Danaher Corporation: 10-K Risk Factor Changes

Our growth depends in part on the growth of the markets which we serve, and visibility into our markets can be limited (particularly for markets into which we sell through distribution). Our quarterly sales and profits depend substantially on the volume and timing of orders received during the quarter, which are difficult to forecast. Any decline or lower than expected growth in our served markets can diminish demand for our products and services and adversely affect our business and financial statements and any failure to accurately forecast demand, cost levels and financial performance can adversely impact our business, financial statements and stock price. Certain of our businesses operate in industries that experience seasonality, or industries that have experienced and may continue to experience periodic, cyclical downturns. For example, demand for our molecular diagnostics products is typically heavier in anticipation of and during respiratory season, and in the past has been impacted and in the future will be impacted by the degree of severity of the flu and COVID-19 season as well as by outbreaks of other infectious diseases. Certain of our businesses have also experienced cyclical dynamics as a result of factors such as inventory de-stocking, high interest rates and depressed funding levels for biotechnology companies. In addition, lower levels of funding available to biotechnology companies (particularly smaller and emerging companies) in recent years has reduced demand for certain of our products and may have a similar impact in the future. In addition, in certain of our businesses demand depends on customers’ capital spending budgets, government funding policies (including research funding policies) and interest rates, and matters of public policy and government budget, fiscal and monetary dynamics as well as product and economic cycles can affect the spending decisions of these entities. The availability of governmental research funding has been, and may in the future be, adversely affected by policy changes, economic conditions and governmental spending reductions, including the downsizing or reduced funding of certain government agencies. 18 18 18 Demand for our products and services is also sensitive to changes in customer order patterns, which may be affected by announced price changes, marketing or promotional programs that may accelerate demand in a particular fiscal period and diminish demand in subsequent periods, new product introductions, the timing of industry trade shows and changes in distributor or customer inventory levels due to distributor or customer management thereof or other factors. Any of these factors could adversely affect our business and financial statements in any given period.

Our growth depends in part on the growth of the markets which we serve, and visibility into our markets can be limited (particularly for markets into which we sell through distribution). Our quarterly sales and profits depend substantially on the volume and timing of orders received during the quarter, which are difficult to forecast. Any decline or lower than expected growth in our served markets can diminish demand for our products and services and adversely affect our business and financial statements. Certain of our businesses operate in industries that experience seasonality, or industries that have experienced and may continue to experience periodic, cyclical downturns. For example, demand for our molecular diagnostics products is typically heavier in anticipation of and during respiratory season, and in the past has been impacted and in the future will be impacted by the degree of severity of the flu and COVID-19 season as well as by outbreaks of other infectious diseases. Certain of our businesses have also experienced recent, cyclical dynamics as a result of factors such as inventory de-stocking, high interest rates and depressed funding levels for biotechnology companies. 17 17 17 In addition, in certain of our businesses demand depends on customers’ capital spending budgets, government funding policies and interest rates, and matters of public policy and government budget, fiscal and monetary dynamics as well as product and economic cycles can affect the spending decisions of these entities. Demand for our products and services is also sensitive to changes in customer order patterns, which may be affected by announced price changes, marketing or promotional programs, new product introductions, the timing of industry trade shows and changes in distributor or customer inventory levels due to distributor or customer management thereof or other factors. Any of these factors could adversely affect our business and financial statements in any given period.

We rely on IT systems, some of which are provided and/or managed by third-parties, to collect, use, store, transfer and otherwise process electronic information (including sensitive data such as confidential business information and personal 21 21 21 data relating to employees, customers, other business partners and patients), and to manage or support a variety of critical business processes and activities (such as receiving and fulfilling orders, billing, collecting and making payments, shipping products, providing services and support to customers and fulfilling contractual obligations). Errors, defects, security issues or other vulnerabilities in third-party technology or in the integration of third-party technology with our systems or products could result in errors that could harm our business. In addition, some of our products and services, including those related to remote monitoring, incorporate software and IT that house personal data and some products or software we sell to customers connect to our systems for maintenance or other purposes. We also have products and systems that connect to the internet, hospital networks, electronic medical record systems or electronic health record systems. Our systems, products and services (including those we acquire through business acquisitions) are susceptible to being damaged, disrupted or shut down due to attacks by computer hackers, computer viruses, ransomware, human error or malfeasance (including by employees), power outages, hardware failures, telecommunication or utility failures, catastrophes, war, conflicts or other unforeseen events, and in any such circumstances our system redundancy and other disaster recovery planning may be ineffective or inadequate. Certain attacks also target hardware, software and information installed, stored or transmitted in our products after such products have been purchased and incorporated into third-party products, facilities or infrastructure. Security breaches of systems provided or enabled by us, regardless of whether the breach is attributable to a vulnerability in our products or services, or security breaches of third-party suppliers we rely on to process, store or transmit electronic information, can result in the misappropriation, destruction or unauthorized disclosure of confidential information or personal data belonging to us or to our employees, partners, customers, patients or suppliers. In some cases, we may address software and hardware vulnerabilities through security updates and patches we make available to customers, and such vulnerabilities may persist if customers do not promptly install (or promptly schedule service in connection with) such updates and patches. Like most multinational corporations, our IT systems and data have been subject to computer viruses, malicious codes, unauthorized access and other cyber-attacks and we expect the sophistication and frequency of such attacks to continue to increase. Unauthorized tampering, adulteration or interference with our products may also adversely affect product functionality and result in loss of data, risk to patient safety and product recalls or field actions. In addition, the rapid evolution and increased adoption of AI, including adopted by computer hackers or other malicious actors, may intensify our cybersecurity risks. The attacks, breaches, misappropriations and other disruptions and damage described above have the ability to interrupt our operations or the operations of our customers and partners, delay production and shipments, result in theft of our and our customers’ intellectual property and trade secrets, result in disclosure of personal data, damage customer, patient, business partner and employee relationships and our reputation and result in defective products or services, legal claims and proceedings, liability and penalties under privacy and other laws and increased costs for security and remediation, in each case resulting in an adverse effect on our business and financial statements. Our liability insurance may not be sufficient in type or amount to cover us against claims related to security breaches, cyber-attacks and other related breaches. In addition, any businesses or technologies that we acquire may exacerbate the risks set forth above, for example due to acquired vulnerabilities or threats that were unknown or were ineffectively managed. Our IT systems require an ongoing commitment of significant resources to maintain and enhance existing systems and develop new systems to keep pace with continuing rapid changes in information processing technology, evolving legal and regulatory standards, evolving customer expectations, changes in the techniques used to obtain unauthorized access to data and information systems, and the IT needs associated with our changing products and services. These risks are exacerbated by the increasing importance of AI and the increasing incorporation of AI in our business. There can be no assurance that we will be able to successfully maintain, enhance and upgrade our systems as necessary to effectively address these requirements. Any inability to maintain reliable IT systems and appropriate controls with respect to global data privacy and security requirements and prevent data breaches can result in adverse regulatory and business consequences and litigation. As a global organization, we are subject to data privacy and security laws, regulations and customer-imposed controls in numerous jurisdictions as a result of having access to and processing confidential, personal and/or sensitive data in the course of our business. For example, entities that are found to be in violation of HIPAA as the result of a breach of unsecured patient health information, a complaint about privacy practices or an audit by HHS, may be subject to significant civil, criminal and administrative fines and penalties and/or additional reporting and oversight obligations. In addition, a significant number of countries where we operate have enacted privacy or data protection laws, rules and regulations, many of which have extraterritorial scope, with significant penalties for non-compliance. For example, failure to comply with the requirements of the GDPR and the applicable national data protection laws of the EU member states and other states subject to the GDPR may result in fines of up to €20 million or up to 4% of total worldwide annual turnover for the preceding financial year, whichever is higher, and other administrative penalties. Please see “Item 1. Business—Regulatory Matters” for additional information. Data privacy regulation and enforcement continues to evolve, with recent, increased focus on topics such as the use of AI, biometrics and surveillance technologies. 22 22 22 Government investigations and enforcement actions can be costly and interrupt the regular operation of our business, and data breaches or violations of data privacy laws can result in civil and criminal, monetary and non-monetary penalties and damage to customer, patient, business partner and employee relationships and to our reputation, any of which may adversely affect our business and financial statements. In addition, compliance with the varying data privacy regulations across the U.S. and around the world has required significant expenditures and may require additional expenditures, and may require further changes in our products or business models that increase expenses or reduce revenue.

We rely on information technology systems, some of which are provided and/or managed by third-parties, to process, transmit and store electronic information (including sensitive data such as confidential business information and personal data relating to employees, customers, other business partners and patients), and to manage or support a variety of critical business processes and activities (such as receiving and fulfilling orders, billing, collecting and making payments, shipping products, providing services and support to customers and fulfilling contractual obligations). Errors, defects, security issues or other vulnerabilities in third-party technology or in the integration of third-party technology with our systems could result in errors that could harm our business. In addition, some of our remote monitoring products and services incorporate software and information technology that house personal data and some products or software we sell to customers connect to our systems for maintenance or other purposes. These systems, products and services (including those we acquire through business acquisitions) are susceptible to being damaged, disrupted or shut down due to attacks by computer hackers, computer viruses, ransomware, human error or malfeasance (including by employees), power outages, hardware failures, telecommunication or utility failures, catastrophes, war, conflicts or other unforeseen events, and in any such circumstances our system redundancy and other disaster recovery planning may be ineffective or inadequate. Certain attacks also target hardware, software and information installed, stored or transmitted in our products after such products have been purchased and incorporated into third-party products, facilities or infrastructure. Security breaches of systems provided or enabled by us, regardless of whether the breach is attributable to a vulnerability in our products or services, or security breaches of third-party suppliers we rely on to process, store or transmit electronic information, can result in the misappropriation, destruction or unauthorized disclosure of confidential information or personal data belonging to us or to our employees, partners, customers, patients or suppliers. Like most multinational corporations, our information technology systems and data have been subject to computer viruses, malicious codes, unauthorized access and other cyber-attacks and we expect the sophistication and frequency of such attacks to continue to increase. Unauthorized tampering, adulteration or interference with our products may also adversely affect product functionality and result in loss of data, risk to patient safety and product recalls or field actions. In addition, the rapid evolution and increased adoption of artificial intelligence technologies may intensify our cybersecurity risks. The attacks, breaches, misappropriations and other disruptions and damage described above have the ability to interrupt our operations or the operations of our customers and partners, delay production and shipments, result in theft of our and our customers’ intellectual property and trade secrets, result in disclosure of personal data, damage customer, patient, business partner and employee relationships and our reputation and result in defective products or services, legal claims and proceedings, liability and penalties under privacy and other laws and increased costs for security and remediation, in each case resulting in an adverse effect on our business and financial statements. Our liability insurance may not be sufficient in type or amount to cover us against claims related to security breaches, cyber-attacks and other related breaches. In addition, any businesses that we acquire may further expose us to the risks set forth above. In addition, our information technology systems require an ongoing commitment of significant resources to maintain and enhance existing systems and develop new systems to keep pace with continuing changes in information processing technology, evolving legal and regulatory standards, evolving customer expectations, changes in the techniques used to obtain unauthorized access to data and information systems, and the information technology needs associated with our changing products and services. There can be no assurance that we will be able to successfully maintain, enhance and upgrade our systems as necessary to effectively address these requirements. Further, more of our employees work remotely now compared to before the beginning of the COVID-19 pandemic, which exposes us to greater cybersecurity and data privacy risks. Any inability to maintain reliable information technology systems and appropriate controls with respect to global data privacy and security requirements and prevent data breaches can result in adverse regulatory and business consequences and litigation. As a global organization, we are subject to data privacy and security laws, regulations and customer-imposed controls in numerous jurisdictions as a result of having access to and processing confidential, personal and/or sensitive data in the course of our business. For example, entities that are found to be in violation of HIPAA as the result of a breach of unsecured patient health information, a complaint about privacy practices or an audit by HHS, may be subject to significant civil, criminal and administrative fines and penalties and/or additional reporting and oversight obligations. Failure to comply with the requirements of the GDPR and the applicable national data protection laws of the EU member states and other states subject to the GDPR may result in fines of up to €20 million or up to 4% of total worldwide annual turnover for the preceding financial year, whichever is higher, and other administrative penalties. Please see “Item 1. Business—Regulatory Matters” for additional information. Government investigations and enforcement actions can be costly and interrupt the regular operation of our business, and data breaches or violations of data privacy laws can result in civil and criminal, monetary and non-monetary penalties and damage to customer, patient, business partner and employee relationships and to our reputation, any of which may adversely affect our business and financial statements. In addition, compliance with the varying data privacy regulations across the U.S. and around the world has required significant expenditures and may require additional expenditures, and may require further changes in our products or business models that increase expenses or reduce revenue. 21 21 21

We are in the early stages of incorporating AI, including machine learning technologies, into our business activities and our product and service offerings. As with many innovations, AI presents risks and challenges that could adversely impact our business. The development, adoption, and use of AI technologies are still in their early stages and ineffective, inadequate or premature AI development or deployment practices could result in unintended consequences such as competitive harm, regulatory penalties, legal liability or brand or reputational harm. For example, AI algorithms may be flawed or may be based on datasets that are biased or insufficient or contain errors. In addition, any disruption or failure in the AI functionality we incorporate into our business activities, products or services could adversely impact our business or result in delays or errors in our offerings. Conversely, any failure to successfully develop and deploy AI in our business activities, products and services could adversely affect our competitiveness (particularly if our competitors successfully deploy AI in their businesses, products and services), and the development and deployment of AI has required and will require additional investment that increases our costs. There also may be real or perceived social harm, unfairness, or other outcomes that could undermine public confidence in the use and deployment of AI. Incorporating AI into our business operations presents new risks relating to intellectual property, disclosure of confidential data, data protection, data privacy and cybersecurity. For example, incorporating confidential information into AI systems may result in the loss of intellectual property or attorney-client privilege protections, and our use of AI technologies to develop products or services may adversely affect our intellectual property rights or violate third-party intellectual property rights. Any of the foregoing may result in decreased demand for our products or harm to our business, financial statements or reputation. Compliance with new or changing laws, regulations or industry standards relating to AI may impose significant costs and may limit our ability to develop, deploy or use AI technologies. Failure to appropriately respond to this evolving landscape may result in legal liability, regulatory action, or brand and reputational harm.

We are in the early stages of incorporating artificial intelligence (“AI”) into our business activities and our product and service offerings. As with many innovations, AI presents risks and challenges that could adversely impact our business. The development, adoption, and use of AI technologies are still in their early stages and ineffective or inadequate AI development or deployment practices could result in unintended consequences. For example, AI algorithms may be flawed or may be based on datasets that are biased or insufficient. In addition, any disruption or failure in the AI functionality we incorporate into our business activities, products or services could adversely impact our business or result in delays or errors in our offerings. Conversely, any failure to successfully develop and deploy AI in our business activities, products and services could adversely affect our competitiveness (particularly if our competitors successfully deploy AI in their businesses, products and services), and the development and deployment of AI will require additional investment and increase our costs. There also may be real or perceived social harm, unfairness, or other outcomes that undermine public confidence in the use and deployment of AI. Any of the foregoing may result in decreased demand for our products or harm to our business, financial statements or reputation. The legal and regulatory landscape surrounding AI technologies is rapidly evolving and uncertain, including in the areas of intellectual property, cybersecurity and privacy and data protection. Compliance with new or changing laws, regulations or industry standards relating to AI may impose significant costs and may limit our ability to develop, deploy or use AI technologies. Failure to appropriately respond to this evolving landscape may result in legal liability, regulatory action, or brand and reputational harm.

Military conflicts (such as the conflicts between Russia and Ukraine and in the Middle East) can adversely affect our business and financial statements, including as a result of sanctions, embargoes, regional instability, geopolitical shifts and adverse impacts on energy supplies and prices. Military conflicts also heighten other risks disclosed in this Annual Report, any of which can adversely affect our business and financial statements. The Company has suspended the shipment of products to Russia with the exception of products for the purposes of diagnosing and treating patients and producing vaccines and therapeutics. In 2025, Russia, Ukraine and Israel sales combined accounted for less than 1% of the Company’s sales. 27 27 27

Military conflicts (such as the conflicts between Russia and Ukraine and in the Middle East) can adversely affect our business and financial statements. For example, consequences of the conflict between Russia and Ukraine have included sanctions, embargoes, regional instability, geopolitical shifts and adverse impacts on energy supplies and prices, and such conflict or other conflicts may cause similar adverse effects in the future. In addition to suspending sales prohibited by sanctions, the Company has suspended the shipment of products to Russia with the exception of products for the purposes of diagnosing and treating patients and producing vaccines and therapeutics. Military conflicts also heighten other risks disclosed in this Annual Report, any of which can adversely affect our business and financial statements. Such risks include, but are not limited to, adverse effects on macroeconomic conditions, including increased inflation, constraints on the availability of commodities, supply chain disruption and decreased business spending; disruptions to our or our business partners’ global technology infrastructure, including through cyber-attack or cyber-intrusion; adverse changes in international trade policies and relations; claims, litigation and regulatory enforcement; potential retaliatory actions by governments against companies, such as nationalization of foreign businesses; adverse impacts on our ability to implement and execute our business strategy; terrorist activities; our exposure to foreign currency fluctuations; reputational risk; and constraints, volatility, or disruption in the capital markets. In 2024, Russia, Ukraine and Israel sales combined accounted for less than 1% of the Company’s sales.

Significant developments or changes in national laws or policies to protect or promote domestic interests and/or address foreign competition, including laws and policies in areas such as trade, manufacturing, government purchasing, healthcare, intellectual property, regulatory enforcement and investment/development, can adversely affect our business and financial statements. The U.S. has announced and/or implemented significant new tariffs on imports from a wide range of countries, which has prompted retaliatory tariffs by a number of countries and a cycle of retaliatory tariffs by both the U.S. and other countries. Subsequently, actions have been taken by the U.S. and certain other countries to modify certain of these tariffs and/or delay their effective dates, and the U.S. has entered into trade agreements with certain countries implementing new tariffs. In February 2026, the U.S. Supreme Court ruled that the International Emergency Economic Powers Act (“IEEPA”), which the U.S. administration relied on to impose certain tariffs, does not authorize the administration to impose tariffs. In response, the administration announced plans to implement new tariffs under alternative statutory authority. The full impact of the U.S. Supreme Court’s ruling and the administration’s response remain uncertain; as of the date of this Annual Report, a number of tariffs issued by the United States and other countries remain in effect. Collectively, these tariffs increase the cost to us of supplies and components we import, which in turn has required and will require us to implement surcharges and/or increase the price of certain of our products, among other countermeasures; can increase the cost to our customers of certain of our finished goods, which together with the surcharges and price increases noted above can adversely impact demand for our products and our competitive positioning; could adversely impact the availability to us of certain products in certain countries and disrupt our supply chains, with related impacts to our operations; and could exacerbate inflation, diminish investment and result in broader negative impacts including increased political and economic instability and capital markets dislocation that may adversely impact demand for our products. In addition, whenever we are unable to fully recover higher costs, or whenever there is a time delay between the increase in costs and our ability to recover these costs, our margins and profitability are adversely affected. The full impact of the U.S. Supreme Court’s February 2026 ruling and the administration’s response remain uncertain, the U.S. may implement additional tariffs and other measures, further retaliatory tariffs and other retaliatory actions may follow and the risks and adverse effects noted above may increase. Please see “Management’s Discussion and Analysis of Financial Condition and Results of Operations” for further discussion of the impact of these tariffs. Though the risks identified above in certain cases have already adversely impacted parts of our business, the full impact of these tariffs and other actions on the Company and on our business partners remains highly uncertain and subject to rapid change. In addition, certain governments have implemented policies to induce “re-shoring” of supply chains, reduce reliance on imported supplies and promote national production. For example, the Chinese government has issued a series of policies in the past several years to promote the development and use of local medical devices.

Significant developments or changes in national laws or policies to protect or promote domestic interests and/or address foreign competition, including laws and policies in areas such as trade, manufacturing, government purchasing, healthcare, intellectual property and investment/development, can adversely affect our business and financial statements. For example, certain governments have implemented policies to induce “re-shoring” of supply chains, reduce reliance on imported supplies and promote national production. The Chinese government has issued a series of policies in the past several years to promote the development and use of local medical devices. In addition, in recent years the U.S. has increased tariffs on certain imported goods and trade tensions between China and other countries (including the U.S.) have escalated, with countries imposing significant additional tariffs on a wide range of imported goods. Following the recent change of administration in the U.S., new tariffs have been implemented and have prompted retaliatory tariffs by certain countries, further tariffs my follow and the risks noted above have increased. The full impact of these tariffs on the Company and our business partners remains uncertain.