government in fines or settlement. Many states have also adopted laws similar to the federal Anti-Kickback Statute and False Claims Act. Any allegation, investigation, or violation of these
domestic health care fraud and abuse laws could result in government or internal investigations, significant diversion of resources, exclusion from government health care reimbursement programs and the curtailment or restructuring of our operations,
significant fines, penalties, or other financial consequences, any of which may ultimately have a material adverse effect on our business.
For our sales
and operations outside the United States, we are similarly subject to various heavily-enforced anti-bribery and anti-corruption laws, such as the U.S. Foreign Corrupt Practices Act of 1977, as amended, or FCPA, U.K. Bribery Act, and similar laws
around the world. These laws generally prohibit U.S. companies and their employees and intermediaries from offering, promising, authorizing or making improper payments to foreign government officials for the purpose of obtaining or retaining
business or gaining any advantage. We face significant risks if we, which includes our third parties, fail to comply with the FCPA and other anti-corruption and anti-bribery laws.
We leverage various third parties to sell our products and conduct our business abroad. We, our commercial partners and our other third-party intermediaries,
including collaborators and licensees, may have direct or indirect interactions with officials and employees of government agencies or state-owned or affiliated entities (such as in the context of obtaining government approvals, registrations, or
licenses or sales to government owned or controlled health care facilities, universities, institutes, clinics, etc.) and may be held liable for the corrupt or other illegal activities of these third-party business partners and intermediaries, our
employees, representatives, contractors, partners, collaborators, licensees and agents, even if we do not explicitly authorize such activities. In many foreign countries, particularly in countries with developing economies, it may be a local custom
that businesses engage in practices that are prohibited by the FCPA or other applicable laws and regulations. To that end, while we have adopted and implemented internal control policies and procedures and employee training and compliance programs
to deter prohibited practices, such compliance measures ultimately may not be effective in prohibiting our employees, representatives, contractors, partners, collaborators, licensees, agents and other third parties or intermediaries from violating
or circumventing our policies and/or the law.
Any violation of the FCPA, other applicable anti-bribery, anti-corruption laws, and anti-money laundering
laws could result in whistleblower complaints, adverse media coverage, investigations, loss of export privileges, severe criminal or civil sanctions and, in the case of the FCPA, suspension or debarment from U.S. government contracts, which could
have a material and adverse effect on our reputation, business, operating results and prospects. In addition, responding to any enforcement action or related investigation may result in a materially significant diversion of managements
attention and resources and significant defense costs and other professional fees.
Our employees, collaborators and other personnel may engage in
misconduct or other improper activities, including
non-compliance
with regulatory standards and requirements and insider trading.
We are exposed to the risk of fraud or other misconduct by our employees, collaborators, vendors, principal investigators, consultants and commercial partners.
Misconduct by these parties could include intentional failures to comply with the regulations of the FDA, EMA and other regulators, provide accurate information to the FDA, EMA and other regulators, comply with data privacy and security and
healthcare fraud and abuse laws and regulations in the U.S. and abroad, report financial information or data accurately or disclose unauthorized activities to us. In particular, sales, marketing and business arrangements in the healthcare industry
are subject to extensive laws and regulations intended to prevent fraud, misconduct, kickbacks, self-dealing and other abusive practices. Additionally, laws regarding data privacy and security, including the federal Health Insurance Portability and
Accountability Act of 1996, or HIPAA, as amended by the Health Information Technology for Economic and Clinical Health Act of 2009, or HITECH, as well as comparable laws in
non-U.S.
jurisdictions, such as the
European Unions General Data Privacy Regulations, may impose obligations with respect to safeguarding the privacy, use, security and transmission of individually identifiable health information. In
S-24