Johnson Controls International plc: 10-K Risk Factor Changes

Our results of operations, financial condition and cash flows are dependent upon our ability to execute on our operating model and drive organizational improvement. We seek to develop and maintain a high-performance, customer centric culture and commercial organization characterized by differentiated products and services, the attraction and retention of top talent and delivering sustained results. Our ability to successfully implement our operating model includes our ability to organize our operations around our commercial and manufacturing strategy through organizational improvements and implementing incentive programs that promote and reward the effective execution of our strategy. The implementation of our operating model also depends on our ability to quickly respond to market and innovation driven changes and redeploy our resources as needed within our organization. If we are unable to successfully implement and execute our operating model, our business, financial condition, results of operations and cash flows could be adversely affected. We seek to drive organizational improvement through a variety of actions, including restructuring and integration activities, digital transformation, strategic initiatives, business portfolio reviews, productivity initiatives, functionalization, incentive programs, training, executive management changes, and business and operating model assessments. The Company has committed to a multi-year restructuring plan to address stranded costs and further right-size its global operations as a result of previously announced portfolio optimization transactions. In addition, during fiscal year 2025, the Company realigned its organizational structure into three regional reporting segments as part of ongoing initiatives to drive simplification, accelerate growth, and better reflect its organizational and operational structure. Risks associated with these actions include delays in execution, additional unexpected costs, loss of customer relationships, realization of fewer than estimated productivity improvements, increased change fatigue, organizational strain and adverse effects on employee morale. We may not realize the full operational or financial benefits we expect, the recognition of these benefits may be delayed, and these actions may potentially disrupt our operations. In addition, our failure to effectively implement our operating model and manage organizational changes may lead to increased attrition of customers and employees and harm our ability to attract and retain key talent.

Our results of operations, financial condition and cash flows are dependent upon our ability to execute on our operating model and drive organizational improvement. We seek to develop and maintain a high-performance, customer centric culture and commercial organization characterized by continuous efficient and timely customer service, customer support, and customer intimacy enabling long-term customer loyalty. Our ability to successfully implement our operating model includes our ability to organize our operations around our commercial strategy through organizational improvements and implementing incentive programs that promote and reward the effective execution of our strategy. If we are unable to successfully implement and execute our operating model, our business, financial condition, results of operations and cash flows could be adversely affected. We seek to drive organizational improvement through a variety of actions, including restructuring and integration activities, digital transformation, strategic initiatives, business portfolio reviews, productivity initiatives, functionalization, incentive programs, training, executive management changes, and business and operating model assessments. During the fourth quarter of fiscal year 2024, the Company committed to a multi-year restructuring plan to address stranded costs and further right-size its global operations as a result of previously announced portfolio optimization transactions. The Company’s ability to execute the most significant aspects of the restructuring plan will be dependent on the timing of the close of the R&LC HVAC business divestiture transaction. Risks associated with these actions include delays in execution, including a delay in the completion of the R&LC HVAC business divestiture, additional unexpected costs, loss of customer relationships, realization of fewer than 12 12 12 estimated productivity improvements, increased change fatigue, organizational strain and adverse effects on employee morale. We may not realize the full operational or financial benefits we expect, the recognition of these benefits may be delayed, and these actions may potentially disrupt our operations. In addition, our failure to effectively implement our operating model and manage organizational changes may lead to increased attrition of customers and employees and harm our ability to attract and retain key talent.

If our operations, particularly at our monitoring facilities and/or manufacturing facilities, were to be disrupted as a result of significant equipment failures, natural disasters, pandemics, climate change, cybersecurity incidents, power outages, fires, explosions, abrupt political change, armed conflict, terrorism, sabotage, adverse weather conditions, public health crises, labor disputes, labor shortages or other reasons, we may be unable to effectively respond to alarm signals, fill customer orders, convert our backlog, collect revenue and otherwise meet obligations to or demand from our customers, which could adversely affect our financial performance. These events may also cause us to experience increased costs and reduced productivity. Interruptions to production could increase our costs and reduce our sales. Any interruption in production capability could require us to make substantial capital expenditures or purchase alternative material at higher costs to fill customer orders, which could negatively affect our profitability and financial condition. Any recovery under our insurance policies may not offset the lost sales or increased costs that may be experienced during the disruption of operations, which could adversely affect our business, financial condition, results of operations and cash flows.

If our operations, particularly at our monitoring facilities and/or manufacturing facilities, were to be disrupted as a result of significant equipment failures, natural disasters, pandemics, climate change, cybersecurity incidents, power outages, fires, explosions, abrupt political change, armed conflict, terrorism, sabotage, adverse weather conditions, public health crises, labor disputes, labor shortages or other reasons, we may be unable to effectively respond to alarm signals, fill customer orders, convert our backlog, collect revenue and otherwise meet obligations to or demand from our customers, which could adversely affect our financial performance. These events may also cause us to experience increased costs and reduced productivity. For 17 17 17 example, our recent cybersecurity incident caused disruptions to our operations, adversely affecting our financial performance in early fiscal 2024. Further, the occurrence or reoccurrence of regional epidemics or a global pandemic, such as COVID-19, may adversely affect our operations, financial condition, and results of operations. Interruptions to production could increase our costs and reduce our sales. Any interruption in production capability could require us to make substantial capital expenditures or purchase alternative material at higher costs to fill customer orders, which could negatively affect our profitability and financial condition. We maintain property damage insurance that we believe to be adequate to provide for reconstruction of facilities and equipment, cybersecurity insurance to mitigate losses resulting from cybersecurity incidents, as well as business interruption insurance to mitigate losses resulting from significant production interruption or shutdown caused by an insured loss. However, any recovery under our insurance policies may not offset the lost sales or increased costs that may be experienced during the disruption of operations, which could adversely affect our business, financial condition, results of operations and cash flows.

We collect, store, have access to and otherwise process certain confidential or sensitive data, including proprietary business information, customer data, personal data or other information that is subject to privacy and security laws, regulations and/or customer-imposed controls. Despite our efforts to protect such data, our business, data and our products have been and will in the future be vulnerable to security incidents, theft, misplaced or lost data, programming errors, or errors that could potentially lead to the compromise or further compromise of such data, improper use of our products, systems, software solutions or networks, unauthorized access, use, disclosure, modification or destruction of information, defective products, production downtimes and operational disruptions. During September 2023, we experienced a cybersecurity event where certain data, primarily employee, job applicant and personal information and other related data, was impacted. The Company has taken appropriate actions to notify individuals and regulatory authorities. The actual or perceived risk of theft, loss, fraudulent use or misuse of customer, employee or other data as a result of the foregoing or any other cybersecurity incident, as well as non-compliance with applicable industry standards or our contractual 14 14 14 or other legal obligations or privacy and information security policies regarding such data, could result in litigation and/or regulatory activity and associated fines, damages, costs, awards, or settlements. Such an event could lead customers to select the products and services of our competitors. Such incidents could harm our reputation, cause unfavorable publicity or otherwise adversely affect certain existing and potential customers’ perception of the security and reliability of our services as well as our credibility and reputation, which could result in lost sales. In addition, we have and may in the future be required to make certain third-party notifications to individuals and regulators. We operate in an environment in which there are different and potentially conflicting data privacy laws in effect in the various U.S. states and foreign jurisdictions in which we operate and we must understand and comply with each law and standard in each of these jurisdictions while ensuring the data is secured. For example, proposed regulations restricting the use of biometric security technology could impact the products and solutions offered by our security business. Government enforcement actions can be costly and interrupt the regular operation of our business, and violations of data privacy laws can result in fines, reputational damage and civil lawsuits, any of which may adversely affect our business, reputation and financial results. Some of our contracts do not contain limitations of liability, and even where they do, there can be no assurance that limitations of liability in our contracts are sufficient to protect us from liabilities, damages, or claims related to our data privacy and security obligations. While we maintain general liability insurance coverage and coverage for errors or omissions, such coverage might not be adequate or otherwise protect us from liabilities or damages with respect to such claims. The successful assertion of one or more large claims against us that exceeds our available insurance coverage, or results in adverse changes to our insurance policies could have an adverse effect on our business.

We collect, store, have access to and otherwise process certain confidential or sensitive data, including proprietary business information, customer data, personal data or other information that is subject to privacy and security laws, regulations and/or customer-imposed controls. Despite our efforts to protect such data, our business and our products may be vulnerable to security incidents, theft, misplaced or lost data, programming errors, or errors that could potentially lead to compromising such data, improper use of our products, systems, software solutions or networks, unauthorized access, use, disclosure, modification or destruction of information, defective products, production downtimes and operational disruptions. During September 2023, we experienced a cybersecurity event consisting of unauthorized access, data exfiltration and deployment of ransomware by a third party to a portion of our internal IT infrastructure. The actual or perceived risk of theft, loss, fraudulent use or misuse of customer, employee or other data as a result of the cybersecurity incident, as well as non-compliance with applicable industry standards or our contractual or other legal obligations or privacy and information security policies regarding such data, could result in costs, fines, litigation or regulatory actions. We could face similar consequences in the future if we, our suppliers, channel partners, customers or other third parties experience the actual or perceived risk of theft, loss, fraudulent use or misuse of data, including as a result of employee error or malfeasance, or as a result of the imaging, software, security and other products we incorporate into our products. Such an event could lead customers to select the products and services of our competitors. Both the cybersecurity incident and similar future incidents could harm our reputation, cause unfavorable publicity or otherwise adversely affect certain potential customers’ perception of the security and reliability of our services as well as our credibility and reputation, which could result in lost sales. We operate in an environment in which there are different and potentially conflicting data privacy laws in effect in the various U.S. states and foreign jurisdictions in which we operate and we must understand and comply with each law and standard in each of these jurisdictions while ensuring the data is secure. For example, proposed regulations restricting the use of biometric security technology could impact the products and solutions offered by our security business. Government enforcement actions can be costly and interrupt the regular operation of our business, and violations of data privacy laws can result in fines, reputational damage and civil lawsuits, any of which may adversely affect our business, reputation and financial statements. Some of our contracts do not contain limitations of liability, and even where they do, there can be no assurance that limitations of liability in our contracts are sufficient to protect us from liabilities, damages, or claims related to our data privacy and security obligations. While we maintain general liability insurance coverage and coverage for errors or omissions, such coverage might not be adequate or otherwise protect us from liabilities or damages with respect to claims alleging compromises of customer data, that such coverage will continue to be available to us on acceptable terms or at all, or that such coverage will pay future claims. The successful assertion of one or more large claims against us that exceeds our available insurance coverage, or results in changes to our insurance policies (including premium increases or the imposition of large deductible or co-insurance requirements), could have an adverse effect on our business.

Product and service quality issues could harm customer confidence in our Company and our brands. If certain of our product and service offerings do not meet applicable safety standards or our customers’ expectations regarding quality, safety or performance, we could experience lost sales and increased costs and we could be exposed to legal, financial and reputational risks. In addition, a recall or claim could require us to review some or all of our product portfolio to assess whether similar issues are present in other products, which could result in a significant disruption to our business and our results of operations. We have experienced such quality issues in the past and may experience such issues in the future. We cannot be certain that our quality controls and procedures will reveal defects in our products or their raw materials, which may not become apparent until after the products have been placed in use in the market. Accordingly, there is a risk that products will have defects, which could result in loss of sales or delays in market acceptance and require a product recall or field corrective action. Such remedial actions can be expensive to implement and may damage our reputation, customer 12 12 12 relationships and market share. We have conducted product recalls and field corrective actions in the past and may do so again in the future. When our products fail to perform as expected, we are exposed to warranty, product liability, personal injury and other claims. In many jurisdictions, product liability claims are not limited to any specified amount of recovery and such claims or contribution requests or requirements could exceed our available insurance. There can be no assurance that we will not experience any material warranty or product liability claims in the future, that we will not incur significant costs to defend such claims or that we will have adequate reserves to cover any recall, repair and replacement costs. Our ability to compete and generate sales depends in part on our capacity to meet customer demand and ensure that products and services are delivered to the customer on time. If we are unable to manufacture and deliver products to customers on time, we could experience lost sales and increased costs and we could be exposed to legal, financial, and reputational risks. The inability to deliver our products to customers on time could also restrict our manufacturing capacity, which could lead to the loss of customers and restrict our ability to grow sales.

Product and service quality issues could harm customer confidence in our company and our brands. If certain of our product and service offerings do not meet applicable safety standards or our customers’ expectations regarding quality, safety or performance, we could experience lost sales and increased costs and we could be exposed to legal, financial and reputational risks. In addition, when our products fail to perform as expected, we are exposed to warranty, product liability, personal injury and other claims. We have experienced such quality issues in the past and may experience such issues in the future. We cannot be certain that our quality controls and procedures will reveal defects in our products or their raw materials, which may not become apparent until after the products have been placed in use in the market. Accordingly, there is a risk that products will have defects, which could result in loss of sales or delays in market acceptance and require a product recall or field corrective action. Such remedial actions can be expensive to implement and may damage our reputation, customer relationships and market share. We have conducted product recalls and field corrective actions in the past and may do so again in the future. In many jurisdictions, product liability claims are not limited to any specified amount of recovery. If any such claims or contribution requests or requirements exceed our available insurance or if there is a product recall, there could be an adverse impact on our results of operations. In addition, a recall or claim could require us to review some or all of our product portfolio to assess whether similar issues are present in other products, which could result in a significant disruption to our business and which could have a further adverse impact on our business, financial condition, results of operations and cash flows. There can be no assurance that we will not experience any material warranty or product liability claims in the future, that we will not incur significant costs to defend such claims or that we will have adequate reserves to cover any recall, repair and replacement costs. 13 13 13

Our ability to sustain and grow our business requires us to hire, retain and develop a high-performance, customer-centric management team and workforce. Continuous efficient and timely customer service, customer support and customer intimacy are essential to enabling customer loyalty and driving our financial results. Our growth strategies require that we pivot to new talent capability investments and build the workforce of the future, with an emphasis on developing skills in digital and consultative, outcome-based selling. Failure to ensure that we have leadership, technical and talent capacity with the necessary skillset and experience could impede our ability to deliver our growth objectives, execute our strategic plan and effectively transition our leadership. Any unplanned turnover or inability to attract and retain key employees could have a negative effect on our results of operations. The nature of our business requires us to maintain a labor force that is sufficiently large enough to support our manufacturing operations to meet customer demand, as well as provide on-site services and project support for our customers. This includes recruiting, hiring and retaining skilled trade workers to support our direct channel field businesses. We have in the past, and could in the future, experience shortages for skilled or unskilled labor. The impacts of such labor shortages could limit our ability to scale our operations to meet increased demand and convert backlog into revenue, which could negatively impact our growth and results of operations. 13 13 13

Our ability to sustain and grow our business requires us to hire, retain and develop a high-performance, customer-centric and diverse management team and workforce. Continuous efficient and timely customer service, customer support and customer intimacy are essential to enabling customer loyalty and driving our financial results. Our growth strategies require that we pivot to new talent capability investments and build the workforce of the future, with an emphasis on developing skills in digital and consultative, outcome-based selling. Failure to ensure that we have the leadership and talent capacity with the necessary skillset and experience could impede our ability to deliver our growth objectives, execute our strategic plan and effectively transition our leadership. Any unplanned turnover or inability to attract and retain key employees could have a negative effect on our results of operations. The nature of our business requires us to maintain a labor force that is sufficiently large enough to support our manufacturing operations to meet customer demand, as well as provide on-site services and project support for our customers. This includes recruiting, hiring and retaining skilled trade workers to support our direct channel field businesses. We have in the past, and could in the future, experience shortages for skilled or unskilled labor. The impacts of such labor shortages could limit our ability to scale our operations to meet increased demand and convert backlog into revenue, which could negatively impact our growth and results of operations. In July 2024, we announced that George Oliver, our Chief Executive Officer, had informed the Board of his plan to retire and requested that the Board initiate the Company’s Chief Executive Officer succession plan. If we are unable to identify and retain a qualified successor for Mr. Oliver and successfully implement our Chief Executive Officer succession plan, then we could experience disruption in the setting and execution of our operational and strategic objectives, which could have a material adverse effect on our results of operations, financial condition and cash flows. We also may have difficulty attracting and recruiting, or retaining, qualified senior leadership during the pendency of our search for a new Chief Executive Officer.

Geopolitical tensions and trade disputes can disrupt supply chains and increase the cost of our products. This could cause our products to be more expensive for customers, which could reduce the demand for, or attractiveness of, such products. In addition, a geopolitical conflict in a region where we operate could disrupt our ability to conduct business operations in that region. Countries also could adopt restrictive trade measures, such as tariffs, laws and regulations concerning investments and limitations on foreign ownership of businesses, taxation, foreign exchange controls, capital controls, employment regulations and the repatriation of earnings and controls on imports or exports of goods, technology, or data, any of which could adversely affect our operations and supply chain and limit our ability to offer our products and services as intended. Changes in laws or policies governing the terms of foreign trade, and in particular increased trade restrictions, tariffs or taxes on imports from countries where we manufacture products or from where we import products or raw materials (either directly or through our suppliers) could have an impact on our competitive position, business operations and financial results. For example, the U.S., China and other countries continue to implement restrictive trade actions, including tariffs, export controls, sanctions, legislation favoring domestic investment and other actions impacting the import and export of goods, foreign investment and foreign operations in jurisdictions in which we operate. The United States has announced tariffs and reciprocal tariffs on a wide range of products manufactured or produced worldwide, including Canada, China, the European Union, Japan and Mexico, among others. Several countries have similarly announced reciprocal or other tariffs impacting products manufactured or produced in the United States. The United States has and may in the future pause, reimpose or increase tariffs, and countries subject to such tariffs have and, in the future, may impose reciprocal tariffs or other restrictive trade measures in response to the imposition of tariffs by the United States. We maintain operations worldwide, including the jurisdictions impacted by announced and contemplated tariffs. If the actual and potential tariffs and reciprocal tariffs are implemented, we expect that such actions could negatively impact our revenue growth and margins in future periods through increased costs, decreased demand and other adverse economic impacts. We could also experience increased material cost inflation and component shortages, as well as disruptions and delays in our supply chain. The net effect of these actions will depend on our ability to successfully mitigate and offset their impact, which may not be effective. Trade restrictions could be adopted with little to no advanced notice, and we may not be able to effectively mitigate the adverse impacts from such measures. Political uncertainty surrounding trade or other international disputes also could have a negative impact on customer confidence and willingness to invest capital, which could impair our future growth. Any of these events could increase the cost of our products, create disruptions to our supply chain and impair our ability to effectively operate and compete in the countries where we do business.

Geopolitical tensions and trade disputes can disrupt supply chains and increase the cost of our products. This could cause our products to be more expensive for customers, which could reduce the demand for or attractiveness of such products. In addition, a geopolitical conflict in a region where we operate could disrupt our ability to conduct business operations in that region. Countries also could adopt restrictive trade measures, such as tariffs, laws and regulations concerning investments and limitations on foreign ownership of businesses, taxation, foreign exchange controls, capital controls, employment regulations and the repatriation of earnings and controls on imports or exports of goods, technology, or data, any of which could adversely affect our operations and supply chain and limit our ability to offer our products and services as intended. Changes in laws or policies governing the terms of foreign trade, and in particular increased trade restrictions, tariffs or taxes on imports from countries where we manufacture products or from where we import products or raw materials (either directly or through our suppliers) could have an impact on our competitive position, business operations and financial results. For example, the U.S., China and other countries continue to implement restrictive trade actions, including tariffs, export controls, sanctions, legislation favoring domestic investment and other actions impacting the import and export of goods, foreign investment and foreign operations in jurisdictions in which we operate. These kinds of restrictions could be adopted with little to no advanced notice, and we may not be able to effectively mitigate the adverse impacts from such measures. Political uncertainty 20 20 20 surrounding trade or other international disputes also could have a negative impact on customer confidence and willingness to spend money, which could impair our future growth. Any of these events could increase the cost of our products, create disruptions to our supply chain and impair our ability to effectively operate and compete in the countries where we do business.

In certain circumstances, as an Irish tax resident company, we will be required to deduct Irish dividend withholding tax (“DWT”) (currently at the rate of 25%) from dividends paid to our shareholders. Whether we will be required to deduct DWT from dividends paid to a shareholder will depend largely on whether the shareholder qualifies for an exemption from DWT under Irish law and the shareholder has provided a valid DWT form to his or her broker (in the case of shares held beneficially), or to our transfer agent (in the case of shares held directly). Shareholders resident in the U.S., who are beneficially entitled to any dividends paid on their shares and hold their shares through DTC will not be subject to DWT provided the addresses of such shareholders in the records of the brokers holding such shares are recorded as being in the U.S. (and such brokers have further transmitted the relevant information to a qualifying intermediary appointed by us). U.S. resident shareholders that hold their shares outside of DTC and shareholders resident in European Union countries (other than Ireland) or other countries with which Ireland has signed a tax treaty (whether the treaty has been ratified or not) and irrespective of whether they hold their shares through DTC or outside DTC) should not be subject to DWT provided such shareholders are beneficially entitled to any dividends paid on their shares and they have furnished complete and valid DWT forms (or an Internal Revenue Service (“IRS”) Form 6166 in the case of U.S resident shareholders only), to our transfer agent or their brokers (and such brokers have further transmitted the relevant information to our qualifying intermediary). However, some shareholders may be subject to withholding tax, which could adversely affect the price of their ordinary shares. Dividends paid in respect of Johnson Controls ordinary shares generally are not subject to Irish income tax where the beneficial owner of these dividends is exempt from dividend withholding tax, unless the beneficial owner of the dividend has some connection with Ireland other than his or her shareholding in Johnson Controls. Johnson Controls shareholders who receive their dividends subject to Irish dividend withholding tax generally will have no further liability to Irish income tax on the dividend unless the beneficial owner of the dividend has some connection with Ireland other than his or her shareholding in Johnson Controls.

In certain circumstances, as an Irish tax resident company, we will be required to deduct Irish dividend withholding tax (currently at the rate of 25%) from dividends paid to our shareholders. Shareholders that are residents in the U.S., European Union countries (other than Ireland) or other countries with which Ireland has signed a tax treaty (whether the treaty has been ratified or not) generally should not be subject to Irish withholding tax so long as the shareholder has provided certain Irish dividend withholding tax forms. However, some shareholders may be subject to withholding tax, which could adversely affect the price of our ordinary shares.