What OneSpan Inc. told the SEC could break it.

OneSpan's customers are concentrated in the banking and financial-institution sector — it serves more than 60% of the world's 100 largest banks — so a negative economic climate that drives banks/financial institutions to consolidate could reduce its current and potential customer base, and sector-specific IT-spending pullbacks would directly pressure its authentication and digital-agreement revenue.

“if customers respond to a negative or unpredictable economic climate by consolidating with other banks or financial institutions, it could reduce the number of our current and/or potential customers.”

OneSpan's Digipass authentication devices are assembled by third-party manufacturers in mainland China and one facility in Romania, using components from suppliers including China; it has already experienced supply-chain disruption from China's COVID-related policies and extreme heatwaves/drought affecting its China-based contract manufacturers, and similar climate, geopolitical or natural-disaster events in China/Romania/EU could again delay customer fulfillment.

“Our Digipass authentication devices are currently assembled at several facilities located in mainland China and one facility in Romania.”

Because Digipass devices are assembled in China (and Romania) with China-sourced components, new/additional U.S. tariffs on Chinese imports could raise costs that OneSpan may be unable to pass to customers, hurting margins and potentially deterring or delaying Digipass orders; its mitigation — moving more production to Romania or other locations — is unlikely to fully offset the impact, especially as the U.S. has also imposed new tariffs on EU members.

“The U.S. presidential administration has imposed new or additional tariffs on foreign goods, including tariffs on certain Chinese imports. Although sales to U.S. customers account for a small portion of our Digipass sales, these tariffs could negatively impact our financial results.”

OneSpan's Digipass hardware authenticator business has a complex global supply chain and depends on a limited number of suppliers for certain components, so supply-chain disruptions could materially impact operations, and the business may also experience inventory-related losses; finding replacement component sources or alternative hardware manufacturers could cause increased costs and considerable delay.

“Our Digipass authenticator business has a complex global supply chain and is dependent on a limited number of suppliers for certain components, such that supply chain disruptions could materially impact our operations.”