Ethics & Integrity

Ethics and integrity are essential. Business practices can influence trust in companies, shape industries and impact employee wellbeing. We are committed to a set of principles that guide how we do business and interact with our customers, our shareholders and each other. We hold ourselves to the highest standards of business conduct and compliance, and we strive to provide transparent communication, tools and training needed to maintain a culture of ethics at all levels of AT&T.

While the AT&T of today looks vastly different than the one founded more than 140 years ago, one constant is our unwavering commitment to doing what is right. We operate with honesty, integrity and transparency in all we do. That is what our customers expect of us, and that is what we expect from each other.

At the heart of what we do is the AT&T Code of Business Conduct (Code), which serves as our roadmap for doing business the right way. It empowers employees to make the right decisions, even when it’s difficult, and defines the overarching principles of how we do business. AT&T is intentional about operating in an ethical and compliant manner and our Code, policies, practices, training and compliance oversight help ensure that we do. AT&T has transformed over the years. But one thing that has not changed is our commitment to operating our business with ethics and integrity.

For fiscal year 2022, AT&T had no material losses related to litigation or to non-appealable regulatory decisions involving anti-competitive behavior.

Code of Business Conduct

The AT&T Code of Business Conduct is a values-based code that defines the standard of honest and ethical behavior that employees are expected to follow. It is a key resource and practical tool for our employees, providing guidance about the attitudes and behaviors to adopt in relationships within and outside the company. All AT&T employees are required to review the Code on a yearly basis. The Code is a living document that has been translated into many different languages. The Code is mobile and web accessible for employees to reference throughout the year. More information about the Code is outlined below:

• Content: The Code covers a wide range of topics related to ethics and compliance, including diversity and nondiscrimination, conflicts of interest, customer and employee data privacy, our policy of non-retaliation and our commitment to the environment.
• Compliance: AT&T expects all employees to act lawfully and ethically in accordance with the Code and company policies. Violation of these policies may result in disciplinary action including, but not limited to, termination of employment, suspension, written warning or adverse pay treatment.
• Updates: We update the Code regularly as part of our ongoing effort to maintain effectiveness and provide clear direction and resources on relevant topics. Significant changes to the Code are communicated to all AT&T employees.

AT&T’s Board of Directors is held to standards of honest and ethical conduct as outlined in our Code of Ethics. The Code of Ethics emphasizes the importance of avoiding conflicts of interest and our expectations for ensuring the timeliness and accuracy of our Securities and Exchange Commission filings and related financial statements.

Employee Training & Awareness

Through training and communications, we share the expectations outlined in the Code to uphold ethics and integrity in our operations. Details are outlined below:

• Accessibility: We strive to make our Code clear and accessible for employees. It is available in 22 languages and can be accessed on external websites, the company intranet and employee mobile devices.
• Training: New hires receive Code training shortly after beginning at the company. Ethics and compliance training is conducted annually for existing employees. In 2022, 99% of employees completed the annual Code training.²
• Senior Leadership Engagement: Our Chief Compliance Officer and senior leadership regularly communicate messages about ethics and integrity within the company through video messages, blogs, town halls and emails.

Ethics@Work

Ethics@Work is a set of resources and in-person and web-based trainings that help employees become better decision-makers. These resources and trainings cover topics such as anti-bribery/anti-corruption, data protection, social media, conflicts of interest, reporting and privacy using real-world examples and resources to assist individuals and their teams in identifying blind spots and making ethical business decisions. Employees can access our on-demand Ethics@Work toolkit on our Code of Business Conduct website or in our Ethics@Work app. We also offer a Spanish version of the app, Trabajo Ético, for AT&T Mexico employees.

Policies

We have several policies—including our Code of Business Conduct, Code of Ethics, and Anti-Bribery Anti-Corruption Policy—that outline our commitment to ethical business conduct. Details about these policies are available on our Policies page.

Biennial Compliance Survey

The Chief Compliance Office (CCO) hosts a biennial survey that focuses on employees’ perception of ethics, honesty and integrity at AT&T. The results are used to improve programs throughout the company. The survey is administered by a third party and results are aggregated to protect the identity of our employees, ensuring it is a safe, anonymous forum for raising issues.

Addressing Employee Concerns

AT&T has several strategies to receive and address employee concerns, including:

• Reporting Concerns: Employees can ask questions and report concerns about our Code of Business Conduct and Code of Ethics (Codes) to their direct supervisor, another manager, Human Resources, the CCO, Asset Protection or the Legal Department. Employees can make a confidential and anonymous report of suspected or actual violations of the Codes or other company policies through a telephone hotline or online reporting mechanisms. Employees can also report violations or ask questions directly to the Compliance team via phone or email using our “Ask Compliance” resource. Information about these resources is available on our intranet sites and in employee Code of Business Conduct trainings.
• Non-retaliation: We have strict non-discrimination and non-retaliation policies³ to protect employees who have grounds to report unethical behavior or a violation of company policy or law. We investigate allegations of retaliation and take appropriate action. For more information, please see our Equal Employment Opportunity & Harassment Policies.

Chief Compliance Office

Ethics and integrity are foundational to who we are at AT&T. The CCO is responsible for compliance oversight of legal and regulatory requirements of the countries and jurisdictions where AT&T operates, promoting an ethical culture, developing policies to safeguard the privacy of customer and employee information, ensuring adherence to internal compliance requirements, investigating violations of the Code of Conduct, providing executive protection, and fulfilling legal demands for records. The CCO’s procedures are robust, risk based, and modeled on the Federal Sentencing Guidelines for Organizations, the Department of Justice Guidance for Evaluation of Corporate Compliance Programs, and other international and industry regulations and guidelines. Our approach includes the following:

• Program Content: The CCO focuses on areas including, but not limited to, anti-bribery/anti-corruption, antitrust and competition, third-party oversight, data protection, sales practices, records and information management, and privacy. We continuously improve the CCO program in accordance with U.S. Department of Justice Guidance for Evaluation of Corporate Compliance Programs guidance and other leading best practices, including external assessments of our program.
  • In response to the sanctions resulting from the Russian invasion of Ukraine, the Corporate Compliance Office Sanctions and Global Trade teams worked in partnership with Legal, External & Legislative Affairs and many other teams to comply with the new sanctions. With sanctions impacting AT&T and more than 100 of our customers and suppliers, our response efforts have enabled AT&T to continue serving customers in impacted regions in a compliant manner.
• Compliance Responsibilty: While the CCO is administered under the direction of the Chief Compliance Officer, compliance is the responsibility of every department and every employee. The CCO partners with a broad group of stakeholders across the business to provide tools and information to mitigate risk and manage compliance.
• Compliance Risk Assessment: The CCO conducts formal risk assessments annually, focusing on significant compliance areas that could present a significant risk to the company from a reputational, operational or financial perspective. In addition, the compliance risk assessment process evaluates compliance in certain high-risk areas for inclusion in the program. The CCO leadership team and legal support review each risk assessment and communicate the results and action plans to business unit leadership. For more information about risk management, please visit our Annual Report and Proxy Statement.
• Compliance Oversight: The Audit Committee of the Board of Directors provides oversight of AT&T’s compliance with legal and regulatory requirements. The Audit Committee oversees the administration and enforcement of the Codes and the Compliance Program. The Chief Compliance Officer reports at least annually to the Audit Committee regarding the company’s compliance and ethics-related trends, risks, and action plans and has independent discussions with committee members as needed throughout the year. The CCO develops policies and principles, provides oversight and verification of the effectiveness of compliance controls, issues guidance on data privacy strategy throughout the company, and protects AT&T’s assets.

Anti-Bribery/Anti-Corruption

AT&T strictly prohibits giving, offering, authorizing or taking bribes or engaging in corruption in any circumstance. This includes bribery of or giving improper payments or rewards to private individuals or government officials (local, state, federal). Our business is global in reach, with operations all over the world. We seek to excel in the global marketplace honestly and fairly, relying on our outstanding performance and ethical business practices. Our anti-bribery/anti-corruption compliance oversight program, which is part of the CCO, aims to prevent, detect and mitigate risks related to public and commercial bribery. Our approach includes the following:

• Policies: The Code and Anti-Bribery Anti-Corruption (ABAC) Policy communicate expectations for handling and recording company transactions and executing company business, while our schedules of authorization delineate who has the authority to approve certain transaction thresholds. The ABAC Policy outlines our approach to working with government officials and U.S. and non-U.S. entities. The ABAC Policy applies to all AT&T employees and is updated annually. Employees can access the policies online and on our mobile app.
• Training: On an annual basis, we provide training for employees who interact with public officials. The training is interactive and designed to help employees understand permissible conduct when interacting with public officials.
• Monitoring: In addition to the risk assessment process, as part of our overall program, we continuously monitor for bribery and corruption risk to assess the effectiveness of existing controls.
• Oversight: The internal audit organization, led by our Senior Vice President of Audit Services, performs periodic ABAC control audits.

In 2023, Ethisphere awarded AT&T the Compliance Leader Verification certification. As we continue to uphold our high standards for ethics and integrity, we will review industry trends and best practices, complete reviews of our programs, assess our policies, update training and more. Key highlights for our path forward include:

• Reviewing existing compliance training to ensure the content is relevant, interactive, and engaging and the audience is appropriately selected, as well as developing new training as needed.
• Evaluating compliance policies to ensure readability and provide resources as needed, as well as developing new policies if needs are identified.
• Aligning our compliance program with the most current and relevant local and federal legislation and guidelines.

• AT&T Anti-Bribery Anti-Corruption Policy
• AT&T Code of Business Conduct
• AT&T Code of Ethics
• AT&T Equal Employment Opportunity & Harassment Policies
• AT&T Policies
• AT&T Political Engagement Report
• AT&T Proxy Statement
• Ethisphere
• Federal Sentencing Guidelines for Organizations
• U.S. Department of Justice Evaluation of Corporate Compliance Programs
• World’s Most Ethical Companies