Risks and opportunities In the following section, we present all risks and opportunities of significance to the Group that, as things currently stand, could affect the results of operations, financial position, and/or reputation of Deutsche Telekom and, via the subsidiaries’ results, the results of operations, financial position, and/or reputation of Deutsche Telekom AG. We describe the majority of the risks before the measures for risk containment are taken. If any remaining risks have been identified despite such measures for risk containment, they are labeled as such. If risks and opportunities can be clearly allocated to an operating segment, this is presented accordingly in the following. In order to make it easier to understand and see their effects, we have allocated the individually assessed risks to the following categories: Corporate risks Probability of occurrence Risk extent Risk significance Change againstprior year INDUSTRY, COMPETITION, AND STRATEGY Economic risks, Germany Low Small Low Unchanged Economic risks, United States Low Medium Low Unchanged Economic risks, Europe Low Medium Low Unchanged Risks relating to the market and environment, Germany High Small Medium Unchanged Risks relating to the market and environment, United States Medium Large Medium Unchanged Risks relating to the market and environment, Europe Medium Medium Medium Unchanged Risks relating to innovations (substitution) Medium Medium Medium Unchanged Risks relating to strategic transformation and integration Medium Very large High Unchanged REGULATION see Risks and opportunities relating to regulation OPERATIONAL RISKS Employees Medium Small Low Unchanged Risks relating to IT/NT network operations, Germany Medium Large Medium Unchanged Risks relating to IT/NT network operations, United States Very low Large Low Improved Risks relating to IT/NT network operations, Europe Very low Large Low Unchanged Risks relating to existing IT architecture, United States Medium Medium Medium Unchanged Future viability of the IT architecture, United States Medium Large Medium Unchanged Procurement Low Small Low Unchanged Data privacy and data security High Medium Medium Unchanged BRAND, COMMUNICATION, AND REPUTATION Brand and reputation (reporting in the media) Low Small Low Unchanged Sustainability risks Low Medium Low Unchanged Health and environment Low Medium Low Unchanged LITIGATION AND ANTI-TRUST PROCEEDINGS see Litigation FINANCIAL RISKS Liquidity, credit, currency, interest rate risks Medium Medium Medium Deteriorated Tax risks see Tax risks Other financial risks see Other financial risks Risks and opportunities from industry, competition, and strategy Risks and opportunities relating to the macroeconomic environment. As an international corporation, we operate in a large number of countries, using a range of currencies. A substantial economic downturn could reduce the purchasing power of our customers and adversely affect our access to the capital markets. Exchange rate fluctuations could impact on our earnings. Despite the subdued but by and large positive economic development in the past year, economic uncertainties have increased worldwide. Leading institutes and organizations have revised their growth forecasts downwards and expect global economic growth to slow down. The main risks for future economic development are uncertainties from international trade conflicts, a disorderly Brexit, and political uncertainty, especially in Europe. These risks are offset by opportunities, especially from the unabated strong growth in the United States and in most countries of our Europe operating segment. There are no signs of a recession in the United States in 2020. We merely expect the rate of growth to slow as a result of falling fiscal impetus. The economic momentum will also fade in Europe. Falling demand for exports should be offset, at least in part, by the ongoing robustness of the domestic economy in Europe. Accordingly, we only expect a slowdown in growth here, not a recession. This is all the more true as the expansive monetary policy of the European Central Bank (ECB) stimulates domestic demand and investment activity in the eurozone. Risks relating to the market and environment. The main market risks we face include the steadily falling price level for voice and data services in the fixed network and in mobile communications. In addition to price reductions imposed by regulatory authorities, this is primarily attributable to ongoing intense competition in the telecommunications industry. Competitive pressure is expected to continue, especially in the fixed network in Germany and the countries of our Europe operating segment. In the broadband market, the trend of disproportionate growth in the market shares of regional network operators, particularly in Germany, continues to establish itself. They build out their own infrastructure and thus increase their market coverage. Increasingly this is done with fiber-optic infrastructure, thereby increasing their customer numbers and expanding their own value added. There is still strong competition to gain new customers by cutting prices and offering introductory discounts. The risk significance of the “Market and environment, Germany” risk cluster has been classified as “medium” since Vodafone Deutschland acquired Unitymedia from Liberty Global. The takeover has given Vodafone an extremely large share of the cable TV market and established its dominance in the housing market. As part of the approval process, the EU Commission imposed obligations on Vodafone Deutschland, as a result of which, Vodafone Deutschland opened up the cable network of the combined entity to Telefónica Deutschland. This could further increase competitive pressure in broadband and TV services, and result in falling revenues in the retail and wholesale area. We expect ongoing price pressure for mobile voice telephony and mobile data services, which could adversely affect our mobile service revenue. Among the main reasons for this price pressure are data-centric, aggressively priced offers. Providers that do not have their own infrastructure (MVNOs) market such offers over the internet, for instance, while there is also the risk that smaller competitors will take unforeseen, aggressive pricing measures. Technological innovations such as the use of pure eSIMs in smartphones could put further pressure on prices by increasing the willingness of customers to switch providers. Drillisch Netz acquired mobile spectrum in the spectrum auction held in Germany in 2019 and subsequently made a public statement declaring its intention to begin setting up a fourth mobile network over the next few years. This could pose a risk to revenue in the retail and wholesale area. Another competitive risk lies in the fact that, both in the fixed network and in mobile communications, we are increasingly faced with competitors who are not part of the telecommunications sector as such, but are increasingly moving into the traditional telecommunications markets. This mainly relates to major players in the internet and consumer electronics industries. As a result, we are exposed to the risk of a further loss of share of value added and falling margins due to increasingly losing direct customer contact to competitors. T‑Mobile US has multiple wireless competitors, some of which have greater resources and compete for customers based principally on service/device offerings; price; network coverage, speed, and quality; and customer service. Market saturation in the United States will continue to cause the wireless industry’s customer growth rate to be moderate in comparison with historical growth rates, or possibly negative, leading to ongoing competition for customers. T‑Mobile US expects that its customers’ appetite for data services will place increasing demands on its network capacity. The scarcity and cost of additional wireless spectrum, and regulations relating to spectrum use, may adversely affect T‑Mobile US’ business, financial condition, and operating results. T‑Mobile US faces intense and increasing competition from other service providers as industry sectors converge, such as cable, telecommunications services and content, and satellite television. Joint ventures, mergers, acquisitions, and strategic alliances in the wireless sector have resulted in and are expected to result in larger competitors competing for a limited number of customers. The business combination of T‑Mobile US and Sprint is subject to a number of conditions, including, among others, obtaining certain governmental authorizations, consents, orders or other approvals, and the absence of any injunction prohibiting the business combination or any legal requirements enacted by a court or other governmental entity preventing the completion of the business combination. Although we firmly believe that the business combination will generate synergies and further benefits, we cannot rule out the possibility that these cannot be realized to the extent anticipated or within the planned time frame. Our Systems Solutions operating segment also faces challenges. Continued strong competition and persistent cost pressure are adversely affecting traditional ICT business. In addition, the technological shift toward cloud solutions and digitalization in the IT sector is prompting new, strongly capitalized, competitors to enter the market. The introduction of IP technology in telecommunications business is enabling price reductions, which poses a risk of revenue losses and declining margins at T‑Systems. Future issues like 5G and software-defined networks are initiators for new project business. Opportunities relating to the market and environment. The telecommunications and IT market is extremely dynamic and highly competitive. The economic conditions affect our actions and impact on our Company indicators. We generally expect the situation to develop as described in the section “Forecast.” Risks relating to innovations (substitution). Innovation cycles are getting shorter and shorter. This confronts the telecommunications sector with the challenge of bringing out new products and services at shorter and shorter intervals. New technologies are superseding existing technologies, products, or services in part, in some cases even completely. This could lead to lower prices and revenues in both voice and data traffic. These substitution risks could impact our revenue and earnings, in particular in the Europe and United States operating segments. We deal with the impact of substitution risks by offering package rates, for example: We offer new and existing customers integrated solutions from our product portfolio. The introduction of the new 5G mobile standard as a technological innovation entails uncertainties in the form of upcoming spectrum auctions and their conditions of award, regulatory requirements, public discussions on security and electromagnetic compatibility, and the limited number of telecommunications hardware providers represented in planning scenarios. Opportunities relating to innovations. In addition to the risks described, ever-shorter innovation cycles enable us to drive the digital transformation of our society and to provide our consumers and business customers with innovative products and solutions. That is why our innovation and product development activities are decisive when it comes to identifying opportunities and making the most of them in an increasingly competitive environment. In order to guarantee this, and do justice to the growing convergence of networks and IT, we have combined all relevant functions under joint management in our Board of Management department Technology and Innovation, in order to enable closer integration of the areas of innovation, networks, and IT. SDG 9 For further information on our innovation activities, please refer to the section “Innovation and product development.” 5G is the new generation of mobile telecommunications networks. Not only are we involved in a large number of different organizations and forums, we are also working intensively in collaboration with research institutions and industry to continue developing this standard, which will address an array of challenges facing telecommunication networks. These include purely technical requirements, such as achieving a substantial increase in capacity, bandwidth, and availability, and lower latency. In addition, there are fundamental issues, such as M2M communication on a large scale in the Internet of Things (IoT) and the growing need for reliability, security, and guaranteed resource allocation in industrial applications. 5G thus offers not only the immediate opportunity of cost-effectively managing rapidly increasing demands in existing business models going forward, but also opportunities for further business models by marketing network capabilities (e.g., network access, localization, security, identity, storage location, temporary storage, real-time processing) to relevant partners. We are already working on implementing the first use cases such as campus networks and mobile edge computing, in which data is processed in a decentralized manner (at the edges of the network). Together with other technologies like the NarrowBand Internet of Things (NB-IoT) and artificial intelligence (AI), 5G and edge computing provide the underpinnings for the further digital transformation of society. SDG 13 Risks relating to strategic transformation and integration. We are in a continuous process of strategic adjustments and cost-cutting initiatives. If we are unable to implement these projects as planned, we will be exposed to certain risks. In other words, the benefit of the measures could be less than originally estimated, take effect later than expected, or not at all. Each of these factors, individually or in combination, could have a negative impact on our business situation, financial position, and results of operations. Opportunities relating to strategic transformation and integration. The IP transformation (all IP) offers many opportunities. A logical network is being created that speaks a single language and, in technical terms, functions largely independently of the services transmitted. This will enable efficiency gains, e.g., by reducing the complexity of maintenance and operation, switching off service-specific legacy platforms, and saving energy. In addition, all IP will generate growth potential in the short to medium term by improving the customer experience of existing services (e.g., better voice quality, more customer self-service, greater configuration flexibility) and, in the medium to long term, by providing an indispensable basis for convergence products and the Internet of Things (IoT), and by shortening the time to market for new products. But the all-IP network can do more. It is the network infrastructure cloud underpinning not only the virtualization of functions and services, but also joint production across borders (Pan-Net). This will also create opportunities for enhancing efficiency and for further growth. The idea of developing services only once and then marketing them in different countries will make it possible to get those services to market faster and more cost-effectively. In addition, we are driving forward the transformation of our IT using agile development. This approach allows us to exploit new opportunities for efficient IT production, through the modular provision of components as well as through accelerated development. Furthermore, agile development makes it possible to reduce big bang risks in the delivery of major software releases. Risks and opportunities relating to regulation In the following section, we describe the main regulatory risks and opportunities that, as things currently stand, could affect our results of operations and financial position, and our reputation. Regulatory risks arise from telecommunications-specific statutory regulations at the European and national level, and from the consequent powers of national authorities to regulate or intervene in the market and limit our freedom as regards product design and pricing. Deregulation can give rise to regulatory opportunities. Regulatory intervention, which we can only anticipate to a limited extent, may exacerbate existing price and competitive pressure. There are concerns that regulation in Germany and other European countries may also impact revenue and earnings trends in the medium to long term. Changes in regulatory policy and legislation EU legal framework for telecommunications. The European Electronic Communications Code, which reforms central EU regulation of the telecommunications sector, primarily price and access regulation, spectrum policy, sector-specific rules on consumer protection, and the universal service regime, entered into force on December 20, 2018. The member states had 24 months as of that date to transpose the requirements into national law. The Code provides for less regulation of “very high capacity networks” and more stable regulatory conditions over the long term in cases where competitors invest jointly, as is the case with open co-investment models. In addition to establishing co-ownership and co-financing, co-investment models also include long-term agreements on access-based network usage that comply with specific requirements designed to safeguard competition. Fiber-to-the-building/home (FTTB/FTTH) networks, in particular, could benefit from the new rules. At the same time, the new legal framework gives the regulatory authorities new powers to impose access obligations on all networks independent of whether a company has significant market power (symmetrical regulation). In terms of spectrum policy, the new EU regulatory framework aims to increase the level of harmonization of the award rules in the different member states in certain areas and thus improves legal certainty when awarding mobile spectrum, for example, by including a minimum license term of 15 years with an option to extend for a further five years. With respect to consumer protection, apart from a few exceptions, fully harmonized obligations are in place at European level – thus negating the need for additional national regulations – whereas obligations in individual areas are becoming more stringent. Transparency obligations are being extended greatly, while the regulations on contract terms and changes of provider are being tightened up further. Universal service is being completely overhauled, with the removal of many services that are hardly used anymore. In future, to enable the use of services including video telephony, access lines will have to be broadband in order to meet universal service requirements. Certain rules are not required to be transposed into national law. For example, the regulation of retail rate plans for voice calls and text messages into other EU countries took effect as of May 15, 2019 as part of a directly applicable EU Regulation. Rates for international voice calls and sending text messages within the EU have been limited to 19 ct/minute and 6 ct/text message (net) for five years. Under the Code, the European Commission will set uniform price caps for mobile termination rates (MTR) and fixed-network termination rates (FTR) for all member states at the end of 2020 by way of a delegated act. The revision of the EU legal framework for telecommunications forms part of a package of new EU legislation on the single market for electronic communications that provides for amendments to the regulations governing media services – mainly due to the growing importance of internet offerings – which are competing with the TV services previously focused on (e.g., under copyright law, laws for the protection of minors from harmful media, consumer protection, and the liability of internet service providers (in particular hosting) for third-party content). At the national level, too, specific amendments (for instance, to the German Interstate Treaty on Broadcasting and the German Telemedia Act, as well as to competition law) are being discussed in response to the phenomena of digitalization and convergence. Awarding of spectrum Risks could arise from the fact that inappropriate auction rules and frequency usage requirements, excessive reserve prices, or disproportionately high annual spectrum fees could jeopardize our planned acquisition of spectrum. By contrast, we see an opportunity in particular in the fact that such spectrum award procedures enable mobile network operators to obtain the optimum amount of spectrum for their future business. We would thus be equipped for further growth and innovation. The upcoming award procedures mainly relate to the auctioning of additional spectrum in the 0.7 GHz, 1.5 GHz, 3.4 GHz/3.8 GHz, and 24 GHz and over ranges. In addition, spectrum licenses, especially in the 2.1 GHz range, have expired or will expire between 2019 and 2021 in some countries and need to be renewed. Award procedures are currently being prepared in Austria, Croatia, the Czech Republic, Greece, Hungary, North Macedonia, the Netherlands, Poland, Romania, Slovakia, and the United States. For information on spectrum auctions that were completed in 2019 or are still ongoing, please refer to the section “The economic environment.” Areas in which national regulators may intervene European and national laws and regulations grant national regulators extensive powers of intervention. A case in point at the European level is the EU Regulation concerning the single market for electronic communications, which was enacted 2015. It contains provisions on international roaming, net neutrality, and obligations to provide information, which restrict our product-design options, mainly as regards retail products. The Body of European Regulators for Electronic Communications (BEREC) has published guidelines for implementing this regulation. Risks arise from how the national regulators interpret both the regulation and these guidelines. In Germany, for example, the Federal Network Agency has wide-ranging powers under law to require products to be adjusted in order to enforce the regulation and to impose fines in cases of non-compliance. Our Group companies in Germany and abroad continue to be subject to comprehensive regulation of wholesale products, obligating us to make our network and services available to our competitors. The national regulators regularly check and determine the corresponding terms, conditions, and prices of these wholesale offerings. The key wholesale products subject to regulation are unbundled local loop lines, bitstream products, leased lines, termination rates, and the associated services. In addition, European and national consumer protection regulations apply. In Germany, for instance, the Transparency Regulation came into force on June 1, 2017, the main objective of which is to enhance transparency and cost control with telecommunications services for consumers. In this context, the Federal Network Agency introduced a system that enables consumers to measure the bandwidths available on their fixed-network and mobile lines. In addition to the requirements of telecommunications law, our media products are also subject to special European and national regulations under media law. The latter include, in the broader sense, copyright law, regulations concerning the responsibility for published content, requirements in relation to ensuring the protection of minors in the media, and requirements in relation to the content and user interfaces of media distribution platforms. Barring any changes to its shareholder structure on the one hand (the Federal Republic and KfW being its major shareholders), or to the legal situation, or the prevailing opinions of media regulators on the other, it is unlikely that Telekom Deutschland will be granted a license to broadcast radio and television programs. Operational risks and opportunities Employees. Our employees play a crucial role in the transformation of Deutsche Telekom. Their skills are a key factor to our business success. The general high demand on the labor market, in particular for specialists in highly relevant areas such as IT, makes it difficult to recruit new employees. An inability to attract and/or retain the necessary experts would have a negative impact on our business in the future. In 2019, we once again used socially responsible measures to restructure the workforce in the Group, mainly by means of severance payments, partial and dedicated retirement, internal retraining measures, and employment opportunities in public service for civil servants offered by Telekom Placement Services. We will continue this restructuring in the coming year. If it is not possible to implement the corresponding measures as planned or at all (for example, due to limited interest in severance payments), this may have negative effects on our financial targets. To avoid the risk of high potentials leaving the Group as a result of the staff reduction instruments, we make sure that the arrangement is voluntary on both sides in each individual case. The right of civil servants to return to Deutsche Telekom also carries risks: When Group entities that employ civil servants are disposed of, it is generally possible to continue to employ them at the Group entity to be sold, provided the civil servant agrees or submits an application to be employed at the respective unit in future. However, there is a risk that they may return to us from a sold entity, for instance after the end of their temporary leave from civil servant status, without the Company being able to offer them jobs. Currently 1,452 civil servants are entitled to return from outside the Group to Deutsche Telekom in this way (as of December 31, 2019). Risks relating to IT/NT network operations. We have an increasingly complex information/network technology infrastructure, which we constantly expand and upgrade to ensure the best customer experience and consolidate our technology leadership. Outages in the current and also future technical infrastructure cannot be completely ruled out and could in individual cases result in revenue losses or increased costs. After all, our IT/NT resources and structures are the key organizational and technical platform for our operations. The ongoing convergence of IT and NT harbors risks. In order to counter these holistically, our network, innovation, and IT activities are combined under the Board of Management department for Technology and Innovation. Risks could arise in this area relating to all IT/NT systems and products that require internet access. For instance, faults between newly developed and existing IT/NT systems could cause interruptions to business processes, products, and services, such as smartphones and MagentaTV. In order to avoid the risk of failures, e.g., due to natural disasters or fires, we use technical early warning systems and redundant IT/NT systems. The Computer Emergency Response Team (CERT) at T‑Systems is in charge of protecting our corporate customers’ servers. In cloud computing, all data and applications are stored at a data center. Our data centers have security certification and meet strict data protection provisions and the EU regulations. All data relating to companies and private persons is protected from external access. Constant maintenance and automatic updates keep the security precautions up to date at all times. On the basis of a standardized Group-wide business continuity management (BCM) process, we also take organizational and technical measures to prevent damage from occurring or, if we cannot, to mitigate the subsequent effects. We also have insurance cover for insurable risks. SDG 9 The risk significance in the risk category “Risks relating to IT/NT network operations, United States” was regraded from medium to low at the beginning of 2019. This was due not only to the geographical redundancies that were put in place, but also to the adequate disaster recovery functions for the billing systems for customer services, which were rated as functional in tests. The risk is thus mitigated and will no longer be reported. Opportunities relating to IT/NT network operations. The utilization of large data volumes (big data) from our networks can improve and speed up decision-making processes by enhancing transparency. It does so by shifting the basis for decisions from hypotheses to facts and, for example, enabling correlations to be recognized. Our Systems Solutions operating segment covers innovative business areas in the digital transformation of business processes, such as the Internet of Things and cybersecurity. These business areas could develop faster than expected. As a pioneer of the digital transformation, we have an opportunity not only to participate in, but also actively shape, the market trend through a variety projects in the fields of healthcare and mobility solutions. In the ramp-up phase of these new business models based on M2M communication and big data, our partner-oriented approach is a highly promising way of contributing our core competencies – in data communication, big data, cloud computing, and cybersecurity – to various projects. What is more, we already have initial references in areas of the Internet of Things market, e.g., predictive maintenance. SDG 12 As a technology and development partner for toll collection business in Europe, we already have a strong competitive position. We have earned valuable references in European toll collection projects in Belgium and Austria and through the planned launch of a Europe-wide toll collection system (Toll4Europe). This will help to give us an edge over our competitors. Risks relating to the existing IT architecture in the United States. T‑Mobile US relies upon its systems and networks and the systems and networks of other providers and suppliers, to provide and support services. T‑Mobile US’ business, like that of most retailers and wireless companies, involves the receipt, storage, and transmission of customers’ confidential information, including sensitive personal information, payment card information, and confidential information about their employees and suppliers, as well as other sensitive information about T‑Mobile US, such as business plans, transactions, and intellectual property. Cyberattacks, such as denial of service and other malicious attacks, could disrupt T‑Mobile US’ internal systems, networks, and applications, impair its ability to provide services to customers, and have other adverse effects on its business. Future viability of the IT architecture in the United States. In order to grow and remain competitive with new and evolving technologies in the industry, T‑Mobile US will need to adapt to future changes in technology, continually invest in its network, increase network capacity, enhance existing offerings, and introduce new offerings to address its current and potential customers’ changing demands. If T‑Mobile US is unable to take advantage of technological developments on a timely basis, then it may experience a decline in demand for its services or face challenges in implementing or evolving its business strategy. The ongoing implementation by T‑Mobile US of a customer billing system, which involves a third-party-supported platform, may cause major system or business disruptions, or T‑Mobile US may fail to implement the billing system in its entirety or in a timely or effective manner. Opportunities relating to the IT architecture in the United States. To be successful, T‑Mobile US must provide its customers with reliable, trustworthy service and information security. T‑Mobile US is making significant investments in its IT infrastructure and wireless network. If this results in a significant improvement in processes, then the savings made could be higher than previously assumed. Procurement. Deutsche Telekom cooperates with a variety of suppliers of technical (information and communication technology) and non-technical products and services. Products and services that might involve a higher risk include software and hardware, network technology components, and all products and services provided directly to end customers. Supply risks cannot be entirely ruled out. Delivery bottlenecks, price increases, changes in the prevailing economic or political conditions, or suppliers’ product strategies may have a negative impact on our business processes and our results. Additional risks may also result from the dependence on individual suppliers or from individual suppliers defaulting. This is especially true for Chinese telecommunications suppliers. We employ organizational, contractual, and procurement strategy measures to counteract such risks. Data privacy and data security. Following the successful implementation of the General Data Protection Regulation (GDPR) in 2018, the aim for 2019 was to further consolidate the more stringent data protection requirements under the GDPR and harmonize them within the Group while constantly adapting them to new developments. For instance, the GDPR has introduced new procedures such as the Privacy Impact Assessment for assessing and documenting risks in data processing. While we have already had such a process in place for ten years with the Privacy Security Assessment (PSA), which is now also entirely digital, we nevertheless need to adapt such processes to modern, agile working methods. That is why, with the PSA@AGIL project, we have updated the process and also introduced new roles with the Privacy&Security Champions, who have explicit data privacy responsibility in agile product development. In addition to new working methods, we have looked intensively at new technologies and developed guidelines for using them in a data privacy compliant manner (e.g., artificial intelligence, IoT, voice recognition technologies such as those used in our digital voice assistant Hallo Magenta). The GDPR has created a good basis for data processing in the EU, based on a set of uniform rules. It assures Europe of a high level of data protection and, at the same time, will pave the way for new digital business models. However, experience gained so far shows that the intended harmonization is at risk. The regulatory authorities of the member states are called upon to strengthen coherence as part of the consistency mechanism. This relates in particular to positioning on individual data protection issues, but also to divergences in the application of the framework for fines. SDG 16 In addition, the new data protection legislation has closed a major regulatory gap when it comes to service providers outside of the EU. The GDPR also applies to non-European market players (e.g., Google, Facebook, and Apple) targeting customers in the EU, and will thus enhance the overall competitive situation. However, data in the hands of telecommunications providers will still be subject to separate, more stringent regulation until the ePrivacy Directive is revised. Telecommunications providers in Europe thus still have a competitive disadvantage in some areas – one that the new proposed regulations that have thus far been made public will only partially alleviate. As telecommunications providers’ data processing options are substantially restricted compared with what is possible under the GDPR, it is unlikely that big-data applications in the field of telecommunications will be able to realize their full potential. According to the current draft of the planned ePrivacy Regulation, which is to replace the ePrivacy Directive, it will be possible to process metadata only with the customer’s approval. The draft ePrivacy Regulation does not provide for the possibility of processing for compatible purposes using pseudonyms. Big data applications in particular, however, depend on large volumes of data for reliable results. Solutions based purely on consent will have limitations. That will rule out various service models that may be useful to consumers, but cannot be implemented with anonymized data, such as services for finding parking spaces and avoiding accidents, tailored TV programming, or telemonitoring services in the healthcare field. However, proposals put before the EU Council to bring the ePrivacy Regulation more closely in line with the GDPR are moving in the right direction. In particular, the proposal to incorporate processing for compatible purposes using pseudonyms into the ePrivacy Regulation would be an important step towards innovation-friendly regulation while at the same time maintaining a high level of data privacy. It is important, therefore, that the proposed legislation continues to pursue this balanced approach in 2020. IT security continues to pose major challenges. In addition to preventive measures such as integrated security in business processes and measures to raise security awareness among employees, we counter these challenges with increased focus on the analysis of threats and cyber risks. This is where our early warning system comes in: It detects new sources and types of cyberattack, analyzes the behavior of the attackers while maintaining strict data privacy, and identifies new trends in the field of security. Along with the honeypot systems, which simulate vulnerabilities in IT systems, our early warning system includes alerts and analytical tools for spam mails, viruses, and Trojans. We exchange the information we obtain from all these systems with public and private bodies to detect new attack patterns and develop new protection systems. Cybercrime and industrial espionage are on the rise. We are addressing these risks with comprehensive security concepts. In order to create greater transparency and thus be in a stronger position to tackle these threats, we are relying more and more on partnerships, e.g., with public and private organizations. By means of the Security by Design principle we have made security an integral part of our development process for new products and information systems. In addition, we carry out intensive and obligatory digital security tests. SDG 17 We are continually striving to accelerate our growth through IT security solutions. To this end, we have combined our security units within T‑Systems. We want to leverage this end-to-end security portfolio to secure market shares and score points with security concepts on the back of megatrends like the Internet of Things and Industry 4.0. We are also continuing to gradually expand our partner ecosystem in the area of cybersecurity. We provide regular updates on the latest developments in data protection and data security on our website at www.telekom.com/en/corporate-responsibility/data-protection-data-security. Risks and opportunities arising from brand, communication, and reputation Negative media reports. An unforeseeable negative media report on our products and services or our corporate activities and responsibilities can have a huge impact on the reputation of our Company and our brand image. Social networks have made it possible that such information and opinions can spread much faster and more widely. Ultimately, negative reports can impact on our revenue and our brand value. In order to avoid this, we engage in a constant, intensive, and constructive dialog, in particular with our customers, the media, and the financial world. For us, the top priority is to take as balanced a view as possible of the interests of all stakeholders and thereby uphold our reputation as a reliable partner. Sustainability risks and opportunities. For us, comprehensive risk and opportunity management also means considering the opportunities and risks arising from ecological or social aspects or from the management of our Company. To this end, we actively and systematically involve all relevant stakeholders in the process so as to identify current and potential risks and opportunities. In parallel with our ongoing monitoring of ecological, social, and governance issues, we systematically determine our stakeholders’ positions on these issues. The key tools we use here are: Our online survey for all stakeholders; a document analysis, covering legal texts, studies, and media publications, amongst other things; our involvement in working groups and committees of national and international business associations and social organizations, e.g., GeSI, BDI, Bitkom, Econsense, and BAGSO; stakeholder dialog formats organized by us; and our various publications, such as the press review and newsletter. We also integrate the biggest sustainability risks in our internal compliance assessment, thereby recording the associated positioning and development of measures in the various business areas. SDG 17 For further information on sustainability, please refer to the section “Corporate responsibility and non-financial statement.” We have identified the following as our main sustainability management issues: Reputation. How we deal with sustainability issues also entails both opportunities and risks for our reputation. A high level of service quality is one of the most important factors for improving customer perception. Customer satisfaction has been embedded in our Group management as a non-financial performance indicator to underline the importance of this issue. Transparency and reporting help to promote the trust of other external stakeholders in our Group. Our annual and CR reports also serve this purpose. However, issues such as business practices, data privacy, and work standards in the supply chain and conduct in relation to human rights also entail reputational risks: If our brands, products, or services are connected with such issues in negative media reports, this can cause substantial damage to our reputation. As part of our sustainability management activities, we continuously review such potential risks and take measures to minimize them. This includes systematically incorporating them in the Group’s internal compliance management system, so as to determine the relevance of the risks in relation to sustainability issues and their effect on reputation across units. We also ascertain how our products and services make a positive contribution to sustainability in order to enhance our reputation. SDG 16 Climate protection. We pursue an integrated climate strategy, which means focusing not only on the risks that climate change poses for us and our stakeholders, but also on the opportunities it presents. By 2030, ICT products and services will have the potential to save up to seven times as much in CO2 emissions in other industries as the ICT sector itself generates, even taking into account the expected rebound effects (according to the GeSI Digital for Purpose study). Taking an optimistic view, this could mean a nine-percent reduction in global CO2 emissions by 2030. In addition, investments of around USD 3 trillion in innovative solutions are expected by 2030, which will not only expand the business, but will also support the SDGs. We are supporting this trend by evaluating our product portfolio to identify sustainability benefits. In addition, we want to continuously improve the ratio of the emissions that our products and services save to those generated by our own value chain. According to this figure, the positive CO2 effects facilitated for our customers in Germany were 144 percent higher in 2019 than our own CO2 emissions (enablement factor of 2.44 to 1). SDG 13 Climate change risks are already visible in the form of increasingly extreme weather conditions. This is having a direct effect on our stakeholders, e.g., our customers, suppliers, and employees. The risk is assessed in relation to the continuation of operations as part of risk management and is managed at an operational level in the business units. In addition, we evaluate internally how reporting on climate-related financial risks and opportunities can be aligned with the recommendations of the Task Force on Climate-related Financial Disclosures (TCFD). This should build on the existing approaches for strategy, controlling, and risk management. We can take further preventive action in this area by also reducing our own CO2 emissions. For this reason, we set ourselves a new and ambitious target of cutting 90 percent of emissions across the Group by 2030 as compared with 2017. Climate protection also carries financial risks, whether from the introduction of a levy on CO2 emissions or an increase in energy costs. The measures we are taking to counter these risks include measuring our own energy efficiency and finding ways to improve it. In 2019, three of our subsidiaries (Magyar Telekom in Hungary, OTE in Greece, and T‑Mobile Netherlands) covered 100 percent of their electricity requirements with renewable energy, while a further three (Deutsche Telekom in Germany, T‑Mobile US, and Hrvatski Telekom in Croatia) almost met this target, thus reducing climate risks. Suppliers. We see more sustainability in our supply chain as an opportunity – for our reputation and our business success. Apart from the general risks associated with our global procurement activities, we can be exposed to country- and supplier-specific risks. These include, for example, the use of child labor, the conscious acceptance of environmental damage, or inadequate local working and safety conditions. We reduce these risks by systematically reviewing our suppliers. We conduct these audits within the scope of the Joint Audit Corporation (JAC). The aim of the JAC is to reduce sustainability risks in our supply chain and to improve ecological and social aspects, including the issue of human rights. As such, the audit is compliant with internationally recognized guidelines and standards, such as the ILO Core Labor Standards, the UN Guiding Principles on Business and Human Rights, and the OECD Guidelines for Multinational Enterprises. Our partnerships with suppliers that comply with international sustainability standards ensure a high level of product quality and reliable procurement. We have a special development program in place to help strategic suppliers introduce business practices that are both socially and ecologically acceptable while remaining economically efficient. This program showed measurable successes again in the reporting period and has three major advantages: It has a positive impact on our suppliers’ working conditions, enhances their profitability, and makes the economic relevance of sustainability clear for both sides, i.e., for our suppliers and for the Group alike. For instance, better working conditions at our suppliers reduces the number of work-related accidents as well as the attrition rate. That, in turn, ensures high product quality and increases productivity, while at the same time lowering costs for recruitment and training. Thus, not only are we strengthening our suppliers’ profitability and CR performance, we are also significantly reducing identified risks. SDG 8 Health and environment. Mobile communications, or the electromagnetic fields used in mobile communications, regularly give rise to concerns among the general population about potential health risks. This issue continues to be the subject of public, political, and scientific debate. Acceptance problems among the general public mostly concern mobile communications networks and occasionally the use of mobile terminals such as smartphones, tablets, and laptops. The discussion has intensified repercussions for the build-out of the mobile infrastructure. In the fixed network, this can affect the use of traditional IP and DECT (digital cordless) phones, and devices that use Wi-Fi technology. There is a risk of regulatory interventions, such as tightened thresholds for electromagnetic fields or the implementation of precautionary measures in mobile communications, e.g., amendments to building law, or also the risk of a labeling requirement for handsets. SDG 3 Over the past few years, recognized expert organizations such as the World Health Organization (WHO) and the International Commission on Non-Ionizing Radiation Protection (ICNIRP) have repeatedly reviewed the current thresholds for mobile communications and confirmed that – if these values are complied with – the use of mobile technology is safe based on current scientific knowledge. Various expert organizations, currently the ICNIRP, regularly review the recommended thresholds on the basis of the latest scientific findings. We are convinced that mobile communications technology is safe if specific threshold values are complied with. We are supported in this conviction by the assessment of the recognized bodies. Our responsible approach to this issue finds expression in our Group-wide EMF Policy, with which we commit ourselves to more transparency, information, participation, and support of independent mobile communications research, far beyond that which is stipulated by legal requirements. We aim to overcome concerns among the general public by pursuing an objective, scientifically well-founded, and transparent information policy. We thus continue to see it as our duty to continue our trust-based dialog with local authorities and to ensure its successful progress. This particularly applies since our long-standing collaboration with municipalities to expand the mobile network was enshrined in law in 2013. Previously, this collaboration was based on voluntary self-commitments by the network operators. Litigation Major ongoing legal proceedings Deutsche Telekom is party to proceedings both in and out of court with government agencies, competitors, and other parties. The proceedings listed below are of particular importance from our perspective. If, in extremely rare cases, required disclosures on the significance of individual litigation and anti-trust proceedings are not made, we concluded that these disclosures may seriously undermine the outcome of the relevant proceedings. Prospectus liability proceedings (third public offering, or DT3). This originally relates to around 2,600 ongoing lawsuits from some 16,000 alleged buyers of T-Shares sold on the basis of the prospectus published on May 26, 2000. The plaintiffs assert that individual figures given in this prospectus were inaccurate or incomplete. The amount in dispute currently totals approximately EUR 78 million plus interest. Some of the actions are also directed at KfW and/or the Federal Republic of Germany as well as the banks that handled the issuances. The Frankfurt/Main Regional Court had issued orders for reference to the Frankfurt/Main Higher Regional Court in accordance with the German Capital Investor Model Proceedings Act (Kapitalanleger-Musterverfahrensgesetz – KapMuG) and has temporarily suspended the initial proceedings. On May 16, 2012, the Frankfurt/Main Higher Regional Court had ruled that there were no material errors in Deutsche Telekom AG’s prospectus. In its decision on October 21, 2014, the Federal Court of Justice partly revoked this ruling, determined that there was a mistake in the prospectus, and referred the case back to the Frankfurt/Main Higher Regional Court. On November 30, 2016, the Frankfurt/Main Higher Regional Court ruled that the mistake in the prospectus identified by the Federal Court of Justice could result in liability on the part of Deutsche Telekom AG, although the details of that liability would have to be established in the initial proceedings. Both Deutsche Telekom AG and some of the individual plaintiffs in the model proceedings have brought an appeal before the Federal Court of Justice against this decision. We continue to hold the opinion that there are compelling reasons why Deutsche Telekom AG should not be liable for damages. An adequate contingent liability has been recognized and is shown in the notes to the consolidated financial statements. In the annual financial statements of Deutsche Telekom AG prepared in accordance with German GAAP, adequate provisions for this risk have been recognized. Claims by partnering publishers of telephone directories. Several publishers that had set up joint ventures with the then DeTeMedien GmbH – formerly a wholly owned subsidiary of Deutsche Telekom AG and now named Deutsche Tele Medien GmbH – to edit and publish subscriber directories filed claims against DeTeMedien GmbH and/or Deutsche Telekom AG at the end of 2013. The plaintiffs are claiming damages or a refund from Deutsche Tele Medien GmbH and, to a certain extent, from Deutsche Telekom AG as joint and several debtor alongside Deutsche Tele Medien GmbH. The plaintiffs base their claims on allegedly excessive charges for the provision of subscriber data in the joint ventures. The amounts claimed by the 81 original plaintiffs totaled around EUR 470 million plus interest at the end of 2014. After an agreement was reached with the majority of the publishers in October 2015 to settle the disputes and a number of claims were since dismissed conclusively or withdrawn, seven actions are still pending for a remaining amount in dispute of around EUR 50 million plus interest. In one of these proceedings, the Federal Court of Justice dismissed the appeal in its ruling dated January 29, 2019. This ruling has a direct impact also on the other proceedings, such that the associated risk can be classified as remote. As a result, we will no longer report about this series of proceedings in the future. Claims relating to charges for the shared use of cable ducts. In 2012, Kabel Deutschland Vertrieb und Service GmbH (today Vodafone Kabel Deutschland GmbH (VKDG)) filed a claim against Telekom Deutschland GmbH to reduce the annual charge for the rights to use cable duct capacities in the future and gain a partial refund of the payments made in this connection since 2004. According to VKDG’s latest estimates, its claims amounted to around EUR 624 million along with around EUR 9 million for the alleged benefit from additional interest, plus interest in each case. Claims prior to 2009 are now no longer being asserted by VKDG. After the Frankfurt/Main Regional Court had dismissed the complaint in 2013, the Frankfurt/Main Higher Regional Court also rejected the appeal in December 2014. In the ruling dated January 24, 2017, the Federal Court of Justice reversed the appeal ruling and referred the case back to the Frankfurt/Main Higher Regional Court for further consideration. In its ruling dated December 20, 2018, the Frankfurt/Main Higher Regional Court again rejected the appeal and disallowed a further appeal. In similar proceedings, Unitymedia Hessen GmbH & Co. KG, Unitymedia NRW GmbH, and Kabel BW GmbH filed claims against Telekom Deutschland GmbH in January 2013, demanding that it cease charging the plaintiffs more than a specific and precisely stated amount for the shared use of cable ducts. In addition, the plaintiffs are demanding a refund of currently around EUR 570 million plus interest. The claim was dismissed in the first instance by the Cologne Regional Court on October 11, 2016. In its ruling dated March 14, 2018, the Düsseldorf Higher Regional Court rejected the appeal against this decision. In both proceedings, the plaintiffs have lodged a complaint against the non-allowance of appeal with the Federal Court of Justice. At present the financial impact of both these proceedings cannot be assessed with sufficient certainty. Claim for damages in Malaysia despite an earlier, contrary, legally binding arbitration ruling. Celcom Malaysia Berhad (Celcom) and Technology Resources Industries Berhad are pursuing actions with the state courts in Kuala Lumpur, Malaysia, against eleven defendants in total, including DeTeAsia Holding GmbH, a subsidiary of Deutsche Telekom AG. The plaintiffs are demanding damages and compensation of USD 232 million plus interest. DeTeAsia Holding GmbH had enforced this amount against Celcom in 2005 on the basis of a final arbitral award in its favor. The main proceedings in the court of first instance began in January 2018. Adequate provisions for this risk were recognized. Arbitration proceedings against T‑Mobile Polska S.A. In August 2019, Polish telecommunications provider P4 Sp. z o.o. initiated arbitration proceedings against T‑Mobile Polska S.A. The plaintiff is claiming around PLN 400 million (around EUR 93 million) plus interest as payment for its alleged entitlement to retroactive mobile termination rates. Patents and licenses. Like many other large telecommunications and internet providers, Deutsche Telekom is exposed to a growing number of intellectual property rights disputes. There is a risk that we may have to pay license fees and/or compensation; we are also exposed to a risk of cease-and-desist orders, for example relating to the sale of a product or the use of a technology. Further, Deutsche Telekom intends to defend itself and/or pursue its claims vigorously in each of these proceedings. Anti-trust proceedings Like all companies, our Group is subject to anti-trust law. In recent years, we have notably stepped up our compliance efforts in this area too. Nevertheless, Deutsche Telekom and its subsidiaries are from time to time subject to proceedings under competition law or follow-on damage actions under civil law. In the following, we describe material anti-trust proceedings and resulting claims for damages. Claims for damages against Slovak Telekom following a European Commission decision to impose fines. The European Commission decided on October 15, 2014 that Slovak Telekom had abused its market power on the Slovak broadband market and as a result imposed fines on Slovak Telekom and Deutsche Telekom, which were paid in full in January 2015. Slovak Telekom and Deutsche Telekom challenged the European Commission’s decision on December 29, 2014 before the General Court of the European Union. On December 13, 2018, the court partially overturned the European Commission’s decision and reduced the fines by a total of EUR 13 million. Despite this positive judgment, on February 21, 2019, Slovak Telekom and Deutsche Telekom filed an appeal with the European Court of Justice against the ruling by the General Court. With this appeal, Slovak Telekom and Deutsche Telekom are seeking, inter alia, to overturn the findings of the European Commission determining Slovak Telekom’s behavior as abusive. Following the decision of the European Commission, competitors filed damage actions against Slovak Telekom with the civil court in Bratislava. Three claims totaling EUR 215 million plus interest are currently pending seeking compensation for alleged damages due to Slovak Telekom’s abuse of a dominant market position, as determined by the European Commission. It is currently not possible to estimate the financial impact with sufficient certainty. Financial risks Liquidity, credit, currency, interest rate risks With regard to its assets, liabilities, and planned transactions, our Group is particularly exposed to liquidity risks, credit risks, and the risk of changes in exchange rates and interest rates. We want to contain these risks. Risks with an impact on cash flows are monitored in a standard process and hedged accordingly using derivative and non-derivative hedges. Derivative financial instruments are used solely for hedging and never for speculative purposes. The following risk areas – liquidity, credit, currency, and interest rate risks – are evaluated taking into account all hedges. For further information on the risk assessment, please refer to the “Corporate risks” table above. Liquidity risk. To ensure the Group’s and Deutsche Telekom AG’s solvency and financial flexibility at all times, we maintain a liquidity reserve in the form of credit lines and cash as part of our liquidity management. At December 31, 2019, Deutsche Telekom had standardized bilateral credit agreements with 21 banks for a total of EUR 12.6 billion. At all times, our liquidity reserve covered the bonds falling due and long-term loans for the next 24 months at least (see graphic below). From today’s perspective, our access to the international debt capital markets is not jeopardized. Development of the liquidity reserve, maturities in 2018/2019 billions of € Credit risks. In our operating business and certain banking activities, we are exposed to a credit risk, i.e., the risk that a counterparty will not fulfill its contractual obligations. To keep this credit risk to a minimum, we conclude transactions with regard to financing activities only with counterparties that have at least a credit rating of BBB+/Baa1; we also actively manage limits. In addition, we have concluded collateral agreements for our derivative transactions. We continuously monitor accounts receivable in operations in a decentralized manner. Our business with corporate customers, especially with international carriers, is subject to special solvency monitoring. Currency risks. The currency risks result from investments, financing measures, and operations. Risks from foreign-currency fluctuations are hedged if they affect the Group’s cash flows. However, foreign currency risks that do not influence the Group’s cash flows (e.g., risks resulting from the translation of assets and liabilities of foreign operations into euros) are not hedged. Deutsche Telekom may nevertheless also hedge these foreign-currency risks under certain circumstances. Interest rate risks. Our interest rate risks mainly result from financing activities. In addition to the interest rate risk pertaining to variable-interest debt, this also includes the issue of new liabilities. With interest rates currently at an all-time low, our risk assessment for a rise in interest rates has increased. As a result, the risk significance in the risk category “Liquidity, credit, currency, interest rate risks” has gone up overall from “low” to “medium.” Interest risks are managed as part of our interest rate management activities. A maximum, variable component is set each year for the debt position in euros; the debt position in U.S. dollars is primarily determined through fixed-income securities with issuer cancellation rights. The Board of Management and the Supervisory Board are regularly informed about the situation. For further information, please refer to Note 41 “Financial instruments and risk management,” in the notes to the consolidated financial statements. Tax risks We are subject to the applicable tax laws in many different countries. Risks can arise from changes in local taxation laws or case law and different interpretations of existing provisions. These risks can impact both our tax expense and benefit as well as tax receivables and liabilities. Other financial risks This section contains information on other financial risks that we consider to be immaterial at present or cannot evaluate based on current knowledge. Rating risk. As of December 31, 2019, Deutsche Telekom AG’s credit rating with Moody’s was Baa1 with a negative outlook, while Standard & Poor’s rated us BBB+ with an outlook of CreditWatch negative, and Fitch confirmed its current rating of BBB+ with a stable outlook. Standard & Poor’s also announced that it would likely lower Deutsche Telekom AG’s rating to BBB in the event of the successful closing of the business combination between T‑Mobile US and Sprint. Over time, a lower rating is likely to lead to an increase in the cost of debt financing. Sales of shares by the Federal Republic or KfW Bankengruppe. As of December 31, 2019, the Federal Republic and KfW Bankengruppe jointly held 31.9 percent in Deutsche Telekom AG. It is possible that the Federal Republic will continue its policy of privatization and sell further equity interests in a manner designed not to disrupt the capital markets and with the involvement of KfW Bankengruppe. There is a risk that the sale of a significant volume of shares by the Federal Republic or KfW Bankengruppe, or any speculation to this effect, could have a negative impact on the price of the T-Share. Our CR strategy enhances the value of our Company in the long term, which also has a positive effect of reducing business risks. Investors with a long-term horizon acknowledge this approach. In the capital markets, this is evident, for example, in the proportion of T-Shares held by investors that base their investment decisions, at least in part, on sustainability criteria. As of September 30, 2019, around 18 percent of all T-Shares were held by SRI (socially responsible investment) investors, and 3 percent were held by investors who manage their funds primarily in accordance with SRI aspects. SDG 8 Impairment of Deutsche Telekom AG’s assets. The value of the assets of Deutsche Telekom AG and its subsidiaries is reviewed periodically. In addition to the regular annual measurements, specific impairment tests may be carried out, for example, where changes in the economic, regulatory, business, or political environment suggest that the value of goodwill, intangible assets, property, plant and equipment, investments accounted for using the equity method, or other financial assets might have decreased. These tests may lead to the recognition of impairment losses that do not, however, result in cash outflows. This could impact to a considerable extent on our results, which in turn may negatively affect the T-Share price. For further information, please refer to the section “Summary of accounting policies – Judgments and estimates” in the notes to the consolidated financial statements.