--- ticker: BAH company: BAH filing_type: 10-K year_current: 2026 year_prior: 2025 risks_added: 1 risks_removed: 2 risks_modified: 12 risks_unchanged: 43 source: SEC EDGAR url: https://riskdiff.com/bah/2026-vs-2025/ markdown_url: https://riskdiff.com/bah/2026-vs-2025/index.md generated: 2026-06-01 --- # BAH: 10-K Risk Factor Changes 2026 vs 2025 > Source: U.S. Securities and Exchange Commission (EDGAR) > Generated: 2026-06-01 > All data extracted directly from official filings. No hallucinated content. ## Summary | Status | Count | |--------|-------| | New risks added | 1 | | Risks removed | 2 | | Risks modified | 12 | | Unchanged | 43 | --- ## New in Current Filing: Our business is subject to a number of risks related to climate and environmental matters, including regulatory, political, reputational, litigation and financial risks, that could adversely affect our results of operations or financial condition. Our business is subject to a number of risks related to climate and environmental matters, including regulatory, political, reputational, litigation and financial risks. We have operations located in regions that have been, and may in the future be, impacted by physical risks related to climate, including rising sea levels, severe weather events, and natural disasters, as well as disease outbreaks. Such events could disrupt our operations or those of our customers and suppliers, including the inability of employees to work, destruction of facilities, loss of life, and adverse effects on our supply chain and the integrity of information technology systems, all of which could materially increase our costs and expenses, delay or decrease revenue from our customers, and disrupt our ability to maintain business continuity. We could incur significant costs to improve the resiliency of our infrastructure and otherwise prepare for, respond to, and mitigate the effects of climate-related events. There are numerous foreign, U.S. and state laws and regulations related to climate and environmental management disclosures, including regulations related to greenhouse gas emissions reporting. These regulations often impose different and, occasionally, conflicting or contradictory requirements, which may result in increased compliance and operational costs to comply with such regulatory requirements as well as an increased potential for liability arising from noncompliance with such requirements. Additionally, the evolving technological, social, legal, and political context of these issues as well as changing expectations from foreign, U.S. and state governments, customers, employees, investors, and other stakeholders may create conflicts, disaffection, and dissatisfaction between regulatory requirements and various stakeholder expectations, which could result in potential damage to our reputation and adversely affect our business. --- ## No Match in Current: Increasing scrutiny and changing expectations regarding business operations and associated practices related to matters receiving substantial scrutiny from stakeholders and governmental authorities may impose additional costs on us or expose us to new or additional risks. *This section from the 2025 filing does not have a high-confidence textual match in 2026. It may have been removed, merged, or substantially reworded.* There is increased scrutiny from governmental organizations, customers, employees, investors, and other stakeholders on climate change, employee empowerment, and governance issues such as workplace culture, community investment, environmental management, climate impact, and information security. The quickly evolving technological, social, legal, and political context of these issues may create conflicts, disaffection, and dissatisfaction among laws and various stakeholder expectations. We comply with various federal, state, local, and foreign legislation and regulations related to these issues and applicable to our business and operations. Stakeholders may have expectations that conflict or do not align with our understanding of these laws, our strategies, or the expectations of the U.S. government. We have expended and may further expend resources to monitor, report on and adopt policies and practices that we believe will improve alignment with our evolving strategy and goals regarding these issues and related standards and expectations of legal regimes and stakeholders such as customers, investors, stockholders, raters, employees, and business partners. If our related practices, including our goals for environmental sustainability, and information security, do not meet evolving rules and regulations or stakeholder expectations and standards (or if we are viewed negatively based on positions we do or do not take or work we do or do not perform or cannot publicly disclose for certain customers and industries), then our reputation, ability to attract or retain leading experts, employees and other professionals, and ability to attract new business and customers could be negatively impacted, as could our attractiveness as an investment, service provider, employer, or business partner. Similarly, our failure or perceived failure with respect to these issues in our efforts to execute our related strategies and achieve our current or future goals, targets and objectives, or to satisfy various reporting standards within the timelines expected by stakeholders could also result in similar negative impacts. Organizations that provide information to investors on corporate governance and related matters have developed ratings processes for evaluating companies on their approach to many of these issues, and unfavorable ratings of our associated efforts may lead to negative investor sentiment, diversion of investment to other companies, and difficulty in hiring skilled employees. --- ## No Match in Current: Our business is subject to disruption caused by physical or transition risks that could adversely affect our results of operations or financial condition. *This section from the 2025 filing does not have a high-confidence textual match in 2026. It may have been removed, merged, or substantially reworded.* We have significant operations located in regions that have been, and may in the future be, subject to a variety of physical risks related to changing weather patterns (including rising temperatures and sea levels, extreme heat, and other severe weather events), natural disasters (including hurricanes, typhoons, tsunamis, floods, earthquakes, fires or wildfires, water shortages and prolonged drought), or pandemics, epidemics and similar disease outbreaks. Such events could disrupt our operations or those of our customers and suppliers, including the inability of employees to work, destruction of facilities, loss of life, and adverse effects on supply chains (including materials shortages), power, infrastructure, and the integrity of information technology systems, all of which could materially increase our costs and expenses, delay or decrease revenue from our customers, and disrupt our ability to maintain business continuity. We could incur significant costs to improve the resiliency of our infrastructure and otherwise prepare for, respond to, and mitigate the effects of changing weather patterns, as well as increased compliance and operational costs and transition risks due to changes in future federal, state, local and foreign legislation and regulations applicable to our business or decisions we make to conduct or change our activities in response to considerations relating to changing weather patterns. Additionally, if insurance or other risk transfer mechanisms are unavailable or insufficient to recover all costs or if we experience a significant disruption to our business due to changing weather patterns, natural disasters, or disease outbreaks, our results of operations or financial condition could be adversely affected. --- ## Modified: Our earnings and profitability may vary based on the mix of our contracts and may be adversely affected by our failure to accurately estimate or otherwise recover the expenses, time, and resources for our contracts. **Key changes:** - Reworded sentence: "government, through the recent executive order "Promoting Efficiency, Accountability, and Performance in Federal Contracting," directs federal agencies, subject to certain exceptions, to increase the use of firm-fixed price contracts for new awards to the maximum extent consistent with law." - Reworded sentence: "Additionally, as more contracts with the U.S." **Prior (2025):** We enter into three general types of U.S. government contracts for our services: cost-reimbursable, time-and-materials, and fixed-price. Each of these types of contracts, to varying degrees, involves the risk that we could underestimate our cost of fulfilling the contract, which may reduce the profit we earn or lead to a financial loss on the contract and adversely affect our operating results. Under cost-reimbursable contracts, we are reimbursed for allowable costs up to a ceiling and paid a fee, which may be fixed or performance-based. If our actual costs exceed the contract ceiling or are not allowable under the terms of the contract or applicable regulations, we may not be able to recover those costs. In particular, there is ongoing focus by the U.S. government on the extent to which government contractors, including us, are able to receive reimbursement for employee compensation, including the adoption of interim rules by federal agencies implementing a section of the Bipartisan Budget Act of 2013, as amended, that substantially decreased the level of allowable compensation cost for executive-level employees and further applied the newly reduced limitation to all employees. In addition, there is an increased risk of compensation being deemed unallowable or payments being withheld as a result of U.S. government audit, review, or investigation. Under time-and-materials contracts, we are reimbursed for labor at negotiated hourly billing rates and for certain allowable expenses. We assume financial risk on time-and-materials contracts because our costs of performance may exceed these negotiated hourly rates. Under fixed-price contracts, we perform specific tasks or deliver a specific outcome for a predetermined price. Compared to time-and-materials and cost-reimbursable contracts, fixed-price contracts generally offer higher margin opportunities because we receive the benefits of any cost savings, but involve greater financial risk because we bear the impact of any cost overruns. The U.S. government has generally indicated that it intends to increase its use of fixed price contract procurements. We have seen a recent preference for the use of fixed price contracts with the new presidential administration, which may result in future contract modifications and conversions of existing contracts to fixed-price contracts. Because we assume the risk for cost overruns and contingent losses on fixed-price contracts, an increase in the percentage of fixed-price contracts in our contract mix would increase our risk of suffering losses. Additionally, our profits could be adversely affected if our costs under any such contract exceed the assumptions we used in bidding for the contract. For example, we may miscalculate the costs, resources, or time needed to complete projects or meet contractual milestones as a result of delays on a particular project, including delays in designs, engineering information, or materials provided by the customer or a third party, delays or difficulties in equipment and material delivery, schedule changes, and other factors, some of which are beyond our control. We record provisions in our consolidated financial statements for 13 13 13 Table of Contents Table of Contents losses on our contracts when necessary, as required under accounting principles generally accepted in the United States, or GAAP, but our contract loss provisions may not be adequate to cover all actual losses that we may incur in the future. **Current (2026):** We enter into three general types of U.S. government contracts for our services: cost-reimbursable, time-and-materials, and fixed-price. Each of these types of contracts, to varying degrees, involves the risk that we could underestimate our cost of fulfilling the contract, which may reduce the profit we earn or lead to a financial loss on the contract and adversely affect our operating results. Under cost-reimbursable contracts, we are reimbursed for allowable costs up to a ceiling and paid a fee, which may be fixed or performance-based. If our actual costs exceed the contract ceiling or are not allowable under the terms of the contract or applicable regulations, we may not be able to recover those costs. In particular, there is ongoing focus by the U.S. government on the extent to which government contractors, including us, are able to receive reimbursement for employee compensation, including the adoption of interim rules by federal agencies implementing a section of the Bipartisan Budget Act of 2013, as amended, that substantially decreased the level of allowable compensation cost for executive-level employees and further applied the newly reduced limitation to all employees. In addition, there is an increased risk of compensation being deemed unallowable or payments being withheld as a result of U.S. government audit, review, or investigation. Under time-and-materials contracts, we are reimbursed for labor at negotiated hourly billing rates and for certain allowable expenses. We assume financial risk on time-and-materials contracts because our costs of performance may exceed these negotiated hourly rates. Under fixed-price contracts, we perform specific tasks or deliver a specific outcome for a predetermined price. Compared to time-and-materials and cost-reimbursable contracts, fixed-price contracts generally offer higher margin opportunities because we receive the benefits of any cost savings, but involve greater financial risk because we bear the impact of any cost overruns. The U.S. government, through the recent executive order "Promoting Efficiency, Accountability, and Performance in Federal Contracting," directs federal agencies, subject to certain exceptions, to increase the use of firm-fixed price contracts for new awards to the maximum extent consistent with law. Additionally, agencies are directed, to the maximum extent practicable and consistent with law, to seek to modify, restructure, or renegotiate, their top ten highest-dollar-value contracts issued on an other-than-fixed price basis. This executive order may result in future contract modifications and conversions of existing contracts to fixed-price contracts. Because we assume the risk for cost overruns and contingent losses on fixed-price contracts, an increase in the percentage of fixed-price contracts in our contract mix may increase our risk of incurring losses. 11 11 11 Table of Contents Table of Contents Additionally, our profits could be adversely affected if our costs under any contract exceed the assumptions we used in bidding for the contract. For example, we may miscalculate the costs, resources, or time needed to complete projects or meet contractual milestones as a result of delays on a particular project, including delays in designs, engineering information, or materials provided by the customer or a third party, delays or difficulties in equipment and material delivery, schedule changes, and other factors, some of which are beyond our control. Additionally, as more contracts with the U.S. government transition to fixed-price, we face greater risk of cost overruns due to ambiguities in the contract itself regarding delineation of responsibilities between us and the U.S. government and uncertainty with how the government may manage the contract in practice. We record provisions in our consolidated financial statements for losses on our contracts when necessary, as required under accounting principles generally accepted in the United States, or GAAP, but our contract loss provisions may not be adequate to cover all actual losses that we may incur in the future. --- ## Modified: We cannot predict the consequences of future geopolitical events, but they may adversely affect the markets in which we operate and our results of operations. **Key changes:** - Reworded sentence: "25 25 25 Table of Contents Table of Contents Ongoing instability and current geopolitical conflicts in global markets, including ongoing conflicts in Eastern Europe and the Middle East, increased tensions in Asia, and political and economic instability in Venezuela, the potential for future geopolitical conflicts and terrorist activities, and trade tensions related to recent shifts in international trade policies could have a material adverse effect on our business, operations and profitability." - Reworded sentence: "In addition, in connection with the current status of foreign relations with Russia, particularly in light of the conflict between Russia and Ukraine, the U.S." **Prior (2025):** Ongoing instability and current conflicts in global markets, including in Eastern Europe, the Middle East and Asia, and the potential for other conflicts and future terrorist activities and other recent geopolitical events throughout the world, including the ongoing conflict between Russia and Ukraine, ongoing conflicts in the Middle East, increased tensions in Asia, and trade tensions related to recent shifts in international trade policies, have created and may continue to create economic and political uncertainties and impacts that could have a material adverse effect on our business, operations and profitability. These types of matters cause uncertainty in financial markets and may significantly increase the political, economic and social instability in the geographic areas in which we operate. In addition, in connection with the current status of international relations with Russia, particularly in light of the conflict between Russia and Ukraine, the U.S. government has imposed enhanced export controls on certain products and sanctions on certain industry sectors and parties in Russia. The U.S. government has imposed tariffs, and may impose new or increased tariffs, on certain imports from other countries. The governments of other jurisdictions in which we operate, such as the European Union and Canada, may also implement sanctions or other restrictive measures. These potential sanctions, tariffs, and export controls could adversely affect the Company and/or our supply chain, business partners, or customers. **Current (2026):** 25 25 25 Table of Contents Table of Contents Ongoing instability and current geopolitical conflicts in global markets, including ongoing conflicts in Eastern Europe and the Middle East, increased tensions in Asia, and political and economic instability in Venezuela, the potential for future geopolitical conflicts and terrorist activities, and trade tensions related to recent shifts in international trade policies could have a material adverse effect on our business, operations and profitability. These types of matters cause uncertainty in financial markets and may significantly increase the political, economic and social instability in the geographic areas in which we operate. In addition, in connection with the current status of foreign relations with Russia, particularly in light of the conflict between Russia and Ukraine, the U.S. government has imposed enhanced export controls on certain products and sanctions on certain industry sectors and parties in Russia. The U.S. government has imposed tariffs, and may impose new or increased tariffs, on certain imports from other countries. The governments of other jurisdictions in which we operate, such as the European Union and Canada, may also implement sanctions or other restrictive measures. These potential sanctions, tariffs, and export controls could adversely affect the Company and/or our supply chain, business partners, or customers. --- ## Modified: Our variable rate indebtedness subjects us to interest rate risk, which could cause our debt service obligations to increase significantly. **Key changes:** - Reworded sentence: "Following the significant increases in interest rates during 2022 and 2023, rates have gradually declined but, as of March 2026, remain above recent historical lows." - Reworded sentence: "Based on the outstanding $1.5 billion term loan and any balances drawn under the revolving credit facility as of March 31, 2026, and after considering interest rate swaps that fix the interest rate on $350 million of principal of our variable-rate debt, each quarter point change in interest rates would result in a $3 million change in our projected annual interest expense on the outstanding indebtedness under our Senior Credit Facility." **Prior (2025):** Borrowings under the Senior Credit Facility are at variable rates of interest and expose us to interest rate risk. During 2022 and 2023, interest rates increased significantly and interest rates may continue to increase or remain at higher than recent historical levels. With an increase in interest rates, our debt service obligations on the variable rate indebtedness would increase even though the amount borrowed remains the same, and our net income and cash flows, including cash available for servicing our indebtedness, would correspondingly decrease. Based on the $1.5 billion term loan facility ("Term Loan A") outstanding as of March 31, 2025 and assuming all revolving loans are fully drawn, and after considering interest rate swaps that fix the interest rate on $550 million of principal of our variable-rate debt each quarter point change in interest rates would result in a $2 million change in our projected annual interest expense on our indebtedness under the Senior Credit Facility. We have entered into interest rate swaps and may in the future enter into additional interest rate swaps that involve the exchange of floating for fixed rate interest payments in order to reduce future interest rate volatility of our variable rate indebtedness. However, due to risks for hedging gains and losses and cash settlement costs, we may not elect to maintain such interest rate swaps, and any swaps may not fully mitigate our interest rate risk. **Current (2026):** Borrowings under the Senior Credit Facility are at variable rates of interest and expose us to interest rate risk. Following the significant increases in interest rates during 2022 and 2023, rates have gradually declined but, as of March 2026, remain above recent historical lows. Future movements in interest rates remain uncertain. With an increase in interest rates, our debt service obligations on the variable rate indebtedness would increase even though the amount borrowed remains the same, and our net income and cash flows, including cash available for servicing our indebtedness, would correspondingly decrease. Based on the outstanding $1.5 billion term loan and any balances drawn under the revolving credit facility as of March 31, 2026, and after considering interest rate swaps that fix the interest rate on $350 million of principal of our variable-rate debt, each quarter point change in interest rates would result in a $3 million change in our projected annual interest expense on the outstanding indebtedness under our Senior Credit Facility. We have entered into interest rate swaps and may in the future enter into additional interest rate derivatives that balances our debt portfolio and keeps a neutral stance on interest rates. However, due to risks for hedging gains and losses and cash settlement costs, we may not elect to maintain such interest rate swaps, and any swaps may not fully mitigate our interest rate risk. --- ## Modified: Industry and Economic Risks **Key changes:** - Reworded sentence: "government spending and mission priorities, including due to uncertainty relating to the funding of the U.S." **Prior (2025):** •risks relating to our relationships and reputation with the U.S. government; •changes in U.S. government spending and mission priorities, including due to uncertainty relating to the new presidential administration, funding of the U.S. government, and increasing the debt ceiling; •our ability to compete effectively in the competitive bidding and re-competing processes and delays or losses of contract awards caused by competitors' protests of major contract awards received by us; •the loss of GSA schedules, or our position as prime contractor on GWACs; •variable purchasing patterns under GSA schedules, blanket purchase agreements, and IDIQ contracts; •changes in the mix of our contracts and our ability to accurately estimate or otherwise recover expenses, time, and resources for our contracts; •changes in estimates used in recognizing revenue; •our ability to realize the full value of and replenish our backlog, generate revenue under certain of our contracts, and the timing of our receipt of revenue under contracts included in backlog; •risks related to inflation and new or increased tariffs that could impact the cost of doing business and/or reduce customer buying power; •risks related to the deterioration of economic conditions or weakening in the credit or capital markets; •internal system or service failures and security breaches, including, but not limited to, those resulting from external or internal threats, including cyber attacks on our network and internal systems, or on our customers' network or internal systems; •risks related to the development and use of artificial intelligence, which include potential liability as well as regulatory, competition, reputational and other risks; •risks related to the operation of financial management systems; •our ability to attract, train, or retain employees with the requisite skills and experience and ensure that employees obtain and maintain necessary security clearances and effectively manage our cost structure; •the loss of members of senior management or failure to develop new leaders; •misconduct or other improper activities from our employees, subcontractors, or suppliers, including the improper access, use, or release of our or our customers' sensitive or classified information; •failure to maintain strong relationships with other contractors, or the failure of contractors with which we have entered into a sub- or prime-contractor relationship to meet their obligations to us or our customers; •risks related to changes to our operating structure, capabilities, or strategy intended to address customer needs, grow our business, or respond to market developments; and 9 9 9 Table of Contents Table of Contents •risks related to completed and future acquisitions, including our ability to realize the expected benefits from such acquisitions. **Current (2026):** •risks relating to our relationships and reputation with the U.S. government; •changes in U.S. government spending and mission priorities, including due to uncertainty relating to the funding of the U.S. government and increasing the debt ceiling; •our ability to compete effectively in the competitive bidding and re-competing processes, including increasing competition from non-traditional contractors and changes in government procurement practices, and delays or losses of contract awards caused by competitors' protests of major contract awards received by us; •the loss of GSA schedules, or our position as prime contractor on GWACs; •variable purchasing patterns under GSA schedules, blanket purchase agreements, and IDIQ contracts; •changes in the mix of our contracts and our ability to accurately estimate or otherwise recover expenses, time, and resources for our contracts; •changes in estimates used in recognizing revenue; •our ability to realize the full value of and replenish our backlog, generate revenue under certain of our contracts, and the timing of our receipt of revenue under contracts included in backlog; •risks related to inflation and new or increased tariffs that could impact the cost of doing business and/or reduce customer buying power; •risks related to the deterioration of economic conditions or weakening in the credit or capital markets, including financial institution instability that could impair access to our funds and adversely affect our liquidity; 7 7 7 Table of Contents Table of Contents •internal system or service failures and security breaches, including, but not limited to, those resulting from external or internal threats, including cyber-attacks on our network and internal systems, or on our customers' network or internal systems, including more frequent and sophisticated threats such as those by bad actors looking to augment traditional cyber tools and tradecraft with artificial intelligence capabilities; •compliance with evolving data privacy and cybersecurity laws and regulations, including complex, fragmented, and changing foreign, federal, state, and local requirements and the potential for liability arising from noncompliance; •risks related to the development and use of artificial intelligence, which include potential liability as well as regulatory, competition, reputational and other risks; •risks related to the operation of financial management systems; •our ability to attract, train, or retain employees with the requisite skills and experience and ensure that employees obtain and maintain necessary security clearances and effectively manage our cost structure; •the loss of members of senior management or failure to develop new leaders; •misconduct or other improper activities from our employees, subcontractors, or suppliers, including the improper access, use, or release of our or our customers' sensitive, classified, or export-controlled information; •failure to maintain strong relationships with other contractors, or the failure of contractors with which we have entered into a sub- or prime-contractor relationship to meet their obligations to us or our customers; •risks related to changes to our operating structure, capabilities, or strategy intended to address customer needs, grow our business, or respond to market developments; and •risks related to completed and future acquisitions, joint ventures or investments, including our ability to realize the expected benefits from such transactions. --- ## Modified: We face intense competition from many competitors, which could cause us to lose business, lower prices and suffer employee departures. **Key changes:** - Reworded sentence: "Our business operates in a highly competitive industry, and we compete with companies of all types and sizes, including large enterprise software companies, large global technology providers, government contractors focused principally on the provision of technology services to the U.S." - Reworded sentence: "These competitors could, among other things: •make acquisitions of businesses, or establish teaming or other agreements among themselves or third parties, that allow them to offer more competitive and comprehensive solutions; •divert sales from us by winning very large-scale government contracts, a risk that is enhanced by the recent trend in government procurement practices to bundle services into larger contracts; •offer products that may compete with our products that are or will be on the market; •force us to charge lower prices in order to win or maintain contracts; •seek to hire our employees; or •adversely affect our relationships with current customers, including our ability to continue to win competitively awarded engagements where we are the incumbent." **Prior (2025):** Our business operates in a highly competitive industry, and we generally compete with a wide variety of U.S. government contractors, including large defense contractors, diversified service providers, and small businesses. We also face competition from entrants into our markets including companies divested by large prime contractors in response to increasing scrutiny of organizational conflicts of interest issues. There is also a significant industry trend towards consolidation, which may result in the emergence of companies that are better able to compete against us. Some of these companies possess greater financial resources and larger technical staffs, and others have smaller and more specialized staffs. These competitors could, among other things: •make acquisitions of businesses, or establish teaming or other agreements among themselves or third parties, that allow them to offer more competitive and comprehensive solutions; •divert sales from us by winning very large-scale government contracts, a risk that is enhanced by the recent trend in government procurement practices to bundle services into larger contracts; •force us to charge lower prices in order to win or maintain contracts; •seek to hire our employees; or •adversely affect our relationships with current customers, including our ability to continue to win competitively awarded engagements where we are the incumbent. If we lose business to our competitors or are forced to lower our prices or suffer employee departures, our revenue and our operating profits could decline. In addition, we may face competition from our subcontractors who, from time to time, seek to obtain prime contractor status on contracts for which they currently serve as a subcontractor to us. If our current subcontractors are awarded prime contractor status on such contracts in the future, it could divert sales from us and could force us to charge lower prices, which could have a material adverse effect on our revenue and profitability. **Current (2026):** Our business operates in a highly competitive industry, and we compete with companies of all types and sizes, including large enterprise software companies, large global technology providers, government contractors focused principally on the provision of technology services to the U.S. government, large defense contractors that provide both products and technology services to the U.S. government, diversified service providers, systems integrators, small businesses, and technology startups. We may also face competition from new entrants into our markets, including companies divested by large prime contractors in response to increasing scrutiny of organizational conflicts of interest issues or commercial companies in response to the U.S. government's push for modernization and innovation in procurement. There continues to be an industry trend towards consolidation, which may result in the emergence of companies that are better able to compete against us. Some of these companies possess greater financial resources and larger technical staffs, and others have smaller and more specialized staffs. These competitors could, among other things: •make acquisitions of businesses, or establish teaming or other agreements among themselves or third parties, that allow them to offer more competitive and comprehensive solutions; •divert sales from us by winning very large-scale government contracts, a risk that is enhanced by the recent trend in government procurement practices to bundle services into larger contracts; •offer products that may compete with our products that are or will be on the market; •force us to charge lower prices in order to win or maintain contracts; •seek to hire our employees; or •adversely affect our relationships with current customers, including our ability to continue to win competitively awarded engagements where we are the incumbent. If we lose business to our competitors or are forced to lower our prices or suffer employee departures, our revenue and our operating profits could decline. In addition, we may face competition from our subcontractors who, from time to time, seek to obtain prime contractor status on contracts for which they currently serve as a subcontractor to us. If our current subcontractors are awarded prime contractor status on such contracts in the future, it could divert sales from us and could force us to charge lower prices, which could have a material adverse effect on our revenue and profitability. --- ## Modified: Implementation of and compliance with various data privacy and cybersecurity laws, regulations and standards could require significant investment into ongoing compliance activities, trigger potential liability, and limit our ability to use personal data. **Key changes:** - Reworded sentence: "14 14 14 Table of Contents Table of Contents Any failure by us, our vendors or other business partners to comply with foreign, U.S." - Reworded sentence: "We may also incur substantial expenses in implementing and maintaining compliance with such laws and regulations, or anticipated laws and regulations, including those that require certain types of data to be retained on servers within these jurisdictions or otherwise impose data sovereignty, localization, and cross-border transfer restrictions on how and where data is stored, processed, accessed, or transferred." - Reworded sentence: "states have enacted comprehensive privacy laws, and we are also subject to federal, state, local, and foreign privacy and data protection laws and regulations such as the European Union's ("EU") General Data Protection Regulation (the "GDPR"), and the United Kingdom's GDPR, that impose compliance obligations on companies that process personal data." - Reworded sentence: "Certain foreign, U.S." - Reworded sentence: "We are also subject to the Department of War Cybersecurity Maturity Model Certification ("CMMC"), requirements, which are being phased into covered solicitations and contracts and require contractors to obtain specified certifications relating to cybersecurity standards in order to be eligible for certain contract awards and, in some cases, contract modifications or option exercises." **Prior (2025):** Any failure by us, our vendors or other business partners to comply with international, U.S. federal, state or local laws and regulations regarding data privacy, including the protection of personal or confidential information of our customers or employees which we may handle and process, or cybersecurity could result in significant monetary damages, regulatory enforcement actions, fines, penalties, private litigation or claims, and/or criminal prosecution in one or more jurisdictions, including as a result of the perception of our practices, products, and services in relation to violations of individual privacy, data protection rights, or cybersecurity requirements. We may also incur substantial expenses in implementing and maintaining compliance with such laws and regulations, or anticipated laws and regulations, including those that require certain types of data to be retained on servers within these jurisdictions. These laws and regulations, and anticipated laws and regulations, are increasing in complexity and number, change frequently, sometimes conflict or create different requirements across jurisdictions, and are subject to interpretation by different regulators and courts, creating the possibility of different compliance measures or enforcement risks across jurisdictions, which may cause additional expenses for compliance with such laws and regulations. Our failure to comply with applicable laws and regulations may result in privacy claims or enforcement actions against us, including liabilities, fines and damage to our reputation, any of which may have a material adverse effect on our results of operations. For example, the European Union's General Data Protection Regulation (the "GDPR"), and the United Kingdom's GDPR impose compliance obligations on companies that process personal data of people in the European Union and United Kingdom, respectively. In the U.S., numerous federal, state, and local data privacy laws and regulations govern the collection, use, and processing of personal information, provide rights to residents of those respective states, in some cases including personal information collected from residents in the context of recruitment and employment, as well as business-to-business arrangements. Compliance with these laws, or emerging international, U.S. federal, state or local privacy laws, requires investments into compliance programs, investments to deploy, operate and maintain technology that enables compliance, potential modifications to business processes, ongoing data protection activities and documentation requirements, and creates the potential for fines, individual claims and other liabilities for noncompliance as well as litigation risks, particularly in the event of a data breach, and could have a material adverse effect on our business, including how we use personal information or our results of operations. Certain international, U.S. federal, state laws and regulations also impose obligations to maintain and implement an information security program that includes administrative, technical, physical, or organizational safeguards, as well as obligations to give notice to affected individuals and to certain regulators in the event of a data breach. We may be required to spend significant resources to comply with these information security and data breach legal requirements. A significant data breach (including various forms of external attack, such as ransomware, as well as data incidents resulting from internal actions or omissions) could have negative consequences for our business and future prospects, including possible penalties, fines, damages, reduced customer demand, legal claims against and by customers, personnel, business partners or other persons claiming to be affected, harm to our systems and operations and harm to our reputation and brand. In addition, as a contractor supporting defense and national security customers, we are subject to certain additional regulatory compliance requirements relating to data privacy and cybersecurity. Under the DFARS and other federal regulations, our networks and IT systems are required to comply with the security and privacy controls in certain National Institute of Standards and Technology Special Publications ("NIST SP"). To the extent that we do not comply with the applicable security and control requirements, unauthorized access or disclosure of sensitive information could result in a contract termination, which could have a material adverse effect on our business and financial results and lead to reputational harm. We are also subject to the Department of Defense Cybersecurity Maturity Model Certification ("CMMC"), requirements, which will require all contractors to receive specific certifications relating to specified cybersecurity standards in order to be eligible for contract awards. In addition, CMMC certification requirements may be required in modifications to existing contracts. To the extent we are unable to achieve certification in advance of applicable contract awards that specify the requirement, we will be unable to bid on such contract awards or on follow-on awards for existing work with the Department of Defense, depending on the level of standard as required for each solicitation, or be ineligible to receive option awards under existing contracts that specify the certification requirement, which could adversely impact our revenue and profitability. In addition, our subcontractors, and in some cases our vendors, may also be required to adhere to the CMMC program requirements and potentially to achieve certification. Should our supply chain fail to meet compliance requirements or achieve certification, this may adversely affect our ability to receive award or execute on relevant government programs. In addition, any obligations that may be imposed on us under the CMMC may be different from or in addition to those otherwise required by applicable laws and regulations, which may cause additional expense for compliance. 17 17 17 Table of Contents Table of Contents **Current (2026):** 14 14 14 Table of Contents Table of Contents Any failure by us, our vendors or other business partners to comply with foreign, U.S. federal, state or local laws and regulations regarding data privacy, including the protection of personal or confidential information of our customers or employees which we may handle and process, or cybersecurity could result in significant monetary damages, regulatory enforcement actions, fines, penalties, private litigation or claims, and/or criminal prosecution in one or more jurisdictions, including as a result of the perception of our practices, products, and services in relation to violations of individual privacy, data protection rights, or cybersecurity requirements. We may also incur substantial expenses in implementing and maintaining compliance with such laws and regulations, or anticipated laws and regulations, including those that require certain types of data to be retained on servers within these jurisdictions or otherwise impose data sovereignty, localization, and cross-border transfer restrictions on how and where data is stored, processed, accessed, or transferred. These laws and regulations, and anticipated laws and regulations, are increasing in complexity and number, change frequently, sometimes conflict or create different requirements across jurisdictions, and are subject to interpretation by different regulators and courts, creating the possibility of different compliance measures or enforcement risks across jurisdictions, which may cause additional expenses for compliance with such laws and regulations. Our failure to comply with applicable laws and regulations may result in privacy claims or enforcement actions against us, including liabilities, fines and damage to our reputation, any of which may have a material adverse effect on our results of operations. More than 20 U.S. states have enacted comprehensive privacy laws, and we are also subject to federal, state, local, and foreign privacy and data protection laws and regulations such as the European Union's ("EU") General Data Protection Regulation (the "GDPR"), and the United Kingdom's GDPR, that impose compliance obligations on companies that process personal data. These data privacy laws and regulations govern the collection, use, and processing of personal information, provide rights to residents of those respective states, in some cases including personal information collected from residents in the context of recruitment and employment, as well as business-to-business arrangements. The number and fragmentation of these laws create a complex regulatory landscape. Compliance with these laws, or new and evolving foreign, U.S. federal, state or local privacy laws, requires investments into compliance programs, investments to deploy, operate and maintain technology that enables compliance, potential modifications to business processes, ongoing data protection activities and documentation requirements, and creates the potential for fines, individual claims and other liabilities for noncompliance as well as litigation risks, particularly in the event of a data breach, and could have a material adverse effect on our business, including how we use personal information or our results of operations. Certain foreign, U.S. federal, state laws and regulations also impose obligations to maintain and implement an information security program that includes administrative, technical, physical, or organizational safeguards, and in some cases may require cybersecurity audits, risk assessments, or compliance measures relating to automated decision-making technologies, as well as obligations to give notice to affected individuals and to certain regulators in the event of a data breach. We may be required to spend significant resources to comply with these information security and data breach legal requirements. A significant data breach (including various forms of external attack, such as ransomware, as well as data incidents resulting from internal actions or omissions) could have negative consequences for our business and future prospects, including possible penalties, fines, damages, reduced customer demand, legal claims against and by customers, personnel, business partners or other persons claiming to be affected, harm to our systems and operations and harm to our reputation and brand. In addition, as a contractor supporting defense and national security customers, we are subject to certain additional regulatory compliance requirements relating to data privacy and cybersecurity. Under the DFARS and other federal regulations, our networks and IT systems are required to comply with the security and privacy controls in certain National Institute of Standards and Technology Special Publications ("NIST SP"). To the extent that we do not comply with the applicable security and control requirements, unauthorized access or disclosure of sensitive information could result in a contract termination, which could have a material adverse effect on our business and financial results and lead to reputational harm. We are also subject to the Department of War Cybersecurity Maturity Model Certification ("CMMC"), requirements, which are being phased into covered solicitations and contracts and require contractors to obtain specified certifications relating to cybersecurity standards in order to be eligible for certain contract awards and, in some cases, contract modifications or option exercises. Although we have obtained CMMC level 2 certification, maintaining that status and satisfying applicable ongoing compliance, assessment, affirmation, monitoring, remediation, and renewal requirements may require significant effort and expense. In addition, certain subcontractors and vendors may also be required to comply with CMMC requirements. If we, or members of our supply chain, fail to maintain required compliance or certification levels, we could be unable to bid on, receive, or continue performing certain contracts or contract options, which could adversely affect our revenue, profitability, and reputation. In addition, any obligations that may be imposed on us under the CMMC may be different from or in addition to those otherwise required by applicable laws and regulations, which may cause additional expense for compliance. --- ## Modified: Booz Allen Hamilton Holding Corporation is a holding company with no operations of its own, and it depends on its subsidiaries for cash to fund all of its operations and expenses, including to make future dividend payments, if any. **Key changes:** - Reworded sentence: "The operations of Booz Allen Hamilton Holding Corporation are conducted almost entirely through its subsidiaries and its ability to generate cash to meet its debt service obligations or to pay dividends is highly dependent on the earnings and receipt of funds from its subsidiaries via dividends or intercompany loans." **Prior (2025):** The operations of Booz Allen Holding are conducted almost entirely through its subsidiaries and its ability to generate cash to meet its debt service obligations or to pay dividends is highly dependent on the earnings and receipt of funds from its subsidiaries via dividends or intercompany loans. Further, the Senior Credit Facility and indentures governing our outstanding senior notes significantly restrict the ability of our subsidiaries to pay dividends or otherwise transfer assets to us. In addition, Delaware law may impose requirements that may restrict our ability to pay dividends to holders of our common stock. **Current (2026):** The operations of Booz Allen Hamilton Holding Corporation are conducted almost entirely through its subsidiaries and its ability to generate cash to meet its debt service obligations or to pay dividends is highly dependent on the earnings and receipt of funds from its subsidiaries via dividends or intercompany loans. In addition, Delaware law may impose requirements that may restrict our ability to pay dividends to holders of our common stock. --- ## Modified: A delay in the completion of the U.S. government's budget process, including as a result of a failure to raise the debt ceiling, could result in a reduction in our backlog and have a material adverse effect on our revenue and operating results. **Key changes:** - Reworded sentence: "Appropriations for the U.S." - Reworded sentence: "Congress is unable to approve the annual federal budget before the start of the U.S." **Prior (2025):** On March 15, 2025, the President signed into law the Full-Year Continuing Appropriations and Extensions Act, 2025, which funds the U.S. government under a continuing resolution through September 30, 2025, its fiscal year end. To the extent the U.S. Congress is unable to approve the annual federal budget before the expiration of this continuing resolution, funding for new projects may not be available and funding on contracts we are already performing may be delayed. If Congressional efforts to approve such funding fail, and Congress is unable to craft a long-term agreement on the U.S. government's ability to incur indebtedness in excess of its current limits, the U.S. government may not be able to fulfill its current funding obligations and there could be significant disruption to all discretionary programs, which would have corresponding impacts on us and our industry. Any such delays would likely result in new business initiatives being delayed or canceled and a reduction in our backlog, and could have a material adverse effect on our revenue and operating results. In addition, a failure to complete the budget process and fund government operations pursuant to a continuing resolution may result in a U.S. government shutdown, which could result in us incurring substantial costs without reimbursement under our contracts. The delay or cancellation of key programs or the delay of contract payments may have a material adverse effect on our revenue and operating results. In addition, when supplemental appropriations are required to operate the U.S. government or fund specific programs and the passage of legislation needed to approve any supplemental appropriation bill is delayed, the overall funding environment for our business could be adversely affected. **Current (2026):** Appropriations for the U.S. government's fiscal year 2026 were delayed, with Congress enacting partial appropriations legislation in multiple tranches, with such appropriations ultimately covering a majority of federal agencies. However, a full-year, comprehensive appropriations agreement has not been reached for all agencies, and certain portions of the government have been funded through continuing resolutions or remain subject to funding uncertainty, including the Department of Homeland Security, for which funding has been provided only on a partial basis, while certain components, including its immigration enforcement operations, remain subject to funding uncertainty. As a result, uncertainty regarding federal funding levels persists. To the extent the U.S. Congress is unable to approve the annual federal budget before the start of the U.S. government's fiscal year 2027, funding for new projects may not be available and funding on contracts we are already performing may be delayed. If Congressional efforts to approve such funding fail, and Congress is unable to craft a long-term agreement on the U.S. government's ability to incur indebtedness in excess of its current limits, the U.S. government may not be able to fulfill its current funding obligations and there could be significant disruption to all discretionary programs, which would have corresponding impacts on us and our industry. Any such delays would likely result in new business initiatives being delayed or canceled and a reduction in our backlog, and could have a material adverse effect on our revenue and operating results. In addition, a failure to complete the budget process and fund government operations pursuant to a continuing resolution may result in a U.S. government shutdown, which could result in us incurring substantial costs without reimbursement under our contracts. The delay or cancellation of key programs or the delay of contract payments may have a material adverse effect on our revenue and operating results. In addition, when supplemental appropriations are required to operate the U.S. government or fund specific programs and the passage of legislation needed to approve any supplemental appropriation bill is delayed, the overall funding environment for our business could be adversely affected. --- ## Modified: We develop and use artificial intelligence, which could expose us to financial, regulatory, strategic, reputational, and other risks. **Key changes:** - Reworded sentence: "15 15 15 Table of Contents Table of Contents We use artificial intelligence, including agentic, physical, and adversarial artificial intelligence, and similar tools and technologies (collectively, "AI") that collect, aggregate, manipulate, or generate data and systems in connection with our business." - Added sentence: "Our ability to develop, deploy, maintain, or scale AI technologies may also depend on our ability to obtain or access high-quality datasets, models, computing resources, and other AI system components from third parties on commercially reasonable terms, and any limitation, interruption, pricing change, licensing restriction, or other reduction in such access could impair our ability to deliver AI-enabled solutions competitively or at all." - Added sentence: "It is not possible to predict all the operational or technological risks that may arise relating to the use of AI, any of which may materially and adversely affect our business and results of operations." - Reworded sentence: "policy environment for AI is rapidly changing through executive orders, other executive actions, agency guidance, procurement directives, and rulemaking, and these developments may impose new or different compliance obligations, alter enforcement priorities, and require us to modify our AI governance, development, deployment, and contracting practices." - Reworded sentence: "Additionally, we may not always be able to anticipate how courts and regulators will apply existing laws to AI how new legal frameworks will develop to address AI, or how we must respond to these frameworks, as they are rapidly evolving." **Prior (2025):** We utilize artificial intelligence, including generative artificial intelligence, machine learning, and similar tools and technologies that collect, aggregate, analyze, or generate data or other materials (collectively, "AI") in connection with our business. The development, deployment and oversight of the use of AI by us, either directly, through our suppliers, or by engaging third-party AI developers, as well as the use of AI by competitors, is expected to require us to invest substantially in AI technology resources and related governance. There are significant risks involved in using AI and no assurance can be provided that our use of AI will enhance our products or services, produce the intended results, or keep pace with the use of AI by our competitors. For example, AI algorithms may produce incomplete, insufficient, biased or otherwise flawed results or rely upon biased or inaccurate data, and any of these deficiencies may not be easily detectable despite internal policies and diligence efforts in place to mitigate such deficiencies. The degraded or flawed performance could also result from adversarial attacks that include data poisoning, malware risks, and evasion techniques. If the AI that we use produces deficient, inaccurate, or controversial results, or if public opinion of AI is adversely affected due to actual or perceived risks regarding the usage of AI, we could incur operational inefficiencies, competitive harm, legal liability, brand or reputational harm, or other adverse impacts on our business and results of operations. Further, ownership and intellectual property rights of content generated by artificial intelligence is a developing area. This presents unique complexity and challenges that could affect our business and impact our delivery of AI-driven solutions. If we, or the third-party AI developers on which we rely, do not have sufficient rights to use the data or other material relied upon by such AI technologies, we also may incur liability through the alleged violation of applicable laws and regulations, third-party intellectual property, data privacy, or other rights, or contractual obligations. Although we conduct diligence on third-party AI developers, we will not be able to control the manner in which third-party AI technologies are developed or maintained. Legal and regulatory frameworks related to the use of AI are evolving, including due to the perceived or actual risks of bias, lack of transparency, and information security. The technologies underlying AI and its uses are subject to a variety of laws and regulations, including intellectual property, data privacy and security, consumer protection, competition, and equal opportunity laws, and may be subject to new laws and regulations or new interpretations of existing laws and regulations. AI is the subject of ongoing review by various U.S. and foreign governmental and regulatory agencies. For example, there have been significant changes in U.S. AI policy introduced by the new presidential administration, including the rescinding of the prior administration's October 2023 executive order on Safe, Secure, and Trustworthy Artificial Intelligence. In addition, in March 2024, the EU enacted a new regulation applicable to certain AI technologies and the data used to train, test and deploy them. The enactment or expansion of laws and regulations related to the use of AI in our operations could result in increased compliance costs related to our use of AI, while the persistence of regulatory ambiguity results in uncertainty regarding potential compliance obligations and presents challenges to longer-term strategic decision-making. Additionally, we may not always be able to anticipate how courts and regulators will apply existing laws to AI, predict how new legal frameworks will develop to address AI, or otherwise respond to these frameworks as they are still rapidly evolving. We may also have to expend resources to adjust our offerings in certain jurisdictions if the legal frameworks on AI are not consistent across jurisdictions. Furthermore, it is not possible to predict all the operational or technological risks that may arise relating to the use of AI, any of which may materially and adversely affect our business and results of operations. Further, we face significant competition from other companies that are developing their own AI features and technologies. Other companies may develop AI features and technologies that are similar or superior to our technologies or are more cost-effective to develop and deploy. Additionally, while AI is currently the focus of significant investment and strategic prioritization, there is a risk that if the expected value of AI does not materialize at scale, or if high-profile AI failures emerge, customers may reassess their AI plans, which could lead to reduced funding and a reduction in certain of our AI initiatives. These factors could materially and adversely affect our business, financial condition and results of operations. **Current (2026):** 15 15 15 Table of Contents Table of Contents We use artificial intelligence, including agentic, physical, and adversarial artificial intelligence, and similar tools and technologies (collectively, "AI") that collect, aggregate, manipulate, or generate data and systems in connection with our business. The development, deployment and oversight of the use of AI by us, either directly by our staff or indirectly through our suppliers or third-party AI developers, as well as the use of AI by competitors, requires us to invest substantially in AI technology resources and related governance. There is no guarantee that our use of AI will enhance our products or services, produce the intended results, or keep pace with the use of AI by our competitors. For example, AI algorithms may produce incomplete, insufficient, inaccurate, biased or otherwise flawed results or rely upon incomplete, insufficient, inaccurate, biased or otherwise flawed data, and any of these deficiencies may not be easily detectable despite the mitigations in place. Degraded or flawed performance could also result from adversarial attacks that include data poisoning, prompt injection, malware risks, and evasion techniques. If the AI that we use produces deficient, inaccurate, or controversial results, or if public opinion of AI is adversely affected due to actual or perceived risks regarding the usage of AI, we could incur operational inefficiencies, competitive harm, legal liability, brand or reputational harm, or other adverse impacts on our business. Further, ownership and intellectual property rights of content generated by or manipulated with AI is a developing area, presenting unique challenges that could affect our business interests and restrict our delivery of AI-driven solutions. If we, or the third-party AI developers on which we rely, do not have sufficient rights to use the data or other material relied upon by such AI technologies, we also may incur liability through the alleged violation of applicable laws and regulations, third-party intellectual property, data privacy, or other rights or contractual obligations. Although we conduct diligence on third-party AI developers, we will not be able to control the manner in which third-party AI technologies are developed or maintained. Our ability to develop, deploy, maintain, or scale AI technologies may also depend on our ability to obtain or access high-quality datasets, models, computing resources, and other AI system components from third parties on commercially reasonable terms, and any limitation, interruption, pricing change, licensing restriction, or other reduction in such access could impair our ability to deliver AI-enabled solutions competitively or at all. It is not possible to predict all the operational or technological risks that may arise relating to the use of AI, any of which may materially and adversely affect our business and results of operations. Legal and regulatory frameworks related to the use of AI are evolving, including due to the perceived or actual risks of bias, lack of transparency, and information security. The technologies underlying AI and its uses are subject to a variety of laws and regulations, including intellectual property, data privacy and security, consumer protection, competition, and equal opportunity laws, and may be subject to new laws and regulations or new interpretations of existing laws and regulations. AI is the subject of ongoing review by various U.S. and foreign governmental and regulatory agencies. The U.S. policy environment for AI is rapidly changing through executive orders, other executive actions, agency guidance, procurement directives, and rulemaking, and these developments may impose new or different compliance obligations, alter enforcement priorities, and require us to modify our AI governance, development, deployment, and contracting practices. In addition, the EU AI Act, which applies to certain AI systems and general-purpose AI models and affects data and governance practices used to develop, test, deploy, and use them, is being implemented in phases. The enactment or expansion of laws and regulations related to the use of AI in our operations could result in increased compliance costs related to our use of AI, while the persistence of regulatory ambiguity results in uncertainty regarding potential compliance obligations and presents challenges to longer-term strategic decision-making. Additionally, we may not always be able to anticipate how courts and regulators will apply existing laws to AI how new legal frameworks will develop to address AI, or how we must respond to these frameworks, as they are rapidly evolving. We may also have to expend resources to adjust our offerings in certain jurisdictions if the legal frameworks are not consistent across jurisdictions. Further, we face competition from other companies that are developing their own AI-enabled technologies, which may be superior to our technologies or more cost-effective to develop and deploy. In addition, as we develop and deploy AI-enabled solutions, our customers may not accept new pricing models designed to reflect the value, efficiency gains, or differentiated capabilities of those solutions, which could limit our ability to realize an adequate return on our AI investments. While AI is currently the focus of significant investment and strategic prioritization, there is a risk that if the expected value of AI does not materialize at scale, or if high-profile AI failures emerge, customers may reassess their AI plans, which could lead to reduced funding and a reduction in certain of our AI initiatives. These factors could materially and adversely affect our business, financial condition and results of operations. --- ## Modified: U.S. government spending levels and mission priorities could change in a manner that adversely affects our future revenue and limits our growth prospects. **Key changes:** - Reworded sentence: "Our business, prospects, financial condition, or operating results could be materially harmed by, among other causes, the following: •U.S." - Reworded sentence: "government agencies; •a shift in expenditures away from U.S." - Reworded sentence: "government processing times for security clearances and other governmental consents; •delays in the U.S." - Reworded sentence: "government obligations or for any other reason." - Reworded sentence: "government closures and shutdowns, terrorism, war, foreign conflicts, trade tensions related to international trade policies, under-staffing or layoffs within the government, natural disasters, public health crises, destruction of U.S." **Prior (2025):** Our business depends upon continued U.S. government expenditures on defense, intelligence, and civil programs for which we provide support. These expenditures have not remained constant over time, have been and in the future may be reduced in certain periods, and have been and in the future may be affected by the U.S. government's efforts to improve efficiency and reduce costs affecting U.S. government programs generally. Our business, prospects, financial condition, or operating results could be materially harmed by, among other causes, the following: •budgetary constraints, including mandated automatic spending cuts, affecting U.S. government spending generally, or specific agencies in particular, and changes in available funding; •a shift in the permissible federal debt limit; •a shift in expenditures away from agencies or programs that we support; •reduced U.S. government outsourcing of functions that we are currently contracted to provide, including as a result of increased insourcing by various U.S. government agencies due to changes in the definition of "inherently governmental" work, including proposals to limit contractor access to sensitive or classified information and work assignments; •changes or delays in U.S. government programs that we support or related requirements, including shifts in the scope of work that we support and delays in procurements; •changes in U.S. government customer cybersecurity investments and resourcing that impact the security posture of systems hosted by the Company on behalf of the U.S. government and under a U.S. government authority to operate; •U.S. government shutdowns due to, among other reasons, a failure to fund the government and other potential delays in the appropriations process; •U.S. government agencies awarding contracts on a technically acceptable/lowest cost basis in order to reduce expenditures; •increased U.S. government processing times for security clearances and other governmental consents; •delays in the payment of our invoices by government payment offices; •loss of government points of contact at the various U.S. government agencies we support as a result of the government's efforts to reduce spending; •an inability by the U.S. government to fund its operations as a result of a failure to increase the U.S. government's debt ceiling, the exhaustion of "extraordinary measures" to borrow additional funds without breaching the government's debt ceiling, a credit downgrade of U.S. government obligations or for any other reason; and •changes in the political climate and general economic conditions, including political changes from successive presidential administrations, a slowdown of the economy or unstable economic conditions and other conditions, such as emergency spending, that reduce funds available for other government priorities. In addition, any disruption in the functioning of U.S. government agencies, including as a result of U.S. government closures and shutdowns, terrorism, war, international conflicts (including the ongoing conflict between Russia and Ukraine, ongoing conflicts in the Middle East, and increased tensions in Asia), trade tensions related to recent shifts in international trade policies, natural disasters, public health crises, destruction of U.S. government facilities, and other potential calamities could have a negative impact on our operations and cause us to lose revenue or incur additional costs due to, among other things, our inability to deploy our staff to customer locations or facilities as a result of such disruptions. 11 11 11 Table of Contents Table of Contents Considerable uncertainty exists regarding how future budget and program decisions will unfold, including as a result of the changing spending priorities of the U.S. government. The U.S. government is currently in the process of reviewing federal spending across federal civilian, defense, and intelligence departments and agencies, to ensure it aligns with the new administration's priorities of maximizing governmental efficiency and productivity. As a leading provider of advanced technology products and services to U.S. government customers, we have been, and will continue to be, subject to these reviews, and we have had, and may in the future have, certain of our contracts impacted, reduced or canceled as a result of these reviews. We have also experienced price adjustments and renegotiations prior to option exercise of certain of our contracts as a result of these reviews and may in the future continue to experience such adjustments. Further, we are, and may in the future be, subject to customer mandates to formulate additional methods by which to achieve efficiencies in providing our services, and we remain in ongoing discussions with various government departments and agencies in relation to cost reductions and other potential contract modifications. There can be no assurance that these reviews will not ultimately have a material adverse impact on our business and financial performance - such as through more stringent and frequent reviews of our contracts, potential changes in government procurement policies which could affect our ability to secure new contracts or renew existing ones, the cancellation or reduction of contracts critical to our business, or the implementation of stricter compliance requirements that could increase our operational costs. The U.S. government budget deficits, the national debt, and prevailing economic conditions, and actions taken to address them, could negatively affect U.S. government expenditures on defense, intelligence, and civil programs for which we provide support. A reduction in the amount of, or delays or cancellations of funding for, services that we are contracted to provide as a result of initiatives with certain U.S. government departments, legislation, or otherwise could have a material adverse effect on our business and results of operations. Further, there is ongoing uncertainty regarding how the U.S. Congress will address the legal limit on U.S. debt commonly known as the debt ceiling, and for which the U.S. Treasury has announced that it has been using extraordinary measures to prevent the U.S. government's default on its payment obligations, and to extend the time that the U.S. Congress has to raise its statutory debt limit or otherwise resolve the funding situation. If the debt ceiling is not raised, the U.S. government may not be able to fulfill its funding obligations and there could be significant disruption to all discretionary programs, which would have material adverse impacts on us and our industry. If government funding relating to our contracts with the U.S. government or Department of Defense becomes unavailable, or is reduced or delayed, or planned orders are reduced, our contract or subcontract under such programs may be terminated or adjusted by the U.S. government or the prime contractor, if applicable. Our operating results could also be adversely affected by spending caps or changes in the budgetary priorities of the U.S. government or Department of Defense, as well as delays in program starts or the award of contracts or task orders under contracts. These or other factors could cause our defense, intelligence, or civil customers to decrease the number of new contracts awarded generally and fail to award us new contracts, reduce their purchases under our existing contracts, exercise their right to terminate our contracts, or not exercise options to renew our contracts, any of which could cause a material decline in our revenue. **Current (2026):** Our business depends upon continued U.S. government expenditures on defense, intelligence, and civil programs for which we provide support. These expenditures have not remained constant over time, have been and in the future may be reduced in certain periods, and have been and in the future may be affected by the U.S. government's efforts to improve efficiency and reduce costs affecting U.S. government programs generally. Our business, prospects, financial condition, or operating results could be materially harmed by, among other causes, the following: •U.S. government budget deficits and budgetary constraints, including mandated automatic spending cuts, affecting U.S. government spending generally, or specific agencies in particular, and changes in available funding; •a shift in the permissible federal debt limit; •reduced U.S. government outsourcing of functions that we are currently contracted to provide, including as a result of increased insourcing by various U.S. government agencies; •a shift in expenditures away from U.S. government agencies or programs that we support, including changes or delays in such programs, shifts in the scope of work, or shifts away from the federal government to state and local governments, or away from government contractors, in general, or from us; •changes in U.S. government customer cybersecurity investments and resourcing that impact the security posture of systems hosted by the Company on behalf of the U.S. government and under a U.S. government authority to operate; •U.S. government shutdowns due to, among other reasons, a failure to fund the government and other potential delays in the appropriations process; •U.S. government agencies awarding contracts on a technically acceptable/lowest cost basis in order to reduce expenditures; •increased U.S. government processing times for security clearances and other governmental consents; •delays in the U.S. government contract procurement process or in the payment of our invoices by government payment offices; and 9 9 9 Table of Contents Table of Contents •an inability by the U.S. government to fund its operations as a result of a failure to increase the U.S. government's debt ceiling, the exhaustion of "extraordinary measures" to borrow additional funds without breaching the government's debt ceiling, a credit downgrade of U.S. government obligations or for any other reason. In addition, any disruption in the functioning of U.S. government agencies, including as a result of U.S. government closures and shutdowns, terrorism, war, foreign conflicts, trade tensions related to international trade policies, under-staffing or layoffs within the government, natural disasters, public health crises, destruction of U.S. government facilities, and other potential calamities could have a negative impact on our operations and cause us to lose revenue or incur additional costs due to, among other things, our inability to deploy our staff to customer locations or facilities as a result of such disruptions. If government funding relating to our contracts with the U.S. government becomes unavailable, or is reduced or delayed, or planned orders are reduced, our contracts or subcontracts under such programs may be terminated or adjusted by the U.S. government or the prime contractor, if applicable. Our operating results could also be adversely affected by spending caps or changes in the budgetary priorities of the U.S. government or Department of War, as well as delays in program starts or the award of contracts or task orders under contracts. These or other factors could cause our defense, intelligence, or civil customers to decrease the number of new contracts awarded generally and fail to award us new contracts, reduce their purchases under our existing contracts, exercise their right to terminate our contracts, or not exercise options to renew our contracts, any of which could cause a material decline in our revenue. --- ## Modified: Changes in tax law or judgments by management related to complex tax matters could adversely impact our results of operations. **Key changes:** - Reworded sentence: "For example, the "Tax Cuts and Jobs Act," enacted in 2017, eliminated the option to deduct research and development costs currently and required taxpayers to capitalize and amortize such expenditures over five or fifteen years." - Removed sentence: "For example, during fiscal year 2025, we recorded additional uncertain tax positions related to research and development credits that we have claimed, or will soon claim." - Removed sentence: "Any increase to the liability we established as of March 31, 2025 for these uncertain tax positions as a result of audits by taxing authorities, changes in tax laws and regulations or otherwise relating to this, or any other, tax matter could have a material effect on our results of operations." - Removed sentence: "For a description of our related accounting policies, refer to Note 2, "Summary of Significant Accounting Policies," and Note 13, "Income Taxes," to the consolidated financial statements." **Prior (2025):** We are subject to taxation in the U.S. and certain other foreign jurisdictions. Any future changes in applicable federal, state and local, or foreign tax laws and regulations or their interpretation or application, including those that could have a retroactive effect, could result in the Company incurring additional tax liabilities in the future. In particular, effective starting in fiscal year 2023, the Tax Cuts and Jobs Act requires the capitalization of research and development costs for tax purposes, which can then be amortized over five or fifteen years. We generally expect to amortize these costs over five years. While the most significant impact of this provision was to cash tax liability for fiscal year 2023, the tax year in which the provision took effect, the impact is expected to decline annually over the five-year amortization period to an immaterial amount in the sixth year. The actual impact will depend on a number of factors, including the amount of research and development costs incurred by the Company, whether Congress modifies or repeals the provision requiring such capitalization, and whether new guidance and interpretive rules are issued by the U.S. Treasury, among other factors. For additional information, see "Item 7. Management's Discussion and Analysis of Financial Condition and Results of Operations". Additionally, we recognize liabilities for uncertainty in income taxes when it is more likely than not that a tax position will not be sustained on examination and settlement with various taxing authorities. We regularly assess the adequacy of our uncertain tax positions and other reserves, which requires a significant amount of judgment. Although we accrue for uncertain tax positions and other reserves, the results of regulatory audits and negotiations with taxing and customs authorities may be in excess of our accruals, resulting in the payment of additional taxes, duties, penalties and interest. As a result, any final determination of tax audits or related litigation may be materially different than our current provisional amounts, which could materially affect our tax obligations and effective tax rate. For example, during fiscal year 2025, we recorded additional uncertain tax positions related to research and development credits that we have claimed, or will soon claim. Any increase to the liability we established as of March 31, 2025 for these uncertain tax positions as a result of audits by taxing authorities, changes in tax laws and regulations or otherwise relating to this, or any other, tax matter could have a material effect on our results of operations. For a description of our related accounting policies, refer to Note 2, "Summary of Significant Accounting Policies," and Note 13, "Income Taxes," to the consolidated financial statements. **Current (2026):** We are subject to taxation in the U.S. and certain other foreign jurisdictions. Any future changes in applicable federal, state and local, or foreign tax laws and regulations or their interpretation or application, including those that could have a retroactive effect, could result in the Company incurring additional tax liabilities in the future. For example, the "Tax Cuts and Jobs Act," enacted in 2017, eliminated the option to deduct research and development costs currently and required taxpayers to capitalize and amortize such expenditures over five or fifteen years. Subsequently, on July 4, 2025, the U.S. federal tax legislation commonly referred to as the "One Big Beautiful Bill Act," was enacted, which makes a number of changes to U.S. federal income tax law, including permanently suspending the requirement to capitalize and amortize domestic research and development costs and permitting such deductions on a current basis. Any further changes in tax laws or regulations that are applied adversely to us could have a material adverse effect on our business, financial condition and results of operations. 27 27 27 Table of Contents Table of Contents Additionally, we recognize liabilities for uncertainty in income taxes when it is more likely than not that a tax position will not be sustained on examination and settlement with various taxing authorities. We regularly assess the adequacy of our uncertain tax positions and other reserves, which requires a significant amount of judgment. Although we accrue for uncertain tax positions and other reserves, the results of regulatory audits and negotiations with taxing and customs authorities may be in excess of our accruals, resulting in the payment of additional taxes, duties, penalties and interest. As a result, any final determination of tax audits or related litigation may be materially different than our current provisional amounts, which could materially affect our tax obligations and effective tax rate. --- ## Modified: We have indebtedness and may incur additional indebtedness, which could adversely affect our financial health and our ability to obtain financing in the future as well as to react to changes in our business. **Key changes:** - Reworded sentence: "30 30 30 Table of Contents Table of Contents We have indebtedness, and we are able to, and may, incur additional indebtedness in the future." **Prior (2025):** As of March 31, 2025, we had total indebtedness of approximately $4.0 billion and $1.0 billion of availability under our revolving credit facility (the "Revolving Credit Facility"). We are able to, and may, incur additional indebtedness in the future, subject to the limitations contained in the agreements governing our indebtedness. Our substantial indebtedness could have important consequences to holders of our common stock, including: ▪making it more difficult for us to satisfy our obligations with respect to our Senior Credit Facility, our outstanding senior notes, and our other debt; ▪limiting our ability to obtain additional financing to fund future working capital, capital expenditures, acquisitions or other general corporate requirements; ▪requiring a substantial portion of our cash flows to be dedicated to debt service payments instead of other purposes, thereby reducing the amount of cash flows available for working capital, capital expenditures, acquisitions and other general corporate purposes; ▪increasing our vulnerability to general adverse economic and industry conditions; ▪exposing us to the risk of increased interest rates as certain of our borrowings, including under the Senior Credit 32 32 32 Table of Contents Table of Contents Facility, are at variable rates of interest; ▪limiting our flexibility in planning for and reacting to changes in the industry in which we compete; ▪placing us at a disadvantage compared to other, less leveraged competitors or competitors with comparable debt and more favorable terms and thereby affecting our ability to compete; and ▪increasing our cost of borrowing. Although the Senior Credit Facility and the indentures governing our $700 million in aggregate principal amount of 3.875% senior notes due 2028 and our $500 million in aggregate principal amount of 4.000% senior notes due 2029 contain restrictions on the incurrence of additional indebtedness, and the indentures governing our $650 million in aggregate principal amount of 5.950% senior notes due 2033 and our $650 million in aggregate principal amount of 5.950% senior notes due 2035 contain restrictions on the incurrence of additional liens, these restrictions are subject to a number of qualifications and exceptions, and the additional indebtedness incurred in compliance with these restrictions could be substantial. These restrictions also will not prevent us from incurring obligations that do not constitute indebtedness. In addition, the Revolving Credit Facility provides for commitments of $1.0 billion, which as of March 31, 2025, had availability of $999 million. Additionally, the used portion as it pertains to open standby letters of credit and bank guarantees totaled approximately $1 million. Furthermore, subject to specified conditions, without the consent of the then-existing lenders (but subject to the receipt of commitments), the indebtedness under the Senior Credit Facility may be increased by up to $500 million. If new debt is added to our current debt levels, the related risks that we and the guarantors now face would increase and we may not be able to meet all our debt obligations, including the repayment of our outstanding senior notes. **Current (2026):** 30 30 30 Table of Contents Table of Contents We have indebtedness, and we are able to, and may, incur additional indebtedness in the future. The material terms of our indebtedness are described in Note 10, "Debt," to the consolidated financial statements contained within this Annual Report on Form 10-K. The level of our indebtedness could have important consequences to holders of our common stock, including: •making it more difficult for us to satisfy our existing debt obligations; •limiting our ability to refinance our existing indebtedness or obtain additional financing to fund future working capital, capital expenditures, acquisitions or other general corporate requirements; •requiring a substantial portion of our cash flows to be dedicated to debt service payments instead of other purposes; •increasing our vulnerability to general adverse economic and industry conditions, including increased interest rates; •placing us at a disadvantage compared to other, less leveraged competitors or competitors with comparable debt and more favorable terms and thereby affecting our ability to compete; and •increasing our cost of borrowing. Although the agreements governing our indebtedness contain restrictions on the incurrence of additional indebtedness, these restrictions are subject to a number of qualifications and exceptions, and the additional indebtedness incurred in compliance with these restrictions could be substantial. If new debt is added to our current debt levels, the related risks that we and the guarantors now face would increase and we may not be able to meet all our existing debt obligations. --- *Data sourced from SEC EDGAR. Last updated 2026-06-01.*