What is a 10-K Report?

A Form 10-K is the comprehensive annual disclosure that publicly traded companies in the United States are required to file with the Securities and Exchange Commission (SEC). It offers a detailed, standardized snapshot of a company's business, financial condition, results of operations, risk exposures, governance, executive compensation, and other material information that investors, analysts, regulators, and other stakeholders rely on for decision-making.

Overview: Purpose and Legal Basis

Statutory and Regulatory Foundation

The Form 10-K is required by federal securities law and SEC rules as part of the periodic reporting regime for companies with registered securities. Its purpose is to provide consistent, auditable, and comparable information across reporting companies so that market participants can make informed investment decisions. The 10-K complements other SEC filings such as Forms 8-K (current reports) and 10-Q (quarterly reports), but is the most extensive annual narrative and financial disclosure.

Because the 10-K is filed with the SEC and becomes public, it carries legal significance: statements in a 10-K may be subject to liability under securities laws if they are materially false or omit material facts. Companies therefore devote significant legal, accounting, and disclosure resources to preparing the document carefully and accurately.

Key Components of a Form 10-K

Business Overview and Strategy

The "Business" section explains what the company does, its principal products and services, operating segments, geographic presence, and significant subsidiaries. This narrative helps readers understand the company's economic model, customer base, and market positioning. It often includes descriptions of supply chains, manufacturing processes, distribution channels, and intellectual property portfolios.

In addition to describing current operations, this section commonly outlines strategic initiatives, areas of strategic investment, and near-term growth priorities. For investors seeking to assess long-term prospects, the business overview provides context for the financial numbers that follow.

Risk Factors

The "Risk Factors" section lists material risks the company faces. These risks must be described in "plain English" and are usually ordered with the most significant risks first. Risks can span industry- and company-specific items, such as competitive pressures, regulatory changes, supply-chain vulnerabilities, litigation exposure, macroeconomic conditions, and financial liquidity constraints.

As regulatory expectations have evolved, 10-K risk factors increasingly address non-financial threats such as cybersecurity, climate and environmental risks, and the operational impact of technologies like artificial intelligence. Companies must balance comprehensiveness with specificity to avoid overly generic risk boilerplate.

Selected Financial Data and Management’s Discussion & Analysis (MD&A)

The MD&A provides management's perspective on historical results and the company's financial condition, and it identifies key drivers of performance. This is the narrative that ties financial statement numbers to underlying business trends, one-time events, accounting policy choices, and expectations for future periods.

MD&A is critical because it discusses liquidity and capital resources, off-balance-sheet arrangements, critical accounting estimates, and known trends or uncertainties. For analysts, MD&A is often the most insightful qualitative section for forecasting future performance and understanding management's priorities and concerns.

Audited Financial Statements and Notes

The 10-K contains the audited financial statements prepared according to U.S. GAAP (or other applicable accounting standards), typically including the balance sheet, income statement, statement of comprehensive income, cash flow statement, and statement of shareholders' equity. Each set of financial statements is accompanied by detailed notes that explain accounting policies, contingent liabilities, pension obligations, leases, income taxes, and more.

Independent auditors issue an opinion on the financials, which is included in the 10-K. The audit report provides assurance about whether the financial statements present fairly, in all material respects, the company's financial position and results of operations.

Other Required Sections

Additional mandatory parts of the 10-K include executive compensation disclosures, information on corporate governance and board practices, legal proceedings, market information for the company's securities, and exhibits such as material contracts and corporate bylaws. Certain policies—like insider trading policies—may now be required as filed exhibits or to be explained if not adopted.

The comprehensiveness of these sections makes the 10-K a one-stop reference for many stakeholders seeking to evaluate a company's structure, incentives, governance quality, and potential legal or regulatory exposures.

Recent and Emerging Disclosure Topics (2024–2025)

Artificial Intelligence (AI) Disclosures

As AI has become strategically material for many businesses, regulators and practitioners have updated expectations for 10-K disclosure. Companies are increasingly required to disclose how AI affects their business strategy, operations, and financial results—whether AI is embedded in products, used to automate processes, or impacts workforce needs.

In practice, AI disclosures in MD&A and risk factors describe deployment scope, dependencies on third-party models or data, potential reputation or compliance risks, model governance, and how AI may create new revenue streams or cost savings. Attorneys and auditors now look for clear linkage between AI initiatives and measurable financial impacts to avoid vague or misleading claims.

Cybersecurity Risk Management

Cybersecurity is now a core disclosure topic. Regulatory guidance expects companies to explain how they identify, manage, and mitigate cybersecurity risks, the role of senior management and the board in oversight, and any material incidents or the absence thereof. This transparency helps investors assess potential operational interruptions, data breach liabilities, and reputational harm.

Practical cybersecurity disclosure often includes descriptions of frameworks used, incident response readiness, third-party vendor oversight, and metrics where available. Legal advisers recommend balancing informative disclosure with prudence so as not to provide malicious actors with a blueprint for attack.

Insider Trading Policies and Human Capital Management (HCM)

Newer disclosure expectations require companies to state whether they have insider trading policies and to file those policies as exhibits or explain why they have not adopted them. This helps investors evaluate compliance culture and governance controls. The inclusion of insider trading policies in exhibits increases transparency around how insiders transact in company securities.

Human Capital Management disclosure has also been elevated. Companies must describe their human capital resources and measures or objectives used to manage them. Typical HCM disclosures address headcount, workforce composition, training and retention programs, diversity initiatives, safety measures, and metrics that management uses to monitor performance and risks.

How to Read and Use a 10-K

Practical Reading Order for Investors

For efficient analysis, many investors and analysts follow a practical reading order: start with the business overview for context, then read risk factors, management’s discussion and analysis (MD&A), and the financial statements and notes. Executive compensation and governance sections are important for assessing alignment between management and shareholders.

Cross-referencing is key. Use MD&A to interpret unusual line items in the financial statements; use notes for accounting policy detail; use risk factors to assess what management perceives as threats. The 10-K should be read as an integrated document where narrative and numeric disclosures inform one another.

Quantitative and Qualitative Signals

Numerics such as revenue growth, gross margin trends, free cash flow, and leverage ratios provide quantitative signals. Qualitative disclosures—strategy, competitive advantages, technological dependencies, regulatory exposures, and management commentary—often explain the "why" behind the numbers. Both types of information are necessary for a holistic assessment.

Investors should also compare 10-Ks year-over-year and versus peer company filings to detect trends, one-time items, changes in accounting estimates, and shifts in strategic emphasis. Many market participants use 10-Ks as inputs to financial models and valuation work.

Where to Access 10-K Filings

SEC EDGAR and Other Resources

The official repository for SEC filings—including Form 10-Ks—is the SEC’s EDGAR system, where filings are publicly available and searchable. EDGAR provides access to current and historical disclosures and is the authoritative source when verifying filing dates, exhibit attachments, and signature pages.

In addition to EDGAR, financial data providers, brokerages, company investor relations websites, and educational resources such as Investor.gov and Investopedia provide summaries, guidance, and searchable copies of filings. For a primer on how to read the 10-K, the SEC’s investor educational materials are helpful.

Common Pitfalls and How Companies Address Them

Overly Generic Risk Disclosure

A common criticism of many 10-Ks is overly generic or boilerplate risk-factor language that fails to convey which risks truly matter to a particular company. Regulators and investors prefer specificity. Effective companies identify risks that are both material and company-specific, and they quantify or contextualize those risks where possible.

Companies improve risk disclosure by linking risks to operational areas, financial impacts, and mitigation steps. For example, instead of saying "cybersecurity risks exist," an effective disclosure will describe the company’s incident history, risk assessment approach, board oversight, and potential financial or operational impacts.

Inconsistent Non-GAAP Measures

Many companies present non-GAAP financial measures in the 10-K or accompanying materials to explain adjusted performance. The risk is lack of consistency or clear reconciliation to GAAP figures. Properly prepared 10-Ks provide reconciliations and explain the rationale for non-GAAP metrics so investors can understand what the measures capture and why management uses them.

Auditors and counsel typically advise companies to ensure reconciliations are clear and that adjusted metrics do not mislead by omitting recurring costs or masking poor operating performance.

For Companies: Preparing the 10-K — Process and Governance

Cross-Functional Preparation

Preparing the 10-K is a cross-functional exercise involving legal, accounting, finance, internal audit, investor relations, HR, IT, and business-unit leaders. Each contributes disclosures relevant to their domain—financials and accounting policies from accounting teams; governance and board materials from corporate secretaries; human capital and HCM metrics from HR; cybersecurity and IT risk from security teams.

Because the document is filed with the SEC and forms part of the public record, companies institute review cycles, internal controls over disclosure, and sign-offs from senior executives and the board. External auditors focus on the financial statements and related disclosures.

Materiality, Timing, and Exhibit Management

Determining materiality (what information must be disclosed) requires judgment and coordination with counsel. Timing is important because 10-Ks are filed on tight schedules after year-end and audited close processes. Finally, exhibit management—collecting contracts, policies, and certifications for filing—can be administratively intensive, and firms often use document management systems to streamline exhibit assembly.

Recent filing practice changes have required firms to attach certain policies (e.g., insider trading policies) as exhibits, or to explain why no such policies exist, which means corporate secretaries must keep such documents current and electronically accessible for EDGAR filing.

Frequently Asked Questions (FAQ)

Who must file a 10-K?

Most U.S. companies with securities registered under the Securities Exchange Act of 1934—typically publicly traded companies—must file an annual Form 10-K. Smaller reporting companies and emerging growth companies have scaled disclosure requirements and may have different deadlines, but they still file annual reports.

Private companies do not file 10-Ks, although many produce internally similar annual reports for lenders or shareholders that mimic 10-K content without public filing.

What is the difference between a 10-K and an annual report to shareholders?

The 10-K is a regulatory filing prepared for the SEC and includes exhaustive audited financials, footnotes, and legal disclosures. An annual report to shareholders is a marketing and communications piece designed for investors and often emphasizes narrative, graphics, and glossy presentation. Some companies include the 10-K as part of an annual report package, but the two serve different purposes—one regulatory, one communicative.

Always refer to the 10-K for definitive legal and financial disclosure; shareholder annual reports are useful for management’s messaging but are not substitutes for the 10-K when legal or accounting precision is needed.

This content is for general information only and isn’t financial advice. Always do your own research and speak with a qualified advisor before making investment decisions. We can’t guarantee accuracy or outcomes, and you’re responsible for your own choices.