Read · Section 01

Risk-Factor YoY Diff — What Changed in Item 1A This Year

YoY diff of Item 1A across two 10-Ks. Buckets added / removed / expanded / tightened risks, cross-references 8-Ks, surfaces 2-3 load-bearing changes.

MCP tools:company_filingsfiling_sectionmaterial_events

A reading framework for diffing Item 1A across two consecutive 10-Ks. Companies don't add risk factors lightly — every new paragraph in the year's risk section is signal that management decided this matters now. The diff is more useful than the section itself.

Why this works with edgar.tools MCP

A 10-K's Item 1A runs 30-60 risk factors and 8,000-15,000 words. Most of it is the same boilerplate the company has filed for a decade. The signal is the delta — what the company added, removed, expanded, or pulled back from the prior year.

Vanilla LLMs handle this by summarizing whatever they remember of the latest 10-K, which collapses the diff to "they mention competition, regulation, and cybersecurity" — true of every 10-K, useful for none. With edgar.tools MCP both filings are fetched as primary-source text and diffed pair-wise:

  • company_filings — locate the most-recent two 10-Ks for the issuer.
  • filing_section (risk_factors) — fetch Item 1A from each, full text.
  • material_events — cross-check any added risk against recent 8-Ks that may have prompted it (litigation, restatements, cybersecurity incidents).

The diff grounds every claim in a fetchable section. No invented "they added a new risk about AI" without a specific paragraph in a specific accession.

How to use

Copy the framework below into your Claude / ChatGPT / Gemini conversation. With edgar.tools MCP connected, the model will fetch both filings and walk the diff. Then ask:

Run the Risk-Factor YoY Diff on [TICKER].
Prompt — paste this into Claude, ChatGPT, or Gemini

The framework (v1.0)

You are an analyst reading the year's 10-K with one specific question: what changed in Item 1A since last year? Every addition, removal, expansion, or rewording in the risk-factor section is the company's CFO and outside counsel telling you what they think mattered enough to litigate over later. Your job is to produce a structured diff.

Non-negotiables

  • No invention. Every "added" / "removed" / "expanded" claim must point to a paragraph in a specific accession.
  • If a risk is genuinely new, quote 10-20 words verbatim so the user can verify.
  • If a risk is rewritten, name the change explicitly (e.g. "added 'including in connection with AI'", "removed the qualifier 'material'").
  • If you cannot locate the prior-year 10-K (newly public, foreign issuer, transition year), state so and stop.

Workflow (ordered, mandatory)

Step 1 — Pin both filings

Call company_filings({ company: "[TICKER]", form: "10-K", limit: 3 }). Pin the two most recent accessions. Note:

  • Latest 10-K: filing date, FY end, accession
  • Prior 10-K: filing date, FY end, accession
  • Any 10-K/A (amendment) between them — amendments often carry the substantive Item 1A revisions

If only one 10-K exists (newly public), pin Item 1A of the S-1 or F-1 as the comparison baseline. Mark Confidence: Medium.

Step 2 — Fetch Item 1A from both

Call filing_section({ accession: <latest>, section: "risk_factors" }) and filing_section({ accession: <prior>, section: "risk_factors" }) in parallel. Read both end-to-end before drafting the diff — don't try to diff incrementally section-by-section.

Step 3 — Build the structural diff

Categorize every meaningful change into exactly one of these buckets:

  • ADDED — A risk factor present this year that was not present last year, or a substantively new sub-paragraph inside an existing factor heading. Highest signal.
  • REMOVED — A risk factor dropped this year that was present last year. Less common; usually signals the underlying exposure has resolved (lawsuit settled, regulatory regime changed, divested business unit).
  • EXPANDED — A risk factor present in both years that gained material new content. Includes: new examples, new naming of regulators/counterparties, new dollar amounts, new defensive language. Second-highest signal.
  • TIGHTENED — A risk factor present in both years that removed qualifiers ("may", "could", "in some circumstances") or escalated tense (from "could result in" to "has resulted in"). Often subtle but high-information.
  • UNCHANGED — Same factor, same language. Don't list these. The whole point of the diff is the delta.

Ignore: typo fixes, internal reordering with no language change, footnote re-numbering.

Step 4 — Cross-reference with recent 8-Ks

For each ADDED or EXPANDED risk, call material_events({ company: "[TICKER]", days: 365 }) once (single call covers all changes) and check whether a recent 8-K likely prompted the change. Common pairings:

  • New cybersecurity risk ↔ 8-K Item 1.05 (material cyber incident)
  • New litigation risk ↔ 8-K Item 8.01 naming a lawsuit
  • New officer-departure risk ↔ 8-K Item 5.02 cluster
  • New restatement risk ↔ 8-K Item 4.02 (non-reliance on prior financials)
  • New regulatory risk ↔ 8-K Item 8.01 naming an enforcement action or new rule

When you find a pairing, name it. When you don't, say so — an added risk with no 8-K pairing is usually proactive ("we're getting ahead of this").

Step 5 — Identify the 2-3 load-bearing changes

From the categorized diff, pick the 2-3 changes that would actually move your thesis on this company. Heuristics for "load-bearing":

  • The change names a specific dollar amount, regulator, counterparty, jurisdiction, or product line.
  • The change is tied to a thesis driver (margin, growth, regulation, capital structure).
  • The change escalates tense from hypothetical ("could") to actual ("has").
  • An ADDED risk with a paired 8-K event (the company is documenting something that already happened).

Skip: changes that are clearly drafting cleanup, generic macroeconomic language additions ("inflation", "geopolitical tensions"), or risks added to mirror peer disclosures without substantive change.

Required output

Produce a structured diff in this exact shape:

[TICKER] — Risk-Factor YoY Diff
Latest:  [Form] · Filed [date] · FY[year] — Accession: [link]
Prior:   [Form] · Filed [date] · FY[year] — Accession: [link]

DIFF SUMMARY
  Added:     N risks
  Removed:   N risks
  Expanded:  N risks
  Tightened: N risks

LOAD-BEARING CHANGES (2-3)
  1. [ADDED / EXPANDED / TIGHTENED] — [Risk heading]
     What changed: [one sentence + 10-20 word verbatim quote]
     Why it matters: [one sentence — connect to thesis driver]
     8-K pairing: [accession + item code, or "none"]

  2. ...
  3. ...

OTHER NOTABLE CHANGES (1-line summaries, optional)
  - ADDED: [heading] — [one phrase]
  - REMOVED: [heading] — [one phrase]
  - EXPANDED: [heading] — [one phrase]

CONFIDENCE: High / Medium / Low

Stopping conditions

  • If only one 10-K exists (newly public), use the S-1's risk section as the baseline and mark Confidence: Medium. Note that S-1 risk factors are typically more candid than 10-K risk factors (different SEC review).
  • If the prior-year filing is a 10-K/A (amendment) and the latest is a regular 10-K, diff against the 10-K/A — that's the most-recently-reviewed version.
  • If filing_section returns an empty string for risk_factors on either filing, the issuer is likely a smaller reporting company exempt from Item 1A. Stop and report Confidence: Low.
Then askRun this on AAPL.

What MCP-grounded diff adds

Diff elementWithout MCPWith MCP
Latest + prior 10-K accessionsApproximatedcompany_filings returns the actual filings list
Full Item 1A text from bothSummarized from trainingfiling_section(risk_factors) returns the verbatim text
Added vs. expanded distinctionCollapsedSide-by-side text supports the structural diff
Verbatim quotes for verificationHallucinatedQuotes are pulled from the fetched text, citable to accession
8-K pairings for added risksGuessworkmaterial_events returns 365 days of items with dates

The diff is the recipe most worth running on companies where you're long-time-familiar — that's where you're least likely to notice that something changed.

Sample output structure

A complete diff on AAPL (Apple Inc., FY25 10-K vs FY24 10-K) — a stable mega-cap with subtle risk-section evolution — looks like the preview below.

Sample LLM output — what FORGE returnsPreview

AAPL — Risk-Factor YoY Diff

Latest: 10-K · Filed 2025-11-01 · FY2025 ending 2025-09-27 Accession: `0000320193-25-000123`

Prior: 10-K · Filed 2024-11-01 · FY2024 ending 2024-09-28 Accession: `0000320193-24-000123`

Diff summary

BucketCount
Added2 risks
Removed1 risk
Expanded4 risks
Tightened1 risk

Load-bearing changes

  1. EXPANDED — AI-related regulatory and competitive risk
    • What changed: AAPL added an explicit paragraph naming generative-AI features (Apple Intelligence) as both a competitive necessity and a litigation exposure surface. Verbatim addition: "including in connection with the use of generative artificial intelligence."
    • Why it matters: First year AI is named as an Item 1A risk on AAPL — a structural shift in how management is framing the product roadmap.
    • 8-K pairing: none. This is proactive language tied to the WWDC25 Apple Intelligence rollout (covered in earnings release, not 8-K).
  2. EXPANDED — Antitrust / platform regulation risk
    • What changed: Added explicit reference to the EU Digital Markets Act enforcement and the US DOJ smartphone-monopoly lawsuit filed 2024-03-21. Where the FY24 risk was forward-looking ("could be subject to"), FY25 names the proceedings.
    • Why it matters: Tense escalation from hypothetical to actual. App Store revenue is ~$24B/yr; an adverse outcome on the EU DMA side-loading question has real P&L exposure.
    • 8-K pairing: none directly (Apple does not 8-K most litigation). Cross-reference 10-Q legal-proceedings exhibits.
  3. ADDED — China supply-chain concentration risk (new heading)
    • What changed: New stand-alone risk factor headed "A significant portion of our manufacturing is concentrated in China and a small number of other locations" — previously embedded as a sub-bullet under the broader supply-chain risk.
    • Why it matters: Promoting it to its own headed factor signals counsel believes the exposure has grown enough to warrant individual disclosure. Aligns with the FY25 MD&A discussion of the India/Vietnam production expansion.
    • 8-K pairing: none. Proactive disclosure.

Other notable changes

  • EXPANDED: Cybersecurity risk — added language on AI-assisted attacks (training-data poisoning, prompt injection).
  • EXPANDED: Currency / hedging risk — named JPY and EUR specifically (was generic "foreign currencies" prior year).
  • TIGHTENED: Tax-rate volatility risk — removed the qualifier "may" before "result in higher effective tax rates" → now reads as "could result in."
  • REMOVED: A standalone risk on COVID-related supply disruption (rolled into general supply-chain risk).

Confidence: High Both filings retrieved via filing_section; diff verified by reading both Item 1A sections end-to-end. AI and antitrust quotes are verbatim from the FY25 filing.

Actual output will vary by ticker. Stable mega-caps like AAPL typically have 2-4 load-bearing changes per year; high-growth or recently-IPO'd issuers can have 10+.

  • 10-K Speedrun — when "what's the whole 10-K say" is the question, not just the risks. Use that one first; come back to this when you want to drill on risks specifically.
  • 8-K Event Triager — when the diff turns up an added risk with no 8-K pairing, run this to confirm.
  • F.O.R.G.E. Framework — when an added risk affects a compounding thesis (per-share economics, capital allocation discipline).