Risks and opportunities
In the following section, we present all risks and opportunities of significance to the Group – including emerging risks – that, as things currently stand, could affect the results of operations, financial position, and/or reputation of Deutsche Telekom and, via the subsidiaries’ results, the results of operations, financial position, and/or reputation of Deutsche Telekom AG. We only consider risks after the mitigation measures taken (net assessment). If risks and opportunities can be clearly allocated to an operating segment, this is presented accordingly in the following.
In order to make it easier to understand and see their effects, we have assigned the individually assessed risks to the following categories. Where multiple individual risks are assigned to one risk category, we calculate the risk significance on the basis of risk aggregation carried out using a Monte Carlo simulation, in which we consider the individual risks along with their individual extent and probability of occurrence. The outcome, or risk significance, is the “value at risk.” This states that, with a particular probability of occurrence, the risk extent ascertained using the simulation will not be exceeded. An expert assessment is used for risk categories that have not been quantified.
The resulting risk significance for the risk categories is broken down into four levels:
|
|
Risk significance |
Description |
---|---|
Low |
< € 200 million value at risk |
Medium |
≥ € 200 million value at risk |
High |
≥ € 500 million value at risk |
Very high |
≥ € 1.0 billion value at risk |
This representation of risks was applied for the first time in the reporting year and reflects the stronger focus placed on quantifying risks and their aggregation. To further increase transparency we have introduced the risk significance levels described above.
|
|
|
||||
|
Risk significance |
Change against prior yeara |
||||
---|---|---|---|---|---|---|
Strategic risks |
|
|
||||
Macroeconomic environment, Germany |
Low |
Improvedb |
||||
Macroeconomic environment, United States |
Low |
Improvedb |
||||
Macroeconomic environment, Europe |
Low |
Improvedb |
||||
Market environment, Germany |
Low |
Improvedb |
||||
Market environment, United States |
Very high |
Unchanged |
||||
Market environment, Europe |
Low |
Improvedb |
||||
Strategic implementation and integration |
High |
Improved |
||||
Brand and reputation |
Low |
Unchanged |
||||
Sustainability and social responsibility |
Medium |
Unchanged |
||||
Health |
Low |
Improvedb |
||||
Operational risks |
|
|
||||
Technology, Germany |
Low |
Improvedb |
||||
Technology, United States |
High |
Unchanged |
||||
Technology, Europe |
Low |
Improvedb |
||||
Procurement and suppliers |
Low |
Unchanged |
||||
Data privacy and data security |
Medium |
Unchanged |
||||
Other operational risks |
Low |
Unchanged |
||||
Regulatory risks |
Medium |
- |
||||
Litigation and anti-trust proceedings |
See Litigation |
|
||||
Compliance risks |
See Compliance risks |
|
||||
Financial risks |
High |
Deterioratedb |
||||
|
Strategic risks and opportunities
Risks and opportunities relating to the macroeconomic environment. As an international corporation, we operate in a large number of countries, using a range of currencies. A substantial economic downturn could generally reduce the purchasing power of our customers and adversely affect our access to the capital markets. Exchange rate fluctuations could impact on our earnings.
The global economy recovered from the coronavirus crisis in 2021, however, economic development continues to be impacted by its aftermath. Leading institutes and organizations expect the recovery to continue in 2022. Overall, the general growth outlooks for Germany and Europe are positive. In January 2022, the International Monetary Fund (IMF) forecast a 3.9 % expansion of the eurozone economy for 2022 (Germany +3.8 %). Many countries in Eastern Europe saw relatively robust economic growth in 2021, and are expected to perform above the EU average again in 2022. The economic recovery is also likely to continue in the United States. Extensive relief and infrastructure packages were passed in the United States in 2021, which could, however, also entail higher U.S. corporate income tax rates and/or a minimum tax going forward, potentially increasing the tax burden for our Group company T‑Mobile US. In January 2022, the International Monetary Fund (IMF) forecast a 4.0 % expansion of the U.S. economy for 2022. Economic activity in the United States returned to pre-pandemic levels in mid-2021.
However, wide-ranging supply-side bottlenecks are disrupting global value chains and, combined with ongoing pandemic-related restrictions, are slowing growth. Rising raw materials and energy prices as well as delivery and capacity bottlenecks have ramped up inflationary pressures worldwide. And this is only likely to let up slightly in 2022, with no expectation of a rapid return to the pre-pandemic very low rates of inflation.
As such, economic development is subject to not insignificant risks going forwards. New, wide-reaching pandemic-related restrictions or longstanding delivery and capacity bottlenecks could impede recovery to a greater extent than expected. Further risks result from potential geopolitical conflicts and uncertainties from international trade conflicts.
These risks are counterbalanced by opportunities, especially if the coronavirus pandemic can be effectively contained. Based on experience so far, the coronavirus pandemic is expected to have only a limited impact on Deutsche Telekom’s business. If delivery and capacity bottlenecks are resolved faster than expected, this would open up the opportunity for pent-up consumer and investment demand to drive a dynamic upturn.
Risks from the market environment. The main market risks we face include the steadily falling price level for voice and data services in the fixed network and in mobile communications. In addition to price reductions imposed by regulatory authorities, this is primarily attributable to ongoing intense competition in the telecommunications industry.
Competitive pressure is expected to continue, especially in the fixed network in Germany and the countries of our Europe operating segment. In the broadband market, the trend of disproportionate growth in the market shares of regional network operators and supra-regional specialist FTTH providers, particularly in Germany, continues to establish itself. They build out their own infrastructure and thus increase their market coverage. Increasingly this is done with fiber-optic infrastructure, thereby increasing their customer numbers and expanding their own value added. There is still strong competition to gain new customers by cutting prices and offering introductory discounts.
We expect ongoing price pressure for mobile voice telephony and mobile data services, which could adversely affect our mobile service revenue. Among the main reasons for this price pressure are data-centric, aggressively priced offers. Providers that do not have their own infrastructure (MVNOs) market such offers over the internet, for instance, while there is also the risk that smaller competitors will take unforeseen, aggressive pricing measures. Technological innovations such as the use of pure eSIMs in smartphones could put further pressure on prices by increasing the willingness of customers to switch providers.
Another competitive risk lies in the fact that, both in the fixed network and in mobile communications, we are increasingly faced with competitors who are not part of the telecommunications sector as such, but are increasingly moving into the traditional telecommunications markets. This mainly relates to major players in the internet and consumer electronics industries. As a result, we are exposed to the risk of a further loss of share of value added and falling margins due to increasingly losing direct customer contact to competitors.
T‑Mobile US is active in a market environment that is characterized by intensive, increasing competition. Alongside traditional telecommunications providers that deliver bundled offerings including content and mobile video services, there is additional competition, for example, Big Cable in mobile, as the mobile, fixed-network, and satellite industries increasingly converge. In addition, strategic partnerships and MVNO relationships, such as between DISH and AT&T, are being built. Potential market saturation in the United States may cause the wireless industry’s customer growth rate to decline in comparison with previous years, as competition further intensifies. Although T‑Mobile US has an advantage in spectrum licenses, it must push on with the network build-out, particularly in smaller markets with limited coverage and in rural areas, if it is to maintain its claim of market leadership with the best network. T‑Mobile US must continue to successfully refine and implement its market strategy as Value Leader, Customer Service Leader and 5G Network Leader to maintain customer additions and retention. Should consumer behavior or customer requirements change, it could be difficult in the future to achieve targets in terms of business, financial and operational, and operating results.
Innovation cycles are getting shorter and shorter. This confronts the telecommunications sector with the challenge of bringing out new products and services at shorter and shorter intervals. New technologies are superseding existing technologies, products, or services in part, in some cases even completely. This can lead to lower prices and revenues in relation to the services offered, such as telephony, news, internet access, smart home, or television – right through to full substitution by new, global providers. These substitution risks could impact our revenue and earnings. We deal with the impact of substitution risks by, for example, offering integrated solutions with hyper-personalization and contextualization (e.g., Magenta HomeOS) in order to “turn customers into fans” and thereby secure their loyalty. The expansion of the new 5G mobile standard as a technological innovation entails uncertainties in the form of public discussions on security, safety, and electromagnetic compatibility, and the limited number of telecommunications hardware providers we include in planning scenarios.
Our Systems Solutions operating segment also faces challenges. Continued strong competition and persistent cost pressure are adversely affecting traditional IT business. In addition, the technological shift toward cloud solutions and digitalization in the IT sector is prompting new, strongly capitalized, competitors to enter the market. This may lead to revenue losses and declining margins at T‑Systems.
Opportunities from the market environment. The telecommunications and IT market is extremely dynamic and highly competitive. The economic and competition conditions as well as customers’ changing wants and needs affect our actions and impact on our Company indicators. We generally expect the situation to develop as described in the section “Forecast.”
In addition to the risks described, ever-shorter innovation cycles enable us to drive the digital transformation of our society and to provide our consumers and business customers with innovative products and solutions. That is why, with growing convergence of networks, IT, and products, our innovation and technology activities are decisive when it comes to identifying opportunities and making the most of them in an increasingly competitive environment. Hence, our Technology and Innovation Board of Management department has joined all relevant functions under a common leadership to ensure a close integration of innovation, network, IT, and security. By doing so, we are putting the development of human-centered solutions and outstanding, seamless customer experiences front and center, and in the reporting year we won multiple awards, for example, for our digital assistant Frag Magenta and the product Magenta SmartHome.
For further information on our innovation activities, please refer to the section “Technology and innovation.”
The substantial increase in capacity, bandwidth, and availability, and the lower latencies provided by the 5G mobile standard currently being rolled out offer greater reliability, security, and guaranteed service quality, for example, for industrial use cases. 5G thus offers not only the immediate opportunity of managing rapidly increasing demands in existing business models more cost-effectively going forward, but also opportunities for further business models by marketing network capabilities (e.g., network access, localization, security, identity, storage location, temporary storage, real-time processing) to relevant partners. We have already implemented the first use cases such as 5G campus networks and mobile edge computing, in which data is processed in a decentralized manner (at the edges of the network). Together with other technologies like the NarrowBand Internet of Things (NB-IoT) and artificial intelligence (AI), 5G and edge computing provide the underpinnings for the further digital transformation of society. To develop the next, sixth mobile generation, we are working with researchers on a standard that aims to address a number of current challenges facing telecommunications networks: the connection between all people, sustainability, and carbon neutrality, and the further underpinning of data privacy, trust, and security.
Furthermore, opportunities for new project business are arising in our Systems Solutions business from innovation areas such as artificial intelligence (AI) and industrial IoT.
Risks relating to strategic implementation and integration. We are in a continuous process of strategic adjustments and cost-cutting initiatives. If we are unable to implement these projects as planned, we will be exposed to certain risks. In other words, the benefit of the measures could be less than originally estimated, take effect later than expected, or not at all. Each of these factors, individually or in combination, could have a negative impact on our business situation, financial position, and results of operations.
The business combination of T‑Mobile US and Sprint was consummated on April 1, 2020. Implementing the business combination poses complex challenges for T‑Mobile US, which must be successfully overcome in order to continue realizing the predicted synergies and to meet the conditions imposed by the authorities. The combination of the two companies to form the new T‑Mobile US affects all operational areas. For instance, the integration of the mobile networks and the IT and technology environments, customer management, sales, HR management, logistics, and the control environment. At the same time, it will be necessary to fulfill multiple conditions, including those agreed with the antitrust and regulatory authorities such as the Federal Communications Commission (FCC), the U.S. Department of Justice (DoJ), the supervisory authorities in various U.S. states, and the Committee on Foreign Investment in the United States (CFIUS). There are numerous obligations, in particular in relation to network construction and the support of DISH in setting up an independent network. Almost a year after the merger with Sprint, T‑Mobile US gave a progress update on the status of the business integration at its Analyst Day in March 2021, and stated that T‑Mobile US was at that point already ahead of schedule in implementing the synergies from the business combination, as communicated at the announcement of the transaction in April 2018.
Collaboration with Chinese suppliers is being impeded by the enduring trade conflict between the United States and China. Since 2020, the United States has restricted the use of U.S. technology for and by Chinese suppliers on account of security concerns. They also put pressure on other countries to do the same. In Germany, the legislator has put an end to many years of intensive discussion concerning the security of critical infrastructure with the new Second Act to Increase the Security of Information Technology Systems, or the IT Security Act 2.0 (IT-Sicherheitsgesetz 2.0). A positive outcome is that a number of long-disputed requirements for critical infrastructure (KRITIS) have now been laid down. Deutsche Telekom itself has long been scrutinizing security-critical components prior to installation and on an ongoing basis once in operation. We therefore assume that the assessment by the authorities will also be compatible with rapid network build-out and will not lead to any long-term delays. The IT Security Act 2.0 does not include any ban on individual manufacturers. The Federal Ministry of the Interior, Building and Community is currently drafting the necessary rules (on the certification of critical components, manufacturer declarations of trustworthiness, among others) for the practical application of the IT Security Act 2.0. The requirements laid down in the security catalog, drawn up by the Bundesnetzagentur and the Federal Office for Information Security in accordance with the Telecommunications Act and published in early August 2021, will be relevant to any critical components that could potentially be affected. In respect of the certification obligation for components that have already been installed, the catalog stipulates a transition period expiring on December 31, 2025. This is why the affected components can largely be considered to be grandfathered until that point in time. The risk of a retrospective order to remove components already installed in the network is low under current legislation. However, we cannot rule out the possibility that critical components from certain manufacturers currently in use may not be deployed from January 1, 2026 onwards. Several network operators have taken steps to file official objection proceedings to clarify the ambiguous legal terminology and scope of application of the security catalog. Irrespective of this, the hurdles for retrospective orders to remove components already approved will be high. In other countries, such as Austria and Poland, it is still possible that suppliers in critical infrastructure will have to be replaced within specific deadlines. The extent of potential loss has been reduced in particular by the IT Security Act 2.0 adopted in Germany. Thanks to the improved risk situation in the implementation of synergies in the United States and in collaboration with Chinese suppliers, we have lowered the risk significance of the risk category “Strategic implementation and integration” to “high.”
Opportunities relating to strategic implementation and integration. Partnerships provide opportunities, among other benefits, to increase revenue and strengthen customer loyalty. For example, thanks to the inclusion of the new strategic area of operation Magenta Advantage in our Group strategy and the associated program, portfolio companies will receive access to digital customer interfaces and sales points from SoftBank, and thereby innovatively expand our range of services.
The logical network that has resulted from the completed IP transformation (all IP) speaks one language and, in technical terms, functions largely independently of the services transmitted. This will enable efficiency gains, e.g., by reducing the complexity of maintenance and operation, switching off service-specific legacy platforms, and saving energy. In addition, all IP will generate growth potential in the short to medium term by improving the customer experience of existing services (e.g., better voice quality, more customer self-service, greater configuration flexibility) and, in the medium to long term, by providing an indispensable basis for convergence products and the Internet of Things (IoT), and by shortening the time to market for new products.
One of the key benefits of the all-IP network is that it also acts as a foundation for the future cloud- and software-based production of networks and services. It creates opportunities to increase efficiency, accelerate the provision of new services and features, improve quality, and tap into new revenue potential, while at the same time increasing automation.
The disaggregation of the access networks (in mobile communications: Open Radio Access Network, O-RAN; in the fixed-network: Access 4.0) and core networks (e.g., the 5G core network) as part of our network differentiation strategy offers the opportunities of expanding the supplier ecosystem and, as a result, increasing competition, flexibility, and innovation. As we simultaneously drive forward automation and cloudification, we also expect a reduction in total costs and an increase in agility and speed in the provision of new services and features.
We are driving forward the transformation of our IT using agile development, decoupling, and cloudification. These approaches enable us to tap into new possibilities for accelerating developments and increasing the efficiency of IT production, by providing modular components, known as microservices, and APIs and producing them in a scalable cloud with state-of-the-art technology. Furthermore, agile and decoupled development makes it possible to reduce big bang risks in the delivery of major software releases by means of smaller, flexible software releases.
Risks and opportunities arising from brand and reputation. An unforeseeable negative media report on our products and services or our corporate activities and responsibilities can have a huge impact on the reputation of our Company and our brand image. Social networks have made it possible that such information and opinions can spread much faster and more widely. Ultimately, negative reports can impact on our revenue and our brand value. In order to avoid this, we engage in a constant, intensive, and constructive dialog, in particular with our customers, the media, and the financial world. For us, the top priority is to take as balanced a view as possible of the interests of all stakeholders and thereby uphold our reputation as a reliable partner.
Risks and opportunities relating to sustainability and social responsibility. For us, comprehensive risk and opportunity management also means considering the opportunities and risks arising from ecological or social aspects or from the management of our Company. To this end, we actively and systematically involve all relevant stakeholders in the process so as to identify current and potential risks and opportunities. In parallel with our ongoing monitoring of ecological, social, and governance issues, we systematically determine our stakeholders’ positions on these issues. The key tools we use here are: our stakeholder survey; a document analysis, covering legal texts, studies, and media publications, amongst other things; our involvement in working groups and committees of national and international business associations and social organizations, e.g., GeSI, ETNO, BDI, Bitkom, Econsense, and BAGSO; stakeholder dialog formats organized by us; and our various publications, such as the press review and newsletter. We also integrate the biggest sustainability risks in our internal compliance assessment, thereby recording the associated positioning and development of measures in the various business areas.
For further information on sustainability, please refer to the section “Corporate responsibility and non-financial statement.”
We have identified the following as our main sustainability management issues:
- Reputation. How we deal with sustainability issues also entails both opportunities and risks for our reputation. A high level of service quality is one of the most important factors for improving customer perception. Customer satisfaction has been embedded in our Group management as a non-financial performance indicator to underline the importance of this issue. Transparency and reporting help to promote the trust of other external stakeholders in our Group. Our annual and CR reports also serve this purpose. However, issues such as business practices, data privacy, and work standards in the supply chain, conduct in relation to human rights, and ethical conduct in relation to and use of artificial intelligence also entail reputational risks: if our brands, products, or services are connected with such issues in negative media reports, this can cause substantial damage to our reputation. As part of our sustainability management activities, we continuously review such potential risks and take measures to minimize them. This includes systematically incorporating them in the Group’s internal compliance management system, so as to determine the relevance of the risks in relation to sustainability issues and their effect on reputation across units. We also ascertain how our products and services make a positive contribution to sustainability in order to enhance our reputation.
-
Climate protection. We pursue an integrated climate strategy, which means focusing not only on the risks that climate change poses for us and our stakeholders, but also on the opportunities it presents. By 2030, ICT products and services will have the potential to save up to seven times as much in CO2 emissions in other industries as the ICT sector itself generates, even taking into account the expected rebound effects (according to the GeSI Digital for Purpose study). Taking an optimistic view, this could mean a 9 % reduction in global CO2 emissions by 2030. In addition, investments of around USD 3 trillion in innovative solutions are expected by 2030, which will not only expand the business, but will also support the SDGs. We are supporting this trend by evaluating our product portfolio to identify sustainability benefits. In addition, we want to continuously improve the ratio of the emissions that our products and services save to those generated by our own value chain.
Climate change risks are already visible in the form of increasingly extreme weather conditions. Such storm events can damage our infrastructure and disrupt network operation. This has a direct effect on our stakeholders, e.g., our customers, suppliers, and employees and can result in revenue losses or lower customer satisfaction. The risk is assessed in relation to the continuation of operations as part of risk management and is managed at an operational level in the business units. Deutsche Telekom welcomes the targets behind the Task Force on Climate-related Financial Disclosures (TCFD) and is actively working to implement them. In a first step, we conducted a gap analysis on the coverage of TCFD recommendations. In a number of workshops with relevant players from technology, procurement, strategy, and risk management, we defined Deutsche Telekom AG’s key climate-related opportunities and risks and gave them an initial weighting. As a next step, we conducted a location analysis, with the example of Germany, of the physical climate risks in various scenarios (business as usual/4-degree scenario), which is now to be internationalized as part of a transnational project. In addition to the physical risks, transitory risks (threats arising from sudden adaptations to climate change made by economic sectors) are now also being analyzed in detail.
Detailed information on this will be published in our 2021 CR report.
We can take further preventive action in this area by also reducing our own CO2 emissions. For this reason, in 2021 we set ourselves the ambitious target of cutting our CO2 emissions across the Group (Scope 1 and 2) to net zero by 2025. Up to 95 % of these emissions will be actually cut. Any remaining emissions will be offset through compensatory measures. Climate protection also carries financial risks, whether from the introduction of levies on CO2 emissions or increased energy costs, as well as stricter requirements for products, for example in relation to energy efficiency. The measures we are taking to counter these risks include measuring our own energy efficiency and finding ways to improve it. Our new ESG targets agreed for 2021 for Board of Management remuneration in relation to the respective annual energy consumption as well as the planned annual CO2 emissions for Scope 1 and 2 also contribute to achieving the climate targets and energy efficiency measures. We have a Group-wide program to specifically address our supply chain and we are working to optimize our products and their packaging. Since 2021, the Group has covered 100 % of its electricity requirement with renewable energy. This is achieved through power purchase agreements (PPAs) and other forms of direct purchase, also by other means, such as through guarantees of origin.
For further information, please refer to the section “Corporate responsibility and non-financial statement.”
- Suppliers. We see more sustainability in our supply chain as an opportunity – for our reputation and our business success. Apart from the general risks associated with our global procurement activities, we can be exposed to country- and supplier-specific risks. These include, for example, the use of child labor, the conscious acceptance of environmental damage, or inadequate local working and safety conditions. We systematically review our processes, including in terms of upcoming requirements (e.g., the German Supply Chain Due Diligence Act (Lieferkettensorgfaltspflichtengesetz)), and the same applies for our suppliers. In this way, we minimize risks. We conduct corresponding audits within the scope of the Joint Audit Corporation (JAC). The aim of the JAC is to reduce sustainability risks in our supply chain and to improve ecological and social aspects, including the issue of human rights. As such, the audit is compliant with internationally recognized guidelines and standards, such as the ILO Core Labor Standards, the UN Guiding Principles on Business and Human Rights, and the OECD Guidelines for Multinational Enterprises. Our partnerships with suppliers that comply with international sustainability standards ensure a high level of product quality and reliable procurement. We have a special development program in place to help strategic suppliers introduce business practices that are both socially and ecologically acceptable while remaining economically efficient. This program showed measurable successes again in the reporting period and has three major advantages: It has a positive impact on our suppliers’ working conditions, enhances their profitability, and makes the economic relevance of sustainability clear for both sides, i.e., for our suppliers and for the Group alike. For instance, better working conditions at our suppliers reduces the number of work-related accidents as well as the attrition rate. That, in turn, ensures high product quality and increases productivity, while at the same time lowering costs for recruitment and training. Thus, not only are we strengthening our suppliers’ profitability and CR performance, we are also significantly reducing identified risks.
Health. Mobile communications, or the electromagnetic fields used in mobile communications, regularly give rise to concerns among the general population about potential health risks. This issue continues to be the subject of public, political, and scientific debate. Acceptance problems among the general public mostly concern mobile communications networks and occasionally the use of mobile terminals such as smartphones, tablets, and laptops. The discussion has intensified repercussions for the build-out of the mobile infrastructure. In the fixed network, this can affect the use of traditional IP and DECT (digital cordless) phones, and devices that use Wi-Fi technology. There is a risk of regulatory interventions, such as tightened thresholds for electromagnetic fields or the implementation of precautionary measures in mobile communications, e.g., amendments to building law, or also the risk of a labeling requirement for handsets.
Over the past few years, recognized expert organizations such as the World Health Organization (WHO) and the International Commission on Non-Ionizing Radiation Protection (ICNIRP) have repeatedly reviewed the current thresholds for mobile communications and confirmed that – if these values are complied with – the use of mobile technology is safe based on current scientific knowledge. National and international expert organizations will continue to regularly review the recommended thresholds.
We are convinced that mobile communications technology is safe if specific threshold values are complied with. We are supported in this conviction by the assessment of the recognized bodies. Our responsible approach to this issue finds expression in our Group-wide EMF Policy, with which we commit ourselves to more transparency, information, participation, and support of independent mobile communications research, far beyond that which is stipulated by legal requirements. We aim to overcome concerns among the general public by pursuing an objective, scientifically well-founded, and transparent information policy. We thus continue to see it as our duty to continue our trust-based dialog with local authorities and to ensure its successful progress. This particularly applies since our long-standing collaboration with municipalities to expand the mobile network was enshrined in law in 2013. Previously, this collaboration was based on voluntary self-commitments by the network operators.
Operational risks and opportunities
Risks arising from technology. We have an increasingly complex information/network technology (IT/NT) infrastructure, which we constantly expand and upgrade to ensure the best customer experience and consolidate our technology leadership. Outages in the current and also future technical infrastructure cannot be completely ruled out and could in individual cases result in revenue losses or increased costs. After all, our IT/NT resources and structures are the key organizational and technical platform for our operations. The ongoing convergence of IT and NT harbors risks. In order to counter these holistically, our network, innovation, and IT activities are combined under the Board of Management department for Technology and Innovation.
Risks could arise in this area relating to all IT/NT systems and products that require internet access. For instance, faults between newly developed and existing IT/NT systems could cause interruptions to business processes, products, and services, such as smartphones and MagentaTV, or to connectivity for business customers. In order to avoid the risk of outages, e.g., due to natural disasters or fires, we use technical early warning systems and redundant IT/NT systems. The Computer Emergency Response Team (CERT) at Deutsche Telekom Security is in charge of protecting our business customers’ servers. In cloud computing, all data and applications are stored at a data center. Our European data centers have security certification and meet strict data protection provisions and the EU regulations. All data relating to companies and private persons is protected from external access. Constant maintenance and automatic updates keep the security precautions up to date at all times. On the basis of a standardized Group-wide business continuity management (BCM) process, we also take organizational and technical measures to prevent damage from occurring or, if we cannot, to mitigate the subsequent effects. We also have insurance cover for insurable risks.
T‑Mobile US relies upon its own systems and networks and the systems and networks of other providers and suppliers, to provide and support services. T‑Mobile US’ business, like that of most retailers and wireless companies, involves the receipt, storage, and transmission of customers’ confidential information, including sensitive personal information, payment card information, and confidential information about their employees and suppliers, as well as other sensitive information about T‑Mobile US, such as business plans, transactions, and intellectual property. Cyberattacks, such as denial of service and other malicious attacks, could disrupt T‑Mobile US’ internal systems, networks, and applications, impair its ability to provide services to customers, and have other adverse effects on its business.
In order to grow and remain competitive with new and evolving technologies in the industry, T‑Mobile US will need to adapt to future changes in technology, continually invest in its network, increase network capacity, enhance existing offerings, and introduce new offerings to address its current and potential customers’ changing demands. If T‑Mobile US is unable to take advantage of technological developments on a timely basis, then it may experience a decline in demand for its services or face challenges in implementing or evolving its business strategy. Following the business combination with Sprint, T‑Mobile US operates and maintains several customer billing systems and will continue to run them until all of Sprint’s legacy customers have been successfully migrated to T‑Mobile US’ existing billing systems. Unexpected difficulties or delays could cause major system or business disruptions.
Opportunities arising from technology. The utilization of large data volumes (big data) from our networks can improve and speed up decision-making processes by enhancing transparency. It does so by shifting the basis for decisions from hypotheses to facts and, for example, enabling correlations to be recognized.
Our Systems Solutions operating segment covers innovative business areas in the digital transformation of business processes, such as cloud computing, edge computing, and cybersecurity. These business areas could develop faster than expected. As a pioneer of the digital transformation, we have an opportunity not only to participate in, but also actively shape, the market trend through a variety of projects in the fields of healthcare and mobility solutions. In the ramp-up phase of these new business models based on M2M communication and big data, our partner-oriented approach is a highly promising way of contributing our core competencies – in cloud computing, edge computing, and cybersecurity – to various projects. In addition, we have references regarding strategic engagements in our focal sectors Automotive, Public, Health, and Public Transport. We also see potential for development in the sovereign clouds environment.
As a technology and development partner for toll collection business in Europe, we already have a strong competitive position. We have earned valuable references in European toll collection projects in Belgium and Austria and through the launch of a Europe-wide toll collection system (Toll4Europe). This will help to give us an edge over our competitors.
Procurement and supply risks. Deutsche Telekom cooperates with a variety of suppliers of technical (information and communication technology) and non-technical products and services. Products and services that might involve a higher risk include software and hardware, network technology components, and all products and services provided directly to end customers.
Supply risks cannot be entirely ruled out. Pandemics, other delivery bottlenecks, price increases, changes in the prevailing economic or political conditions, or suppliers’ product strategies may have a negative impact on our business processes and our results. Additional risks may also result from the dependence on individual suppliers or from individual suppliers defaulting. This is especially true for Chinese telecommunications suppliers. We employ organizational, contractual, and procurement strategy measures to counteract such risks. For example, in early 2021, the Chip Shortage Task Force was set up to assess Deutsche Telekom’s risk situation at regular intervals and, where necessary, take relevant mitigating measures, and monitor their implementation.
Risks and opportunities arising from data privacy and data security
Since the introduction of the General Data Protection Regulation (GDPR), data privacy law has been largely harmonized in Europe. As a Group with its focus in Europe, Deutsche Telekom has benefited substantially from this. In the recent past, European institutions have further strengthened data protection. On July 16, 2020, the European Court of Justice (ECJ) issued a landmark judgment on Schrems II. With this ruling, Europe’s highest court addressed the concerns on the level of data protection in the United States and declared the adequacy decision of the EU Commission for the United States (Privacy Shield) void. Group Privacy is working with all affected Group units to implement the requirements arising from the ruling and the publications of the European Data Protection Board. All companies in the EU, but also their contractual partners around the globe, must rise to the significant challenges of this ruling in order to be able to ensure data continues to be processed in compliance with data protection regulations going forwards.
The new requirements also affect the Group’s Privacy and Security Assessment (PSA) process, which was established 12 years ago. This process, which is now fully digital, meets the requirements of the GDPR with regard to carrying out a Privacy Impact Assessment for evaluating and documenting the risks posed by data processing. For example, a Transfer Impact Assessment was integrated in the PSA process. In all new processes with a third-country dimension, all requirements from the Schrems II ruling are taken into account and documented right from development. Existing agreed standard contractual clauses, however, can still be used until the end of 2022. However, extensive inspection obligations apply for the contracting parties and the data protection authorities to verify that the data protection level is in fact adequate. Extensive technical and legal checks must be carried out for all third-country transfers and, if necessary, adjustments must be made.
The Schrems II ruling impacts on the implementation of Deutsche Telekom’s cloudification activities. Prior to the relocation of workloads or applications, for example, in a cloud solution from a third country, a detailed risk analysis is carried out, both on the transfer and its potential impacts on the business, and on the ability to recall the workload or application. If it were no longer possible to use the cloud solutions in third countries, this would result in significant losses of efficiency and additional costs.
In addition, we have carefully examined technical developments and digital transformation projects to verify if they are in line with the Group strategy. Take, for example, the service app, which our customers can use to manage their Telekom products and contracts. In 2021, this standardized technical and data privacycompliant solution was also launched in Germany. Another example is the German Corona-Warn-App and the subsequent European solution, which we continue to further develop together with the Robert Koch Institute, SAP, and other partners. Deutsche Telekom played a decisive role in the data privacy concept throughout the development of the app and coordinated between the partners, the Federal Government, and other parties involved. We were, and are, thus able to make a substantial contribution to fighting the coronavirus pandemic in Germany and Europe.
T‑Systems is a signatory of the EU Cloud Code of Conduct (EU Cloud CoC). After all, the EU Cloud is synonymous with something essential, namely, nothing less than the digital sovereignty of Europe in cloud services. This refers to the complete control of stored and processed data and independent decision-making on who can access the data. This requires clear rules and requirements, which is what the EU Cloud CoC offers. The European data protection authorities authorized this Code of Conduct. By becoming a signatory, the Company and hence also T‑Systems undertakes to continue to increase the data protection level for cloud services in the interests of customers and European data protection. In this way they provide proof that data is processed in accordance with the requirements of the GDPR. Compliance with the rules is reviewed by an independent body.
However, since the ePrivacy Regulation has still not yet been adopted, there is yet another sector-specific regulatory challenge for the telecommunications sector in the EU. As telecommunications providers’ data processing options are substantially restricted compared with what is possible under the GDPR, innovative big data and artificial intelligence applications in the field of telecommunications cannot realize the same kind of potential as those of companies that are only subject to the GDPR.
IT security continues to pose major challenges. In addition to preventive measures such as integrated security in business processes and measures to raise security awareness among employees, we counter these challenges with increased focus on the analysis of threats and cyber risks. This is where our early warning system comes in: It detects new sources and types of cyberattack, analyzes the behavior of the attackers while maintaining strict data privacy, and identifies new trends in the field of security. Along with the honeypot systems, which simulate vulnerabilities in IT systems, our early warning system includes alerts and analytical tools for spam mails, viruses, and Trojans. We exchange the information we obtain from all these systems with public and private bodies to detect new attack patterns and develop new protection systems.
Cybercrime and industrial espionage are on the rise and are becoming ever more complex due to rapidly advancing technologies and attack methods. As a result, we face constant challenges and adjustments to protect our customer and business partner data, as well as our networks, technologies, products, and services against these attacks. Such incidents can lead, among other things, to business disruptions, embezzlement, or unauthorized access to confidential or personal information, and to loss of reputation. We are addressing these risks with comprehensive security concepts. In order to create greater transparency and thus be in a stronger position to tackle these threats, we are relying more and more on partnerships, e.g., with public and private organizations. By means of the Security by Design principle, we have made security an integral part of our development process for new products and information systems. In addition, we carry out intensive and obligatory digital security tests.
We are continually striving to accelerate our growth through IT security solutions. To this end, we have combined our security units within Deutsche Telekom Security. We want to leverage this end-to-end security portfolio to secure market shares and score points with security concepts on the back of megatrends like the Internet of Things and Industry 4.0. We are also continuing to gradually expand our partner ecosystem in the area of cybersecurity.
We provide regular updates on the latest developments in data protection and data security on our website.
Other operational risks and opportunities
Employees. Our employees play a crucial role in the transformation of Deutsche Telekom. Their skills are a key factor to our business success. In view of the strained market situation, recruitment of new employees/experts for business-critical areas such as IT is very challenging and essential for business success.
In 2021, we once again used socially responsible measures to restructure the workforce in our Group. Early retirement models such as phased and dedicated retirement, and severance payments have been largely taken up, but also the training and placement of civil servants in the public sector by Vivento has proved very popular. The transformation with the associated staff restructuring is extremely important for achieving the Group’s goals. Nevertheless, it is essential the restructuring is managed in a targeted way. That is why, for each request by an employee to take up a staff reduction instrument, it must be ensured on principle that the arrangement is voluntary on both sides (agreed by employee and manager), so as to avoid, for example, the loss of high performers.
The Company still employs numerous civil servants, who originally belonged to Group units of Deutsche Telekom that have since been sold. Where requested, these civil servants have been granted temporary leave from their civil servant status. However, there is a risk that they may return to us from a sold entity, for instance after the end of their temporary leave from civil servant status, without the Company being able to offer them jobs. Currently, 1,174 civil servants are entitled to return from outside the Group in this way (as of December 31, 2021), thus posing a risk.
Risks and opportunities relating to regulation
In the following section, we describe the main regulatory risks and opportunities that, as things currently stand, could affect our results of operations and financial position, and our reputation.
Regulatory risks arise from telecommunications-specific statutory regulations at the national, European, and U.S. level, and from the consequent powers of national authorities to regulate or intervene in the market and limit our freedom as regards product design and pricing. Deregulation can give rise to regulatory opportunities. Regulatory intervention, which we can only anticipate to a limited extent, may exacerbate existing price and competitive pressure. There are concerns that regulation in the United States, Germany, and other European countries may also impact revenue and earnings trends in the medium to long term.
Changes in regulatory policy and legislation
European Electronic Communications Code (EECC) transposed into national law. The transposition of the EECC into national law in each of Deutsche Telekom’s footprint countries confers both opportunities, in particular for a shift towards more investment-friendly regulation, and risks, primarily in connection with the higher costs of transposing extended consumer protection provisions and operational implementation into processes. The rules are already in place in Germany in the form of the Telecommunications Modernization Act (Telekommunikationsmodernisierungsgesetz – TKMoG), which entered into force on December 1, 2021. The legislative process for the EECC has also been completed or is underway in the countries of our European subsidiaries.
For more information on the EECC, please refer to the section “The economic environment – Major regulatory decisions.”
The revision of the EU legal framework for telecommunications remains part of a package of new EU legislation on the single market for electronic communications that provides for amendments to the regulations governing media services – mainly due to the growing importance of internet offerings – which are competing with the TV services previously focused on (e.g., regarding copyright law, laws for the protection of minors from harmful media, consumer protection, and the liability of internet service providers (in particular hosting) for third-party content). At the national level, too, specific amendments (for instance, to the German State Media Treaty and the German Telemedia Act, as well as to competition law) have recently been made in response to digitalization and convergence trends.
For further information on key regulatory decisions, please refer to the section “The economic environment.”
In the United States, too, new or amended wireless-related provisions and laws can increase the complexity of processes and lead to higher costs for T‑Mobile US.
Awarding of spectrum
Risks could arise from the fact that inappropriate auction rules and frequency usage requirements, excessive reserve prices, or disproportionately high annual spectrum fees could jeopardize our planned acquisition of spectrum. Inappropriate conditions for the awarding of spectrum can include, for example, extensive build-out requirements and, in some cases, requirements to grant network access (national roaming, service provider access). By contrast, we see an opportunity in particular in the fact that such spectrum award procedures enable mobile network operators to obtain the optimum amount of spectrum for their future business. We would thus be equipped for further growth and innovation. The upcoming award procedures mainly relate to the auctioning of additional spectrum in the 700 MHz, 800 MHz, 900 MHz, 1,800 MHz, and the 3,400 MHz to 3,800 MHz ranges. In addition, spectrum licenses, especially in the 2,100 MHz and 2,600 MHz ranges, will expire between 2022 and 2024 in some countries and need to be renewed. Award procedures are currently being prepared, primarily in Croatia, Poland, Romania, Slovakia, the Czech Republic, and the United States.
For further information on spectrum auctions that were completed in 2021 or are still ongoing, please refer to the section “The economic environment.”
Areas in which national regulators may intervene
European and national laws and regulations grant national regulators extensive powers of intervention. In addition to the aforementioned EECC, a case in point at the European level is the EU Regulation concerning the single market for electronic communications, which was enacted in 2015. It contains provisions on international roaming, net neutrality, and obligations to provide information. These provisions restrict our product design options, mainly as regards retail products. The Body of European Regulators for Electronic Communications (BEREC) has published guidelines for implementing this regulation. Risks arise from how the national regulators interpret both the regulation and these guidelines. When the Telecommunications Modernization Act entered into force in December 2021, the previously non-binding communication by the Bundesnetzagentur on the interpretation of certain parts of the regulation was replaced by a legally binding administrative order issued by the Bundesnetzagentur. In addition, national regulatory authorities have wide-ranging powers under law to require products to be adjusted in order to enforce the regulation and to impose fines in cases of non-compliance.
Our Group companies in Germany and Europe continue to be subject to extensive regulation of wholesale products, obligating us to make our network and services available to our competitors wherever we are deemed to have significant market power as an operator. The national regulators regularly check and determine the corresponding terms, conditions, and prices of these wholesale offerings. The key wholesale products subject to regulation are unbundled local loop lines, bitstream products, leased lines, and the associated services. Since 2021, termination rates have been determined directly by the European Commission by way of a delegated act. In addition, European and national consumer protection regulations apply. The amendment to the German Telecommunications Act (Telekommunikationsgesetz), which entered into force on December 1, 2021, introduced additional transparency provisions. Consumers who find substantial deviations in bandwidth using the bandwidth measuring program provided by the Bundesnetzagentur can also reduce their monthly charge or terminate their contract. In addition, in the event of missed technician appointments or faults that are not remedied in a timely manner, lump-sum damages can be claimed.
In addition to the requirements of telecommunications law, our media products are also subject to special European and national regulations under media law, as well as non-sector-specific regulations such as data and consumer protection. These include, in the broader sense, copyright law, regulations concerning the responsibility for published content, requirements in relation to ensuring the protection of minors in the media, and requirements in relation to the content and user interfaces of media distribution platforms. Barring any changes to its shareholder structure on the one hand (the Federal Republic and KfW being its major shareholders), or to the legal situation, or the prevailing opinions of media regulators on the other, it is unlikely that Telekom Deutschland will be granted a license to broadcast radio and television programs.
New state interventions in the context of cybersecurity in Poland under debate. In January 2021, the Polish government published a draft for a cybersecurity act and new provisions for an amendment to the national telecommunications act. These changes would give new mobile network operators privileged access to resources to foster their establishment in the market. This could result in unfair competition and negatively affect the competitive standing of our mobile communications subsidiary in Poland. The second draft for the Cyber Security Act published on October 12, 2021 and the associated provisions in the Polish Telecommunications Act continue to give rise to risks to free access to frequency resources for the 5G network build-out in the near future.
Litigation
Major ongoing legal proceedings
Deutsche Telekom is party to proceedings both in and out of court with government agencies, competitors, and other parties. The proceedings listed below are of particular importance from our perspective. If, in extremely rare cases, required disclosures on individual litigation and anti-trust proceedings are not made, we concluded that these disclosures may seriously undermine the outcome of the relevant proceedings.
Prospectus liability proceedings (third public offering, or DT3). This relates to initially around 2,600 ongoing lawsuits from some 16,000 alleged buyers of T-Shares sold on the basis of the prospectus published on May 26, 2000. The plaintiffs assert that individual figures given in this prospectus were inaccurate or incomplete. The amount in dispute currently totals approximately EUR 78 million plus interest. Some of the actions are also directed at KfW and/or the Federal Republic of Germany as well as the banks that handled the issuances. The Frankfurt/Main Regional Court had issued orders for reference to the Frankfurt/Main Higher Regional Court in accordance with the German Capital Investor Model Proceedings Act (Kapitalanleger-Musterverfahrensgesetz – KapMuG) and has temporarily suspended the initial proceedings. On May 16, 2012, the Frankfurt/Main Higher Regional Court had ruled that there were no material errors in Deutsche Telekom AG’s prospectus. In its decision on October 21, 2014, the Federal Court of Justice partly revoked this ruling, determined that there was a mistake in the prospectus, and referred the case back to the Frankfurt/Main Higher Regional Court. On November 30, 2016, the Frankfurt/Main Higher Regional Court ruled that the mistake in the prospectus identified by the Federal Court of Justice could result in liability on the part of Deutsche Telekom AG, although the details of that liability would have to be established in the initial proceedings. Following an appeal from both parties, in February 2021, the Federal Court of Justice once again referred the proceedings back to the Frankfurt/Main Higher Regional Court for further consideration. In November 2021, Deutsche Telekom AG presented a settlement concept under which a concrete settlement offer is to be made to every eligible plaintiff. The settlement offers are made without any judicial decision and do not constitute an admission of liability on the part of Deutsche Telekom AG. Deutsche Telekom AG has recognized appropriate provisions for risk in the statement of financial position.
Claims relating to charges for the shared use of cable ducts. In 2012, Kabel Deutschland Vertrieb und Service GmbH (today Vodafone Deutschland GmbH (VKDG)) filed a claim against Telekom Deutschland GmbH to reduce the annual charge for the rights to use cable duct capacities. According to VKDG’s latest estimates, its claims amounted to around EUR 624 million for the period from 2009 to mid-2018, along with around EUR 9 million for the alleged benefit from additional interest, plus interest in each case, and the company is also demanding a considerable reduction of the charges for the following years. In similar proceedings, the then Unitymedia Hessen GmbH & Co. KG, Unitymedia NRW GmbH, and Kabel BW GmbH (today Vodafone Hessen et al.) filed claims against Telekom Deutschland GmbH in January 2013, demanding that it cease charging the plaintiffs more than a specific and precisely stated amount for the shared use of cable ducts, including in the future. The plaintiffs are demanding a refund, most recently calculated at approximately EUR 570 million plus interest for the years 2009 to 2017. The claims were recently rejected by the Frankfurt Higher Regional Court (VKDG) and by the Düsseldorf Higher Regional Court (Vodafone Hessen et al.) and an appeal was not allowed in both cases. In response to the complaints of the plaintiffs against non-allowance of appeal, the Federal Court of Justice allowed the appeal by VKDG to the extent that it relates to claims dating from January 1, 2012; the appeal by Vodafone Hessen et al. was allowed to the extent that it relates to claims dating from January 1, 2016. The claims were rejected with legally binding effect for the time periods prior to this, which leads to a significant reduction in current calculations of claims. In a ruling on December 14, 2021, the Federal Court of Justice referred the proceedings concerning the remaining claims back to the responsible Higher Regional Courts for a new hearing and decision. At present the financial impact of both these proceedings cannot be assessed with sufficient certainty.
Sprint Merger class action. On June 4, 2021, a shareholder class action and derivative action was filed in the Delaware Court of Chancery against Deutsche Telekom AG, SoftBank, T‑Mobile US, and all of our officers and directors at that time, asserting breach of fiduciary duties relating to the repricing amendment to the Business Combination Agreement, as well as SoftBank’s subsequent monetization of its T‑Mobile US shares. On October 29, 2021, the complaint was amended. The amended complaint is directed at the same defendants and the same underlying transactions as in the original action; however, it includes additional submission on alleged facts. At present, the financial impact of these proceedings cannot be assessed with sufficient certainty.
Proceedings against T‑Mobile US as a consequence of the cyberattack on T‑Mobile US. In August 2021, T‑Mobile US confirmed that their systems had been subject to a criminal cyberattack that compromised data of millions of their customers, former customers, and prospective customers. With the assistance of outside cybersecurity experts, T‑Mobile US located and closed the unauthorized access to their systems and identified customers whose information was impacted and notified them, consistent with state and federal requirements. As a result of the cyberattack, numerous consumer class actions were filed against T‑Mobile US. The class actions brought in before the federal courts were consolidated to one action in December 2021. The plaintiffs are claiming damages in an as yet unspecified amount. Moreover, in November 2021 a derivative action was filed against the members of the Board of Directors of T‑Mobile US. T‑Mobile US is also named as a nominal defendant in this lawsuit. The plaintiff is making various unquantified claims in relation to the company’s cybersecurity practices. In addition, inquiries have been made by various government agencies, law enforcement and other state authorities. At present the financial impact of these proceedings cannot be assessed with sufficient certainty.
Patents and licenses. Like many other large telecommunications and internet providers, Deutsche Telekom is exposed to a growing number of intellectual property rights disputes. There is a risk that we may have to pay license fees and/or compensation; we are also exposed to a risk of cease-and-desist orders, for example relating to the sale of a product or the use of a technology.
Further, Deutsche Telekom intends to defend itself and/or pursue its claims vigorously in each of these proceedings.
Proceedings concluded
Claim for damages in Malaysia despite an earlier, contrary, legally binding arbitration ruling. In 2006, Celcom Malaysia Berhad (Celcom) and Technology Resources Industries Berhad pursued actions with the state courts in Kuala Lumpur, Malaysia, against eleven defendants in total, including DeTeAsia Holding GmbH, a subsidiary of Deutsche Telekom AG, for damages and compensation in the amount of USD 232 million plus interest. DeTeAsia Holding GmbH had enforced this amount against Celcom in 2005 on the basis of a final arbitral award in its favor. After DeTeAsia Holding GmbH agreed a mutual settlement with the plaintiffs – without recognition of a legal obligation on both sides – the claim against defendants including DeTeAsia Holding GmbH was withdrawn in full with legally binding effect in November 2021.
Anti-trust proceedings
Like all companies, our Group is subject to anti-trust law. In recent years, we have notably stepped up our compliance efforts in this area too. Nevertheless, Deutsche Telekom and its subsidiaries are from time to time subject to proceedings under anti-trust law or follow-on damage actions under civil law. In the following, we describe material anti-trust proceedings and resulting claims for damages.
Claims for damages against Slovak Telekom following a European Commission decision to impose fines. The European Commission decided on October 15, 2014 that Slovak Telekom had abused its market power on the Slovak broadband market and as a result imposed fines on Slovak Telekom and Deutsche Telekom AG, which were paid in full in January 2015. After the General Court of the European Union partially overturned the European Commission’s decision in 2018 and reduced the fines by a total of EUR 13 million, the legal recourse following the ruling of the European Court of Justice on March 25, 2021 is exhausted. Following the decision of the European Commission, competitors filed damage actions against Slovak Telekom with the civil court in Bratislava. These claims seek compensation for alleged damages due to Slovak Telekom’s abuse of a dominant market position, as determined by the European Commission. At present, two claims totaling EUR 112 million plus interest are still pending. It is currently not possible to estimate the financial impact with sufficient certainty.
Claims for damages against Deutsche Telekom AG, including due to insolvency of Phones4U. Phones4U was an independent British mobile retailer, which declared insolvency in 2013. The insolvency administrator is pursuing claims before the High Court of Justice in London against the mobile providers active on the UK market at that time and their parent companies on the grounds of alleged collusion in violation of anti-trust law and breach of contract. Deutsche Telekom AG, which at that time held 50 % of the mobile company EE Limited, has rejected the claims as unsubstantiated, including at the Case Management Conference in October 2021, but will nevertheless have to take part in the court proceedings, which are expected to begin in May 2022. Phones4U has yet to state the amount of its claim for damages. It is currently not possible to estimate the financial impact with sufficient certainty.
Compliance risks
Compliance-relevant risks are all potential infringements by members of executive bodies or employees that could give rise to administrative or criminal liability on the part of the Company or result in a material loss of reputation. In order to minimize these risks, we have set up a compliance management system. Our compliance management system is based on the Compliance Risk Assessments (CRAs), which we use to identify and assess compliance risks and introduce suitable preventative measures. The TellMe whistleblower portal is available to employees and external parties for reporting breaches or suspected breaches of the law or of internal policies and regulations. We have set up the AskMe advice portal to address all kinds of issues relating to compliance. The portal contains reliable information for employees on laws, internal policies, and rules of conduct relevant to their daily activities.
For more information, please refer to the section “Ethical business practices and compliance” under “Corporate responsibility and non-financial statement.”
Financial risks and opportunities
Liquidity, credit, currency, interest rate risks
With regard to its assets, liabilities, and planned transactions, our Group is particularly exposed to liquidity risks, credit risks, and the risk of changes in exchange rates and interest rates. We want to contain these risks. Risks with an impact on cash flows are monitored in a standard process and hedged accordingly using derivative and non-derivative hedges. Derivative financial instruments are used solely for hedging and never for speculative purposes. The following risk areas – liquidity, credit, currency, and interest rate risks – are evaluated taking into account all hedges.
For further information on the risk assessment, please refer to the “Corporate risks” table above.
Liquidity risk. To ensure the Group’s and Deutsche Telekom AG’s solvency and financial flexibility at all times, we maintain a liquidity reserve in the form of credit lines and cash as part of our liquidity management. Since the successful business combination of T‑Mobile US and Sprint, T‑Mobile US has pursued its own separate financing and liquidity strategy.
Deutsche Telekom (excluding T‑Mobile US): Primarily bilateral credit agreements with 21 banks with an aggregate total volume of EUR 12.6 billion were available as of December 31, 2021, of which EUR 0.1 billion were utilized. Our liquidity reserve covered maturing bonds and long-term loans at all times for at least the next 24 months (see graphic below).
T‑Mobile US: Bilateral credit lines with an aggregate total volume of USD 5.5 billion (EUR 4.9 billion) plus a cash balance of USD 6.6 billion (EUR 5.9 billion) were available as of December 31, 2021.
Credit risks. In our operating business and certain banking activities, we are exposed to a credit risk, i.e., the risk that a counterparty will not fulfill its contractual obligations. To keep this credit risk to a minimum, we conclude transactions with regard to financing activities only with counterparties that have at least a credit rating of BBB+/Baa1; we also actively manage limits. In addition, we have concluded collateral agreements for our derivative transactions. At the level of operations, the outstanding debts are continuously monitored in each area, i.e., locally.
Currency risks. Currency risks result from investments, financing measures, and operations. Risks from foreign-currency fluctuations are hedged if they affect the Group’s cash flows. However, foreign-currency risks that do not influence the Group’s cash flows (e.g., risks resulting from the translation of assets and liabilities of foreign operations into euros) are not hedged. Deutsche Telekom may nevertheless also hedge these foreign-currency risks under certain circumstances.
Interest rate risks. Our interest rate risks mainly result from Group financing: On the one hand, we have an interest rate risk relating to the issue of new liabilities, and on the other, we have an interest rate risk arising from variable-interest liabilities. The euro interest rate position is managed as part of our interest rate management activities. Each year, a maximum is set for the percentage of variable-interest liabilities. The USD debt position of T‑Mobile US primarily comprises partially cancelable, fixed-income bonds.
For further information, please refer to Note 40 “Financial instruments and risk management” in the notes to the consolidated financial statements.
Tax risks
We are subject to the applicable tax laws in many different countries. Risks can arise from changes in local taxation laws or case law and different interpretations of existing provisions. These risks can impact both our tax expense and benefit as well as tax receivables and liabilities.
Other financial risks and opportunities
This section contains information on other financial risks that we consider to be immaterial at present or cannot evaluate based on current knowledge.
Rating risk. Deutsche Telekom’s credit rating affects our access to the capital markets, to the international finance markets, and our refinancing costs. A lower rating could impede access to the capital market and, over time, would lead to an increase in the cost of debt financing. We intend to maintain our rating in a corridor from A- to BBB and thereby safeguard undisputed access to the capital market. As of December 31, 2021, Deutsche Telekom AG’s credit rating with Moody’s was Baa1 with a stable outlook, while Standard & Poor’s rated us BBB with a stable outlook, and Fitch confirmed its current rating of BBB+ with a stable outlook. From today’s perspective, access to the international debt capital markets for both Deutsche Telekom AG and T‑Mobile US is not jeopardized.
Sales of shares by the Federal Republic or KfW Bankengruppe. As of December 31, 2021, the Federal Republic and KfW Bankengruppe jointly held 30.5 % in Deutsche Telekom AG. It is possible that the Federal Republic will continue its policy of privatization and sell further equity interests in a manner designed not to disrupt the capital markets and with the involvement of KfW Bankengruppe. There is a risk that the sale of a significant volume of shares by the Federal Republic or KfW Bankengruppe, or any speculation to this effect, could have a negative impact on the price of the T-Share.
Impact of the CR strategy on the value of the Company. Our CR strategy enhances the value of our Company in the long term, which also has a positive effect of reducing business risks. Investors with a long-term horizon acknowledge this approach. In the capital markets, this is evident, for example, in the proportion of T-Shares held by investors that base their investment decisions, at least in part, on sustainability criteria. As of September 30, 2021, around 12 % of all T-Shares were held by SRI (socially responsible investment) investors, and 10 % were held by investors who manage their funds primarily in accordance with SRI aspects.
Impairment of Deutsche Telekom AG’s assets. The value of the assets of Deutsche Telekom AG and its subsidiaries is reviewed periodically. In addition to the regular annual measurements, specific impairment tests may be carried out, for example, where changes in the economic, regulatory, business, or political environment suggest that the value of goodwill, intangible assets, property, plant and equipment, investments accounted for using the equity method, or other financial assets might have decreased. These tests may lead to the recognition of impairment losses that do not, however, result in cash outflows. This could impact to a considerable extent on our results, which in turn may negatively affect the T-Share price.
For further information, please refer to the section “Summary of accounting policies – Judgments and estimates” in the notes to the consolidated financial statements.