riskdiff

United Airlines Holdings Inc.: 10-K Risk Factor Changes

2024 vs 2023 · SEC EDGAR · 2026-05-10

Other years: 2026 vs 2025 · 2025 vs 2024

⚠ AI-Generated

The summary below was generated by an AI language model and may contain errors or omissions. All other content on this page is deterministically extracted from the original SEC EDGAR filing.

United Airlines removed two legacy risk disclosures in 2024: COVID-19 pandemic impacts and LIBOR phase-out concerns, reflecting the resolution of these previously material issues. The company substantively modified four risk factors, with particular emphasis on cybersecurity and data security obligations, execution of strategic operating plans, and third-party service provider dependencies, indicating a shift toward operational and technology-related risk management priorities.

✓ Deterministic extraction — no AI-generated data

Classification is based on semantic text similarity scoring and may include approximations. “No match” means no high-confidence textual match was found — not necessarily that a section was removed.

New Risks

Removed

Modified

Unchanged

🔴 No Match in Current Filing

The COVID-19 pandemic, and related governmental regulations and restrictions, has materially and adversely impacted our business, operating results, financial condition and liquidity. The full extent of the impact will depend on future developments, among other things. If the impacts from the COVID-19 pandemic extend beyond our assumed timelines, our actual results may vary significantly from our expectations.

This section from the 2023 filing does not have a high-confidence textual match in the 2024 filing. It may have been removed, merged, or substantially reworded.

The COVID-19 pandemic prompted governments and businesses to take unprecedented measures in response that have included international and domestic travel restrictions or advisories, restrictions on business operations, limitations on public gatherings, social distancing…

View 2023 text

The COVID-19 pandemic prompted governments and businesses to take unprecedented measures in response that have included international and domestic travel restrictions or advisories, restrictions on business operations, limitations on public gatherings, social distancing recommendations, temporary closures of businesses, remote work arrangements, closures of tourist destinations and attractions as well as quarantine and shelter-in-place orders. As a result, we experienced a precipitous decline in passenger demand and bookings for both business and leisure travel, which had an adverse impact that was material to the Company's business, operating results, financial condition and liquidity and materially disrupted our strategic operating plans. In 2022, the Company saw increasing demand for travel both domestically and internationally; however, as the situation surrounding the COVID-19 pandemic remains fluid, the pandemic has continued to negatively impact travel demand. It remains difficult to reasonably predict the full extent of the ongoing impact of the COVID-19 pandemic on the Company's longer-term operational and financial performance, which will depend on a number of future developments, many of which are outside the Company's control, such as the ultimate duration of and factors impacting the recovery from the pandemic (including the efficacy and speed of vaccination programs in curbing the spread of the virus in different markets, the efficacy and availability of various treatment options, the introduction and spread of new variants of the virus that may be resistant to currently approved vaccines or treatment options and the continuation of existing or implementation of new government travel restrictions), the volatility of aircraft fuel prices, customer behavior and preference changes and whether such changes are temporary or permanent, and fluctuations in demand for air travel, among others. The COVID-19 pandemic, the measures taken in response 21 21 21 Table of Contents Table of Contents and related macroeconomic effects may continue to impact many aspects of our business, operating results, financial condition and liquidity in a number of ways, including labor market constraints and related costs (which impact available staffing and therefore the Company's flight schedules and reputation), facility closures and related costs, disruptions to the Company's and its business partners' operations, reduced travel demand and consumer spending, increased fuel and other operating costs (including due to rising inflationary pressures), supply chain constraints, logistics constraints, volatility in the price of our securities, our ability to access capital markets and volatility in the global economy and financial markets generally. If the negative impacts from the COVID-19 pandemic extend beyond our assumed timelines, our actual results may vary significantly from our expectations. Our level of indebtedness has increased as we managed through the effects of the COVID-19 pandemic and positioned the Company for recovery. As a result of the Company's various financing activities in response to the pandemic, the Company is subjected to more substantial risk of default, cross-default and cross-acceleration in the event of breach of its covenants under such financings. For example, under certain of the Company's credit card processing agreements with financial institutions, the financial institutions in certain circumstances have the right to require that the Company maintain certain cash or other collateral reserves related to advance ticket sales. It is possible that COVID-19 could exacerbate any of the other risks described in this Form 10-K as well. At this time, we cannot predict the full extent of the negative impact that the COVID-19 pandemic will have on our business, operating results, financial condition, and liquidity.

🔴 No Match in Current Filing

The proposed phase out of the London interbank offer rate could have a material adverse effect on us.

This section from the 2023 filing does not have a high-confidence textual match in the 2024 filing. It may have been removed, merged, or substantially reworded.

The Company is subject to market risks relating to the phase out of the London interbank offered rates ("LIBOR") and the transition into an index calculated by short-term repurchase agreements – the Secured Overnight Financing Rate ("SOFR") or another alternate reference rate.…

View 2023 text

The Company is subject to market risks relating to the phase out of the London interbank offered rates ("LIBOR") and the transition into an index calculated by short-term repurchase agreements – the Secured Overnight Financing Rate ("SOFR") or another alternate reference rate. As of December 31, 2022, the Company had $12.8 billion in variable rate indebtedness, a significant portion of which still uses LIBOR as a benchmark for establishing applicable rates. In July 2017, the United Kingdom regulator that regulates LIBOR announced its intention to phase out LIBOR rates by the end of 2021. Subsequently, the ICE Benchmark Administration, in its capacity as administrator of USD-LIBOR, announced an extension of the publication of USD-LIBOR (other than one-week and two-month tenors) by 18 months through June 2023. Notwithstanding this extension, a joint statement by key regulatory authorities called on banks to cease entering into new contracts that use USD-LIBOR as a reference rate by no later than December 31, 2021. The Alternative Reference Rates Committee, a steering committee comprised of large U.S. financial institutions, has proposed replacing USD-LIBOR with SOFR. In March 2022, the U.S. enacted the Adjustable Interest Rate (LIBOR) Act, with publication in December 2022 by the Federal Reserve Board of related implementing rules, intended to provide a statutory framework to replace USD-LIBOR with a benchmark rate based on SOFR for contracts governed by U.S. law that have no or ineffective fallback provisions. Since January 1, 2022, our new floating rate debt facilities have generally utilized SOFR-based rates as the initial reference rate. However, we still have variable rate debt based on LIBOR. We have commenced the process of replacing LIBOR as a benchmark in such existing floating rate obligations, but there is no assurance that such replacements will be concluded, or will be concluded prior to LIBOR rates ceasing to be published. While many of our remaining LIBOR-based obligations provide for alternative methods of calculating the interest rate payable if LIBOR is not published, the extent and manner of any future changes with respect to methods of calculating LIBOR or replacing LIBOR with SOFR or with another benchmark remain uncertain. Although the Adjustable Interest Rate (LIBOR) Act provides for a SOFR fallback for certain such agreements, uncertainty exists around the extent to which this transition from USD-LIBOR, whether by amendment or application of this statute, will affect the interest rates in those agreements. We also have certain agreements that look to SOFR as an alternative interest rate method to LIBOR, with the potential for spread adjustments, and we cannot predict what the impact of these agreements and any transition to or use of SOFR could have on us. Although SOFR seems to be the most widely accepted replacement to LIBOR and SOFR based rates are presently the primary such replacement benchmark being implemented by the Company, both the application and the future of SOFR remain uncertain. We may be negatively impacted by renegotiated terms in connection with any replacements to LIBOR as a benchmark, which may adversely affect our interest rates and result in higher borrowing costs that we cannot predict.

🟡 Modified

Increasing privacy, data security and cybersecurity obligations or a significant data breach may adversely affect the Company's business.

high match confidence

Sentence-level differences:

Reworded sentence: "25 25 25 Table of Contents Table of Contents In our regular business operations, we collect, process, store and transmit to commercial partners sensitive data, including personal information of our customers and employees such as payment processing information and information of our business partners, to provide our services and operate our business."
Added sentence: "Any significant liabilities associated with violations of any related laws or regulations could also have an adverse effect on our business, operating results, financial condition and liquidity, reputation and consumer relationships."
Reworded sentence: "Our network, systems and storage applications, and those systems and applications maintained by our third-party commercial partners (such as aircraft and engine suppliers, cloud computing companies, credit card companies, regional airline carriers and international airline partners) have been and likely will continue to be subject to attempts to gain unauthorized access, breaches, malfeasance or other system disruptions, including those involving criminal hackers, denial of service attacks, hacktivists, state-sponsored actors, corporate espionage, employee malfeasance and human or technological error."
Reworded sentence: "While we continually work to safeguard our network, systems and applications, including through risk assessments, system monitoring, cybersecurity and data protection policies, processes and technologies and employee awareness and training, and seek to require that third-parties adhere to security standards, there is no assurance that such actions will be sufficient to prevent actual or perceived cybersecurity incidents or data breaches or the damages and impacts to our business that result therefrom."
Reworded sentence: "Furthermore, the loss, disclosure, misappropriation of or access to sensitive Company information, customers', employees' or business partners' information or the Company's failure to meet its privacy or data protection obligations could result in legal claims or proceedings, penalties and remediation costs."

Current (2024):

Read full text

25 25 25 Table of Contents Table of Contents In our regular business operations, we collect, process, store and transmit to commercial partners sensitive data, including personal information of our customers and employees such as payment processing information and information of our business partners, to provide our services and operate our business. The Company must manage increasing legislative, regulatory and consumer focus on privacy issues, data security and cybersecurity risk management in a variety of jurisdictions domestically and across the globe. For example, the EU's General Data Protection Regulation imposes significant privacy and data security requirements, as well as potential for substantial penalties for non-compliance that have resulted in substantial adverse financial consequences to non-compliant companies. Depending on the regulatory interpretation and enforcement of emerging data protection regulations and industry standards, the Company's business operations could be impacted, up to and including being unable to operate, within certain jurisdictions. Also, some of the Company's commercial partners, such as credit card companies, have imposed data security standards that the Company must meet. The Company will continue its efforts to meet its privacy, data security and cybersecurity risk management obligations; however, it is possible that certain new obligations or customer expectations may be difficult to meet and could require changes in the Company's operating processes and increase the Company's costs. Any significant liabilities associated with violations of any related laws or regulations could also have an adverse effect on our business, operating results, financial condition and liquidity, reputation and consumer relationships. Additionally, the Company must manage the increasing threat of continually evolving cybersecurity risks. Our network, systems and storage applications, and those systems and applications maintained by our third-party commercial partners (such as aircraft and engine suppliers, cloud computing companies, credit card companies, regional airline carriers and international airline partners) have been and likely will continue to be subject to attempts to gain unauthorized access, breaches, malfeasance or other system disruptions, including those involving criminal hackers, denial of service attacks, hacktivists, state-sponsored actors, corporate espionage, employee malfeasance and human or technological error. In some cases, it is difficult to anticipate or to detect immediately such incidents and the damage caused thereby, and we may not be able to realize the benefits of our proactive defense measures and may experience operational difficulty in implementing them. Our use of AI applications has resulted in, and may in the future result in cybersecurity incidents that implicate the personal data of our customers, employees or users of such applications. In addition, as attacks by cybercriminals and nation state actors become more sophisticated, frequent and intense, the costs of proactive defense measures have increased and will likely continue to increase. Furthermore, the Company's remote work arrangements may make it more vulnerable to targeted activity from cybercriminals and significantly increase the risk of cyberattacks or other security breaches. While we continually work to safeguard our network, systems and applications, including through risk assessments, system monitoring, cybersecurity and data protection policies, processes and technologies and employee awareness and training, and seek to require that third-parties adhere to security standards, there is no assurance that such actions will be sufficient to prevent actual or perceived cybersecurity incidents or data breaches or the damages and impacts to our business that result therefrom. Any such cybersecurity incident or data breach could result in significant costs, including monetary damages, operational impacts, including service interruptions and delays, and reputational harm. Furthermore, the loss, disclosure, misappropriation of or access to sensitive Company information, customers', employees' or business partners' information or the Company's failure to meet its privacy or data protection obligations could result in legal claims or proceedings, penalties and remediation costs. A significant data breach or the Company's failure to meet its data privacy or data protection obligations may adversely affect the Company's operations, reputation, relationships with our business partners, business, operating results, financial condition and business strategy.

View prior text (2023)

In our regular business operations, we collect, process, store and transmit to commercial partners sensitive data, including personal information of our customers and employees such as payment processing information and information of our business partners, to provide our services and operate our business. The Company must manage increasing legislative, regulatory and consumer focus on privacy issues, data security and cybersecurity risk management in a variety of jurisdictions across the globe. For example, the EU's General Data Protection Regulation imposes significant privacy and data security requirements, as well as potential for substantial penalties for non-compliance that have resulted in substantial adverse financial consequences to non-compliant companies. Depending on the regulatory interpretation and enforcement of emerging data protection regulations and industry standards, the Company's business operations could be impacted, up to and including being unable to operate, within certain jurisdictions. Also, some of the Company's commercial partners, such as credit card companies, have imposed data security standards that the Company must meet. The Company will continue its efforts to meet its privacy, data security and cybersecurity risk management obligations; however, it is possible that certain new obligations or customer expectations may be difficult to meet and could require changes in the Company's operating processes and increase the Company's costs. Additionally, the Company must manage the increasing threat of continually evolving cybersecurity risks. Our network, systems and storage applications, and those systems and applications maintained by our third-party commercial partners (such as cloud computing companies, credit card companies, regional airline carriers and international airline partners) may be subject to attempts to gain unauthorized access, breach, malfeasance or other system disruptions, including those involving criminal hackers, denial of service attacks, hacktivists, state-sponsored actors, corporate espionage, employee malfeasance and human or technological error. In some cases, it is difficult to anticipate or to detect immediately such incidents and the damage caused thereby. In addition, as attacks by cybercriminals become more sophisticated, frequent and intense, the costs of proactive defense measures have increased and may continue to increase. In addition, several large organizations recently have been affected by "ransomware" attacks, and these highly publicized events may embolden individuals or groups to target our systems or third-party systems on which we rely. Furthermore, the Company's remote work arrangements may make it more vulnerable to targeted activity from cybercriminals and significantly increase the risk of cyberattacks or other security breaches. While we continually work to safeguard our network, systems and applications, including through risk assessments, system monitoring, cybersecurity and data protection policies, processes and technologies and employee awareness and training, and seek to require third-parties adhere to security standards, there is no assurance that such actions will be sufficient to prevent cybersecurity incidents or data breaches or the damages that result therefrom. Any such cybersecurity incident or data breach could result in significant costs, including monetary damages, operational impacts, including service interruptions and delays, and reputational harm. Furthermore, the loss, disclosure, misappropriation of or access to sensitive Company information, customers', employees' or business partners' information or the Company's failure to meet its privacy obligations could result in legal claims or proceedings, penalties and remediation costs. A significant data breach or the Company's failure to meet its obligations may adversely affect the Company's operations, reputation, relationships with our business partners, business, operating results and financial condition.

🟡 Modified

We may not be successful in executing elements of our strategic operating plan, which may have a material adverse impact on our business, financial results and market capitalization.

high match confidence

Sentence-level differences:

Reworded sentence: "United Next, the Company's strategic operating plan, includes firm orders of over 700 narrow and widebody aircraft, retrofitting plans and plans to increase mainline daily departures and available seats across the Company's North American network."

Current (2024):

Read full text

United Next, the Company's strategic operating plan, includes firm orders of over 700 narrow and widebody aircraft, retrofitting plans and plans to increase mainline daily departures and available seats across the Company's North American network. In developing our United Next plan, we made certain assumptions including, but not limited to, customer demand (in light of changing economic conditions), fuel costs, delivery of aircraft, aircraft certification approval timelines, labor market constraints and related costs, supply chain constraints, inflationary pressures, voluntary or mandatory groundings of aircraft, our regional network, competition, market consolidation and other macroeconomic and geopolitical factors. We also subsequently adjusted certain of our assumptions as a result of the increase in costs due to infrastructure improvements, new labor contracts and aircraft maintenance that were needed to support our United Next plan as well as the expected delay in 737 MAX 10 aircraft deliveries. Actual conditions may be different from our assumptions at any time and could cause the Company to further adjust its strategic operating plan. In addition, we cannot provide any assurance that we will be able to successfully execute our strategic plan, that the growth that we anticipate will occur through execution of our strategic plan will not exacerbate any other risk described in this Form 10-K (especially relating to fuel costs, the impact of economic pressures or geopolitical events, our supply chain or our ability to attract, train and retain talent), that our strategic plan will not result in additional unanticipated costs, that our suppliers will timely provide adequate products or support for our products (including but not limited to certification and delivery of aircraft) or that our strategic plan will result in improvements in future financial performance. If we do not successfully execute our United Next or other strategic plans, or if actual results vary significantly from our expectations, our business, operating results, financial condition and market capitalization could be materially and adversely impacted. The failure to successfully structure our business to meet market conditions could have a material adverse effect on our business, operating results and financial condition.

View prior text (2023)

In June 2021, the Company announced its United Next plan, including initial firm orders of 270 aircraft, retrofitting plans and plans to increase mainline daily departures and available seats across the Company's North American network. In developing our United Next plan, we made certain assumptions including, but not limited to, those related to the duration and scope of the impacts from the COVID-19 pandemic, customer demand (in light of the COVID-19 pandemic, inflation and changing economic conditions), fuel costs, delivery of aircraft, labor market constraints and related costs, supply chain constraints, inflationary pressures, voluntary or mandatory groundings of aircraft, our regional network, competition, market consolidation and other macroeconomic and geopolitical factors. Actual conditions may be different from our assumptions and could cause the Company to adjust its strategic operating plan. In addition, we cannot provide any assurance that we will be able to successfully execute our strategic plan, our strategic plan will not result in additional unanticipated costs, the growth that we anticipate will occur through execution of our strategic plan will not exacerbate any other risk described in this Form 10-K (especially relating to fuel costs, the impact of inflationary pressures, our supply chain or our ability to attract, train and retain talent), our suppliers will timely provide adequate products or support for our products (including delivery of aircraft) or our strategic plan will result in improvements in future financial performance. If we do not successfully execute our United Next or other strategic plans, or if actual results vary significantly from our expectations, our business, operating results, financial condition and market capitalization could be materially and adversely impacted. The failure to successfully structure our business to meet market conditions could have a material adverse effect on our business, operating results and financial condition.

🟡 Modified

The Company's business relies extensively on third-party service providers, including certain technology providers. Failure of these parties to perform as expected, or interruptions in the Company's relationships with these providers or their provision of services to the Company, could have a material adverse effect on the Company's business, operating results and financial condition.

high match confidence

Sentence-level differences:

Reworded sentence: "The Company has engaged third-party service providers to perform a large number of functions that are integral to its business, including regional operations, operation of customer service call centers, distribution and sale of airline seat inventory, provision of information technology infrastructure and services, transmitting or uploading of data, provision of aircraft maintenance and repairs, provision of various utilities and performance of airport ground services, aircraft fueling operations, catering services and air cargo handling services, among other vital functions and services."
Reworded sentence: "Accordingly, any of these third-party service providers may materially fail to meet their service performance commitments to the Company or may suffer disruptions to their systems, labor groups or supply chains that could impact their services."
Reworded sentence: "The Company may also have disagreements with such third-party providers and related contracts may be terminated or may not be extended or renewed."

Current (2024):

Read full text

The Company has engaged third-party service providers to perform a large number of functions that are integral to its business, including regional operations, operation of customer service call centers, distribution and sale of airline seat inventory, provision of information technology infrastructure and services, transmitting or uploading of data, provision of aircraft maintenance and repairs, provision of various utilities and performance of airport ground services, aircraft fueling operations, catering services and air cargo handling services, among other vital functions and services. Although generally the Company enters into agreements that define expected service performance and compliance requirements, there can be no assurance that our third-party service providers will adhere to these requirements. Accordingly, any of these third-party service providers may materially fail to meet their service performance commitments to the Company or may suffer disruptions to their systems, labor groups or supply chains that could impact their services. For example, failures in certain third-party technology or communications systems may cause flight delays or cancellations. The failure of any of the Company's third-party service providers to perform their service obligations adequately, or other interruptions of services, may reduce the Company's revenues and increase its expenses, prevent the Company from operating its flights and providing other services to its customers or result in adverse publicity or harm to our brand. We may also be subject to consequences from any illegal conduct of our third-party service providers, including for their failure to comply with anti-corruption laws, such as the U.S. Foreign Corrupt Practices Act. In addition, the Company's business and financial performance could be materially harmed if its customers believe that its services are unreliable or unsatisfactory. The Company may also have disagreements with such third-party providers and related contracts may be terminated or may not be extended or renewed. For example, the number of flight reservations booked through third-party GDSs or OTAs may be adversely affected by disruptions in the business relationships between the Company and these suppliers. Such disruptions, including a failure to agree upon acceptable contract terms when contracts expire or otherwise become subject to renegotiation, may cause the Company's flight information to be limited or unavailable for display by the affected GDS or OTA operator, significantly increase fees for both the Company and GDS/OTA users and impair the Company's relationships with its customers and travel agencies. Any such disruptions or contract terminations may adversely impact our operations and financial results. If we are not able to negotiate or renew agreements with third-party service providers, or if we renew existing agreements on less favorable terms, our operations and financial results may be adversely affected.

View prior text (2023)

The Company has engaged third-party service providers to perform a large number of functions that are integral to its business, including regional operations, operation of customer service call centers, distribution and sale of airline seat inventory, provision of information technology infrastructure and services, transmitting or uploading of data, provision of aircraft maintenance and repairs, provision of various utilities and performance of airport ground services, aircraft fueling operations and catering services, among other vital functions and services. Although generally the Company enters into agreements that define expected service performance and compliance requirements, there can be no assurance that our third-party service providers will adhere to these requirements. Accordingly, any of these third-party service providers may materially fail to meet its service performance commitments to the Company or may suffer disruptions to its systems that could impact its services. For example, failures in certain third-party technology or communications systems may cause flight delays or cancellations. The failure of any of the Company's third-party service providers to perform their service obligations adequately, or other interruptions of services, may reduce the Company's revenues and increase its expenses, prevent the Company from operating its flights and providing other services to its customers or result in adverse publicity or harm to our brand. We may also be subject to consequences from any illegal conduct of our third-party service providers, including for their failure to comply with anti-corruption laws, such as the U.S. Foreign Corrupt Practices Act. In addition, the Company's business and financial performance could be materially harmed if its customers believe that its services are unreliable or unsatisfactory. The Company may also have disagreements with such providers or such contracts may be terminated or may not be extended or renewed. For example, the number of flight reservations booked through third-party GDSs or OTAs may be adversely affected by disruptions in the business relationships between the Company and these suppliers. Such disruptions, including a failure to agree upon acceptable contract terms when contracts expire or otherwise become subject to renegotiation, may cause the Company's flight information to be limited or unavailable for display by the affected GDS or OTA operator, significantly increase fees for both the Company and GDS/OTA users and impair the Company's relationships with its customers and travel agencies. Any such disruptions or contract terminations may adversely impact our operations and financial results. If we are not able to negotiate or renew agreements with third-party service providers, or if we renew existing agreements on less favorable terms, our operations and financial results may be adversely affected.

🟡 Modified

The Company relies heavily on technology and automated systems to operate its business and any significant failure or disruption of, or failure to effectively integrate and implement, these technologies or systems could materially harm its business or business strategy.

high match confidence

Sentence-level differences:

Reworded sentence: "The Company depends on technology and automated systems, including artificial intelligence ("AI"), to operate its business, including, but not limited to, computerized airline reservation systems, electronic tickets, electronic airport kiosks, demand prediction software, flight operations systems, in-flight wireless internet, cloud-based technologies, technical and business operations systems and commercial websites and applications, including www.united.com and the United Airlines mobile app."
Reworded sentence: "However, these measures may not be adequate to prevent or mitigate disruptions or provide coverage for the Company's associated costs, some of which may be unforeseeable."

Current (2024):

Read full text

The Company depends on technology and automated systems, including artificial intelligence ("AI"), to operate its business, including, but not limited to, computerized airline reservation systems, electronic tickets, electronic airport kiosks, demand prediction software, flight operations systems, in-flight wireless internet, cloud-based technologies, technical and business operations systems and commercial websites and applications, including www.united.com and the United Airlines mobile app. These systems could suffer substantial or repeated disruptions due to various events, some of which are beyond the Company's control (including natural disasters (which may occur more frequently or intensely as a result of the impacts of climate change), power failures, terrorist attacks, dependencies on third-party technology services, equipment or software failures, cybersecurity attacks, insider threats or other security breaches and the deployment by certain wireless carriers of "5G" service networks), which could reduce the attractiveness of the Company's services versus those of our competitors, materially impair our ability to market our services and operate our flights, result in the unauthorized release of confidential or sensitive information, or information that should be protected from inadvertent disclosures, negatively impact our reputation among our customers and the public, subject us to liability to third parties, regulatory action or contract termination and result in other increased costs, lost revenue and the loss of, or compromise to the integrity, availability or confidentiality of, important data. These systems have in the past and may in the future be subject to failure, disruption or cyber incidents as a result of these or other factors. Substantial or repeated systems failures or disruptions may adversely affect the Company's business, operating results, financial condition and business strategy. We have cybersecurity frameworks, resiliency initiatives and disaster recovery plans in place designed to prevent and mitigate disruptions, and we continue to invest in improvements to these initiatives and plans. We also maintain property and business interruption insurance. However, these measures may not be adequate to prevent or mitigate disruptions or provide coverage for the Company's associated costs, some of which may be unforeseeable. The Company may also face challenges in implementing, integrating and modifying the automated systems and technologies required to operate its business or new systems and technologies designed to enhance its business, each of which may require significant expenditures, human resources, the development of effective internal controls and the transformation of business and financial processes. Our competitors or other third parties may incorporate AI into their products more quickly or more successfully than us, which could impair our ability to compete effectively and adversely affect our results of operations. Additionally, if the content, analyses, or recommendations that AI applications assist in producing are or are alleged to be deficient, inaccurate, or biased, our business, reputation, financial condition, and results of operations may be adversely affected. AI also presents emerging ethical issues, and if our use of AI becomes controversial, we may experience brand or reputational harm, competitive harm, or legal liability. The rapid evolution of AI, including proposed government regulation of AI, may require significant resources to develop, test and maintain our AI platform and services to help us implement AI in a compliant and ethical manner in order to minimize any adverse impact to our business. If the Company is generally unable to timely or effectively implement, integrate or modify its systems and technology, the Company's operations could be adversely affected.

View prior text (2023)

The Company depends on technology and automated systems to operate its business, including, but not limited to, computerized airline reservation systems, electronic tickets, electronic airport kiosks, demand prediction software, flight operations systems, in-flight wireless internet, cloud-based technologies, technical and business operations systems and commercial websites and applications, including www.united.com and the United Airlines mobile app. These systems could suffer substantial or repeated disruptions due to various events, some of which are beyond the Company's control (including natural disasters (which may occur more frequently or intensely as a result of the impacts of climate change), power failures, terrorist attacks, dependencies on third-party technology services, equipment or software failures, cybersecurity attacks or other 26 26 26 Table of Contents Table of Contents security breaches and the deployment by certain wireless carriers of "5G" service networks), which could reduce the attractiveness of the Company's services versus those of our competitors, materially impair our ability to market our services and operate our flights, result in the unauthorized release of confidential or sensitive information, or information that should be protected from inadvertent disclosures, negatively impact our reputation among our customers and the public, subject us to liability to third parties, regulatory action or contract termination and result in other increased costs, lost revenue and the loss of, or compromise to the integrity, availability or confidentiality of, important data. As a result, substantial or repeated systems failures or disruptions may adversely affect the Company's business, operating results and financial condition. We have cybersecurity frameworks, resiliency initiatives and disaster recovery plans in place to prevent and mitigate disruptions, and we continue to invest in improvements to these initiatives and plans. We also maintain property and business interruption insurance. However, these measures may not be adequate to prevent or mitigate disruptions or provide coverage for all of the Company's associated costs, some of which may be unforeseeable. The Company may also face challenges in implementing, integrating and modifying the automated systems and technology required to operate its business, which may require significant expenditures, human resources, the development of effective internal controls and the transformation of business and financial processes. If the Company is unable to timely or effectively implement, integrate or modify its systems and technology, the Company's operations could be adversely affected.