STMicroelectronics (STM) Risk Analysis

Our success depends to a significant extent upon our key executives and R&D, engineering, marketing, sales, manufacturing, support and other personnel. Our success also depends upon our ability to continue to identify, attract, retain and motivate highly trained and skilled engineering, technical and professional personnel in a competitive recruitment environment, as well our ability to ensure the smooth succession and continuity of business with newly hired and promoted personnel. For instance, in highly specialized areas, it may become more difficult to retain employees. Our employee hiring and retention also depend on our ability to build and maintain a diverse and inclusive workplace culture and be viewed as an employer of choice. We intend to continue to devote significant resources to recruit, train and retain qualified employees, however, we may not be able to attract, obtain and retain these employees, which may affect our growth in future years and the loss of the services of any of these key personnel without adequate replacement or the inability to attract new qualified personnel could have a material adverse effect on us.

Our operations are characterized by high fixed or other costs which are difficult to reduce, including costs related to manufacturing, particularly as we operate our own manufacturing facilities, and the employment of our highly skilled workforce. When demand for our products decreases, competition increases or we fail to forecast demand accurately, we may be driven to reduce prices and we may not always be able to decrease our total costs in line with resulting revenue declines. As a result, the costs associated with our operations may not be fully absorbed, leading to unused capacity charges, higher average unit costs and lower gross margins, adversely impacting our results.

A substantial portion of our sales is derived from a limited number of customers and distributors. The level of sales booked by our customers and distributors varies year to year and there can be no assurance that our customers or distributors will continue to book the same level of sales with us that they have in the past, will continue to succeed in the markets they serve and will not purchase competing products over our products. Many of our key customers and distributors operate in cyclical businesses that are also highly competitive, and their own market positions may vary considerably. In recent years, some of our customers have vertically integrated their businesses. Such vertical integrations may impact our business. Our relationships with the newly formed entities could be either reinforced or jeopardized by the integration. If we are unable to maintain or increase our market share with our key customers or distributors, or if they were to increase product returns or fail to meet payment obligations, our results of operations could be materially adversely affected. Certain of our products are customized to our customers' specifications. If customers do not purchase products made specifically for them, we may not be able to recover a cancellation fee from our customers or resell such products to other customers. In addition, the occurrence of epidemic or pandemic outbreaks could affect our customers. The geographic spread of epidemics or pandemics may be difficult to predict and adverse public health impacts on our customers could negatively affect our results.

Our industry adapts to technological advancements and it is likely that new products, equipment, processes and service methods, including transformation initiatives related to digitalization, are in the process of being implemented. Any failure by us to manage our data governance processes could undermine our initiatives related to digitalization and any failure by us to react to changes or advances in existing technologies and processes as we develop and invest in our product, technology and transformation roadmaps could materially delay the introduction of new solutions. If we are not able to execute on these roadmaps on a timely basis or at an acceptable cost this could result in loss of competitiveness of our solutions, decreased revenue and a loss of market share.

We depend on patents and other IP rights to protect our products and our manufacturing processes against misappropriation by others. The process of seeking patent protection can be long and expensive, and there can be no assurance that we will receive patents from currently pending or future applications. Even if patents are issued, they may not be of sufficient scope or strength to provide meaningful protection or any commercial advantage. In addition, effective IP protection may be unavailable or limited in some countries. Our ability to enforce one or more of our patents could be adversely affected by changes in patent laws, laws in certain foreign jurisdictions that may not effectively protect our IP rights or by ineffective enforcement of laws in such jurisdictions. Competitors may also develop technologies that are protected by patents and other IP and therefore either be unavailable to us or be made available to us subject to adverse terms and conditions. We have in the past used our patent portfolio to negotiate broad patent cross-licenses with many of our competitors enabling us to design, manufacture and sell semiconductor products, without concern of infringing patents held by such competitors. We may not in the future be able to obtain such licenses or other rights to protect necessary IP on favorable terms for the conduct of our business, and such failure may adversely impact our results of operations. Such cross-license agreements expire from time to time and there is no assurance that we can or we will extend them. We have from time to time received, and may in the future receive, communications alleging possible infringement of third-party patents and other IP rights. Some of those claims are made by so-called non-practicing entities against which we are unable to assert our own patent portfolio to lever licensing terms and conditions. Competitors with whom we do not have patent cross-license agreements may also develop technologies that are protected by patents and other IP rights and which may be unavailable to us or only made available on unfavorable terms and conditions. We may therefore become involved in costly litigation brought against us regarding patents and other IP rights. See Note 25 to our Consolidated Financial Statements. IP litigation may also involve our customers who in turn may seek indemnification from us should we not prevail and/or who may decide to curtail their orders for those of our products over which claims have been asserted. Such lawsuits may therefore have a material adverse effect on our business. We may be forced to stop producing substantially all or some of our products or to license the underlying technology upon economically unfavorable terms and conditions or we may be required to pay damages for the prior use of third-party IP and/or face an injunction. The outcome of IP litigation is inherently uncertain and may divert the efforts and attention of our management and other specialized technical personnel. Such litigation can result in significant costs and, if not resolved in our favor, could materially and adversely affect our business, financial condition and results of operations.

We have, from time to time, detected and experienced attempts by others to gain unauthorized access to our computer systems and networks. The reliability and security of our information technology infrastructure and software, including our AI technology, and our ability to expand and continually update technologies, including to transition to cloud-based technologies, in response to our changing needs is critical to our business. In the current environment, there are numerous and evolving risks to cybersecurity, including criminal hackers, state-sponsored intrusions, terrorism, industrial espionage, employee malfeasance, vandalism and human or technological error. Computer hackers and others routinely attempt to breach the security of technology products, services, and systems, and those of our customers, suppliers, partners and providers of third-party licensed technology, and some of those attempts may be successful. The attempts to breach our systems, including our cloud-based systems, and to gain unauthorized access to our information technology systems are becoming increasingly more sophisticated, are often well-financed, in some cases supported by state actors, and are designed to not only track, but also to evade detection. These attempts may include covertly introducing malware into our computers, including those in our manufacturing operations, and impersonating unauthorized users, among others. For instance, employees and former employees, in particular former employees who become employees of our competitors or customers, may misappropriate, use, publish or provide to our competitors or customers our IP and/or proprietary or confidential business information. Also,third parties may attempt to register domain names similar to our brands or website, which could cause confusion and divert online customers away from our products. Since the techniques used by cyber attackers change frequently and are often not recognized until launched against a target, we may be unable to anticipate these techniques or to implement adequate preventative measures. Our use of AI technology may also increase vulnerability to cybersecurity risks, including through unauthorized use or misuse of AI tools and bad inputs or logic or the introduction of malicious code incorporated into AI generated code. AI and machine learning also may be used for certain cybersecurity attacks, improving or expanding the existing capabilities of threat actors in manners we cannot predict at this time, resulting in greater risks of security incidents and breaches. Such security incidents and breaches could result in, for example, unauthorized access to, disclosure, modification, misuse, loss, or destruction of our, our customer, or other third-party data or systems, theft of our trade secrets and other sensitive or confidential data, including personal information and IP, system disruptions, and denial of service. In the event of such breaches, we, our customers or other third parties could be exposed to potential liability, litigation, and regulatory action, as well as the loss of existing or potential customers, damage to our reputation, and other financial loss and such breaches could also result in losing existing or potential customers in connection with any actual or perceived security vulnerabilities in our systems. In addition, the cost and operational consequences of responding to breaches and implementing remediation measures could be significant. As these threats continue to develop and grow, we have been adapting and strengthening our security measures. As a result of work-from-home policies that we have undertaken, there has been additional reliance placed on our IT systems and resources. The resulting reliance on these resources, and the added need to communicate by electronic means, could increase our risk of cybersecurity incidents. Geopolitical instability has been associated with an increase in cybersecurity incidents. This may result in a higher likelihood that we may experience direct or collateral consequences from cybersecurity conflicts between nation-states or other politically motivated actors targeting critical technology infrastructure. U.S. and foreign regulators have increased their focus on cybersecurity vulnerabilities and risks, and customers and service providers are increasingly demanding more rigorous contractual certification and audit provisions regarding cybersecurity and data governance. This may result in an increase of our overall compliance burden due to increasingly onerous obligations and leading to significant expense. There may also be shorter deadlines in which to notify the authorities of data breaches and ever-increasing fines and penalties for businesses that fail to respond swiftly and appropriately to cyberattacks. Any failure to comply could also result in proceedings against us by regulatory authorities or other third parties. We continue to increase the resources we allocate to implementing, maintaining and/or updating security systems to protect data and infrastructure and to raising security awareness among those having access to our systems. However, these security measures cannot provide absolute security and there can be no assurance that our employee training, operational, and other technical security measures or other controls will detect, prevent or remediate security or data breaches in a timely manner or otherwise prevent unauthorized access to, damage to, or interruption of our systems and operations. We regularly evaluate our IT systems and business continuity plan to make enhancements and periodically implement new or upgraded systems, including the transition and migration of our data systems to cloud-based platforms and critical system migration. Any delay in the implementation of, or disruption in the transition to different systems could adversely affect our ability to record and report financial and management information on a timely and accurate basis and could impact our operations and financial position. In addition, a miscalculation of the level of investment needed to ensure our technology solutions are current and up-to-date as technology advances and evolves could result in disruptions in our business should the software, hardware or maintenance of such items become out-of-date or obsolete and the costs of upgrading our cybersecurity systems and remediating damages could be substantial. We may also be adversely affected by security breaches related to our equipment providers and providers of IT services or third-party licensed technology. As a global enterprise, we could also be impacted by existing and proposed laws and regulations, as well as government policies and practices related to cybersecurity, data privacy and data protection. Additionally, cyberattacks or other catastrophic events resulting in disruptions to or failures in power, information technology, communication systems or other critical infrastructure could result in interruptions or delays to us, our customers, or other third-party operations or services, financial loss, potential liability, damage to our reputation and could also affect our relationships with our customers, suppliers and partners. See "Item 16K. Cybersecurity".

We operate in many jurisdictions with highly complex and varied tax regimes. Changes in tax rules, new or revised legislation or the outcome of tax assessments and audits could have a material adverse effect on our results. In 2021, the Organization for Economic Cooperation and Development ("OECD") and the G20 Inclusive Framework on base erosion and profit shifting ("BEPS") agreed to a two-pillar solution to address the tax challenges arising from the digitalization of the economy. Pillar I is a set of proposals to revisit tax allocation rules in a changed economy. The intention is that a portion of a multinationals' residual profit is taxed in the jurisdiction where revenue is sourced. Pillar II enforces a global minimum corporate income tax at an effective rate of 15% for large multinationals. On December 20, 2021 the OECD published the Global Anti-Base Erosion Model Rules ("GloBe Rules") for Pillar II. On December 22, 2021, the European Commission published a legislative proposal for Pillar II (the "EU Pillar II Directive" or "Pillar II"). On December 15, 2022, the Council of the EU (the "Council") formally adopted the EU Pillar II Directive. The EU Pillar II Directive aims at consistently implementing among all 27 member states the GloBe Rules. The majority of the EU Member States transposed the EU Pillar II Directive into their national laws and started applying the Pillar II measures as from fiscal years beginning on or after December 31, 2023. The Netherlands transposed the EU Pillar II Directive into its national legislation with effect from December 31, 2023 pursuant to the Dutch Minimum Tax Act 2024 (Wet minimumbelasting 2024). On January 15, 2025, the OECD published new guidance for which we are currently assessing the potential impact. We are continuously monitoring the EU Pillar II legislation and related guidance, which are still evolving and may have an impact on our EU Pillar II tax charge in future periods. The tax impact of the Pillar I rules is monitored to determine the potential effect on our results and to ensure compliance when the legislation is effective. Our tax rate is variable and depends on changes in the level of operating results within various local jurisdictions and on changes in the applicable taxation rates of these jurisdictions, as well as changes in estimated tax provisions due to new events. We currently receive certain tax benefits or benefit from net operating losses cumulated in prior years in some countries, and these benefits may not be available in the future due to changes in the local jurisdictions or credits on net operating losses being no longer available due to either full utilization or expiration of the statute of limitations in such jurisdictions. As a result, our effective tax rate could increase and/or our benefits from carrying forward net operating losses could affect our deferred tax assets in certain countries in the coming years. In addition, the acquisition or divestiture of businesses in certain jurisdictions could materially affect our effective tax rate. We evaluate our deferred tax asset position and the need for a valuation allowance on a regular basis. The ultimate realization of deferred tax assets is dependent upon, among other things, our ability to generate future taxable income that is sufficient to utilize in certain jurisdictions loss carry-forwards or tax credits before their expiration. The recorded amount of total deferred tax assets could be reduced, which could have a material adverse effect on our results of operations and financial position, if our estimates of projected future taxable income and benefits from available tax strategies are reduced as a result of a change in business condition or in management's plans or due to other factors, such as changes in tax laws and regulations. We are subject to the possibility of loss contingencies arising out of tax claims, assessment of uncertain tax positions and provisions for specifically identified income tax exposures. We are also subject to tax audits in certain jurisdictions. There can be no assurance that we will be successful in resolving potential tax claims that result from these audits, which could result in material adjustments in our tax positions. We record provisions on the basis of the best current understanding; however, we could be required to record additional provisions in future periods for amounts that cannot currently be assessed. Our failure to do so and/or the need to increase our provisions for such claims could have a material adverse effect on our results of operations and our financial position. Our operating results can vary significantly due to impairment of goodwill, other intangible assets and equity investments booked pursuant to acquisitions and the timeframe required to foster and realize synergies thereof, joint venture agreements and the purchase of technologies and licenses from third parties, as well as to impairment of tangible assets due to changes in the business environment. Because the market for our products is characterized by rapidly changing technologies, significant changes in the semiconductor industry, and the potential failure of our business initiatives, our future cash flows may not support the value of goodwill, tangible assets and other intangibles registered in our consolidated balance sheets. See "Item 5. Operating and Financial Review and Prospects- Critical Accounting Policies Using Significant Estimates - Impairment of goodwill", "- Intangible assets subject to amortization" and "Item 4. Information on the Company - Property, Plants and Equipment".

Changes in, and uncertainty about, economic, political, legal, regulatory and social conditions pose a risk as consumers and businesses may postpone spending in response to factors such as curtailment of trade and other business restrictions, financial market volatility, interest rate fluctuations, recessions, shifts in inflationary and deflationary expectations, lower capital and productivity growth, unemployment, negative news, declines in income or asset values, natural catastrophes or weather events, and/or other factors. Such global, regional and local conditions are volatile, subject to frequent change and could have a material adverse effect on customer and end-market demand for our products, thus materially adversely affecting our business and financial condition. We may also experience a shortage of certain semiconductor composites and delays in shipments due to supply chain disruptions caused by geopolitical conflicts, natural catastrophes, extreme weather events, or punctual power outages, and sales of our products may be negatively impacted by such events, both directly and indirectly through a reduction of sales or production by our customers in or to affected areas or otherwise. Geopolitical conflicts have additionally resulted in certain countries imposing sanctions. Further consequences of such conflicts could include a risk of further sanctions, embargoes, regional instability, geopolitical shifts and adverse effects on macro-economic conditions, currency exchange rates and financial markets. This could lead to disruption to international commerce and the global economy, and could have a negative effect on our ability to sell to, ship products to, collect payments from, and support customers in certain regions based on trade restrictions, embargoes, logistics restrictions and export control law restrictions. The institution of trade tariffs globally, as well as the threat thereof, could negatively impact economic conditions, which could have negative repercussions for our business. In particular, trade protection and national security policies of the U.S. and Chinese governments, including tariffs, trade restrictions, export restrictions and the placing of companies on restricted entity lists, have and may continue to limit or prevent us from transacting business with certain of our Chinese customers or suppliers; limit, prevent or discourage certain of our Chinese customers or suppliers from transacting business with us; or make it more expensive to do so. If disputes were to arise under any of our agreements with other parties conducting business in China, the resolution of such dispute may be subject to the exercise of discretion by the Chinese government, or agencies of the Chinese government, which may have a material adverse effect on our business. In addition, we could face increased competition as a result of China's programs to promote a domestic semiconductor industry and supply chains (including the Made in China 2025 campaign). In the United States, the new administration is imposing and increasing tariffs on imports into the country, and may impose additional tariffs or further increase existing tariffs on imports into the country. Other countries are also imposing or increasing tariffs and may impose or increase existing tariffs or impose other restrictions on imports in response to these measures. Any or all of these measures or restrictions may impact our ability to service our customer base in a cost-effective manner. Trade policy changes could trigger retaliatory actions by affected countries, which could have a negative impact on our ability to do business in affected countries or lead to reduced purchases of our products by foreign customers, leading to increased costs of components contained in our products, increased manufacturing costs of our products, currency exchange rate volatility, and higher prices for our products in foreign markets. Further, protectionist measures, laws or governmental policies may encourage our customers to relocate their manufacturing capacity or supply chain to their own respective countries or other countries, or require their respective contractors, subcontractors and relevant agents to do so, which could impair our ability to sustain our current level of productivity and manufacturing efficiency. We, and the semiconductor industry as a whole, face greater risks due to the international nature of the semiconductor business, including in the countries where we, our customers or our suppliers operate, such as: - instability of foreign governments, including the threat of war, military conflict, civil unrest, regime changes, mass migration and terrorist attacks;- natural events such as severe weather, earthquakes and tsunamis, or the effects of climate change;- epidemics or pandemics such as disease outbreaks and other health related issues;- changes in, or uncertainty about, laws, regulations (including executive orders) and policies affecting trade and investment, including following Brexit and including through the imposition of trade and travel restrictions, government sanctions, local practices which favor local companies and constraints on investment;- complex and varying government regulations and legal standards, particularly with respect to export control regulations and restrictions, customs and tax requirements, data privacy, IP, anti-corruption, bribery, fraud and sanctions (including potential third-party product diversion risks into sanctioned countries or use for unauthorized purposes);- differing practices of regulatory, tax, judicial and administrative bodies, including with regards to the interpretation of laws, governmental approvals, permits and licenses;- water availability, usage and consumption levels, as well as recycling and discharge practices;- constraints in the supply of electricity as a result of cost increases, reliability of infrastructure or due to extreme weather events, leading to power outages; and - changes in, or uncertainty about, labor laws and human rights and our ability to ensure compliance across our international supply chains.

Epidemics or pandemics may result in authorities imposing, and businesses and individuals implementing, numerous measures to try to contain the virus, including travel bans and restrictions, shelter-in-place and stay-at-home orders, quarantines and social distancing guidelines. This may negatively impact the ability of our suppliers to deliver on their commitments to us, our ability to ship our products to our customers and general consumer demand for our products may be negatively impacted by the pandemic and/or government responses thereto. Many of our products and services are considered to be essential under national and local guidelines. As such, during the COVID-19 pandemic, we generally continued to operate in each of the jurisdictions where we were present. However, certain of our facilities were not able to operate at optimal capacity and any future similarly restrictive measures may have a negative impact on our operations, supply chain and transportation networks, and our products and services may not be considered to be essential in the future. In addition, our customers and suppliers may experience disruptions in their operations and supply chains, which could result in delayed, reduced, or cancelled orders, or collection risks, and which may adversely affect our results of operations and financial condition. During an epidemic or pandemic, governments may look to re-direct resources and implement austerity measures in the future to balance public finances, which could result in reduced economic activity. Any resulting economic downturn could reduce overall demand for our products, accelerate the erosion of selling prices, lead to reduced revenues and higher inventory levels, any of which could result in a significant deterioration of our results of operations and financial condition. An epidemic or pandemic may also lead to increased disruption and volatility in capital markets and credit markets. Unanticipated consequences of an epidemic or pandemic and resulting economic uncertainty could adversely affect our liquidity and capital resources in the future.

Currency exchange rate fluctuations affect our results of operations because our reporting currency is the U.S. dollar, in which we receive the major portion of our revenues, while, more importantly, we incur a limited portion of our revenue and a significantly higher portion of our costs in currencies other than the U.S. dollar. A significant variation of the value of the U.S. dollar against the principal currencies that have a material impact on us (primarily the Euro, but also certain other currencies of countries where we have operations, such as the Singapore dollar) could result in a favorable impact, net of hedging, on our net income in the case of an appreciation of the U.S. dollar, or a negative impact, net of hedging, on our net income if the U.S. dollar depreciates relative to these currencies, in particular with respect to the Euro. In order to reduce the exposure of our financial results to the fluctuations in exchange rates, our principal strategy has been to balance as much as possible the proportion of sales to our customers denominated in U.S. dollars with the amount of purchases from our suppliers denominated in U.S. dollars and to reduce the weight of the other costs, including depreciation, denominated in Euros and in other currencies. In order to further reduce our exposure to U.S. dollar exchange rate fluctuations, we have hedged certain line items on our consolidated statements of income, in particular with respect to a portion of the cost of sales, the majority of the R&D expenses and certain selling, general & administrative ("SG&A") expenses located in the Euro zone. We also hedge certain manufacturing costs, included within the cost of sales, denominated in Singapore dollars. There can be no assurance that our hedging transactions will prevent us from incurring higher Euro-denominated manufacturing costs and/or operating expenses when translated into our U.S. dollar-based accounts. See "Item 5. Operating and Financial Review and Prospects - Impact of Changes in Exchange Rates" and "Item 11. Quantitative and Qualitative Disclosures About Market Risk".