--- ticker: SNPS company: Synopsys Inc. filing_type: 10-K year_current: 2023 year_prior: 2022 risks_added: 0 risks_removed: 1 risks_modified: 6 risks_unchanged: 20 source: SEC EDGAR url: https://riskdiff.com/snps/2023-vs-2022/ markdown_url: https://riskdiff.com/snps/2023-vs-2022/index.md generated: 2026-05-10 --- # Synopsys Inc.: 10-K Risk Factor Changes 2023 vs 2022 > Source: U.S. Securities and Exchange Commission (EDGAR) > Generated: 2026-05-10 > All data extracted directly from official filings. No hallucinated content. > **[AI-Generated Summary]** The paragraph below was produced by a language > model and may contain errors. All other content on this page is deterministically > extracted from the original SEC filing. > Synopsys removed its standalone COVID-19 pandemic risk disclosure, consolidating pandemic concerns into a broader catastrophic events risk factor that now encompasses climate change and other unexpected disruptions. Six risk factors underwent substantive modifications, including expanded language around tax rate volatility and geographic earnings mix exposure, reflecting evolving compliance and operational considerations. --- ## Summary | Status | Count | |--------|-------| | New risks added | 0 | | Risks removed | 1 | | Risks modified | 6 | | Unchanged | 20 | --- ## No Match in Current: The ongoing COVID-19 pandemic could have a material adverse effect on our business, operations and financial condition. *This section from the 2022 filing does not have a high-confidence textual match in 2023. It may have been removed, merged, or substantially reworded.* The ongoing COVID-19 pandemic has caused minor disruptions to our business operations to date, but could have a material adverse effect on our business, operations and financial condition in the future. For example, we have previously experienced limited hardware supply chain and logistical challenges as well as a slowdown in customer commitments in our Software Integrity segment. In response to the COVID-19 pandemic, governments and businesses imposed restrictions, which significantly curtailed global, regional and national economic activity and have caused substantial volatility and disruption in global financial markets. We are continuing to transition employees back into offices worldwide while maintaining compliance with applicable local, state and national requirements. Although we have been able to navigate workplace restrictions and limitations with minimal disruptions to our business operations to date, we cannot be certain that these measures will continue to be successful and we may need to further modify our business practices and real estate needs in response to the risks and negative impacts caused by the COVID-19 pandemic. The extent to which the COVID-19 pandemic impacts our business operations in future periods will depend on multiple uncertain factors, including the duration and scope of the pandemic, its overall negative impact on the global economy and, in some cases, the regional and national economies of areas experiencing localized surges in COVID-19 cases, continued responses by governments and businesses to COVID-19 and its variants, acceptance and effectiveness of vaccines, the ability of our business partners and third-party providers to fulfill their responsibilities and commitments, the ability to secure adequate and timely supply of equipment and materials from suppliers for our hardware products, and the ability to develop and deliver our products. In addition, continued and worsening weak economic conditions may result in impairment in value of our tangible and intangible assets. The 20 20 20 Table of Contents Table of Contents impact of the ongoing COVID-19 pandemic may also have the effect of heightening many of the other risks and uncertainties described in this Risk Factors section. --- ## Modified: Our results could be adversely affected by a change in our effective tax rate, changes in our geographical earnings mix, unfavorable government reviews of our tax returns, material differences between our forecasted and actual annual effective tax rates, or future changes to our tax structure. **Key changes:** - Reworded sentence: "Our operations are subject to income and transaction taxes in the U.S." - Reworded sentence: "On December 22, 2017, the Tax Cuts and Jobs Act (the Tax Act) was enacted, which significantly changed prior U.S." - Reworded sentence: "The Tax Act includes certain provisions that began to affect our income in the first quarter of fiscal 2019, while other sections of the Tax Act and related regulations began to affect our business in the first quarter of fiscal 2023." - Reworded sentence: "On August 9, 2022, the CHIPS and Science Act of 2022 (CHIPS Act) was enacted in the U.S." - Reworded sentence: "On December 20, 2021, the OECD released Pillar Two Model Rules (Pillar Two) defining the global minimum tax rules, which contemplate a 15% minimum tax rate." **Prior (2022):** Our operations are subject to income and transaction taxes in the United States and in multiple foreign jurisdictions. Because we have a wide range of statutory tax rates in the multiple jurisdictions in which we operate, any changes in our geographical earnings mix, including those resulting from our intercompany transfer pricing or from changes in the rules governing transfer pricing, could materially impact our effective tax rate. Furthermore, a change in the tax law of the jurisdictions where we do business, including an increase in tax rates, an adverse change in the treatment of an item of income or expense, or limitations on our ability to utilize tax credits, could result in a material increase in our tax expense and impact our financial position and cash flows. For example, in response to the fiscal impact of the COVID-19 pandemic, the State of California enacted legislation on June 29, 2020 that suspends the use of certain corporate research and development tax credits for a three-year period beginning in our fiscal 2021, which resulted in an impact to our tax expense. On February 9, 2022, California Governor Newsom signed into law 2022 CA SB 113, which shortened the previously enacted suspension on the use of research and development tax credits to a two-year period covering our fiscal 2021 and 2022. On December 22, 2017, the Tax Cuts and Jobs Act (Tax Act) was enacted, which significantly changed prior U.S. tax law and includes numerous provisions that affect our business. The Tax Act includes certain provisions that began to affect our income in the first quarter of fiscal 2019, while other sections of the Tax Act and related regulations will begin to affect our business in the first quarter of fiscal 2023. There are various proposals in Congress to amend certain provisions of the Tax Act. The state of these proposals and other future legislation remains uncertain and, if enacted, may materially affect our financial position. 27 27 27 Table of Contents Table of Contents On August 16, 2022, the Inflation Reduction Act of 2022 (IR Act) was enacted in the United States. The IR Act includes a minimum tax rate of 15%, as well as tax credit incentives for reductions in greenhouse gas emissions. The details of the computation of the tax and implementation of the incentives will be subject to regulations to be issued by the U.S. Department of the Treasury. On August 9, 2022, the CHIPS and Science Act of 2022 (CHIPS Act) was enacted in the United States to provide certain financial incentives to the semiconductor industry, primarily for manufacturing activities within the United States. We are continuing to monitor the IR Act and CHIPS Act and related regulatory developments to evaluate their potential impact on our business and operating results. On October 8, 2021, the Organization for Economic Co-operation and Development (OECD) announced the OECD/G20 Inclusive Framework on Base Erosion and Profit Shifting (Framework) which agreed to a two-pillar solution to address tax challenges arising from digitalization of the economy. On December 20, 2021, the OECD released Pillar Two Model Rules defining the global minimum tax rules, which contemplate a minimum tax rate of 15%. The OECD continues to release additional guidance on these rules and the Framework calls for law enactment by OECD and G20 members to take effect in 2023 and 2024. These changes, when enacted by various countries in which we do business, may increase our taxes in these countries. Changes to these and other areas in relation to international tax reform, including future actions taken by foreign governments in response to the Tax Act, could increase uncertainty and may adversely affect our tax rate and cash flow in future years. Our income and non-income tax filings are subject to review or audit by the Internal Revenue Service and state, local and foreign taxing authorities. We exercise significant judgment in determining our worldwide provision for income taxes and, in the ordinary course of our business, there may be transactions and calculations where the ultimate tax determination is uncertain. We may also be liable for potential tax liabilities of businesses we acquire, including future taxes payable related to the transition tax on earnings from their foreign operations, if any, under the Tax Act. Although we believe our tax estimates are reasonable, the final determination in an audit may be materially different than the treatment reflected in our historical income tax provisions and accruals. An assessment of additional taxes because of an audit could adversely affect our income tax provision and net income in the periods for which that determination is made. For further discussion on our ongoing audit, see Note 15 of the Notes to Consolidated Financial Statements under the heading "Non-U.S. Examinations." We maintain significant deferred tax assets related to certain tax credits. Our ability to use these credits is dependent upon having sufficient future taxable income in the relevant jurisdiction and in the case of foreign tax credits, how such credits are treated under current and potential future tax law. Changes to the Tax Act, other regulatory changes, and changes in our forecasts of future income could result in an adjustment to the deferred tax asset and a related charge to earnings that could materially affect our financial results. **Current (2023):** Our operations are subject to income and transaction taxes in the U.S. and in multiple foreign jurisdictions. Because we have a wide range of statutory tax rates in the multiple jurisdictions in which we operate, any changes in our geographical earnings mix, including those resulting from our intercompany transfer pricing or from changes in the rules governing transfer pricing, could materially impact our effective tax rate. Furthermore, a change in the tax law of the jurisdictions where we do business, including an increase in tax rates, an adverse change in the treatment of an item of income or expense, or limitations on our ability to utilize tax credits, could result in a material increase in our tax expense and impact our financial position and cash flows. On December 22, 2017, the Tax Cuts and Jobs Act (the Tax Act) was enacted, which significantly changed prior U.S. tax law and includes numerous provisions that affect our business. The Tax Act includes certain provisions that began to affect our income in the first quarter of fiscal 2019, while other sections of the Tax Act and related regulations began to affect our business in the first quarter of fiscal 2023. One of these provisions includes the requirement to capitalize and amortize research and development expenditures instead of expensing such expenditures as incurred. This results in a significant increase to our cash tax liability and also decreases our effective tax rate due to increasing the foreign derived intangible income deduction. On September 8, 2023, the Internal Revenue Service issued initial guidance for the Tax Act in Notice 2023-63 and indicated regulatory guidance will follow. Future regulatory guidance remains uncertain and may materially affect our financial position. On August 16, 2022, the Inflation Reduction Act of 2022 (the IR Act) was enacted in the U.S. The IR Act includes a 15% minimum tax rate, as well as tax credit incentives for reductions in greenhouse gas emissions. The details of the computation of the tax and implementation of the incentives will be subject to regulations to be issued by the U.S. Department of the Treasury. On August 9, 2022, the CHIPS and Science Act of 2022 (CHIPS Act) was enacted in the U.S. to provide certain financial incentives to the semiconductor industry, primarily for manufacturing activities within the U.S. We are continuing to monitor the IR Act and CHIPS Act and related regulatory developments to evaluate their potential impact on our business and operating results. On October 8, 2021, the Organization for Economic Co-operation and Development (OECD) announced the OECD/G20 Inclusive Framework on Base Erosion and Profit Shifting (Framework) which agreed to a two-pillar solution to address tax challenges arising from digitalization of the economy. On December 20, 2021, the OECD released Pillar Two Model Rules (Pillar Two) defining the global minimum tax rules, which contemplate a 15% minimum tax rate. The OECD continues to release additional guidance, including Administrative Guidance on how the Pillar Two rules should be interpreted and applied and many countries are passing legislation to comply with Pillar Two. The Framework calls for law enactment by OECD and G20 members to take effect in 2024 and 2025. These changes, when enacted by various countries in which we do business, may increase our taxes in these countries. Changes to these and other areas in relation to international tax reform, including future actions taken by foreign governments in response to the Tax Act, could increase uncertainty and may adversely affect our tax rate and cash flow in future years. Our income and non-income tax filings are subject to review or audit by the Internal Revenue Service and state, local and foreign taxing authorities. We exercise significant judgment in determining our worldwide provision for income taxes and, in the ordinary course of our business, there may be transactions and calculations where the ultimate tax determination is uncertain. We may also be liable for potential tax liabilities of businesses we acquire. The final determination in an audit may be materially different than the treatment reflected in our historical income tax provisions and accruals. An assessment of additional taxes because of an audit could adversely affect our income tax provision and net income in the periods for which that determination is made. For further discussion on 28 28 28 Table of Contents Table of Contents our ongoing audits, see Note 15. Income Taxes of the Notes to Consolidated Financial Statements in this Annual Report under the heading "Non-U.S. Examinations." We maintain significant deferred tax assets related to certain tax credits and capitalized research and development expenditures. Our ability to use these deferred tax assets is dependent upon having sufficient future taxable income in the relevant jurisdiction and in the case of foreign tax credits, how such credits are treated under current and potential future tax law. Changes to tax laws and regulations, and changes in our forecasts of future income could result in an adjustment to the deferred tax asset and a related charge to earnings that could materially affect our financial results. --- ## Modified: Catastrophic events and the effects of climate change, pandemics or other unexpected events may disrupt our business and harm our operating results. **Key changes:** - Reworded sentence: "Due to the global nature of our business, our operating results may be negatively impacted by catastrophic events and the effects of climate change, pandemics, such as the recent COVID-19 pandemic, or other unexpected events throughout the world." - Reworded sentence: "A disruption or failure of these systems in the event of a major earthquake, fire, extreme temperatures, drought, flood, telecommunications failure, cybersecurity attack, terrorist attack, epidemic or pandemic, or other catastrophic events or climate change-related events could cause system interruptions, delays in our product development and loss of critical data and could prevent us from fulfilling our customers' orders." **Prior (2022):** Due to the global nature of our business, our operating results may be negatively impacted by catastrophic events and the effects of climate change throughout the world. We rely on a global network of infrastructure applications, enterprise applications and technology systems for our development, marketing, operational, support and sales activities. A disruption or failure of these systems in the event of a major earthquake, fire, extreme temperatures, drought, flood, telecommunications failure, cybersecurity attack, terrorist attack, epidemic or pandemic (including the ongoing COVID-19 pandemic), or other catastrophic events or climate change-related events could cause system interruptions, delays in our product development and loss of critical data and could prevent us from fulfilling our customers' orders. In particular, our sales and infrastructure are vulnerable to regional or worldwide health conditions, including the effects of the outbreak of contagious diseases such as the COVID-19 pandemic. Moreover, our corporate headquarters, a significant portion of our research and development activities, our data centers, and 29 29 29 Table of Contents Table of Contents certain other critical business operations are located in California, near major earthquake faults and sites of recent wildfires, which may become more frequent, along with other extreme weather events, due to climate change. A catastrophic event or other extreme weather event that results in the destruction or disruption of our data centers or our critical business or information technology systems would severely affect our ability to conduct normal business operations and, as a result, our operating results would be adversely affected. **Current (2023):** Due to the global nature of our business, our operating results may be negatively impacted by catastrophic events and the effects of climate change, pandemics, such as the recent COVID-19 pandemic, or other unexpected events throughout the world. We rely on a global network of infrastructure applications, enterprise applications and technology systems for our development, marketing, operational, support and sales activities. A disruption or failure of these systems in the event of a major earthquake, fire, extreme temperatures, drought, flood, telecommunications failure, cybersecurity attack, terrorist attack, epidemic or pandemic, or other catastrophic events or climate change-related events could cause system interruptions, delays in our product development and loss of critical data and could prevent us from fulfilling our customers' orders. In particular, our sales and infrastructure are vulnerable to regional or worldwide health conditions, including the effects of the outbreak of contagious diseases, such as the government-imposed restrictions that curtailed global economic activity and caused substantial volatility in global financial markets during the COVID-19 pandemic. Moreover, our corporate headquarters, a significant portion of our research and development activities, our data centers, and certain other critical business operations are located in California, near major earthquake faults and sites of recent wildfires, which may become more frequent, along with other extreme weather events, due to climate change. A catastrophic event or other extreme weather event that results in the destruction or disruption of our data centers or our critical business or IT systems would severely affect our ability to conduct normal business operations and, as a result, our operating results would be adversely affected. --- ## Modified: We may not be able to realize the potential financial or strategic benefits of the transactions we complete, or find suitable target businesses and technology to acquire, which could hurt our ability to grow our business, develop new products or sell our products and services. **Key changes:** - Reworded sentence: "We expect to make additional acquisitions and strategic investments in the future, but we may not find suitable acquisition or investment targets, or we may not be able to consummate desired acquisitions or investments due to unfavorable credit markets, commercially unacceptable terms, failure to obtain regulatory approvals, competitive bid dynamics or other risks, which could harm our operating results." **Prior (2022):** Acquisitions and strategic investments are an important part of our growth strategy. We have completed a significant number of acquisitions in recent years. We expect to make additional acquisitions and strategic investments in the future, but we may not find suitable acquisition or investment targets, or we may not be able to consummate desired acquisitions or investments due to unfavorable credit markets, commercially unacceptable terms or other risks, which could harm our operating results. Acquisitions and strategic investments are difficult, time-consuming, and pose a number of risks, including: •Potential negative impact on our earnings per share; •Failure of acquired products to achieve projected sales; •Problems in integrating the acquired products with our products; •Difficulties entering into new markets in which we are not experienced or where competitors may have stronger positions; •Potential downward pressure on operating margins due to lower operating margins of acquired businesses, increased headcount costs, and other expenses associated with adding and supporting new products; •Difficulties in retaining and integrating key employees; •Substantial reductions of our cash resources and/or the incurrence of debt, which may be at higher than anticipated interest rates; •Failure to realize expected synergies or cost savings; •Difficulties in integrating or expanding sales, marketing and distribution functions and administrative systems, including information technology and human resources systems; 23 23 23 Table of Contents Table of Contents •Dilution of our current stockholders through the issuance of common stock as part of the merger consideration; •Difficulties in negotiating, governing and realizing value from strategic investments; •Assumption of unknown liabilities, including tax, litigation, cybersecurity and commercial-related risks, and the related expenses and diversion of resources; •Incurrence of costs and use of additional resources to remedy issues identified prior to or after an acquisition; •Disruption of ongoing business operations, including diversion of management's attention and uncertainty for employees and customers, particularly during the post-acquisition integration process; •Potential negative impacts on our relationships with customers, distributors and business partners; •Exposure to new operational risks, regulations and business customs to the extent acquired businesses are located in regions where we are not currently conducting business; •The need to implement controls, processes and policies appropriate for a public company at acquired companies that may have previously lacked such controls, processes and policies in areas such as cybersecurity, information technology, privacy and more; •Negative impact on our net income resulting from acquisition or investment-related costs; and •Requirements imposed by government regulators in connection with their review of an acquisition, including required divestitures or restrictions on the conduct of our business or the acquired business. If we do not manage the foregoing risks, the acquisitions or strategic investments that we complete may have an adverse effect on our business and financial condition. **Current (2023):** Acquisitions and strategic investments are an important part of our growth strategy. We have completed a significant number of acquisitions in recent years. We expect to make additional acquisitions and strategic investments in the future, but we may not find suitable acquisition or investment targets, or we may not be able to consummate desired acquisitions or investments due to unfavorable credit markets, commercially unacceptable terms, failure to obtain regulatory approvals, competitive bid dynamics or other risks, which could harm our operating results. Acquisitions and strategic investments are difficult, time-consuming, and pose a number of risks, including, but not limited to: •Potential negative impact on our earnings per share; •Failure of acquired products to achieve projected sales; •Problems in integrating the acquired products with our products; •Difficulties entering into new markets in which we are not experienced or where competitors may have stronger positions; 23 23 23 Table of Contents Table of Contents •Potential downward pressure on operating margins due to lower operating margins of acquired businesses, increased headcount costs, and other expenses associated with adding and supporting new products; •Difficulties in retaining and integrating key employees; •Substantial reductions of our cash resources and/or the incurrence of debt, which may be at higher than anticipated interest rates; •Failure to realize expected synergies or cost savings; •Difficulties in integrating or expanding sales, marketing and distribution functions and administrative systems, including IT and human resources systems; •Dilution of our current stockholders through the issuance of common stock as a part of transaction consideration; •Difficulties in negotiating, governing and realizing value from strategic investments; •Assumption of unknown liabilities, including tax, litigation, cybersecurity and commercial-related risks, and the related expenses and diversion of resources; •Incurrence of costs and use of additional resources to remedy issues identified prior to or after an acquisition; •Disruption of ongoing business operations, including diversion of management's attention and uncertainty for employees and customers, particularly during the post-acquisition integration process; •Potential negative impacts on our relationships with customers, distributors and business partners; •Exposure to new operational risks, regulations and business customs to the extent acquired businesses are located in regions where we are not currently conducting business; •The need to implement controls, processes and policies appropriate for a public company at acquired companies that may have previously lacked such controls, processes and policies in areas such as cybersecurity, IT, privacy and more; •Negative impact on our net income resulting from acquisition or investment-related costs; and •Requirements imposed by government regulators in connection with their review of an acquisition, including required divestitures or restrictions on the conduct of our business or the acquired business. Additionally, we have divested and may in the future divest certain product lines or technologies that no longer fit our long-term strategies. Divestitures may adversely impact our business, operating results and financial condition if we are unable to achieve the anticipated benefits or cost savings from such divestitures, or if we are unable to offset impacts from the loss of revenue associated with the divested product lines or technologies. For example, if we decide to sell or otherwise dispose of certain product lines or assets, we may be unable to do so on satisfactory terms within our anticipated timeframe or at all. Further, whether such divestitures are ultimately consummated or not, their pendency could have a number of negative effects on our current business, including potentially disrupting our regular operations, diverting the attention of our workforce and management team and increasing undesired workforce turnover. It could also disrupt existing business relationships, make it harder to develop new business relationships, or otherwise negatively impact the way that we operate our business. If we do not manage the foregoing risks, the transactions that we complete or are unable to complete may have an adverse effect on our business, operating results and financial condition. 24 24 24 Table of Contents Table of Contents --- ## Modified: Cybersecurity threats or other security breaches could compromise sensitive information belonging to us or our customers and could harm our business and our reputation, particularly that of our security testing solutions. **Key changes:** - Reworded sentence: "We store sensitive data, including intellectual property, our proprietary business information and that of our customers, and personal information, in our data centers, on our networks or on the cloud." - Reworded sentence: "We also periodically acquire new businesses with less mature security programs, and it takes time to align their security practices to meet our information security policies, procedures and controls." - Reworded sentence: "Our software products, hosted solutions and software security and quality testing solutions are also targeted by hackers and may be compromised by, among other things, phishing, exploits of our code or our system configurations, malicious code (such as viruses and worms), distributed denial-of-service attacks, sophisticated 22 22 22 Table of Contents Table of Contents attacks conducted or sponsored by nation-states, advanced persistent threat intrusions, ransomware and other malware." - Reworded sentence: "If we fail to identify new and increasingly sophisticated methods of cyber attacks or fail to invest sufficient resources in research and development regarding new threat vectors, our security testing products and services may not detect vulnerabilities in our customers' software code." **Prior (2022):** We store sensitive data, including intellectual property, our proprietary business information and that of our customers, and confidential employee information, in our data centers, on our networks or on the cloud. These systems may be vulnerable to attacks by hackers or compromised due to employee error, malfeasance or other disruptions that could result in unauthorized disclosure or loss of sensitive information. Many employees continue to work remotely based on a hybrid work model, which magnifies the importance of maintaining the integrity of our remote access security measures. For example, we discovered unauthorized third-party access to our products and product license files hosted on our SolvNet Plus customer license and product delivery system in 2015. While we identified and remediated the incident, it is possible that our security measures may be circumvented again in the future, and any such breach could adversely impact our business, operations and reputation. The techniques used to obtain unauthorized access to networks, or to sabotage systems, change frequently and generally are not recognized until launched against a target. We may be unable to anticipate these techniques, react in a timely manner or implement adequate preventative measures. Furthermore, in the operation of our business we also use third-party vendors that have access to our network and store certain sensitive data, including confidential information about our employees, and these third parties are subject to their own cybersecurity threats. Our standard vendor terms and conditions include provisions requiring the use of appropriate security measures to prevent unauthorized use or disclosure of our data, as well as other safeguards. However, that is no guarantee that a breach will not still occur. In addition, if we select a vendor that uses cloud storage of information as part of their service or product offerings, or if we are selected as a vendor for our cloud-based solutions, our proprietary information could be misappropriated by third parties despite our attempts to validate the security of such services. Any security breach of our own or a third-party vendor's systems could cause us to be non-compliant with applicable laws or regulations, subject us to legal claims or proceedings, disrupt our operations, damage our reputation, and cause a loss of confidence in our products and services, any of which could adversely affect our business and our ability to sell our products and services. Our software products, hosted solutions, and software security and quality testing solutions may also be vulnerable to attacks, including phishing, exploits of our code or our system configurations, malicious code (such as viruses and worms), distributed denial-of-service attacks, sophisticated attacks conducted or sponsored by nation-states, advanced persistent threat intrusions, ransomware and other malware. Furthermore, the risk of state-supported and geopolitical-related cybersecurity incidents may increase due to geopolitical incidents, such as the Russia-Ukraine conflict. An attack could disrupt the proper functioning of our software, cause errors in the output of our customers' work, allow unauthorized access to our or our customers' proprietary information or cause other destructive outcomes. We also offer software security and quality testing solutions. If we fail to identify new and increasingly sophisticated methods of cyber attacks or fail to invest sufficient resources in research and development regarding new threat vectors, our security testing products and services may fail to detect vulnerabilities in our customers' software code. An actual or perceived failure to identify security flaws may harm the perceived reliability of our security testing products and services, and could result in a loss of customers or sales, or an increased cost to remedy a problem. Furthermore, our growth and recent acquisitions in the software security and quality testing space may increase our 22 22 22 Table of Contents Table of Contents visibility as a security-focused company and may make us a more attractive target for attacks on our own information technology infrastructure. If any of the foregoing were to occur, we could experience negative publicity and our reputation could suffer, customers could stop buying our products, we could face lawsuits and potential liability, and our financial performance could be negatively impacted. **Current (2023):** We store sensitive data, including intellectual property, our proprietary business information and that of our customers, and personal information, in our data centers, on our networks or on the cloud. In addition, our operations depend upon our information technology (IT) systems. We maintain a variety of information security policies, procedures, and controls to protect our business and proprietary information, prevent data loss and other security breaches and incidents, keep our IT systems operational and reduce the impact of a security breach or incident, but these securities measures cannot provide and have not provided absolute security. In the normal course of business, our systems are and have been the target of malicious cyber attack attempts and have been and may be subject to compromise due to employee error, malfeasance or other disruptions that have and could result in unauthorized disclosure or loss of sensitive information. To date, we have not identified material cyber security incidents or incurred any material expenses with any incidents. However, any breach or compromise could adversely impact our business and operations, expose us or our customers to litigation, investigations, loss of data, increase costs, or result in loss of customer confidence and damage to our reputation, any of which could adversely affect our business and our ability to sell our products and services. Industry incidences of cyberattacks and other cybersecurity breaches have increased and are likely to continue to increase. We are using an increasing number of third-party software solutions, including cloud-based solutions, which increase potential threat vectors, such as by exploitation of misconfigurations or vulnerabilities. We also use third-party vendors that provide software or hardware, have access to our network, and/or store sensitive data, and these third parties are subject to their own cybersecurity threats. Our standard vendor terms and conditions include provisions requiring the use of appropriate security measures to prevent unauthorized use or disclosure of our data, as well as other safeguards. Despite these measures, there is no guarantee that a compromise of our third-party vendors will not occur and in turn result in a compromise of our own IT systems or data. In addition, if we select a vendor that uses cloud storage as part of their service or product offerings, or if we are selected as a vendor for our cloud-based solutions, our proprietary information could be misappropriated by third parties despite our attempts to validate the security of such services. Many employees continue to work remotely based on a hybrid work model, which magnifies the importance of maintaining the integrity of our remote access security measures. We also periodically acquire new businesses with less mature security programs, and it takes time to align their security practices to meet our information security policies, procedures and controls. The techniques used to obtain unauthorized access to networks or to sabotage systems of companies such as ours change frequently and generally are not recognized until launched against a target. We may be unable to anticipate these emerging techniques, react in a timely manner, or implement adequate preventative measures, or we may not have sufficient logging available to fully investigate the incident. Our security measures vary in maturity across the business and may be and have been circumvented. For example, we have identified instances where employees have used non-approved applications for business purposes, some of which do not meet our security standards. In addition, we discovered unauthorized third-party access to our products and product license files hosted on our SolvNet Plus customer license and product delivery system in 2015. Any security breach of our own or a third-party vendor's systems could cause us to be non-compliant with applicable laws or regulations, subject us to legal claims or proceedings, disrupt our operations, damage our reputation, and cause a loss of confidence in our products and services, any of which could adversely affect our business and our ability to sell our products and services. Our software products, hosted solutions and software security and quality testing solutions are also targeted by hackers and may be compromised by, among other things, phishing, exploits of our code or our system configurations, malicious code (such as viruses and worms), distributed denial-of-service attacks, sophisticated 22 22 22 Table of Contents Table of Contents attacks conducted or sponsored by nation-states, advanced persistent threat intrusions, ransomware and other malware. We leverage many security best practices throughout the software development lifecycle, but our security development practices vary in maturity across the business and may not be effective against all cybersecurity threats. Furthermore, due to geopolitical incidents, including regional military conflicts, state-supported and geopolitical-related cybersecurity incidents against companies such as ours may increase. Attacks on our products could potentially disrupt the proper functioning of our software, cause errors in the output of our customers' work, allow unauthorized access to our or our customers' proprietary information or cause other destructive outcomes. We also offer software security and quality testing solutions. If we fail to identify new and increasingly sophisticated methods of cyber attacks or fail to invest sufficient resources in research and development regarding new threat vectors, our security testing products and services may not detect vulnerabilities in our customers' software code. An actual or perceived failure to detect security flaws may negatively impact the perceived reliability of our security testing products and services, and could result in a loss of customers or sales, or an increased cost to remedy a problem. Furthermore, our growth and recent acquisitions in the software security and quality testing space may increase our visibility as a security-focused company and may make us a more attractive target for attacks on our own IT infrastructure. As a result, we could experience negative publicity and our reputation could suffer, customers could stop buying our products, we could face lawsuits and potential liability, and our business, operating results and financial condition could be negatively impacted. --- ## Modified: If we fail to timely recruit and/or retain senior management and key employees globally, our business may be harmed. **Key changes:** - Reworded sentence: "We depend in large part upon the services of our senior management team and key employees to drive our future success, and certain of such personnel depart our company from time to time, with the frequency and number of such departures varying widely." - Reworded sentence: "Any failure to recruit and/or retain senior management and key employees could harm our business, operating results and financial condition." - Reworded sentence: "We face pressure to limit the use of such equity-based compensation due to dilutive effects on stockholders." **Prior (2022):** We depend in large part upon the services of our senior management team to drive our future success, and certain team members depart our company from time to time. If we were to lose the services of any member of our senior management team without adequate notice, our business could be adversely affected. To be successful, we must also attract and retain key employees who join us organically and through acquisitions. There are a limited number of qualified engineers. Competition for these individuals and other qualified employees is intense and has increased globally, including in major markets such as Asia. Our employees are often recruited aggressively by our competitors and our customers worldwide. Any failure to recruit and retain key employees could harm our business, results of operations and financial condition, and our recruiting and retention efforts may be negatively impacted by the ongoing COVID-19 pandemic. Additionally, efforts to recruit and retain qualified employees could be costly and negatively impact our operating expenses. We issue equity awards from employee equity plans as a key component of our overall compensation. We face pressure to limit the use of such equity-based compensation due to its dilutive effect on stockholders. If we are unable to grant attractive equity-based packages in the future, it could limit our ability to attract and retain key employees. **Current (2023):** We depend in large part upon the services of our senior management team and key employees to drive our future success, and certain of such personnel depart our company from time to time, with the frequency and number of such departures varying widely. For example, we have recently experienced significant changes to our executive leadership team due to planned succession and other departures. The departure of key employees could result in significant disruptions to our operations, including adversely affecting the timeliness of our product releases, the successful implementation and completion of our initiatives, the adequacy of our internal control over financial reporting, and our business, operating results and financial condition. To be successful, we must also attract senior management and key employees who join us organically and through acquisitions. There are a limited number of qualified engineers. Competition for these individuals and other qualified employees is intense and has increased globally, including in major markets such as Asia. Our employees are often recruited aggressively by our competitors and our customers worldwide. Any failure to recruit and/or retain senior management and key employees could harm our business, operating results and financial condition. Additionally, efforts to recruit such employees could be costly and negatively impact our operating expenses. We issue equity awards from employee equity plans as a key component of our overall compensation. We face pressure to limit the use of such equity-based compensation due to dilutive effects on stockholders. If we are unable to offer attractive compensation packages in the future, it could limit our ability to attract and retain key employees. --- ## Modified: Uncertainty in the macroeconomic environment, and its potential impact on the semiconductor and electronics industries, may negatively affect our business, operating results and financial condition. **Key changes:** - Reworded sentence: "Uncertainty in the macroeconomic environment, including the effects of, among other things, increased global inflationary pressures and interest rates, potential economic slowdowns or recessions, supply chain disruptions, geopolitical pressures, fluctuations in foreign exchange rates and associated global economic conditions have resulted in volatility in credit, equity and foreign currency markets." - Reworded sentence: "For example, we continue to experience an impact from the current macroeconomic environment in our Software Integrity segment as customers have applied elevated levels of scrutiny to purchasing decisions due in part to their own budget uncertainty, which has, in some cases, affected customer order size, pricing and/or contract duration." - Reworded sentence: "Future economic downturns could also adversely affect our business, operating results and financial condition." - Reworded sentence: "Further economic instability could also adversely affect the banking and financial services industry and result in bank failures or credit downgrades of the banks we rely on for foreign currency forward contracts, credit and banking transactions, and deposit services, or cause them to default on their obligations." **Prior (2022):** Uncertainty caused by the recent challenging global economic conditions, including due to the effects of the recent rise in inflation and interest rates and the continuing COVID-19 pandemic, could lead some of our customers to postpone their decision-making, decrease their spending and/or delay their payments to us. Such caution by customers could, among other things, limit our ability to maintain or increase our sales or recognize revenue from committed contracts. Economic conditions could continue to deteriorate in the future, and, in particular, the semiconductor and electronics industries could fail to grow, including as a result of the effects of, among other things, rising inflation and interest rates, a sustained global semiconductor shortage, supply chain disruptions, the COVID-19 pandemic, and any disruption of international trade relationships such as tariffs, export licenses or other government trade restrictions. Furthermore, China's stated policy of becoming a global leader in the semiconductor industry may lead to increased competition and further disruption of international trade relationships, including, but not limited to, additional government trade restrictions. For more on risks related to government export and import restrictions such as the U.S. government's Entity List and Export Regulations (as defined below), see "Industry Risks - We are subject to governmental export and import requirements that could subject us to liability and restrict our ability to sell our products and services, which could impair our ability to compete in international markets." Adverse economic conditions affect demand for devices that our products help create, such as the ICs incorporated in personal computers, smartphones, automobiles and servers. Longer-term reduced demand for these or other products could result in reduced demand for design solutions and significant decreases in our average selling prices and product sales over time. Future economic downturns could also adversely affect our business. In addition, if our customers or distributors build elevated inventory levels, we could experience a decrease in short-term and/or long-term demand for our products. If any of these events or disruptions were to occur, the demand for our products and services could be adversely affected along with our business, operating results and financial condition. Further, the negative impact of these events or disruptions may be deferred due to our business model. Further economic instability could also adversely affect the banking and financial services industry and result in credit downgrades of the banks we rely on for foreign currency forward contracts, credit and banking transactions, and deposit services, or cause them to default on their obligations. Additionally, the banking and financial services industries are subject to complex laws and are heavily regulated. There is uncertainty regarding how proposed, contemplated or future changes to the laws, policies and regulations governing our industry, the banking and financial services industry and the economy could affect our business, including rising global interest rates. A deterioration of conditions in worldwide credit markets could limit our ability to obtain external financing to fund our operations and capital expenditures. In addition, difficult economic conditions may also result in a higher rate of losses on our accounts receivable due to credit defaults. Any of the foregoing could cause adverse effects on our business, operating results and financial condition, and could cause our stock price to decline. **Current (2023):** Uncertainty in the macroeconomic environment, including the effects of, among other things, increased global inflationary pressures and interest rates, potential economic slowdowns or recessions, supply chain disruptions, geopolitical pressures, fluctuations in foreign exchange rates and associated global economic conditions have resulted in volatility in credit, equity and foreign currency markets. This uncertain macroeconomic environment could lead some of our customers to postpone their decision-making, decrease their spending and/or delay their payments to us. Such caution by customers could, among other things, limit our ability to maintain or increase our sales or recognize revenue from committed contracts. For example, we continue to experience an impact from the current macroeconomic environment in our Software Integrity segment as customers have applied elevated levels of scrutiny to purchasing decisions due in part to their own budget uncertainty, which has, in some cases, affected customer order size, pricing and/or contract duration. On November 29, 2023, we announced that we have decided to explore strategic alternatives for our Software Integrity segment. As a part of this process, our management is considering a full range of strategic opportunities. At this time we cannot predict the impact that such strategic alternatives might have on our business, operations or financial condition. This announcement and uncertainty could have a number of negative effects on our current business, including potentially disrupting our regular operations, diverting the attention of our workforce and management team and increasing undesired workforce turnover. It could also disrupt existing business relationships, make it harder to develop new business relationships, or otherwise negatively impact the way that we operate our business, which could negatively impact our business, operating results or financial condition. If these macroeconomic uncertainties persist and economic conditions continue to deteriorate, then the semiconductor and electronics industries could fail to grow. Additionally, uncertain macroeconomic conditions could also have the effect of increasing other risks and uncertainties facing our business, which could have a material adverse effect on our operating results and financial condition. Such risks that may be heightened by uncertain macroeconomic conditions could include China's stated policy of becoming a global leader in the semiconductor industry may lead to increased competition or further disruption of international trade relationships, including, but not limited to, additional government trade restrictions. For more on risks related to government export and import restrictions such as the U.S. government's Entity List and Export Regulations (as defined below), see "Industry Risks - We are subject to governmental export and import requirements that could subject us to liability and restrict our ability to sell our products and services, which could impair our ability to compete in international markets." Adverse economic conditions affect demand for devices that our products help create, such as the ICs incorporated in personal computers, smartphones, automobiles and servers. Longer-term reduced demand for these or other products could result in reduced demand for design solutions and significant decreases in our average selling prices and product sales over time. Future economic downturns could also adversely affect our business, operating results and financial condition. In addition, if our customers or distributors build elevated inventory levels, we could experience a decrease in short-term and/or long-term demand for our products. If any of these events or disruptions were to occur, the demand for our products and services could be adversely affected along with our business, operating results and financial condition. Further, the negative impact of these events or disruptions may be deferred due to our business model. Further economic instability could also adversely affect the banking and financial services industry and result in bank failures or credit downgrades of the banks we rely on for foreign currency forward contracts, credit and banking transactions, and deposit services, or cause them to default on their obligations. Additionally, the banking 16 16 16 Table of Contents Table of Contents and financial services industries are subject to complex laws and are heavily regulated. There is uncertainty regarding how proposed, contemplated or future changes to the laws, policies and regulations governing our industry, the banking and financial services industry and the economy could affect our business, including increased global interest rates and global inflationary pressure. A deterioration of conditions in worldwide credit markets could limit our ability to obtain external financing to fund our operations and capital expenditures. In addition, difficult economic conditions may also result in a higher rate of losses on our accounts receivable due to credit defaults. Any of the foregoing could cause adverse effects on our business, operating results and financial condition, and could cause our stock price to decline. --- *Data sourced from SEC EDGAR. Last updated 2026-05-10.*