What changed in IBM's 10-K — 2023 vs 2024
vs
Paragraph-level year-over-year comparison of IBM's 2023 and 2024 10-K annual filings, covering the Business, Risk Factors, Legal Proceedings, Cybersecurity, MD&A and Market Risk sections. Every new, removed and edited paragraph is highlighted side-by-side so you can see exactly what management changed in the 2024 report.
+101 added−104 removedSource: 10-K (2025-02-25) vs 10-K (2024-02-26)
Top changes in IBM's 2024 10-K
101 paragraphs added · 104 removed · 44 edited across 6 sections
- Item 1A. Risk Factors+22 / −73 · 16 edited
- Item 1. Business+63 / −13 · 12 edited
- Item 1C. Cybersecurity+10 / −12 · 10 edited
- Item 5. Market for Registrant's Common Equity+3 / −3 · 3 edited
- Item 2. Properties+2 / −2 · 2 edited
Item 1. Business
Business — how the company describes what it does
12 edited+51 added−1 removed16 unchanged
Item 1. Business
Business — how the company describes what it does
12 edited+51 added−1 removed16 unchanged
2023 filing
2024 filing
Biggest changeBrowdy, Senior Vice President, Legal and Regulatory Affairs, and General Counsel 59 2015 Gary D. Cohn, Vice Chairman 63 2021 Nicolas A. Fehring, Vice President and Controller 45 2023 James J. Kavanaugh, Senior Vice President and Chief Financial Officer, Finance and Operations 57 2008 Nickle J. LaMoreaux, Senior Vice President and Chief Human Resources Officer 44 2020 Robert D.
Biggest changeCohn, Vice Chairman 64 2021 Nicolas A. Fehring, Vice President and Controller 46 2023 James J. Kavanaugh, Senior Vice President, Finance and Operations, and Chief Financial Officer 58 2008 Nickle J. LaMoreaux, Senior Vice President and Chief Human Resources Officer 45 2020 Anne Robinson, Senior Vice President and Chief Legal Officer 54 2024 Robert D.
Since that time, IBM has focused on the intersection of business insight and technological innovation, and its operations and aims have been international in nature. This was signaled 100 years ago, in 1924, when C-T-R changed its name to International Business Machines Corporation.
Since that time, IBM has focused on the intersection of business insight and technological innovation, and its operations and aims have been international in nature. This was signaled over 100 years ago, in 1924, when C-T-R changed its name to International Business Machines Corporation.
We gain advantage and differentiation through investments in higher-value capabilities, including security, scalability, and reliability, designed especially for mission-critical and regulated workloads. In addition, we offer a portfolio of life-cycle services for hybrid cloud infrastructure deployment.
We gain advantage and differentiation through investments in higher-value capabilities, including security, scalability, and reliability, designed especially for mission-critical and AI workloads. In addition, we offer a portfolio of life-cycle services for hybrid cloud infrastructure deployment.
Our strategic partners include: Adobe, Amazon Web Services (AWS), Microsoft, Oracle, Salesforce, Samsung Electronics and SAP, among others. Companies with which we have strategic partnerships in some areas may be competitors in other areas. Competition IBM is a globally integrated enterprise that participates in a highly competitive environment.
Our strategic partners include: Adobe, Amazon Web Services (AWS), Microsoft, Oracle, Palo Alto Networks, Salesforce, Samsung Electronics and SAP, among others. Companies with which we have strategic partnerships in some areas may be competitors in other areas. Competition IBM is a globally integrated enterprise that participates in a highly competitive environment.
Business Segments and Capabilities—pages 13 to 15. Human Capital—pages 15 to 16. Strategic Partnerships We proactively partner with a broad variety of companies including hyperscalers, service providers, global system integrators, and software and hardware vendors. We work alongside our partners to deliver end-to-end solutions that address our clients’ complex business challenges while accelerating growth.
Business Segments and Capabilities—pages 12 to 14. Human Capital—pages 14 to 15. Strategic Partnerships We proactively partner with a broad variety of companies including hyperscalers, service providers, global system integrators, and software and hardware vendors. We work alongside our partners to deliver end-to-end solutions that address our clients’ complex business challenges while accelerating growth.
Our offerings draw from leading IBM capabilities in software, consulting services capability to deliver business outcomes, and deep incumbency in mission-critical infrastructure, all bolstered by one of the world’s leading research organizations. The following information is included in IBM’s 2023 Annual Report to Stockholders and is incorporated by reference: IBM Strategy—pages 11 to 13.
Our offerings draw from leading IBM capabilities in software, consulting services capability to deliver business outcomes, and deep incumbency in mission-critical infrastructure, all bolstered by one of the world’s leading research organizations. The following information is included in IBM’s 2024 Annual Report to Stockholders and is incorporated by reference: IBM Strategy—pages 11 to 12.
Thomas, Senior Vice President, Software and Chief Commercial Officer 49 2023 (1) Member of the Board of Directors. All executive officers are elected by the Board of Directors annually as provided in the Company’s By-laws. Each executive officer named above, with the exception of Gary D.
Thomas, Senior Vice President, Software and Chief Commercial Officer 50 2023 (1) Member of the Board of Directors. All executive officers are elected by the Board of Directors annually as provided in the Company’s By-laws. Each executive officer named above, with the exception of Anne Robinson and Gary D.
Those cautionary statements are not exclusive and are in addition to other factors discussed elsewhere in this Form 10-K, in the company’s filings with the SEC or in materials incorporated therein by reference. 2 Table of Contents The following information is included in IBM’s 2023 Annual Report to Stockholders and is incorporated herein by reference: Segment information and revenue by classes of similar products or services—pages 66 to 70.
Those cautionary statements are not exclusive and are in addition to other factors discussed elsewhere in this Form 10-K, in the company’s filings with the SEC or in materials incorporated therein by reference. 2 Table of Contents The following information is included in IBM’s 2024 Annual Report to Stockholders and is incorporated herein by reference: Segment information and revenue by classes of similar products or services—pages 69 to 74.
Financial information regarding environmental activities—page 94. The number of persons employed by the registrant—page 15. The management discussion overview—pages 8 to 10. Website information and company reporting—page 123. Information About Our Executive Officers (at February 26, 2024): Age Officer since Arvind Krishna, Chairman of the Board and Chief Executive Officer (1) 61 2020 Michelle H.
Financial information regarding environmental activities—pages 94 to 95. The number of persons employed by the registrant—page 14. The management discussion overview—pages 8 to 10. Website information and company reporting—page 123. Information About Our Executive Officers (at February 25, 2025): Age Officer since Arvind Krishna, Chairman of the Board, President and Chief Executive Officer (1) 62 2020 Gary D.
Our hybrid cloud and AI platforms allow clients to realize their digital and AI transformations across the applications, data, and environments in which they operate. The principal competitors in this segment include: Alphabet (Google), Amazon, BMC, Broadcom, Informatica, Microsoft, Oracle, Palo Alto Networks, Salesforce, SAP and Splunk.
Our hybrid cloud and AI platforms allow clients to realize their digital and AI transformations across the applications, data, and environments in which they operate. The principal competitors in this segment include: Alphabet (Google), Amazon, BMC, Broadcom, Informatica, Microsoft, Oracle, Salesforce, SAP and Splunk. We also compete with smaller, niche competitors in specific geographic regions or product segments.
We also compete with smaller, niche competitors in specific geographic regions or product segments. Consulting: Consulting focuses on integrating skills on strategy, experience, technology and operations by domain and industry. Consulting competes in a dynamic market including consulting, systems integration, application development, application management and business process outsourcing services.
Consulting: Consulting focuses on integrating skills on strategy, experience, technology and operations by domain and industry. Consulting competes in a dynamic market including consulting, systems integration, application development, application management and business process outsourcing services.
Cohn, has been an executive of IBM or its subsidiaries during the past five years. Mr. Cohn previously served as Assistant to the President for Economic Policy and Director of the National Economic Council from January 2017 until April 2018. Before serving in the White House, Mr.
Cohn previously served as Assistant to the President for Economic Policy and Director of the National Economic Council from January 2017 until April 2018. Before serving in the White House, Mr. Cohn was President and Chief Operating Officer of The Goldman Sachs Group, Inc. from 2006-2016. Item 1A.
Removed
Cohn was President and Chief Operating Officer of The Goldman Sachs Group, Inc. from 2006-2016.
Added
Cohn, has been an executive of IBM or its subsidiaries during the past five years. Ms. Robinson previously served as Managing Director, General Counsel and Corporate Secretary of The Vanguard Group, Inc. and Secretary of the Vanguard funds from August 2016 until June 2024. Mr.
Added
Risk Factors: Risks Related to Our Business Downturn in Economic Environment and Client Spending Budgets Could Impact the Company’s Business: If overall demand for IBM’s products and solutions decreases, whether due to general economic conditions, or a shift in client buying patterns, the company’s revenue and profit could be impacted.
Added
Failure of Innovation Initiatives Could Impact the Long-Term Success of the Company: IBM has moved into areas, including those that incorporate or utilize hybrid cloud, AI and generative AI, quantum and other disruptive technologies, in which it can differentiate itself through responsible innovation, by leveraging its investments in R&D and attracting a successful developer ecosystem.
Added
If IBM is unable to continue its cutting-edge innovation in a highly competitive and rapidly evolving environment or is unable to commercialize such innovations, expand and scale them with sufficient speed and versatility or is unable to attract a successful developer ecosystem, the company could fail in its ongoing efforts to maintain and increase its market share and its profit margins.
Added
Damage to IBM’s Reputation Could Impact the Company’s Business: IBM has one of the strongest brand names in the world, and its brand and overall reputation could be negatively impacted by many factors, including if the company does not continue to be recognized for its industry leading technology and solutions and as a hybrid cloud and AI leader.
Added
IBM’s reputation is potentially susceptible to damage by events such as significant disputes with clients, product defects, internal control deficiencies, delivery failures, cybersecurity incidents, government investigations or legal proceedings or actions of current or former clients, directors, employees, competitors, vendors, alliance partners or joint venture partners.
Added
If the 3 Table of Contents company’s brand image is tarnished by negative perceptions, its ability to attract and retain customers, talent and ecosystem partners could be impacted.
Added
Risks from Investing in Growth Opportunities Could Impact the Company’s Business: The company continues to invest significantly in key strategic areas, including AI and generative AI, to drive revenue growth and market share gains. Client adoption rates and viable economic models are less certain in the high-value, highly competitive, and rapidly-growing segments.
Added
Additionally, emerging business and delivery models may unfavorably impact demand and profitability for our other products or services. If the company does not adequately and timely anticipate and respond to changes in customer and market preferences, competitive actions, disruptive technologies, emerging business models and ecosystems, the client demand for our products or services may decline or IBM’s costs may increase.
Added
IBM’s Intellectual Property Portfolio May Not Prevent Competitive Offerings, and IBM May Not Be Able to Obtain Necessary Licenses: The company’s patents and other intellectual property may not prevent competitors from independently developing products and services similar to or duplicative to the company’s, nor can there be any assurance that the resources invested by the company to protect its intellectual property will be sufficient or that the company’s intellectual property portfolio will adequately deter misappropriation or improper use of the company’s technology.
Added
In addition, the company may be the target of aggressive and opportunistic enforcement of patents by third parties, including non-practicing entities. Also, there can be no assurances that IBM will be able to obtain from third parties the licenses it needs in the future.
Added
The company’s ability to protect its intellectual property could also be impacted by a lack of effective legal protections as well as changes to existing laws, legal principles and regulations governing intellectual property, including the ownership and protection of patents.
Added
Certain of the company’s offerings incorporate or utilize open source and other third-party software licensed with limited or no warranties, indemnification, or other contractual protections for IBM.
Added
Further, if open source code that IBM utilizes is no longer maintained, developed or enhanced by the relevant community of independent open source software programmers, most of whom we do not employ, we may be unable to develop new technologies, adequately enhance our existing technologies or meet customer requirements for innovation, quality and price.
Added
Risks to the Company from Acquisitions, Alliances and Divestitures Include Integration Challenges, Failure to Achieve Objectives, the Assumption or Retention of Liabilities and Higher Debt Levels: The company has made and expects to continue to make acquisitions, alliances and divestitures.
Added
Such transactions present significant challenges and risks and there can be no assurances that the company will manage such transactions successfully, that strategic objectives will be achieved or that strategic opportunities will be available to the company on acceptable terms or at all.
Added
With respect to acquisitions and alliances, the related risks include the company failing to achieve anticipated revenue improvements and cost savings, the failure to retain key personnel or strategic relationships of acquired companies, the assumption of liabilities related to litigation or other legal proceedings involving the businesses in such transactions, and delays in obtaining, or the failure to obtain, necessary governmental or regulatory approvals, as well as the failure to close planned transactions.
Added
Such transactions may require the company to secure financing and any significant disruption or turmoil in the capital markets could have an adverse effect on IBM’s ability to access the capital markets at favorable terms. From time to time, the company divests or attempts to divest assets that are no longer central to its strategic objectives.
Added
Any such transaction is subject to risks, including risks related to the terms and timing of such divestitures, risks related to retained liabilities not subject to the company’s control, and delays in obtaining, or failing to obtain, necessary governmental or regulatory approvals, as well as the failure to close planned transactions.
Added
The Company’s Financial Results for Particular Periods Are Difficult to Predict: IBM’s revenues and profitability are affected by such factors as the introduction of new products and services, the ability to compete effectively in increasingly competitive marketplaces, the length of the sales cycles and the seasonality of technology purchases.
Added
In addition, certain of the company’s growth areas involve new products, new customers, new and evolving competitors, and new markets, all of which contribute to the difficulty of predicting the company’s financial results.
Added
The company’s financial results may also be impacted by the structure of products and services contracts and the nature of its customers’ businesses; for example, certain of the company’s services contracts with commercial customers in regulated industries are subject to periodic review by regulators with respect to controls and processes.
Added
Further, general economic conditions, including sudden shifts in regional or global economic activity may impact the company’s financial results in any particular period. As a result of the above-mentioned factors, the company’s financial results are difficult to predict. Historically, the company has had lower revenue in the first quarter than in the immediately preceding fourth quarter.
Added
In addition, the high volume of products typically ordered at the end of each quarter, especially at the end of the fourth quarter, make financial results for a given period difficult to predict. 4 Table of Contents Due to the Company’s Global Presence, Its Business and Operations Could Be Impacted by Local Legal, Economic, Political, Health and Other Conditions: The company is a globally integrated entity, doing business in over 175 countries worldwide and deriving about sixty percent of its revenues from sales outside the United States.
Added
Changes in the laws or policies of the countries in which the company operates, or inadequate development or enforcement of such laws or policies, could affect the company’s business and the company’s overall results of operations.
Added
Further, the company may be impacted directly or indirectly by the development and enforcement of laws and regulations in the U.S. and globally that are specifically targeted at the technology industry.
Added
The company’s results of operations also could be affected by economic and political changes in those countries and by macroeconomic changes, including recessions, inflation, currency fluctuations between the U.S. dollar and non-U.S. currencies, capital controls, and adverse changes in trade relationships amongst those countries.
Added
Further, as the company expands its customer base and the scope of its offerings, both within the U.S. and globally, it may be impacted by additional regulatory or other risks, including, compliance with U.S. and foreign data privacy requirements, outbound investment restrictions, AI and cloud regulations, data localization requirements, labor relations laws, enforcement of IP protection laws, laws relating to anti-corruption, anti-competition regulations, and import, export and trade restrictions.
Added
Further, international trade disputes could create uncertainty. Tariffs and international trade sanctions resulting from these disputes could affect the company’s ability to move goods and services across borders, or could impose added costs to those activities. Measures taken to date by the company to mitigate these impacts could be made less effective should trade sanctions or tariffs change.
Added
In addition, any widespread outbreak of an illness, pandemic or other local or global health issue, natural disasters, climate change impacts, or uncertain political climates, international hostilities, or any terrorist activities, could adversely affect customer demand, the company’s operations and supply chain, and its ability to source and deliver products and services to its customers.
Added
The Company May Not Meet Its Growth and Productivity Objectives: On an ongoing basis, IBM seeks to drive greater agility, productivity, flexibility and cost savings by continuously transforming with the use of automation, AI, agile processes and changes to the ways of working, while also enabling the scaling of resources, offerings and investments through the company’s globally integrated model across both emerging and more established markets.
Added
These various initiatives may not yield their intended gains in speed, quality, productivity and enablement of rapid scaling, which may impact the company’s competitiveness and its ability to meet its growth and productivity objectives.
Added
Ineffective Internal Controls Could Impact the Company’s Business and Operating Results: The company’s internal control over financial reporting may not prevent or detect misstatements because of its inherent limitations, including the possibility of human error, failure or interruption of information technology systems, the circumvention or overriding of controls, or fraud.
Added
Even effective internal controls can provide only reasonable assurance with respect to the preparation and fair presentation of financial statements.
Added
If the company fails to maintain the adequacy of its internal controls, including any failure to implement required new or improved controls, or if the company experiences difficulties in their implementation, the company’s business and operating results could be harmed and the company could fail to meet its financial reporting obligations.
Added
The Company’s Use of Accounting Estimates Involves Judgment and Could Impact the Company’s Financial Results: The application of accounting principles generally accepted in the U.S. (GAAP) requires the company to make estimates and assumptions about certain items and future events that directly affect its reported financial condition.
Added
The company’s most critical accounting estimates are described in the Management Discussion in IBM’s 2024 Annual Report to Stockholders, under “Critical Accounting Estimates.” In addition, as discussed in note Q, “Commitments & Contingencies,” in IBM’s 2024 Annual Report to Stockholders, the company makes certain estimates including decisions related to legal proceedings and reserves.
Added
These estimates and assumptions involve the use of judgment. As a result, actual financial results may differ. The Company’s Goodwill or Amortizable Intangible Assets May Become Impaired: The company acquires other companies, including the intangible assets of those companies.
Added
The company may not realize all the economic benefit from those acquisitions, which could cause an impairment of goodwill or intangible assets. If our goodwill or net intangible assets become impaired, we may be required to record a charge to the Consolidated Income Statement.
Added
The Company Depends on Skilled Employees and Could Be Impacted by a Shortage of Critical Skills: Much of the future success of the company depends on the continued service, availability and integrity of skilled employees, including technical, marketing and staff resources.
Added
Skilled and experienced personnel in the areas where the company competes are in high demand, and competition for their talents is intense. Changing demographics and labor work force trends may result in a shortage of or insufficient knowledge and skills.
Added
In addition, as global opportunities and industry demand shifts, realignment, training and scaling of skilled resources may not be sufficiently rapid or successful. Further, many of IBM’s key employees receive a total compensation package that includes equity awards.
Added
Any new regulations, volatility in the 5 Table of Contents stock market and other factors could diminish the company’s use or the value of the company’s equity awards, putting the company at a competitive disadvantage.
Added
The Company’s Business Could Be Impacted by Its Relationships with Critical Suppliers: IBM’s business employs a wide variety of components (hardware and software), supplies, services and raw materials from a substantial number of suppliers around the world. Certain of the company’s businesses rely on a single or a limited number of suppliers, including for server processor technology for certain semiconductors.
Added
Changes in the business condition (financial or otherwise) of these suppliers could subject the company to losses and affect its ability to bring products to market.
Added
Further, the failure of the company’s suppliers to deliver components, supplies, services and raw materials in sufficient quantities, in a timely or secure manner, and in compliance with all applicable laws and regulations could adversely affect the company’s business.
Added
In addition, any defective components, supplies or materials, or inadequate services received from suppliers could reduce the reliability of the company’s products and services and harm the company’s reputation.
Added
Product and Service Quality Issues Could Impact the Company’s Business and Operating Results: The company has rigorous quality control standards and governance processes intended to prevent, detect and correct errors, malfunctions and other defects in its products and services.
Added
If errors, malfunctions, defects or disruptions in service are experienced by customers or in the company’s operations there could be negative consequences that could impact customers’ business operations and harm the company’s business’s operating results.
Added
The Development and Use of AI and Generative AI, including the Company’s Increased Offerings and Use of AI-based Technologies, Could Impact the Long-Term Success of the Company and its Reputation or Give Rise to Legal or Regulatory Action: IBM is increasingly applying AI-based technologies, including generative AI, to its services and products, to how it delivers offerings to IBM clients, and to its own internal operations.
Added
Additionally, IBM is investing in and offering new products and services associated with AI development, deployment and management. As stated more comprehensively and in context of several risk factors throughout this
Item 1A. Risk Factors
Risk Factors — what could go wrong, per management
16 edited+6 added−57 removed37 unchanged
Item 1A. Risk Factors
Risk Factors — what could go wrong, per management
16 edited+6 added−57 removed37 unchanged
2023 filing
2024 filing
Biggest changeRisks Related to Cybersecurity and Data Privacy Cybersecurity and Privacy Considerations Could Impact the Company’s Business: There are numerous and evolving risks to cybersecurity and privacy, including risks originating from intentional acts of criminal hackers, hacktivists, nation states and competitors; from intentional and unintentional acts or omissions of customers, contractors, business partners, vendors, employees and other third parties; and from errors in processes or technologies, as well as the risks associated with an increase in the number of customers, contractors, business partners, vendors, employees and other third parties working remotely.
Biggest changeIn addition, the failure of ecosystem partners to comply with all applicable laws and regulations may prevent the company from working with them and could subject the company to losses and affect its ability to bring products to market. 6 Table of Contents Risks Related to Cybersecurity and Data Privacy Cybersecurity, Privacy, and AI Considerations Could Impact the Company’s Business: There are numerous and evolving risks to cybersecurity and privacy, including risks originating from intentional acts of individual and groups of criminal hackers, hacktivists, state-sponsored organizations, nation states and competitors; from intentional and unintentional acts or omissions of customers, contractors, business partners, vendors, employees and other third parties; and from errors in processes or technologies, as well as the risks associated with an increase in the number of customers, contractors, business partners, vendors, employees and other third parties working remotely.
Local country, state, provincial or municipal taxation may also be subject to review and potential override by regional, federal, national or similar forms of government. In addition, IBM is subject to the continuous examination of its income tax returns by the United States Internal Revenue Service (IRS) and other tax authorities around the world.
Furthermore, local country, state, provincial or municipal taxation may also be subject to review and potential override by regional, federal, national or similar forms of government. In addition, IBM is subject to the continuous examination of its income tax returns by the United States Internal Revenue Service (IRS) and other tax authorities around the world.
Premium increases could be significant due to the level of insolvencies of unrelated companies in the country at issue. IBM’s 2023 Annual Report to Stockholders includes information about potential impacts from pension funding and the use of certain assumptions regarding pension matters.
Premium increases could be significant due to the level of insolvencies of unrelated companies in the country at issue. IBM’s 2024 Annual Report to Stockholders includes information about potential impacts from pension funding and the use of certain assumptions regarding pension matters.
Funding reductions or delays could adversely impact public sector demand for our products and services. Also, some agreements may contain provisions allowing the customer to terminate without cause and providing for higher liability limits for certain losses.
Funding reductions, delays or work stoppages could adversely impact public sector demand for our products and services. Also, some agreements may contain provisions allowing the customer to terminate without cause and providing for higher liability limits for certain losses.
The company’s earnings and cash flows, as well as its access to funding, could be negatively impacted by changes in market liquidity conditions. IBM’s 2023 Annual Report to Stockholders includes information about the company’s liquidity position.
The company’s earnings and cash flows, as well as its access to funding, could be negatively impacted by changes in market liquidity conditions. IBM’s 2024 Annual Report to Stockholders includes information about the company’s liquidity position.
Legal and compliance risks, however, will continue to exist and additional legal proceedings and other contingencies, the outcome of which cannot be predicted with certainty, may arise from time to time. Risks Related to Financing and Capital Markets Activities The Company’s Results of Operations and Financial Condition Could Be Negatively Impacted by Its U.S. and non-U.S.
Legal and compliance risks, however, will continue to exist and additional legal proceedings and other contingencies, the outcome of which cannot be predicted with certainty, may arise from time to time. 8 Table of Contents Risks Related to Financing and Capital Markets Activities The Company’s Results of Operations and Financial Condition Could Be Negatively Impacted by Its U.S. and non-U.S.
The company does not make a market in either its debt or equity securities and cannot provide any assurances with respect to the liquidity or value of such securities. Item 1B. Unresolved Staff Comments: Not applicable.
The company does not make a market in either its debt or equity securities and cannot provide any assurances with respect to the liquidity or value of such securities. 9 Table of Contents Item 1B. Unresolved Staff Comments: Not applicable.
We do not 7 Table of Contents expect climate change or compliance with environmental laws and regulations focused on climate change to have a disproportionate effect on the company or its financial position, results of operations and competitive position.
We do not expect climate change or compliance with environmental laws and regulations focused on climate change to have a disproportionate effect on the company or its financial position, results of operations and competitive position.
The risks associated with such legal proceedings are described in more detail in note R, “Commitments & Contingencies,” in IBM’s 2023 Annual Report to Stockholders. The company believes it has adopted appropriate risk management and compliance programs.
The risks associated with such legal proceedings are described in more detail in note Q, “Commitments & Contingencies,” in IBM’s 2024 Annual Report to Stockholders. The company believes it has adopted appropriate risk management and compliance programs.
Cyber threats are continually evolving, including with the increased use of AI, making it difficult to defend against such threats and vulnerabilities that can persist undetected over extended periods of time.
Cyber threats are increasing in number and sophistication, continually evolving, including with the increased use of AI, making it difficult to anticipate and defend against such threats and vulnerabilities that can persist undetected over extended periods of time.
Computer hackers and others routinely attack the security of technology products, services, systems and networks using a wide variety of methods, including ransomware or other malicious software and attempts to exploit vulnerabilities in hardware, software, and infrastructure.
Computer hackers and others routinely attack the security of technology products, services, systems and networks, like those we offer, using a wide variety of methods, including ransomware or other malicious software and attempts to exploit vulnerabilities in hardware, software, and infrastructure, and the increased use of generative AI may introduce novel methods of attack.
The company’s client base includes many enterprises worldwide, from small and medium businesses to the world’s largest organizations and governments, with a significant portion of the company’s revenue coming from global clients across many sectors.
The company’s client base includes many enterprises worldwide, from small and medium businesses to the world’s largest organizations and governments, with a significant portion of the company’s revenue coming from global clients across many sectors. Most of the company’s sales are on an open credit basis, and the company performs ongoing credit evaluations of its clients’ financial conditions.
These products, services, systems and networks are also used by customers in heavily regulated industries, including those in the financial services, healthcare, critical infrastructure and government sectors. 6 Table of Contents While the company continues to monitor for, identify, investigate, respond to and remediate a wide range of cybersecurity events, there have not been cybersecurity incidents or vulnerabilities that have had a material adverse effect on the company, though there is no assurance that there will not be cybersecurity incidents or vulnerabilities that will have a material adverse effect in the future.
While the company continues to monitor for, identify, investigate, respond to and remediate a wide range of cybersecurity events, there have not been cybersecurity incidents or vulnerabilities that have had a material adverse effect on the company, though there is no assurance that there will not be cybersecurity incidents or vulnerabilities that will have a material adverse effect in the future.
Cybersecurity attacks or other catastrophic events resulting in disruptions to or failures in power, information technology, communication systems or other critical infrastructure could result in interruptions or delays to company, customer, or other third-party operations or services, financial loss, injury or death to persons or property, potential liability, and damage to brand and reputation.
Cybersecurity attacks or other catastrophic events resulting in disruptions to or failures in power, information technology, communication systems or other critical infrastructure could result in interruptions or delays to company, customer, or other third-party operations or services, financial loss, injury or death to persons or property, potential liability, and damage to brand and reputation. 7 Table of Contents Although the company continuously takes significant steps to mitigate cybersecurity risk across a range of functions, such measures can never eliminate the risk entirely or provide absolute security.
In addition, the cost and operational consequences of responding to cybersecurity incidents and implementing remediation measures could be significant. In the company’s industry, security vulnerabilities are increasingly discovered, publicized and exploited across a broad range of hardware, software or other infrastructure, elevating the risk of attacks and the potential cost of response and remediation for the company and its customers.
In the company’s industry, security vulnerabilities are increasingly discovered, publicized and exploited across a broad range of hardware, software or other infrastructure, including in our own products, services, systems and networks, or third-party data and systems upon which we rely, elevating the risk of attacks and the potential cost of response and remediation for the company and its customers.
These various initiatives may not yield their intended gains in speed, quality, productivity and enablement of rapid scaling, which may impact the company’s competitiveness and its ability to meet its growth and productivity objectives.
IBM’s drive for greater agility, productivity, flexibility and cost savings by continuously transforming with the use of AI may not yield intended gains in speed, quality, productivity and enablement of rapid scaling, which may impact the company’s competitiveness.
Removed
Item 1A. Risk Factors: Risks Related to Our Business Downturn in Economic Environment and Client Spending Budgets Could Impact the Company’s Business: If overall demand for IBM’s products and solutions decreases, whether due to general economic conditions, or a shift in client buying patterns, the company’s revenue and profit could be impacted.
Added
Item 1A., this increasing mix and application of AI-based technologies may impact IBM’s ongoing efforts to maintain and increase its market share and its profit margins or harm IBM’s reputation if the company does not continue to be recognized as an AI leader with strong governance processes.
Removed
Failure of Innovation Initiatives Could Impact the Long-Term Success of the Company: IBM has moved into areas, including those that incorporate or utilize hybrid cloud, AI (including generative AI), quantum and other disruptive technologies, in which it can differentiate itself through responsible innovation, by leveraging its investments in R&D and attracting a successful developer ecosystem.
Added
The evolving global AI regulatory environment, including the enactment of the EU AI Act, may affect the company’s business and the company’s overall results of operations. Computer hackers and others routinely attack the security of technology products, services, systems and networks using a wide variety of methods, and the increased use of generative AI may introduce novel methods of attack.
Removed
If IBM is unable to continue its cutting-edge innovation in a highly competitive and rapidly evolving environment or is unable to commercialize such innovations, expand and scale them with sufficient speed and versatility or is unable to attract a successful developer ecosystem, the company could fail in its ongoing efforts to maintain and increase its market share and its profit margins.
Added
In the event of such actions, the company, its customers and other third parties could be exposed to liability, litigation, and regulatory or other government action, including debarment, as well as the loss of existing or potential customers, damage to brand and reputation, damage to IBM’s competitive position, and other financial loss.
Removed
Damage to IBM’s Reputation Could Impact the Company’s Business: IBM has one of the strongest brand names in the world, and its brand and overall reputation could be negatively impacted by many factors, including if the company does not continue to be recognized for its industry leading technology and solutions and as a hybrid cloud and AI leader.
Added
These products, services, systems and networks are also used by customers in heavily regulated industries, including those in the financial services, healthcare, critical infrastructure and government sectors. As is common in our industry and for a company our size, we continue to face and prepare for cybersecurity threats.
Removed
IBM’s reputation is potentially susceptible to damage by events such as significant disputes with clients, product defects, internal control deficiencies, delivery failures, cybersecurity incidents, government investigations or legal proceedings or actions of current or former clients, directors, employees, competitors, vendors, alliance partners or joint venture partners.
Added
In addition, the cost and operational consequences of responding to cybersecurity incidents and implementing remediation measures could be significant.
Removed
If the company’s brand image is tarnished by negative perceptions, its ability to attract and retain customers, talent and ecosystem partners could be impacted. 3 Table of Contents Risks from Investing in Growth Opportunities Could Impact the Company’s Business: The company continues to invest significantly in key strategic areas to drive revenue growth and market share gains.
Added
The Organization for Economic Cooperation and Development (OECD) has issued model rules for a new global minimum tax. Local country adoption of these rules may increase tax uncertainty and may adversely impact the company’s income taxes.
Removed
Client adoption rates and viable economic models are less certain in the high-value, highly competitive, and rapidly-growing segments. Additionally, emerging business and delivery models may unfavorably impact demand and profitability for our other products or services.
Removed
If the company does not adequately and timely anticipate and respond to changes in customer and market preferences, competitive actions, disruptive technologies, emerging business models and ecosystems, the client demand for our products or services may decline or IBM’s costs may increase.
Removed
IBM’s Intellectual Property Portfolio May Not Prevent Competitive Offerings, and IBM May Not Be Able to Obtain Necessary Licenses: The company’s patents and other intellectual property may not prevent competitors from independently developing products and services similar to or duplicative to the company’s, nor can there be any assurance that the resources invested by the company to protect its intellectual property will be sufficient or that the company’s intellectual property portfolio will adequately deter misappropriation or improper use of the company’s technology.
Removed
In addition, the company may be the target of aggressive and opportunistic enforcement of patents by third parties, including non-practicing entities. Also, there can be no assurances that IBM will be able to obtain from third parties the licenses it needs in the future.
Removed
The company’s ability to protect its intellectual property could also be impacted by a lack of effective legal protections as well as changes to existing laws, legal principles and regulations governing intellectual property, including the ownership and protection of patents.
Removed
Certain of the company’s offerings incorporate or utilize open source and other third-party software licensed with limited or no warranties, indemnification, or other contractual protections for IBM.
Removed
Further, if open source code that IBM utilizes is no longer maintained, developed or enhanced by the relevant community of independent open source software programmers, most of whom we do not employ, we may be unable to develop new technologies, adequately enhance our existing technologies or meet customer requirements for innovation, quality and price.
Removed
Risks to the Company from Acquisitions, Alliances and Dispositions Include Integration Challenges, Failure to Achieve Objectives, the Assumption of Liabilities and Higher Debt Levels: The company has made and expects to continue to make acquisitions, alliances and dispositions.
Removed
Such transactions present significant challenges and risks and there can be no assurances that the company will manage such transactions successfully or that strategic opportunities will be available to the company on acceptable terms or at all.
Removed
The related risks include the company failing to achieve strategic objectives, anticipated revenue improvements and cost savings, the failure to retain key strategic relationships of acquired companies, the failure to retain key personnel and the assumption of liabilities related to litigation or other legal proceedings involving the businesses in such transactions, as well as the failure to close planned transactions.
Removed
Such transactions may require the company to secure financing and any significant disruption or turmoil in the capital markets could have an adverse effect on IBM’s ability to access the capital markets at favorable terms. From time to time, the company disposes or attempts to dispose of assets that are no longer central to its strategic objectives.
Removed
Any such disposition or attempted disposition is subject to risks, including risks related to the terms and timing of such disposition, risks related to obtaining necessary governmental or regulatory approvals and risks related to retained liabilities not subject to the company’s control.
Removed
The Company’s Financial Results for Particular Periods Are Difficult to Predict: IBM’s revenues and profitability are affected by such factors as the introduction of new products and services, the ability to compete effectively in increasingly competitive marketplaces, the length of the sales cycles and the seasonality of technology purchases.
Removed
In addition, certain of the company’s growth areas involve new products, new customers, new and evolving competitors, and new markets, all of which contribute to the difficulty of predicting the company’s financial results.
Removed
The company’s financial results may also be impacted by the structure of products and services contracts and the nature of its customers’ businesses; for example, certain of the company’s services contracts with commercial customers in regulated industries are subject to periodic review by regulators with respect to controls and processes.
Removed
Further, general economic conditions, including sudden shifts in regional or global economic activity may impact the company’s financial results in any particular period. As a result of the above-mentioned factors, the company’s financial results are difficult to predict. Historically, the company has had lower revenue in the first quarter than in the immediately preceding fourth quarter.
Removed
In addition, the high volume of products typically ordered at the end of each quarter, especially at the end of the fourth quarter, make financial results for a given period difficult to predict.
Removed
Due to the Company’s Global Presence, Its Business and Operations Could Be Impacted by Local Legal, Economic, Political, Health and Other Conditions: The company is a globally integrated entity, operating in over 175 countries worldwide and deriving about sixty percent of its revenues from sales outside the United States.
Removed
Changes in the laws or policies of the countries in which the company operates, or inadequate development or enforcement of such laws or policies, could affect the company’s business and the company’s overall results of operations.
Removed
Further, the company may 4 Table of Contents be impacted directly or indirectly by the development and enforcement of laws and regulations in the U.S. and globally that are specifically targeted at the technology industry.
Removed
The company’s results of operations also could be affected by economic and political changes in those countries and by macroeconomic changes, including recessions, inflation, currency fluctuations between the U.S. dollar and non-U.S. currencies and adverse changes in trade relationships amongst those countries.
Removed
Further, as the company expands its customer base and the scope of its offerings, both within the U.S. and globally, it may be impacted by additional regulatory or other risks, including, compliance with U.S. and foreign data privacy requirements, AI regulations, data localization requirements, labor relations laws, enforcement of IP protection laws, laws relating to anti-corruption, anti-competition regulations, and import, export and trade restrictions.
Removed
Further, international trade disputes could create uncertainty. Tariffs and international trade sanctions resulting from these disputes could affect the company’s ability to move goods and services across borders, or could impose added costs to those activities. Measures taken to date by the company to mitigate these impacts could be made less effective should trade sanctions or tariffs change.
Removed
In addition, any widespread outbreak of an illness, pandemic or other local or global health issue, natural disasters, climate change impacts, or uncertain political climates, international hostilities, or any terrorist activities, could adversely affect customer demand, the company’s operations and supply chain, and its ability to source and deliver products and services to its customers.
Removed
The Company May Not Meet Its Growth and Productivity Objectives: On an ongoing basis, IBM seeks to drive greater agility, productivity, flexibility and cost savings by continuously transforming with the use of automation, AI, agile processes and changes to the ways of working, while also enabling the scaling of resources, offerings and investments through the company’s globally integrated model across both emerging and more established markets.
Removed
Ineffective Internal Controls Could Impact the Company’s Business and Operating Results: The company’s internal control over financial reporting may not prevent or detect misstatements because of its inherent limitations, including the possibility of human error, failure or interruption of information technology systems, the circumvention or overriding of controls, or fraud.
Removed
Even effective internal controls can provide only reasonable assurance with respect to the preparation and fair presentation of financial statements.
Removed
If the company fails to maintain the adequacy of its internal controls, including any failure to implement required new or improved controls, or if the company experiences difficulties in their implementation, the company’s business and operating results could be harmed and the company could fail to meet its financial reporting obligations.
Removed
The Company’s Use of Accounting Estimates Involves Judgment and Could Impact the Company’s Financial Results: The application of accounting principles generally accepted in the U.S. (GAAP) requires the company to make estimates and assumptions about certain items and future events that directly affect its reported financial condition.
Removed
The company’s most critical accounting estimates are described in the Management Discussion in IBM’s 2023 Annual Report to Stockholders, under “Critical Accounting Estimates.” In addition, as discussed in note R, “Commitments & Contingencies,” in IBM’s 2023 Annual Report to Stockholders, the company makes certain estimates including decisions related to legal proceedings and reserves.
Removed
These estimates and assumptions involve the use of judgment. As a result, actual financial results may differ. The Company’s Goodwill or Amortizable Intangible Assets May Become Impaired: The company acquires other companies, including the intangible assets of those companies.
Removed
The company may not realize all the economic benefit from those acquisitions, which could cause an impairment of goodwill or intangible assets. If our goodwill or net intangible assets become impaired, we may be required to record a charge to the Consolidated Income Statement.
Removed
The Company Depends on Skilled Employees and Could Be Impacted by a Shortage of Critical Skills: Much of the future success of the company depends on the continued service, availability and integrity of skilled employees, including technical, marketing and staff resources.
Removed
Skilled and experienced personnel in the areas where the company competes are in high demand, and competition for their talents is intense. Changing demographics and labor work force trends may result in a shortage of or insufficient knowledge and skills.
Removed
In addition, as global opportunities and industry demand shifts, realignment, training and scaling of skilled resources may not be sufficiently rapid or successful. Further, many of IBM’s key employees receive a total compensation package that includes equity awards.
Removed
Any new regulations, volatility in the stock market and other factors could diminish the company’s use or the value of the company’s equity awards, putting the company at a competitive disadvantage.
Removed
The Company’s Business Could Be Impacted by Its Relationships with Critical Suppliers: IBM’s business employs a wide variety of components (hardware and software), supplies, services and raw materials from a substantial number of 5 Table of Contents suppliers around the world.
Removed
Certain of the company’s businesses rely on a single or a limited number of suppliers, including for server processor technology for certain semiconductors. Changes in the business condition (financial or otherwise) of these suppliers could subject the company to losses and affect its ability to bring products to market.
Removed
Further, the failure of the company’s suppliers to deliver components, supplies, services and raw materials in sufficient quantities, in a timely or secure manner, and in compliance with all applicable laws and regulations could adversely affect the company’s business.
Removed
In addition, any defective components, supplies or materials, or inadequate services received from suppliers could reduce the reliability of the company’s products and services and harm the company’s reputation.
Removed
Product and Service Quality Issues Could Impact the Company’s Business and Operating Results: The company has rigorous quality control standards and processes intended to prevent, detect and correct errors, malfunctions and other defects in its products and services.
Removed
If errors, malfunctions, defects or disruptions in service are experienced by customers or in the company’s operations there could be negative consequences that could impact customers’ business operations and harm the company’s business’s operating results.
Removed
In addition, the failure of ecosystem partners to comply with all applicable laws and regulations may prevent the company from working with them and could subject the company to losses and affect its ability to bring products to market.
Removed
Although the company continuously takes significant steps to mitigate cybersecurity risk across a range of functions, such measures can never eliminate the risk entirely or provide absolute security.
Removed
The Organization for Economic Cooperation and Development (OECD) is issuing guidelines that are different, in some respects, than long-standing international tax principles. As countries unilaterally amend their tax laws to adopt certain parts of the OECD guidelines, this may increase tax uncertainty and may adversely impact the company’s income taxes.
Removed
Most of 8 Table of Contents the company’s sales are on an open credit basis, and the company performs ongoing credit evaluations of its clients’ financial conditions.
Removed
Risks Related to the Spin-Off of Kyndryl Holdings, Inc. If the Kyndryl Holdings, Inc.
Removed
Spin-off Fails to Qualify for Tax-free Treatment, It Could Result in Substantial Tax Liability for the Company and Its Stockholders: In connection with the spin-off of Kyndryl Holdings, Inc., the company obtained a private letter ruling from the IRS and an opinion from its tax advisor, in each case to the effect that, for U.S. federal income tax purposes, the spin-off will qualify as a tax-free reorganization under sections 368(a)(1)(D) and 355 of the Internal Revenue Code of 1986, as amended.
Removed
The IRS private letter ruling and the opinion rely on certain facts, assumptions, representations and undertakings from Kyndryl Holdings, Inc. and the company regarding the past and future conduct of the companies’ respective businesses and other matters.
Removed
If any of these facts, assumptions, representations, or undertakings are incorrect or not satisfied, the conclusions reached in the IRS private letter ruling and/or the opinion could be jeopardized.
Removed
If the spin-off is determined to be taxable for U.S. federal income tax purposes, the company’s stockholders that are subject to U.S. federal income tax and the company could incur significant U.S. federal income tax liabilities.
Item 1C. Cybersecurity
Cybersecurity — threats and controls disclosure
10 edited+0 added−2 removed11 unchanged
Item 1C. Cybersecurity
Cybersecurity — threats and controls disclosure
10 edited+0 added−2 removed11 unchanged
2023 filing
2024 filing
Biggest changeIBM management responsible for managing cybersecurity risk reflects a cross-section of functions from across the organization 10 Table of Contents with significant experience in managing such risk as well as the technologies underlying these risks.
Biggest changeThe CAC is responsible for, among other things, setting the Company’s governance structure for managing cybersecurity risk and reviewing noteworthy cybersecurity incidents and strategies to prevent recurrence. IBM management responsible for managing cybersecurity risk reflects a cross-section of functions from across the organization with significant experience in managing such risk as well as the technologies underlying these risks.
They also hold leadership positions outside of IBM in the field of cybersecurity, serving on governing and advisory boards of public and private institutions at the forefront of issues related to cybersecurity, including technology development, cybersecurity policy, and national security. The Board of Directors and the Audit Committee oversees the cyber governance process.
They also hold leadership positions outside of IBM in the field of cybersecurity, serving on governing and advisory boards of public and private institutions at the forefront of issues related to cybersecurity, including technology development, cybersecurity policy, and national security. The Board of Directors and the Audit Committee oversee the cyber governance process.
We use a layered approach with overlapping controls to defend against cybersecurity attacks and threats on IBM networks, end-user devices, servers, applications, data, and cloud solutions. We draw heavily on our own commercial security solutions and services to manage and mitigate cybersecurity risks.
We regularly assess and adjust our technical controls and methods to identify and mitigate emerging cybersecurity risks. We use a layered approach with overlapping controls to defend against cybersecurity attacks and threats on IBM networks, end-user devices, servers, applications, data, and cloud solutions. We draw heavily on our own commercial security solutions and services to manage and mitigate cybersecurity risks.
As discussed in greater detail in Item 1A., "Risk Factors," the company faces numerous and evolving cybersecurity threats, including risks originating from intentional acts of criminal hackers, hacktivists, nation states and competitors; from intentional and unintentional acts or omissions of customers, contractors, business partners, vendors, employees and other third parties; and from errors in processes or technologies, as well as the risks associated with an increase in the number of customers, contractors, business partners, vendors, employees and other third parties working remotely.
As discussed in greater detail in Item 1A., "Risk Factors," the company faces numerous and evolving cybersecurity threats, including risks originating from the increased use of AI, intentional acts of individual and groups of criminal hackers, hacktivists, state-sponsored organizations, nation states and competitors; from intentional and unintentional acts or omissions of customers, contractors, business partners, vendors, employees and other third parties; and from errors in processes or technologies, as well as the risks associated with the number of customers, contractors, business partners, vendors, employees and other third parties working remotely.
Events of interest are promptly reported to the Senior Vice President (“SVP”) for Legal & Regulatory Affairs and General Counsel (“GC”) and the SVP overseeing cybersecurity (“SVP Sponsor”). Incidents are delegated to an appropriate incident response team for assessment, investigation, and remediation.
Events of interest are promptly reported to the Senior Vice President (“SVP”) and Chief Legal Officer ("CLO"), and the SVP overseeing cybersecurity (“SVP Sponsor”). Incidents are delegated to an appropriate incident response team for assessment, investigation, and remediation.
The Cybersecurity Advisory Committee (“CAC”) meets regularly and is responsible for overseeing management of the Company’s cybersecurity risk. The CAC is composed of, among others, SVPs from the major business units, the SVP Sponsor, and the GC.
The incident response teams advise and consult with the CLO and the SVP Sponsor, as appropriate. The Cybersecurity Advisory Committee (“CAC”) meets regularly and is responsible for overseeing management of the Company’s cybersecurity risk. The CAC is composed of, among others, SVPs from the major business units, the SVP Sponsor, and the CLO.
Senior management is responsible for assessing and managing IBM’s exposure to cybersecurity risks on an ongoing basis. From an enterprise perspective, we implement a multi-faceted risk management approach based on the National Institute of Standards and Technology Cybersecurity Framework.
Senior management is responsible for assessing and managing IBM’s exposure to cybersecurity risks on an ongoing basis. From an enterprise perspective, we implement a multi-faceted risk management approach based on the National Institute of Standards and Technology Cybersecurity Framework. We have established policies and procedures that provide the foundation upon which IBM’s infrastructure and data are managed.
Depending on the nature of the matter, the incident response team may include individuals from E&TS, the Office of the CISO, the Office of the CIO, Cyber Legal, Business Units, the Chief Privacy Office, Human Resources, Procurement, Finance and Operations, and Corporate Security. The incident response teams advise and consult with the GC and the SVP Sponsor, as appropriate.
Depending on the nature of the matter, the incident response team may include individuals from E&TS, the Office of the CISO, the Office of the CIO, Cyber Legal, Business Units, the Office of Privacy and Responsible Technology, Human Resources, Procurement, Finance and Operations, and Corporate Security.
The CSIRT team, together with the Office of the Chief Information Officer (“CIO”), Cyber Legal, Corporate Security, and BISOs, engages in on-going reviews of incidents, threat intelligence, detections, and vulnerabilities, including to assess client and regulatory impact.
IBM also has Business Information Security Officers (“BISO”) who are coordinated by the Office of the CISO on security issues specific to particular business segments. 10 Table of Contents The CSIRT team, together with the Office of the Chief Information Officer (“CIO”), Cyber Legal, Corporate Security, and BISOs, engages in on-going reviews of incidents, threat intelligence, detections, and vulnerabilities, including to assess client and regulatory impact.
The CISO also manages the Product Security Incident Response Team (“PSIRT”), which focuses on product vulnerabilities potentially affecting the security of offerings sold to customers. IBM also has Business Information Security Officers (“BISO”) who coordinate with the Office of the CISO on security issues specific to particular business segments.
The CISO also manages the Product Security Incident Response Team (“PSIRT”), which focuses on product vulnerabilities potentially affecting the security of offerings sold to customers.
Removed
We have established policies and procedures that provide 9 Table of Contents the foundation upon which IBM’s infrastructure and data are managed. We regularly assess and adjust our technical controls and methods to identify and mitigate emerging cybersecurity risks.
Removed
The CAC is responsible for, among other things, setting the Company’s governance structure for managing cybersecurity risk and reviewing noteworthy cybersecurity incidents and strategies to prevent recurrence.
Item 2. Properties
Properties — owned and leased real estate
2 edited+0 added−0 removed2 unchanged
Item 2. Properties
Properties — owned and leased real estate
2 edited+0 added−0 removed2 unchanged
2023 filing
2024 filing
Biggest changeAt December 31, 2023, IBM’s facilities in the U.S. had aggregate floor space of approximately 18 million square feet, of which approximately 9 million was owned and 9 million was leased. Outside the U.S., facilities totaled approximately 26 million square feet, of which 4 million was owned and 22 million was leased.
Biggest changeAt December 31, 2024, IBM’s facilities in the U.S. had aggregate floor space of approximately 17 million square feet, of which approximately 9 million was owned and 8 million was leased. Outside the U.S., facilities totaled approximately 24 million square feet, of which 3 million was owned and 21 million was leased.
Item 2. Properties: IBM ’s corporate headquarters are located at an owned site in Armonk, New York. As of December 31, 2023, in aggregate, we owned or leased facilities for current use consisting of approximat ely 44 million square feet worldwide.
Item 2. Properties: IBM ’s corporate headquarters are located at an owned site in Armonk, New York. As of December 31, 2024, in aggregate, we owned or leased facilities for current use consisting of approximat ely 41 million square feet worldwide.
Item 3. Legal Proceedings
Legal Proceedings — active lawsuits and investigations
1 edited+0 added−0 removed0 unchanged
Item 3. Legal Proceedings
Legal Proceedings — active lawsuits and investigations
1 edited+0 added−0 removed0 unchanged
2023 filing
2024 filing
Biggest changeItem 3. Legal Proceedings: Refer to note R, “Commitments & Contingencies,” on pages 95 to 97 of IBM’s 2023 Annual Report to Stockholders, which is incorporated herein by reference. Item 4. Mine Safety Disclosures: Not applicable. 11 Table of Contents PART II
Biggest changeItem 3. Legal Proceedings: Refer to note Q, “Commitments & Contingencies,” on pages 95 to 97 of IBM’s 2024 Annual Report to Stockholders, which is incorporated herein by reference. Item 4. Mine Safety Disclosures: Not applicable. 11 Table of Contents PART II
Item 5. Market for Registrant's Common Equity
Market for Common Equity — stock, dividends, buybacks
3 edited+0 added−0 removed2 unchanged
Item 5. Market for Registrant's Common Equity
Market for Common Equity — stock, dividends, buybacks
3 edited+0 added−0 removed2 unchanged
2023 filing
2024 filing
Biggest changeTotal Number of Shares Purchased Average Price Paid per Share Total Number of Shares Purchased as Part of Publicly Announced Program Approximate Dollar Value of Shares that May Yet Be Purchased Under the Program (1) October 1, 2023—October 31, 2023 — $ — — $ 2,007,611,768 November 1, 2023—November 30, 2023 — $ — — $ 2,007,611,768 December 1, 2023—December 31, 2023 — $ — — $ 2,007,611,768 Total — $ — — (1) On October 30, 2018, the Board of Directors authorized $4.0 billion in funds for use in the company’s common stock repurchase program.
Biggest changeTotal Number of Shares Purchased Average Price Paid per Share Total Number of Shares Purchased as Part of Publicly Announced Program Approximate Dollar Value of Shares that May Yet Be Purchased Under the Program (1) October 1, 2024—October 31, 2024 — $ — — $ 2,007,611,768 November 1, 2024—November 30, 2024 — $ — — $ 2,007,611,768 December 1, 2024—December 31, 2024 — $ — — $ 2,007,611,768 Total — $ — — (1) On October 30, 2018, the Board of Directors authorized $4.0 billion in funds for use in the company’s common stock repurchase program.
Item 5. Market for the Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities: Refer to page 123 of IBM’s 2023 Annual Report to Stockholders, which is incorporated herein by reference solely as it relates to this item.
Item 5. Market for the Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities: Refer to page 123 of IBM’s 2024 Annual Report to Stockholders, which is incorporated herein by reference solely as it relates to this item.
IBM common stock is listed on the New York Stock Exchange and the NYSE Chicago under the symbol “IBM.” There were 378,481 common stockholders of record at February 9, 2024. The following table provides information relating to the company’s repurchase of common stock for the fourth quarter of 2023.
IBM common stock is listed on the New York Stock Exchange and the NYSE Chicago under the symbol “IBM.” There were 348,544 common stockholders of record at February 10, 2025. The following table provides information relating to the company’s repurchase of common stock for the fourth quarter of 2024.