PAYX, §1A diff (2017 → 2018)
Added paragraphs (3077 words)
Item 1A. Risk Factors Our future results of operations are subject to a number of risks and uncertainties. These risks and uncertainties could cause actual results to differ materially from historical and current results, and from our projections. The risk factors described below represent our current view of some of the most important risks facing our business and are important to understanding our business. The risks described below are not the only risks we face. Additional factors not presently known to us or that we currently deem to be immaterial also may adversely affect, possibly to a material extent, our business, cash flows, financial condition, or results of operations in future periods. In addition, you should refer to the description of forward-looking statements at the beginning of Part I of this Form 10-K. Our services may be adversely impacted by changes in government regulations and policies. Many of our services, particularly payroll tax administration services and employee benefit plan administration services, are designed according to government regulations that continually change, for example, the ambiguity surrounding the Department of Labor’s fiduciary rule for retirement plan service. Changes in regulations could affect the extent and type of benefits employers are required, or may choose, to provide employees or the amount and type of taxes employers and employees are required to pay. Such changes could reduce or eliminate the need for some of our services and substantially decrease our revenue. Added requirements could also increase our cost of doing business. Failure to educate and assist our clients regarding new or revised legislation that impacts them could have an adverse impact on our reputation. Failure by us to modify our services in a timely fashion in response to regulatory changes could have a material adverse effect on our business and results of operations. Our business and reputation may be adversely impacted if we fail to comply with U.S. and foreign laws and regulations. Our services are subject to various laws and regulations, including, but not limited to, the ACA and Anti-Money Laundering rules. The growth of our international operations via acquisition also subjects us to additional risks, such as compliance with the Foreign Corrupt Practices Act and United Kingdom Bribery Act. As of this fiscal year, the financial impact of our international operations to our overall business has been insignificant. However, over time, our international operations may grow and increase their significance to our business. Uncertainty regarding the potential future modifications of existing laws and regulations can also adversely affect our business. There is uncertainty regarding the potential future evolution and modification of the ACA. Failure to update our services to comply with modified or new legislation in the area of health care reform as well as failure to educate and assist our clients regarding this legislation could adversely impact our business reputation and negatively impact our client base. Failure to comply with laws and regulations could result in the imposition of consent orders or civil and criminal penalties, including fines, which could damage our reputation and have an adverse effect on our results of operations or financial condition. We have policies and procedures to monitor our compliance with U.S. and foreign laws and regulations throughout the business and our acquisitions. We may not be able to keep pace with changes in technology or provide timely enhancements to our products and services. The market for our products is characterized by rapid technological advancements, changes in customer requirements, frequent new product introductions, and enhancements and changing industry standards. To maintain our growth strategy, we must adapt and respond to technological advances and technological requirements of our clients. Our future success will depend on our ability to: enhance our current products and introduce new products in order to keep pace with products offered by our competitors; enhance capabilities and increase the performance of our internal systems, particularly our systems that meet our clients’ requirements; and adapt to technological advancements and changing industry standards. We continue to make significant investments related to the development of new technology. If our systems become outdated, we may be at a disadvantage when competing in our industry. There can be no assurance that our efforts to update and integrate systems will be successful. If we do not integrate and update our systems in a timely manner, or if our investments in technology fail to provide the expected results, there could be a material adverse effect to our business and results of operations.
Our reputation, results of operations, or financial condition may be adversely impacted if we fail to comply with data privacy laws and regulations. Our services require the storage and transmission of proprietary and confidential information of our clients and their employees, including personal or identifying information, as well as their financial and payroll data. Our applications are subject to various complex government laws and regulations on the federal, state, and local levels, including those governing personal privacy. In the U.S., we are subject to rules and regulations promulgated under the authority of the Federal Trade Commission, the Health Insurance Portability and Accountability Act of 1996, the Family Medical Leave Act of 1993, the ACA, federal and state labor and employment laws, and state data breach notification laws. In addition, the European Union’s General Data Privacy Regulation became fully effective in May 2018. Failure to comply with such laws and regulations could result in the imposition of consent orders or civil and criminal penalties, including fines, which could damage our reputation and have an adverse effect on our results of operations or financial condition. The regulatory framework for privacy issues is rapidly evolving and future enactment of more restrictive laws, rules, or regulations and/or future enforcement actions or investigations could have a materially adverse impact on us through increased costs or restrictions on our business and noncompliance could result in regulatory penalties and significant legal liability. We could be subject to reduced revenues, increased costs, liability claims, or harm to our competitive position as a result of cyberattacks, security vulnerabilities or Internet disruptions. We rely upon information technology (“IT”) networks, cloud-based platforms, and systems to process, transmit, and store electronic information, and to support a variety of business processes. Cyberattacks and security threats are a risk to our business and reputation. A privacy or IT security breach could have a material adverse effect on our business. Data Security and Privacy Leaks: We collect, use, and retain increasingly large amounts of personal information about our clients, employees of our clients, and our employees, including: bank account numbers, credit card numbers, social security numbers, tax return information, health care information, retirement account information, payroll information, system and network passwords, and other sensitive personal and business information. At the same time, the continued occurrence of high-profile data breaches provides evidence of an external environment increasingly hostile to information security. Vulnerabilities, threats, and more sophisticated and targeted computer crimes pose a risk to the security of our systems and networks, and the confidentiality, availability, and integrity of our data. Our service platforms enable our clients to store and process personal data on premise or, increasingly, in a cloud-based environment that we host. The security of our IT infrastructure is an important consideration in our customers’ purchasing decisions. Because the techniques used to obtain unauthorized access, disable or degrade service or sabotage systems change frequently, are increasingly more complex and sophisticated and may be difficult to detect for long periods of time, we may be unable or fail to anticipate these techniques or implement adequate or timely preventative or responsive measures. As cyber threats continue to evolve, we are focused on ensuring that our operating environments safeguard and protect personal and business information. We may be required to invest significant additional resources to comply with evolving cybersecurity regulations and to modify and enhance our information security and controls, and to investigate and remediate any security vulnerabilities. While we have security systems and IT infrastructure in place designed to detect and protect against unauthorized access to such information, if our security measures are breached, our business could be substantially harmed and we could incur significant liabilities. Any such breach or unauthorized access could negatively affect our ability to attract new clients, cause existing clients to terminate their agreements with us, result in reputational damage, and subject us to lawsuits, regulatory fines, or other actions or liabilities which could materially and adversely affect our business and operating results. Third parties, including vendors that provide services for our operations, could also be a source of security risk to us in the event of a failure of their own security systems and infrastructure. Data Loss and Business Interruption: If our systems are disrupted or fail for any reason, including Internet or systems failure, or if our systems are infiltrated by unauthorized persons, both the Company and our clients could experience data loss, financial loss, harm to reputation, or significant business interruption. We may be required to incur significant costs to protect against damage caused by disruptions or security breaches in the future. Such events may expose us to unexpected liability, litigation, regulatory investigation and penalties, loss of clients’ business, unfavorable impact to business reputation, and there could be a material adverse effect on our business and results of operations. In the event of a catastrophe, our business continuity plan may fail, which could result in the loss of client data and adversely interrupt operations. Our operations are dependent on our ability to protect our infrastructure against damage from catastrophe or natural disaster, severe weather including events resulting from climate change, unauthorized security breach, power loss, telecommunications failure, terrorist attack, or other events that could have a significant disruptive effect on our operations. We have a business continuity plan in place in the event of system failure due to any of these events. Our business continuity plan has been tested in the past by circumstances of severe weather, including hurricanes, floods, and snowstorms, and has been successful. However, these past successes are not an indicator of success in the future. If the business continuity plan is unsuccessful in a disaster recovery scenario, we could potentially lose client data or experience material adverse interruptions to our operations or delivery of services to our clients.
We may be adversely impacted by any failure of third-party service providers to perform their functions. As part of providing services to clients, we rely on a number of third-party service providers. These service providers include, but are not limited to, couriers used to deliver client payroll checks and banks used to electronically transfer funds from clients to their employees. Failure by these service providers, for any reason, to deliver their services in a timely manner could result in material interruptions to our operations, impact client relations, and result in significant penalties or liabilities to us. We may be exposed to additional risks related to our co-employment relationship within our PEO business. Many federal and state laws that apply to the employer-employee relationship do not specifically address the obligations and responsibilities of the “co-employment” relationship. As a result, there is a possibility that we may be subject to liability for violations of employment or discrimination laws by our clients and acts or omissions of client employees, who may be deemed to be our agents, even if we do not participate in any such acts or violations. Although our agreements with clients provide that they will indemnify us for any liability attributable to their own or their employees’ conduct, we may not be able to effectively enforce or collect such contractual obligations. In addition, we could be subject to liabilities with respect to our employee benefit plans if it were determined that we are not the “employer” under any applicable state or federal laws. We may be adversely impacted by changes in health insurance and workers’ compensation rates and underlying claims trends. Within our PEO business, we maintain health and workers’ compensation insurance covering worksite employees. The insurance costs are impacted by claims experience and are a significant portion of our PEO costs. If we experience a sudden or unexpected increase in claims activity, our costs could increase. In addition, in the event of expiration or cancellation of existing contracts, we may not be able to secure replacement contracts on competitive terms. Also, as a co-employer in the PEO, we assume or share many of the employer-related responsibilities associated with health care reform, which may result in increased costs. Increases in costs not incorporated into service fees timely or fully could have a material adverse effect on our results of operations. Incorporating cost increases into service fees could also impact our ability to attract and retain clients. Our clients could have insufficient funds to cover payments we have made on their behalf, resulting in financial loss to us. As part of the payroll processing service, we are authorized by our clients to transfer money from their accounts to fund amounts owed to their employees and various taxing authorities. It is possible that we could be held liable for such amounts in the event the client has insufficient funds to cover them. We have in the past, and may in the future, make payments on our clients’ behalf for which we may not be reimbursed, resulting in loss to us. Our interest earned on funds held for clients may be impacted by changes in government regulations mandating the amount of tax withheld or timing of remittance. We receive interest income from investing client funds collected but not yet remitted to applicable tax or regulatory agencies or to client employees. A change in regulations either decreasing the amount of taxes to be withheld or allowing less time to remit taxes to applicable tax or regulatory agencies could adversely impact interest income. We may be adversely impacted by volatility in the political and economic environment. Trade, monetary and fiscal policies, and political and economic conditions may substantially change, and credit markets may experience periods of constriction and variability. When there is a slowdown in the economy, employment levels and interest rates may decrease or become more volatile. These conditions may impact our business due to lower transaction volumes or an increase in the number of clients going out of business. Current or potential clients may decide to reduce their spending on payroll and other outsourcing services. In addition, new business formation may be affected by an inability to obtain credit. We invest our funds held for clients in high quality, investment-grade marketable securities, money markets, and other cash equivalents. However, these funds held for clients are subject to general market, interest rate, credit, and liquidity risks. These risks may be exacerbated during periods of unusual financial market volatility. The interest we earn on funds held for clients may decrease as a result of a decline in funds available to invest and lower interest rates. In addition, during periods of volatility in the credit markets, certain types of investments may not be available to us or may become too risky for us to invest in, further reducing the interest we may earn on client funds. Constriction in the credit markets may impact the availability of financing, even to borrowers with the highest credit ratings. Historically, we have periodically borrowed against available credit arrangements to meet short-term liquidity needs. However, should we require additional short-term liquidity during days of large outflows of client funds, a credit constriction may limit our ability to access those funds or the flexibility to obtain them at interest rates that would be acceptable to us. Growth in services for funding payrolls of our clients in the temporary staffing industry may be constricted if access to financing becomes limited. If all of these financial and economic circumstances were to remain in effect for an extended period of time, there could be a material adverse effect on our results of operations and financial condition.
We may not be able to attract and retain qualified people, which could impact the quality of our services and customer satisfaction. Our success, growth, and financial results depend in part on our continuing ability to attract, retain, and motivate highly qualified people at all levels, including management, technical, compliance, and sales personnel. Competition for these individuals can be intense, and we may not be able to retain our key people, or attract, assimilate, or retain other highly-qualified individuals in the future, which could harm our future success. Failure to protect our intellectual property rights may harm our competitive position and litigation to protect our intellectual property rights or defend against third party allegations of infringement may be costly. Despite our efforts to protect our intellectual property and proprietary information, we may be unable to do so effectively in all cases. Our intellectual property could be wrongfully acquired as a result of a cyberattack or other wrongful conduct by employees or third parties. To the extent that our intellectual property is not protected effectively by trademarks, copyrights, patents, or other means, other parties with knowledge of our intellectual property, including former employees, may seek to exploit our intellectual property for their own and others’ advantage. Competitors may also misappropriate our trademarks, copyrights or other intellectual property rights or duplicate our technology and products. Any significant impairment or misappropriation of our intellectual property or proprietary information could harm our business and our brand, and may adversely affect our ability to compete. We are involved in litigation from time to time arising from the operation of our business and, as such, we could incur substantial judgments, fines, legal fees or other costs. We are sometimes the subject of complaints or litigation from customers, employees or other third parties for various actions. From time to time, we are involved in litigation involving claims related to, among other things, breach of contract, tortious conduct and employment and labor law matters. The damages sought against us in some of these litigation proceedings could be substantial. Although we maintain liability insurance for some litigation claims, if one or more of the claims were to greatly exceed our insurance coverage limits or if our insurance policies do not cover a claim, this could have a material adverse effect on our business, financial condition, results of operations and cash flows. Quantitative and qualitative disclosures about market risk: Refer to Item 7A of this Form 10-K for a discussion on Market Risk Factors, which could have a material adverse effect on our business and results of operations. Item 1B.
Removed paragraphs (2822 words)
Item 1A. Risk Factors Our future results of operations are subject to a number of risks and uncertainties. These risks and uncertainties could cause actual results to differ materially from historical and current results, and from our projections. The risk factors described below represent our current view of some of the most important risks facing our business and are important to understanding our business. The risks described below are not the only risks we face. Additional factors not presently known to us or that we currently deem to be immaterial also may adversely affect, possibly to a material extent, our business, cash flows, financial condition, or results of operations in future periods. In addition, you should refer to the description of forward-looking statements at the beginning of Part I of this Form 10-K. Our services may be adversely impacted by changes in government regulations and policies. Many of our services, particularly payroll tax administration services and employee benefit plan administration services, are designed according to government regulations that continually change, for example, the Department of Labor’s recently adopted fiduciary rule for retirement plan service. Changes in regulations could affect the extent and type of benefits employers are required, or may choose, to provide employees or the amount and type of taxes employers and employees are required to pay. Such changes could reduce or eliminate the need for some of our services and substantially decrease our revenue. Added requirements could also increase our cost of doing business. Failure to educate and assist our clients regarding new or revised legislation that impacts them could have an adverse impact on our reputation. Failure by us to modify our services in a timely fashion in response to regulatory changes could have a material adverse effect on our business and results of operations. Our business may be adversely impacted if the ACA is repealed in its entirety or certain aspects of ACA are repealed or modified as a result of recent political changes. On January 20, 2017, President Donald J. Trump issued an executive order stating that it is the policy of the new administration to seek the prompt repeal of the ACA. While initial attempts at repeal and replacement have not been successful, the current administration continues to work toward that goal. In May 2017, the U.S. House of Representatives approved legislation to repeal and replace major parts of the ACA and the U.S. Senate is currently considering the legislation. Uncertainties exist regarding if and when the ACA will ultimately be modified or repealed. If the ACA is modified to eliminate the employer reporting requirements or if the ACA is repealed and new legislation does not include such reporting requirements, it will negatively impact the revenue we currently generate from our ESR service. Uncertainty regarding the potential future modification, repeal, or replacement of the ACA could adversely affect our ability to sell our ESR application to new clients. Failure to update our services to comply with modified or new legislation in the area of health care reform as well as failure to educate and assist our clients regarding this legislation could adversely impact our business reputation and negatively impact our client base.
We may not be able to keep pace with changes in technology or provide timely enhancements to our products and services. The market for our products is characterized by rapid technological advancements, changes in customer requirements, frequent new product introductions, and enhancements and changing industry standards. To maintain our growth strategy, we must adapt and respond to technological advances and technological requirements of our clients. Our future success will depend on our ability to: enhance our current products and introduce new products in order to keep pace with products offered by our competitors; enhance capabilities and increase the performance of our internal systems, particularly our systems that meet our clients’ requirements; and adapt to technological advancements and changing industry standards. We continue to make significant investments related to the development of new technology. If our systems become outdated, we may be at a disadvantage when competing in our industry. There can be no assurance that our efforts to update and integrate systems will be successful. If we do not integrate and update our systems in a timely manner, or if our investments in technology fail to provide the expected results, there could be a material adverse effect to our business and results of operations. Our reputation, results of operations, or financial condition may be adversely impacted if we fail to comply with data privacy laws and regulations. Our services require the storage and transmission of proprietary and confidential information of our clients and their employees, including personal or identifying information, as well as their financial and payroll data. Our applications are subject to various complex government laws and regulations on the federal, state, and local levels, including those governing personal privacy. In the U.S., we are subject to rules and regulations promulgated under the authority of the Federal Trade Commission, the Health Insurance Portability and Accountability Act of 1996, the Family Medical Leave Act of 1993, the ACA, federal and state labor and employment laws, and state data breach notification laws. Failure to comply with such laws and regulations could result in the imposition of consent orders or civil and criminal penalties, including fines, which could damage our reputation and have an adverse effect on our results of operations or financial condition. The regulatory framework for privacy issues is rapidly evolving and future enactment of more restrictive laws, rules, or regulations and/or future enforcement actions or investigations could have a materially adverse impact on us through increased costs or restrictions on our business and noncompliance could result in regulatory penalties and significant legal liability. We could be subject to reduced revenues, increased costs, liability claims, or harm to our competitive position as a result of cyber-attacks, security vulnerabilities or Internet disruptions. We rely upon information technology (“IT”) networks, cloud-based platforms, and systems to process, transmit, and store electronic information, and to support a variety of business processes. Cyber-attacks and security threats are a risk to our business and reputation. A privacy or IT security breach could have a material adverse effect on our business. Data Security and Privacy Leaks: We collect, use, and retain increasingly large amounts of personal information about our clients, employees of our clients, and our employees, including: bank account numbers, credit card numbers, social security numbers, tax return information, health care information, retirement account information, payroll information, system and network passwords, and other sensitive personal and business information. At the same time, the continued occurrence of high-profile data breaches provides evidence of an external environment increasingly hostile to information security. Vulnerabilities, threats, and more sophisticated and targeted computer crimes pose a risk to the security of our systems and networks, and the confidentiality, availability, and integrity of our data. Our service platforms enable our clients to store and process personal data on premise or, increasingly, in a cloud-based environment that we host. The security of our IT infrastructure is an important consideration in our customers’ purchasing decisions. As cyber threats continue to evolve, we are focused on ensuring that our operating environments safeguard and protect personal and business information. While we have security systems and IT infrastructure in place designed to detect and protect against unauthorized access to such information, if our security measures are breached, our business could be substantially harmed and we could incur significant liabilities. Any such breach or unauthorized access could negatively affect our ability to attract new clients, cause existing clients to terminate their agreements with us, result in reputational damage, and subject us to lawsuits, regulatory fines, or other actions or liabilities which could materially and adversely affect our business and operating results. Third parties, including vendors that provide services for our operations, could also be a source of security risk to us in the event of a failure of their own security systems and infrastructure. Data Loss and Business Interruption: If our systems are disrupted or fail for any reason, including Internet or systems failure, or if our systems are infiltrated by unauthorized persons, both the Company and our clients could experience data loss, financial loss, harm to reputation, or significant business interruption. We may be required to incur significant costs to protect against damage caused by disruptions or security breaches in the future. Such events may expose us to unexpected liability, litigation, regulatory investigation and penalties, loss of clients’ business, unfavorable impact to business reputation, and there could be a material adverse effect on our business and results of operations.
In the event of a catastrophe, our business continuity plan may fail, which could result in the loss of client data and adversely interrupt operations. Our operations are dependent on our ability to protect our infrastructure against damage from catastrophe or natural disaster, severe weather including events resulting from climate change, unauthorized security breach, power loss, telecommunications failure, terrorist attack, or other events that could have a significant disruptive effect on our operations. We have a business continuity plan in place in the event of system failure due to any of these events. Our business continuity plan has been tested in the past by circumstances of severe weather, including hurricanes, floods, and snowstorms, and has been successful. However, these past successes are not an indicator of success in the future. If the business continuity plan is unsuccessful in a disaster recovery scenario, we could potentially lose client data or experience material adverse interruptions to our operations or delivery of services to our clients. We may be adversely impacted by any failure of third-party service providers to perform their functions. As part of providing services to clients, we rely on a number of third-party service providers. These service providers include, but are not limited to, couriers used to deliver client payroll checks and banks used to electronically transfer funds from clients to their employees. Failure by these service providers, for any reason, to deliver their services in a timely manner could result in material interruptions to our operations, impact client relations, and result in significant penalties or liabilities to us. We may be exposed to additional risks related to our co-employment relationship within our PEO business. Many federal and state laws that apply to the employer-employee relationship do not specifically address the obligations and responsibilities of the “co-employment” relationship. As a result, there is a possibility that we may be subject to liability for violations of employment or discrimination laws by our clients and acts or omissions of client employees, who may be deemed to be our agents, even if we do not participate in any such acts or violations. Although our agreements with clients provide that they will indemnify us for any liability attributable to their own or their employees’ conduct, we may not be able to effectively enforce or collect such contractual obligations. In addition, we could be subject to liabilities with respect to our employee benefit plans if it were determined that we are not the “employer” under any applicable state or federal laws. We may be adversely impacted by changes in health insurance and workers’ compensation rates and underlying claims trends. Within our PEO business, we maintain health and workers’ compensation insurance covering worksite employees. The insurance costs are impacted by claims experience and are a significant portion of our PEO costs. If we experience a sudden or unexpected increase in claims activity, our costs could increase. In addition, in the event of expiration or cancellation of existing contracts, we may not be able to secure replacement contracts on competitive terms. Also, as a co-employer in the PEO, we assume or share many of the employer-related responsibilities associated with health care reform, which may result in increased costs. Increases in costs not incorporated into service fees timely or fully could have a material adverse effect on our results of operations. Incorporating cost increases into service fees could also impact our ability to attract and retain clients. Our clients could have insufficient funds to cover payments we have made on their behalf, resulting in financial loss to us. As part of the payroll processing service, we are authorized by our clients to transfer money from their accounts to fund amounts owed to their employees and various taxing authorities. It is possible that we could be held liable for such amounts in the event the client has insufficient funds to cover them. We have in the past, and may in the future, make payments on our clients’ behalf for which we may not be reimbursed, resulting in loss to us. Our interest earned on funds held for clients may be impacted by changes in government regulations mandating the amount of tax withheld or timing of remittance. We receive interest income from investing client funds collected but not yet remitted to applicable tax or regulatory agencies or to client employees. A change in regulations either decreasing the amount of taxes to be withheld or allowing less time to remit taxes to applicable tax or regulatory agencies could adversely impact interest income. We may be adversely impacted by volatility in the political and economic environment. Trade, monetary and fiscal policies, and political and economic conditions may substantially change, and credit markets may experience periods of constriction and variability. When there is a slowdown in the economy, employment levels and interest rates may decrease or become more volatile. These conditions may impact our business due to lower transaction volumes or an increase in the number of clients going out of business. Current or potential clients may decide to reduce their spending on payroll and other outsourcing services. In addition, new business formation may be affected by an inability to obtain credit. We invest our funds held for clients in high quality, investment-grade marketable securities, money markets, and other cash equivalents. However, these funds held for clients are subject to general market, interest rate, credit, and liquidity risks. These risks may be exacerbated during periods of unusual financial market volatility. The interest we earn on funds held for clients may decrease as a result of a decline in funds available to invest and lower interest rates. In addition, during periods of volatility in the credit markets, certain types of investments may not be available to us or may become too risky for us to invest in, further reducing the interest we may earn on client funds.
Constriction in the credit markets may impact the availability of financing, even to borrowers with the highest credit ratings. Historically, we have periodically borrowed against available credit arrangements to meet short-term liquidity needs. However, should we require additional short-term liquidity during days of large outflows of client funds, a credit constriction may limit our ability to access those funds or the flexibility to obtain them at interest rates that would be acceptable to us. Growth in services for funding payrolls of our clients in the temporary staffing industry may be constricted if access to financing becomes limited. If all of these financial and economic circumstances were to remain in effect for an extended period of time, there could be a material adverse effect on our results of operations and financial condition. We may not be able to attract and retain qualified people, which could impact the quality of our services and customer satisfaction. Our success, growth, and financial results depend in part on our continuing ability to attract, retain, and motivate highly qualified people at all levels, including management, technical, compliance, and sales personnel. Competition for these individuals can be intense, and we may not be able to retain our key people, or attract, assimilate, or retain other highly-qualified individuals in the future, which could harm our future success. Failure to protect our intellectual property rights may harm our competitive position and litigation to protect our intellectual property rights or defend against third party allegations of infringement may be costly. Despite our efforts to protect our intellectual property and proprietary information, we may be unable to do so effectively in all cases. Our intellectual property could be wrongfully acquired as a result of a cyber-attack or other wrongful conduct by employees or third parties. To the extent that our intellectual property is not protected effectively by trademarks, copyrights, patents, or other means, other parties with knowledge of our intellectual property, including former employees, may seek to exploit our intellectual property for their own and others’ advantage. Competitors may also misappropriate our trademarks, copyrights or other intellectual property rights or duplicate our technology and products. Any significant impairment or misappropriation of our intellectual property or proprietary information could harm our business and our brand, and may adversely affect our ability to compete. Quantitative and qualitative disclosures about market risk: Refer to Item 7A of this Form 10-K for a discussion on Market Risk Factors, which could have a material adverse effect on our business and results of operations. Item 1B.
Current §1A text (2018)
Show full section (3075 words)
Item 1A. Risk Factors Our future results of operations are subject to a number of risks and uncertainties. These risks and uncertainties could cause actual results to differ materially from historical and current results, and from our projections. The risk factors described below represent our current view of some of the most important risks facing our business and are important to understanding our business. The risks described below are not the only risks we face. Additional factors not presently known to us or that we currently deem to be immaterial also may adversely affect, possibly to a material extent, our business, cash flows, financial condition, or results of operations in future periods. In addition, you should refer to the description of forward-looking statements at the beginning of Part I of this Form 10-K. Our services may be adversely impacted by changes in government regulations and policies. Many of our services, particularly payroll tax administration services and employee benefit plan administration services, are designed according to government regulations that continually change, for example, the ambiguity surrounding the Department of Labor’s fiduciary rule for retirement plan service. Changes in regulations could affect the extent and type of benefits employers are required, or may choose, to provide employees or the amount and type of taxes employers and employees are required to pay. Such changes could reduce or eliminate the need for some of our services and substantially decrease our revenue. Added requirements could also increase our cost of doing business. Failure to educate and assist our clients regarding new or revised legislation that impacts them could have an adverse impact on our reputation. Failure by us to modify our services in a timely fashion in response to regulatory changes could have a material adverse effect on our business and results of operations. Our business and reputation may be adversely impacted if we fail to comply with U.S. and foreign laws and regulations. Our services are subject to various laws and regulations, including, but not limited to, the ACA and Anti-Money Laundering rules. The growth of our international operations via acquisition also subjects us to additional risks, such as compliance with the Foreign Corrupt Practices Act and United Kingdom Bribery Act. As of this fiscal year, the financial impact of our international operations to our overall business has been insignificant. However, over time, our international operations may grow and increase their significance to our business. Uncertainty regarding the potential future modifications of existing laws and regulations can also adversely affect our business. There is uncertainty regarding the potential future evolution and modification of the ACA. Failure to update our services to comply with modified or new legislation in the area of health care reform as well as failure to educate and assist our clients regarding this legislation could adversely impact our business reputation and negatively impact our client base. Failure to comply with laws and regulations could result in the imposition of consent orders or civil and criminal penalties, including fines, which could damage our reputation and have an adverse effect on our results of operations or financial condition. We have policies and procedures to monitor our compliance with U.S. and foreign laws and regulations throughout the business and our acquisitions. We may not be able to keep pace with changes in technology or provide timely enhancements to our products and services. The market for our products is characterized by rapid technological advancements, changes in customer requirements, frequent new product introductions, and enhancements and changing industry standards. To maintain our growth strategy, we must adapt and respond to technological advances and technological requirements of our clients. Our future success will depend on our ability to: enhance our current products and introduce new products in order to keep pace with products offered by our competitors; enhance capabilities and increase the performance of our internal systems, particularly our systems that meet our clients’ requirements; and adapt to technological advancements and changing industry standards. We continue to make significant investments related to the development of new technology. If our systems become outdated, we may be at a disadvantage when competing in our industry. There can be no assurance that our efforts to update and integrate systems will be successful. If we do not integrate and update our systems in a timely manner, or if our investments in technology fail to provide the expected results, there could be a material adverse effect to our business and results of operations. Our reputation, results of operations, or financial condition may be adversely impacted if we fail to comply with data privacy laws and regulations. Our services require the storage and transmission of proprietary and confidential information of our clients and their employees, including personal or identifying information, as well as their financial and payroll data. Our applications are subject to various complex government laws and regulations on the federal, state, and local levels, including those governing personal privacy. In the U.S., we are subject to rules and regulations promulgated under the authority of the Federal Trade Commission, the Health Insurance Portability and Accountability Act of 1996, the Family Medical Leave Act of 1993, the ACA, federal and state labor and employment laws, and state data breach notification laws. In addition, the European Union’s General Data Privacy Regulation became fully effective in May 2018. Failure to comply with such laws and regulations could result in the imposition of consent orders or civil and criminal penalties, including fines, which could damage our reputation and have an adverse effect on our results of operations or financial condition. The regulatory framework for privacy issues is rapidly evolving and future enactment of more restrictive laws, rules, or regulations and/or future enforcement actions or investigations could have a materially adverse impact on us through increased costs or restrictions on our business and noncompliance could result in regulatory penalties and significant legal liability. We could be subject to reduced revenues, increased costs, liability claims, or harm to our competitive position as a result of cyberattacks, security vulnerabilities or Internet disruptions. We rely upon information technology (“IT”) networks, cloud-based platforms, and systems to process, transmit, and store electronic information, and to support a variety of business processes. Cyberattacks and security threats are a risk to our business and reputation. A privacy or IT security breach could have a material adverse effect on our business. Data Security and Privacy Leaks: We collect, use, and retain increasingly large amounts of personal information about our clients, employees of our clients, and our employees, including: bank account numbers, credit card numbers, social security numbers, tax return information, health care information, retirement account information, payroll information, system and network passwords, and other sensitive personal and business information. At the same time, the continued occurrence of high-profile data breaches provides evidence of an external environment increasingly hostile to information security. Vulnerabilities, threats, and more sophisticated and targeted computer crimes pose a risk to the security of our systems and networks, and the confidentiality, availability, and integrity of our data. Our service platforms enable our clients to store and process personal data on premise or, increasingly, in a cloud-based environment that we host. The security of our IT infrastructure is an important consideration in our customers’ purchasing decisions. Because the techniques used to obtain unauthorized access, disable or degrade service or sabotage systems change frequently, are increasingly more complex and sophisticated and may be difficult to detect for long periods of time, we may be unable or fail to anticipate these techniques or implement adequate or timely preventative or responsive measures. As cyber threats continue to evolve, we are focused on ensuring that our operating environments safeguard and protect personal and business information. We may be required to invest significant additional resources to comply with evolving cybersecurity regulations and to modify and enhance our information security and controls, and to investigate and remediate any security vulnerabilities. While we have security systems and IT infrastructure in place designed to detect and protect against unauthorized access to such information, if our security measures are breached, our business could be substantially harmed and we could incur significant liabilities. Any such breach or unauthorized access could negatively affect our ability to attract new clients, cause existing clients to terminate their agreements with us, result in reputational damage, and subject us to lawsuits, regulatory fines, or other actions or liabilities which could materially and adversely affect our business and operating results. Third parties, including vendors that provide services for our operations, could also be a source of security risk to us in the event of a failure of their own security systems and infrastructure. Data Loss and Business Interruption: If our systems are disrupted or fail for any reason, including Internet or systems failure, or if our systems are infiltrated by unauthorized persons, both the Company and our clients could experience data loss, financial loss, harm to reputation, or significant business interruption. We may be required to incur significant costs to protect against damage caused by disruptions or security breaches in the future. Such events may expose us to unexpected liability, litigation, regulatory investigation and penalties, loss of clients’ business, unfavorable impact to business reputation, and there could be a material adverse effect on our business and results of operations. In the event of a catastrophe, our business continuity plan may fail, which could result in the loss of client data and adversely interrupt operations. Our operations are dependent on our ability to protect our infrastructure against damage from catastrophe or natural disaster, severe weather including events resulting from climate change, unauthorized security breach, power loss, telecommunications failure, terrorist attack, or other events that could have a significant disruptive effect on our operations. We have a business continuity plan in place in the event of system failure due to any of these events. Our business continuity plan has been tested in the past by circumstances of severe weather, including hurricanes, floods, and snowstorms, and has been successful. However, these past successes are not an indicator of success in the future. If the business continuity plan is unsuccessful in a disaster recovery scenario, we could potentially lose client data or experience material adverse interruptions to our operations or delivery of services to our clients. We may be adversely impacted by any failure of third-party service providers to perform their functions. As part of providing services to clients, we rely on a number of third-party service providers. These service providers include, but are not limited to, couriers used to deliver client payroll checks and banks used to electronically transfer funds from clients to their employees. Failure by these service providers, for any reason, to deliver their services in a timely manner could result in material interruptions to our operations, impact client relations, and result in significant penalties or liabilities to us. We may be exposed to additional risks related to our co-employment relationship within our PEO business. Many federal and state laws that apply to the employer-employee relationship do not specifically address the obligations and responsibilities of the “co-employment” relationship. As a result, there is a possibility that we may be subject to liability for violations of employment or discrimination laws by our clients and acts or omissions of client employees, who may be deemed to be our agents, even if we do not participate in any such acts or violations. Although our agreements with clients provide that they will indemnify us for any liability attributable to their own or their employees’ conduct, we may not be able to effectively enforce or collect such contractual obligations. In addition, we could be subject to liabilities with respect to our employee benefit plans if it were determined that we are not the “employer” under any applicable state or federal laws. We may be adversely impacted by changes in health insurance and workers’ compensation rates and underlying claims trends. Within our PEO business, we maintain health and workers’ compensation insurance covering worksite employees. The insurance costs are impacted by claims experience and are a significant portion of our PEO costs. If we experience a sudden or unexpected increase in claims activity, our costs could increase. In addition, in the event of expiration or cancellation of existing contracts, we may not be able to secure replacement contracts on competitive terms. Also, as a co-employer in the PEO, we assume or share many of the employer-related responsibilities associated with health care reform, which may result in increased costs. Increases in costs not incorporated into service fees timely or fully could have a material adverse effect on our results of operations. Incorporating cost increases into service fees could also impact our ability to attract and retain clients. Our clients could have insufficient funds to cover payments we have made on their behalf, resulting in financial loss to us. As part of the payroll processing service, we are authorized by our clients to transfer money from their accounts to fund amounts owed to their employees and various taxing authorities. It is possible that we could be held liable for such amounts in the event the client has insufficient funds to cover them. We have in the past, and may in the future, make payments on our clients’ behalf for which we may not be reimbursed, resulting in loss to us. Our interest earned on funds held for clients may be impacted by changes in government regulations mandating the amount of tax withheld or timing of remittance. We receive interest income from investing client funds collected but not yet remitted to applicable tax or regulatory agencies or to client employees. A change in regulations either decreasing the amount of taxes to be withheld or allowing less time to remit taxes to applicable tax or regulatory agencies could adversely impact interest income. We may be adversely impacted by volatility in the political and economic environment. Trade, monetary and fiscal policies, and political and economic conditions may substantially change, and credit markets may experience periods of constriction and variability. When there is a slowdown in the economy, employment levels and interest rates may decrease or become more volatile. These conditions may impact our business due to lower transaction volumes or an increase in the number of clients going out of business. Current or potential clients may decide to reduce their spending on payroll and other outsourcing services. In addition, new business formation may be affected by an inability to obtain credit. We invest our funds held for clients in high quality, investment-grade marketable securities, money markets, and other cash equivalents. However, these funds held for clients are subject to general market, interest rate, credit, and liquidity risks. These risks may be exacerbated during periods of unusual financial market volatility. The interest we earn on funds held for clients may decrease as a result of a decline in funds available to invest and lower interest rates. In addition, during periods of volatility in the credit markets, certain types of investments may not be available to us or may become too risky for us to invest in, further reducing the interest we may earn on client funds. Constriction in the credit markets may impact the availability of financing, even to borrowers with the highest credit ratings. Historically, we have periodically borrowed against available credit arrangements to meet short-term liquidity needs. However, should we require additional short-term liquidity during days of large outflows of client funds, a credit constriction may limit our ability to access those funds or the flexibility to obtain them at interest rates that would be acceptable to us. Growth in services for funding payrolls of our clients in the temporary staffing industry may be constricted if access to financing becomes limited. If all of these financial and economic circumstances were to remain in effect for an extended period of time, there could be a material adverse effect on our results of operations and financial condition. We may not be able to attract and retain qualified people, which could impact the quality of our services and customer satisfaction. Our success, growth, and financial results depend in part on our continuing ability to attract, retain, and motivate highly qualified people at all levels, including management, technical, compliance, and sales personnel. Competition for these individuals can be intense, and we may not be able to retain our key people, or attract, assimilate, or retain other highly-qualified individuals in the future, which could harm our future success. Failure to protect our intellectual property rights may harm our competitive position and litigation to protect our intellectual property rights or defend against third party allegations of infringement may be costly. Despite our efforts to protect our intellectual property and proprietary information, we may be unable to do so effectively in all cases. Our intellectual property could be wrongfully acquired as a result of a cyberattack or other wrongful conduct by employees or third parties. To the extent that our intellectual property is not protected effectively by trademarks, copyrights, patents, or other means, other parties with knowledge of our intellectual property, including former employees, may seek to exploit our intellectual property for their own and others’ advantage. Competitors may also misappropriate our trademarks, copyrights or other intellectual property rights or duplicate our technology and products. Any significant impairment or misappropriation of our intellectual property or proprietary information could harm our business and our brand, and may adversely affect our ability to compete. We are involved in litigation from time to time arising from the operation of our business and, as such, we could incur substantial judgments, fines, legal fees or other costs. We are sometimes the subject of complaints or litigation from customers, employees or other third parties for various actions. From time to time, we are involved in litigation involving claims related to, among other things, breach of contract, tortious conduct and employment and labor law matters. The damages sought against us in some of these litigation proceedings could be substantial. Although we maintain liability insurance for some litigation claims, if one or more of the claims were to greatly exceed our insurance coverage limits or if our insurance policies do not cover a claim, this could have a material adverse effect on our business, financial condition, results of operations and cash flows. Quantitative and qualitative disclosures about market risk: Refer to Item 7A of this Form 10-K for a discussion on Market Risk Factors, which could have a material adverse effect on our business and results of operations. Item 1B.