PRIA Logo
← All companies

TOST · CIK 1650164

What Toast, Inc. told the SEC could break it.

Toast's risks split between its payments business and its hardware supply chain. As a payments and payroll processor, it holds federal money-services registration and state licenses and must comply with anti-money-laundering, OFAC sanctions and FCPA rules — non-compliance could bring penalties or cost it the licenses it needs to operate. On the hardware side, it depends on third-party manufacturers, with key components like customer-facing displays from limited or single sources and, in some cases, a single manufacturer assembling its products; because much of that hardware is sourced from Asia, including China, tariffs and trade restrictions could raise its production costs and delay supply.

3 self-disclosed vulnerabilities, pulled from its own filings — each in the company’s words, with the source. This is the risk register almost nobody reads.

In its own words

What could break it.

Regulatory & policy

  • payments licensing / AML / OFAC sanctionsmedium

    As a payments and payroll processor, Toast holds federal MSB registration and state money-transmitter/payroll-processor licenses and must comply with AML/CFT, OFAC sanctions and FCPA rules; non-compliance risks penalties or loss/restriction of licenses needed to operate.

    Our failure to comply with anti-money laundering, economic, and trade sanctions regulations, the FCPA, and similar laws could subject us to substantial civil and criminal penalties or result in the loss or restriction of our federal MSB registration and state money transmitter licenses (or the inability to obtain new licenses necessary to operate in certain jurisdictions).

    SEC filing →As of 2026
  • tariffs on China-sourced hardware componentsmedium

    Toast relies on suppliers in Asia (including China) for hardware; existing/potential tariffs, sanctions and trade restrictions on China vendors could increase production costs and limit or delay supply of its products.

    Additionally, various sources of supply-chain risk, including strikes or shutdowns at delivery ports or loss of or damage to our products while they are in transit or storage, intellectual property theft, losses due to tampering, third-party vendor issues with quality or sourcing control, failure by our suppliers to comply with applicable laws and regulations, existing and potential tariffs and sanctions, including those applicable to our relationships with vendors in China, or other trade restrictions, or other similar problems could increase our cost of production, limit or delay the supply of our products, or harm our reputation.

    SEC filing →As of 2026733 others exposed to US Tariffs 2025 →

Sole-source dependency

  • single-source hardware manufacturer and key componentsmedium

    Toast depends on third-party manufacturers for its restaurant hardware, with key components (e.g. customer-facing displays) from limited or single sources and, in some cases, a single manufacturer fabricating/assembling products — without long-term agreements with all suppliers.

    Many of the key components used to manufacture our hardware products, such as our customer-facing displays, come from limited or single sources of supply, and therefore a disruption with one manufacturer in our supply chain may have an adverse effect on other aspects of our supply chain and may disrupt our ability to effectively and timely deliver our hardware products. In addition, in some cases, we rely only on one hardware manufacturer to fabricate, test, and assemble our products.

    SEC filing →As of 2026

In the MyPRIA app, this is checked against the companies you actually own.

← World Watch