Xerox (XRX) Risk Analysis

There has been a continued focus from regulators and stakeholders on corporate social responsibility (CSR) matters, including greenhouse gas emissions and climate-related risks; responsible sourcing and supply chain; human rights and social responsibility; and corporate governance and oversight. In the European Union, the Corporate Sustainability Reporting Directive (CSRD) expands the scope of companies required to publicly report CSR-related information and defines the CSR-related information that companies are required to report in accordance with European Sustainability Reporting Standards (ESRS). Additionally, in October 2023, and subsequently in 2024, California enacted a series of laws requiring companies with revenues of over $1 billion who conduct business in California to disclose their Scope 1, 2 & 3 Greenhouse gas emissions and provide other relevant disclosures related to carbon offsets. Other mandatory CSR-related disclosures include the Conflict Minerals Reporting in the U.S., Transparency in Supply Chain Act in California, the Modern Slavery Act in the UK and Canada, and the Law on Child Labour Due Diligence in The Netherlands. There are also a number of voluntary reporting schemes that provide a framework to report CSR-related information. In 2021, Xerox voluntarily announced its 2040 net zero goal to meet growing expectations of companies to reduce GHG emissions. Xerox recognizes these goals are subject to risks and uncertainties depending on global climate change, economic conditions, and other factors outside of our control. Xerox also recognizes transitional risks associated with changes in voluntary standards and customer preferences in connection with concerns about climate change. If Xerox is unable to offer products that are as energy efficient as our competitors, there is a risk of reduced demand for our products and reduced market share. Inability, or a perception of inability, to achieve progress toward our environmental goals could adversely impact our business or damage our reputation. Damage to our reputation may reduce demand for our products and services and thus have an adverse effect on our future financial results and our stock price, as well as require additional resources to rebuild our reputation. Given our commitment to CSR, we actively engage external and internal stakeholders to manage these issues and have established and publicly announced certain goals, commitments, and targets which we may refine or even expand further in the future. These goals, commitments, and targets reflect our current plans and aspirations and are not guarantees that we will be able to achieve them. Evolving stakeholder expectations and our efforts and ability to manage these issues, provide updates on them, and accomplish our goals, commitments, and targets present numerous operational, regulatory, reputational, financial, legal, and other risks, any of which may be outside of our control or could have a material adverse impact on our business, including on our reputation and stock price. Further, there is uncertainty around the accounting standards, corporate social responsibility, and climate-related disclosures associated with emerging laws and reporting requirements and the related costs to comply with the emerging regulations. Our failure or perceived failure to achieve our CSR goals, maintain CSR practices, or comply with emerging CSR regulations that meet evolving regulatory or stakeholder expectations could harm our reputation, adversely impact our ability to attract and retain customers and talent, and expose us to increased scrutiny from the investment community and enforcement authorities. Increased focus and activism on CSR topics may hinder our access to capital, as investors may reconsider their capital investment as a result of their assessment of our CSR practices. Our reputation also may be harmed by the perceptions that our stakeholders have about our action or inaction with regards to CSR-related issues. Damage to our reputation and loss of brand equity may cause customers to choose to stop purchasing our products and services, purchase products and services from another company or a competitor, or refuse to renew existing contracts, ultimately reducing demand for our products and services and thus have an adverse effect on our future financial results and stock price, as well as require additional resources to rebuild our reputation.

Continuing political and social attention to the issue of climate change has led to existing and proposed international agreements, as well as national, state, local, and foreign legislative, regulatory, and procurement initiatives directed at requiring companies to disclose and limit greenhouse gas emissions in the countries, states, and territories in which we operate. Laws, regulatory actions, international agreements, such as the Paris Agreement, and other initiatives to address concerns about climate change and greenhouse gas emissions could negatively impact our business, results of operations, and financial condition, including, among other things, by limiting the availability of our products, increasing the cost to obtain or sell those products, and increasing our reporting burden and cost of compliance. Though the ultimate impact of these and similar initiatives is not yet fully known, compliance with such proposed or newly adopted disclosure initiatives may incur significant costs. Our operations and our products are subject to environmental regulations in each of the jurisdictions in which we conduct our business and sell our products. Restrictions on the types and amounts of chemicals that may be present in electronic equipment or other items that we use or sell continue to proliferate, requiring substantial data gathering, analysis, and reporting throughout the supply chain. Ongoing research and review of chemicals used in our products could lead to further restriction of common chemicals in office equipment and supplies. In the European Union (EU), for example, we are subject to "REACH" Regulation (Registration, Evaluation, Authorization and Restriction of Chemicals), a broad initiative that requires parties throughout the supply chain to register, assess, and disclose information regarding many chemicals in their products. Depending on the types, applications, forms, and uses of chemical substances in various products, REACH and similar regulatory programs in the EU and other jurisdictions could lead to restrictions and/or bans on certain chemical usage. In the United States, the Toxics Substances Control Act (TSCA) authorizes the U.S. Environmental Protection Agency to regulate and screen all chemicals produced or imported into the United States. Xerox continues its efforts toward monitoring and evaluating the applicability of these and numerous other legislative initiatives in a continuous effort to develop and enable compliance strategies. As these and similar initiatives and programs become regulatory requirements throughout the world and/or are adopted as public or private procurement requirements, we must comply. Failure to comply could result in the company being subject to potential liability and facing market access limitations that could have a material adverse effect on our operations and financial condition. Other potentially relevant regulatory initiatives throughout the world include various efforts to limit energy use in product manufacturing and other environment-related programs impacting products and operations, such as those associated with climate change accords, agreements, and regulations. For example, the EU Ecodesign for Sustainable Products Regulation (ESPR) requires specified classes of products to achieve certain design and/or performance standards in connection with energy use and other environmental parameters and impacts. The EU ESPR is part of the EU Circular Economy Action Plan (CEAP), which introduced legislative and non-legislative measures focusing on how products are designed, promoting circular economy processes, encouraging sustainable consumption, and ensuring waste is prevented. The implementation of the CEAP is expected to impact how companies prove environmental claims and the materials used, including chemicals and plastics, in products that are placed on the EU market. Environmentally driven procurement requirements also voluntarily adopted by customers in the marketplace (e.g., U.S. EPA EnergyStar, EPEAT, and EU Green Public Procurement) are constantly evolving and becoming more stringent, presenting further market access challenges if our products fail to conform. Various countries and jurisdictions have adopted, or are expected to adopt, requirements clarifying manufacturer roles and responsibilities related to the recovery of products that were placed on the market and remediation of by-products of the manufacturing process. For example, jurisdictions have adopted or are expected to adopt, programs that make producers of certain goods (e.g., electrical goods, including computers and printers) and/or packaging materials responsible for related reporting, fees, and end-of-life management of the products. If we are unable to meet such "extended producer responsibility" (EPR) requirements in a cost-effective manner, it could materially adversely affect our results of operations and financial condition. Further, Xerox is party to, or otherwise involved in, proceedings in a limited number of locations brought by governmental authorities and other third parties under the federal Comprehensive Environmental Response, Compensation and Liability Act (CERCLA), known as "Superfund," or state law equivalents, in which the primary relief sought is the cost of past and/or future remediation of contamination related to such sites, including impacts attributable to third parties, as well as at third-party sites to which we sent wastes. The nature of financial exposure depends on a variety of factors, including changes in laws, known contamination, and discovered contamination that was previously unknown. Regulatory requirements related to sustainability reporting have been adopted in the EU that, due to our revenues and employee headcounts in the EU, apply or may apply to us when effective, including the EU Corporate Sustainability Reporting Directive (CSRD), EU Taxonomy, and the EU Corporate Sustainability Due Diligence Directive (CSDDD). The EU's CSRD introduces new compliance requirements that may impact our operations and financial reporting. The CSRD mandates detailed reporting on environmental, social, and governance factors, and requires an audit (assurance) of the reported information. Potential risks include increased compliance costs, operational challenges in data collection, reputational risk, and market access impacts.

We sponsor several defined benefit pension and retiree-health benefit plans throughout the world. We are required to make contributions to these plans to comply with minimum funding requirements imposed by laws governing these employee benefit plans. Although most of our major defined benefit plans have been amended to freeze current benefits and eliminate benefit accruals for future service, several plans remain unfunded (by design) or are under-funded. The projected benefit obligations for these benefit plans at December 31, 2024 exceeded the value of the assets of those plans by approximately $1.1 billion. The current unfunded or underfunded status of these plans is a significant factor in determining the ongoing future contributions we will be required to make to these plans. Accordingly, we expect to have additional funding requirements in future years, and we may make additional,voluntary contributions to the plans. Depending on our cash position at the time, any such funding or contributions to our defined benefit plans could impact our operating flexibility and financial position, including adversely affecting our cash flow for the quarter in which such funding or contributions are made. Weak macroeconomic conditions and related under-performance of asset markets could also lead to increases in our funding requirements.