IP — INTERNATIONAL PAPER CO /NEW/ SEC Filings | FilingIndex
What Changed
Risk factors · Feb 21, 2025 → Feb 27, 2026
179 added · 162 removed between the two most recent 10-Ks. The risks a company starts — or stops — disclosing are often the story.
Newly disclosed
In January 2026, the 20 Table of Contents OECD/G20 issued administrative guidance modifying application of the Pillar Two rule through a Side-by-Side system introducing two new Pillar Two safe harbors for US-parented multinational corporations, effective beginning in 2026.
In Europe, the EU AI Act, adopted in May 2024, entered its implementation phase in 2025 and imposes extensive transparency, risk management and data governance obligations for AI systems, particularly those classified as high risk, with significant fines for noncompliance.
In response to the Supreme Court’s decision, the government announced new Executive Orders on February 20, 2026, aimed at restructuring U.S. tariff policy and exploring alternative statutory authorities to impose or maintain tariffs.
For example, the Organization for Economic Cooperation and Development (the “OECD”) has issued a framework pursuant to which EU and non-EU countries (including countries in which we operate) have enacted a 15% global minimum tax applied on a country- by-country basis (the “Pillar Two rule”).
In the United States, 2025 marked a shift in federal AI policy with the government establishing a national AI policy framework aimed at asserting federal preemption over divergent state AI laws.
Factors which could cause actual results to differ include but are not limited to: (i) our ability to consummate and achieve the benefits expected from, and other risks associated with our plans to separate our North America and Europe, Middle East and Africa (“EMEA”) operations into two independent public companies and other acquisitions, joint ventures, divestitures, spinoffs, capital investments and other corporate transactions on a timely basis or at all including the risk that an impairment charge may be recorded for goodwill or other intangible assets, which could lead to decreased assets and reduced net earnings;
Supreme Court’s recent decision striking down certain previously imposed tariffs and creating uncertainty regarding potential tariff refunds and the future scope of U.S. tariff authority; and the impact of new executive orders that may restructure or reauthorize tariff measures through alternative legal mechanisms, as well 13 Table of Contents as the potential impact of retaliatory tariffs and other penalties including retaliatory policies against the United States) and global trade tensions, downgrades in our credit ratings, and/or the credit ratings of banks issuing certain letters of credit, issued by recognized credit rating organizations;
An inability to foster these relationships and to manage any material changes in commercial terms and service levels could have a material adverse impact on our business, financial condition, results of operations and/or future prospects. 16 Table of Contents Pricing in the paper and packaging industries can be affected by, among other things, product commoditization, changes in demand, entrance or withdrawal of new competitors or capacity, changes in product supply, and the introduction of new products, technologies and equipment, including the use of artificial intelligence ("AI") and machine learning solutions.
Recent periods have been characterized not only by persistent inflationary pressures, elevated interest rates, challenging labor market conditions, tariff policies and heightened trade policy uncertainty but also by slowing global economic growth, weakening global trade and investment flows, supply chain realignments, currency volatility, shifting fiscal and monetary policies across major economies and adverse effects and uncertainty associated with current geopolitical conditions.
We may become entitled to refunds of certain tariffs previously paid; however, whether any refund will be available, and the amount and timing of any such refund, remain uncertain and subject to ongoing administrative processes and additional federal guidance.
Additionally, if our compliance efforts with new applicable laws, regulations, and standards do not align with the expectations of regulatory or governing bodies due to ambiguities in their application and implementation, or if they differ from interpretations arising from related litigation, we may face legal actions.
Any such unauthorized access, use or disclosure in violation of applicable privacy and data protection laws could cause reputational harm and loss of consumer confidence and subject us to government enforcement actions (including fines), or result in private litigation, which could result in loss of revenue, increased costs, liability for monetary damages, fines and/or criminal prosecution, all of which could negatively affect our business and operating results.
No longer disclosed
For example, prior to the closing of the disposal of our ownership stake in Ilim and Ilim Group in the third 17 Table of Contents quarter of 2023, the military conflict between Russia and Ukraine adversely affected our Ilim joint venture and financial results, including as the result of economic sanctions, actions by the Russian government, and associated domestic and global economic and geopolitical conditions.
For example, following the completion of our business combination with DS Smith, we are reassessing our Vision 2030 goals to ensure that they align with our 18 Table of Contents expanded operations and capabilities, which may result in modifications to our existing targets and timelines.
For example, the State of California passed the Climate Corporate Data Accountability Act and the Climate-Related Financial Risk Act, which imposes climate-related reporting obligations on companies doing business in California meeting specified thresholds, including the Company.
For example, we have publicly committed to reducing our Scope 1, 2 and 3 GHG emissions by 35% from 2019 to 2030.
Pricing in the paper and packaging industry can be affected by, among other things, product commoditization, changes in demand, price reductions, entrance of new competitors or capacity, changes in product supply, and the introduction of new products, technologies and equipment, including the use of AI and machine learning solutions.
Other climate-related business risks that we face, include risks related to the transition to a lower-carbon economy, such as increased prices for fossil fuels; the introduction of a carbon tax; increased regulation of operations and products, and the resulting potential for increased litigation; and more stringent and/or complex environmental and other permitting requirements.
In addition, despite careful security and controls design, implementation, updating, monitoring and independent third-party verification, our information technology systems, together with those of our third-party providers or joint venture partners, have been and could again be compromised or disrupted due to factors such as employee error or malfeasance, cyber-attacks, including ransomware, malware, phishing attacks, advanced persistent threats, social engineering, credential stuffing or distributed denial-of-service attacks or data or security breaches by malicious actors such as common hackers, criminal groups or nation-state organizations or social activist (“hacktivist”) organizations, disruptions resulting from geopolitical events, natural disasters, failures or impairments of telecommunications networks or other catastrophic events.
Any cybersecurity attack, data or security breach, other security incident, compromise, damage, disruption, outage or shutdown to our or the information technology systems or networks, or those of any businesses with which we interact could result in lost sales, business delays, negative publicity or reputational impact, and a loss of customer confidence, and have a material adverse effect on our business or financial results.
Any such incident or breach could also result in operational or supply chain disruptions, data loss, corruption or manipulation, or information misappropriation including, but not limited to, interruption to systems availability, denial of access to and misuse of applications required by customers to conduct business, the acquisition, use or disclosure of data or inability to access data, the release of confidential information about our operations, and subject us to litigation and government enforcement actions.
There is no assurance that any remedial actions will meaningfully limit the success of future attempts to breach our information systems, particularly because malicious actors are increasingly sophisticated and utilize tools and techniques specifically designed to circumvent security measures, avoid detection and obfuscate forensic evidence, which means we may be unable to identify, investigate or remediate effectively or in a timely manner.
Additionally, while insurance coverage designed to address certain aspects of cyber risks may be in place, such insurance coverage may be insufficient to cover all losses or all types of claims that may arise in connection with such incidents. 20 Table of Contents We are subject to a wide variety of laws, regulations and other government requirements that may change in significant ways, and the cost of compliance with such requirements, or the failure to comply with such requirements, could impact our business and results of operations.
For example, a significant portion of sales from our Global Cellulose Fibers business are concentrated in China and could be adversely affected by changes in economic conditions and demographics.