in a material adverse effect on our business, operating results, and financial condition.

Regulation - Risk 4

If we violate HIPAA, the HITECH Act or state or foreign health information privacy laws, we may incur significant liabilities, and any such violations could make it more difficult to retain existing customers or attract new customers, extend the time it takes to enter into service agreements with new customers, or result in a material adverse effect on our business, operating results, and financial condition.

As described in Item 1 above, HIPAA contains substantial restrictions and requirements with respect to the use and disclosure of individuals' PHI. Since the passage of the HITECH Act in 2009, enforcement of HIPAA violations has increased, as reflected by the announcement of a number of significant settlement agreements and sanctions by federal authorities, the pursuit of HIPAA violations by state attorneys general, and the roll-out of a federal audit program for covered entities and business associates. HHS may resolve HIPAA violations through informal means, such as allowing a covered entity to implement a corrective action plan, but HHS also has the discretion to move directly to impose monetary penalties and is required to impose penalties for violations resulting from willful neglect. In addition to enforcement by HHS, state attorneys general may bring civil actions in response to violations of HIPAA privacy and security regulations or state privacy and security laws that threaten the privacy of state residents. We and our customers also are subject to federal and state privacy-related laws that are more restrictive than the privacy regulations issued under HIPAA. These laws vary and could impose additional penalties and subject us to additional privacy and security restrictions. In addition, legislation has been proposed or implemented at various times at both the federal and the state levels that would limit, forbid, or regulate the use or transmission of medical information pertaining to U.S. patients outside of the U.S. In addition, various states recently have enacted, and other states are considering, new laws and regulations concerning the privacy and security of consumer and other personal information, such as health data. To the extent we are subject to such requirements, these laws and regulations often have far-reaching effects, may require us to modify our data processing practices and policies, may require us to incur substantial costs and expenses to comply, and may render our international operations impracticable or make them substantially more expensive. These laws and regulations often provide for civil penalties for violations, as well as a private right of action for data breaches, which may increase the likelihood or impact of data breach litigation. Along with state and federal laws, international laws may impact our operations. The GDPR, for example, imposes obligations on us as well as our customers, depending on the operations at issue. The GDPR and related international laws also may restrict how we can store, transfer, and process personal information of our customers' patients and other data subjects. These laws are constantly changing, and may impact how we may transfer or store information in the U.S. or abroad. We have implemented and maintain commercially reasonable physical, technical, and administrative safeguards intended to protect all personal data and have processes in place to assist us in complying with applicable laws and regulations regarding the protection of this data and properly responding to any security incidents or breaches. Nonetheless, a knowing breach of HIPAA's requirements could expose us to criminal liability, and a breach of our safeguards and processes that is not due to reasonable cause or involves willful neglect could expose us to significant civil penalties and the possibility of civil litigation under HIPAA and applicable state law. In addition, given the omnipresent threat of potential cybersecurity incidents or security breaches, we, or our customers, could be required to report such breaches to affected consumers or regulatory authorities, leading to disclosures that could damage our reputation or harm our business, financial position, and operating results. We have been the victim of theft of company property containing patient data in the past, and we may face similar incidents in the future. During the current COVID-19 pandemic, we shifted many employees to work from home environments, which involves additional risk surrounding theft of company property and access to PHI. Cybersecurity incidents or allegations of deficiencies regarding our data security practices could require us to change aspects of our business practices, make it more difficult to retain existing customers or attract new customers, extend the time it takes to enter into service agreements with new customers, or result in a material adverse effect on our business, operating results, and financial condition.

Regulation - Risk 5

The healthcare industry is heavily regulated. Our failure to comply with regulatory requirements could create liability for us, result in adverse publicity, and adversely affect our business.

The healthcare industry is heavily regulated and is subject to changing political, legislative, regulatory, and other influences. Many healthcare laws are complex, and their application to specific services and relationships may be unclear. In particular, many existing healthcare laws and regulations, when enacted, did not anticipate the services we provide. There can be no assurance that our operations will not be challenged or adversely affected by enforcement initiatives. Our failure to anticipate the application of these laws and regulations to our business, or any other failure to comply with regulatory requirements, could create liability for us, result in adverse publicity, and adversely affect the attractiveness of our services to existing customers and our ability to market new services. We are unable to predict what changes to laws or regulations might be made in the future or how those changes could affect our business or our operating costs.

Litigation & Legal Liabilities4 | 10.5%

Litigation & Legal Liabilities - Risk 1

Litigation could materially adversely affect our business, financial condition, operating results, and cash flows and cause reputational damage from the view of current and potential customers and shareholders.

We have been and in the future may become subject to lawsuits, claims, audits, and investigations related to our business, which may lead to unfavorable publicity for us and could materially adversely affect our business, financial condition, operating results, and cash flows in various ways, including subjecting us to significant liability, resulting in significant settlement payments, or having a disruptive effect upon the operation of our business and consuming the time and attention of our senior management. In addition, we may incur substantial expenses in connection with these litigation matters, including substantial fees for attorneys. Although we maintain insurance that may provide coverage for some or all of these expenses, our insurers have rights under the policies to deny coverage under various policy exclusions. There is risk that the insurers will rescind the policies, that some or all claims will not be covered by such policies, or that, even if covered, our ultimate liability will exceed the available insurance. For further details on our litigation matters, refer to Note 18, Commitments and Contingencies, to our consolidated financial statements included in this Annual Report on Form 10-K. We are unable to predict the outcome of pending legal actions. The ultimate resolutions of our pending litigation could have a material adverse effect on our operating results, financial condition or liquidity, and on the trading price of our common stock.

Litigation & Legal Liabilities - Risk 2

If we fail to comply with federal and state laws governing submission of false or fraudulent claims to government healthcare programs and financial relationships among healthcare providers, we may be subject to civil and criminal penalties or loss of eligibility to participate in government healthcare programs.

Healthcare is one of the largest industries in the country and one of the costliest line items in the federal budget. As a result, the healthcare industry continues to attract attention from legislators and regulators. As described in Item 1 above, a number of healthcare fraud and abuse laws, including but not limited to the AKS, FCA, Stark Law, and EMTALA, and their state counterparts, apply to hospitals, physicians, and others who (i) furnish healthcare services to patients and submit claims for reimbursement to government programs or commercial insurers, and (ii) refer patients to one another. Federal and state regulatory and law enforcement authorities continue to focus on enforcement activities with respect to Medicare and Medicaid fraud and abuse regulations and other healthcare reimbursement laws and rules in an effort to reduce overall healthcare spending. These laws are complex, may change rapidly, and their application to our specific services and relationships may not be clear and may be applied to our business in ways we do not anticipate. New and evolving payment structures, for example, such as accountable care organizations, value-based enterprises, and other arrangements involving combinations of healthcare providers who share savings, potentially implicate anti-kickback and other fraud and abuse laws. In addition, errors created by our proprietary applications or services that relate to entry, formatting, preparation, or transmission of claims, reporting of quality or other data pursuant to value-based purchasing initiatives, or cost report information may be alleged or determined to cause the submission of false claims or otherwise be in violation of these laws. Further, the continued growth of our coding and billing services provided from a global business services environment necessitates comprehensive monitoring and oversight of these services to promote quality control and regulatory compliance. While we seek to structure our business relationships and activities to avoid any activity that could be construed to implicate federal and state fraud and abuse laws, we cannot assure you that our arrangements and activities will be deemed outside the scope of these laws or that increased enforcement activities will not directly or indirectly have a material adverse effect on our business, financial condition, or operating results. Any determination that we have violated any of these laws could, for example (i) subject us to civil or criminal penalties (ii) require us to change or terminate some portions of our operations or business (iii) disqualify us from providing services to healthcare providers doing business with government programs, (iv) give our customers the right to terminate our managed services agreements with them, and/or (v) require us to refund portions of our revenues, any of which could have a material adverse effect on our business and operating results. Moreover, any violations by, and resulting penalties or exclusions imposed upon, our customers could adversely affect their financial condition and, in turn, have a material adverse effect on our business and operating results. Finally, even absent an alleged violation of the law by us, participants in the healthcare industry receive inquiries, demands, or subpoenas to produce documents and provide testimony in connection with government investigations. We could be required to expend significant time and resources to comply with these requests, and the attention of our management team could be diverted by these efforts.

Litigation & Legal Liabilities - Risk 3

Added

Lawsuits filed against us and the members of our Board of Directors arising out of the Merger may delay or prevent the Merger.

Putative stockholder complaints, including stockholder class action complaints, and other complaints filed against us, our Board of Directors, parties involved in the Merger and others in connection with the transactions contemplated by the Merger Agreement may delay or prevent the Merger. We have received demand letters from several purported stockholders relating to books and records requests pursuant to Section 220 of the Delaware General Corporation Law, alleged disclosure deficiencies in the proxy statement related to the Merger, or appraisal pursuant to Section 262 of the Delaware General Corporation Law, and a complaint filed in New York state court alleging negligence against R1, R1's directors, and other parties to the Merger. It is possible that additional demands, complaints, or both, may be filed challenging the Merger. The outcome of any such demands and complaints or any litigation is uncertain, and we may not be successful in defending against these claims or any such future claims. Whether or not any claims are successful, this type of litigation could delay or prevent the Merger, divert the attention of our management and employees from our day-to-day business, and otherwise adversely affect our business, results of operations, and financial condition. Additionally, if a plaintiff is successful in obtaining an injunction prohibiting completion of the Merger, then that injunction may delay or prevent the Merger from being completed, which may exacerbate the other risks described herein and adversely affect our business, operating results and financial condition.

Litigation & Legal Liabilities - Risk 4

Claims by others that we infringe their IP could force us to incur significant costs or revise the way we conduct our business.

Our competitors protect their IP rights by means such as patents, trade secrets, copyrights, and trademarks. We have not conducted an independent review of patents issued to third parties. Additionally, because patent applications in the U.S. and many other jurisdictions are kept confidential for 18 months before they are published, we may be unaware of pending patent applications that relate to our proprietary technology. Any party asserting that we infringe its proprietary rights would force us to defend ourselves, and possibly our customers, against the alleged infringement. These claims and any resulting lawsuit, if successful, could subject us to significant liability for damages and invalidation of our proprietary rights; cause interruption or cessation of our operations; require us to enter into royalty or licensing agreements with third parties; and consume time which would otherwise be spent on our core business. Even if we prevail, the cost of such litigation could deplete our financial resources. Furthermore, during the course of litigation, confidential information may be disclosed in the form of documents or testimony in connection with discovery requests, depositions, or trial testimony. The software and technology industries are characterized by the existence of a large number of patents, copyrights, trademarks and trade secrets and by frequent litigation based on allegations of infringement or other violations of IP rights. Moreover, the risk of such a lawsuit will likely increase as our size and scope of our services and technology platforms increase, as our geographic presence and market share expand and as the number of competitors in our market increases. Any of the foregoing could disrupt our business and have a material adverse effect on our operating results and financial condition.

Ability to Sell

Total Risks: 8/38 (21%)Above Sector Average

Competition1 | 2.6%

Competition - Risk 1

We operate in a highly competitive industry, and our current or future competitors may be able to compete more effectively than we do, which could have a material adverse effect on our operating results, growth rates and market share.

The market for our solutions is and will continue to be highly competitive. The rapid changes in the U.S. healthcare market resulting from pressures to reduce healthcare cost inflation and regulatory and legislative initiatives are increasing the level of competition. We face competition from healthcare systems' internal RCM departments and external participants. External participants that are our competitors include end-to-end RCM providers, software vendors and other technology-supported RCM business process outsourcing companies, traditional consultants, and information technology outsourcers. Our competitors may be able to respond more quickly and effectively than we can to new or changing opportunities, technologies, standards, regulations, or customer requirements. We may not be able to compete successfully with these companies, and these or other competitors may introduce technologies or services that render our technologies or services obsolete or less marketable. Even if our technologies and services are more effective than the offerings of our competitors, our competitors may offer similar solutions at a lower price, which may cause our customers to choose our competitors' solutions over ours. Increased competition is likely to result in pricing pressures, which could adversely affect our operating results, growth rate, or market share. Even if we have a good relationship and strong performance history with a customer, open and competitive bidding practices mean we may not be awarded renewal business or may have to aggressively price our services to be successful.

Demand2 | 5.3%

Demand - Risk 1

Healthcare providers affiliated with Ascension are currently our largest customer group by net services revenue. The early termination of our A&R MPSA with Ascension would have a material adverse effect on our business, operating results, and financial condition.

As part of the ten-year Master Professional Services Agreement ("A&R MPSA") with Ascension effective February 16, 2016, we are the exclusive provider of RCM services and PAS with respect to acute care services provided by the hospitals affiliated with Ascension. Healthcare providers affiliated with Ascension have been our largest customer group in terms of net services revenue each year since our formation. In 2023, 2022, and 2021, net services revenue from healthcare providers affiliated with Ascension represented 40%, 49%, and 61% of our total net services revenue, respectively. The early termination of the A&R MPSA or a reduction in our fees due to reduced business at Ascension could have a material adverse effect on our business, operating results, and financial condition.

Demand - Risk 2

The markets for our RCM service offering may develop more slowly than we expect.

Our success depends, in part, on the willingness of healthcare organizations to implement integrated solutions for the areas in which we provide services. Some organizations may be reluctant or unwilling to implement our solutions for a number of reasons, including failure to perceive the need for improved revenue cycle operations, lack of knowledge about the potential benefits our solutions provide, concerns over the cost of using an external solution, or as a result of investments or planned investments in internally developed solutions, choosing to continue to rely on their own internal resources.

Sales & Marketing4 | 10.5%

Sales & Marketing - Risk 1

Errors may occur during the provision of our services, which could result in liabilities to our customers or third parties, or we may earn lower net services revenue due to failure to maintain service levels.

The services we offer are complex and involve numerous manual and automated touchpoints with patients, providers and payers, which inherently creates a higher error risk. Errors can result from the interface of our proprietary technology applications and a customer's existing technologies, or we may make human errors in any aspect of our service offerings. The costs incurred in correcting any significant errors may be substantial and could adversely affect our operating results. Our customers, or third parties such as our customers' patients, may assert claims against us alleging that they suffered damages due to our errors, and such claims could subject us to significant legal defense costs in excess of our existing insurance coverage and adverse publicity regardless of the merits or eventual outcome of such claims. In addition, if we are unable to maintain high service levels and our customers fail to achieve agreed upon improvement in financial or operating metrics, the incentive fee payments to us from such customers may be lower than anticipated.

Sales & Marketing - Risk 2

We face a selling cycle of variable length to secure new agreements, making it difficult to predict the timing of specific new customer relationships and related revenue.

We face a selling cycle of variable length, typically spanning six to 18 months or longer, to secure a new managed services agreement, and two to six months for modular solutions. Even if we succeed in developing a relationship with a potential new customer, we may not be successful in entering into an agreement with that customer within our anticipated timeframe or at all. In addition, we cannot accurately predict the timing of entering into agreements with new customers due to the complex procurement decision processes of most healthcare providers, which often involve high-level management or board committee approvals. Due to our variable selling cycle length, we have only a limited ability to predict the timing of specific new customer relationships, which affects our ability to predict future revenues and cash flows.

Sales & Marketing - Risk 3

If we are unable to retain our existing customers or acquire new customers, our operating results could be adversely affected.

Our future financial performance depends upon the retention of our customers and our ability to acquire new customers. We earn net services revenue primarily from managed services agreements pursuant to which we receive performance-based fees. Our profitability on customer agreements increases over time, as we integrate our systems, processes, and procedures with our customers. Customers can elect not to renew their managed services agreements with us upon expiration. Certain customer agreements permit early termination for convenience, subject to a notice period. If a customer does not renew or terminates a managed services agreement for any reason, we may not recognize sufficient revenue from that customer prior to the non-renewal or termination to offset the implementation costs associated with that customer. Some of our managed services agreements require us to adhere to extensive, complex data security, network access, and other institutional procedures and requirements of our customers, and customers may in the future allege that we have not complied with all such procedures and requirements. Factors external to us and beyond our control, including but not limited to cyber attacks, failures of a contracted vendor, or regulatory changes, may cause a failure to perform under a contract. If a breach of a managed services agreement occurs or if there is an actual or perceived service level performance failure, we may be liable to the customer for damages or may need to allocate additional resources or incur additional costs to resolve the breach. Further, we or the customer may generally terminate an agreement for a material uncured breach by the other. If consolidation or divestitures (including as a result of increased financial pressure) increase within the healthcare provider industry, it may also make it more difficult for us to acquire new customers, retain existing customers, or grow service revenues from existing customers, as consolidated healthcare systems may be more likely to have incumbent RCM providers or significant internal revenue cycle capabilities. For example, certain of our smaller customers ceased to be customers after being acquired by larger healthcare systems with an existing RCM program. In addition, if our customers with operating partnership agreements divest facilities within their hospital systems, our service revenues may be reduced and our opportunity to grow profitability based on scale may be diluted.

Sales & Marketing - Risk 4

Our agreement with Ascension requires us to offer to Ascension service fees that are at least as low as the fees we charge any other customer receiving comparable services at comparable or lower volumes.

Our A&R MPSA with Ascension requires us to offer to Ascension's affiliated healthcare providers fees for our services that are at least as low as the fees we charge any other customer receiving comparable services at lower volumes. If we were to charge lower service fees to any other customer receiving comparable services at lower volumes, we would be obligated to charge such lower fees to the hospital systems affiliated with Ascension effective as of the date such lower charges were first implemented for such other customer. If we offer customers lower rates as discussed above, it could have a material adverse effect on our operating results and financial condition.

Brand / Reputation1 | 2.6%

Brand / Reputation - Risk 1

Negative public perception, customer policies, and proposed legislation in the U.S. regarding offshore outsourcing may increase the cost of delivering our services or prevent us from realizing cost savings in the future.

Offshore outsourcing is a politically sensitive topic in the U.S. For example, various organizations and public figures in the U.S. have expressed concern about a perceived association between offshore outsourcing providers and the loss of jobs in the U.S. Current or prospective customers may elect to perform such RCM services themselves or may be discouraged from transferring these services from onshore to offshore providers to avoid negative perceptions that may be associated with using an offshore provider or may have internal policies restricting use of offshore resources. Any slowdown or reversal of existing industry trends towards offshore outsourcing, and the resulting need to relocate aspects of our services from our global business services operations to the U.S. where operating costs are higher, would increase the cost of delivering our services. In the U.S., federal and state legislation has been proposed, and in several states enacted, to restrict or discourage U.S. companies from outsourcing their services to companies outside the U.S. Further, through rule making or executive action, some states have imposed limitations on offshore outsourcing of administrative services for the Medicaid program. It is possible that additional legislation be enacted or regulatory guidance issued that would restrict U.S. private sector companies that have federal or state government contracts, or that receive government funding or reimbursement, such as Medicare or Medicaid payments, from outsourcing their services to offshore service providers. Any changes to existing laws or the enactment of new legislation restricting offshore outsourcing in the U.S. may adversely affect our ability to do business, particularly if these changes are widespread, and could have a material adverse effect on our business, operating results, financial condition, and cash flows.

Tech & Innovation

Total Risks: 5/38 (13%)Above Sector Average

Innovation / R&D1 | 2.6%

Innovation / R&D - Risk 1

The development and use of AI in connection with our products may result in reputational harm or liability, which could adversely affect our business and operating results.

R1 employs machine learning and AI technologies, including generative AI, in our offerings, and research into and continued development of such technologies remains ongoing. As AI represents a rapidly evolving field, it inherently carries a spectrum of risks typical to emerging technologies. We anticipate the enactment of new regulations and laws pertaining to AI usage, potentially placing us under increased regulatory oversight, escalating litigation risks, and augmenting our existing obligations regarding confidentiality and privacy. Such developments could negatively impact our business operations. Moreover, AI technologies introduce heightened cybersecurity risks and ethical considerations, potentially affecting our reputation and operational performance. Should we introduce solutions that generate content that is misleading, biased, harmful or controversial due to perceived or actual societal impact, we may face potential harm to our brand and reputation, competitive disadvantages, or even legal liabilities. AI algorithms and training methodologies may be flawed. ineffective or inadequate. AI development or deployment practices by us or others could result in incidents that impair the acceptance of AI solutions or cause harm to individuals or society. Further, the legal landscape regarding IP rights in AI technologies remains unsettled in the U.S., both in legislation and judicial precedent. Consequently, our engagement with AI technologies and features might lead to allegations of infringement or misappropriation of third-party IP rights. This risk is intensified by the current trend of entities swiftly seeking patents and other IP protections in AI to gain a competitive edge. Additionally, generative AI has the capacity to yield inaccurate or misleading results, promote discriminatory outcomes, or perpetuate unintended biases. Despite our efforts to implement measures and develop our AI tools in a manner that enhances security and fairness, these issues may arise due to the direct interaction of users with generative AI models and the inherent unpredictability and power of these technologies. Litigation or government regulation related to the use of AI may also adversely impact our ability to develop and offer products that use AI, as well as increase the cost and complexity of doing so. If we enable or offer solutions that draw controversy due to their perceived or actual impact on society, we may experience brand or reputational harm, competitive harm, or legal liability. Potential government regulation related to AI use and ethics may also increase the burden and cost in this area, and failure to properly remediate AI usage or ethics issues may cause public confidence in AI to be undermined. Such outcomes can result in reputational damage, legal liabilities, and adverse effects on our operational results.

Trade Secrets1 | 2.6%

Trade Secrets - Risk 1

We may be unable to adequately protect our IP.

Our success depends, in part, upon our ability to establish, protect and enforce our IP and other proprietary rights. If we fail to establish or protect our IP rights, we may lose an important advantage in the market in which we compete. We rely upon a combination of patent, trademark, copyright and trade secret law and contractual terms and conditions to protect our IP rights, all of which provide only limited protection. We cannot assure you that our IP rights are sufficient to protect our competitive advantages. We cannot assure you that any patents issued or that will be issued from current or future applications will provide us with the protection that we seek or that any current or future patents issued to us will not be challenged, invalidated or circumvented. Legal standards relating to the validity, enforceability and scope of protection of patents are uncertain. Also, we cannot assure you that any trademark registrations will be issued for pending or future applications or that any of our trademarks will be enforceable or provide adequate protection of our proprietary rights. We also rely in some circumstances on trade secrets to protect our technology. Trade secrets may lose their value if not properly protected. We endeavor to enter into non-disclosure agreements with our employees, customers, contractors, and business partners to limit access to and disclosure of our proprietary information. The steps we have taken, however, may not prevent unauthorized use of our technology, and adequate remedies may not be available in the event of unauthorized use or disclosure of our trade secrets and proprietary technology. Moreover, others may reverse engineer or independently develop technologies that are competitive to ours or infringe our IP. Accordingly, despite our efforts, we may be unable to prevent third parties from infringing or misappropriating our IP and using our technology for their competitive advantage. Any such infringement or misappropriation could have a material adverse effect on our business, operating results, and financial condition. Monitoring infringement of our IP rights can be difficult and costly, and enforcement of our IP rights may require us to bring legal actions against infringers. Infringement actions are inherently uncertain and therefore may not be successful, even when our rights have been infringed, and even if successful, may require a substantial amount of resources and divert our management's attention.

Cyber Security1 | 2.6%

Cyber Security - Risk 1

If our information technology security measures are breached or fail, including as a result of a successful ransomware attack, resulting in unauthorized access to customer or proprietary data, our service may be perceived as not being secure, which could impact our ability to attract new customers, cause a loss of revenues from current customers due to penalties or contract termination, or cause us to incur significant liabilities.

Our services involve the storage and transmission of our and our customers' proprietary information and protected health, financial, payment, and other personal information of patients. We rely on proprietary and commercially available systems, software, tools, and monitoring, as well as other processes, to provide the security for processing, transmission, and storage of such information. Due to the sensitivity of this information, the effectiveness of such security efforts is very important. The breach of our systems or failure of our security measures, including as a result of third-party action, employee error, malfeasance, defective design, or otherwise, may lead to unauthorized access to customer or patient data or our proprietary data. Improper activities by third parties, advances in computer and software capabilities and encryption technology, new tools and discoveries, and other events or developments may facilitate or result in a compromise or breach of our information technology systems. Techniques used to obtain unauthorized access or to sabotage systems change frequently and generally are not recognized until launched against a target, and we may be unable to anticipate these techniques or to implement adequate preventive measures. Our security measures may not be effective in preventing these types of activities, and the information technology security measures of our third-party data centers and service providers may not be adequate. In 2023, the healthcare industry suffered its highest occurrence of cyber incidents, with an average of 52 organizations each month impacted by one or more incidents, according to an October 2023 report by Atlas VPN, which utilized publicly available healthcare security incident data from the HHS. The Atlas VPN report reveals there were 480 healthcare data breaches through September 2023, with over 87 million Americans impacted, compared to 37 million in 2022. To date, cyber attacks have not had a material impact on our business, operating results, or financial condition; however, we could suffer material losses in the future as a result of cyber attacks. We may not be able to predict the timing or severity of these attacks. Our exposure to cyber attacks remains heightened because of, among other things, the evolving nature of cyber threats, the ongoing shortage of qualified cybersecurity professionals, and connectivity and interdependence among our systems and those of third parties. In addition, ransomware attacks are a common threat impacting healthcare organizations. The occurrence of a cyber attack, breach, ransomware attack, unauthorized access, misuse, computer virus or other malicious code, or other cybersecurity event could jeopardize or result in the unauthorized disclosure, gathering, monitoring, misuse, corruption, loss, or destruction of confidential information that belongs to us or our customers or PHI that is processed and stored in, and transmitted through, our computer systems and networks. The occurrence of a cybersecurity event could also result in damage to our software, computers, or systems, or otherwise cause interruptions or malfunctions in our, our customers', or third parties' operations. If a breach of our information technology security occurs, we could face damages for contract breach, penalties for violation of applicable laws or regulations, possible lawsuits by individuals affected by the breach, and significant remediation costs and efforts to prevent future occurrences. Although we currently carry insurance coverage to protect ourselves against some of these risks, our inability to continue to obtain such insurance coverage at a reasonable cost, or the lack of coverage for particular cybersecurity incidents under the terms of the applicable insurance policies, could also have a material adverse effect on us. In addition, if there is an actual or a perceived breach of our information technology security, the market perception of the effectiveness of our security measures could be harmed, and we could lose current or potential customers. Additionally, cybersecurity has become a top priority for regulators around the world, and every state in the U.S. has laws in place requiring companies to notify users if there is a security breach that compromises certain categories of their personal identifiable information ("PII"). In addition, in the U.S., the SEC adopted rules in 2023 for mandatory disclosure of material cybersecurity incidents suffered by public companies, as well as cybersecurity governance and risk management. Any failure or perceived failure by us to comply with these laws and regulations may subject us to enforcement action or litigation, which could harm our business.

Technology2 | 5.3%

Technology - Risk 1

Delayed or unsuccessful implementation of our technologies or services with our customers or implementation costs that exceed our expectations may adversely affect our operating results.

In periods during which we add new customers, our operating costs are typically higher because we incur expenses to integrate our solutions with our customers' existing patient accounting and clinical systems. The implementation process varies from customer to customer, and we may face unanticipated challenges, including failure to obtain approvals or access rights from our customers' vendors in a timely manner or at all. If the implementation process is not executed successfully or is delayed, as we have experienced from time to time, our relationships with our customers and our operating results may be adversely affected. Implementation of certain of our solutions also requires us to integrate our employees into customer's operations. Depending on our customers' implementation needs, we may be required to devote a larger number of our employees than anticipated, which may increase our costs and adversely affect operating results.

Technology - Risk 2

Changed

Disruptions in service, including failure of business continuity plans, or damage to our global business services centers, third-party operated data centers or other services provided by other third-parties, could adversely affect our business.

Our global business services centers and third-party operated data centers are essential to our business. Our operations depend on the availability of our global business service centers and their operating effectiveness in maintaining and protecting our applications, which are located in data centers that are operated and controlled by third parties. In addition, our information technologies and systems, as well as our data centers and global business services centers, are vulnerable to damage or interruption from various causes, including natural disasters, war, acts of terrorism, public health events (including pandemics), power losses, computer systems failures, internet and telecommunications or data network failures, operator error, loss or corruption of data, and other events. We have a global business resiliency program and maintain insurance against fires, floods, other natural disasters, and general business interruptions to mitigate the adverse effects of a disruption, relocation, or change in operating environment at one of our data centers or global business services centers, but the situations we plan for and the amount of insurance coverage we maintain may not be adequate in every case. In addition, the occurrence of any of these events could result in interruptions, delays, or cessations in service to our customers, or in the direct connections we establish between our customers and payers. Any of these events could impair or inhibit our ability to provide our services, reduce the attractiveness of our services to current or potential customers, and adversely affect our financial condition and operating results. In addition, despite the implementation of security measures, our infrastructure, data centers, global business services centers, or systems that we interface with, including the internet and related systems, may be vulnerable to intrusion, improper employee or contractor access, programming errors, computer viruses, malicious code, phishing attacks, denial-of-service attacks, or other cyber attacks and information security threats by third parties seeking to disrupt operations or misappropriate information or similar physical or electronic breaches of security. Any such attack could cause system failure, including network, software, or hardware failure, and could result in service disruptions. Further, our network, information systems, and other services and systems are subject to various risks related to third parties and other parties we may not fully control. We use encryption and authentication technology licensed from third parties to provide secure transmission of confidential information, including our business data and customer information. In addition, we rely on employees in our data centers and global business services centers to follow our procedures when handling sensitive information. While we select our employees and third-party business partners carefully, we do not control their actions, which could expose us and them to cybersecurity and other risks. As a result, we may be required to expend significant capital and other resources to protect against security breaches and hackers or to alleviate problems caused by such breaches. Recent cyberattacks affecting our third-party vendors have harmed our business. On February 21, 2024, Change Healthcare, a subsidiary of UnitedHealth Group, was the target of a cyberattack that required it to take offline its computer systems that handle electronic payments and insurance claims. Change Healthcare is the largest clearinghouse for medical claims in the U.S. and this event has caused significant delays and disruptions in payments to hospitals, physicians, pharmacists, and other health care providers across the country. In response to the cyberattack, we transitioned customers who were impacted to alternative clearinghouses to submit, edit, and release claims to payers to address the backlog. We approved reestablished connections while continuing to monitor the cyber threat environment. On May 8, 2024, Ascension Health was the target of a cyberattack that disrupted their clinical operations and affected their electronic health records systems as well as processes used to order certain tests, procedures, and medications. In response, we immediately disconnected from Ascension systems and reviewed our systems. We have not found any evidence that our systems or data were compromised, and we will continue to monitor. For the three and nine months ended September 30, 2024, we incurred costs and earned lower base fee and incentive fee revenue due to the effect on key performance metrics and lower modular and other fees revenue from these cyberattacks. The expected cash flow impacts to our customers may affect their ability to pay our invoices in a timely manner. Additional costs and revenue impacts are expected to affect our overall performance in 2024. See Part II, Item 7 "Management's Discussion and Analysis of Financial Condition and Results of Operations."

Macro & Political

Total Risks: 3/38 (8%)Above Sector Average

Economy & Political Environment2 | 5.3%

Economy & Political Environment - Risk 1

Developments in the healthcare industry, including national healthcare reform, could adversely affect our business.

The healthcare industry has changed significantly in recent years, and we expect this to continue. We are unable to predict each healthcare initiative that will be implemented at the federal or state level, or what the ultimate effect these initiatives may have on us. For example, changes to Medicare and Medicaid reimbursement are implemented periodically and may cause a reduction in the amounts received by our customers and may have an indirect adverse effect on our business. The ongoing implementation of the No Surprises Act, which took effect on January 1, 2022, also may result in a reduction in the amounts received by our customers and may have an adverse effect on our business and operating results. In addition, healthcare reform is causing some payers to transition from volume to value-based reimbursement models, which can include risk-sharing, bundled payment, and other innovative approaches. While these models may provide us with opportunities to provide new or additional services (e.g., our value-based reimbursement capabilities within our RCM service offering) and to participate in incentive-based payment arrangements, there can be no assurance that such new models and approaches will prove to be profitable to our customers or us. Further, new models and approaches may require investment by us to develop technology or expertise to offer necessary and appropriate services or support to our customers, and the amount of such investment and the timing for return of such investment are not fully known at this time. In addition, some of these new models are being offered as pilot programs and there is no assurance that they will continue or be renewed. Further, adoption of such new models and approaches may require compliance with a range of federal and state laws relating to fraud and abuse, insurance, reinsurance and managed care regulation, billing and collection, corporate practice of medicine, and licensing, among others. Many states in which these new value-based structures are being developed lack regulatory guidance or a well-developed body of law for these new models and approaches, or may not have updated their laws or enacted legislation yet to reflect the new healthcare reform models. As a result, although we have attempted to structure and conduct our operations in accordance with our interpretation of current laws and regulations, new and existing laws, regulations, or guidance could have a material adverse effect on our current and future operations and could subject us to the risk of restructuring or terminating our customer agreements and arrangements, as well as the risk of regulatory enforcement, penalties, and sanctions if state enforcement agencies disagree with our interpretation of state laws.

Economy & Political Environment - Risk 2

Our business is significantly impacted by general macroeconomic conditions, and as a result, our business, results of operations and financial condition could be materially affected by further deterioration or a protracted extension of current macroeconomic challenges.

Geopolitical instability, actual and potential shifts in U.S. and foreign, trade, economic and other policies, and other global events, have significantly increased macroeconomic uncertainty at a global level. Such economic volatility could adversely affect our business, financial condition, results of operations and cash flows, and future market disruptions could negatively impact us. Further, adverse macroeconomic conditions may affect our customers' and prospective customers' operations and financial condition and make it difficult for our customers and prospective customers to accurately forecast and plan future business activities, which may in turn cause our customers to elect not to renew their managed services agreements or affect their ability to pay amounts owed to us in a timely manner or at all, or adversely affect prospective customers' ability or willingness to enter into managed services agreements with us. An economic downturn or increased uncertainty may also lead to increased credit and collectability risks, higher borrowing costs or reduced availability of capital and credit markets, reduced liquidity, adverse impacts on our suppliers, failures of counterparties including financial institutions and insurers, asset impairments, and declines in the value of our financial instruments. In 2023, we worked closely with our provider partners to address revenue optimization and workforce management needs more effectively. Such needs continue to impact our provider partners' performance because of changes to payer timeframes, increased coding complexity, regulatory shifts, and macroeconomic pressures. On the modular side, we continued to see positive booking trends in 2023 because of macroeconomic pressures and the same performance-related pressures noted above. In 2023, we also increased the allowance for credit losses as a result of a few specific customers that have been experiencing financial challenges. As inflation and high interest rates continue, along with the industry dynamics described above, we will continue to monitor the financial health of our customers, we may be required to continue to increase our allowance for credit losses. Significant disruptions and volatility in the global capital markets could increase the cost of capital and adversely impact our ability to access capital.

International Operations1 | 2.6%

International Operations - Risk 1

Our growing global business services operations expose us to risks that could have a material adverse effect on our operating costs.

Our reliance on an international workforce exposes us to business disruptions caused by the political and economic environment in those regions. Terrorist attacks, acts of violence or war, and climate-related disasters may directly affect our facilities and workforce or contribute to general instability. Our global business services operations require us to comply with local laws and regulatory requirements, which are complex, and expose us to foreign currency exchange rate risk. Our global business services operations may also subject us to trade restrictions, reduced or inadequate protection for IP rights, increased risk of physical or electronic security breaches, and public health events (including pandemics), and other factors that may adversely affect our business. Negative developments in any of these areas could increase our operating costs or otherwise harm our business.

Production

Total Risks: 2/38 (5%)Above Sector Average

Employment / Personnel1 | 2.6%

Employment / Personnel - Risk 1

If we are unable to attract, hire, integrate, and retain key personnel and other necessary employees, our business could be harmed.

Our future success depends in part on the continued contributions of our executive officers and other key personnel, each of whom may be difficult to replace. The loss of services of any of our executive officers or key personnel, or the inability to continue to attract qualified personnel, could have a material adverse effect on our business. To manage potential future growth, we will need to hire, integrate, and retain highly skilled and motivated employees, and will need to work effectively with a growing number of customer employees engaged in revenue cycle operations. Competition for the caliber and number of employees we require is intense. We may face difficulty identifying and hiring qualified personnel at compensation levels consistent with our existing compensation and salary structure. In addition, we invest significant time and expense in training each of our employees, which increases their value to competitors who may seek to recruit them. Under the terms of our operating partner model agreements, we expect to transition a significant number of our customers' RCM employees to our employment. We may experience difficulties in integrating and retaining these employees. In addition, we employ a significant number of personnel internationally and expect continued international growth. Significant growth in the technology sector in India has increased competition to attract and retain skilled employees and has led to a commensurate increase in compensation expense arising from our India operations. As we expand our patient entry workforce in the Philippines, there is risk regarding the technical, cultural and U.S. healthcare system training at an appropriate pace to match the hiring requirements aligned to growth. For all locations, if we fail to retain our employees, we could incur significant expenses in hiring, integrating, and training their replacements, and the quality of our services and our ability to serve our customers could diminish, resulting in a material adverse effect on our business.

Supply Chain1 | 2.6%

Supply Chain - Risk 1

We rely on third-party providers, such as Microsoft Azure, for cloud infrastructure and other technology services, and any disruptions in or interference with our use of such services could adversely affect our business, operating results, and financial condition.

We face risks associated with utilizing cloud-based infrastructure. Failure of third-party providers to provide adequate cloud-based data infrastructure and other technology-related services to us, or frequent or prolonged interruptions of these services, could result in significant loss of revenue. Interruptions could also cause users to perceive our services as not functioning properly. While we manage and track third-party risks, we have limited control over third parties and cannot guarantee that we will be able to maintain satisfactory relationships with such third parties on acceptable commercial terms or that the quality of their services and offerings will enable us to continue to conduct our business effectively, which could adversely affect our business, operating results, and financial condition. Moreover, our cloud infrastructure providers and other providers of services, systems and technologies have no obligations to renew their agreements with us on commercially reasonable terms, or at all, and it is possible that we will not be able to switch our operations to another provider in a timely and cost-effective manner should the need arise. If we are unable to renew our agreements with these providers on commercially reasonable terms, or if in the future we add new data center facility or other providers, we may face additional costs, expenses or downtime, which could adversely impact our business, operating results, and financial condition. In addition, we invest in and deploy automation and technology capabilities, including the expansion of our collaboration with Microsoft to accelerate the development and integration of generative AI into our RCM platform. We also delivered our first large language model application, integrating tools from Azure AI Studio. Our ability to deploy certain AI technologies critical for our products and services and for our business strategy depends on the availability and pricing of third-party equipment and technical infrastructure.

See a full breakdown of risk according to category and subcategory. The list starts with the category with the most risk. Click on subcategories to read relevant extracts from the most recent report.

FAQ

What are “Risk Factors”?

Risk factors are any situations or occurrences that could make investing in a company risky.

The Securities and Exchange Commission (SEC) requires that publicly traded companies disclose their most significant risk factors. This is so that potential investors can consider any risks before they make an investment.

They also offer companies protection, as a company can use risk factors as liability protection. This could happen if a company underperforms and investors take legal action as a result.

It is worth noting that smaller companies, that is those with a public float of under $75 million on the last business day, do not have to include risk factors in their 10-K and 10-Q forms, although some may choose to do so.

How do companies disclose their risk factors?

Publicly traded companies initially disclose their risk factors to the SEC through their S-1 filings as part of the IPO process.

Additionally, companies must provide a complete list of risk factors in their Annual Reports (Form 10-K) or (Form 20-F) for “foreign private issuers”.

Quarterly Reports also include a section on risk factors (Form 10-Q) where companies are only required to update any changes since the previous report.

According to the SEC, risk factors should be reported concisely, logically and in “plain English” so investors can understand them.

How can I use TipRanks risk factors in my stock research?

Use the Risk Factors tab to get data about the risk factors of any company in which you are considering investing.

You can easily see the most significant risks a company is facing. Additionally, you can find out which risk factors a company has added, removed or adjusted since its previous disclosure. You can also see how a company’s risk factors compare to others in its sector.

Without reading company reports or participating in conference calls, you would most likely not have access to this sort of information, which is usually not included in press releases or other public announcements.

A simplified analysis of risk factors is unique to TipRanks.

What are all the risk factor categories?

TipRanks has identified 6 major categories of risk factors and a number of subcategories for each. You can see how these categories are broken down in the list below.

1. Financial & Corporate

Accounting & Financial Operations - risks related to accounting loss, value of intangible assets, financial statements, value of intangible assets, financial reporting, estimates, guidance, company profitability, dividends, fluctuating results.
Share Price & Shareholder Rights – risks related to things that impact share prices and the rights of shareholders, including analyst ratings, major shareholder activity, trade volatility, liquidity of shares, anti-takeover provisions, international listing, dual listing.
Debt & Financing – risks related to debt, funding, financing and interest rates, financial investments.
Corporate Activity and Growth – risks related to restructuring, M&As, joint ventures, execution of corporate strategy, strategic alliances.

2. Legal & Regulatory

Litigation and Legal Liabilities – risks related to litigation/ lawsuits against the company.
Regulation – risks related to compliance, GDPR, and new legislation.
Environmental / Social – risks related to environmental regulation and to data privacy.
Taxation & Government Incentives – risks related to taxation and changes in government incentives.

3. Production

Costs – risks related to costs of production including commodity prices, future contracts, inventory.
Supply Chain – risks related to the company’s suppliers.
Manufacturing – risks related to the company’s manufacturing process including product quality and product recalls.
Human Capital – risks related to recruitment, training and retention of key employees, employee relationships & unions labor disputes, pension, and post retirement benefits, medical, health and welfare benefits, employee misconduct, employee litigation.

4. Technology & Innovation

Innovation / R&D – risks related to innovation and new product development.
Technology – risks related to the company’s reliance on technology.
Cyber Security – risks related to securing the company’s digital assets and from cyber attacks.
Trade Secrets & Patents – risks related to the company’s ability to protect its intellectual property and to infringement claims against the company as well as piracy and unlicensed copying.

5. Ability to Sell

Demand – risks related to the demand of the company’s goods and services including seasonality, reliance on key customers.
Competition – risks related to the company’s competition including substitutes.
Sales & Marketing – risks related to sales, marketing, and distribution channels, pricing, and market penetration.
Brand & Reputation – risks related to the company’s brand and reputation.

6. Macro & Political

Economy & Political Environment – risks related to changes in economic and political conditions.
Natural and Human Disruptions – risks related to catastrophes, floods, storms, terror, earthquakes, coronavirus pandemic/COVID-19.
International Operations – risks related to the global nature of the company.
Capital Markets – risks related to exchange rates and trade, cryptocurrency.

Become an Expert with TipRanks Premium

What am I Missing?

Make informed decisions based on Top Analysts' activity

Know what industry insiders are buying

Get actionable alerts from top Wall Street Analysts

Find out before anyone else which stock is going to shoot up

Get powerful stock screeners & detailed portfolio analysis

Subscribe Now See Plans & Pricing