United Fire Group (UFCS) Risk Factors

Our success depends on our ability to attract and retain key personnel, including members of our executive and senior management team. Any unplanned turnover or our failure to develop an adequate succession plan for one or more of our executive officers or other key positions could compromise our institutional knowledge base and erode our competitive advantage. The loss or limited availability of the services of one or more of our executive officers or other key personnel, or our inability to recruit and retain qualified executive officers or other key personnel in the future, could, at least temporarily, have a material adverse effect on our operating results and financial condition. We have experienced several transitions in key roles in recent years, including the Chief Executive Officer, Chief Financial Officer, Chief Operating Officer and Chief Legal Officer positions. These changes and any future significant leadership changes or senior management transitions involve inherent risk and can be disruptive to our operations. Any failure to find a timely and suitable replacement for key personnel and ensure an effective transition, including the effective onboarding, could hinder our strategic planning, business execution and future performance.

Macroeconomic conditions such as growth, inflation, market stability, and geopolitics can impact our operations, opportunities, and risk profile. Important sectors we follow include goods, services, and housing. Markets exhibit stability when credit is available, there is liquidity in the system, and banks are stable. Geopolitical concerns can also disrupt the business environment. All of these factors can contribute to adverse financial consequences for UFG. These risks are not the only risks we face. Additional risks and uncertainties not currently known to us or that we currently deem to be immaterial could also have a material effect on our business, results of operations, financial condition and/or liquidity.

The following states provided 47.0 percent of the direct statutory premiums written for the property and casualty insurance businesses in 2023: Texas (17.4 percent), California (12.4 percent), Iowa (7.1 percent), Missouri (5.8 percent) and Louisiana (4.3 percent). Our revenues and profitability are subject to the prevailing regulatory, legal, economic, political, competitive, weather, and other conditions in the principal states in which we do business. With respect to regulatory conditions,the NAIC and state legislators continually reexamine existing laws and regulations, specifically focusing on modifications to holding company regulations, interpretations of existing laws and the development of new laws and regulations. In a time of financial uncertainty or a prolonged economic downturn, regulators may choose to adopt more restrictive insurance laws and regulations. Changes in regulatory or any other of these conditions could make it less attractive for us to do business in such states. In addition, our exposure to severe losses from localized natural perils, such as tornadoes, wildfires or hailstorms, is increased in those areas where we have written a significant amount of property insurance policies.

Long-term weather trends may be changing, a phenomenon that has been associated with extreme weather events linked to rising temperatures, including effects on global weather patterns, sea, land and air temperature, sea levels, rain, snow, and drought. Such changes in climate conditions could cause our underlying modeling data to be less accurate, limiting our ability to evaluate and manage our risk. Climate change also adds to the unpredictability of natural disasters and creates uncertainty as to future trends and exposures. Climate change presents risks in four categories to UFG: a.Physical Risk: The cost of natural perils may change. This is a concern for our property insurance underwriting strategy and, to a lesser extent, our real estate costs. b.Regulatory Risk: Certain regulatory bodies may impose laws that require UFG to report GHG emissions from our own operations and our strategies to mitigate emissions, resulting in compliance with such regulations requiring increased time and expense. c.Transition Risk: Financial risks arising from a global transition to a lower-carbon economy could impact long-term return on certain invested assets. d.Liability Risk: New areas of law enabling litigation alleging damage from climate change may present legal risk to UFG. We maintain catastrophe exposure modeling and management in house and incorporate our view of natural peril risk into forward-looking projections that reflect our view on climate. Our property catastrophe reinsurance program is designed to meet the needs of a changing risk profile. A key area of current focus is our exposure to severe convective storms. We endeavor to reduce GHG emissions from operations via energy saving construction features/devices and leasing of fuel-efficient fleet vehicles. Our business continuity plan is tested annually, including failover of all systems to our disaster recovery data center. Additional capabilities and plans are being developed that support continuance of operations after a regional weather event. UFG offers a green replacement option for equipment breakdown coverage to encourage installation of more energy efficient heating and cooling systems. Underwriting requires wind and hail deductibles in coastal and severe convective storm areas to minimize our exposure and encourage policyholders to adopt stronger building codes. UFG endeavors to comply with a growing number of federal and state regulations pertaining to climate disclosures and questionnaires.

We rely on computer systems to conduct our business for our customer service, marketing and sales activities, customer relationship management and producing financial statements. Our business and operations rely on secure and efficient processing, storage and transmission of customer and Company data, including personally identifiable information. Our ability to effectively operate our business depends upon our ability, and the ability of certain third-party vendors and business partners, to access our computer systems to perform necessary business functions, such as providing quotes and product pricing, billing and processing premiums, administering claims, and reporting our financial results. We retain confidential information on our computer systems, including customer information and proprietary business information belonging to us and our policyholders. Our business and operations depend upon our ability to safeguard this personally identifiable information. Our systems may be vulnerable to unauthorized access and hackers, computer viruses, and other scenarios in which our data may be compromised. Cyber-attacks involving these systems, or those of our third-party vendors, could be carried out remotely and from multiple sources and could interrupt, damage, or otherwise adversely affect the operations of these critical systems. Cyber-attacks could result in the modification or theft of data, the distribution of false information, or the denial of service to users. Threats to data security can emerge from a variety of sources and change rapidly, resulting in the ongoing need to expend resources to secure our data in accordance with customer expectations and statutory and regulatory requirements. Any compromise of the security of our data could expose us to liability and harm our reputation, which could affect our business and results of operations. We continually enhance our operating procedures and internal controls to effectively support our business and comply with our regulatory and financial reporting requirements, but there can be no assurances that we will be able to implement security measures adequate to prevent every security breach. Although, to date, we have not identified any risks from cybersecurity threats, including as a result of any previous cybersecurity incidents that have, or are likely to, materially affect us, our business strategy, results of operation or financial condition, the scope and effect of any cyber-attack may remain undetected for a period of time. We maintain cyber liability insurance coverage that provides both third-party liability and first-party insurance coverages; however, our insurance may be insufficient to cover all losses and expenses related to a cyber-attack. Federal and state policymakers have and will likely continue to propose increased regulation of the protection of personally identifiable information and appropriate protocols after a related cybersecurity breach. The New York Department of Financial Services recently adopted a cyber protection and reporting regulation for financial services companies with which we are complying. The NAIC has created the Data Security Model Law based upon the New York regulation. Compliance with these regulations and efforts to address continually developing cybersecurity risks may result in a material adverse effect on our results of operations, liquidity, financial condition, and financial strength.

Insurance is a highly regulated industry. We are subject to extensive supervision and regulation by the states in which we operate. As a public company, we are also subject to increased regulation at the federal level. Our ability to comply with these laws and regulations and obtain necessary and timely regulatory action is, and will continue to be, critical to our success and ability to earn profits. Examples of regulations that pose particular risks to our ability to earn profits are discussed as follows. Required licensing. Our insurance company subsidiaries operate under licenses issued by various state insurance departments. If a regulatory authority were to revoke an existing license or deny or delay granting a new license, our ability to continue to sell insurance or to enter or offer new insurance products in that market would be substantially impaired. Regulation of insurance rates, fees and approval of policy forms. The insurance laws of most states in which we operate require insurance companies to file insurance premium rate schedules and policy forms for review and approval. State regulatory authorities may resist or delay our efforts to raise premium rates at their discretion due to general market, economic, or political factors or factors specific to UFG. If increases to premium rates we deem necessary are not approved, we may not be able to respond to market developments and increased costs in that state. State regulatory authorities may even impose premium rate rollbacks or require us to pay premium refunds to policyholders, affecting our profitability. If insurance policy forms we seek to use are not approved by state insurance departments, our ability to offer new products and grow our business in that state could be substantially impaired. Restrictions on cancellation, nonrenewal or withdrawal. Many states have laws and regulations restricting an insurance company's ability to cease or significantly reduce its sales of certain types of insurance in that state, except pursuant to a plan that is approved by the state insurance departments. These laws and regulations could limit our ability to exit or reduce our business in unprofitable markets or discontinue unprofitable products. Additionally, our ability to adjust terms or increase pricing requires approval of regulatory authorities in certain states. Risk-based capital and capital adequacy requirements. Our insurance company subsidiaries and affiliates are subject to risk-based capital requirements that require us to report our results of risk-based capital calculations to state insurance departments and the NAIC. These standards apply specified risk factors to various asset, premium and reserve components of statutory capital and surplus reported in our statutory basis of accounting financial statements. Any failure to meet applicable risk-based capital requirements or minimum statutory capital requirements could subject us or our subsidiaries and affiliates to further examination or corrective action by state regulators, including limitations on our writing of additional business, state supervision or liquidation. Transactions between insurance companies and their affiliates. Transactions between us, our insurance company subsidiaries and our affiliates generally must be disclosed to, and in some cases approved by, state insurance departments. State insurance departments may refuse to approve or delay their approval of a transaction, which may impact our ability to innovate or operate efficiently. Required participation in guaranty funds and assigned risk pools. Certain states have enacted laws that require a property and casualty insurer conducting business in that state to participate in assigned risk plans, reinsurance facilities, and joint underwriting associations where participating insurers are required to provide coverage for assigned risks. The number of risks assigned to us by these plans is based on our share of total premiums written in the voluntary insurance market for that state. Pricing is controlled by the plan, often restricting our ability to charge the premium rate we might otherwise charge. Wherever possible, we utilize a designated servicing carrier to fulfill our obligations under these plans. Designated servicing carriers charge us fees to issue policies, adjust and settle claims and handle administrative reporting on our behalf. In these markets, we may be compelled to underwrite significant amounts of business at lower than desired premium rates, possibly leading to an unacceptable return on equity. While these facilities are generally designed so that the ultimate cost is borne by policyholders, the exposure to assessments and our ability to recoup these assessments through adequate premium rate increases may not offset each other in our financial statements. Moreover, even if they do offset each other, they may not offset each other in our financial statements for the same fiscal period, due to the ultimate timing of the assessments and recoupments or premium rate increases. Additionally, certain states require insurers to participate in guaranty funds to bear a portion of the unfunded obligations of impaired or insolvent insurance companies. These state funds periodically assess losses against all insurance companies doing business in the state. Our operating results and financial condition could be adversely affected by any of these factors. Restrictions on the amount, type, nature, quality and concentration of investments. The various states in which we are domiciled have certain restrictions on the amount, type, nature, quality and concentration of our investments. Generally speaking, these regulations require us to be conservative in the nature and quality of our investments and restrict our ability to invest in riskier, but often higher yield investments. These restrictions may make it more difficult for us to obtain our desired investment results. We benefit from certain tax items, including but not limited to, tax-exempt bond interest, dividends-received deductions, tax credits (such as foreign tax credits) and insurance reserve deductions. From time to time, the U.S. Congress, as well as foreign, state and local governments, considers legislation that could reduce or eliminate the benefits associated with these tax items. Terrorism Risk Insurance. The Terrorism Risk Insurance Program Reauthorization Act of 2019 ("TRIPRA") was signed into law. TRIPRA, which extended the Terrorism Risk Insurance Program until December 31, 2027, gradually increased the coverage trigger for shared terrorism losses between the federal government and the insurance industry to $200 million per year, and gradually increased the industry-wide retention to $37.5 billion per year. For further information about TRIPRA and its effect on our operations, refer to the information in the "Results of Operations for the Years Ended December 31, 2023, 2022 and 2021" section in Part II, Item 7, "Management's Discussion and Analysis of Financial Condition and Results of Operations." Accounting standards. We prepare our consolidated financial statements in conformity with GAAP, which is periodically revised and/or expanded by recognized authoritative bodies, including the Financial Accounting Standards Board ("FASB"). These principles are subject to interpretation by the SEC and various other bodies formed to interpret and create appropriate accounting principles and guidance. Changes in GAAP and financial reporting requirements, or the interpretation of GAAP or those requirements, may have an impact on the content and presentation of our financial results and could have adverse consequences on our financial results, including lower reported results of operations and shareholders' equity and increased volatility and decreased comparability of our reported results with our historic results and with the results of other insurers. In addition, the required adoption of new accounting standards may result in significant incremental costs associated with initial implementation of and ongoing compliance with those standards. Additional information regarding recently proposed and adopted accounting standards and their potential impact on us is set forth in Note 1 "Summary of Significant Accounting Policies" to Part II, Item 8, "Financial Statements and Supplementary Data." Corporate Governance and Public Disclosure Regulation. Changing laws, regulations and standards relating to corporate governance and public disclosure, including Dodd-Frank, the Sarbanes-Oxley Act of 2002 and related SEC regulations, as well as the listing standards of the Nasdaq stock market, have created and are continuing to create uncertainty for public companies. The Federal Insurance Office, established within the U.S. Department of the Treasury by Dodd-Frank in 2010, has limited regulatory authority and is empowered to gather data and information regarding the insurance industry and insurers, monitor aspects of the insurance industry, identify issues with regulation of insurers that could contribute to a systemic crisis in the insurance industry or the overall financial system, coordinate federal policy on international insurance matters and preempt state insurance measures under certain circumstances. Dodd-Frank and other federal regulation adopted in the future may impose burdens on us, including impacting the ways we conduct our business, increasing compliance costs and duplicating state regulation. Information Privacy Regulation. We are required to safeguard the personal information of our customers and applicants and are subject to an increasing number of laws and regulations regarding privacy and data security, as well as in our contractual commitments with service providers. We could be subject to governmental enforcement actions and fines, penalties, litigation, or public statements against us by consumer advocacy groups if personal information is not appropriately controlled. Strategic service providers may refuse to continue to do business with us if we do not meet particular standards. Compliance with these laws and regulations requires us to incur administrative costs that decrease our profits. These laws and regulations may also prevent or limit our ability to underwrite and price risks accurately, obtain timely premium rate increases necessary to cover increased costs, discontinue unprofitable relationships or exit unprofitable markets and otherwise continue to operate our business profitably. In addition, our failure to comply with these laws and regulations could result in actions by state or federal regulators, including the imposition of fines and penalties or, in an extreme case, revocation of our ability to do business in one or more states. Finally, we could face individual, group and class action lawsuits by our policyholders and others for alleged violations of certain state laws and regulations. Each of these regulatory risks could have a negative effect on our profitability.

We use various actuarial techniques and data analytics to understand our risk exposures such as frequency and severity of different types of insurance claims. The data we rely on for these analytics includes experience data from our own business (policies written, characteristics, coverages, and details of associated losses) and data attained from third parties, including industry results. We use outputs of predictive models and other analytics to assist in decision making related to underwriting, pricing, claims management (including reserving), and catastrophe risk exposure management. Emerging technology, including artificial intelligence, offers opportunities to underwrite and price business more efficiently and accurately, thus lowering costs. If we are not able to use technology and data analytics as effectively as our competitors, our competitiveness and ability to write and retain business within our risk appetite will be impacted. This may reduce the profitability of the business we do write and retain and negatively affect our ability to meet our business objectives.