Laboratory Corporation of America Holdings: 10-K Risk Factor Changes

Part of the Company’s strategy involves deploying capital in investments that enhance the Company’s business, which includes pursuing strategic acquisitions to strengthen the Company’s scientific capabilities and enhance therapeutic expertise, enhance esoteric testing and global drug development capabilities, and increase presence in key geographic areas. Since January 1, 2020, the Company has invested net cash of approximately $3.4 billion in strategic business acquisitions. However, the Company cannot assure that it will be able to identify acquisition targets that are attractive to the Company or that are of a large enough size to have a meaningful impact on the Company’s operating results. Furthermore, the successful closing and integration of a strategic acquisition entails numerous risks, including, among others: •failure to obtain regulatory clearance, including due to antitrust concerns; •loss of key customers or employees as a result of the acquisition; •difficulty in consolidating redundant facilities and infrastructure and in standardizing information and other systems; •unidentified regulatory problems at the acquired company or business; •failure to maintain the quality of services that such companies or businesses have historically provided; •unanticipated costs and other liabilities; •potential liabilities related to litigation related to the acquired company or business, or from its prior owners; •failure to timely identify and remediate noncompliant activities of the acquired company or business; •potential periodic impairment of goodwill and intangible assets acquired; •coordination of geographically separated facilities and workforces; and •the potential disruption of the Company’s ongoing business and diversion of management’s resources. The Company cannot assure that current or future acquisitions, if any, or any related integration efforts will be successful, or that the Company’s business will not be adversely affected by any future acquisitions, including with respect to revenues and profitability. Even if the Company is able to successfully integrate the operations of companies and businesses that it acquires in the future, the Company may not be able to realize the benefits that it expects from such acquisitions. 32 32 32 Index Index

Part of the Company's strategy involves deploying capital in investments that enhance the Company's business, which includes pursuing strategic acquisitions to strengthen the Company's scientific capabilities and enhance therapeutic expertise, enhance esoteric testing and global drug development capabilities, and increase presence in key geographic areas. Since 2019, the Company has invested net cash of approximately $3.5 billion in strategic business acquisitions. However, the Company cannot assure that it will be able to identify acquisition targets that are attractive to the Company or that are of a large enough size to have a meaningful impact on the Company's operating results. Furthermore, the successful closing and integration of a strategic acquisition entails numerous risks, including, among others: •failure to obtain regulatory clearance, including due to antitrust concerns; •loss of key customers or employees as a result of the acquisition; •difficulty in consolidating redundant facilities and infrastructure and in standardizing information and other systems; •unidentified regulatory problems at the acquired company or business; 37 37 37 Index Index •failure to maintain the quality of services that such companies or businesses have historically provided; •unanticipated costs and other liabilities; •potential liabilities related to litigation related to the acquired company or business, or from its prior owners; •failure to timely identify and remediate noncompliant activities of the acquired company or business; •potential periodic impairment of goodwill and intangible assets acquired; •coordination of geographically separated facilities and workforces; and •the potential disruption of the Company's ongoing business and diversion of management's resources. The Company cannot assure that current or future acquisitions, if any, or any related integration efforts will be successful, or that the Company's business will not be adversely affected by any future acquisitions, including with respect to revenues and profitability. Even if the Company is able to successfully integrate the operations of companies and businesses that it acquires in the future, the Company may not be able to realize the benefits that it expects from such acquisitions.

The Company depends on third parties to provide services critical to the Company's business, including supplies, ground and air transport of clinical and diagnostic testing supplies and specimens, research products, and people, among other services and depends on them to comply with applicable laws and regulations. Third parties that provide services to the Company are subject to similar risks related to security of customer-related information and compliance with U.S., state, local, or international environmental, health and safety, and privacy and security laws and regulations as the Company. Any failure by third parties to comply with applicable laws, or any failure of third parties to provide services more generally, could have a material impact on the Company, whether because of the loss of the ability to receive services from the third parties, legal liability of the Company for the actions or inactions of third parties, or otherwise. In addition, third parties to whom the Company outsources certain services or functions may process personal data, or other confidential information of the Company. A cybersecurity incident affecting these third parties, like the AMCA Incident, could also harm the Company's business, results of operations and reputation.

The Company depends on third parties to provide services critical to the Company's business, including supplies, ground and air transport of clinical and diagnostic testing supplies and specimens, research products, and people, among other services. Third parties that provide services to the Company are subject to similar risks related to security of customer-related information and compliance with U.S., state, local, or international environmental, health and safety, and privacy and security laws and regulations as the Company. Any failure by third parties to comply with applicable laws, or any failure of third parties to provide services more generally, could have a material impact on the Company, whether because of the loss of the ability to 42 42 42 Index Index receive services from the third parties, legal liability of the Company for the actions or inactions of third parties, or otherwise. In addition, third parties to whom the Company outsources certain services or functions may process personal data, or other confidential information of the Company. A cybersecurity incident affecting these third parties, like the AMCA Incident, could also harm the Company's business, results of operations and reputation.

The Company has previously experienced and expects to continue to experience attempts by unauthorized parties to compromise the Company’s cybersecurity controls, like the 2018 ransomware attack. The Company has also experienced and expects to continue to experience similar attempts by threat actors to penetrate the systems of third-party suppliers and vendors to whom the Company has provided data, like the 2019 AMCA data breach. These attempts, if successful, could result in the misappropriation or compromise of personal information or proprietary or confidential information stored within the Company's systems or within the systems of third parties, create system disruptions or cause shutdowns. Threat actors have a variety of attack methods, including without limitation, by developing and deploying viruses, worms, and other malicious software programs that attack the Company’s systems, the systems of third-parties, or otherwise exploit any security vulnerabilities. In addition, the increased use of AI by threat actors is enhancing the scale sophistication and effectiveness of their cyberattacks. Outside parties may also attempt to fraudulently induce employees to take actions, including the release of confidential or sensitive information or to make fraudulent payments through illegal electronic spamming, phishing, spear phishing, and other tactics. The Company has implemented a formal cybersecurity program; however, because the techniques used by threat actors to obtain unauthorized access, disable or degrade service, or sabotage systems continue to evolve (and often are not recognized until launched against a target), the Company may be unable to anticipate and/or implement appropriate controls needed to 36 36 36 Index Index protect against these evolving threats. In addition, as cyber threats continue to evolve including the use of AI by threat actors to compromise systems, the Company may be required to expend additional resources to continue to enhance the Company’s cybersecurity measures or to investigate and remediate any cybersecurity vulnerabilities. The Company’s remediation efforts may not be sufficient and could result in interruptions, delays, cessation of service, loss of data integrity, loss of confidentiality, and/or loss of data. This could also impact the cost and availability of cyber insurance to the Company. Cybersecurity incidents affecting the Company’s or third parties' security measures and the unauthorized dissemination of personal, proprietary or confidential information about the Company or its customers or other third parties could expose customers’ private information. Such incidents could expose customers to the risk of financial or medical identity theft or expose the Company or other third parties to a risk of loss or misuse of this information, result in litigation and potential liability for the Company, damage the Company’s brand and reputation, or otherwise harm the Company’s business. Any of these incidents could have a material adverse effect on the Company’s business, regulatory compliance, financial condition, reputation, and/or results of operations. In addition, the Company faces increased cybersecurity risks due to the number of employees that continue to work remotely, which remains at levels higher than prior to the COVID-19 pandemic as a result of changes in the workplace and to management and employee expectations. Increased levels of remote access create additional opportunities for cybercriminals to exploit vulnerabilities, and employees may be more susceptible to phishing and social engineering attempts. In addition, technological resources may become strained due to the number of remote users.

The Company has experienced and expects to continue to experience attempts by computer programmers and hackers to penetrate the Company’s layered cybersecurity controls, like the 2018 ransomware attack. The Company has also experienced and expects to continue to experience similar attempts to penetrate the systems of third-party suppliers and vendors to whom the Company has provided data, like the 2019 AMCA data breach. These attempts, if successful, could result in the misappropriation or compromise of personal information or proprietary or confidential information stored within the Company's systems or within the systems of third parties, create system disruptions or cause shutdowns. External actors are developing and deploying viruses, worms and other malicious software programs that attack the Company’s systems, the systems of third-parties, or otherwise exploit any security vulnerabilities. Outside parties may also attempt to fraudulently induce employees to take actions, including the release of confidential or sensitive information or to make fraudulent payments through illegal electronic spamming, phishing, spear phishing, or other tactics. The Company has robust information security procedures and other safeguards in place, including evaluating the cybersecurity status of third-party suppliers and vendors that will have access to the Company’s data or information technology systems, which are monitored and routinely tested internally and by external parties. However, because the techniques used to obtain unauthorized access, disable or degrade service, or sabotage systems change frequently and often are not recognized until launched against a target, the Company may be unable to anticipate all of these techniques or to implement adequate preventive measures. In addition, as cyber threats continue to evolve, the Company may be required to expend additional resources to continue to enhance the Company’s information security measures or to investigate and remediate any information security vulnerabilities. The Company’s remediation efforts may not be successful and could result in interruptions, delays or cessation of service. This could also impact the cost and availability of cyber insurance to the Company. Cybersecurity incidents affecting the Company’s or third parties' security measures and the unauthorized dissemination of personal, proprietary or confidential information about the Company or its customers or other third parties could expose customers’ private information. Such incidents could expose customers to the risk of financial or medical identity theft or expose the Company or other third parties to a risk of loss or misuse of this information, result in litigation and potential liability for the Company, damage the Company’s brand and reputation or otherwise harm the Company’s business. Any of these disruptions or incidents could have a material adverse effect on the Company’s business, regulatory compliance, financial condition and results of operations. In addition, the Company faces increased cybersecurity risks due to the number of employees that continue to work remotely, which remains at levels higher than prior to the COVID-19 pandemic as a result of changes in the workplace and to management and employee expectations. Increased levels of remote access create additional opportunities for cybercriminals to exploit vulnerabilities, and employees may be more susceptible to phishing and social engineering attempts. In addition, technological resources may become strained due to the number of remote users. The Company also faces potential cybersecurity risks from the use of artificial intelligence and machine learning (AI) tools. The Company, or its customers' sensitive, proprietary, or confidential information could be leaked, disclosed, or revealed as a result of or in connection with employees' or vendors' use of generative AI technologies. In addition, the Company may use AI outputs to inform certain decisions, and AI models may create incomplete, inaccurate, or otherwise flawed outputs, some of which may appear correct. Due to the potential flaws in the use of AI, the Company could make incorrect decisions, including decisions that could bias certain individuals or classes of individuals and adversely impact their rights. As a result, the Company could face adverse consequences, including exposure to reputational and competitive harm, customer loss, and legal liabilities. The AI tools may also be subject to additional, and as yet unidentified, security threats.

Natural disasters, such as adverse weather, fires, earthquakes, power shortages and outages, geopolitical events, such as terrorism, war, political instability, or other conflict, public health crises and disease epidemics and pandemics, criminal activities, disruptions to supply chains, inaccessibility of natural resources, and other disruptions or events beyond the Company’s control could negatively affect the Company’s operations. Any of these events may result in a temporary decline of testing volumes and other work in both segments. In addition, such events may temporarily interrupt the Company’s ability to transport specimens, efficiently commence, continue, or complete its work on studies, utilize information technology systems, utilize certain laboratories, and/or to receive material from its suppliers. Such events can also affect customer operations and thereby impact testing volume. Long-term disruptions in the infrastructure and operations caused by such events (particularly involving locations in which the Company has operations), could harm the Company’s operating results.

Natural disasters, such as adverse weather, fires, earthquakes, power shortages and outages, geopolitical events, such as terrorism, war, political instability, or other conflict, public health crises and disease epidemics and pandemics, criminal activities, disruptions to supply chains, inaccessibility of natural resources, and other disruptions or events beyond the Company’s control could negatively affect the Company’s operations. Any of these events may result in a temporary decline of testing volumes and other work in both segments. In addition, such events may temporarily interrupt the Company’s ability to transport specimens, efficiently commence, continue, or complete its work on studies, utilize information technology systems, utilize certain laboratories, and/or to receive material from its suppliers. Such events can also affect customer operations and thereby impact testing volume. Long-term disruptions in the infrastructure and operations caused by such events (particularly involving locations in which the Company has operations), could harm the Company's operating results.

From time to time, manufacturers discontinue or recall reagents, test kits, or instruments used by the Company to perform laboratory testing. Such discontinuations or recalls could adversely affect the Company’s costs, testing volume and revenue. The commercial laboratory industry is subject to changing technology and the introduction of new and improved test offerings. The Company’s success in maintaining a leadership position in genomic and other advanced testing technologies will depend, in part, on its ability to develop, acquire or license new and improved technologies on favorable terms and to obtain 31 31 31 Index Index appropriate coverage and reimbursement for these technologies. The Company may not be able to negotiate acceptable licensing arrangements, and it cannot be certain that such arrangements will yield commercially successful diagnostic tests. If the Company is unable to license these testing methods at competitive rates, its R&D costs may increase as a result. In addition, if the Company is unable to license new or improved technologies to expand its esoteric testing operations, its testing methods may become outdated and testing volume and revenue may be materially and adversely affected. In addition, advances in technology may lead to the development of more technologies, such as point-of-care testing equipment, that can be operated by healthcare providers in their offices or by patients themselves without requiring the services of commercial laboratories. Development of such technology and its use by the Company’s customers could reduce the demand for its laboratory testing services and the utilization of certain tests offered by the Company and negatively impact its revenues. Similarly, application of artificial intelligence to testing could reduce demand for the Company’s services, or competitors could adopt use of these technologies and derive benefits from them sooner than the Company. Manufacturers of laboratory equipment and test kits could seek to increase their sales by marketing point-of-care laboratory equipment to physicians and by selling test kits approved by regulatory agencies for home or physician office use to both physicians and patients. Increased approval and use of such test kits could lead to increased testing by physicians in their offices or by patients at home, which could affect the Company’s market for laboratory testing services and negatively impact its revenues.

From time to time, manufacturers discontinue or recall reagents, test kits, or instruments used by the Company to perform laboratory testing. Such discontinuations or recalls could adversely affect the Company’s costs, testing volume and revenue. 36 36 36 Index Index The commercial laboratory industry is subject to changing technology and new product introductions. The Company’s success in maintaining a leadership position in genomic and other advanced testing technologies will depend, in part, on its ability to develop, acquire or license new and improved technologies on favorable terms and to obtain appropriate coverage and reimbursement for these technologies. The Company may not be able to negotiate acceptable licensing arrangements, and it cannot be certain that such arrangements will yield commercially successful diagnostic tests. If the Company is unable to license these testing methods at competitive rates, its R&D costs may increase as a result. In addition, if the Company is unable to license new or improved technologies to expand its esoteric testing operations, its testing methods may become outdated when compared with the Company’s competition, and testing volume and revenue may be materially and adversely affected. In addition, advances in technology may lead to the development of more cost-effective technologies, such as point-of-care testing equipment that can be operated by physicians or other healthcare providers (including physician assistants, nurse practitioners, and certified nurse midwives, generally referred to herein as physicians) in their offices or by patients themselves without requiring the services of freestanding clinical laboratories. Development of such technology and its use by the Company’s customers could reduce the demand for its laboratory testing services and the utilization of certain tests offered by the Company and negatively impact its revenues. Similarly, application of artificial intelligence to testing could reduce demand for the Company's services, or competitors could adopt use of these technologies and derive benefits from them sooner than the Company. Currently, most commercial laboratory testing is categorized as high or moderate complexity, and thereby is subject to extensive and costly regulation under CLIA. The cost of compliance with CLIA makes it impractical for most physicians to operate clinical laboratories in their offices, and other laws limit the ability of physicians to have ownership in a laboratory and to refer tests to such a laboratory. Manufacturers of laboratory equipment and test kits could seek to increase their sales by marketing point-of-care laboratory equipment to physicians and by selling test kits approved for home or physician office use to both physicians and patients. Diagnostic tests approved for home use are automatically deemed to be “waived” tests under CLIA and may be performed in physician office laboratories as well as by patients in their homes with minimal regulatory oversight. Other tests meeting certain FDA criteria also may be classified as “waived” for CLIA purposes. The FDA has regulatory responsibility over instruments, test kits, reagents and other devices used by clinical laboratories, and it has responsibility for classifying the complexity of tests for CLIA purposes. Increased approval of “waived” test kits could lead to increased testing by physicians in their offices or by patients at home, which could affect the Company’s market for laboratory testing services and negatively impact its revenues.

On June 30, 2023, the Company completed the previously announced spin-off of Fortrea. The Spin-off poses risks and challenges that could impact the Company’s business, including, but not limited to, the failure to receive tax-free treatment for U.S. federal income purposes, and potential exposure to unexpected claims, liabilities, or costs under the Company’s agreements with Fortrea in connection with the Spin-off. 35 35 35 Index Index

On June 30, 2023, the Company completed the previously announced spin-off of Fortrea Holdings Inc. (Fortrea). The spin-off poses risks and challenges that could impact the Company’s business, including, but not limited to, the failure to achieve the intended benefits from the spin-off, the failure to receive tax- free treatment for U.S. federal income purposes, and potential exposure to unexpected claims, liabilities, or costs under the Company’s agreements with Fortrea in connection with the spin-off. The spin-off may adversely impact relationships with customers, suppliers, employees, and other business counterparties and the Company may experience delays, business disruption, increased costs, including from lost synergies, which could adversely affect the Company’s business, financial condition, and results of operations. The Company may also experience increased challenges in attracting, retaining, and motivating key personnel, which could harm the Company’s business. The Company's ongoing transitional and commercial arrangements with Fortrea intend to provide for a seamless delivery of services to the customers and other stakeholders of the independent companies following the spin-off, but those arrangements may not meet the intended objectives and could have unexpected costs or challenges, which could negatively impact the Company’s business, including relationships with customers and other business counterparties, and which could also result in a decline in value of the Company.

The FDA has regulatory responsibility for instruments, test kits, reagents and other devices used by clinical laboratories. The FDA enforces laws and regulations that govern the development, testing, manufacturing, performance, labeling, advertising, 40 40 40 Index Index marketing, distribution, and surveillance of diagnostics, and it regularly inspects and reviews the manufacturing processes and performance of diagnostics. Dx’s point-of-care testing devices are subject to regulation by the FDA. Historically, LDTs developed by high complexity clinical laboratories have been generally offered as services to health care providers under the CLIA regulatory framework administered by CMS, without the requirement for FDA clearance or approval. On April 29, 2024, the FDA released a final rule purporting to clarify its authority to regulate LDTs as medical devices under the federal Food, Drug, and Cosmetic Act, under which it will phase out its general enforcement discretion approach for LDTs under a four-year period subject to certain continuing enforcement discretion policies. The final rule was published on May 6, 2024, and became effective on July 5, 2024. In the absence of a successful legal challenge, the first phase of compliance obligations will begin on May 6, 2025. On May 29, 2024, the American Clinical Laboratory Association (ACLA) and its member company, HealthTrackRx, filed a lawsuit against the FDA in the United States District Court for the Eastern District of Texas, challenging the FDA’s final rule. While the lawsuit may change the final rule or delay or prevent its enforcement, the issuance of the final rule presents an increased risk of FDA enforcement actions for laboratory tests offered by companies without FDA clearance or approval that do not fall within the ongoing enforcement discretion policies. However, the outcome and its ultimate impact on the Company’s business remain difficult to predict at this time. Current FDA regulation of the Company’s diagnostic offerings and the potential for future increased regulation of the Company’s LDTs could result in increased costs and administrative and legal actions for noncompliance, including warning letters, fines, penalties, suspensions, recalls, injunctions, and other civil and criminal sanctions, and could impair the development and commercialization of new tests, which could have a material adverse effect upon the Company. Regulation of diagnostics offerings in jurisdictions outside the U.S. in which the Company operates may impact laboratory testing offered by the Company in both Dx and BLS. For example, the European Union In Vitro Diagnostics Regulation (Regulation (EU) 2017/746 (EU IVDR)) established a new legislative framework for in vitro diagnostic devices that are used in certain circumstances and includes a rule-based classification and quality and safety standards. The EU IVDR, where applicable to BLS’s services, could impact BLS’s ability to support trials, result in increased costs and administrative and legal actions, and have an adverse effect.

The FDA has regulatory responsibility for instruments, test kits, reagents and other devices used by clinical laboratories. The FDA enforces laws and regulations that govern the development, testing, manufacturing, performance, labeling, advertising, marketing, distribution, and surveillance of diagnostic products, and it regularly inspects and reviews the manufacturing processes and product performance of diagnostic products. Dx’s point-of-care testing devices are subject to regulation by the FDA. LDTs developed by high complexity clinical laboratories are currently generally offered as services to health care providers under the CLIA regulatory framework administered by CMS, without the requirement for FDA clearance or approval. However, since the 1990s, the FDA has asserted that it has authority to regulate LDTs as medical devices but has exercised enforcement discretion to refrain from systematic regulation of LDTs. In 2014, the FDA issued draft guidance describing how it intended to discontinue its enforcement discretion policy and begin regulating LDTs as medical devices; however, that draft guidance has not been finalized, and the FDA has instead continued its enforcement discretion policy and has indicated that it intends to work with Congress to enact comprehensive legislative reform of diagnostics oversight. In February 2020, the FDA issued a statement with a table of pharmacogenetic associations setting forth certain gene-drug interactions that the agency determined are supported by the scientific literature to help ensure that claims being made for pharmacogenetic tests are grounded in sound science, thereby reducing the risk of enforcement actions with respect to LDTs offering claims consistent with the table. The FDA noted that it could take enforcement actions under the current medical device framework regarding diagnostic claims the agency determines not to be sufficiently supported. In addition, in 2021, the Verifying Accurate, Leading-edge, IVCT Development (VALID) Act was introduced to Congress and provided a framework to change in vitro diagnostics and LDTs to in vitro clinical tests. In 2022, the VALID Act was incorporated into the Senate user fee bill but was not included in the year-end Consolidated Appropriations Act of 2022. Following challenges with passing diagnostics reform legislation, the FDA released a proposed rule to clarify its authority to regulate LDTs as medical devices under the federal Food, Drug, and Cosmetic Act in October 2023. If finalized, FDA would phase out its general enforcement discretion approach for LDTs. Even without issuance of a finalized LDT oversight framework, in light of the April 4, 2019, FDA warning letter issued to Inova Genomics Laboratory related to certain LDTs that Inova offered, the February 2020 pharmacogenetics statement, and the 2023 proposed rule, there may be an increased risk of FDA enforcement actions for laboratory tests offered by companies without FDA clearance or approval. However, the outcome and its ultimate impact on the Company’s business is difficult to predict at this time. Current FDA regulation of the Company’s diagnostic products and the potential for future increased regulation of the Company’s LDTs in the future could result in increased costs and administrative and legal actions for noncompliance, including warning letters, fines, penalties, product suspensions, product recalls, injunctions, and other civil and criminal sanctions, and could impair the development and commercialization of new tests, which could have a material adverse effect upon the Company. Regulation of diagnostics products in jurisdictions outside the U.S. in which the Company operates may impact laboratory testing offered by the Company in both Dx and BLS. For example, the European Union In Vitro Diagnostics Regulation (Regulation (EU) 2017/746 (EU IVDR)) established a new legislative framework for in vitro diagnostic devices that are used in certain circumstances, and includes a rule-based classification and quality and safety standards. The EU IVDR, where applicable to BLS's services, could impact BLS's ability to support trials, result in increased costs and administrative and legal actions, and have an adverse effect.

The Company’s operations are dependent upon ongoing demand for diagnostic testing and biopharma laboratory services by patients, physicians, hospitals, MCOs, pharmaceutical, biotechnology and medical device companies and others. Significant changes in global economic conditions, and an increase in the costs of goods and services, could negatively impact testing volumes, the demand for biopharma laboratory services, cash collections, profitability, and the availability and cost of credit. 29 29 29 Index Index Pressures on and uncertainty surrounding the U.S. federal government’s budget, and potential changes in budgetary priorities, could adversely affect the funding for government programs that comprise a portion of the Company’s revenues. In addition, uncertainty in the credit markets and interest rate volatility could reduce the availability and increase the cost of credit and impact the Company’s ability to meet its financing needs in the future.

The Company’s operations are dependent upon ongoing demand for diagnostic testing and drug development services by 33 33 33 Index Index patients, physicians, hospitals, MCOs, pharmaceutical, biotechnology and medical device companies and others. Fluctuations in global economic conditions, including inflation and the risk of short- or long-term recessions, could negatively impact demand for diagnostic testing and drug development services, the ability of customers to pay for the Company's services, and the Company’s profitability. In addition, uncertainty in the credit markets and interest rate volatility could reduce the availability and increase the cost of credit and impact the Company’s ability to meet its financing needs in the future.

Dx testing services are billed to MCOs, Medicare, Medicaid, physicians and physician groups, hospitals, patients, and employer groups. Most testing services are billed to a party other than the physician or other authorized person who ordered the test. Increases in the percentage of services billed to government and MCOs could have an adverse effect on the Company’s revenues. The Company expects the efforts to impose reduced reimbursement, more stringent payment policies, and utilization and cost controls by government and other payers to continue. If Dx cannot offset additional reductions in the payments it receives for its services by reducing costs, increasing test volume, and/or introducing new services and procedures, it could have a material adverse effect on the Company’s revenues, profitability, and cash flows. In 2014, Congress passed PAMA, requiring Medicare to change the way payment rates are calculated for tests paid under the CLFS, and to base the payment on the weighted median of rates paid by private payers. Pursuant to PAMA, reimbursement rates for many clinical laboratory tests provided under Medicare were reduced from 2018 through 2020. Enforcement of PAMA was suspended each year from 2021 through 2025, but a long-term resolution through legislation has not yet been achieved, and the next round of PAMA reductions are currently on track to be implemented in 2026. Unless implementation of PAMA is further delayed or changed, additional reductions in reimbursements of $100.0 million are expected for 2026 from all payers affected by the CLFS. The Company’s ability to attract and retain MCOs is critical given the impact of healthcare reform, changes in coverage and evolving value-based care and risk-based reimbursement delivery models (e.g., accountable care organizations (ACOs) and Independent Physician Associations (IPAs)). 30 30 30 Index Index A portion of the managed care fee-for-service revenues is collectible from patients in the form of deductibles, coinsurance and copayments. As patient cost-sharing continues to increase, the Company’s collections may be adversely impacted. In addition, Medicare and Medicaid and private insurers have increased their efforts to control the cost, utilization and delivery of healthcare services, including commercial laboratory services. Measures to regulate healthcare delivery in general, and clinical laboratories in particular, have resulted in reduced prices, added costs and decreased test utilization for the commercial laboratory industry by increasing complexity and adding new regulatory and administrative requirements. The Company has periodically experienced delays in the pricing and implementation of coding and billing changes among various payers, including Medicaid, Medicare and commercial carriers. Payer policy changes in coverage, along with coding and billing changes, have had a negative impact over time on revenue, revenue per requisition, and margins and cash flows. In 2024, limited coding and billing changes were implemented. While limited changes are expected to be implemented in 2025, the Company typically expects some delays in pricing and reimbursement as new codes are introduced. The Company expects the efforts to impose reduced reimbursement, more stringent payment policies, and utilization and cost controls by government and other payers to continue. If Dx cannot offset additional reductions in the payments it receives for its services by reducing costs, increasing test volume, and/or introducing new services and procedures, it could have a material adverse effect on the Company’s revenues, profitability and cash flows.

Diagnostics Laboratories' (Dx) testing services are billed to MCOs, Medicare, Medicaid, physicians and physician groups, hospitals, patients, and employer groups. Most testing services are billed to a party other than the physician or other authorized person who ordered the test. Increases in the percentage of services billed to government and MCOs could have an adverse effect on the Company’s revenues. The Company serves many MCOs. These organizations have different contracting philosophies, which are influenced by the design of their products. Some MCOs contract with a limited number of clinical laboratories and engage in direct negotiation of rates. Other MCOs adopt broader networks with generally uniform fee structures for participating clinical laboratories. In some cases, those fee structures are specific to independent clinical laboratories, while the fees paid to hospital-based and physician-office laboratories may be different, and are typically higher. MCOs may also offer Managed Medicare or Managed Medicaid plans. In addition, an increasing number of MCOs are implementing, directly or through third parties, various types of laboratory benefit management programs that may include laboratory networks, utilization management tools (such as prior authorization and/or prior notification), and claims edits, which may impact coverage or reimbursement for commercial laboratory tests. Some of these programs address commercial laboratory testing broadly, while others are focused on certain types of testing such as molecular, genetic and toxicology testing. An increase in the use of such programs could lead to increased denial of claims, extended appeals, and reduced revenue. 34 34 34 Index Index Some MCOs use capitation rates to fix the cost of laboratory testing services for their enrollees. Under a capitated reimbursement arrangement, the clinical laboratory receives a per-member, per-month payment for an agreed upon menu of laboratory tests provided to MCO members during the month, regardless of the number of tests performed. Capitation shifts the risk of increased test utilization (and the underlying mix of testing services) to the commercial laboratory provider. The Company makes significant efforts to obtain adequate compensation for its services in its capitated arrangements. For the year ended December 31, 2023, such capitated contracts accounted for approximately $369.9 million, or 3.9%, of Dx's revenues. The Company's ability to attract and retain MCOs is critical given the impact of healthcare reform, related products and expanded coverage (e.g. health insurance exchanges and Medicaid expansion) and evolving value-based care and risk-based reimbursement delivery models (e.g., accountable care organizations (ACOs) and Independent Physician Associations (IPAs)). A portion of the managed care fee-for-service revenues is collectible from patients in the form of deductibles, coinsurance and copayments. As patient cost-sharing has been increasing, the Company's collections may be adversely impacted. In addition, Medicare and Medicaid and private insurers have increased their efforts to control the cost, utilization and delivery of healthcare services, including commercial laboratory services. Measures to regulate healthcare delivery in general, and clinical laboratories in particular, have resulted in reduced prices, added costs and decreased test utilization for the commercial laboratory industry by increasing complexity and adding new regulatory and administrative requirements. Pursuant to legislation passed in late 2003, the percentage of Medicare beneficiaries enrolled in Managed Medicare plans has increased. The percentage of Medicaid beneficiaries enrolled in Managed Medicaid plans has also increased; however, changes to, or repeal of, the Patient Protection and Affordable Care Act (ACA) may continue to affect coverage, reimbursement, and utilization of laboratory services, as well as administrative requirements, in ways that are currently unpredictable. Further healthcare reform could adversely affect laboratory reimbursement from Medicare, Medicaid or commercial carriers. The Company has periodically experienced delays in the pricing and implementation of coding and billing changes among various payers, including Medicaid, Medicare and commercial carriers. Payer policy changes in coverage, along with coding and billing changes, have had a negative impact over time on revenue, revenue per requisition, and margins and cash flows. In 2023, limited coding and billing changes were implemented. While limited changes are expected to be implemented in 2024, the Company typically expects some delays in pricing and reimbursement as new codes are introduced. The Company expects the efforts to impose reduced reimbursement, more stringent payment policies, and utilization and cost controls by government and other payers to continue. If Dx cannot offset additional reductions in the payments it receives for its services by reducing costs, increasing test volume, and/or introducing new services and procedures, it could have a material adverse effect on the Company’s revenues, profitability and cash flows. In 2014, Congress passed PAMA, requiring Medicare to change the way payment rates are calculated for tests paid under the CLFS, and to base the payment on the weighted median of rates paid by private payers. On June 23, 2016, CMS issued a final rule to implement PAMA that required applicable laboratories, including Dx, to begin reporting their test-specific private payer payment amounts to CMS in 2017, based on data collected in 2016. CMS used that private market data to calculate weighted median prices for each test (based on applicable current procedural technology (CPT) codes) to represent the new CLFS rates beginning in 2018, subject to certain phase-in limits. For 2018-2020, a test price could not be reduced by more than 10% per year. As a result of provisions included within the CARES Act, PAMA rate reductions for 2021 were suspended, and therefore the Company did not experience any incremental reimbursement rate impact due to PAMA in 2021. As a result of the Protecting Medicare and American Farmers from Sequester Cuts Act that became law in December 2021, the data reporting requirements and Medicare reimbursement cuts that would have occurred under PAMA in 2022 were delayed by one additional year, and the Company did not experience incremental reimbursement rate impact due to PAMA in 2022. As a result of the Consolidated Appropriations Act, 2023, which became law in December 2022, the data reporting requirements and Medicare reimbursement cuts that would have occurred under PAMA in 2023 were delayed by one additional year, and the Company did not experience an incremental reimbursement rate impact due to PAMA in 2023. In November 2023, provisions in the Further Continuing Appropriations and Other Extensions Act of 2024 further delayed data reporting requirements and the phase-in of payment reductions for Clinical Diagnostic Laboratory Tests (CDLTs) that are not classified as ADLTs under PAMA. As a result, no payment reduction will be applied to CDLTs in 2024, and for 2025-2027 payment may not be reduced by more than 15% compared to the payment amount established for a test the previous year. CLFS rates for 2028 and subsequent periods will not be subject to phase-in limits. The phase-in of rates for CDLTs established in 2018 will resume in 2025. New CLFS rates will be established in 2026 based on data from 2019 to be reported in 2025. The process of data reporting and repricing under PAMA will be repeated every three years for CDLTs beginning in 2025. CLFS rates for ADLTs will be updated annually. CMS published its initial proposed CLFS rates under PAMA for 2018-2020 on September 22, 2017. Following a public comment period, CMS made adjustments and published final CLFS rates for 2018-2020 on November 17, 2017, with additional adjustments published on December 1, 2017. For 2020, the Company realized a net reduction in reimbursement of 35 35 35 Index Index approximately $72.0 million from all payers affected by the CLFS (approximately $107.0 million in 2019). PAMA rates were frozen for years 2021 through 2024 as described above. Unless implementation of PAMA is further delayed or changed, an additional reduction of approximately $100.0 million is expected for 2025, from all payers affected by the CLFS.

As further described in Item 1 and Item 1A of Part I of this Annual Report, both Dx and BLS operate in competitive industries. The commercial laboratory business is intensely competitive in terms of price, service, specialty offerings, and the type and number of commercial laboratories. Dx and BLS compete against a wide range of businesses, as well as in-house departments of pharmaceutical, biotechnology, medical device, and diagnostic companies, and to a lesser extent, selected academic research centers, universities, and teaching hospitals. In addition, BLS’s services periodically experience periods of increased price competition that may have an adverse effect on the segment’s profitability and consolidated revenues and net earnings.

As further described in Item 1 of Part I of this Annual Report, both Dx and BLS operate in competitive industries. The commercial laboratory business is intensely competitive both in terms of price and service. Pricing of laboratory testing services is often one of the most significant factors used by physicians, third-party payers and consumers in selecting a laboratory. As a result of significant consolidation in the commercial laboratory industry, larger commercial laboratory providers are able to increase cost efficiencies afforded by large-scale automated testing. This consolidation results in greater price competition. Dx may be unable to increase cost efficiencies sufficiently, if at all, and as a result, its net earnings and cash flows could be negatively impacted by such price competition. The Company may face increased competition from health system laboratories, due to physicians within those systems directing their testing to the health system laboratory and away from the Company, and as those laboratories seek to expand their testing volume from unaffiliated physicians in their service areas. The Company may also face competition from companies that do not comply with existing laws or regulations or otherwise disregard compliance standards in the industry. Additionally, the Company may also face changes in fee schedules, competitive bidding for laboratory services, or other actions or pressures reducing payment schedules as a result of increased or additional competition. Following the spin-off of Fortrea, BLS’s main competition ranges from hundreds of small providers to a limited number of large companies with global capabilities. BLS competes against these small and large businesses, as well as in-house departments of pharmaceutical, biotechnology, medical device, and diagnostic companies, and to a lesser extent, selected academic research centers, universities, and teaching hospitals. In addition, BLS’s services periodically experience periods of increased price competition that may have an adverse effect on the segment’s profitability and consolidated revenues and net income.

Governmental authorities, non-governmental organizations, customers, investors, external stakeholders, and employees are sensitive to matters of corporate responsibility and governance, such as environmental sustainability. This focus on these concerns may lead to new requirements that could result in increased costs associated with developing, manufacturing, and distributing the Company’s offerings. The Company’s ability to compete could also be affected by changing preferences and requirements on these matters and the Company’s ability to meet them. If the Company does not meet the evolving and varied preferences and requirements of governmental authorities and others on these matters, the Company could experience reduced demand for its offerings, loss of customers, and other negative impacts on the Company’s business and results of operations.

Governmental authorities, non-governmental organizations, customers, investors, external stakeholders, and employees are increasingly sensitive to ESG concerns, such as diversity and inclusion, climate change, water use, recyclability or recoverability of packaging, and plastic waste. This focus on ESG concerns may lead to new requirements that could result in increased costs associated with developing, manufacturing, and distributing the Company’s services and products. The Company’s ability to compete could also be affected by changing customer preferences and requirements and the failure to meet such customer expectations or demand, whether related to environmental concerns or other ESG matters. While the Company strives to improve its ESG performance, has established certain ESG goals and initiatives, and participates in various third-party assessments and reporting regimens, the Company risks negative stockholder reaction and activism, including from proxy advisory services, as well as damage to its brand and reputation, if the Company fails to meet its goals and initiatives or if the Company is perceived to not be acting responsibly in key ESG areas, including product quality and safety, diversity and inclusion, environmental stewardship, support for local communities, corporate governance and transparency, and addressing human capital factors in the Company’s operations. Responding to these ESG considerations and implementation of the Company’s ESG goals and initiatives involves risks and uncertainties, requires investments, and depends in part on third-party performance or data that is beyond the Company’s control. In addition, some stakeholders may disagree with the Company’s ESG goals and initiatives. If the Company does not meet the evolving and varied ESG expectations of its investors, customers and other stakeholders, the Company could experience reduced demand for its products, loss of customers, and other negative impacts on the Company’s business and results of operations.