# S&P Global Inc.: 10-K Risk Factor Changes 2026 vs 2025 > Source: U.S. Securities and Exchange Commission (EDGAR) > Generated: 2026-05-05 > All data extracted directly from official filings. No hallucinated content. > **[AI-Generated Summary]** The paragraph below was produced by a language > model and may contain errors. All other content on this page is deterministically > extracted from the original SEC filing. > Between the 2025 and 2026 filings, two risk factor sections from 2025 have no close textual match in 2026: one addressing AI and emerging technologies, and one on climate change and renewable energy transition. Three risk factor sections in 2026 have no close textual match in 2025: one on intellectual property disputes, one on the planned Mobility business separation, and one on sustainability and energy expansion. Additionally, 12 matched sections show meaningful text differences, while 17 matched sections remain substantially similar. --- ## Summary | Status | Count | |--------|-------| | New risks added | 3 | | Risks removed | 2 | | Risks modified | 12 | | Unchanged | 17 | --- ## New in Current Filing: We have been, and may in the future be, subject to intellectual property disputes, which are costly to defend and could harm our business and operating results. Our success depends, in part, on our ability to operate our business without infringing, misappropriating or otherwise violating third-party intellectual property rights. We have been, and may in the future be, subject to claims and litigation alleging that we or our products or services infringe, misappropriate or otherwise violate others' intellectual property rights, including the trademarks, copyrights, patents and other intellectual property rights of third parties, including from our competitors or nonpracticing entities. We may also learn of possible infringement, misappropriation or other violation of our trademarks, copyrights, patents and other intellectual property. Patent and other intellectual property litigation may be protracted and expensive, and the results are difficult to predict and may result in significant settlement costs or payment of substantial damages. Furthermore, a successful claimant could secure a judgment that requires us to stop offering some products or services or prevents us from conducting our business as we have historically done or may desire to do in the future. We might also be required to seek a license and pay royalties for the use of such intellectual property, which may not be available on commercially acceptable terms, or at all. Alternatively, we may be required to modify our products and services, which could require significant effort and expense and may ultimately not be successful. --- ## New in Current Filing: The planned separation of our Mobility business into an independent, publicly traded company is contingent upon the satisfaction of a number of conditions, may not be completed on the currently contemplated timeline, or at all, and may not achieve the intended benefits. On April 29, 2025, we announced our intent to pursue a separation of our Mobility business through a spin-off to our shareholders. The proposed separation is subject to various conditions, is complex in nature, and may be affected by unanticipated developments. The separation is intended to qualify as a tax-free transaction for U.S. federal income tax purposes. There can be no assurance regarding the ultimate timing of the separation or that such separation will be completed. Unanticipated developments could delay, prevent or otherwise adversely affect the separation, including but not limited to disruptions in general or financial market conditions or potential problems or delays in satisfying required conditions. Such developments could cause the separation to occur on terms or conditions that are less favorable than anticipated. In addition, we may not be able to achieve the full strategic and financial benefits that we anticipate to result from the separation, or such benefits may be delayed or not occur at all. The anticipated benefits of the separation are based on a number of assumptions, some of which may prove incorrect. We also expect to incur significant expenses in connection with the separation, certain of which will be incurred even if the separation is not completed. Executing the separation will continue to require significant resources, time and attention from our senior management and employees, which could divert attention and resources away from other projects and the day-to-day operation of our business. We may experience negative reactions from financial markets if we do not complete the separation in a reasonable time period. Following the proposed separation, the combined value of the shares of the two publicly-traded companies may not be equal to or greater than what the value of our shares would have been had the separation not occurred. The above factors could have a material adverse effect on our business, financial condition, results of operations or the price of our shares. --- ## New in Current Filing: Sustainability and energy expansion matters pose operational, commercial and regulatory risks. The physical commodity and commodity derivative markets may be impacted by decisions by market participants and policy makers to address sustainability and energy expansion matters. Consumer and institutional preferences around sustainability and energy expansion matters continue to change, and the possible failure of our products or services to facilitate the needs of customers facing these issues could adversely impact our business and revenues. Changing preferences, including as a result of shifting market or political sentiment, could also have an adverse impact on the operations or financial condition of our customers, which could result in reduced revenues from those customers. We are also subject to risks relating to state, federal and international sustainability regulations, legislation and regulatory expectations, which are evolving, varied and at times conflicting, and which could impact us and our customers and result in increased regulatory, compliance or operational costs. We are also subject to reputational risks relating to the perception of whether or not we are taking policy positions with regard to energy consumption and sources or other sustainability or energy expansion matters. These risks associated with sustainability and energy expansion matters are continuing to evolve rapidly, and we expect that such risks may continue to increase over time. --- ## No Match in Current: Social, ethical and operational issues relating to the use of new and evolving technologies, such as AI, in our offerings could materially and adversely affect our business, financial condition or results of operations. *This section from the 2025 filing does not have a high-confidence textual match in 2026. It may have been removed, merged, or substantially reworded.* Many of our offerings use new and evolving technologies, such as AI. These new and evolving technologies often present social and ethical risks and challenges that could affect their adoption, and therefore our business. For example, the use of AI could lead to harmful consequences such as accuracy issues, unintended biases or discriminatory outputs. Enabling or offering solutions that draw controversy due to their perceived or actual impact on society or failing to properly remediate any social or ethical issues that may arise in our offerings may result in material brand or reputational harm, competitive harm, legal liability or loss of public confidence, or a material reduction to the marketability or competitiveness of our products and services. For our AI products and services to be competitive in the evolving and continually developing AI landscape, we must apply resources and make investments to secure such competitiveness and to ensure that our AI products and services are developed and implemented in a way to minimize unintended and harmful impacts. In addition, our failure to continue development and adoption of ethical and transparent policies and procedures related to AI could negatively impact our reputation and customer confidence. Any of these social, ethical or operational issues could materially and adversely affect our business, financial condition or results of operations. --- ## No Match in Current: Climate change and the transition to renewable energy and a net zero economy pose operational, commercial and regulatory risks. *This section from the 2025 filing does not have a high-confidence textual match in 2026. It may have been removed, merged, or substantially reworded.* The physical commodity and commodity derivative markets may be impacted by decisions by market participants and policy makers to address climate change. In addition, the transition to renewable energy and a net zero economy involves changes to 23 23 23 Table of Contents Table of Contents consumer and institutional preferences around energy consumption, and the possible failure of our products or services to facilitate the needs of customers during the transition to renewable energy could adversely impact our business and revenues. Changing preferences, including as a result of shifting market or political sentiment, could also have an adverse impact on the operations or financial condition of our customers, which could result in reduced revenues from those customers. We are also subject to risks relating to new or heightened climate change-related regulations or legislation, which could impact us and our customers and result in increased regulatory, compliance or operational costs. We are also subject to reputational risks relating to the perception of whether or not we are facilitating a migration away from fossil fuels. The risks associated with climate change and the transition to renewable energy and a net zero economy are continuing to evolve rapidly, and we expect that climate change-related risks may increase over time. --- ## Modified: Exposure to litigation and government and regulatory proceedings, investigations and inquiries could have a material adverse effect on our business, financial condition or results of operations. **Key changes:** - Reworded sentence: "and abroad, we and our subsidiaries are defendants in numerous legal proceedings and are often the subject of government and regulatory proceedings, investigations and inquiries, as discussed under Item 7, Management's Discussion and Analysis of Financial Condition and Results of Operations, in this Annual Report on Form 10-K and in Note 13 - Commitments and Contingencies to the consolidated financial statements under Item 8, Consolidated Financial Statements and Supplementary Data, in this Annual Report on Form 10-K, and we face the risk that additional proceedings, investigations and inquiries will arise in the future." - Reworded sentence: "Any of these proceedings, investigations or inquiries impose additional expenses on the Company, require the attention of senior management, and could ultimately result in adverse judgments, damages, fines, penalties, activity restrictions, reduced demand for our products and services, or negative impacts on our cash flows, which could have a material adverse effect on our business, financial condition or results of operations." **Prior (2025):** •In the normal course of business, both in the U.S. and abroad, we and our subsidiaries are defendants in numerous legal proceedings and are often the subject of government and regulatory proceedings, investigations and inquiries (including market studies), as discussed under Item 7, Management's Discussion and Analysis of Financial Condition and Results of Operations, in this Annual Report on Form 10-K and in Note 13 - Commitments and Contingencies to the consolidated financial statements under Item 8, Consolidated Financial Statements and Supplementary Data, in this Annual Report on Form 10-K, and we face the risk that additional proceedings, investigations and inquiries (including market studies) will arise in the future. •Many of these proceedings, investigations and inquiries (including market studies) regularly relate to the activity of our Ratings, Indices, and Commodity Insights businesses. In addition, various government and self-regulatory agencies frequently make inquiries and conduct investigations into our compliance with applicable laws and 14 14 14 Table of Contents Table of Contents regulations, including those related to our regulated products and services, antitrust matters, and other matters, such as environmental, social and governance ("ESG") matters. From time to time, we also face proceedings, investigations or inquiries related to tax matters. Enhancements to our products and services combined with evolving regulation requires us to continuously evaluate our regulatory and compliance obligations, and government and self-regulatory agencies may conduct investigations to determine whether our products and services subject us to additional regulations. Any of these proceedings, investigations or inquiries (including market studies) impose additional expenses on the Company, require the attention of senior management, and could ultimately result in adverse judgments, damages, fines, penalties, activity restrictions, reduced demand for our products and services, or negative impacts on our cash flows, which could have a material adverse effect on our business, financial condition or results of operations. •In view of the uncertainty inherent in litigation, government and regulatory enforcement matters, and changing political sentiments, we cannot predict the eventual outcome of the matters we are currently facing or the timing of their resolution, or in most cases reasonably estimate what the eventual judgments or impact of activity restrictions may be. The outcome of matters we are currently facing or that we may face in the future could have a material adverse effect on our business, financial condition or results of operations. •As litigation or the process to resolve pending matters progresses, as the case may be, we continuously review the latest information available and assess our ability to predict the outcome of such matters and the effects, if any, on our consolidated financial condition, cash flows, business and competitive position, which sometimes requires us to record liabilities in the consolidated financial statements. •Risks relating to legal proceedings may be heightened in foreign jurisdictions that lack the legal protections or liability standards comparable to those that exist in the U.S. In addition, new laws and regulations have been and may continue to be enacted that establish lower liability standards, shift the burden of proof or relax pleading requirements, thereby increasing the risk of successful litigations against the Company in the U.S. and in foreign jurisdictions. These litigation risks are often difficult to assess or quantify and could have a material adverse effect on our business, financial condition or results of operations. •We may not have adequate insurance or reserves to cover these risks, and the existence and magnitude of these risks often remains unknown for substantial periods of time and could have a material adverse effect on our business, financial condition or results of operations. **Current (2026):** •In the normal course of business, both in the U.S. and abroad, we and our subsidiaries are defendants in numerous legal proceedings and are often the subject of government and regulatory proceedings, investigations and inquiries, as discussed under Item 7, Management's Discussion and Analysis of Financial Condition and Results of Operations, in this Annual Report on Form 10-K and in Note 13 - Commitments and Contingencies to the consolidated financial statements under Item 8, Consolidated Financial Statements and Supplementary Data, in this Annual Report on Form 10-K, and we face the risk that additional proceedings, investigations and inquiries will arise in the future. •Many of these proceedings, investigations and inquiries regularly relate to the activity of our Ratings, Indices, and Energy businesses. In addition, various government and self-regulatory agencies frequently make inquiries and conduct investigations into our compliance with applicable laws and regulations, including those related to our regulated products and services, antitrust matters, and other matters, such as environmental, social and governance ("ESG") matters. From time to time, we also face proceedings, investigations or inquiries related to tax matters. Enhancements to our products and services combined with evolving regulation requires us to continuously evaluate our regulatory and compliance obligations, and government and self-regulatory agencies may conduct investigations to determine whether our products and services subject us to additional regulations. Any of these proceedings, investigations or inquiries impose additional expenses on the Company, require the attention of senior management, and could ultimately result in adverse judgments, damages, fines, penalties, activity restrictions, reduced demand for our products and services, or negative impacts on our cash flows, which could have a material adverse effect on our business, financial condition or results of operations. •In view of the uncertainty inherent in litigation, government and regulatory enforcement matters, and changing political sentiments, we cannot predict the eventual outcome of the matters we are currently facing or the timing of their resolution, or in most cases reasonably estimate what the eventual judgments or impact of activity restrictions may be. The outcome of matters we are currently facing or that we may face in the future could have a material adverse effect on our business, financial condition or results of operations. •As litigation or the process to resolve pending matters progresses, as the case may be, we continuously review the latest information available and assess our ability to predict the outcome of such matters and the effects, if any, on our consolidated financial condition, cash flows, business and competitive position, which sometimes requires us to record liabilities in the consolidated financial statements. •Risks relating to legal proceedings may be heightened in foreign jurisdictions that lack the legal protections or liability standards comparable to those that exist in the U.S. In addition, new laws and regulations have been and may continue to be enacted that establish lower liability standards, shift the burden of proof or relax pleading requirements, thereby increasing the risk of successful litigations against the Company in the U.S. and in foreign jurisdictions. These litigation risks are often difficult to assess or quantify and could have a material adverse effect on our business, financial condition or results of operations. •We may not have adequate insurance or reserves to cover these risks, and the existence and magnitude of these risks often remains unknown for substantial periods of time and could have a material adverse effect on our business, financial condition or results of operations. --- ## Modified: Our size, scale and role in the global markets increases our exposure to cyber attacks and other cyber-security risks. Our information systems and networks and those of our third-party service providers are exposed to risks related to cybersecurity and protection of confidential information, including material non-public information, which could have a material adverse effect on our business, financial condition or results of operations. **Key changes:** - Reworded sentence: "•Our operations rely on the secure processing, storage and transmission of confidential, sensitive and other types of data and information by our information systems and networks and those of our third-party service providers, including our vendors, data partners and distribution partners." - Reworded sentence: "•The cyber threats we and our third-party service providers (including our vendors, data partners and distribution partners) face are rapidly evolving and are becoming increasingly sophisticated and include denial of service attacks, ransomware, spyware, misinformation, phishing/smishing/vishing attacks, business compromise attacks, 11 11 11 Table of Contents Table of Contents typosquatting, automated attacks, employee errors, negligence or malfeasance, the use of malicious codes or worms, payment fraud, and other unauthorized occurrences on, or conducted through, our or our third-party service providers' (including our vendors', data partners' and distribution partners') information systems and networks, originating from a wide variety of sources, including criminals, terrorists, state-sponsored actors, financially motivated actors, internal actors, and external service providers." - Reworded sentence: "Our third-party service providers, including our vendors, data partners and distribution partners, are also the subject of a variety of cyber attacks, including attacks carried out by state-sponsored actors." - Reworded sentence: "Breaches of our or our third-party service providers' (including our vendors', data partners' and distribution partners') information systems and networks may cause material interruptions or malfunctions in our or such third-party's websites, applications or data processing, or may compromise the confidentiality and integrity of material information regarding us, our business or our customers." - Reworded sentence: "While such vulnerabilities have not resulted in a material adverse effect on the Company to date, they require us to devote time and resources to remediation on a regular basis." **Prior (2025):** •Our operations rely on the secure processing, storage and transmission of confidential, sensitive and other types of data and information in our information systems and networks and those of our third-party service providers, including our vendors. Cyber threats continue to evolve and are increasingly difficult to detect and successfully defend against. As a result, cyber threats have in the past and may in the future defeat the measures that we or our third-party service providers take to anticipate, detect, avoid, or mitigate such threats. •Our businesses often have access to material non-public information concerning the Company's customers, including sovereigns, public and private companies, and other third parties around the world, the unauthorized disclosure of which could affect the trading markets for such customers' securities and could damage such customers' competitive positions. Some of our own products and services also include material non-public information that could affect trading markets. Unauthorized disclosure of this information as a result of cyber attacks and other unauthorized occurrences on our information systems and networks could cause our customers to lose faith in our ability to protect confidential information and therefore cause customers to cease doing business with us. •The cyber threats we and our third-party service providers (including our vendors) face are rapidly evolving and are 10 10 10 Table of Contents Table of Contents becoming increasingly sophisticated (including through the use of generative artificial intelligence ("AI")) and include denial of service attacks, ransomware, spyware, phishing/smishing/vishing attacks, business compromise attacks, employee errors, negligence or malfeasance, the use of malicious codes or worms, payment fraud, and other unauthorized occurrences on, or conducted through, our or our third-party service providers' (including our vendors') information systems and networks, originating from a wide variety of sources, including criminals, terrorists, nation states, financially motivated actors, internal actors, and external service providers. The cyber risks the Company faces range from cyber attacks common to most industries, to more sophisticated and targeted attacks, including attacks carried out by state-sponsored actors, intended to obtain unauthorized access to certain information or information systems or networks due in part to our prominence in the global marketplace, such as our ratings on debt issued by sovereigns and corporate issuers, our impending methodology changes in our benchmarks businesses, or the composition of our indices. Our third-party service providers, including our vendors, are also the subject of a variety of cyber attacks, including attacks carried out by state-sponsored actors. •We and our third-party service providers, including our vendors, experience cyber attacks, data breaches and other cyber threats of varying degrees on a regular basis. The volume of such attacks, breaches and threats has increased over the years and we expect that volume to continue to increase. Breaches of our or our third-party service providers' (including our vendors') information systems and networks may cause material interruptions or malfunctions in our or such third-party's websites, applications or data processing, or may compromise the confidentiality and integrity of material information regarding us, our business or our customers. Although we have not experienced a cyber attack or data breach that has had a material adverse effect on us, we may experience such an event in the future. •In the ordinary course of business, we are exposed to vulnerabilities in widely deployed third-party software. While such vulnerabilities have not resulted in a material adverse effect on the Company, they require us to devote time and resources to remediation on a regular basis. Notwithstanding our efforts, we may suffer a material adverse effect resulting from such vulnerabilities in the future. •Misappropriation, improper modification, destruction, corruption or unavailability of our data and information, including personal data, due to cyber incidents, attacks or other security breaches, or the perception of such an occurrence, could damage our brand and reputation, result in litigation, regulatory actions, sanctions or other statutory penalties, or lead to loss of customer confidence in our security measures and reliability. While such incidents have not had a material impact on the Company to date, future incidents could materially harm our ability to retain customers and gain new ones, result in financial losses that are either not insured against or not fully covered through any insurance maintained by us, and lead to increased expenses related to addressing or mitigating the risks associated with any such incidents. We may be required to expend significant resources to mitigate the impact of any errors, interruptions, delays or cessations of service and we may have insufficient recourse against our third-party service providers, including our vendors. Additionally, our failure to timely or accurately communicate cyber incidents to relevant parties, including as a result of a failure of our third-party service providers, including our vendors, to inform us of incidents impacting their information systems or networks in a timely manner could result in regulatory or litigation risk, and reputational harm. •We devote significant resources to maintain and regularly update our systems and processes that are designed to protect the security of our information systems, software, networks and other technology assets and the confidentiality, integrity and availability of information belonging to the enterprise and our customers, clients and employees. However, such measures may be circumvented or become obsolete, and additional measures that we take to prevent or mitigate cyber incidents may be expensive or ineffective. •While we conduct cyber due diligence during the acquisition process, following the completion of acquisitions, we have identified weaknesses and vulnerabilities in acquired entities' information systems and networks, which expose us to unexpected liabilities or make our own information systems or networks more vulnerable to a cyber attack. •Any of the foregoing could have a material adverse effect on our business, financial condition or results of operations. **Current (2026):** •Our operations rely on the secure processing, storage and transmission of confidential, sensitive and other types of data and information by our information systems and networks and those of our third-party service providers, including our vendors, data partners and distribution partners. Cyber threats continue to evolve and are increasingly difficult to detect and successfully defend against. As a result, cyber threats have in the past and may in the future defeat the measures that we or our third-party service providers take to anticipate, detect, avoid, or mitigate such threats. •Our businesses often have access to material non-public information concerning the Company's customers, including sovereigns, public and private companies, and other third parties around the world, the unauthorized disclosure of which could affect the trading markets for such customers' securities and could damage such customers' competitive positions. Some of our own products and services also include material non-public information that could affect trading markets. Unauthorized disclosure of this information as a result of cyber attacks and other unauthorized occurrences on our information systems and networks could cause our customers to lose faith in our ability to protect confidential information and therefore cause customers to cease doing business with us. •The cyber threats we and our third-party service providers (including our vendors, data partners and distribution partners) face are rapidly evolving and are becoming increasingly sophisticated and include denial of service attacks, ransomware, spyware, misinformation, phishing/smishing/vishing attacks, business compromise attacks, 11 11 11 Table of Contents Table of Contents typosquatting, automated attacks, employee errors, negligence or malfeasance, the use of malicious codes or worms, payment fraud, and other unauthorized occurrences on, or conducted through, our or our third-party service providers' (including our vendors', data partners' and distribution partners') information systems and networks, originating from a wide variety of sources, including criminals, terrorists, state-sponsored actors, financially motivated actors, internal actors, and external service providers. The cyber risks the Company faces range from cyber attacks common to most industries, to more sophisticated and targeted attacks, including attacks carried out by state-sponsored actors, intended to obtain unauthorized access to certain information or information systems or networks due in part to our prominence in the global marketplace, such as our ratings on debt issued by sovereigns and corporate issuers, our impending methodology changes in our benchmarks businesses, or the composition of our indices. Our third-party service providers, including our vendors, data partners and distribution partners, are also the subject of a variety of cyber attacks, including attacks carried out by state-sponsored actors. •We and our third-party service providers, including our vendors, data partners and distribution partners, experience cyber attacks, data breaches and other cyber threats of varying degrees on a regular basis. The volume of such attacks, breaches and threats has increased over the years and we expect that volume to continue to increase. Breaches of our or our third-party service providers' (including our vendors', data partners' and distribution partners') information systems and networks may cause material interruptions or malfunctions in our or such third-party's websites, applications or data processing, or may compromise the confidentiality and integrity of material information regarding us, our business or our customers. Although we have not experienced a cyber attack or data breach that has had a material adverse effect on us to date, we may experience such an event in the future. •In the ordinary course of business, we are exposed to vulnerabilities in widely deployed third-party software. While such vulnerabilities have not resulted in a material adverse effect on the Company to date, they require us to devote time and resources to remediation on a regular basis. Notwithstanding our efforts, we may suffer a material adverse effect on our business, financial condition or results of operations resulting from such vulnerabilities in the future. •Misappropriation, improper modification, destruction, corruption or unavailability of our data and information, including personal data, due to cyber incidents, attacks or other security breaches, or the perception of such an occurrence, could damage our brand and reputation, result in litigation, regulatory actions, sanctions or other statutory penalties, or lead to loss of customer confidence in our security measures and reliability. While such incidents have not had a material impact on the Company to date, future incidents could materially harm our ability to retain customers and gain new ones, result in financial losses that are either not insured against or not fully covered through any insurance maintained by us, and lead to increased expenses related to addressing or mitigating the risks associated with any such incidents. We may be required to expend significant resources to mitigate the impact of any errors, interruptions, delays or cessations of service and we may have insufficient recourse against our third-party service providers, including our vendors, data partners and distribution partners. Additionally, our failure to timely or accurately communicate cyber incidents to relevant parties, including as a result of a failure of our third-party service providers, including our vendors, data partners and distribution partners, to inform us of incidents impacting their information systems or networks in a timely manner could result in regulatory or litigation risk, and reputational harm. •We devote significant resources to maintain and regularly update our systems and processes that are designed to protect the security of our information systems, software, networks and other technology assets and the confidentiality, integrity and availability of information belonging to the enterprise and our customers and employees, and we expect to continue to expend significant additional resources to bolster these protections. However, such measures cannot provide absolute security and may be circumvented or become obsolete, and additional measures that we take to prevent or mitigate cyber incidents may be expensive or ineffective. Additionally, fragmented security tooling could create visibility gaps and increase the risk of missed threats and slower response. •We conduct cyber due diligence during the acquisition process; however, following the completion of acquisitions, we from time to time identify weaknesses and vulnerabilities in acquired entities' information systems and networks, which expose us to unexpected liabilities or make our own information systems or networks more vulnerable to a cyber attack. •Any of the foregoing could have a material adverse effect on our business, financial condition or results of operations. --- ## Modified: Our reputation, credibility, and brand are key assets and competitive advantages of our Company and our business, financial condition or results of operations could be materially and adversely affected if we are negatively perceived in the marketplace. **Key changes:** - Reworded sentence: "•Given our role in the financial, energy and commodity, and automotive markets, our ability to attract and retain customers is uniquely affected by external perceptions of our reputation, credibility, and brand." - Reworded sentence: "For example, we have faced and could in the future face negative perceptions or publicity with respect to our sustainability and corporate responsibility policies and practices or our sustainability products, methodologies, or scores, including as a result of a revision, suspension or withdrawal of, or a failure to meet, our publicly disclosed sustainability and corporate responsibility targets, goals or practices, or as a result of misalignment with evolving, and in certain instances conflicting, market standards, expectations of regulators and other stakeholders, and regulations and codes of conduct." - Reworded sentence: "Such scrutiny has in the past and may in the future impact our reputation, brand and credibility and result in private litigation or government and regulatory proceedings, investigations, inquiries and litigation." - Reworded sentence: "•Damage to our reputation, credibility, and brand could have a material adverse effect on our business, financial condition or results of operations." **Prior (2025):** •Our reputation, credibility, and the strength of our brand are key competitive strengths. •Given our role in the financial, commodities and automotive markets, our ability to attract and retain customers is uniquely affected by external perceptions of our reputation, credibility, and brand. •We provide credit ratings, pricing and valuation services, benchmark products, indices, and ESG scores and data, many of which depend on contributions or inputs from third parties or market participants. Our customers and other market participants expect us to be able to demonstrate that our products and services are produced independently and are not readily subject to manipulation. We believe our products and services are designed with appropriate methodologies, processes, and procedures to maintain independence and integrity; however, we may not be able to prevent third parties or market participants from working together or colluding to try to manipulate their inputs and thus the resulting outputs of our products and services. From time to time, we are involved in third-party investigations or litigation related to the markets and stakeholders our products and services serve. Any failures, negative publicity, investigations, or lawsuits that implicate the independence and integrity of our credit ratings, pricing and valuation services, benchmarks, indices, and ESG scores and data could result in a loss of confidence in the administration of these products and services and could harm our reputation and our business. •Negative perceptions or publicity could damage our reputation with customers, prospects, regulators, and the public generally, which in turn could negatively impact, among other things, our ability to attract and retain customers, employees and suppliers, as well as suitable candidates for acquisitions or other combinations. For example, we have faced and could in the future face negative perceptions or publicity with respect to our sustainability and corporate responsibility policies and practices (including DEI) or our ESG products, methodologies, or scores, including as a result of a revision, suspension or withdrawal of, or a failure to meet, our publicly disclosed ESG (including DEI) and climate-related targets, goals or practices, or as a result of misalignment with evolving market standards, ESG regulations and codes of conduct or regulatory expectations. In addition, we have faced and could in the future face similar negative perceptions or publicity as a result of "anti-ESG/DEI" sentiment among certain stakeholders, including governmental authorities, regulators, shareholders and customers. •Our divisions are all actively engaged in analyzing and providing views on economic conditions, including assessing the impact of events that create volatility and economic uncertainty, such as the ongoing military conflicts between Russia and Ukraine and in the Middle East and tensions across the Taiwan Strait. Notwithstanding the care we take in carrying out our work, the views and assumptions we express, the conclusions we draw, the actions we take (including, but not limited to, rating actions, revising the composition of our indices, etc.), and the work our divisions produce are likely to be heavily scrutinized with the benefit of hindsight. We have faced significant regulatory and media scrutiny following prior periods of volatility and economic uncertainty. Such scrutiny has in the past and may in the future impact our reputation, brand and credibility and result in government and regulatory proceedings, investigations, inquiries and litigation. •Given our businesses are often privy to material non-public information concerning our customers, our data could be improperly used, including for insider trading by our employees and third-party vendors with access to key systems. We have experienced insider trading incidents involving employees in the past, and it is not always possible to deter misconduct by employees or third-party vendors. We take precautions to detect and prevent such activity, including training on insider trading policies for our employees, contractual obligations for our third-party vendors, and policies that require access restrictions for material non-public information, but such precautions are not guaranteed to deter misconduct. Any breach of our clients' confidences as a result of employee or third-party vendor misconduct could harm our reputation. •Damage to our reputation, credibility, and brand could have a material adverse effect on our business and results of operations. **Current (2026):** •Our reputation, credibility, and the strength of our brand are key competitive strengths. •Given our role in the financial, energy and commodity, and automotive markets, our ability to attract and retain customers is uniquely affected by external perceptions of our reputation, credibility, and brand. •We provide credit ratings, pricing and valuation services, benchmark products, indices, and ESG scores and data, many of which depend on contributions or inputs from third parties or market participants. Our customers and other market participants expect us to be able to demonstrate that our products and services are produced independently and are not readily subject to manipulation. We believe our products and services are designed with appropriate methodologies, processes, and procedures to maintain independence and integrity; however, we may not be able to prevent third parties or market participants from working together or colluding to try to manipulate their inputs and thus the resulting outputs of our products and services. From time to time, we are involved in third-party investigations or litigation related to the markets and stakeholders our products and services serve. Any failures, negative publicity, investigations, or lawsuits that implicate the independence and integrity of our credit ratings, pricing and valuation services, benchmarks, indices, and ESG scores and data could result in a loss of confidence in the administration of these products and services and could harm our reputation and our business. •Negative perceptions or publicity could damage our reputation with customers, prospects, regulators, and the public generally, which in turn could negatively impact, among other things, our ability to attract and retain customers, employees and suppliers, as well as suitable candidates for acquisitions or other combinations. For example, we have faced and could in the future face negative perceptions or publicity with respect to our sustainability and corporate responsibility policies and practices or our sustainability products, methodologies, or scores, including as a result of a revision, suspension or withdrawal of, or a failure to meet, our publicly disclosed sustainability and corporate responsibility targets, goals or practices, or as a result of misalignment with evolving, and in certain instances conflicting, market standards, expectations of regulators and other stakeholders, and regulations and codes of conduct. In addition, sustainability and corporate responsibility state, federal and international laws, regulations, standards and regulatory expectations are evolving, varied and at times conflicting, and our failure or perceived failure to comply 25 25 25 Table of Contents Table of Contents with such laws, regulations, standards or expectations could result in adverse reactions by certain stakeholders, including governmental authorities, regulators, shareholders and customers, including the commencement of private litigation or government and regulatory proceedings, investigations, inquiries and litigation. •Our divisions are all actively engaged in analyzing and providing views on economic conditions, including assessing the impact of events that create volatility and economic uncertainty, such as the ongoing military conflicts between Russia and Ukraine and in the Middle East, tensions across the Taiwan Strait and U.S. intervention in Venezuela. Notwithstanding the care we take in carrying out our work, the views and assumptions we express, the conclusions we draw, the actions we take (including, but not limited to, rating actions, revising the composition of our indices, etc.), and the work our divisions produce are likely to be heavily scrutinized with the benefit of hindsight. We have faced significant regulatory and media scrutiny following prior periods of volatility and economic uncertainty. Such scrutiny has in the past and may in the future impact our reputation, brand and credibility and result in private litigation or government and regulatory proceedings, investigations, inquiries and litigation. •Given our businesses are often privy to material non-public information concerning our customers, our data could be improperly used, including for insider trading by our employees and third-party vendors with access to key systems. We have experienced insider trading incidents involving employees in the past, and it is not always possible to deter misconduct by employees or third-party vendors. We take precautions to detect and prevent such activity, including training on insider trading policies for our employees, contractual obligations for our third-party vendors, and policies that require access restrictions for material non-public information, but such precautions are not guaranteed to deter misconduct. Any breach of our clients' confidences as a result of employee or third-party vendor misconduct could harm our reputation. •Damage to our reputation, credibility, and brand could have a material adverse effect on our business, financial condition or results of operations. --- ## Modified: Our operations and infrastructure may malfunction or fail, which could have a material adverse effect on our business, financial condition or results of operations. **Key changes:** - Reworded sentence: "•Our ability to conduct business may be materially and adversely impacted by a disruption in the infrastructure that supports our businesses and the communities in which we are located, including New York City, the location of our headquarters, and major cities worldwide in which we have offices and operations." - Reworded sentence: "Technology failures could also result from inadequate implementation or poor governance." - Reworded sentence: "•We have at times experienced outages and other disruptions due to internal system or human errors and could in the future be subject to outages or other disruptions due to similar errors." - Reworded sentence: "If a disruption occurs in one of our locations or systems and our personnel in those locations or those who rely on such systems are unable to utilize other systems or communicate with or travel to other locations, such persons' ability to service and interact with our customers may suffer." **Prior (2025):** •Our ability to conduct business may be materially and adversely impacted by a disruption in the infrastructure that supports our businesses and the communities in which we are located, including New York City, the location of our headquarters, and major cities worldwide in which we have offices. •This may include a disruption involving physical or technological infrastructure used by us or third parties with or through whom we conduct business, whether due to human error, natural disasters, power loss, telecommunication failures, cyber attacks, data breaches, break-ins, sabotage, intentional acts of vandalism, acts of terrorism, political unrest, war or otherwise. Our efforts to secure and plan for potential disruptions of our major operating systems are not always successful, and future disruptions could have a material adverse effect on the Company. •We rely on our information technology environment and certain critical databases, systems, applications and services (e.g. Amazon Web Services ("AWS")) to support key product and service offerings. We believe we have appropriate policies, processes and internal controls to ensure the stability of our information technology, provide security from unauthorized access to our systems and maintain business continuity, but our business could be subject to significant disruption and our business, financial condition or results of operations could be materially and adversely affected by unanticipated system failures, data corruption or unauthorized access to our systems. •On May 30, 2024, we experienced an outage caused by an erroneous internal modification of code in an enterprise technology tool. The outage resulted in loss of access to a significant amount of our products and services for various periods of time, ranging from approximately 1 hour to approximately 52 hours. Although this outage did not have a material adverse effect on the Company, it called our attention to certain deficiencies in our controls and system architecture. While we have taken steps to address these deficiencies, we may experience outages or other disruptions in the future, and such outages or disruptions may have a material adverse effect on the Company. •The physical or technological infrastructure used by us or our third-party service providers can become obsolete or restrictive, unavailable, incompatible with future versions of our products, fail to be comprehensive or accurate, or fail to operate effectively, and our business could be adversely affected if we are unable to timely or effectively replace it. •We also do not have fully redundant systems for most of our smaller office locations and low-risk systems, and our disaster recovery plan does not include restoration of non-essential services. If a disruption occurs in one of our locations or systems and our personnel in those locations or those who rely on such systems are unable to utilize other systems or communicate with or travel to other locations, such persons' ability to service and interact with our clients and customers may suffer. •We cannot predict with certainty all of the adverse effects that could result from our failure, or the failure of a third party, to efficiently address and resolve these delays and interruptions. A disruption to our operations or infrastructure could have a material adverse effect on our business, financial condition or results of operations. **Current (2026):** •Our ability to conduct business may be materially and adversely impacted by a disruption in the infrastructure that supports our businesses and the communities in which we are located, including New York City, the location of our headquarters, and major cities worldwide in which we have offices and operations. •This may include a disruption involving physical or technological infrastructure used by us or third parties with or through whom we conduct business, whether due to human error, natural disasters, power loss, telecommunication failures, cyber attacks, data breaches, break-ins, sabotage, intentional acts of vandalism, acts of terrorism, political unrest, war or otherwise. Technology failures could also result from inadequate implementation or poor governance. Our efforts to secure and plan for potential disruptions of our major operating systems are not always successful, and future disruptions could have a material adverse effect on our business, financial condition or results of operations. •We rely on our information technology environment and certain critical databases, systems, applications and services (e.g. Amazon Web Services ("AWS")) to support key product and service offerings. We believe we have appropriate policies, processes and internal controls to ensure the stability of our information technology, provide security from unauthorized access to our systems and maintain business continuity, but our business could be subject to significant disruption and our business, financial condition or results of operations could be materially and adversely affected by unanticipated system failures, data corruption or unauthorized access to our systems. •We have at times experienced outages and other disruptions due to internal system or human errors and could in the future be subject to outages or other disruptions due to similar errors. While we have taken steps to address these 16 16 16 Table of Contents Table of Contents errors, we may experience outages or other disruptions in the future, and such outages or disruptions could have a material adverse effect on our business, financial condition or results of operations. •The physical or technological infrastructure used by us or our third-party service providers can become obsolete or restrictive, unavailable, incompatible with future versions of our products, fail to be comprehensive or accurate, or fail to operate effectively, and our business could be adversely affected if we are unable to timely or effectively replace it. •We also do not have fully redundant systems for most of our smaller office locations and low-risk systems, and our disaster recovery plan does not include restoration of non-essential services. If a disruption occurs in one of our locations or systems and our personnel in those locations or those who rely on such systems are unable to utilize other systems or communicate with or travel to other locations, such persons' ability to service and interact with our customers may suffer. •We cannot predict with certainty all of the adverse effects that could result from our failure, or the failure of a third party, to efficiently address and resolve these delays and interruptions. A disruption to our operations or infrastructure could have a material adverse effect on our business, financial condition or results of operations. --- ## Modified: Our expansion into and investments in new and growing markets may not be successful, which could adversely impact our business, financial condition and results of operations. **Key changes:** - Reworded sentence: "We believe there remains significant opportunity to expand our business into major geographic and product markets (including private markets, energy expansion, supply chain intelligence, wealth, decentralized finance, and emerging markets), and we are in the process of such expansion efforts." **Prior (2025):** We believe there remains significant opportunity to expand our business into major geographic and product markets (including energy transition, private markets and emerging markets), and we are in the process of such expansion efforts. Expansion into new markets requires significant levels of investment and attention from management. These markets may not develop as anticipated or we may not have success in these markets, in which case we may be unable to recover our investment spent to expand our business into these markets or may forgo opportunities in more lucrative markets, which could adversely impact our business, financial condition and results of operations. **Current (2026):** We believe there remains significant opportunity to expand our business into major geographic and product markets (including private markets, energy expansion, supply chain intelligence, wealth, decentralized finance, and emerging markets), and we are in the process of such expansion efforts. Expansion into these markets requires significant levels of investment and attention from management. These markets may not develop as anticipated or we may not have success in these markets, in which case we may be unable to recover our investment spent to expand our business into these markets or may forgo opportunities in more lucrative markets, which could adversely impact our business, financial condition and results of operations. --- ## Modified: We rely heavily on network systems and the Internet and any failures or disruptions may adversely affect our ability to serve our customers. **Key changes:** - Reworded sentence: "•Our products and services are delivered electronically, and our customers rely on our ability to process transactions rapidly and deliver substantial quantities of data on computer-based networks." - Removed sentence: "•In addition, a number of our customers entrust us with storing and securing their data and information on our servers." - Removed sentence: "Although we have disaster recovery plans that include backup facilities for our primary data centers, our systems are not always fully redundant, and our disaster planning may not always be sufficient or effective." - Removed sentence: "As such, these disruptions may affect our ability to store, handle and secure such data and information." **Prior (2025):** 13 13 13 Table of Contents Table of Contents •Our products and services are delivered electronically, and our customers rely on our ability to process transactions rapidly and deliver substantial quantities of data on computer-based networks. Our customers also depend on the continued capacity, reliability and security of our electronic delivery systems, our websites and the Internet. •Our ability to deliver our products and services electronically may be impaired due to infrastructure or network failures, malicious or defective software, human error, natural disasters, service outages at third-party Internet providers or increased government regulation. Delays in our ability to deliver our products and services electronically may harm our reputation and result in the loss of customers. •In addition, a number of our customers entrust us with storing and securing their data and information on our servers. Although we have disaster recovery plans that include backup facilities for our primary data centers, our systems are not always fully redundant, and our disaster planning may not always be sufficient or effective. As such, these disruptions may affect our ability to store, handle and secure such data and information. **Current (2026):** •Our products and services are delivered electronically, and our customers rely on our ability to process transactions rapidly and deliver substantial quantities of data on computer-based networks. Our customers also depend on the continued capacity, reliability, resiliency, and security of our electronic delivery systems, our websites and the Internet. •Our ability to deliver our products and services electronically may be impaired due to infrastructure or network failures, malicious or defective software, human error, natural disasters, service outages at cloud or third-party Internet providers or increased government regulation. Delays in our ability to deliver our products and services electronically may harm our reputation and result in the loss of customers. --- ## Modified: Our Indices and Energy businesses are subject to a global evolving regulatory landscape, which has and may continue to cause increased operating obligations, exposure, compliance risk and costs of doing business, and could have a material adverse effect on our business, financial condition or results of operations. **Key changes:** - Reworded sentence: "19 19 19 Table of Contents Table of Contents •In addition to the extensive and evolving U.S." - Reworded sentence: "Energy is supervised by the Dutch Authority for the Financial Markets for the EU Benchmark Regulation." - Added sentence: "•Certain products and services provided by the S1 business in Energy are subject to the EU regulation on the transparency and integrity of ESG rating activities adopted by the European Parliament and Council in November 2024, and will also be subject to The Financial Services and Markets Act 2000 (Regulated Activities) (ESG Ratings) Order 2025 and will need to become supervised by the FCA for the ESG ratings it provides from June 2028." - Reworded sentence: "MiFID II and the Market Abuse Regulation may impose additional regulatory burdens on the activities of Indices and Energy in the EU over time, but their impact on, and costs to, the Company have not yet been substantive." - Reworded sentence: "•These laws, regulations and principles have impacted our Energy and Indices businesses by increasing their operating obligations, exposure, compliance risk, and costs of doing business." **Prior (2025):** •In addition to the extensive and evolving U.S. laws and regulations, foreign jurisdictions have taken measures to increase regulation of the financial services and commodities industries. •Commodity Insights has aligned its operations with the Principles for Oil Price Reporting Agencies ("PRA Principles") issued by IOSCO and, as recommended by IOSCO in its final report on the PRA Principles, has aligned to the PRA Principles for other commodities for which it publishes benchmarks. Indices has taken steps to align its governance regime, control framework and operations with the Principles for Financial Benchmarks ("Financial Benchmark Principles") issued by IOSCO and engages an independent auditor to perform an annual reasonable assurance review of its adherence to the Financial Benchmark Principles. •Commodity Insights and Indices are subject to financial and commodity benchmark regulation in the EU (the "EU Benchmark Regulation") and the U.K. (the "U.K. Benchmark Regulation") as well as increasing benchmark regulation in other jurisdictions. Indices and Commodity Insights are both supervised by the Dutch Authority for the Financial Markets for the EU Benchmark Regulation. Indices is also supervised by the FCA for the U.K. Benchmark Regulation. Indices is also subject to the benchmark regulation in Australia under which it is required to and has obtained a license from and is subject to the supervision of the Australian Securities and Investment Commission regarding its administration of the S&P ASX 200 index. •The EU's package of legislative measures called the Markets in Financial Instruments Directive and Regulation (collectively "MiFID II") have applied in all EU Member States since 2018. MiFID II and potential subsequent amendments may result in changes to the manner in which Indices and Commodity Insights license their indices and price assessments, respectively, and could also have an indirect impact on the credit ratings and third-party research products offered by other divisions of the Company for use within the EU. MiFID II and the Market Abuse Regulation may impose additional regulatory burdens on the activities of Indices and Commodity Insights in the EU over time, but their impact on, and costs to, the Company have not yet been substantive. •The European Commission has adopted or proposed various options for regulatory intervention to address high energy prices including, among others, price limiting mechanisms on exchange traded gas products, the introduction of circuit breakers and the development of LNG import benchmarks. •These laws, regulations and principles have impacted our Commodity Insights' and Indices' businesses by increasing their operating obligations, exposure, compliance risk, and costs of doing business. Such impacts may continue or get worse as the regulatory landscape continues to evolve, which could have a material adverse effect on our business, financial condition or results of operations. **Current (2026):** 19 19 19 Table of Contents Table of Contents •In addition to the extensive and evolving U.S. laws and regulations, foreign jurisdictions have taken measures to increase regulation of the financial services and energy and commodities industries. •Energy has aligned its operations with the Principles for Oil Price Reporting Agencies ("PRA Principles") issued by IOSCO and, as recommended by IOSCO in its final report on the PRA Principles, has aligned to the PRA Principles for other commodities for which it publishes benchmarks. Indices has aligned its governance regime, control framework and operations with the Principles for Financial Benchmarks ("Financial Benchmark Principles") issued by IOSCO and engages an independent auditor to perform an annual reasonable assurance review of its adherence to the Financial Benchmark Principles. •Energy and Indices are subject to financial and commodity benchmark regulation in the EU (the "EU Benchmark Regulation") and the U.K. (the "U.K. Benchmark Regulation") as well as increasing benchmark regulation in other jurisdictions. Energy is supervised by the Dutch Authority for the Financial Markets for the EU Benchmark Regulation. Indices has recently transitioned from supervision by the Dutch Authority for the Financial Markets to supervision by ESMA for the EU Benchmark Regulation. Indices is also supervised by the FCA for the U.K. Benchmark Regulation. Indices is also subject to the benchmark regulation in Australia under which it is required to and has obtained a license from and is subject to the supervision of the Australian Securities and Investment Commission regarding its administration of the S&P ASX 200 index. •Certain products and services provided by the S1 business in Energy are subject to the EU regulation on the transparency and integrity of ESG rating activities adopted by the European Parliament and Council in November 2024, and will also be subject to The Financial Services and Markets Act 2000 (Regulated Activities) (ESG Ratings) Order 2025 and will need to become supervised by the FCA for the ESG ratings it provides from June 2028. •The EU's package of legislative measures called the Markets in Financial Instruments Directive and Regulation (collectively "MiFID II") have applied in all EU Member States since 2018. MiFID II and the Market Abuse Regulation may impose additional regulatory burdens on the activities of Indices and Energy in the EU over time, but their impact on, and costs to, the Company have not yet been substantive. •The European Commission has adopted or proposed various options for regulatory intervention to address high energy prices including, among others, price limiting mechanisms on exchange traded gas products, the introduction of circuit breakers and the development of LNG import benchmarks. •These laws, regulations and principles have impacted our Energy and Indices businesses by increasing their operating obligations, exposure, compliance risk, and costs of doing business. Such impacts may continue or get worse as the regulatory landscape continues to evolve, which could have a material adverse effect on our business, financial condition or results of operations. --- ## Modified: We rely on the products and services of other suppliers, including certain data, software and service suppliers, for many aspects of our business. From time to time, we lose key outside suppliers of data, products, and services or the data, products, or services of these suppliers have errors or are delayed, resulting in a disruption or inability to provide our clients with the information, products or services they desire. **Key changes:** - Reworded sentence: "We obtain data from many third-party data sources." - Reworded sentence: "24 24 24 Table of Contents Table of Contents •The consolidation of our suppliers has reduced the number of firms we partner with, which has impacted the size of our supplier base for certain products and services and resulted in an increase in fees charged by certain of our supplier partners." - Reworded sentence: "Termination of significant data agreements or exclusion from, or restricted use of, or litigation in connection with, significant third-party data assets could result in a substantial decrease of the available information for us to use (and offer our clients) and could have a material adverse effect on our business, financial condition or results of operations." **Prior (2025):** •Our ability to produce our products and services and develop new products and services is dependent upon the products and services of other suppliers, including certain data, software and service suppliers. Some of our products and services and their related value are dependent upon updates from our data suppliers and most of our information and data products and services are dependent upon continuing access to historical and current data. •Many of our suppliers are also our competitors, and from time to time they negotiate to change the terms of the data and products that they supply to us in order to gain an advantage in the marketplace, which could materially harm our business. •We utilize certain information and data provided by third-party sources in a variety of ways, including information gathered by market participants and large volumes of data from certain stock exchanges around the world. •From time to time, the data from our suppliers has errors, is delayed, has design defects, is unavailable on acceptable terms or is not available at all. While such issues have not materially adversely affected us to date, the future occurrence of any such issue could have a material adverse effect on our business, financial condition or results of operations. •The consolidation of our suppliers has reduced the number of firms we partner with, which has impacted the size of our supplier base for certain products and services and resulted in an increase in fees charged by certain of our supplier partners. •Some of our agreements with data suppliers allow them to cancel on short notice. Termination of one or more of our significant data agreements or exclusion from, or restricted use of, or litigation in connection with, a significant data provider's information could result in a substantial decrease of the available information for us to use (and offer our clients) and could have a material adverse effect on our business, financial condition or results of operations. **Current (2026):** •Our ability to produce our products and services and develop new products and services is dependent upon the products and services of other suppliers, including certain data, software and service suppliers. We obtain data from many third-party data sources. Our business relies on our ability to obtain data for our own internal operational purposes and for the benefit of customers using our products and services. Certain of our third-party data sources supply us with critical datasets that support our products and services for which suitable alternative sources may not be readily available. If any such providers were to limit, discontinue or materially alter the terms of our access, we may be unable to obtain comparable data from other sources in a timely or cost-effective manner, or at all, which could have a material adverse effect on our business, financial condition or results of operations. •Some of our products and services and their related value are dependent upon updates from our third-party data suppliers and most of our information and data products and services are dependent upon continuing access to historical and current data. •We could experience interruptions in our data access for a number of reasons, including difficulties in renewing our agreements with third-party data providers, changes to the software used by third-party data providers, efforts by industry participants to restrict access to data, increased fees we may be charged by third-party data providers and legal or regulatory changes. Our competitive position could be negatively affected if any of our key data providers terminates its relationship with us or if data flow from any key data provider is interrupted. If these third-party data providers experience difficulty meeting our requirements or standards, have adverse audit results, violate the terms of our agreements or applicable law, fail to obtain or maintain applicable licenses, cease operations temporarily or permanently, face financial distress or other business disruptions, increase their fees, or if the relationships we have established with such third-party data providers deteriorate, expire or otherwise terminate, whether as a result of macroeconomic conditions or otherwise, we could suffer increased costs and we may be unable to provide similar services or operate certain aspects of our business until we are able to find an equivalent provider or develop replacement technology or operations, which could damage our financial condition and reputation. Furthermore, if we are unsuccessful in identifying or finding high-quality third-party data providers, if we fail to negotiate cost-effective relationships with them, or if we ineffectively manage these relationships, it could have a material adverse effect on our business, financial condition or results of operations. •Many of our suppliers are also our competitors, and from time to time they negotiate to change the terms of the data and products that they supply to us in order to gain an advantage in the marketplace, which could materially harm our business. •We utilize certain information and data provided by third-party sources in a variety of ways, including information gathered by market participants and large volumes of data from certain stock exchanges around the world. •From time to time, the data from our suppliers has errors, is delayed, has design defects, is unavailable on acceptable terms or is not available at all. While such issues have not materially adversely affected us to date, the future occurrence of any such issue could have a material adverse effect on our business, financial condition or results of operations. 24 24 24 Table of Contents Table of Contents •The consolidation of our suppliers has reduced the number of firms we partner with, which has impacted the size of our supplier base for certain products and services and resulted in an increase in fees charged by certain of our supplier partners. •Some of our agreements with data suppliers allow them to cancel on short notice. Termination of significant data agreements or exclusion from, or restricted use of, or litigation in connection with, significant third-party data assets could result in a substantial decrease of the available information for us to use (and offer our clients) and could have a material adverse effect on our business, financial condition or results of operations. --- ## Modified: Changes and increased enforcement in the global privacy, data localization, operational resilience, and data protection legislative, regulatory, and commercial environments in which we operate may materially and adversely impact our ability to collect, compile, use, and publish data, require us to disclose information about our security environment, and could have a material adverse effect on our business, financial condition or results of operations. **Key changes:** - Reworded sentence: "•We, and certain types of information we collect, compile, store, use, process, transfer, publish and sell, are subject to laws and regulations governing the protection of personal and sensitive information in the various jurisdictions in 17 17 17 Table of Contents Table of Contents which we operate." - Reworded sentence: "states), the European Union (the "EU"), the People's Republic of China and India, could have a significant impact on our processing of employee, commercial, vendor, and customer data, and in turn, our business practices." - Reworded sentence: "We have made, and expect to continue to make, capital investments and other expenditures to enhance cybersecurity preparedness and prevent future cyber incidents and breaches, including costs associated with additional security technologies, personnel, and experts." - Reworded sentence: "Future laws and regulations with respect to the collection, compilation, use, and publication of information could result in limitations on our operations or data processing, leading to increased compliance or litigation expense and/or adverse publicity or loss of revenue, which could have a material adverse effect on our business, financial condition, or results of operations." - Added sentence: "We are also subject to the terms of our privacy policies and privacy-related obligations to third parties, and could face claims or allegations that we are not in compliance with such terms, which could result in costly litigation and could have a material adverse effect on our business, financial condition or results of operations." **Prior (2025):** •We, and certain types of information we collect, compile, use, and publish, are subject to numerous U.S. federal and state laws and non-U.S. regulations governing the protection of personal and confidential information of our clients, employees and products in the jurisdictions in which we operate. Further, global privacy, data localization, data maintenance, data transfer and data protection legislation, regulatory, enforcement, and policy activity are rapidly and continually evolving and creating a complex regulatory compliance environment. There is also increasing concern among certain privacy and data protection advocates, government regulators, litigators, and the press regarding marketing and privacy matters as well as data protection, particularly as they relate to individual privacy, threats to personal information, and perceived national security interests. Costs and adaptation of our business practices to comply with and implement the increasing privacy-related and data protection, data maintenance and transfer restriction measures have been, and we expect will continue to be, significant, particularly as the laws and regulations across jurisdictions change frequently and sometimes conflict. In addition, such measures, as well as any associated inquiries or investigations or any other government actions, increase our operating costs and require significant management time and attention, and may result in negative publicity and subject us to costs that may harm our business, including fines or damages as well as demands or orders that we modify or cease existing business practices. •There has been increased public attention regarding the use and transfer of personal information, accompanied by examinations of regulated entities, and legislation and regulations intended to strengthen data protection, information security and consumer and personal privacy. The law in these areas continues to develop and the changing nature and interpretations by courts of privacy and data protection laws around the world, including in jurisdictions such as the U.S. (including in an increasing number of U.S. states), the European Union (the "EU"), the People's Republic of China and India, could have a significant impact on our processing of personal and sensitive information of our employees, vendors and customers and other data, and in turn, our business practices. •Failure to comply with privacy and data protection requirements could result in significant penalties. The EU's comprehensive General Data Privacy Regulation ("GDPR"), for example, is a comprehensive regulation applying across all EU member states, providing for penalties of up to the greater of €20 million or 4% of worldwide revenue, and the average GDPR penalties increased in 2023 compared to prior years. •We devote meaningful time and financial resources to compliance with current and future applicable international and U.S. privacy, cybersecurity, data protection and related laws and regulations. We have made, and expect to continue to make, capital investments and other expenditures to address cybersecurity preparedness and prevent future cyber incidents and breaches, including costs associated with additional security technologies, personnel, experts and credit monitoring services for those whose data has been breached. Any such expenses that we incur in the future, which could be material, will impact our results of operations in the period in which they are incurred, but may not 15 15 15 Table of Contents Table of Contents meaningfully limit the success of future attempts to compromise our information or information technology systems. •Continued privacy and data protection concerns may result in new or amended laws and regulations. Future laws and regulations with respect to the collection, compilation, use, and publication of information and consumer privacy could result in limitations on our operations, increased compliance or litigation expense, adverse publicity, or loss of revenue, which could have a material adverse effect on our business, financial condition, and results of operations. It is also possible that we could be prohibited from collecting or disseminating certain types of data, which could affect our ability to meet our customers' needs or require changes in our processes, technologies, and data management. •We are also from time to time subject to, or face assertions that we are subject to, additional obligations relating to personal and other data by contract or due to assertions that self-regulatory obligations or industry standards apply to our practices. **Current (2026):** •We, and certain types of information we collect, compile, store, use, process, transfer, publish and sell, are subject to laws and regulations governing the protection of personal and sensitive information in the various jurisdictions in 17 17 17 Table of Contents Table of Contents which we operate. We move data across national borders to conduct our operations, and consequently, are subject to a variety of evolving laws and regulations regarding privacy, data protection, and data security in an increasing number of jurisdictions. Further, global privacy, data localization, data maintenance, data transfer, operational resilience (e.g., the E.U. Digital Operational Resilience Act), data protection legislation, regulatory, enforcement, and policy activity are rapidly and continually evolving and creating a complex regulatory compliance environment. There is also increasing public concern among certain privacy and data protection advocates, government regulators, litigators, and the press regarding, and resulting increasing regulations of, privacy, data, and consumer protection issues. Certain laws and regulations to which we are subject pertain to personally identifiable information ("PII") relating to individuals. Such laws and regulations constrain the collection, use, processing, storage, and transfer of PII, and impose other obligations with which we must comply. Costs and adaptation of our business practices to comply with evolving laws and regulations governing and restricting the processing and transfer of certain data is, and we expect will continue to be, significant. In addition, such measures, as well as any associated inquiries or investigations or any other government actions, increase our operating costs and require significant management time and attention, and may result in negative publicity and subject us to significant costs that may harm our business, including fines or damages as well as demands or orders that we modify or cease existing business practices. The risks of inadvertent disclosure of personal data can increase with the introduction of new and complex technologies, further exacerbating such risks. •There has been increased public attention regarding the use and transfer of personal information and regulations intended to strengthen data protection, information security and consumer and personal privacy. The law in these areas continues to develop and the changing nature and interpretation of these laws by courts and enforcement actions, including in jurisdictions such as the U.S. (including in an increasing number of U.S. states), the European Union (the "EU"), the People's Republic of China and India, could have a significant impact on our processing of employee, commercial, vendor, and customer data, and in turn, our business practices. •These laws and regulations are wide-ranging in scope and impose numerous requirements on entities that process certain data, including personal data, such as requirements relating to processing sensitive data, obtaining consent of the individuals to whom the personal data relates in certain circumstances, providing information to individuals regarding data processing activities, implementing safeguards to protect the security and confidentiality of personal data, providing notification of data breaches and taking certain measures when engaging third-party processes that will have access to personal data. These laws and regulations are increasing in complexity and number, sometimes change, and can conflict among the various jurisdictions in which we operate. It is possible that we could be prohibited or constrained from collecting or disseminating certain types of data or from providing certain products or services as a result of such laws and regulations. For example, we may not be able, or we may fail, to obtain appropriate third-party consent where consent is required to collect or use certain types of data for certain purposes in our business. Moreover, if our business fails to comply with these laws or regulations, we could be subject to significant litigation and civil or criminal penalties (including monetary damages, regulatory enforcement actions or fines) in one or more jurisdictions, as well as reputational damage that could result in the loss of data, brand equity and business. For example, a failure to comply with the GDPR or U.K. GDPR could result in fines up to the greater of €20 million (or £17.5 million under the U.K. GDPR) or 4% of annual global revenues. Additionally, in the case of a DPPA violation, U.S. courts may award liquidated damages of $2,500 per individual's personal information. Furthermore, any inquiries or investigations, or any other governmental actions, regarding our data processing practices could require significant management time and attention, and may result in negative publicity and subject us to increased costs, as well as demands or orders that we modify our existing business practices. Enforcement of these laws and regulations may increase as enforcement programs mature and better tooling enhances identification of compliance issues. •We devote meaningful time and financial resources to compliance with current and future applicable international and U.S. privacy, cybersecurity, data protection and related laws and regulations. We have made, and expect to continue to make, capital investments and other expenditures to enhance cybersecurity preparedness and prevent future cyber incidents and breaches, including costs associated with additional security technologies, personnel, and experts. Any such expenses that we incur in the future, which could be material, will impact our results of operations in the period in which they are incurred, but may not meaningfully limit the success of future attempts to compromise our information or information technology systems. •Continued privacy and data protection concerns may result in new or amended laws and regulations. Future laws and regulations with respect to the collection, compilation, use, and publication of information could result in limitations on our operations or data processing, leading to increased compliance or litigation expense and/or adverse publicity or loss of revenue, which could have a material adverse effect on our business, financial condition, or results of operations. It is also possible that we could be prohibited from collecting or disseminating certain types of data, which could affect our ability to meet our customers' needs or require changes in our processes, technologies, and data management. •We are also from time to time subject to, or face assertions that we are subject to, additional obligations relating to personal and other data by contract or due to assertions that self-regulatory obligations or industry standards apply to our practices. We are also subject to the terms of our privacy policies and privacy-related obligations to third parties, and could face claims or allegations that we are not in compliance with such terms, which could result in costly litigation and could have a material adverse effect on our business, financial condition or results of operations. 18 18 18 Table of Contents Table of Contents --- ## Modified: Artificial Intelligence ("AI") presents new and evolving risks, and our approach to AI may not be successful, which could materially and adversely affect our business, financial condition or results of operations. **Key changes:** - Reworded sentence: "AI is a rapidly evolving technology that is fundamentally changing the way data is gathered, produced, protected, licensed, processed, and consumed." - Reworded sentence: "While we have established a Company-wide AI strategy to drive our approach to data protection, licensing and AI integration in our processes, products and services, AI creates a number of evolving risks and opportunities and can exacerbate other risks, including those described herein: •In order to remain competitive, we have made significant investments in various AI initiatives." - Reworded sentence: "•Our competitors are deploying AI in ways that could materially reduce demand for our products and services (for example, by deploying AI in ways that make collection and processing of information relatively inexpensive or free or by leveraging AI to build products and services that compete with our products and services)." **Prior (2025):** AI is an emerging technology that is fundamentally changing the way data is gathered, produced, protected, licensed, processed, and consumed. Given the importance of data to our products and services, AI continues to be an increasingly important part of our business and industry. We have established a Company-wide AI strategy to drive our approach to data protection, licensing and AI integration in our processes, products and services. We have made significant investments in various AI initiatives. However, the AI landscape is complex and rapidly evolving, and new and enhanced laws and regulations (or inadequate laws or regulations), governmental or regulatory scrutiny, competition from established or emerging companies, litigation, ethical concerns, cybersecurity concerns, intellectual property concerns, or other complications could materially and adversely impact our ability to protect our data and intellectual property, to develop and offer products and services that effectively use AI, to compete with other AI products or services, to improve efficiency of existing products or services through the effective use of AI to remain competitive, or to incorporate AI in our internal operations, or could materially increase our burden and cost of research, development and regulatory compliance. As discussed in the risk factor entitled "The markets in which we operate continuously change to adapt to customer needs. Our inability to innovate and compete with new or enhanced products and services of our competitors could impact our profitability," competitors are deploying AI in ways that could materially reduce demand for our products and services. Additionally, we may be unable to protect our data from unintended use or access by third-party AI systems. For additional risks related to intellectual property rights, see the risk factor entitled "Our ability to protect our intellectual property rights could impact our competitive position." The development, testing and deployment of AI systems requires continued investment and may materially increase the cost profile of our offerings due to the nature of the 12 12 12 Table of Contents Table of Contents computing cost involved in such systems. In addition, the number of approaches to integrating and commercializing AI is currently large, and many of those approaches may fail to gain market acceptance or become obsolete as AI continues to evolve. At this time, we are unable to predict which offerings will ultimately be successful. Notwithstanding our investments, our products and services may become less marketable or less competitive, or potentially obsolete if either our approach to integrating AI into our products and services fails to gain market acceptance or our approach to protecting our data and intellectual property is ultimately inadequate. Any of these factors could materially and adversely affect our business, financial condition or results of operations. **Current (2026):** AI is a rapidly evolving technology that is fundamentally changing the way data is gathered, produced, protected, licensed, processed, and consumed. Given the importance of data to our products and services, AI continues to be an increasingly important part of our business and industry. While we have established a Company-wide AI strategy to drive our approach to data protection, licensing and AI integration in our processes, products and services, AI creates a number of evolving risks and opportunities and can exacerbate other risks, including those described herein: •In order to remain competitive, we have made significant investments in various AI initiatives. There is no guarantee that these investments will lead to the development of products and services that achieve market acceptance, profit or the level of profitability that we expect or have experienced historically. The continued enhancement of AI within our products, services and processes depends in part on our ability to attract and retain talented employees with critical AI and data science experience, which is dependent on a number of factors, including prevailing market conditions and compensation packages offered by companies competing for the same talent. While we offer competitive salary and benefit packages, intense competition for talent with critical AI and data science experience is driving difficulties in attracting and retaining skilled employees. If we are less successful in our recruiting efforts, or if we are unable to attract, retain or train key qualified personnel, our ability to develop and deliver on our investments in our various AI initiatives may be adversely affected. •The number of approaches to integrating and commercializing AI is currently large, and many of those approaches may fail to gain market acceptance or become obsolete as AI continues to evolve. At this time, we are unable to predict which AI offerings will ultimately be successful. In addition, the development, testing and deployment of AI systems 13 13 13 Table of Contents Table of Contents requires continued investment and may materially increase the cost profile of our offerings due to the nature of the computing cost involved in such systems. Notwithstanding our investments, our products and services may become less marketable or less competitive, or potentially obsolete if either our approach to integrating AI into our products and services fails to gain market acceptance or our approach to protecting our data and intellectual property is ultimately inadequate. •Our competitors are deploying AI in ways that could materially reduce demand for our products and services (for example, by deploying AI in ways that make collection and processing of information relatively inexpensive or free or by leveraging AI to build products and services that compete with our products and services). The emerging availability of "off-the-shelf" AI models may also increase the ability of new and existing competitors to develop technology and applications which may compete with our products and services. •Our ability to produce and develop products and services with AI capabilities is dependent upon the products and services of other suppliers, including certain data, software and service suppliers. Our products and services with AI capabilities may rely on third-party AI providers for certain capabilities and infrastructure. If any such providers were to limit, discontinue or materially alter the terms of our access, we may be unable to obtain comparable data from other sources in a timely or cost-effective manner, or at all. To the extent we rely on third-party AI models, the providers may discontinue such models or their model capabilities may become insufficient or obsolete. While such issues have not materially adversely affected us to date, the future occurrence of any such issue could have a material adverse effect on our business, financial condition or results of operations. •AI presents risks and challenges that could affect its adoption, including social and ethical risks. For example, our products and services with AI capabilities may contain errors or defects that lead to privacy concerns, accuracy issues, unintended biases or discriminatory outputs. Errors or defects may exist during any part of a product's life cycle and may persist notwithstanding testing and/or other quality assurance practices. Inadequate internal oversight or testing within the Company increases the risk that such errors or defects may not be detected or mitigated. Failing to properly remediate any social or ethical issues that may arise in our offerings may result in material brand or reputational harm, competitive harm, legal liability or loss of public confidence, or a material reduction to the marketability or competitiveness of our products and services. In addition, our failure to continue development and adoption of ethical and transparent policies and procedures related to AI could negatively impact our reputation and customer confidence. Any of these social, ethical or operational issues could materially and adversely affect our business, financial condition or results of operations. •AI is being utilized by malign actors to launch increasingly sophisticated cyber attacks against us and our third-party service providers (including our vendors, data partners and distribution partners), which, if successful, could have a material adverse effect on our business, financial condition or results of operations. While we believe we have appropriate policies, processes and internal controls to ensure the stability of our information technology, provide security from unauthorized access to our systems and maintain business continuity, our business could be subject to significant disruption and our business, financial condition or results of operations could be materially and adversely affected by unanticipated system failures, data corruption or unauthorized access to our systems. •The AI landscape is complex and rapidly evolving, and new and enhanced laws and regulations (or inadequate laws or regulations), novel application of existing laws to AI technology, governmental or regulatory scrutiny, litigation and ethical concerns could materially and adversely impact our ability to protect our data and intellectual property, to develop and offer products and services that effectively use AI, to compete with other AI products or services, to improve efficiency of existing products or services through the effective use of AI to remain competitive, or to incorporate AI in our internal operations, or could materially increase our burden and cost of research, development and regulatory compliance. •We do not yet know whether intellectual property laws and regulations in the jurisdictions in which we operate will enable us to effectively protect our intellectual property rights from unintended use by AI. Third parties could also use our data with AI tools to create their own insights and potentially supplant our products and services. We are also subject to a variety of evolving laws and regulations regarding AI in an increasing number of jurisdictions. Further, global AI legislation, regulatory, enforcement, and policy activity is rapidly and continually evolving and creating a complex regulatory compliance environment. Such measures increase our operating costs and require significant management time and attention and may result in negative publicity and subject us to significant costs that may harm our business, including fines or damages as well as demands or orders that we modify or cease existing business practices. The integration of AI in our products and services may increase the risks of improper processing of personal data, further exacerbating such risks. •AI technologies used in our products and processes may incorporate or reproduce third-party content in their outputs, which may expose us to risks associated with infringing, misappropriating or otherwise violating others' intellectual property rights, including the trademarks, copyrights, patents and other intellectual property rights of third parties, including from our competitors or nonpracticing entities which may expose us to protracted and expensive litigation and may materially and adversely affect our business going forward. We may also be unable to protect our data from unintended use or access by third-party AI systems. •Our approach for managing our clients' use of our data is influenced by AI. Our approach must effectively balance protecting our data and enabling our clients to leverage our data for their needs. Given the evolving nature of AI, at this time we are unable to predict if our approach will be successful. If our approach is ultimately inadequate, we could materially dilute the value of our data and/or lose significant market share or revenue. 14 14 14 Table of Contents Table of Contents Any of the foregoing factors could materially and adversely affect our business, reputation, financial condition or results of operations. --- ## Modified: Our inability to adequately obtain, protect and maintain our intellectual property and other proprietary rights could impact our competitive position. **Key changes:** - Reworded sentence: "•We consider many of our products and services to be proprietary, and our success depends, in part, on protecting our intellectual property, proprietary information, and technology." - Reworded sentence: "Failure to obtain, protect and maintain our intellectual property adequately could harm the value of, and revenue generated by, such assets as well as harm our reputation and affect our ability to compete effectively." - Reworded sentence: "Our business, financial condition or results of operations could be materially and adversely affected by inadequate or changing legal and technological protections for intellectual property and proprietary rights in jurisdictions and markets in which we operate." - Reworded sentence: "From time to time, we face claims by third parties that we violated their intellectual property rights, which may result in termination of the relevant source agreement, litigation or reputational damage, or may require us to enter into royalty and licensing agreements on unfavorable terms or to stop selling or redesign affected products." **Prior (2025):** •We consider many of our products and services to be proprietary. Failure to protect our intellectual property adequately could harm the value of and revenue generated by such assets as well as our reputation and affect our ability to compete effectively. Businesses we acquire may also have intellectual property portfolios which increase the complexity of managing our intellectual property portfolio and protecting our competitive position. •Our products contain intellectual property delivered through a variety of digital and other media. Our ability to achieve anticipated results depends in part on our ability to defend our intellectual property rights against infringement and misappropriation. Our business, financial condition or results of operations could be materially and adversely affected by inadequate or changing legal and technological protections for intellectual property and proprietary rights in some jurisdictions and markets. For example, the legal landscape with respect to AI is rapidly evolving, and we do not yet know whether intellectual property laws and regulations in the jurisdictions in which we operate will enable us to effectively protect our intellectual property rights from unintended use by AI. Additionally, we do business in a number of countries included on the Priority Watch List maintained by the Office of the United States Trade Representative which are currently thought to afford less protection to intellectual property rights generally than some other jurisdictions. The lack of strong patent and other intellectual property protection in jurisdictions in which we operate increases our vulnerability regarding unauthorized disclosure or use of our intellectual property and undermines our competitive position. In addition, even in jurisdictions where there are strong protections for intellectual property rights, our ability to enforce our intellectual property rights may be impacted by the number of competitors attempting to infringe or misappropriate our intellectual property. •Our products also contain intellectual property of third-party sources. Any claims by third parties that we violated their intellectual property rights could result in termination of the relevant source agreement, litigation or reputational damage, or may require us to enter into royalty and licensing agreements on unfavorable terms or to stop selling or redesign affected products, which could materially and adversely affect our business, financial condition or results of operations. **Current (2026):** •We consider many of our products and services to be proprietary, and our success depends, in part, on protecting our intellectual property, proprietary information, and technology. We rely on a variety of measures to maintain, protect and enforce our intellectual property portfolio, including trademark and patent protection, trade secret laws, legal misappropriation doctrines, confidentiality procedures and contractual restrictions, all of which provide only limited protection. In particular, such measures may not prevent infringement, violation, misuse or misappropriation of our intellectual property rights or proprietary or confidential information. For example, we routinely face unauthorized use of our indices and price assessments, and our efforts to stop such uses require significant time and expense, and are not always successful. •We have filed for patents in the U.S. and in certain international jurisdictions, but such protections can be expensive and may not be available in all countries in which we operate or in which we seek to enforce such rights, or may be difficult to enforce in practice. We have filed for trademark registrations and participated in trademark enforcement and trademark oppositions in the U.S. and certain international jurisdictions to protect our brand, good will and reputation. These efforts cannot ensure registrations will be issued, our trademark rights will be enforced, or violations of our trademark rights will be appropriately resolved. We do business in a number of countries included on the Priority Watch List and/or Watch Lists maintained by the Office of the United States Trade Representative which are currently thought to afford less protection to intellectual property rights generally than some other jurisdictions. The lack of strong patent and other intellectual property protection in jurisdictions in which we operate increases our vulnerability regarding unauthorized disclosure or use of our intellectual property and undermines our competitive position. In addition, even in jurisdictions where there are strong protections for intellectual property rights, our ability to enforce our intellectual property rights may be impacted by the number of competitors or other third parties attempting to infringe or misappropriate our intellectual property, and the time and resources required to defend against such unauthorized uses. •There can be no assurance that any future patent, trademark, or other intellectual property registrations will be issued for our pending or future applications or that any of our current or future patents, trademarks or other intellectual property rights will be valid, enforceable, sufficiently broad in scope, provide adequate protection of our technology or other proprietary rights, or provide us with any competitive advantage. Any additional investment in protecting our intellectual property rights through additional trademark, patent or other intellectual property filings could be time consuming and expensive, both in terms of application and maintenance costs. We make business decisions about whether and where to seek patent, copyright, and trademark protection for a particular technology and when to rely upon trade secret protection, and the approach we select may ultimately prove to be inadequate. Businesses we acquire may also have intellectual property portfolios which increase the complexity of managing our intellectual property portfolio and protecting our competitive position. Failure to obtain, protect and maintain our intellectual property adequately could harm the value of, and revenue generated by, such assets as well as harm our reputation and affect our ability to compete effectively. •We cannot guarantee that we will be successful in maintaining, protecting, or enforcing the confidentiality of our trade secrets or that our confidentiality and non-disclosure agreements for such trade secrets will provide sufficient protection of our trade secrets, know-how, or other proprietary information in the event of any unauthorized use, misappropriation, or other disclosure. Enforcing a claim that a party illegally disclosed or misappropriated a trade secret or know-how is difficult, fact-intensive, expensive, and time-consuming, and the outcome is unpredictable. In addition, trade secrets and know-how can be difficult to protect and some courts inside and outside the U.S. are less willing or unwilling to protect trade secrets and know-how. Further, these agreements do not prevent our competitors from independently developing product or service offerings that are substantially equivalent or superior to our offerings. If any of our trade secrets were to be lawfully obtained or independently developed by a competitor or other third party, we would have no right to prevent them from using that technology or information to compete with us, and 15 15 15 Table of Contents Table of Contents our competitive position would be materially and adversely harmed. The loss of trade secret protection could make it easier for third parties to compete with our products and services by copying functionality, and pervasive data leakage could render our capabilities redundant over time. •Our products and services contain intellectual property delivered through a variety of digital and other media. Our ability to achieve anticipated results depends in part on our ability to defend our intellectual property rights against infringement and misappropriation. Our business, financial condition or results of operations could be materially and adversely affected by inadequate or changing legal and technological protections for intellectual property and proprietary rights in jurisdictions and markets in which we operate. •Our products also contain intellectual property of third-party sources. From time to time, we face claims by third parties that we violated their intellectual property rights, which may result in termination of the relevant source agreement, litigation or reputational damage, or may require us to enter into royalty and licensing agreements on unfavorable terms or to stop selling or redesign affected products. •Any of the above factors could materially and adversely affect our business, reputation, financial condition or results of operations. --- ## Modified: Our inability to innovate and compete with new or enhanced products and services of our competitors could have a material adverse effect on our business, financial condition or results of operations. **Key changes:** - Reworded sentence: "We could experience material threats to our businesses from new or existing competitors due to the rapidly changing environment in which we operate." - Added sentence: "Our inability to innovate and compete with new or enhanced products and services of our competitors could have a material adverse effect on our business, financial condition or results of operations." **Prior (2025):** We operate in highly competitive markets that continuously change to adapt to customer needs. We could experience material threats to our existing businesses from the rise of new competitors due to the rapidly changing environment in which we operate. For instance, new competitors are leveraging AI in their offerings in ways that could materially reduce demand for our products and services (for example, by deploying AI in ways that make processing of information relatively inexpensive or free or by leveraging AI to build indices or ETFs). In order to maintain a competitive position, we invest in innovation, new offerings and enhancements, including new ways to deliver our products and services (including through AI). These new or enhanced offerings resulting from our investments sometimes do not, and may not in the future, achieve market acceptance, profit or the level of profitability that we expect or have experienced historically. **Current (2026):** We operate in highly competitive markets that continuously change to adapt to customer needs. We could experience material threats to our businesses from new or existing competitors due to the rapidly changing environment in which we operate. In order to maintain a competitive position, we invest in innovation, new offerings and enhancements, including new ways to deliver our products and services. These new or enhanced offerings resulting from our investments sometimes do not, and may not in the future, achieve market acceptance, profit or the level of profitability that we expect or have experienced historically. Our inability to innovate and compete with new or enhanced products and services of our competitors could have a material adverse effect on our business, financial condition or results of operations. --- *Data sourced from SEC EDGAR. Last updated 2026-05-05.*