Risk Factors Dashboard
Once a year, publicly traded companies issue a comprehensive report of their business, called a 10-K. A component mandated in the 10-K is the ‘Risk Factors’ section, where companies disclose any major potential risks that they may face. This dashboard highlights all major changes and additions in new 10K reports, allowing investors to quickly identify new potential risks and opportunities.
View risk factors by ticker
Search filings by term
Risk Factors - TMUS
-New additions in green
-Changes in blue
-Hover to see similar sentence in last filing
Item 1A. Risk Factors
We have implemented processes for overseeing and identifying material risks from cybersecurity threats, and our cybersecurity processes are integrated into the Company’s overall risk management system and processes. As part of management’s oversight of cybersecurity, Mark Clancy, our Senior Vice President, Cybersecurity, presents on our cybersecurity practices to the Nominating, Corporate Governance and Compliance Committee of our Board of Directors (the “NCGC Committee”) and to our full Board of Directors on a periodic basis. Our Chief Audit Executive periodically presents enterprise risks, including cybersecurity risks, to the Audit Committee of our Board of Directors (the “Audit Committee”). Our Chief Compliance Officer regularly attends meetings of the NCGC Committee to provide insights from the compliance perspective relating to cybersecurity. Our 24Table of ContentsChief Compliance Officer regularly attends meetings of the NCG Committee to provide insights from the compliance perspective relating to cybersecurity.
Engagement with External Experts
Oversight of Third-Party Service Providers
As previously disclosed, in August 2021, we experienced a cybersecurity incident that resulted in numerous lawsuits, including mass arbitration claims and multiple class action lawsuits. In January 2023, we experienced another cybersecurity incident that also resulted in consumer class actions and regulatory inquiries. Legal and other costs related to these proceedings and inquiries, as well as any potential future actions, may be substantial, and losses associated with any adverse judgments, settlements, penalties or other resolutions of such proceedings and inquiries could be material to our business, reputation, financial condition, cash flows and operating results. For additional details regarding the impact of both cybersecurity incidents, see Note 18 – Commitments and Contingencies of the Notes to the Consolidated Financial Statements.
We have not identified other known risks from previous cybersecurity threats that have materially affected or are reasonably likely to materially affect us. However, we face ongoing risks from certain cybersecurity threats that, if realized, are reasonably likely to materially affect business strategy, financial condition or operating results. See “Risk Factors – We have experienced cyberattacks and could in the future be further harmed by disruption, data loss or other security breaches, whether directly or indirectly through third parties whose products and services we rely on in operating our business.”
As the Company’s Senior Vice President, Cybersecurity, Mark Clancy has over 25 years of experience in information technology, information security, and cybersecurity, including serving as the Chief Information and Security Officer and Vice President of Cybersecurity and Fraud at Sprint Corporation. Mr. Clancy received his Bachelor of Science in Electrical and Electronics Engineering from Drexel University.
Audit Committee
The Audit Committee is integral to overseeing the Company’s overall risk management strategies, including cybersecurity risks and disclosures. To keep the Audit Committee informed, the Chief Audit Executive maintains a direct and open communication channel with the Audit Committee. Regular meetings are held for the Chief Audit Executive to report to the Audit Committee. These include an enterprise-wide risk assessment that highlights cybersecurity risks and cybersecurity risk mitigation actions. Additionally, the Audit Committee receives updates on significant incidents and cybersecurity risks that have been presented to or discussed with the Enterprise Risk & Compliance Committee.
In addition to the other information contained in this Form 10-K, the following risk factors should be considered carefully in evaluating T-Mobile. Our business, financial condition, liquidity, or operating results, as well as the price of our common stock and other securities, could be materially and adversely affected by any of these risks.
Risks Related to Our Business
We operate in a highly competitive industry. If we are unable to attract and retain customers, our business, financial condition, and operating results could be negatively affected.
The telecommunications industry is highly competitive. As the industry reaches saturation, competition in all market segments, including prepaid, postpaid, enterprise and government customers will likely further intensify, putting pressure on pricing and/or margins for us and all our competitors. Our ability to attract and retain customers will depend on multiple factors, such as network quality and capacity, customer service excellence, effective marketing strategies, competitive pricing, compelling value propositions, and distribution and logistics capabilities. Additionally, targeted marketing approaches for a broad spectrum of customer segments, coupled with continuous innovation in products and services, are essential for retaining and expanding our customer base. Additionally, targeted marketing approaches for diverse customer segments, coupled with continuous innovation in products and services, are essential for retaining and 12Table of Contentsexpanding our customer base. If we are unable to successfully differentiate our services from those of our competitors, it would adversely affect our competitive position and ability to grow our business. If we are unable to successfully differentiate our services from our competitors, it would adversely affect our competitive position and ability to grow our business.
We expect to continue to see intense competition in all market segments from traditional Mobile Network Operators (“MNOs”), such as AT&T and Verizon, who have each invested heavily in spectrum, their wireless networks, and services and device promotions. Numerous other regional MNOs and MVNOs offering wireless services may also compete with us in some markets, including cable providers, such as Comcast, Charter, Cox, and Altice, as they continue to diversify their offerings to include wireless services offered under MVNO agreements. As new products and services emerge, we may also face competition from non-traditional competitors outside the wireless communications services industry, including satellite providers offering connectivity services using alternative technologies. As new products and services emerge, we may also be forced to compete against non-traditional competitors from outside of the wireless communications services industry, such as satellite providers, offering similar connectivity services using alternative technologies.
In the market for broadband services, traditional cable providers, AT&T, Verizon, and other players such as satellite and fiber providers, all compete for customers. To complement our fixed wireless service, we have entered into joint venture agreements aimed at establishing a robust fiber wireline network in certain geographic regions that we believe will complement our fixed wireless services in those areas. To complement our fixed wireless service, we have agreed to enter into joint venture agreements aimed at establishing a robust fiber wireline network in certain geographic regions that we believe will complement our fixed wireless services in those areas. However, these partnerships also involve inherent risks. See “Any acquisition, investment, joint venture, merger, or divestiture may subject us to significant risks, any of which may harm our business” for further discussion of such risks.
If we are unable to compete effectively in attracting and retaining customers in markets where we operate, it could negatively affect our business, financial condition, and operating results.
We have experienced cyberattacks and may experience disruptions, data loss and other security breaches, whether directly or indirectly through third parties whose products and services we rely on in operating our business.We have experienced criminal cyberattacks and may experience disruption, data loss and other security breaches, whether directly or indirectly through third parties whose products and services we rely on in operating our business.
Our business involves the receipt, storage, and transmission of confidential information about our customers, such as sensitive personal, account, and payment information, confidential information about our employees and suppliers, and other sensitive information about our Company, such as our business plans, transactions, financial information, and intellectual property (collectively, “Confidential Information”).Our business involves the receipt, storage, and transmission of confidential information about our customers, such as sensitive personal, account and payment information, confidential information about our employees and suppliers, and other sensitive information about our Company, such as our business plans, transactions, financial information, and intellectual property (collectively, “Confidential Information”). Additionally, to offer services to our customers and operate our business, we utilize several applications and systems, including those we own and operate, such as our wireless network, as well as others provided to us by third parties, such as cloud service providers and SaaS companies (collectively, “Systems”).
We are subject to persistent cyberattacks and threats to our business from bad actors seeking to gain unauthorized access to Confidential Information and compromise Systems to undermine availability or integrity. They are perpetrated by a variety of
12
groups and persons, including nation state-sponsored parties, malicious actors, employees, contractors, and other third parties. Some actors reside in jurisdictions where law enforcement measures to address such attacks are ineffective or unavailable.
Cyberattacks against companies like ours are increasing in frequency and scope of potential harm over time, and the methods used to gain unauthorized access constantly evolve, making it increasingly difficult to anticipate, prevent, and detect incidents successfully in every instance. In some cases, these bad actors exploit bugs, errors, misconfigurations or other vulnerabilities in our Systems to obtain Confidential Information. In other cases, these bad actors obtain unauthorized access to Confidential Information by exploiting insider access or utilizing login credentials taken from our customers, employees, or third-party providers through credential harvesting, social engineering or other means. In other cases, these bad actors obtain unauthorized access to Confidential Information by exploiting insider access or utilizing log in credentials taken from our customers, employees, or third-party providers through credential harvesting, social engineering or other means. Other bad actors aim to cause serious operational disruptions to our business and Systems through ransomware or distributed denial of service attacks. Moreover, the amount and scope of insurance that we maintain against losses resulting from any such incidents or security breaches may not be sufficient to cover our losses or otherwise adequately compensate us for any disruptions to our business that may result.
Although we regularly work to identify, track, and remedy security vulnerabilities, given the complex nature of our Systems and the tools that are available to us, we may be unable to identify vulnerabilities in a timely manner, or to apply patches or compensating measures that address such vulnerabilities, before bad actors can exploit them. The exploitation of a security vulnerability before patches or measures are applied could materially compromise Confidential Information and Systems.
In addition, we routinely rely upon third-party providers whose products and services are used in our business. These third-party providers have experienced, and will continue to experience, cyberattacks that involve attempts to access our Confidential Information and/or to create operational risk that could materially and adversely affect our business, and these providers also face other security challenges common to all parties that collect and process information. These third-party providers have experienced, and will continue to experience cyberattacks that involve attempts to expose our Confidential Information and/or to create operational risk that could materially and adversely affect our business, and these providers also face other security challenges common to all parties that collect and process information. Additionally, our Systems include components from third parties or fourth parties we do not control and may have compromises, defects, flaws, or design errors unknown to us.
As a result of the previously disclosed cyberattacks in August 2021 and January 2023, we incurred significant costs in connection with, among other things, responding to and resolving mass arbitration claims, multiple class action lawsuits, and an FCC investigation.13Table of ContentsAs a result of the previously disclosed cyberattacks in August 2021 and January 2023, we incurred significant costs in connection with, among other things, responding to and resolving mass arbitration claims, multiple class action lawsuits and an FCC investigation. For more information on the foregoing, see “– Contingencies and Litigation – Litigation and Regulatory Matters” in Note 18 – Commitments and Contingencies of the Notes to the Consolidated Financial Statements.
In addition to the August 2021 cyberattack and the January 2023 cyberattack, we have experienced unrelated, non-material incidents involving unauthorized access to certain Confidential Information and Systems. Typically, these incidents have involved attempts to commit fraud by taking control of a customer’s phone line, often by exploiting insider access or using compromised credentials. In other cases, the incidents have involved unauthorized access to certain of our customers’ private information, including payment information, financial data, social security numbers or passwords, and our intellectual property. Some of these incidents have occurred at third-party providers, including third parties who provide us with various Systems and others who sell our products and services through retail locations or take care of our customers.
Our procedures and safeguards to prevent unauthorized access to Confidential Information and to defend against cyberattacks seeking to disrupt our operations must be continually evaluated and enhanced to address the ever-evolving threat landscape and changing cybersecurity regulations, including while we adapt complex digital transformation efforts. These preventative actions require the investment of significant resources and management time and attention. Additionally, we do not have control of the cybersecurity systems, breach prevention, and response protocols of our third-party providers, including through our cybersecurity programs or policies. While T-Mobile may have contractual rights to assess the effectiveness of many of our providers’ systems and protocols, we do not have the means to always know or assess the effectiveness of all of our providers’ systems and controls. We cannot provide any assurances that actions taken by us, or our third-party providers, including through our cybersecurity programs or policies, will adequately repel a significant cyberattack or prevent or substantially mitigate the impacts of cybersecurity breaches or misuses of Confidential Information, unauthorized access to our networks or Systems or exploits against third-party environments, or that we, or our third-party providers, will be able to effectively identify, investigate, and remediate such incidents in a timely manner or at all. We expect to continue to be the target of cyberattacks, given the nature of our business, and we expect the same with respect to our third-party providers. We also expect that threat actors will continue to gain sophistication including in the use of tools and techniques (such as AI) that are specifically designed to circumvent security controls, evade detection, and obfuscate forensic evidence, making it more challenging to identify, investigate, and recover from future cyberattacks in a timely and effective manner. The continued development and integration of AI in our and our third-party providers’ operations, products and services is expected to pose new, additional, and unknown cybersecurity risks. In addition, we have acquired and continue to acquire companies with cybersecurity vulnerabilities or unsophisticated security measures, which expose us to significant cybersecurity, operational, and financial risks. If we fail to protect Confidential Information or to prevent operational disruptions from future cyberattacks, there may be a material adverse effect on our business, reputation, financial condition, cash flows, and operating results.
13
If we fail to adopt and deploy emerging network technologies in a timely and effective manner, our competitive position could erode, which may adversely affect our business, financial condition, and operating results.
Our competitive advantage and reputation depend on our ability to provide industry-leading network coverage, speed, and reliability. While we have established a leadership position in 5G, the telecommunications industry evolves rapidly, and emerging technologies, such as AI-driven Radio Access Networks (“AI-RAN”) and the potential transition to 6G, may redefine network standards and increase customer expectations. While we have established a leadership position in 5G, the communications industry evolves rapidly, and emerging technologies – such as AI-driven Radio Access Networks (“AI-RAN”) and the potential transition to 6G – may redefine network standards and increase customer expectations. Our competitors may seek to differentiate through marketing, brand positioning, or third-party recognition as leaders in network performance, coverage, or reliability. To stay ahead, we continue to drive improvements in the 5G network, including our nationwide 5G standalone network and deployment of 5G Advanced features, and are investing in strategic collaborations with third parties, such as AI-RAN partnerships, to develop technologies that are intended to advance our network capabilities. Despite these efforts, we may encounter technical challenges, regulatory hurdles, supply chain constraints, or unexpected delays in developing and deploying new network technologies. If we fail to anticipate market trends, efficiently integrate innovative solutions into our network, or maintain the quality and reliability of our network, our market share and competitive standing could erode, adversely affecting our business, financial condition, and operating results.
If we fail to effectively execute our digital transformation and drive customer and employee adoption of emerging technologies, our competitive position and financial performance could be materially harmed.
We are engaged in complex digital transformation efforts intended to streamline operations, enhance customer experience, and improve our overall competitiveness. These initiatives involve integrating emerging and rapidly evolving technologies, reconfiguring internal processes, and implementing advanced data analytics and AI-driven tools, including those developed through our partnerships with several third-party providers. The successful execution of our planned transformation is subject to significant uncertainties. The successful execution of our planned transformation is 14Table of Contentssubject to significant uncertainties. For example, we may face challenges in harmonizing complex system architectures, integrating new platforms with legacy infrastructure, and managing large volumes of data from disparate sources. We must also maintain rigorous data security and privacy safeguards, ensure our AI-driven solutions comply with evolving regulatory standards, and mitigate potential issues such as algorithmic bias or unintended operational disruptions. Additionally, implementing these digital solutions often requires substantial capital and operational expenditures, extensive employee training, specialized skill sets that may be difficult to source, and close coordination with multiple third-party vendors and partners. If we fail to execute these initiatives effectively, our ability to realize the intended benefits of digital transformation may be compromised.
The successful execution of our digital transformation depends not only on the effective development and deployment of new technologies, but also on the willingness and ability of customers and employees to adopt digital-first channels and processes. Even where technical capabilities are successfully implemented, customer and employee adoption may lag expectations or revert to supported channels, which could limit the anticipated improvements in efficiency, service quality, and revenue generation. Even if we successfully deploy these capabilities, customer adoption and employee acceptance may be slower than anticipated, diminishing the expected improvements to efficiency, service quality, or revenue generation. If adoption does not occur at the scale or pace anticipated, the intended benefits of these initiatives may not be fully realized.
As a result, failure to effectively execute our digital transformation efforts, including driving meaningful customer and employee adoption, could materially and adversely affect our competitive position, financial performance, and brand reputation.
We rely on highly skilled personnel throughout all levels of our business. Our business could be harmed if we are unable to retain or motivate key personnel, hire a sufficient number of qualified new personnel, or maintain our corporate culture.
Our future success depends in substantial part on our ability to attract, recruit, hire, motivate, develop, and retain talented personnel possessing the qualifications, experience, capabilities and skills we need for all areas of our organization, including our CEO and members of our leadership team.Our future success depends in substantial part on our ability to attract, recruit, hire, motivate, develop, and retain talented personnel possessing the qualifications, experiences, capabilities and skills we need for all areas of our organization, including our CEO and members of our senior leadership team. Succession planning to ensure the effective transfer of knowledge and a seamless transition when key personnel depart is also important to our long-term success. Succession planning to ensure effective transfer of knowledge and a seamless transition when key personnel depart is also important to our long-term success. On November 1, 2025, G. Michael Sievert retired as our Chief Executive Officer while continuing to serve as Vice Chairman of the Company and Vice Chairman of our Board of Directors, and Srinivasan Gopalan began serving as our President and Chief Executive Officer. We also announced several leadership changes. In addition, we began to implement enterprise-wide restructurings in 2025. If we are unable to effectively manage the CEO transition, the leadership changes and other restructuring changes, our ability to execute our business strategies and to retain key executives and talent could be adversely affected. Additionally, as we continue to make significant investments in new technologies and new business areas, we are increasingly dependent on being able to hire and retain technically skilled employees, including those with expertise in AI and machine learning.
Both external factors, such as fluctuations in economic and industry conditions, changes in U.S. immigration policies, regulatory changes, political forces, and the competitive landscape, and internal factors, such as employee tolerance for changes
14
in our corporate culture, organizational changes, limited remote working opportunities, and our compensation programs, may affect our ability to effectively manage our workforce. Further, employee compensation and benefit costs may increase due to inflationary pressures, and if our compensation does not keep up with inflation or with that of our competitors, we may see increased employee dissatisfaction and departures or difficulty in recruiting new employees. Further, employee compensation and benefit costs may increase due to inflationary pressures, and if our compensation does not keep up with inflation or that of our competitors’, we may see increased employee dissatisfaction and departures or difficulty in recruiting new employees. If key employees depart or we are unable to recruit and integrate new employees successfully, our business could be negatively impacted.
System failures and business disruptions may prevent us from providing reliable service, which could materially and adversely affect our reputation and financial condition.
We rely upon systems and networks – those of third-party suppliers and other providers, in addition to our own – to provide services to our customers. System, network, or infrastructure failures resulting from one of several potential causes may prevent us from providing reliable service or otherwise operating our business. Examples of these risks include:
•physical damage, power surges or outages, equipment failure, or other service disruptions with respect to both our wireless and fiber networks, including those resulting from severe weather, storms, earthquakes, floods, hurricanes, wildfires, and other natural disasters, which may occur more frequently or with greater intensity as a result of global climate change, public health crises, terrorist attacks, political instability and volatility and acts of war;
•human error due to factors such as poor change management or policy compliance;
•risks to our access to and use of reliable energy and water;
•hardware or software failures or outages of our business systems or communications network;
•supplier failures or delays; and
•shifts in physical conditions due to climate change, such as sea-level rise or changes in temperature or precipitation patterns, which may impact the operating conditions of our infrastructure or other infrastructure we rely on.
Such events could cause us to lose customers and revenue, incur expenses, suffer reputational damage, and subject us to fines, penalties, adverse actions or judgments, litigation, or governmental investigations. Remediation costs could include liability for information loss, costs of repairing infrastructure and systems, and/or costs of incentives offered to customers. Our insurance may not cover or may not be adequate to fully reimburse us for costs and losses associated with such events, and such events may also impact the availability of insurance at costs and other terms we find acceptable for future events.
The scarcity and cost of additional wireless spectrum, and regulations relating to spectrum use, may adversely affect our business, financial condition, and operating results.15Table of ContentsThe scarcity and cost of additional wireless spectrum, and regulations relating to spectrum use, may adversely affect our business, financial condition, and operating results.
We continue to acquire and deploy new spectrum to expand and deepen our 5G coverage, maintain our quality of service, meet increasing or changing customer demands, and deploy new technologies. To expand and differentiate our services from those of our competitors, we will continue to actively seek to make additional investments in new spectrum, which could be significant. In order to expand and differentiate our services from our competitors, we will continue to actively seek to make additional investments in new spectrum, which could be significant. However, we may be unable to secure the additional spectrum necessary to maintain or enhance our competitive position on favorable terms or at all.
The continued interest in acquiring spectrum by existing carriers and others, including satellite providers and speculators, may reduce our ability to acquire or renew spectrum holdings (such as 600 MHz and 2.5 GHz), and may increase the cost of spectrum made available in the secondary markets and government auctions.The continued interest in acquiring spectrum by existing carriers and others, including speculators, may reduce our ability to acquire or renew spectrum holdings (such as 2.5Ghz), and/or increase the cost of spectrum that is made available in the secondary markets and government auctions. Additionally, the FCC may be unable to make sufficient additional spectrum available for auction to meet the demand from all interested parties. As a result, any such spectrum that is made available at auction may be subject to heightened competition and priced beyond levels we are able or willing to pay.
Even if new spectrum becomes available to us, the FCC or other government entities may impose conditions on the acquisition and use of such spectrum, such as the configuration or geographic areas in which the spectrum may be deployed. These conditions may substantially increase the costs we incur or negatively affect the value of the spectrum to our business.
If we cannot acquire needed spectrum from the government or other sources, if competitors acquire spectrum that enables them to provide services competitive with ours, or if we cannot deploy services over acquired spectrum on a timely basis, without burdensome conditions, at reasonable cost, and while maintaining network quality levels, our ability to attract and retain customers and our business, financial condition, and operating results could be materially and adversely affected.If we cannot acquire needed spectrum from the government or otherwise, if competitors acquire spectrum that will allow them to provide services competitive with our services, or if we cannot deploy services over acquired spectrum on a timely basis without burdensome conditions, at reasonable cost, and while maintaining network quality levels, our ability to attract and retain customers and our business, financial condition and operating results could be materially and adversely affected.
15
Any acquisition, investment, joint venture, merger, or divestiture may subject us to significant risks, any of which may harm our business.
We have pursued and may continue to pursue additional acquisitions of, investments in, or joint ventures or mergers with, other companies, or the acquisition of spectrum, technologies, services, products, or other assets that we believe would complement or expand our business. For example, on August 1, 2025, we completed the acquisition (the “UScellular Acquisition”) of the UScellular Wireless Business (as defined below). We may also elect to divest some of our assets to third parties. Some of these transactions could be significant relative to the size of our business and operations. Some of these potential transactions could be significant relative to the size of our business and operations. Any such transactions involve risks and could present financial, managerial, and operational challenges, including:
•diversion of management attention from running our existing business;
•increased costs to integrate the networks, spectrum, technology, personnel, customer base, distributors and business partners and business practices of the company involved in any such transaction with our business;
•increased interest expense and leverage or limits on other uses of cash;
•potential loss of talent during integration due to differences in culture, location, or other factors;
•difficulties in effectively integrating (or supplanting) the financial, operational, and sustainability systems of the business involved in any such transaction into our financial, operational, and sustainability reporting infrastructure and internal control framework in an effective and timely manner;
•risks of entering markets in which we have no or limited experience and where competitors have stronger market positions;
•to the extent any acquired business has international operations, potential exposures to risks associated with maintaining and expanding such operations, including unfavorable and uncertain regulatory, political, economic, tax, and labor conditions;
•potential exposure to material liabilities not discovered in the due diligence process in connection with any such transaction;
•significant transaction-related expenses in connection with pursuing any such transaction, whether consummated or not;
•risks related to our ability to obtain required regulatory approvals necessary to consummate any such transaction; and
•any business, technology, service, or product involved in any such transaction may significantly underperform relative to our expectations, and we may not achieve the benefits we expect from the transaction, which could also result in a write-down of goodwill and other intangible assets associated with such transaction.
Our restructuring and integration activities associated with the UScellular Acquisition are expected to occur over the next two years and may involve risks related to network integration and customer migration, including potential service disruptions, delays in transitioning customer accounts and systems, and challenges in maintaining customer experience during the integration period.
We formed joint ventures aimed at establishing fiber broadband networks that complement our fixed wireless services. Differences in views among the joint venture participants may result in delayed decisions or disputes. Once closed, differences in views among the joint venture participants may result in delayed decisions or disputes. Operating through joint ventures in which we do not hold a majority or controlling ownership interest results in us having limited control over many decisions made with respect to the businesses of the joint ventures. Operating through joint ventures in which we do not hold a majority ownership interest results in us having limited control over many decisions made with respect to the businesses of the joint ventures. We also cannot control the actions of our co-investors in our joint ventures. We also cannot control the actions of our joint venture partners. These joint ventures may not be subject to the same requirements regarding internal controls and internal control over financial reporting that we follow. These joint ventures may not be subject to the same requirements regarding internal controls and internal 16Table of Contentscontrol over financial reporting that we follow. As a result, internal control problems may arise with respect to these joint ventures. Any of these risks could have a material adverse effect on our business, financial condition, and operating results and could also affect our reputation.
Additionally, in connection with our merger (the “Sprint Merger”) with Sprint Corporation (“Sprint”) and related transactions, including the acquisition by DISH Network Corporation (“DISH”) of certain prepaid wireless business (the “Prepaid Transaction”), we agreed to fulfill various government commitments (the “Government Commitments”), including, among others, extensive 5G network build-out, delivering high-speed wireless services to the vast majority of Americans, and marketing our in-home fixed wireless product to households where spectrum capacity is sufficient, as well as commitments related to national security. Additionally, in connection with our merger (the “Merger”) with Sprint Corporation (“Sprint”) and related transactions, including the acquisition by DISH of certain prepaid wireless business (the “Prepaid Transaction” and, collectively, the “Transactions”), we agreed to fulfill various government commitments (the “Government Commitments”), including, among others, extensive 5G network build-out, delivering high-speed wireless services to the vast majority of Americans and marketing our in-home fixed wireless product to households where spectrum capacity is sufficient, as well as commitments related to national security, pricing and availability of rate plans. These Government Commitments materially increased our compliance obligations and could result in additional expenses and/or penalties in the future.
Any failure to fulfill our obligations under the Government Commitments in a timely manner could result in substantial fines, penalties, or other legal and administrative actions, liabilities, and reputational harm.Any failure to fulfill our obligations under the Government Commitments and the MNSA in a timely manner could result in substantial fines, penalties, or other legal and administrative actions, liabilities, and reputational harm.
16
Economic, political, and market conditions may adversely affect our business, financial condition, and operating results.
Our business, financial condition, and operating results are affected by changes in general economic and political conditions, including interest rates, consumer credit conditions, consumer debt levels, consumer confidence, unemployment rates, economic growth, tariffs and trade restrictions, fluctuations in global currencies, immigration policies, energy costs, rates of inflation (or concerns about deflation), supply chain disruptions, impacts of current geopolitical conflict or instability, such as the Ukraine-Russia and Israel-Hamas wars and any further escalations thereof, and other macroeconomic factors.Our business, financial condition, and operating results are sensitive to changes in general economic conditions, including interest rates, consumer credit conditions, consumer debt levels, consumer confidence, unemployment rates, economic growth, energy costs, rates of inflation (or concerns about deflation), supply chain disruptions, impacts of current geopolitical conflict or instability, such as the Ukraine-Russia and Israel-Hamas wars and further escalations thereof, and other macroeconomic factors.
The telecommunications industry, broadly, is dependent on population growth, including growth in the immigrant population. As a result, we expect the telecommunications industry’s customer growth rate to be moderate in comparison with historical growth rates, leading to ongoing competition for customers. Rising prices for goods, services, and labor due to inflation, including inflation resulting from higher tariffs, restrictions, and other economic disincentives to trade, could adversely impact our margins and growth.
Our services and device financing plans are available to a broad customer base, a significant segment of which may be vulnerable to weak economic conditions, particularly our subprime customers. We may have greater difficulty in gaining new customers within this segment, and existing customers may be more likely to terminate service and default on device financing plans due to an inability to pay.
Weak economic and credit conditions may also adversely affect our suppliers, dealers, wholesale partners or MVNOs, and enterprise and government customers, some of which may file for bankruptcy, or may experience cash flow or liquidity problems, or may be unable to obtain or refinance credit such that they may no longer be able to operate. Any of these could adversely impact our ability to distribute, market, or sell our products and services.
Changes to trade policies, including higher tariffs, restrictions, and other economic disincentives to trade, may lead to operational delays, higher procurement and operational costs, and increased regulatory and compliance complexities, resulting in supply chain disruptions and higher prices, and lower demand for devices and services we sell.
As a provider of telecommunications services, we depend on suppliers to provide us, directly or through other suppliers, with items such as equipment for our network, handsets, tablets, accessories, other mobile communication devices, other components and raw materials. Changes or proposed changes in U.S. or other countries’ trade policies that result in higher tariffs, restrictions, and other economic disincentives to international trade have occurred in the past, and in the future may occur, which may materially increase the costs we incur in developing, deploying and maintaining our network and offering products and services to our customers. A certain portion of the increased costs may be absorbed by certain suppliers, but some suppliers may struggle to absorb the increased costs, especially over the long term, potentially leading to supply disruptions or cost pass-throughs to us that may require us to increase the prices we charge our customers. In addition, rapid changes in trade policies may negatively affect procurement timelines and supplier relationships and may introduce new compliance requirements. We may face delays in sourcing critical equipment due to customs clearance and supply chain bottlenecks, and material changes to cost structures could pressure our expenses and customer pricing.
Our attempts to mitigate potential disruptions to our supply chain and offset procurement and operational cost pressures, such as through alternative sourcing and/or increases in the selling prices of some of our products and services, may not be successful. Higher product or service prices for our customers may make it more difficult to attract new customers or increase customer churn. Furthermore, we may not be able to offset any cost increases through productivity and cost-saving initiatives. To the extent that cost increases result in significant increases in our expenditures, or if our price increases are not sufficient to offset these increased costs adequately or in a timely manner, and/or if our revenues decrease, our business, financial condition or operating results may be adversely affected.
If we do not successfully deliver new products and services, we may not realize our intended growth targets or generate the expected returns from our business, adversely affecting our financial condition and operating results.
We continue to expand our offerings beyond traditional wireless services to include broadband (fixed wireless and fiber), specialized network solutions, such as network slicing for first responders (“T-Priority”) and 5G advanced network solutions (“ANS”) for enterprises, advertising technology and services, and financial products, such as the T-Mobile Visa credit card introduced in November 2025. These new ventures require significant capital, expertise, and operational support, and their success depends on factors we cannot fully control or predict. Increased competition, technical challenges, security concerns, operational complexities, or shifting regulatory landscapes could delay product rollouts, inflate costs, or limit adoption rates. Additionally, entering new markets or lines of business may expose us to unfamiliar regulatory requirements, compliance challenges, or risks to existing customer relationships. Customer demand for new products and services is difficult to predict,
17
and adoption may be slower than anticipated or may not occur at all. Should these new products and services fail to gain traction, achieve sufficient customer adoption, generate expected financial returns, or deliver value to customers, we could incur substantial expenses without offsetting revenue gains, adversely affecting our business, financial condition, operating results and competitive position. Should these new products and services fail to gain traction, generate expected returns, or deliver value to customers, we could incur substantial expenses without offsetting revenue gains, adversely affecting our business, financial condition, and operating results.
We rely on third parties to provide products and services for the operation of our business, and the failure or inability of such parties to provide these products or services could adversely affect our business, financial condition, and operating results.17Table of ContentsWe rely on third parties to provide products and services for the operation of our business, and the failure or inability of such parties to provide these products or services could adversely affect our business, financial condition, and operating results.
We have a broad set of suppliers to help us develop, maintain, and troubleshoot products and services such as wireless and fiber network components, software development services, and billing and customer service support.We have a diverse set of suppliers to help us develop, maintain, and troubleshoot products and services such as wireless and wireline network components, software development services, and billing and customer service support. However, in certain areas such as billing services, voice, and data communications transport services, wireless or fiber network infrastructure equipment, handsets, other devices, back-office processes, and payment processing, there are a limited number of suppliers that can provide adequate support, which decreases our flexibility to switch to alternative third parties. However, in certain areas such as, billing services, voice, and data communications transport services, wireless or wireline network infrastructure equipment, handsets, other devices, back-office processes and payment processing, there are a limited number of suppliers who can provide adequate support for us, which decreases our flexibility to switch to alternative third parties. Unexpected termination of our arrangement with any of these suppliers, or difficulties in renewing our commercial arrangements with them, could have a material adverse effect on our business operations.
Our suppliers and third-party technology partners are also subject to their own risks, including, but not limited to, cybersecurity, economic, financial and credit conditions, labor force disruptions, geopolitical tensions, disruptions in global supply chain, natural catastrophic events, such as earthquakes, floods, hurricanes, storms, heatwaves and fires, energy shortages, power outages, equipment failures, terrorist attacks or other hostile acts, and public health crises, such as the COVID-19 pandemic.Our suppliers are also subject to their own risks, including, but not limited to, cybersecurity, economic, financial and credit conditions, labor force disruptions, geopolitical tensions, disruptions in global supply chain and the risks of natural catastrophic events (such as earthquakes, floods, hurricanes, storms, heatwaves and fires), energy shortages, power outages, equipment failures, terrorist attacks or other hostile acts, and public health crises, such as the COVID-19 pandemic, which may result in performance below the levels required by their contracts. These events may result in performance below the levels required by their contracts or cause them to suspend, limit, or cease their operations, or terminate or reduce their relationship with us. We could experience severe business disruptions and delays in technology initiatives if critical suppliers or service providers fail to comply with their contracts, if we experience delays or service degradation during any transition to a new outsourcing provider or other supplier, or if we are required to replace the supplied products or services with those from another source, especially if the replacement becomes necessary on short notice. Our business could be severely disrupted if critical suppliers or service providers fail to comply with their contracts or if we experience delays or service degradation during any transition to a new outsourcing provider or other supplier or if we are required to replace the supplied products or services with those from another source, especially if the replacement becomes necessary on short notice. Any such disruptions could have a material adverse effect on our business, financial condition, and operating results.
Further, some of our suppliers may provide services from outside the United States, which carries additional regulatory and legal obligations.Further, some of our suppliers may provide services from outside of the United States, which carries additional regulatory and legal obligations. We rely on suppliers to provide us with contractual assurances and to disclose accurate information regarding risks associated with their provision of products or services in accordance with our policies and standards, including our Supplier Code of Conduct and our third-party risk management practices. The failure of our suppliers to comply with our expectations and policies could expose us to additional legal and litigation risks and lead to unexpected contract terminations.
Sociopolitical volatility and polarization may adversely affect our business operations and reputation.
The current sociopolitical environment is characterized by deep complexity, volatility, and polarization on various social and political issues. The increasing intersection of technology and politics has led to rapid and unpredictable shifts in public sentiment. Social media and digital platforms have amplified the voices of various stakeholders, creating the potential for swift change in public opinion and stronger reactions to corporate actions. As a company that sells products and services across the nation to millions of customers, these dynamics increase the risk of potential reputational damage, boycotts, and shifts in consumer behavior that could adversely affect our brand, sales, and profitability. Our ability to respond effectively, sensitively, and authentically to the expectations and concerns of our customers, employees, and other stakeholders is key to mitigating these risks. If we are unable to manage these challenges effectively, there may be adverse impacts on our business, reputation, financial condition, and operating results.
Additionally, we are subject to emerging and evolving regulatory requirements and frameworks regarding environmental, social and governance matters, including recently enacted or proposed legislation in jurisdictions such as California.Additionally, we are subject to emerging and evolving regulatory requirements and frameworks regarding environmental, social and governance matters, including potential new or revised disclosure rules proposed by the SEC and recently enacted or proposed legislation in jurisdictions such as California. The ultimate scope of these regulations may change as they are finalized, and they may not be uniform across jurisdictions. Meeting these obligations may require significant investments of time, capital, and personnel.
Risks Related to Our Indebtedness
Our substantial level of indebtedness could adversely affect our business flexibility and ability to service our debt and could increase our borrowing costs.
We have, and we expect that we will continue to have, a substantial amount of debt. Our substantial level of indebtedness could have the effect of, among other things, reducing our flexibility in responding to changing business, economic, market, and industry conditions and increasing the amount of cash required to service our debt. In addition, this level of indebtedness may
18
also reduce funds available for capital expenditures, any Board-approved share repurchases, dividends, or other activities. Those impacts may put us at a competitive disadvantage relative to other companies with lower debt levels. Further, we may incur substantial additional indebtedness in the future, subject to the restrictions contained in our debt instruments, if any, which could increase the risks associated with our capital structure.
Our ability to service our substantial debt obligations will depend on future performance, which will be affected by business, economic, market, and industry conditions and other factors. There is no guarantee that we will be able to generate sufficient cash flow to service our debt obligations when due. If we are unable to meet such obligations or fail to comply with the financial and other restrictive covenants contained in the agreements governing such debt obligations, we may be required to refinance all or part of our debt, sell important strategic assets at unfavorable prices, or make additional borrowings. We may not be able to, at any given time, refinance our debt, sell assets, or make additional borrowings on commercially reasonable terms or at all, which could have a material adverse effect on our business, financial condition, and operating results.
Changes in credit market conditions and other factors could adversely affect our ability to raise debt favorably.
Instability in the global financial markets, inflation, policies of various governmental and regulatory agencies, including changes in monetary policy and interest rates, and other general economic conditions could lead to volatility in the credit and equity markets. This volatility could limit our access to the capital markets, leading to higher borrowing costs or, in some cases, an inability to obtain financing on terms that are acceptable to us or at all. Further, deterioration in our operating performance may lead to a decrease in our credit ratings, which could also impact our ability to access the debt capital markets at rates favorable or acceptable to us.
In addition, any hedging agreements we may enter into to limit our exposure to interest rate increases or foreign currency fluctuations may not offer complete protection from these risks or may be unsuccessful, and consequently may effectively increase the interest rate we pay on our debt or the exchange rate with respect to any debt we may incur in a foreign currency, and any portion not subject to such hedging agreements would have full exposure to interest rate increases or foreign currency fluctuations, as applicable. If any financial institutions that are parties to our hedging agreements were to default on their payment obligations to us, declare bankruptcy or become insolvent, we would be unhedged against the underlying exposures. Any posting of collateral by us under our hedging agreements and the modification or termination of any of our hedging agreements could negatively affect our liquidity or other financial metrics. Any of these risks could have a material adverse effect on our business, financial condition, and operating results.
Risks Related to Legal and Regulatory Matters
Failure to maintain effective internal control over financial reporting could impair our compliance with Section 404 of the Sarbanes-Oxley Act, which could lead to material misstatements in our financial statements and adversely affect our operations and reputation.
We rely on robust internal controls to provide reasonable assurance regarding the reliability of our financial information and the preparation of our financial statements. These controls include, among other things, properly designed processes, clear policies and procedures, competent personnel, effective oversight functions, and reliable information systems that facilitate the collection, processing, and communication of financial data. As we continue to refine and improve our systems to align with our evolving business needs, there is no assurance that these improvements will be implemented without delays or disruptions. A failure or significant delay in updating our systems, or a failure to effectively integrate new systems with existing processes, could compromise the effectiveness of our internal controls. If our internal controls are not effectively designed or properly implemented, or if changes to our business processes or organizational structure outpace our internal controls’ ability to adapt, we could experience material weaknesses or other deficiencies.
Any material weaknesses or other control deficiencies that may arise in the future could require significant time and resources to remediate. If we are unable to remediate material weaknesses in internal control over financial reporting, then our ability to analyze, record and report financial information free of material misstatements, to prepare financial statements within the time periods specified by the rules and forms of the SEC and otherwise to comply with the requirements of Section 404 of the Sarbanes-Oxley Act would be negatively impacted. As a result, we could face legal fines and penalties, diminished investor confidence, and adverse impacts on our access to the capital markets, potentially resulting in a decline in our stock price and harm to our reputation.
19
Compliance with the current regulatory framework, including our national security obligations, and any changes in regulations or in the regulatory framework under which we operate could adversely affect our business, financial condition, and operating results.
We are subject to regulatory oversight by various federal, state, and local agencies, as well as judicial review and actions, on issues related to the telecommunications industry that include, but are not limited to, roaming, interconnection, spectrum allocation and licensing, facilities siting, pole attachments, intercarrier compensation, Universal Service Fund (“USF”), 911 services, robocalling/robotexting, consumer protection, consumer privacy, and cybersecurity.We are subject to regulatory oversight by various federal, state, and local agencies, as well as judicial review and actions, on issues related to the wireless industry that include, but are not limited to, roaming, interconnection, spectrum allocation and licensing, facilities siting, pole attachments, intercarrier compensation, Universal Service Fund (“USF”), 911 services, robocalling/robotexting, consumer protection, consumer privacy, and cybersecurity. We are also subject to regulations in connection with other aspects of our business, including device financing and insurance activities.
The FCC regulates the licensing, construction, modification, operation, ownership, sale, and interconnection of wireless communications systems, as do some state and local regulatory agencies. In particular, the FCC imposes significant regulation on licensees of wireless spectrum with respect to how radio spectrum is used by licensees or at what power levels, the nature of the services that licensees may offer and how the services may be offered, and the resolution of issues of interference between operators in the same or adjacent spectrum bands. Changes necessary to resolve interference issues or concerns may have a significant impact on our ability to fully utilize our spectrum. Additionally, the FTC and other federal and state agencies have asserted that they have jurisdiction over some consumer protection matters, and the elimination and prevention of anticompetitive business practices with respect to the provision of wireless products and services.
We cannot assure that the FCC or any other federal, state, or local agencies will not adopt or change regulations, change or discontinue existing programs, implement new programs, or take enforcement or other actions that would adversely affect our business, impose new costs, or require changes in current or planned operations, including timing of the shutdown of legacy technologies.
We also face potential investigations by, and inquiries from or actions by state public utility commissions. We also cannot assure that Congress will not amend the Communications Act, from which the FCC obtains its authority, and which serves to limit state authority, or enact other legislation in a manner that could be adverse to our business.
Failure to comply with applicable regulations could have a material adverse effect on our business, financial condition, and operating results. We could be subject to fines, forfeitures, and other penalties (including, in extreme cases, revocation of our spectrum licenses) for failure to comply with the FCC or other governmental regulations, even if any such noncompliance was unintentional. The loss of any licenses, or any related fines or forfeitures, could adversely affect our business, financial condition, and operating results.
In addition, we operate under agreements with U.S. government agencies, including a mitigation agreement with the Committee on Foreign Investment in the United States, under which we are required to implement and maintain certain security measures and practices to address national security. Our national security obligations may limit our control over certain U.S. facilities, contracts, personnel, vendor selection, and operations, which could adversely affect our business, financial condition, and operating results. Any failure to fulfill our obligations could result in additional compliance cost, substantial fines, penalties, or other legal and administrative actions, liabilities, and reputational harm.
Laws and regulations relating to the handling of privacy, data protection, and AI may result in increased costs, legal claims, fines, or reputational damage.Laws and regulations relating to the handling of privacy, data protection and AI may result in increased costs, legal claims, fines against us, or reputational damage.
Since 2020, more than a dozen states have enacted new, comprehensive privacy laws that create new data privacy rights for residents of those states and new compliance obligations for us and the industry in general, in addition to private rights of action for certain types of data breaches. These include the California Consumer Privacy Act (“CCPA”) and similar laws in other states. Pending legislation in a number of other states would create similar laws elsewhere. All of these new privacy laws and others that we expect to be developed and enacted going forward will impose additional data protection obligations and potential liability on companies such as ours doing business in those states. Further, privacy laws also limit our ability to collect and use personal information.
We have incurred and will continue to incur significant implementation costs to ensure compliance with the CCPA, new privacy laws in other states, and their related regulations, including managing the complexity of laws that vary from state to state. Both federal and state governments are considering additional privacy laws and regulations which, if passed, could further impact our business, strategies, offerings, and initiatives and cause us to incur further costs. Any actual or perceived failure to comply with the CCPA, other data privacy laws or regulations, or related contractual or other obligations, or any perceived privacy rights violation, could lead to investigations, claims, and proceedings by governmental entities and private parties,
20
damages for contract breaches, and other significant costs, penalties, and other liabilities, as well as harm to our reputation and market position.
AI-related laws and regulations continue to remain uncertain and may vary from jurisdiction to jurisdiction. Our obligations to comply with the evolving legal and regulatory landscape may require us to incur significant additional costs or limit our ability to incorporate certain AI capabilities into our business operations or product offerings. As we integrate AI technologies into our business, we must navigate varying regulations that could impact our operations and product development. As we integrate AI technologies into our 20Table of Contentsbusiness, we must navigate varying regulations that could impact our operations and product development. Additionally, the use of AI may also raise certain ethical issues or concerns, and while we are focused on developing and implementing AI responsibly, we may be unable to identify or resolve those issues before they arise. Failure to comply with these regulations or prevent AI-related issues or unintended consequences from occurring, could result in fines, penalties, or restrictions on our use of AI, which could adversely affect our business.
Outside of the United States, as a result of our business acquisitions, we are subject to an expanding set of privacy, data protection, and related regulatory requirements in jurisdictions where we conduct operations or process personal data. These laws may apply based on factors such as our establishment or operations in a jurisdiction or data processing activities conducted there. Certain international data protection regimes, including those in the European Union and the United Kingdom, impose specific obligations on the collection, use, sharing, and transfer of personal data. Compliance with these obligations may increase operational complexity and costs, limit our ability to use or transfer data across jurisdictions, or require changes to our products, services, or business practices. Enforcement approaches and penalties vary by jurisdiction and may include significant fines or other sanctions, as well as reputational harm.
Unfavorable outcomes of legal proceedings may adversely affect our business, reputation, financial condition, cash flows, and operating results.
We and our affiliates are involved in various disputes, governmental and/or regulatory inspections, investigations and proceedings, mass arbitrations, and litigation matters. For more information, see “– Contingencies and Litigation – Litigation and Regulatory Matters” in Note 18 – Commitments and Contingencies of the Notes to the Consolidated Financial Statements.
In addition, we, along with equipment manufacturers and other carriers, are subject to current and potential future lawsuits alleging adverse health effects arising from the use of wireless handsets or from wireless transmission equipment such as cell towers. In addition, the FCC has from time to time gathered data regarding wireless device emissions, and its assessment of the risks associated with using wireless devices may evolve based on its findings. The Department of Health and Human Services has indicated that it is undertaking a study on electromagnetic radiation and health research. Any allegations of adverse health effects or changes in risk assessments could result in customers purchasing fewer devices and wireless services, could result in significant legal and regulatory liability, and could have a material adverse effect on our business, reputation, financial condition, cash flows, and operating results. Any of these allegations or changes in risk assessments could result in customers purchasing fewer devices and wireless services, could result in significant legal and regulatory liability, and could have a material adverse effect on our business, reputation, financial condition, cash flows and operating results.
Such legal proceedings can be complex, costly, and highly disruptive to our business operations by diverting the attention and energy of management and other key personnel. The assessment of the outcome of legal proceedings, including our potential liability, if any, is a highly subjective process that requires judgments about future events that are not within our control. The amounts ultimately received or paid upon settlement or pursuant to a final judgment, order, or decree may differ materially from amounts accrued in our financial statements. The amounts ultimately received or paid upon settlement or pursuant to final judgment, order or decree may differ materially from amounts accrued in our financial statements. In addition, litigation or similar proceedings could impose restraints on our current or future manner of doing business. Such potential outcomes including judgments, awards, settlements or orders could have a material adverse effect on our business, reputation, financial condition, cash flows and operating results.
Our business may be adversely impacted if we are not able to protect our intellectual property rights or if we infringe on the intellectual property rights of others.
We rely on a variety of intellectual property assets, including patents, copyrights, trademarks, and domains, to maintain our competitiveness. If we are unable to protect our intellectual property due to factors such as changes in U.S. intellectual property laws, the value of our intellectual property may become impaired, which may adversely impact our business and financial results.
Additionally, we have faced and will continue to face various litigations alleging that our products or services infringe patents or other intellectual property of third parties, including potential litigation arising from our use of AI. If successful, these litigations could result in an award of financial compensation, including damages or royalties, business disruptions, reputational harm, or an order requiring that we cease offering, selling, and using the relevant products, equipment, services, and network functions. Defending against such litigation is not only costly and time-consuming, but it may also be disruptive to our business operations and divert resources and attention. Furthermore, the outcomes of these litigations are inherently uncertain.
21
Our suppliers and vendors also face and will continue to face, intellectual property litigation related to the technology used in the products, equipment, and services they provide to us. If successful, such litigation against our suppliers and vendors might impact their ability to continue to provide the relevant products, equipment, and services to us.
We offer regulated financial services products. These products expose us to a wide variety of state and federal regulations.
The financing of devices, such as through our EIP, and the offering of co-branded banking products, such as our T-Mobile Money debit card and T-Mobile Visa credit card, impact our regulatory compliance obligations. Failure to remain compliant with applicable regulations may increase our risk exposure in the following areas:
•consumer complaints and potential examinations or enforcement actions by federal and state regulatory agencies, including, but not limited to, the Consumer Financial Protection Bureau, state attorneys general, the FCC, and the FTC; and
•regulatory fines, penalties, enforcement actions, civil litigation, and/or class action lawsuits. Failure to comply with applicable regulations and the realization of any of these risks could have a material adverse effect on our business, financial condition, and operating results.
Our business may be impacted by new or amended tax laws or regulations or administrative interpretations and judicial decisions affecting the scope or application of tax laws or regulations.21Table of ContentsOur business may be impacted by new or amended tax laws or regulations or administrative interpretations and judicial decisions affecting the scope or application of tax laws or regulations.
We are subject to a wide variety of federal, state, and local taxes, fees, and regulatory charges. Tax laws and regulations are dynamic and subject to change through new legislation and evolving legislative, regulatory, administrative, and judicial interpretations. Changes in tax laws or their interpretation or enforcement could affect our tax rates, tax liabilities, and the carrying value of deferred tax assets or liabilities.
With respect to taxes on our products and services, we calculate, collect, and remit various federal, state, and local taxes, fees, and regulatory charges (“taxes”) to numerous governmental authorities, including sales taxes, Universal Service Fund contributions, common carrier regulatory charges, and public safety fees.In connection with the products and services we sell, we calculate, collect, and remit various federal, state, and local taxes, fees and regulatory charges (“tax” or “taxes”) to numerous federal, state and local governmental authorities, including federal and state USF contributions and common carrier regulatory charges and public safety fees. Because many of our service plans are tax inclusive, increases in such taxes may adversely impact our business results.
In many cases, the application of existing, newly enacted, or amended tax laws may be uncertain and subject to different interpretations, especially when evaluated against new technologies and telecommunications services, such as broadband internet access and cloud-related services. Legislative changes, administrative interpretations, and judicial decisions affecting the scope or application of tax laws could also impact reported revenue and taxes due on tax inclusive plans. Additionally, failure to comply with any applicable tax laws could subject us to additional taxes, fines, penalties, or other adverse actions. Additionally, failure to comply with any of the tax laws could subject us to additional taxes, fines, penalties, or other adverse actions.
Our wireless licenses are subject to renewal and may be revoked in the event that we violate applicable laws.
Our existing wireless licenses are subject to renewal upon the expiration of the period for which they are granted. Our licenses have been granted with an expectation of renewal, and the FCC generally has approved our license renewal applications. However, the Communications Act provides that licenses may be revoked for cause and license renewal applications denied if the FCC determines that a renewal would not serve the public interest. If we fail to timely file to renew any wireless license or fail to meet any regulatory requirements for renewal, including construction and substantial service requirements, we could be denied a license renewal. Many of our wireless licenses are subject to interim or final construction requirements, and there is no guarantee that the FCC will find our construction, or the construction of prior licensees, sufficient to meet the build-out or renewal requirements. Accordingly, we cannot assure that the FCC will renew our wireless licenses upon their expiration. If any of our wireless licenses were to be revoked or not renewed upon expiration, we would not be permitted to provide services under that license, which could have a material adverse effect on our business, financial condition, and operating results.
Risks Related to Ownership of Our Common Stock
Our Certificate of Incorporation designates the Court of Chancery of the State of Delaware as the sole and exclusive forum for certain actions and proceedings, which could limit the ability of our stockholders to obtain a judicial forum of their choice for disputes with the Company or its directors, officers, or employees.
Our Certificate of Incorporation provides that, unless we consent in writing to the selection of an alternative forum, the Court of Chancery of the State of Delaware shall be the sole and exclusive forum for (i) any derivative action or proceeding brought on
22
behalf of the Company, (ii) any action asserting a claim of breach of a fiduciary duty owed by any director, officer or employee of the Company to the Company or its stockholders, (iii) any action asserting a claim arising pursuant to any provision of the General Corporation Law of the State of Delaware, the Certificate of Incorporation or the Company's bylaws, or (iv) any other action asserting a claim arising under, in connection with, and governed by the internal affairs doctrine. This choice of forum provision does not waive our compliance with our obligations under the federal securities laws and the rules and regulations thereunder. Moreover, the provision does not apply to suits brought to enforce a duty or liability created by the Exchange Act or by the Securities Act of 1933, as amended.
This choice of forum provision may increase costs to bring a claim, discourage claims, or limit a stockholder's ability to bring a claim in a judicial forum that the stockholder finds favorable for disputes with the Company or its directors, officers or employees, which may discourage such lawsuits against the Company and its directors, officers and employees, even though an action, if successful, might benefit our stockholders.This choice of forum provision may increase costs to bring a claim, discourage claims or limit a stockholder's ability to bring a claim in a judicial forum that the stockholder finds favorable for disputes with the Company or its directors, officers or employees, which may discourage such lawsuits against the Company and its directors, officers and employees, even though an action, if successful, might benefit our stockholders. Alternatively, if a court were to find the choice of forum provision to be inapplicable or unenforceable in an action, we may incur additional costs associated with resolving such matters in other jurisdictions, which could increase our costs of litigation and adversely affect our business and financial condition.
DT controls a majority of the voting power of our common stock and the T-Mobile trademarks we utilize in our business and may have interests that differ from the interests of our other stockholders.22Table of ContentsDT controls a majority of the voting power of our common stock and the T-Mobile trademarks we utilize in our business and may have interests that differ from the interests of our other stockholders.
DT controls a majority of the voting power of our common stock and therefore we are a “controlled company,” as defined in the NASDAQ Stock Market LLC (“NASDAQ”) listing rules, and we are not subject to NASDAQ requirements that would otherwise require us to have a majority of independent directors, a nominating committee composed solely of independent directors or a compensation committee composed solely of independent directors. Accordingly, our stockholders will not be afforded the same protections as stockholders of other NASDAQ-listed companies generally receive with respect to corporate governance for so long as we rely on these exemptions from the corporate governance requirements.
In addition, pursuant to our Certificate of Incorporation and the Second Amended and Restated Stockholders’ Agreement, as long as DT beneficially owns 30% or more of our outstanding common stock, we are restricted from taking certain actions without DT’s prior written consent, including (i) incurring indebtedness above certain levels based on a specified debt to cash flow ratio, (ii) taking any action that would cause a default under any instrument evidencing indebtedness involving DT or its affiliates, (iii) acquiring or disposing of assets or entering into mergers or similar acquisitions in excess of $1.0 billion, (iv) changing the size of our Board of Directors, (v) subject to certain exceptions, issuing equity of 10% or more of the then-outstanding shares of our common stock, or issuing equity to redeem debt held by DT, (vi) repurchasing or redeeming equity securities or making any extraordinary or in-kind dividend other than on a pro rata basis, or (vii) making certain changes involving our CEO. We are also restricted from amending our Certificate of Incorporation and bylaws in any manner that could adversely affect DT’s rights under the Second Amended and Restated Stockholders’ Agreement for as long as DT beneficially owns 5% or more of our outstanding common stock. These restrictions could prevent us from taking actions that our Board of Directors might otherwise determine are in the best interests of the Company and our stockholders, or that may be in the best interests of our other stockholders.
DT effectively has control over all matters submitted to our stockholders for approval, including the election or removal of directors, changes to our Certificate of Incorporation, a sale or merger of our Company and other transactions requiring stockholder approval under Delaware law. DT’s controlling interest may have the effect of making it more difficult for a third party to acquire, or discouraging a third party from seeking to acquire, the Company and DT, as the controlling stockholder, may have strategic, financial, or other interests different from those of our other stockholders, including as the holder of a portion of our debt and as the counterparty in a number of commercial arrangements, and may make decisions adverse to the interests of our other stockholders.
In addition, we license certain trademarks from DT, including the right to use the trademark “T-Mobile” as a name for the Company and our flagship brand under a trademark license agreement, as amended, with DT. As described in more detail in our Proxy Statement on Schedule 14A filed with the SEC on April 18, 2025 under the heading “Transactions with Related Persons and Approval,” we are obligated to pay DT a royalty in an amount equal to 0.25% (the “royalty rate”) of the net revenue (as defined in the trademark license) generated by products and services sold by the Company under the licensed trademarks subject to a cap of $80 million per calendar year through December 31, 2028. We and DT are obligated to negotiate a new trademark license when (i) DT has 50% or less of the voting power of the outstanding shares of capital stock of the Company or (ii) any third party owns or controls, directly or indirectly, 50% or more of the voting power of the outstanding shares of capital stock of the Company, or otherwise has the power to direct or cause the direction of the management and policies of the Company. As described in more detail in our Proxy Statement on Schedule 14A filed with the SEC on April 24, 2024 under the heading “Transactions with Related Persons and Approval,” we are obligated to pay DT a royalty in an amount equal to 0.25% (the “royalty rate”) of the net revenue (as defined in the trademark license) generated by products and services sold by the Company under the licensed trademarks subject to a cap of $80 million per calendar year through December 31, 2028. We and DT are obligated to negotiate a new trademark license when (i) DT has 50% or less of the voting power of the outstanding shares of capital stock of the Company or (ii) any third party owns or controls, directly or indirectly, 50% or more of the voting power of the outstanding shares of capital stock of the Company, or otherwise has the power to direct or cause the direction of the management and policies of the Company. If we and DT fail to agree on a new trademark license, either we or DT may terminate the trademark license and such termination shall be effective, in the case of clause (i) above, on the third anniversary after a notice of termination and, in the case of clause (ii) above, on the second anniversary after a notice of termination. A further increase in the royalty rate or
23
termination of the trademark license could have a material adverse effect on our business, financial condition, and operating results.
We cannot guarantee that our current and future stockholder return programs will be fully utilized or that they will enhance long-term stockholder value.
Our Board of Directors has authorized, and may from time to time authorize, stockholder return programs, consisting of repurchases of shares of our common stock, the payment of cash dividends, or both. The specific timing and amount of any share repurchases and any dividend payments under any stockholder return program will depend on prevailing share prices, general economic and market conditions, Company performance and other considerations, such as whether the Company determines that there are other uses for the funds currently authorized for the program that would be more advantageous for our business. In addition, the specific timing and amount of any dividend payments are subject to declaration on future dates by the Board of Directors in its sole discretion.
Any stockholder return program could impact our cash flows, affect the trading price of our common stock, and increase volatility. We cannot guarantee that any stockholder return program will be fully consummated or that it will enhance long-term stockholder value. Our current and future stockholder return programs do not, and will not, obligate the Company to acquire any particular amount of common stock or to declare and pay any particular amount of dividends, and any program may be suspended or discontinued at any time at the Company’s discretion. Any announcement of termination of any program may result in a decrease in the price of our common stock.
Future sales of our common stock by DT and foreign ownership limitations by the FCC could have a negative impact on our stock price and decrease the value of our stock.Future sales of our common stock by DT and SoftBank and foreign ownership limitations by the FCC could have a negative impact on our stock price and decrease the value of our stock.
We cannot predict the effect, if any, that market sales of shares of our common stock by DT will have on the prevailing trading price of our common stock.We cannot predict the effect, if any, that market sales of shares of our common stock by DT or SoftBank will have on the prevailing trading price of our common stock. Sales of a substantial number of shares of our common stock could cause our stock price to decline.
We and DT are parties to the Second Amended and Restated Stockholders’ Agreement pursuant to which DT is free to transfer its shares in public sales without notice, as long as such transactions would not result in a third party owning more than 30% of the outstanding shares of our common stock. If a transfer were to exceed the 30% threshold, it would be prohibited unless the transfer were approved by our Board of Directors, or the transferee were to make a binding offer to purchase all of the other outstanding shares on the same price and terms. The Second Amended and Restated Stockholders’ Agreement does not otherwise impose any other restrictions on the sales of common stock by DT. Moreover, the Second Amended and Restated Stockholders’ Agreement generally requires us to cooperate with DT to facilitate the resale of our common stock or debt securities held by DT under shelf registration statements we have filed.
DT has incrementally sold limited amounts of shares of our common stock in the open market. Any additional sale of shares of our common stock by DT (other than in transactions involving the purchase of all of our outstanding shares) could significantly increase the number of shares available in the market, which could cause a decrease in our stock price.The sale of shares of our common stock by DT or SoftBank (other than in transactions involving the purchase of all of our outstanding shares) could significantly increase the number of shares available in the market, which could cause a decrease in our stock price. In addition, even if DT does not sell a large number of its shares into the market, their rights to transfer a large number of shares into the market could depress our stock price. In addition, even if DT or SoftBank does not sell a large number of their shares into the market, their rights to transfer a large number of shares into the market could depress our stock price.
Furthermore, under existing law, no more than 20% of an FCC licensee’s capital stock may be directly owned, or no more than 25% indirectly owned, or voted by non-U.S. citizens or their representatives, by a foreign government or its representatives or by a foreign corporation. If an FCC licensee is controlled by another entity, up to 25% of that entity’s capital stock may be owned or voted by non-U.S. citizens or their representatives, by a foreign government or its representatives or by a foreign corporation. Foreign ownership above the 25% holding company level may be allowed if the FCC finds such higher levels consistent with the public interest. The FCC has ruled that higher levels of foreign ownership, even up to 100%, are presumptively consistent with the public interest with respect to investors from certain nations. If our foreign ownership by previously unapproved foreign parties were to exceed the permitted level without further FCC authorization, the FCC could subject us to a range of penalties, including an order for us to divest the foreign ownership in part, fines, license revocation or denials of license renewals. If ownership of our common stock by an unapproved foreign entity were to become subject to such limitations, or if any ownership of our common stock violates any other rule or regulation of the FCC applicable to us, our Certificate of Incorporation provides for certain redemption provisions at a pre-determined price which may be less than fair market value. These limitations and our Certificate of Incorporation may limit our ability to attract additional equity financing outside the United States and decrease the value of our common stock.
24
Item 1B. Unresolved Staff Comments
None.
Item 1C. Cybersecurity
Risk Management and Strategy
Our Cybersecurity Approach and Integration
Cyber risk management is a core component of the Company's governance structure. We utilize the National Institute of Standards and Technology’s Cybersecurity Framework as a guide in cyber risk management to identify, assess, and assist cybersecurity leadership in managing cybersecurity risks. Cyber risk management encompasses partnerships among teams that are responsible for cyber governance, prevention, detection, and remediation activities within the Company’s cybersecurity environment. As part of our cyber risk management efforts, we conduct periodic reviews and collaborate with enterprise-wide risk assessments to assess and manage cybersecurity risks. Our cybersecurity team also provides enterprise-wide cybersecurity training for employees to continuously improve our mitigation against human-driven vulnerabilities.
Our management also conducts a quarterly enterprise-wide risk assessment that considers a wide spectrum of risks facing the Company, including cybersecurity. Through these quarterly risk assessments, management informs the Audit Committee of the cyber risk landscape facing the Company and the Company’s preparedness to manage such risk. The enterprise-wide risk assessment is a top-down risk assessment that leverages the assessments performed by cyber risk management.
The Company engages top-tier external cybersecurity firms, as needed, leveraging their expertise as part of our ongoing effort to evaluate and enhance our cybersecurity program. They help with cyber defense capabilities (including staff enhancement of certain functions) and transformation to mitigate associated threats, reduce risk, enhance our cybersecurity posture, and meet the Company's evolving needs.
Our third-party risk management program includes processes for identifying and managing material cybersecurity risks arising from third-party providers. Our third-party risk management program actively engages with the enterprise-wide risk assessment process and partners with cyber risk management to report relevant risks to the NCGC Committee, the Audit Committee and our internal Enterprise Risk & Compliance Committee. Our third-party risk management program includes cybersecurity as an aspect of its risk assessment of third parties with the objective that key risks are identified and addressed. Moreover, the program also considers risks associated with certain fourth parties, entities that are partners or subcontractors of our direct third-party vendors, through assessments carried out by our third-party service providers.
Cybersecurity Incident Impact
25
Governance
Disclosure of Management’s Responsibilities
Chief Information Officer
The Chief Information Officer is responsible for overseeing the Company’s information technology systems, digital capabilities, and cybersecurity practices. Mark Clancy, our Senior Vice President, Cybersecurity, under the direction of the Chief Information Officer, is responsible for overseeing the cybersecurity organization and promoting a security-centric culture throughout our business and operational functions. The Senior Vice President, Cybersecurity, is at the forefront of enhancing our cybersecurity framework and strengthening the overall cybersecurity program. This involves upgrading tools and capabilities, which are part of a broader, multi-year strategy to continue to enhance security measures. The Senior Vice President, Cybersecurity, oversees the cyber risk management function, which identifies cybersecurity threats, assesses cybersecurity risks and supports the Chief Information Officer and the Company in managing such risks. The CSO oversees the cyber risk management function, which identifies cybersecurity threats, assesses cybersecurity risks and supports the Transformation and Chief Information & Digital Officer and the Company in managing such risks.
As the Company’s Chief Information Officer, Jeff Simon has extensive experience in risk management and information security, including serving as the Chief Information Security Officer at Fidelity National Information Services, Inc. Mr. Simon received his Master of Science in Computer Science, Software Engineering & Artificial Intelligence from the Johns Hopkins Whiting School of Engineering and Bachelor of Science in Business Administration and Applied Economics from Marquette University. Mr. Simon is a Certified Information Systems Security Professional.
Enterprise Risk & Compliance Committee
Our Enterprise Risk & Compliance Committee is comprised of a collective of senior management representatives and subject matter experts from across the Company. The Enterprise Risk & Compliance Committee is chaired by the Chief Financial Officer of the Company, with the Chief Legal Officer and General Counsel as the co-chair and comprises core members including the Chief Information Officer, while the Senior Vice President, Cybersecurity, serves in an advisory capacity. The purpose of the Enterprise Risk & Compliance Committee is to oversee and govern the Company’s risk management, environmental, social, corporate governance, cybersecurity, and operational compliance activities, as well as provide a means of bringing risk issues to the attention of management. Specific to cybersecurity, the Chief Information Officer and the Senior Vice President, Cybersecurity, have the expertise to provide insights into the nature of cyber threats, the Company’s readiness, and actions taken to mitigate such risks. Specific to cybersecurity, the Transformation and Chief Information & Digital Officer and the CSO have the expertise to provide insights into the nature of cyber threats, the Company’s readiness, and actions taken to mitigate such risks.
Disclosure of the Board’s Roles and Responsibilities
Our Board of Directors oversees risks from cybersecurity threats using a multi-faceted approach that involves the NCGC Committee and Audit Committee and various executive roles. Additionally, our Chief Information Officer and Senior Vice President, Cybersecurity, report on cybersecurity to the full Board.
Nominating, Corporate Governance and Compliance Committee
The NCGC Committee oversees risks associated with data privacy and information security, which encompasses cybersecurity. Our Senior Vice President, Cybersecurity, and Chief Compliance Officer, among other executives, provide periodic reports to the NCGC Committee and also meet with the NCGC Committee to discuss any material events when they arise. Our CSO and Chief Compliance Officer, among other executives, provide periodic reports to the NCG Committee and also meet with the NCG Committee to discuss any material events when they arise. The periodic reports are designed to keep the NCGC Committee abreast of the Company’s cybersecurity practices, risks and trends in cybersecurity threats. The NCGC Committee also has discussions with management focused on evaluating the Company’s exposure to cybersecurity risks and cybersecurity practices in place to mitigate such risks. These discussions enable the NCGC Committee to be informed of the steps management is taking to detect, monitor and manage cybersecurity risks. These reports
26
to the NCGC Committee typically include information on any significant incidents that have occurred, how they were managed, and any changes to the risk profile of the Company. The NCGC Committee seeks updates to facilitate proactive governance and to allow the NCGC Committee to address emerging cybersecurity issues with management. The NCG Committee seeks updates to facilitate proactive governance and to allow the NCG Committee to address emerging cybersecurity issues with management.
Recently Filed
Click on a ticker to see risk factors
| Ticker * | File Date |
|---|---|
| EPRT | 56 minutes ago |
| APH | 58 minutes ago |
| VKTX | an hour ago |
| RCL | an hour ago |
| AUR | an hour ago |
| QTWO | an hour ago |
| AMCX | an hour ago |
| FR | an hour ago |
| GLIBA | an hour ago |
| ALB | an hour ago |
| RNR | an hour ago |
| WPC | an hour ago |
| R | an hour ago |
| CFLT | an hour ago |
| HUBS | 2 hours ago |
| WHR | 2 hours ago |
| AR | 2 hours ago |
| EGP | 2 hours ago |
| AM | 2 hours ago |
| MGM | 2 hours ago |
| RFAI | 2 hours ago |
| EQIX | 2 hours ago |
| RBLX | 2 hours ago |
| CRBG | 2 hours ago |
| TFIN | 2 hours ago |
| STAG | 2 hours ago |
| SITM | 2 hours ago |
| DVA | 2 hours ago |
| JNJ | 2 hours ago |
| KMPR | 2 hours ago |
| TMUS | 2 hours ago |
| NBIX | 2 hours ago |
| HXL | 3 hours ago |
| NVR | 3 hours ago |
| TXT | 3 hours ago |
| BWA | 5 hours ago |
| BKH | 5 hours ago |
| ACBM | 5 hours ago |
| SYK | 6 hours ago |
| BMY | 6 hours ago |
| MA | 7 hours ago |
| HLT | 8 hours ago |
| RPRX | 9 hours ago |
| NNN | 9 hours ago |
| NVCT | 10 hours ago |
| AVTR | 10 hours ago |
| LEU | 10 hours ago |
| FNMA | 11 hours ago |
| U | 11 hours ago |
| SHOP | 11 hours ago |
