Item 1A. Risk Factors
A description of the risks and uncertainties associated with our business is set forth below. You should carefully consider the risks and uncertainties described below, together with all of the other information in this Annual Report on Form 10-K, including the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and our consolidated financial statements and related notes. The risks and uncertainties described below may not be the only ones we face. If any of the risks actually occur, our business, financial condition and results of operations could be harmed.
Risks Related to the Merger
The Merger may disrupt our business and relationships with employees and third parties and result in transaction and integration-related costs, any of which could negatively impact our business and results of operations.
On December 1, 2025, we entered into the Merger Agreement with Bending Spoons and Merger Sub pursuant to which Bending Spoons agreed to acquire the Company in an all-cash transaction for $4.50 per share of our issued and outstanding Class A common stock and Class B common stock. The Merger was consummated on March 10, 2026.
In connection with the Merger, our current and prospective employees may experience uncertainty about their future roles with us, which may materially adversely affect our ability to attract, motivate, and retain key personnel and other employees following the Merger. Key employees may depart because of issues relating to the uncertainty and difficulty of integration or a desire not to remain with us following the Merger. Accordingly, no assurance can be given that we will be able to attract and retain key employees to the same extent that we have been able to in the past.
The Merger has caused, and may continue to cause, disruptions to our business or business relationships with our existing and potential customers, suppliers, vendors, landlords, and other business partners, and this could have an adverse impact on our results of operations. Parties with which we have business relationships may experience uncertainty as to the future of such relationships and may delay or defer certain business decisions, seek alternative relationships with third parties, or seek to negotiate changes to or alter their present business relationships with us. Parties with whom we otherwise may have sought to establish business relationships may seek alternative relationships with third parties.
We have incurred, and expect to incur, a number of non-recurring costs associated with the Merger and combining the operations of the Company with and into Bending Spoons. It is possible that we may also incur significant costs in connection with the defense or settlement of stockholder litigation relating to the Merger, including costs associated with the indemnification obligations to our directors and officers. We continue to assess the magnitude of these costs, and additional unanticipated costs may also be incurred in connection with the Merger and integration process.
Any of the foregoing, individually or in combination, could materially and adversely affect our business, our financial condition and our results of operations.
Following the Merger, our shareholders will not be able to participate in any further upside to our business.
As a result of the Merger, each share of our Class A common stock and Class B common stock was automatically converted into the right to receive $4.50 in cash without interest and less any applicable withholding taxes as set forth in the Merger Agreement. Our shareholders will not receive any equity interests of Bending Spoons. As a result, if our business following the Merger performs well, our current shareholders will not receive any additional consideration and will therefore not receive any benefit from the future performance of our business.
We may not be able to realize the expected benefits of the Merger within the expected timeframe or at all.
The success of the Merger will depend, in part, on our ability to realize the anticipated business opportunities and growth prospects from combining our businesses with those of Bending Spoons. We may not realize these business opportunities and growth prospects on the expected timeframe, or at all. Integrating operations will be complex and will require significant efforts and expenditures. Our management may have its attention diverted while trying to integrate operations and corporate and administrative infrastructures. We may experience increased competition that limits our ability to expand our business, and we may fail to capitalize on expected business opportunities, including retaining current customers.
Achieving these expected or intended benefits will depend, in part, on our ability to integrate our business and operations with Bending Spoons’ business and operations successfully and efficiently. The integration process with Bending Spoons could result in the loss of key employees, the disruption of each company’s ongoing businesses, tax costs or inefficiencies, or inconsistencies in standards, controls, information technology systems, procedures and policies, any of which could adversely
Table of Contents
affect our ability to maintain relationships with clients, vendors, partners, employees or other third parties or our ability to achieve the anticipated benefits of the Merger and could harm our financial performance.
If we are unable to successfully or timely integrate our operations and business with Bending Spoons’ business, we may be unable to realize revenue growth, synergies and other anticipated benefits resulting from the Merger, and our business and results of operations could be adversely affected.
Risks Related to Our Business and Industry
We have a history of losses and we may not be able to generate sufficient revenue to achieve and maintain profitability.
We incurred net losses of $10.5 million and $15.6 million in the years ended December 31, 2025 and 2024, respectively, and as of December 31, 2025, we had an accumulated deficit of $841.5 million. Our net revenue was $291.8 million and $325.1 million for the years ended December 31, 2025 and 2024, respectively. We also expect our operating expenses to increase in future periods, and if our revenue does not increase to more than offset these anticipated increases in our operating expenses, we may not be able to achieve or maintain profitability and our business, financial condition and results of operations will be adversely affected.
You should not rely on any revenue growth of any prior quarterly or annual period as an indication of our future performance. If we are unable to maintain revenue growth and manage our expenses effectively, we will not be able to achieve and maintain profitability.
Our corporate strategy may not be successful.
Our corporate strategy is to provide consumers with a breadth of relevant, local live events and to enable creators to host successful events that draw upon access to Eventbrite’s consumers worldwide. Our strategy to build an indispensable marketplace for live events is centered around strengthening our trusted brand and delivering a superior search and discovery experience for consumers. To support this strategy, we are focusing on serving consumers with relevant live experiences, creating a ticket purchasing experience that is efficient and secure, and engaging with creators and consumers in manners that inspired continued affiliation with Eventbrite. We may not be successful in implementing this strategy, and changes to our organizational structure and priorities have in the past and may disrupt our current business and financial performance.
The success of our corporate strategy also depends on, among other things, our ability to closely manage our operating expenses, manage international operations and attract and retain senior management and other highly qualified personnel, and the success of our refocused strategy itself. We plan to remain focused on hiring for roles that will accelerate our transition to a marketplace, particularly in our event acquisition and retention functions. If we are unable to successfully execute our strategy, or if our strategy itself is not successful, our business, financial condition and results of operations may be adversely affected.
Our success depends on our ability to generate and grow our paid ticket volume by attracting and retaining creators, consumers and a catalog of locally relevant, high-quality events in the regions where we operate.
The successful execution of our strategy requires us to generate and grow our paid ticket volume by attracting and retaining new creators, retain existing creators, drive consumer demand and acquire a catalog of locally relevant, high-quality events. Our ability to achieve these objectives may be impacted by a number of factors, some of which are outside of our control, including:
• our ability to drive consumers to our platform and provide quality consumer-facing interactions, including strong event search functionality, clear event listings and relevant event recommendations;
• the navigability, reliability and overall user experience of our consumer-facing interactions, such as our mobile application, which we plan to refresh later this year, and website;
• competitive factors, including the actions of new and existing competitors in our industry, such as competitors buying exclusive ticketing rights, offering or exceeding our upfront capital offer, or entering into or expanding within the market and regions in which we operate;
• the composition of our pricing packages, our ability to effectively and competitively price our packages and solutions, our ability to clearly communicate the value of our packages and solutions, and the perceived value of our packages and solutions;
• the quality of the events in our marketplace, which may not be sufficiently compelling to attract consumers or which may be disappointing to consumers who may not have the experience they expect at an event;
Table of Contents
• public perception of the values underpinning our community guidelines and our decision to enforce these guidelines by removing or promoting certain events that might lead creators, consumers or other third-parties to disagree with such decisions;
• our ability to offer requisite levels of customer support to creators and consumers, which may be impacted by our customer support function outside the United States;
• the implementation of certain policy initiatives to increase consumer confidence and transparency of recourse options when transacting on our platform, such as notifying consumers when they are eligible to request a refund and enforcing response times for refund requests;
• the introduction of marketplace management initiatives, such as developing a system for creator verification and consumer feedback;
• our ability to maintain and continually enhance our platform and provide products, features and services that are valuable and helpful to creators and consumers, which maintenance and enhancements depend on our ability to attract and retain a sufficient number of highly qualified engineering and development personnel;
• our decision to sunset or replace features that some creators and consumers find valuable and helpful;
• our ability to inspire creators to migrate to our platform from their current practices, which include online ticketing platforms, venue box offices and do-it-yourself spreadsheets and forms;
• changes in our relationships with third parties, including our partners, developers and payment processors, that make our platform less effective for and attractive to creators and consumers;
• outages or delays in our marketplace and other services, including delays in getting into events;
• compatibility with our network of distribution partners;
• the quality and availability of key payment and payout methods;
• our ability to provide consumers with an efficient and safe purchasing experience;
• breaches and other security incidents that could compromise the data of consumers;
• our ability to manage fraud risk that negatively impacts events, creators and/or consumers; and
• our ability to adapt to changes in market practices or economic incentives for creators.
If we are unable to effectively manage these risks as they occur, creators and consumers may seek other solutions and platforms and we may not be able to retain them or acquire additional creators or consumers to offset any such departures, which would harm our business, financial condition and results of operations.
Factors adversely affecting the live event market could impact our results of operations.
Eventbrite brings together event creators and consumers through live experiences. Through our highly-scalable self-service platform, we enable event creators to plan, promote and sell tickets to their events while helping connect their events to interested audiences. Through our mobile application, website and other consumer-facing interactions, we enable consumers to find experiences they love while serving as a demand generating engine for event creators. Our business is directly affected by the success of the events in our marketplace and our ability to attract and retain event creators, consumers and a catalog of locally relevant, high-quality events. Our revenue is impacted by the number and mix of events in our marketplace and the quantity and price of tickets sold to the events produced by creators and promoted in our marketplace and through distribution partners. As a global live events marketplace, our business is also subject to risks associated with the live event market in each of the countries in which we operate. Adverse trends in one or more event industries or markets could adversely affect our business. A decline in event attendance, particularly at paid events, or a reduction in the number of events listed in our marketplace may have an adverse effect on our business, financial condition and results of operations.
Our business depends on discretionary consumer spending. During periods of economic slowdown and recession, as well as other periods of economic instability or uncertainty, consumers may have less disposable income and/or reduce their discretionary spending. Global and regional macroeconomic developments, such as increased unemployment, volatility in financial and capital markets, increased interest rates, reduced access to credit and decreased liquidity, political uncertainty, the threat or imposition of substantial tariffs on imports from various countries, including China, Canada and Mexico, and armed conflicts, could negatively affect consumer and corporate spending.
In addition, the occurrence and threat of events impacting the ability to conduct live gatherings, such as public health concerns, epidemics and pandemics, wars, terrorist attacks, mass-casualty incidents or natural disasters, or loss or restriction of individuals’ rights to assemble, may deter creators from producing large events and substantially decrease or halt attendance at live events. Terrorism and security incidents, military actions in foreign locations and periodic elevated terrorism alerts have led to numerous challenging operating factors at live events, including additional logistics for event safety and increased costs of
Table of Contents
security. These challenges may impact the creator and consumer experience and lead to fewer events by creators and as a result, may harm our business, financial condition and results of operations.
Furthermore, climate change is expected to continue to cause adverse weather conditions, increased weather variability and natural disasters to become more frequent and less predictable. Adverse weather and climate conditions could impact the number, size and success of events and disrupt our operations in any of our offices or the operations of creators, third-party providers, vendors or partners. If fewer events are held because of adverse weather and climate conditions, our business, financial condition and results of operations may be harmed. If an event is cancelled or rescheduled due to weather, consumers may expect and may be entitled to a refund, which may further harm our results of operations and those of creators.
Any adverse condition, including those described above or other disasters and catastrophic events, including wildfires, that could impact the industry in which we operate or the overall economic environment, could lead to unsatisfied consumers and require refunds or chargebacks or increase complexity and costs for creators and us, would harm our business, financial condition and results of operations.
Our pricing model and cost may affect our ability to attract or retain creators.
Our event creators publish their events for free, and attendees pay low cost ticketing fees only on paid tickets. We assess our pricing models and ticket fees based on prior experience, feedback from creators and data insights, and we periodically adjust the pricing and composition of our packages, and may periodically adjust our pricing model and cost structure.
In early 2023, we raised ticketing fees for the first time in five years, and we have implemented pricing increases since January 2023 to reflect enhanced product features. We plan to continue making changes to our pricing structure from time to time.
In June 2023, we introduced a new pricing model which introduced new plans, fee types and subscription packages for event creators, which may include an organizer fee to creators in order to publish an event on the Eventbrite marketplace. In September 2024, we reverted to our original pricing model, removing upfront fees, and enabling creators to publish unlimited events of any size on Eventbrite. Creators who would like additional email marketing capabilities are still able to opt into a subscription add-on that offers extra daily email sends. Despite returning to a “free to publish” model, we may be unable to win back the business of departed creators, attract new creators or retain existing creators if we are unable to regain creators’ trust and demonstrate the value of our marketplace.
Additionally, changes to our pricing model, or our inability to effectively or competitively price our packages and solutions, could harm our business, financial condition and results of operations and impact our ability to predict our future performance.
We operate in an evolving industry which makes it difficult to evaluate our current business and and future prospects.
Our evolving industry makes it difficult to effectively assess or forecast our future prospects. You should consider our business and prospects in light of the risks and difficulties we encounter or may encounter. These risks and difficulties include our ability to cost-effectively retain existing and attract new creators and consumers, drive consumer demand and acquire a catalog of locally relevant, high-quality events, maintain the quality of our technology infrastructure that can efficiently and reliably handle ticket sales and event management services globally and the deployment of new features and solutions and successfully compete with other companies that are currently in, or may enter, the ticketing and event solution space. Additional risks include our ability to effectively manage growth, responsibly use the data that creators and consumers share with us, process, store, protect and use personal data in compliance with governmental regulation, contractual obligations and other legal obligations related to privacy and security and avoid interruptions or disruptions in our service or slower than expected load times for our platform. Other risks include the ability to hire, integrate and retain world class talent at all levels of our company, continue to expand our business in markets outside the United States, and defend ourselves against litigation, regulatory, intellectual property, privacy or other claims. If we fail to address the risks and difficulties that we face, including those associated with the challenges listed above, our business, financial condition and our results of operations will be harmed.
Our results vary from quarter-to-quarter and year-to-year. Our results of operations in certain financial quarters or years may not be indicative of, or comparable to, our results of operations in subsequent financial quarters or years.
Our quarterly and annual results of operations have fluctuated significantly due to a variety of factors, many of which are outside of our control and difficult to predict, and are impacted by gross ticket sales levels, revenue mix, ticket fee pricing and paid ticket volume. We expect our future quarterly and annual operating results to fluctuate as we focus on driving consumer demand and acquiring a catalog of locally relevant, high-quality events on our platform. We may need to make business
Table of Contents
decisions that could adversely affect our operating results, such as modifications to our pricing strategy, business structure or operations. As a result, it is difficult for us to forecast the level or source of our revenue accurately.
In addition, the seasonality of our business could create cash flow management risks if we do not adequately anticipate and plan for periods of decreased activity, which could harm our business, financial condition and results of operations.
From time to time, we release earnings guidance in our earnings conference calls, earnings releases, or otherwise, regarding our expected future performance that represents our management’s estimates as of the date of the release. Such guidance is necessarily speculative in nature, and it can be expected that some or all of the assumptions underlying the guidance furnished by us will not materialize or will vary significantly from actual results. Accordingly, our guidance is only an estimate of what management believes is realizable as of the date of release. Actual results may vary from our guidance and the variations may be material. Any failure to successfully implement our operating strategy or the occurrence of any of the events or circumstances set forth in this Risk Factors section in this report could result in the actual operating results being different from our guidance, and the differences may be adverse and material.
Because our results may vary significantly from quarter-to-quarter and year-to-year, our financial results for one quarter or year cannot necessarily be compared to another quarter or year and may not be indicative of our future financial performance in subsequent quarters or years. Period-to-period comparisons of our results of operations may not be meaningful, and you should not rely upon them as an indication of future performance.
We pay recoupable advances, non-recoupable payments and/or advance payouts to certain creators. If these arrangements are insufficient to attract a catalog of locally relevant, high-quality events, do not perform as we expect or the scheduled events are fraudulent, cancelled, postponed or unsuccessful, our business, financial condition and results of operations may be harmed.
We pay recoupable advances and/or non-recoupable payments to certain creators when entering into exclusive ticketing or services agreements or when we are otherwise contractually obligated to do so. We also make advance payouts to certain creators. We pay recoupable advances (also referred to as creator advances) and non-recoupable payments (also referred to as creator signing fees) to certain creators in order to incentivize them to organize certain events on our platform or obtain exclusive rights to ticket their events. Non-recoupable payments and recoupable advances (together, upfront payments) involve the provision of Eventbrite’s own capital from our operating accounts. In contrast, advance payouts involve an advance payment to creators of event proceeds from our merchant accounts prior to the completion of the events.
Upfront payments are common practice in certain segments of the ticketing industry and are typically made to a creator upon entering into or renewing a multi-year exclusive ticketing or services contract with us, or upon meeting annual contractual requirements. A creator who has received a non-recoupable payment keeps the entire upfront payment, so long as the creator complies with the terms of the creator’s contract with us, including, but not limited to, performance of an event and achievement of certain ticket sale minimums. For recoupable advances we are entitled to recoup the entire advance by withholding all or a portion of the ticket sales sold by the creator to whom the advance was previously paid until we have fully recouped the advance. A creator is generally obligated to repay all or a portion of the upfront payment to us if such creator does not comply with the terms of the contract or perform an event, although there is no guarantee that we will be able to collect such repayment. When we provide advance payouts, we assume significant risk that the event may be cancelled, postponed, fraudulent, materially not as described or removed from our platform due to its failure to comply with our terms of service, merchant agreement or community guidelines, resulting in significant chargebacks, refund requests and/or disputes between consumers and creators. If the creator is insolvent, has spent the proceeds of the ticket sales for event-related costs, has cancelled the event, or has engaged in fraudulent activity, we may not be able to recover our losses from these events. These losses could be many multiples of the fees we collected from such transactions. As of December 31, 2025 and December 31, 2024, advance payouts outstanding were $101.1 million and $101.2 million, respectively.
In an effort to attract a catalog of locally relevant, high-quality events to our marketplace, we make upfront payments available to qualifying creators who accept our standard or negotiated terms and conditions. We believe that upfront payments are an important financing option for certain creators, and that failure to make upfront payments available to high-value qualified creators or in insufficiently compelling dollar amounts will put us at a competitive disadvantage to ticketing solutions that offer cash incentives more broadly and in higher amounts to newly acquired or renewing creators.
Non-recoupable payments, net, including noncurrent balances, were $6.5 million and $7.5 million as of December 31, 2025 and 2024, respectively, and, as of December 31, 2025, these payments were being amortized over a weighted-average remaining life of 3.1 years on a straight-line basis.
Table of Contents
Creator advances, net, including noncurrent balances, were $8.6 million and $3.4 million as of December 31, 2025 and December 31, 2024, respectively.
We make upfront payments based on the expectations of future ticket sales on our platform by such creators. We make the decision to make these payments based on our assessment of the past success of the creator, past event data, future events the creator is producing and other financial information. However, event performance may vary greatly from year to year and from event to event. If our assumptions and expectations with respect to event performance prove wrong or if a counterparty defaults or an event is not successful or is cancelled, our return on these upfront payments will not be realized and our business, financial condition and results of operations could be harmed.
Any significant system interruption, outages or delays could damage our reputation, result in a potential loss of creators and adversely impact our business.
Our ability to attract and retain creators depends on the reliable performance of our technology, including our websites, applications, information and related systems. System interruptions, slow-downs and a lack of integration and redundancy in our information systems and infrastructure may adversely affect our ability to operate our technology, handle sales for high-demand events, process and fulfill transactions, respond to creator and consumer inquiries and generally maintain cost-efficient operations.
We also rely on affiliate and third-party computer systems, broadband and other communications systems and service providers in connection with the provision of services generally, as well as to facilitate, process and fulfill transactions. Any interruptions, outages or delays in our systems and infrastructures, our businesses, our affiliates’ and/or third-party systems we use, or deterioration in the performance of these systems and infrastructures, could impair our ability to provide services, fulfill orders and/or process transactions. From time to time, we experience system interruptions caused by outages by our partners that make some or all systems or data unavailable or prevent us from efficiently providing services or fulfilling orders. For example, on October 19 and October 20 of 2025, Amazon Web Services (AWS) experienced an outage that lasted over 14 hours, during which time our platform was disrupted. While this event did not have a material impact on our business, such events can reduce consumer trust in our platform.
We outsource our cloud infrastructure to AWS, which hosts our platform, and therefore we are vulnerable to service interruptions at AWS, which could impact the ability of creators and consumers to access our platform at any time, without interruption or degradation of performance. Our customer agreement with AWS will remain in effect until July 31, 2030. In the event that our AWS service agreements are terminated, or there is a lapse of service, interruption of Internet service provider connectivity or damage to AWS facilities, we could experience interruptions in access to our platform as well as delays and additional expense in arranging new facilities and services. For example, we previously experienced interruptions in the performance of our platform because of a hardware error that AWS experienced. We may also incur significant costs for using an alternative cloud infrastructure provider or taking other actions in preparation for, or in reaction to, events that damage the AWS services we use.
In addition, fire, flood, power loss, telecommunications failure, hurricanes, tornadoes, earthquakes, acts of war or terrorism, natural disasters, severe weather and similar events or disruptions may damage or interrupt computer, broadband or other communications systems and infrastructures at any time. Climate change is expected to continue to cause adverse weather conditions, increased weather variability and natural disasters to become more frequent and less predictable. Any of these events could cause system interruptions, outages, delays and loss of critical data, and could prevent us from providing services, fulfilling orders and/or processing transactions. While we have backup systems for certain aspects of our operations, disaster recovery planning by its nature cannot be sufficient for all eventualities. In addition, we may not have adequate insurance coverage to compensate for losses from a major interruption.
In some instances, we may not be able to identify the cause or causes of these performance problems within a period of time acceptable to creators. It may become increasingly difficult to maintain and improve our platform performance, especially during peak usage times, as the features of our platform become more complex and the usage of our platform increases. Any of the above circumstances or events may harm our reputation, cause creators to stop using our platform, impair our ability to increase revenue, impair our ability to grow our business, subject us to financial penalties and liabilities under our service level agreements and otherwise harm our business, financial condition and results of operations.
Our platform and solutions are accessed by a large number of creators and consumers often at the same time. As we continue to expand the volume of creators and consumers using the platform and the solutions available to those creators and consumers, we may not be able to scale our technology to accommodate the increased capacity requirements, which may result in interruptions or delays in service. Furthermore, capacity constraints could be due to a number of potential causes including technical failures, natural disasters, fraud or security attacks. In addition, the failure of AWS cloud infrastructure or other third-
Table of Contents
party Internet service providers to meet our capacity requirements could result in interruptions or delays in access to our platform or impede our ability to scale our operations. The occurrence of any of these events could harm our business, financial condition and results of operations.
Our software is highly complex, and we have in the past, and may in the future, discover previously undetected errors, failures, bugs or other vulnerabilities.
The software underlying our platform is highly complex and we have in the past, and may in the future, detect previously undetected programming errors, failures, bugs or other vulnerabilities. Any real or perceived errors, failures, bugs or other vulnerabilities discovered in our code could result in negative publicity and damage to our reputation, loss of creators and consumers, loss of or delay in market acceptance of our platform, loss of competitive position, loss of revenue or liability for damages, overpayments and/or underpayments, any of which could harm the confidence of creators and consumers on our platform, our business, financial condition and results of operations. In such an event, we may be required or may choose to expend additional resources in order to help correct the problem, which may divert engineering staff from building new solutions or product enhancements. Because creators use our platform for processes that are critical to their businesses, errors, failures or bugs in our code, or the underlying infrastructure, have resulted, and could in the future result, in creators seeking significant compensation from us for any losses they suffer and/or ceasing conducting business with us altogether. There can be no assurance that provisions typically included in our agreements with creators that attempt to limit our exposure to claims would be enforceable or adequate or would otherwise protect us from liabilities or damages with respect to any particular claim. Even if unsuccessful, a claim brought against us by any creators would likely be time-consuming and costly to defend and could harm our business, financial condition and results of operations.
In addition, our platform relies on third-party partners for the development tool chain, managed infrastructure and platform services. These include disciplines like security, payment processing, cloud computing, data processing and storage, as well as various processes in our software development life cycle. There can be no assurance that the provisions in our agreements with our partners that attempt to limit our exposure to events like downtime, data breaches and malicious actors would fully protect us from liabilities or damages and could result in a similar impact that we called out in our software section above. Such disruptions in our vendor supply chain would be time-consuming and costly for multiple departments, especially engineering, and result in delays in our product delivery and business strategy.
Further, we have continued to build complex code to evolve our product offerings. We are investing resources to reduce the complexity of the code underlying our software, and as a result, some of our engineering talent has been diverted from building new solutions or product enhancements. If our efforts to reduce the complexity of our code do not result in the improvement of our platform or if the diversion of our engineering staff prevents us from developing successful new solutions and enhancements, our business, financial conditions and results of operations could be harmed.
If we do not continue to maintain and improve our platform or develop successful new solutions and enhancements or improve existing ones, our business will suffer.
Our ability to attract and retain creators and consumers depends in large part on our ability to provide a user-friendly, safe and effective platform, develop, improve and maintain our platform and introduce compelling new solutions and enhancements. Our industry is characterized by rapidly changing technology (including artificial intelligence (AI)), new service and product introductions and changing demands of creators and consumers. We spend substantial time and resources understanding creators’ needs and responding to them and on driving consumer demand on our platform.
Our corporate strategy is focused on providing consumers with a breadth of relevant, local live event options and to enable creators to host successful events that draw upon access to Eventbrite’s consumers worldwide. Building new solutions is costly and complex, and the timetable for commercial release is difficult to predict and may vary from our historical experience.
In addition, after development, creators or consumers may not be satisfied with our new solutions or enhancements and may perceive that the new solutions or enhancements do not adequately meet their needs. The success of any new solution or enhancement to our platform depends on several factors, including timely completion and delivery, competitive pricing, adequate quality testing, integration with our platform, creator and consumer awareness, efficacy and overall market acceptance and adoption. If we do not continue to maintain and improve our platform or develop successful new solutions and enhancements or improve existing ones, our business, financial condition and results of operations could be harmed.
Our platform might be used for illegal or improper purposes, all of which could expose us to additional liability and harm our business.
Our platform remains susceptible to potentially illegal or improper uses by creators or consumers. Illegal or improper uses of our platform may include money laundering, terrorist financing, drug trafficking, illegal online gaming, other online
Table of Contents
scams, illegal sexually oriented services, phishing and identity theft, prohibited sales of pharmaceuticals, fraudulent sale of goods or services, posting of unauthorized intellectual property, unauthorized uses of credit and debit cards or bank accounts and similar misconduct. Creators may also encourage, promote, facilitate or instruct others to engage in illegal activities. Despite measures we have taken to detect and lessen the risk of this kind of conduct, we cannot guarantee that these measures will stop all illegal or improper uses of our platform and such uses have occurred in the past. Our business could be harmed if creators use our system for illegal or improper purposes, which may expose us to liability. At the same time, if the measures we have taken to guard against these activities are too restrictive and inadvertently screen proper transactions, or if we are unable to apply and communicate these measures fairly and transparently, or we are perceived to have failed to do so, this could diminish the experience of creators and consumers, which could harm our business, financial condition and results of operations.
Further, at times we experience fraudulent activity on our platform, including fake events in which a person sells tickets to an event but does not intend to hold an event or fulfill the ticket, email spam being sent through our platform, a third-party taking over the account of a creator to receive payments owed to such creator or orders placed with fraudulent or stolen credit card data and other erroneous transmissions. Although we have measures in place to detect and reduce the occurrence of fraudulent activity on our platform, those measures are not always effective. These measures must be continually improved and may not be effective against evolving methods of fraud or in connection with new platform offerings. If we cannot adequately control the risk of fraudulent activity on our platform, it could harm our business, financial condition and results of operations.
Our marketing efforts to help grow our business may not be effective.
Maintaining and promoting awareness of our marketplace and services is important to our ability to attract and retain creators and consumers. One of the key parts of our strategy is to build a consumer brand that brings consumers to Eventbrite and create more habitual consumers by positioning ourselves as the destination to help people disrupt their old routine and make life more eventful. As we focus on engaging consumers to scale our platform, we plan to continue to increase our marketing spend to help drive consumer demand. We may also need to increase our marketing spend in response to increased spend on marketing from our competitors.
We invest in brand and performance advertising through various channels, including search engine optimization (SEO), search engine marketing, affiliate marketing and display marketing, as well as social media, email marketing and digital video advertising. Prominently displaying listings in response to key search terms is a critical factor for attracting creators and consumers to our platform, and we face increased costs for relevant keywords, including our brand name, due to competitive bidding. Search engines frequently change the algorithms that determine the ranking and display of results of a user’s search, alter analytics or SEO data available to us or make other changes to the way results are displayed, which can negatively affect the placement of links to our platform and reduce the number of visits or otherwise negatively impact our marketing efforts. In addition, search engines, social networks and other third parties typically require compliance with their policies and procedures, which may be subject to change or new interpretation with limited ability to negotiate, which could negatively impact our marketing capabilities (including marketing services for creators).
Further, the growing use of online ad-blocking software and technological changes to browsers and mobile operating systems that, for example, limit access to usage information for platforms like Eventbrite, impact the effectiveness of, or our visibility and insights into, our marketing efforts. As a result, we may fail to bring more consumers, or fail to increase the frequency of visits to our platform. In addition, ongoing legal and regulatory changes in the data privacy sphere in U.S. states and countries throughout the world – and the interpretation of these laws by major search, social and operating system providers – may impact the scope and effectiveness of marketing and advertising services generally, including those used on our platforms. Certain laws require us and our marketing partners to provide consumers the ability to opt-out of this collection of processing of their information for online advertising, and some providers of consumer devices, mobile or desktop operating systems and web browsers have implemented, or have announced plans to implement, ways to block tracking technologies. These developments could result in online tracking methods and our marketing efforts becoming significantly less effective. Similarly, our vendors, particularly those providing advertising and analytics products and services have, and may continue to, modify their products and services based on legal and technical changes relating to privacy in ways that could reduce the efficiency of our marketing efforts and our access to data about use of our platforms. Any reduction in our ability to make effective use of such technologies could harm our ability to personalize the experience of consumers, increase our costs, and limit our ability to attract and retain creators and consumers on cost-effective terms. As a result, our business, financial condition and results of operations could be adversely affected.
In addition to the marketing strategies described above, we also engage with celebrities and influencers and partner with aligned brands as part of our marketing efforts, and our perceived affiliation with these individuals and brands could cause us brand or reputational damage in the event they undertake actions inconsistent with our brand and values or otherwise fall in public perception.
Table of Contents
Enforcement of our community guidelines may negatively impact our brand, reputation and/or our financial performance.
We bring together a diverse and vibrant community of millions of people to create and discover live experiences that fuel their passions. The safety and integrity of our marketplace is of primary importance to our business. We maintain policies that outline expectations for users while they engage with our services, whether as creators, consumers or third parties. We prohibit a range of content on our platform, including, but not limited to: sexually explicit content; illegal content or illegal activities; hateful, dangerous or violent content or events; content that contains or promotes misinformation; and events that sell, distribute or transfer weapons and firearms.
We seek to enforce these community guidelines in order to uphold the safety and integrity of our marketplace, engender trust in the use of our services, ensure that everyone can gather and celebrate in an environment based in respect and dignity and encourage positive connections among members of our communities. We strive to enforce these policies in a consistent and principled manner that is transparent and explicable to stakeholders. However, even with a principled and objective approach, policy enforcement is a combination of human and technological review and is subject to error. For example, at times creators use or attempt to use our platform for events related to illegal activity and extremist groups. These events may cause negative publicity and harm our reputation and brand. In addition, policy enforcement may be subject to different, inconsistent or conflicting regional consensus or regulatory standards in different jurisdictions, or it could be perceived to be arbitrary, unclear or inconsistent. Shortcomings and errors in our ability to enforce our policies across our marketplace could lead to negative public perception, distrust from our creators and consumers, or lack of confidence in the use of our services, and could negatively impact our reputation and our brand and our business, financial condition and results of operations could be adversely affected.
In addition, certain creators or consumers may not agree with our decision to restrict certain creators from using our platform, the removal of certain events or the promotion of certain events on our platform. Some creators may not have, or are perceived not to have, legal and ethical business practices. Furthermore, creators use our platform for events that represent a variety of views, activities and interests, some of which many other creators or consumers do not agree with or find offensive. If our platform is associated with illegal or offensive activity or creators and consumers disagree with our decision to restrict certain creators or events, our reputation and brand may be harmed, our ability to attract and retain creators and consumers may be adversely impacted and our business, financial condition and results of operations could be adversely affected.
We generate a portion of our revenue from advertising. The loss of creator marketers, or reduction in spending by creator marketers, could result in a potential loss of consumers and adversely impact our business.
We have limited experience and operating history offering advertising services on our platform and our advertising revenue may not grow as we expect. Our ability to generate advertising revenue is subject to various risks and will depend on a number of factors, including our ability to attract and retain creators willing to advertise on our platform, the quantity and quality of ads shown to our consumers, the cost of advertising, the return on ad spend, our ability to compete effectively for advertising spend and our ability to demonstrate the value of our ads to creator marketers.
We rely on Internet search engines to drive traffic to our platform. Changes in Internet search engine algorithms and dynamics, our search engine visibility and rankings, search engine disintermediation, changes in marketplace rules or changes in privacy and consumer data access could have a negative impact on traffic on our platform or functionality of our product and ultimately, our business, financial condition and results of operations.
We rely heavily on Internet search engines, such as Google, to generate traffic to our websites, principally through free or organic searches. The ranking and display of our search results can be affected by a number of factors, many of which are not in our control. Search engines frequently change the algorithms that determine the ranking and display of results of a user’s search, such that the purchased or algorithmic placement of links to our websites can be negatively affected. In addition, a search engine could, for competitive or other purposes, alter its search algorithms or results causing our websites to place lower in organic search query results. If a major search engine changes its algorithms in a manner that negatively affects the search engine ranking of our websites or those of our partners and we are unable to quickly and efficiently adapt to the algorithm changes, our business, financial condition and results of operations would be harmed. Furthermore, our failure to successfully manage SEO could result in a substantial decrease in traffic to our websites, as well as increased costs if we were to replace free traffic with paid traffic, which may harm our business, financial condition and results of operations. Our competitors’ SEO efforts may be more successful than ours, which may result in their platforms receiving a higher search result ranking than ours. In the event any of the Internet search engines launches its own event-focused product, the prominence of our platform in organic search results for event-related terms may be reduced, and our SEO results and ticket sales may be adversely affected. Further, the new and evolving AI search landscape will likely impact how consumers search for information. It is currently unclear whether and how such changes to search will impact our SEO strategies and tactics.
Table of Contents
We also rely on application marketplaces, such as Apple’s App Store and Google’s Play, to drive downloads of our applications. From time to time, Apple, Google or other marketplaces make changes that make access to our products more difficult. Our applications may receive unfavorable treatment compared to the promotion and placement of competing applications, such as the order in which they appear within marketplaces. Similarly, if problems arise in our relationships with providers of application marketplaces, traffic to our site and our user growth could be harmed.
In addition, changes to third-parties’ privacy and consumer data access policies have in the past, and may in the future, negatively impact the functionality of our product. For example, Apple and other marketplaces have in the past and will likely continue to implement new privacy and security features, which may negatively impact the effectiveness of our consumer data and platform. Such third-party changes may render our products less effective, obsolete or require us to divert engineering resources to retool our products rather than releasing new functionality. This may ultimately harm our business, financial condition and results of operations.
Actual or perceived failures to comply with applicable laws, regulations, standards and other requirements regarding data privacy, security and the processing of personal data could adversely affect our business, financial condition and results of operations.
We receive, transmit, store and process a large volume of personal data about actual and prospective creators, consumers, employees and other individuals. As we shift our strategy to creating an indispensable two-sided marketplace for live events that focuses on driving consumer demand and acquiring highly popular events, we expect to receive, transmit, store and process more and new types of personal data. Numerous federal, state and international laws, rules, regulations, standards and other requirements address privacy, data protection and the collection, storing, sharing, use, disclosure, protection and other processing of personal data. These requirements, and their application, interpretation and amendment are continually evolving and compliance requirements continue to expand.
In the United States, numerous states have adopted new or modified data privacy and security laws that apply to companies like ours. For example, the California Consumer Privacy Act ("CCPA") establishes a privacy framework for covered businesses such as ours and has required, and will likely continue to require, us to modify our data processing practices and policies and incur compliance related costs and expenses. Among other things, the CCPA provides certain rights to California residents, such as the right to opt out of certain sales or transfers of personal information (including for cross-context behavioral advertising) and requires specific disclosures to California residents about data collection, use and disclosure practices. The CCPA provides for potentially severe statutory penalties, and a private right of action for certain data breaches. It also created a new California data protection agency specifically tasked to enforce the law, which has resulted in increased regulatory scrutiny of companies doing business in California in the areas of data protection and security. The enactment of the CCPA has prompted a wave of similar legislative developments in other states in the United States, which creates a patchwork of overlapping but different state laws and conflicting requirements that make compliance challenging. Since the CCPA went into effect, laws governing the processing of personal information, including for marketing purposes, took effect in a number of states, including Virginia, Colorado, Connecticut, and Utah, and have been passed or proposed in other states and at the federal level, reflecting a trend toward more stringent privacy legislation in the United States.
Furthermore, the Federal Trade Commission ("FTC") and many state regulators continue to enforce a variety of data privacy and security issues, such as promises made in privacy policies, failures to take appropriate steps to keep personal information secure, or unfair processing of sensitive personal information, as unfair or deceptive acts or practices in or affecting commerce in violation of the Federal Trade Commission Act or similar state laws.
Moreover, we send marketing messages via email and are subject to the CAN-SPAM Act. The CAN-SPAM Act imposes certain obligations regarding the content of emails and providing opt-outs (with the corresponding requirement to honor such opt-outs promptly). While we strive to ensure that all of our marketing communications comply with the requirements set forth in the CAN-SPAM Act, any violations could result in the FTC seeking civil penalties against us.
Outside the United States, personal data is increasingly subject to regulation in numerous jurisdictions in which we operate, and the requirements can be more restrictive and rigorous than those in the United States. In particular, we are subject to data protection laws in Europe including the General Data Protection Regulation 2016/679 (GDPR) and the United Kingdom General Data Protection Regulation and Data Protection Act of 2018 ("UK GDPR", and collectively referred to as "GDPR"), which impose stringent data protection obligations for processors and controllers of personal data with the risk of enforcement action, civil claims (including class actions), significant penalties (up to the greater of €20 million/£17.5 million or 4% of global turnover) or requirements for us to cease or change how we process personal data and conduct our business. Furthermore, because we are under the supervision of relevant data protection authorities in both the EU and the UK, we may be fined under both the EU GDPR and the UK GDPR for the same breach.
Table of Contents
In addition, we are subject to other laws, regulations and requirements regarding the protection, security or processing of personal data, including the cross-border transfer of personal data or requirements for local storage and processing of data, including in Australia, Brazil and India. Other changes in laws, regulations and other requirements associated with the enhanced protection of certain types of personal data, such as data relating to minors, consumer health data or other sensitive information, could greatly increase the cost and complexity of providing our products and services, require significant changes to our operations or even prevent us from offering certain services in jurisdictions in which we operate.
The GDPR regulates cross-border transfers of personal data out of the European Economic Area ("EEA") and the UK. Case law from the Court of Justice of the European Union ("CJEU") states that reliance on standard contractual clauses (a standard form of contract approved by the European Commission as an adequate personal data transfer mechanism) alone may not necessarily be sufficient in all circumstances and that transfers must be assessed on a case-by-case basis taking into account the legal regime applicable in the destination country. We currently rely on the EU standard contractual clauses, UK Addendum to the EU standard contractual clauses and the UK International Data Transfer Agreement, as relevant, to transfer personal data outside the EEA and the UK with respect to both intragroup and third party transfers. However, we expect the existing legal complexity and uncertainty regarding international personal data transfers to continue. In particular, we expect international transfers to the United States and to other jurisdictions more generally to continue to be subject to enhanced scrutiny by regulators. As regulatory guidance and the enforcement landscape develops, we could suffer additional costs, complaints and/or regulatory investigations or fines, or if we are otherwise unable to transfer personal data between and among countries and regions in which we operate, it could affect the manner in which we provide our services, the geographical location or segregation of our relevant systems and operations, and could adversely affect our business, financial condition and results of operations.
We and our third-party providers are also subject to evolving laws, including in Europe, relating to cookies, tracking technologies and e-marketing. Recent litigation, decisions and guidance are driving increased attention to cookies, tracking technologies and online advertising. In addition, there has been a noticeable increase in class actions in the United States where plaintiffs have utilized a variety of laws, including state wiretapping laws, in relation to the use of cookies and other tracking technologies. Any changes to laws relating to cookies, tracking technologies and e-marketing or the interpretation of relevant laws, including if the trend of increased enforcement by European regulators of the strict approach to consent for the placement of non-essential cookies and tracking technologies in recent guidance and decisions continues, could disrupt and harm our business.
The interpretation and application of many privacy, data protection, consumer protection and e-marketing laws are, and will likely remain, uncertain, and these laws may be interpreted and applied in a manner that is inconsistent with our existing data management practices or product features. Any failure or perceived failure by us and/or various third-party service providers and partners with which we do business to comply with or take steps to address such laws and other requirements relating to privacy, data security or the processing of personal data, or any cybersecurity incident, could damage our reputation, lead to an erosion of trust, result in a loss of creators or consumers, inhibit sales, discourage potential creators and consumers from trying our platform, result in fines, lawsuits (including class actions) and other claims and penalties, or require us to fundamentally change our business activities and practices or modify our products, any of which could harm our business, financial condition and results of operations. In addition, given the breadth and depth of changes in data protection obligations, ongoing compliance with evolving interpretations of applicable U.S. state data protection and privacy laws, the GDPR and other laws and requirements requires time and resources and a review of the technology and systems currently in use against such requirements. In addition to government regulation, privacy advocacy and industry groups may propose new and different self-regulatory standards that either legally or contractually apply to us, and complying with such regulatory standards could result in additional costs.
Our acquisition strategy to date, and going forward, often results in the winding down of the acquired platforms over a lengthy period of time while the existing creators migrate to our platform. The focus often shifts away from these legacy platforms to meeting the needs of migrated creators on our platform. The existence of these legacy platforms within a shifting landscape regarding privacy, data protection and data security may result in regulatory liability or exposure to fines. A cybersecurity incident on a legacy platform may harm our reputation and our brand and may adversely affect our business, including the migration of existing creators to our platform. See the risk factor below titled “If we or our third-party providers fail to protect information, including personal data or sensitive information about creators, consumers or employees and/or IT systems and operations against software or hardware vulnerabilities, service interruptions, data loss, ransomware, attacks or other cybersecurity incidents, we could experience a loss of creators or consumers, exposure to liability, or an adverse impact on our reputation, brand, business, financial condition or results of operations”. We may also become exposed to potential liabilities and our attention and resources may be diverted as a result of differing privacy regulations pertaining to our applications.
Table of Contents
If we or our third-party providers fail to protect information, including personal data or sensitive information about creators, consumers or employees and/or IT systems and operations against software or hardware vulnerabilities, service interruptions, data loss, ransomware, attacks or other cybersecurity incidents, we could experience a loss of creators or consumers, exposure to liability, or an adverse impact on our reputation, brand, business, financial condition or results of operations.
As an online platform, we rely on computer systems, hardware, software, technology infrastructure and online sites and networks for both internal and external operations that are critical to our business. Despite the implementation of security measures, we and our third-party providers are vulnerable to power outages, telecommunications failures, interruptions or shutdowns of our platform and catastrophic events, as well as cybersecurity risks that threaten the confidentiality, integrity and availability of our and third party providers’ information systems, technology, and confidential information (including information about our creators, consumers, employees and others, intellectual property and proprietary information such as trade secrets) through diverse attack vectors, including computer viruses, bugs or other vulnerabilities in software that is integrated into our (or our providers’) systems and products, break-ins, intentional or accidental actions or inaction by employees or others with authorized access to our or our providers’ networks, social engineering/phishing attacks, denial-of-service attacks, malicious or destructive code, malware, ransomware attacks, and other cyber attacks, data breaches and cybersecurity incidents.
Cyber attacks and security incidents (including through security breaches, computer malware and computer hacking attacks) upon information systems are accelerating on a global basis in their frequency, magnitude, levels of persistence, intensity and sophistication, and threat actors are using rapidly changing techniques and tools – including AI – that circumvent security controls, evade detection and remove forensic evidence, and are being conducted by diverse threat actors, including sophisticated and organized groups, state-sponsored organizations and individuals with a wide range of motives and expertise. A successful cyber attack or cybersecurity incident could occur and persist for an extended period of time before being detected.
As we continue to grow our business, expand to new geographical locations, and gain greater public visibility, we will continue to face a higher risk of being targeted by cyber attacks. As a result of our (and some of our providers’) transition to a primarily remote workforce, we face increased cybersecurity risks due to our reliance on Internet technology and the number of our employees who are working remotely, which may create additional opportunities for threat actors to exploit vulnerabilities. Additionally, any current or future integration of AI in our or any of our providers’ operations, products or services is expected to pose new or unknown cybersecurity risks and challenges. Moreover, we have acquired and may continue to acquire companies with cybersecurity vulnerabilities and/or unsophisticated security measures, which exposes us to significant cybersecurity, operational and financial risks. We have experienced in the past, and could experience in the future, credential stuffing attacks in which malicious third parties used or attempted to use credentials compromised in data breaches suffered by other companies to access accounts on our platform. These credential stuffing attacks have in the past, and may in the future, result in the unauthorized takeover of a customer's account and the illegal abuse of account privileges to misdirect funds to bank accounts owned or controlled by such criminal actors, which may subject us to liability for illegal transactions. It is possible that such incidents of account takeover fraud could increase in the future. The misuse of our products or services for illegal or improper purposes could subject us to claims, individual and class action lawsuits, and government and regulatory investigations, prosecutions, enforcement actions, inquiries, or requests that could result in liability and reputational harm for us.
While we employ security measures intended to prevent, detect, and mitigate potential for harm to our users from the theft of or misuse of credentials on our network, these security measures may not be effective in every instance and may require significant costs. Furthermore, the prevalent use of mobile devices increases the risk of cybersecurity incidents. Misplaced, stolen or compromised mobile devices used at events for ticket scanning, or otherwise, could lead to unauthorized access to the device and data stored on or accessible through such device. We have in the past experienced breaches of our security measures, and our platform and systems are at risk for future breaches and incidents, including as a result of third-party action or employee, service provider, partner or contractor error or malfeasance. In the future, our financial performance may be impacted further if we face additional costs and expenses from customer compensation and retention incentives, creator loss, regulatory inquiries, litigation and further remediation and upgrades to our security infrastructure. Although we have insurance coverage, our policy may not cover all financial expenses related to cybersecurity incidents, and there is no guarantee that applicable insurance will be available to us in the future on economically reasonable terms or at all.
In addition, our platform involves the storage and transmission of personal information of our creators and consumers in our facilities and on our third-party equipment, computer systems, hardware, software, technology infrastructure and online sites and networks. Cybersecurity incidents expose us to legal claims or proceedings (such as class actions), remediation costs, increased costs for security measures, loss of revenue, damage to our reputation, customer loss and potential liability.
Table of Contents
Information and corporate information systems and security measures may be breached or adversely impacted due to the actions of outside parties, employee error or misconduct, malfeasance, a combination of these or otherwise, and, as a result, an unauthorized party may obtain access to our information systems and confidential information, including information relating to our creators and consumers. Additionally, outside parties may attempt to fraudulently induce employees, creators or consumers to disclose sensitive information in order to gain access to creator or consumer data. We will continuously examine and modify our security controls and business policies to address the use of new devices and technologies, and the increasing focus by consumers and regulators on controlling and protecting personal data. We may need to expend significant resources to protect against and remedy any potential cybersecurity incidents and their consequences, including making notifications to governmental authorities and affected individuals. For example, laws in the EU and UK and all 50 U.S. states require businesses to provide notice to individuals whose personal information has been disclosed as a result of certain data security breaches. Any cybersecurity incident or adverse impact to the availability, integrity or confidentiality of our platform or information systems, the systems or networks of our third-party service providers or partners, or any unauthorized access to information we or our providers and partners process or maintain, could harm our business, financial condition and results of operations.
As any investigation of a cybersecurity incident is inherently unpredictable, the extent of a particular cybersecurity incident and the path of investigating, remediating or recovering from the incident may not be immediately clear. It may take a significant amount of time and resources before an investigation can be completed and full and reliable information about the incident is known. While an investigation is ongoing, we may not necessarily know the extent of the harm or how best to remediate or recover from the incident, certain vulnerabilities could remain and errors or actions could be repeated or compounded before they are discovered and remediated, and communication to the public, regulators, creators, consumers and other stakeholders may be delayed, inaccurate or incomplete, any or all of which could further increase the costs and consequences of a cybersecurity incident. Additionally, applicable rules requirements regarding how to respond, required notices to users, and reporting obligations to creators, consumers, regulators and others vary by jurisdiction.
While we have a cybersecurity risk management program and have implemented security policies and controls intended to protect our information systems, infrastructure and confidential information, there can be no assurance that such measures or our third-party service providers’ and partners’ security measures will successfully anticipate new or existing techniques used by threat actors, protect our systems and information, prevent service interruptions, software or hardware vulnerabilities or other security incidents. Further, if our employees or employees of our third-party service providers fail to comply with our internal security policies and practices, or fully implement our cybersecurity risk management program, our information systems and creator, consumer, employee and other confidential information stored thereon may be improperly accessed, used, disclosed or processed.
Although it is difficult to determine what harm may directly result from any specific interruption or incident, any actual or perceived failure to maintain performance, reliability, security and availability of our network infrastructure, or of any third-party networks or systems used or supplied by our third-party service providers or partners, to the satisfaction of creators and consumers may harm our reputation and our ability to retain existing creators and consumers and attract new creators and consumers.
Examples of situations which have in the past and may in the future lead to unauthorized access to or an adverse impact on the availability, integrity or confidentiality of our information systems or information include, but are not limited to the following:
• employees inadvertently sending financial information of one creator, consumer or employee to another creator, consumer or employee;
• employee malfeasance;
• creators’ failure to properly password protect their leased ticket scanning and site operations devices leaving the data available to anyone using the device;
• a device stolen from an event and data access, alteration or acquisition occurring prior to our remote wiping of the data;
• an employee losing their computer or mobile device or otherwise, allowing for access to our email and/or administrative access, including access to guest lists to events;
• external breaches leading to the circulation of “dark web” lists of user name and password combinations openly vulnerable to attack without immediate detection;
• a hack of one of our databases;
• account takeovers;
• a hack of a third-party service provider’s or partner’s database; and
Table of Contents
• unauthorized access to our offices or other properties.
If an actual or perceived breach of our security or other cybersecurity incident occurs, the market perception of the effectiveness of our cybersecurity risk management program and measures could be harmed, and we could lose existing or future creators and consumers, face lawsuits (including class actions), regulatory investigations and enforcement actions, other legal or regulatory proceedings, damage to our reputation, suffer financial exposure due to such events or in connection with regulatory fines and penalties, incident response, remediation or system restoration efforts, investigation costs, changes or augmentation of our security measures, the expense of taking additional protection measures and future compliance costs. Any or all of the foregoing could materially adversely affect our business, financial condition and results of operations.
We are incorporating generative AI into some of our products. This technology is new and developing and may present operational and reputational risks.
We have incorporated a number of third-party, machine learning algorithms and models, automated decision-making technologies, and generative AI features (collectively, "AI Technologies") into our products. This technology, which is a new and emerging technology that is in its early stages of commercial use, presents a number of risks inherent in its use.
In particular, AI Technologies such as algorithms are based on machine learning and predictive analytics, which can create accuracy issues, unintended biases and discriminatory outcomes. There is a risk that third-party generative AI algorithms (i.e., AI Technologies that can produce and output new content, software code, data and information) used in our products could produce inaccurate or misleading content or other discriminatory or unexpected results or behaviors (e.g., AI hallucinatory behavior that can generate irrelevant, nonsensical or factually incorrect results) that could harm our reputation, business, creators or consumers. Even though we have implemented measures, such as in-product disclosures, which inform creators when content is created for them by generative AI, our creators, consumers or others may rely on or use flawed content or information to their detriment, which may expose us to brand or reputational harm, competitive harm, consumer complaints, legal liability and other adverse consequences. In addition, the use of AI involves significant technical complexity and requires specialized expertise. Any disruption or failure in AI systems or infrastructure that we use could result in delays or errors in our operations, which could harm our business and financial results.
Existing laws and regulations apply to us and our vendors in new ways as a result of our use of AI Technologies and new laws and regulations have already, and likely will continue to be, instituted, the effects of which are difficult to predict. Current and future government regulation specifically related to AI may also increase the burden and cost of research and development in this area and future laws and regulations may require us to revise our offerings powered by AI Technologies. The intellectual property ownership and license rights, including copyright, surrounding AI Technologies has not been fully addressed by courts or laws or regulations, as AI Technology is an emerging technology for which the legal and regulatory landscape is not fully developed. Further, the use or adoption of AI Technologies into our offerings may result in exposure to claims of copyright infringement or other intellectual property misappropriation. While new AI Technologies initiatives, laws, and regulations are emerging and evolving, what they ultimately will look like remains uncertain, and our obligation to comply with them could entail significant costs, negatively affect our business, or entirely limit our ability to incorporate certain AI Technologies into our offerings.
Our payments system depends on third-party providers and is subject to risks that may harm our business.
We rely on third-party providers to support our payments system. Our payments system relies on banks and third-party payout partners and third-party payment processors, including payment facilitators to process payment transactions through various channels including by accessing various payment card networks. These features are designed to enable creators to manage payments in an easy and efficient manner. Any of our payment providers and vendors that do not operate well with our platform could adversely affect these payments services and, in turn, our payment processing capabilities and our business. We have multiple integrations in place at one time allowing for back up processing alternatives on our payments system if a single provider is unable or unwilling to process any given transaction, payment method or currency. However, if any or some of these providers do not perform adequately, determine certain types of transactions as prohibitive for any reason or fail to identify fraud, if these providers’ technology does not interoperate well with our platform, or if our relationships with these providers were to terminate unexpectedly, creators may find our platform more difficult to use and the ability of creators using our platform to sell tickets could be adversely affected, which could cause creators to use our platform less and harm our business, financial condition and results of operations.
We must also continually integrate various payment methods used both within the United States and internationally into our payments system, including features such as Apple Pay, Google Pay, and “buy now, pay later” functionality provided by third-party platforms. To enhance our acceptance in certain international markets we have in the past adopted, and may in the future adopt, locally-preferred payment methods and integrate such payment methods into our payments system, which may
Table of Contents
increase our costs and also require us to understand and protect against unique fraud and other risks associated with these payment methods. If we are not able to integrate new payment methods into payments system effectively, our business, financial condition and results of operations could be harmed.
Our payment processing partners require us to comply with payment card network operating rules, which are set and interpreted by the payment card networks. The payment card networks could adopt new operating rules specific to the types of payments services that we support or couple interpret or re-interpret existing rules in ways that might restrict or prohibit us from providing or enabling certain payments services to creators, or could be costly or difficult to implement. We have agreed to reimburse our payment processors for fines they are assessed by payment card networks if we or creators using our platform are deemed to have violated these rules, including, for example, in the event that our processing of certain types of transactions is interpreted as a violation of applicable payment card network operating rules.
In addition, payment card networks and payment processing partners could increase the fees they charge us for their services, including in connection with a consumer's use of certain payment cards or other payment methods, which would increase our operating costs and reduce our margins. If we are unable to negotiate favorable economic terms with these partners, our business, financial condition and results of operations could be harmed.
We face potential liability, expenses for legal claims and harm to our business based on the nature of the events business.
We face potential liability and expenses for legal claims relating to the events business, including potential claims related to event injuries or the spread of disease allegedly caused by us, creators, service providers, partners or unrelated third parties. For example, from time to time third parties assert legal claims against us in connection with personal injuries, which may include deaths, related to occurrences at an event. See the risk factor above titled “Factors adversely affecting the live event market could impact our results of operations” for additional information. Even if our personnel are not involved in these occurrences, we may face legal claims and incur substantial expenses to resolve such claims. Further, if we provide resources regarding event safety, or on-site personnel to support ticketing at an event, we may face liability related to our provision of such services, including legal claims against us in connection with personal injuries, which may include deaths or spread of disease. Our liability insurance coverage may not be sufficient to satisfy, or may not cover, any expenses or liabilities that may arise.
We operate in a competitive landscape and compete with a variety of competitors to secure new and retain existing consumers and creators. If we cannot successfully compete with existing or potential competitors, our business, financial condition and results of operations will be harmed.
We operate in a competitive landscape that provides consumers and creators with many channels to promote or engage with live experiences. We compete with a variety of competitors to secure new and retain existing consumers and creators. For consumers, we face competition from a number of media, including but not limited to: (i) other ticketing providers; (ii) search engines, namely Google, that aggregate consumer demand and search volume for things to do; (iii) localized search platforms that pinpoint specific types of events in target geographical regions; (iv) social media platforms with large influencer presences that cater to audiences based on recent patterns and algorithms; and (v) emerging AI-powered and chat-based discovery interfaces that may change how consumers search for, compare, and transact for experiences, and may affect traffic patterns, conversion dynamics, and user experience expectations. Some competitors for consumers are also partners we rely on for consumer reach. For creators, we face competition from a number of solutions, including but not limited to: (i) other ticketing providers; (ii) creator-developed ad hoc systems; and (iii) event marketplaces with planning solutions, which are typically dedicated to a particular category of events in a limited number of geographies. Some of our competitors for creators have existing relationships or may develop relationships with potential creators or the venues or facilities used by those creators, which have in the past caused and may in the future cause those creators to be unwilling or unable to use our platform and this may limit our ability to successfully compete in certain markets where such relationships are common. For example, some competitors purchase venues or rights to events and/or enter into exclusivity agreements with creators. If creators do not remain independent from our potential competitors, demand for our platform will diminish and our business, financial condition and results of operations will be harmed.
Some of our current and potential competitors have significantly more financial, technical, marketing and other resources, are able to devote greater resources to the development, promotion, sale and support of their services, have more extensive consumer and creator bases and broader relationships with them, are able to promote events to their more extensive consumer and creator bases which leads to greater event discovery and attendance, have longer operating histories and greater name recognition than we do.
We may also compete with potential entrants into the market that currently do not offer the same services but could potentially leverage their networks in the market in which we operate. For instance, large e-commerce companies such as eBay and Amazon have in the past operated, or currently operate, within the ticketing space. In addition, other large companies with large user-bases that have substantial event-related activity, such as Meta and Spotify, have products in the events space. These
Table of Contents
competitors may be better able to undertake more extensive marketing campaigns, build products and features faster than we can and/or offer their solutions and services at a discount to ours. Furthermore, some of our competitors may customize their products to suit a specific event type, category or customer. These competitors may be able to devote greater resources to better understand user data to be able to personalize event recommendations. If we are unable to compete with such alternatives, the demand for our solutions could decline.
We outsource a portion of our business operations, including our customer support functions, to third-party providers outside the United States. Outsourcing these functions has significant risks, and our failure to manage these risks successfully could materially adversely affect our business, financial condition and results of operations.
We outsource a portion of our business operations to third-party providers located outside the United States, including the outsourcing of some of our front-line customer support functions to third-party providers located in the Philippines and El Salvador. The services provided by these third-party providers include, but are not limited to, supporting critical financial functions such as creator payouts, chargeback management, and fraud identification. These third-party providers may make errors and not comply with our contractual requirements, and their personnel may not provide us or our creators and consumers with an acceptable level of service, which could damage our relationships with our creators and consumers. This could result in financial loss and significant disruptions in our operations, and replacing currently outsourced functions could result in significantly increased costs to undertake our operations. In addition, our outsourced functions may be negatively impacted by any number of factors, including political unrest, public health crises, social unrest, terrorism, war, vandalism, currency fluctuations, changes to the laws of the jurisdictions in which we do business or outsource operations, or increases in the cost of labor and suppliers in any jurisdiction in which we outsource any portion of our business operations. As a result of our outsourcing activities, it may also be more difficult for us to recruit and retain qualified employees for our business needs at any time. Any failure to successfully outsource portions of our business operations could materially adversely affect our business, financial condition and results of operations.
If we do not manage the risks of operating internationally effectively, our business, financial condition and results of operations could be harmed.
In 2025 and 2024, we derived 28% and 27%, respectively, of our net revenue from outside of the United States. We currently have various offices outside the United States, including offices in the United Kingdom, India, Ireland, Spain, Australia and Argentina. We have concentrated engineering and business development teams in India and Spain. Our international operations and results are subject to a number of risks, including:
• difficulties in attracting and retaining new creators and a catalog of locally relevant, high-quality events in the geographies we target to grow our marketplace;
• preferences by local populations for local providers;
• currency exchange restrictions or costs and exchange rate fluctuations and the risks and costs inherent in hedging such exposures;
• difficulties in managing and staffing international operations, including due to our primarily remote workforce, differences in employment laws, regulations and employee norms and collective bargaining processes;
• new and modified laws and regulations regarding data privacy, data protection, ticketing and information security;
• exposure to local economic or political instability, threatened or actual acts of terrorism and violence and changes in the rights of individuals to assemble, including challenges attracting and retaining talent in Argentina as a result of hyperinflation;
• compliance with U.S. and non-U.S. regulations, laws and requirements relating to anti-corruption, antitrust or competition, economic sanctions, data content and privacy, consumer protection, employment and labor laws, health and safety and advertising and promotions;
• compliance with additional U.S. laws applicable to U.S. companies operating internationally and interpretations of U.S. and international tax laws;
• weaker enforcement of our contractual and intellectual property rights;
• laws and business practices that favor local competitors or prohibit or limit foreign ownership of certain businesses;
• slower adoption of the Internet as a ticketing, advertising and commerce medium, which could limit our ability to migrate international operations to our existing systems; and
• exposure to regional or global public health concerns, epidemics and pandemics.
Table of Contents
Despite our experience operating internationally, any future expansion efforts into new countries may not be successful. Our international expansion has placed, and any future international growth may increasingly place, a significant strain on our management, customer service, product development, sales and marketing, administrative, financial and other resources. We cannot be certain that the investment and additional resources required in expanding our international operations will be successful or produce desired levels of revenue or profitability in a timely manner, or at all. Furthermore, certain international markets in which we operate have lower margins than more mature markets, which could have a negative impact on our margins as our revenue from these markets grows over time.
We may choose in certain instances to localize our platform to the unique circumstances of such countries and markets in order to achieve market acceptance, which can be complex, difficult and costly and divert management and personnel resources. Our failure to adapt our practices, platform, systems, processes and contracts effectively to the creator and consumer preferences or customs of each country into which we expand could slow our growth. If we are unable to manage our international growth successfully, our business, financial condition and results of operations could be harmed.
Our metrics and estimates are subject to inherent challenges in measurement, and real or perceived inaccuracies in those metrics may seriously harm and negatively affect our reputation and our business.
We regularly review metrics to evaluate growth trends, measure our performance, and make strategic decisions. These metrics are calculated using internal company data and have not been validated by an independent third-party. Errors or inaccuracies in our metrics or data could result in incorrect business decisions and inefficiencies. Furthermore, if we discover material inaccuracies in our metrics, we may not be able to accurately assess the health of our business and our reputation and our business may be harmed.
Creator and consumer attraction and retention depend upon effective interoperation with operating systems, networks, protocols, devices, web browsers and standards that we do not control.
We make our platform available across a variety of operating systems and web browsers. We are dependent on the interoperability of our platform with popular devices, mobile operating systems and web browsers that we do not control, such as Android, iOS, Chrome and Firefox. In addition, we are dependent on protocols like email and push notification to communicate with our creators and consumers. Any changes, bugs or technical issues in such systems, devices, protocols or web browsers that degrade the functionality of our platform, make it difficult for creators or consumers to access or use our platform, impose fees related to our platform or give preferential treatment to competitive products or services could adversely affect usage of our platform. In the event that it is difficult for creators or consumers to access and use our platform, our business and results of operations could be harmed.
We rely on software and services licensed from other parties. Defects in or the loss of software or services from third parties could increase our costs and adversely affect the quality of our service.
Components of our platform include various types of software and services licensed from unaffiliated third parties. Our business could be disrupted if any of the software or services we license from others or functional equivalents thereof were either no longer available to us or no longer offered on commercially reasonable terms. In either case, we could be required to either redesign our platform to function with software or services available from other parties or develop these components ourselves, which could result in increased costs and could result in delays in the release of new solutions and services on our platform. Furthermore, we might be forced to limit the features available in our platform due to changes by our third-party software and service providers. In addition, if we fail to maintain or renegotiate any of these software or service licenses, we could face significant delays and diversion of resources in attempting to license and integrate functional equivalents.
If we fail to adequately protect our intellectual property rights, our competitive position could be impaired and we may lose valuable assets, generate reduced revenue and incur costly litigation to protect our rights.
Our success is dependent, in part, upon protecting our intellectual property rights. We rely on a combination of patents, copyrights, trademarks, service marks, trade secret laws and contractual restrictions to establish and protect our intellectual property rights in our platform. However, the steps we take to protect our intellectual property may be inadequate. We will not be able to protect our intellectual property if we are unable to enforce our rights or if we do not detect unauthorized use of our intellectual property. While we take precautions, it may still be possible for unauthorized third parties to copy our technology and use our proprietary information to create solutions and services that compete with ours. Some license provisions protecting against unauthorized use, copying, transfer and disclosure of our technology may be unenforceable under the laws of certain jurisdictions and foreign countries. Further, the laws of some countries do not protect proprietary rights to the same extent as the laws of the United States. To the extent we expand our international activities, our exposure to unauthorized copying and use of our technology and proprietary information may increase.
Table of Contents
It is our policy to enter into confidentiality and invention assignment agreements with our employees and consultants and to enter into confidentiality agreements with the parties with whom we have strategic relationships and business alliances. No assurance can be given that these agreements will be effective in controlling access to, and use and distribution of, our platform and proprietary information. Further, these agreements do not prevent our competitors from independently developing technologies that are substantially equivalent or superior to our platform or solutions.
In order to protect our intellectual property rights, we may be required to spend significant resources to monitor and protect these rights. Litigation may be necessary in the future to enforce our intellectual property rights and to protect our trade secrets. Litigation to protect and enforce our intellectual property rights could be costly, time consuming and distracting to management and could result in the impairment or loss of portions of our intellectual property. Our efforts to enforce our intellectual property rights may be met with defenses, counterclaims and countersuits attacking the validity and enforceability of our intellectual property rights. Our inability to protect our proprietary technology against unauthorized copying or use, as well as any costly litigation or diversion of our management’s attention and resources, could delay further implementation of our platform or solutions, impair the functionality of our platform or solutions, delay introductions of enhancements to our platform, result in our substituting inferior or more costly technologies into our platform or solutions, or injure our reputation. In addition, we may be required to license additional technology from third parties to develop and market new features in our platform or solutions, and we cannot assure you that we could license that technology on commercially reasonable terms or at all. Our inability to license such technology on commercially reasonable terms could adversely affect our ability to compete, and harm our business, financial condition and results of operations.
We use third-party open source software in our platform, which could subject us to litigation or other actions.
We use open source software in our platform and may use more open source software in the future. The terms of many open source licenses to which we are subject have not been interpreted by U.S. or foreign courts, and there is a risk that open source software licenses could be construed in a manner that imposes unanticipated conditions or restrictions on our provision of our platform. From time to time, companies that use open source software have faced claims challenging the use of open source software or compliance with open source license terms, and we could be subject to such lawsuits. Litigation could be costly for us to defend, harm our business, financial condition and results of operations or require us to devote additional research and development resources to change our platform. In addition, if we were to combine our proprietary software with open source software in a certain manner, we could, under certain open source licenses, be required to release the source code of our proprietary software. If we inappropriately use open source software, we may be required to re-engineer parts of our platform, extract the open source software at issue or take other remedial actions. In addition to risks related to license requirements, use of certain open source software can lead to greater risks than use of third-party commercial software, as open source licensors generally do not provide support, warranties, indemnification or other contractual protections on the origin of software equivalent to those provided by third-party commercial software providers. Any of the foregoing could adversely impact the value or enforceability of our intellectual property, and materially adversely affect our business, financial condition and results of operations.
Our results of operations may be adversely affected if we are subject to a protracted intellectual property rights infringement claim or a claim that results in a significant damage award.
There is considerable patent and other intellectual property development activity in our industry. Our success depends on our not infringing or misappropriating upon the intellectual property rights of others. Our competitors, as well as a number of other entities, including non-practicing entities and individuals, may own or claim to own intellectual property rights relating to our industry and may challenge the validity or scope of our intellectual property rights. From time to time, third parties, including our competitors and non-practicing entities, have claimed and may in the future claim that our products or technologies may infringe or misappropriate their intellectual property rights and may assert patent, copyright, trade secret and other claims based on intellectual property rights against us and our creators and vendors. A claim may also be made relating to technology or intellectual property rights that we acquire or license from third parties. If we were subject to a claim of infringement, regardless of the merit of the claim or our defenses, the claim could:
• require costly litigation to resolve and the payment of substantial damages;
• require significant management time;
• cause us to enter into unfavorable royalty or license agreements;
• require us to discontinue the sale of solutions through our platform;
• require us to indemnify creators or third-party service providers or partners; and/or
• require us to expend additional development resources to redesign our platform.
Table of Contents
Our failure to comply with the various export controls and trade and economic sanctions laws and regulations to which we are subject could subject us to liability, including civil and criminal penalties, or restrictions on sales.
We are subject to economic and trade sanctions laws and regulations of the United States and applicable international jurisdictions, such as those that are administered by the U.S. Treasury Department’s Office of Foreign Assets Control ("OFAC"). Such laws and regulations prohibit or restrict transactions and dealings involving specified countries, their governments, and certain individuals and entities, including those that are specially designated sanctions targets, or 50% or more by the same (collectively, "Sanctions"). As federal, state and foreign legislative regulatory scrutiny and enforcement actions in these areas increase, we expect our compliance costs to increase, perhaps substantially. Failure to comply with any of these requirements could result in the limitation, suspension or termination of our platform, imposition of significant civil and criminal penalties, including fines, and/or the seizure and/or forfeiture of our assets, as well as reputational harm. While we endeavor to conduct our business in compliance with applicable laws and regulations, and maintain policies and procedures reasonably designed to ensure compliance with Sanctions, we cannot guarantee that these measures will be fully effective in ensuring compliance and preventing violations in the future, particularly as the scope of certain laws may be unclear and may be subject to change. The development, implementation and maintenance of Sanctions compliance policies and procedures may be time-consuming or result in the delay or loss of sales opportunities or impose other costs.
Further, our products incorporate encryption technology. These encryption products may be exported from the United States only with the required export authorizations, including by a license, a license exception or other appropriate government authorizations. Such products may also be subject to certain regulatory reporting requirements. Various countries also regulate the import of certain encryption technology, including through import permitting and licensing requirements, and have enacted laws that could limit our creators’ and consumers' ability to import our services into those countries. Governmental regulation of encryption technology and of exports and imports of encryption products, or our failure to obtain required approval for our products and services, when applicable, could subject us to legal penalties, harm our international sales and adversely affect our revenue. Compliance with applicable regulatory requirements regarding the provision of our products and services, including with respect to new products and services, may delay the introduction of our products and services in various markets or, in some cases, prevent the provision of our products and services to some countries altogether.
Any change in export or import regulations, economic sanctions or related legislation, or change in the countries, governments, persons or technologies targeted by such regulations, could result in decreased use of our products by, or in our decreased ability to export or sell our products to, existing or potential creators and consumers with international operations. Any decreased use of our products or limitation on our ability to export or sell our products would likely adversely affect our business, financial condition and results of operations.
Our business is subject to a wide range of laws and regulations. Our failure to comply with those laws and regulations could harm our business.
We are subject to a number of U.S. federal and state and foreign laws and regulations that involve matters central to our business. For example, our platform is subject to an increasingly strict set of legal and regulatory requirements intended to help detect and prevent money laundering, terrorist financing, fraud and other illicit activity. The interpretation of those requirements by judges, regulatory bodies and enforcement agencies is changing, often quickly and with little notice. Changes in laws and regulations could impose more stringent requirements on us to detect and prevent illegal and improper activity by creators, which can increase our operating costs and reduce our margins. For example, in the United States, platforms like ours generally are immune from content generated by users or other third parties under Section 230 of the Communications Act of 1934, as amended by the Communications Decency Act (Section 230). If Section 230 is interpreted by courts or amended by Congress in a manner that reduces the scope of liability protection available to platforms like ours, we will need to increase our content moderation operations, which may harm our business, financial condition and results of operations.
In addition, our business is subject to many laws and regulations, both foreign and domestic. These laws and regulations vary from jurisdiction to jurisdiction and may sometimes conflict. For example, in November 2022, the EU Digital Services Act ("DSA") came into force, and in February 2024, the majority of the DSA’s substantive provisions relating to content moderation and transparency, which apply to us, took effect. The extent of regulatory enforcement and the additional obligations that may be imposed upon us under the DSA and similar pending legislation is not clear yet. The DSA may increase our compliance costs and require changes to our user interfaces and content moderation processes and operations, which may adversely affect our ability to attract and provide our services to creators and consumers, and may otherwise affect our business, financial condition and results of operations. Failure to comply with the DSA can result in fines of up to 6% of total annual worldwide turnover, and recipients of services have the right to seek compensation from providers in respect of damage or loss suffered due to infringement by the provider to comply with the DSA. Similarly, in the United Kingdom, the Online Safety Act 2023 (the "OSA") establishes an extensive regulatory framework for certain user-to-user and search services and imposes obligations to protect users from illegal content which, if applicable, may increase compliance costs and may otherwise
Table of Contents
adversely affect our business, financial condition and results of operations. Failure to comply with the OSA can result in fines of up to 10% of total annual worldwide turnover or £18 million (whichever is greater).
We collaborate closely with fellow stakeholders toward bipartisan, comprehensive, live event ticketing reform. For example, we have supported the Senate’s Fans First Act (S. 3457), which aims to improve ticketing transparency by ensuring clear pricing, banning speculative ticketing, and eliminating deceptive websites, as well as implementing additional consumer protections. Our goal is to help improve the live event ecosystem by fostering ticketing marketplace integrity, restoring the faith of consumers and the ability of artists and event creators to host successful events. Outside of ticketing regulations, creators are often subject to regulations of their own, such as permitting and crowd control requirements. Regulatory agencies or courts may claim or hold that we are responsible for ensuring that creators comply with these laws and regulations, which could greatly increase our compliance costs, expose us to litigation, subject us to fines and penalties and otherwise harm our business.
Failure to comply with anti-corruption, anti-bribery and similar laws associated with our activities outside of the United States could subject us to penalties and other adverse consequences.
We are subject to the U.S. Foreign Corrupt Practices Act of 1977, as amended ("FCPA"), the United Kingdom Bribery Act 2010 (the "Bribery Act"), and other anti-corruption and anti-bribery laws in various jurisdictions, both domestic and abroad, where we conduct business. The FCPA and the Bribery Act prohibit us and our officers, directors, employees and business partners acting on our behalf, including agents, from, directly or indirectly, corruptly offering, promising, authorizing or providing anything of value to a “foreign official” for the purposes of influencing official decisions to obtain or retain business or otherwise secure an improper advantage. The FCPA further requires us to make and keep books, records and accounts that accurately reflect transactions and dispositions of assets and to maintain a system of adequate internal accounting controls. The Bribery Act also prohibits private-sector bribery, and accepting bribes. Our sales team sells use of our platform abroad, and we face significant risks if we fail to comply with the FCPA and other applicable anti-corruption laws. We operate in many jurisdictions around the world and may also have direct or indirect interactions with officials and employees of government agencies or state-owned or affiliated entities and we may be held liable for the corrupt or other illegal activities of third-party intermediaries, our employees, representatives, contractors, partners, service providers and agents, even if we do not authorize such activities. While we have policies and procedures to address compliance with such laws, we cannot ensure that all of our employees and agents, as well as those contractors to which we outsource certain of our business operations, will not take actions in violation of our policies or agreements and applicable law, for which we may be ultimately held responsible.
Any violation of the FCPA, the Bribery Act or other applicable anti-corruption and anti-bribery laws could subject us to significant sanctions, including civil or criminal fines and penalties, disgorgement of profits, injunctions and debarment from government contracts, as well as related stockholder lawsuits and other remedial measures, all of which could harm our reputation, business, financial condition and results of operations. Responding to any investigation may result in a significant diversion of management’s attention and resources and significant defense costs and other professional fees.
Failure to comply with payment network rules and to address the operational and compliance risks associated with our payments methods or practices could harm our business and results of operations.
Our platform uses payment services for ticket purchases and to make payments to event organizers. We accept payments using a variety of methods, including credit and debit cards. As we offer new payment options to our creators and consumers, we may be subject to additional rules, regulations, compliance requirements and higher fraud losses.
We rely upon third-party payment services providers to provide key aspects of these payment services. Our utilization of such payment services may be impacted by factors outside of our control, including disruptions in the payment processing industry generally. If these service providers do not perform adequately or experience a data security incident or fail to comply with applicable laws, payment network rules, and industry standards or if our relationships with these service providers were to change or terminate (or if they become willing or unable to provide services to us), it could disrupt our business and negatively affect our ability to receive payments and our creators' and consumers’ ability to complete purchases. This could decrease revenue, increase costs, lead to potential legal liability, and negatively impact our brand and business.
Any noncompliance with anti-money laundering or payments regulations or laws by our payment services providers or other partners in performing services for us could impact our reputation, divert substantial resources, result in liabilities, force us to restructure, or require changes in payments options, which may harm our business, financial condition and results of operations.
Under current credit, debit and payment card practices and network rules, we are liable for fraudulent activity on our credit and debit card transactions. We may incur losses if we fail to prevent the use of fraudulent payment information on transactions. Fraud schemes are becoming increasingly sophisticated and common, and our ability to detect and combat
Table of Contents
fraudulent schemes may be negatively impacted by the adoption of new payment methods and new technology platforms. If we or our providers fail to identify fraudulent activity or are unable to effectively combat the use of fraudulent payments on our platform or if we otherwise experience increased levels of disputed payments or transactions, our results of operations and financial positions could be materially adversely affected. In addition, our failure to adequately mitigate this risk could damage our reputation and brand and substantially harm our business, financial condition, results of operations, prospects and our ability to accept payments.
For certain payment methods, we pay interchange and other related acceptance fees, along with additional transaction processing fees. Payment card networks and our third-party payment services providers could increase the fees or interchange they charge us for their services or to accept or process card transactions, which would increase our operating costs and reduce our margins. Any such increase in fees could harm our business, financial condition and results of operations.
Additionally, we and our third-party payment service providers are subject to the Payment Card Industry Data ("PCI") Data Security Standard ("PCI-DSS"), issued by the PCI Council. PCI DSS is a multifaceted security standard that contains compliance guidelines and standards with regard to our security surrounding the physical administrative and technical storage, processing and transmission of individual cardholder data. Failure to be PCI-compliant or to meet other payment card standards may result in the imposition of financial penalties or the allocation by the card network of the costs of fraudulent charges to us. Additionally, if we or they experience substantial losses related to payment card transactions or in the event of noncompliance with PCI-DSS, we may choose to, or be required to, cease accepting certain payment cards for payment. Card associations and payment networks and their member financial institutions regularly update and generally expand security expectations and requirements related to the security of cardholder data and environments, which could make it difficult or impossible for us to comply and could require a change in our business operations.
We are also subject to rules governing electronic funds transfers and payment card association rules, which could change over time, and must comply with evolving payment card association and network operating rules. Any change in these rules and requirements could make it difficult or impossible for us to comply and could require a change in our business operations. In addition, similar to a potential increase in costs from third-party providers described above, any increased costs associated with compliance with payment card association rules or payment card provider rules could lead to increased fees for us or our creators and consumers.
Failure to comply with laws and regulations related to payments could harm our business and results of operations.
Global laws and regulations that govern payment methods and processing are complex, and we may be required to expend considerable time and effort to determine if such laws and regulations apply to our business. There can be no assurance that we will be able to meet all compliance obligations under applicable law, including obtaining any such licenses in all of the jurisdictions we operate in or offer a service in, and, even if we were able to do so, there could be substantial costs and potential product changes involved in complying with such laws, which could have a material and adverse effect on our business, financial condition and results of operations. Any noncompliance by us in relation to existing or new laws and regulations, or any alleged noncompliance, could result in reputational damage, litigation, penalties, fines, increased costs or liabilities, damages, or require us to stop offering payment services in certain markets.
For example, if we are deemed to be a money transmitter or money services business as defined by applicable regulation, we could be subject to certain laws, rules and regulations enforced by multiple authorities and governing bodies in the United States and numerous state and local agencies who may define money transmitter and money services business differently. If we were required to be licensed or registered as a money transmitter or money services business (or otherwise determined that obtaining state money transmission licenses or that registration under Federal money services business or anti-money laundering laws would further our business purposes), we would be subject to anti-money laundering requirements, recordkeeping and reporting requirements, as well as bonding requirements, restrictions on the use of customer funds and other obligations. We would also be subject to examination and oversight by applicable state licensing regulatory authorities. Additionally, outside of the United States, we could be subject to additional laws, rules and regulations related to the provision of payments and financial services, and as we expand into new jurisdictions, the foreign regulations and regulators governing our business that we are subject to will expand as well. If we are found to be a money transmitter or money services business under any applicable regulation and we are not in compliance with such regulations, we may be subject to investigations by regulators and to fines or other penalties in one or more jurisdictions levied by federal or state or local regulators, including state Attorneys General, as well as those levied by foreign regulators and governmental bodies. In addition to investigations and fines, penalties we may be subject to civil or criminal actions, fines, penalties, forfeiture, remedial measures, costs, legal fees, reputational damage, or other negative consequences for failing to comply with applicable rules and regulations could include criminal and civil proceedings, forfeiture of significant assets or other enforcement actions, all of which may harm our business, financial condition and results of operations. We could also be required to make changes to our business practices or
Table of Contents
compliance programs as a result of regulatory scrutiny or if we are deemed to be a money transmitter or money services business.
Additionally, the laws and regulations related to payments are subject to change, and vary across different jurisdictions in the United States and globally. Changes in laws, rules and regulations, including in their interpretation and application, have occurred and may occur in the future, which may impact our business practices. Given the complex and constantly evolving nature of these laws and regulations, we are required to spend significant time, resources, and effort to assess their application and any compliance measures needed. F ailure to predict how a U.S. law or regulation or a law or regulation from another jurisdiction in which we operate with respect to money transmission, money services business or similar requirements apply or will be applied to us could result in licensure or registration requirements, administrative enforcement actions, penalties, fines and costs, and could materially interfere with our ability to offer certain payment methods or to conduct our business in particular jurisdictions.
The factors identified here could impose substantial additional costs, involve considerable delay to the development or provision of our solutions, require significant and costly operational changes, or prevent us from providing our products or solutions in any given market.
If currency exchange rates fluctuate substantially in the future, our results of operations, which are reported in U.S. dollars, could be adversely affected.
Our international operations expose us to the effects of fluctuations in currency exchange rates. Many of our creators live or operate outside the United States, and therefore we have significant ticket sales denominated in foreign currencies, most notably the British Pound, Euro, Canadian Dollar and Australian Dollar. If currency exchange rates remain at current levels, currency translation could continue to negatively affect net revenue growth for events that are not listed in U.S. dollars and could also reduce the demand for U.S. dollar denominated events from consumers outside of the United States. Further, we incur expenses for employee compensation and other operating expenses at our international locations in the local currency. Because we conduct business in currencies other than U.S. dollars but report our results of operations in U.S. dollars, we face exposure to fluctuations in currency exchange rates, which could harm our results of operations.
Our business may be subject to sales tax and other indirect taxes in various jurisdictions. In addition, creators may also be subject to certain taxes.
The application of indirect taxes, such as sales and use tax, amusement tax, value-added tax, goods and services tax, business tax and gross receipts tax, to businesses like ours and to creators and consumers is a complex and evolving issue. Significant judgment is required to evaluate applicable tax obligations and as a result, amounts recorded are estimates and are subject to adjustments. In many cases, the ultimate tax determination is uncertain because it is not clear how new and existing statutes might apply to our business.
One or more states, localities, the federal government or other countries may seek to impose additional reporting, record-keeping or indirect tax collection obligations on businesses like ours that facilitate online commerce. For example, taxing authorities in the United States and other countries have identified e-commerce platforms as a means to calculate, collect and remit indirect taxes for transactions taking place over the Internet, and are considering related legislation. An increasing number of jurisdictions have enacted laws or are considering enacting laws requiring marketplaces to report user activity or collect and remit taxes on certain items sold on the marketplace. Imposition of an information reporting or tax collection requirement could decrease creator or consumer activity on our platform, which would harm our business. New legislation could require us or creators to incur substantial costs in order to comply, including costs associated with tax calculation, collection and remittance and audit requirements, which could make using our platform less attractive and could adversely affect our business, financial condition and results of operations.
We face sales and use tax and value-added tax audits in certain states and international jurisdictions and it is possible that we could face additional sales and use tax and value-added tax audits in the future in additional jurisdictions and that our liability for these taxes could exceed our reserves as state or international tax authorities could assert that we are obligated to collect additional amounts as taxes from creators and remit those taxes to those authorities. We could also be subject to audits and assessments with respect to state, local and international jurisdictions for which we have not accrued tax liabilities. A successful assertion that we should be collecting additional sales or other taxes on our services in jurisdictions where we have not historically done so and do not accrue for sales or other taxes could result in substantial tax liabilities for past sales, discourage creators from using our platform or otherwise harm our business and results of operations. Although we have reserved for potential payments of possible past tax liabilities, if these liabilities exceed such reserves, our financial condition will be harmed.
Our international operations subject us to potential adverse tax consequences and additional taxes.
Table of Contents
We generally conduct our international operations through wholly owned subsidiaries and report our taxable income in various jurisdictions worldwide based upon our business operations in those jurisdictions. Because of these international operations, we may be subject to adverse tax changes or interpretation, increased taxes due to increased international expansion, and tax charges due to complex intercompany agreements.
We may be subject to income or other indirect taxation in several jurisdictions around the world with increasingly complex tax laws, the application of which can be uncertain. The amount of taxes we pay in these jurisdictions could increase substantially as a result of changes in the applicable tax principles, including increased tax rates, new tax laws or revised interpretations of existing tax laws and precedents, which could have an adverse effect on our liquidity and results of operations. In addition, the authorities in these jurisdictions could review our tax returns and impose additional tax, interest and penalties, and the authorities could claim that various withholding requirements apply to us or assert that benefits of tax treaties are not available to us, any of which could have a negative impact on us or our results of operations. As we earn an increasing portion of our revenue and accumulate a greater portion of our cash flow in foreign jurisdictions, we could face a higher effective tax rate and incremental cash tax payments.
Additionally, our intercompany relationships are subject to complex transfer pricing regulations administered by taxing authorities in various jurisdictions. The relevant taxing authorities may disagree with our determinations as to the income and expenses attributable to specific jurisdictions. If such a disagreement were to occur, and our position was not sustained, we could be required to pay additional taxes, interest and penalties, which could result in one-time tax charges, higher effective tax rates and reduced cash flows and may harm our business, financial condition and results of operations.
Our ability to use our net operating losses to offset future taxable income may be subject to certain limitations.
In general, under Section 382 of the Internal Revenue Code of 1986, as amended ("Code"), a corporation that undergoes an “ownership change” (generally, a greater than 50 percentage point change in our equity ownership by certain stockholders or groups of stockholders) is subject to limitations on its ability to utilize its pre-change net operating losses ("NOLs") to offset future taxable income. We have undergone ownership changes in the past, which have resulted in limitations on our ability to utilize our NOLs, and future changes in our stock ownership, some of which are outside of our control, could result in an ownership change under Section 382 of the Code. The existing NOLs of some of our subsidiaries may be subject to limitations arising from ownership changes prior to, or in connection with, their acquisition by us. Furthermore, our ability to utilize NOLs of companies that we may acquire in the future may be subject to limitations. There is also a risk that, due to regulatory changes, such as suspensions on the use of NOLs or other unforeseen reasons, our existing NOLs could expire or otherwise be unavailable to offset future income tax liabilities, including for state tax purposes. For these reasons, we may not be able to utilize some portion of our NOLs even if we attain profitability.
We may not be able to generate sufficient cash flows or raise the additional capital necessary to fund our operations or other liquidity needs.
As of December 31, 2025, we had cash and cash equivalents of $299.9 million, of which $253.6 million was cash held on behalf of and due to our creators. Our net revenues were $291.8 million and $325.1 million for the year ended December 31, 2025 and 2024, respectively, and the net cash provided by operating activities was $17.7 million and $35.6 million for the year ended December 31, 2025 and 2024, respectively.
We may need to raise additional funds, and we may not be able to obtain additional debt or equity financing on favorable terms, if at all. Our ability to obtain financing will depend on a number of factors, including:
• general economic and capital market conditions, including increased interest rates;
• the availability of credit from banks or other lenders;
• investor confidence in us; and
• our results of operations.
We cannot assure you that our business will generate sufficient cash flow from operations, or that we will be able to obtain financing, in an amount sufficient to fund our operations or other liquidity needs.
If we need additional capital and cannot raise it on acceptable terms, if at all, we may not be able to, among other things:
• develop and enhance our platform and solutions;
• continue to expand our technology development, sales and marketing organizations;
• continue to expand to other geographical locations;
• attract new creators, consumers and a catalog of locally relevant, high-quality events;
Table of Contents
• hire, train and retain employees;
• respond to competitive pressures or unanticipated working capital requirements; or
• pursue acquisition opportunities.
Our inability to do any of the foregoing could reduce our ability to compete successfully and could have an adverse effect on our business, financial condition and results of operations.
Table of Contents
