Aon plc: 10-K Risk Factor Changes

2026 vs 2025  ·  SEC EDGAR  ·  2026-05-22
Other years: 2025 vs 2024 · 2024 vs 2023
⚠ AI-Generated

The summary below was generated by an AI language model and may contain errors or omissions. All other content on this page is deterministically extracted from the original SEC EDGAR filing.

Aon removed three risks related to NFP acquisition integration, reflecting the completion of that transaction between the two filing periods. The company added a new data disclosure risk while substantively modifying five existing risks, including those covering innovation strategy, reputation management, Irish incorporation, and technology/cybersecurity matters. Overall risk disclosure remained relatively stable with 36 unchanged risks, indicating the NFP integration conclusion was the primary driver of structural changes.

✓ Deterministic extraction — no AI-generated data

Classification is based on semantic text similarity scoring and may include approximations. “No match” means no high-confidence textual match was found — not necessarily that a section was removed.

1
New Risks
3
Removed
5
Modified
36
Unchanged
🟢 New in Current Filing

Improper disclosure of confidential, personal, or proprietary data could result in regulatory scrutiny, legal liability, or harm to our reputation.

One of our significant responsibilities is to maintain the security and privacy of our employees’ and clients’ confidential and proprietary information, including confidential information about our clients’ and employees’ compensation, medical information, and other personally…

Read full text

One of our significant responsibilities is to maintain the security and privacy of our employees’ and clients’ confidential and proprietary information, including confidential information about our clients’ and employees’ compensation, medical information, and other personally identifiable information. We maintain policies, procedures, and technological safeguards designed to protect the security and privacy of this information, including its timely disposal in connection with applicable regulatory requirements. It is possible that our internal policies, procedures and technical safeguards may not be adequate to ensure that confidential, proprietary or otherwise sensitive information is timely disposed of or deleted in a manner compliant with such policies and applicable law or regulation. We have experienced cyber incidents and cannot eliminate the risk of human error, employee or vendor malfeasance, or cyber-attacks that could result in improper access to or disclosure of confidential, personal, or proprietary information. Such access or disclosure could harm our reputation and subject us to liability under our contracts and laws and regulations that protect personal data, resulting in increased costs, fines, loss of revenue, and loss of clients. The release of confidential information as a result of a security breach, human error, or otherwise could also lead to litigation or other proceedings against us by affected individuals or business partners, or by regulators, and the outcome of such proceedings, which could include penalties or fines, could have a significant negative impact on our business.

🔴 No Match in Current Filing Risks Related to the Acquisition of NFP 🔒
🔴 No Match in Current Filing We may not be able to integrate the NFP business successfully or manage the combined business effectively, and many of the anticipated synergies and other benefits of acquiring NFP may not be realized or may not be realized within the expected time frame. 🔒
🔴 No Match in Current Filing We have incurred and may continue to incur significant integration-related costs in connection with the acquisition of NFP. 🔒
🟡 Modified If we are unable to effectively develop and implement innovative strategies, efficiencies and new solutions for our clients, our reputation, ability to compete effectively and financial condition may be adversely affected. 🔒
🟡 Modified Damage to our reputation could have a material adverse effect on our business. 🔒
🟡 Modified Risks Related to Being an Irish-incorporated Company 🔒
🟡 Modified Risks Related to Technology, Cybersecurity, and Data Protection 🔒
🟡 Modified Regulation in the areas of data privacy, data protection, data management, data transfer, data localization, artificial intelligence, and cybersecurity could increase our costs and affect or limit our business opportunities. 🔒
8 more changes in this filing

Full diff access, historical comparisons, and cross-company signal tracking.

Get full access — from $29/month Already a Pro subscriber? View full diff →