--- ticker: PWR company: PWR filing_type: 10-K year_current: 2025 year_prior: 2024 risks_added: 0 risks_removed: 0 risks_modified: 5 risks_unchanged: 48 source: SEC EDGAR url: https://riskdiff.com/pwr/2025-vs-2024/ markdown_url: https://riskdiff.com/pwr/2025-vs-2024/index.md generated: 2026-06-01 --- # PWR: 10-K Risk Factor Changes 2025 vs 2024 > Source: U.S. Securities and Exchange Commission (EDGAR) > Generated: 2026-06-01 > All data extracted directly from official filings. No hallucinated content. ## Summary | Status | Count | |--------|-------| | New risks added | 0 | | Risks removed | 0 | | Risks modified | 5 | | Unchanged | 48 | --- ## Modified: Regulatory requirements applicable to our industries and changes in current and potential legislative and regulatory initiatives may adversely affect demand for our services. **Key changes:** - Reworded sentence: "For example, in the past, sourcing restrictions on critical components for our customers' projects have resulted in supply chain and logistical challenges, which negatively impacted certain of our services." - Reworded sentence: "With respect to certain services within our Renewable Energy segment, current and potential legislative or regulatory initiatives may not be implemented or extended or result in incremental increased demand for our services, including the IRA, the IIJA, legislation or regulation that mandates percentages of power to be generated from renewable sources, requires utilities to meet reliability standards, provides for existing or new production tax credits for renewable energy developers, or encourages installation of new electric power transmission and renewable energy generation facilities." - Removed sentence: "For example, the interaction between the IRA and the IIJA could lead to additional complex requirements associated with, among other things, union labor or prevailing wages, domestic material production obligations, and affirmative action programs, which we and our customers must comply with in order to secure government funding for projects completed thereunder." - Removed sentence: "Our or our customers' failure to successfully navigate these requirements could negatively impact our, or our customers', ability to take advantage of the opportunities under such legislation, result in additional unintended costs associated with any projects completed under such legislation or result in liabilities or governmental penalties for noncompliance." **Prior (2024):** Because the vast majority of our revenue is derived from a few industries, the federal, state, provincial and local regulations affecting those industries, including, among other things, environmental, safety, and permitting requirements and materials sourcing and transportation requirements, have a material effect on our business. These regulations are complex and subject to change both in substance and interpretation and often regulations across various industries and jurisdictions can differ or conflict, all of which can negatively impact our or our customers' ability to efficiently operate. In recent years, customers in our industries have faced heightened regulatory requirements and increased regulatory enforcement, as well as private legal challenges related to regulatory requirements, which have resulted in delays, reductions in scope and cancellations of projects, in particular larger pipeline and transmission projects. Furthermore, certain regulatory requirements applicable to our customers are also required of us when we contract with such customers, and our inability to meet those requirements could also result in decreased demand for our services. Increased and changing regulatory requirements applicable to us and our customers have resulted in, among other things, project delays and decreased demand for our services in the past, and may do so in the future, which can adversely affect our business, financial condition, results of operations and cash flows. For example, sourcing restrictions have resulted in supply chain and logistical challenges with respect to solar cells and panels, including the U.S. Department of Commerce investigation into an antidumping and countervailing duties circumvention claim on these components from southeast Asia, which negatively impacted our renewable energy services associated with solar projects during 2022 and into 2023, and certain other sourcing restrictions and challenges related to solar panels manufactured in China (e.g., the Uyghur Forced Labor Prevention Act), which may negatively impact project timing within the renewable energy market in the future. Furthermore, with respect to our contracts under which we are responsible for procuring all or a portion of the materials needed for projects, including our EPC contracts, we are often required to comply with complex sourcing and transportation regulations, which can involve cross-border movement of such materials. Changes to, or our failure to comply with, these regulatory requirements can result in project delays and additional project costs, which may be substantial and not recoverable from third parties, and in some cases, we may be required to compensate the customer for such delays, including in circumstances where we have guaranteed project completion or performance by a scheduled date and incur liquidated damages if we do not meet such schedule. Additionally, our failure to comply with these regulatory requirements could result in criminal or civil fines, penalties, forfeitures or other sanctions. Regulatory requirements focused on concerns about climate-change related issues, including any new or changed requirements concerning the reduction, production or consumption of fossil fuels, could negatively impact the hydrocarbon production volumes of our customers, which could in turn negatively impact demand for certain of our services. Additionally, new regulations addressing greenhouse gas emissions from mobile sources could also significantly increase costs for our large fleet of vehicles, render portions of our fleet of vehicles obsolete or reduce the availability of vehicles we need to perform our services. With respect to certain services within our Renewable Energy segment, current and potential legislative or regulatory initiatives may not be implemented or extended or result in incremental increased demand for our services, including legislation or regulation that mandates percentages of power to be generated from renewable sources, requires utilities to meet reliability 31 31 31 standards, provides for existing or new production tax credits for renewable energy developers, or encourages installation of new electric power transmission and renewable energy generation facilities. While these actions and initiatives have positively impacted demand for our services in the past, it is not certain whether they will continue to do so in the future. For example, the interaction between the IRA and the IIJA could lead to additional complex requirements associated with, among other things, union labor or prevailing wages, domestic material production obligations, and affirmative action programs, which we and our customers must comply with in order to secure government funding for projects completed thereunder. Our or our customers' failure to successfully navigate these requirements could negatively impact our, or our customers', ability to take advantage of the opportunities under such legislation, result in additional unintended costs associated with any projects completed under such legislation or result in liabilities or governmental penalties for noncompliance. **Current (2025):** Because the vast majority of our revenue is derived from a few industries, the federal, state, provincial and local regulations affecting those industries, including, among other things, environmental, safety, and permitting requirements and materials sourcing and transportation requirements, have a material effect on our business. These regulations are complex and subject to change both in substance and interpretation and often regulations across various industries and jurisdictions can differ or conflict, all of which can negatively impact our or our customers' ability to efficiently operate. In recent years, customers in our industries have faced heightened regulatory requirements and increased regulatory enforcement, as well as private legal challenges related to regulatory requirements, which have resulted in delays, reductions in scope and cancellations of projects, in particular larger pipeline and transmission projects. Furthermore, certain regulatory requirements applicable to our customers are also required of us when we contract with such customers, and our inability to meet those requirements could also result in decreased demand for our services. Increased and changing regulatory requirements applicable to us and our customers have resulted in, among other things, project delays and decreased demand for our services in the past, and may do so in the future, which can adversely affect our business, financial condition, results of operations and cash flows. For example, in the past, sourcing restrictions on critical components for our customers' projects have resulted in supply chain and logistical challenges, which negatively impacted certain of our services. We may be impacted in the future by sourcing restrictions, including, but not limited to, taxes. tariffs and duties, which may negatively impact project timing within certain of our markets in the future. Furthermore, with respect to our contracts under which we are responsible for procuring all or a portion of the materials needed for projects, including our EPC contracts, we are often required to comply with complex sourcing and transportation regulations, which can involve cross-border movement of such materials. Changes to, or our failure to comply with, these regulatory requirements can result in project delays and additional project costs, which may be substantial and not recoverable from third parties, and in some cases, we may be required to compensate the customer for such delays, including in circumstances where we have guaranteed project completion or performance by a scheduled date and incur liquidated damages if we do not meet such schedule. Additionally, our failure to comply with these regulatory requirements could result in criminal or civil fines, penalties, forfeitures or other sanctions. Regulatory requirements focused on concerns about climate-change related issues, including any new or changed requirements concerning the reduction, production or consumption of fossil fuels, could negatively impact the hydrocarbon production volumes of our customers, which could in turn negatively impact demand for certain of our services. Additionally, new regulations addressing greenhouse gas emissions from mobile sources could also significantly increase costs for our large fleet of vehicles, render portions of our fleet of vehicles obsolete or reduce the availability of vehicles we need to perform our services. With respect to certain services within our Renewable Energy segment, current and potential legislative or regulatory initiatives may not be implemented or extended or result in incremental increased demand for our services, including the IRA, the IIJA, legislation or regulation that mandates percentages of power to be generated from renewable sources, requires utilities to meet reliability standards, provides for existing or new production tax credits for renewable energy developers, or encourages installation of new electric power transmission and renewable energy generation facilities. While these actions and initiatives have positively impacted demand for our services in the past, it is not certain whether they will continue to do so in the future. --- ## Modified: Opportunities within the government arena could subject us to increased regulation and costs and may pose additional risks relating to future funding and compliance. **Key changes:** - Removed sentence: "For example, the Biden Administration has proposed revisions to the Federal Acquisition Regulation which, if adopted, would require major federal suppliers to monitor and disclose certain climate-related information and, for certain suppliers, to adopt climate-related targets subject to the methodology of the Science Based Targets Initiative." - Reworded sentence: "Government agencies routinely audit and investigate government contractors and may review a contractor's performance under its contracts, cost structure and 34 34 34 compliance with applicable laws, regulations and standards." - Added sentence: "Furthermore, certain of our federal government contracts require us to have security clearances, which can be difficult and time consuming to obtain." - Added sentence: "If our employees or our facilities are unable to obtain or retain the necessary security clearances, our clients could terminate or not renew existing contracts or award us new contracts." **Prior (2024):** Most government contracts are awarded through a regulated competitive bidding process, which can often include more cumbersome compliance requirements and be more time consuming than the bidding process for non-governmental projects. For example, the Biden Administration has proposed revisions to the Federal Acquisition Regulation which, if adopted, would require major federal suppliers to monitor and disclose certain climate-related information and, for certain suppliers, to adopt climate-related targets subject to the methodology of the Science Based Targets Initiative. This could require us to incur substantial costs, subject us to increased liability for our climate-related and other disclosures, and influence our climate and business strategy in ways other than we might prefer. Additionally, involvement with government contracts could require a significant amount of costs to be incurred before any revenues are realized. We are also subject to numerous procurement rules and other public sector regulations when we contract with certain governmental agencies, any deemed violation of which could lead to fines or penalties or a loss of business. Government agencies routinely audit and investigate government contractors and may review a contractor's performance under its contracts, cost structure and compliance with applicable laws, regulations and standards. If a government agency determines that costs were improperly allocated to specific contracts, such costs will not be reimbursed or a refund of previously reimbursed costs may be required. If a government agency alleges or proves improper activity, civil and criminal penalties could be imposed and serious reputational harm could result. Many government contracts must be appropriated each year, and without re-appropriation we would not realize all of the potential revenues from any awarded contracts. Additionally, U.S. government shutdowns or any related under-staffing of the government departments or agencies that interact with our business could result in program cancellations, disruptions and/or stop work orders, could limit the government's ability to effectively progress programs and make timely payments, and could limit our ability to perform on our existing U.S. government contracts and successfully compete for new work. **Current (2025):** Most government contracts are awarded through a regulated competitive bidding process, which can often include more cumbersome compliance requirements and be more time consuming than the bidding process for non-governmental projects. This could require us to incur substantial costs, subject us to increased liability for our climate-related and other disclosures, and influence our climate and business strategy in ways other than we might prefer. Additionally, involvement with government contracts could require a significant amount of costs to be incurred before any revenues are realized. We are also subject to numerous procurement rules and other public sector regulations when we contract with certain governmental agencies, any deemed violation of which could lead to fines or penalties or a loss of business. Government agencies routinely audit and investigate government contractors and may review a contractor's performance under its contracts, cost structure and 34 34 34 compliance with applicable laws, regulations and standards. If a government agency determines that costs were improperly allocated to specific contracts, such costs will not be reimbursed or a refund of previously reimbursed costs may be required. If a government agency alleges or proves improper activity, civil and criminal penalties could be imposed and serious reputational harm could result. Many government contracts must be appropriated each year, and without re-appropriation we would not realize all of the potential revenues from any awarded contracts. Furthermore, certain of our federal government contracts require us to have security clearances, which can be difficult and time consuming to obtain. If our employees or our facilities are unable to obtain or retain the necessary security clearances, our clients could terminate or not renew existing contracts or award us new contracts. Additionally, U.S. government shutdowns or any related under-staffing of the government departments or agencies that interact with our business could result in program cancellations, disruptions and/or stop work orders, could limit the government's ability to effectively progress programs and make timely payments, and could limit our ability to perform on our existing U.S. government contracts and successfully compete for new work. --- ## Modified: Disruptions to our information technology systems or our failure to adequately protect critical data, sensitive information and technology systems could materially affect our business and reputation. **Key changes:** - Reworded sentence: "We also collect and retain information about our customers, stockholders, vendors, employees, contractors, business partners and other parties, all of whom expect that we will adequately protect such information." - Reworded sentence: "While we have security measures and technology in place to protect our and our clients' confidential or proprietary company information, there can be no assurance that our efforts will prevent all threats to our systems and information." - Reworded sentence: "We have experienced and addressed cyber-attacks, breaches and disruptions of our information systems, and systems of key third parties and information technology vendors that we rely upon, in the past, and we expect such events to continue to arise in the future." - Reworded sentence: "An attack could also cause material service disruptions to our internal systems or, in extreme circumstances, infiltration into, damage to or loss of control of our customers' energy infrastructure systems." - Added sentence: "In addition, as a contractor supporting government agencies with respect to certain projects, including the Department of Defense (DoD), we must adhere to regulatory cyber compliance requirements outlined in the Federal Acquisition Regulations (FAR), the Defense Federal Acquisition Regulation Supplement (DFARS), and other federal mandates with respect to these projects." **Prior (2024):** We rely on information technology systems to manage our operations and other business processes and to protect sensitive company information. We also collect and retain information about our customers, stockholders, vendors, employees, contractors, business partners and other parties, all of which expect that we will adequately protect such information. We face numerous and evolving cybersecurity risks that threaten the confidentiality, integrity and availability of our information technology systems and confidential information. Breaches or disruptions of our information systems, or systems of key third parties and information technology vendors that we rely upon, can result from, among other things, cyber-attacks, theft, inadvertent exposure of sensitive information, acts of terrorism, war, storms or other natural phenomena, information technology solution failures or network disruptions, and any such cyber-attacks or breaches can go unnoticed for some period of time. For example, a cyber-attack on one of our vendors or vulnerabilities identified in proprietary or open-source code disclosed by vendors or federal agencies could potentially impact information technology systems relevant to our business and/or sensitive information that we retain. Furthermore, some of the energy infrastructure systems on which we work may be considered to be strategic targets, and therefore at greater risk of cyber-attacks or acts of terrorism than other targets. Additionally, an intrusion into the information systems of a business we acquire may also ultimately compromise our systems, and malicious third parties or insiders may attempt to fraudulently induce employees or customers into disclosing sensitive information such as user names, passwords or other information or otherwise compromise the security of our information systems. Our operations are decentralized with operating companies maintaining some of their own information systems, data and service providers. While our cybersecurity risk management program and processes, including policies, controls and procedures, are designed to cover our operating companies, there can be no assurance that these will be fully implemented, complied with or effective in protecting all information systems and operations. While we have security measures and technology in place to protect our and our clients' confidential or proprietary company information, there can be no assurance that our efforts will prevent all threats to our computer systems. Moreover, we have acquired and continue to acquire companies with cybersecurity vulnerabilities and/or unsophisticated security measures, which exposes us to significant cybersecurity, operational, and financial risks until they are fully integrated into our information systems. Additionally, the increased use of remote working arrangements by employees, vendors, and other third parties has increased the exposure to possible attacks, thereby increasing the risk of a data security compromise. We have addressed breaches and disruptions of our information systems, or systems of key third parties and information technology vendors that we rely upon, in the past, and we expect such events to continue to arise in the future. While to date we have not experienced any material impact as a result of cyber-attacks, the ultimate impact of future and similar events remains unknown, and we expect additional vulnerabilities may arise. Cyber-attacks can result in compromises of our payment systems, monetary losses, inability to access or operate our systems (e.g., ransomware), delays in processing transactions or reporting financial results, the disclosure or misappropriation of confidential, personal or proprietary company information (including for the purpose of transacting in our stock), or the release of customer, stockholder, vendor or employee information. An attack could also cause service disruptions to our internal systems or, in extreme circumstances, infiltration into, damage to or loss of control of our customers' energy infrastructure systems. Any such breach or disruption could subject us to significant liabilities, cause damage to our reputation or customer relationships, or result in regulatory investigations or other actions by governmental authorities, which could have a material adverse impact on our business, financial condition, results of operations and cash flows. Furthermore, we may incur additional costs related to the investigation and reporting of any such breach or disruption as a result of the SEC's increased reporting requirements for cyber incidents. Additionally, because the techniques used to obtain 23 23 23 unauthorized access or sabotage information technology systems change frequently and are generally not identifiable until they are launched against a target, we may be unable to anticipate these techniques or to implement adequate preventative measures. As a result, we may be required to expend significant resources to protect against the threat of system disruptions and security breaches or to alleviate problems caused by these disruptions and breaches. **Current (2025):** We rely on information technology systems to manage our operations and other business processes and to protect sensitive company information. We also collect and retain information about our customers, stockholders, vendors, employees, contractors, business partners and other parties, all of whom expect that we will adequately protect such information. We face numerous and evolving cybersecurity risks that threaten the confidentiality, integrity and availability of our information technology systems and confidential information as well as the systems and information of key third parties and information technology vendors upon whom we rely. Certain of our vendors have experienced cyber-attacks that exploited vulnerabilities in their systems and have resulted in disruptions to their systems. While these events have not resulted in any known material impacts to our systems, we expect such attacks will continue in the future. Furthermore, the energy infrastructure systems on which we work are strategic targets that are at greater risk of cyber-attacks or acts of terrorism than other targets. Additionally, an intrusion into the information systems of a business we acquire may also ultimately compromise our systems. Our operations are decentralized with operating companies maintaining some of their own information systems, data and service providers. While our cybersecurity risk management program and processes, including policies, controls and procedures, are designed to cover our operating companies, there can be no assurance that these will be fully implemented, complied with or effective in protecting all information systems and operations. While we have security measures and technology in place to protect our and our clients' confidential or proprietary company information, there can be no assurance that our efforts will prevent all threats to our systems and information. Moreover, we have acquired and continue to acquire companies with cybersecurity vulnerabilities and/or unsophisticated security measures, which exposes us to significant cybersecurity, operational, and financial risks until they are fully integrated into our information systems. Additionally, the increased use of remote working arrangements by employees, vendors, and other third parties has increased the exposure to possible attacks, thereby increasing the risk of a data security compromise. We have experienced and addressed cyber-attacks, breaches and disruptions of our information systems, and systems of key third parties and information technology vendors that we rely upon, in the past, and we expect such events to continue to arise in the future. While to date we have not experienced any material impact as a result of these events, the ultimate impact of future and similar events remains unknown, and we expect additional vulnerabilities to arise. Cyber-attacks can result in compromises of our payment systems, monetary losses, inability to access or operate our systems (e.g., ransomware), delays in processing transactions or reporting financial results, the disclosure or misappropriation of confidential, personal or proprietary company information (including for the purpose of transacting in our stock), or the release of customer, stockholder, vendor or employee information. An attack could also cause material service disruptions to our internal systems or, in extreme circumstances, infiltration into, damage to or loss of control of our customers' energy infrastructure systems. Any such breach or disruption could subject us to material liabilities, cause damage to our reputation or customer relationships, or result in regulatory investigations or other actions by governmental authorities, which could have a material adverse impact on our business, financial condition, results of operations and cash flows. Furthermore, we may incur additional costs related to the investigation and reporting of any such breach or disruption. Additionally, because the techniques used to obtain unauthorized access or sabotage information technology systems change frequently and are generally not identifiable until they are launched against a target, we are unable to anticipate all attacker techniques or to implement comprehensive preventative measures, particularly because threat actors are increasingly using tools, including artificial intelligence, that are designed to circumvent controls and evade detection. As a result, we may be required to expend significant resources to protect against the threat of system disruptions and security breaches or to alleviate problems caused by these disruptions and breaches. In addition, as a contractor supporting government agencies with respect to certain projects, including the Department of Defense (DoD), we must adhere to regulatory cyber compliance requirements outlined in the Federal Acquisition Regulations (FAR), the Defense Federal Acquisition Regulation Supplement (DFARS), and other federal mandates with respect to these projects. The DoD is also in the process of implementing obligations relating to the Cyber Security Material Model Certificate (CMMC) into its contracts. The DoD expects that new contracts will be required to comply with the CMMC by 2026. In addition, any obligations that may be imposed on us under the CMMC may be different from or in addition to those otherwise required by applicable laws and regulations, which may cause additional expense for compliance. Failure to meet these various requirements, whether mandated by regulation or contract, could cause material harm to our business, financial condition and reputation. --- ## Modified: Certain regulatory requirements applicable to us and certain of our subsidiaries could materially impact our business. **Key changes:** - Reworded sentence: "Our internal control over financial reporting was effective as of December 31, 2024; however, there can be no assurance that our internal control over financial reporting will be determined to be effective in future years." - Removed sentence: "Additionally, one of our subsidiaries has registered as an investment adviser with the SEC under the U.S." - Removed sentence: "Investment Advisers Act of 1940, as amended (the Advisers Act), which imposes substantive and material restrictions and requirements on the operations of this subsidiary, including certain fiduciary duties that apply to its relationships with its advisory clients." - Removed sentence: "The SEC has broad administrative powers to institute proceedings and impose sanctions for violations of the Advisers Act, ranging from fines and censures to termination of an adviser's registration." - Removed sentence: "This subsidiary is also subject to periodic SEC examinations and other requirements, including, among other things, maintaining an effective compliance program, recordkeeping and reporting requirements, disclosure requirements and complying with anti-fraud prohibitions." **Prior (2024):** We are subject to various specific regulatory regimes and requirements that could result in significant compliance costs and liabilities. As a public company, we are subject to various corporate governance and financial reporting requirements, including requirements for management to report on our internal controls over financial reporting and for our independent registered public accounting firm to express an opinion on the operating effectiveness of our internal control over financial reporting. Our internal control over financial reporting was effective as of December 31, 2023; however, there can be no assurance that our internal control over financial reporting will be determined to be effective in future years. Failure to maintain effective internal controls, including the identification and remediation of significant internal control deficiencies in acquired businesses (both prior acquisitions and future acquisitions), could result in a decrease in the market value of our publicly traded securities, a reduced ability to obtain debt and equity financing, a loss of customers, fines or penalties, and/or additional expenditures to meet the requirements or remedy any deficiencies. Additionally, one of our subsidiaries has registered as an investment adviser with the SEC under the U.S. Investment Advisers Act of 1940, as amended (the Advisers Act), which imposes substantive and material restrictions and requirements on the operations of this subsidiary, including certain fiduciary duties that apply to its relationships with its advisory clients. The SEC has broad administrative powers to institute proceedings and impose sanctions for violations of the Advisers Act, ranging from fines and censures to termination of an adviser's registration. This subsidiary is also subject to periodic SEC examinations and other requirements, including, among other things, maintaining an effective compliance program, recordkeeping and reporting requirements, disclosure requirements and complying with anti-fraud prohibitions. The failure of our subsidiary to comply with the requirements of the Advisers Act could result in fines, suspensions of individual employees or other sanctions against our subsidiary that could have a material adverse effect on us. Even if an investigation or proceeding does not result in a fine or sanction or if a fine or sanction imposed against our subsidiary or its employees were small in monetary amount, the adverse publicity relating to an investigation, proceeding or imposition of these fines or sanctions could harm our reputation and have a material adverse effect on us. Furthermore, our wholly-owned captive insurance company is a registered insurance company with the Texas Department of Insurance, and therefore is subject to various rules and regulations and required to meet certain capital requirements, which can result in additional use of our resources. 33 33 33 We also collect and retain information about our customers, stockholders, vendors and employees. Legislation and regulatory requirements, as well as contractual commitments, affect how we must store, use, transfer and process the confidential information of our customers, stockholders, vendors and employees. These laws, as well as other new or changing legislative, regulatory or contractual requirements concerning data privacy and protection, could require us to expend significant additional compliance costs, and any failure to comply with such requirements can result in significant liability or harm to our reputation. **Current (2025):** We are subject to various specific regulatory regimes and requirements that could result in significant compliance costs and liabilities. As a public company, we are subject to various corporate governance and financial reporting requirements, including requirements for management to report on our internal controls over financial reporting and for our independent registered public accounting firm to express an opinion on the operating effectiveness of our internal control over financial reporting. Our internal control over financial reporting was effective as of December 31, 2024; however, there can be no assurance that our internal control over financial reporting will be determined to be effective in future years. Failure to maintain effective internal controls, including the identification and remediation of significant internal control deficiencies in acquired businesses (both prior acquisitions and future acquisitions), could result in a decrease in the market value of our publicly traded securities, a reduced ability to obtain debt and equity financing, a loss of customers, fines or penalties, and/or additional expenditures to meet the requirements or remedy any deficiencies. Furthermore, our wholly-owned captive insurance company is a registered insurance company with the Texas Department of Insurance, and therefore is subject to various rules and regulations and required to meet certain capital requirements, which can result in additional use of our resources. We also collect and retain information about our customers, stockholders, vendors and employees. Legislation and regulatory requirements, as well as contractual commitments, affect how we must store, use, transfer and process the confidential information of our customers, stockholders, vendors and employees. These laws, as well as other new or changing legislative, regulatory or contractual requirements concerning data privacy and protection, could require us to expend significant additional compliance costs, and any failure to comply with such requirements can result in significant liability or harm to our reputation. --- ## Modified: Insurance and claims expenses, as well as the unavailability or cancellation of third-party insurance coverage, could have a material adverse effect on us. **Key changes:** - Reworded sentence: "As part of our overall risk management strategy, we self-insure, or insure through our wholly-owned captive insurance company, a significant portion of our claims exposure, including all amounts up to the applicable deductible of our third-party insurance programs and certain additional amounts related to the general and auto liability programs." - Reworded sentence: "As a result, Quanta's current level of insurance coverage for wildfire events may not be sufficient to cover potential losses in connection with these events." **Prior (2024):** We maintain insurance coverage from third-party insurers as part of our overall risk management strategy and because some of our contracts require us to maintain specific insurance coverage limits. Such insurance is subject to deductibles and limits and may be canceled or may not cover all of our losses. We also manage and maintain a portion of our casualty risk through our wholly-owned captive insurance company, which insures all claims up to the amount of the applicable deductible of our third-party insurance programs, as well as with respect to certain other amounts, and issue letters of credit to secure our obligations in connection with our casualty insurance programs. Our insurance policies include various coverage requirements, including notice requirements, and coverage could be denied if we fail to comply with those requirements. Additionally, our insurance coverages may not be sufficient or effective under all circumstances or against all claims and liabilities asserted against us, and if we are not fully insured against such claims and liabilities, it could expose us to significant liabilities and materially and adversely affect our business, financial condition, results of operations and cash flows. We also renew our insurance policies on an annual basis, and therefore deductibles and levels of coverage offered by third parties may change in future periods, and there is no assurance that any of our coverages will be renewed at their current levels or at all or that any future coverage will be available at reasonable and competitive rates. Our third-party insurers could also fail, cancel our coverage or otherwise be unable or unwilling to provide us with adequate insurance coverage for certain items, including wildfires, or we may elect not to obtain certain types or incremental levels of insurance based on the potential benefits considered relative to the cost of such insurance, or coverage may not be available at reasonable and competitive rates. For example, due to the increased occurrence and future risk of wildfires, as described above, insurers have reduced coverage availability and increased the cost of insurance coverage for such events in recent years. As a result, Quanta's level of insurance coverage for wildfire events has decreased in recent years, and the current level of coverage may not be sufficient to cover potential losses in connection with these events. Furthermore, our third-party insurers could also decide to further reduce or exclude coverage for wildfires or other events in connection with future insurance renewals. Adverse changes in our insurance coverage could increase our exposure to uninsured losses, which could have a negative effect on our business, financial condition, results of operations and cash flows or result in a disruption of our operations. Losses under our insurance programs are accrued based upon our estimate of the ultimate liability for claims reported and an estimate of claims incurred but not reported, with assistance from third-party actuaries. These insurance liabilities are difficult to assess and estimate due to unknown factors, including the severity of an injury, the extent of damage, the determination of our liability in proportion to other parties and unreported incidents. If we experience claims or costs above our estimates, our business, financial condition, results of operations and cash flows could be materially and adversely affected. **Current (2025):** As part of our overall risk management strategy, we self-insure, or insure through our wholly-owned captive insurance company, a significant portion of our claims exposure, including all amounts up to the applicable deductible of our third-party insurance programs and certain additional amounts related to the general and auto liability programs. We are also responsible for our legal expenses relating to such claims, which can be significant both on an aggregate and individual claim basis. As a supplement to our self-insurance program, we maintain insurance with excess insurance carriers for potential losses, which exceed the amounts we self-insure or insure through our wholly-owned captive insurance company, arising out of our business and operations, and such insurance is subject to high deductibles. We renew our third-party insurance policies on an annual basis, and therefore deductibles and levels of coverage offered may change in future periods, and there is no assurance that any of our coverages will be renewed at their current levels or at all or that any future coverage will be available at reasonable and competitive rates. In connection with such renewals, we evaluate the level of insurance coverage and adjust insurance levels based on risk tolerance, risk volatility, and premium expense. Our insurance coverages may not be sufficient or effective under all circumstances or against all claims and liabilities asserted against us, and if we are not fully insured against such claims and liabilities, our business, financial condition. results of operations and cash flows could be materially and adversely affected. For example, due to the increased occurrence and future risk of wildfires, as described above, insurers have reduced coverage availability and increased the cost of insurance coverage for such events in recent years. As a result, Quanta's current level of insurance coverage for wildfire events may not be sufficient to cover potential losses in connection with these events. Further, there has been a wave of blockbuster, or so-called "nuclear" verdicts resulting from liabilities arising out of vehicle and other accidents in recent years. Given this current claims environment, the amount of coverage available from excess insurance carriers is decreasing, and the premiums for this excess coverage are increasing significantly. For the foregoing reasons, our insurance and claims expenses may increase, or we could increase our self-insured retention as policies are renewed or replaced. In addition, we may assume additional risk within our captive insurance company that we may or may not reinsure. Although we reserve for anticipated losses and expenses and periodically evaluate and adjust our claims reserves to reflect our experience, estimating the number and severity of claims, as well as related costs to settle or resolve them, is inherently difficult and subject to a high degree of variability, and such costs could exceed our estimates. Accordingly, our actual losses associated with insured claims may differ materially from our estimates and materially and adversely affect our financial condition and results of operations in material amounts. --- *Data sourced from SEC EDGAR. Last updated 2026-06-01.*