Twilio (TWLO) Risk Analysis

11,678 Followers

Public companies are required to disclose risks that can affect the business and impact the stock. These disclosures are known as “Risk Factors”. Companies disclose these risks in their yearly (Form 10-K), quarterly earnings (Form 10-Q), or “foreign private issuer” reports (Form 20-F). Risk factors show the challenges a company faces. Investors can consider the worst-case scenarios before making an investment. TipRanks’ Risk Analysis categorizes risks based on proprietary classification algorithms and machine learning.

Twilio disclosed 50 risk factors in its most recent earnings report. Twilio reported the most risks in the “Finance & Corporate” category.

Risk Overview Q2, 2025

Risk Distribution

34% Finance & Corporate

20% Legal & Regulatory

16% Tech & Innovation

14% Ability to Sell

10% Macro & Political

6% Production

Finance & Corporate - Financial and accounting risks. Risks related to the execution of corporate activity and strategy

This chart displays the stock's most recent risk distribution according to category. TipRanks has identified 6 major categories: Finance & corporate, legal & regulatory, macro & political, production, tech & innovation, and ability to sell.

Risk Change Over Time

2022

S&P500 Average

Sector Average

Risks removed

Risks added

Risks changed

Twilio Risk Factors

New Risk (0)

Risk Changed (0)

Risk Removed (0)

No changes from previous report

The chart shows the number of risks a company has disclosed. You can compare this to the sector average or S&P 500 average.

The quarters shown in the chart are according to the calendar year (January to December). Businesses set their own financial calendar, known as a fiscal year. For example, Walmart ends their financial year at the end of January to accommodate the holiday season.

Risk Highlights Q2, 2025

Main Risk Category

Finance & Corporate

With 17 Risks

Finance & Corporate

With 17 Risks

Number of Disclosed Risks

No changes from last report

S&P 500 Average: 31

No changes from last report

S&P 500 Average: 31

Recent Changes

0Risks added

1Risks removed

5Risks changed

Since Jun 2025

0Risks added

1Risks removed

5Risks changed

Since Jun 2025

Number of Risk Changed

From last report

S&P 500 Average: 1

From last report

S&P 500 Average: 1

See the risk highlights of Twilio in the last period.

Risk Word Cloud

The most common phrases about risk factors from the most recent report. Larger texts indicate more widely used phrases.

Risk Factors Full Breakdown - Total Risks 50

Finance & Corporate

Total Risks: 17/50 (34%)Below Sector Average

Share Price & Shareholder Rights6 | 12.0%

Share Price & Shareholder Rights - Risk 1

Changed

We may not realize the anticipated long-term stockholder value of our share repurchase program, and any failure to repurchase our common stock after we have announced our intention to do so may negatively impact our stock price.

In January 2025, our board of directors authorized the repurchase of up to $2.0 billion of our common stock from time to time through a share repurchase program. As of June 30, 2025, we had repurchased $306.9 million of outstanding shares of our common stock under this program, such that approximately $1.7 billion remained available for purchase as of such date. Under our share repurchase program, we may make repurchases of stock through a variety of methods, including open share market purchases, privately negotiated purchases, entering into one or more confirmations or other contractual arrangements with a financial institution counterparty to effectuate one or more accelerated stock repurchase contracts, forward purchase contracts or similar derivative instruments, Dutch auction tender offers, or through a combination of any of the foregoing, in accordance with applicable federal securities laws. Our share repurchase program terminates at 11:59 pm Pacific Time on December 31, 2027, does not obligate us to repurchase any specific number of shares, and may be suspended at any time at our discretion and without prior notice. The timing and amount of any repurchases, if any, will be subject to liquidity, stock price, market and economic conditions, compliance with applicable legal requirements such as Delaware surplus and solvency tests and other relevant factors. Any failure to repurchase stock after we have announced our intention to do so may negatively impact our reputation and investor confidence in us and may negatively impact our stock price. The existence of our share repurchase program could cause our stock price to be higher than it otherwise would be and could potentially reduce the market liquidity for our stock. Although our share repurchase program is intended to enhance long-term stockholder value, there is no assurance that it will do so because the market price of our common stock may decline below the levels at which we repurchase shares, and short-term stock price fluctuations could reduce the effectiveness of the program. Repurchasing our common stock reduces the amount of cash we have available to fund working capital, capital expenditures, strategic acquisitions or business opportunities, and other general corporate purposes, and we may fail to realize the anticipated long-term stockholder value of any share repurchase program.

Share Price & Shareholder Rights - Risk 2

The trading price of our common stock has been volatile and may continue to be volatile, and you could lose all or part of your investment.

The trading price of our common stock has, and may continue to, fluctuate significantly in response to numerous factors, many of which are beyond our control and may not be related to our operating performance, including: - price and volume fluctuations in the overall stock market from time to time;- volatility in the trading prices and trading volumes of technology stocks;- changes in operating performance and stock market valuations of other technology companies generally, or those in our industry in particular;- sales of shares of our common stock by our stockholders;- our issuance or repurchase of shares of our common stock;- short selling of our common stock or related derivatives;- changes in financial estimates or the publication of reports or statements by securities analysts or investors who follow our company, or our failure to meet these estimates or the expectations of investors;- the financial projections or targets we may provide to the public, any changes in those projections or targets, or our failure to meet those projections or targets;- announcements by us or our competitors of new products or services or related to acquisitions of businesses, products or technologies;- the public's reaction to our press releases, other public announcements and filings with the SEC;- rumors and market speculation involving us or other companies in our industry;- changes in laws, industry standards, regulations or regulatory enforcement in the United States or internationally;- actual or anticipated changes in our results of operations or fluctuations in our results of operations or actual or anticipated changes in our strategy or the organization of our business;- actual or anticipated developments in our business, our competitors' businesses or the competitive landscape generally;- litigation involving us, our industry or both, or investigations by regulators into our operations or those of our competitors;- developments or disputes concerning our intellectual property or other proprietary rights;- changes in accounting standards, policies, guidelines, interpretations or principles;- any significant change in our management, including changes in the pace of hiring; and - general political, social, economic and market conditions, in both domestic and foreign markets, and slow or negative growth of our markets. In addition, in the past, following periods of volatility in the overall market and the market price of a particular company's securities, securities class action litigation has often been instituted against these companies. This litigation, if instituted against us, could result in substantial costs and a diversion of our management's attention and resources.

Share Price & Shareholder Rights - Risk 3

Substantial future sales of shares of our common stock could cause the market price of our common stock to decline.

The market price of our common stock could decline as a result of substantial sales of our common stock, particularly sales by our directors, executive officers and significant stockholders, or the perception in the market that holders of a large number of shares intend to sell their shares. Additionally, the shares of common stock subject to outstanding options and restricted stock unit awards under our equity incentive plans and the shares reserved for future issuance under our equity incentive plans will become eligible for sale in the public market upon issuance, subject to applicable insider trading policies.

Share Price & Shareholder Rights - Risk 4

If securities or industry analysts change their recommendations regarding our common stock adversely, the trading price of our common stock and trading volume could decline.

The trading market for our common stock is influenced by the research and reports that securities or industry analysts may publish about us, our business, our market or our competitors. If any of the analysts who cover us change their recommendation regarding our common stock adversely, or provide more favorable relative recommendations about our competitors, the trading price of our common stock would likely decline. If any analyst who covers us were to cease coverage of our company or fail to regularly publish reports on us, we could lose visibility in the financial markets, which in turn could cause the trading price of our common stock or trading volume to decline.

Share Price & Shareholder Rights - Risk 5

Anti-takeover provisions contained in our certificate of incorporation and bylaws, as well as provisions of Delaware law, could impair a takeover attempt.

Our certificate of incorporation, bylaws and Delaware law contain provisions which could have the effect of rendering more difficult, delaying, or preventing an acquisition deemed undesirable by our board of directors. Among other things, our certificate of incorporation and bylaws include provisions: - authorizing "blank check" preferred stock, which could be issued by our board of directors without stockholder approval and may contain voting, liquidation, dividend and other rights superior to our common stock;- limiting the liability of, and providing indemnification to, our directors and officers;- limiting the ability of our stockholders to call and bring business before special meetings;- prohibiting stockholder action by written consent, instead requiring all stockholder actions to be taken at a meeting of our stockholders;- requiring advance notice of stockholder proposals for business to be conducted at meetings of our stockholders and for nominations of candidates for election to our board of directors;- controlling the procedures for the conduct and scheduling of board of directors and stockholder meetings; and - providing for advance notice procedures that stockholders must comply with in order to nominate candidates to our board of directors or to propose matters to be acted upon at a meeting of stockholders, which may discourage or deter a potential acquirer from conducting a solicitation of proxies to elect the acquirer's own slate of directors or otherwise attempting to obtain control of us. These provisions, alone or together, could delay or prevent hostile takeovers and changes in control or changes in our management. As a Delaware corporation, we are also subject to provisions of Delaware law, including Section 203 of the Delaware General Corporation Law, which prevents certain stockholders holding more than 15% of our outstanding common stock from engaging in certain business combinations without approval of the holders of at least two-thirds of our outstanding common stock not held by such 15% or greater stockholder. Any provision of our certificate of incorporation, bylaws or Delaware law that has the effect of delaying, preventing or deterring a change in control could limit the opportunity for our stockholders to receive a premium for their shares of our common stock and could also affect the price that some investors are willing to pay for our common stock.

Share Price & Shareholder Rights - Risk 6

Our bylaws provide that the Court of Chancery of the State of Delaware is the exclusive forum for substantially all disputes between us and our stockholders, which could limit our stockholders' ability to obtain a favorable judicial forum for disputes with us or our directors, officers or employees.

Our bylaws provide that the Court of Chancery of the State of Delaware is the exclusive forum for the following types of actions or proceedings under Delaware statutory or common law: - any derivative action or proceeding brought on our behalf;- any action asserting a breach of fiduciary duty owed by our directors, officers, employees or our stockholders;- any action asserting a claim against us arising under the Delaware General Corporation Law; and - any action asserting a claim against us that is governed by the internal-affairs doctrine (the "Delaware Forum Provision"). The Delaware Forum Provision would not apply to suits brought to enforce a duty or liability created by the Exchange Act or any other claim under the Securities Act, for which the United States District Court for the Northern District of California has sole and exclusive jurisdiction (the "Federal Forum Provision"), as we are based in the State of California. In addition, our bylaws provide that any person or entity purchasing or otherwise acquiring any interest in shares of our capital stock is deemed to have notice of and consented to the Delaware Forum Provision and the Federal Forum Provision; provided, however, that stockholders cannot and will not be deemed to have waived our compliance with the U.S. federal securities laws and the rules and regulations thereunder. The Delaware Forum Provision and the Federal Forum Provision may limit a stockholder's ability to bring a claim in a judicial forum that it finds favorable for disputes with us or our directors, officers or employees, which may discourage lawsuits against us and our directors, officers and employees. If a court were to find the Delaware Forum Provision and the Federal Forum Provision in our bylaws to be inapplicable or unenforceable in an action, we may incur additional costs associated with resolving the dispute in other jurisdictions, which could seriously harm our business.

Accounting & Financial Operations7 | 14.0%

Accounting & Financial Operations - Risk 1

Our quarterly and annual results of operations have fluctuated in the past and may continue to do so in the future. As a result, we may fail to meet securities analysts' and investors' expectations, which could cause the price of our common stock to decline.

Our quarterly and annual results of operations have fluctuated in the past and may continue to do so in the future due to a variety of factors, many of which are outside of our control. These fluctuations and the related impacts to any earnings guidance we may issue from time to time could cause the price of our common stock to change significantly or decline. In addition to the other risks described in this "Risk Factors" section, some of the factors that may result in fluctuations to our results of operations include: - fluctuations in demand for, pricing of, or usage of, our products;- our ability to introduce new products, features and enhancements;- our ability to attract and retain new customers, obtain renewals from existing customers and cross-sell or otherwise increase revenue from existing customers;- our ability to improve, automate, and leverage more of our self-service capabilities for customers;- our ability to maintain and expand relationships with resellers, distributors, and strategic partners, including ISVs, technology partners, and systems integrators;- our ability to expand our customer base and the markets that our products address;- our ability to combine our communications products with contextual data and AI and introduce compelling new products and enhancements that address the changing nature of our markets and customer needs and preferences;- competition and the actions of our competitors, including pricing changes and the introduction of new technologies, products, services and geographies;- significant security breaches or incidents impacting our platform, or interruptions to the delivery and use of our products;- changes in cloud infrastructure, network services and other third-party technology, including the fees charged by their providers;- the effectiveness of our sales and marketing efforts and the productivity of our sales force;- the length and complexity of the sales cycle for certain of our products or customers;- changes in the mix of products that our customers use during a particular period;- seasonal trends, including due to increased consumer activity in the fourth quarter;- changes in the mix or amount of products sold in the United States versus internationally;- the amount and timing of operating costs and capital expenditures related to the operations and expansion of our business;- our ability to control costs, including our operating expenses;- the timing of customer payments and our ability to collect accounts receivable from customers;- the amount and timing of costs associated with recruiting, training and integrating new employees, and retaining existing employees;- expenses in connection with mergers, acquisitions, dispositions, or other strategic transactions;- changes in foreign currency exchange rates and our ability to effectively hedge our foreign currency exposure;- extraordinary expenses such as litigation or other dispute-related settlement payments;- changes in laws, industry standards and regulations that affect our business;- sales tax and other tax determinations by authorities in the jurisdictions in which we conduct business;- the impact of new accounting pronouncements;- fluctuations in stock-based compensation expenses; and - general economic conditions, including heightened inflation or interest rates, and geopolitical uncertainty or instability. The occurrence of one or more of the foregoing and other factors may cause our results of operations to vary significantly. As such, comparing our operating results on a period-to-period basis may not be meaningful and should not be relied upon as an indication of future performance. In addition, a significant percentage of our operating expenses is fixed in nature and is based on forecasted revenue trends. Accordingly, in the event of a revenue shortfall, we may not be able to mitigate the negative impact on our net income (loss) and margins in the short term. If we fail to meet or exceed the expectations of investors or securities analysts, then the trading price of our common stock could fall substantially, and we could face costly lawsuits, including securities class action suits, which, in turn, could harm our business, results of operations and financial condition.

Accounting & Financial Operations - Risk 2

We have a history of losses and may not achieve or sustain profitability in the future.

While we achieved net income of $42.4 million in the six months ended June 30, 2025, we have incurred net losses in each preceding year since our inception, including net losses of $109.4 million and $1.0 billion in the years ended December 31, 2024 and 2023, respectively. In addition, while we have experienced revenue growth in prior periods, it is not indicative of future revenue growth, and our revenue and revenue growth for any quarterly or annual period should not be relied upon as an indication of our future revenue or revenue growth for any future period. If we are unable to generate and sustain increased revenue levels and manage our operating expenses, we may not achieve and sustain profitability and, even if we do, we may not be able increase our level of profitability or achieve our stated profitability goals. As we implement additional initiatives to increase revenue, our operating expenses may continue to rise over the long term, potentially including, among other things: investments in our engineering team; improvements in security and data protection; the development of new products, features and functionality and enhancements to our platform; sales and marketing; expansion of our operations and infrastructure, both domestically and internationally; and general administration, including legal, accounting and other expenses related to being a public company. Our efforts to grow our business may be more costly than we expect, and if our revenue growth does not meet estimates, we may not be able to offset our associated operating expenses, which could prevent us from achieving and sustaining profitability, or maintaining or increasing cash flow. We may incur significant losses in the future for a number of reasons, including the other risks described herein, and unforeseen expenses, difficulties, complications and delays and other unknown events. If we are unable to achieve and sustain profitability, or if we incur significant losses, the value of our business and common stock may significantly decrease.

Accounting & Financial Operations - Risk 3

We rely on assumptions and estimates to calculate certain of our business metrics, and real or perceived inaccuracies in such metrics could adversely affect our reputation and our business.

We rely on assumptions and estimates to calculate certain of our business metrics that we disclose in SEC filings, press releases and other materials, including Active Customer Accounts and Dollar-Based Net Expansion Rate. Our metrics are not based on any standardized industry methodology and are not necessarily calculated in the same manner or comparable to similarly titled measures presented by other companies. Similarly, our metrics may differ from estimates published by third parties or from similarly titled metrics of our competitors due to differences in methodology. The numbers that we use to calculate our metrics are based on internal data and may be compiled from multiple systems, including systems that are organically developed or acquired through business combinations. While these numbers are based on what we believe to be reasonable judgments and estimates for the applicable period of measurement, there are inherent challenges in measuring our business or components of our business. We regularly review our processes for calculating these metrics, and from time to time we may make adjustments to improve their accuracy or relevance. Further, as our business develops, we may revise or cease reporting metrics if we determine that such metrics are no longer appropriate measures of our performance. If investors or analysts do not perceive our metrics to be accurate representations of our business, or if they disagree with our methodologies, or if we discover material inaccuracies in our metrics, our reputation, business, results of operations, and financial condition would be harmed.

Accounting & Financial Operations - Risk 4

If our estimates or judgments relating to our critical accounting policies prove to be incorrect, our results of operations could be adversely affected.

The preparation of financial statements in conformity with U.S. generally accepted accounting principles ("GAAP") requires management to make estimates and assumptions that affect the amounts reported in the consolidated financial statements and accompanying notes. We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances, as provided in Part I, Item 2, "Management's Discussion and Analysis of Financial Condition and Results of Operations." The results of these estimates form the basis for making judgments about the carrying values of assets, liabilities and equity, and the amount of revenue and expenses that are not readily apparent from other sources. Assumptions and estimates used in preparing our consolidated financial statements include those related to revenue recognition and business combinations. Our results of operations may be adversely affected if our assumptions change or if actual circumstances differ from those in our assumptions, which could cause our results of operations to fall below the expectations of securities analysts and investors, resulting in a decline in the trading price of our common stock.

Accounting & Financial Operations - Risk 5

Changes in accounting standards or practices may cause adverse, unexpected financial reporting fluctuations and affect our results of operations.

A change in accounting standards or practices may have a significant effect on our results of operations and may even affect our reporting of transactions completed before the change is effective. New accounting pronouncements and varying interpretations of accounting pronouncements have occurred and may occur in the future. Changes to existing rules or the questioning of current practices may adversely affect our reported financial results or the way we conduct our business. For example, Accounting Standards Codification ("ASC") 842, "Leases" that became effective January 1, 2019, had a material impact on our consolidated financial statements as described in detail in Note 2 to the consolidated financial statements included in our Annual Report on Form 10-K for the year ended December 31, 2020. Adoption of these types of accounting standards and any difficulties in implementation of changes in accounting principles, including the ability to modify our accounting systems, could cause us to fail to meet our financial reporting obligations, which result in regulatory discipline and harm investors' confidence in us.

Accounting & Financial Operations - Risk 6

If our goodwill or intangible assets become impaired, we may be required to record a significant charge to earnings.

We review our intangible assets for impairment when events or changes in circumstances indicate the carrying value may not be recoverable. Goodwill is required to be tested for impairment at least annually. As of June 30, 2025, we carried a net $5.4 billion of goodwill and intangible assets. An adverse change in market conditions or significant changes in accounting conclusions, particularly if such changes have the effect of changing one of our critical assumptions or estimates, could result in a change to the estimation of fair value that could result in an impairment charge to our goodwill or intangible assets. For example, during the year ended December 31, 2023, we recorded an impairment of intangible assets related to Segment totaling approximately $285.7 million, as described in additional detail in Note 6 to our consolidated financial statements included in our Annual Report on Form 10-K for the year ended December 31, 2023. Any such charges may adversely affect our results of operations.

Accounting & Financial Operations - Risk 7

If we fail to maintain an effective system of disclosure controls and internal control over financial reporting, our ability to produce timely and accurate financial statements or comply with applicable regulations could be impaired.

As a public company, we are required to maintain internal control over financial reporting and to report any material weaknesses in such internal control. Section 404 of the Sarbanes-Oxley Act of 2002 (the "Sarbanes-Oxley Act") requires that we evaluate and determine the effectiveness of our internal control over financial reporting and provide a management report on internal control over financial reporting. A material weakness is a deficiency, or combination of deficiencies, in internal control over financial reporting, such that there is a reasonable possibility that a material misstatement of our financial statements will not be prevented or detected on a timely basis. Our current controls and any new controls that we develop may become inadequate because of changes in conditions in our business. Further, weaknesses in our disclosure controls and internal control over financial reporting may be discovered in the future. In addition, if we acquire additional businesses, we may not be able to successfully integrate the acquired operations and technologies and maintain internal control over financial reporting, if applicable, in accordance with the requirements of Section 404 of the Sarbanes-Oxley Act. Any failure to develop or maintain effective controls or any difficulties encountered in their implementation or improvement could harm our results of operations or cause us to fail to meet our reporting obligations and may result in a restatement of our financial statements for prior periods. Any failure to implement and maintain effective internal control over financial reporting also could adversely affect the results of periodic management evaluations and annual independent registered public accounting firm attestation reports regarding the effectiveness of our internal control over financial reporting that we are required to include in our periodic reports that will be filed with the SEC. Ineffective disclosure controls and procedures and internal control over financial reporting could also cause investors to lose confidence in our reported financial and other information, and could have a material and adverse effect on our business, results of operations and financial condition and could cause a decline in the trading price of our common stock. In addition, if we are unable to continue to meet these requirements, we may not be able to remain listed on the New York Stock Exchange.

Debt & Financing2 | 4.0%

Debt & Financing - Risk 1

We have incurred substantial indebtedness that may decrease our business flexibility, access to capital, and/or increase our borrowing costs, and we may still incur substantially more debt, which may adversely affect our operations and financial results.

As of June 30, 2025, we had $1.0 billion of indebtedness outstanding (excluding intercompany indebtedness). Our indebtedness may: - limit our ability to obtain additional financing to fund future working capital, capital expenditures, business opportunities, acquisitions or other general corporate requirements;- require a portion of our cash flows to be dedicated to debt service payments instead of other purposes, thereby reducing the amount of cash flows available for working capital, capital expenditures, business opportunities, acquisitions and other general corporate purposes;- expose us to the risk of increased interest rates as certain of our borrowings, including borrowings under a future revolving credit facility, may be at variable rates of interest; and - increase our cost of borrowing. In addition, the indenture which governs our 3.625% notes due 2029 (the "2029 Notes") and our 3.875% notes due 2031 (the "2031 Notes," and together with the 2029 Notes, the "Notes") contains restrictive covenants that limit our ability to engage in activities that may be in our long-term best interest. Our failure to comply with those covenants could result in an event of default which, if not cured or waived, could permit the trustee, or permit the holders of the Notes to cause the trustee, to declare all or part of the Notes to be immediately due and payable or to exercise any remedies provided to the trustee and/or result in the acceleration of substantially all of our indebtedness. Any such event would adversely affect our business, results of operations and financial condition. If our cash flows and capital resources are insufficient to fund our debt service obligations, we could face substantial liquidity problems and may be forced to reduce or delay investments and capital expenditures. We may be forced to sell assets, seek additional capital, or restructure or refinance our indebtedness, including the Notes. Our ability to restructure or refinance our debt will depend on, among other things, the condition of capital markets and our financial condition at such time. Any refinancing of our debt could be at higher interest rates and may require us to comply with more onerous covenants, which could further restrict our business operations. The terms of existing or future debt instruments and the indenture that governs the Notes may restrict us from adopting some of these alternatives. In addition, any failure to make payments of interest and principal on our outstanding indebtedness on a timely basis would likely result in a reduction of our credit rating, which could harm our ability to incur additional indebtedness and our financial condition. In the absence of such cash flows and resources, we could face substantial liquidity problems and might be required to dispose of material assets or operations to meet our debt service and other obligations.

Debt & Financing - Risk 2

We may require additional capital to support our business, and this capital might not be available on acceptable terms, if at all.

We intend to continue to make investments to support our business and may require additional funds. In particular, we may seek additional funds to develop new products and enhance our platform and existing products, expand our operations, including our sales and marketing organizations and our presence outside of the United States, improve our infrastructure or acquire complementary businesses, technologies, services, products and other assets. In addition, we may use a portion of our cash to satisfy tax withholding and remittance obligations related to outstanding restricted stock units. Accordingly, we may need to engage in equity or debt financings to secure additional funds. If we raise additional funds through future issuances of equity or convertible debt securities, our stockholders could suffer significant dilution, and any new equity securities we issue could have rights, preferences and privileges superior to those of holders of our common stock. Any debt financing that we may secure in the future could involve restrictive covenants relating to our capital raising activities, our ability to repurchase stock, and other financial and operational matters, which may make it more difficult for us to obtain additional capital and to pursue business opportunities. We may not be able to obtain additional financing on terms favorable to us, if at all, particularly during times of market volatility and general economic instability. If we are unable to obtain adequate financing or financing on terms satisfactory to us when we require it, our ability to continue to support our business growth, scale our infrastructure, develop product enhancements and to respond to business challenges could be significantly impaired, and our business, results of operations and financial condition may be adversely affected.

Corporate Activity and Growth2 | 4.0%

Corporate Activity and Growth - Risk 1

We may not realize potential benefits from our acquisitions, partnerships and investments because of difficulties related to integration, the achievement of synergies, and other challenges.

Our success will depend, in part, on our ability to expand our products and grow our business to meet the needs of current and prospective customers. In some circumstances, we may determine to do so through acquisitions, partnerships or investments in businesses and technologies that are complementary to our business. There can be no assurances that such acquisitions will result in the anticipated benefits, and it is possible that there could be a loss of our key employees and customers, disruption of ongoing businesses or unexpected issues, higher than expected costs, the diversion of management attention and resources from day-to-day business operations and an overall post-completion process that takes longer than originally anticipated. In addition, the following issues, among others, may need to be addressed in order to realize the anticipated benefits of any acquisitions, partnerships or investments: - combining the acquired businesses' corporate functions with our corporate functions;- combining acquired businesses with our existing business in a manner that permits us to achieve the synergies anticipated to result from such acquisitions, the failure of which would result in the anticipated benefits of our acquisitions not being realized in the time frame currently anticipated or at all;- maintaining existing agreements with customers, distributors, providers, talent and vendors and avoiding delays in entering into new agreements with prospective customers, distributors, providers, talent and vendors;- determining whether and how to address possible differences in corporate cultures and management philosophies;- integrating the companies' product, compliance, administrative and IT infrastructure;- developing products and technology that allow value to be unlocked in the future;- incurring significant, nonrecurring costs to integrate our operations with those of acquired businesses, including the costs to maintain employee morale and retain key employees;- evaluating and forecasting the financial impact of such acquisitions, partnerships and investments, including accounting charges; and - effecting potential actions that may be required in connection with obtaining regulatory approvals. From time to time, we may also divest or stop investing in certain businesses or products. For example, in 2023 we divested our Internet of Things and ValueFirst businesses, and in 2024 we wound down the software component of our Zipwhip business. The sale of a business or product has in the past and may in the future require us to restructure operations and/or terminate employees and could expose us to unanticipated ongoing obligations and liabilities, including as a result of our indemnification obligations. During the pendency of a divestiture, we may be subject to risks related to a decline in the business, loss of employees, customers, or suppliers, and that the transaction may not close, which could have an adverse effect on the business to be divested and on us. Divestitures or winding down businesses or products can also disrupt our customer, supplier and/or employee relationships and divert the time and attention of our management and employees. Additionally, we may experience harm to our financial results, including loss of revenue, and we may not realize the expected benefits and cost savings of these actions and our operating results may be adversely impacted.

Corporate Activity and Growth - Risk 2

If we fail to effectively manage our growth and strategic changes to our business, then our business, results of operations and financial condition could be adversely affected.

We have experienced substantial growth in our business and operations, which has placed, and may continue to place, significant demands on our management, operational and financial resources and systems, especially as we continue to focus on improving our operating efficiency. Although we have conducted workforce reductions in the past, we may experience employee growth in the future. We have also experienced significant growth in the number of customers, usage and amount of data that our platform and associated infrastructure support. To manage our current and anticipated future growth effectively, we must continue to improve our operational, financial and management controls as well as our reporting systems and procedures, which has required, and will continue to require, us to commit substantial financial, operational, and technical resources. We continue to scale the capacity of, and enhance the capability and reliability of, our technical infrastructure to support increased activity on our platform. Any failure to maintain performance, reliability, security, integrity and availability of our products and infrastructure to the satisfaction of our customers may harm our reputation and our ability to retain existing customers or attract new customers. If we fail to efficiently scale and manage our infrastructure, or if our customers experience service disruptions or outages, our business, financial condition and operating results may be adversely impacted.

Legal & Regulatory

Total Risks: 10/50 (20%)Above Sector Average

Regulation5 | 10.0%

Regulation - Risk 1

Certain of our products are subject to telecommunications-related regulations, and future legislative or regulatory actions could adversely affect our business, results of operations and financial condition.

As a provider of communications products and a licensed telecommunications provider, we are subject to existing or potential FCC and state regulations relating to privacy, telecommunications, consumer protection and other requirements. If we do not comply with FCC rules and regulations, or other communications laws and regulations, we could be subject to enforcement actions, fines, loss of licenses and possibly restrictions on our ability to operate or offer certain of our products. Any enforcement action by the FCC or another regulatory authority, which may be a public process, would hurt our reputation in the industry, could erode customer trust, possibly impair our ability to sell our VoIP, other telecommunications products and/or other services to customers and could adversely affect our business, results of operations and financial condition. Certain of our products are subject to a number of regulations and laws that are administered by the FCC. Among others, we must comply (in whole or in part) with: - the Communications Act of 1934, as amended, which regulates communications services and the provision of such services;- the Telephone Consumer Protection Act of 1991 ("TCPA"), which limits the use of automatic dialing systems for calls and texts, artificial or prerecorded voice messages and fax machines and establishes quiet hours for solicitations;- the Communications Assistance for Law Enforcement Act, which requires covered entities to assist law enforcement in undertaking electronic surveillance;- the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act ("TRACED");- requirements to safeguard the privacy of certain customer information;- payment of annual FCC regulatory fees and contributions to FCC-administered funds based on our interstate and international revenues, as well as to the Universal Service Fund; and - rules pertaining to access to our services by people with disabilities and contributions to the Telecommunications Relay Services fund. In addition, Congress and the FCC continue to focus on mitigating the prevalence of robocalls and robotexts, including by requiring providers to implement call authentication technologies such as Signature-based Handling of Asserted Information Using toKENs and Secure Telephone Identity Revisited, which together establish a set of technical standards and protocols that allow for the authentication and verification of caller ID information, adopting stricter Robocall Mitigation Database ("RMD") filing requirements and increasing the base forfeiture amount for submitting false or inaccurate statements to the RMD. Combating illegal calls is one of the FCC's top consumer protection priorities, and the FCC continues to take steps to strengthen, expand and enforce its rules against the origination and carrying of illegal robocalls and robotexts. We cannot predict whether the FCC will require more or different robocall and robotext mitigation measures than those we have or are planning to implement. New regulations or requirements that restrict the types of customers allowed to use our platform or impose overly burdensome requirements for our customers could limit the customers that we are able to serve. In addition, the extension of telecommunications regulations to our non-interconnected VoIP services could result in additional federal and state regulatory obligations and taxes. Additionally, some states have adopted, proposed or may propose, regulations that may subject us to additional registration, reporting, resiliency and/or compliance obligations. If we become subject to several new and/or different interconnected and/or non-interconnected VoIP regulations at the state level, it would increase our compliance costs and the risk of enforcement action against us, which in turn could adversely affect our business, results of operations and financial condition. Internationally, we currently offer our products in more than 180 countries and territories and continue to expand. When we enter new countries and as our presence and market share in such countries grow, our regulatory obligations and scrutiny increase, which increases our compliance costs and could impact our products and platform, create operational challenges, or prevent us from offering or providing our products in certain countries. Moreover, the regulation of CPaaS companies continues to evolve internationally and many existing regulations may not fully contemplate the CPaaS business model or how it fits into the communications regulatory framework. As a result, the application, interpretation or enforcement of regulations often involve significant uncertainties. In many countries, a number of our products or services are subject to licensing and communications regulatory requirements which increases the level of scrutiny and enforcement by regulators. Future legislative, regulatory or judicial actions impacting CPaaS services could also increase the cost and complexity of compliance and expose us to liability. For example, in some countries, some or all of the services we offer are not considered regulated telecommunications services, while in other countries they are subject to telecommunications regulations, including but not limited to payment into universal service funds, licensing fees, reporting requirements, provision of emergency services, provision of information to support emergency services and number portability as well as requirements to combat scams and fraud. Failure to comply with these regulations could result in our company being issued remedial directions to undertake independent audits and implement effective systems, processes and practices to ensure compliance, significant fines or being prohibited from providing telecommunications services in a jurisdiction. In addition, we implement Know-Your-Customer and/or Know-Your-Traffic related processes in the jurisdictions in which we operate. Related obligations can vary across jurisdictions, and such processes may create onboarding delays and friction for our customers, as well as other operational and compliance challenges requiring management attention, and increase our compliance costs. Moreover, certain of our products may be used by customers located in countries where voice and other forms of Internet Protocol ("IP") communications may be illegal or require special licensing or in countries on a U.S. embargo list. Users in such countries may continue to use our products in those countries notwithstanding the illegality or embargo, or a local partner that we use to provide services may not comply with applicable governmental regulations, subjecting us to potential penalties or governmental actions that may be costly, harm our business and damage our brand and reputation. We may be required to incur additional expenses to meet applicable international regulatory requirements or be required to raise the prices of services, or restructure or discontinue those services if required by law or if we cannot or will not meet those requirements. Any of the foregoing could adversely affect our business, results of operations and financial condition.

Regulation - Risk 2

United States federal and state legislation and international laws impose certain obligations on the senders of commercial emails, which could minimize the effectiveness of our platform, and establish financial penalties for non-compliance, which could increase the costs of our business.

The Federal Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (the "CAN-SPAM Act") establishes certain requirements for commercial email messages and transactional email messages and specifies penalties for the transmission of email messages that are intended to deceive the recipient as to source or content. Among other things, the CAN-SPAM Act, obligates the sender of commercial emails to provide recipients with the ability to "opt-out" of receiving future commercial emails from the sender. In addition, some states have passed laws regulating commercial email practices that are significantly more restrictive and difficult to comply with than the CAN-SPAM Act. For example, certain states prohibit the sending of email messages that advertise products or services that minors are prohibited by law from purchasing or that contain content harmful to minors to email addresses listed on specified registries. Some portions of these state laws may not be preempted by the CAN-SPAM Act. In addition, certain non-U.S. jurisdictions in which we operate have enacted laws regulating the sending of email that are more restrictive than U.S. laws. For example, some foreign laws prohibit sending broad categories of email unless the recipient has provided the sender advance consent (or "opted-in") to receipt of such email. If we were found to be in violation of the CAN-SPAM Act, applicable state laws governing email not preempted by the CAN-SPAM Act or foreign laws regulating the distribution of email, whether as a result of violations by our customers or our own acts or omissions, we could be required to pay large penalties, which would adversely affect our financial condition, significantly harm our business, injure our reputation and erode customer trust. The terms of any injunctions, judgments, consent decrees or settlement agreements entered into in connection with enforcement actions or investigations against our company in connection with any of the foregoing laws may also require us to change one or more aspects of the way we operate our business, which could impair our ability to attract and retain customers or could increase our operating costs.

Regulation - Risk 3

Changes in laws and regulations related to the internet or changes in the internet infrastructure itself may diminish the demand for our products, and could adversely affect our business, results of operations and financial condition.

The future success of our business depends upon the continued use of the internet as a primary medium for commerce, communications and business applications. Federal, state or foreign government bodies or agencies have in the past adopted,and may in the future adopt, laws or regulations affecting the use of the internet as a commercial medium. Changes in these laws or regulations could require us to modify our products and platform in order to comply with these changes. In addition, government agencies or private organizations have imposed and may impose additional taxes, fees or other charges for accessing the internet or commerce conducted via the internet. These laws or charges could limit the growth of internet-related commerce or communications generally or result in reductions in the demand for internet-based products and services such as our products and platform. The current legislative and regulatory landscape regarding the regulation of the internet is subject to uncertainty. For example, in January 2025, the U.S. Court of Appeals for the Sixth Circuit struck down the FCC's net neutrality rules, and it is unlikely that similar federal rules will be adopted. Without federal net neutrality rules, we cannot predict whether internet access service providers may be able to limit our users' ability to access our platform or make our platform a less attractive alternative to our competitors' applications. Moreover, several states have enacted or are considering state-level legislation or executive action that would implement certain net neutrality protections. State broadband regulations have been upheld by courts in certain jurisdictions, creating the potential for a patchwork of disparate regulatory regimes and operational challenges. In a related regulatory context, while the EU requires equal access to internet content, under its Digital Single Market initiative the EU may impose additional requirements that could increase our costs. If new FCC, EU, or other rules directly or inadvertently impose costs on online providers like our business, our expenses may rise. Were any of these outcomes to occur, our ability to retain existing users or attract new users may be impaired, our costs may increase, and our business may be significantly harmed. In addition, the use of the internet as a business tool could be adversely affected due to delays in the development or adoption of new standards and protocols to handle increased demands of internet activity, security, reliability, cost, ease-of-use, accessibility and quality of service. The performance of the internet and its acceptance as a business tool has been adversely affected by "viruses," "worms," and similar malicious programs. If the use of the internet is reduced as a result of these or other issues, then demand for our products could decline, which could adversely affect our business, results of operations and financial condition.

Regulation - Risk 4

Our actual or perceived failure to comply with increasingly stringent laws, regulations and contractual obligations relating to privacy, data protection and cybersecurity could harm our reputation and subject us to significant fines and liability or loss of business.

We and our customers are subject to numerous domestic (for example, the California Consumer Privacy Act ("CCPA")) and foreign (for example, the General Data Protection Regulation ("GDPR") in the European Union ("EU")) privacy, data protection and cybersecurity laws and regulations that restrict the collection, use, disclosure and processing of personal information, including financial and health data. These laws and regulations are expanding globally, evolving, and being tested in courts, may result in increasing regulatory and public scrutiny of our practices relating to personal information and may increase our exposure to regulatory enforcement action, sanctions and litigation. The breadth and depth of changes in data protection obligations has required significant time and resources, including a review of our technology and systems against the requirements of the GDPR. In the United States, the CCPA (as amended by the California Privacy Rights Act of 2020) imposes obligations on businesses to which it applies. These obligations include, but are not limited to, providing specific disclosures in privacy notices and affording California residents (both consumers and employees) certain rights related to their personal information. The CCPA allows for statutory fines for noncompliance. Numerous other states have enacted or are considering laws and regulations addressing privacy and cybersecurity, such as Washington's My Health, My Data Act, which includes a private right of action, and laws in several states relating to the provision of individual home address or telephone directory information. States and the U.S. federal government have also proposed general privacy legislation. Outside the United States, an increasing number of laws, regulations, and industry standards apply to privacy, data protection and cybersecurity. For example, the GDPR, the United Kingdom's General Data Protection Regulation and Data Protection Act 2018 ("UK GDPR") and the Swiss Federal Act on Data Protection impose strict requirements for processing personal information of covered individuals, whether within or outside the European Economic Area ("EEA"), the United Kingdom ("UK") and Switzerland, respectively (such jurisdictions, collectively, "Europe"). For example, the GDPR imposes significant requirements regarding the processing of individuals' personal information, including in relation to transparency, lawfulness of processing, individuals' privacy rights, compliant contracting, data minimization, data breach notification, data retention, security, and international data transfers. Under the GDPR and UK GDPR, government regulators may impose temporary or definitive bans on data transfers or other processing, require data deletion, and impose significant fines, potentially ranging up to the greater of 4% of a company's worldwide revenue or 20 million Euros or 17.5 million GBP, respectively. Individuals also may initiate compensation claims or litigation related to our processing of their personal information. Other privacy and data protection laws in Europe impose strict requirements around marketing communications and the deployment of cookies. As another example, Brazil's General Data Protection Law (Lei Geral de Proteção de Dados Pessoais, or "LGPD") (Law No. 13,709/2018) may apply to our operations. The LGPD broadly regulates processing of personal information of individuals in Brazil and imposes compliance obligations and penalties comparable to the GDPR. Additionally, we expect an increase in regulation of the use of AI and ML in products and services. For example, in Europe, the Artificial Intelligence Act, once effective, will impose onerous obligations related to the development, placement on the market and use of AI-related systems. A growing number of U.S. states are enacting legislation regulating aspects of AI or AI generally. Other countries are also contemplating laws regulating AI and ML. We may have to change our business practices to comply with obligations under these or other new and evolving regimes. The interpretation and application of laws and regulations are in many cases uncertain, and our legal and regulatory obligations are subject to frequent and unexpected changes, including the potential for new or additional laws or regulations, rulings that invalidate prior laws or regulations, or significant increases in penalties. Recent examples include the EU's Digital Services Act, Digital Markets Act and Data Act effective in 2024, EU member state legislation implementing the EU's Network and Information Security Directive II and the EU's Digital Operational Resiliency Act effective in January 2025. New and changing privacy, data protection or cybersecurity laws and regulations may result in additional obligations, increase the risk of enforcement action against us, and increase the types and numbers of individuals or entities that can initiate actions against us. Similarly, with our registration as an interconnected VoIP provider for certain products with the Federal Communications Commission ("FCC"), we must comply with privacy laws associated with customer proprietary network information rules in the United States. In addition, some states have adopted, proposed, or may propose, regulations that may classify our services in such a manner as to subject us to additional privacy-related compliance obligations under state law. If we fail or are perceived to have failed to maintain compliance with these requirements, we could be subject to regulatory audits or inquiries, civil and criminal penalties, fines and breach of contract claims, as well as reputational damage, which could impact the willingness of customers to do business with us. In addition, our contractual obligations relating to privacy, data protection and cybersecurity have become increasingly stringent due to changes in laws and regulations and expansion of our offerings. Certain privacy, data protection and cybersecurity laws, such as the GDPR and the CCPA, require our customers to impose specific contractual restrictions on their service providers. In addition, we support customer workloads that involve the processing of protected health information and are required to sign business associate agreements with customers that subject us to requirements under the federal Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act of 2009, as well as state laws that govern health information. Our actual or perceived failure to comply with laws, regulations, contractual commitments, or other actual or asserted obligations, including certain industry standards, regarding privacy, data protection and cybersecurity could lead to costly legal action, adverse publicity, significant liability, inability to process data, and decreased demand for our services, which could adversely affect our business, results of operations and financial condition. As a cumulative example of these risks, because our primary data processing facilities are in the United States, we have experienced hesitancy, reluctance, or refusal by European or multinational customers to continue to use our services due to potential risks arising from the Court of Justice's July 2020 ruling in the "Schrems II" case, as well as related guidance from regulators and enforcement action against Meta by the Irish Data Protection Commission. For example, absent appropriate safeguards or other circumstances, the GDPR and laws in Switzerland and the UK generally restrict the transfer of personal information to many outside jurisdictions, such as the United States. On July 10, 2023, the European Commission adopted its adequacy decision for the EU-U.S. Data Privacy Framework. Based on this decision, personal information can flow from the EU to U.S. companies participating in the EU-U.S. Data Privacy Framework without additional data protection safeguards. We are certified under the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework, and the Swiss-U.S. Data Privacy Framework. If we cannot maintain valid mechanisms for cross-border data transfers, we and our customers may face increased exposure to regulatory actions, substantial fines, and injunctions against processing or transferring personal information from Europe or elsewhere. Any inability to transfer personal information to the United States or other jurisdictions could significantly and negatively impact our business operations; limit our ability to collaborate with parties that are subject to data privacy and security laws; or require us to increase our personal information processing capabilities in Europe and/or elsewhere at significant expense. In addition, outside of Europe, other jurisdictions have proposed and enacted laws relating to cross-border data transfer or requiring personal information, or certain subcategories of personal information, to be stored in the jurisdiction of origin. If we are unable to increase our data processing capabilities and storage in Europe and other jurisdictions to limit or eliminate the need for relevant data transfers quickly enough, and valid solutions for relevant personal information are not available or are difficult to implement in the interim, we will likely face continuing reluctance from European and multinational customers to use our services and increased exposure to regulatory actions, substantial fines and injunctions against processing or transferring personal information across borders. Evolving laws, regulations, and other actual and asserted obligations relating to privacy, data protection, and cybersecurity, as well as any new or evolving obligations relating to AI and ML technologies, could reduce demand for our platform, increase our costs, impair our ability to grow our business, or restrict our ability to store and process data or, in some cases, impact our ability to offer our service in some locations and may subject us to liability. Further, in view of new or modified federal, state or foreign laws and regulations, industry standards, contractual obligations and other actual and asserted obligations, or any changes in their interpretation, we may find it necessary or desirable to fundamentally change our business activities and practices or to expend significant resources to modify our practices and platform and otherwise adapt to these changes. We may be unable to make such changes and modifications in a commercially reasonable manner or at all, and our ability to develop new products and features could be limited.

Regulation - Risk 5

The standards imposed by private entities and inbox service providers to regulate the use and delivery of email have in the past interfered with, and may continue to interfere with, the effectiveness of our platform and our ability to conduct business.

From time to time, private entities and inbox service providers impose requirements that impact our and our customers' ability to use and deliver email. For example, some of our IP addresses have become, and we expect will continue to be, listed with one or more denylisting entities due to the messaging practices of our customers and other users. We may be at an increased risk of having our IP addresses denylisted due to our scale and volume of email processed, compared to our smaller competitors. There can be no guarantee that we will be able to successfully remove ourselves from those lists. Because we fulfill email delivery on behalf of our customers, denylisting of this type could undermine the effectiveness of our customers' transactional email, email marketing programs and other email communications, all of which could have a material negative impact on our business, financial condition and results of operations. For example, in 2024 and 2025, Google, Yahoo and Microsoft began enforcing new email sender requirements aimed at sender authentication, including Domain-based Message Authentication, Reporting and Conformance ("DMARC") record requirements, requiring us to devote time and resources toward compliance efforts. These or similar authentication requirements imposed in the future could result in reduced volumes for our email products and could adversely affect our business, financial condition and results of operations. Additionally, inbox service providers can block emails from reaching their users or categorize certain emails as "promotional" emails and, as a result, direct them to an alternate or "tabbed" section of the recipient's inbox. The implementation of new or more restrictive policies by inbox service providers may make it more difficult to deliver our customers' emails, particularly if we are not given adequate notice of a change in policy or struggle to update our platform or services to comply with the changed policy in a reasonable amount of time. If the open rates of our customers' emails are negatively impacted by the actions of inbox service providers to block or categorize emails then customers may question the effectiveness of our platform and cancel their accounts. This, in turn, could harm our business, financial condition and results of operations.

Litigation & Legal Liabilities1 | 2.0%

Litigation & Legal Liabilities - Risk 1

Any legal proceedings or claims against us could be costly and time-consuming to defend and could harm our reputation regardless of the outcome.

We are and may in the future become subject to legal proceedings and claims that arise in the ordinary course of business, such as disputes or employment claims made by our current or former employees. Any litigation, whether meritorious or not, could harm our reputation, will increase our costs and may divert management's attention, time and resources, which may in turn seriously harm our business. Insurance might not cover such claims or the costs to defend such claims, might not provide sufficient payments to cover all the costs to resolve one or more such claims, and might not continue to be available on terms acceptable to us. A claim brought against us that is uninsured or underinsured could result in unanticipated costs and could seriously harm our business. If we are required to make substantial payments or implement significant changes to our operations as a result of legal proceedings or claims, our business, results of operations and financial condition could be adversely affected.

Taxation & Government Incentives4 | 8.0%

Taxation & Government Incentives - Risk 1

Our ability to use our net operating losses and certain other tax attributes to offset future taxable income and taxes may be subject to certain limitations.

As of December 31, 2024, we had U.S. federal, state and foreign net operating loss carryforwards ("NOLs"), of $2.8 billion, $2.4 billion and $0.8 billion, respectively. Utilization of these NOLs depends on our future taxable income, and there is risk that a portion of our existing NOLs could expire unused and the use of our unexpired NOLs could be subject to limitations, which could materially and adversely affect our operating results. Under current law, our U.S. federal NOLs can generally be carried forward indefinitely, but the deductibility of such NOLs is generally limited to 80% of taxable income. Our state NOLs may also be subject to limitations, including periods during which the use of state NOLs is suspended or otherwise limited, which could accelerate or permanently increase state taxes owed. For example, in June 2024, California enacted legislation that limits the use of state NOLs for taxable years beginning on or after January 1, 2024 and before January 1, 2027. Under Sections 382 and 383 of the Internal Revenue Code of 1986, as amended (the "Code"), and corresponding provisions of state law, a corporation that undergoes an "ownership change" (generally defined as a greater than 50-percentage-point cumulative change (by value) in the equity ownership of certain stockholders over a rolling three-year period) is subject to limitations on its ability to utilize its pre-change NOLs and other pre-change tax attributes to offset post-change taxable income and taxes. Our existing NOLs and other tax attributes may be subject to limitations arising from previous ownership changes, and if we undergo an ownership change in the future (which may be outside of our control), our ability to utilize NOLs and other tax attributes could be further limited.

Taxation & Government Incentives - Risk 2

We may have additional tax liabilities, which could harm our business, results of operations and financial condition.

Significant judgments and estimates are required in determining our provision for income taxes and other tax liabilities. Our tax expense may be impacted, for example, if tax laws change or are clarified to our detriment or if tax authorities successfully challenge the tax positions that we take, such as, for example, positions relating to the arm's-length pricing standards for our intercompany transactions and our indirect tax positions. In determining the adequacy of our provision for income taxes, we assess the likelihood of adverse outcomes that could result if our tax positions were challenged by the Internal Revenue Service ("IRS"), and other tax authorities. Should the IRS or other tax authorities assess additional taxes as a result of examinations, we may be required to record charges to operations that could adversely affect our results of operations and financial condition. We conduct operations in many tax jurisdictions throughout the United States and internationally. In many of these jurisdictions, non-income-based taxes, such as sales tax, value-added tax, goods and services tax, and telecommunications taxes, are assessed on our operations or our sales to customers. We are subject to indirect taxes, and may be subject to certain other taxes, in some of these jurisdictions. We collect certain telecommunications-based taxes from our customers in certain jurisdictions, and we expect to continue expanding the number of jurisdictions in which we will collect these taxes in the future. Many states are also pursuing legislative expansion of the scope of goods and services that are subject to sales and similar taxes as well as the circumstances in which a vendor of goods and services must collect such taxes. Following the United States Supreme Court decision in South Dakota v. Wayfair, Inc., states are now free to levy taxes on sales of goods and services based on an "economic nexus," regardless of whether the seller has a physical presence in the state. Any additional fees and taxes levied on our services by any state may adversely impact our results of operations. Historically, we have not billed or collected taxes in certain jurisdictions and, in accordance with GAAP, we have recorded a provision for our tax exposure in these jurisdictions when it is both probable that a liability has been incurred and the amount of the exposure can be reasonably estimated. We reserved $43.6 million on our June 30, 2025 balance sheet for these tax payments. These estimates include several key assumptions, including, but not limited to, the taxability of our products, the jurisdictions in which we believe we have nexus or a permanent establishment, and the sourcing of revenues to those jurisdictions. In the event these jurisdictions challenge our assumptions and analysis, our actual exposure could differ materially from our current estimates and reserves. If the actual payments we make to any jurisdiction exceed the accrual in our balance sheet, our results of operations would be harmed. In addition, some customers may question the incremental tax charges and seek to negotiate lower pricing from us, which could adversely affect our business, results of operations and financial condition. We are in discussions with certain jurisdictions regarding potential sales and other indirect taxes for prior periods that we may owe. If any of these jurisdictions disagree with management's assumptions and analysis, the assessment of our tax exposure could differ materially from management's current estimates, which may increase our costs of doing business and negatively affect the prices our customers pay for our products.

Taxation & Government Incentives - Risk 3

Our global operations and structure subject us to potentially adverse tax consequences.

We generally conduct our global operations through subsidiaries and report our taxable income in various jurisdictions worldwide based upon our business operations in those jurisdictions. In particular, our intercompany relationships are subject to complex transfer pricing regulations administered by taxing authorities in various jurisdictions. Also, our tax expense could be affected depending on the applicability of withholding and other taxes (including withholding and indirect taxes on software licenses and related intercompany transactions) under the tax laws of certain jurisdictions in which we have business operations. The relevant revenue and taxing authorities may disagree with positions we have taken generally, or our determinations as to the value of assets sold or acquired or income and expenses attributable to specific jurisdictions. If such a disagreement were to occur, and our position were not sustained, we could be required to pay additional taxes, interest and penalties, which could result in one-time tax charges, higher effective tax rates, reduced cash flows and lower overall profitability of our operations.

Taxation & Government Incentives - Risk 4

Changes in, or interpretations of, tax rules and regulations or our tax positions may materially and adversely affect our income taxes.

We are subject to income taxes in both the United States and numerous international jurisdictions. Significant judgment is required in determining our worldwide provision for income taxes. In the ordinary course of our business, there are many transactions and calculations where the ultimate tax determination is uncertain. Our effective tax rates may fluctuate significantly on a quarterly basis because of a variety of factors, including changes in the mix of earnings and losses in countries with differing statutory tax rates, changes in our business or structure, changes in tax laws that could adversely impact our income or non-income taxes or the expiration of or disputes about certain tax agreements in a particular country. We are subject to audit by various tax authorities. In accordance with GAAP, we recognize income tax benefits, net of required valuation allowances and accrual for uncertain tax positions. Although we believe our tax estimates are reasonable, the final determination of tax audits and any related litigation could be materially different than that which is reflected in our historical income tax provisions and accruals. Should additional taxes be assessed as a result of an audit or litigation, an adverse effect on our results of operations, financial condition and cash flows in the period or periods for which that determination is made could result. Changes in tax laws, including recently enacted U.S. federal tax legislation commonly referred to as the One Big Beautiful Bill Act (the "OBBB Act"), or tax rulings, or changes in interpretations of existing laws, could cause us to be subject to additional income-based taxes and non-income taxes (such as payroll, sales, use, value-added, digital tax, net worth, property, and goods and services taxes), which in turn could materially affect our financial position and results of operations. The OBBB Act could potentially increase our effective tax rate as we continue to expand our international operations in the coming years. Additionally, new, changed, modified, or newly interpreted or applied tax laws could increase our customers' and our compliance, operating and other costs, as well as the costs of our products. For example, on August 16, 2022, the Inflation Reduction Act of 2022 was signed into law, with tax provisions primarily focused on implementing a 15% minimum tax on global adjusted financial statement income of corporations with adjusted financial statement income exceeding $1.0 billion, effective for tax years beginning after December 31, 2022, and a 1% excise tax on share repurchases occurring after December 31, 2022, which resulted in an excise tax payable calculated on our 2023 and 2024 share repurchases. As another example, in 2021, the Organization for Economic Co-operation and Development (the "OECD") announced the OECD/G20 Inclusive Framework on Base Erosion and Profit Shifting (the "Framework") and released Pillar Two Model Rules defining global minimum tax rules ("Pillar Two"), contemplating a minimum tax rate of 15% for large multinational companies. In 2022, the European Union (EU) Member States adopted the EU's Pillar Two Directive, and various other countries have proposed or enacted similar legislation that may increase our taxes in these countries. On June 28, 2025, the G7 released a joint statement that it had reached an understanding with the United States for a side-by-side system based on certain accepted principles, including that U.S.-parented groups, such as ours, would be exempt from certain provisions of Pillar Two. However, this statement has not yet been incorporated into the Framework. Changes to these and other areas in relation to potential U.S. and international tax reform could increase uncertainty and may adversely affect our tax rate and cash flow in future years.

Tech & Innovation

Total Risks: 8/50 (16%)Below Sector Average

Innovation / R&D2 | 4.0%

Innovation / R&D - Risk 1

The success of our products depends, in part, on our ability to integrate them with third-party products used by us or our customers and to ensure that they operate effectively with evolving platforms and technologies.

The providers of third-party products with which our products are integrated may modify the features, functionality, pricing, and other terms and conditions with respect to such products in a manner adverse to us and to our customers. If we are unable to maintain the integrations between our products and such third-party products, our ability to meet the needs and expectations of our customers could be adversely affected, which could adversely affect our business. Our platform must integrate with and leverage a variety of infrastructure, network, hardware, mobile and software platforms and technologies, and we need to continuously modify and enhance our products and platform to adapt to changes and innovation in these technologies. For example, last year we launched a new channel using Rich Communication Services ("RCS") and we are working on a channel for Apple Messages for Business. We are also focused on Segment's interoperability across the data ecosystem. Third-party platforms may also implement changes to their policies or practices regarding privacy or other matters that may adversely impact us or our customers. In addition, our network service providers, mobile device operating system providers or inbox service providers may adopt new filtering technologies in an effort to combat spam or robocalling. For example, Apple, Google, Yahoo and other mobile device operating system providers or inbox service providers have developed, and may in the future develop, new applications or functions intended to filter spam and unwanted phone calls, messages or emails. Such technologies may inadvertently filter desired messages or calls to or from our customers. If mobile device operating system providers, inbox service providers or network service providers, our customers or their end users adopt new software platforms or infrastructure, we may be required to develop new versions of our products to work with those new platforms or infrastructure. This development effort may require significant resources, which would adversely affect our business, results of operations and financial condition. Any failure of our products and platform to operate effectively with evolving or new platforms and technologies could reduce the demand for our products. If we are unable to respond to these changes in a cost-effective manner, our products may become less marketable and less competitive or obsolete, and our business, results of operations and financial condition could be adversely affected.

Innovation / R&D - Risk 2

Changed

We may not be able to develop new products or product enhancements that achieve market acceptance, or adapt and respond effectively to rapidly changing technology, regulations, industry standards, or customer needs and preferences.

Our ability to attract new customers and increase revenue from existing customers depends in large part on our ability to enhance and improve our existing products and to introduce compelling new products and enhancements that reflect the changing nature of our markets, technology, industry standards, and customer needs and preferences. Anticipating these factors requires that we allocate significant resources without any guarantee that our investments of these resources will result in increased adoption of our products by current and prospective customers. For example, we have committed, and expect to continue to commit, significant resources towards developing new products and enhancements by combining our communications products with contextual data and AI in order to address evolving customer needs and expectations. The success of any enhancements or new products depends on several factors, including timely completion, adequate quality testing, actual performance quality, market-accepted pricing levels, customer value and the ability to provide rapid time-to-value for our customers, and the emergence of competing products and services that may be delivered at lower prices, more efficiently,conveniently or securely, or render our products obsolete. For example, if user authentication practices evolve to reduce or eliminate the use of one-time passwords, our revenue could be adversely affected. Enhancements and new products that we develop may not be introduced in a timely or cost-effective manner, may contain errors or defects, may require reworking features and capabilities, may have interoperability difficulties with our platform or other products or may not achieve the broad market acceptance necessary to generate significant revenue or increase our gross profits. Furthermore, our ability to increase the usage of our products depends, in part, on the development of new use cases for our products, which is at times driven by our developer community and may be outside of our control. If we are unable to successfully and cost-effectively develop and drive adoption of new products, anticipate and keep pace with changes in technology, customers' needs and expectations, and industry standards, or provide rapid time-to-value to our current and prospective customers, our business, results of operations and financial condition would be adversely affected.

Trade Secrets2 | 4.0%

Trade Secrets - Risk 1

We could incur substantial costs in protecting or defending our intellectual property rights, and any failure to protect our intellectual property could adversely affect our business, results of operations and financial condition.

Our success depends, in part, on our ability to protect our brand and the proprietary methods and technologies that we develop under patent and other intellectual property laws. We rely on a combination of patents, copyrights, trademarks, service marks, trade secret laws and other intellectual property laws, contractual provisions, and internal processes, procedures, and controls in an effort to establish, maintain, enforce, and protect our intellectual property and proprietary rights. However, the steps we take to protect our intellectual property may be inadequate. While we have been issued patents in the United States and other countries and have additional patent applications pending, we may be unable to obtain patent protection for the technology covered in our patent applications. In addition, any patents issued to us in the future may not provide us with competitive advantages or may be successfully challenged by third parties. Further, the laws of some countries do not protect intellectual property or proprietary rights to the same extent as the laws of the United States, and mechanisms for enforcement of such rights in some foreign countries may be inadequate. To the extent we expand our international activities, our exposure to unauthorized copying and use of our products and proprietary information may increase. Accordingly, despite our efforts, we may be unable to prevent third parties from infringing upon or misappropriating our technology and intellectual property. We also rely, in part, on contractual confidentiality obligations we impose on our business partners, employees, consultants, advisors, customers and others in our efforts to protect our proprietary technology, processes and methods. These obligations may not effectively prevent unauthorized disclosure or use of our confidential information, and it may be possible for unauthorized parties to copy or access our software or other proprietary technology or information, or to develop similar products independently without us having an adequate remedy for unauthorized use or disclosure of our confidential information. In addition, others may independently discover our trade secrets and proprietary information, and in these cases, we may not be able to assert any trade secret rights against those parties. We may be required to spend significant resources to monitor, enforce, maintain, and protect our intellectual property and proprietary rights. Litigation brought to protect and enforce our intellectual property or proprietary rights could be costly, time-consuming and distracting to management, result in a diversion of significant resources, or the narrowing or invalidation of portions of our intellectual property. Our efforts to enforce our intellectual property or proprietary rights may be met with defenses, counterclaims and countersuits attacking the validity and enforceability of such rights. Our failure to meaningfully protect our intellectual property and proprietary rights, could have an adverse effect on our business, results of operations and financial condition. We have been sued and may, in the future, be sued by third parties for alleged infringement of their intellectual or other proprietary rights, which could adversely affect our business, results of operations and financial condition. There is considerable patent and other intellectual property development activity in our industry. We may also introduce or acquire new products or technologies, including in areas where we historically have not participated, which could increase our exposure to intellectual property infringement claims brought by third parties. Our future success depends, in part, on not infringing the intellectual property or proprietary rights of others and we may be unaware of such rights that may cover some or all of our technology or intellectual property. We have from time to time been subject to claims that our products or platform and underlying technology are infringing upon third-party intellectual property or proprietary rights. We may be subject to such claims in the future and we may be found to be infringing upon such rights. Any claims or litigation could cause us to incur significant expenses (including settlement payments and costs associated with litigation) and, if successfully asserted against us, could require that we pay substantial damages or ongoing royalty payments, prevent us from offering our products, or require that we comply with other unfavorable terms. Additionally, our agreements with customers and other third parties typically include indemnification or other provisions under which we agree to indemnify or are otherwise liable to them for losses suffered or incurred by them as a result of claims of intellectual property infringement. Although we typically limit our liability with respect to such obligations through such agreements, we may still incur substantial liability related to our indemnification obligations. Regardless of the merits or ultimate outcome of any claims of infringement, misappropriation, or violation of intellectual or other proprietary rights that have been or may be brought against us or that we may bring against others, these types of claims, disputes, and lawsuits are time-consuming and expensive to resolve, divert management's time and attention, and could harm our reputation. Litigation is inherently unpredictable and we cannot predict the timing, nature, controversy or outcome of disputes brought against us or assure you that the results of any of these actions will not have an adverse effect on our business, results of operations or financial condition.

Trade Secrets - Risk 2

We rely on technology and intellectual property of third parties, the loss of which could limit the functionality of our products and disrupt our business.

We use technology and intellectual property licensed from third parties in certain of our products and our platform, and we expect to license additional third-party technology and intellectual property in the future. Licensed technology and intellectual property may not continue to be available on commercially reasonable terms, or at all. The loss of the right to license and distribute third-party technology could limit the functionality of our products or platform and could require us to redesign our products or platform. In addition, if the third-party technology and intellectual property we use has errors, service outages, security vulnerabilities, or otherwise malfunctions, the functionality of our products and platform may be negatively impacted, our customers may experience outages or reduced service levels, and our business may be adversely affected. For example, we outsource a substantial majority of our cloud infrastructure to Amazon Web Services ("AWS"), which hosts our products and platform. Our customers need to be able to reliably access our platform, without material interruption or degradation of performance. AWS runs its own platform that we access, and we are, therefore, vulnerable to service interruptions at AWS. We have experienced, and expect that we may experience interruptions, delays and outages in service and availability in the future due to a variety of factors, including infrastructure changes, human or software errors, website hosting disruptions and capacity constraints. Capacity constraints could be caused by a number of potential causes, including technical failures, natural disasters, public health epidemics or pandemics, fraud or security attacks. In addition, if our security, or that of AWS, is compromised, if our products, platform or customer data become unavailable, or if our users are unable to use our products within a reasonable amount of time or at all, any one of which may be due to circumstances beyond our control, then our business, results of operations and financial condition could be adversely affected. In some instances, we may encounter difficulties or otherwise not be able to identify the cause or causes of these performance problems within a period of time acceptable to our customers. It may become increasingly difficult to maintain and improve our platform performance and to troubleshoot performance issues, especially during peak usage times, as our products become more complex and the usage of our products increases. To the extent that we do not effectively address capacity constraints, either through AWS or alternative providers of cloud infrastructure, or through other factors that may result in interruptions, delays and outages in service and availability of our products and/or services, our business, results of operations and financial condition may be adversely affected. In addition, if Amazon.com, Inc. ("Amazon") requires that we comply with unfavorable terms in order to continue our use of AWS or if Amazon implements any changes in its service levels for AWS, the changes may adversely affect our ability to meet our customers' requirements, result in negative publicity which could harm our reputation and brand and may adversely affect the usage of our platform. The substantial majority of the services we use from AWS are for cloud-based reserve service capacity and, to a lesser extent, storage and other optimization offerings. AWS enables us to order and reserve service capacity in varying amounts and sizes distributed across multiple regions. We access AWS infrastructure through standard IP connectivity protocols. AWS provides us with computing and storage capacity pursuant to an agreement that continues until terminated by either party. AWS may terminate the agreement if we fail to cure a breach of the agreement within 30 days of our being notified of the breach and, in some cases, AWS may suspend the agreement immediately for cause upon notice. Although we expect that we could procure similar services from other third parties, if any of our arrangements with AWS are terminated, we could experience interruptions to our platform and encounter difficulties in our ability to make our products reliably accessible by customers, as well as delays and additional expenses in procuring, implementing, and transitioning to alternative cloud infrastructure services. Any of the above circumstances or events may harm our reputation, erode customer trust, cause customers to stop using or reduce their usage of our products, discourage customers from renewing their contracts, impair our ability to increase revenue from existing customers, impair our ability to grow our customer base, subject us to financial penalties and liabilities under our service level agreements and otherwise harm our business, results of operations and financial condition.

Cyber Security1 | 2.0%

Cyber Security - Risk 1

Breaches of or incidents impacting our networks or systems, or those of our third-party service providers, could degrade our ability to conduct our business, compromise the integrity of our products, platform and data, result in significant loss or unavailability of data and the theft of our intellectual property, damage our reputation, expose us to liability to third parties and require us to incur significant additional costs to maintain the security of our networks and data.

We depend upon our IT systems to conduct virtually all of our business operations, ranging from our internal operations and research and development activities to our marketing and sales efforts and communications with our customers and business partners. We have in the past and will in the future be subject to a variety of evolving threats, including but not limited to social-engineering attacks (including through phishing attacks), malicious code (such as viruses and worms), malware (including as a result of advanced persistent threat intrusions), denial-of-service attacks (such as credential stuffing), personnel or service provider misconduct or error, ransomware attacks, supply-chain attacks, software bugs, server malfunctions, software or hardware failures, loss or unavailability of data or other information technology assets, adware, telecommunications failures, earthquakes, fires, floods, natural disasters, and other similar threats. Individuals or entities have in the past attempted and will in the future attempt to penetrate the security of our platform, or of our network or systems, and to cause harm to our business operations, including by misappropriating our proprietary information or that of our customers, employees and business partners or to cause interruptions of our products and platform. In particular, cyberattacks and other malicious internet-based activity continue to increase in frequency and magnitude, and cloud-based companies have been targeted in the past. We face various threats from traditional computer hackers, sophisticated organized crime, nation-state and nation-state supported actors, malicious code, software vulnerabilities, supply chain attacks and vulnerabilities through our third-party partners, employee theft or misuse, attempts to bribe, extort, or compromise our employees or infiltrate our workforce, password spraying, phishing, smishing, vishing, credential stuffing, denial-of-service attacks, and advanced persistent threat intrusions, which threaten our systems (including those hosted on cloud services), internal networks, our customers' systems, our service providers' networks, and the information that they store and process. Ransomware and cyber extortion attacks, including those perpetrated by organized criminal threat actors, nation-states, and nation-state-supported actors, are becoming increasingly prevalent and severe and can lead to significant interruptions in our operations, loss of data and income, reputational harm, and diversion of funds. Extortion payments may alleviate or reduce the negative impact of a ransomware attack, but we may be unwilling or unable to make such payments due to, for example, applicable laws or regulations prohibiting such payments. Geopolitical tensions and events may further heighten risks we and our service providers face from these and other attacks. Because the techniques used to access, disrupt or sabotage devices, systems and networks change frequently and may not be recognized until launched against a target, we expect to be required to make further investments over time to protect data and infrastructure as cybersecurity threats develop, evolve and grow more complex over time. We may also be unable to anticipate these techniques, and we may not become aware in a timely manner of any security breach or incident, which could exacerbate any damage we experience. We depend upon our employees and contractors to appropriately handle confidential and sensitive data, including customer data, and to deploy our IT resources in a safe and secure manner that does not expose our network systems to security breaches or incidents or the loss, alteration, unavailability, or other unauthorized processing of data. We have been and expect to be subject to cybersecurity threats and incidents, including denial-of-service attacks, employee errors or individual attempts to gain unauthorized access to information systems. We also have deployed, and continue to develop and incorporate, AI solutions and features into our platform and our business, which may result in security incidents or otherwise increase cybersecurity risks. Further, AI technologies may be used in connection with certain cybersecurity attacks, resulting in heightened risks of security breaches and incidents. Any security incidents, including internal malfeasance or inadvertent disclosures by our employees or a third-party's fraudulent inducement of our employees to disclose information, unauthorized access or usage, the introduction of viruses or other malicious code or any other breach or incident or disruption of our platform, systems, or networks or those of our service providers, could result in loss, corruption, unavailability, or other unauthorized processing of confidential information, and any such event, or the perception that it has occurred, may result in damage to our reputation, erosion of customer trust, loss of customers, litigation, regulatory investigations, fines, penalties and other liabilities. For example, in June and August 2022, we became aware that threat actors had conducted sophisticated social engineering campaigns against some of our employees after having obtained employee names and mobile phone numbers from unknown sources. The attack identified in August 2022, which involved smishing text messages that purported to be from our IT department, resulted in the threat actor obtaining some of our employees' credentials and access to certain data of approximately 209 customers out of our total customer base of approximately 270,000 at that time. We notified and worked with our affected customers. We also notified appropriate regulators and addressed their questions about the incident. We took steps to remediate the incident, including enhancing our security training, improving our two factor authentication requirements, implementing additional layers of control within our VPN, reducing access to certain internal applications and tools, running simulated phishing attempts to increase employee security awareness, and increasing the refresh frequency for access to certain internal applications. Industry reports indicate that the threat actors also attacked other technology, telecommunication and cryptocurrency companies. We also rely on various third-party service providers to operate our platform and deliver our products, including network service providers, internet service providers, telecommunications carriers, and providers of cloud infrastructure and cloud communications, as well as third-party technology and intellectual property. Our service providers (or their sub-service providers) have in the past experienced, and may in the future experience, security breaches and incidents, including unauthorized access or inadvertent disclosures, that have exposed and may expose or make available to threat actors our data or that of our customers. Even when our systems are not compromised, if our service providers experience breaches or incidents that impact our data or our customers' data, then our reputation, customer trust, business, results of operations and financial condition could be adversely affected. Furthermore, we are required to comply with laws and regulations that require us to maintain security measures designed to protect personal information and we may have contractual and other obligations to notify customers, regulators, government agencies, impacted individuals or other relevant stakeholders of security breaches. Such disclosures are costly, and the disclosures or the failure to comply with such requirements could lead to adverse consequences. If we or a third party upon whom we rely experiences a security incident or is perceived to have experienced a security incident, we may experience adverse consequences. Consequences associated with such security incidents may include: government enforcement actions and other actions or proceedings (for example, investigations, audits, and inspections), and related fines, penalties, required remedial actions, or other obligations and liabilities; additional reporting requirements and/or oversight; restrictions on processing or transferring data (including personal data); claims, demands, and litigation (including class claims); indemnification obligations; monetary fund diversions; interruptions in our operations (including availability of data); financial loss and other similar harms. Actual and perceived security incidents and attendant consequences could also lead to negative publicity and reputational harm, may cause our customers to lose confidence in the effectiveness of our security measures and require us to expend significant capital and other resources to respond to and/or mitigate the security incident. Accordingly, if our cybersecurity measures or those of our third-party service providers fail to protect against unauthorized access, attacks (which may include sophisticated cyberattacks), or if our employees or contractors compromise or mishandle data, then our reputation, customer trust, business, results of operations and financial condition could be adversely affected. While we maintain errors, omissions and cyber liability insurance policies covering certain security and privacy damages, we cannot be certain that our existing insurance coverage will continue to be available on acceptable terms or will be available, and in sufficient amounts, to cover the potentially significant losses that may result from a security incident or breach or that the insurer will not deny coverage as to any future claim.

Technology3 | 6.0%

Technology - Risk 1

Our use of open source software could negatively affect our ability to sell our products and subject us to possible litigation.

Our products and platform incorporate open source software, and we expect to continue to incorporate open source software in our products and platform in the future. Open source software presents certain risks in addition to those of third-party technology and intellectual property generally. Few of the licenses applicable to open source software have been interpreted by courts, and there is a risk that these licenses could be construed in a manner that could impose unanticipated conditions or restrictions on our ability to commercialize our products and platform. Although we have implemented policies to regulate the use and incorporation of open source software into our products and platform, we cannot be certain that we have not incorporated open source software in our products or platform in a manner that is inconsistent with such policies. If we fail to comply with open source licenses, we may be subject to certain requirements, including requirements that we offer our products that incorporate the open source software for no cost, that we make available the source code for any modifications or derivative works we create based upon, incorporating or using the open source software and that we license such modifications or derivative works under the terms of applicable open source licenses. If an author or other third-party that distributes such open source software were to allege that we had not, or have not, complied with the terms and conditions of the license for such open source software, we could be required to incur significant legal expenses defending against such allegations and could be subject to significant damages, enjoined from generating revenue from customers using products that contained the open source software and required to comply with onerous conditions or restrictions on these products. In any of these events, we and our customers could be required to seek licenses from third parties in order to continue offering our products and platform and to re-engineer our products or platform or discontinue offering our products to customers in the event re-engineering cannot be accomplished on a timely basis. Any of the foregoing could require us to devote additional research and development resources to re-engineer our products or platform, damage our reputation, give rise to increased scrutiny regarding our use of open source software, result in customer dissatisfaction and may adversely affect our business, results of operations and financial condition.

Technology - Risk 2

The use of AI technologies in our platform and our business may not produce the desired benefits, and may result in increased liability, reputational harm, or other adverse consequences.

We have deployed, and continue to develop and incorporate, AI solutions and features into our platform and our business, and these solutions and features may become more important to our operations or to our future growth over time. We expect to rely on AI solutions and features to help drive future growth and efficiency in our business, but there can be no assurance that we will realize the desired or anticipated benefits from AI in a timely or cost-effective manner. For example, we are focused on continued product innovations to combine our communications products with contextual data and AI to address evolving customer needs and expectations. We are also building out new AI capabilities internally, including AI automation and agents in our self-service platform and in our internal operations. We may also fail to properly implement or market our AI solutions and features. Our competitors or other third parties may incorporate AI into their products, offerings, and solutions more quickly or more successfully than us, which could impair our ability to compete effectively and adversely affect our results of operations. Our ability to effectively implement and market our AI solutions and features will depend, in part, on our ability to attract and retain employees with AI expertise, and we expect significant competition for professionals with the skills and technical knowledge that we will require. Additionally, our offerings based on AI may expose us to additional claims, demands and proceedings by private parties and regulatory authorities and subject us to legal liability as well as brand and reputational harm. For example, our business, financial condition and results of operations may be adversely affected if content or recommendations that AI solutions or features assist in producing are or are alleged to be deficient, inaccurate, harmful, or biased, or if such content, recommendations, solutions, or features or their development or deployment (including the collection, use, or other processing of data used to train or create such AI solutions or features) are found to have or alleged to have infringed upon or misappropriated third-party intellectual property rights or violated applicable laws, regulations, or other actual or asserted legal or contractual obligations to which we are or may become subject. If we fail to obtain any required permissions to collect, use, or otherwise process data, including personal information, in relation to AI solutions or features, or if we jeopardize the privacy or security of such information, it could adversely affect our business, results of operations and financial condition. The legal, regulatory, and policy environments around AI are evolving rapidly, and we may become subject to new and evolving legal and other obligations. These and other developments may require us to make significant changes to our use of AI, including by limiting or restricting our use of AI, and which may require us to make significant changes to our policies and practices, which may necessitate expenditure of significant time, expense, and other resources. AI also presents emerging ethical issues, and if our use of AI becomes controversial, we may experience brand or reputational harm.

Technology - Risk 3

Changed

Our customers' and others' violation of our policies or other misuse of our platform to transmit unwanted, offensive or illegal messages, spam, phishing scams, links to harmful applications or for other fraudulent or illegal activity could damage our reputation, and we may face a risk of regulatory penalties, litigation and liability for illegal activities on our platform and unauthorized, inaccurate, or fraudulent information distributed via our platform.

The actual or perceived improper sending of text messages or voice calls may subject us to potential risks, including liabilities or claims relating to consumer protection laws and regulatory enforcement, including fines. For example, the TCPA restricts telemarketing and the use of automatic SMS text messages without prior express consent. TCPA violations can result in significant financial penalties, as businesses can incur civil or criminal penalties imposed by the FCC, state attorneys general or other state actors or through private litigation. Regulatory enforcement is often public, which would result in reputational harm. Class action suits are the most common method for private enforcement. This has resulted in civil claims against our company and requests for information through third-party subpoenas. The scope and interpretation of the laws that are or may be applicable to the delivery of text messages or voice calls are continuously evolving and developing. If we do not comply with these laws or regulations or if we become liable under these laws or regulations due to the failure of our customers to comply with these laws, we could face direct liability. Moreover, certain customers may use our platform to transmit unwanted, offensive or illegal messages, calls, spam, phishing scams, and website links to harmful applications, reproduce and distribute copyrighted material or the trademarks of others without permission, and report inaccurate or fraudulent data or information. These issues also arise with respect to a portion of those users who use our platform on a free trial basis or upon initial use. These actions are in violation of our policies and in particular, our Acceptable Use Policy. Our efforts to defeat spamming attacks, illegal robocalls and other fraudulent activity will not prevent all such attacks and activity. Such use of our platform could damage our reputation and we could face claims for damages, regulatory enforcement, copyright or trademark infringement, defamation, negligence, or fraud. Furthermore, enacting more stringent controls on our customers' use of our platform to combat such violations of our Acceptable Use Policy could increase friction for our legitimate customers and decrease their use of our platform. Our customers' and other users' promotion of their products and services through our platform might not comply with federal, state, and foreign laws or of contractual requirements imposed by carriers, such as the CTIA Shortcode Agreement, The Campaign Registry, carrier codes of conduct and similar policies. We rely on contractual representations made to us by our customers that their use of our platform will comply with our policies and applicable law, including, without limitation, our email and messaging policies. Although we retain the right to verify that customers and other users are abiding by certain contractual terms, our Acceptable Use Policy and our email and messaging policies and, in certain circumstances, to review their email, messages and distribution lists, our customers and other users are ultimately responsible for compliance with our policies, and we do not systematically audit our customers or other users to confirm compliance with our policies. We cannot predict whether our role in facilitating our customers' or other users' activities will result in violations of carrier policies which could result in fines, administrative delays, or service interruptions. We also cannot predict whether our role in facilitating our customers' or other users' activities would expose us to liability under applicable state or federal law, or whether that possibility could become more likely if changes to current laws regulating content moderation, such as Section 230 of the Communications Decency Act, are enacted. If we are found liable for our customers' or other users' activities, we could be required to pay fines or penalties, redesign business methods or otherwise expend resources to remedy any damages caused by such actions and to avoid future liability. Additionally, our products may be subject to fraudulent usage, including but not limited to revenue share fraud, domestic traffic pumping, subscription fraud, premium text message scams and other fraudulent schemes, such as phishing. Although our customers are required to set passwords or personal identification numbers to protect their accounts, third parties have in the past been, and may in the future be, able to access and use their accounts through fraudulent means. Furthermore, spammers attempt to use our products to send targeted and untargeted spam messages. We cannot be certain that our efforts to defeat spamming attacks will be successful in eliminating all spam messages from being sent using our platform. In addition, a security breach of, or security incident impacting, our customers' systems could result in exposure of their authentication credentials, unauthorized access to their accounts or fraudulent calls on their accounts, any of which could adversely affect our business, results of operations and financial condition.

Ability to Sell

Total Risks: 7/50 (14%)Below Sector Average

Competition1 | 2.0%

Competition - Risk 1

The markets in which we participate are intensely competitive, and if we do not compete effectively, our business, results of operations and financial condition could be harmed.

The current and prospective markets for our products are rapidly evolving, significantly fragmented and highly competitive, with relatively low barriers to entry in some segments. The principal competitive factors of these markets include completeness of offering, credibility with customers, ability to differentiate our products against competing offerings, global reach, ease of integration and programmability, product features, platform scalability, reliability, deliverability, security and performance, brand awareness and reputation, the strength of sales and marketing efforts, customer support, and the cost of deploying and using products. Our competitors are primarily (i) CPaaS companies that offer communications products and applications, (ii) other software companies that compete with portions of our communications product line, (iii) regional network service providers that offer limited developer functionality on top of their own physical infrastructure, (iv) customer relationship management and customer experience vendors and (v) standalone customer data platform vendors. Some of our competitors and potential competitors are larger and have greater name recognition, longer operating histories, more established customer relationships, larger budgets, lower operating costs, and significantly greater resources than we do. As a result, our competitors may be able to respond more quickly and effectively than we can to new or changing opportunities, technologies, standards, customer requirements or changing economic conditions. Our competitors may also offer products or services that address one or a limited number of functions at lower prices, with greater depth than our products or in different geographies. Our current and potential competitors have in the past and may in the future develop and market products and services with comparable functionality to our products, and this could lead us to decrease prices in order to remain competitive. With the introduction of new products and services and new market entrants, we expect competition to intensify in the future. As we expand the scope of our products, we may face additional competition and, in some cases, may find our products in competition with those of our customers, which could cause them to replace our products with competitive offerings. If one or more of our competitors were to merge or partner with another of our competitors or our suppliers, the change in the competitive landscape could also adversely affect our ability to compete effectively. For example, certain of our competitors have engaged in acquisition activity, and we expect that our competitors will continue to evaluate the acquisition of companies and technologies that could increase competition with our products in the future. In addition, some of our competitors have lower list prices than us, which may be attractive to certain customers even if those products have different or lesser functionality. Pricing pressures and increased competition generally could result in reduced revenue, reduced margins, increased losses or the failure of our products to achieve or maintain widespread market acceptance, any of which could harm our business, results of operations and financial condition. Our business, results of operations and financial condition also depends, in part, on our ability to establish, maintain and expand relationships through resellers, distributors, and strategic partners, including ISVs, technology partners and systems integrators. A portion of our revenue is derived from sales made by these partners and any one of them may later decide to sell their own products or those of third parties that may be competitive with our products. A loss or reduction in sales of our products through these third parties could adversely affect our revenue and other results of operations.

Demand2 | 4.0%

Demand - Risk 1

The markets for our products continue to evolve and may decline or experience limited growth.

The markets for our products continue to evolve, which makes our business and future prospects difficult to evaluate. If current and prospective customers do not recognize the need for and benefits of our products and platform, they may decide to adopt alternative products and services to satisfy some portion of their business needs. In order to grow our business and extend our market position, we intend to focus on educating customers about the benefits of our products and platform, expanding and improving the functionality of our products and bringing new technologies to market to increase market acceptance and use of our platform. Our growth will depend, in part, on our ability to expand the markets that our products address and to enter into new markets. Our ability to do so depends upon a number of factors, including the cost, performance and perceived value associated with our products and platform. The markets for our products and platform could fail to grow significantly, or at all, or there could be a reduction in demand for our products as a result of any number of factors, including a lack of customer acceptance, technological challenges, competing products and services, decreases in spending by current and prospective customers, weakening macroeconomic conditions, and other causes. If these markets do not grow or demand for our products decreases, then our business, results of operations and financial condition could be adversely affected.

Demand - Risk 2

If our customers terminate or reduce their usage of our products, our business, results of operations and financial condition would be adversely affected.

Our revenue grows as customers increase their usage of a product, extend their usage of a product to new applications or adopt a new product that we offer. The majority of our revenue is usage-based, and if our customers do not increase their use of our products or maintain their usage of our products at existing levels, then our revenue may decline or grow at rates lower than expected. Most of our usage-based customers do not have long-term contractual financial commitments to us and, therefore, may reduce or cease their use of our products at any time without penalty or termination charges. Our subscription-based customers generally base their contract value on anticipated usage, and if their anticipated levels of usage are not met, they may reduce their contract value or choose not to renew their contract upon its expiration. Customers may terminate or reduce their use of our products, or we may fail to attract new customers, for any number of reasons, including dissatisfaction with our products or with the value proposition of our products, our inability to meet their needs and expectations, our failure to maintain performance, reliability, security, integrity or availability of our products and infrastructure to the satisfaction of our customers, or customers' use of competitors' products. For example, prior instances of disruptions in our cloud communications platform have impacted our customers' ability to use products on our platform for up to several hours at a time. Issues with our products have had, and in the future may have, an adverse impact on customer satisfaction and our ability to retain or attract customers and have caused, and may in the future cause, us to incur certain costs associated with offering credits to our affected customers. Additionally, we believe our ability to provide customers with high-quality, effective customer support services is a crucial component of maintaining customer satisfaction, generating increased customer usage of our products and ultimately retaining customers. If we are unable to effectively assist our customers, it could adversely affect our ability to retain existing customers and could disincentivize prospective customers from adopting our products. The resources we dedicate to customer service at a particular time may prove insufficient, such as in the event we are unable to respond quickly enough to accommodate short-term increases in demand for customer support. We also may be unable to modify the nature, scope and delivery of our customer support in order to compete with changes in the support services provided by our competitors. Our sales are highly dependent on our business reputation and on positive recommendations from our customers. If we are unable to provide high-quality customer support, or if there is a market perception that we do not maintain high-quality customer support, it could erode the trust of current and potential customers and adversely affect our reputation. Moreover, even if we succeed in providing and maintaining high-quality customer support, there is no guarantee that it will generate increased customer usage of our products or lead to long-term or meaningful customer retention. Customer usage of our products depends on factors generally outside of our control, so it is difficult to accurately predict customers' usage levels. Our Dollar-Based Net Expansion Rate may decline for a number of reasons, including if customers are not satisfied with our products and related customer service experience, the value proposition of our products or our ability to meet their needs and expectations, due to reductions in customers' budgets or as a result of adverse macroeconomic conditions. If we lose customers, or if our customers reduce their usage levels of our products, our business, results of operations and financial condition could be adversely affected.

Sales & Marketing2 | 4.0%

Sales & Marketing - Risk 1

Changed

If we are unable to attract new customers or increase usage of our products by existing customers effectively and in a cost-efficient manner, our business, results of operations and financial condition would be adversely affected.

To grow our business, we must continue to attract new customers, increase usage of our existing products and new product adoption by existing customers, and successfully market new products, including products with higher gross margins, in a cost-effective manner. Our sales and marketing teams work closely together to drive awareness and adoption of our platform. We leverage our brand, marketing programs, developer network and conferences, such as SIGNAL, to expand our go-to-market motions. Our go-to-market model has three motions: our self-service platform, primarily aimed at developers, marketers, and other technical users; our direct sales motion, primarily aimed at enterprise and commercial customers; and our partner-led motion, including resellers, distributors, and strategic partners, such as ISVs, technology partners and systems integrators, which is primarily aimed at customers who do not have the available developer resources to build their own applications. Our sales and marketing strategies, and their effectiveness, are influenced by numerous factors. We have made, and may in the future make, changes to the organization of our sales force and sales motions in response to changes in company strategy, new market opportunities, new products or features, sales performance or effectiveness, changes in sales headcount, changes to the compensation structure of our sales organization, or other factors. Such changes may not lead to wider adoption of our products or to the cost-effective acquisition of additional customers or increased revenue from existing customers as quickly or to the extent we expect, or at all, and have resulted, and may in the future result, in a reduction of productivity, which could negatively impact our growth rate and results of operations. For example, in recent years, we have reduced the size of our sales force to drive further efficiencies in our sales operations and are continuing to improve and rely more heavily on our use of self-service capabilities to drive sales of our products to customers that do not require direct account coverage. We are also introducing AI and automation in our self-service platform aimed at improving sales and customer support. These efforts may not continue to be as effective as we anticipate in driving adoption or increased usage of our products, or may take longer than we expect to drive growth or increase efficiency. In addition, if the costs of the marketing channels we use increase, then we may choose to use alternative or less expensive channels, which may not be as effective as the channels we currently use. New products that we develop or markets that we pursue may require increasingly sophisticated and more costly sales efforts and result in longer sales cycles. For example, we are focusing increasingly on sales to enterprises, such as through our Segment product, which is primarily aimed at complex customer data platform implementations at larger companies, and additional product innovations combining our communications products with contextual data and AI. As we seek to increase the adoption of our products by enterprises, we expect to encounter higher costs and more complex sales efforts for these customers. For enterprises, the decision to adopt our products may require the approval of multiple technical and business decision makers, and enterprise customers may require extensive education about our products and significant customer support before they will commit to deploying our products at scale, which may place additional strain on our product and engineering resources. Enterprises may also engage in protracted pricing and contract negotiations, leading to higher costs and longer sales cycles. Enterprise customers may not use our products enough for us to generate revenue that justifies our cost to obtain such customers, or may choose to develop their own solutions that do not include our products. They may also demand reductions in pricing as their usage of our products increases, notwithstanding increased costs incurred by us to provide such products, which could have an adverse impact on our gross margin. If our efforts to increase the adoption and usage of our products or sell additional products to existing customers are more expensive or time-consuming than we expect or are otherwise ineffective, then our business, results of operations and financial condition would be adversely affected.

Sales & Marketing - Risk 2

Failure to set optimal prices for our products could adversely impact our business, results of operations and financial condition.

For certain of our products, we primarily charge our customers based on their usage of such products. One of the challenges of this usage-based pricing model is the variability of the fees that we pay to network service providers over whose networks we transmit communications. Such network fees can vary, in some markets daily or weekly, differ across countries, and are affected by volume and other factors that may be outside of our control and which are difficult to predict. This can result in us incurring increased costs that we may be unable or unwilling to pass through to our customers, which could adversely impact our business, results of operations and financial condition. If we elect to pass through increased fees to our customers, it could adversely affect our relationship with our customers and our customers may look for lower cost alternatives. We adjust the pricing models for our products from time to time and expect that we will continue to do so. Many of our usage-based customers enter into contracts with negotiated pricing, and our subscription customers are also subject to negotiated pricing. As competitors introduce new products or services that compete with ours or reduce their prices, we may be unable to attract new customers or retain existing customers based on our historical pricing. If we are required or choose to reduce our prices, it could adversely affect our business, results of operations and financial condition.

Brand / Reputation2 | 4.0%

Brand / Reputation - Risk 1

If we are not able to maintain and enhance our brand and increase market awareness of our company and products, then our business, results of operations and financial condition may be adversely affected.

We believe that maintaining and enhancing our brand identity and increasing market awareness of our company and products, particularly among developers and enterprises, is critical to achieving widespread acceptance of our platform, to strengthening our relationships with our existing customers and to our ability to attract new customers. The successful promotion of our brand will depend largely on our continued marketing efforts, our ability to continue to offer high-quality products, and our ability to successfully differentiate our products and platform from competing products and services. Our brand promotion and thought leadership activities may not be successful or yield increased revenue. In addition, independent industry analysts often provide reviews of our products and competing products and services, which may significantly influence the perception of our products in the marketplace. If these reviews are negative or not as strong as reviews of our competitors' products and services, then our brand may be harmed. The promotion of our brand also requires us to make substantial expenditures, and we anticipate that these expenditures will increase as our markets become more competitive and as we expand into new markets. To the extent that these activities increase revenue, this revenue still may not be enough to offset the increased expenses we incur.

Brand / Reputation - Risk 2

Our reputation and/or business could be negatively impacted by ESG matters and/or our reporting of such matters.

There is an increasing focus on ESG matters from governmental authorities, investors, customers and other stakeholders, whose expectations are evolving and may be contradictory. Our decisions regarding ESG-related initiatives, goals, or commitments, including whether to pursue them, and/or the extent to which we achieve them, may be scrutinized and could negatively impact our reputation, result in reduced customer demand or certain investors not purchasing or holding our stock, harm our ability to attract and retain qualified employees, or otherwise materially harm our business. Additionally, compliance with current or future legal requirements or stakeholder expectations regarding ESG matters, including disclosure and reporting obligations, may result in increased costs, and legal and operational risks.

Macro & Political

Total Risks: 5/50 (10%)Above Sector Average

Economy & Political Environment1 | 2.0%

Economy & Political Environment - Risk 1

Global economic and political conditions, including macroeconomic and political uncertainties, have had, and may continue to have, an adverse impact on our business, results of operations and financial condition.

Global economic and business activities continue to face widespread macroeconomic uncertainties, including market volatility, changes in international economic and trade relations, supply chain disruptions, changes in the labor market, elevated interest rates and potential increases in inflation, foreign currency exchange rate fluctuations and recession risks, which may continue for an extended period. Additionally, the instability in the political environment in many parts of the world, including in the United States, and changes and uncertainty with respect to trade policies, actual or threatened tariffs, treaties, government regulations, executive orders, directives and enforcement priorities could have an adverse effect on the global economy and/or our business. Given that a majority of our revenue is usage-based and therefore impacted by general consumer sentiment and activity, our business may be more immediately and severely impacted by adverse macroeconomic conditions than those that rely primarily on subscription revenue. Additionally, increased prices resulting from the effects of tariffs and inflation could increase our operating expenses. Adverse macroeconomic conditions have in the past resulted in, and may in the future result in, decreased or delayed business spending by our current and prospective customers and business partners, reduced demand for or usage of our products, lower renewal rates by our customers, longer or delayed sales cycles, including current and prospective customers delaying contract signing or contract renewals, reduced budgets or minimum commitments related to the products that we offer, or delays in customer payments or our ability to collect accounts receivable, all of which could negatively affect revenue and revenue growth. Additionally, our customers may be affected by changes and uncertainty in the global political environment with respect to trade and other policies. For example, uncertainty regarding the impact of tariffs on certain countries by the U.S. administration, as well as potential or actual retaliatory measures taken by trade partners, have adversely affected trade relations, put increased pressure on supply chains, and led to increased market volatility, and such effects may continue. Any resulting harm to our customers' businesses could depress their usage levels and/or purchasing power and lead them to reduce their spending with us. If customers fail to pay us as a result of adverse macroeconomic or geopolitical conditions or otherwise, we may be required to take steps to enforce the terms of our contracts and collect amounts due, which may not succeed. For example, in 2023, one of our former customers in Brazil initiated reorganization proceedings exposing us to risks on collections of pre-petition receivables and ongoing revenue, and in 2024 its creditors approved a reorganization plan providing extended and discounted payment terms for pre-petition receivables. As a result of a reduction in ongoing payment activity, as of December 31, 2024, we fully reserved accounts receivable balances for this former customer. Macroeconomic and political conditions and uncertainties have in the past adversely affected, and may in the future adversely affect, our business, results of operations and financial condition, and could exacerbate many of the other risks described in this "Risk Factors" section.

International Operations2 | 4.0%

International Operations - Risk 1

Our international operations expose us to risks inherent in global operations.

In the six months ended June 30, 2025 and the years ended December 31, 2024 and 2023, we derived 36%, 35% and 34% of our revenue from customer accounts located outside the United States, respectively. The future success of our business will depend, in part, on our ability to strategically maintain and expand our customer base worldwide. Operating in international markets requires significant resources and management attention and subjects us to regulatory, economic and political risks in addition to those we face in the United States. In addition, we face risks in doing business internationally that could adversely affect our business, including: - the difficulty of managing and staffing international operations and the increased operations, travel and infrastructure and other costs associated with servicing international customers and operating numerous international locations, including collecting accounts receivable and having longer payment cycles, higher or more variable network service provider fees and other costs associated with the need to adapt and localize our products and support for foreign countries;- new and different sources of global competition affecting our ability to effectively price our products in competitive international markets;- implementing and reconciling technical controls to address different technical standards, data privacy, data protection and telecommunications regulations, and registration and certification requirements outside the United States, which could prevent customers from deploying our products or limit their usage;- our ability to comply with laws, regulations, customs and industry standards in countries and other regions in which we operate or do business, and the associated costs and management attention required to support such compliance, including with respect to data privacy, data protection, data localization, cybersecurity, intellectual property rights, environmental and sustainability matters, as well as export controls, sanctions, anti-bribery and anti-corruption matters;- international tax and trade policies, tariffs, and other non-tariff barriers;- fluctuations in currency exchange rates, which could increase the price of our products outside of the United States, increase the expenses of our international operations and expose us to foreign currency exchange rate risk;- currency control regulations, which might restrict or prohibit our conversion of other currencies into U.S. dollars;- restrictions on the transfer of funds; and - political or social unrest, economic instability, conflict or war in a specific country or region in which we, our customers, partners or service providers operate, which could have an adverse impact on our operations in the region or otherwise have a material impact on regional or global economies, any or all of which could adversely affect our business. Also, due to costs from our international operations and network service provider fees outside of the United States, which generally are higher than domestic rates, our gross margin for messages terminating internationally is typically lower than our gross margin for messages terminating domestically. As a result, our gross margin has been, and may continue to be, adversely impacted by our international operations. Our failure to manage any of these risks successfully could harm our international operations, and adversely affect our business, results of operations and financial condition.

International Operations - Risk 2

Our global operations subject us to potential liability under export controls, economic sanctions, customs, anti-corruption, and other laws and regulations, and violating these laws could subject us to liability and impair our ability to compete in international markets.

Certain of our products and services may be subject to international trade laws, including the U.S. Export Administration Regulations, U.S. customs laws, and U.S. economic and trade sanctions as well as similar laws and regulations in other countries in which we do business. Exports and imports of our products and the provision of our services must be made in compliance with these laws. We take precautions to prevent our products from being imported or exported and our services from being provided in violation of these laws; however, we are aware of certain of our products and services being provided to, procured from, or that involve dealings with, a small number of individuals and entities that are the subject of, or are located in countries or regions subject to, sanctions regulations administered by U.S. and foreign governmental authorities. If we fail to comply with these laws, we and certain of our employees could be subject to substantial civil or criminal penalties, including: the possible loss of export privileges; fines, which may be imposed on us and responsible employees or managers; criminal liability, which may be imposed on us and responsible employees or managers; and, in extreme cases, the incarceration of responsible employees or managers. Any change in these laws or other regulatory requirements affecting trade and investments, shift in the enforcement or scope of existing laws, or change in the countries, governments, persons or technologies targeted by such regulations, could also result in decreased use of our products and services, or in our decreased ability to export our products or provide our services to existing or prospective customers outside of the United States. Any decreased use of our products and services or limitations on our ability to export our products and provide our services could adversely affect our business, results of operations and financial condition. Further, we incorporate encryption technology into certain of our products. Various countries regulate the import of certain encryption technology, including through import permitting and licensing requirements, and have enacted laws that could limit our customers' ability to import our products into those countries. Encryption products and the underlying technology may also be subject to export control restrictions. Governmental regulation of encryption technology and regulation of exports of encryption products, or our failure to obtain required approval for our products, when applicable, could harm our international sales and adversely affect our revenue. Compliance with applicable regulatory requirements regarding the export of our products and provision of our services, including with respect to new releases of our products and services, may create delays in the introduction of our products and services in international markets, prevent our customers with international operations from deploying our products and using our services throughout their globally-distributed systems or, in some cases, prevent the export of our products or provision of our services to some countries altogether. We are also subject to U.S. and foreign anti-corruption and anti-bribery laws, including the Foreign Corrupt Practices Act, as amended ("FCPA"), the UK Bribery Act 2010, and other anti-corruption laws and regulations in the countries in which we conduct activities. Anti-corruption laws are interpreted broadly and generally prohibit companies, their employees, agents, representatives, business partners, and third-party intermediaries from directly or indirectly authorizing, offering, or providing, improper payments or things of value to recipients in the public or private sector, and also require that we maintain accurate books and records and adequate internal controls and compliance procedures designed to prevent violations. We sometimes leverage third parties to sell our products and conduct our business abroad. We, our employees, agents, representatives, business partners and third-party intermediaries may have direct or indirect interactions with officials and employees of government agencies or state-owned or affiliated entities and we may be held liable for the corrupt or other illegal activities of these employees, agents, representatives, business partners or third-party intermediaries even if we do not explicitly authorize such activities. It is possible that our employees, agents, representatives, business partners or third-party intermediaries could fail to comply with our policies and applicable laws and regulations, for which we may ultimately be held responsible. Any allegations or violation of the FCPA or other applicable anti-bribery and anti-corruption laws and anti-money laundering laws could result in whistleblower complaints, sanctions, settlements, prosecution, enforcement actions, significant fines and penalties, damages, adverse media coverage, investigations, loss of export privileges, severe criminal or civil sanctions, or suspension or debarment from government contracts, all of which may have an adverse effect on our reputation, business, results of operations, and prospects. Responding to any investigation or action would likely result in a materially significant diversion of management's attention and resources, significant defense costs and other professional fees.

Natural and Human Disruptions1 | 2.0%

Natural and Human Disruptions - Risk 1

Our business is subject to the risks of pandemics, earthquakes, fire, floods and other natural catastrophic events, and to interruption by man-made problems such as power disruptions, computer viruses, security breaches and incidents, terrorism or war.

Our business operations are subject to interruption by natural disasters, flooding, fire, power shortages, public health epidemics or pandemics, terrorism, political unrest, cyber-attacks, geopolitical instability, war, the effects of climate change and other events beyond our control. For example, our corporate headquarters are located in the San Francisco Bay Area, a region known for seismic activity. A significant natural disaster, such as an earthquake, fire or flood, occurring at our headquarters, at one of our other facilities or where a business partner is located could adversely affect our business, results of operations and financial condition. Further, if a natural disaster or man-made problem were to affect our service providers, this could adversely affect the ability of our customers to use our products and platform. Natural disasters, public health epidemics or pandemics, such as the COVID-19 pandemic, and geopolitical events could cause disruptions in our or our customers' businesses, national economies or the world economy as a whole. We also rely on our network and third-party infrastructure and enterprise applications and internal technology systems for our engineering, sales and marketing, and operations activities. Although we maintain incident management and disaster response plans, in the event of a major disruption caused by a natural disaster or man-made problem, we may be unable to continue our operations and may endure system interruptions and outages, reputational harm, delays in our development activities, lengthy interruptions in service, security breaches and incidents and loss or unavailability of critical data, any of which could adversely affect our business, results of operations and financial condition. In addition, computer malware, viruses and computer hacking, fraudulent use attempts and phishing attacks have become more prevalent in our industry, have occurred on our platform in the past and may occur on our platform in the future. Though it is difficult to determine what, if any, harm may directly result from any specific interruption or attack, any failure to maintain performance, reliability, security, integrity and availability of our products and technical infrastructure to the satisfaction of our customers may harm our reputation and our ability to retain existing customers and attract new customers. In addition, global climate change could result in certain types of natural disasters occurring more frequently or with more intense effects. Any such events may result in users being subject to service disruptions or outages, and we may not be able to recover our technical infrastructure in a timely manner to maintain or resume operations, which may adversely affect our financial results.

Capital Markets1 | 2.0%

Capital Markets - Risk 1

We face exposure to foreign currency exchange rate fluctuations, and such fluctuations could adversely affect our business, results of operations and financial condition.

As our international operations expand, our exposure to the effects of fluctuations in currency exchange rates grows. For example, global geopolitical events, economic events, public health epidemics and pandemics, actual or potential tariffs and other events have caused global economic uncertainty and variability in foreign currency exchange rates. While we have primarily transacted with customers and business partners in U.S. dollars, we have also conducted business in currencies other than the U.S. dollar. We expect to expand the number of transactions with customers that are denominated in foreign currencies in the future as we continue to expand our business internationally. We also incur expenses for some of our network service provider costs outside of the United States in local currencies and for employee compensation and other operating expenses at our non-U.S. locations in the respective local currency. Fluctuations in the exchange rates between the U.S. dollar and other currencies could result in an increase to the U.S. dollar equivalent of such expenses. In addition, our international subsidiaries maintain net assets that are denominated in currencies other than the functional operating currencies of these entities. As we continue to expand our international operations, we become more exposed to the effects of fluctuations in currency exchange rates. Accordingly, changes in the value of foreign currencies relative to the U.S. dollar can affect our results of operations due to transactional and translational remeasurements. As a result of such foreign currency exchange rate fluctuations, it could be more difficult to detect underlying trends in our business and results of operations. In addition, to the extent that fluctuations in currency exchange rates cause our results of operations to differ from our expectations or the expectations of our investors and securities analysts who follow our stock, the trading price of our common stock could be adversely affected. We have implemented a program to hedge transactional exposure against the Euro, and may do so in the future with respect to other foreign currencies. We also use derivative instruments, such as foreign currency forward and option contracts, to hedge certain exposures to fluctuations in foreign currency exchange rates. The use of such hedging activities may not offset any or more than a portion of the adverse financial effects of unfavorable movements in foreign exchange rates over the limited time the hedges are in place. Moreover, the use of hedging instruments may introduce additional risks if we are unable to structure effective hedges with such instruments.

Production

Total Risks: 3/50 (6%)Below Sector Average

Employment / Personnel1 | 2.0%

Employment / Personnel - Risk 1

We depend largely on the continued services of highly skilled personnel, including our senior management and other key employees, and the inability to attract, integrate or retain such employees could adversely affect our business, results of operations and financial condition.

Our future performance depends on the continued services and contributions of highly skilled personnel, including our senior management and other key employees, to execute on our business plan, to develop our products and platform, to deliver our products to customers, to attract and retain customers and to identify and pursue opportunities to expand our business. We believe that there is, and will continue to be, intense competition for highly skilled management, technical, sales and other employees with experience in our industry. In addition, we have experienced and may in the future experience employee attrition, which could significantly delay or prevent the achievement of our business objectives, and any resulting influx of new employees may require us to expend time, attention and resources to recruit and retain employees, restructure parts of our organization and train and integrate new personnel. If we fail to effectively manage attrition, and to hire, integrate and adequately incentivize our personnel, our efficiency and ability to meet our financial and operational targets, as well as our corporate culture, employee morale, productivity and retention, could suffer, and our business and operating results would be adversely impacted. Any of our executive officers may terminate employment with us at any time with no advance notice. We have experienced, and may continue to experience, high attrition among our senior management team and key employees. The replacement of any of our senior management or other key employees will involve significant time and costs, and any loss of services of any such key employee for any reason could significantly delay or prevent the achievement of our business objectives and our financial and operational targets, and could adversely affect our business, results of operations and financial condition. Additionally, we have implemented several reductions in workforce and efforts to restructure our business in the past and may in the future implement other reductions in force. Our reductions in force may result in unintended consequences, including employee attrition beyond the intended reduction in force, damage to our corporate culture and decreased employee morale among remaining employees, diversion of management attention, damage to our reputation as an employer, which could make it more difficult for us to hire new employees in the future, delays in meeting our financial and operational targets, and the loss of institutional knowledge and expertise of departing employees. The labor market for our business is subject to external factors that are beyond our control, including our industry's highly competitive market for skilled workers and leaders. We must provide competitive compensation packages and a high-quality work environment to hire, retain and motivate employees. Volatility in, or the actual or perceived lack of performance of, our stock price may affect our ability to attract, motivate and retain key employees. If we are unable to retain and motivate our existing employees and attract qualified employees to fill key positions, we may be unable to manage our business effectively, including the development, marketing and sale of our products, which could adversely affect our business, results of operations and financial condition.

Supply Chain2 | 4.0%

Supply Chain - Risk 1

To deliver our products, we rely on network service providers and internet service providers for our network service and connectivity, and disruption or deterioration in the quality of these services or changes in provider fees that we pay in connection with the delivery of communications on our platform could adversely affect our business, results of operations and financial condition.

We interconnect with fixed and mobile network service providers around the world to enable our customers to use our products over their networks. Although we currently hold or are in the process of acquiring authorization in many countries for direct access to phone numbers and for the provision of voice and messaging services on the networks of fixed and mobile network service providers, we expect that we will continue to rely on network service providers for these services. Where we do not have direct access to phone numbers, our reliance on network service providers has reduced our operating flexibility, ability to make timely service changes and control quality of service. In addition, the fees that we are charged by network service providers are subject to change and we can be subject to the imposition of additional fees, penalties, or other administrative or technical requirements, and even service interruption, due to regulatory, competitive, or other industry related changes over which we have little to no control. From time to time, network service providers have instituted additional or increased fees that increase our network costs. For example, in June 2025, a major U.S. mobile carrier increased its fees for A2P SMS messages delivered to its subscribers, which will create a modest headwind to our gross margins going forward. Other U.S. mobile carriers may follow suit and such fees may increase over time. While we have historically responded to these types of fee increases through a combination of further negotiating efforts with our network service providers, absorbing the increased costs or passing the fees through to customers, there is no guarantee that we will continue to be able to respond in these ways in the future without a material negative impact to our business. The fees charged by our network service providers are subject to change, in some markets daily or weekly, and we may not change our customers' pricing as rapidly and, as a result, such fee increases could adversely affect our business and results of operations. In addition, passing these fees through to our customers typically has the effect of increasing our revenue and cost of revenue, but typically does not impact the gross profit dollars received for sending these messages and, as a result, has a negative impact on our gross margins. Additionally, our ability to respond to any new fees may be constrained if all network service providers in a particular market impose equivalent fee structures, if the magnitude of the fees is disproportionately large when compared to the underlying prices paid by our customers, or if the market conditions limit our ability to increase the prices we charge our customers. Furthermore, many of these network service providers do not have long-term committed contracts with us and may interrupt services or terminate their agreements with us without notice. If a significant portion of our network service providers stop providing us with access to their infrastructure, fail to provide these services to us on a cost-effective basis, cease operations, or otherwise terminate these services, the delay caused by qualifying and switching to other network service providers could be time consuming and costly and could adversely affect our business, results of operations and financial condition. Further, if problems occur with our network service providers, such problems have in the past caused, and may in the future cause, errors, service outages, security incidents, or poor-quality communications on our products, and we could encounter difficulty identifying the source of the problem. The occurrence of errors, service outages, security incidents, or poor-quality communications on our products, whether caused by our platform or a network service provider, may result in the loss of our existing customers or the delay of adoption of our products by potential customers and may adversely affect our business, results of operations and financial condition. Further, in cases where we do not have direct access to network service providers, we access network services through intermediaries. Although we are in the process of securing additional direct connections with network service providers in many countries, we expect that we will continue to rely on intermediaries for these services for some period of time. These intermediaries sometimes have offerings that directly compete with our products and may stop providing services to us on a cost-effective basis. If a significant portion of these intermediaries stop providing services or stop providing services on a cost-effective basis, our business could be adversely affected. We also interconnect with internet service providers around the world to enable the use of our email products by our customers, and we expect to continue to rely on internet service providers for network connectivity going forward. Our reliance on internet service providers reduces our control over quality of service and exposes us to potential service outages and rate fluctuations. The occurrence of poor-quality of service or service outages on our products may result in the loss of our existing customers or the delay of adoption of our products by potential customers and may adversely affect our business, results of operations and financial condition. Similarly, if a significant portion of our internet service providers stop providing us with access to their network infrastructure, fail to provide access on a cost-effective basis, cease operations, or otherwise terminate access, the delay caused by qualifying and switching to other internet service providers could be time consuming and costly and could adversely affect our business, results of operations, and financial condition.

Supply Chain - Risk 2

Changed

If we are unable to obtain, assign or retain geographical, mobile, regional, local or toll-free numbers, or to effectively process requests to port such numbers in a timely manner due to industry regulations, our business and results of operations may be adversely affected.

Our future success depends in part on our ability to obtain allocations of geographical, mobile, regional, local and toll-free direct inward dialing numbers or phone numbers as well as short codes and alphanumeric sender IDs (collectively, "Numbering Resources") in the United States and foreign countries at a reasonable cost and without overly burdensome restrictions. Our ability to obtain allocations of, assign and retain Numbering Resources depends on factors outside of our control, such as applicable regulations, the practices of authorities that administer national numbering plans and the requirements of network service providers from whom we can provision Numbering Resources, such as conditional minimum volume call level requirements, as well as related costs and competitive demand. In addition, in order to obtain allocations of, assign and retain Numbering Resources in many international jurisdictions, we are often required to be licensed by local telecommunications regulatory authorities. We have obtained licenses and are in the process of obtaining licenses in various countries in which we do business, but in some countries, the regulatory regime around provisioning of Numbering Resources is unclear, subject to change over time, and sometimes may conflict from jurisdiction to jurisdiction. These regulations and governments' approach to their enforcement, as well as our products and services, are evolving and we may be unable to maintain compliance with applicable regulations, or enforce compliance by our customers, on a timely basis or without significant cost or changes in products or business practices that result in reduced revenue. In some countries where our or our customers' assignment and/or use of Numbering Resources in certain ways may violate applicable rules and regulations, we have been subjected to government inquiries and audits, and may in the future be subject to significant penalties or further governmental action, and in extreme cases, may be precluded from doing business in that particular country. We have also been required to reclaim Numbering Resources from our customers as a result of certain events of non-compliance. These reclamations result in loss of customers, loss of revenue, reputational harm, erosion of customer trust, and may also result in breach of contract claims, all of which could have an adverse effect on our business, results of operations and financial condition. If we are unable to acquire or retain Numbering Resources, our voice and messaging products may be less attractive to potential customers. Certain popular area code prefixes have limited availability, and restrictive rules generally prevent us from obtaining or assigning certain number types. In addition, future growth in our customer base and those of other CPaaS providers may make it increasingly difficult to source larger quantities of Numbering Resources, and Numbering Resources may become more expensive or subject to more stringent regulation or conditions of usage. Additionally, in some geographies, we support number portability, which allows our customers to transfer their existing phone numbers to us and thereby retain their existing phone numbers when subscribing to our voice and messaging products. Transferring existing numbers is a manual process that can take up to 15 business days or longer to complete. Any delay that we experience in transferring these numbers typically results from our dependency on network service providers to transfer these numbers, and these network service providers may refuse or substantially delay the transfer of these numbers to us. Number portability is an important feature to many potential customers, and failure to reduce delays may result in adverse regulatory enforcement, increased difficulty in acquiring new customers, or costs to compensate customers for certain failures in the porting process.

See a full breakdown of risk according to category and subcategory. The list starts with the category with the most risk. Click on subcategories to read relevant extracts from the most recent report.

FAQ

What are “Risk Factors”?

Risk factors are any situations or occurrences that could make investing in a company risky.

The Securities and Exchange Commission (SEC) requires that publicly traded companies disclose their most significant risk factors. This is so that potential investors can consider any risks before they make an investment.

They also offer companies protection, as a company can use risk factors as liability protection. This could happen if a company underperforms and investors take legal action as a result.

It is worth noting that smaller companies, that is those with a public float of under $75 million on the last business day, do not have to include risk factors in their 10-K and 10-Q forms, although some may choose to do so.

How do companies disclose their risk factors?

Publicly traded companies initially disclose their risk factors to the SEC through their S-1 filings as part of the IPO process.

Additionally, companies must provide a complete list of risk factors in their Annual Reports (Form 10-K) or (Form 20-F) for “foreign private issuers”.

Quarterly Reports also include a section on risk factors (Form 10-Q) where companies are only required to update any changes since the previous report.

According to the SEC, risk factors should be reported concisely, logically and in “plain English” so investors can understand them.

How can I use TipRanks risk factors in my stock research?

Use the Risk Factors tab to get data about the risk factors of any company in which you are considering investing.

You can easily see the most significant risks a company is facing. Additionally, you can find out which risk factors a company has added, removed or adjusted since its previous disclosure. You can also see how a company’s risk factors compare to others in its sector.

Without reading company reports or participating in conference calls, you would most likely not have access to this sort of information, which is usually not included in press releases or other public announcements.

A simplified analysis of risk factors is unique to TipRanks.

What are all the risk factor categories?

TipRanks has identified 6 major categories of risk factors and a number of subcategories for each. You can see how these categories are broken down in the list below.

1. Financial & Corporate

Accounting & Financial Operations - risks related to accounting loss, value of intangible assets, financial statements, value of intangible assets, financial reporting, estimates, guidance, company profitability, dividends, fluctuating results.
Share Price & Shareholder Rights – risks related to things that impact share prices and the rights of shareholders, including analyst ratings, major shareholder activity, trade volatility, liquidity of shares, anti-takeover provisions, international listing, dual listing.
Debt & Financing – risks related to debt, funding, financing and interest rates, financial investments.
Corporate Activity and Growth – risks related to restructuring, M&As, joint ventures, execution of corporate strategy, strategic alliances.

2. Legal & Regulatory

Litigation and Legal Liabilities – risks related to litigation/ lawsuits against the company.
Regulation – risks related to compliance, GDPR, and new legislation.
Environmental / Social – risks related to environmental regulation and to data privacy.
Taxation & Government Incentives – risks related to taxation and changes in government incentives.

3. Production

Costs – risks related to costs of production including commodity prices, future contracts, inventory.
Supply Chain – risks related to the company’s suppliers.
Manufacturing – risks related to the company’s manufacturing process including product quality and product recalls.
Human Capital – risks related to recruitment, training and retention of key employees, employee relationships & unions labor disputes, pension, and post retirement benefits, medical, health and welfare benefits, employee misconduct, employee litigation.

4. Technology & Innovation

Innovation / R&D – risks related to innovation and new product development.
Technology – risks related to the company’s reliance on technology.
Cyber Security – risks related to securing the company’s digital assets and from cyber attacks.
Trade Secrets & Patents – risks related to the company’s ability to protect its intellectual property and to infringement claims against the company as well as piracy and unlicensed copying.

5. Ability to Sell

Demand – risks related to the demand of the company’s goods and services including seasonality, reliance on key customers.
Competition – risks related to the company’s competition including substitutes.
Sales & Marketing – risks related to sales, marketing, and distribution channels, pricing, and market penetration.
Brand & Reputation – risks related to the company’s brand and reputation.

6. Macro & Political

Economy & Political Environment – risks related to changes in economic and political conditions.
Natural and Human Disruptions – risks related to catastrophes, floods, storms, terror, earthquakes, coronavirus pandemic/COVID-19.
International Operations – risks related to the global nature of the company.
Capital Markets – risks related to exchange rates and trade, cryptocurrency.

Become an Expert with TipRanks Premium

What am I Missing?

Make informed decisions based on Top Analysts' activity

Know what industry insiders are buying

Get actionable alerts from top Wall Street Analysts

Find out before anyone else which stock is going to shoot up

Get powerful stock screeners & detailed portfolio analysis

Subscribe Now See Plans & Pricing