--- ticker: CTSH company: CTSH filing_type: 10-K year_current: 2026 year_prior: 2025 risks_added: 6 risks_removed: 7 risks_modified: 14 risks_unchanged: 8 source: SEC EDGAR url: https://riskdiff.com/ctsh/2026-vs-2025/ markdown_url: https://riskdiff.com/ctsh/2026-vs-2025/index.md generated: 2026-06-01 --- # CTSH: 10-K Risk Factor Changes 2026 vs 2025 > Source: U.S. Securities and Exchange Commission (EDGAR) > Generated: 2026-06-01 > All data extracted directly from official filings. No hallucinated content. ## Summary | Status | Count | |--------|-------| | New risks added | 6 | | Risks removed | 7 | | Risks modified | 14 | | Unchanged | 8 | --- ## New in Current Filing: Cognizant14December 31, 2025 Form 10-K 14 Table of Contents Table of Contents results in the elimination of such benefits or degradation of the rule of law, or imposition of new adverse restrictions or costs on our operations could have a material adverse effect on our business, results of operations and financial condition. --- ## New in Current Filing: Cognizant18December 31, 2025 Form 10-K 18 Table of Contents Table of Contents Additionally, we expect to continue pursuing strategic and targeted acquisitions and investments to enhance our offerings of services and solutions or to enable us to expand our talent, experience and capabilities in key AI and digital areas or in particular geographies or industries. We may not be successful in identifying suitable opportunities, completing targeted transactions or achieving the desired results or strategic objectives in the timeframe we expect or at all, such opportunities may divert our management's time and focus away from our core business and realizing the desired results of a particular transaction may depend upon competition, market trends, regulatory developments, additional costs or investments and the actions of suppliers or other third parties. We may face challenges in effectively integrating acquired businesses into our ongoing operations, including the implementation of controls, processes and policies appropriate for a multinational public company at acquired companies that may have previously lacked such functions in areas such as cybersecurity, IT and privacy, among others, and in assimilating and retaining key executives and employees of those businesses into our culture and organizational structure, and these risks may be magnified by the size and number of transactions we execute. If we are unable to manage our growth effectively, complete acquisitions of the number, magnitude and nature we have targeted, or successfully integrate any acquired businesses into our operations, we may not be able to achieve our targeted growth rates or improve our market share, profitability or competitive position generally or in specific markets or services. --- ## New in Current Filing: Cognizant19December 31, 2025 Form 10-K 19 Table of Contents Table of Contents Our clients, suppliers, subcontractors and other third parties with whom we do business, including in particular cloud service providers and software vendors, generally face similar cybersecurity threats, and we must rely on the safeguards adopted by these parties. If these third parties do not have adequate safeguards or their safeguards fail, it might result in breaches of our systems or applications and unauthorized access to or disclosure of our and our clients' confidential data. In addition, we are subject to vulnerabilities in third-party technology components we use in our business and are typically not aware of such vulnerabilities until we receive notice from the third parties who have created the exposure. Due to this delay, our responses to such vulnerabilities may not be adequate or prompt enough to prevent their exploitation. Although our cybersecurity risk management program utilizes various procedures and controls to mitigate our exposure to the risks described above, the cybersecurity threat landscape is rapidly evolving and increasingly sophisticated. There can be no assurance that the procedures and controls that we implement, or that our clients, suppliers, subcontractors and other third parties with whom we do business implement, will be sufficient to protect from cybersecurity threats. Additionally, any remediation measures that we have taken or that we may undertake in the future may be insufficient to prevent future attacks or insufficient for us to quickly recover from any future attack to efficiently continue our business operations. --- ## New in Current Filing: Cognizant20December 31, 2025 Form 10-K 20 Table of Contents Table of Contents frequently, with less predictability or with greater intensity due to climate change or other drivers, could cause community disruptions and impact our employees' abilities to commute or to work from home safely and effectively. --- ## New in Current Filing: Cognizant21December 31, 2025 Form 10-K 21 Table of Contents Table of Contents result of visa application rejections, delays in processing applications, significantly increased costs to obtain visas, prevailing wage requirements for our employees on visas or otherwise, which could in turn impact our ability to staff projects. In addition, immigration reform, including as a result of changes to immigration policies, and the increased uncertainty surrounding such policies in light of the U.S. administration's immigration agenda and related litigation, may have a material adverse impact on companies like ours that have a substantial percentage of our employees on visas. Our principal operating subsidiary in the United States utilizes a high number of skilled workers holding H-1B and L-1 visas and, as a result, may be subject to increased costs and visa processing delays upon the effectiveness of any such laws, regulations, policy changes or executive orders. In the EU, many countries continue to implement new regulations to ensure compliance with the EU Directive of 2014 to harmonize immigration rules for intracompany transferees in most EU member states and to facilitate the transfer of managers, specialists and graduate trainees both into and within the region. The changes have had significant impact on mobility programs and have led to new notification and documentation requirements for companies sending employees to EU countries. Recent changes or any additional adverse revisions to immigration laws and regulations in the jurisdictions in which we operate may cause us delays, staffing shortages, additional costs or an inability to bid for or fulfill projects for clients, any of which could have a material adverse effect on our business, results of operations and financial condition. --- ## New in Current Filing: Our business subjects us to considerable potential exposure to litigation and legal claims and we could be materially adversely affected if we incur legal liability. We are subject to, and may become a party to, a variety of litigation or other claims and suits that arise from time to time in the conduct of our business. Our business is subject to the risk of litigation involving current and former employees, clients, our clients' customers, alliance partners, subcontractors, suppliers, competitors, shareholders, government agencies or others through private actions, class actions, whistleblower claims, administrative proceedings, regulatory actions or other litigation. --- ## No Match in Current: We face intense and evolving competition and our service offerings must keep pace with significant technological advances in the rapidly changing markets we compete in. *This section from the 2025 filing does not have a high-confidence textual match in 2026. It may have been removed, merged, or substantially reworded.* The markets we serve and operate in are highly competitive, subject to rapid change and characterized by a large number of participants, as described in "Part I, Item 1. Business-Competition." We compete on the basis of reputation and experience, strategic advisory capabilities, digital services capabilities, performance and reliability, responsiveness to customer needs, financial stability, corporate governance and competitive pricing of services. The less we are able to differentiate our services --- ## No Match in Current: Cognizant16December 31, 2024 Form 10-K *This section from the 2025 filing does not have a high-confidence textual match in 2026. It may have been removed, merged, or substantially reworded.* 16 Table of Contents Table of Contents exacerbate competition for skilled labor. Our business has experienced in the past and may experience in the future significant employee attrition, which has caused us to incur increased costs to hire new employees with the desired skills. While we strive to adjust pricing to reduce the impact of compensation increases on our operating margin, we may not be successful in recovering these increases, which could adversely affect our profitability and operating margin. Costs associated with recruiting and training employees are significant. If we are unable to hire or deploy employees with the needed skillsets or if we are unable to adequately equip our employees with the skills needed, this could materially adversely affect our business. Additionally, our efforts to offer our employees a value proposition that is competitive and appealing may be unsuccessful and could have an adverse effect on engagement and retention, which may materially adversely affect our business. --- ## No Match in Current: Cognizant17December 31, 2024 Form 10-K *This section from the 2025 filing does not have a high-confidence textual match in 2026. It may have been removed, merged, or substantially reworded.* 17 Table of Contents Table of Contents our need to devote time and resources to training, professional development and other typically non-chargeable activities. Increases in wages and other costs, including as a result of attrition, may also put pressure on our profitability. With respect to capital return, our ability and decisions to pay dividends and repurchase shares depend on a variety of factors, including the cash flow generated from operations, our cash and investment balances, our net income, our overall liquidity position, potential alternative uses of cash, such as acquisitions, and anticipated future economic conditions and financial results. Failure to carry out our capital return strategy may adversely impact our reputation with shareholders and shareholders' perception of our business and the trading price of our common stock. --- ## No Match in Current: Our NextGen program and the associated reductions in headcount and consolidation of office space could disrupt our business and may not result in anticipated savings. *This section from the 2025 filing does not have a high-confidence textual match in 2026. It may have been removed, merged, or substantially reworded.* At the end of 2024, we completed our NextGen program, which was aimed at simplifying our operating model, optimizing corporate functions and consolidating and realigning office space to reflect the post-pandemic hybrid work environment. In 2024, we incurred $134 million of employee separation, facility exit and other costs related to the program, bringing the total costs incurred since inception to $363 million. See Note 4 to our consolidated financial statements. Our NextGen program may result in the loss of institutional knowledge and expertise, the reallocation of certain roles and responsibilities across the Company, difficulties in the retention of our remaining employees and reduced productivity among our remaining employees, all of which could have a material adverse affect on our operations. In addition, we may not realize, in full or in part, the anticipated benefits, savings and improvements in our cost structure from our NextGen program due to unforeseen difficulties or unexpected costs. If we are unable to realize the expected operational efficiencies and cost savings from our NextGen program, our operating results and financial condition would be adversely affected. --- ## No Match in Current: We face legal, reputational and financial risks if we fail to protect client and/or Cognizant data from cybersecurity incidents. *This section from the 2025 filing does not have a high-confidence textual match in 2026. It may have been removed, merged, or substantially reworded.* In order to provide our services and solutions, we depend on global information technology networks and systems, to process, transmit, host and securely store electronic information (including our confidential information and the confidential information of our clients) and to communicate among our locations around the world and with our clients, suppliers and alliance partners (including numerous cloud service providers). Security breaches, employee malfeasance, or human or technological error have in the past and could in the future cause shutdowns or disruptions of our or our clients' operations and --- ## No Match in Current: Cognizant19December 31, 2024 Form 10-K *This section from the 2025 filing does not have a high-confidence textual match in 2026. It may have been removed, merged, or substantially reworded.* 19 Table of Contents Table of Contents exchange rate fluctuations and may expose our business to unexpected market, operational and counterparty credit risks. We are particularly susceptible to wage and cost pressures in India and the exchange rate of the Indian rupee relative to the currencies of our client contracts due to the fact that the substantial majority of our employees are in India while our contracts with clients are typically in the local currency of the country where our clients are located. --- ## No Match in Current: Cognizant20December 31, 2024 Form 10-K *This section from the 2025 filing does not have a high-confidence textual match in 2026. It may have been removed, merged, or substantially reworded.* 20 Table of Contents Table of Contents accurately, or that we will be able to score well as such criteria change. We supplement our participation in ratings systems with published disclosures of our ESG activities, but some investors may desire other disclosures that we do not provide. At the same time, an increasing number of stakeholders, regulators, and lawmakers have expressed or pursued contrary views, legislation and investment expectations with respect to ESG ratings and ambitions, including the enactment or proposal of "anti-ESG" legislation, regulation or policies, which may expose us to additional legal, financial or reputational risks based upon our ESG ambitions and disclosures. If our ESG practices do not meet investor or other stakeholder expectations and standards, which continue to evolve, our reputation, our ability to attract or retain employees and our business could be negatively affected. --- ## Modified: If we are unable to attract, train and retain skilled employees to satisfy client demand, including highly skilled technical personnel and personnel with experience in key AI and digital areas, as well as senior management to lead our business globally, our business and results of operations may be materially adversely affected. **Key changes:** - Reworded sentence: "Our success is dependent, in large part, on our ability to keep our supply of skilled employees, including project managers, IT engineers and senior technical personnel, in particular those with experience in key AI and digital areas, in balance with client demand and on our ability to attract and retain senior management with the knowledge and skills to lead our business globally." - Reworded sentence: "Competition for skilled labor is intense and, in some jurisdictions in which we operate and in key AI and digital areas, there are more open positions than qualified individuals to fill these positions." - Reworded sentence: "In addition, changes in immigration laws or policies, or varying applications of immigration laws and policies, have limited the availability of certain work visas in the U.S., which could exacerbate competition for skilled labor." **Prior (2025):** Our success is dependent, in large part, on our ability to keep our supply of skilled employees, including project managers, IT engineers and senior technical personnel, in particular those with experience in key AI and digital areas, in balance with client demand around the world and on our ability to attract and retain senior management with the knowledge and skills to lead our business globally. We must hire or reskill, integrate, retain and motivate our large workforce with diverse skills and expertise to serve client demands across the globe, respond quickly to rapid and ongoing technological, industry and macroeconomic developments and grow and manage our business. In 2021 and most of 2022, we and, we believe, the IT industry generally, experienced unprecedented attrition. For the year ended December 31, 2024 our Voluntary Attrition - Tech Services was 15.9% as compared to 13.8% for the year ended December 31, 2023. If our attrition levels increase significantly, it could materially adversely affect our business and results of operations. We also must continue to maintain a senior leadership team that, among other things, is effective in executing on our strategic goals and growing our service capabilities. The loss of senior executives, or the failure to attract, integrate and retain new senior executives as the needs of our business require, could have a material adverse effect on our business and results of operations. Competition for skilled labor is intense and, in some jurisdictions in which we operate and in key AI and digital areas, there are more open positions than qualified persons to fill these positions. We compete for employees not only with other companies in our industry but also with companies in other industries, such as software services, engineering services and financial services companies, as well as our clients' GCCs. In addition, changes in immigration laws or policies, or varying applications of immigration laws and policies, could limit the availability of certain work visas in the U.S., which could **Current (2026):** Our success is dependent, in large part, on our ability to keep our supply of skilled employees, including project managers, IT engineers and senior technical personnel, in particular those with experience in key AI and digital areas, in balance with client demand and on our ability to attract and retain senior management with the knowledge and skills to lead our business globally. We must hire or upskill, integrate, retain and motivate our large workforce with diverse skills and expertise to serve client demands around the globe, respond quickly to rapid and ongoing technological, industry and macroeconomic developments and grow and manage our business. We also must continue to maintain a senior leadership team that, among other things, is effective in executing on our strategic goals and growing our service capabilities. The loss of senior executives, or the failure to attract, integrate and retain new senior executives as the needs of our business require, could have a material adverse effect on our business and results of operations. Competition for skilled labor is intense and, in some jurisdictions in which we operate and in key AI and digital areas, there are more open positions than qualified individuals to fill these positions. We compete for employees not only with other companies in our industry but also with companies in other industries, such as software services, engineering services and financial services companies, as well as our clients' GCCs. In addition, changes in immigration laws or policies, or varying applications of immigration laws and policies, have limited the availability of certain work visas in the U.S., which could exacerbate competition for skilled labor. Our business has experienced in the past and may experience in the future employee attrition at levels which could cause us to incur increased costs to hire new employees with the desired skills. We may not be successful in recovering through price increases or other mechanisms any increases we make to compensation, which could adversely affect our profitability and operating margin. Costs associated with recruiting and training employees are significant. If we are unable to hire, retain or deploy employees with the needed skillsets or if we are unable to adequately equip our employees with the skills needed, this could materially adversely affect our business. --- ## Modified: A substantial portion of our employees in the United States, United Kingdom, EU and other jurisdictions rely on visas to work in those areas such that any restrictions on such visas or immigration more generally or increased costs of obtaining such visas or increases in the wages we are required to pay employees on visas may affect our ability to compete for and provide services to clients in these jurisdictions, which could materially adversely affect our business, results of operations and financial condition. **Key changes:** - Reworded sentence: "Many of these recent changes have resulted in, and various proposed and enacted changes may result in, increased difficulty in obtaining timely visas, whether as a" **Prior (2025):** A substantial portion of our employees in the United States and in many other jurisdictions, including countries in Europe, rely upon temporary work authorization or work permits, which makes our business particularly vulnerable to changes and variations in immigration laws and regulations, including written changes and policy changes to the manner in which the laws and regulations are interpreted or enforced, and potential enforcement actions and penalties that might cause us to lose access to such visas. The political environment in the United States, the United Kingdom and other countries in recent years has included significant support for anti-immigrant legislation and administrative changes. Many of these recent changes have resulted in, and various proposed and enacted changes may result in, increased difficulty in obtaining timely visas, whether as a result of visa application rejections, delays in processing applications, significantly increased costs to obtain visas, prevailing wage requirements for our employees on visas or otherwise, which could in turn impact our ability to staff projects. In addition, immigration reform, including as a result of changes to immigration policies, and the increased uncertainty surrounding such policies in light of the incoming U.S. administration's expected immigration agenda, may have a material adverse impact on companies like ours that have a substantial percentage of our employees on visas. Our principal operating subsidiary in the United States utilizes a high number of skilled workers holding H-1B and L-1 visas and, as a result, may be subject to increased costs upon the effectiveness of any such laws, regulations, policy changes or executive orders. In the EU, many countries continue to implement new regulations to move into compliance with the EU Directive of 2014 to harmonize immigration rules for intracompany transferees in most EU member states and to facilitate the transfer of managers, specialists and graduate trainees both into and within the region. The changes have had significant impact on mobility programs and have led to new notification and documentation requirements for companies sending employees to EU countries. Recent changes or any additional adverse revisions to immigration laws and regulations in the jurisdictions in which we operate may cause us delays, staffing shortages, additional costs or an inability to bid for or fulfill projects for clients, any of which could have a material adverse effect on our business, results of operations and financial condition. **Current (2026):** A substantial portion of our employees in the United States and in many other jurisdictions, including countries in Europe, rely upon temporary work authorization or work permits, which makes our business particularly vulnerable to changes and variations in immigration laws and regulations, including written changes and policy changes to the manner in which the laws and regulations are interpreted or enforced, and potential enforcement actions and penalties that might cause us to lose access to such visas. The political environment in the United States, the United Kingdom and other countries in recent years has included significant support for anti-immigrant legislation and administrative changes. Many of these recent changes have resulted in, and various proposed and enacted changes may result in, increased difficulty in obtaining timely visas, whether as a --- ## Modified: We may not be able to achieve our profitability goals and maintain our capital return strategy. **Key changes:** - Reworded sentence: "Our profitability also depends on the efficiency with which we run our operations (including our ability to leverage new technologies such as AI to improve productivity) and the cost of our operations, especially the compensation and benefits costs of our employees." - Reworded sentence: "Our utilization rates are further affected by a number of factors, including our ability to transition employees from completed projects to new assignments, hire and assimilate new employees, forecast demand for our services and thereby maintain an appropriate headcount in each of our geographies and workforce and manage attrition, and our need to devote time and resources to training, professional development and other typically non-chargeable activities." **Prior (2025):** Our goals for profitability and capital return rely upon a number of assumptions, including our ability to improve the efficiency of our operations and make successful investments to grow and further develop our business. Our profitability is impacted by our ability to accurately estimate, attain, and sustain revenues from client engagements, margins and cash flows over contract periods and general macroeconomic and geopolitical conditions. Our profitability also depends on the efficiency with which we run our operations (including our ability to leverage new technologies to improve productivity) and the cost of our operations, especially the compensation and benefits costs of our employees. We have incurred, and may continue to incur, substantial costs related to implementing our strategy to optimize such costs, and we may not realize the ultimate cost savings that we expect. We may not be able to efficiently utilize our employees if increased regulation, policy changes or administrative burdens of immigration, work visas or client worksite placement prevents us from deploying our employees on a timely basis, or at all, to fulfill the needs of our clients. Our utilization rates are further affected by a number of factors, including our ability to transition employees from completed projects to new assignments, hire and assimilate new employees, forecast demand for our services and thereby maintain an appropriate headcount in each of our geographies and workforce and manage attrition, and **Current (2026):** Our goals for profitability and capital return rely upon a number of assumptions, including our ability to improve the efficiency of our operations and make successful investments to grow and further develop our business. Our profitability is impacted by our ability to accurately estimate, attain, and sustain revenues from client engagements, margins and cash flows over contract periods and general macroeconomic and geopolitical conditions. Our profitability also depends on the efficiency with which we run our operations (including our ability to leverage new technologies such as AI to improve productivity) and the cost of our operations, especially the compensation and benefits costs of our employees. We have incurred, and may continue to incur, substantial costs related to implementing our strategy to optimize such costs, and we may not realize the ultimate cost savings that we expect. We may not be able to efficiently utilize our employees if increased regulation, policy changes or administrative burdens of immigration, work visas or client worksite placement prevents us from deploying our employees on a timely basis, or at all, to fulfill the needs of our clients. Our utilization rates are further affected by a number of factors, including our ability to transition employees from completed projects to new assignments, hire and assimilate new employees, forecast demand for our services and thereby maintain an appropriate headcount in each of our geographies and workforce and manage attrition, and our need to devote time and resources to training, professional development and other typically non-chargeable activities. Increases in wages and other costs, including as a result of attrition, may also put pressure on our profitability. With respect to capital return, our ability and decisions to pay dividends and repurchase shares depend on a variety of factors, including the cash flow generated from operations, our cash and investment balances, our net income, our overall liquidity position, potential alternative uses of cash, such as acquisitions, and anticipated future economic conditions and financial results. Failure to carry out our capital return strategy may adversely impact our reputation with shareholders and shareholders' perception of our business and the trading price of our common stock. --- ## Modified: If our risk management, business resilience and disaster recovery plans are not effective and our global delivery capabilities are impacted, our business and results of operations may be materially adversely affected and we may suffer harm to our reputation. **Key changes:** - Reworded sentence: "Our business model is dependent on our global delivery capabilities, which include coordination among our delivery centers in India, our other global and regional delivery centers, the offices of our clients and our associates worldwide." **Prior (2025):** Our business model is dependent on our global delivery capabilities, which include coordination between our delivery centers in India, our other global and regional delivery centers, the offices of our clients and our associates worldwide. System failures, outages and operational disruptions may be caused by factors outside of our control, such as hostilities (including the ongoing conflicts between Russia and Ukraine and in the Middle East), political unrest, terrorist attacks, cybersecurity incidents, power or water shortages or telecommunications failures, natural or man-made disasters or other catastrophic events (including the impact of extreme weather conditions), and public health emergencies, epidemics and pandemics, affecting the geographies where our people, equipment and clients are located. Our risk management, business continuity and disaster recovery plans may not be effective at predicting or mitigating the effects of such disruptions, particularly in the case of catastrophic events or longer term, increasingly severe developments that may occur as a result of climate change. Even if our operations are unaffected or recover quickly from any such events, if our clients cannot timely resume their own operations due to a catastrophic event, they may reduce or terminate our services, which may adversely affect our results of operations. Any such disruption may result in lost revenues, a loss of clients, liabilities relating to disruptions in service, expenditures to repair or replace damaged property and reputational damage, and could demand significant management time and attention, any of which would have an adverse effect on our business, results of operations and financial condition. **Current (2026):** Our business model is dependent on our global delivery capabilities, which include coordination among our delivery centers in India, our other global and regional delivery centers, the offices of our clients and our associates worldwide. System failures, outages and operational disruptions may be caused by factors outside of our control, such as hostilities, political unrest, terrorist attacks, cybersecurity incidents, power or water shortages or telecommunications failures, natural or man-made disasters or other catastrophic events (including the impact of extreme weather conditions), and public health emergencies, epidemics and pandemics, affecting the geographies where our people, equipment and clients are located. Our risk management, business resilience and disaster recovery plans may not be effective at predicting, mitigating, or responding to the effects of such disruptions, particularly in the case of catastrophic events. Even if our operations are unaffected or recover quickly from any such events, if our clients cannot timely resume their own operations due to a catastrophic event, they may reduce or terminate our services, which may adversely affect our results of operations. Any such disruption may result in lost revenues, a loss of clients, liabilities relating to disruptions in service, expenditures to repair or replace damaged property and reputational damage, and could demand significant management time and attention, any of which would have an adverse effect on our business, results of operations and financial condition. --- ## Modified: We face intense and evolving competition and our service offerings must keep pace with significant technological advances in the rapidly changing markets we compete in. **Key changes:** - Reworded sentence: "The markets we serve and operate in are highly competitive, subject to rapid change and characterized by a large number of participants, as described in "Part I, Item 1." - Reworded sentence: "Our relationships with our third-party alliance partners, who supply us with technology, including platforms and software, are also critical to our ability to provide many of our services and solutions that address client demands or requirements." **Prior (2025):** 14 Table of Contents Table of Contents and solutions and/or clearly convey the value of our services and solutions, the more difficulty we have in winning new work in sufficient volumes and at our target pricing and overall economics. In addition to large, global competitors, we face competition in many geographic markets from numerous smaller, local competitors that may have more experience with operations in these markets, have well-established relationships with our desired clients, or be able to provide services and solutions at lower costs or on terms more attractive to clients than we can. Additionally, we face competition from clients' in-house technology resources, such as GCCs, which may provide a lower cost alternative to our services. Consolidation activity may also result in new competitors with greater scale, a broader footprint or vertical integration that makes them more attractive to clients as a single provider of integrated products and services. In addition, concurrent use by many clients of multiple professional service providers means that we are required to be continually competitive on the quality, scope and pricing of our offerings or face a reduction or elimination of our business. Competitors may also be willing, at times, to take on more risk or price contracts lower than us in an effort to enter the market or increase market share. If we are not able to supply clients with services that they deem superior and successfully apply current business models with market level pricing while managing discounts, we may lose business to competitors and face downward pressure on gross margins and profitability. Any inability to compete effectively would materially adversely affect our business, results of operations and financial condition. Our relationships with our third-party alliance partners, who supply us with necessary components to the services and solutions we offer our clients, are also critical to our ability to provide many of our services and solutions that address client demands. Some of our third-party alliance partners are also clients or suppliers for our internal operations. There can be no assurance that we will be able to maintain such relationships or that such components will be available on the expected timelines or for anticipated prices. Among other things, such alliance partners may in the future decide to compete with us, form exclusive or more favorable arrangements with our competitors or otherwise reduce our access to their products, thereby impairing our ability to provide the services and solutions demanded by clients. Any performance failure on the part of our alliance partners, or the discontinuance by such alliance partners of services that we have relied on them to perform for our clients, could delay our performance or require us to engage alternative third parties to perform the services at our cost or to perform them ourselves, any of which could deprive us of potential revenue or adversely impact our profitability. Our competitiveness also depends on our ability to continue to develop and implement services and solutions that anticipate and respond to rapid and continuing changes in technology to serve the evolving needs of our clients. Examples include digital-, cloud- and security-related offerings, AI, augmented reality, automation, blockchain, IoT, quantum and edge computing, digital engineering and manufacturing and as-a-service solutions, among others, which are continually evolving. If we do not sufficiently invest in new technologies, successfully adapt to industry developments and changing demand, develop new tools and platforms that meet our clients' productivity expectations and evolve and expand our business at sufficient speed and scale to keep pace with the demands of the markets we serve, we may be unable to develop and maintain a competitive advantage and execute on our growth strategy, which would materially adversely affect our business, results of operations and financial condition. Some of these technological changes have reduced or replaced the demand for some of our historical services and solutions and will continue to do so in the future. In addition, our clients may delay spending under existing contracts and engagements or delay entering into new contracts while evaluating new technologies. Such reductions, replacements and delays can negatively impact our results of operations if we are unable to adapt our pricing or the pace and level of spending on new technologies is not sufficient to make up any shortfall. Further, as we expand into these areas, we may be exposed to operational, legal, regulatory, ethical, technological and other risks specific to such new areas, which may negatively affect our reputation and demand for our services and solutions. **Current (2026):** The markets we serve and operate in are highly competitive, subject to rapid change and characterized by a large number of participants, as described in "Part I, Item 1. Business-Competition." We compete on the basis of reputation and experience, strategic advisory capabilities, digital and AI capabilities, performance and reliability, responsiveness to customer needs, financial stability, corporate governance and competitive pricing of services. The less we are able to differentiate our services and solutions and/or clearly convey the value of our services and solutions, the more difficulty we have in winning new work in sufficient volumes and at our target pricing and overall economics. In addition to large, global competitors, we face competition in many geographic markets from numerous smaller, local competitors that may have more experience with operations in these markets, have well-established relationships with our desired clients, or be able to provide services and solutions at lower costs or on terms more attractive to clients than we can. Additionally, we face competition from clients' in-house technology resources, such as GCCs, which may provide a lower cost alternative to our services. Consolidation activity may also result in new competitors with greater scale, a broader footprint or vertical integration that makes them more attractive to clients as a single provider of integrated products and services. In addition, concurrent use by many clients of multiple professional service providers means that we are required to be continually competitive on the quality, scope and pricing of our offerings or face a reduction or elimination of our business. Competitors may also be willing, at times, to take on more risk or price contracts lower than us in an effort to enter the market or increase market share. If we are not able to supply clients with services that they deem superior and successfully apply current business models with market level pricing while managing discounts, we may lose business to competitors and face downward pressure on gross margins and profitability. Any inability to compete effectively would materially adversely affect our business, results of operations and financial condition. Our relationships with our third-party alliance partners, who supply us with technology, including platforms and software, are also critical to our ability to provide many of our services and solutions that address client demands or requirements. There can be no assurance that we will be able to maintain such relationships or that such technology will be available on the expected timelines or for the anticipated prices. Among other things, such alliance partners may in the future decide to compete with us, form exclusive or more favorable arrangements with our competitors or otherwise reduce our access to their technology, thereby impairing our ability to provide the services and solutions dependent on such technology demanded or required by clients. In addition, some of our third-party alliance partners are also our clients or suppliers of technology for our internal operations. Any performance failure on the part of our alliance partners, or the discontinuance by such alliance partners of technology that we have relied on them to provide for our clients or ourselves, could delay or prevent our performance unless we engage alternative third parties to provide the equivalent technology at our cost or provide the equivalent technology ourselves, any of which could deprive us of potential revenue or adversely impact our profitability. In addition, our third-party alliance partners may also experience reduced demand for their technology, including as a result of changes in technology, which could reduce demand for our services and solutions. Our competitiveness also depends on our ability to continue to develop and implement services and solutions that anticipate and respond to rapid and continuing changes in technology to serve the evolving needs of our clients. Examples include digital-, cloud- and security-related offerings, AI, augmented reality, automation, blockchain, IoT, quantum and edge computing, digital engineering and manufacturing and as-a-service solutions, among others, which are continually evolving. If we do not sufficiently invest in new technologies, successfully adapt to industry developments and changing demand, develop new tools and platforms that meet our clients' productivity expectations and evolve and expand our business at sufficient speed and scale to keep pace with the demands of the markets we serve, we may be unable to develop and maintain a competitive advantage and execute on our growth strategy, which would materially adversely affect our business, results of operations and financial condition. Some of these technological changes have reduced or replaced the demand for some of our historical services and solutions and will continue to do so in the future. In addition, our clients may delay spending under existing contracts and engagements or delay entering into new contracts while evaluating new technologies. Such reductions, replacements and delays can negatively impact our results of operations if we are unable to adapt our pricing or the pace and level of spending on new technologies is not sufficient to make up any shortfall. Further, as we expand into these areas, we may be exposed to operational, legal, regulatory, ethical, technological and other risks specific to such new areas, which may negatively affect our reputation and demand for our services and solutions. --- ## Modified: Extreme weather and risks arising from the transition to a lower-carbon economy may impact our business. **Key changes:** - Reworded sentence: "Further, natural disasters and adverse weather events, such as droughts, wildfires, storms, sea-level rise and flooding, occurring more" **Prior (2025):** There are inherent climate- and weather-related risks everywhere that we conduct our business. Developments related to regulatory, social or market dynamics, stakeholder expectations, national and international climate change policies, the actual or perceived frequency or intensity of extreme weather events or the availability and functionality of critical infrastructure and resources, in addition to other factors resulting from such developments or that may not otherwise be known to or anticipated by us, could significantly disrupt our supply chain, our clients' operations and our ability to deliver services. Such events could significantly increase our costs and expenses and harm our revenues, cash flows and financial performance. Further, natural disasters and adverse weather events, such as droughts, wildfires, storms, sea-level rise and flooding, occurring more frequently, with less predictability or with greater intensity, could cause community disruptions and impact our employees' abilities to commute or to work from home safely and effectively. For example, we have substantial global delivery operations in Chennai, India, a city that has experienced severe rains and related flooding. Our exposure to these economic and other risks from climate change could be exacerbated if government or market action to address climate change and its effects is insufficient or unsuccessful. **Current (2026):** There are inherent climate- and weather-related risks everywhere that we conduct our business. Developments related to regulatory, social or market dynamics, stakeholder expectations, national and international climate change policies, the actual or perceived frequency or intensity of extreme weather events or the availability and functionality of critical infrastructure and resources, in addition to other factors resulting from such developments or that may not otherwise be known to or anticipated by us, could significantly disrupt our supply chain, our clients' operations and our ability to deliver services. Such events could significantly increase our costs and expenses and harm our revenues, cash flows and financial performance. Further, natural disasters and adverse weather events, such as droughts, wildfires, storms, sea-level rise and flooding, occurring more --- ## Modified: We are subject to numerous and evolving legal and regulatory requirements and client expectations in the many jurisdictions in which we operate, and violations of, unfavorable changes in or an inability to meet such requirements or expectations could harm our business. **Key changes:** - Reworded sentence: "For example, the Government of India implemented the Labor Code, which we expect to modestly increase our defined benefit costs prospectively." **Prior (2025):** We provide services to clients and have operations in many parts of the world and in a wide variety of different industries, subjecting us to numerous, evolving, and sometimes conflicting, standards, laws and regulations on matters as diverse as trade controls and sanctions, immigration (including temporary work authorizations or work permits), content requirements, trade restrictions, tariffs, taxation, antitrust laws, anti-money laundering and anti-corruption laws (including the FCPA and the U.K. Bribery Act), the environment, including climate change regulation and reporting requirements, government affairs, internal and disclosure control obligations, data security, privacy and data protection, intellectual property, employment and labor relations, human rights and AI. For example, we are required to comply with increasingly complex and changing data security and privacy laws and regulations in the many jurisdictions in which we operate that regulate the collection, storage, use, disclosure, transfer and security of personal data, including U.S. federal and state laws (such as the California Consumer Privacy Act, as amended by the California Privacy Rights Act, and the Health Insurance Portability and Accountability Act), and non-U.S. laws, such as the India Digital Personal Data Protection Act, 2023, the U.K. General Data Protection Regulation ("GDPR") and the E.U. GDPR. These laws and regulations are continuously evolving and developing, creating significant uncertainty as they may be interpreted and applied differently from country to country, creating inconsistent or conflicting requirements. We face significant regulatory compliance costs and risks as a result of the size and breadth of our business, and these costs may increase as a result of changes in government policy. For example, we may experience increased costs in 2025 and future years for employment and post-employment benefits in India as a result of the issuance of the Code on Social Security, 2020, which enhanced social security coverage (a portion of which is paid by the employer) and extended such benefits to all workers. We are also subject to a wide range of potential enforcement actions, audits or investigations regarding our compliance with these laws or regulations in the conduct of our business, and any finding of a violation could subject us to a wide range of civil or criminal penalties, including fines, debarment, or suspension or disqualification from government contracting, prohibitions or restrictions on doing business in one or more jurisdictions, loss of clients and business, legal claims by clients and unfavorable publicity or damage to our reputation. We could also face significant compliance and operational burdens and incur significant costs in our efforts to comply with or rectify non-compliance with these laws or regulations. Such burdens or costs may result in an adverse effect on our financial condition and results of operations. We commit significant financial and managerial resources to comply with our internal control over financial reporting requirements, but we have in the past identified and may in the future identify material weaknesses or significant deficiencies in our internal control over financial reporting that cause us to incur incremental remediation costs in order to maintain adequate controls. Our employees, subcontractors, vendors, agents, alliance partners, the companies we acquire and their employees, vendors and agents, and other third parties with which we associate, have in the past and could in the future take actions that violate policies or procedures designed to promote legal and regulatory compliance or applicable anticorruption laws or regulations. Violations of these laws or regulations by us, our employees or any of these third parties could subject us to criminal or civil **Current (2026):** We provide services to clients and have operations in many parts of the world and in a wide variety of different industries, subjecting us to numerous, evolving, and sometimes conflicting, standards, laws and regulations on matters as diverse as trade controls and sanctions, immigration (including temporary work authorizations or work permits), content requirements, trade restrictions, tariffs, taxation, antitrust laws, anti-money laundering and anti-corruption laws (including the FCPA and the U.K. Bribery Act), the environment, including climate change regulation and reporting requirements, government affairs, internal and disclosure control obligations, data security, privacy and data protection, intellectual property, employment and labor relations, human rights and AI. For example, we are required to comply with increasingly complex and changing data security and privacy laws and regulations in the many jurisdictions in which we operate that regulate the collection, storage, use, disclosure, transfer and security of personal data, including U.S. federal and state laws (such as the California Consumer Privacy Act, as amended by the California Privacy Rights Act, and the Health Insurance Portability and Accountability Act), and non-U.S. laws, such as the India Digital Personal Data Protection Act, 2023, the U.K. General Data Protection Regulation ("GDPR") and the E.U. GDPR. These laws and regulations are continuously evolving and developing, creating significant uncertainty as they may be interpreted and applied differently from country to country, creating inconsistent or conflicting requirements. We face significant regulatory compliance costs and risks as a result of the size and breadth of our business, and these costs may increase as a result of changes in government policy. For example, the Government of India implemented the Labor Code, which we expect to modestly increase our defined benefit costs prospectively. Certain aspects of the Labor Code rely on the issuance of rules and regulations. Additionally, the Government of India is in the process of clarifying certain aspects of the Labor Code. The issuance of rules and regulations as well as the outcome of these clarifications could increase new employment obligations, create operational and administrative burdens, trigger higher compliance penalties, and enforcement uncertainties during the transition period, which may result in increased costs in 2026 and future years due to expanded social security and employment coverage. --- ## Modified: We face challenges related to growing our business organically as well as inorganically through acquisitions, and we may not be able to achieve our targeted growth rates or successfully acquire, invest in or integrate businesses. **Key changes:** - Removed sentence: "Additionally, we expect to continue pursuing strategic and targeted acquisitions and investments to enhance our offerings of services and solutions or to enable us to expand our talent, experience and capabilities in key AI and digital areas or in particular geographies or industries." - Removed sentence: "We may not be successful in identifying suitable opportunities, completing targeted transactions or achieving the desired results in the timeframe we expect or at all, such opportunities may divert our management's time and focus away from our core business and realizing the desired results of a particular transaction may depend upon competition, market trends, regulatory developments, additional costs or investments and the actions of suppliers or other third parties." - Removed sentence: "We may face challenges in effectively integrating acquired businesses into our ongoing operations, including the implementation of controls, processes and policies appropriate for a multinational public company at acquired companies that may have previously lacked such functions in areas such as cybersecurity, IT and privacy, among others, and in assimilating and retaining employees of those businesses into our culture and organizational structure, and these risks may be magnified by the size and number of transactions we execute." - Removed sentence: "If we are unable to manage our growth effectively, complete acquisitions of the number, magnitude and nature we have targeted, or successfully integrate any acquired businesses into our operations, we may not be able to achieve our targeted growth rates or improve our market share, profitability or competitive position generally or in specific markets or services." **Prior (2025):** Achievement of our targeted growth rates requires continued significant organic growth of our business as well as inorganic growth through acquisitions. To achieve such growth, we must, among other things, continue to significantly expand our global operations, in particular with respect to AI and digital, and scale our infrastructure to support such business growth and ensure that our service offerings remain responsive to market demand. Continued business growth increases the complexity of our business and places significant strain on our management, employees, operations, systems, delivery, financial resources and internal financial control and reporting functions, which we will have to continue to develop and improve to sustain such growth. Our ability to successfully manage change associated with the various business transformation initiatives is critical for our overall strategy execution. We must continually recruit and train new employees, retain and reskill, as necessary, existing sales, technical, finance, marketing and management employees with the knowledge, skills and experience that our business model requires and effectively manage our employees worldwide to support our culture, values, strategies and goals. Additionally, we expect to continue pursuing strategic and targeted acquisitions and investments to enhance our offerings of services and solutions or to enable us to expand our talent, experience and capabilities in key AI and digital areas or in particular geographies or industries. We may not be successful in identifying suitable opportunities, completing targeted transactions or achieving the desired results in the timeframe we expect or at all, such opportunities may divert our management's time and focus away from our core business and realizing the desired results of a particular transaction may depend upon competition, market trends, regulatory developments, additional costs or investments and the actions of suppliers or other third parties. We may face challenges in effectively integrating acquired businesses into our ongoing operations, including the implementation of controls, processes and policies appropriate for a multinational public company at acquired companies that may have previously lacked such functions in areas such as cybersecurity, IT and privacy, among others, and in assimilating and retaining employees of those businesses into our culture and organizational structure, and these risks may be magnified by the size and number of transactions we execute. If we are unable to manage our growth effectively, complete acquisitions of the number, magnitude and nature we have targeted, or successfully integrate any acquired businesses into our operations, we may not be able to achieve our targeted growth rates or improve our market share, profitability or competitive position generally or in specific markets or services. **Current (2026):** Achievement of our targeted growth rates requires continued significant organic growth of our business as well as inorganic growth through acquisitions. To achieve such growth, we must, among other things, continue to significantly expand our global operations, in particular with respect to AI and digital, and scale our infrastructure to support such business growth and ensure that our service offerings remain responsive to market demand. Continued business growth increases the complexity of our business and places significant strain on our management, employees, operations, systems, delivery, financial resources and internal financial control and reporting functions, which we will have to continue to develop and improve to sustain such growth. Our ability to successfully manage change associated with the various business transformation initiatives is critical for our overall strategy execution. We must continually recruit and train new employees, retain and reskill, as necessary, existing sales, technical, finance, marketing and management employees with the knowledge, skills and experience that our business model requires and effectively manage our employees worldwide to support our culture, values, strategies and goals. --- ## Modified: We face legal, reputational and financial risks if we fail to protect client and/or Cognizant data from cybersecurity incidents. **Key changes:** - Reworded sentence: "In order to provide our services and solutions, we depend on global information technology networks and systems, to process, transmit, host and securely store electronic information (including our confidential information and the confidential information of our clients) and to communicate among our locations around the world and with our clients, suppliers, vendors and alliance partners (including numerous cloud service providers)." - Reworded sentence: "Furthermore, the security measures we implement for our cybersecurity solutions clients may not function as expected or be sufficient to identify or protect against certain cybersecurity attacks." - Removed sentence: "For example, we have experienced a security incident involving a ransomware attack, which resulted in unauthorized access to certain data and caused significant disruption to our business." - Reworded sentence: "In addition, recent geopolitical tensions have heightened the overall risk of cyber-threats and, while we have taken steps to mitigate such risks, those steps may not be successful." - Removed sentence: "Our clients, suppliers, subcontractors and other third parties with whom we do business, including in particular cloud service providers and software vendors, generally face similar cybersecurity threats, and we must rely on the safeguards adopted by these parties." **Prior (2025):** 18 Table of Contents Table of Contents potential unauthorized access and/or disclosure of our or our clients' sensitive data, which in turn could jeopardize projects that are critical to our operations or the operations of our clients' businesses and have other adverse impacts on our business or the business of our clients. In addition, the products, services and software that we provide to our clients, or the third-party components we use to provide such products, services and software, have in the past and may in the future unintentionally contain or introduce cybersecurity threats or vulnerabilities to our clients' information technology networks. Our clients maintain their own proprietary, sensitive, or confidential information that could be compromised in a cybersecurity attack, or their systems may be disabled or disrupted as a result of such an attack. Our clients, regulators, or other third parties have and may in the future attempt to hold us liable for any such losses or damages resulting from such an attack, including through contractual indemnification clauses. Like other global companies, we and our clients, suppliers, alliance partners (including numerous cloud service providers) and other vendors we interact with face threats to data and systems, including by nation state threat actors, insider threats (including inappropriate access), perpetrators of random or targeted malicious cyberattacks, computer viruses, malware, worms, bot attacks or other destructive or disruptive software and attempts to misappropriate client information and cause system failures and disruptions. For example, we have experienced a security incident involving a ransomware attack, which resulted in unauthorized access to certain data and caused significant disruption to our business. Such attacks, or other currently unanticipated threats, could occur in the future. In addition, recent international tensions (including Russia's invasion of Ukraine and conflicts in the Middle East) have heightened the overall risk of cyber-threats and, while we have taken steps to mitigate such risks, those steps may not be successful. The emergence and maturation of AI capabilities may also lead to new or more sophisticated methods of attack. A security compromise of our information systems, or of those of businesses with which we interact, that results in confidential information being accessed by unauthorized or improper persons, could harm our reputation and expose us to regulatory actions up to and including criminal prosecution, client attrition due to reputational concerns or otherwise, containment and remediation expenses and claims brought by our clients or others for breaching contractual confidentiality and security provisions or data protection laws. Monetary damages imposed on us could be significant and may impose costs in excess of insurance policy limits or not be covered by our insurance at all, and our insurers may not continue to provide coverage on reasonable terms or may disclaim coverage as to any future claims. Techniques used by bad actors to obtain unauthorized access, disable or degrade service, or sabotage systems continuously evolve and may not immediately produce signs of intrusion, and we may be unable to anticipate these techniques or to implement adequate preventative measures. In addition, a security breach could require that we expend substantial additional resources related to the security of our information systems, diverting resources from other projects and disrupting our businesses. Our clients, suppliers, subcontractors and other third parties with whom we do business, including in particular cloud service providers and software vendors, generally face similar cybersecurity threats, and we must rely on the safeguards adopted by these parties. If these third parties do not have adequate safeguards or their safeguards fail, it might result in breaches of our systems or applications and unauthorized access to or disclosure of our and our clients' confidential data. In addition, we are subject to vulnerabilities in third-party technology components we use in our business and are typically not aware of such vulnerabilities until we receive notice from the third parties who have created the exposure. Due to this delay, our responses to such vulnerabilities may not be adequate or prompt enough to prevent their exploitation. Although our cybersecurity risk management program utilizes various procedures and controls to mitigate our exposure to the risks described above, the cybersecurity threat landscape is rapidly evolving and increasingly sophisticated. There can be no assurance that the procedures and controls that we implement, or that our clients, suppliers, subcontractors and other third parties with whom we do business implement, will be sufficient to protect our information systems from the cybersecurity threats we face. Additionally, any remediation measures that we have taken or that we may undertake in the future may be insufficient to prevent future attacks or insufficient for us to quickly recover from any future attack to efficiently continue our business operations. **Current (2026):** In order to provide our services and solutions, we depend on global information technology networks and systems, to process, transmit, host and securely store electronic information (including our confidential information and the confidential information of our clients) and to communicate among our locations around the world and with our clients, suppliers, vendors and alliance partners (including numerous cloud service providers). Security breaches, employee malfeasance, or human or technological error have in the past and could in the future cause shutdowns or disruptions of our, our vendors' or our clients' operations and potential unauthorized access and/or disclosure of our or our clients' sensitive data, which in turn could jeopardize projects that are critical to our operations or the operations of our clients' businesses and have other adverse impacts on our business or the business of our clients. In addition, the products, services and software that we provide to our clients, or the third-party components we use to provide such products, services and software, have in the past and may in the future unintentionally contain or introduce cybersecurity threats or vulnerabilities to our clients' information technology networks. Furthermore, the security measures we implement for our cybersecurity solutions clients may not function as expected or be sufficient to identify or protect against certain cybersecurity attacks. Our clients maintain their own proprietary, sensitive, or confidential information that could be compromised in a cybersecurity incident, or their systems may be disabled or disrupted as a result of such an incident. Our clients, regulators, or other third parties have and may in the future attempt to hold us liable for any such losses or damages resulting from such an incident, including through contractual indemnification clauses. Like other global companies, we and our clients, suppliers, alliance partners (including numerous cloud service providers) and other vendors we interact with face threats to data and systems, including by nation state threat actors, insider threats (including inappropriate access), perpetrators of random or targeted malicious cyberattacks, computer viruses, malware, worms, bot attacks or other destructive or disruptive software and attempts to misappropriate client information and cause system failures and disruptions. Such attacks, or other currently unanticipated threats, could occur in the future. In addition, recent geopolitical tensions have heightened the overall risk of cyber-threats and, while we have taken steps to mitigate such risks, those steps may not be successful. The emergence and maturation of AI capabilities is already being used by malicious actors to amplify cybersecurity attacks. This development may also lead to new or more sophisticated methods of attack and/or a more significant impact on affected parties. A security compromise of our information systems, of our clients' information systems or of those of other businesses with which we interact (including cloud service providers and software vendors) that results in confidential information being accessed by unauthorized or improper persons, could harm our reputation and expose us to regulatory actions up to and including criminal prosecution, client attrition due to reputational concerns or otherwise, containment and remediation expenses and claims brought by our clients or others for breaching contractual confidentiality and security provisions or data protection laws. Monetary damages imposed on us could be significant and may impose costs in excess of insurance policy limits or not be covered by our insurance at all, and our insurers may not continue to provide coverage on reasonable terms or may disclaim coverage as to any future claims. Techniques used by bad actors to obtain unauthorized access, disable or degrade service, or sabotage systems continuously evolve and may not immediately produce signs of intrusion, and we may be unable to anticipate these techniques or to implement adequate preventative measures. In addition, a security breach could require that we expend substantial additional resources related to the security of our information systems, diverting resources from other projects and disrupting our businesses. --- ## Modified: Cognizant23December 31, 2025 Form 10-K **Key changes:** - Reworded sentence: "23 Table of Contents Table of Contents While we maintain insurance for certain potential liabilities, such insurance does not cover all types and amounts of potential liabilities and is subject to various exclusions as well as deductibles and caps on amounts recoverable." - Reworded sentence: "We have also been the subject of a number of putative securities class action complaints and putative shareholder derivative complaints relating to the matters that were the subject of our now concluded internal investigation into potential violations of the FCPA and other applicable laws, and may be subject to such legal actions for other matters in the future." **Prior (2025):** We are subject to, and may become a party to, a variety of litigation or other claims and suits that arise from time to time in the conduct of our business. Our business is subject to the risk of litigation involving current and former employees, clients, alliance partners, subcontractors, suppliers, competitors, shareholders, government agencies or others through private actions, class actions, whistleblower claims, administrative proceedings, regulatory actions or other litigation. While we maintain insurance for certain potential liabilities, such insurance does not cover all types and amounts of potential liabilities and is subject to various exclusions as well as deductibles and caps on amounts recoverable. Our client engagements expose us to significant potential legal liability and litigation expense if we fail to meet our contractual obligations or otherwise breach obligations to third parties or if our subcontractors breach or dispute the terms of our agreements with them and impede our ability to meet our obligations to our clients. We also face considerable potential legal liability from a variety of other sources. Our acquisition activities have in the past and may in the future be subject to litigation or other claims, including claims from employees, clients, stockholders, or other third parties. We have also been the subject of a number of putative securities class action complaints and putative shareholder derivative complaints relating to the matters that were the subject of our now concluded internal investigation into potential violations of the FCPA and other applicable laws, and may be subject to such legal actions for these or other matters in the future. See "Part I, Item 3. Legal Proceedings" for more information. We establish reserves for these and other matters when a loss is considered probable and the amount can be reasonably estimated; however, the estimation of legal reserves and possible losses involves significant judgment and may not reflect the full range of uncertainties and unpredictable outcomes inherent in litigation, and the actual losses arising from particular matters may exceed our estimates and materially adversely affect our results of operations. **Current (2026):** 23 Table of Contents Table of Contents While we maintain insurance for certain potential liabilities, such insurance does not cover all types and amounts of potential liabilities and is subject to various exclusions as well as deductibles and caps on amounts recoverable. Our client engagements expose us to significant potential legal liability and litigation expense if we fail to meet our contractual obligations or otherwise breach obligations to third parties or if our subcontractors breach or dispute the terms of our agreements with them and impede our ability to meet our obligations to our clients. We also face considerable potential legal liability from a variety of other sources. Our acquisition activities have in the past and may in the future be subject to litigation or other claims, including claims from employees, clients, stockholders, or other third parties. We have also been the subject of a number of putative securities class action complaints and putative shareholder derivative complaints relating to the matters that were the subject of our now concluded internal investigation into potential violations of the FCPA and other applicable laws, and may be subject to such legal actions for other matters in the future. See "Part I, Item 3. Legal Proceedings" for more information. We establish reserves for these and other matters when a loss is considered probable and the amount can be reasonably estimated; however, the estimation of legal reserves and possible losses involves significant judgment and may not reflect the full range of uncertainties and unpredictable outcomes inherent in litigation, and the actual losses arising from particular matters may exceed our estimates and materially adversely affect our results of operations. --- ## Modified: Our use of AI technologies may not be successful and may present business, financial, legal and reputational risks. **Key changes:** - Reworded sentence: "We have incurred and plan to continue to incur significant development and" **Prior (2025):** We expect the proliferation of AI will have a significant impact on our industry, and we believe our ability to compete in this space will be critical to our financial performance. We increasingly use AI-based technologies, including GenAI, in our client offerings and our own internal operations. We have incurred and plan to continue to incur significant development and operational costs to build and support our AI capabilities, including costs to ensure ongoing compliance with the complex and rapidly evolving legal landscape around AI and automation. If we fail to develop and implement AI solutions that meet our internal and client needs or if we are unable to bring AI-enabled solutions to market as effectively or with the same speed as our competitors, we may fail to recoup our investments in AI and our financial performance, competitive position, business and reputation may be adversely impacted. AI technology and services are part of a highly competitive and rapidly evolving market. We face significant competition from our traditional competitors as well as other third parties, including those that are new to the market, and our clients may develop their own AI-related capabilities. Some services that we historically performed for our clients have been and will continue to be replaced by AI or other forms of automation, including our own AI-enabled client offerings. Each of the foregoing may lead to reduced demand for our services or harm our ability to obtain favorable pricing or other terms for our services, which could have a material adverse effect on our business, results of operations and financial condition. **Current (2026):** We expect the proliferation of AI will have a significant impact on our industry, and we believe our ability to compete in this space will be critical to our financial performance. We increasingly use AI-based technologies, including GenAI, in our client offerings and our own internal operations. We have incurred and plan to continue to incur significant development and --- ## Modified: Cognizant15December 31, 2025 Form 10-K **Key changes:** - Reworded sentence: "15 Table of Contents Table of Contents operational costs to build and support our AI capabilities, including costs to ensure ongoing compliance with the complex and rapidly evolving legal landscape around AI and automation." - Reworded sentence: "In the future, we may face difficulties acquiring the necessary rights from third parties due to market competition, pricing changes, licensing restrictions and other factors." - Reworded sentence: "To overcome this, we may need to invest in alternative strategies, such as forming partnerships or developing our own resources." **Prior (2025):** 15 Table of Contents Table of Contents AI technology and services require access to high-quality datasets, foundation models, and other AI system components. We currently rely, in part, on third parties to provide these components. In the future, we may face difficulties acquiring the necessary rights from third parties due to market competition and other factors. This challenge could hinder our ability to develop, implement or maintain AI technologies. To overcome this, we may need to invest in alternative strategies, such as forming alliances or developing our own resources. In addition, the development, adoption, and use of AI technologies are all still in their early stages and ineffective or inadequate AI development or deployment practices by us, our clients, or third parties with whom we do business could result in unintended consequences. Such consequences may include, for example, employees making decisions based on biased or inaccurate information; unauthorized disclosure of sensitive information; operational inefficiencies leading to decreased productivity; deliberate misuse; or infringement of third-party IP rights. Additionally, the use of AI by us or our business partners may create new cybersecurity vulnerabilities, including those which may not be recognized at the time. The uncertainty around the safety and security of new and emerging AI applications requires significant investment to test for security, accuracy, bias, and other variables - efforts that can be complex, costly, and potentially impact our profit margins, and may cause decreased demand for our services or harm to our business, results of operations, financial condition, or reputation. Addressing these consequences may require significant operational costs to implement, manage, and maintain processes around the AI lifecycle that align with industry standards and meet customer expectations. Furthermore, the legal and regulatory landscape surrounding AI technologies is rapidly evolving and uncertain, with jurisdictions around the world applying, or considering applying, laws and regulations related to IP, cybersecurity, export controls, privacy, data security, and data protection to AI and automated decision-making, or general legal frameworks on AI, such as the EU AI Act, which entered into force in 2024 and parts of which apply beginning in 2025. These laws are continuously evolving and developing and may impose obligations on companies developing and using AI or automated decision-making technologies. Given the rapid rate of change and the often uncertain scope, interpretation, and application of these laws and regulations, which may be in conflict across jurisdictions, we may not always be able to anticipate how courts and regulators will apply existing laws to AI, predict how new legal frameworks will address AI, or otherwise ensure compliance with these frameworks. As a result, we may have to expend resources to adjust our offerings in certain jurisdictions if the legal frameworks on AI are not consistent across jurisdictions, and the EU AI Act may increase costs or impact the operation of our AI services. Compliance with new or changing laws, regulations, industry standards or ethical requirements and expectations relating to AI may impose significant operational costs requiring us to change our service offerings or business practices, particularly as we expand the use of such technologies, or may limit or prevent our ability to develop, deploy, or use AI technologies. Failure to appropriately conform to this evolving landscape may result in legal liability, regulatory action, or brand and reputational harm. Finally, AI technology may be viewed negatively by the public due to media scrutiny over issues such as job displacement, privacy and ethical AI concerns. This negative perception can adversely affect our investments in AI technology, both directly and indirectly. **Current (2026):** 15 Table of Contents Table of Contents operational costs to build and support our AI capabilities, including costs to ensure ongoing compliance with the complex and rapidly evolving legal landscape around AI and automation. If we fail to develop and implement AI solutions that meet our internal and client needs, if we are unable to offer or bring AI-enabled solutions to market as effectively or with the same speed as our competitors, or if our clients do not accept new pricing models that reflect the value of our AI-enabled solutions, we may fail to recoup our investments in AI and our financial performance, competitive position, business and reputation may be adversely impacted. AI technology and services are part of a highly competitive and rapidly evolving market. We face significant competition from our traditional competitors as well as other third parties, including those that are new to the market, and our clients may develop their own AI-related capabilities. Some services that we historically performed for our clients have been and will continue to be replaced by AI or other forms of automation, including our own AI-enabled client offerings. Each of the foregoing may lead to reduced demand for our services or harm our ability to obtain favorable pricing or other terms for our services, which could have a material adverse effect on our business, results of operations and financial condition. AI technology and services require access to high-quality datasets, models (including foundation models), and other AI system components. We currently rely, in part, on third parties to provide these components. In the future, we may face difficulties acquiring the necessary rights from third parties due to market competition, pricing changes, licensing restrictions and other factors. This challenge could hinder our ability to develop, implement or maintain AI technologies. To overcome this, we may need to invest in alternative strategies, such as forming partnerships or developing our own resources. In addition, the development, adoption and use of AI technologies continue to evolve rapidly and ineffective or inadequate AI development or deployment practices by us, our clients or other third parties may not deliver anticipated efficiencies and could result in unintended consequences. Such consequences may include, for example, operational or compliance risks; reliance on outputs that reflect biased, incomplete or inaccurate information; unauthorized disclosure of sensitive information; operational inefficiencies leading to decreased productivity; deliberate misuse; or infringement of third-party IP rights. Additionally, the use of AI by us or our business partners may create new or exacerbate existing cybersecurity vulnerabilities, including novel risk vectors that may not be immediately identifiable. Ongoing uncertainty around the performance, safety and security of new and emerging AI applications requires continued significant investment in monitoring, validation and implementation of governance processes and controls across the AI lifecycle relating to security, accuracy, bias and other variables to ensure alignment with industry standards and meet customer expectations. These efforts can be complex and resource intensive, could potentially impact our profit margins, may not sufficiently address risks and may cause decreased demand for our services or harm to our business, results of operations, financial condition or reputation. Furthermore, the legal and regulatory landscape surrounding AI technologies is rapidly evolving, uncertain and varies significantly by jurisdiction. Authorities around the world are applying, or considering applying, laws and regulations related to IP, cybersecurity, export controls, privacy, data security and data protection to AI and automated decision-making technologies, as well as adopting AI-specific regulatory frameworks, such as emerging U.S. state AI laws and the EU AI Act which entered into force in 2024 and parts of which began applying in 2025. These laws are subject to ongoing interpretation and implementation and may impose obligations on companies developing and using AI or automated decision-making technologies. Given the pace of regulatory development and the potential for divergent or evolving scope, interpretation and application of these laws and regulations, we may not always be able to anticipate how courts and regulators will apply existing laws to AI or how new AI-specific legal frameworks will be implemented, or otherwise ensure compliance with these frameworks. Regulatory approaches may differ or conflict across jurisdictions, which could require us to expend resources to tailor or limit certain AI-related offerings in specific markets. For example, the EU AI Act may increase costs or impact the operation of our AI services. Compliance with new or changing laws, regulations, industry standards or ethical requirements and expectations relating to AI may impose significant operational costs, require additional investment in governance, documentation and controls, or necessitate changes to our service offerings or business practices, particularly as we expand the use of such technologies. In certain circumstances, these requirements could delay, limit or prevent our ability to develop, deploy or use AI technologies. Failure to effectively navigate and comply with this evolving landscape may result in legal liability, regulatory action, or brand and reputational harm. Although we maintain a responsible AI framework aligned with recognized international standards that includes risk assessment processes, oversight structures and controls across the AI lifecycle, it may not be sufficient to identify, assess, and mitigate all AI-related risks. The effectiveness of our responsible AI framework depends on numerous factors, including the accuracy of risk assessments, the adequacy of implemented controls, and our ability to adapt to rapidly changing AI capabilities and use cases. There can be no assurance that our responsible AI framework will adequately identify, assess and prevent all AI-related risks. Finally, AI technology is subject to heightened public and media scrutiny, including with respect to workplace impacts, privacy and ethical concerns. Negative public perception could adversely affect customer demand and our investments in AI technology, which could in turn adversely affect our business or reputation. --- ## Modified: Evolving and conflicting sustainability and societal related expectations or standards could adversely affect our business or damage our reputation. **Key changes:** - Reworded sentence: "Shifting stakeholder expectations and evolving regulatory and disclosure standards around sustainability and societal matters could impact our business." - Reworded sentence: "Our ability to meet our sustainability ambitions is also subject to external factors outside of our control including the ability and willingness of our suppliers to reduce emissions and the advancement of new emission reducing technologies." **Prior (2025):** Shifting stakeholder expectations and evolving regulatory and disclosure standards around ESG could impact our business. We are subject to, and expect to become increasingly subject to, laws, regulations and international treaties relating to ESG, including the European Union's Corporate Sustainability Reporting Directive (CSRD) and California's climate change disclosure requirements. As these new laws, regulations, treaties and similar initiatives and programs continue to be adopted and implemented, we will be required to comply or potentially face market access limitations, enforcement actions, civil suits or sanctions, including fines. If new laws or regulations are more stringent than current legal or regulatory requirements, we may experience increased compliance burdens and costs to meet such obligations. If we fail to comply with new laws, regulations, treaties, or reporting requirements, our reputation and business could be adversely impacted. Our ability to meet our ESG ambitions is also subject to external factors outside of our control including the ability and willingness of our suppliers to reduce emissions and the advancement of new emission reducing technologies. In addition, global clients often rely on ESG rating systems for bids and buying practices, and yet the criteria used in the ratings may conflict and change frequently, and we cannot predict how these third parties will score us, nor can we have any assurance that they score us or other companies **Current (2026):** Shifting stakeholder expectations and evolving regulatory and disclosure standards around sustainability and societal matters could impact our business. We are subject to, and expect to become increasingly subject to, laws, regulations and international treaties relating to sustainability. As these new laws, regulations, treaties and similar initiatives and programs continue to be adopted and implemented, we will be required to comply or potentially face market access limitations, enforcement actions, civil suits or sanctions, including fines. If new laws or regulations are more stringent than current legal or regulatory requirements, we may experience increased compliance burdens and costs to meet such obligations. If we fail to comply with new laws, regulations, treaties, or reporting requirements, our reputation and business could be adversely impacted. Our ability to meet our sustainability ambitions is also subject to external factors outside of our control including the ability and willingness of our suppliers to reduce emissions and the advancement of new emission reducing technologies. In addition, global clients often rely on sustainability rating systems for bids and buying practices, and yet the criteria used in the ratings may conflict and change frequently, and we cannot predict how these third parties will score us, nor can we have any assurance that they score us or other companies accurately, or that we will be able to score well as such criteria change. We supplement our participation in ratings systems with published disclosures of our sustainability and societal activities, but some investors may desire other disclosures that we do not provide. At the same time, an increasing number of stakeholders, including regulators, and lawmakers have expressed or pursued conflicting views, legislation and investment expectations with respect to sustainability and societal ratings, ambitions and disclosures, which may expose us to additional legal, financial or reputational risks based upon our sustainability and societal ambitions and disclosures. We may be unable to satisfy all of our stakeholders on these matters, and as a result our reputation, our ability to attract or retain employees and our business could be negatively affected. --- ## Modified: Cognizant22December 31, 2025 Form 10-K **Key changes:** - Reworded sentence: "22 Table of Contents Table of Contents We are also subject to a wide range of potential enforcement actions, audits or investigations regarding our compliance with these laws or regulations in the conduct of our business, and any finding of a violation could subject us to a wide range of civil or criminal penalties, including fines, debarment, or suspension or disqualification from government contracting, prohibitions or restrictions on doing business in one or more jurisdictions, loss of clients and business, legal claims by clients and unfavorable publicity or damage to our reputation." **Prior (2025):** 22 Table of Contents Table of Contents enforcement actions (whether or not we participated or knew about the actions leading to the violations), including fines or penalties, disgorgement of profits and suspension or disqualification from work, including U.S. federal contracting, any of which could materially adversely affect our business, including our results of operations and our reputation. **Current (2026):** 22 Table of Contents Table of Contents We are also subject to a wide range of potential enforcement actions, audits or investigations regarding our compliance with these laws or regulations in the conduct of our business, and any finding of a violation could subject us to a wide range of civil or criminal penalties, including fines, debarment, or suspension or disqualification from government contracting, prohibitions or restrictions on doing business in one or more jurisdictions, loss of clients and business, legal claims by clients and unfavorable publicity or damage to our reputation. We could also face significant compliance and operational burdens and incur significant costs in our efforts to comply with or rectify non-compliance with these laws or regulations. Such burdens or costs may result in an adverse effect on our financial condition and results of operations. We commit significant financial and managerial resources to comply with our internal control over financial reporting requirements, but we have in the past identified and may in the future identify material weaknesses or significant deficiencies in our internal control over financial reporting that cause us to incur incremental remediation costs in order to maintain adequate controls. Our employees, subcontractors, vendors, agents, alliance partners, the companies we acquire and their employees, vendors and agents, and other third parties with which we associate, have in the past and could in the future take actions that violate policies or procedures designed to promote legal and regulatory compliance or applicable anticorruption laws or regulations. Violations of these laws or regulations by us, our employees or any of these third parties could subject us to criminal or civil enforcement actions (whether or not we participated or knew about the actions leading to the violations), including fines or penalties, disgorgement of profits and suspension or disqualification from work, including U.S. federal contracting, any of which could materially adversely affect our business, including our results of operations and our reputation. --- *Data sourced from SEC EDGAR. Last updated 2026-06-01.*