ITEM 1A. RISK FACTORS
Investing in our securities involves a high degree of risk. You should carefully consider the risks and uncertainties described below, together with all of the other information in this report, including the condensed consolidated financial statements and the related notes included elsewhere in this report, before making an investment decision. The risks and uncertainties described below are not the only ones we face. Additional risks and uncertainties that we are unaware of, or that we currently believe are not material, may also become important factors that materially and adversely affect our business. If any of the following risks actually occurs, our business operations, financial condition, operating results, and prospects could be materially and adversely affected. The market price of our securities could decline due to the materialization of these or any other risks, and you could lose part or all of your investment.
Summary of Risk Factors
The below summary risks provide an overview of the material risks we are exposed to in the normal course of our business activities. The below summary risks do not contain all of the information that may be important to you, and you should read these together with the more detailed discussion of risks set forth following this section, as well as elsewhere in this report under the heading “Management’s Discussion and Analysis of Financial Condition and Results of Operations.” Additional risks beyond those summarized below, or discussed elsewhere in “Risk Factors” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” may apply to our activities or operations as currently conducted or as we may conduct them in the future, or to the markets in which we currently operate or may in the future operate. Consistent with the foregoing, we are exposed to a variety of risks, including those associated with the following:
•any compromise of our information technology systems or the security measures of our service partners, or the unauthorized access of customer or user data;
•our ability to properly manage our technical operations infrastructure, including our data centers and computing infrastructure operated by third parties, or the impact of service outages or delays in the deployment of our applications, or the failure of our applications to perform properly;
•privacy concerns and evolving domestic or foreign laws and regulations;
•the impact of continuing global economic and geopolitical volatility, inflation, rising interest rates, financial institution liquidity concerns, and the measures we may take in response to such events;
•any loss of key employees or the inability to attract, train, and retain highly skilled employees;
•our ability to compete effectively in the intensely competitive markets in which we participate;
•exposure to risks inherent to sales to customers outside the United States or with international operations;
•any dissatisfaction of our users with the deployment, training, and support services provided by us and our partners;
•the fluctuation of our quarterly results;
•our ability to realize a return on our current development efforts or offer new features, enhancements, and modifications to our products and services, and our ability to realize a return on the investments we have made toward entering new markets and new lines of business;
•delays in the reflection of downturns or upturns in new sales in our operating results associated with long sales cycles;
•our ability to predict the rate of customer subscription renewals or adoptions;
•our ability to establish or maintain our strategic relationships with third parties, or any failure to successfully integrate our applications with third-party technologies;
•a failure to manage our growth effectively;
•our ability to realize the expected business or financial benefits of company, employee, or technology acquisitions;
•our history of cumulative losses;
•any failure to protect our intellectual property rights domestically and internationally;
•lawsuits against us by third parties for alleged infringement of their proprietary rights or in connection with our use of open source software;
•risks related to government contracts and related procurement regulations;
•any adverse litigation results;
•the limited ability of non-affiliates to influence corporate matters due to the dual class structure of our common stock;
•our substantial indebtedness;
•the limited ability of third parties to seek a merger, tender offer, or proxy contest due to Delaware law and provisions in our organizational documents; and
•the limited ability of a stockholder to bring a claim in a judicial forum that it finds favorable for disputes with us or any of our directors, officers, or other employees due to the exclusive forum provision in our organizational documents.
Risks Related to Our Business and Industry
If we fail to properly manage our technical operations infrastructure, experience service outages, undergo delays in the deployment of our applications, or our applications fail to perform properly, we may be subject to liabilities and our reputation and operating results may be adversely affected.
We have experienced significant growth in the number of users, transactions, and data that our operations infrastructure supports. We seek to maintain sufficient excess capacity in our operations infrastructure to meet the needs of all of our customers and users, as well as our own needs, and to ensure that our services and solutions are accessible within an acceptable load time. If we do not accurately predict our infrastructure requirements, we may experience service outages. Furthermore, if our operations infrastructure fails to scale, we may experience delays in providing service as we seek to obtain additional capacity, and no assurance can be made that we will be able to secure such additional capacity on the same or similar terms as we currently have, which could result in a significant increase in our operating costs. Moreover, any failure to scale and secure additional capacity could result in delays in new feature rollouts, reduce the demand for our applications, result in customer and end user dissatisfaction, and adversely affect our business and operating results.
We have experienced, and may in the future experience, defects, system disruptions, outages, and other performance problems, including the failure of our applications to perform properly. These problems may be caused by a variety of factors, including infrastructure and software or code changes, vendor issues, software and system defects, human error, viruses, worms, security attacks (internal and external), fraud, spikes in customer usage, and denial of service issues. In some instances, we may not be able to identify the cause or causes of these performance problems within an acceptable period of time. Because of the large amount of data that we collect and process in our systems, it is possible that these issues could result in significant disruption, data loss or corruption, or cause the data to be incomplete or contain inaccuracies that our customers and other users regard as significant. Additionally, such issues have, and may in the future, result in vulnerabilities that could inadvertently result in unauthorized access to data. Furthermore, the availability or performance of our applications could also be adversely affected by our customers’ and other users’ inability to access the internet. For example, our customers and other users access our applications through their internet service providers. If a service provider fails to provide sufficient capacity to support our applications or otherwise experiences service outages, such failure could interrupt our customers’ and other users’ access to our applications, which could adversely affect their perception of our applications’ reliability and our revenues. In addition, certain countries have implemented or may implement legislative and technological actions that either do or can effectively regulate access to the internet, including the ability of internet service providers to limit access to specific websites or content. Other countries have attempted or are attempting to change or limit the legal protections available to businesses that depend on the internet for the delivery of their services.
Our customer agreements typically provide for monthly service level commitments. If we are unable to meet the stated service level commitments or suffer extended periods of unavailability for our applications as a result of the foregoing or otherwise, we may be contractually obligated to issue service credits or refunds to customers for prepaid and unused subscription services, our customers may make warranty or other claims against us, or we could face contract terminations, which would adversely affect our attrition rates. Any extended service outages could result in customer losses and adversely affect our reputation, business, and operating results.
Furthermore, our financial management application is essential to our and our customers’ financial planning, reporting, and compliance programs. Any interruption in our service may affect the availability, accuracy, or timeliness of such programs and as a result could damage our reputation, cause our customers to terminate their use of our applications, require us to issue refunds for prepaid and unused subscription services, require us to compensate our customers for certain losses, and prevent us from gaining additional business from current or future customers. In addition, because we use Workday’s financial management application, any problems that we experience with financial reporting and compliance could be negatively perceived by prospective or current customers and negatively impact demand for our applications.
Our errors and omissions insurance may be inadequate or may not be available in the future on acceptable terms, or at all, to protect against claims and other legal actions. In addition, our policy may not cover all claims made against us and defending a suit, regardless of its merit, could be costly and divert management’s attention.
We depend on data centers and computing infrastructure operated by third parties, and any disruption in these operations could adversely affect our business and operating results.
We host our applications and serve our customers and users from data centers operated by third parties located in the United States, Canada, and Europe. While we control and have access to our servers and all of the components of our network that are located in these data centers, we do not control certain aspects of these facilities, including their operation and security. The owners of these data center facilities have limited or no obligation to renew their agreements with us on commercially reasonable terms, or at all. If we are unable to renew these agreements on commercially reasonable terms, or if any of these data center operators are acquired, cease to do business, or stop providing contracted services, we may be required to transfer our servers and other infrastructure to new data center facilities, and we may incur significant costs and experience possible service interruptions in connection with doing so.
In addition, we rely upon third-party hosted infrastructure partners globally, including AWS, Google LLC, and Microsoft Corporation, to serve customers and operate certain aspects of our services. Any disruption of or interference at our hosted infrastructure partners would impact our operations and our business could be adversely impacted. For example, in July 2022, we experienced a disruption at certain of our hosted data centers in two of our U.S. locations due to high temperatures and power outages that resulted in a brief temporary outage of our services for a subset of our customers. These facilities may also be subject to capacity constraints, financial difficulties, break-ins, sabotage, intentional acts of vandalism and similar misconduct, natural catastrophic events, as well as local administrative actions, changes to legal or permitting requirements, and litigation to stop, limit or delay operation.
Additionally, if these data center operators or hosted infrastructure partners are unable to keep up with our needs for capacity, this could have an adverse effect on our business. Any changes in third-party service levels at these data centers or at our hosted infrastructure partners, or any errors, defects, disruptions, or other performance problems with our applications or the infrastructure on which they run, including those related to cybersecurity threats or attacks, could adversely affect our reputation and may damage our customers’ or other users’ stored files or result in lengthy interruptions in our services. Interruptions in our services might adversely affect our reputation and operating results, cause us to issue refunds or service credits to customers for prepaid and unused subscription services, subject us to potential liabilities, result in contract terminations, or adversely affect our renewal rates.
The extent to which the continuing global economic and geopolitical volatility, the impact of inflation on our costs and on customer spending, and measures taken in response to such events will continue to impact our business, financial condition, and operating results will depend on future developments, which are highly uncertain and difficult to predict.
We operate on a global scale, and as a result, our business and revenues are impacted by global economic and geopolitical conditions. Global economic developments, downturns or recessions, instability in the global banking system, and global health crises may negatively affect us or our ability to accurately forecast and plan our future business activity. For example, inflation rates have recently increased, and inflationary pressure may result in decreased demand for our products and services, increases in our operating costs (including our labor costs), reduced liquidity, and limits on our ability to access credit or otherwise raise capital. In response to the concerns over inflation risk, the U.S. Federal Reserve raised interest rates multiple times in 2022 and 2023 and may continue to do so in the future. The COVID-19 pandemic has negatively impacted the global economy, disrupted global supply chains, and created significant volatility and disruption of financial markets. In addition, the Russian invasion of Ukraine in early 2022 has led to further economic disruption. While we do not operate in Russia and while our extended workforce in Ukraine is not a material part of our workforce, the conflict has increased inflationary cost pressures and supply chain constraints which have negatively impacted the global economy and may negatively impact the supply chain required to sustain our data centers and computing infrastructure operations.
It is especially difficult to predict the impact of such events on the global economic markets, which have been and will continue to be highly dependent upon the actions of governments, businesses, and other enterprises in response to such events, and the effectiveness of those actions. As a result of these and other recent macroeconomic events, we have experienced volatility in the trading prices for our Class A common stock, and such volatility may continue in the long term. Any sustained adverse impacts from these and other recent macroeconomic events could materially and adversely affect our business, financial condition, operating results, and earnings guidance that we may issue from time to time, which could have a material effect on the value of our Class A common stock.
Our future revenues rely on continued demand by existing customers and the acquisition of new customers who may be subject to economic hardship, labor shortages, and global supply chain disruptions due to recent macroeconomic events and may delay or reduce their enterprise software spending to preserve capital and liquidity. In connection with recent macroeconomic events, we have experienced and may continue to experience delays in purchasing decisions from existing and prospective customers and a reduction in customer demand. Our business, financial condition, and operating results may be negatively impacted in future periods due to the prolonged impacts of recent macroeconomic events, including economic downturns or recessions. While our subscription services revenues are relatively predictable in the near term as a result of our subscription-based business model, the effect of recent macroeconomic events may not be fully reflected in our operating results and overall financial performance until future periods.
It is not possible for us to estimate the duration or magnitude of the adverse results of recent macroeconomic events and their effect on our business, financial condition, or operating results at this time, as the impact will depend on future developments, which are highly uncertain and difficult to predict. To the extent recent macroeconomic events adversely affect our business, financial condition, and operating results, it may also have the effect of heightening many of the other risks described in this “Risk Factors” section.
We may lose key employees or be unable to attract, train, and retain highly skilled employees.
Our success and future growth depend largely upon the continued services of our executive officers, other members of senior management, and other key employees. We do not have employment agreements with our executive officers or other key personnel that require them to continue to work for us for any specified period, and they could terminate their employment with us at any time. In December 2022, we announced the resignation of Chano Fernandez from his role as Co-CEO and the appointment of Carl Eschenbach as our Co-CEO, alongside Aneel Bhusri. From time to time, there may be changes in our executive management team and to other key employee roles resulting from organizational changes or the hiring or departure of executives or other employees, which could disrupt our business, impact our ability to preserve our culture, negatively affect our ability to attract and retain personnel, or otherwise have a serious adverse effect on our business and operating results.
To execute our growth plan, we must attract, train, and retain highly qualified personnel. Our ability to compete and succeed in a highly competitive environment is directly correlated to our ability to recruit and retain highly skilled employees, especially in the areas of product development, cybersecurity, senior sales executives, and engineers with significant experience in designing and developing software and internet-related services, including in the areas of artificial intelligence (“AI”) and machine learning (“ML”). The market for skilled personnel in the software industry is very competitive, and as we are headquartered in the San Francisco Bay Area, we face intense competition among large and small organizations in the Silicon Valley market. The increased availability of hybrid or remote working arrangements has expanded the pool of companies that can compete for our employees and employment candidates. In addition, the expansion of our sales infrastructure, both domestically and internationally, is necessary to grow our customer base and business. Identifying and recruiting qualified personnel and training them in our sales methodology, our sales systems, and the use of our software requires significant time, expense, and attention. Our business may be adversely affected if our efforts to attract and train new members of our direct sales force do not generate a corresponding increase in revenues. We have experienced, and we expect to continue to experience, difficulty in hiring and retaining employees with appropriate qualifications, and we may not be able to fill positions in desired geographic areas or at all.
Many of the companies with which we compete for experienced personnel have greater resources than we have and may offer more lucrative compensation packages than we offer. Our business may be adversely affected if we are unable to retain our highly skilled employees, especially our senior sales executives. Job candidates and existing employees carefully consider the value of the equity awards they receive in connection with their employment. If the perceived or actual value of our equity awards declines, or if the mix of equity and cash compensation that we offer is not sufficiently attractive, it may adversely affect our ability to recruit and retain highly skilled employees. Additionally, job candidates may be threatened with legal action under agreements with their existing employers if we attempt to hire them, which could have an adverse effect on hiring and result in a diversion of our time and resources. We must also continue to retain and motivate existing employees through our compensation practices, company culture, and career development opportunities. Further, our current and future office environments or our current hybrid work policies may not meet the expectations of our employees or prospective employees, and may amplify challenges in recruiting. If we fail to attract new personnel or to retain our current personnel, our business and future growth prospects could be adversely affected.
The markets in which we participate are intensely competitive, and if we do not compete effectively, our operating results could be adversely affected.
The markets for enterprise cloud applications are highly competitive, with relatively low barriers to entry for some applications or services. Some of our competitors are larger and have greater name recognition, significantly longer operating histories, access to larger customer bases, larger marketing budgets, and significantly greater resources to devote to the development, promotion, and sale of their products and services than we do. This may allow our competitors to respond more effectively than us to new or emerging technologies and changes in market conditions.
Our primary competitors are Oracle Corporation and SAP SE, well-established providers of financial management and HCM applications, which have long-standing relationships with many customers. Some customers may be hesitant to switch vendors or to adopt cloud applications such as ours and may prefer to maintain their existing relationships with competitors. We also face competition from other enterprise software vendors, from regional competitors that only operate in certain geographic markets, and from vendors of specific applications that address only one or a portion of our applications, some of which offer cloud-based solutions. These vendors include, without limitation: UKG Inc., Automatic Data Processing, Inc., Infor, Inc., Ceridian HCM Holding Inc., Microsoft Corporation, Anaplan, Inc., and Coupa Software Inc. In order to take advantage of customer demand for cloud applications, legacy vendors are expanding their cloud applications through acquisitions, strategic alliances, and organic development. In addition, other cloud companies that provide services in different target markets may develop applications or acquire companies that operate in our target markets, and some potential customers may elect to develop their own internal applications. As the market matures and as existing and new market participants introduce new types of technologies and different approaches that enable organizations to address their HCM and financial needs, we expect this competition to intensify in the future.
Furthermore, our current or potential competitors may be acquired by, or merge with, third parties with greater available resources and the ability to initiate or withstand substantial price competition. Our competitors may also establish cooperative relationships among themselves or with third parties that may further enhance their offerings or resources. Many of our competitors also have major distribution agreements with consultants, system integrators, and resellers. If our competitors’ products, services, or technologies become more accepted than our products, if they are successful in bringing their products or services to market earlier than ours, or if their products or services are more technologically capable than ours, then our revenues could be adversely affected. In addition, our competitors may offer their products and services at a lower price, or may offer price concessions, delayed payment terms, financing terms, or other terms and conditions that are more enticing to potential customers in light of the challenging business environment created by economic downturn, or other recent macroeconomic conditions. Pricing pressures and increased competition could result in reduced sales, reduced margins, losses, or a failure to maintain or improve our competitive market position, any of which could adversely affect our business and operating results.
Sales to customers outside the United States or with international operations expose us to risks inherent in global operations.
A key element of our growth strategy is to further develop our worldwide customer base. Operating globally requires significant resources and management attention and subjects us to regulatory, economic, and political risks that are different from those in the United States. Our efforts to further expand internationally may not be successful in creating additional demand for our applications outside of the United States or in effectively selling subscriptions to our applications in all of the markets we enter. Foreign regulations, including privacy, data localization, and import/export regulations, are subject to change and uncertainty, including as a result of geopolitical developments, which may be amplified by macroeconomic conditions, including recession, rising interest rates, or events such as the Russia-Ukraine conflict and the remaining effects of the COVID-19 pandemic. We face other risks in doing business on a global scale that could adversely affect our business, including:
•the need to develop, localize, and adapt our applications and customer support for specific countries, including translation into foreign languages, localization of contracts for different legal jurisdictions, and associated expenses;
•the need to successfully develop and execute on a go-to-market strategy that aligns application management efforts and the development of supporting infrastructure;
•stricter data privacy laws including requirements that customer data be stored and processed in a designated territory and obligations on us as a data processor;
•difficulties in appropriately staffing and managing foreign operations and providing appropriate compensation for local markets;
•difficulties in leveraging executive presence and company culture globally;
•different pricing environments, longer sales cycles, and longer trade receivables payment cycles, and collections issues;
•new and different sources of competition;
•potentially weaker protection for intellectual property and other legal rights than in the United States and practical difficulties in enforcing intellectual property and other rights;
•laws, customs, and business practices favoring local competitors;
•restrictive governmental actions focused on cross-border trade, such as import and export restrictions, duties, quotas, tariffs, trade disputes, and barriers or sanctions, including due to the Russia-Ukraine conflict, that may prevent us from offering certain portions of our products or services to a particular market, may increase our operating costs or may subject us to monetary fines or penalties in case of unintentional noncompliance due to factors beyond our control;
•compliance challenges related to the complexity of multiple, conflicting, and changing governmental laws and regulations, including employment, tax, privacy, intellectual property, and data protection laws and regulations;
•increased compliance costs related to government regulatory reviews or audits, including those related to international cybersecurity requirements;
•increased financial accounting and reporting burdens and complexities;
•restrictions on the transfer of funds;
•ensuring compliance with anti-corruption laws, including the Foreign Corrupt Practices Act and United Kingdom (“UK”) Bribery Act;
•the effects of currency fluctuations on our revenues and expenses and customer demand for our services;
•the cost and potential outcomes of any international claims or litigation;
•adverse tax consequences and tax rulings; and
•unstable economic and political conditions.
Any of the above factors may negatively impact our ability to sell our applications and offer services globally, reduce our competitive position in foreign markets, increase our costs of global operations, and reduce demand for our applications and services from global customers. Additionally, the majority of our international costs are denominated in local currencies and we anticipate that over time an increasing portion of our sales contracts may be outside the U.S. and will therefore be denominated in local currencies. Additionally, global events, as well as geopolitical developments such as the Russia-Ukraine conflict, fluctuating commodity prices, trade tariff developments, economic downturn, and inflation have caused, and may in the future cause, global economic uncertainty, and uncertainty about the interest rate environment, which could amplify the volatility of currency fluctuations. Therefore, fluctuations in the value of foreign currencies may impact our operating results when translated into U.S. dollars. Such fluctuations may also impact our ability to predict our future results accurately. Although we have a hedging program to help mitigate some of this volatility and related risks, there can be no assurance that the hedging program will be effective in offsetting the adverse financial impacts that may result from unfavorable movements in foreign currency exchange rates.
Our business could be adversely affected if our users are not satisfied with the deployment, training, and support services provided by us and our partners.
Our business depends on our ability to satisfy our customers and end users, both with respect to our application offerings and the professional services that are performed to help them use features and functions that address their business needs. High customer satisfaction requires that our customers undergo a successful implementation and be properly trained on our applications to effectively implement and increase their level of adoption of such applications. Implementation of our applications may be technically complicated because they are designed to enable complex and varied business processes across large organizations, integrate data from a broad and complex range of workflows and systems, and may involve deployment in a variety of environments. Incorrect or improper implementation or use of our applications could result in customer and user dissatisfaction and harm our business and operating results.
In order for our customers to successfully implement our applications, they need access to highly skilled and trained service professionals. Professional services may be performed by our own staff, by a third party, or by a combination of the two. Our strategy is to work with third parties to increase the breadth of capability and depth of capacity for delivery of these services to our customers, and third parties provide a majority of deployment services for our customers. If customers are not satisfied with the quality and timing of work performed by us or a third party or with the type of professional services or applications delivered, or if we or a third party have not delivered on commitments made to our customers, then we could incur additional costs to address the situation, the revenue recognition of the contract could be impacted, and the dissatisfaction with our services could damage our ability to expand the applications subscribed to by our customers. Negative publicity related to our customer relationships, regardless of its accuracy, may further damage our business by affecting our ability to compete for new business with current and prospective customers both domestic and abroad.
Customers and other users also depend on our support organization to provision the environments used by our customers and to resolve technical issues relating to our applications. We may be unable to respond quickly enough to accommodate short-term increases in demand for support services. We may also be unable to modify the format of our support services to compete with changes in support services provided by our competitors. Increased demand for these services, without corresponding revenues, could increase costs and adversely affect our operating results. Failure to maintain high-quality technical support and training, or a market perception that we do not maintain high-quality support or training, could adversely affect our reputation, our ability to offer and sell our applications, our renewal rates, and our business and operating results.
Our future success depends on the rate of customer subscription renewals or adoptions, and our revenues or operating results could be adversely impacted if we do not achieve renewals and adoptions at expected rates or on anticipated terms.
As the markets for our applications mature, or as new competitors introduce new products or services that compete with ours, we may be unable to attract new customers at the same pace or based on the same pricing model as we have used historically. From time to time, we may also change our pricing structure, which could adversely impact demand for our products. Moreover, our customers have and may continue to request price concessions and delayed payment terms. Economic uncertainty and the risk or occurrence of global or domestic recessions can prompt existing and prospective customers to demand price concessions and delayed payment terms with increasing frequency and significance, and our competitors may become more likely to provide such concessions, which could adversely affect our revenues, profitability, financial position, and cash flows in any given period. Attrition of key personnel at our customers has impacted and may continue to impact our direct sales efforts. Furthermore, because our future revenue growth relies, in large part, on new customer acquisition, any inability of our sales force to establish relationships with potential customers during the current environment or prospects deferring buying decisions due to the economic uncertainty, is likely to have a negative impact on our future revenue growth and other financial measures.
In addition, our customers have no obligation to renew their subscriptions for our applications after the expiration of either the initial or renewed subscription period. If we or our partners are unable to successfully educate our customers on the benefits and features of our applications, or if our customers are aware of those benefits and features but do not use them, our customers may renew for fewer elements of our applications, renew on different pricing terms, or fail to renew, and market perceptions of our company and our applications may be impaired, and our reputation and brand may suffer. Our customers’ renewal rates may also decline or fluctuate as a result of a number of other factors, the risk of which may be heightened by current macroeconomic conditions and may further increase if these conditions persist, including their level of satisfaction with our applications and pricing, their ability to continue their operations and spending levels, reductions in their headcount, and the evolution of their business. If our customers do not renew their subscriptions for our applications on similar pricing terms, our revenues may decline, and we may not be able to meet our revenue projections, which could negatively impact our business and the market price of our Class A common stock. In addition, over time the average term of our contracts could change based on renewal rates or for other reasons.
Our future success also depends, in part, on our ability to sell additional products to our current customers, and the success rate of such endeavors is difficult to predict, especially with regard to any new lines of business that we may introduce from time to time. This may require increasingly costly marketing and sales efforts that are targeted at senior management, and if these efforts are not successful, our business and operating results may suffer. Additionally, acquisitions of our customers by other companies have led, and could continue to lead, to cancellation of our contracts with those customers, thereby reducing the number of our existing and potential customers.
Our quarterly results may fluctuate significantly and may not fully reflect the underlying performance of our business.
Our quarterly operating results, including our revenues, subscription revenue backlog, operating margin, profitability, and cash flow, may vary significantly in the future and period-to-period comparisons of our operating results may not be meaningful. Accordingly, the results of any one quarter should not be relied upon as an indication of future performance. Our quarterly financial results may fluctuate as a result of a variety of factors, many of which are outside of our control, and as a result, may not fully reflect the underlying performance of our business. As discussed above, the extent to which global economic uncertainty, inflation, the remaining effects of the COVID-19 pandemic, and other recent macroeconomic events could continue to impact our operating results will depend on future developments, which are highly uncertain and difficult to predict. Fluctuations in our quarterly results and related impacts to any earnings guidance we may issue from time to time, including any modification or withdrawal thereof, may negatively impact the value of our securities. Additionally, as we typically sign a significantly higher percentage of agreements with new customers as well as renewal agreements with existing customers in the fourth quarter of each year, we may experience a greater impact on our business and quarterly results due to the prolonged uncertainty.
Additional factors that may cause fluctuations in our quarterly financial results include, without limitation, those listed below:
•our ability to attract new customers, customer renewal rates, the financial condition and creditworthiness of our customers, and the timing and rate at which we sign agreements with customers;
•the addition or loss of large customers, including through acquisitions or consolidations;
•regulatory compliance costs, including research and development costs incurred to add functionality to help our customers comply with evolving privacy and data security laws;
•the timing of recognition of revenues and operating expenses, including expenses related to acquisitions and potential future charges for impairment of goodwill;
•the amount and timing of operating expenses related to organizational changes, employee matters, and the maintenance and expansion of our business, operations, and infrastructure;
•network outages or security breaches;
•general economic, market, and geopolitical conditions, including the impact of recent economic downturn, instability in the global banking system, the Russia-Ukraine conflict, inflation, and rising interest rates;
•increases or decreases in the number of elements of our services or pricing changes upon any renewals of customer agreements;
•the changes in payment terms and timing of customer payments and payment defaults by customers, including those impacted by the recent macroeconomic conditions;
•changes in our pricing policies or those of our competitors and the mix of applications sold during a period;
•seasonal variations in sales of our applications, which have historically been highest in our fiscal fourth quarter;
•the timing and success of new application and service introductions by us or our competitors;
•changes in the competitive dynamics of our industry, including consolidation among competitors, customers, or strategic partners, and the impact of strategic partnerships, acquisitions, or equity investments;
•expenses related to our real estate portfolio, including our leases and data center expansion; and
•changes in laws and regulations that impact our business or reported financial results, including changes in accounting principles generally accepted in the United States.
If we are not able to realize a return on our current development efforts or offer new features, enhancements, and modifications to our services that are desired by current or potential customers, our business and operating results could be adversely affected.
Developing software applications and related enhancements, features, and modifications is expensive, and the investment in product development often involves a long return on investment cycle. Accelerated application introductions and short application life cycles require high levels of expenditures that could adversely affect our operating results if not offset by revenue increases, and we believe that we must continue to dedicate a significant amount of resources to our development efforts to maintain our competitive position. However, we may not receive significant revenues from these investments for several years, if at all. Furthermore, macroeconomic conditions, including economic downturn, could have a continuing impact on our plans to offer certain new features, enhancements, and modifications of our applications in a timely manner, particularly if we experience impacts to productivity as our employees continue to work remotely pursuant to our hybrid work model. If we are unable to provide new features, enhancements to user experience, and modifications in a timely and cost-effective manner that achieve market acceptance, align with customer expectations, and that keep pace with rapid technological developments and changing regulatory landscapes, our business and operating results could be adversely affected. For example, AI and ML are propelling advancements in technology, but if they are not widely adopted and accepted or fail to operate as expected, our business and reputation may be harmed. Some of our larger customers may also require features and functions unique to their business processes that we do not currently offer. In order to help ensure we meet these requirements, we may devote a significant amount of technology support and professional service resources to such customers. The success of enhancements, new features, and applications depends on several factors, including their timely completion, introduction, and market acceptance as well as access to development resources and the technologies required to build and improve our applications, such as the datasets required to train our ML models. If we are not successful in developing these new features, enhancements, modifications, and applications, and bringing them to market timely, it may negatively impact our customer renewal rates, limit the market for our solutions, or impair our ability to attract new customers.
We have experienced rapid growth, and if we fail to manage our growth effectively, we may be unable to execute our business plan, maintain high levels of service and operational controls, or adequately address competitive challenges.
We have experienced rapid growth in our customers, headcount, and operations and anticipate that we will continue to expand our customer base, headcount, and operations. This growth has placed, and future growth will place, a significant strain on our management, administrative, operational, and financial infrastructure. Our success will depend in part on our ability to manage this growth effectively, utilize our resources efficiently, and to scale our operations appropriately. To manage the expected growth of our operations and personnel, we will need to continue to improve our operational, financial, and management controls as well as our reporting systems and procedures. Failure to effectively manage growth or efficiently utilize our resources could result in difficulty or delays in deploying products and services to customers, declines in quality or customer satisfaction, increases in costs, difficulties in introducing new features, or other operational difficulties, and any of these difficulties could adversely impact our business performance and operating results.
If we fail to develop widespread brand awareness cost-effectively, our business may suffer.
We believe that developing and maintaining widespread positive awareness of our brand is critical to achieving widespread acceptance of our applications, retaining and attracting customers, and hiring and retaining employees. However, brand promotion activities may not generate the customer awareness or increased revenues we anticipate, and even if they do, any increase in revenues may not offset the significant expenses we incur in building our brand. Concerns about global economic and geopolitical volatility, including a possible or emergent recession, particularly if extended for prolonged periods, could impede our brand-building activities and could have negative effects on our ability to develop and maintain widespread positive awareness of our brand, which could harm our business, financial condition, and operating results.
If we fail to successfully promote and maintain our brand, or we fail to expand awareness of our newer solutions or products, we may fail to attract or retain customers necessary to realize a sufficient return on our brand-building efforts, or to achieve the widespread brand awareness that is critical for broad customer adoption of our applications. Additionally, the loss of one or more of our key customers, or a failure to renew our subscription agreements with one or more of our key customers, could significantly impair our ability to market our applications which, in turn, could have a negative impact on our revenues, reputation, and our ability to obtain new customers. In addition, if our brand is negatively impacted, it may be more difficult to hire and retain employees.
If we cannot maintain or adapt our corporate culture, we could lose the innovation, teamwork, and passion that we believe contribute to our success, and our business may be harmed.
We believe that a critical component of our success has been our corporate culture, as reflected in our core values: employees, customer service, innovation, integrity, fun, and profitability. We also believe that our commitment to our corporate culture, as well as our commitment to building products and services that help provide our customers with information regarding their own workforce and corporate culture, is part of the reason why our customers choose us. As we continue to grow, both organically and through acquisitions of employee teams, and develop the infrastructure associated with being a more mature public company, we will need to maintain our corporate culture among a larger number of employees who are dispersed throughout various geographic regions. Additionally, we and our stakeholders increasingly expect to have a corporate culture that embraces diversity and inclusion, and any inability to attract and retain diverse and qualified personnel may harm our corporate culture and our business. Moreover, our hybrid work policies require significant action to preserve our culture. As we continue to grow, we must be able to effectively integrate, develop, and motivate a large number of new employees, while maintaining the effectiveness of our business execution and the beneficial aspects of our corporate culture and values. Any failure to maintain or adapt our culture could negatively affect our future success, including our ability to retain and recruit personnel and to achieve our corporate objectives, including our ability to quickly develop and deliver new and innovative products.
Our growth depends on the success of our strategic relationships with third parties as well as our ability to successfully integrate our applications with a variety of third-party technologies.
We depend on relationships with third parties such as deployment partners, technology and content providers, and other key suppliers, and are also dependent on third parties for the license of certain software and development tools that are incorporated into or used with our applications. If the operations of these third parties are disrupted, including as a direct or indirect result of recent macroeconomic conditions, our own operations may suffer, which could adversely impact our operating results. In addition, we rely upon licensed third-party software to help improve our internal systems, processes, and controls. Identifying partners, and negotiating and documenting relationships with them, requires significant time and resources. We may be at a disadvantage if our competitors are effective in providing incentives to third parties to favor their products or services or to prevent or reduce subscriptions to our services, or in negotiating better rates or terms with such third parties. In addition, acquisitions of our partners by our competitors could end our strategic relationship with the acquired partner and result in a decrease in the number of our current and potential customers, or the support services available for third-party technology may be negatively affected by mergers and consolidation in the software industry. If we are unsuccessful in establishing or maintaining our relationships with these third parties, or in monitoring the quality of their products or performance, our ability to compete in the marketplace or to grow our revenues could be impaired and our operating results may suffer.
To the extent that our applications depend upon the successful integration and operation of third-party software in conjunction with our software, any undetected errors or defects in this third-party software, as well as cybersecurity threats or attacks related to such software could prevent the deployment or impair the functionality of our applications, delay new application introductions, result in a failure of our applications, result in increased costs, including warranty and other related claims from customers, and injure our reputation. Furthermore, software may not continue to be available to us on commercially reasonable terms. Although we believe that there are commercially reasonable alternatives to the third-party software we currently license, this may not always be the case, or it may be difficult or costly to replace. Integration of new software into our applications may require significant work and require substantial investment of our time and resources.
As Workday Mobile becomes increasingly important to Workday’s customer experience, we also need to continuously modify and enhance our applications to keep pace with changes in third-party internet-related hardware, iOS, Android, other mobile-related technologies, and other third-party software, communication, browser, and database technologies, as well as with customer expectations. We must also appropriately balance the application capability demands of our current customers with the capabilities required to address the broader market. Furthermore, uncertainties about the timing and nature of new network platforms or technologies, or modifications to existing platforms or technologies, could increase our product development expenses. Any failure of our applications to operate effectively with future network platforms and other third-party technologies could reduce the demand for our applications, result in customer and end user dissatisfaction, and adversely affect our business and operating results. We may experience difficulties in managing improvements to our systems, processes, and controls or in connection with third-party software, which could materially impair our ability to provide solutions or professional services to our customers in a timely manner, cause us to lose customers, limit us to smaller deployments of our solutions, or increase our technical support costs.
We have acquired, and may in the future acquire, other companies, employee teams, or technologies, which could divert our management’s attention, result in additional dilution to our stockholders, and otherwise disrupt our operations and adversely affect our operating results.
We have acquired, and may in the future acquire, other companies, employee teams, or technologies to complement or expand our applications, enhance our technical capabilities, obtain personnel, or otherwise offer growth opportunities. The pursuit of acquisitions may divert the attention of management, disrupt ongoing business, and cause us to incur various expenses in identifying, investigating, and pursuing suitable acquisitions, whether or not they are consummated.
These impacts may continue through integration activities. Moreover, we may be unable to complete proposed transactions timely or at all due to the failure to obtain regulatory or other approvals, litigation, or other disputes, which may obligate us to pay a termination fee. We also may not achieve the anticipated benefits from an acquisition due to a number of factors, including:
•inability to integrate the intellectual property, technology infrastructure, personnel, and operations of the acquired business, including difficulty in addressing security risks of the acquired business, or benefit from an acquisition in a profitable manner;
•acquisition-related costs, liabilities, or tax impacts, some of which may be unanticipated;
•difficulty in leveraging the data of the acquired business if it includes personal data;
•ineffective or inadequate controls, procedures, or policies at the acquired company and increased risk of non-compliance;
•multiple product lines or service offerings as a result of our acquisitions that are offered, priced, and supported differently, as well as the potential for such acquired product lines and service offerings to impact the profitability of existing products;
•the opportunity cost of diverting management and financial resources away from other products, services, and strategic initiatives;
•difficulties and additional expenses associated with synchronizing product offerings, customer relationships, and contract portfolio terms and conditions between Workday and the acquired business;
•unknown liabilities or risks associated with the acquired businesses, including those arising from existing contractual obligations or litigation matters;
•adverse effects on our brand or existing business relationships with business partners and customers as a result of the acquisition;
•potential write-offs of acquired assets and potential financial and credit risks associated with acquired customers;
•inability to maintain relationships with key customers, suppliers, and partners of the acquired business;
•difficulty in predicting and controlling the effect of integrating multiple acquisitions concurrently;
•lack of experience in new markets, products, or technologies;
•difficulty in integrating operations and assets of an acquired foreign entity with differences in language, culture, or country-specific regulatory risks;
•the inability to obtain (or a material delay in obtaining) regulatory approvals necessary to complete transactions or to integrate operations, or potential remedies imposed by regulatory authorities as a condition to or following the completion of a transaction, which may include divestitures, ownership or operational restrictions or other structural or behavioral remedies;
•the failure of strategic acquisitions to perform as expected or to meet financial projections, which may be heightened due to recent macroeconomic events and market volatility; and
•use of substantial portions of our available cash to consummate the acquisition.
In addition, a significant portion of the purchase price of companies we acquire may be allocated to acquired goodwill and other intangible assets, which must be assessed for impairment at least annually. In the future, if our acquisitions do not yield expected returns, we may be required to take charges to our operating results based on this impairment assessment process, which could adversely affect our operating results.
Acquisitions could also result in dilutive issuances of equity securities or the issuance of debt, which could adversely affect our operating results. In addition, if an acquired business fails to meet our expectations, our business, financial condition, and operating results may suffer.
If we are not able to realize a return on the investments we have made toward entering new markets and new lines of business, our business and operating results could be adversely affected.
We continue to seek opportunities to enter into new markets and/or new lines of business, some of which we may have very limited or no experience in. As an entrant to new markets and new lines of business, we may not be effective in convincing prospective customers that our solutions will address their needs, and we may not accurately estimate our infrastructure needs, human resource requirements, or operating expenses with regard to these new markets and new lines of business. We may also fail to accurately anticipate adoption rates of these new lines of business or their underlying technology. Also, we may not be able to properly price our solutions in these new markets, which could negatively affect our ability to sell to customers. Furthermore, customers in these new markets or of the new lines of business may demand more features and professional services, which may require us to devote even greater research and development, sales, support, and professional services resources to such customers. If we fail to generate adequate revenues from these new markets and lines of business, or if we fail to do so within the envisioned timeframe, it could have an adverse effect on our business, financial condition, and operating results.
The use of new and evolving technologies, such as AI and ML, in our offerings may result in reputational harm and liability.
We are increasingly building AI and ML into many of our offerings. As with many cutting-edge innovations, these technologies present new risks and challenges, and existing laws and regulations may apply to us in new ways, the nature and extent of which are difficult to predict. The risks and challenges presented by these technologies could undermine public confidence in AI and ML, which could slow its adoption and affect our business. Many of our products are powered by AI and ML, some of which include the use of large language models and generative AI, for use cases that could potentially impact human, civil, privacy, or employment rights and dignities. Our failure to adequately address ethical and social issues that may arise with such technologies and use cases, failure by others in our industry, or actions taken by our customers, employees, or other end users (including misuse of these technologies), could negatively affect the adoption of our solutions and subject us to reputational harm, regulatory action, or legal liability, which may harm our financial condition and operating results. We have been subject to a lawsuit alleging that our products and services enable discrimination, and although we believe that such claims lack merit, legal proceedings can be lengthy, expensive and disruptive to our operations and the outcome of any claims or litigation, regardless of the merits, is inherently uncertain. We may be subject to other litigation and regulatory actions that may cause financial, competitive, and developmental impacts. Regardless of outcome, these types of claims could cause reputational harm to our brand or result in liability. Additionally, a quickly evolving legal and regulatory environment may cause us to incur increased research and development costs, or divert resources from other development efforts, to address social, ethical, and other issues related to AI and ML. For example, to demonstrate compliance with the New York City Automated Employment Decision Tools law, which will take effect July 5, 2023, customers may publicly disclose information about their use of our AI and ML products, including the results of certain sensitive employment-discrimination analyses, potentially subjecting us to reputational or business harm or legal liability. Our employees, customers, or customers’ employees who are dissatisfied with our public statements, policies, practices, or solutions related to the development and use of AI and ML may express opinions that could introduce reputational or business harm, or legal liability or cease their relationship with us.
Our aspirations and disclosures related to environmental, social, and governance (“ESG”) matters expose us to risks that could adversely affect our reputation and performance.
The positions we take on ESG matters, human capital management initiatives, and ethical issues from time to time may impact our brand, reputation, or ability to attract or retain customers. In particular, our brand and reputation are associated with our public commitments to environmental sustainability (including our science-based targets), strong corporate governance practices, equality, inclusivity, and ethical use, and any perceived changes in our dedication to these commitments could impact our relationships with potential and current customers, employees, stockholders, and other stakeholders. These commitments reflect our current plans and aspirations and are not guarantees that we will be able to achieve them. Our failure to accomplish or accurately track and report on these goals on a timely basis, or at all, could adversely affect our reputation, financial performance, and growth, and expose us to increased scrutiny from the investment community as well as enforcement authorities.
Our ability to achieve any ESG objective is subject to numerous risks, many of which are outside of our control. Examples of such risks include:
•the availability and cost of low- or non-carbon-based energy sources;
•the evolving regulatory requirements affecting ESG standards or disclosures;
•the availability of suppliers that can meet our sustainability, diversity and other ESG standards;
•our ability to recruit, develop and retain diverse talent in our labor markets;
•the availability and cost of high-quality verified emissions reductions and renewable energy credits;
•the ability to renew existing or execute on new virtual power purchase agreements; and
•the success of our organic growth and acquisitions or dispositions of businesses or operations.
Standards for tracking and reporting ESG matters continue to evolve. In addition, our processes and controls may not always comply with evolving standards for identifying, measuring, and reporting ESG metrics, including ESG-related disclosures that may be required of public companies by the SEC or other regulatory bodies, and such standards may change over time, which could result in significant revisions to our current goals, reported progress in achieving such goals, or ability to achieve such goals in the future. It is likely that increasing regulatory requirements and regulatory scrutiny related to ESG matters will continue to expand globally and result in higher associated compliance costs. Further, we may rely on data provided by third parties to measure and report our ESG metrics and if the data input is incorrect or incomplete, our brand, reputation, and financial performance may be adversely affected.
If our ESG practices do not meet evolving investor or other stakeholder expectations and standards, then our reputation, our ability to attract or retain employees, and our attractiveness as an investment, business partner, acquirer, or service provider could be negatively impacted. Further, our failure or perceived failure to pursue or fulfill our goals and objectives or to satisfy various reporting standards on a timely basis, or at all, could have similar negative impacts or expose us to government enforcement actions and private litigation.
Risks Related to Cybersecurity, Data Privacy, and Intellectual Property
If our information technology systems are compromised or unauthorized access to customer or user data is otherwise obtained, our applications may be perceived as not being secure, our operations may be disrupted, our applications may become unavailable, customers and end users may reduce the use of or stop using our applications, and we may incur significant liabilities.
Our applications involve the storage and transmission of our customers’ and other users' sensitive and proprietary information, including personal or identifying information regarding our customers, their employees, job candidates, customers, prospectus, and suppliers, as well as financial, accounting, health, and payroll data. Additionally, our operations and the availability of the services we provide also depend on our information technology systems. As a result, a compromise of our applications or systems, or unauthorized access to, acquisition, use, tampering, release, alteration, theft, loss, or destruction of sensitive data, or unavailability of data or our applications, could disrupt our operations or impact the availability or performance of our applications; expose us and our customers to regulatory obligations and actions, litigation, investigations, remediation and indemnity obligations, or supplemental disclosure obligations; damage our reputation and brand; or result in loss of customer, consumer, and partner confidence in the security of our applications, an increase in our insurance premiums, loss of authorization under the Federal Risk and Authorization Management Program (“FedRAMP”) or other authorizations, impairment to our business, and other potential liabilities or related fees, expenses, or loss of revenues.
The financial and personnel resources we employ to implement and maintain security measures, including our information security risk insurance policy, may not be sufficient to address our security needs. The security measures we have in place may not be sufficient to protect against security risks, preserve our operations and services and the integrity of customer and personal information, and prevent data loss, misappropriation, and other security breaches. Our information systems may be compromised by computer hackers, employees, contractors, or vendors, as well as software bugs, human error, technical malfunctions, or other malfeasance.
Cybersecurity threats and attacks are often targeted at companies such as ours and may take a variety of forms ranging from individuals or groups of security researchers, including those who appear to offer a solution to a vulnerability in exchange for some compensation, to sophisticated hacker organizations, including state-sponsored actors who may launch coordinated attacks, such as retaliatory cyber attacks stemming from the Russia-Ukraine conflict. In the normal course of business, we are and have been the target of malicious cyber-attack attempts and have experienced other security events. As our market presence grows, we may face increased risks of cybersecurity attack or other security threats. Key cybersecurity risks range from viruses, worms, ransomware, and other malicious software programs, to phishing attacks, to exploitation of software bugs or other defects, to targeted attacks against cloud services and other hosted software, any of which can result in a compromise of our applications or systems and the data we store or process, disclosure of Workday confidential information and intellectual property, production downtimes, reputational harm, and an increase in costs to the business. As the techniques used to obtain unauthorized access or sabotage systems change frequently, are becoming increasingly sophisticated and complex, and often are not identified until they are launched against a target, and because evidence of unauthorized activity may not have been captured or retained, or may be proactively destroyed by unauthorized actors, we may be unable to anticipate these attacks, assess the true impact they may have on our business and operations, or to implement adequate preventative measures. Future cyber-attacks and other security events may have a significant or material impact on our business and operating results.
There may also be attacks targeting any vulnerabilities in our applications, internally built infrastructure, enhancements, and updates to our existing offerings, or in the many different underlying networks and services that power the internet that our products depend on, most of which are not under our control or the control of our vendors, partners, or customers. Systems and processes designed to protect our applications, systems, software, and data, as well as customer data and other user data, and to prevent data loss and detect security breaches, may not be effective against all cybersecurity threats or perceived threats. We have been subject to such incidents, including through third-party service providers and in connection with acquisitions we have made. In addition, our software development practices have not and may not identify all potential privacy or security issues, and inadvertent disclosures of data have occurred and may occur. For example, in August 2022, we applied a fix in Workday Recruiting to address an issue that temporarily made certain information discoverable to unintended parties. We took immediate action to fix the issue, notify affected customers, and confirm this issue had not impacted Workday’s other environments or applications. We have no indication that the data was accessed maliciously. We also performed an internal investigation and engaged a third party to penetration test the systems at issue, which caused, and may continue to cause, expense and business disruption. These efforts may not be completely effective or eliminate potential risks from this and similar incidents.
Additionally, remote work and resource access, including our hybrid work model, may result in an increased risk of cybersecurity-related events such as phishing attacks, exploitation of any cybersecurity flaws that may exist, an increase in the number cybersecurity threats or attacks, and other security challenges as a result of our employees and our service providers continuing to work remotely from non-corporate managed networks.
Furthermore, we have acquired or partnered with a number of companies, products, services, and technologies over the years, and incorporated third-party products, services, and technologies into our own products and services. Addressing security issues associated with acquisitions, partnerships, incorporated technologies, and our supply chain requires significant resources, and we may still inherit additional risks upon integration with or use by Workday. In addition, if a high-profile security breach occurs with respect to an industry peer, our customers and potential customers may generally lose trust in the security of financial management, spend management, human capital management, planning, or analytics applications, or in cloud applications for enterprises in general. Any or all of these issues could negatively affect our ability to attract new customers, cause existing customers to elect to terminate or not renew their subscriptions, result in reputational damage, cause us to pay remediation and indemnity costs and/or issue service credits or refunds to customers for prepaid and unused subscription services, or result in lawsuits, regulatory fines, or other action or liabilities, any of which could adversely affect our business and operating results.
We rely on sophisticated information systems and technology, including those provided by third parties, for the secure collection, processing, transmission, storage of confidential, proprietary, and personal information, and to support our business operations and the availability of our applications. In the past several years, supply chain attacks have increased in frequency and severity. As we are both a provider and consumer of information systems and technology, we are at higher risk of being impacted either directly or indirectly by these attacks. The control systems, cybersecurity program, infrastructure, physical facilities of, and personnel associated with third parties that we rely on are beyond our control. The audits we periodically conduct of some of our third parties vendors may not guarantee the security of and may be unable to prevent security events impacting the information technology systems of third parties that are part of our supply chain or that provide valuable services to us, which could result in the unauthorized access to, acquisition, destruction, alteration, use, tampering, release, unavailability, theft or loss of confidential, proprietary, or personal data of Workday, our employees, our customers, our third party partners, or other end users, disrupt our operations and ability to conduct our business or the availability of our applications, or otherwise adversely affect our business, financial condition, operating results, or reputation.
Privacy concerns, evolving regulation of cloud computing, cross-border data transfer, and other domestic or foreign laws and regulations may reduce the adoption of our applications, result in significant costs and compliance challenges, and adversely affect our business and operating results.
Legal requirements related to collecting, storing, handling, and transferring personal data are rapidly evolving at both the national and international level in ways that require our business to adapt to support customer compliance. As the regulatory focus on privacy intensifies worldwide, and jurisdictions increasingly consider and adopt privacy laws, the potential risks related to managing personal data by our business may grow. In addition, possible adverse interpretations of existing privacy-related laws and regulations by governments in countries where our customers operate, as well as the potential implementation of new legislation, could impose significant obligations in areas affecting our business or prevent us from offering certain services in jurisdictions where we operate.
Following the European Union’s (“EU”) passage of the General Data Protection Regulation (“GDPR”), which became effective in May 2018, the global data privacy compliance landscape outside of the EU has grown increasingly complex, fragmented, and financially relevant to business operations. As a result, our business faces current and prospective risks related to increased regulatory compliance costs, government enforcement actions and/or financial penalties for non-compliance, and reputational harm. For example, in July 2020, the Court of Justice of the EU invalidated the Privacy Shield framework, which enabled companies to legally transfer data from the European Economic Area to the United States. A U.S. Executive Order has been issued that should lead to the development of a new EU-U.S. Privacy Framework under which EU data can legally be transferred to the United States. Until that framework is formally established, uncertainty may continue about the legal requirements for transferring customer personal data to and from Europe, an integral process of our business that remains governed by, and subject to, GDPR requirements. Failure to comply with the GDPR data processing requirements by either ourselves or our subcontractors could lead to regulatory enforcement actions, which can result in monetary penalties of up to 4% of worldwide revenue, private lawsuits, reputational damage, and loss of customers. Other countries such as Russia, China, and India have also passed or are considering passing laws imposing varying degrees of restrictive data residency requirements. Regulatory developments in the United States present additional risks. For example, the California Consumer Privacy Act (“CCPA”) took effect on January 1, 2020, and the California Privacy Rights Act (“CPRA”), which expands upon the CCPA, was passed in November 2020 and came into effect on January 1, 2023, with a “lookback” period to January 1, 2022. The CCPA and CPRA give California consumers, including employees, certain rights similar to those provided by the GDPR, and also provide for statutory damages or fines on a per violation basis that could be very large depending on the severity of the violation. Other states have enacted, or are considering, privacy laws as well. Furthermore, the U.S. Congress is considering numerous privacy bills, and the U.S. Federal Trade Commission continues to fine companies for unfair or deceptive data protection practices and may undertake its own privacy rulemaking exercise. In addition to government activity, privacy advocacy and other industry groups have established or may establish various new, additional, or different self-regulatory standards that customers may require us to adhere to and which may place additional burdens on us. Increasing sensitivity of individuals to unauthorized processing of personal data, whether real or perceived, and an increasingly uncertain trust climate has and may continue to create a negative public reaction to technologies, products and services such as ours or otherwise expose us to liability.
Taken together, the costs of compliance with and other obligations imposed by data protection laws and regulations may require modification of our services, limit use and adoption of our services, reduce overall demand for our services, lead to significant fines, penalties, or liabilities for noncompliance, or slow the pace at which we close sales transactions, or otherwise cause us to modify our operations, any of which could harm our business. The perception of privacy concerns, whether or not valid, may inhibit the adoption, effectiveness, or use of our applications or otherwise impact our business. Compliance with applicable laws and regulations regarding personal data may require changes in services, business practices, or internal systems that result in increased costs, lower revenue, reduced efficiency, or greater difficulty competing with foreign-based firms which could adversely affect our business and operating results.
Any failure to protect our intellectual property rights domestically and internationally could impair our ability to protect our proprietary technology and our brand.
Our success and ability to compete depend in part upon our intellectual property. We rely on patent, copyright, trade secret and trademark laws, trade secret protection, and confidentiality or license agreements with our employees, customers, suppliers, partners, and others to protect our intellectual property rights. However, the steps we take to protect our intellectual property rights may be inadequate. We have patent applications pending in the United States and throughout the world, but we may be unable to obtain patent protection for the technology covered in our patent applications. In addition, any patents issued to us in the future may not provide us with competitive advantages or may be successfully challenged by third parties. Furthermore, legal standards relating to the validity, enforceability, and scope of protection of intellectual property rights are uncertain. Despite our precautions, it may be possible for unauthorized third parties, including those affiliated with state-sponsored actors, to copy or reverse engineer our applications, including with the assistance of insiders, and use information that we regard as proprietary to create products and services that compete with ours. Some license provisions protecting against unauthorized use, copying, transfer, and disclosure of our technology may be unenforceable under the laws of jurisdictions outside the United States. In addition, the laws of some countries do not protect proprietary rights to the same extent as the laws of the United States.
We enter into confidentiality and invention assignment agreements with our employees and consultants and enter into confidentiality agreements with the parties with whom we have strategic relationships and business alliances. No assurance can be given that these agreements will be effective in controlling access to and distribution of our applications and proprietary information. Further, these agreements do not prevent our competitors or partners from independently developing technologies that are substantially equivalent or superior to our applications.
We may be required to spend significant resources to monitor and protect our intellectual property rights. Litigation brought to protect and enforce our intellectual property rights could be costly, time-consuming, and distracting to management and could result in the impairment or loss of portions of our intellectual property. Furthermore, our efforts to enforce our intellectual property rights may be met with defenses, counterclaims, and countersuits attacking the validity and enforceability of our intellectual property rights. Our failure to secure, protect, and enforce our intellectual property rights could have a serious adverse effect on our brand and business.
We may be sued by third parties for alleged infringement of their proprietary rights.
There is considerable patent and other intellectual property development activity in our industry. Our competitors, as well as a number of other entities and individuals, may own or claim to own intellectual property relating to our industry. From time to time, third parties may claim that our applications and underlying technology infringe or violate their intellectual property rights, even if we are unaware of the intellectual property rights that others may claim cover some or all of our technology or services, and we may be found to be infringing such rights. Any claims or litigation could cause us to incur significant expenses and, if successfully asserted against us, could require that we pay substantial damages or ongoing royalty payments, prevent us from offering our services, require us to change our products, technology, or business practices, or require that we comply with other unfavorable terms. We may also be obligated to indemnify our customers or business partners or pay substantial settlement costs, including royalty payments, in connection with any such claim or litigation and to obtain licenses, modify applications, or refund fees, which could be costly. In addition, we may be sued by third parties who seek to target us for actions taken by our customers, including through the use or misuse of our products. Even if we were to prevail in an intellectual property dispute, any litigation regarding our intellectual property could be costly and time-consuming and divert the attention of our management and key personnel from our business operations. Furthermore, from time to time we may introduce or acquire new products, including in areas where we historically have not competed, which could increase our exposure to patent and other intellectual property claims.
Some of our applications utilize open source software, and any failure to comply with the terms of one or more of these open source licenses could negatively affect our business.
Some of our applications include software covered by open source licenses, which may include, by way of example, GNU General Public License and the Apache License. The terms of various open source licenses have not been interpreted by United States courts, and there is a risk that such licenses could be construed in a manner that imposes unanticipated conditions or restrictions on our ability to market our applications. We attempt to avoid adverse licensing conditions in our use of open source software in our products and services. However, there can be no assurance that our efforts have been or will be successful. By the terms of certain open source licenses, we could be required to release the source code of our proprietary software, and to make our proprietary software available under open source licenses, if we combine our proprietary software with open source software in a certain manner. In the event that portions of our proprietary software are determined to be impacted by an open source license, we could be required to publicly release the affected portions of our source code, re-engineer all or a portion of our technologies, or otherwise be limited in the licensing of our technologies, each of which could reduce or eliminate the value of our technologies and services. In addition, the open source license terms for future versions of open source software that we use might change, requiring us to pay for a commercial license or re-engineer all or a portion of our technologies. In addition to risks related to license requirements, usage of open source software can lead to greater risks than use of third-party commercial software, as open source licensors generally do not provide warranties or controls on the origin of the software. Many of the risks associated with usage of open source software cannot be eliminated and could negatively affect our business.
Risks Related to Legal and Regulatory Matters
Unfavorable laws, regulations, interpretive positions or standards governing new and evolving technologies that we incorporate into our products and services could result in significant cost and compliance challenges and adversely affect our business and operating results.
Some of our products and services, such as Workday’s People Experience and Talent Optimization product suites, currently utilize or will utilize new and evolving technologies such as AI and ML and blockchain, including a variety of ML use cases that touch our finance and spend management product suites, among others. While existing laws and regulations may apply to these types of technologies, the overall regulatory environment governing these types of technologies is still currently undeveloped and likely to evolve as government interest in these technologies increases. Regulation of these technologies, as well as other technologies that we utilize in our products and services, also varies greatly among international, federal, state, and local jurisdictions and is subject to significant uncertainty. Governments and agencies domestic and abroad may in the future change or amend existing laws, or adopt new laws, regulations, or guidance, or take other actions which may severely impact the permitted uses of our technologies. Any failure by us to comply with applicable laws, regulations, guidance, or other rules could result in costly litigation, penalties, or fines. In addition, these regulations and any related enforcement actions could establish and further expand our obligations to customers, individuals, and other third parties with respect to our products and services, limit the countries in which such products and services may be used, restrict the way we structure and operate our business, require us to divert development and other resources, and reduce the types of customers and individuals who can use our products and services. Furthermore, our customers may operate in foreign jurisdictions, including countries in which we don't operate, and may be subject to additional laws and regulations outside the scope of our products. Increased regulation and oversight of products or services which utilize or rely on these technologies may result in costly compliance burdens or otherwise increase our operating costs, detrimentally affecting our business. These new technologies could subject us to additional litigation brought by private parties, which could be costly, time-consuming, and distracting to management and could result in substantial expenses and losses.
We are subject to risks related to government contracts and related procurement regulations, which may adversely impact our business and operating results.
Our contracts with federal, state, local, and foreign government entities are subject to various procurement regulations and other requirements relating to their formation, administration, performance, and termination, which could adversely impact our business and operating results. Government certification requirements applicable to our platform, including FedRAMP, may change and, in doing so, restrict our ability to sell into the governmental sector until we have attained the full or revised certification. These laws and regulations provide public sector customers various rights, many of which are not typically found in commercial contracts. For instance, the process of evaluating potential conflicts of interest and developing necessary provisions and contract clauses, where needed, may delay or prevent Workday from being awarded certain U.S. federal government contracts.
Additionally, we have obtained authorization under FedRAMP, which allows us to enter into the U.S. federal government market. Such certification is subject to rigorous compliance and if we lose our certification, it could inhibit or preclude our ability to contract with certain U.S. federal government customers. In addition, some customers may rely on our authorization under FedRAMP to help satisfy their own legal and regulatory compliance requirements and our failure to maintain FedRAMP authorization would result in a breach under public sector contracts obtained on the basis of such authorization. This could subject us to liability, result in reputational harm, and adversely impact our financial condition or operating results.
We may be subject to audits and investigations relating to our government contracts, and any violations could result in various civil and criminal penalties and administrative sanctions, including termination of contracts, refunding or suspending of payments, forfeiture of profits, payment of fines, and suspension or debarment from future government business. In addition, such contracts may provide for delays, interruptions, or termination by the government at any time, without cause, which may adversely affect our business and operating results and impact other existing or prospective government contracts.
Adverse litigation results could have a material adverse impact on our business.
We are regularly involved with claims, suits, purported class or representative actions, and may be involved in regulatory and government investigations and other proceedings, involving competition, intellectual property, data security and privacy, bankruptcy, tax and related compliance, labor and employment, commercial disputes, and other matters. Such claims, suits, actions, regulatory and government investigations, and other proceedings can impose a significant burden on management and employees, could prevent us from offering one or more of our applications, services, or features to others, could require us to change our technology or business practices, or could result in monetary damages, fines, civil or criminal penalties, reputational harm, or other adverse consequences. Adverse outcomes in some or all of these claims may result in significant monetary damages or injunctive relief that could adversely affect our ability to conduct our business. The litigation and other claims are subject to inherent uncertainties and management’s view of these matters may change in the future. A material adverse impact in our condensed consolidated financial statements could occur for the period in which the effect of an unfavorable outcome becomes probable and reasonably estimable.
We may not be able to utilize a portion of our net operating loss or research tax credit carryforwards, which could adversely affect our profitability.
As of April 30, 2023, we had federal and state net operating loss carryforwards due to prior period losses. If not utilized, the pre-fiscal 2018 federal and the state net operating loss carryforwards expire in varying amounts between fiscal 2024 and fiscal 2044. The federal net operating losses generated in and after fiscal 2018 do not expire and may be carried forward indefinitely. We also have federal research tax credit carryforwards, which if not utilized will expire between fiscal 2024 and fiscal 2044. These net operating loss and research tax credit carryforwards could expire unused and be unavailable to reduce future income tax liabilities, which could adversely affect our profitability. In addition, under Section 382 of the Internal Revenue Code of 1986, as amended, our ability to utilize net operating loss carryforwards or other tax attributes, such as research tax credits, in any taxable year may be limited if we experience an “ownership change.” A Section 382 “ownership change” generally occurs if one or more stockholders or groups of stockholders who own at least 5% of our stock increase their ownership by more than 50 percentage points over their lowest ownership percentage within a rolling three-year period. Similar rules may apply under state tax laws. It is possible that an ownership change, or any future ownership change, could have a material effect on the use of our net operating loss carryforwards or other tax attributes, which could adversely affect our profitability.
Unanticipated tax laws or any change in the application of existing tax laws to us or our customers, especially those limiting our ability to utilize our net operating loss and research tax credit carryforwards, may increase the costs of our services and adversely impact our profitability and business.
We operate and are subject to taxes in the United States and numerous other jurisdictions throughout the world. Changes to federal, state, local, or international tax laws on income, sales, use, indirect, or other tax laws, statutes, rules, regulations, or ordinances on multinational corporations are currently being considered by the United States and other countries where we do business. These contemplated legislative initiatives include, but are not limited to, changes to transfer pricing policies and definitional changes to permanent establishment that could be applied solely or disproportionately to services provided over the internet. These contemplated tax initiatives, if finalized and adopted by countries, may ultimately impact our effective tax rate and could adversely affect our sales activity resulting in a negative impact on our operating results and cash flows.
In addition, existing tax laws, statutes, rules, regulations, or ordinances could be interpreted, changed, modified, or applied adversely to us (possibly with retroactive effect), which could require us to pay additional tax amounts, fines or penalties, and interest for past amounts. Existing tax laws, statutes, rules, regulations, or ordinances could also be interpreted, changed, modified, or applied adversely to our customers (possibly with retroactive effect), which could require our customers to pay additional tax amounts with respect to services we have provided, fines or penalties, and interest for past amounts. If we are unsuccessful in collecting such taxes from our customers, we could be held liable for such costs, thereby adversely impacting our operating results and cash flows. If our customers must pay additional fines or penalties, it could adversely affect demand for our services.
Risks Related to Financial Matters
Because we encounter long sales cycles when selling to large customers and we recognize subscription services revenues over the term of the contract, downturns or upturns in new sales will not be immediately reflected in our operating results and may be difficult to discern.
We generally recognize subscription services revenues over time as services are delivered to the customer, which typically occurs over a period of three years or longer. As a result, most of the subscription services revenues we report in each quarter are derived from the recognition of unearned revenue relating to subscriptions entered into during previous quarters. Consequently, a decline in new or renewed subscription contracts in any single quarter will likely have a minor impact on our revenue results for that quarter. However, such a decline will negatively affect our revenues in future quarters. Additionally, because much of our sales efforts are targeted at large enterprise customers, our sales cycles involve greater costs, longer sales cycles, the provision of greater levels of education regarding the use and benefits of our applications, less predictability in completing some of our sales, and varying deployment timeframes based on many factors including the number, type, and configuration of applications being deployed, the complexity, scale, and geographic dispersion of the customers’ business and operations, the number of integrations with other systems, and other factors, many of which are beyond our control.
Our typical sales cycles are six to twelve months but can extend for eighteen months or more, and we expect that this lengthy sales cycle may continue or expand as customers increasingly adopt our applications beyond human capital management. Due to the uncertainty of the recent macroeconomic environment, we have started to see instances of increased scrutiny from existing and prospective customers and the lengthening of certain sales cycles, and expect this trend may continue. Longer sales cycles could cause our operating and financial results to suffer in a given period. Accordingly, the effect of significant downturns in sales and market acceptance of our applications, as well as potential changes in our pricing policies or rate of renewals, may not be fully reflected in our operating results until future periods. Additionally, we may be unable to adjust our cost structure to reflect any such changes in revenues. In addition, a majority of our costs are expensed as incurred, while revenues are recognized over the life of the customer agreement. As a result, increased growth in the number of our customers could result in our recognition of more costs than revenues in the earlier periods of the terms of our agreements. Our subscription model also makes it difficult for us to rapidly increase our revenues through additional sales in any period, as subscription services revenues from new customers generally are recognized over the applicable subscription term. Furthermore, our subscription-based model is largely based on the size of our customers’ employee headcount. Therefore, the addition or loss of employees by our customers, including any significant reductions in force by our customers, or customer insolvencies resulting from severe economic hardship, could have an impact on our subscription services revenues in any given period. Although we have downside protection in our customer agreements in the form of base minimums, should there be any prolonged decrease in our customers’ headcounts, we could experience reduced subscription services revenues upon renewal or potentially outside of the renewal period, which could materially impact our business and operating results in any given period.
Our historic revenue growth rates should not be viewed as indicative of our future performance.
Our revenue growth rates have declined and may decline again in the future as the size of our customer base and market penetration increases. In addition, our future rate of growth is subject to a number of uncertainties, including general economic and market conditions, including those caused by recent economic downturn, as well as risks associated with growing companies in rapidly changing industries. Other factors may also contribute to declines in our growth rates, including slowing demand for our services, increasing competition, a decrease in the growth of our overall market, our failure to continue to capitalize on growth opportunities, and the maturation of our business, some of which may be magnified by macroeconomic conditions. As our growth rates decline, investors’ perceptions of our business and the trading price of our securities could be adversely affected.
Additionally, our ability to accurately forecast our future rate of growth is limited. It is difficult to predict customer and other user adoption rates and demand for our applications, the future growth rate and size of the cloud computing market for our services, or the entry of competitive applications. Moreover, it has been, and due to recent macroeconomic events, rising rates of inflation and related interest rate increases, and concerns about a possible recession, we expect it will continue to be even more difficult for us to forecast our operating results. We plan our expense levels and investments on estimates of future revenues and anticipated rates of growth. If our growth does not meet estimates, we may not be able to adjust our spending quickly enough to avoid an adverse impact on our financial results as a consequence of spending that is not aligned with our actual performance.
Moreover, we have encountered and will encounter risks and uncertainties frequently experienced by growing companies in rapidly changing industries, including the risks and uncertainties described herein. If our assumptions regarding these risks and uncertainties (which we use to plan our business) are incorrect or change due to changes in our markets, or if we do not address these risks successfully, our operating and financial results could differ materially from our expectations and our business could suffer.
We have a history of cumulative losses, and we may not achieve or sustain profitability on a GAAP basis in the future.
Until recently, we had incurred significant net losses on a GAAP basis in each period since our inception in 2005 and our quarterly operating results may fluctuate in the future. We expect our operating expenses to increase in the future due to substantial investments we have made and continue to make to acquire new customers and develop our applications, anticipated increases in sales and marketing expenses, employee headcount growth expenses, product development expenses, operations costs, and general and administrative costs, and therefore we expect we may incur losses on a GAAP basis in the future. Furthermore, to the extent we are successful in increasing our customer base, we also expect to incur increased net losses in the acquisition period because costs associated with acquiring customers are generally incurred up front, while subscription services revenues are generally recognized ratably over the terms of the agreements, which are typically three years or longer. You should not consider any prior period GAAP-profitability and growth in revenues as indicative of our future performance. We cannot ensure that we will achieve GAAP profitability in the future or that, if we become GAAP-profitable in a certain period, we will sustain such profitability.
We have substantial indebtedness which may adversely affect our financial condition and operating results.
In April 2022, we issued $3.0 billion aggregate principal amount of senior notes, consisting of $1.0 billion aggregate principal amount of 3.500% notes due April 1, 2027, $750 million aggregate principal amount of 3.700% notes due April 1, 2029, and $1.25 billion aggregate principal amount of 3.800% notes due April 1, 2032. Additionally, in April 2022, we entered into the 2022 Credit Agreement which provides for a revolving credit facility in an aggregate principal amount of $1.0 billion. As of April 30, 2023, we had no outstanding revolving loans under the 2022 Credit Agreement.
We may incur substantial additional debt in the future, some of which may be secured debt. There can be no assurance that we will be able to repay this indebtedness when due, or that we will be able to refinance this indebtedness on acceptable terms or at all.
In addition, our indebtedness could, among other things:
•make it difficult for us to pay other obligations;
•make it difficult to obtain favorable terms for any necessary future financing for working capital, capital expenditures, debt service requirements, or other purposes;
•adversely affect our liquidity and result in a material adverse effect on our financial condition upon repayment of the indebtedness;
•require us to dedicate a substantial portion of our cash flow from operations to service and repay the indebtedness, reducing the amount of cash flow available for other purposes;
•limit our flexibility in planning for and reacting to changes in our business;
•increase our vulnerability to the impact of adverse economic conditions, including rising interest rates (which can make refinancing existing indebtedness more difficult or costly); and
•negatively impact our credit rating, which could limit our ability to obtain additional financing in the future and adversely affect our business.
Our Senior Notes and 2022 Credit Agreement also impose restrictions on us and require us to maintain compliance with specified covenants. For example, our 2022 Credit Agreement includes a financial covenant that requires us to maintain a specific leverage ratio. Our ability to comply with these covenants may be affected by events beyond our control. If we breach any of the covenants and do not obtain a waiver from the lenders, then, subject to applicable cure periods, any outstanding indebtedness may be declared immediately due and payable. Any required repayment of our debt as a result of a fundamental change or other acceleration would lower our current cash on hand such that we would not have those funds available for use in our business.
We are subject to risks associated with our equity investments, including partial or complete loss of invested capital, and significant changes in the fair value of this portfolio could adversely impact our financial results.
We invest in early to late stage companies for strategic reasons and to support key business initiatives, and we may not realize a return on our equity investments. Many such companies generate net losses and the market for their products, services, or technologies may be slow to develop or never materialize. These companies are often dependent on the availability of later rounds of financing from banks or investors on favorable terms to continue their operations. The financial success of our investment in any company is typically dependent on a liquidity event, such as a public offering, acquisition, or other favorable market event reflecting appreciation to the cost of our initial investment. The capital markets for public offerings and acquisitions are dynamic and the likelihood of liquidity events for the companies we have invested in has and could further deteriorate, which could result in a loss of all or a substantial part of our investment in these companies. Additionally, the closures of Silicon Valley Bank and other regional banks in 2023 have created bank-specific and broader financial institution liquidity risks and concerns, which may have an adverse impact on the companies we have invested or may invest in.
Further, valuations of non-marketable equity investments are inherently complex due to the lack of readily available market data and the anticipated valuation at the time of our investment may not meet our expectations. In addition, we may experience additional volatility to our results of operations due to changes in market prices of our marketable equity investments and the valuation and timing of observable price changes or impairments of our non-marketable equity investments. Volatility in the global market conditions, including recent economic disruptions, inflation, and ongoing volatility in the public equity markets, may impact our equity investments. This volatility could be material to our results in any given quarter and may cause our stock price to decline. In addition, our ability to mitigate this volatility and realize gains on investments may be impacted by our contractual obligations to hold securities for a set period of time. For example, to the extent a company we have invested in undergoes an initial public offering (“IPO”), we may be subject to a lock-up agreement that restricts our ability to sell our securities for a period of time after the public offering or otherwise impedes our ability to mitigate market volatility in such securities.
Risks Related to Ownership of Our Class A Common Stock
Our Co-Founders have control over key decision making as a result of their control of a majority of our voting stock.
As of April 30, 2023, our Co-Founder and CEO Emeritus David Duffield, together with his affiliates, held voting rights with respect to approximately 45 million shares of Class B common stock and 0.4 million shares of Class A common stock. As of April 30, 2023, our Co-Founder, Co-CEO, and Chairperson Aneel Bhusri, together with his affiliates, held voting rights with respect to approximately 8 million shares of Class B common stock and 0.3 million shares of Class A common stock. In addition, Mr. Bhusri holds 0.2 million RSUs, which will be settled in an equivalent number of shares of Class A common stock. Further, Messrs. Duffield and Bhusri have entered into a voting agreement under which each has granted a voting proxy with respect to certain Class B common stock beneficially owned by him effective upon his death or incapacity as described in our registration statement on Form S-1 filed in connection with our IPO. Messrs. Duffield and Bhusri have each initially designated the other as their respective proxies. Accordingly, upon the death or incapacity of either Mr. Duffield or Mr. Bhusri, the other would individually continue to control the voting of shares subject to the voting proxy. Collectively, the shares described above represent a substantial majority of the voting power of our outstanding capital stock. As a result, Messrs. Duffield and Bhusri have the ability to control the outcome of matters submitted to our stockholders for approval, including the election of directors and any merger, consolidation, or sale of all or substantially all of our assets. As stockholders, even as controlling stockholders, they are entitled to vote their shares in their own interests, which may not always be in the interests of our stockholders generally.
In addition, Mr. Bhusri has the ability to control the management and affairs of our company as a result of his position as a member of our Board of Directors and an officer of Workday. Mr. Bhusri, in his capacity as a board member and officer, owes a fiduciary duty to our stockholders and must act in good faith in a manner he reasonably believes to be in the best interests of our stockholders.
The dual class structure of our common stock has the effect of concentrating voting control with our Co-Founders, as well as with other executive officers, directors, and affiliates, which limits or precludes the ability of non-affiliates to influence corporate matters.
Our Class B common stock has 10 votes per share and our Class A common stock, which is the stock that is publicly traded, has one vote per share. Stockholders who hold shares of Class B common stock, including our executive officers, directors, and other affiliates, together hold a substantial majority of the voting power of our outstanding capital stock as of April 30, 2023. Because of the ten-to-one voting ratio between our Class B and Class A common stock, the holders of our Class B common stock collectively will continue to control a majority of the combined voting power of our common stock and therefore be able to control all matters submitted to our stockholders for approval until the conversion of all shares of all Class A and Class B shares to a single class of common stock on the date that is the first to occur of (i) October 17, 2032, (ii) such time as the shares of Class B common stock represent less than 9% of the outstanding Class A and Class B common stock, (iii) nine months following the death of both Mr. Duffield and Mr. Bhusri, or (iv) the date on which the holders of a majority of the shares of Class B common stock elect to convert all shares of Class A common stock and Class B common stock into a single class of common stock. This concentrated control will limit or preclude the ability of non-affiliates to influence corporate matters for the foreseeable future.
Future transfers by holders of Class B common stock will generally result in those shares converting to Class A common stock, subject to limited exceptions, such as certain transfers effected for estate planning purposes. The conversion of Class B common stock to Class A common stock will have the effect, over time, of increasing the relative voting power of those holders of Class B common stock who retain their shares in the long term. If, for example, Mr. Duffield and Mr. Bhusri retain a significant portion of their holdings of Class B common stock for an extended period of time, they could, in the future, continue to control a majority of the combined voting power of our Class A common stock and Class B common stock.
Our stock price has been volatile in the past and may be subject to volatility in the future.
The trading price of our Class A common stock has historically been volatile and could be subject to wide fluctuations in response to various factors, many of which are beyond our control. The factors that have and may in the future affect the trading price of our securities include, but are not limited to:
•overall performance of the equity markets;
•fluctuations in the valuation of companies perceived by investors to be comparable to us, such as high-growth or cloud companies, or in valuation metrics, such as our price to revenues ratio;
•guidance, as well as our ability to give guidance, as to our operating results and other financial metrics that we provide to the public, differences between our guidance and market expectations, our failure to meet our guidance, any withdrawal of previous guidance or changes from our historical guidance;
•the research and reports that securities or industry analysts publish about us or our business, and whether analysts who cover us downgrade our Class A common stock or publish unfavorable or inaccurate research about our business;
•variations in, and limitations of, the various financial and other metrics and modeling used by analysts in their research and reports about our business;
•announcements of technological innovations, new applications or enhancements to services, acquisitions, strategic alliances, or significant agreements by us or by our competitors;
•announcements of negative corporate developments by us or by our competitors and other high-growth or cloud companies including, among other things, any announcements related to security incidents;
•disruptions in our services due to computer hardware, software, or network problems;
•announcements of customer additions and customer cancellations or delays in customer purchases;
•recruitment or departure of key personnel;
•the economy as a whole, political and regulatory uncertainty, and market conditions in our industry and the industries of our customers;
•trading activity by directors, executive officers, and significant stockholders, or the perception in the market that the holders of a large number of shares intend to sell their shares;
•the size of our market float and significant stock option exercises;
•any future issuances of our securities;
•the inability to execute on our publicly announced Share Repurchase Program as planned, including failure to meet internal or external expectations around the timing or price of share repurchases, and any reductions or discontinuances of repurchases thereunder;
•the impact of current macroeconomic conditions, including instability in the global banking system, geopolitical conflicts, inflationary pressures, and recession;
•environmental, social, governance, ethical, and other issues impacting our brand;
•our operating performance and the performance of other similar companies; and
•the sale or availability for sale of a large number of shares of our Class A common stock in the public market.
Additionally, the stock markets have at times experienced extreme price and volume fluctuations that have affected and may in the future affect the market prices of equity securities of many companies. These fluctuations have, in some cases, been unrelated or disproportionate to the operating performance of these companies. Further, the trading prices of publicly traded shares of companies in our industry have been particularly volatile and may be very volatile in the future.
In the past, some companies that have experienced volatility in the market price of their stock have been subject to securities class action litigation. We may be the target of this type of litigation in the future. Securities litigation against us could result in substantial costs and divert our management’s attention from other business concerns, which could harm our business.
We may not realize the anticipated long-term stockholder value of our Share Repurchase Program.
In November 2022, our Board of Directors authorized the Share Repurchase Program under which we may repurchase up to $500 million of shares of our Class A common stock. The Share Repurchase Program has a term of 18 months, but the program may be modified, suspended, or terminated at any time. Such repurchases may be made through open market transactions, through privately negotiated transactions, or by other means, including through the use of trading plans intended to qualify under Rule 10b5-1, in accordance with applicable securities laws and other restrictions.
Any failure to repurchase stock after we have announced our intention to do so may negatively impact our reputation and investor confidence in us and may negatively impact our stock price.
The existence of the Share Repurchase Program could cause our stock price to trade higher than it otherwise would and could potentially reduce the market liquidity for our stock. Although the Share Repurchase Program is intended to enhance long-term stockholder value, there is no assurance it will do so because the market price of our common stock may decline
below the levels at which we repurchased shares and short-term stock price fluctuations could reduce the effectiveness of this program.
Repurchasing our common stock will reduce the amount of cash we have available to fund working capital, repayment of debt, capital expenditures, strategic acquisitions or business opportunities, and other general corporate purposes, and we may fail to realize the anticipated long-term stockholder value of the Share Repurchase Program. Furthermore, the timing and amount of any repurchases, if any, will be subject to liquidity, market and economic conditions, compliance with applicable legal requirements such as Delaware surplus and solvency tests, and other relevant factors.
Delaware law and provisions in our restated certificate of incorporation and amended and restated bylaws could make a merger, tender offer, or proxy contest difficult, thereby depressing the market price of our Class A common stock.
Our status as a Delaware corporation and the anti-takeover provisions of the Delaware General Corporation Law (“DGCL”) may discourage, delay, or prevent a change in control by prohibiting us from engaging in a business combination with an interested stockholder for a period of three years after the person becomes an interested stockholder, even if a change of control would be beneficial to our existing stockholders. In addition, our restated certificate of incorporation and amended and restated bylaws contain provisions that may make the acquisition of Workday more difficult, including the following:
•any transaction that would result in a change in control of our company requires the approval of a majority of our outstanding Class B common stock voting as a separate class;
•our dual class common stock structure, which provides our Co-Founders with the ability to control the outcome of matters requiring stockholder approval, even if they own significantly less than a majority of the shares of our outstanding Class A and Class B common stock;
•our Board of Directors is classified into three classes of directors with staggered three-year terms and directors are only able to be removed from office for cause;
•when the outstanding shares of our Class B common stock represent less than a majority of the combined voting power of common stock:
◦certain amendments to our restated certificate of incorporation or amended and restated bylaws will require the approval of two-thirds of the combined vote of our then-outstanding shares of Class A and Class B common stock;
◦our stockholders will only be able to take action at a meeting of stockholders and not by written consent; and
◦vacancies on our Board of Directors will be able to be filled only by our Board of Directors and not by stockholders;
•only our chairperson of the board, co-chief executive officers, co-presidents, or a majority of our Board of Directors are authorized to call a special meeting of stockholders;
•certain litigation against us can only be brought in Delaware;
•we will have two classes of common stock until the date that is the first to occur of (i) October 17, 2032, (ii) such time as the shares of Class B common stock represent less than 9% of the outstanding Class A and Class B common stock, (iii) nine months following the death of both Mr. Duffield and Mr. Bhusri, or (iv) the date on which the holders of a majority of the shares of Class B common stock elect to convert all shares of Class A common stock and Class B common stock into a single class of common stock;
•our restated certificate of incorporation authorizes undesignated preferred stock, the terms of which may be established, and shares of which may be issued, without the approval of the holders of Class A common stock; and
•advance notice procedures apply for stockholders to nominate candidates for election as directors or to bring matters before an annual meeting of stockholders.
In addition, Section 203 of the DGCL imposes certain restrictions on mergers, business combinations, and other transactions between us and holders of 15% or more of our common stock, which may discourage, delay, or prevent a change in control of our company.
Furthermore, the change in control repurchase event provisions of our Senior Notes may delay or prevent a change in control of our company, because those provisions allow note holders to require us to repurchase such notes upon the occurrence of a fundamental change or change in control repurchase event.
These anti-takeover defenses could discourage, delay, or prevent a transaction involving a change in control of our company. These provisions could also discourage proxy contests and make it more difficult for stockholders to elect directors of their choosing and to cause us to take other corporate actions they desire, any of which, under certain circumstances, could depress the market price of our securities.
The exclusive forum provision in our organizational documents may limit a stockholder’s ability to bring a claim in a judicial forum that it finds favorable for disputes with us or any of our directors, officers, or other employees, which may discourage lawsuits with respect to such claims.
Our restated certificate of incorporation and our bylaws, to the fullest extent permitted by law, provide that the Court of Chancery of the State of Delaware is the exclusive forum for: any derivative action or proceeding brought on our behalf; any action asserting a breach of fiduciary duty; any action asserting a claim against us arising pursuant to the DGCL, our restated certificate of incorporation, or our amended and restated bylaws; or any action asserting a claim against us that is governed by the internal affairs doctrine. There is uncertainty as to whether a court would enforce this exclusive forum provision with respect to claims under the Securities Act. If a court were to find the choice of forum provisions contained in our restated certificate of incorporation to be inapplicable or unenforceable in an action, we may incur additional costs associated with resolving such action in other jurisdictions, which could harm our business, financial condition, and operating results.
Our bylaws include a provision providing that the federal district courts of the United States of America will, to the fullest extent permitted by law, be the exclusive forum for resolving any complaint asserting a cause of action arising under the Securities Act (“Federal Forum Provision”). Our decision to adopt a Federal Forum Provision followed a decision by the Supreme Court of the State of Delaware holding that such provisions are facially valid under Delaware law. While there can be no assurance that federal or state courts will follow the holding of the Delaware Supreme Court or determine that the Federal Forum Provision should be enforced in a particular case, application of the Federal Forum Provision means that suits brought by our stockholders to enforce any duty or liability created by the Securities Act must be brought in federal court and cannot be brought in state court.
In addition, neither the exclusive forum provision in our restated certificate of incorporation nor the Federal Forum Provision applies to suits brought to enforce any duty or liability created by the Exchange Act. Accordingly, actions by our stockholders to enforce any duty or liability created by the Exchange Act or the rules and regulations thereunder must be brought in federal court, and our stockholders will not be deemed to have waived our compliance with the federal securities laws and the regulations promulgated thereunder.
Any person or entity purchasing or otherwise acquiring or holding any interest in any of our securities shall be deemed to have notice of and consented to our exclusive forum provisions, including the Federal Forum Provision. These provisions may limit a stockholders’ ability to bring a claim in a judicial forum of their choosing for disputes with us or our directors, officers, or other employees, which may discourage lawsuits against us and our directors, officers, and other employees.
We do not intend to pay dividends for the foreseeable future.
We have never declared nor paid cash dividends on our capital stock. We currently intend to retain any future earnings to finance the operation and expansion of our business, and we do not expect to declare or pay any dividends in the foreseeable future. Consequently, stockholders must rely on sales of their common stock after price appreciation as the only way to realize any future gains on their investment.
General Risk Factors
Adverse economic conditions may negatively impact our business.
Our business depends on the overall demand for enterprise software and on the economic health of our current and prospective customers. Any significant weakening of the economy in the United States or abroad, limited availability of credit, reduction in business confidence and activity, decreased government spending, or economic uncertainty, all of which are being impacted by concerns of a domestic or global recession, the Russia-Ukraine conflict, inflation, increasing interest rates, instability in the global banking system, and other macroeconomic factors, may continue to affect one or more of the sectors or countries in which we sell our applications. These economic conditions have arisen and can arise suddenly and the full impact of such conditions can be difficult to predict. In addition, geopolitical and domestic political developments, such as existing and potential trade wars and other events beyond our control, can increase levels of political and economic unpredictability globally and increase the volatility of global financial markets. Alternatively, a strong dollar could reduce demand for our applications and services in countries with relatively weaker currencies.
These adverse conditions have resulted and could continue to result in reductions in sales of our applications, longer sales cycles, reductions in subscription duration and value, customer bankruptcies, slower adoption of new technologies, and increased price competition. Any of these events would likely have an adverse effect on our business, financial condition, and operating results.
Catastrophic or climate-related events may disrupt our business.
Our corporate headquarters are located in Pleasanton, California, and we have data centers located in the United States, Canada, and Europe. The west coast of the United States contains active earthquake zones and the southeast is subject to seasonal hurricanes or other extreme weather conditions. Additionally, we rely on internal technology systems, our website, our network, and third-party infrastructure and enterprise applications, which are located in a wide variety of regions, for our development, marketing, operational support, hosted services, and sales activities. In the event of a major earthquake, hurricane, or other natural disaster, or a catastrophic event such as fire, power loss, telecommunications failure, vandalism, civil unrest, cyber-attack, geopolitical instability, war, terrorist attack, insurrection, pandemics or other public health emergencies, or the effects of climate change (such as drought, flooding, heat waves, wildfires, increased storm severity, and sea level rise), we may be unable to continue our operations and have, and may in the future, endure system interruptions, and may experience delays in our product development, lengthy interruptions in our services, breaches of data security, and loss of critical data, all of which could cause reputational harm or otherwise have an adverse effect on our business and operating results. In addition, the impacts of climate change on the global economy and our industry are rapidly evolving. We may be subject to increased regulations, reporting requirements, standards, or stakeholder expectations regarding climate change that may impact our business, financial condition, and operating results.
We may discover weaknesses in our internal controls over financial reporting, which may adversely affect investor confidence in the accuracy and completeness of our financial reports and consequently the market price of our securities.
As a public company, we are required to design and maintain proper and effective internal controls over financial reporting and to report any material weaknesses in such internal controls. Section 404 of the Sarbanes-Oxley Act of 2002 requires that we evaluate and determine the effectiveness of our internal controls over financial reporting and provide a management report on the internal controls over financial reporting, which must be attested to by our independent registered public accounting firm. If we have a material weakness in our internal controls over financial reporting, we may not detect errors on a timely basis and our financial statements may be materially misstated.
The process of compiling the system and processing documentation necessary to perform the evaluation needed to comply with Section 404 is challenging and costly. In the future, we may not be able to complete our evaluation, testing, and any required remediation in a timely fashion. If we identify material weaknesses in our internal controls over financial reporting, if we are unable to comply with the requirements of Section 404 in a timely manner, if we are unable to assert that our internal controls over financial reporting are effective, or if our independent registered public accounting firm is unable to express an opinion as to the effectiveness of our internal controls over financial reporting, investors may lose confidence in the accuracy and completeness of our financial reports and the market price of our securities could be negatively affected, and we could become subject to investigations by the Financial Industry Regulatory Authority, the SEC, or other regulatory authorities, which could require additional financial and management resources. In addition, because we use Workday’s financial management application, any problems that we experience with financial reporting and compliance could be negatively perceived by prospective or current customers, and negatively impact demand for our applications.