AT&T (T) Risk Analysis

Our subsidiaries providing wired services are subject to significant federal and state regulation, while many of our competitors are not. In addition, our subsidiaries and affiliates operating outside the United States are also subject to the jurisdiction of national and supranational regulatory authorities in the markets where service is provided. Our wireless subsidiaries are regulated to varying degrees by the FCC and in some instances, by state and local agencies. Adverse regulations and rulings by the courts, the FCC or states relating to broadband and wireless deployment,, could impede our ability to manage our networks and recover costs and lessen incentives to invest in our networks. The continuing growth of IP-based services, especially when accessed by wireless devices, has created or potentially could create conflicting regulation between the FCC and various state and local authorities, which may involve lengthy litigation to resolve and may result in outcomes unfavorable to us. In addition, in response to the Federal Aviation Administration (FAA) questioning whether cell sites transmitting C-Band spectrum could impact radio altimeter equipment on airplanes, we voluntarily committed to temporary, precautionary measures near certain airports through January 1, 2028, which may have limited impacts to deployments and services. In addition, increased public focus on a variety of issues related to our operations, such as privacy issues, government requests or orders for customer data, and concerns about global climate change, have led to proposals or new legislation at state, federal and foreign government levels to change or increase regulation on our operations, which could result in additional costs of compliance or litigation. Enactment of new privacy laws and regulations could, among other things, adversely affect our ability to collect data and offer targeted advertisements or result in additional costs of compliance or litigation. Should customers decide that our competitors offer a more customer-friendly environment, our competitive position, results of operations or financial condition could be materially adversely affected.

We have been and will be undertaking certain transformation initiatives, which are designed to reduce costs, enable legacy rationalization, streamline and modernize distribution and customer service, remove redundancies and simplify and improve processes and support functions. Our focus is on supporting added customer value with an improved customer experience. We intend for these efficiencies to enable increased investments in our strategic areas of focus, which include improving broadband connectivity (for example, fiber and 5G). We also expect these initiatives to drive efficiencies and improved margins. If we do not successfully manage and timely execute these initiatives, or if they are inadequate or ineffective, we may fail to meet our financial goals and achieve anticipated benefits, improvements may be delayed, not sustained or not realized, and our business, operations and competitive position could be adversely affected. Further, we are using and intend to further use artificial intelligence (AI)-driven efficiencies in our network design and operations, software development, sales, marketing, customer support services and general and administrative costs. The models used in those products, particularly generative AI models, may produce output or take action that is incorrect, release private or confidential information, reflect biases included in the data on which they are trained, infringe on the intellectual property rights of others, or be otherwise harmful. Any of these risks could expose us to liability or adverse legal or regulatory consequences and harm our reputation and the public perception of our business or the effectiveness of our security measures.

We may need to spend significant amounts of money to protect our intellectual property rights. Any impairment of our intellectual property rights, including due to changes in U.S. or foreign intellectual property laws or the absence of effective legal protections or enforcement measures, could materially adversely impact our operations.

Cyberattacks – including through the use of malware, computer viruses, distributed denial of services attacks, ransomware attacks, credential harvesting, social engineering and other means for obtaining unauthorized access to or disrupting the operation of our networks and systems or accessing our data and those of our suppliers, vendors and other service providers – could have a material adverse effect on our operations or results of operations. As a critical infrastructure service provider, the Company believes that it is a particularly attractive target for such cyberattacks, including from nation states and highly sophisticated, state-sponsored, or otherwise well-funded actors, and the Company experiences heightened risk from time to time as a result of geopolitical events. Cyberattacks can cause equipment or network failures, copying or loss of information, including sensitive personal information of customers or employees or proprietary information, as well as disruptions to our or our customers', suppliers' or vendors' operations, which could result in significant expenses, potential investigations and legal liability, a loss of current or future customers and reputational damage. Additional resources and management attention may be necessary to respond to government inquiries and requirements, including potentially conflicting demands and requirements from multiple government agencies. Moreover, the amount and scope of insurance that we maintain against losses resulting from any such events or security breaches may not be sufficient to cover our losses or otherwise adequately compensate us for any disruptions to our business that may result. As our networks evolve, they are becoming increasingly reliant on software and cloud technologies to handle growing demands for data consumption. Cyberattacks against the Company and its suppliers and vendors have occurred in the past, including from highly sophisticated, state-sponsored actors as noted above, and will continue to occur in the future and are increasing in frequency, scope and potential harm over time. For example, in July 2024, the Company disclosed a cybersecurity incident on Item 1.05 of Form 8-K relating to the copying of mobile customer call data. Due to the complexity and interconnectedness of our systems and those of our suppliers, vendors and other service providers, the process of enhancing our protective measures can itself create a risk of systems disruptions and security issues. Further, the use of artificial intelligence and machine learning by cybercriminals may increase the frequency and severity of cybersecurity attacks against us or our suppliers, vendors and other service providers. In addition, despite our efforts to detect unlawful intrusions, an attack may persist for an extended period of time before being detected, and, following detection, it may take considerable time for us to obtain sufficient information about the nature, scope and timing of the incident as well as the impact or reasonably likely impact on us. Indeed, as cyberattacks become increasingly sophisticated, a post-attack investigation may not be able to ascertain the entire scope of the attack's impact. Extensive and costly efforts are undertaken to develop and test systems before deployment and to conduct ongoing monitoring and updating to prevent and withstand such attacks. While the Company may have contractual rights to assess the effectiveness of many of its suppliers' and vendors' systems and protocols, the Company cannot know or assess the effectiveness of all of our providers' systems and controls at all times. While, to date, we have not been subject to a cyberattack that has had a material adverse effect on our operations or results of operations, the preventive actions we take, or our suppliers or vendors take, to reduce the risks associated with cyberattacks may be insufficient to repel or mitigate the effects of a major cyberattack in the future.

Wireless and broadband services are undergoing rapid and significant technological changes and a dramatic increase in usage, including, in particular, the demand for faster and seamless usage of data across mobile and fixed devices. The COVID-19 pandemic accelerated these changes and also resulted in higher network utilization, as more customers consumed bandwidth from changes in work and learn from home trends. Streaming, augmented reality, "smart" technologies, user generated content and artificial intelligence (AI) are expected to continue to drive greater demand for broadband. We must continually invest in our networks in order to improve our wireless and broadband services to meet this increasing demand and changes in customer expectations while remaining competitive. Improvements in these services depend on many factors, including continued access to and deployment of adequate spectrum and the capital needed to expand our wireline network to support transport of these services. In order to stem broadband subscriber losses to cable competitors in our non-fiber wireline areas, we have been expanding our all-fiber wireline network. We must maintain and expand our network capacity and coverage for transport of data, including video, and voice between cell and fixed landline sites. To this end, we participate in spectrum auctions and continue to deploy software and other technology advancements in order to efficiently invest in our network. We have spent, and plan to continue spending, significant capital and other resources on the ongoing development and deployment of our 5G and fiber networks. This deployment and other network service enhancements and product launches may not occur as scheduled or at the cost expected due to many factors, including unexpected inflation, delays in determining equipment and wireless handset operating standards, supplier delays, software issues, increases in network and handset component costs, regulatory permitting delays for tower sites or enhancements, or labor-related delays. Deployment of new technology also may adversely affect the performance of the network for existing services. If we cannot acquire needed spectrum, if our 5G and fiber offerings fail to gain acceptance in the marketplace or if we otherwise fail to deploy the services customers desire on a timely basis with acceptable quality and at reasonable costs, then our ability to attract and retain customers, and, therefore, maintain and improve our operating margins, could be materially adversely affected. In 2023, the FCC's statutory authority to conduct spectrum auctions lapsed and it is uncertain when Congress will act to reauthorize it. Also in 2023, the federal government released a national spectrum strategy that focused on spectrum sharing but did not include terms of future spectrum sharing model(s) or specific timelines to make additional spectrum bands available for 5G and future generations of service. As a result, the federal government's ability and intent to make sufficient spectrum available to the industry in needed timeframes and on terms suitable for mobile broadband network deployments remains uncertain.

As of December 31, 2024, approximately 43% of our workforce was represented by the Communications Workers of America (CWA), the International Brotherhood of Electrical Workers (IBEW) or other unions. While we have labor contracts in place with these unions, with subsequent negotiations we have in the past and could in the future incur additional costs and/or experience work stoppages, which could adversely affect our business operations.

We depend on suppliers to provide us, directly or through other suppliers, with items such as network equipment, customer premises equipment and wireless-related equipment such as mobile hotspots, handsets, wirelessly enabled computers, wireless data cards and other connected devices for our customers. In some instances, we depend on key single-source suppliers to provide important inputs where there are few alternative suppliers available. These suppliers could fail to provide equipment on a timely or cost-effective basis, or fail to meet our performance expectations, for a number of reasons, including difficulties in obtaining export licenses for certain technologies, inflationary pressures, inability to secure component parts, general business disruption, natural disasters, safety issues, economic and political instability, including the outbreak of war and other hostilities, and public health emergencies. These factors have caused, and may again cause, delays in the development, manufacturing (including the sourcing of key components) and shipment of products to the extent that we or our suppliers are impacted. In certain limited circumstances, suppliers have been unable to supply products in a timely fashion, affecting our ability to provide products and services precisely as and when requested by our customers. It is possible that, in some circumstances, we could be forced to switch to a different key supplier or be unable to meet customer demand for certain products or services. Because of the cost and time lag that can be associated with transitioning from one supplier to another, our business could be substantially disrupted if we were required to, or chose to, replace the products of one or more key suppliers with products from another source, especially if the replacement became necessary on short notice. Any such disruption could increase our costs, decrease our operating efficiencies and have a negative effect on our operating results.

Our operating costs, including customer acquisition and retention costs, could continue to put pressure on margins and customer retention levels. A number of our competitors offering comparable legacy services that rely on alternative technologies and business models are typically subject to less regulation, and therefore are able to operate with lower costs. These competitors generally can focus on discrete customer segments since they do not have regulatory obligations to provide universal service. Also, these competitors have cost advantages compared to us, due in part to operating on newer, more technically advanced and lower-cost networks with a nonunionized workforce, lower employee benefits and fewer retirees. We are transitioning services from our copper-based network and seeking regulatory approvals, where needed, at both the state and federal levels. If we do not obtain regulatory approvals for our network transition or obtain approvals with onerous conditions, we could experience significant cost and competitive disadvantages.

We have multiple wireless competitors in each of our service areas and compete for customers based principally on service/device offerings, price, network quality, reliability, speed, coverage area and customer service. In addition, we are facing growing competition from providers offering services using advanced wireless technologies and IP-based networks, among others. We expect market saturation to continue, which may cause the wireless industry's customer growth rate to moderate in comparison with historical growth rates, leading to increased competition for customers, including from strategic alliances in converged connectivity. Our share of industry sales could be reduced due to aggressive pricing or promotional strategies pursued by competitors. We also expect that our customers' growing demand for high-speed video and data services will place constraints on our network capacity. These competition and capacity constraints will continue to put pressure on pricing and margins as companies compete for potential customers. Additionally, we may not be able to accurately predict future consumer demands or the success of new services in markets. Our ability to address these issues will depend, among other things, on continued improvement in network quality and customer service and our ability to price our products and services competitively as well as effective marketing of attractive products and services. These efforts will involve significant expenses and require strategic management decisions on, and timely implementation of, equipment choices, network deployment and service offerings. In addition, a sustained decline in a reporting unit's revenues and earnings has resulted in the past, and may again result in the future, in a significant negative impact on its fair value, requiring us to record an impairment charge, which could have an adverse impact on our results of operations.

The communications industry has experienced rapid changes in the past several years. An increasing number of our customers are using mobile devices as their primary means of viewing video. In addition, businesses and government bodies are broadly shifting to wireless-based services for homes and infrastructure to improve services to their respective customers and constituencies. We have spent, and continue to spend, significant capital to shift our wired network to software-based technology and are expanding 5G wireless technology to address these demands. We have entered and continue to enter into a significant number of software licensing agreements and continue to work with software developers to provide network functions in lieu of installing switches or other physical network equipment in order to respond to rapid developments in wireless demand. While software-based functionality can be changed much more quickly than, for example, physical switches, the rapid pace of development means that we may increasingly need to rely on single-source and software solutions that have not previously been deployed in production environments. Should this software not function as intended or our license agreements provide inadequate protection from intellectual property infringement claims, we could be forced to either substitute (if available) or else spend time to develop alternative technologies at a much higher cost and incur harm to our reputation for reliability, and, as a result, our ability to remain competitive could be materially adversely affected.