The Privacy Compliance Mosaic

2 filers across 1 sector are flagging higher disclosed risk. Visible since 2025Q4, recently quiet. Consensus hardened: 2025Q4 was 33% rising; 2026Q1 now 100%. Primarily a regulatory story (50%), with a risk overlay (50%). Stated as material across filings (avg intensity 4.0/5). Forward-leaning — companies are guiding to this, not just explaining the past. Recent filings describe "Failure to comply with these privacy and data protection laws could result in legal proceedings and substantial administrative fines."

Companies face a fragmented and rapidly proliferating global patchwork of privacy and data-protection regulations, with material exposure to fines, litigation, and reputational harm for non-compliance or data mishandling.

DISTINCT NEW FILERS PER QUARTER

NEW FILERS THIS QUARTER

0% QoQ

SPREADING ACROSS

1 industry

Consumer Discretionary

FIRST SURFACED

2024Q1

of recorded history

✦ WHAT THE DIFF CAUGHT

Language shifts from regulatory uncertainty (BAC's neutral framing) to active escalation of compliance burden and penalty risk (MCD's forward-looking warnings of rising requirements and substantial fines).

REPRESENTATIVE SIGNAL FROM FILINGS

“Failure to comply with these privacy and data protection laws could result in legal proceedings and substantial administrative fines”

Failure to comply with privacy and data protection laws could result in legal proceedings, substantial fines, and material adverse impact to financial results and brand.

—MCDONALDS CORP$MCDSEC.GOV ↗10-Q Item 2 · filed 2026-05-07

“cybersecurity incidents...will likely continue to result in, related litigation or government enforcement”

Cybersecurity incidents and improper data handling practices create material litigation and government enforcement exposure.

—BANK OF AMERICA CORP /DE/$BACSEC.GOV ↗10-K Item 7 · filed 2026-02-25

DRIVERS

+ CONSUMER DISCRETIONARY+ FINANCIALS