Morningstar, Inc.

Summary

Morningstar, Inc. provides independent investment research services in North America, Europe, Australia, and Asia. The company offers web-based tools; investment data, fundamental equity and manager research, private capital markets research, credit and fund rating, and index, as well as environmental, social, and governance (ESG) rating services; and investment offerings, including managed investment products, publicly listed and private companies, fixed income securities, and real-time global market data for financial advisors, asset managers, retirement plan providers and sponsors, and individual and institutional investors. It also provides Morningstar Data, an investment data spanning various databases, including equity fundamentals, managed investments, ESG factors, and market data; Morningstar Direct, an investment-analysis platform; Morningstar Managed Portfolios, an advisor service consisting of model portfolio that offers services for independent financial advisors, as well as offers asset allocation services for asset managers, broker/dealers, and insurance providers; Morningstar Advisor Workstation, a web-based research, financial planning, and proposal generation platform; and Morningstar.com, a website for individual investors. In addition, the company offers Morningstar Enterprise Components; Morningstar Credit Ratings that provides issuance and surveillance services for structured finance products and instruments; corporate credit estimates and operational risk assessment rankings; Morningstar Indexes for creating investment products; Morningstar workplace solutions, such as retirement accounts, fiduciary services, allocation funds, and custom models; and PitchBook Platform, research and analysis workstation for investment and research professionals. Further, its PitchBook provides a mobile application, excel plug-in, data feeds, and data solutions. The company was incorporated in 1984 and is headquartered in Chicago, Illinois.

Team

As of February 25, 2022, the company had five executive officers. The table below summarizes information about each of these officers.

Joe Mansueto

Joe Mansueto founded Morningstar in 1984 and served as our chief executive officer from 1984 to 1996 and again from 2000 to 2016. In 2017, he became executive chairman. In September 2019, Mansueto became owner and chairman of Chicago Fire FC, an American professional soccer franchise. Mansueto has served on Morningstar’s board of directors since the company’s inception.

Under Mansueto's leadership, Morningstar was named twice to Fortune magazine’s “100 Best Companies to Work For” list. The Chicago Tribune recognized Morningstar as one of the top 100 workplaces in the Chicago area on three separate occasions under Mansueto’s leadership, and Crain’s Chicago Business listed Morningstar in its Fast Fifty feature four times. While Mansueto was CEO, Morningstar won the AIGA Chicago Chapter Corporate Design Leadership Award, which recognizes forward-thinking organizations that have advanced design by promoting it as a meaningful business policy.

In December 2016, InvestmentNews named Mansueto to its list of 20 Icons & Innovators. MutualFundWire.com recognized Mansueto as one of the 10 most influential individuals in the mutual fund industry in 2015, and he was the recipient of Plansponsor’s Lifetime Achievement Award in 2013. Mansueto has received the Tiburon CEO Summit award, MutualFundWire.com named him ninth on its list of the 100 Most Influential People of the year, and Chicago magazine listed Mansueto among its top 40 Chicago pioneers over the past four decades. SmartMoney magazine recognized Mansueto in the “SmartMoney Power 30,” its annual list of the 30 most powerful forces in business and finance. He has also received the Distinguished Entrepreneurial Alumnus Award from The University of Chicago Booth School of Business.

Mansueto holds a bachelor's degree in business administration from The University of Chicago and a master's degree in business administration from The University of Chicago Booth School of Business.

Kunal Kapoor

Kunal Kapoor, CFA, is chief executive officer of Morningstar and a member of Morningstar’s board of directors. Before assuming his current role in 2017, he served as president, responsible for product development and innovation, sales and marketing, and driving strategic prioritization across the firm.

Since joining Morningstar in 1997 as a data analyst, Kapoor has held a variety of roles at the firm, including leadership positions in research and innovation. He served as director of mutual fund research and was part of the team that launched Morningstar Investment Services, Inc., before moving on to other roles, including director of business strategy for international operations, and later, president and chief investment officer of Morningstar Investment Services. During his tenure, he also led Morningstar.com and the firm’s data business, as well as its global products and client solutions group.

Kapoor holds a bachelor’s degree in economics and environmental policy from Monmouth College and a master’s degree in business administration from The University of Chicago Booth School of Business. He also holds the Chartered Financial Analyst® designation, is a member of the CFA Society of Chicago, served on the board of PitchBook, prior to its acquisition by Morningstar in late 2016, and currently serves on the board of Wealth Enhancement Group, a privately-owned wealth management firm. Kapoor is also a member of the board of trustees of The Nature Conservancy in Illinois. In 2010, Crain’s Chicago Business named him to its annual 40 Under 40 class, a list that includes professionals from a variety of industries who are contributing to Chicago’s business, civic, and philanthropic landscape.

Jason Dubinsky

Jason Dubinsky is chief financial officer for Morningstar, responsible for controllership, tax, internal audit oversight, financial planning and analysis, and investor relations.

Before joining Morningstar in 2017, Dubinsky served as senior vice president and chief financial officer of planning and central operations for Walgreens Boots Alliance, Inc., where he was responsible for accounting and shared service functions for Walgreens' U.S. operations and led the financial planning and analysis function for the global business. Prior to the merger of Walgreens and Alliance Boots in 2014, he was Walgreens' vice president of finance and treasurer, with responsibility for business unit finance, treasury operations, risk management, and investor relations. Before joining Walgreens in 2009, he served as vice president of investment banking at Goldman Sachs and Lehman Brothers, where he led mergers and acquisitions and corporate finance activity for clients across various industries.

Dubinsky holds a bachelor's degree in business administration from the University of Michigan and a master’s degree in business administration from New York University's Stern School of Business.

Bevin Desmond

Bevin Desmond is chief talent and culture officer, a role she has held since 2010. She is responsible for overseeing talent and culture for all of Morningstar’s global operations. She also oversees both quality and transformation as well as Morningstar’s data and development centers.

Desmond joined Morningstar in 1993 and was one of three employees who started the company’s international business in the late 1990s. From 1999 to 2000, she served as manager of all international ventures. From 2000 to 2008, Desmond was president of Morningstar’s international operations while also serving as president of institutional software. Previously, Desmond was head of international operations from 2001 until 2010 – from 2010 to 2017, she held the role of head of global markets in tandem with her role as head of talent & culture.

Desmond also sits on the Morningstar Japan K.K. (MJKK) board of directors and the Skills for Chicagoland's Future board of directors. She was named one of Crain’s Notable Women Over 50 in both 2019 and 2020, and she holds a bachelor's degree in psychology from St. Mary’s College.

Danny Dunn

Danny Dunn is chief revenue officer for Morningstar. He is responsible for sales philosophy, strategy, and execution in order to drive revenue growth.

Before joining Morningstar in 2016, Dunn was vice president of the Midwest Enterprise business unit for IBM, a global information technology firm. He was responsible for marketing, sales, client services, and channels for the complete IBM portfolio, including Cloud, Software, Analytics, Services, and Systems in the region. Prior to that, he held a number of different executive leadership roles of increasing responsibility in the marketing, sales and services functions of the company. Before joining IBM in 2007, he was a practice manager at SmithBucklin, a consulting and business process outsourcing firm.

Dunn holds a bachelor’s degree from the University of Vermont and a master’s degree in business administration, with concentrations in marketing, strategy, and managerial economics, from the Kellogg School of Management at Northwestern University.

Risks

Risk Factor Summary

Below is a summary of the principal risk factors that could impact our business, financial condition, or operating results. Additional discussion of the risks summarized in this risk factor summary, and other risks that we face, can be found after this summary, and should be carefully considered.

• Risks Related to Our Business and Industry
  • Failing to maintain and protect our brand, independence, and reputation may harm our business
  • Failing to differentiate our products and services and continuously create innovative, proprietary, and insightful financial technology solutions may harm our competitive position and business results
  • Prolonged volatility or downturns affecting the financial sector, global financial markets, and the global economy may impact our results
• Risks Related to Legal and Regulatory Matters
  • Our investment management operations may subject us to liability for any losses that result from a breach of our fiduciary duties or a failure to comply with our duties to clients under applicable securities laws
  • Compliance failures, regulatory action, or changes in laws applicable to our credit ratings operations, investment advisory, ESG and index businesses could adversely affect our business

• Risks Related to Our Information Technology and Security
  • We could face significant reputational and financial consequences relating to cybersecurity and the protection of confidential information, including personal information about individuals
  • Failing to respond to technological change, keep pace with new technology developments, or adopt a successful technology strategy may negatively affect our competitive position and business results
  • We could face liability for the information and data we collect, store, use, create, and distribute or the reports and other documents we publish or that are produced by our software products
• Risks Related to Our Operations
  • Our future success depends on our ability to recruit, develop, and retain qualified employees
  • Our business, products and facilities are at risk of a number of material disruptive events, including an outage of our database, technology-based products and services or network facilities, which our operational risk management and business continuity programs may not be adequate to address
  • Today’s fragmented geopolitical, regulatory and cultural world could adversely affect our ability to maintain growth across our businesses
  • The continuing COVID-19 pandemic may have material and adverse impacts on our business, financial condition, and results of operations, the nature and extent of which continue to be uncertain and unpredictable

You should carefully consider the risks and uncertainties described below and all of the other information included in this report when deciding whether to invest in our common stock or otherwise evaluating our business. If any of the following risks or uncertainties materialize, our business, financial condition, or operating results could suffer. In that case, the trading price of our common stock could decline, and you may lose all or part of your investment. Our operations could also be affected by other risks and uncertainties that are not presently known to us or that we currently consider to be immaterial to our operations.

Risks Related to Our Business and Industry

Failing to maintain and protect our brand, independence, and reputation may harm our business. Our reputation and business may also be harmed by allegations made about possible conflicts of interest, by other negative publicity or media reports, or by adverse outcomes in regulatory proceedings.

We believe that our brand is well recognized and highly regarded at both a corporate and product level among key decision makers at purchasers and users of our products and services. We also believe independence is at the core of our brand and business, and that our reputation for integrity and high-calibre products and services is a competitive advantage. Any failure to uphold our high ethical standards and ensure that our customers have a consistently positive experience with us could damage our reputation.

Our ESG offerings insert Morningstar publicly into the debate over a variety of non-financial issues surrounding climate, environment, social concerns, and corporate governance which we may be unsuited or unprepared to address. Our position as a leading source of ESG research and opinions may cause proponents of various causes to demand that we publicly take stands on a variety of controversial topics not directly related to our corporate mission of empowering investor success. Critiques of ESG research can become highly politicized and may reflect differences in societal norms and investor expectations in different areas of the world. New product offerings, such as Sustainalytics’ impact ratings, face a challenge to create objective, understandable methodologies in a rapidly developing field without widely accepted standards. We evaluate the potential impact of ESG factors on other companies and risk a claim of hypocrisy if we take or fail to take corporate actions that are or seem inconsistent with our view of best corporate practices.

As our business has evolved, we have entered lines of business and business arrangements that may give rise to allegations of conflicts of interest or perceived failures of our independence. We provide ratings, analyst research, and investment recommendations on mutual funds and other investment products offered by our institutional clients. While we don’t charge asset management firms for their products to be rated, we do charge licensing fees for the use of our ratings. In our index business, jointly developed products and beta indexes on which we earn a fee defy clean categorization under our historical policies that protect the integrity of our research and marketing efforts. We also provide investment advisory and investment management services, including through our own series of mutual funds, which exposes us to the claim that we are acting as both a referee and a player in the investment management industry. In our credit ratings business and Sustainalytics’ Sustainable Finance Solutions products we are participants in an issuer-pay business model under which we receive payments from issuers for our ratings rather than from the investors who consume such ratings. These payments may create the perception that our ratings and research in these areas are not independently determined or reliable. Undertaking proxy voting responsibilities for assets we manage risks a charge of politicizing our investing or false virtue if we don’t meet our customers’ expectations and exemplify their values.

Our business expansion has also resulted in greater exposure to governmental regulation across our product lines. In some cases, such as with respect to our credit ratings business, interactions with regulators are extensive and continuous, raising the risk that they may result in enforcement investigations and proceedings. To the extent any of those investigations or proceedings result in a finding of misconduct or noncompliance, they could pose a significant reputational risk to us and negatively impact our business. Regardless of source, allegations of improper conduct, whether the ultimate outcome is favourable or unfavourable to us, as well as negative publicity or media reports about Morningstar, whether valid or not, may harm our reputation and damage our business.

Our reputation may also be harmed by factors outside of our control, such as news reports about our clients, consultants, or suppliers or adverse publicity about certain types of investment and ratings products. Our reputation could also suffer if we fail to perform competitively in our investment management offerings. In addition, any failures by us to continue to instil effectively in our employees the non-negotiable expectation of independence and integrity may devalue our reputation over time. Morningstar’s corporate culture and reputation contribute to our ability to attract and retain talent, and reputational damage could negatively affect both our hiring and employee retention efforts.

Failing to differentiate our products and services and continuously create innovative, proprietary and insightful financial technology solutions may harm our competitive position and business results.

Our core competencies are around data and research, technology, and design. Morningstar deploys each of these to create unique intellectual property, products, and solutions that clearly convey complex investment information to investors of all kinds. Morningstar offers a suite of solutions that serve individuals, financial advisors, asset managers, retirement plan providers and sponsors, institutional investors in the private capital markets, and participants in the fixed income markets. Morningstar also applies its long-term investing philosophy to managing assets for clients. Our customers have access to a wide selection of investment data, fundamental equity research, manager research, credit ratings, private capital markets research, and ESG data and research, directly on Morningstar’s proprietary desktop or web-based software platforms, or through subscriptions, data feeds, and third-party distributors. Our financial technology solutions also allow advisors to serve investors at all stages of the investing process. Morningstar’s managed portfolio offerings help advisors outsource investment selection and asset allocation through proprietary portfolio strategies based on Morningstar’s valuation-driven, fundamentals-based approach to investing. Applying its expertise in asset allocation, investment selection, and portfolio construction, our global investment team creates long-term investment strategies built on Morningstar’s data and ratings. We also help retirement plan sponsors build high-quality savings programs for employees and advise participants in retirement plans on saving for retirement and choosing plan investments. The breadth and depth of our service offerings set us apart from our competitors, which is a significant competitive advantage.

If we fail to continuously innovate and develop new datasets, research, methodologies, content or software to meet the needs of our customers, our competitive position and business results may suffer. In addition, our reputation could be harmed if we’re perceived as not moving quickly enough to meet the changing needs of investors or their financial advisors. These changing needs include a greater reliance on goals-based investing, the increased use of asset allocation portfolio models, and a significant emphasis on financial planning. There is also increased interest in alternative asset classes creating a need for applicable datasets and analytical expertise. Clients may also delay purchases of our currently offered research tools and software in anticipation of us offering new products or enhanced versions of existing products. Our competitive position and business results may also suffer if other companies have greater breadth of product offerings or are able to successfully introduce innovative, proprietary research tools and software that gain attention from our clients. For example, our credit ratings business’ lack of presence in the CLO market represents a lost opportunity compared to our competitors. We believe lower technology costs, the growth of open software platforms, and cloud computing technologies have lowered the barriers to entry for new competitors, making it easier for new players to enter many of the markets in which we operate. Smaller companies, including startup firms funded by private equity and venture capital, may be able to move more quickly than us to develop data sets, research, tools, and advisor software platforms that gain a wide following.

In addition, the value of our products and services may be negatively affected by the increasing amount of information and tools that are available for free, or at low cost, through Internet sources or other low-cost delivery systems, and by the ability of machine learning and other artificial intelligence systems to process and organize large data sets. Regulations, such as the SEC’s requirement that registered investment companies report their fund portfolio holdings publicly on Form N-PORT, may reduce demand for some of our data sets or make them more easily replicable, at least on a going forward basis. Although we believe our products and services contain value-added features and functionality that deeply embed them in our customers’ workflows, such developments may over time reduce the demand for, or customers’ willingness to pay for, certain of our products and services.

If we fail to introduce innovative, proprietary research tools and frameworks or financial advisor software, we may not generate enough interest from potential clients to win new business. Consolidation within the financial services industry has provided our competitors resources to expand into adjacent business lines, often using our data in innovative ways or focusing on different client types or use cases. We cannot guarantee that we will successfully develop new product features and tools that differentiate our product offerings from those of our competitors.

In addition, we must make long-term investments and commit significant resources often before knowing whether such investments will result in products or services that satisfy our clients’ needs or generate revenues sufficient to justify such investments. For example, the adoption of ESG strategies across the financial adviser segment has been slower than we expected, impacting Sustainalytics’ products, and the reticence of some recordkeepers to embrace direct to plan participant sales and marketing efforts has impacted the pace of adoption of some of our retirement solutions offerings. In addition, from time to time, we also incur costs to transition clients to new or enhanced products or services. Such transitions can involve material execution risks and challenges. If we are unable to manage these investments and transitions successfully, our business, financial condition, and results of operations could be materially adversely affected.

Prolonged volatility or downturns affecting the financial sector, global financial markets, and the global economy may impact our results, resulting in lower revenue from asset-based fees and credit ratings business, as well as other parts of our business to a lesser extent.

Our business results are partly driven by factors outside of our control, including general economic and financial market trends which may be impacted by changes in interest rates, availability of credit, inflation rates, changes in laws, trade barriers, commodity prices, currency exchange rates and controls, and national and international political circumstances. Prolonged downturns, sustained volatility in the financial markets, interest and inflation rate fluctuations, or a lack of investor confidence could reduce investor interest and investment activity and decrease demand for our software, data, and analyst research products. Intermittent volatility that reduces credit issuance or increases investor interest in non-traditional investment vehicles can put negative pressure on our credit ratings and investment management businesses, respectively. Any unfavorable changes in the market environment in which we operate could cause a corresponding negative effect on our business results. As a result, we may experience lower revenue, operating income, and other financial results in the event of a market downturn.

For our licensed-based businesses, many of our customers are asset-management firms and other financial-services companies, which are also subject to external trends and changes. The ascendence of passive strategies may affect both the profitability of asset managers, on whose success we in part depend, and the perceived value of our research regarding such strategies. A sustained global recession or other financial crisis would likely lead to material spending cutbacks among many of the companies to which we sell and longer sales cycles. There is currently uncertainty regarding the duration and long-term economic and societal consequences of the COVID-19 pandemic, as well as the effects of unprecedented levels of fiscal and monetary stimulus, which may cause clients to modify spending decisions. Consolidation in the financial services sector reduces the number of potential clients for our products and services. These trends could impact demand for our products and services or change the financial services landscape in which we operate.

Many companies in the financial services industry have also been subject to sustained pressure to reduce fees. As a result, many of these firms have sought to reduce their operating costs by working with fewer service providers and/or negotiating lower fees for services they purchase. Changes in the nature of the financial advice delivered to investors or the manner of its delivery can also negatively affect our business. For instance, changes in financial advisor activity away from security selection to goals-based asset allocation and portfolio construction and the increasing use of model portfolios, as well as the growth of online wealth management tools that provide automated, algorithm-based portfolio management advice, sometimes called robo-advice, may further reduce demand for our security-specific data and analyst research. Our PitchBook business may also be subject to cyclical trends specific to the private capital markets. Many of PitchBook's clients are investment banks and other participants in the capital and M&A markets, which are subject to periodic business downturns driven by changes in such markets. During these downturns, they often seek to reduce spending on third-party services, as well as the number of employees, which would directly affect the number of prospective clients for PitchBook. As a data and research provider focusing on the private capital markets (including venture capital, private equity, and M&A activities), PitchBook may also be subject to volatility based on the amount of activity and market interest in these areas.

The amount of asset-based revenue we earn primarily depends on the value of assets on which we provide advisory services, and the size of our asset base can increase or decrease along with trends in market performance. Our revenue from asset-based fees may be adversely affected by market declines, and the industrywide trend toward lower asset-based fees. Asset levels can also be affected if net inflows into the portfolios on which we provide investment advisory services drop or if these portfolios experience redemptions. A drop in net inflows or an increase in redemptions can result from a variety of factors, including overall market conditions or uncompetitive investment performance. If the level of assets on which we provide investment advisory or investment management services goes down, we expect our fee-based revenue to show a corresponding decline. The introduction of non-traditional asset classes such as cryptocurrencies, private debt, real estate, structured products and collectibles, which lack a historical record of performance akin to traditional assets, into our investment research and strategies and managed assets may result in adverse outcomes and headline risk if they fail to perform in the manner that we anticipate.

In addition, consolidation throughout the financial services industry among custodians, registered investment advisers, discount brokers, and record keepers provides surviving companies scale and resources to expand into adjacent service offerings which may compete with ours. For example, we have seen asset managers roll out model portfolios that compete with our managed portfolio offering. This trend requires us to continually expand and customize our service offerings and ensure that our products remain seamlessly integrated with our customers’ business processes and technology.

Our largest transaction-based business, the credit ratings business, can be severely impacted by volatility in U.S. and international financial markets due to its dependence on the number and dollar volume of debt securities issued in the capital markets. Market disruptions and economic slowdowns have in the past negatively impacted, and may in the future negatively impact, the volume of debt securities issued in global capital markets and the demand for credit ratings. Ample market liquidity may be masking the true impact on credits as global economies emerge from the pandemic government support programs and central bank interventions. This makes it harder to explain our differentiated credit views and may produce a wave of negative publicity against the credit ratings business generally if an unanticipated wave of defaults result in conditions that reduce issuers’ ability or willingness to issue debt securities, such as market volatility, uncertainty in the outlook for inflation, declining growth, currency devaluations, or other adverse economic trends, reduce the number and value of debt issuances for which we provide credit ratings services and thereby adversely affect the fees we earn in our credit ratings business. Future debt issuances also could be negatively affected by increases in interest rates, widening credit spreads, regulatory and political developments, growth in the use of alternative sources of credit, and defaults by significant issuers. Our ability to reduce costs in the event of such adverse developments can be negatively impacted by, among other things, our obligations to monitor and maintain outstanding ratings. Declines or other changes in the markets for debt securities may materially and adversely affect our business, operating results, and financial condition.

Our transactional business results may also be hurt by negative trends in Internet advertising sales. Many advertisers have shifted some of their advertising spend to programmatic buying platforms that target users on other sites, which has from time to time had a negative effect on advertising revenue for our website for individual investors, Morningstar.com. The reliance on virtual or hybrid events as the COVID-19 pandemic continued to restrict large gatherings during 2021 impacted our financial results for our Morningstar-sponsored investor conferences around the world. We are uncertain whether these trends will continue.

Our acquisitions and other investments may not be efficiently integrated or may not produce the results we anticipate.

We have completed numerous acquisitions over the past 10 years, and we intend to continue to pursue selective acquisitions to support our business strategy. However, there can be no assurance we can identify suitable acquisition candidates at acceptable prices. In addition, each acquisition presents potential challenges and risks. We may not achieve the growth targets that we established for the acquired business at the time of the acquisition. The process of integration may require more resources than we expected or present challenges that were not foreseen.

We may assume unintended liabilities or experience operating difficulties or costs that we did not forecast. We may also fail to retain key personnel of the acquired business, which would make it difficult to follow through on our operating goals for the business. If an acquisition does not generate the results we anticipate, it could have a material adverse effect on our business, financial condition, and results of operations.

We also have, and intend to continue to make, various investments in companies where we do not have or obtain a controlling interest. Such investments are motivated both by their prospective financial return and the access they give us to certain new technologies, products, business ideas, and management teams. While we obtain various rights in connection with such investments, the future value of such investments is highly dependent on the management skill of the managers of those companies.

We expect to continue making acquisitions and establishing investments and joint ventures as part of our long-term business strategy. Acquisitions, investments, and joint ventures involve a number of risks. They can be time-consuming and may divert management’s attention from day-to-day operations, particularly if numerous acquisitions are in process at the same time. Financing an acquisition could result in dilution from issuing equity securities, reduce our financial flexibility because of reductions in our cash balance, or result in a weaker balance sheet from incurring debt.

Risks Related to Legal and Regulatory Matters

Our investment management operations may subject us to liability for any losses that result from a breach of our fiduciary duties or a failure to comply with our duties to clients under applicable securities laws.

Three of our subsidiaries, Morningstar Investment Management LLC, Morningstar Investment Services LLC, and Morningstar Research Services LLC, are registered as investment advisors with the SEC under the Advisers Act. As Registered Investment Advisors, these entities are subject to the requirements and regulations of the Advisers Act. These requirements primarily relate to record-keeping, reporting, and standards of care, as well as general anti-fraud prohibitions. The fiduciary duties of a Registered Investment Adviser to its clients include an obligation of good faith and full and fair disclosure of all facts material to the client’s engagement of the advisor, an obligation to provide investment advice suitable for the particular client, an obligation to have a reasonable, independent basis for investment recommendations, an obligation when directing client brokerage transactions to seek the best execution thereof, and an obligation to vote client proxies in the best interests of the client. As Registered Investment Advisors, these subsidiaries are subject to on-site examination by the SEC.

In addition, in cases where these subsidiaries provide investment advisory services to retirement plans and their participants, they may be acting as fiduciaries under ERISA. As fiduciaries under ERISA, they have obligations to act in the best interest of their clients. They also have duties of loyalty and prudence, as well as duties to diversify investments and to follow plan documents to comply with the applicable portions of ERISA. We may face liabilities for actual or claimed breaches of our fiduciary duties, particularly in areas where we provide retirement advice and managed retirement accounts. In some of our retirement contracts, we act as an ERISA fiduciary by, for example, selecting and monitoring a broad range of diversified plan options. We also provide a managed account service for retirement plan participants who elect to have their accounts managed by our programs. Such activities have been the subject of extensive class action litigation, including one such proceeding involving us that was dismissed.

We rely on automated investment technology for our retirement advice and managed retirement accounts services. The Wealth Forecasting Engine is our core advice and managed accounts engine that determines appropriate asset allocations for retirement plan participants and assigns individuals to portfolios. We also rely on automated portfolio construction tools. As these become more interconnected with other product offerings, including the technology of clients and other third parties, the increasing complexity of the technology requires more expertise and efforts to manage and test. Problems could arise if these programs do not work as intended, particularly if we failed to detect program errors over an extended period and are found to be a breach of our fiduciary duty or applicable law. There is a need to continually invest in training to develop and maintain in-house expertise to manage these systems effectively.

We seek to constantly innovate and improve our retirement services offering, for example to add new capabilities in annuities, and in doing so, we regularly release new versions of the technology and update our methodology. Additional customer support may be needed to ensure that clients implement the new, more complex, versions and updates properly and understand the implications for their plan participants. More resources may also be required to continue to support legacy versions of the Wealth Forecasting Engine. If we make an error, we may be subject to potentially large liabilities for make-whole payments and/or litigation. We cannot quantify the potential size of these liabilities with any level of precision.

Our subsidiaries outside the U.S. that have investment advisory operations are subject to similar requirements. In addition, we may face other legal liabilities based on other theories of liability relating to various substantive requirements of the Advisers Act and other federal and state securities laws, even in the absence of an actual or claimed breach of fiduciary duty. We could face substantial liabilities related to the investment advisory and management services we provide.

Compliance failures, regulatory action, or changes in laws applicable to our credit ratings operations, investment advisory, ESG and index businesses could adversely affect our business.

DBRS Morningstar, our credit ratings business, operates in a highly regulated environment in Canada, the U.S., the U.K., and the EU. The laws and regulations governing credit ratings impose substantial ongoing compliance obligations and costs and subject DBRS Morningstar to regular regulatory examinations and occasional investigations, relating to the company itself or sometimes to the credit ratings industry as a whole. In operating under these laws and regulations, DBRS Morningstar can experience good faith uncertainty over the scope, interpretation, and administration of such laws and regulations. In addition, differences between the laws and rules governing credit rating agencies in Canada, the U.S., the U.K., and the EU can result in inconsistent regulatory requirements that it may not be possible to fully reconcile in a cost-efficient manner for a credit rating agency of DBRS Morningstar's size.

New laws, regulations and regulatory implementation guidance may also affect the day-to-day operation of the business of DBRS Morningstar, its customers, and users of its credit ratings, including by imposing new or expanded requirements on such matters as communications with issuers as part of the rating assignment process, conflict of interest monitoring, the manner in which DBRS Morningstar’s ratings are developed and communicated, the manner in which customers may use credit ratings, and other aspects of the business model for credit rating agencies. Failures by DBRS Morningstar could lead to negative publicity, fines, settlements, and/or temporary or permanent operating restrictions. Further, many aspects of credit ratings agency policies and practices and their compliance with applicable law, regulations, contracts and license arrangements are not the subject of definitive regulatory guidance or case law.

Our investment management operations are subject to complex securities laws and other laws in multiple jurisdictions. The activities of our investment advisory operations in the U.S. are subject to provisions of the Advisers Act, ERISA, and, in the case of our advisory relationship with the Morningstar Funds Trust, the Investment Company Act of 1940 and the Commodity Exchange Act. In addition, Morningstar Investment Services is a broker/dealer registered under the Exchange Act and is subject to the rules of FINRA. If we fail to comply with securities laws and other regulatory requirements, we may be subject to fines or other events that could have a negative effect on our business. For example, recent SEC amendments to the advertising and solicitation rule for registered investment advisers, resulted in costs to comply with new evaluation, implementation, and disclosure requirements in our investment management operations, as well as costs to modify software used by our unaffiliated registered investment adviser clients who must also comply with such amendments.

We also provide investment advisory services in other areas around the world, and our operations are subject to additional regulations in markets outside the U.S. In preparation for the end of the transition period following the U.K.’s exit from the EU, we restructured our European investment management operations. While we have been conditionally granted authorization for our French investment advisory subsidiary to continue to provide investment advisory services to those EU institutional clients previously serviced by our U.K. based investment advisory subsidiary, this process has been time consuming and has resulted in increased costs and duplication of functions. Furthermore, as there has not been an “equivalence” determination in terms of applicable regulations in the U.K. and the EU following Brexit, we anticipate ongoing costs to monitor and comply with potentially diverging legal and regulatory developments in each jurisdiction.

The Morningstar Funds Trust, a registered open-end mutual fund for which Morningstar Investment Management acts as investment advisor under an investment management agreement. The independent Board of Trustees of the Morningstar Funds Trust must annually approve the terms of the investment management agreement (including fees) and can terminate the agreement upon 60-days' notice. If we are no longer able to satisfy the Board of Trustees of our effective management of the Morningstar Funds Trust, the Board has authority to lower the fees that we receive or terminate our contract, which could have a material adverse effect on the revenues and net income of our investment advisory services.

Our Sustainalytics business could be negatively affected by increased regulation of ESG research and data. The European Commission’s legislative proposal for registering and supervising companies that act as external reviewers for green bonds aligned with the European Green Bond Standards (EuGBS) framework would require significant investments to build and maintain appropriate internal control and compliance processes for these teams. Similarly, the FCA and International Organization of Securities Commissions’ consultation papers on proposed ESG regulation of climate-related issuer disclosures and ESG rating and data providers prescribe governance policies, quality assurance and control programs, and standardized procedures and methodologies related to data collection and fees. We are also monitoring activities of regulators in North America and APAC that have announced that they are reviewing this topic and are preparing proposed legislation. Such regulatory regimes could impose significant compliance burdens and costs on Sustainalytics and, as with all new regulation, could be subject to ambiguous interpretation that could result in inadvertent noncompliance. Furthermore, as our Sustainalytics business operates globally and we look to integrate ESG factors throughout our products, we may be subject to future regulation in multiple jurisdictions, which may be inconsistent.

Our index business could be negatively affected by increased regulation of benchmarks generally, which could increase the costs and risks of producing and administering indexes. With our acquisition of Moorgate Benchmarks, Morningstar has affiliates permissioned to act as a EU and U.K. benchmark administrator. While this cross-permissioning allows flows of U.K. benchmarks into the EU and vice versa, the benchmark administrator designation also has significant compliance responsibilities and costs. These compliance responsibilities include specified governance and oversight arrangements, outsourcing limitations, specified items in a code of conduct, key information disclosures, and systems and controls governing data, complaints and record-keeping. Supplemental regulations under the EU Benchmark Administration contain further operational and administrative requirements which may be costly to implement. Such regulations may create a competitive advantage for Morningstar by discouraging competitors but they may also lead to declining demand for indexes among market participants.

The laws, rules, and regulations, and their interpretations, applicable to our business may change in the future, and we may not be able to comply with these changes without extensive changes to our business practices. In the recent past, the scope and pace of global regulatory change has both increased and involved shorter compliance time frames, which has increased both the risk that we will properly identify and respond to regulatory changes applicable to our operations and the risk that we will implement such changes on a timely and complete basis. Regulations aimed at increasing transparency for investors or providing individuals greater control over their own data may devalue the investments we have made in our data sets or reduce their use cases. In addition, the broad scope of our business operations makes it more difficult to monitor areas that may be subject to regulatory and compliance risk. Developments, such as the National Security Law in Hong Kong which reduce press freedoms, could impact the safety of our local employees and ultimately cause us to discontinue operations in that jurisdiction. If we fail to comply with any applicable law, rule, or regulation, we could be fined, sanctioned, or barred from providing certain products and services in the future, which could adversely affect our business.

Failure to protect our intellectual property rights, or claims of intellectual property infringement against us, could harm our brand and ability to compete effectively.

The steps we have taken to protect our intellectual property may not be adequate to safeguard our proprietary information. We rely primarily on patent, trademark, copyright, and trade secret rights, as well as contractual protections and technical safeguards, to protect our intellectual property rights and proprietary information. Despite these efforts, third parties may still attempt to challenge, invalidate, or circumvent our rights or improperly obtain our proprietary information. Further, effective trademark, copyright, and trade secret protection may not be available in every country in which we offer our services. Some of our intellectual property was obtained pursuant to a business or asset acquisition and the previous owners of the acquired business may not have taken similar measures to protect the acquired intellectual property. Failure to adequately protect our intellectual property could harm our brand, devalue our proprietary content, and affect our ability to compete in the marketplace.

From time to time, we encounter jurisdictions in which one or more third parties have a pre-existing trademark registration in certain relevant international classes that may prevent us from registering our own marks in those jurisdictions. Our continued ability to use the “Morningstar” name or logo, either on a stand-alone basis or in association with certain products or services, could be compromised in those jurisdictions because of these pre-existing registrations. Similarly, from time to time, we encounter situations in certain jurisdictions where one or more third parties are already using the Morningstar name, either as part of a registered corporate name, a registered domain name, or otherwise. Our ability to effectively market certain products and/or services in those locations could be adversely affected by these pre-existing usages.

We have from time to time been subject to claims by third parties alleging infringement of their intellectual property rights. Such claims can also be alleged against clients, customers, or distributors of our products or services whom we have agreed to indemnify against third party claims of infringement. The defense of such claims can be costly and consume valuable management time and attention. We may be forced to settle such claims on unfavorable terms, which can include the payment of damages, the entry into royalty or licensing arrangements on commercially unfavorable terms, or the suspension of our ability to offer affected products or services. If litigation were to arise from any such claim, there can be no certainty we would prevail in it. If any of these risks were to materialize, it could have a material adverse effect on our business, financial condition, or results of operations.

Risks Related to Our Information Technology and Security

We could face significant reputational and financial consequences relating to cybersecurity and the protection of confidential information, including personal information about individuals.

Our business requires that we securely collect, process, store, and transmit confidential information, including personal information, relating to our operations, customers, employees, and other third parties. We continuously invest in systems, processes, controls, and other security measures to guard against the risk of improper access to or release of such information. However, these measures do not guarantee absolute security, and improper access to or release of confidential information may still occur through employee error or malfeasance, system error, other inadvertent release, failure to properly purge and protect data, or cyberattack.

We may suffer malicious attacks by individuals or groups (including those sponsored by nation-states, terrorist organizations, or global corporations) seeking to attack our products and services or penetrate our network infrastructure to gain access to intellectual property, confidential or personal information, or to facilitate distributed denial of service attacks. While we have dedicated resources responsible for maintaining appropriate levels of cybersecurity and implemented systems and processes intended to help identify cyberattacks and protect and remediate our network infrastructure, these attacks have become increasingly frequent, sophisticated, and difficult to detect. Even if we are not directly impacted by an attack, time and effort must be spent confirming our status and communicating internally and with other stakeholders. Our measures may not be adequate for all eventualities and may be vulnerable to circumvention of security systems, denial of service attacks or other cyberattacks, hacking, “phishing” attacks, computer viruses, ransomware or malware, employee or insider error, employee or vendor malfeasance, social engineering, physical breaches or other malicious actions. Furthermore, these security measures are less effective in situations where employees are utilizing personal devices and home networks while working remotely.

We may also be impacted by a cyberattack targeting one of our vendors or within our technology supply chain or infrastructure. Security breaches at government agencies and other companies have led to enhanced government and regulatory scrutiny of the measures taken by companies to protect against cyberattacks and may in the future result in heightened cybersecurity requirements, including additional regulatory expectations for oversight of customers, vendors, and service providers. These risks may be heightened as we offer employees flexibility to work more frequently from remote work environments, our dependency on certain service providers, such as video conferencing and web conferencing services, has significantly increased. Our information technology systems interact with those of customers, vendors, and service providers and collect an increasing amount of data as we expand our product and service offerings. As a result, inadequacies of our customers’ security technologies and practices introduce additional risk and cost of monitoring, and may only be detected after a security breach has occurred.

Any failure to safeguard confidential information or any material cybersecurity failures or incidents in our systems (or the systems of a customer, vendor, or service provider which stores or processes confidential information for which we are responsible) could cause us to experience reputational harm, loss of customers, regulatory actions, sanctions or other statutory penalties, litigation, or financial losses and increased expenses related to addressing or mitigating the risks associated with any such material failures or incidents.

In addition to the risks above related to general confidential information, we may also be subject to specific obligations relating to personal information and personal financial information. Our products and websites in certain cases collect, store, process, and transmit personal information about an individual, including personally identifiable information and personal financial information such as portfolio holdings, account numbers, and credit card information. Our business also operates across national borders and routinely moves personal information from one jurisdiction to another. Regulators and political leaders in various countries are increasingly interested in restricting cross-border data transfers that they perceive as problematic. We and our customers are often subject to federal, state, and foreign laws relating to privacy, cybersecurity, and data protection. The scope of the laws that may be applicable is often uncertain and required practices may be inconsistent with laws of other jurisdictions. Consequently, our business is subject to a variety of continuously evolving and possibly conflicting regulations and customer requirements. Our compliance with these changing and increasingly burdensome regulations and requirements may cause us to incur substantial costs or require us to change our business practices which may impact financial results. If we fail to comply with these regulations or requirements, we may be exposed to litigation expenses and possible significant liability, fees, or fines. For example, in the EU, noncompliance with the General Data Protection Regulation (GDPR) requirements could result in penalties of up to 4% of worldwide revenues.

One of Morningstar’s core strengths is the ability to collect data and enrich it with data from another part of the business to provide valuable information and insights to investors. As data is accessible across our products, consistent data privacy practices and disclosure becomes more important and challenging. Failure to comply with our public statements or to adequately disclose our privacy or data protection practices could result in costly investigations by governmental authorities, litigation, and fines as well as reputational damage and customer loss.

We also from time to time acquire other companies that collect and process personal information. While we perform extensive due diligence on the technology systems and practices of these companies, there can be no assurance that such companies have not suffered data breaches or system intrusions prior to or continuing after our acquisition for which we may be liable. Acquired businesses may not have invested as heavily in such security measures or data privacy controls and they introduce additional cybersecurity and data privacy risk as their systems are integrated with ours.

While we maintain insurance coverage that is intended to address certain aspects of cybersecurity and data protection risks, such coverage may not be sufficient to cover all or the majority of the costs, losses, or types of claims. Our insurance coverage would not extend to any reputational damage, loss of customers, or required improvements to our systems.

Failing to respond to technological change, keep pace with new technology developments, or adopt a successful technology strategy may negatively affect our competitive position and business results.

We believe innovation in the financial technology landscape continues to accelerate. Developments in technology are fundamentally changing the ways investors, financial intermediaries, and other market participants access data and content. Examples include the shift from local network computing to cloud-based systems, the proliferation of wireless mobile devices, rapid acceleration in the use of social media platforms, the dissemination of data through application programming interfaces that permit real-time updating rather than raw data feeds, the proliferation of machine learning and other artificial intelligence technologies, and the adoption of distributed ledger or “blockchain” technologies. These technological developments can render our existing products less competitive, obsolete or unmarketable. As a result, our future success will continue to depend upon our ability to identify and develop new products and enhancements that address the future needs of our target markets and to deliver them in ways that support our customers’ business models.

As our customers further automate their business processes, their need for our products may change and the technological flexibility and interoperability of our systems may become more important. For example, the pandemic accelerated advisor and client demand for digital, friction-free technology and experiences with our turnkey asset management platform, shining a light on dated, legacy operational workflows. In addition, there has been an increasing focus on technology not merely supplying additional tools for users, but also offering solutions to specific client problems. We have a myriad of potential technology investments across our product lines and need to prioritize scarce technology resources to focus on products that best meet the needs and priorities of our customers.

Our software development process is based on frequently rolling out new features so that we can quickly incorporate user feedback. However, at times adoption of new features or enhanced versions, for example of some of our workplace solutions products, is slowed by the significant client investment required for more advanced use cases. While some changes in technology may offer opportunities for Morningstar, we cannot guarantee that we will successfully adapt our product offerings to meet evolving customer needs or that the transition to such new offerings will be seamless. If we fail to develop and implement new technology rapidly enough, we may sacrifice new business opportunities or renewals from existing customers. We may also incur additional operating expense if major software projects take longer than anticipated or if clients decline to migrate to new systems and we must support multiple platforms over an extended period of time. Our competitive position depends on our execution speed and we regularly face new competitors from venture capital funded fintech firms that may be significantly more focused or nimble.

Our technology is also heavily dependent on the quality and comprehensiveness of our data and our ability to successfully build analytics, research, and other intellectual property around that data. For example, in order to provide the personalized holistic advice that clients value, we need to collect, organize, and protect large, non-homogenous datasets and synthesize and effectively analyze the insights offered by this data. We are investing significant resources in consolidating our various data assets and improving their usability and deliverability across our platform of products. Our competitive position and business results may suffer if we fail to realize the value and potential of our data assets.

Finally, we rely on technology for our own internal business operations and must continually evaluate these tools to ensure they are sufficient for our expanding needs. If we are unable to develop or purchase technology to support our finance, legal, compliance, audit, human resources, and other corporate teams, these functions may operate inefficiently, at higher cost, or with greater risks than is necessary.

We could face liability for the information and data we collect, store, use, create, and distribute or the reports and other documents we publish or that are produced by our software products.

We may be subject to claims for securities law violations, defamation (including libel and slander), negligence, or other claims relating to the information we publish, including our research and credit ratings. For example, investors may take legal action against us if they rely on published information that contains an error, or a company may claim that we have made a defamatory statement about it or its employees. In addition, in our credit ratings business, we have access to significant amounts of material nonpublic information on issuers of securities, the inadvertent disclosure of which, or the misappropriation by employees or others, could expose us to various liabilities under securities and other laws. Less significant errors could still require us to remove ratings, research, or data temporarily which could diminish the perceived value of the product or cause us to be deficient in our service-level agreements with clients that require us to meet certain obligations for delivering time-sensitive, up-to-date data and information.

Some of our products support the investment processes or the client account reporting practices and other activities of our clients who manage significant assets of other parties. Use of our products as part of such activities creates the risk that clients, or the parties whose assets are managed by our clients, may pursue claims against us for losses that may have some connection to our products, and we may be subject to investigation of our products and their use by government regulators who regulate the business of our clients. In the case of software products, even though most of our contracts for such products contain limitations of our liability in such cases, we may be required to make such clients or their customers whole for any losses in order to maintain our business relationships. We could also be subject to claims based on the content that is accessible from our website through links to other websites.

We rely on a variety of outside parties as the original sources for the information we use in our published data. These sources include securities exchanges, fund companies, hedge funds, transfer agents, issuers, and other data providers. We also incorporate data from a variety of third-party sources for many of our products including PitchBook. Accordingly, in addition to possible exposure for publishing incorrect information that results directly from our own errors, we could face liability based on inaccurate data provided to us by others. For example, our Sustainalytics business is reliant on self-reported information for some of its issuer focused ESG ratings and analysis. We also face the risk that a significant data source terminates its distribution of the data to us, which could impact our products, research, or other calculations that utilize that information.

We could be subject to claims by providers of data and information we compile from websites and other sources that we have improperly obtained that data in violation of the source’s copyrights or terms of use. We could also be subject to claims from third parties, such as securities exchanges from which we license and redistribute data and information, that we have used or redistributed the data or information in ways not permitted by our license rights or that we have inadequately permissioned our clients to use such data. The agreements with such exchanges and other data providers give them extensive data use audit rights, and such audits can be expensive and time consuming and potentially result in substantial fines. We could also be subject to claims from regulators that we have mishandled private ratings or nonpublic data and information, in particular in our credit ratings business. These regulatory bodies have audit rights regarding our data use which could have similar adverse consequences in terms of time, expense, or fines. Defending claims based on the information we publish could be expensive and time-consuming and could adversely impact our business, operating results, and financial condition.

Finally, our global business regularly seeks to optimize our data storage in order to improve information accuracy and streamline the technology, which supports our business operations. These efforts are constrained by data privacy legislation, such as GDPR, which defines standards for storage, transfer, and use of certain personal information from and about individuals. Legislation aimed at protecting material nonpublic information or mitigating potential conflicts of interest further define how certain information can be accessed and retained which may result in less efficient or higher cost technological processes and infrastructure.

Risks Related to Our Operations

Our future success depends on our ability to recruit, develop, and retain qualified employees.

Our strategy envisions building and expanding our business which requires identifying, attracting, hiring, and on-boarding new qualified employees. Engineering, research, quantitative, fixed income data, credit analysis and ESG skill sets are particularly needed to capitalize on near-term growth opportunities. We experience competition for analysts, technology experts, data and software engineers, and other employees from other companies and organizations. While we have a geographically diversified workforce location strategy, building valued teams in a variety of locations around the globe, we experience recruiting challenges in nearly all our global locations. Such significant talent acquisition activities place a strain on our human resource management team. We must continue to refine and expand our recruiting capabilities, our systems and processes in order to meet this need in a highly competitive employment market.

The development, maintenance, and support of our products and services are also dependent upon the knowledge, skills, experience, and abilities of our existing employees. We invest in our employees’ continued development and growth through learning tools, educational stipends, speaker series, mentoring, and other resources to help them chart a fulfilling career at Morningstar. We are also thoughtful about employee engagement and communications to keep our staff focused and motivated by our mission. However, recent changes in labor markets such as the willingness of some employers to offer fully remote work and the so-called “Great Resignation” brought on, in part, by the COVID-19 pandemic, may make it more difficult for us to retain existing employees or maintain traditional workplace arrangements.

We believe the success of our business depends to a significant extent upon the continued service of our executives and other key employees. However, the talents and experience of these individuals make them attractive candidates to many of our peers, which are also experiencing significant business growth, as well as to early-stage companies that can offer the potential for outsize financial rewards if they are successful. Thus competition for these employees is intense and a high velocity of employee turnover creates a need to think strategically about the timing of new projects and initiatives to manage workloads. We may not be able to retain these employees or to develop and retain similar highly qualified personnel in the future.

In addition, we are exposed to overall rising wage scales in the employment markets in which many of our facilities are located, which negatively affects our ability to hire personnel generally without significantly increasing our compensation costs. Inflationary concerns, the recent strong stock performance in our sector and shortages of applicants with certain skills put upward pressure on wages. Shifting preferences regarding remote work flexibility and a backlog of immigration applications can further complicate employment offer negotiations with potential candidates and delay start dates.

Our future success also depends on the continued service of our executive officers, including Joe Mansueto, our Executive Chairman and Chairman of the Board and largest shareholder, and Kunal Kapoor, our Chief Executive Officer. The loss of Mansueto, Kapoor, or other executive officers could hurt our business, operating results, or financial condition. We do not have employment agreements, noncompete agreements, or life insurance policies in place with any of our executive officers. They may leave us and work for our competitors or start their own competing businesses.

Our business, products and facilities are at risk of a number of material disruptive events, including an outage of our database, technology-based products and services or network facilities, which our operational risk management and business continuity programs may not be adequate to address.

Our business and major products are dependent on our ability to provide data, software applications, and other products and services on a current and time-sensitive basis. We rely extensively on our computer systems, database storage facilities, and other network infrastructure, which is located across multiple facilities in the U.S. and globally. We are at risk of disruptions from numerous factors, including pandemic, violent incident, natural disaster, power loss, telecommunications and Internet failures, civil unrest, cybersecurity attacks and breaches, and other events beyond our reasonable control. We are also subject to potential shortcomings in our own business resilience practices, such as failures to fully understand dependencies between different business processes across the locations in which they are performed, inadequate vendor risk assessment and management processes and critical vendor dependencies, concentration of certain critical activities in areas of geopolitical risk, concentration of certain skills and know-how with small groups of key employees, and possibly ineffective location recovery strategies in the event of a location disruption. As we grow through acquisitions, the newly acquired businesses may not have invested in technological infrastructure and disaster recovery to the same extent as we have. As their systems are integrated into ours, a vulnerability could be introduced, which could impact our platforms across the company.

We continue to develop processes to support our employees working remotely, but we remain exposed to disruptive events at our significant office locations. Our corporate headquarters in Chicago, Illinois is the home office for a significant number of our employees including most of our executive leadership team, as well as substantial numbers of employees involved in the delivery of most of our major products and services. Our data collection, technology, and operational center in Mumbai, India is also a significant location where employees maintain and update our equity database and PitchBook's data and research operations, and provide shared services to many of our operations. We also have a substantial number of employees working in our data and technology development center in Shenzhen, China. We rely on these employees to maintain and update our mutual fund database and work on other projects. We engage third party vendors in several locations, including Colombia, India, and Ukraine, which provide contract labor in support of our operations. If a pandemic, war, natural disaster, violent incident, or another dangerous emergency significantly impacted the safety or communication connectivity of people living in and around these locations, we might not be able to continue business operations at an acceptable level that would meet all our legal and contractual commitments. Each of these locations has experienced various types of geopolitical risks and changes in laws and regulations relating to data privacy, security, protection of intellectual property rights, and acceptable telecommunication infrastructure which create uncertainty regarding our long-term operations there. Any extended disruptions to our operations in these locations would make it difficult for us to meet our operating goals.

Our operations and those of our suppliers and customers are vulnerable to interruption by fire, earthquake, power loss, telecommunications failure, terrorist attacks, wars, computer viruses, and other events beyond our control. Our database and network facilities may also be vulnerable to external attacks that misappropriate our data, corrupt our databases, or limit access to our information systems. We rely on cloud providers and other vendors to maintain, service, and improve our technological infrastructure, which underpins and protects our data, research, and other products and services. To defend against these threats, we implement a series of controls focusing on both prevention and detection, including firewalls, intrusion detection systems, automated scanning and testing, server hardening, antivirus software, training, and patch management. We make significant investments in servers, storage, and other network infrastructure to prevent incidents of network failure and downtime, but we cannot guarantee that these efforts will work as planned. If disruptions, failures, or slowdowns of these electronic delivery systems or the Internet occur, our ability to distribute our products and services effectively and to serve our customers may be impaired.

We are shifting the storage of our data and delivery of several of our products and services to cloud-based delivery systems. We rely on cloud providers and other vendors to maintain, service, and improve our technological infrastructure, which underpins and protects our data, research, and other products and services. Some of these providers have recently experienced widely reported service disruptions that affected numerous customers including ourselves. In addition, as we offer our employees opportunities to work from remote environments more frequently, the daily activities and productivity of our work force is now closely tied to key vendors, such as video conferencing services, consistently delivering their services without material disruption. Our ability to deliver information using the Internet and to operate in a remote working environment may be impaired because of infrastructure failures, service outages at third-party Internet providers, malicious attacks, or other factors. If disruptions, failures, or slowdowns of these electronic delivery systems or the Internet occur, our ability to distribute our products and services effectively and to serve our customers may be impaired.

We maintain off-site backup facilities for our data, but we cannot guarantee that these facilities will operate as expected during an interruption that affects our primary facility. There may be single points of failure that affect our core databases, data transfer interfaces, or storage area networks. We may not be able to fully recover data or information lost during a database or network facility outage. Any losses, service disruption, or damages incurred by us could have a material adverse effect on our business, operating results, or financial condition.

Today’s fragmented geopolitical, regulatory, and cultural world could adversely affect our ability to maintain growth across our businesses.

Morningstar’s strategy for growth involves, in part, continuous expansion into new and adjacent product lines to anticipate and meet our customers’ needs. Our ability to realize those opportunities in one of our businesses, however, may be hindered by regulatory requirements governing a different business within the Morningstar group. In certain cases, regulatory sanctions against one of our businesses could affect our ability to continue to operate in unrelated regulated areas. In addition, the day-to-day sharing and optimization of the value of our intellectual property across our product lines can be affected by regulatory concerns. For example, in response to regulatory requirements we are evaluating our implementation of information barriers to segregate the data and research accessible by some members of our credit ratings team from those involved in investment management. Similarly, differences in data privacy regimes and governmental surveillance rights applicable in specific countries significantly affect our workforce location strategy and technology infrastructure in relation to cross-border processing of personally identifiable information of customers, employees and other third parties. Such limitations, which seem likely to proliferate as global consensus regarding regulatory principles wanes, may impact our ability to maintain growth across our businesses.

The dynamics of today’s geopolitical discourse may also impact business growth across different markets. It has been our experience that adoption of many ESG focused products has been more rapid in European countries than in other parts of the world, and there is more agreement on ESG taxonomies, methodologies, and acceptable sources of data in that market. Customer opinions about such products, or preferences regarding their methodology or approach, are at times impacted by regional or national political trends which may differ significantly. Preferred terminology and information sources may similarly differ from place to place. In such an environment, Morningstar may struggle to maintain its reputation for methodological transparency and consistency which underpins the value and reputation of our research.

Morningstar’s growth also places increasing demands on our functional resources to scale and optimize globally and to balance global consistency with local flexibility. Our sales and marketing teams are focused on multi-product based strategies to bring the breadth of our offerings and the full value of our intellectual property to our customers. However, such sales efforts can breed customer confusion, implicate regulatory limits on how certain products or services can be sold and by whom in certain jurisdictions, and if coupled with misaligned incentive structures, can create opportunities for misconduct or excessive risk taking. Additional complexity also creates a need for clear responsibilities and ownership across various global teams within Morningstar. A higher velocity of hiring and turnover in the competitive talent acquisition environment also creates challenges for cross-company collaboration. Morningstar is fortunate to have many opportunities for global growth in its strategic plan, however, we cannot be certain that further growth or profitability will be at the same or higher level given the headwinds of deglobalization and political, regulatory, and cultural fragmentation. Accordingly, an inability to maintain growth, or an inability to effectively manage growth, could have an adverse effect on our business, financial condition and results of operations.

The continuing COVID-19 pandemic may have material and adverse impacts on our business, financial condition, and results of operations, the nature and extent of which continue to be uncertain and unpredictable.

The continuing COVID-19 pandemic and the governmental and societal responses to it worldwide have the potential to materially and adversely affect our business, financial condition, and results of operations in ways that continue to be uncertain and unpredictable. The COVID-19 pandemic has created significant public health concerns, as well as significant volatility, uncertainty, and periods of economic disruption in most countries in which we operate. While we have taken numerous steps to respond to this changing environment, there can be no assurance that such steps will be successful or that our business, financial condition, and results of operations will not be materially and adversely affected by the consequences of the pandemic.

Throughout 2021, we saw fluctuations of government-mandated COVID-19-related restrictions on the physical movement and gathering of people in certain geographies, dependent upon the local extent and severity of COVID-19 infections and other factors. Those fluctuations have continued into 2022 as specific variants of the virus and concerns over the adoption and efficacy of mitigants, such as vaccines and other treatments, compel certain governments to again impose travel limitations, lockdowns and curfews, and other business and personal restrictions. Our approach to preventative and protective actions has remained similarly flexible and, based on the guidelines of local authorities and our own safety standards, we have re-opened certain offices and will continue to do so. Many of our customers, vendors, and data suppliers continue to operate under remote working or voluntary attendance arrangements, which may interfere with productivity. While our business continuity plans have permitted remote working arrangements without material interruption, prolonged periods of virtual collaboration may have an impact on innovation, productivity, and culture over time. When health and safety conditions allow, we are encouraging or requiring collaborative teams to begin returning to our offices on a regular schedule and employees have been cleared to resume travel for approved business purposes in jurisdictions permitting such travel. Our management is focused on mitigating the effects of the COVID-19 pandemic on our business, which has required and may continue to require a substantial investment of their time and may delay other strategic activities.

In the longer term, the adverse effects of the COVID-19 pandemic on the world’s economies and financial markets may be significant, with unpredictable effects on the overall demand and pricing environment for our products and services. While 2021 saw growth in many financial markets, the speed and extent to which governments and central banks withdraw fiscal and monetary stimulus, and other national and global political conditions may undermine or reverse such growth. If that turns out to be the case, our asset management businesses could be affected by declines in assets under management and advisement resulting from any prolonged downturn in financial markets and a concomitant decline of broad-based investment activity, while our credit ratings business could suffer from a decline in new issuance activity resulting from a decline in the availability of credit. The financial performance of our customers, including those of our license and subscription businesses, could materially deteriorate, which could result in lower demand, cancellations, price reductions, or delays in implementation for our products and services.

Other macroeconomic trends reflecting consumer and business reactions to the COVID-19 pandemic could also have a lasting impact on our cost profile and long-term profitability. Given the nature of our business, global supply chain disruptions have had little impact on us but could impact the availability of certain IT infrastructure over time. Certain long-term effects of the efforts of monetary authorities and governments to ameliorate the impacts of the pandemic are potentially starting to become evident, including both price and wage inflation as well as increased competition for workers. We have noted these effects in our business related to the mobility of employees between jobs and the wage levels needed to hire or retain employees. While our annual bonus programs are designed to reward exceptional business performance and so a portion of our compensation expense is aligned with overall growth, other components of compensation expense are relatively fixed which may impact profitability. The uncertainty surrounding the duration and the effects of the COVID-19 pandemic in the countries in which we operate could impede our business planning and coordination. In addition, the availability of credit could become constrained even to financially strong companies.

Our operations outside of the U.S. involve additional challenges that we may not be able to meet.

Our operations outside of the U.S. constitute a significant portion of our consolidated revenue. There are risks inherent in doing business outside the U.S., including challenges in reaching new markets because of established competitors and limited brand recognition; difficulties in staffing, managing, and integrating non-U.S. operations; difficulties in coordinating and sharing information globally; differences in laws and policies from country to country, including in relation to employment terms and conditions; exposure to varying legal standards, including intellectual property protection laws; potential tax exposure related to transfer pricing and other issues; heightened risk of fraud and noncompliance in some jurisdictions; and currency exchange rates and exchange controls.

In addition, new risks have arisen from the assertion by various national governments of greater control over the movements of people and information across national borders. Travel restrictions put in place in various countries in response to the continuing COVID-19 pandemic and administrative delays at government immigration offices could adversely affect our ability to attract and retain talent from other countries. In addition, China’s government has backed various measures that could compromise the privacy and security of our proprietary information or information concerning our customers, including a ban on nonstate sanctioned virtual private networks and requirements that multinational firms acquire and use equipment from Chinese telecom suppliers, while recent court decisions in the EU have raised questions about the ability of multinational companies to process personally identifiable information of EU residents outside of the EU. These risks could hamper our ability to expand around the world, which may hurt our financial performance and ability to grow.

During 2021, we did not engage in currency hedging or have any positions in derivative instruments to hedge our currency risk. Our reported revenue could suffer if certain foreign currencies decline relative to the U.S. dollar, although the impact on operating income may be offset by an opposing currency impact on locally based operating expense. We monitor our financial performance on a global basis and may look to enter into derivatives from time to time to reduce or control risk for known exposures.

Risks Related to Ownership of Our Common Stock

Our indebtedness could adversely affect our cash flows and financial flexibility. Our variable rate indebtedness could subject us to interest rate risk, which could cause our debt service obligations to increase significantly.

For an overview of our current outstanding indebtedness, refer to Item 7 — Management's Discussion and Analysis of Financial Condition and Results of Operations— Liquidity and Capital Resources below. While our business has historically generated strong cash flow and interest rates on corporate indebtedness are at historically low levels, we cannot provide assurance that we will generate and maintain cash flows sufficient to permit us to service our indebtedness. Our ability to make payments on indebtedness and to fund planned capital expenditures depends on our ability to generate and access cash in the future, which, in turn, is subject to general economic, financial, competitive, regulatory and other factors, many of which are beyond our control. If we cannot refinance or otherwise pay our obligations as they mature and fund our liquidity needs, our business, financial condition, results of operations, cash flows, liquidity, ability to obtain financing and ability to compete in our industry could be materially adversely affected.

In addition, any borrowings under our current credit facility bear interest at fluctuating interest rates based on the London interbank offered rate (LIBOR) for deposits of U.S. dollars. In May 2021, the FCA (the authority that regulates LIBOR) announced that it intends to stop compelling banks to submit rates for the calculation of LIBOR for the U.S. dollar LIBOR tenors relevant to the company after June 30, 2023. The industry is in a period of transition and both Secured Overnight Financing Rate (SOFR) and Short-Term Bank Yield Index (BSBY) have emerged as potential alternatives to USD LIBOR. SOFR is a broad measure of the cost of borrowing overnight collateralized by U.S. Treasury securities. BSBY represents the average cost at which large, global banks access USD unsecured wholesale funding, and has characteristics similar to USD LIBOR. We continue to monitor the relative merits of these options and expect to effect the necessary administrative changes in advance of June 2023. It is not possible to predict the effect of these changes on our borrowing costs over time or the availability to us of credit.

Furthermore, the terms of our debt agreements include restrictive covenants that limit, among other things, our and our subsidiaries’ financial flexibility. If we are unable to comply with the restrictions and covenants in our debt agreements, there could be a default that, in some cases, if continuing, could result in the accelerated payment of our debt obligations or the termination of borrowing commitments on the part of the lenders under our Credit Agreement. Refer to Item 7—Management's Discussion and Analysis of Financial Condition and Results of Operations—Liquidity and Capital Resources for a description of the restrictive covenants in our debt agreements.

Control by a principal shareholder could adversely affect our other shareholders.

As of December 31, 2021, Joe Mansueto, our Executive Chairman and Chairman of the Board, owned approximately 41.6% of our outstanding common stock. As a result, he has the practical ability to control substantially all matters submitted to our shareholders for approval, including the election and removal of directors and any merger, consolidation, or sale of our assets. This concentration of ownership may delay or prevent a change in control, impede a merger, consolidation, takeover, or other business combination involving Morningstar, discourage a potential acquirer from making a tender offer or otherwise attempting to obtain control of the company, or result in actions that may be opposed by other shareholders.

Fluctuations in our operating results may negatively affect our stock price.

We believe our business has relatively large fixed costs and low variable costs, which magnify the impact of revenue fluctuations on our operating results. As a result, a decline in our revenue may lead to a larger decline in operating income. In addition, because we manage our business with a long-term perspective, we generally don’t make significant adjustments to our strategy or cost structure in response to short-term factors. For example, if the U.S. economy were to enter a prolonged inflationary period, increased compensation and other expenses could impact our operating results in the short term. Uncertainty regarding inflation could also impact our ability to forecast costs, which inform our longer-term budget and capital allocation decisions. In addition, we do not provide earnings guidance or hold one-on-one meetings with institutional investors and research analysts. Because of this policy and limited analyst coverage on our stock, our stock price may not always reflect the intrinsic value of our business and assets. If our operating results or other operating metrics fail to meet the expectations of outside research analysts and investors, the market price of our common stock may decline.

The future sale of shares of our common stock may negatively affect our stock price.

If our significant shareholders sell substantial amounts of our common stock, the market price of our common stock could fall. A significant reduction in ownership by Joe Mansueto or any other large shareholder could cause the market price of our common stock to fall. Our directors and officers may adopt written plans, known as Rule 10b5-1 plans, in which they may contract with a broker to sell shares on a periodic basis. In addition, the average daily trading volume in our stock is relatively low. The lack of trading activity in our stock may lead to greater fluctuations in our stock price. Low trading volume may also make it difficult for shareholders to make transactions in a timely fashion.

Financials