Document


UNITED STATES
SECURITIES AND EXCHANGE COMMISSION
Washington, D.C. 20549


__________________________________________
Form SD
Specialized Disclosure Report
__________________________________________
PALO ALTO NETWORKS, INC.
(Exact name of registrant as specified in its charter)
__________________________________________


Delaware001-35594
(State or other jurisdiction of
incorporation or organization)
(Commission File Number)
3000 Tannery Way
Santa Clara, California
(Address of principal executive office)
95054
(Zip Code)

Dipak Golechha
Chief Financial Officer
(408) 753-4000
(Name and telephone number, including area code, of the person to contact in connection with this report.)
__________________________________________
Check the appropriate box to indicate the rule pursuant to which this form is being filed:
☒    Rule 13p-1 under the Securities Exchange Act (17 CFR 240.13p-1) for the reporting period from January 1 to December 31, 2023.
☐    Rule 13q-1 under the Securities Exchange Act (17 CFR 240.13q-1) for the fiscal year ended _______.



Section 1 - Conflict Minerals Disclosure
Item 1.01 Conflict Minerals Disclosure and Report
A copy of Palo Alto Networks, Inc.’s Conflict Minerals Report for the reporting period January 1, 2023 to December 31, 2023 is attached hereto as Exhibit 1.01 and is publicly available at https://investors.paloaltonetworks.com/governance/governance-documents*.
Item 1.02 Exhibits
The Conflict Minerals Report required by Item 1.01 is filed as Exhibit 1.01 to this Form SD.
Section 3 - Exhibits
Item 3.01 Exhibits
Conflict Minerals Report for the reporting period January 1, 2023 to December 31, 2023 as required by Items 1.01 and 1.02 of this Form.
______________
*    The reference to Palo Alto Networks’ website is provided for convenience only, and its contents are not incorporated by reference into this Form SD and the Conflict Minerals Report, nor deemed filed with the U.S. Securities and Exchange Commission.



SIGNATURES
Pursuant to the requirements of the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the duly authorized undersigned.

Date: May 29, 2024
PALO ALTO NETWORKS, INC.
By:/s/ Dipak Golechha
Dipak Golechha
Chief Financial Officer
(Principal Financial Officer)

Document

Exhibit 1.01

Conflict Minerals Report of Palo Alto Networks, Inc.
in accordance with Rule 13p-1 under the Securities Exchange Act of 1934
This Conflict Minerals Report (this “Report”) of Palo Alto Networks, Inc. (“Palo Alto Networks” or the “Company”) for calendar year 2023 is presented to comply with Rule 13p-1 (“Rule 13p-1”) under the Securities Exchange Act of 1934 (the “1934 Act”). Please refer to Rule 13p-1, Form SD and SEC Release No. 34-67716 for definitions to the terms used in this Report, unless otherwise defined within this Report.
Rule 13p-1 imposes certain reporting obligations on SEC registrants whose manufactured products contain minerals originating in the Democratic Republic of the Congo or any country that shares an internationally recognized border with the Democratic Republic of the Congo (collectively, the “Covered Countries”). The minerals subject to Rule 13p-1 are columbite-tantalite (coltan), cassiterite, wolframite, gold and their derivatives, which are limited to tantalum, tin and tungsten (“Conflict Minerals”).
Pursuant to Rule 13p-1, if, based upon a reasonable country of origin inquiry, a registrant has reason to believe that any of the Conflict Minerals in its supply chain may have originated in one of the Covered Countries, or if such registrant is unable to determine the country of origin of those Conflict Minerals, then it must file a Conflict Mineral Report with the SEC describing the due diligence measures it has undertaken or will undertake regarding the source and chain of custody of the Conflict Minerals. Due to our limited ability to determine the source and chain of custody of Conflict Minerals necessary to the functionality or production of our products as described below, we have filed this Conflict Minerals Report.
PART I. Due Diligence Process
Palo Alto Networks has determined that components in its enterprise security hardware products, including its next-generation hardware firewall products, contain Conflict Minerals and that such Conflict Minerals are necessary to the functionality of such products. Accordingly, Palo Alto Networks was required to undertake an inquiry with respect to Conflict Minerals that is reasonably designed to determine whether any of the Conflict Minerals originated in the Covered Countries and whether the Conflict Minerals are from recycled or scrap sources. Based on this reasonable country of origin inquiry, Palo Alto Networks knows or has reason to believe that some Conflict Minerals are sourced in the Covered Countries and are not from recycled or scrap sources.
The Palo Alto Networks Conflict Minerals Policy sets forth the company’s commitment to human rights around the world, as well as Palo Alto Networks’ commitment to excluding the usage of Conflict Minerals originating from high-risk smelters in the Covered Countries in its products and the company’s efforts to continue to develop methods, implement tools and adopt procedures in line with the Organization for Economic Cooperation and Development Due Diligence Guidance for Responsible Supply Chains of Minerals from Conflict-Affected and High-Risk Areas, including the related supplements on gold, tin, tantalum, and tungsten (the “OECD Framework”), an internationally recognized due diligence framework. The Palo Alto Networks Conflict Minerals Policy may be found at: https://investors.paloaltonetworks.com/static-files/0deca849-cf4e-4d04-b366-cc19008e5c7f.
As a company that relies solely on third-party contract manufacturers to build its products, Palo Alto Networks is several levels removed from the mining, smelting or refining of Conflict Minerals. Palo Alto Networks does not make purchases of raw ore or unrefined Conflict Minerals and makes no purchases in the Covered Countries. As a result, Palo Alto Networks must rely on its third-party contract manufacturers and their suppliers to provide information regarding the source of Conflict Minerals that are necessary to the functionality or production of its enterprise security hardware products.
As part of its contract manufacturer selection process, Palo Alto Networks engages in a review of each potential contract manufacturer’s supply chain policies and procedures. Palo Alto Networks looks to its contract manufacturers to have an established system of control and transparency over their mineral supply chain. Further, Palo Alto Networks has regularly communicated with its contract manufacturers and suppliers regarding the need for Rule 13p-1 compliance. The Company uses a scorecard to grade the Company’s top spend suppliers on their Conflict Minerals compliance efforts.
Palo Alto Networks’ primary contract manufacturer, Flex International Ltd. (“Flex”), supports the purpose of Rule 13p-1, is subject to Rule 13p-1, and has partnered with the Responsible Business Alliance (“RBA” formerly referred to as Electronics Industry Citizenship Coalition / Global sustainability Initiative) team to collaboratively develop an industry standard to collect the sourcing information related to Conflict Minerals. Flex has made available a supplier quality resource center, which includes its Conflict Minerals Policy, found at the following website: https://flex.com/supplier-information/supplier-quality.
Palo Alto Networks, with the assistance of Flex, undertook due diligence measures to determine the source and chain of custody of the Conflict Minerals that are necessary to the functionality or production of Palo Alto Networks’ enterprise security hardware products that originated or may have originated in the Covered Countries. Palo Alto Networks designed its Conflict Minerals due diligence measures to conform, in all material respects, to the OECD Framework.
During the reporting period for this Report, Palo Alto Networks’ due diligence measures included:
Conducting a supply-chain survey with direct suppliers of materials containing Conflict Minerals using the RBA Conflict Minerals Reporting Template (“CMRT”) to identify the smelters and refiners;
Comparing the smelters and refiners identified in the supply-chain survey against the list of smelter facilities which have been identified as “conflict free” by programs such as the Responsible Minerals Assurance Process (“RMAP” formerly referred to as Conflict-Free Smelter Program) for Conflict Minerals.
Requested due diligence follow up from suppliers whose smelters were flagged by the RMI Smelter Database.
Flex sent out surveys on behalf of Palo Alto Networks to the 142 suppliers identified in its due diligence efforts. Flex received valid responses from 141 suppliers, providing a 99% response rate.
Based on the results of the assessment described above, Flex followed-up with the suppliers surveyed, to the extent possible, on missing and inconsistent information. Additional supplier contacts were conducted to address issues, including implausible statements regarding no presence of the Conflict Minerals, incomplete data on the CMRT, responses that did not identify smelters or refiners, responses that indicated a sourcing location without complete supporting information from the supply chain, and organizations that were identified as smelters or refiners, but not verified as such through further analysis and research. In addition, Palo Alto Networks followed-up on cases where a supplier stated a smelter or refiner does not source from the Covered Countries, but the sourcing location (country of mine origin) is not a known reserve for the given metal.
In addition to the steps discussed above, Palo Alto Networks has:
Familiarized key personnel with the requirements of Rule 13p-1.
In 2023, invested in a compliance tool which allows us to organize supplier responses, store CMRTs, and track smelter information.
In 2023, attended the Responsible Mineral Initiative’s (“RMI”) annual conference.
Signed an industry group letter, addressed to smelters and refiners currently not conformant/not enrolled in the Responsible Minerals Assurance Process (RMAP), encouraging participation in a recognized industry audit program.
Findings and Conclusions
As a result of the due diligence efforts described above, Palo Alto Networks determined in good faith that it did not have sufficient information to enable it to determine whether Conflict Minerals necessary to the functionality or production of its enterprise security hardware products may have been sourced from the Covered Countries or from recycled or scrap sources. Palo Alto Networks makes this determination due to a lack of information from its suppliers to determine the source and chain of custody of Conflict Minerals throughout the supply chain.
Forward Looking Statements
This report includes forward-looking statements, within the meaning of the Private Securities Litigation Reform Act of 1995, relating to continuing to develop methods, implement tools and adopt procedures that are designed to be both auditable and in accordance with the OECD Framework, efforts to increase the response rate of our suppliers and obtain a definitive determination of its status and to further mitigate the risk that necessary Conflict Minerals do not benefit armed groups, as well as our intentions to make reasonable efforts to strengthen company engagement with suppliers and structure internal management to support supply chain due diligence, and are based on management’s current expectations or beliefs. Forward-looking statements are not guarantees of future performance and are subject to a number of uncertainties and other factors that may be outside of the company’s control and that could cause actual events to differ materially from those expressed or implied by the statements made herein. The company assumes no obligation to revise or update any forward-looking statements for any reason, except as required by law.
PART II. Smelter and Refiner RMAP Compliance
As part of the due diligence process that Palo Alto Networks undertook, with the assistance of Flex, it collected information regarding the number of smelters and refiners that were in compliance with the RMI’s RMAP program or were otherwise in process with the RMAP. The RMAP is a voluntary initiative in which an independent third party audits smelter procurement and processing activities and determines if the smelter has provided sufficient documentation to demonstrate with reasonable confidence that the minerals it processed originated from conflict-free sources. A summary of the percentage of known smelters and refiners for each Conflict Mineral that may be in the Palo Alto Networks supply chain and whether such smelters and refiners are RMAP compliant or otherwise in process with the RMAP is provided below:
53% (91/172) of known Gold smelters or refiners that may be in our supply chain are RMAP conformant, active in the RMAP, or in communication with the RMAP;
91% (41/45) of known Tantalum smelters or refiners that may be in our supply chain are RMAP conformant or active in the RMAP;
83% (77/93) of known Tin smelters or refiners that may be in our supply chain are RMAP conformant, active in the RMAP, or in communication with the RMAP; and
70% (36/52) of known Tungsten smelters or refiners that may be in our supply chain are RMAP conformant, active in the RMAP, or in communication with the RMAP.