NetApp, Inc. [NTAP] Filings

UNITED STATES

SECURITIES AND EXCHANGE COMMISSION

Washington, D.C. 20549

Form 10-K

(Mark One)

☑ ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

For the fiscal year ended April 29, 2022

or

☐ TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934

For the transition period from to

Commission File Number 000-27130

NetApp, Inc.

(Exact name of registrant as specified in its charter)

3060 Olsen Drive,

San Jose, California 95128

(Address of principal executive offices, including zip code)

(408) 822-6000

(Registrant’s telephone number, including area code)

Securities registered pursuant to Section 12(b) of the Act:

Securities registered pursuant to Section 12(g) of the Act:

None

Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act. Yes ☑ No ☐

Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the Act. Yes ☐ No ☑

Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes ☑ No ☐

Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T (§232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit such files). Yes ☑ No ☐

Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company,” and “emerging growth company” in Rule 12b-2 of the Exchange Act.

If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act. ☐

Indicate by check mark whether the registrant has filed a report on and attestation to its management’s assessment of the effectiveness of its internal control over financial reporting under Section 404(b) of the Sarbanes-Oxley Act (15 U.S.C. 7262(b)) by the registered public accounting firm that prepared or issued its audit report.☑

Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act). Yes ☐ No ☑

The aggregate market value of voting stock held by non-affiliates of the registrant, as of October 29, 2021, the last business day of the registrant’s most recently completed second fiscal quarter, was $12,494,943,961 (based on the closing price for shares of the registrant’s common stock as reported by the NASDAQ Global Select Market on that date). Shares of common stock held by each executive officer, director, and holder of 5% or more of the outstanding common stock have been excluded in that such persons may be deemed to be affiliates. This determination of possible affiliate status is not a conclusive determination for other purposes.

On June 1, 2022, 221,190,424 shares of the registrant’s common stock, $0.001 par value, were outstanding.

DOCUMENTS INCORPORATED BY REFERENCE

TABLE OF CONTENTS

Cautionary Note on Forward-Looking Statements

This Annual Report on Form 10-K contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended (the Exchange Act). Forward-looking statements are all statements (and their underlying assumptions) included in this document that refer, directly or indirectly, to future events or outcomes and, as such, are inherently not factual, but rather reflect only our current projections for the future. Consequently, forward-looking statements usually include words such as “estimate,” “intend,” “plan,” “predict,” “seek,” “may,” “will,” “should,” “would,” “could,” “anticipate,” “expect,” “believe,” or similar words, in each case, intended to refer to future events or circumstances. A non-comprehensive list of the topics including forward-looking statements in this document includes:

3

All forward-looking statements included in this document are inherently uncertain as they are based on management’s current expectations and assumptions concerning future events and are subject to numerous known and unknown risks and uncertainties. Therefore, actual events and results may differ materially from these forward-looking statements. Factors that could cause actual results to differ materially from those described herein include, but are not limited to:

4

Readers are cautioned not to place undue reliance on these forward-looking statements, which speak only as of the date of this document and are based upon information available to us at this time. These statements are not guarantees of future performance. Except as required by law, we disclaim any obligation to update information in any forward-looking statement. Actual results could vary from our forward-looking statements due to the foregoing factors as well as other important factors.

5

PART I

Item 1. Business

Overview

NetApp, Inc. (NetApp, we, or us) is a global cloud-led, data-centric software company. We were incorporated in 1992 and are headquartered in San Jose, California. Building on a rich history of innovation, NetApp gives customers the freedom to manage applications and data across hybrid multicloud environments. Our portfolio of cloud services, and storage infrastructure, powered by intelligent data management software, enables applications to run faster, more reliably, and more securely, all at a lower cost.

In the last two years, we have seen an unprecedented acceleration of digital transformation. Organizations accelerated digital initiatives to strengthen and optimize operations, as well as to create new experiences for customers and employees. All these efforts require these organizations to manage and protect data while ensuring that the underlying cloud and data center infrastructure can support application performance and reliability cost-effectively. Increasingly, complexity is the primary barrier to building new applications and capabilities quickly.

Our vision is to help our customers increase the pace of innovation by reducing complexity with intelligent software services that manage, protect and optimize data, storage infrastructure, and cloud resources. Our strategy is to help our customers:

Product, Solutions and Services Portfolio

NetApp delivers a portfolio of cloud services, and storage infrastructure, powered by intelligent data management software. At the end of the first quarter of fiscal year 2022, corresponding with how we manage the company, we established two segments for financial reporting purposes: Hybrid Cloud and Public Cloud.

Hybrid Cloud

Hybrid Cloud offers a portfolio of storage management and infrastructure solutions that help customers recast their data centers with the power of cloud. This portfolio is designed to operate with public clouds to unlock the potential of hybrid, multi-cloud operations. We offer a broad portfolio of cloud-connected all-flash, hybrid-flash, and object storage systems, powered by intelligent data management software. Hybrid Cloud is composed of software, hardware, and related support, as well as professional and other services.

Intelligent data management software

NetApp ONTAP software is the foundational technology that underpins NetApp's key storage solutions in the data center and in the cloud. ONTAP includes a wide variety of data management and protection features and capabilities, including automatic ransomware protection against cyber-attacks, built-in data transport features, and storage efficiency capabilities. ONTAP provides flexibility to design and deploy a storage environment across the broadest range of architectures - engineered systems, software-defined storage (SDS), and the cloud – while unifying data management across all of them, as well as SAN and NAS environments.

Customers can realize savings with space-efficient NetApp Snapshot™ copies, thin provisioning, replication, and cloning technologies. ONTAP includes a number of data protection features designed to safeguard data from corruption, compromise, or loss and to help our customers quickly recover when unexpected events occur. NetApp SnapCenter Backup Management software is designed to deliver high-performance backup and recovery for database and application workloads hosted on ONTAP storage. NetApp SnapMirror Data Replication software is able to replicate data at high speeds across environments. SnapMirror delivers robust data management capabilities for virtualization, protecting critical data while providing the flexibility to move data between locations and storage tiers, including cloud service providers. NetApp SnapLock Data Compliance software delivers high-performance disk-based data permanence for HDD and SSD deployments.

NetApp Astra is a fully managed application-aware data management service built for Kubernetes workloads. Astra allows organizations to protect, recover, and move applications deployed on Kubernetes with no software to download, install, manage, or upgrade.

6

NetApp ElementOS software delivers agility through scale-out flexibility, predictable performance, and automation integrations so organizations can build clouds to accelerate new services. ElementOS software enables innovative architectures with flexible scale for our customers' private clouds.

NetApp SANtricity software is the data management software that powers and administers the NetApp E/EF Series storage arrays. SANtricity software offers industry-leading performance, reliability, and ease of use. These capabilities mean that storage administrators can make configuration changes, perform maintenance, and expand storage capacity without disrupting I/O to attached hosts.

Storage infrastructure

NetApp All-Flash FAS (AFF) series is a scale-out platform built for virtualized environments, combining low-latency performance via flash memory (also known as a solid-state storage disk) with best-in-class data management, built-in efficiencies, integrated data protection, multiprotocol support, and nondisruptive operations; cloud and on-premises. AFF, powered by ONTAP, allows customers to connect to clouds for more data services, data tiering, caching, and disaster recovery. The AFF Series has a portfolio of products designed for multiple markets and price/performance considerations, from smaller channel commercial market offerings to large-scale, global enterprises.

NetApp Fabric Attached Storage (FAS) series are high-volume, high-capacity data storage devices powered by NetApp ONTAP. NetApp FAS Storage Arrays provide customers with a balance of performance and capacity running either disk drives, hybrid-flash or newer, cost-efficient flash memory known as Quad-level cell (QLC). QLC based systems (FAS500f) are designed for a balanced ratio of capacity and performance. FAS systems cost-effectively deliver data protection, security, and scalability.

NetApp FlexPod is a converged infrastructure solution. It combines servers (compute), storage resources, and the network fabric to create an agile, efficient, and scalable platform for hosting applications. Using Cisco Validated Design methodologies, the FlexPod platform is a portfolio of pre-validated designs used to meet the challenges of simplifying deployments for best-in-class data center architectures based on the Cisco Unified Computing System and NetApp data storage solutions.

NetApp E/EF series is built for dedicated, high-bandwidth applications that need simple, fast SAN storage with enterprise-grade reliability. The E-Series is available as a hybrid-flash platform, while the EF-Series is all-flash. Running on the SANtricity storage operating system, the E/EF-Series storage appliances are designed for performance-sensitive workloads like real-time analytics, HPC, and databases.

NetApp StorageGRID is a software-defined object storage solution for large archives, media repositories, and web data stores. Using the industry-standard object APIs like the Amazon Simple Storage Service (S3), the StorageGRID solution, running on the ElementOS data management storage operating system, is provided both as a NetApp-branded storage solution and as a software-defined solution on third-party hardware.

NetApp SolidFire is a scale-out, all-flash storage platform designed for large-scale infrastructure. It is primarily positioned for private cloud solutions. SolidFire, running on the ElementOS data management storage operating system, allows customers to manage storage performance independent of capabilities and guarantee performance to thousands of applications within a single storage platform.

Public Cloud

Public Cloud offers a portfolio of products delivered primarily as-a-service, including related support. This portfolio includes cloud storage and data services, and cloud operations services. Our enterprise-class solutions and services enables customers to control and manage storage in the cloud, consume high-performance storage services for primary workloads, and optimize cloud environments for cost and efficiency. These solutions and services are generally available on the leading public clouds, including Microsoft Azure, Google Cloud Platform and Amazon AWS.

Cloud storage and data services

The NetApp Cloud Volumes Platform is an integrated collection of cloud storage infrastructure and data services. The platform is anchored by NetApp Cloud Volumes ONTAP, a cloud-based software for customers who wish to manage their own cloud storage infrastructure, and based on the same ONTAP software that underpins our storage infrastructure offerings. Fully managed cloud storage offerings are available natively on Microsoft Azure as Azure NetApp Files, on AWS as Amazon FSx for NetApp ONTAP, and on Google Cloud as NetApp Cloud Volumes Service for Google Cloud.

With ONTAP’s built-in data transport features (NetApp Cloud Sync), customers can migrate data to the cloud securely and efficiently and can choose where to deploy primary workloads without having to re-architect applications or databases. Customers also get a comprehensive, industry-leading portfolio of storage efficiency capabilities. Inline data compression, deduplication, compaction,

7

and cloud tiering (NetApp Cloud Tiering) work together to reduce storage costs and maximize the amount of data stored. NetApp Cloud Backup delivers seamless and cost-effective backup and restore capabilities for protecting and archiving cloud and on-premises ONTAP data.

NetApp Cloud Data Sense (formerly Cloud Compliance), provides data discovery, mapping, and classification driven by artificial intelligence algorithms with automated controls and reporting for data privacy regulations such as the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and more.

NetApp Cloud Volumes Edge Cache (formerly Global File Cache) software delivers fast and secure access to data for users by caching active data sets to distributed offices globally.

Cloud operations services

NetApp Cloud Insights is an infrastructure monitoring tool that gives organizations visibility into their entire infrastructure with the ability to monitor, troubleshoot, and optimize cost across all resources, including public clouds and private data centers.

Our Spot by NetApp suite of products delivers a platform for cloud operations, enabling customers to deploy and operate cloud applications reliably and securely in their choice of cloud while reducing costs and complexity. Combining machine learning, predictive analytics and cloud automation, the Spot platform continuously optimizes cloud infrastructure and operations to deliver scalable, reliable and secure infrastructure for applications.

With solutions for virtual machines, containers, and key workloads, the Spot portfolio’s automation and optimization capabilities give customers more cloud at less cost. Spot Elastigroup enables customers to scale mission-critical workloads on AWS with automated, optimized cloud infrastructure management. The Spot Ocean Kubernetes Suite enables customers to dynamically provision, scale and optimize cloud resources for microservices and big data workloads. Spot Security delivers cloud security analysis and threat reduction for actionable compliance, remediation, and prevention. Spot Eco enables customers to maximize their cloud savings with intelligent management of AWS reserved instances and savings plans. Spot CloudCheckr provides actionable cloud cost analysis with visibility into performance and optimization opportunities.

Professional and Support Services

NetApp and our certified services partners offer a comprehensive portfolio of assessment, design, implementation, migration, and proactive support services to help customers optimize the performance and efficiency of their on-premises and hybrid multicloud storage environments. Our portfolio of offerings include strategic consulting, professional, managed, and support services.

Sales, Principal Markets, and Distribution Channels

We market and sell our products and services in numerous countries throughout the world. Our sales efforts are organized around the evolving needs of our current and targeted customers, and our marketing initiatives reflect this focus. NetApp uses a multichannel distribution strategy. We sell our products, solutions and services to end-user business customers and service providers through a direct sales force and an ecosystem of partners, including the leading cloud providers. Our marketing is focused on building our brand reputation, creating market awareness, communicating customer advantages and generating demand for our sales force and channel partners.

Our diversified customer base spans industry segments and vertical markets such as energy, financial services, government, technology, internet, life sciences, healthcare services, manufacturing, media, entertainment, animation, video postproduction and

8

telecommunications. NetApp focuses primarily on the enterprise storage and data management, cloud storage and cloud operations markets. We design our products to meet the evolving requirements of a hybrid, multicloud world, driven by digital transformation and cloud initiatives.

Our partnerships with the industry’s leading cloud, infrastructure, consulting, application, and reseller partners are created with one goal in mind: the success of our customers. Global enterprises, local businesses, and government installations look to NetApp and our ecosystem of partners to help maximize the business value of their IT and cloud investments.

We work with a wide range of partners for our customers, including technology partners, value-added resellers, system integrators, OEMs, service providers and distributors. During fiscal 2022, sales through our indirect channels represented 77% of our net revenues. Our global partner ecosystem is critical to NetApp’s growth and success. We are continually strengthening existing partnerships and investing in new ones to ensure we are meeting the evolving needs of our customers.

As of April 29, 2022, our worldwide sales and marketing functions consisted of approximately 5,700 managers, sales representatives and technical support personnel. We have field sales offices in approximately 30 countries. Sales to customers Arrow Electronics, Inc. and Tech Data Corporation accounted for 24% and 21% of our net revenues, respectively, in fiscal 2022. Information about sales to and accounts receivables from our major customers, segment disclosures, foreign operations and net sales attributable to our geographic regions is included in Note 15 – Segment, Geographic, and Significant Customer Information of the Notes to Consolidated Financial Statements.

Seasonality

We have historically experienced a sequential decline in revenues in the first quarter of our fiscal year, as the sales organization spends time developing new business after higher close rates in the fourth quarter, and because sales to European customers are typically weaker during the summer months. During the second quarter of our fiscal year, we have historically experienced increased sales, driven by the government sector, concurrent with the end of the U.S. federal government’s fiscal year in September, as well as an increase in business from European markets. We derive a majority of our revenue in any given quarter from customer orders booked in the same quarter. Customer orders and revenues typically follow intra-quarter seasonality patterns weighted toward the back end of the quarter. If recurring services and cloud revenue continue to increase as a percentage of our total revenues, historical seasonal patterns may become less pronounced.

Backlog

We manufacture products based on a combination of specific order requirements and forecasts of our customers’ demand. Orders are generally placed by customers on an as-needed basis. A substantial portion of our products is sold on the basis of standard purchase orders that are cancelable prior to shipment without penalty. In certain circumstances, purchase orders are subject to change with respect to quantity of product or timing of delivery resulting from changes in customer requirements. Our business is characterized by seasonal and intra-quarter variability in demand, as well as short lead times and product delivery schedules. Accordingly, backlog at any given time may not be a meaningful indicator of future revenue.

Manufacturing and Supply Chain

We have outsourced manufacturing operations to third parties located in Memphis, Tennessee; Fremont, California; San Jose, California; San Antonio, Texas; Guadalajara, Mexico; Schiphol Airport, The Netherlands; Komarom and Tiszaujvaros, Hungary; Wuxi and Tianjin, China; Taoyuan City, Taiwan; and Singapore. These operations include materials procurement, commodity management, component engineering, test engineering, manufacturing engineering, product assembly, product assurance, quality control, final test, and global logistics. We rely on a limited number of suppliers for materials, as well as several key subcontractors for the production of certain subassemblies and finished systems. We strive to have multiple suppliers qualified to provide critical components where possible and have our products manufactured in a number of locations to mitigate our supply chain risk. Our strategy has been to develop close relationships with our suppliers, maximizing the exchange of critical information and facilitating the implementation of joint quality programs. We use contract manufacturers for the production of major subassemblies and final system configuration. This manufacturing strategy minimizes capital investments and overhead expenditures while creating flexibility for rapid expansion.

We are certified to the International Organization for Standardization (ISO) 9001:2015 and ISO 14001:2015 certification standards. We have been Tier 2 certified under the U.S. Customs and Border Protection’s (CBP) Customs Trade Partnership Against Terrorism (CTPAT) program since January 2015.

Research and Development

Our research and development team delivers innovation to help customers modernize their IT environment and unlock the best of cloud. Our R&D structure allows us to align and accelerate the execution of our strategies and roadmaps across product groups. We

9

leverage our talent and shared IP for cloud- and hybrid-cloud solutions to remain agile to changing market conditions. Our R&D priorities are to help customers harness the power of public- and multi-cloud solutions, enabling modern data management applications and services, and to enable simple cloud-like experiences on-premises. We design our products and services from the ground up with cloud connectivity in mind, including tiering, disaster recovery, replication, bursting, and migration.

We conduct research and development activities in various locations throughout the world. Total research and development expenses were $881 million in each of fiscal 2022 and fiscal 2021, and $847 million in fiscal 2020. These costs consist primarily of personnel and related costs incurred to conduct product development activities. Although we develop many of our products internally, we also acquire technology through business combinations or through licensing from third parties when appropriate. We believe that technical leadership is essential to our success, and we expect to continue to commit substantial resources to research and development.

Competition

We operate in an industry in which there are rapid technological advances in hardware, software, and related services offerings. Cloud, digital transformation, and artificial intelligence initiatives are driving changes in customer and solution requirements.

We compete with many companies in the markets we serve. Our hybrid cloud solutions primarily compete with legacy IT and storage vendors. Some offer a broad spectrum of products, solutions and services and others offer a more limited set of storage- and data-management products, solutions or services. Additionally, public cloud providers offer customers storage as an operating expense which competes with more traditional storage offerings that customers acquire through capital expenditures. We both partner with and compete against cloud providers with our public cloud software and services. We rarely see legacy vendors competing in the cloud.

We compete with many companies in the cloud operations marketplace, including new companies (startups) and larger software companies who target developers, operations engineering (DevOps) and financial engineering (FinOps). Some companies have single point solutions that compete with one of our services and others are building platforms. Additionally public cloud providers offer similar services on their own cloud.

We face ongoing product and price competition in all areas of our business, including from both branded- and generic-product competitors.

Our current and potential competitors may establish cooperative relationships among themselves or with third parties, including some of our partners. It is possible that new competitors or alliances among competitors might emerge and further increase competitive pressures.

We consider our software innovation, cloud integration, and technology partnerships key to our competitive differentiation. We believe our competitive advantage also includes the nature of the relationships we form with our customers and partners worldwide. We strive to deliver an outstanding experience in every interaction we have with our customers and partners through our product, service, and support offerings, which enables us to provide our customers a full range of expertise before, during and after their purchases.

Proprietary Rights

We generally rely on patent, copyright, trademark, trade secret and contract laws to establish and maintain our proprietary rights in our technology, products and services. While our intellectual property rights are important to our success, we believe that our business is not materially dependent on any particular patent, trademark, copyright, license or other individual intellectual property right. We have been granted or own by assignment well over two thousand U.S. patents, hundreds of pending U.S. patent applications, and many corresponding patents and patent applications in other countries. From time to time, we may make certain intellectual property available under an open source license. Our primary trademarks are NetApp and the NetApp design logo, which are registered trademarks in the U.S. and in many other countries. In addition, we have trademarks and trademark registrations in the U.S. and other countries covering our various product or service names.

We generally enter into confidentiality agreements with our employees, resellers, distributors, customers, and suppliers. In addition, through various licensing arrangements, we receive certain rights to the intellectual property of others. We expect to maintain current licensing arrangements and to secure additional licensing arrangements in the future, as needed and to the extent available on reasonable terms and conditions, to support continued development and sales of our products and services. Some of these licensing arrangements require or may require royalty payments and other licensing fees. The amount of these payments and fees may depend on various factors, including but not limited to the structure of royalty payments; offsetting considerations, if any; and the degree of use of the licensed technology.

The industry in which we compete is characterized by rapidly changing technology, a large number of patents, and frequent claims and related litigation regarding intellectual property rights, and we may be exposed to various risks related to such claims or legal

10

proceedings. If we are unable to protect our intellectual property, we may be subject to increased competition that could materially and adversely affect our business operations, financial condition, results of operations and/or cash flows.

Environmental Disclosure

We are committed to the success of our customers and partners, to delivering value to our stockholders, and to positively affecting the communities where our employees work and live. We firmly believe that we can accomplish these objectives concurrently with our commitment to sound environmental management. We are committed to the reduction of greenhouse gas emissions; efficient use of natural resources; and minimizing, relative to the growth of the company, the environmental impacts from our operations, products, and services, as well as complying with laws and regulations related to these areas.

We voluntarily measure, monitor, and publicly report our scope 1, scope 2, and scope 3 (partial) greenhouse gas emissions and water impacts to CDP, a global standardized mechanism by which companies report their greenhouse gas emissions and water impacts to customers and institutional investors. We continuously seek to optimize the energy efficiency of our buildings, labs, and data centers; and we have increased our use of renewable energy, especially at our facilities in Bangalore, India and Wichita, Kansas, both of which are powered almost exclusively by renewable energy.

At both the global and regional/state levels, various laws and regulations have been implemented or are under consideration to mitigate or report on the effects of climate change. Environmental laws are complex, change frequently, and have tended to become more stringent over time. However, it is often difficult to anticipate future regulations pertaining to environmental matters and to estimate their impacts on our operations. Based on current information, we believe that our primary risk related to climate change is the risk of increased energy costs. We are not currently subject to a cap-and-trade system or any other mitigation measures that could be material to our operations, nor are we aware of any such measures that will impact us in the near future. Additionally, we have implemented disaster recovery and business resiliency measures to mitigate the physical risks our facilities, business, and supply chain might face as a consequence of severe weather/climate-related phenomena such as earthquakes, floods, droughts, and other such natural occurrences.

We are subject to international, federal, state, and local regulations regarding workplace safety and protection of the environment. Various international, federal, state, and local provisions regulate the use and discharge of certain hazardous materials used in the manufacture of our products. Failure to comply with environmental regulations in the future could cause us to incur substantial costs, subject us to business interruptions or cause customers to cease purchasing from us. We strive to comply with all applicable environmental laws. All of our products meet the requirements of the Registration, Evaluation, Authorisation and Restriction of Chemicals (REACH); Energy Related Products (ErP); Restriction of Hazardous Substances (RoHS); and China RoHS directives. We have a product take-back program and an e-waste scheme to comply with the EU directive on Waste Electrical and Electronic Equipment (WEEE), and Extended Producer Responsibility (EPR) regulations in India.

We have maintained an environmental management system since December 2004 that provides the framework for setting, monitoring, and continuously improving our environmental goals and objectives. As part of ISO 14001 requirements, we set local environmental performance goals, such as reducing energy use per square foot and minimizing waste generated on site, that are aligned with our overall corporate strategy. We also conduct periodic reviews and are subject to third-party audits of our operations, and we monitor environmental legislation and requirements to help make sure we are taking necessary measures to remain in compliance with applicable laws, not only in our operations but also for our products.

Human Capital Management

We take pride in attracting and retaining leading talent in the industry based on a culture-fit approach. From our inception, NetApp has worked to build a model company and has embraced a culture of openness and trust. At NetApp, our employees are supported and encouraged to be innovative, and we communicate openly and transparently so that employees can focus on critical and impactful work that ties directly to our business strategy. We continue to invest in our global workforce to support diversity and inclusion and to support our employees’ well-being and development.

Diversity, Inclusion and Belonging

We believe diversity, inclusion and belonging leads to more innovation, better access to talent and improved business outcomes. Our strategies are intended to increase the demographic and cognitive diversity of our employee population, promote a culture of inclusion and to leverage such diversity to achieve business results. For more information about our commitment to diversity, inclusion and belonging, go to the “Diversity Inclusion and Belonging” section of our website.

Compensation, Benefits and Wellbeing

Our healthcare options offer competitive, comprehensive coverage for our employees and their families, including:

11

Insurance and income protection. We provide life, accidental death and dismemberment and disability insurance programs. For additional peace of mind, we also offer supplemental insurance for our employees and their dependents.

Financial and savings programs. We offer flexible spending accounts, an employee stock purchase plan and a competitive 401(k) retirement plan with a company match. Our 401(k) plan gives employees more options to maximize retirement savings with pre-tax, Roth and after-tax contributions. We help our employees prepare for retirement by capitalizing on their total compensation and helping them save.

Employee Wellbeing. We provide a wide range of wellbeing programs and tools to ensure employees and their families have the resources they need when they need them. We offer emotional wellbeing resources and programs such as back-up child and elder care, student debt repayment, educational assistance, and legal services for employees and their dependents. NetApp also offers a variety of time-off programs to help support our employees who need time-off. Employees also have access to discounts and fitness centers.

Giving Back. The NetApp Serves Program supports how our employees want to make a difference in the world. In 2019, more than 2,800 NetApp employees donated over 64,000 hours to serve their communities and make an impact around the world. The NetApp Serves program encourages employees to volunteer through individual, team or company efforts.

COVID-19

At NetApp, the health and safety of our employees, customers, and partners is our number one priority. Like all businesses, we have been closely monitoring the COVID-19 outbreak. We are following guidance from the U.S. Centers for Disease Control (CDC), the World Health Organization (WHO), and international and local health authorities in countries where we operate. Our goal is to reduce the risk that anyone at NetApp might contract or inadvertently spread the virus. We have taken the following proactive steps to help protect ourselves and others and minimize the spread of COVID-19:

We continue to monitor the situation closely and may revise these measures or implement further measures in coordination with best practices and updated guidance from the relevant authorities.

Board Oversight of Human Capital Management

Our Board of Directors plays an active role in overseeing the Company's human capital management strategy and programs. Our Talent and Compensation Committee provides oversight of our talent strategy and key programs related to corporate culture, workforce diversity and inclusion, talent acquisition, engagement, development and retention.

Employees

As of April 29, 2022, we had approximately 12,000 employees worldwide. None of our employees are represented by a labor union and we consider relations with our employees to be good.

12

Please visit our website for more detailed information regarding our human capital programs and initiatives. Nothing on our website shall be deemed incorporated by reference into this Annual Report on Form 10-K.

Information About Our Executive Officers

Our executive officers and their ages as of June 10, 2022, were as follows:

George Kurian was appointed chief executive officer on June 1, 2015. He joined our board of directors in June 2015. From September 2013 to May 2015, he was executive vice president of product operations, overseeing all aspects of technology strategy, product and solutions development across our product portfolio. Mr. Kurian joined NetApp in April 2011 as the senior vice president of the storage solutions group and was appointed to senior vice president of the Data ONTAP group in December 2011. Prior to NetApp, from 2002 to 2011, Mr. Kurian held several positions at Cisco Systems, including most recently vice president and general manager of the application networking and switching technology group. From 1999 to 2002, Mr. Kurian was the vice president of product management and strategy at Akamai Technologies. Prior to that, he was a management consultant with McKinsey and Company, and led software engineering and product management teams at Oracle Corporation. Mr. Kurian is a board member at Cigna Corporation, a global health services company. Mr. Kurian holds a BS degree in electrical engineering from Princeton University and an MBA degree from Stanford University.

César Cernuda came to NetApp in July 2020 as president and is responsible for leading the company’s global go-to-market organization spanning sales, marketing, services, support, and customer success. Mr. Cernuda joined NetApp after a long career at Microsoft that included various leadership roles. Mr. Cernuda is non-executive director and chairman of the ESG committee at Gestamp, an international group dedicated to automotive components. He is also on the advisory boards of Georgetown University’s McDonough School of Business and the IESE Business School – University of Navarra. Mr. Cernuda is a graduate of the Harvard Business School Executive Leadership Program and the Program for Management Development at IESE Business School – University of Navarra, and he also completed the Leading Sustainable Corporations Programme at Oxford University’s Saïd Business School. He earned his bachelor’s degree in Business Administration from ESIC Business & Marketing School.

Michael J. Berry joined NetApp in March 2020 as executive vice president and chief financial officer, overseeing the worldwide finance, investor relations, security and IT organizations. Mr. Berry has served as a chief financial officer for 16 years in both public and private companies including McAfee, FireEye, Informatica, and SolarWinds. Most recently he was executive vice president and chief financial officer at McAfee where he was responsible for all aspects of finance, including financial planning, accounting, tax and treasury, as well as operations and shared services. Mr. Berry is a board member of Rapid7 and FinancialForce, holding the chair of the audit committee position at each company. Mr. Berry holds a BS degree in finance from Augsburg University and an MBA degree in finance from the University of St. Thomas.

Harvinder S. Bhela joined NetApp in January 2022 as executive vice president and chief product officer. He is responsible for leading NetApp’s product and engineering teams and building our storage and data services products. Before joining NetApp Mr. Bhela spent 25 years at Microsoft where he held multiple executive leadership positions. Most recently he served as corporate vice president of the Microsoft 365 Security, Compliance and Management business. Mr. Bhela holds a Bachelor of Engineering from the University of Mumbai and a Master of Science in Computer Science from the University of Minnesota.

Elizabeth M. O’Callahan was appointed executive vice president, chief legal officer, and corporate secretary in January 2022. Ms. O’Callahan joined NetApp in 2013, and prior to her appointment as chief legal officer, Ms. O’Callahan served as senior vice president and general counsel from May 2021 to December 2021, as vice president and deputy general counsel from May 2020 to April 2021, and as vice president, corporate legal from October 2013 to April 2020. Ms. O’Callahan has over 20 years of experience advising technology companies on a variety of matters, including corporate governance, securities law, mergers and acquisitions, capital markets transactions, corporate compliance and ethics, data privacy, intellectual property, and litigation. Before joining NetApp, Ms. O’Callahan served in a senior legal role at Xilinx (since acquired by AMD). She began her legal career in private practice in Silicon Valley specializing in corporate law and business litigation. Ms. O’Callahan holds a bachelor’s degree from the University of California at Los Angeles and a J.D. from Santa Clara University.

13

Additional Information

Our internet address is www.netapp.com. We make available through our internet website our annual reports on Form 10-K, quarterly reports on Form 10-Q, current reports on Form 8-K, amendments to those reports and other documents filed or furnished pursuant to the Exchange Act of 1934, as soon as reasonably practicable after we electronically file such materials with, or furnish them to, the SEC.

The SEC maintains an internet site (www.sec.gov) that contains reports, proxy and information statements, and other information regarding issuers that file electronically with the SEC.

14

Item 1A. Risk Factors

The information included elsewhere in this Annual Report on Form 10-K should be considered and understood in the context of the following risk factors, which describe circumstances that may materially harm our future business, operating results or financial condition. The following discussion reflects our current judgment regarding the most significant risks we face. These risks can and will change in the future.

Risks Related to Our Business and Industry

Our business may be harmed by technological trends in our market or if we are unable to keep pace with rapid industry, technological and market changes.

Our industry and the markets in which we compete have historically experienced significant growth due to the increase in the demand for storage and data management solutions by consumers, enterprises and governments around the world, and the purchases of storage and data management solutions to address this demand. The rise in cloud usage and commensurate spending is driving customers to search for cloud operations solutions to lower costs and speed development. Despite these growth drivers, our markets could be adversely impacted by customers delaying purchases in the face of technology transitions, increasing adoption of substitute products and/or services, increased storage efficiency, and/or changing economic and business environments. Additionally, customer requirements are evolving in the nascent cloud operations market, which could also adversely impact our opportunity. While customers are navigating through their information technology (IT) transformations, which leverage modern architectures and hybrid cloud environments, they are also looking for simpler solutions, and changing how they consume IT. This evolution is diverting spending towards transformational projects and architectures like flash, hybrid cloud, cloud storage, IT as a service, converged infrastructure, and software defined storage.

Our business may be adversely impacted if we are unable to keep pace with rapid industry, technological or market changes or if our Data Fabric strategy is not accepted in the marketplace. As a result of these and other factors discussed in this report, our revenue may decline on a year-over-year basis, as it did in fiscal years 2017 and 2020. The future impact of these trends on both short- and long-term growth patterns is uncertain. If the general historical rate of industry growth declines, if the growth rates of the specific markets in which we compete decline, and/or if the consumption model of storage changes and our new and existing products, services and solutions do not receive customer acceptance, our business, operating results, financial condition and cash flows could suffer.

If we are unable to develop, introduce and gain market acceptance for new products and services while managing the transition from older ones, or if we cannot provide the expected level of quality and support for our new products and services, our business, operating results, financial condition and cash flows could be harmed.

Our future growth depends upon the successful development and introduction of new hardware and software products and services. Due to the complexity of storage software, subsystems and appliances and the difficulty in gauging the engineering effort required to produce new products and services, such products and services are subject to significant technical and quality control risks.

If we are unable, for technological, customer reluctance or other reasons, to develop, introduce and gain market acceptance for new products and services, as and when required by the market and our customers, our business, operating results, financial condition and cash flows could be materially and adversely affected.

New or additional product introductions, including new software and cloud offerings, such as Astra by NetApp, cloud operations services including Spot by NetApp and Cloud Insights, and new hardware and all-flash storage products, including AFF A900, subject us to additional financial and operational risks, including our ability to forecast customer preferences and/or demand, our ability to successfully manage the transition from older products and solutions, our ability to forecast and manage the impact of customers’ demand for new products, services and solutions or the products being replaced, and our ability to manage production capacity to meet the demand for new products and services. In addition, as existing customers transition from older products and solutions to new software and cloud offerings, the transition could take longer than expected, or the customer could decide to delay the transition, either of which could result in non-renewal of the new offerings or affect our ability to manage and forecast customer churn and expansion rates for new software and cloud offerings, as we saw in the fourth quarter of fiscal 2022. As new or enhanced products and services are introduced, we must avoid excessive levels of older product inventories and related components and ensure that new products and services can be delivered to meet customers’ demands. Further risks inherent in the introduction of new products, services and solutions include the uncertainty of price-performance relative to products of competitors, competitors’ responses to the introductions, delays in sales caused by the desire of customers to evaluate new products for extended periods of time and our partners’ investment in selling our new products and solutions. If these risks are not managed effectively, we could experience material risks to our business, operating results, financial condition and cash flows.

15

As we enter new or emerging markets, we will likely increase demands on our service and support operations and may be exposed to additional competition. We may not be able to provide products, services and support to effectively compete for these market opportunities.

Our sales and distribution structure makes forecasting revenues difficult and, if disrupted, could harm our business, operating results, financial condition and cash flows.

Our business and sales models make revenues difficult to forecast. We sell to a variety of customers directly and through various channels, with a corresponding variety of sales cycles. The majority of our sales are made and/or fulfilled indirectly through channel partners, including value-added resellers, systems integrators, distributors, original equipment manufacturers (OEMs) and strategic business partners, which include public cloud providers. This structure significantly complicates our ability to forecast future revenue, especially within any particular fiscal quarter or year. Moreover, our relationships with our indirect channel partners and strategic business partners are critical to our success. The loss of one or more of our key indirect channel partners in a given geographic area or the failure of our channel or strategic partners to promote our products could harm our operating results. Qualifying and developing new indirect channel partners typically requires a significant investment of time and resources before acceptable levels of productivity are met. If we fail to maintain our relationships with our indirect channel partners and strategic partners, if their financial condition, business or customer relationships were to weaken, if they fail to comply with legal or regulatory requirements, or if we were to cease to do business with them for these or other reasons, our business, operating results, financial condition and cash flows could be harmed.

Increasing competition and industry consolidation could harm our business, operating results, financial condition and cash flows.

Our markets are intensely competitive and are characterized by fragmentation and rapidly changing technology. We compete with many companies in the markets we serve, including established public companies, newer public companies with a strong flash focus, and new market entrants addressing the growing opportunity for application data management for Kubernetes. Some offer a broad spectrum of IT products and services (full-stack vendors) and others offer a more limited set of products or services. Technology trends, such as the emergence of hosted or public cloud storage, SaaS and flash storage are driving significant changes in storage architectures and solution requirements. Cloud service provider competitors provide customers storage for their data centers on demand, without requiring a capital expenditure, which meets rapidly evolving business needs and has changed the competitive landscape. The impacts of the COVID-19 pandemic, including the increase in the number of employees working remotely, has accelerated customer adoption of competitors’ cloud solutions and contributed to increased competition in the market. We also now compete in the emerging cloud operations market, where growth is being driven by increased customer cloud usage and commensurate spend, but customer requirements are still evolving. There is no clear leader in this market.

Competitors may develop new technologies or products in advance of us or establish new business models, more flexible contracting models or new technologies disruptive to us. By extending our flash, cloud storage, converged infrastructure and cloud operations offerings, we are competing in new segments with both traditional competitors and new competitors, particularly smaller emerging storage and cloud operations vendors. The longer-term potential and competitiveness of these emerging vendors remains to be determined. In cloud and converged infrastructure, we also compete with large well-established competitors.

It is possible that new competitors or alliances among competitors might emerge and rapidly acquire significant market share or buying power. An increase in industry consolidation might result in stronger competitors that are better able to compete as full-stack vendors for customers and achieve increased economies of scale in the supply chain. In addition, current and potential competitors have established or might establish cooperative relationships among themselves or with third parties, including some of our partners or suppliers. For additional information regarding our competitors, see the section entitled “Competition” contained in Part I, Item 1 – Business of this Form 10-K.

Continuing uncertain economic and political conditions restrict our visibility and may harm our business, operating results, including our revenue growth and profitability, financial condition and cash flows.

Continuing global economic uncertainty, political conditions and fiscal challenges in the U.S. and abroad, such as inflation and potential economic recession, have, among other things, limited our ability to forecast future demand for our products, contributed to increased periodic volatility in the computer, storage and networking industries at large, as well as the IT market, impacted availability of supplies and could constrain future access to capital for our suppliers, customers and partners. The impacts of these circumstances are global and pervasive, and the timing and nature of any ultimate resolution of these matters remain highly uncertain. Adverse macroeconomic conditions, including inflation, slower growth or recession, new or increased tariffs or other barriers to global trade, changes to fiscal and monetary policy and higher interest rates, could materially adversely impact the demand for our products and our operating results. In particular, in fiscal 2022, we experienced inflationary pressure and other constraints in our supply chain. We are also unable to predict whether increased customer spending on our cloud offerings will continue after the COVID-19 pandemic. Consequently, these concerns have challenged our business and we expect them to continue to challenge our business for the

16

foreseeable future, which could cause harm to our operating results. Such conditions have resulted, and may in the future again result, in failure to meet our forecasted financial expectations and to achieve historical levels of revenue growth.

Transition to consumption-based business models may adversely affect our revenues and profitability in other areas of our business and as a result may harm our business, operating results, financial condition and cash flows.

We offer customers a full range of consumption models, including the deployment of our software through our subscription and cloud-based Software as a Service (SaaS), and utility pricing and managed services offerings for our hardware and software systems. These business models continue to evolve, and we may not be able to compete effectively, generate significant revenues or maintain the profitability of our consumption-based offerings. Additionally, the increasing prevalence of cloud and SaaS delivery models offered by us and our competitors may unfavorably impact the pricing of our on-premise hardware and software offerings and could have a dampening impact on overall demand for our on-premise hardware and software product and service offerings, which could reduce our revenues and profitability, at least in the near term. If we do not successfully execute our consumption model strategy or anticipate the needs of our customers, our revenues and profitability could decline.

As customer demand for our consumption model offerings increases, we will experience differences in the timing of revenue recognition between our traditional hardware and software license arrangements (for which revenue is generally recognized in full at the time of delivery), relative to our consumption model offerings (for which revenue is generally recognized ratably over the term of the arrangement). We incur certain expenses associated with the infrastructure and marketing of our consumption model offerings in advance of our ability to recognize the revenues associated with these offerings.

Due to the global nature of our business, risks inherent in our international operations could materially harm our business.

A significant portion of our operations are located, and a significant portion of our revenues are derived, outside of the U.S. In addition, most of our products are manufactured outside of the U.S., and we have research and development, sales and service centers overseas. Accordingly, our business and future operating results could be adversely impacted by factors affecting our international operations including, among other things, local political or economic conditions, trade protection and export and import requirements, tariffs, local labor conditions, transportation costs, government spending patterns, acts of terrorism, international conflicts and natural disasters in areas with limited infrastructure and adverse public health developments. In particular, the ongoing COVID-19 pandemic, including the unpredictable nature of variants globally, and ongoing trade tensions between the U.S. and China could impact our business and operating results. For products we manufacture in Mexico, tensions between the U.S. and Mexico related to trade and border security issues could delay our shipments to customers, or impact pricing or our business and operating results. As a result of Russia’s actions in the Ukraine, numerous countries and organizations have imposed sanctions and export controls, while businesses, including the Company, have limited or suspended Russian operations. Russia has likewise imposed currency restrictions and regulations and may further take retaliatory trade or other actions, including the nationalization of foreign businesses. These actions could impact our supply chain, pricing, business and operating results and expose us to cyberattacks. In addition, due to the global nature of our business, we are subject to complex legal and regulatory requirements in the U.S. and the foreign jurisdictions in which we operate and sell our products, including antitrust and anti-competition laws, rules and regulations, and regulations related to data privacy, data protection, and cybersecurity. We are also subject to the potential loss of proprietary information due to piracy, misappropriation, or laws that may be less protective of our intellectual property rights than U.S. laws. Such factors could have an adverse impact on our business, operating results, financial condition and cash flows.

We face exposure to adverse movements in foreign currency exchange rates as a result of our international operations. These exposures may change over time as business practices evolve, and they could have a material adverse impact on our operating results, financial condition and cash flows. We utilize forward and option contracts in an attempt to reduce the adverse earnings impact from the effect of exchange rate fluctuations on certain assets and liabilities. Our hedging strategies may not be successful, and currency exchange rate fluctuations could have a material adverse effect on our operating results and cash flows. In addition, our foreign currency exposure on assets, liabilities and cash flows that we do not hedge could have a material impact on our financial results in periods when the U.S. dollar significantly fluctuates in relation to foreign currencies.

Moreover, in many foreign countries, particularly in those with developing economies, it is common to engage in business practices that are prohibited by our internal policies and procedures, or U.S. laws and regulations applicable to us, such as the Foreign Corrupt Practices Act. There can be no assurance that all our employees, contractors and agents, as well as those companies to which we outsource certain of our business operations, will comply with these policies, procedures, laws and/or regulations. Any such violation could subject us to fines and other penalties, which could have a material adverse effect on our business, operating results, financial condition and cash flows.

Our acquisitions may not achieve expected benefits, and may increase our liabilities, disrupt our existing business and harm our operating results, financial condition and cash flows.

17

As part of our strategy, we seek to acquire other businesses and technologies to complement our current products, expand the breadth of our markets, or enhance our technical capabilities. For example, we acquired seven privately held companies from fiscal 2020 through the end of fiscal 2022. The benefits we have received, and expect to receive, from these and other acquisitions depend on our ability to successfully conduct due diligence, negotiate the terms of the acquisition and integrate the acquired business into our systems, procedures and organizational structure. Any inaccuracy in our acquisition assumptions or any failure to uncover or mitigate liabilities or risks associated with the acquisition, such as differing or inadequate cybersecurity and data privacy protection controls or contractual limitations of liability, make the acquisition on favorable terms, integrate the acquired business or assets as and when expected or retain key employees of the acquired company may reduce or eliminate the expected benefits of the acquisition to us, increase our costs, disrupt our operations, result in additional liabilities, investigations and litigation, and may also harm our strategy, our business and our operating results. The failure to achieve expected acquisition benefits may also result in impairment charges for goodwill and purchased intangible assets.

If we are unable to attract and retain qualified personnel, our business, operating results, financial condition and cash flows could be harmed.

Our continued success depends, in part, on our ability to hire and retain qualified personnel and to advance our corporate strategy and preserve the key aspects of our corporate culture. Because our future success is dependent on our ability to continue to enhance and introduce new products, we are particularly dependent on our ability to hire and retain qualified engineers, including in emerging areas of technology such as artificial intelligence and machine learning. In addition, to increase revenues, we will be required to increase the productivity of our sales force and support infrastructure to achieve adequate customer coverage. Competition for qualified employees, particularly in Silicon Valley, is intense. We have periodically reduced our workforce, including reductions announced in each of the fiscal years from 2019 through 2022, and these actions may make it more difficult to attract and retain qualified employees. Our inability to hire and retain qualified management and skilled personnel, particularly engineers, salespeople and key executive management, could disrupt our development efforts, sales results, business relationships and/or our ability to execute our business plan and strategy on a timely basis and could materially and adversely affect our operating results, financial condition and cash flows.

Equity grants are a critical component of our current compensation programs. If we reduce, modify or eliminate our equity programs or fail to grant equity competitively, we may have difficulty attracting and retaining critical employees.

In addition, because of the structure of our sales, cash and equity incentive compensation plans, we may be at increased risk of losing employees at certain times. For example, the retention value of our compensation plans decreases after the payment of periodic bonuses or the vesting of equity awards.

We often incur expenses before we receive related benefits, and expenses may be difficult to reduce quickly if demand declines.

We base our expense levels in part on future revenue expectations and a significant percentage of our expenses are fixed. It is difficult to reduce our fixed costs quickly, and if revenue levels are below our expectations, operating results could be adversely impacted. During periods of uneven growth or decline, we may incur costs before we realize the anticipated related benefits, which could also harm our operating results. We have made, and will continue to make, significant investments in engineering, sales, service and support, marketing and other functions to support and grow our business. We are likely to recognize the costs associated with these investments earlier than some of the related anticipated benefits, such as revenue growth, and the return on these investments may be lower, or may develop more slowly, than we expect, which could harm our business, operating results, financial condition and cash flows.

Initiatives intended to make our cost structure, business processes and systems more efficient may not achieve the expected benefits and could inadvertently have an adverse effect on our business, operating results, financial condition and cash flows.

We continuously seek to make our cost structure and business processes more efficient, including by moving our business activities from higher-cost to lower-cost locations, outsourcing certain business processes and functions, and implementing changes to our business information systems. These efforts involve a significant investment of financial and human resources and significant changes to our current operating processes. In addition, as we move operations into lower-cost jurisdictions and outsource certain business processes, we become subject to new regulatory regimes and lose control of certain aspects of our operations and, as a consequence, become more dependent upon the systems and business processes of third-parties. If we are unable to move our operations, outsource business processes and implement new business information systems in a manner that complies with local law and maintains adequate standards, controls and procedures, the quality of our products and services may suffer and we may be subject to increased litigation risk, either of which could have an adverse effect on our business, operating results and financial condition. Additionally, we may not achieve the expected benefits of these and other transformational initiatives, which could harm our business, operating results, financial condition and cash flows.

We are exposed to credit risks and our investment portfolio may experience fluctuations in market value or returns.

18

We maintain an investment portfolio of various holdings, types, and maturities. Credit ratings and pricing of our investments can be negatively affected by liquidity, credit deterioration, financial results, economic risk, political risk, sovereign risk or other factors. As a result, the value and liquidity of our investments and the returns thereon may fluctuate substantially. A resurgence of COVID-19, unfavorable macroeconomic conditions or other circumstances could result in an economic slowdown and possibly cause a global recession. An economic slowdown or increased regional or global economic uncertainty may lead to failures of counterparties, including financial institutions, governments and insurers, which could result in a material decline in the value of our investment portfolio and substantially reduce our investment returns.

Our goals and disclosures related to environmental, social and governance (ESG) matters expose us to risks that could adversely affect our reputation and performance.

We have established and publicly announced ESG goals, including our commitment to reducing our greenhouse gas emissions in accordance with a science-based target and increasing our representation of women in our global workforce and underrepresented minorities in our US workforce. These statements reflect our current plans and aspirations and are not guarantees that we will be able to achieve them. Our failure to accomplish or accurately track and report on these goals on a timely basis, or at all, could adversely affect our reputation, financial performance and growth, and expose us to increased scrutiny from the investment community as well as enforcement authorities.

Our ability to achieve any ESG objective is subject to numerous risks, many of which are outside of our control, including the changing regulatory requirements affecting ESG standards or disclosures, our ability to recruit, develop and retain diverse talent in our labor markets, the locations and usage of our products and the implications on their greenhouse gas emissions and the success of our organic growth and acquisitions.

Standards for tracking and reporting ESG matters continue to evolve. Our selection of voluntary disclosure frameworks and standards, and the interpretation or application of those frameworks and standards, may change from time to time or differ from those of others. This may result in a lack of consistent or meaningful comparative data from period to period or between the Company and other companies in the same industry. In addition, our processes and controls may not always comply with evolving standards for identifying, measuring and reporting ESG metrics, including ESG-related disclosures that may be required of public companies by the Securities and Exchange Commission, and such standards may change over time, which could result in significant revisions to our current goals, reported progress in achieving such goals, or ability to achieve such goals in the future.

If our ESG practices do not meet evolving investor or other stakeholder expectations and standards, then our reputation, our ability to attract or retain employees, and our attractiveness as an investment, business partner, acquiror or service provider could be negatively impacted. Further, our failure or perceived failure to pursue or fulfill our goals and objectives or to satisfy various reporting standards on a timely basis, or at all, could have similar negative impacts or expose us to government enforcement actions and private litigation.

Risks Related to Our Customers and Sales

A portion of our revenues is generated by large, recurring purchases from various customers, resellers and distributors. A loss, cancellation or delay in purchases by any of these parties has negatively affected our revenues in the past, and could negatively affect our revenues in the future.

A significant portion of our net revenues is generated through sales to a limited number of customers and distributors. We generally do not enter into binding purchase commitments with our customers, resellers and distributors for extended periods of time, and thus there is no guarantee we will continue to receive large, recurring orders from these customers, resellers or distributors. For example, our reseller agreements generally do not require minimum purchases, and our customers, resellers and distributors can stop purchasing and marketing our products at any time. In addition, unfavorable economic conditions may negatively impact the solvency of our customers, resellers and distributors or the ability of such customers, resellers and distributors to obtain credit to finance purchases of our products. If any of our key customers, resellers or distributors changes its pricing practices, reduces the size or frequency of its orders for our products, or stops purchasing our products altogether, our operating results, financial condition and cash flows could be materially adversely impacted.

If we are unable to maintain and develop relationships with strategic partners, our revenues may be harmed.

Our growth strategy includes developing and maintaining strategic partnerships with major third-party software and hardware vendors to integrate our products into their products and also co-market our products with them. A number of our strategic partners are industry leaders that offer us expanded access to segments in which do not directly participate. In particular, strategic partnerships with public cloud providers and other cloud service vendors are critical to the success of our cloud-based business. However, there is intense competition for attractive strategic partners, and these relationships may not be exclusive, may not generate significant revenues and may be terminated on short notice. For instance, some of our partners are also partnering with our competitors, which may increase the availability of competing solutions and harm our ability to grow our relationships with those partners. Moreover,

19

some of our partners, particularly large, more diversified technology companies, including major cloud providers, are also competitors, thereby complicating our relationships. If we are unable to establish new partnerships or maintain existing partnerships, if our strategic partners favor their relationships with other vendors in the storage industry or if our strategic partners increasingly compete with us, we could experience lower than expected revenues, suffer delays in product development, or experience other harm to our business, operating results, financial condition and cash flows.

Our success depends upon our ability to effectively plan and manage our resources and restructure our business in response to changing market conditions and market demand for our products, and such actions may have an adverse effect on our business, operating results, financial condition and cash flows.

Our ability to successfully offer our products and services in a rapidly evolving market requires an effective planning, forecasting, and management process to enable us to effectively scale and adjust our business in response to fluctuating market opportunities and conditions.

We recently reorganized our sales resources, which included changes and additions to our sales leadership team, to gain operational efficiencies and improve the alignment of our resources with customer and market opportunities. We expect to continue developing our sales organization and go-to-market model towards these goals throughout fiscal 2023. The reorganization of our sales resources, and ongoing evolution of our go-to-market model, could result in short or long-term disruption of our sales cycles, may not produce the efficiencies and benefits desired, and could harm our operating results, financial condition and cash flows.

We may in the future undertake initiatives that could include reorganizing our workforce, restructuring, disposing of, and/or otherwise discontinuing certain products, or a combination of these actions. Rapid changes in the size, alignment or organization of our workforce, including our business unit structure and sales account coverage, could adversely affect our ability to develop, sell and deliver products and services as planned or impair our ability to realize our current or future business and financial objectives. Any decision to take these actions may result in charges to earnings associated with, among other things, inventory or other fixed, intangible or goodwill asset reductions (including, without limitation, impairment charges), workforce and facility reductions and penalties and claims from third-party resellers or users of discontinued products. Charges associated with these activities could harm our operating results. In addition to the costs associated with these activities, we may not realize any of the anticipated benefits of the underlying restructuring activities.

Reduced U.S. government demand could materially harm our business, operating results, financial condition and cash flows. In addition, we could be harmed by claims that we have or a channel partner has failed to comply with regulatory and contractual requirements applicable to sales to the U.S. government.

The U.S. government is an important customer for us. However, government demand is uncertain, as it is subject to political and budgetary fluctuations and constraints. Events such as the U.S. federal government shutdown from December 2018 to January 2019 and continued uncertainty regarding the U.S. budget and debt levels have increased demand uncertainty for our products. In addition, like other customers, the U.S. government may evaluate competing products and delay purchasing in the face of the technology transitions taking place in the storage industry. If the U.S. government or an individual agency or multiple agencies within the U.S. government continue to reduce or shift their IT spending patterns, our operating results, including revenues may be harmed.

Selling our products to the U.S. government, whether directly or through channel partners, also subjects us to certain regulatory and contractual requirements. Failure to comply with these requirements by either us or our channel partners could subject us to investigations, fines, and other penalties, which could materially harm our operating results and financial condition. As an example, the United States Department of Justice (DOJ) and the General Services Administration (GSA) have in the past pursued claims against and financial settlements with IT vendors, including us and several of our competitors and channel partners, under the False Claims Act and other statutes related to pricing and discount practices and compliance with certain provisions of GSA contracts for sales to the federal government. Although the DOJ and GSA currently have no claims pending against us, we could face claims in the future. Violations of certain regulatory and contractual requirements, including with respect to data security, affirmative action program requirements, or COVID-19 vaccine mandates could also result in us being suspended or debarred from future government contracting. Any of these outcomes could have a material adverse effect on our business, operating results, financial condition and cash flows.

In response to increasing cybersecurity threats, the U.S. government has subjected IT vendors, including us, to certain additional requirements. As an example, the Executive Order on Improving the Nation’s Cybersecurity (EO 14028), released in May 2021, outlines a one-year plan to address the U.S. government’s software supply chain security for “critical software.” While the potential impact of the Executive Order is still being monitored, we could be categorized as a provider of critical software, which may increase our compliance costs and delay or prevent our ability to execute contracts with customers, including in particular with government entities.

20

If we do not achieve forecasted sales orders in any quarter, our operating results, financial condition and cash flows could be harmed.

We derive a majority of our revenues in any given quarter from orders booked in the same quarter. Orders typically follow intra-quarter seasonality patterns weighted toward the back end of the quarter. If we do not achieve the level, timing and mix of orders consistent with our quarterly targets and historical patterns, or if we experience cancellations of significant orders, our operating results, financial condition and cash flows could be harmed.

Our gross margins may vary.

Our gross margins reflect a variety of factors, including competitive pricing, component and product design, and the volume and relative mix of revenues from product, software support, hardware support and other services offerings. Increased component costs, increased pricing and discounting pressures, the relative and varying rates of increases or decreases in component costs and product prices, or changes in the mix of revenue or decreased volume from product, software support, hardware support and other services offerings could harm our revenues, gross margins or earnings. Our gross margins are also impacted by the cost of any materials that are of poor quality and our sales and distribution activities, including, without limitation, pricing actions, rebates, sales initiatives and discount levels, and the timing of service contract renewals.

The costs of third-party components comprise a significant portion of our product costs. While we generally have been able to manage our component and product design costs, we may have difficulty managing these costs if supplies of certain components become limited or component prices increase. Any such limitation could result in an increase in our product costs. An increase in component or design costs relative to our product prices could harm our gross margins and earnings.

We are exposed to the credit and non-payment risk of our customers, resellers and distributors, especially during times of economic uncertainty and tight credit markets, which could result in material losses.

Most of our sales to customers are on an open credit basis, with typical payment terms of 30 days. We may experience increased losses as potentially more customers are unable to pay all or a portion of their obligations to us, particularly in the current environment when access to sources of liquidity may be limited as a result of the global COVID-19 pandemic. Beyond our open credit arrangements, some of our customers have entered into recourse and non-recourse financing leasing arrangements using third-party leasing companies. Under the terms of recourse leases, which are generally three years or less, we remain liable for the aggregate unpaid remaining lease payments to the third-party leasing companies in the event of end-user customer default. During periods of economic uncertainty, our exposure to credit risks from our customers increases. In addition, our exposure to credit risks of our customers may increase further if our customers and their customers or their lease financing sources are adversely affected by global economic conditions.

Risks Related to Our Products and Services

Any disruption to our supply chain could materially harm our business, operating results, financial condition and cash flows.

We do not manufacture certain components used in our products. We rely on third parties to manufacture critical components, such as disk drives, as well as for associated logistics. Our lack of direct responsibility for, and control over, these elements of our business, as well as the diverse international geographic locations of our manufacturing partners and suppliers, creates significant risks for us, including, among other things:

21

Such risks have subjected us, and could in the future subject us, to supply constraints, price increases and minimum purchase requirements and our business, operating results, financial condition and cash flows could be harmed. For example, the current global shortage of critical product components has caused us to experience increased prices and extended lead times for certain critical components, such as semiconductors. The shortage could reduce our flexibility to react to product mix changes and disrupt our production schedule. The risks associated with our outsourced manufacturing model are particularly acute when we transition products to new facilities or manufacturers, introduce and increase volumes of new products or qualify new contract manufacturers or suppliers, at which times our ability to manage the relationships among us, our manufacturing partners and our component suppliers, becomes critical. New manufacturers, products, components or facilities create increased costs and risk that we will fail to deliver high quality products in the required volumes to our customers. Any failure of a manufacturer or component supplier to meet our quality, quantity or delivery requirements in a cost-effective manner will harm our business, including customer relationships and as a result could harm our operating results, financial condition and cash flows.

We rely on a limited number of suppliers for critical product components.

We rely on a limited number of suppliers for drives and other components utilized in the assembly of our products, including certain single source suppliers, which has subjected us, and could in the future subject us, to price rigidity, periodic supply constraints, and the inability to produce our products with the quality and in the quantities demanded. Consolidation among suppliers, particularly within the semiconductor and disk drive industries, has contributed to price rigidity and supply constraints. When industry supply is constrained, or the supply chain is disrupted, as it has been as a result of the COVID-19 pandemic, our suppliers may allocate volumes away from us and to our competitors, all of which rely on many of the same suppliers as we do. Accordingly, our business, operating results, financial condition and cash flows may be harmed.

If a material cybersecurity or other security breach occurs on our systems, within our supply chain, or on our end-user customer systems, or if stored data is improperly accessed, customers may reduce or cease using our solutions, our reputation may be harmed and we may incur significant liabilities.

We store and transmit, and sell products and services that store and transmit, personal, sensitive and proprietary data related to our products, our employees, customers, clients and partners (including third-party vendors such as data centers and providers of SaaS, cloud computing, and internet infrastructure and bandwidth), and their respective customers, including intellectual property, books of record and personal information. It is critical to our business strategy that our infrastructure, products and services remain secure and are perceived by customers, clients and partners to be secure. There are numerous and evolving risks to cybersecurity and privacy, including criminal hackers, state-sponsored intrusions, industrial espionage, human error and technological vulnerabilities. Material cybersecurity incidents or other security breaches could result in (1) unauthorized access to, or loss or unauthorized use, alteration, or disclosure of, such information; (2) litigation, indemnity obligations, government investigations and proceedings, and other possible liabilities; (3) negative publicity; and (4) disruptions to our internal and external operations. Any of these could damage our reputation and public perception of the security and reliability of our products, as well as harm our business and cause us to incur significant liabilities. In addition, a material cybersecurity incident or loss of personal information, or other material security breach could result in other negative consequences, including remediation costs, disruption of internal operations, increased cybersecurity protection costs and lost revenues.

Our clients and customers use our platforms for the transmission and storage of sensitive data. We do not review the information or content that our clients and their customers upload and store, and, therefore, we have no direct control over the substance of the information or content stored within our platforms. If our employees, or our clients, partners or their respective customers use our platforms for the transmission or storage of personal or other sensitive information or our supply chain cybersecurity is compromised and our security measures are breached as a result of third-party action, employee error, malfeasance, stolen or fraudulently obtained log-in credentials or otherwise, our reputation could be damaged, our business may be harmed and we could incur significant liabilities.

High-profile cyberattacks and security breaches have increased in recent years, with the potential for such acts heightened as a result of geopolitical activities and the number of employees working remotely due to COVID-19. Security industry experts and government officials have warned about the risks of hackers and cyberattacks targeting IT products and businesses. In this regard, the U.S. government has reported that U.S. sanctions against Russia in response to the war in Ukraine could lead to an increased threat of cyberattacks against U.S. companies. Because techniques used to obtain unauthorized access or to sabotage systems change frequently and often are not recognized until launched against a target, we may be unable to anticipate these techniques or to implement adequate preventative measures. As we continue to increase our client base and expand our brand, we may become more of a target for third parties seeking to compromise our security systems and we anticipate that hacking attempts and cyberattacks will increase in the future. We cannot give assurance that we will always be successful in preventing or repelling unauthorized access to our systems. We also may face delays in our ability to identify or otherwise respond to any cybersecurity incident or any other breach. Additionally, we

22

use third-party service providers to provide some services to us that involve the storage or transmission of data, such as SaaS, cloud computing, and internet infrastructure and bandwidth, and they face various cybersecurity threats and also may suffer cybersecurity incidents or other security breaches.

Many jurisdictions have enacted or are enacting laws requiring companies to notify regulators or individuals of data security incidents involving certain types of personal data. These mandatory disclosures regarding security incidents often lead to widespread negative publicity. Moreover, the risk of reputational harm may be magnified and/or distorted through the rapid dissemination of information over the internet, including through news articles, blogs, social media, and other online communication forums and services. Any security incident, loss of data, or other security breach, whether actual or perceived, or whether impacting us or our third-party service providers, could harm our reputation, erode customer confidence in the effectiveness of our data security measures, negatively impact our ability to attract new customers, cause existing customers to elect not to renew their support contracts or their SaaS subscriptions, or subject us to third-party lawsuits, regulatory fines or other action or liability, which could materially and adversely affect our business and operating results.

There can be no assurance that the limitations of liability in our contracts would be enforceable or adequate or would otherwise protect us from any such liabilities or damages with respect to any particular claim. Our existing general liability insurance coverage and coverage for errors and omissions may not continue to be available on acceptable terms or may not be available in sufficient amounts to cover one or more large claims, or our insurers may deny coverage as to any future claim. The successful assertion of one or more large claims against us that exceeds available insurance coverage, or the occurrence of changes in our insurance policies, including premium increases or the imposition of large deductible or co-insurance requirements, could have a material adverse effect on our business, operating results, financial condition and cash flows.

If a data center or other third-party who relies on our products experiences a disruption in service or a loss of data, such disruption could be attributed to the quality of our products, thereby causing financial or reputational harm to our business.

Our clients, including data centers, SaaS, cloud computing and internet infrastructure and bandwidth providers, rely on our products for their data storage needs. Our clients may authorize third-party technology providers to access their data on our systems. Because we do not control the transmissions between our clients, their customers, and third-party technology providers, or the processing of such data by third-party technology providers, we cannot ensure the complete integrity or security of such transmissions or processing. Errors or wrongdoing by clients, their customers, or third-party technology providers resulting in actual or perceived security breaches may result in such actual or perceived breaches being attributed to us.

A failure or inability to meet our clients’ expectations with respect to security and confidentiality through a disruption in the services provided by these third-party vendors, or the loss or alteration of data stored by such vendors, could result in financial or reputational harm to our business to the extent that such disruption or loss is caused by, or perceived by our customers to have been caused by, defects in our products. Moreover, the risk of reputational harm may be magnified and/or distorted through the rapid dissemination of information over the internet, including through news articles, blogs, social media, and other online communication forums and services. This may affect our ability to retain clients and attract new business.

Failure to comply with new and existing laws and regulations relating to privacy, data protection, and information security could cause harm to our reputation, result in liability and adversely impact our business.

Our business is subject to increasing regulation by various federal, state and international governmental agencies responsible for enacting and enforcing laws and regulations relating to privacy, data protection, and information security. For example, since the effective date of the EU’s General Data Privacy Regulation in 2018, the Court of Justice of the European Union has issued rulings that have impacted how multinational companies must implement that law and the European Commission (EC) has published new regulatory requirements relating to cross-border data transfers applicable to multinational companies like NetApp. NetApp relies on a variety of compliance methods to transfer personal data of European Economic Area (EEA) individuals to other countries, including Binding Corporate Rules and Standard Contractual Clauses (SCCs). In June 2021, the EC imposed new SCC requirements which impose certain contract and operational requirements on NetApp and its contracting parties, including requirements related to government access transparency, enhanced data subject rights, and broader third-party assessments to ensure safeguards necessary to protect personal data transferred from NetApp or its partners to countries outside the EEA. To the extent NetApp relies on SCCs, such engagements will require new contractual arrangements under the updated requirements to avoid limitations on NetApp’s ability to process EEA data in countries outside of the EEA. In addition to the EU’s General Data Privacy Regulation, other global governments have adopted new privacy and data protection laws. In particular, the UK’s exit from the EU has resulted in a parallel comprehensive privacy law known as the UK General Data Protection Regulation, which is similarly supplemented by other domestic data protection laws, such as the UK Data Protection Act 2018.

The rapidly evolving regulatory framework in this area is likely to remain uncertain for the foreseeable future. In addition, changes in the interpretation and enforcement of existing laws and regulations could impact our business operations and those of our partners, vendors and customers. Customers, privacy advocates and industry groups also may propose new and different

23

self-regulatory standards or standards of care that may legally or contractually apply to us, and these standards may be subject to change. These factors create uncertainty and we cannot yet determine the impact such future laws, regulations and standards, or changes to such laws, regulations, or standards, or to their interpretation or enforcement, may have on our business or the businesses of our partners, vendors and customers. In addition, changes in the interpretation of existing laws and regulations could impact our business operations and those of our partners, vendors and customers.

Because the interpretation and application of many laws and regulations relating to privacy, data protection and information security, along with industry standards, are uncertain, it is possible that relevant laws, regulations, or standards may be interpreted and applied in manners that are, or are alleged to be, inconsistent with our data management practices or the features of our products. Any failure, or perceived failure, by us or our business partners to comply with federal, state or international laws and regulations relating to privacy, data protection, and information security, commitments relating to privacy, data protection, and information security contained in our contracts, self-regulatory standards that apply to us or that third parties assert are applicable to us, or our policies or notices we post or make available could subject us to claims, investigations, sanctions, enforcement actions and other proceedings, disgorgement of profits, fines, damages, civil and criminal liability, penalties or injunctions.

Additionally, as a technology provider, our customers expect that we can demonstrate compliance with laws and regulations relating to privacy, data protection, and information security, and our inability or perceived inability to do so may adversely impact sales of our products and services, particularly to customers in highly-regulated industries. We have invested company resources in complying with new laws, regulations, and other obligations relating to privacy, data protection, and information security, and we may be required to make additional, significant changes in our business operations, all of which may adversely affect our revenue and our business overall. As a result of any inability to comply with such laws and regulations, our reputation and brand may be harmed, we could incur significant costs, and financial and operating results could be materially adversely affected, and we could be required to modify or change our products or our business practices, any of which could have an adverse effect on our business. Our business could be subject to stricter obligations, greater fines and private causes of action, including class actions, under the enactment of new laws and regulations relating to privacy, data protection, and information security, including but not limited to, the European Union General Data Protection Regulation, which provides for penalties of up to 20 million Euros or four percent of our annual global revenues, UK General Data Protection Regulation, which provides for penalties up to 15 million Pounds or four percent of our annual global revenue, the California Consumer Privacy Act and the California Privacy Rights Act, and other U.S. state-based regulation.

If our products or services are defective, or are perceived to be defective as a result of improper use or maintenance, our operating results, including gross margins, and customer relationships may be harmed.

Our products and services are complex. We have experienced in the past, and expect to experience in the future, quality issues impacting certain products, and in the future, we could experience reliability issues with services we provide. Such quality and reliability issues may be due to, for example, our own designs or processes, the designs or processes of our suppliers, and/or flaws in third-party software used in our products. These types of risks are most acute when we are introducing new products. Quality or reliability issues have and could again in the future cause customers to experience outages or disruptions in service, data loss or data corruption. If we fail to remedy a product defect or flaw, we may experience a failure of a product line, temporary or permanent withdrawal from a product or market, damage to our reputation, loss of revenue, inventory costs or product reengineering expenses and higher ongoing warranty and service costs, and these occurrences could have a material impact on our gross margins, business and operating results. In addition, we exercise little control over how our customers use or maintain our products and services, and in some cases improper usage or maintenance could impair the performance of our products and services, which could lead to a perception of a quality or reliability issue. Customers may experience losses that may result from or are alleged to result from defects or flaws in our products and services, which could subject us to claims for damages, including consequential damages.

Changes in regulations relating to our products or their components, or the manufacture, sourcing, distribution or use thereof, may harm our business, operating results financial condition and cash flows.

The laws and regulations governing the manufacturing, sourcing, distribution and use of our products have become more complex and stringent over time. For example, in addition to various environmental laws relating to carbon emissions, the use and discharge of hazardous materials and the use of certain minerals originating from identified conflict zones, many governments, including the U.S., the United Kingdom and Australia, have adopted regulations concerning the risk of human trafficking in supply chains which govern how workers are recruited and managed. We incur costs to comply with the requirements of such laws. Further, since our supply chain is complex, we may face reputational harm if our customers or other stakeholders conclude that we are unable to verify sufficiently the origins of the minerals used in the products we sell or the actions of our suppliers with respect to workers. As the laws and regulations governing our products continue to expand and change, our costs are likely to rise, and the failure to comply with any such laws and regulations could subject us to business interruptions, litigation risks and reputational harm.

Some of our products are subject to U.S. export control laws and other laws affecting the countries in which our products and services may be sold, distributed, or delivered, and any violation of these laws could have a material and adverse effect on our business, operating results, financial condition and cash flows.

24

Due to the global nature of our business, we are subject to import and export restrictions and regulations, including the Export Administration Regulations administered by the Commerce Department’s Bureau of Industry and Security (BIS) and the trade and economic sanctions regulations administered by the Treasury Department’s Office of Foreign Assets Control (OFAC). The U.S., through the BIS and OFAC, places restrictions on the sale or export of certain products and services to certain countries and persons, including most recently to Russia, Belarus and portions of Ukraine. These regulations have caused the Company to stop selling or servicing our products temporarily in restricted areas, such as Russia, Belarus and portions of Ukraine. The BIS and OFAC have also placed restrictions on dealing with certain "blocked” entities, such as Russia’s federal security service (FSB), including the Company’s filing of notifications to the FSB for exporting certain products to Russia. Violators of these export control and sanctions laws may be subject to significant penalties, which may include significant monetary fines, criminal proceedings against them and their officers and employees, a denial of export privileges, and suspension or debarment from selling products to the federal government. Our products could be shipped to those targets by third parties, including potentially our channel partners, despite our precautions.

If we were ever found to have violated U.S. export control laws, we may be subject to various penalties available under the laws, any of which could have a material and adverse impact on our business, operating results and financial condition. Even if we were not found to have violated such laws, the political and media scrutiny surrounding any governmental investigation of us could cause us significant expense and reputational harm. Such collateral consequences could have a material adverse impact on our business, operating results, financial condition and cash flows.

Our failure to protect our intellectual property could harm our business, operating results, financial condition and cash flows.

Our success depends significantly upon developing, maintaining and protecting our proprietary technology. We rely on a combination of patents, copyrights, trademarks, trade secrets, confidentiality procedures and contractual provisions with employees, resellers, strategic partners and customers, to protect our proprietary rights. We currently have multiple U.S. and international patent applications pending and multiple U.S. and international patents issued. The pending applications may not be approved, and our existing and future patents may be challenged. If such challenges are brought, the patents may be invalidated. We may not be able to develop proprietary products or technologies that are patentable, and patents issued to us may not provide us with any competitive advantages and may be challenged by third parties. Further, the patents of others may materially and adversely affect our ability to do business. In addition, a failure to obtain and defend our trademark registrations may impede our marketing and branding efforts and competitive condition. Litigation may be necessary to protect our proprietary technology. Any such litigation may be time-consuming and costly. Despite our efforts to protect our proprietary rights, unauthorized parties may attempt to copy aspects of our products or obtain and use information that we regard as proprietary. In addition, the laws of some foreign countries do not protect proprietary rights to as great an extent as do the laws of the U.S. Our means of protecting our proprietary rights may not be adequate or our competitors may independently develop similar technology, duplicate our products, or design around patents issued to us or other intellectual property rights of ours. In addition, while we train employees in confidentiality practices and include terms in our employee and consultant agreements to protect our intellectual property, there is persistent risk that some individuals will improperly take our intellectual property after terminating their employment or other engagements with us, which could lead to intellectual property leakage to competitors and a loss of our competitive advantages.

We may be found to infringe on intellectual property rights of others.

We compete in markets in which intellectual property infringement claims arise in the normal course of business. Third parties have, from time to time, asserted intellectual property-related claims against us, including claims for alleged patent infringement brought by non-practicing entities. Such claims may be made against our products and services, our customers’ use of our products and services, or a combination of our products and third-party products. We also may be subject to claims and indemnification obligations from customers and resellers with respect to third-party intellectual property rights pursuant to our agreements with them. If we refuse to indemnify or defend such claims, even in situations in which the third-party’s allegations are meritless, then customers and resellers may refuse to do business with us.

Patent litigation is particularly common in our industry. We have been, and continue to be, in active patent litigations with non-practicing entities. While we vigorously defend our ability to compete in the marketplace, there is no guarantee that, in patent or other types of intellectual property litigation, we will prevail at trial or be able to settle at a reasonable cost. If a judge or jury were to find that our products infringe, we could be required to pay significant monetary damages and be subject to an injunction that could cause product shipment delays, require us to redesign our products, affect our ability to supply or service our customers, and/or require us to enter into compulsory royalty or licensing agreements.

We expect that companies in the enterprise storage and data management, cloud storage and cloud operations markets will increasingly be subject to infringement claims as the number of products and competitors in our industry segment grows and the functionality of products in different industry segments overlaps. Any such claims, and any such infringement claims discussed above, could be time consuming, result in costly litigation, cause suspension of product shipments or product shipment delays, require us to redesign our products, or require us to enter into royalty or licensing agreements, any of which could materially and adversely affect

25

our operating results, financial condition and cash flows. Such royalty or licensing agreements, if required, may not be available on terms acceptable to us or at all.

We rely on software from third parties, and a failure to properly manage our use of third-party software could result in increased costs or loss of revenue.

Many of our products are designed to include software licensed from third parties. Such third-party software includes software licensed from commercial suppliers and software licensed under public open source licenses. We have internal processes to manage our use of such third-party software. However, if we fail to adequately manage our use of third-party software, then we may be subject to copyright infringement or other third-party claims. If we are non-compliant with a license for commercial software, then we may be required to pay penalties or undergo costly audits pursuant to the license agreement. In the case of open-source software licensed under certain “copyleft” licenses, the license itself may require, or a court-imposed remedy for non-compliant use of the open source software may require, that proprietary portions of our own software be publicly disclosed or licensed. This could result in a loss of intellectual property rights, increased costs, damage to our reputation and/or a loss of revenue.

In addition, many of our products use open-source software. Such open-source software generally does not provide any warranty or contractual protection, and may be susceptible to attack from bad actors. Further, open-source software may contain vulnerabilities, which may or may not be known at the time of our inclusion of the software in a product. If a vulnerability in such software is successfully exploited, we could be subject to damages including remediation costs, reputational damage and lost revenues.

Our failure to adjust to emerging standards may harm our business.

Emerging standards may adversely affect the UNIX®, Windows® and World Wide Web server markets upon which we depend. For example, we provide our open access data retention solutions to customers within the financial services, healthcare, pharmaceutical and government market segments, industries that are subject to various evolving governmental regulations with respect to data access, reliability and permanence in the U.S. and in the other countries in which we operate. If our products do not meet and continue to comply with these evolving governmental regulations in this regard, customers in these market and geographical segments will not purchase our products, and we may not be able to expand our product offerings in these market and geographical segments at the rates which we have forecasted.

Risks Related to Our Securities

Our stock price is subject to volatility.

Our stock price is subject to changes in recommendations or earnings estimates by financial analysts, changes in investors' or analysts' valuation measures for our stock, changes in our capital structure, including issuance of additional debt, changes in our credit ratings, our ability to pay dividends and to continue to execute our stock repurchase program as planned and market trends unrelated to our performance.

Our ability to pay quarterly dividends and to continue to execute our stock repurchase program as planned will be subject to, among other things, our financial condition and operating results, available cash and cash flows in the U.S., capital requirements, and other factors. Future dividends are subject to declaration by our Board of Directors, and our stock repurchase program does not obligate us to acquire any specific number of shares. However, if we fail to meet any investor expectations related to dividends and/or stock repurchases, the market price of our stock could decline significantly, and could have a material adverse impact on investor confidence. Additionally, price volatility of our stock over a given period may cause the average price at which we repurchase our own stock to exceed the stock’s market price at a given point in time.

Furthermore, speculation in the press or investment community about our strategic position, financial condition, results of operations or business can cause changes in our stock price. These factors, as well as general economic and political conditions and the timing of announcements in the public market regarding new products or services, product enhancements or technological advances by our competitors or us, and any announcements by us of acquisitions, major transactions, or management changes may adversely affect our stock price.

Our quarterly operating results may fluctuate materially, which could harm our common stock price.

Our operating results have fluctuated in the past and will continue to do so, sometimes materially. All of the matters discussed in this Risk Factors section could impact our operating results in any fiscal quarter or year. In addition to those matters, we face the following issues, which could impact our quarterly results:

26

If our operating results fall below our forecasts and the expectations of public market analysts and investors, the trading price of our common stock may decline.

There are risks associated with our outstanding and future indebtedness.

As of April 29, 2022, we had $2.7 billion aggregate principal amount of outstanding indebtedness for our senior notes that mature at specific dates in calendar years 2022, 2024, 2025, 2027 and 2030. We may incur additional indebtedness in the future under existing credit facilities and/or enter into new financing arrangements. We may fail to pay these or additional future obligations, as and when required. Specifically, if we are unable to generate sufficient cash flows from operations or to borrow sufficient funds in the future to service or refinance our debt, our business, operating results, financial condition and cash flows will be harmed. Any downgrades from credit rating agencies such as Moody’s Investors Service or Standard & Poor’s Rating Services may adversely impact our ability to obtain additional financing or the terms of such financing and reduce the market capacity for our commercial paper. Furthermore, if prevailing interest rates or other factors result in higher interest rates upon any potential future financing, then interest expense related to the refinance indebtedness would increase.

In addition, all our debt and credit facility arrangements subject us to continued compliance with restrictive and financial covenants. If we do not comply with these covenants or otherwise default under the arrangements, we may be required to repay any outstanding amounts borrowed under these agreements. Moreover, compliance with these covenants may restrict our strategic or operational flexibility in the future, which could harm our business, operating results, financial condition and cash flows.

General Risks

We are unable to predict the extent to which the global COVID-19 pandemic may adversely impact our business, operating results, financial condition, and cash flows.

The COVID-19 pandemic and efforts to control its spread have significantly curtailed the movement of people, goods and services worldwide, including in most or all of the regions in which we sell our products and services and conduct our business operations. We have taken precautionary measures intended to minimize the risk of the virus to our employees, our customers, and the communities in which we operate such as India, including office closures and working remotely for the vast majority of employees, all of which could negatively impact our business. The magnitude and duration of the disruption and resulting decline in business activity is uncertain and has limited our ability to forecast future demand for our products and services as well as the timing of future supply of product components. The COVID-19 pandemic and its uneven recovery have adversely affected, and we expect may continue to adversely affect, our business in a variety of ways, including by negatively impacting the demand for our products and services, and our ability to build and convert our sales pipeline (including delayed and deferred purchases); restricting our sales, marketing and distribution efforts; disrupting our supply chain, including delaying delivery and increasing the cost of critical product components, and our ability to deliver product to customers; and constraining business operations, research and development capabilities, engineering, design and manufacturing processes and other important business activities, including in India. In addition, the COVID-19 pandemic has disrupted the operations of our suppliers, customers and partners for an indefinite period of time, including as a result of travel restrictions and/or business shutdowns and limited access to capital markets, all of which have and may continue to negatively impact our business and results of operations, including cash flows. Accordingly, we expect the COVID-19 pandemic to have a negative impact on our future sales and results of operations, the magnitude and duration of which we are unable to predict. Additionally, concerns over the economic impact of COVID-19 pandemic have caused extreme volatility in financial and other capital markets, which volatility has and may continue to adversely impact our stock price and could impact our ability to access capital markets. More generally, the COVID-19 pandemic has adversely affected economies and financial markets globally, potentially leading to a prolonged economic downturn, which could decrease technology spending and adversely affect demand for our offerings and harm our business and results of operations for an extended period of time. To the extent that the COVID-19 pandemic adversely affects our business and financial results, it may also have the effect of heightening many of the other risks described in this “Risk Factors” section and those incorporated by reference herein, such as those relating to our products and services, financial performance, credit rating and debt obligations.

Our business could be materially and adversely affected as a result of natural disasters, terrorist acts or other catastrophic events.

We depend on the ability of our personnel, inventories, equipment and products to move reasonably unimpeded around the world. Any political, military, terrorism, global trade, world health or other issue that hinders this movement or restricts the import or export

27

of materials could lead to significant business disruptions. For example, the ongoing COVID-19 pandemic is impeding the mobility of our personnel, inventories, equipment and products and disrupting our business operations. Furthermore, any economic failure or other material disruption caused by natural disasters, including fires, floods, droughts, hurricanes, earthquakes, and volcanoes; power loss or shortages; environmental disasters; telecommunications or business information systems failures or break-ins and similar events could also adversely affect our ability to conduct business. As a result of climate change, we expect the frequency and impact of such natural disasters or other material disruptions to increase. If such disruptions result in cancellations of customer orders or contribute to a general decrease in economic activity or corporate spending on IT, or directly impact our marketing, manufacturing, financial and logistics functions, or impair our ability to meet our customer demands, our operating results and financial condition could be materially adversely affected. Our headquarters is located in Northern California, an area susceptible to earthquakes and wildfires. If any significant disaster were to occur there, our ability to operate our business and our operating results, financial condition and cash flows could be adversely impacted.

We could be subject to additional income tax liabilities.

Our effective tax rate is influenced by a variety of factors, many of which are outside of our control. These factors include among other things, fluctuations in our earnings and financial results in the various countries and states in which we do business, changes to the tax laws in such jurisdictions and the outcome of income tax audits. Changes to any of these factors could materially impact our operating results, financial condition and cash flows.

We receive significant tax benefits from sales to our non-U.S. customers. These benefits are contingent upon existing tax laws and regulations in the U.S. and in the countries in which our international operations are located. Future changes in domestic or international tax laws and regulations or a change in how we manage our international operations could adversely affect our ability to continue realizing these tax benefits.

Many countries around the world are beginning to implement legislation and other guidance to align their international tax rules with the Organisation for Economic Co-operation and Development’s Base Erosion and Profit Shifting recommendations and related action plans that aim to standardize and modernize global corporate tax policy, including changes to cross-border tax, transfer-pricing documentation rules and nexus-based tax incentive practices. As a result, many of these changes, if enacted in whole or in part, could increase our worldwide effective tax rate and harm our operating result, financial condition and cash flows.

Our effective tax rate could also be adversely affected by changes in tax laws and regulations and interpretations of such laws and regulations, which in turn would negatively impact our earnings and cash and cash equivalent balances we currently maintain. Additionally, our effective tax rate could also be adversely affected if there is a change in international operations, our tax structure and how our operations are managed and structured, and as a result, we could experience harm to our operating results and financial condition. Beginning in our fiscal 2023, the Tax Cuts and Jobs Act of 2017 (TCJA) eliminates the option to deduct research and development expenditures currently and requires taxpayers to amortize them pursuant to IRC Section 174. Although Congress is considering legislation that would defer the amortization requirement to later years, we have no assurance that the provision will be repealed or otherwise modified. If the requirement is not modified, it will materially increase our effective tax rate. Changes in U.S. corporate tax law are currently being considered by the U.S. Congress and if certain of these proposals are ultimately enacted into legislation, they could materially impact our operations and financial results.

We are routinely subject to income tax audits in the U.S. and several foreign tax jurisdictions. If the ultimate determination of income taxes or at-source withholding taxes assessed under these audits results in amounts in excess of the tax provision we have recorded or reserved for, our operating results, financial condition and cash flows could be adversely affected.

28

Item 1B. Unresolved Staff Comments

Not applicable.

Item 2. Properties

We owned or leased, domestically and internationally, the following properties as of April 29, 2022.

We own approximately 0.8 million square feet of facilities in Research Triangle Park (RTP), North Carolina. In addition, we own 65 acres of undeveloped land. The RTP site supports research and development, global services and sales and marketing.

We own approximately 0.7 million square feet of facilities in Bangalore, India on 14 acres of land. The Bangalore site supports research and development, marketing and global services.

We lease approximately 0.3 million square feet of office space for our corporate headquarters located in San Jose, California. The San Jose site supports research and development, corporate general administration, sales and marketing, global services and operations.

We lease approximately 1.2 million square feet in other sales offices and research and development facilities throughout the U.S. and internationally. We expect that our existing facilities and those being developed worldwide are suitable and adequate for our requirements over at least the next two years and that additional space will be available if needed.

Item 3. Legal Proceedings

For a discussion of legal proceedings, see Note 17 – Commitments and Contingencies of the Notes to Consolidated Financial Statements.

Item 4. Mine Safety Disclosures

Not applicable.

29

PART II

Item 5. Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities

The Company’s common stock is traded on the NASDAQ Stock Market LLC (NASDAQ) under the symbol NTAP.

Price Range of Common Stock

The price range per share of common stock presented below represents the highest and lowest intraday sales prices for the Company’s common stock on the NASDAQ during each quarter of our two most recent fiscal years.

Holders

As of June 1, 2022 there were approximately 461 holders of record of our common stock.

Dividends

The Company paid cash dividends of $0.50 per outstanding common share in each quarter of fiscal 2022 for an aggregate of $446 million, $0.48 per outstanding common share in each quarter of fiscal 2021 and fiscal 2020 for an aggregate of $427 million and $439 million, respectively. In the first quarter of fiscal 2023, the Company declared a cash dividend of $0.50 per share of common stock, payable on July 27, 2022 to shareholders of record as of the close of business on July 8, 2022.

30

Performance Graph

The following graph shows a comparison of cumulative total shareholder return, calculated on a dividend reinvested basis, of an investment of $100 for the Company, the S&P 500 Index, the S&P 500 Information Technology Index and the S&P 1500 Technology Hardware & Equipment Index for the five years ended April 29, 2022. The comparisons in the graphs below are based upon historical data and are not indicative of, nor intended to forecast, future performance of our common stock. The graph and related information shall not be deemed “soliciting material” or be deemed to be “filed” with the SEC, nor shall such information be incorporated by reference into any past or future filing with the SEC, except to the extent that such filing specifically states that such graph and related information are incorporated by reference into such filing.

COMPARISON OF FIVE YEAR CUMULATIVE TOTAL RETURN

Among NetApp, Inc., the S&P 500 Index, the S&P 500 Information Technology Index and the S&P 1500 Technology Hardware & Equipment Index*

*$100 invested on April 28, 2017 in stock or index, including reinvestment of dividends. Data points are the last day of each fiscal year for the Company’s common stock and each of the indexes.

We believe that a number of factors may cause the market price of our common stock to fluctuate significantly. See Item 1A. – Risk Factors.

31

Purchases of Equity Securities by the Issuer and Affiliated Purchasers

The following table provides information with respect to the shares of common stock repurchased by us during the three months ended April 29, 2022:

In May 2003, our Board of Directors approved a stock repurchase program. As of April 29, 2022, our Board of Directors had authorized the repurchase of up to $15.1 billion of our common stock. Since inception of the program through April 29, 2022, we repurchased a total of 347 million shares of our common stock for an aggregate purchase price of $13.9 billion. Under this program, we may purchase shares of our outstanding common stock through solicited or unsolicited transactions in the open market, in privately negotiated transactions, through accelerated share repurchase programs, pursuant to a Rule 10b5-1 plan or in such other manner as deemed appropriate by our management. The stock repurchase program may be suspended or discontinued at any time, and it was suspended for the first half of fiscal 2021 due to the economic impact of the COVID-19 pandemic. We reinitiated our stock repurchase program in the third quarter of fiscal 2021.

32

Item 6. [Reserved]

33

Item 7. Management’s Discussion and Analysis of Financial Condition and Results of Operations

The following discussion of our financial condition and results of operations should be read together with the financial statements and the accompanying notes set forth under Item 8. – Financial Statements and Supplementary Data. The following discussion also contains trend information and other forward-looking statements that involve a number of risks and uncertainties. The Risk Factors set forth in Item 1A. – Risk Factors are hereby incorporated into the discussion by reference.

Executive Overview

Our Company

NetApp is a global cloud-led, data-centric software company that gives organizations the freedom to put data to work in the applications that elevate their business. We help our customers get the most out of their data with industry-leading public cloud services, and hybrid cloud solutions. Building on a rich history of innovation, we give customers the freedom to manage applications and data across hybrid multicloud environments. No matter where a customer’s data is or how the business uses it, NetApp helps to bring it together in a data fabric. For nearly three decades, NetApp has supported customers to accelerate their unique data fabrics and extend their workflows into a hybrid cloud environment with the right tools and right capabilities.

As our products and solutions portfolios evolve, market dynamics change, and management continues to assess our largest opportunities, we periodically change how we manage our business. As of the end of our first quarter of fiscal 2022, our Chief Operating Decision Maker (CODM), who is our Chief Executive Officer, realigned internal reporting and began using financial information for components of our business, organized based on category of product/solution, to evaluate performance and allocate resources. This resulted in the creation of two reportable segments for financial reporting purposes: Hybrid Cloud and Public Cloud. Our CODM measures the performance of each segment based on segment revenue and segment gross profit.

Hybrid Cloud offers a portfolio of storage management and infrastructure solutions that help customers recast their data centers with the power of cloud. This portfolio is designed to operate with public clouds to unlock the potential of hybrid, multi-cloud operations. We offer a broad portfolio of cloud-connected all-flash, hybrid-flash, and object storage systems, powered by intelligent data management software. Hybrid Cloud is composed of software, hardware, and related support, as well as professional and other services.

Public Cloud offers a portfolio of products delivered primarily as-a-service, including related support. This portfolio includes cloud storage and data services, and cloud operations services. Our enterprise-class solutions and services enable customers to control and manage storage in the cloud, consume high-performance storage services for primary workloads, and optimize cloud environments for cost and efficiency. These solutions and services are generally available on the leading public clouds, including Microsoft Azure, Google Cloud Platform and Amazon AWS.

Global Business Environment

Macroeconomic Conditions

Continuing global economic uncertainty, political conditions and fiscal challenges in the U.S. and abroad could result in adverse macroeconomic conditions, including inflation, slower growth or recession. In particular, in fiscal 2022, we experienced inflationary pressure and constraints in our supply chain.

Supply chain constraints, particularly in the second half of fiscal 2022, led to higher product component and freight costs which increased our cost of revenues. Supply chain constraints also delayed our ability to fulfill certain customer orders during the fiscal year. Given the uncertainties that exist in the broader technology supply chain, we are continuing to invest in inventory and certain longer-term commitments to help mitigate the impact of supply shortages.

If these macroeconomic uncertainties or supply chain challenges persist or worsen in fiscal 2023, we may observe reduced customer demand for our offerings, increased competition for critical components, challenges fulfilling certain customer orders or continued increases in component and freight costs which could impact our operating results, including our ability to achieve historical levels of revenue growth.

COVID-19

The COVID-19 pandemic and efforts to control its spread have significantly curtailed the movement of people, goods and services worldwide, including in many of the regions in which we sell our products and services and conduct our business operations. We have taken precautionary measures intended to minimize the risk of the virus to our employees, our customers, and the communities in which we operate. Since March 2020, the vast majority of our employees have been working remotely and we have limited business

34

travel. As a result of COVID-19, we continued to observe certain customers delaying purchases of our products and services, while other customers accelerated or placed new orders to address the demands of remote working and digital business.

Russia Sanctions

Beginning in February 2022, in response to Russian military actions in Ukraine, the U.S. and other countries imposed sanctions on Russia, and we suspended business operations, including sales, support on existing contracts and professional services, in Russia and Belarus. The impact of these actions was not significant to our fiscal 2022 financial results. However, their ultimate magnitude and duration remain uncertain, and we will continue to closely monitor their potential impacts to our business.

The magnitude and duration of the disruption to our business, and impact to our operational and financial performance of the factors above remain uncertain. Refer to Item 1A. – Risk Factors for the significant risks we have identified related to the global business environment.

Financial Results and Key Performance Metrics Overview

The following table provides an overview of key financial metrics for each of the last three fiscal years (in millions, except per share amounts and percentages):

35

Stock Repurchase Program and Dividend Activity

During fiscal 2022, we repurchased approximately 7 million shares of our common stock at an average price of $84.49 per share, for an aggregate purchase price of $600 million. We also declared aggregate cash dividends of $2.00 per share in fiscal 2022, for which we paid a total of $446 million.

Acquisitions

On May 20, 2022, in the first quarter of fiscal 2023, we acquired all the outstanding shares of privately-held Instaclustr, Inc., a leading platform provider of fully managed open-source database, pipeline and workflow applications delivered as a service, for approximately $500 million.

On February 18, 2022, we acquired all the outstanding shares of privately-held NeurOps Inc. (which operated under the name "Fylamynt"), for approximately $27 million. Fylamynt is an innovative CloudOps automation technology company that enables customers to build, run, manage and analyze workflows securely in any cloud with little to no code.

On November 5, 2021, we acquired all the outstanding shares of privately-held CloudCheckr Inc., (CloudCheckr) for approximately $347 million. CloudCheckr is a leading cloud optimization platform that provides cloud visibility and insights to lower costs, maintain security and compliance, and optimize cloud resources.

On June 18, 2021, we acquired all the outstanding shares of privately-held Data Mechanics Inc., a provider of managed platforms for big data processing and cloud analytics, for approximately $15 million.

Restructuring Events

During fiscal 2022, we executed several restructuring plans and recognized expenses totaling $33 million consisting primarily of lease termination fees, office relocation costs, and employee severance-related costs.

36

Results of Operations

Our fiscal year is reported on a 52- or 53-week year that ends on the last Friday in April. An additional week is included in the first fiscal quarter approximately every six years to realign fiscal months with calendar months. Fiscal year 2022, which ended on April 29, 2022, and fiscal year 2020, which ended on April 24, 2020 were both 52-week years. Fiscal year 2021, which ended on April 30, 2021 was a 53-week year, with 14 weeks included in its first quarter and 13 weeks in each subsequent quarter. Unless otherwise stated, references to particular years, quarters, months and periods refer to our fiscal years ended in April and the associated quarters, months and periods of those fiscal years.

The following table sets forth certain Consolidated Statements of Income data as a percentage of net revenues for the periods indicated: