--- ticker: HD company: Home Depot Inc. filing_type: 10-K year_current: 2025 year_prior: 2024 risks_added: 0 risks_removed: 0 risks_modified: 9 risks_unchanged: 16 source: SEC EDGAR url: https://riskdiff.com/hd/2025-vs-2024/ markdown_url: https://riskdiff.com/hd/2025-vs-2024/index.md generated: 2026-05-10 --- # Home Depot Inc.: 10-K Risk Factor Changes 2025 vs 2024 > Source: U.S. Securities and Exchange Commission (EDGAR) > Generated: 2026-05-10 > All data extracted directly from official filings. No hallucinated content. > **[AI-Generated Summary]** The paragraph below was produced by a language > model and may contain errors. All other content on this page is deterministically > extracted from the original SEC filing. > Home Depot's 2025 Risk Factors section maintained its overall structure with 16 unchanged risks while substantively revising 9 existing risk disclosures, with no new risks added or removed. The most significant modifications addressed data privacy and security vulnerabilities, installation services management challenges, and business operations exposure, indicating Home Depot's focus on refining disclosures around operational execution and customer/employee information protection rather than introducing entirely new risk categories. --- ## Summary | Status | Count | |--------|-------| | New risks added | 0 | | Risks removed | 0 | | Risks modified | 9 | | Unchanged | 16 | --- ## Modified: If our efforts to maintain the privacy and security of customer, associate, job applicant, business partner, and Company information are not successful, we could incur substantial costs and reputational damage and could become subject to litigation and enforcement actions. **Key changes:** - Reworded sentence: "Unauthorized parties, including criminal threat actors, nation-states, or insiders (including associates or contractors engaged in fraudulent or malicious activities), have in the past gained access, and will continue to attempt to gain access, to these systems and data through technical vulnerabilities, breach of security policies, fraud or other means of deceiving or coercing our associates, contractors or third-party service providers, which could jeopardize the confidentiality, integrity, or availability of such information systems or data that we may handle." - Reworded sentence: "In light of the conflicts in Europe and the Middle East and other geopolitical events, nation-state actors or their supporters and other politically-motivated actors may launch retaliatory cyber-attacks, and may attempt to cause supply chain and other third-party service provider disruptions, or take other geopolitically-motivated retaliatory actions that may disrupt our business operations, result in data compromise, or both." - Reworded sentence: "As we have experienced in the past, any significant compromise or breach of our data security, whether external or internal, or misuse of customer, associate, job applicant, business partner, or Company data, could result in significant costs, including costs to investigate, mitigate, and remediate, as well as lost sales, fines, lawsuits, regulatory investigations, and damage to our reputation." - Reworded sentence: "When our systems or those of our third-party service providers on which we rely are breached or attacked, we may also suffer, and on some occasions have suffered, an outage, failure, or unavailability of data or information technology systems, and interruptions to our business operations while such breach or attack is being remedied; this may impact data or systems operated by us or by third-party service providers." - Reworded sentence: "Our business depends on our customers', associates', job applicants', contractors', and business partners' willingness to entrust us with their personal information." **Prior (2024):** Our business, like that of most retailers, involves the collection, use, retention, management, transmission, and deletion of personal information (including identifiers, localization, internet activity, preferences, and payment information) from our customers, associates, job applicants, and business partners, as well as confidential Company information. We also work with third-party service providers that provide technology, systems and services that we use in connection with the handling of information. Our information systems, and those of our third-party service providers, are vulnerable to continually evolving data protection and cybersecurity risks. Unauthorized parties have in the past gained access, and will continue to attempt to gain access, to these systems and data through fraud or other means of deceiving or coercing our associates or third-party service providers, which could jeopardize the confidentiality, integrity, or availability of such information systems or our information. Hardware, software or applications we develop or obtain from third parties may contain exploitable vulnerabilities, bugs, or defects in design, maintenance or manufacture or other problems that could unexpectedly compromise information security. We have experienced and continue to face the ongoing risk of exploitation of our software providers and our software development and implementation process, including from coding and process vulnerabilities and the installation of so-called back doors that provide unauthorized access to systems and data. The increased use of a remote workforce has also expanded the possible attack surface areas. In addition, the risk of cyber-attacks has increased in connection with geopolitical conflicts and ongoing trade and diplomatic tensions. In light of the conflicts in Europe and the Middle East and other geopolitical events, nation-state actors or their supporters may launch retaliatory cyber-attacks, and may attempt to cause supply chain and other third-party service provider disruptions, or take other geopolitically-motivated retaliatory actions that may disrupt our business operations, result in data compromise, or both. Nation-state actors have in the past carried out, and may in the future carry out, cyber-attacks to achieve their aims and goals, which may include espionage, monetary gain, disruption, and destruction. To achieve their objectives, nation-state actors and other cyber criminals have used and may continue to use numerous attack vectors and methods, including use of stolen passwords, social engineering, phishing, smishing, vishing, identity spoofing, ransomware or other disruptive and destructive malware, supply chain compromises, and man-in-the-middle and denial of service attacks. The methods used to obtain unauthorized access, disable or degrade service, or sabotage systems are constantly changing and evolving, increasing in frequency and sophistication, and may be difficult to anticipate or detect for long periods of time. The ever-evolving cybersecurity threat landscape means that we and our third-party service providers and business partners must continually evaluate and adapt our respective systems and processes and overall security environment, as well as those of companies we or they acquire. There is no guarantee that the measures we take will be adequate to safeguard against all threats, including vulnerabilities, data security breaches, system compromises or misuses of data. As we have experienced in the past, any significant compromise or breach of our data security, whether external or internal, or misuse of customer, associate, job applicant, business partner, or Company data, could result in significant costs, including costs to investigate and remediate, as well as lost sales, fines, lawsuits, regulatory investigations, and damage to our reputation. Because the techniques used to obtain unauthorized access, disable or degrade service, or sabotage systems change frequently and may not immediately produce signs of anomalous activity or compromise, we may be unable to anticipate these techniques or to implement adequate preventative measures. Additionally, as we have experienced in the past, we or our third-party service providers may not discover any security breach, vulnerability or compromise of information for a significant period of time after the occurrence of a security incident. Furthermore, our cyber insurance coverage may not be Fiscal 2023 Form 10-K16 Fiscal 2023 Form 10-K16 Fiscal 2023 Form 10-K16 Fiscal 2023 Form 10-K 16 Table of Contents Table of Contents adequate for liabilities or costs actually incurred, and we cannot be certain that insurance will continue to be available to us on economically reasonable terms, or at all, or that any insurer will not deny coverage of a future claim. Data governance failures can also adversely affect our reputation and business. Our business depends on our customers', associates', job applicants' and business partners' willingness to entrust us with their personal information. Events that adversely affect that trust, including inadequate disclosure to our customers, associates, job applicants, or business partners of our uses of their information or failing to keep our information technology systems and our customers', associates', job applicants' and business partners' personal information secure from significant attack, theft, damage, loss or unauthorized disclosure or access, whether as a result of our action or inaction (including human error or malfeasance) or that of our service providers or other third parties, could adversely affect our brand and harm our reputation. The regulatory environment related to data privacy and cybersecurity is constantly changing, with new and increasingly rigorous requirements applicable to our business. The implementation of these requirements has also become more complex. Maintaining our adherence to evolving data privacy and cybersecurity regulatory requirements, including state privacy laws, requires significant effort and cost, requires changes to our business practices, and may limit our ability to collect and use certain data to support the customer experience. In addition, many regulators have indicated an intention to take more aggressive enforcement actions regarding data privacy and cybersecurity matters, and private litigation resulting from such matters is increasing and resulting in progressively larger judgments and settlements. Failure to comply with applicable requirements could subject us to fines, sanctions, governmental investigations, or lawsuits, which could lead to negative publicity and reputational harm, and may cause customers to lose confidence in the effectiveness of our cybersecurity measures, data privacy practices, or our business more generally. **Current (2025):** Our business, like that of most retailers, involves the collection, use, retention, management, transmission, and deletion of personal information (including identifiers, localization, internet activity, preferences, and payment information) from our customers, associates, job applicants, and business partners, as well as confidential Company information. We also work with third-party service providers that provide technology, systems and services that we use in connection with the handling of information. Our information systems, and those of our third-party service providers, are vulnerable to continually evolving data protection and cybersecurity risks. Unauthorized parties, including criminal threat actors, nation-states, or insiders (including associates or contractors engaged in fraudulent or malicious activities), have in the past gained access, and will continue to attempt to gain access, to these systems and data through technical vulnerabilities, breach of security policies, fraud or other means of deceiving or coercing our associates, contractors or third-party service providers, which could jeopardize the confidentiality, integrity, or availability of such information systems or data that we may handle. Hardware, software or applications we develop or obtain from third parties may contain, and on occasion have contained, exploitable vulnerabilities, bugs, or defects in design, maintenance or manufacture or other problems that could unexpectedly compromise information security. We have experienced and continue to face the ongoing risk of exploitation of our software providers and our software development and implementation process, including from coding and process vulnerabilities and the installation of so-called back doors that provide unauthorized access to systems and data, and through unauthorized access to or theft of our intellectual property. The continued availability of remote or hybrid working arrangements has also expanded the possible attack surface areas and increased risks posed by insider threats, as our interactions with associates, contractors and third-party service providers increasingly occur on information systems, networks and environments over which we have less control and which may be more difficult to monitor. In addition, the risk of cyber-attacks has increased in connection with geopolitical conflicts and ongoing trade and diplomatic tensions. In light of the conflicts in Europe and the Middle East and other geopolitical events, nation-state actors or their supporters and other politically-motivated actors may launch retaliatory cyber-attacks, and may attempt to cause supply chain and other third-party service provider disruptions, or take other geopolitically-motivated retaliatory actions that may disrupt our business operations, result in data compromise, or both. Nation-state actors have in the past carried out, and may in the future carry out, cyber-attacks to achieve their Fiscal 2024 Form 10-K15 Fiscal 2024 Form 10-K15 Fiscal 2024 Form 10-K15 Fiscal 2024 Form 10-K 15 Table of Contents Table of Contents aims and goals, which may include espionage, monetary gain, disruption, and destruction. Similarly, there may be increased activities by organized or coordinating groups of cyber criminals who seek to attack larger organizations' data or systems for their own aims and goals, which can include financial gain. Because the techniques threat actors use to obtain unauthorized access, disable or degrade service, or sabotage systems, including use of stolen passwords, social engineering, phishing, smishing, vishing, identity spoofing (including through the use of emerging technologies such as deep fakes), ransomware or other disruptive and destructive malware, supply chain compromises, insider threats, and man-in-the-middle and denial of service attacks, change frequently and may not immediately produce signs of anomalous activity or compromise, we may be unable to anticipate or detect these techniques or implement adequate preventative measures. The ever-evolving cybersecurity threat landscape means that we and our third-party service providers and business partners must continually evaluate and adapt our respective systems and processes and overall security environment, as well as those of companies we or they acquire. There is no guarantee that the measures we take will be adequate to safeguard against all threats, including vulnerabilities, data security breaches, system compromises or misuses of data. As we have experienced in the past, any significant compromise or breach of our data security, whether external or internal, or misuse of customer, associate, job applicant, business partner, or Company data, could result in significant costs, including costs to investigate, mitigate, and remediate, as well as lost sales, fines, lawsuits, regulatory investigations, and damage to our reputation. Additionally, as we have experienced in the past, we or our third-party service providers may not discover any security breach, vulnerability or compromise of information for a significant period of time after the occurrence of a security incident. When our systems or those of our third-party service providers on which we rely are breached or attacked, we may also suffer, and on some occasions have suffered, an outage, failure, or unavailability of data or information technology systems, and interruptions to our business operations while such breach or attack is being remedied; this may impact data or systems operated by us or by third-party service providers. Furthermore, our cyber insurance coverage may not be adequate for liabilities or costs actually incurred, and we cannot be certain that insurance will continue to be available to us on economically reasonable terms, or at all, or that any insurer will not deny coverage of a future claim. Data governance failures can also adversely affect our reputation and business. Our business depends on our customers', associates', job applicants', contractors', and business partners' willingness to entrust us with their personal information. Events that adversely affect that trust, including inadequate disclosure to our customers, associates, job applicants, contractors, or business partners of our uses of their information or failing to keep our information technology systems and our customers', associates', job applicants', contractors', and business partners' personal information secure from significant attack, theft, damage, loss or unauthorized disclosure or access, whether as a result of our action or inaction (including human error or malfeasance) or that of our service providers or other third parties, could adversely affect our brand and harm our reputation. The regulatory environment related to data privacy and cybersecurity is constantly changing, with new and increasingly rigorous requirements applicable to our business. The implementation of these requirements has also become more complex. Maintaining our adherence to evolving data privacy and cybersecurity regulatory requirements, including state privacy laws, requires significant effort and cost, requires changes to our business practices, and may limit our ability to collect and use certain data for our business operations, including to support the customer experience. In addition, many regulators have indicated an intention to take more aggressive enforcement actions regarding data privacy and cybersecurity matters, and private litigation resulting from such matters is increasing and resulting in progressively larger judgments and settlements. As we have experienced in the past, failure to comply with applicable requirements could subject us to fines, sanctions, governmental investigations, or lawsuits, which could lead to negative publicity and reputational harm, and may cause customers to lose confidence in the effectiveness of our cybersecurity measures, data privacy practices, or our business more generally. --- ## Modified: If we are unable to effectively manage our installation services business, we could lose sales and be subject to fines, lawsuits, reputational damage or the loss of our general contractor licenses. **Key changes:** - Reworded sentence: "However, as we experienced in part with the EPA investigation and the resulting consent decree in April 2021, and the subsequent discussions with the EPA regarding compliance with the consent decree, if we fail to manage these processes effectively, collect the appropriate documentation, perform regular job site inspections, or provide proper oversight of these services, we could lose sales or face fines or lawsuits, including governmental enforcement actions for violations of regulatory requirements, as well as claims for property damage or personal injury." **Prior (2024):** We act as a general contractor to provide installation services to our DIFM customers through professional third-party licensed and insured installers. As such, we are subject to regulatory requirements and risks applicable to general contractors, which include management of background checks, licensing, permitting, and handling of environmental risks, as well as quality of work performed by our third-party installers. We have established processes and procedures to manage these requirements and manage customer satisfaction with the services provided by our third-party installers. However, as we experienced in part with our recent EPA investigation, the resulting consent decree in April 2021, and the subsequent discussions with the EPA regarding compliance with the consent decree, if we fail to manage these processes effectively, collect the appropriate documentation, perform regular job site inspections, or provide proper oversight of these services, we could suffer lost sales, fines, lawsuits, or governmental enforcement actions for violations of regulatory requirements, as well as claims for property damage or personal injury. In addition, we may suffer damage to our reputation or the loss of our general contractor licenses, which could adversely affect our business. **Current (2025):** We act as a general contractor to provide installation services to our DIFM customers through professional third-party licensed and insured installers. As such, we are subject to regulatory requirements and risks applicable to general contractors, which include management of background checks, licensing, permitting, and handling of environmental risks, as well as quality of work performed by our third-party installers. We have established processes and procedures to manage these requirements and manage customer satisfaction with the services provided by our third-party installers. However, as we experienced in part with the EPA investigation and the resulting consent decree in April 2021, and the subsequent discussions with the EPA regarding compliance with the consent decree, if we fail to manage these processes effectively, collect the appropriate documentation, perform regular job site inspections, or provide proper oversight of these services, we could lose sales or face fines or lawsuits, including governmental enforcement actions for violations of regulatory requirements, as well as claims for property damage or personal injury. In addition, we may suffer damage to our reputation or the loss of our general contractor licenses, which could adversely affect our business. --- ## Modified: Our business is subject to seasonal influences, and uncharacteristic or significant weather conditions, climate change, natural disasters, as well as other catastrophic or uncharacteristic events, could impact our operations and financial results. **Key changes:** - Reworded sentence: "Natural disasters, such as hurricanes, tropical storms, fires, floods, droughts or water scarcity, tornadoes, and earthquakes; unseasonable, unexpected or extreme weather conditions; acts of terrorism or violence, including active shooter situations; public health concerns, such as pandemics and quarantines and related impacts; civil unrest; geopolitical or military conflicts or acts of war, as well as any related sanctions or other government or private responses; or similar disruptions and catastrophic events could have and on occasion have had an adverse effect on our operations and financial performance in a number of ways." - Reworded sentence: "They can also adversely affect our work force and prevent associates and customers from reaching our stores, branches and other facilities." **Prior (2024):** Natural disasters, such as hurricanes, tropical storms, fires, floods, droughts or water scarcity, tornadoes, and earthquakes; unseasonable, unexpected or extreme weather conditions, whether as a result of climate change or otherwise; acts of terrorism or violence, including active shooter situations; public health concerns, such as pandemics and quarantines and related impacts; civil unrest; geopolitical or military conflicts or acts of war, as well Fiscal 2023 Form 10-K17 Fiscal 2023 Form 10-K17 Fiscal 2023 Form 10-K17 Fiscal 2023 Form 10-K 17 Table of Contents Table of Contents as any related sanctions or other government or private responses; or similar disruptions and catastrophic events could have and have on occasion had an adverse effect on our operations or financial performance in a number of ways. These types of events can affect consumer spending and confidence and consumers' disposable income, particularly with respect to home improvement or construction projects. They can also adversely affect our work force and prevent associates and customers from reaching our stores and other facilities. They can, temporarily or on a long-term basis, disrupt or disable operations of stores, support centers, and portions of our supply chain and distribution network, including causing reductions in the availability of inventory and disruption of utility services. In addition, these events may affect our information systems and digital platforms, resulting in disruption to various aspects of our operations, including our ability to transact with customers and fulfill orders; to communicate with our stores, facilities, store support centers or senior management; or to access financial or banking systems. Unseasonable, unexpected or extreme weather conditions such as excessive precipitation, warm temperatures during the winter season, or prolonged or extreme periods of warm or cold temperatures, could render a portion of our inventory incompatible with customer needs. Furthermore, the long-term impacts of climate change, whether involving physical risks (such as extreme weather conditions) or transition risks (such as regulatory or technology changes) are expected to be widespread and unpredictable. These changes over time could affect, for example, the availability and cost of or demand for certain consumer products, commodities, and energy (including utilities), which in turn may impact our ability to procure certain goods or services for the operation of our business at the quantities and levels we consider optimal. As a consequence of these or other catastrophic or uncharacteristic events, we may experience interruption to our operations, increased costs, changes in customer behavior or demand, or losses of property, equipment or inventory, which would adversely affect our revenue and profitability. **Current (2025):** Natural disasters, such as hurricanes, tropical storms, fires, floods, droughts or water scarcity, tornadoes, and earthquakes; unseasonable, unexpected or extreme weather conditions; acts of terrorism or violence, including active shooter situations; public health concerns, such as pandemics and quarantines and related impacts; civil unrest; geopolitical or military conflicts or acts of war, as well as any related sanctions or other government or private responses; or similar disruptions and catastrophic events could have and on occasion have had an adverse effect on our operations and financial performance in a number of ways. These types of events can affect consumer spending and confidence and consumers' disposable income, particularly with respect to home improvement or construction projects. They can also adversely affect our work force and prevent associates and customers from reaching our stores, branches and other facilities. They can, temporarily or on a long-term basis, disrupt or disable operations of stores, branches, other facilities and support centers, and portions of our supply chain and distribution network, including causing reductions in the availability of inventory and disruption of utility services. In addition, these events may affect our information systems and digital platforms, resulting in disruption to various aspects of our operations, including our ability to transact with customers and fulfill orders; to communicate with our stores, branches, other facilities or support centers or senior management; or to access financial or banking systems. Unseasonable, unexpected or extreme weather conditions such as excessive precipitation, warm temperatures during the winter season, or prolonged or extreme periods of warm or cold temperatures could render a portion of our inventory incompatible with customer needs and adversely impact our financial results. Furthermore, the potential long-term impacts of climate change, whether involving physical risks (such as extreme weather conditions) or transition risks (such as regulatory or technology changes), could be widespread and unpredictable. These changes over time could affect, for example, the availability and cost of or demand for certain products, commodities, and energy (including utilities), which in turn may impact our ability to procure certain goods or services for the operation of our business at the quantities and levels we consider optimal. As a consequence of these or other catastrophic or uncharacteristic events, we may experience interruption to our operations, increased costs, changes in customer behavior or demand, or losses of property, equipment or inventory, which would adversely affect our sales and profitability. --- ## Modified: If we cannot successfully manage the challenges presented by operating in international markets, we may not be successful in our international operations and our sales and profitability may be negatively impacted. **Key changes:** - Reworded sentence: "operations, as well as other costs and difficulties specific to managing international operations." - Reworded sentence: "and China have led to a series of significant tariffs on the importation of certain product categories and tariffs have been recently proposed, and in some cases enacted, on imports from Mexico, Canada, China, and other countries." - Added sentence: "Fiscal 2024 Form 10-K20 Fiscal 2024 Form 10-K20 Fiscal 2024 Form 10-K20 Fiscal 2024 Form 10-K 20 Table of Contents Table of Contents" **Prior (2024):** Our ability to successfully conduct retail operations in, and source products and materials from, international markets is affected by many of the same risks we face in our U.S. operations, as well as unique costs and difficulties of managing international operations. Our international operations, including any expansion in international markets, may be adversely affected by local laws and customs, U.S. laws applicable to foreign operations and other foreign legal and regulatory constraints, as well as political, social and economic conditions. Risks inherent in international operations also include, among others, potential adverse tax consequences; international trade disputes, trade policy changes or potential tariffs and other import-related taxes and controls; inability to sell certain products due to customs actions, including regulatory enforcement inquiries, holds, detentions, and exclusions; greater difficulty in enforcing intellectual property rights; limitations on access to ports; risks associated with the Foreign Corrupt Practices Act and local anti-bribery law compliance; geopolitical or military conflicts or acts of war, as well as any related sanctions or other government or private responses; compliance with Fiscal 2023 Form 10-K20 Fiscal 2023 Form 10-K20 Fiscal 2023 Form 10-K20 Fiscal 2023 Form 10-K 20 Table of Contents Table of Contents forced labor laws; compliance with environmental and responsible sourcing laws and regulations; and challenges in our ability to identify and gain access to local suppliers. For example, trade tensions between the U.S. and China have led to a series of significant tariffs on the importation of certain product categories. As a portion of our retail products are sourced, directly or indirectly, outside of the U.S., major changes in tax or trade policies, tariffs or trade relations could adversely impact the cost of, demand for, and profitability of retail product sales in our U.S. locations. Other countries may also change their business and trade policies in anticipation of or in response to increased import tariffs and other changes in U.S. trade policy and regulations. In addition, our operations in international markets create risk due to foreign currency exchange rates and fluctuations in those rates, which may adversely impact our sales and profitability. **Current (2025):** Our ability to successfully conduct retail operations in, and source products and materials from, international markets is affected by many of the same risks we face in our U.S. operations, as well as other costs and difficulties specific to managing international operations. Our international operations, including any expansion in international markets, may be, and on occasion have been, adversely affected by local laws and customs, U.S. laws or administrative actions applicable to foreign operations and other foreign legal and regulatory constraints, as well as political, social and economic conditions. Risks inherent in international operations also include, among others, potential adverse tax consequences; international trade disputes, trade policy changes or tariffs and other import-related taxes, fees and controls; inability to sell certain products due to customs actions, including regulatory enforcement inquiries, holds, detentions, and exclusions; greater difficulty in enforcing intellectual property rights; limitations on access to ports; risks associated with the Foreign Corrupt Practices Act and local anti-bribery law compliance; geopolitical or military conflicts or acts of war, as well as any related sanctions or other government or private responses; compliance with forced labor laws; compliance with environmental and responsible sourcing laws and regulations; and challenges in our ability to identify and gain access to local suppliers. For example, trade tensions between the U.S. and China have led to a series of significant tariffs on the importation of certain product categories and tariffs have been recently proposed, and in some cases enacted, on imports from Mexico, Canada, China, and other countries. For the retail products we source, directly or indirectly, outside of the U.S., including Mexico, Canada and China, major changes in tax or trade policies, tariffs or trade relations could significantly adversely impact the cost of, demand for, and profitability of retail product sales in our U.S. or other locations. Countries outside the U.S. may also change, and on occasion have changed, their business and trade policies in anticipation of or in response to increased import tariffs and other changes in U.S. trade policy and regulations, and consumers may seek to avoid goods not sourced domestically, all of which could significantly adversely impact the cost of, demand for, and profitability of retail products in our U.S., Mexico and Canada locations. In addition, our operations in international markets create risk due to foreign currency exchange rates and fluctuations in those rates, which may adversely impact our sales and profitability. Fiscal 2024 Form 10-K20 Fiscal 2024 Form 10-K20 Fiscal 2024 Form 10-K20 Fiscal 2024 Form 10-K 20 Table of Contents Table of Contents --- ## Modified: We are involved from time to time in a number of legal, regulatory and governmental enforcement proceedings. While we cannot predict the outcomes of those proceedings and other contingencies with certainty, certain of them could adversely affect our operations and reputation and/or increase our costs. **Key changes:** - Reworded sentence: "Litigation is inherently unpredictable, and the outcome of some of these proceedings and other contingencies could require us to take or refrain from taking actions, which could adversely affect our operations or could result in excessive adverse verdicts, fines, or results." **Prior (2024):** We are involved in a number of legal proceedings and regulatory matters, including government inquiries and investigations, and consumer, employment, tort and other litigation that arise from time to time in the ordinary course of business. Litigation is inherently unpredictable, and the outcome of some of these proceedings and other contingencies could require us to take or refrain from taking actions which could adversely affect our operations or could result in excessive adverse verdicts, fines, or results. Additionally, as we have seen in the past, involvement in these lawsuits, investigations and inquiries, and other proceedings, as well as compliance with any settlements or consent decrees that result from those proceedings, can involve significant expense, divert management's attention and resources from other matters, and impact the reputation of the Company. Fiscal 2023 Form 10-K21 Fiscal 2023 Form 10-K21 Fiscal 2023 Form 10-K21 Fiscal 2023 Form 10-K 21 Table of Contents Table of Contents **Current (2025):** We are involved in a number of legal proceedings and regulatory matters, including government inquiries and investigations, and consumer, employment, tort and other litigation that arise from time to time in the ordinary course of business. Litigation is inherently unpredictable, and the outcome of some of these proceedings and other contingencies could require us to take or refrain from taking actions, which could adversely affect our operations or could result in excessive adverse verdicts, fines, or results. Additionally, as we have seen in the past, involvement in such lawsuits, investigations and inquiries, and other proceedings, as well as compliance with any settlements or consent decrees that result from those proceedings, could involve significant expense, divert management's attention and resources from other matters, and impact the reputation of the Company. --- ## Modified: Uncertainty regarding the housing and home improvement markets, economic conditions, political and social climate, public health issues, and other factors beyond our control could adversely affect demand for our products and services, our costs of doing business, and our financial performance. **Key changes:** - Reworded sentence: "Other factors beyond our control - including unemployment and foreclosure rates; inventory loss due to theft (including as a result of organized retail crime); inflation or deflation; interest rate fluctuations, including central banks' actions to control inflation; fuel and other energy costs; raw material or other shortages; labor and healthcare costs; the availability of financing; the state of the credit markets, including mortgages, home equity loans and consumer credit; changes in policy and regulations, including with respect to tax rates; prolonged government shutdowns; weather and natural disasters (including the potential impacts of climate change); acts of terrorism or violence, including active shooter situations; public health issues, including pandemics and related impacts; geopolitical or military conflicts or acts of war, as well as any related sanctions or other government or private responses; and civil unrest, could further adversely affect, and in certain cases has adversely affected, demand for our products and services, our costs of doing business, and our financial performance." **Prior (2024):** Our financial performance depends significantly on the stability of the housing and home improvement markets, as well as general economic conditions, including changes in gross domestic product. Adverse conditions in or uncertainty about these markets, the economy, or the political or social climate could adversely impact, and we believe in some cases has adversely impacted, our customers' confidence or financial condition, causing them to decide against purchasing home improvement products and services, causing them to delay purchasing decisions, or impacting their ability to pay for products and services. Other factors beyond our control - including unemployment and foreclosure rates; inventory loss due to theft (including as a result of organized retail crime); interest rate fluctuations, including central banks' actions to control inflation; inflation or deflation; fuel and other energy costs; raw material or other shortages; labor and healthcare costs; the availability of financing; the state of the credit markets, including mortgages, home equity loans and consumer credit; changes in tax rates and policy; Fiscal 2023 Form 10-K19 Fiscal 2023 Form 10-K19 Fiscal 2023 Form 10-K19 Fiscal 2023 Form 10-K 19 Table of Contents Table of Contents weather and natural disasters (including the potential impacts of climate change); acts of terrorism or violence, including active shooter situations; public health issues, including pandemics and related impacts; geopolitical or military conflicts or acts of war, as well as any related sanctions or other government or private responses; and civil unrest, could further adversely affect demand for our products and services, our costs of doing business, and our financial performance. A number of merchandise categories have been impacted by inflation due to, among other things, global supply chain disruptions and the uncertain economic and geopolitical environment. If we experience inflation or deflation at a level beyond our ability to respond effectively, we may not be able to adjust prices to sufficiently offset the effects without negatively impacting consumer demand or margins. In an effort to address inflation, central banks have raised interest rates, which has impacted and may continue to adversely impact demand, including influencing in part the shifts in consumer purchasing from big-ticket, more discretionary purchases to smaller, less discretionary purchases that we experienced in fiscal 2023. Further, our MRO customers, who have higher spend and longer-term relationships than a typical retail customer, primarily use trade credit to finance their purchases, and some of our other Pros use trade credit in order to purchase our products. As a result, their ability to pay is highly dependent on the economic strength of the industry in their areas. If these customers are unable to repay the trade credit from us, we may face greater default risk, which could reduce our cash flow and adversely affect our results of operations. **Current (2025):** Our financial performance depends significantly on the stability of the housing and home improvement markets, as well as general economic conditions, including changes in gross domestic product. Adverse conditions in or uncertainty about these markets, the economy, or the political or social climate could adversely impact, and we believe in some cases has adversely impacted, our customers' confidence or financial condition, causing them to decide against purchasing home improvement products and services, causing them to delay purchasing decisions, or impacting their ability to pay for products and services. Other factors beyond our control - including unemployment and foreclosure rates; inventory loss due to theft (including as a result of organized retail crime); inflation or deflation; interest rate fluctuations, including central banks' actions to control inflation; fuel and other energy costs; raw material or other shortages; labor and healthcare costs; the availability of financing; the state of the credit markets, including mortgages, home equity loans and consumer credit; changes in policy and regulations, including with respect to tax rates; prolonged government shutdowns; weather and natural disasters (including the potential impacts of climate change); acts of terrorism or violence, including active shooter situations; public health issues, including pandemics and related impacts; geopolitical or military conflicts or acts of war, as well as any related sanctions or other government or private responses; and civil unrest, could further adversely affect, and in certain cases has adversely affected, demand for our products and services, our costs of doing business, and our financial performance. For instance, a number of merchandise categories were impacted by inflation in recent years due to, among other things, global supply chain disruptions and the uncertain economic and geopolitical environment. In an effort to address inflation, central banks raised interest rates. Notwithstanding recent rate cuts, the high interest rate environment that persisted throughout fiscal 2024 has adversely impacted and may continue to adversely impact demand for larger remodeling projects. Additionally, the inflationary outlook in the U.S. is currently uncertain, and persistent or increasing inflation could lead to a reversal of recent reductions in interest rates. Further, our specialty trade and MRO customers, who have higher spend and longer-term relationships than a typical retail customer, primarily use trade credit to finance their purchases, and some of our other Pros use trade credit in order to purchase our products. As a result, their ability to pay is highly dependent on the economic strength of the industry in their areas. If these customers are unable to repay the trade credit from us, we may face greater default risk, which could reduce our cash flow and adversely affect our results of operations. --- ## Modified: Failure to maintain a safe and secure shopping and working environment may adversely impact sales, costs, the customer and associate experience, and our brand and reputation. **Key changes:** - Reworded sentence: "Our customers and associates expect a safe environment in which to shop and work, and maintaining that environment helps protect against loss or theft of our inventory (also called "shrink")." **Prior (2024):** Our customers and associates expect a safe store environment in which to shop and work, and maintaining that environment helps protect against loss or theft of our inventory (also called "shrink"). Like other retailers, we have seen an increase in shrink in recent years, particularly as a result of organized retail crime. While we have a number of initiatives underway to address shrink, minimize theft, and maintain safety in and around our stores, these efforts require operational changes that may increase costs and reduce margins, and they may negatively impact the customer experience. Furthermore, an unsafe environment or negative incidents in or around our stores may erode trust and confidence with customers, associates, or potential associates, which can adversely impact sales, associate morale and retention, and our brand and reputation. **Current (2025):** Our customers and associates expect a safe environment in which to shop and work, and maintaining that environment helps protect against loss or theft of our inventory (also called "shrink"). Like other retailers, we have seen heightened shrink in recent years, particularly as a result of organized retail crime. While we have a number of initiatives underway to address shrink, minimize theft, and maintain safety in and around our stores and other facilities, these efforts require operational changes that may increase costs and reduce margins, and they may negatively impact the customer or associate experience. Furthermore, an unsafe environment or negative incidents in or around our stores and other facilities may erode trust and confidence with customers, associates, or jobseekers, which can adversely impact sales, associate morale and retention, and our brand and reputation. --- ## Modified: A positive brand and reputation are critical to our business success, and, if our brand and reputation are damaged, it could negatively impact our relationships with our customers, associates and jobseekers, suppliers, vendors, shareholders, regulators, and the communities we serve, and, consequently, our business, results of operations and the price of our stock. **Key changes:** - Reworded sentence: "Our brand and reputation are critical to attracting customers, associates and jobseekers, suppliers and vendors to do business with us." - Reworded sentence: "Negative incidents can erode trust and confidence quickly, and adverse publicity about us, regardless of its accuracy or the reputability of its source, could damage our brand and reputation; undermine our customers' confidence in us; reduce demand for our products and services, including as a result of boycotts; affect our ability to recruit, engage, motivate and retain associates; attract regulatory scrutiny, investigations or litigation; and impact our relationships with current and potential suppliers and vendors." **Prior (2024):** Our brand and reputation are critical to attracting customers, current and potential associates, suppliers and vendors to do business with us. We must continue to manage and protect our brand and reputation. Negative incidents can erode trust and confidence quickly, and adverse publicity about us could damage our brand and reputation; undermine our customers' confidence in us; reduce demand for our products and services; affect our ability to recruit, engage, motivate and retain associates; attract regulatory scrutiny; and impact our relationships with current and potential suppliers and vendors. Our suppliers' and vendors' business practices and positions may also be attributed to us, regardless of our Company's actions, meaning the actions of third parties pose similar risks to our brand and reputation. Further, our actual or perceived position or lack of position on social, environmental, governance, political, public policy, economic, geopolitical, or other sensitive issues, and any perceived lack of transparency about those matters, could harm our reputation with certain groups. In addition, we could be criticized for the scope or nature of ESG-related initiatives or goals, or for any revisions to or failure to achieve these goals on a timely basis or at all. If our ESG-related data, processes and reporting are incomplete or inaccurate, we could face regulatory scrutiny, litigation and/or adverse reputational impacts. Customers are also increasingly using social media to provide feedback and information about our Company, including our products and services, in a manner that can be quickly and broadly disseminated. Negative sentiment about the Company shared over social media, or misinformation from fraudulent accounts impersonating the Company, could impact our brand and reputation, whether or not it is based in fact. **Current (2025):** Our brand and reputation are critical to attracting customers, associates and jobseekers, suppliers and vendors to do business with us. We must continue to manage and protect our brand and reputation. Negative incidents can erode trust and confidence quickly, and adverse publicity about us, regardless of its accuracy or the reputability of its source, could damage our brand and reputation; undermine our customers' confidence in us; reduce demand for our products and services, including as a result of boycotts; affect our ability to recruit, engage, motivate and retain associates; attract regulatory scrutiny, investigations or litigation; and impact our relationships with current and potential suppliers and vendors. Our suppliers' and vendors' business practices and positions may also be attributed to us, regardless of the Company's actions, meaning the actions of third parties pose similar risks to our brand and reputation. Partnerships with celebrities and social media content creators may also expose us to brand and reputational risks. Further, our actual or perceived position or lack of position on social, environmental, governance, political, public policy, economic, geopolitical, or other sensitive issues, and any perceived lack of transparency about those matters, could harm our reputation with certain groups and attract regulatory scrutiny, investigations, litigation, or boycotts. In addition, we could be criticized for the scope or nature of initiatives or goals related to these matters, or for any revisions to or failure to achieve these goals on a timely basis or at all. If data, processes, and reporting related to these matters are incomplete or inaccurate, we could face regulatory scrutiny, litigation and/or adverse reputational impacts. Customers are also increasingly using social media to provide feedback and information about the Company, including our products and services, in a manner that can be quickly and broadly disseminated. Negative sentiment about the Company shared over social media, or misinformation from fraudulent accounts impersonating the Company, could impact our brand and reputation, whether or not it is based in fact. --- ## Modified: Our costs of doing business could increase as a result of changes in, expanded enforcement of, or adoption of new federal, state, local or international laws, regulations and executive orders. **Key changes:** - Reworded sentence: "In recent years, a number of new laws and regulations have been adopted, new executive orders have been announced, there has been expanded enforcement and differing interpretations of certain existing laws and regulations by federal, state, local and international agencies, and the interpretation of certain laws and regulations has become increasingly complex." - Reworded sentence: "Initiatives and goals related to these matters could be difficult and expensive to implement, the technologies needed to implement them may not be cost effective and may not advance at a sufficient pace, and we could be criticized or face reputational or regulatory risks regarding the accuracy, adequacy or completeness of the disclosure." **Prior (2024):** We are subject to various U.S. federal, state and local laws and regulations, as well as international laws and regulations, that govern numerous aspects of our business. In recent years, a number of new laws and regulations have been adopted, there has been expanded enforcement of certain existing laws and regulations by federal, state and local agencies, and the interpretation of certain laws and regulations has become increasingly complex. These laws and regulations, and related interpretations and enforcement activity, may change as a result of a variety of factors, including political, economic or social events. Changes in, expanded enforcement of, or adoption of new federal, state, local or international laws and regulations governing minimum wage or living wage requirements; the classification of exempt and non-exempt employees; the distinction between employees and contractors; other wage, labor or workplace regulations; healthcare; data privacy and cybersecurity; the sale, marketing, sourcing, and pricing of some of our products; transportation, logistics and interstate delivery operations, including Department of Transportation regulations on vehicles and drivers; international trade; supply chain transparency; the sourcing of raw materials, including timber and minerals, used in our products; taxes, including changes to corporate tax rates; restrictions on carbon dioxide and other greenhouse gas emissions; competition and antitrust requirements and enforcement; ESG programs, transparency and reporting, including U.S. federal or state or international regulations; unclaimed property; energy costs and consumption; or hazardous waste disposal and other environmental matters, including with respect to our installation services business, could increase our costs of doing business or impact our sales, operations or profitability. In addition, regulators, customers, investors, associates, and other stakeholders are increasingly focusing on cybersecurity, data privacy, and ESG matters and related disclosures. These changing rules, regulations and stakeholder expectations have resulted in, and are likely to continue to result in, increased general and administrative expenses, heightened risks of litigation and enforcement actions, and increased management time and attention spent complying with or meeting such regulations and expectations. Initiatives and goals within the scope of ESG could be difficult and expensive to implement, the technologies needed to implement them may not be cost effective and may not advance at a sufficient pace, and we could be criticized or face reputational or regulatory risks regarding the accuracy, adequacy or completeness of the disclosure. **Current (2025):** We are subject to various U.S. federal, state and local laws and regulations, as well as international laws and regulations, that govern numerous aspects of our business. In recent years, a number of new laws and regulations have been adopted, new executive orders have been announced, there has been expanded enforcement and differing interpretations of certain existing laws and regulations by federal, state, local and international agencies, and the interpretation of certain laws and regulations has become increasingly complex. These laws and regulations, and related executive orders, interpretations and enforcement activity, may change as a result of a variety of factors, including political, economic or social events. Changes in, expanded regulatory investigations or Fiscal 2024 Form 10-K19 Fiscal 2024 Form 10-K19 Fiscal 2024 Form 10-K19 Fiscal 2024 Form 10-K 19 Table of Contents Table of Contents enforcement of, litigation regarding, or adoption of new federal, state, local or international laws, regulations and/or executive orders governing minimum wage or living wage requirements; the classification of exempt and non-exempt employees; the distinction between employees and contractors; diversity, equity, and inclusion programs; immigration; and other human capital management matters; healthcare; data privacy, governance, and cybersecurity; the sale, marketing, sourcing, and pricing of our products; transportation, logistics and interstate delivery operations, including Department of Transportation regulations on vehicles and drivers; international trade; supply chain transparency; the sourcing of raw materials, including timber and minerals, used in our products; taxes, including changes to corporate tax rates; restrictions on carbon dioxide and other greenhouse gas emissions; competition and antitrust requirements and enforcement; sustainability programs, transparency and reporting; unclaimed property; energy costs and consumption; or hazardous waste disposal and other environmental matters, including with respect to our installation services business, could increase our costs of doing business or impact our sales, operations or profitability. While recent changes in the U.S. administration and Congress have and are expected to continue to lead to adoption and implementation of new laws, executive orders, regulations, policies, or reforms, the extent to which they will impact our business cannot be determined. In addition, regulators, customers, shareholders, associates, and other stakeholders are increasingly focusing on cybersecurity, data privacy, human capital management and sustainability matters and related disclosures. These changing rules, regulations and stakeholder expectations have resulted in, and are likely to continue to result in, increased general and administrative expenses, heightened risks of litigation and enforcement actions, and increased management time and attention spent complying with or meeting such regulations and expectations. Initiatives and goals related to these matters could be difficult and expensive to implement, the technologies needed to implement them may not be cost effective and may not advance at a sufficient pace, and we could be criticized or face reputational or regulatory risks regarding the accuracy, adequacy or completeness of the disclosure. Regulators, customers, and other stakeholders are also increasingly focusing on federal, state, and local consumer-protection laws and regulations, including those that could relate to how Home Depot prices, discounts, or advertises the products that it sells. This increased attention has resulted in and may continue to result in increased general and administrative expenses, heightened risks of litigation and enforcement actions, and increased management time and attention spent on managing the Company's response to those matters and its compliance with consumer-protection laws and regulations. --- *Data sourced from SEC EDGAR. Last updated 2026-05-10.*