Annual Report

Key Figures

of secunet Group according to IFRS

in million euros	2021	2020	Change
Sales	337.6	285.6	+18 %
EBIT	63.9	51.6	+24 %
EBIT margin (in %)	18.9	18.1	+0.8 Pp
EBT	63.6	51.3	+24 %
Group profit for the period	43.0	35.0	+23 %
Earnings per share (in euros)	6.66	5.43	+23 %
Dividend per share (in euros, subject to resolution of the Annual General Meeting)	5.38	2.54	+112 %
Cash flow from operating activities	53.8	56.4	-5 %
Cash flow from investing activities	-15.7	-5.5	+187 %
Cash flow from financing activities	-20.2	-13.8	+47 %

in million euros	2021	2020	Change
Balance sheet total	274.0	239.8	+14 %
Equity (including non-controlling interests)	129.8	102.8	+26 %
Equity ratio (in %)	47.4	42.9	+4.5 %
Cash and cash equivalents	119.5	101.6	+18 %
Liabilities	144.2	137.0	+5 %
Loans	0.0	0.0	- %
Order book	185.2	149.5	+24 %
Permanent employees	755	653	+102

Long-term development of sales and EBIT

Public Sector

Digital sovereignty for state and society

A holistic IT security concept is essential for public authorities and armed forces. secunet's Public Sector supports the digital transformation of administrations, authorities and armed forces in Germany and abroad. Trustworthy security solutions assure resilient digital infrastructures and the utmost protection for data, applications and digital identities. Consulting, security analyses and training round out secunet's cybersecurity portfolio. This enables public organisations to leverage the latest technologies while retaining their digital sovereignty.

Business Sector

Secure digitalisation in industry and healthcare

The digital transformation is spawning new business models, accelerating communication and creating more efficient processes in existing value chains. However, increased networking and new technologies simultaneously amplify the risk of cyberattacks, malware, data misuse and espionage. secunet's Business Sector supports companies and the healthcare sector in safeguarding information and communication technologies. The core competence lies in consulting as well as in the development and production of trustworthy security solutions that integrate seamlessly into existing IT landscapes and protect them effectively.

secunet – protecting digital infrastructures

secunet is Germany's leading cybersecurity company. In an increasingly connected world, the Company's combination of products and consulting assures resilient digital infrastructures and the utmost protection for data, applications and digital identities. secunet specialises in areas with particular security requirements – such as eGovernment, eHealth as well as IIoT and cloud computing. With security solutions from secunet, companies can maintain the highest security standards in digitalisation projects and thus expedite their digital transformation.

Annual Report 2021

Foreword by the Management Board

Dear Shareholders, Ladies and Gentlemen,

Last year we expressed here the hope that 2021 would bring a return to normality. This return is now occurring more slowly than hoped and the pandemic is not yet over. Nevertheless, life already feels a little more normal in many areas, which is partly due to the fact that many lasting innovations, such as a high mobile office share, are now perceived as normal by many.

One thing is clear: the profound transformation of the world of work that many observers already predicted at the beginning of the pandemic is actually taking place. This is shown by numerous secunet customer projects involving secure infrastructures for modern working. That is because many public authorities and companies were faced with the challenge of moving office workplaces to a mobile office setting. At secunet, we were able to meet this demand in large numbers with the SINA Workstation S. It is part of the SINA product family and enables location-independent and secure processing of classified information or other sensitive data.

But even beyond that, we are recognised by our customers as a reliable and efficient technology partner. The product business with the entire SINA family continues to develop very positively. In the healthcare market, we were able to maintain our market-leading position in equipping medical service providers – including medical practices, pharmacies and hospitals – with our healthcare connectors. Furthermore, we have set numerous strategic pillars in the industrial sector with which we intend to achieve stronger growth in the medium term in this area as well. For example, we have entered into a partnership with Tech Data, one of the world's leading distributors of technology products, which focuses on our product "secunet edge" as a solution for the secure networking of machines in the Internet of Things (IoT) and Industry 4.0.

A new record year

The bottom line is that not only have we clearly met our forecast for the full year 2021, but we can also look back on the eighth successive year in which we have achieved record results: the Group sales revenues of 337.6 million euros exceeded the prior-year figure by 18%, and the earnings before interest and taxes (EBIT) of 63.9 million euros even improved by 24%. Our EBIT margin, which at 18.9% is also at a record level, demonstrates our high profitability. The consistently high equity ratio of around 47% and our cash and cash equivalents of 119.5 million euros underscore our financial strength.

This outstanding performance is also being acknowledged by the capital market. Over the year as a whole, the secunet share impressively outperformed the classic DAX, MDAX, SDAX and TecDAX indices with a price increase of 67%. It is also thanks to the positive share price performance that the secunet share was admitted to the SDAX with effect from 20 September 2021.

We would naturally like you, our shareholders, to share in the growth success of secunet Security Networks AG over and above the positive share price performance. That is why, in accordance with our long-term dividend policy, we will recommend to the Annual General Meeting that a regular dividend of 3.37 euros per share and an additional special dividend of 2.01 euros per share, and thus a total of 5.38 euros per share, be paid for the 2021 financial year.

Axel Deininger Dr Kai Martius Torsten Henn Thomas Pleines

Sustainable, profitable growth remains our objective

Our overarching objective is to grow profitably and create sustainable value across all divisions, nationally and internationally. In so doing, we always pursue the goal of offering our customers the most effective IT security solutions and thus strengthening their digital sovereignty.

The stable basis for the further development of the Company is and remains the Public Sector business segment, whose products and services are geared towards public clients within and outside Germany, as well as international organisations, and which secures us reliable revenue fields and growth impulses. In the Business Sector business segment, we are continuing along the path we have taken and are consistently focusing our range of solutions on the requirements of the fast-growing future markets of eHealth, Industry 4.0 and the Internet of Things.

Where there are worthwhile candidates, we will supplement our organic growth through targeted acquisitions, and we are continuously assessing M & A projects in this area. One project that we brought to completion in 2021 was the acquisition of stashcat GmbH. The Hanover-based company ensures that organisations with high security requirements, such as police authorities or the German armed forces, can also use a messenger app with advanced collaboration and video conferencing functions. The stashcat offshoot schul.cloud is also positioning itself successfully on the education market and is already being used in over 7,500 schools across Germany. With this takeover, we are creating an additional range of products and services for our customers to facilitate the increasingly digital form of working.

We continue to pursue our internationalisation strategy in a targeted and proportionate manner. The focus here is on activities with the countries of the European Union and EU organisations as well as defence and space organisations. With the expansion of international sales activities and a more effective customer approach, we are focusing more strongly on the requirements of these target groups.

Outlook and challenges

Looking ahead, the coronavirus pandemic is clearly acting as a catalyst for digitalisation. The digital pressure to change and the associated speed of transformation processes required for this have increased significantly. In the 2020 and 2021 financial years, we benefited from this to a particular extent. When the crisis subsides, the digital transformation will revert from its current accelerated speed back to a normal pace. In our forecast for the 2022 financial year, we are therefore working on the assumption that it will not be possible to repeat the pandemic-related market effects: we are expecting sales revenues of around 320 million euros and an EBIT of around 50 million euros.

Another uncertainty in 2022 will be the ongoing bottlenecks in the supply of semiconductors and related temporary logistical challenges in global supply chains. In particular, a supply shortage of semiconductor products would cause delays in customer projects. In order to counter this and to minimise the impact on our performance and delivery capability, we have further intensified our efforts in supplier and inventory management.

We react with concern and dismay to the news about the acts of war in Ukraine. No direct risks relating to procurement and sales are currently evident. The extent to which the sanction decisions will require action is under discussion. The German government is planning a special fund of 100 billion euros to improve its own defence capabilities as well as long-term increases in the defence budget. This will lead to a huge increase in defence spending. The extent to which this will create tangible opportunities for secunet is also not yet foreseeable at this point in time.

Ladies and Gentlemen, we successfully remained on course as the leading German provider of high-quality cybersecurity solutions in 2021. We would like to express our sincere thanks to our motivated and dedicated employees, without whom it would not have been possible either to achieve the strategic goals or to overcome the operational challenges. We would also like to thank our customers, our shareholders and the members of our Supervisory Board. At the same time, we take this opportunity to express our hope for an early, peaceful end to the war in Ukraine.

The Management Board of secunet Security Networks AG

Axel Deininger (CEO) Thorsten Henn (COO)

Dr Kai Martius (CTO) Thomas Pleines (CFO)

Supervisory Board report

Dear Shareholders, Ladies and Gentlemen,

The year 2021 continued to be dominated by the coronavirus pandemic, and despite all the uncertainty that still exists about its future course, we can already state that the pandemic has raised awareness in many sectors and areas of life about the importance of digitalisation and the protection of critical infrastructure. secunet Security Networks AG took advantage of the opportunities that arose from this and recorded a business performance that was well above expectations at the beginning of the financial year, achieving new record levels of sales revenue and earnings. The dedication of the workforce has made a significant contribution to the successful development of secunet and also leads us to expect continued positive development in the future.

In the reporting year, the Supervisory Board continuously, diligently and conscientiously performed the tasks assigned to it by law and by the Company's Articles of Association and rules of procedure. It continuously monitored and regularly advised the Management Board in its management of secunet Security Networks AG on the basis of the Management Board's detailed written and oral reports and, in the course of performing its duties, satisfied itself that the work of the Management Board was lawful, expedient and proper. Furthermore, between the Supervisory Board meetings, there was also a regular exchange of information between the Chairman of the Supervisory Board and the Chairman of the Management Board as well as the other members of the Management Board. The Supervisory Board was always informed quickly and comprehensively about all events and measures of material importance to the Company, in particular about the strategy, corporate planning including financial, investment and personnel planning, the profitability of the Company and the business development of the Company and the Group as well as the risk situation, risk management and compliance. The Supervisory Board was directly involved at an early stage in all decisions of fundamental importance to the Company and discussed these intensively and in detail with the Management Board. All members of the Supervisory Board had the opportunity at all times to attend to the Management Board's suggestions and reports in detail and to make their own proposals. Insofar as the approval of the Supervisory Board was required for decisions or measures of the Management Board in accordance with laws, the Articles of Association or the rules of procedure, the members of the Supervisory Board approved these after intensive examination and discussion.

Supervision and examination methods

The Supervisory Board has mainly based its examination on

» the regular reports of the Management Board as provided for by law and the Management Board's rules of procedure,
» the separate reports submitted by the Management Board in specific circumstances and
» the supplementary explanations provided by the Management Board and the auditors.

Each of the reports was submitted to all members of the Supervisory Board. Where the Management Board submitted business measures to the Supervisory Board for approval, the Supervisory Board's copy was in each case accompanied by a presentation of the main points to be considered in taking a decision. During the 2021 financial year, the Supervisory Board saw no occasion for individual members of the Supervisory Board or particular experts to inspect or examine the books or records of the Company.

Dr Ralf Wintergerst

Meetings of the Supervisory Board

Four ordinary meetings were held in the reporting year: on 17 March, 12 May, 8 September and 23 November 2021. Furthermore, the Supervisory Board convened for three extraordinary meetings and resolutions on 25 March, 30 April and 10 December 2021. The Supervisory Board also regularly met without the Management Board.

During the past financial year, all members of the Supervisory Board attended all meetings of the Supervisory Board.

In addition, the Supervisory Board passed written circular resolutions between the meetings as required. The Management Board also kept the Supervisory Board informed about projects and plans of particular importance to the Company in the periods between the meetings, by means of detailed written reports. The Supervisory Board discussed with the Management Board any financial information arising over the course of the year, before its publication. In all of the ordinary meetings and in any required extraordinary meetings, the Supervisory Board addressed the current business performance of secunet Security Networks AG. In all ordinary meetings, it also dealt in detail with all relevant issues concerning business planning, investment planning, the development of earnings and liquidity. Furthermore, the Supervisory Board members examined in detail the Management Board's assessments regarding market events and the further development and long-term strategy focus of the Company, and discussed these topics in depth with the Management Board. In addition, it focused on the key organisational and personnel changes. One focus of the 2021 financial year was the strategic further development of the Company through the acquisition of the shares in stashcat GmbH, Hanover.

At all ordinary Supervisory Board meetings, the Supervisory Board members were briefed on the Company's risk situation, risk management and compliance, including the compliance organisation set up by the Management Board.

About the individual meetings and their contents:

In the meeting on 17 March 2021, the Supervisory Board dealt in detail with the business performance in 2020 and the effects of the ongoing coronavirus pandemic. The Management Board summarised the particular features of the 2020 financial year in its report to the Supervisory Board, and the Supervisory Board acknowledged the Company's earnings situation. Furthermore, the Supervisory Board discussed the financial statements and the combined Management Report for secunet Security Networks AG and the Group as at 31 December 2020 and the report of the Supervisory Board for the 2020 financial year. The Supervisory Board reviewed and adopted or approved the report of the Supervisory Board, the Annual Financial Statements, the Consolidated Financial Statements and the combined Management Report of the Company and the Group. The auditors took part in the discussions on 17 March 2021 and reported on the key results of their audit. The Supervisory Board's proposed resolutions to the Annual General Meeting of secunet Security Networks AG were also adopted at the meeting on 17 March 2021. The Supervisory Board approved the holding of a virtual Annual General Meeting and the deadline rules.

In the telephone conference on 25 March 2021, the Supervisory Board discussed the planned formation of an Audit Committee and a Technology and Innovation Committee, also against the background of the new legal requirements, as well as the adjustment of the remuneration for the members of the Supervisory Board due to the increased content and time requirements. As a result, the Supervisory Board supplemented its proposed resolutions to the Annual General Meeting with the adjustment of Supervisory Board remuneration and the associated amendments to the Articles of Association.

In another telephone conference on 30 April 2021, the acquisition of all shares in stashcat GmbH, Hanover, was discussed. Following the discussion, the Supervisory Board approved the acquisition of the shares.

In the meeting on 12 May 2021, the Supervisory Board discussed with the Management Board the current business performance against the backdrop of the continuing coronavirus pandemic, and ongoing M & Aprojects. Furthermore, the Supervisory Board decided to form an Audit Committee and a Technology and Innovation Committee and appointed their members. Both committees started their work on 1 July 2021. Following the establishment of committees in the Supervisory Board, it became necessary to update the Declaration of Conformity of November 2020, which was adopted with the required adjustments.

In the meeting on 8 September 2021, the business situation and the financial position of the Company were discussed. The Chairs of the Audit Committee and the Technology Committee presented their reports. Additionally, amendments to the corresponding rules of procedure were adopted in the committees and in the Supervisory Board. The Management Board reported on ongoing M & A projects and presented secunet Group's strategy for the next three years.

In a meeting on 23 November 2021, the Supervisory Board addressed the current business situation and the medium-term strategic goals of the Company and discussed these with the Management Board. The meeting also dealt with the reports from the committees. The Management Board presented the annual planning for 2022 and discussed it with the Supervisory Board. The Supervisory Board also set the targets for the variable Management Board remuneration for the 2022 financial year. The meeting additionally dealt with amendments to the rules of procedure of the Management Board and a revision of the catalogue of transactions requiring approval. The 2021 Declaration of Conformity was also adopted at this meeting.

In the telephone conference on 10 December 2021, the Supervisory Board approved the planning for the 2022 financial year and set the ESG target for the longterm variable Management Board remuneration for the 2022 financial year.

Corporate Governance

The Supervisory Board and Management Board act in the knowledge that good corporate governance is an important basis for the success of the Company. Great importance is placed on implementation of the German Corporate Governance Code, and the application and further development of corporate governance standards within the Company are closely monitored by the Supervisory Board and Management Board.

At the Supervisory Board meeting on 12 May 2021, an update of the Declaration of Conformity from November 2020 in accordance with Section 161 of the German Stock Corporation Act and in conjunction with the establishment of two committees in the Supervisory Board was discussed and adopted. At its meeting on 23 November 2021, the Supervisory Board discussed in detail the draft of the 2021 Declaration of Conformity and adopted it. Further information on the corporate governance of the Company and the Group can be found in the Corporate Governance Statement on page 21 of this Annual Report. The current Declaration of Conformity is reproduced there and on the Company's website (www.secunet.com) under >> About Us >> Investors.

The Supervisory Board has established concrete appointment targets for its own composition and has approved a skills profile for the full Supervisory Board. Both are described in further detail in the Corporate Governance Statement.

The Supervisory Board strives to continually improve the effectiveness and efficiency of its activities. On an annual basis, the review of the Supervisory Board's efficiency is included as a separate item on the agenda for the meetings of the Supervisory Board. In the 2021 financial year, the efficiency review or self-assessment was conducted at the meeting on 17 March 2021.

The members of the Supervisory Board are responsible for the training and further development measures required for their tasks, such as those relating to changes in the legal framework and new technologies, and are appropriately supported in this by the Company. Internal information events on topics and issues that are relevant to the Company are also offered for targeted professional development.

The members of the Management Board and the Supervisory Board notify the Supervisory Board immediately of any conflicts of interest. The members of the Management Board and Supervisory Board were not notified of any conflicts of interest in the 2021 financial year.

In September and November 2021, the Supervisory Board adopted amendments to the rules of procedure for the Supervisory Board, for the newly established committees of the Supervisory Board and for the Management Board. This was occasioned by the entry into force of the Act to Strengthen Financial Market Integrity (FISG) and the development of the Company in recent years. In this context, the amount limits relevant for the approval of the Supervisory Board within the catalogue of transactions requiring approval have been partially raised to take into account the increased size of the Company.

Supervisory Board topics

By resolution of 12 May 2021, the Supervisory Board decided to establish an Audit Committee and a Technology and Innovation Committee, both of which commenced their work on 1 July 2021. The primary task of the committees is to prepare decisions and key topics for the Supervisory Board meeting. Furthermore, the Supervisory Board has delegated certain decision-making powers to the committees within the permissible framework. Both committees had their first, constituent meeting in September 2021.

In this context, the Supervisory Board has initiated an increase in the remuneration of the members of the Supervisory Board in order to meet the increased demands on them in terms of content and time as well as committee activities. The new Supervisory Board remuneration was approved by the Annual General Meeting on 12 May 2021 and the Articles of Association were amended accordingly.

Committee work

The Audit Committee convened for two meetings during the year under review. The main focus of the committee's activities was the discussion of new legislation, in particular the Act to Strengthen Financial Market Integrity (FISG), with regard to the assessment of auditor independence and audit quality. The Audit Committee also dealt with the effectiveness of the internal control system, risk management system, internal audit and compliance. In the second committee meeting, the annual report of the Head of Internal Audit was presented and discussed and the annual audit planning for 2022 was adopted. The results of the risk and opportunity inventory were also presented and discussed.

The Technology and Innovation Committee met twice during the year under review. It dealt with the operational development and longer-term strategy as well as the new products of secunet Group. Moreover, the committee discussed possible company acquisitions with the Management Board.

Annual Financial Statements and Consolidated Financial Statements for 2021

The auditors, the Essen branch of PricewaterhouseCoopers GmbH, registered office in Frankfurt am Main, audited the Annual Financial Statements prepared by the Management Board in accordance with the German Commercial Code (Handelsgesetzbuch, HGB) and the Consolidated Financial Statements prepared in accordance with International Financial Reporting Standards (IFRS), as applicable in the European Union, for the 2021 financial year as well as the combined Management Report of the Group and the Company, including the accounting records, and issued an unqualified audit opinion in each case. The Supervisory Board awarded the audit mandate in accordance with the resolution passed by the Annual General Meeting on 12 May 2021.

The auditors examined the report on relations with affiliated companies prepared by the Management Board for the 2021 financial year in accordance with Section 312 AktG and relating to the existing majority shareholding of Giesecke + Devrient GmbH, Munich, and issued the following unqualified opinion: "Based on our audit and evaluation conducted in accordance with our professional duties, we hereby confirm that 1. the factual information contained in this report is correct, 2. the consideration provided by the Company in respect of the legal transactions mentioned in the report was not inappropriately high."

The financial statement documents, the proposed appropriation of balance sheet profits, the report on relations with affiliated companies and the auditors' reports were distributed to all members of the Supervisory Board without delay following their preparation. At the meeting of the Audit Committee, the above-mentioned financial statements, reports and the proposal for the appropriation of profits were explained by the Management Board and discussed in detail. The audit by the Audit Committee also included the non-financial statement in accordance with Sections 315b and 315c in conjunction with Sections 289c to 289e HGB for secunet Security Networks AG and the Group. The auditors reported on the scope, the focal points and the main results of their audit and in particular on the most important audit matters and the audit procedures performed. No material weaknesses in the internal control system and the risk management system were reported. On the basis of these findings, the Audit Committee decided to recommend that the Supervisory Board approve the submitted financial statements and support the intended profit appropriation.

At the financial statements review meeting on 23 March 2022, the Chair of the Audit Committee first gave a detailed explanation of the committee's recommendations. The submitted financial statements and reports, as well as the proposed profit appropriation, were then discussed and examined in detail by the Supervisory Board in the presence of the auditors, who gave a report on the main findings and focal points of their audit.

Based on the final results of the audit by the Audit Committee and the examination by the members of the Supervisory Board itself, no objections were raised regarding the Financial Statements, the combined Management Report for the Group and the Company, the report on relations with affiliated companies, including the final statement of the Management Board contained therein, or the auditors' reports. The Supervisory Board therefore endorsed the findings of the audit of the financial statements and approved the financial statements of secunet Security Networks AG and the consolidated Group as compiled by the Management Board as at 31 December 2021; the Annual Financial Statements of secunet Security Networks AG were thus adopted on 23 March 2022.

The Supervisory Board examined the Management Board's proposed profit appropriation, which envisages a regular dividend of 3.37 euros per dividend-bearing share and an additional special dividend of 2.01 euros per dividend-bearing share. In doing so, it took into account the liquidity of the Company as well as its financial and investment planning in conjunction with the developments so far in the context of the coronavirus pandemic. The proposed appropriation of profits is in line with the Company's interests and takes into account the interests of the shareholders. After having examined and weighed up all the arguments, the Supervisory Board approves the profit appropriation proposal.

Expression of thanks

secunet Security Networks AG achieved excellent results in the 2021 financial year under challenging circumstances. This is due to the outstanding performance of the Management Board and the workforce of the Company and the Group. On behalf of the Supervisory Board, I would like to thank the members of the Management Board and all employees.

Essen, 23 March 2022

For the Supervisory Board

Dr Ralf Wintergerst

Spotlight

Digitalisation of industrial things: more efficiency, new business models

Intelligent machines that communicate with one another, data processing in real time and remote access via the cloud: the digitalisation of industry has long since gained traction and with it the Fourth Industrial Revolution. In addition to the automation of production processes, it also goes hand in hand with greater networking. The path to the smart factory not only offers numerous advantages, but is even imperative for companies in order to remain competitive in the long term. secunet provides the necessary IT security for the digital transformation.

At the latest with the onset of the coronavirus pandemic and its economic impact, the topic of Industry 4.0 has increasingly moved into the public consciousness. Companies have been forced to respond quickly to changing market conditions, to digitalise processes and products. This is also shown by a 2021 study conducted by Bitkom, the industry association of the German information and telecommunications sector, for which more than 500 industrial companies in Germany were surveyed. A total of 95% of respondents stated that the digital transformation of production has gained further relevance during the pandemic. Although the added value is clearly recognisable for them, two thirds still see a need to catch up in terms of implementation. In addition to a lack of financial resources (77%), data protection requirements (61%) and IT security (57%) were named as the primary obstacles to the introduction of new technologies.

Intelligent production processes and cloud manufacturing

Everyone agrees on one thing: the opportunities for digital solutions in this area of application are immense. Manufacturing companies can optimise processes, increase efficiency and thus save costs through clever data collection and evaluation. They also have the possibility of expanding their own range of services and opening up new business models such as "manufacturing as a service". Companies that no longer just sell devices and complete systems, but also offer them "as a service", for example via pay-peruse models or licences in flexible subscriptions, need smart machines or valid data as the basis for these services.

The prerequisite for this is a large number of sensors and actuators for devices and systems that transfer a large amount of (real-time) data from the physical world to the digital world. In order to save time, network bandwidth, storage space and thus costs, it is necessary to process the information directly on site, at the interface between Information Technology (IT) and Operational Technology (OT, the technology for actual operations). In other words: data and services are being moved from central nodes (data centres) to the factories at the network periphery, the so-called "edge". But what if the equipment that has been in use for years can no longer be networked appropriately or is inadequate in terms of cybersecurity?

Challenges on the way to a secure Industry 4.0.

In practice, cybersecurity experts very rarely find entirely new infrastructures in the industrial environment. Rather, they encounter "brownfields", in other words a mix of legacy systems as a fixed base, which companies are usually unwilling or unable to replace due to the immense acquisition costs, and new systems. The systems that have been in use for years are often only upgraded with new software or security updates in exceptional cases – even though significantly higher security requirements would be called for here, such as in networked corporate IT. If criminals succeed in abusing digital applications as a gateway or manipulating data, the equipment, machine and plant construction industry, for example, forfeits sales revenue and profit with every operating hour lost.

The sabotage of critical infrastructures such as those in the energy and water sectors, which directly affect the functioning of our society, would have an even more drastic impact. So what is needed is a secure Internet of Legacy Things.

Turning old into new: leverage digital optimisation potential with secunet edge

A holistic solution approach in which IT security is taken into account from the outset is thus essential for Industry 4.0. Comprehensive upgrading in the form of a digitalisation and security retrofit is best realised within the framework of a trusted edge platform such as secunet edge.

This combines three previously separate product categories in a single platform solution. Firstly, as a security device, it provides encryption, firewall and security updates, and can be administered by IT managers. Secondly, as an IoT gateway, it provides connectivity to industrial clouds and protocol translation for cross-machine communication in the corporate network. Thirdly, as a powerful and robust industrial PC, secunet edge takes on computing-intensive tasks, e. g. for edge analytics and function updates. With the end-to-end solution, industrial companies can implement the highest security standards in digitalisation projects. secunet edge is also suitable for use in critical infrastructures (CI) as defined by the German Federal Office for Information Security.

A single platform for all industrial sectors

Another core function of secunet edge is the patented protocol translation, which allows companies to converge the old and new digital worlds. This makes it possible to conceal systems and machines that have been in operation for years via a stealth mode and to protect them against unauthorised external access. secunet edge is designed to be manufacturer-independent. Even in a heterogeneous group of systems with machines from different manufacturers, uniform security concepts can be implemented and operated in a secure Industrial Internet of Things. This allows companies to tailor the solution to the specific use cases in their industry: from hybrid applications in car production, to shielding, monitoring and remote access in the manufacturing sector, and proactive monitoring in distributed power supply.

One thing to take away from all this: in order to safeguard and further strengthen innovation and competitiveness in the long term, manufacturing companies are increasingly relying on digital applications. With the end-to-end solution secunet edge, they can extend the lifetime of their machinery and equipment pools, minimise the security risk and ensure smoother interaction between OT and IT. This, in turn, forms the basis for leveraging optimisation potential and achieving efficiency gains with the help of new functions. The trusted edge platform also covers areas of application that could become even more important in the future, such as autonomisation by means of machine learning. As a general principle, digitalisation requires flexibility in long-term operation. This is why specially developed products such as secunet edge, that cover both current and future requirements, are so important.

The secunet share

Stock market development

The international stock markets continued their general upward trend in 2021. Although the ongoing restrictions to contain the coronavirus pandemic as well as rising inflation concerns and faltering supply chains led to significant price fluctuations at times, many stock indices nevertheless reached new all-time highs. The positive development was once again driven by the expansive monetary policy measures of the central banks and the recovery process of the global economy.

The German benchmark index DAX reached a new alltime high, exceeding the 15,000-point mark for the first time and ending the year at 15,885 points. This corresponds to growth of 16% on the year-end figure for 2020. The MDAX and TecDAX also recorded considerable price gains with increases of 14% and 22% respectively. The SDAX, on which the secunet share is listed, closed the year at 16,415 points – an increase of 11%.

The secunet share

In 2021, the secunet share far outperformed its main benchmark indices. After a sideways movement at the start of the year, the share price rose significantly following the increase in the forecast (20 April 2021) up to 516.0 euros (9 August 2021). This was the first time that the price had exceeded the 500 euro mark. In the further course of the second half-year, the price initially moved in a range between approximately 415.0 and 485.0 euros, then gained momentum again with the publication of the nine-month business results on 3 November 2021. The share reached its highest value for the year of 608.0 euros on 9 November 2021, which also constituted an all-time high.

On 12 November 2021, secunet announced its outlook for the 2022 financial year. The share price then came under pressure and at times fell below 400.0 euros. As at 30 December 2021, the price of the secunet share was 413.5 euros, and thus 67% above the price on the prior-year reporting date (248.0 euros). Market capitalisation rose accordingly to 2.7 billion euros (prior-year reporting date: 1.6 billion euros).

Since the IPO in November 1999, the value of the secunet share has increased by a factor of over 25 (+ 2568%). The first secunet shareholders have thus enjoyed annual share price gains averaging 17% in addition to the dividends paid out.

The secunet share is listed in the Prime Standard and traded on all German stock exchanges. The share was admitted to the SDAX on 20 September 2021. The reform of the DAX selection indices had a positive impact. Since the reform, which has now been completed, Deutsche Börse AG only uses market capitalisation (based on free float) as a criterion for inclusion in the indices. Prior to this, the trading volume was also taken into consideration. In the ranking of all listed companies in Germany, secunet ranked 146th at the end of the year. From this perspective, we consider it likely that the Company will remain in the SDAX.

In 2021, an average of 4,878 secunet shares were traded daily in the Xetra electronic trading system, and thus almost twice as many as in the previous year (2,468 shares). Due to the increased trading volume and the positive share price development, the average daily turnover on Xetra almost quadrupled to 1.9 million euros (previous year: 0.5 million euros).

Dividend and proposed dividend

secunet generally pursues a policy of continuous and appropriate dividend payments. The aim is to distribute approximately 50% of the earnings after tax attributable to the shareholders of secunet Security Networks AG. secunet continued to pursue this policy in 2021: the Company shareholders benefited from the success of the Company through the distribution of a dividend of 2.54 euros per dividend-bearing share. secunet thus paid a dividend for the eighth consecutive year.

In view of the record results achieved in the 2021 financial year and taking into account the robust liquidity position, the Management Board and Supervisory Board will propose to the Annual General Meeting to be held on 25 May 2022 to distribute 34.8 million euros to the shareholders by paying a dividend of 5.38 euros per dividend-bearing share. This corresponds to a distribution of 80% of net income for the year, an increase of 112% on the previous year. The proposed appropriation of profits consists of a regular dividend of 3.37 euros per dividend-bearing share and an additional special dividend of 2.01 euros per dividend-bearing share.

Annual General Meeting

secunet AG held its Annual General Meeting on 12 May 2021. Due to the coronavirus pandemic, the Annual General Meeting was once again held as a virtual AGM without the shareholders being physically present. A total of 87% of the share capital was represented at the Annual General Meeting (previous year: 81%). Each of the items on the agenda received more than 97% approval. The resolution on profit appropriation was adopted with 99.9% of the votes.

Shareholder structure

The share capital of secunet AG amounts to 6,500,000 euros and is subdivided into 6,500,000 no-parvalue bearer shares. The number of shares outstanding remained unchanged, at 6,469,502 shares. Each share grants the holder one vote at the Annual General Meeting and, in the event of a distribution, an equivalent dividend entitlement. There are no share option programmes or convertible bonds that could dilute the shareholding.

Giesecke + Devrient GmbH, Munich, has held a direct stake in secunet AG since 2004. The shareholding amounted to 75.12% as at 31 December 2021. A further 0.47% of shares (30,498 shares) are held by secunet AG itself.

The free float as at 31 December 2021 was 24.41%. It was distributed among a regionally broadly diversified shareholder structure with an increasing share of international investors, primarily from the USA, UK and Scandinavia.

Shareholder structure

Giesecke + Devrient GmbH	75.12 %
Treasury shares	0.47 %
Free float	24.41 %

Information according to voting-right notices available as at 31 December 2021

In 2021, we received one voting-right notice. Axxion S. A., Grevenmacher, Luxembourg, notified us on 5 November 2021 that its share of voting rights in secunet AG had fallen below the threshold of 3% to 2.97%.

In 2021, we did not receive any notifications from members of the Management Board and Supervisory Board or their relatives subject to reporting requirements regarding acquisition transactions of financial instruments of secunet AG (so-called managers' transactions).

Communication with the capital market

secunet attaches great importance to open and reliable communication with investors and other stakeholders and maintains a timely and transparent dialogue with them.

In 2021, there were numerous contacts with existing and potential investors. secunet took the opportunity to present itself in numerous one-on-one conversations and at roadshows and investor conferences. Additionally, on the occasion of the publication of the annual, half-year and quarterly results, telephone conferences with online streaming were organised in which the Management Board reported on past and future business development and answered questions from analysts and investors.

All information relevant to the capital markets is published promptly in German and English and made available on the Company's website (www.secunet.com). This includes annual and quarterly results, press releases and ad hoc releases, as well as information about the Annual General Meeting and voting-right notices. The financial calendar with all relevant publication and event dates can also be found there.

Share price development from 1 January 2021 to 31 December 2021 Index, share price 1 January 2021 = 100

Key figures and trading data

		2021	2020
Price at start of year (Xetra)	in euros	248.0	140.0
Price at end of year (Xetra)	in euros	413.5	248.0
High for the year (Xetra)	in euros	608.0 (9 Nov 2021)	310.0 (13 Oct 2020)
Low for the year (Xetra)	in euros	227.0 (12 Jan 2021)	88.6 (18 Mar 2020)
Development over year	%	67	77
Market capitalisation (31 Dec)	in billion euros	2.7	1.6
Ø turnover per trading day (Xetra)	No. of shares	4,878	2,468
Ø turnover per trading day (Xetra)	in euros	1,899,270	504,725
Earnings per share	in euros	6.66	5.43

Master data and indices

ISIN / WKN	DE0007276503 / 727650
Stock exchange segment	Frankfurt Stock Exchange, Prime Standard
Index membership	SDAX
Start of listing	9 November 1999
Share capital in euros	6,500,000
Share capital in units	6,500,000
Class of share	Ordinary bearer shares with no par value

Corporate Governance Statement

An effective and transparent organisation, as well as responsible and reliable corporate governance are very important at secunet Security Networks AG. The Company's Management Board and Supervisory Board firmly believe that good corporate governance is key to the continued success of the Company on the market.

The term Corporate Governance describes the regulatory framework for the management and supervision of companies. In a general sense, this framework must be designed in such a way that the Management Board and Supervisory Board work to ensure that the company continues to exist and creates value sustainably. Recommendations and proposals for how this requirement can be implemented in the management and supervision of companies are summarised in the German Corporate Governance Code (Deutscher Corporate Governance Kodex). The Code serves the purpose of increasing trust in companies listed on the German stock exchange.

The Management Board and Supervisory Board therefore regularly check the implementation of the German Corporate Governance Code at secunet Security Networks AG. In the 2021 financial year, the Management Board and Supervisory Board of the Company once again carefully deliberated on the recommendations and proposals of the German Corporate Governance Code, in the version of 16 December 2019, which entered into force with its publication in the Federal Gazette on 20 March 2020. The Declaration of Conformity set out below regarding the German Corporate Governance Code was agreed on the basis of these deliberations. This declaration is permanently available on the Company's website (www.secunet.com) and will be updated immediately if required.

Secunet Security Networks AG issues the following Corporate Governance Statement in accordance with Sections 289f HGB and 315d HGB:

Management and supervisory structure

secunet Security Networks AG is subject to German stock corporation law and its own Articles of Association. As a German public limited company, it has a dual management and supervisory structure consisting of a Management Board and a Supervisory Board.

The Management Board and Supervisory Board work together closely and on the basis of mutual trust in their management and supervision of the Company. The Annual General Meeting is responsible for fundamental decisions in the Company.

Supervisory Board

In accordance with Article 9 (1) of the Articles of Association, the Supervisory Board comprises six members, four of whom are elected by the Annual General Meeting and two by the employees in accordance with the German One-Third Participation Act. In accordance with the recommendations of the German Corporate Governance Code (Deutscher Corporate Governance Kodex), the shareholder representatives were elected by a single ballot. The current members of the Supervisory Board are Dr Ralf Wintergerst (Chairman of the Supervisory Board), Dr Peter Zattler (Vice Chairman of the Supervisory Board), Dr Elmar Legge, Jörg Marx (employee representative), Gesa-Maria Rustemeyer (employee representative) and Professor Dr Günter Schäfer. Further information about the members of the Supervisory Board, including their term of office, can be found on the Company's website (www.secunet.com) under >> About Us >> The Company.

The Supervisory Board monitors and advises the Management Board with regard to the management of the Company. At regular intervals, the Supervisory Board discusses business performance and planning, as well as the strategy and its implementation. It discusses the half-year financial reports and quarterly updates with the Management Board before their publication, and approves the Annual Financial Statements of secunet Security Networks AG and the Group, taking into consideration the audit reports prepared by the auditors, the preliminary audit conducted by the Audit Committee established in 2021, and its own examination. The Supervisory Board – or since 1 July 2021 the Audit Committee – monitors the accounting process, the effectiveness of the internal control system, risk management and internal audit, as well as the auditing of the financial statements. The tasks and responsibilities of the Supervisory Board also include appointing members to the Management Board. The Supervisory Board decides on the remuneration system for members of the Management Board and sets the specific remuneration in accordance with the system. It sets the targets for the variable remuneration components and regularly reviews the appropriateness of the Management Board remuneration. Management Board decisions of fundamental importance, such as major acquisitions, disposals and financial measures, require the consent of the Supervisory Board. An extraordinary meeting of the Supervisory Board is convened as and when necessary should significant events arise. The Supervisory Board has drawn up rules of procedure for its work, which are published on the Company's website (www.secunet.com).

The Chair of the Supervisory Board is elected by the Supervisory Board from among its members. The Chair coordinates the work carried out within the Supervisory Board, chairs its meetings and represents its interests externally. The Supervisory Board strives to continually improve the effectiveness and efficiency of its activities. The efficiency review or self-assessment of the Supervisory Board is carried out at the start of each financial year. For the purposes of self-assessment, each member of the Supervisory Board answers a structured questionnaire on the individual effectiveness criteria. The results, including any possible proposals for improvement, are discussed at the first meeting of the financial year, at which the annual financial statements are adopted.

The knowledge, skills and professional experience required to fulfil the remit are taken into account when drawing up the nominations for election to the Supervisory Board. The Supervisory Board of secunet Security Networks AG has also specified concrete targets for its composition, with due consideration given to diversity. At least one seat on the Supervisory Board is reserved for a female member. One or more Supervisory Board members should also have many years of special experience abroad, acquired as a result of working abroad or due to a foreign country of origin. Furthermore, an age limit of 70 years is planned for members of the Supervisory Board.

The Supervisory Board has also drawn up a profile of skills for the board as a whole. The purpose of the skills profile is to ensure that the members of the Supervisory Board possess all the knowledge and experience considered essential in light of the activities of secunet Group.

Nominations by the Supervisory Board to the Annual General Meeting shall take into account the aforementioned targets for the composition of the Supervisory Board and, at the same time, endeavour to meet the requirements of the skills profile for the board as a whole. In the reporting period, the Supervisory Board did not submit any proposals to the Annual General Meeting for the election of Supervisory Board members (shareholder representatives). The composition of the Supervisory Board complied with the specifications of the skills profile both before and after the Supervisory Board elections in 2019. The Supervisory Board members possessed and possess the professional and personal qualifications deemed necessary. They were and are all familiar with the sector in which the Company is active and had and have the essential knowledge, skills and experience for the Company.

Furthermore, in accordance with Section C.6 of the German Corporate Governance Code, the Supervisory Board should include what it considers to be an appropriate number of members on the shareholder side who are independent of the Company, its Management Board and the controlling shareholder. Taking into account particularly the ownership structure and the size of the board as a whole, the Supervisory Board has come to the conclusion that one independent shareholder representative as per the above definition is appropriate and that Supervisory Board member Dr Elmar Legge meets these requirements. Dr Legge thus also complies with the recommendation in Section C.9 of the German Corporate Governance Code. This states that in the case of a controlling shareholder (this criterion being fulfilled here by the majority holding of Giesecke + Devrient GmbH, Munich, in secunet Security Networks AG) and a Supervisory Board size of six or fewer members, at least one shareholder representative should be independent of the controlling shareholder.

Furthermore, according to Section C.7 of the German Corporate Governance Code, more than half of the shareholder representatives should be independent of the Company and the Management Board. A Supervisory Board member is deemed to be independent of the Company and its Management Board if he or she has no personal or business relationship with the Company or its Management Board that could constitute a material and not merely temporary conflict of interest. In accordance with Section C.7 of the German Corporate Governance Code, the shareholder side shall, when assessing the independence of its Supervisory Board members from the Management Board and the Company, in particular take into account whether the Supervisory Board member or a close family member of the Supervisory Board member (i) was a member of the Management Board of the Company in the two years prior to the appointment, (ii) currently has or has had a material business relationship with the Company or a company dependent on it (for example, as a customer, supplier, lender or consultant), either directly or as a shareholder or in a responsible function of a company outside the Group, in the year leading up to the appointment, (iii) is a close family member of a Management Board member, or (iv) has been a member of the Supervisory Board for more than twelve years. If one or more of the aforementioned indicators applies and the Supervisory Board member in question is nevertheless considered to be independent, this shall be justified in the Corporate Governance Statement pursuant to Section C.8 of the German Corporate Governance Code. According to the Supervisory Board's assessment, more than half of the shareholder representatives are independent of the Company and the Management Board pursuant to the recommendation under Section C.7 of the German Corporate Governance Code, namely Dr Ralf Wintergerst, Dr Peter Zattler and Dr Elmar Legge. In this assessment, the Supervisory Board also took into consideration the fact that Dr Zattler has been a member of the Supervisory Board since 2004 and Dr Legge since 1999. Both therefore fulfil one of the aforementioned indicators with a length of service of more than twelve years, so that – in accordance with the recommendation under Section C.8 of the German Corporate Governance Code – reasons are to be given in the Corporate Governance Statement as to why both Supervisory Board members are nevertheless considered independent. Dr Zattler and Dr Legge perform their duties with great diligence and consistently in line with the corporate interests of secunet Security Networks AG. With the exception of their respective length of service, Dr Zattler and Dr Legge have no other personal or business relationships with the Company or its Management Board, nor are there any other indications that could be construed as constituting a material and not merely temporary conflict of interest. In the opinion of the Supervisory Board, it would therefore be wrong to conclude a lack of independence from the Company and the Management Board based solely on the length of service.

The Supervisory Board has established an Audit Committee and a Technology and Innovation Committee, both of which commenced their work on 1 July 2021. Each committee consists of two shareholder representatives and one employee representative. The chairs of the committees report regularly to the Supervisory Board on their respective activities.

As at 31 December 2021, the Audit Committee comprised the following members: Dr Elmar Legge (Chairman), Dr Peter Zattler and Ms Gesa-Maria Rustemeyer. Dr Legge, Chairman of the Audit Committee, possesses special knowledge and experience in the application of accounting principles and internal control procedures, and is also to be considered independent. Another member of the Audit Committee has expertise in the field of auditing. The Audit Committee reviews the accounting and monitors the accounting process, deals with the effectiveness of the internal control system, the risk management system, the internal audit system and compliance. On the basis of the auditors' report, the Audit Committee recommends approval of the annual and consolidated financial statements and submits proposals to the Supervisory Board concerning the appointment of the auditors. It issues the audit mandate for the annual and consolidated financial statements and for the audit review of interim financial reports to the auditors elected by the Annual General Meeting, determines the focal points of the audit together with the auditors and reviews the quality of the audit and the independence of the auditors. The Audit Committee decides on the admissibility and scope of non-audit services and issues any audit mandate required for the non-financial statement.

As at 31 December 2021, the Technology and Innovation Committee comprised the following members: Dr Ralf Wintergerst (Chairman), Prof Dr Günther Schäfer and Mr Jörg Marx. The Technology and Innovation Committee deals with business strategy, new products and key technology issues.

The Supervisory Board has not formed a Nomination Committee. In the opinion of the Supervisory Board, this is not necessary, as the Supervisory Board consists of only six members and the establishment of a separate Nomination Committee would not increase efficiency with regard to the nomination of suitable candidates for the election of Supervisory Board members.

Management Board

The Management Board consists of four members, namely the Chairman of the Management Board, Mr Axel Deininger, Mr Torsten Henn, Dr Kai Martius and Mr Thomas Pleines.

The Management Board, as the body responsible for managing the Company, conducts the Company's business under its own responsibility and in the Company's interests. Its aim is to increase the enterprise value on a sustainable basis. In particular, it determines the principles of the Company's policy and is also responsible for developing the Company's strategy, for planning and setting the Company's budget, for allocating resources, and for controlling and managing the Company's corporate and business divisions. Specific measures described in the Management Board's rules of procedure require the approval of the Supervisory Board. The Management Board is responsible for preparing the Company's quarterly updates and half-year financial reports, the Annual Financial Statements of secunet Security Networks AG, and the Consolidated Financial Statements.

The Management Board works closely with the Supervisory Board. It informs the Supervisory Board regularly, comprehensively and without delay – by means of written and verbal reports – of all issues important to the Company as a whole with regard to strategy and strategy implementation, planning, business performance, the financial and earnings situation, and entrepreneurial risks. The Supervisory Board is involved without delay in all decisions fundamental to the Company.

Targets for the appointment of women

The Supervisory Board has implemented the requirements of the legislation regarding the equal participation of women and men in management positions.

At its meeting on 4 May 2017, the Supervisory Board established a target of 17 percent for the proportion of women on the Supervisory Board, relating to the implementation period from 1 July 2017 to 30 June 2022, which corresponds to the goal of electing one female member to the Supervisory Board. The Supervisory Board took this target into account in its election proposals to the Annual General Meeting in May 2019.

The Supervisory Board last dealt with the target figure for the proportion of women on the Management Board of the Company at its meeting on 25 March 2020 and resolved to retain the previously applicable target figure of zero percent. In the view of the Supervisory Board, the search for suitable female candidates remains a challenge in the current market environment and in the business fields of secunet Security Networks AG. It is the opinion of the Supervisory Board that a higher target cannot be considered realistic at the present time. This target remains applicable until 31 May 2025.

With regard to the two management levels below the Management Board, the Management Board set the following targets for the period from 1 July 2017 to 30 June 2022: zero percent for the first level and eleven percent for the second level. In view of the small size of the Company, the limited number of management positions and the associated low level of fluctuation, the Management Board is of the opinion that more ambitious targets would currently not be realistic. However, the Management Board reiterates its intention to move towards a higher proportion of management positions being held by women to the greatest extent possible.

In the 2021 financial year, the proportion of women at the second management level below the Management Board was 11 percent (previous year: 9 percent). The targets for the two management levels below the Management Board were thus already achieved in the 2021 financial year.

Diversity and long-term succession planning for the Management Board

At secunet Security Networks AG, diversity is understood as a broad approach that covers not only age and gender, but particularly also professional qualifications and experience as well as cultural background. A diverse composition of the Management Board serves the goal of ensuring the sustainable success of secunet Security Networks AG by taking into account diverse, complementary characteristics. Furthermore, the Supervisory Board has decided on an age limit of 67 years for members of the Management Board. In the opinion of the Supervisory Board, the current composition of the Management Board implements to the greatest extent possible the diversity concept described above; in particular, the members of the Management Board cover a broad range of knowledge and experience as well as educational backgrounds that are considered essential in view of the Company's business activities.

The Supervisory Board works together with the Management Board to ensure the long-term succession planning for the Management Board. In addition to the requirements of the German Stock Corporation Act and the German Corporate Governance Code, the targets set by the Supervisory Board for the proportion of women on the Management Board are taken into account as well as the above diversity concept. Taking these criteria and specific qualification requirements into account, the Supervisory Board develops a requirement profile on the basis of which a selection of possible candidates is made. In a further step, structured discussions are held with these candidates, on the basis of which the Supervisory Board makes its decision, if necessary with the assistance of external advisers.

Responsible risk management

Good corporate governance also means that the Company must take a responsible approach to risk. Systematic risk management as part of our value-oriented Group management ensures that risks are identified and evaluated at an early stage, and that risk positions are optimised. The Management Board reports regularly to the Supervisory Board on the current development of key risks. Details of risk management at secunet Security Networks AG can be found in the combined Management Report. It also contains the report on the key characteristics of the internal control and risk management system relating to accounting.

Transparent corporate governance and corporate values

Transparency in corporate governance is very important to the Management Board and Supervisory Board of secunet Security Networks AG. Shareholders, all participants in the capital market, financial analysts, shareholder associations and the media are provided with comprehensive, regular and up-to-date information regarding the Company's position and key changes to the Company's business.

secunet Security Networks AG reports to its shareholders four times a year on business performance and on the financial and earnings situation, and makes all reports and information permanently available to shareholders on the Company's website (www.secunet.com). The dates for regular financial reporting are listed in the financial calendar. If any circumstances arise at secunet Security Networks AG that might significantly influence the stock market price of the Company, these are disclosed in ad hoc announcements in accordance with the legal requirements. The financial calendar and ad hoc announcements are available to view on the website of secunet Security Networks AG (www.secunet.com) under >> About Us >> Investors.

Shareholders and Annual General Meeting

The shareholders of secunet Security Networks AG may exercise their rights, including voting rights, at the Annual General Meeting. Shareholders can exercise their voting rights at the Annual General Meeting themselves or choose an agent or Company proxy bound by their instructions to exercise the voting rights. The Annual General Meeting takes place in the first eight months of the financial year. The Chairman of the Supervisory Board normally chairs the Annual General Meeting. Ahead of the Annual General Meeting, shareholders receive comprehensive information about the past financial year and about the individual items on the agenda of the upcoming meeting by way of the Annual Report and invitation to the meeting. All relevant documents and information on the Annual General Meeting, together with the Annual Report, are also available on our website (www.secunet.com).

In accordance with the provisions of law, the auditors are appointed by the Annual General Meeting. At the Annual General Meeting on 12 May 2021, the Essen branch of PricewaterhouseCoopers GmbH, registered office in Frankfurt am Main, was appointed as auditors for secunet Security Networks AG and Group auditors for secunet Group for the 2021 financial year and selected to perform an audit review of the Consolidated Financial Statements and the Interim Management Report of secunet Security Networks AG and secunet Group as at 30 June 2021.

Shareholders are notified of important dates by means of a financial calendar published in the Annual Report, in the quarterly updates and on the Company's website (www.secunet.com).

Further detailed information about secunet Security NetworksAG is available on our website (www.secunet.com).

Corporate governance guidelines

The Articles of Association of secunet Security Networks AG form the basis of our Company. The Company's Articles of Association, the current Declaration of Conformity, the Declarations of Conformity for previous years and further corporate governance documents can be found online at www.secunet.com under >> About Us >> Investors.

The Management Board has introduced a Code of Conduct for the Company and its employees, summarising the business principles, ethos and values of secunet Security Networks AG. These principles are a crucial part of how secunet Security Networks AG sees itself, and of the expectations that it strives to meet. The Code of Conduct sets down standards of conduct for dealing with all the economic, legal and moral challenges that we face in our day-to-day business activities, and is intended to serve as a benchmark and guide when working with customers, suppliers and other business partners, as well as for our conduct towards our competitors. It also governs our conduct in financial matters and trading in secunet shares, their derivatives and other financial instruments. The Company has set up a compliance unit for questions arising in connection with the Code of Conduct.

In accordance with the provisions of Section A.2 of the German Corporate Governance Code, the Company has an electronic whistleblower system that provides employees with an opportunity to report, under protection, legal violations within the Company. This option is also available to third parties.

Management Board and Supervisory Board remuneration

The applicable remuneration system for the members of the Management Board pursuant to Section 87a (1) and (2), sentence 1 of the German Stock Corporation Act (AktG), which was approved by the Annual General Meeting on 12 May 2021, as well as the resolution adopted by the Annual General Meeting on 12 May 2021 pursuant to Section 113 (3) of the German Stock Corporation Act (AktG) on the remuneration of the Supervisory Board is publicly available at www.secunet.com under >> About Us >> Investors. The remuneration report with the auditor's report can be found in the remuneration report pursuant to Section 162 AktG of secunet Security Networks AG for the 2021 financial year.

Disclosures on share-based incentive schemes

In the reporting year, a tranche of virtual shares (performance shares) was allocated to each Management Board member as part of the long-term variable Management Board remuneration (Performance Share Plan). The main performance categories and performance targets as well as the achievement of targets in the reporting year are presented in the remuneration report pursuant to Section 162 of the German Stock Corporation Act (AktG) for the 2021 financial year.

There are no stock option programmes or similar securities-based incentive systems for employees of the Company.

Notification of transactions under Article 19 of the European Market Abuse Regulation (managers' transactions)

Article 19 of the European Market Abuse Regulation (EU) No. 596 / 2014 requires members of corporate bodies (Supervisory Board / Management Board) and certain executives, as well as closely related parties, to disclose transactions in secunet shares or related financial instruments where the sum total of such transactions reaches or exceeds 20,000 euros within a single calendar year. Relevant disclosures are also published on the Company's website (www.secunet.com) under >> About Us >> Investors. No managers' transactions were reported in the 2021 financial year.

Accounting and auditing of the financial statements

secunet Security Networks AG prepares its Consolidated Financial Statements and Consolidated Interim Financial Statements in accordance with the International Financial Reporting Standards (IFRS) as applicable in the European Union. The Annual Financial Statements of secunet Security Networks AG are prepared in accordance with German commercial law (HGB) and the German Stock Corporation Act. The Annual and Consolidated Financial Statements are compiled by the Management Board and audited by the auditors, the Supervisory Board and the Audit Committee. Quarterly updates and the half-year financial report are discussed by the Management Board and Supervisory Board prior to their publication.

secunet Security Networks AG's Consolidated and Annual Financial Statements have been audited by the Essen branch of PricewaterhouseCoopers GmbH, registered office in Frankfurt am Main, the auditors appointed by the 2021 Annual General Meeting. The audits were performed in accordance with Section 317 HGB and with due consideration for the generally accepted standards for the audit of financial statements in Germany promulgated by the Institute of Public Auditors in Germany (IDW). The undersigned auditors for the Annual Financial Statements and Consolidated Financial Statements of secunet Security Networks AG are Mr Lutz Granderath and Mr Michael Herting.

It was also contractually agreed with the auditors that they inform the Supervisory Board and Audit Committee without delay of any potential grounds for exclusion or bias and of any findings or occurrences of significance to the Supervisory Board's remit that came to light during the auditing of the financial statements.

The Condensed Consolidated Interim Financial Statements and the Interim Group Management Report as at 30 June 2021 were subjected to an audit review by PricewaterhouseCoopers GmbH.

Declaration of Conformity under Section 161 of the German Stock Corporation Act dated 23 November 2021

The management and supervisory boards of companies listed on the German stock exchange are legally obliged, in accordance with Section 161 of the German Stock Corporation Act (Aktiengesetz, AktG), to annually declare whether the official recommendations of the Government Commission on the German Corporate Governance Code applicable at the time of making the declaration have been fulfilled and will be fulfilled. The Company is furthermore required to disclose which recommendations of the Code have not been applied or will not be applied and to explain the reasons for this. This Declaration of Conformity is printed in full below, with explanations. The Declaration of Conformity can also be found on secunet Security Networks AG's website (www.secunet.com) under >> About Us >> Investors. The Declarations of Conformity issued in the last five years are permanently available on the website.

Since submission of the last Declaration of Conformity in November 2020 and the updating of the Declaration of Conformity in May 2021, secunet Security Networks AG has complied with the recommendations of the Government Commission on the German Corporate Governance Code, as amended in the version in force on 16 December 2019 (GCGC 2020) and published by the German Ministry of Justice in the official part of the Federal Gazette on 20 March 2020, with the following exceptions:

Age limit for Management Board members

Recommendation B.5 GCGC 2020: An age limit shall be specified for members of the Management Board and disclosed in the Corporate Governance Statement.

Explanation: In the past, secunet Security Networks AG has not stipulated an age limit for Management Board members, as the age of the particular Management Board member should not be a blanket criterion for suitability to hold a position on the Management Board. The Supervisory Board of secunet Security Networks AG has now agreed to follow the recommendation of the GCGC and, by resolution dated 23 November 2021, decided on an age limit for members of the Management Board. This age limit will be stated in the next Corporate Governance Statement in March 2022.

Committees of the Supervisory Board

Recommendation D.5 GCGC 2020: The Supervisory Board shall form a Nomination Committee, composed exclusively of shareholder representatives, which names suitable candidates to the Supervisory Board for its proposals to the General Meeting.

Explanation: The Supervisory Board of secunet Security Networks AG has no Nomination Committee. In the opinion of the Supervisory Board, this is not in fact necessary, as the Supervisory Board comprises only six members. Due to the number of Supervisory Board members and the composition of the Supervisory Board, setting up a separate Nomination Committee would not increase the efficiency of the work performed by the Supervisory Board with regard to the nomination of suitable candidates for the Supervisory Board's proposals to the Annual General Meeting for the election of Supervisory Board members. An additional Nomination Committee has therefore not been established.

Determination of the amount of the variable remuneration components (Management Board remuneration) Recommendation G.8 GCGC 2020: Subsequent changes to the target values or comparison parameters shall be excluded.

Explanation: The remuneration system for members of the Management Board of secunet Security Networks AG provides for the possibility of the Supervisory Board deviating temporarily from the stipulations of the remuneration system, even after the relevant performance criteria and targets have been set, if this is necessary in the interests of secunet Security Networks AG, particularly in the event of far-reaching changes to the general economic conditions. Possible deviations may include, among others, the performance criteria of the variable remuneration elements, the total maximum remuneration as well as the relation between fixed and variable remuneration components. This provision takes into account the fact that secunet Security Networks AG operates in a volatile and innovative market environment and that a change in the corporate strategy – and thus the performance criteria for Management Board members – must also, in the interests of the sustainable development of the Company, be possible within an assessment period for the variable remuneration components. Furthermore, the remuneration system is designed to provide an incentive for Management Board members even in the event of profound changes in the general economic conditions. The Supervisory Board is therefore of the opinion that, contrary to the recommendation in G.8, this flexibility is appropriate with regard to the targets and comparison parameters of Management Board remuneration.

Remuneration of committee members

Recommendation G.17 GCGC 2020: Remuneration for Supervisory Board membership shall take appropriate account of the larger time commitment […] of the Chair […] of committees.

Explanation: The members of the Supervisory Board committees of secunet Security Networks AG receive remuneration for their work on the committees that appropriately takes into account the larger time commitment incurred in the course of their work. The chairs of the committees formed by the Supervisory Board do not receive any separate remuneration beyond this. secunet Security Networks AG does not expect the role of committee chair to involve any significant additional work, particularly as the size of the committees is manageable with three members in each case. Against this background, secunet Security Networks AG is of the opinion that it is not necessary to grant additional remuneration to the committee chairs in order to ensure appropriate remuneration for their work as chairs of the Supervisory Board committees.

secunet Security Networks AG

Essen, 23 March 2022

For the Management Board For the Supervisory Board Axel Deininger Dr Ralf Wintergerst

Combined Management Report on the position of the Company and the Group for the 2021 financial year

Principles of the Group
Economic report
Risk and opportunity report
Forecast
Risk reporting with regard to the use of financial instruments
Description of the key features of the accounting-related internal control and risk management system (Section 289 (4) and Section 315 (4) HGB)
Takeover-related information pursuant to Section 289a, sentence 1 and Section 315a, sentence 1 HGB
Management and control reference to the Corporate Governance Statement pursuant to Sections 289f HGB and 315d HGB
Combined non-financial statement of the Company and the Group
Management Board report pursuant to Section 312 (3) AktG

Principles of the Group

This Management Report combines the Management Report of secunet Security Networks AG (hereinafter "secunet AG") and the Management Report of secunet Group (hereinafter "secunet").

Business model and Group structure

Business model

secunet Group is a German provider of high-quality cybersecurity solutions and IT security partner of the Federal Republic of Germany. secunet offers public sector clients and private sector companies a comprehensive portfolio of products and consulting services for the protection of data, infrastructures and digital identities as well as for information transmission, storage and processing. This includes, above all, network components with BSI-approved encryption technology up to the highest security level.

secunet covers the entire value chain from analysis and design to development, integration, operation, maintenance and support of the solutions. The portfolio is generally geared towards large-scale infrastructures and focuses on areas in which there are special requirements on IT security – such as the cloud, the Internet of Things, eGovernment, eHealth and biometrics.

Legal structure of the Group

The parent company of secunet Group is secunet Security Networks AG, based in Essen. It assumes central management and financing functions for the Group companies. In addition to this, secunet AG comprises central administrative departments that support the operating units in their day-to-day business operations (for example, Purchasing, Internal IT, Warehouse / Logistics, Finance and Marketing / Communications and Product Management). In 2020, these internal services still fell within the remit of secunet Service GmbH. The service company was merged with secunet AG as at 1 January 2021.

The Group companies include the German subsidiaries secunet International GmbH & Co. KG (based in Essen), secunet International Management GmbH (Essen), secustack GmbH (Dresden) and stashcat GmbH (Hanover). International marketing activities for the SINA product family are bundled in secunet International GmbH & Co. KG. As the general partner of secunet International GmbH & Co. KG, secunet International Management GmbH is responsible for the management of secunet International GmbH & Co. KG. secustack GmbH is a joint venture between secunet AG and CLOUD & HEAT Technologies GmbH (Dresden). With its cloud operating system SecuStack, the joint venture offers a security-hardened and transparent solution for public, private and hybrid cloud applications.

In the 2021 financial year, secunet AG reached an agreement with the owners of stashcat GmbH to sell their shares to secunet AG. In May 2021, secunet AG acquired 100% of the shares and 100% of the voting rights. The date of initial consolidation was 31 May 2021. The Business Messenger offered by stashcat GmbH enables secure and GDPR-compliant messaging and includes additional security-optimised collaboration and video conferencing functions.

The Group companies also include the non-operational secunet Inc. (Texas, USA) and finally safe GmbH (Essen). A further subsidiary, secunet s. r. o. (Prague, Czech Republic), is in liquidation.

Giesecke + Devrient GmbH, Munich, is the majority shareholder with a direct holding of 75.12%, and is the parent company of secunet AG. As a strategic holding company, the owner-managed Giesecke + Devrient GmbH manages its affiliated companies, including secunet AG. The group of companies is internationally oriented and active in the field of banknote and securities printing as well as the development and production of security paper and banknote processing systems. In addition, the group of companies develops and manufactures magnetic strip and chip cards, predominantly for the telecommunications industry, for banks and for the healthcare sector.

Divisions and sales markets

secunet has a market-oriented organisational structure: two divisions – Public Sector and Business Sector – are respectively geared towards the needs of public clients and international organisations on the one hand, and to the target group of private companies on the other. In its financial reporting, secunet Group reported on the operational business development in addition to the overall assessment of the Group on the basis of these divisions. Within the divisions, the organisation has a process-oriented design and aims to optimise operations for the relevant markets and customers.

Public Sector

The Public Sector division includes business with the SINA product family. SINA is a holistic security system that offers solutions for the highly secure, cryptographic transmission, storage and processing of data and information up to the highest security level. SINA comprises an ever-growing family of modular components – such as clients, gateways, servers, telephones and software and management tools. Furthermore, the division covers the activities in the areas of biometrics, automated border control and digital identities. In addition to this, there are the businesses of secustack GmbH and stashcat GmbH, as well as a wide range of consulting services. The target markets for the Public Sector division are public clients. These include national and international governments, ministries and public authorities as well as quasi-governmental organisations and defence organisations.

Business Sector

The Business Sector division addresses two markets in the private sector: healthcare and industry. The range of solutions in the healthcare market essentially consists of the secunet konnektor. The secunet konnektor securely connects medical facilities (for example medical practices, pharmacies and hospitals) to the telematics infrastructure (TI) and forms the basis for further specialist digital applications in the healthcare sector. The portfolio for industry includes the end-to-end solution secunet edge. The solution provides manufacturing companies and operators of critical infrastructures (CI) – organisations or facilities of critical importance to the state and society – with a security-hardened and industrial-grade platform and reliable application solutions for security in edge computing, Industry 4.0 and the Internet of Things (IoT). In addition to these solutions, the Business Sector division includes consulting services ranging from security analyses (so-called penetration tests) and security consulting (e. g. for security lines and their implementation) to support with certification processes.

In both divisions, the geographical focus of sales is primarily on Germany. secunet's sales activities abroad are focused on the countries of the European Union, EU organisations as well as defence and space organisations (including organisations such as NATO) and the Middle East.

Corporate management

Internal management of secunet Group by the secunet AG Management Board is based on key financial performance indicators, the most important being sales revenue and earnings before interest and taxes (EBIT).

To control and monitor the development of the individual subsidiaries and reporting segments as well as the Group as a whole, the Management Board analyses, among other things, their sales revenue, gross profit, operating expenses and EBIT on a monthly basis and compares the actual figures with the planned values. In regular meetings, the Management Board liaises with senior executives who have operational responsibility to discuss the business situation and any distribution, product management and project management measures that may be required.

Research and development activities

The main focus of secunet's research and development activities is on hardware and software solutions, applications or architectures in areas with particularly high requirements on IT security – such as cloud computing, Internet of Things, eGovernment, eHealth and biometrics. The objective is continuous development of the range of solutions, taking into consideration customer requirements as well as business management issues.

Strategically, secunet bases its innovation efforts on three pillars:

» Promoting the culture of innovation by incentivising new developments as well as through regular and intensive internal technical exchange and by building a knowledge management infrastructure;
» Cooperation and partnerships with customers and suppliers as well as universities and associations to achieve synergies in research and development;
» Organisational bundling of competences in product management that support developments from innovation management through to the creation of market-ready products.

Additionally, secunet employees are members of many national and international standardisation committees and thus actively participate in the testing, recognition and implementation of innovations in IT. On the one hand, this facilitates a valuable exchange of know-how, thereby continuously upgrading the qualification level of our own workforce. Additionally, this committee work helps to ensure secunet's comprehensive participation in technological developments from an early stage.

The research and development activities are carried out both for our own purposes and also within the framework of individual customer projects.

In the 2021 financial year, secunet Group spent a total of 9.5 million euros on research and development activities (previous year: 6.6 million euros). Of this amount, 7.5 million euros was attributable to the research and development costs recognised in the income statement (previous year: 1.9 million euros) and 0.9 million euros to government grants (previous year: 3.7 million euros). A further amount of 1.2 million euros was capitalised as development costs (previous year: 1.0 million euros).

Research and development activities took place primarily in the context of development of the SINA Communicator H, a highly secure voice and data communication solution certified for the classification level SECRET. Further development expenses were incurred for the ongoing development of secunet's existing solution portfolio.

Economic report

General economic environment

The world, and with it the economy, were again largely dominated by the ongoing coronavirus pandemic in 2021. Although the global economy continued to recover from the previous year's pandemic-related slump, forecasts for future growth are marked by extreme uncertainty due to the lack of clarity about the further course of the pandemic – primarily with regard to the development of vaccination coverage, new virus mutations and renewed lockdown measures. The world economy was also burdened by problems in the global supply and value chains. Increased energy, material and commodity costs have also slowed growth.

With a revenue share of around 91% in 2021, Germany is by far the most important sales market for secunet Group. After a price-adjusted decline of 4.6% in 2020, Germany's economic output grew by 2.7% in 2021, according to the Kiel Institut für Weltwirtschaft (IfW Kiel). For 2022, the IfW Kiel expects Germany's economic output to increase by around 4.0% (as of January 2022). The Bundesbank indicates comparable values with increases of 2.5% and 4.2% in 2021 and 2022 (as of December 2021).

Sector-specific framework conditions

In addition to the general economic development in Germany, the overall market for information and communications technology (ICT) forms an essential framework and comparative basis for the assessment of secunet's economic development. Market statistics are compiled by the Bundesverband Informationswirtschaft, Telekommunikation und neue Medien e. V. (Bitkom).

After slight growth in 2020 (plus 0.6%), the market volume of the entire ICT market increased by 3.9% to 178.4 billion euros in 2021. This means that the entire ICT market developed more positively than the overall German economy. The share of the ICT market that is particularly relevant for secunet, the market for information technology (IT), grew by 6.3% to 102.5 billion euros in 2021. The main contributors to this development were the market for hardware, which recorded an increase of 8.3% to 31.4 billion euros, and the market for software, which grew by 8.0% to 29.8 billion euros. The market for services rose by 3.7% to 41.4 billion euros.

Security is an increasingly important issue for the IT market. Specific market statistics for IT security conclude that this market is growing faster in relative terms than the overall market for IT and faster than the German economy as a whole.

Current calculations by the market research company IDC for the digital association Bitkom (as of October 2021) forecast spending on IT security in Germany of 6.2 billion euros in 2021 – an all-time high and 9.7% more than in the previous record year of 2020 (5.6 billion euros).

Similarly high growth rates are expected for the future: with an average growth of 9.5% per year, sales revenue is expected to reach around 8.9 billion euros in 2025.

The publicity generated by cyberattacks is also heightening security awareness, i.e. the sensitisation of public sector users and companies to IT security, cybersecurity and data protection. Consequently, the German federal government has developed a cybersecurity strategy, the guidelines of which aim to render the risks associated with digitalisation manageable. Government agencies and companies are to work together in various fields of action. Among other things, IT security research is to be promoted, certifications and approvals strengthened and a platform created for the reliable exchange of confidential information.

There is also an increasing awareness of this topic among companies in the private sector. According to current surveys (Allianz Risk Barometer 2022), cyber incidents are perceived as the greatest business risk worldwide – ahead of risks from business disruptions (second place) or natural disasters (third place). In Germany alone, cyber risks come second in the list of business risks.

Companies see larger-scale, costly data breaches as a major and growing challenge. The topic has also been additionally boosted by the German IT Security Act (IT-Sicherheitsgesetz, ITSiG). This legislation demands that providers and operators of critical infrastructures (CI) appropriately safeguard their IT systems using the latest technology and report IT security incidents.

secunet Group is therefore essentially operating within an environment that is conducive to corporate growth, both in the overall economy and its own sector.

Business performance in 2021

Business performance of secunet Group

In the reporting period from 1 January to 31 December 2021, secunet Group generated revenue of 337.6 million euros. secunet Group thus achieved a very significant increase in revenue of 18% compared with the same period of the previous year (285.6 million euros). Earnings before interest and taxes (EBIT) of secunet Group amounted to 63.9 million euros and were thus 24% higher than in the previous year (51.6 million euros). The EBIT margin improved by 0.8 percentage points to 18.9% (previous year: 18.1%).

The high growth rates in revenue and EBIT were already apparent after the first quarter, reflecting the positive operational development of secunet Group in 2021. The main reason for the growth was very good business with secunet products in both Group segments (Public Sector and Business Sector), especially with the SINA product family and the healthcare connector. Besides the sale of goods (in particular hardware and software), the product business also includes revenues from maintenance and support services.

In addition to its core business, which developed very well, secunet benefited to a considerable extent from an extraordinary economic boost triggered by the additional procurement of secure mobile workstations due to the pandemic. In 2021, many public authorities and companies were still faced with the challenge of moving office workplaces to a mobile office setting. secunet Group was able to meet this demand in large numbers with the SINA Workstation S. It is part of the SINA product family and enables location-independent and secure processing of classified information or other sensitive data.

secunet AG announced its forecast for the 2021 financial year in November 2020. The forecast envisaged sales revenues of around 260 million euros and an EBIT of around 38 million euros. At the time of publication of the 2020 Annual Report, the Management Board of secunet AG continued to assume that this forecast would be accurate. After an excellent first quarter in terms of operations and taking into account the very good order situation, the Management Board raised the outlook for the full year 2021 in an ad hoc announcement in April 2021. Since then, sales revenues of around 330 million euros and an EBIT of around 59 million euros were anticipated. With the business results achieved in 2021, secunet still slightly exceeded the Group targets with reference to the adjusted forecast.

The Management Board assesses the business performance in 2021 as very good overall and also in terms of comparison with the published forecast. Despite the ongoing restrictions to contain the coronavirus pandemic and the tense supply situations worldwide for intermediate products, especially the availability of semiconductors, secunet grew significantly at Group level. The 2021 financial year thus closed as the eighth financial year in succession with a year-on-year increase.

Business performance of secunet AG

The forecast for secunet AG for the 2021 financial year was subject to the same risks and opportunities as those of secunet Group. Accordingly, sales revenues of around 330 million euros and an EBIT of around 59 million euros were anticipated.

secunet AG generated revenue of 327.4 million euros in the 2021 financial year. Compared to the previous year's value (279.1 million euros), this corresponds to growth of 17%. EBIT amounted to 62.9 million euros, thereby improving by 30% compared to the previous year's value (48.5 million euros). The EBIT margin was thus 19.2% (previous year: 17.4%). The Management Board assesses the business performance in 2021 as very good.

Results of operations

Results of operations of the Group

The income statement for secunet Group in accordance with IFRS, as applicable in the EU, is presented according to the cost of sales method.

Sales revenue performance

Group sales revenues amounted to 337.6 million euros in the 2021 financial year. This corresponds to an increase of 18% on the previous year's value (285.6 million euros). At Group level, secunet generated 290.8 million euros (previous year: 253.6 million euros) from its product business (hardware, software, maintenance and support) and 46.8 million euros (previous year: 31.9 million euros) from the provision of services.

Sales in the Public Sector segment – whose products and services are geared towards public clients within and outside Germany, as well as international organisations – rose by 17% to 278.1 million euros (previous year: 237.1 million euros). On the one hand, growth was driven by very good core business with the SINA product family. On the other hand, secunet Group benefited to a considerable extent from an extraordinary economic boost triggered by the pandemic-related additional procurement of secure mobile workstations by public sector clients. The segment contributed 82% to Group sales revenue (previous year: 83%).

In the Business Sector segment – which addresses its range of products and services towards companies in the private sector and in particular the healthcare market – sales revenue increased by 23% on the previous year (48.5 million euros) to 59.5 million euros in the reporting period. The decisive factor here was primarily the product business with the secunet healthcare connector, which developed very well in the reporting period due to the rollouts of the PTV3 and PTV4 software upgrades, which are required for further digital specialist applications in the healthcare sector. The share of this segment in the Group's sales revenue in 2021 was thus 18% (previous year: 17%).

From a geographical perspective, secunet saw sales revenue in Germany increase by 19% to 307.8 million euros (previous year: 258.5 million euros). secunet's international business generated revenue of 29.8 million euros, corresponding to an increase of 10% on the previous year's figure (27.0 million euros). The share of international business was thus 9% (previous year: 9%).

Sales revenues from projects with the Giesecke + Devrient Group amounted to 0.6 million euros and thus remained at an unchanged low level (previous year: 0.6 million euros).

Earnings performance

The gross profit on sales of secunet Group rose by 26% to 101.6 million euros in the 2021 financial year (previous year: 80.8 million euros) and thus disproportionately to Group sales revenue. The cost of sales amounted to 236.0 million euros (previous year: 204.8 million euros). The 15% increase in the cost of sales is directly related to the required materials expenses as a result of the increased order volume in the product business. Materials expenses include the purchase of commodities for use in products, as well as third-party services received.

Selling expenses in the 2021 financial year were 21.9 million euros, up 10% on the previous year (19.9 million euros). General administrative costs amounted to 8.3 million euros. They were thus 15% higher than in the previous year (7.3 million euros). The increase in both cost items is due in particular to the growth in the workforce.

In the 2021 financial year, earnings before interest and taxes (EBIT) amounted to 63.9 million euros. This corresponds to an increase of 24% on the previous year (51.6 million euros). The EBIT margin improved by 0.8 percentage points to 18.9% (previous year: 18.1%) due to a favourable product mix.

In both segments, EBIT increased in 2021 as a result of higher product demand: EBIT in the Public Sector segment grew by 7% from 53.8 million euros to 57.4 million euros. The Business Sector segment generated a positive EBIT of 6.5 million euros, as against -2.2 million euros in the previous year. The significant improvement in earnings in the Business Sector is directly related to the PTV3 and PTV4 software upgrades of the healthcare connector, the rollout of which led to licence revenues with a favourable margin profile.

secunet Group's interest income remained at an immaterial level in 2021 (0.01 million euros, previous year: 0.03 million euros). Interest expenses fell from 0.34 million euros to 0.29 million euros and resulted primarily from interest on pension provisions and interest expense in connection with lease accounting under IFRS 16.

secunet Group achieved earnings before taxes (EBT) of 63.6 million euros in the 2021 financial year (previous year: 51.3 million euros). Due to the increase in earnings before taxes, tax expenses rose to 20.6 million euros (previous year: 16.3 million euros). The tax ratio in 2021 was around 32%, as in the previous year.

As a result, secunet Group generated consolidated net income of 43.0 million euros in the 2021 financial year, corresponding to an increase of 23% on the previous year (35.0 million euros). Of this amount, 43.1 million euros is attributable to the shareholders of secunet AG and -0.1 million euros to non-controlling interests (minority shareholders of secustack GmbH). Diluted and undiluted earnings per share amount to 6.66 euros (previous year: 5.43 euros).

Order book

secunet Group's order book as at 31 December 2021 amounted to 185.2 million euros, 24% higher than on the same date in the previous year (149.5 million euros). The increase in the order book results primarily from a high level of orders received from customers in the Public Sector segment. The order book contains orders for the 2022 financial year as well as for subsequent years.

Results of operations of secunet AG

In the annual financial statements of secunet AG issued pursuant to commercial law, the income statement is presented using the nature of expense method.

secunet AG generated revenue of 327.4 million euros in the 2021 financial year. Compared to the previous year (279.1 million euros), this corresponds to an increase of 17%. The positive revenue development is due to the same reasons as in the Group.

Other operating income fell from 5.9 million euros in the previous year to 3.4 million euros in the reporting year, mainly due to lower public project grants. Unfinished services as well as work in progress and finished goods decreased by 0.7 million euros in 2021 (previous year: increase of 1.2 million euros).

Materials expenses amounted to 168.4 million euros in the 2021 financial year, 12% higher than in the previous year (150.0 million euros). The growth is directly linked to the increased order volume in the product business.

In 2021, personnel expenditure increased by 30% from 54.2 million euros in the previous year to 70.7 million euros. The increase is due in particular to the greater number of employees.

Depreciation and amortisation of tangible and intangible assets amounted to 4.1 million euros in 2021 (previous year: 3.4 million euros). The 20% increase results from the further expansion of the Company's property, plant and equipment, mainly office equipment and IT infrastructure.

Other operating expenses decreased by 20% to 24.0 million euros in 2021 (previous year: 30.1 million euros). In the previous year, secunet AG still recorded expenses under this item that were charged to secunet AG with a corresponding margin on the original costs of secunet Service GmbH due to the spin-off of central administrative departments to secunet Service GmbH (for example, Purchasing, Internal IT, Warehouse / Logistics, Finance and Marketing / Communications and Product Management). As the service company was merged with secunet AG as at the reporting date of 1 January 2021, secunet AG's other operating expenses decreased in line with planning.

Income from equity investments almost tripled in 2021 to 2.4 million euros (previous year: 0.8 million euros). As in the previous year, it consisted primarily of secunet International GmbH & Co. KG's net income for the year of 2.4 million euros.

Earnings before interest and taxes (EBIT) of secunet AG totalled 62.9 million euros in the 2021 financial year. This corresponds to an increase of 30% on the previous year (48.5 million euros).

The financial result in 2021 amounted to -1.6 million euros (previous year: -0.6 million euros). Accordingly, the earnings before income taxes of secunetAG in the 2021 financial year were 63.8 million euros (previous year: 48.8 million euros). Net income for the year rose to 43.5 million euros (previous year: 32.8 million euros).

secunet AG's order book as at 31 December 2021 amounted to 169.3 million euros, 24% higher than on the same date in the previous year (136.9 million euros).

Financial and net asset situation

Financial and net asset situation of the Group

The balance sheet is presented in accordance with IFRS, as applicable in the EU.

Capital structure of the Group

secunet Group's balance sheet total amounted to 274.0 million euros as at the reporting date of 31 December 2021 (31 December 2020: 239.8 million euros). On the liabilities side, 129.8 million euros of this was attributable to equity and 144.2 million euros to debt capital. The equity ratio of secunet Group thus amounted to 47% at the end of the 2021 financial year, slightly above the previous year's level (31 December 2020: 43%). The debt ratio fell accordingly to 53% (31 December 2020: 57%).

There were no non-current or current liabilities to banks as at the balance sheet date. Ongoing business and necessary replacement investments were financed from cash and cash equivalents and the operating cash flow in the reporting period. The same applies to all other investments.

Balance sheet of secunet Group, assets

in euros	31 Dec 2021	31 Dec 2020
Current assets
Cash and cash equivalents	119,476,061.19	101,648,590.01
Trade receivables	31,703,067.78	49,006,783.78
Intercompany financial assets	124,011.53	134,047.27
Contract assets	3,946,989.09	4,154,705.96
Inventories	50,073,088.25	27,898,725.41
Other current assets	3,751,333.41	4,877,213.77
Total current assets	209,074,551.25	187,720,066.20

Non-current assets
Property, plant and equipment	7,629,143.38	6,344,752.84
Right-of-use assets	17,109,040.57	18,335,082.30
Intangible assets	13,234,004.81	8,205,796.53
Goodwill	10,322,966.13	4,625,031.00
Non-current financial assets	6,414,381.00	6,275,349.00
Trade receivables	1,575,669.48	3,151,338.96
Deferred taxes	2,680,603.90	2,379,381.74
Other non-current assets	5,980,822.34	2,741,245.77
Total non-current assets	64,946,631.61	52,057,978.14
Total assets	274,021,182.86	239,778,044.34

Assets

The assets side of the consolidated balance sheet showed current assets of 209.1 million euros as at 31 December 2021. The increase compared to the year-end level of the previous year (187.7 million euros) is directly related to the greater business volume and the improved earnings. For this reason, cash and cash equivalents increased by 18% to 119.5 million euros in the reporting period. On the same date of the previous year, they still amounted to 101.6 million euros.

In order to accommodate the well-filled order book and ensure delivery capability for the continually growing product business, inventories increased by 79% to 50.1 million euros as at 31 December 2021 (31 December 2020: 27.9 million euros).

Contract assets amounted to 3.9 million euros and were thus roughly at the previous year's level (31 December 2020: 4.2 million euros). The contract assets represent services already rendered under work or service contracts but not yet invoiced to the customer.

Current and non-current trade receivables amounted to 33.3 million euros, compared to 52.2 million euros on the previous year's reporting date. secunet Group's systematic receivables management had a significant influence on this development.

Non-current assets amounted to 64.9 million euros as at the reporting date of 31 December 2021. This corresponds to 25% growth on the comparative figure for the previous year (52.1 million euros).

As at 31 December 2021, property, plant and equipment amounted to 7.6 million euros and were thus 20% higher than the comparative figure for the previous year (6.3 million euros), mainly due to additions to office and operating equipment.

Right-of-use assets decreased by 7% to 17.1 million euros (31 December 2020: 18.3 million euros). The right-of-use assets result from leases for buildings, offices and company cars. They are recognised at cost and depreciated over the term of the lease. The corresponding items on the liabilities side are the current and non-current lease liabilities.

Due to the acquisition of stashcat GmbH, goodwill grew by 123% to 10.3 million euros (31 December 2020: 4.6 million euros). Also on account of the acquisition and the capitalisation of internally generated software, intangible assets increased by 61% to 13.2 million euros (31 December 2020: 8.2 million euros)

Other current and non-current assets amounted to 9.7 million euros, compared to 7.6 million euros on the previous year's reporting date. The other assets are mainly other receivables from suppliers, advance payments for travel expenses, prepayments for future services and miscellaneous receivables.

Debt and equity

As at 31 December 2021, the liabilities side of the consolidated balance sheet showed current liabilities, i.e. liabilities with a remaining term of less than one year, of 85.2 million euros (31 December 2020: 82.4 million euros) and non-current liabilities of 59.0 million euros (31 December 2020: 54.6 million euros).

Balance sheet of secunet Group, liabilities

in euros	31 Dec 2021	31 Dec 2020
Current liabilities
Trade accounts payable	23,276,779.95	25,513,127.45
Intercompany payables	102,952.71	75,120.94
Lease liabilities	3,132,248.03	3,279,197.48
Other provisions	24,181,873.57	19,999,751.98
Income tax liabilities	9,105,676.54	12,897,980.39
Other current liabilities	4,546,725.61	5,997,733.75
Contract liabilities	20,889,875.70	14,673,571.17
Total current liabilities	85,236,132.11	82,436,483.16

Non-current liabilities
Lease liabilities	14,277,862.90	15,241,779.74
Deferred taxes	4,253,671.95	1,813,090.84
Provisions for pensions	8,030,046.00	8,580,576.47
Other provisions	2,306,469.40	397,037.00
Contract liabilities	30,093,159.77	28,543,452.86
Total non-current liabilities	58,961,210.02	54,575,936.91

Equity
Subscribed capital	6,500,000.00	6,500,000.00
Capital reserves	21,922,005.80	21,922,005.80
Other reserves	-1,737,932.33	-2,248,386.33
Revenue reserves	102,876,356.60	76,211,556.97
Equity attributable to parent company shareholders	129,560,430.07	102,385,176.44
Non-controlling interests	263,410.66	380,447.83
Total equity	129,823,840.73	102,765,624.27

Total liabilities	274,021,182.86	239,778,044.34

secunet did not take out any loans in either 2021 or 2020. Accordingly, there were no liabilities to banks as at the reporting date. The debt ratio was thus 0%.

Both trade payables and current and non-current lease liabilities as at 31 December 2021 were below the level of the previous year's reporting date: trade payables decreased by 9% to 23.3 million euros (31 December 2020: 25.5 million euros), and current and non-current lease liabilities were 6% down to 17.4 million euros (31 December 2020: 18.5 million euros).

Current and non-current contract liabilities amounted to 51.0 million euros as at 31 December 2021, 18% higher than the figure at the previous year's reporting date (43.2 million euros). The contract liabilities comprise customer payments that are recognised as revenue after the balance sheet date. This item contains transactions where secunet generates cash inflow in advance due to multiple-year maintenance and support contracts and extended warranties or receives advance payments for later supplies or services.

Other provisions amounted to 26.5 million euros as at 31 December 2021 (31 December 2020: 20.4 million euros). The growth of 30% is primarily due to the increased recognition of provisions for variable remuneration components of the workforce. This is attributable on the one hand to the increased business result and on the other to the greater number of employees.

Deferred tax liabilities amounted to 4.3 million euros, compared to 1.8 million euros in the previous year, due in particular to the increase in deferred tax liabilities from intangible assets and other items.

Equity rose to a level of 129.8 million euros at the end of the 2021 financial year. This corresponds to a 26% increase on the previous year's reporting date (31 December 2020: 102.8 million euros). Revenue reserves, which rose from 76.2 million euros to 102.9 million euros, contributed significantly to this development. The equity ratio of secunet Group thus amounted to 47% at the end of the 2021 financial year, slightly above the previous year's level (31 December 2020: 43%).

Cash flow and liquidity

Cash flow from operating activities amounted to 53.8 million euros in the 2021 financial year and was thus roughly at the same level as the previous year (56.4 million euros). The significantly higher net profit for the 2021 period did not lead to an increase in cash flow from operating activities, as secunet made considerably higher tax payments in the reporting period (24.6 million euros) than in the previous year (9.0 million euros).

The cash flow from investment activities totalled -15.7 million euros after -5.5 million euros in the previous year. The cash outflow for investments was thus considerably higher year-on-year, with the figure being particularly influenced by payments for investments in intangible assets and property, plant and equipment as well as for the acquisition of stashcat GmbH.

Cash flow from financing activities was -20.2 million euros (previous year: -13.8 million euros), essentially reflecting the dividend payment of 16.4 million euros (previous year: 10.1 million euros). Additionally, there were repayment portions of payments in connection with lease liabilities amounting to 3.6 million euros (previous year: 3.5 million euros).

Overall, the 2021 financial year saw an inflow of cash and cash equivalents totalling 17.8 million euros after 37.2 million euros in the previous year. Cash and cash equivalents increased from 101.6 million euros as at 31 December 2020 to 119.5 million euros, an increase of 18%.

Guaranteed credit lines concluded by secunet AG with its key relationship banks and totalling 12.0 million euros are available to secunet Group as security for customers within the framework of larger projects and for guarantees, and remain unchanged from the previous year. Of this, a total of 4.3 million euros had been drawn down as at 31 December 2021 (31 December 2020: 2.7 million euros). secunet is in an extremely good position to meet its payment obligations at all times.

Financial and net asset situation of secunet AG

The single-entity financial statements of secunet AG were prepared in accordance with German commercial law. The accounting measurement methods in the Annual Financial Statements of secunet AG pursuant to commercial law differ from those for secunet Group (prepared in accordance with IFRS), as applicable in the EU, primarily with regard to the presentation of receivables, inventories, provisions for pensions and deferred taxes. A different measurement method is also used for goodwill, which according to the German Commercial Code (HGB) is amortised on a straight-line basis, while IFRS only provides for unscheduled impairments following an annual impairment test.

secunet AG's balance sheet total increased to 235.2 million euros as at 31 December 2021 (31 December 2020: 200.0 million euros). The primary reason for this change on the assets side of the balance sheet was the 14% increase in cash and cash equivalents to 106.2 million euros (31 December 2020: 93.4 million euros) and the 82% increase in inventories to 51.6 million euros (31 December 2020: 28.4 million euros). Due to the acquisition of stashcat GmbH, financial assets more than doubled to 17.8 million euros (31 December 2020: 7.9 million euros).

On the liabilities side of the balance sheet, the following significant changes occurred between the two balance sheet dates: as a result of the balance sheet profit of 34.8 million euros generated in the 2021 financial year, equity increased by 29% to 120.9 million euros as at 31 December 2021 (31 December 2020: 93.8 million euros). Deferred income and accrued expenses rose by 22% to 46.2 million euros (31 December 2020: 38.0 million euros). The main reason for this was the growing product business and the associated increase in revenues from licences and maintenance, which are deferred over their respective terms. Liabilities decreased by 11% from 28.9 million euros as at 31 December 2020 to 25.8 million euros as at 31 December 2021.

Balance sheet of secunet AG, assets

in euros	31 Dec 2021	31 Dec 2020
A. Fixed assets
I. Intangible fixed assets	2,441,799.00	2,802,112.00
II. Tangible fixed assets	7,231,691.86	6,041,135.84
III. Financial assets	17,795,208.76	7,920,526.76
Total fixed assets	27,468,699.62	16,763,774.60

B. Current assets
I. Inventories	51,609,166.90	28,424,764.72
II. Receivables and other assets	40,925,106.61	54,259,169.32
III. Cash in hand and balances with credit institutions	106,230,783.40	93,401,283.42
Total current assets	198,765,056.91	176,085,217.46

C. Prepaid expenses and ac crued income	8,992,876.95	7,155,565.18
Total assets	235,226,633.48	200,004,557.24

Provisions rose by 8% to 42.3 million euros (31 December 2020: 39.3 million euros). The increase is due to the increased recognition of provisions for variable remuneration components of the workforce.

An amount of 8.7 million euros was transferred to other revenue reserves from the annual net profit of 43.5 million euros for 2021 in conjunction with the balance sheet profit of 16.4 million euros for the previous year. Taking into account the dividends paid in 2021, in the amount of 16.4 million euros from the balance sheet profit for 2020, the result is a balance sheet profit of 34.8 million euros.

The Management Board and Supervisory Board will propose to the Annual General Meeting to be held on 25 May 2022 that 34.8 million euros be distributed to the shareholders through payment of a dividend of 5.38 euros per dividend-bearing share. This corresponds to a distribution of 80% of net income for the year, an increase of 112% on the previous year.

The proposed appropriation of profits consists of a regular dividend of 3.37 euros per dividend-bearing share and an additional special dividend of 2.01 euros per dividend-bearing share. With the proposal to distribute a special dividend, the Management Board is taking account of the good business development in 2021 and the robust liquidity situation.

Balance sheet of secunet AG, liabilities

in euros	31 Dec 2021	31 Dec 2020
A. Equity
Subscribed capital	6,500,000.00	6,500,000.00
Nominal value of treasury shares	-30,498.00	-30,498.00
I. Issued capital	6,469,502.00	6,469,502.00
II. Capital reserves	21,656,305.42	21,656,305.42
III. Revenue reserves
Other revenue reserves	57,956,113.28	49,281,399.89
IV. Net accumulated profit	34,805,920.76	16,432,535.08
Total equity	120,887,841.46	93,839,742.39

B. Provisions	42,341,928.90	39,315,854.01

C. Liabilities	25,779,715.61	28,851,229.10

D. Deferred income and accrued expenses	46,217,147.51	37,997,731.74

Total liabilities	235,226,633.48	200,004,557.24

Capital expenditure

The capital expenditure of secunet Group amounted to 15.7 million euros in the 2021 financial year (previous year: 5.5 million euros). It consisted primarily of investments in intangible assets and property, plant and equipment as well as the acquisition of stashcat GmbH (9.9 million euros). The investments in intangible assets and property, plant and equipment are mainly expenditures for the new acquisition and replacement of hardware, software and other operating equipment. In the 2021 financial year, this type of investment accounted for 6.8 million euros (previous year: 9.2 million euros).

The investments were made primarily by secunet AG and were funded entirely from cash and cash equivalents.

Employees

At the end of the 2021 financial year, secunet Group had 755 permanent employees. This is 102 persons or around 16% more than at the end of 2020 (31 December 2020: 653). The increase in employees primarily took place in the productive areas of development and consulting as well as in distribution.

In addition, secunet Group employed 102 temporary staff as at the reporting date (31 December 2020: 87). This means that a total of 857 employees were working for secunet Group (31 December 2020: 740).

At year-end 2021, secunet AG employed 713 permanent employees (31 December 2020: 550).

More detailed information about the qualifications and requirements of the workforce as well as about the management principles can be found in the combined non-financial statement of the Company and the Group in the section "Employee matters".

Overall statement on the earnings, financial and net assets situation

In the 2021 financial year, secunet achieved an 18% increase in sales revenue at Group level; EBIT was 63.9 million euros, resulting in an EBIT margin of 18.9%. This increase in sales revenue and earnings compared to the previous year was achieved by means of organic growth in the reporting year. At the same time, both Group segments – Public Sector and Business Sector – contributed to the positive development of the Group.

On the basis of these developments, the Management Board considers the course of the 2021 financial year to have been very good for both secunet Group and secunet Security Networks AG.

Risk and opportunity report

Risk report

Risk management objectives and methods

Risk management is carried out in the same way and in parallel for secunet Group and secunet AG. The function presented below and the description of individual risks and opportunities thus apply to both secunet Group and secunet AG.

Risk management at secunet is carried out at various levels: accordingly, the assessment of the risk situation is fed from various sources.

Risks relating to the targets set in the current annual planning are dealt with in a dedicated risk committee.

Recurring operational risks are taken into account as part of regular operational routines and risk minimisation measures and are reduced or eliminated to the fullest extent possible.

Risks that are countered by means of strategic, medium to long-term measures are taken into account by the Management Board as framework conditions for medium-term strategic corporate planning.

The early risk detection and risk management system of secunet AG is being continuously developed and improved.

Risk management for the current planning and financial year

The management of risks relating to the targets set in the current annual planning is carried out at secunet by a risk committee. This comprises the members of the Management Board, the commercial manager and the departmental manager responsible for risk management. The risk committee meets regularly once a quarter. Developments that could jeopardise the fulfilment of objectives, or which may even threaten the survival of the Company, are subjected to intense analysis, scrutiny and assessment by the risk committee. The aim of doing this is to ensure that information about risks, and the associated financial implications, is detected as early as possible in order to implement suitable measures. The existing opportunities and associated potential for earnings are to be identified and leveraged.

As part of the preparation for meetings of the risk committee, a comprehensive risk inventory takes place in each area of the Company. Following a bottom-up approach, the risks are identified as well as assessed and aggregated according to their damage extent and probability of occurrence.

The Company-specific risks surveyed in this manner are then discussed at the risk committee meetings, implementing a top-down approach. The effects of risks and opportunities are not offset against each other. A net presentation is shown when evaluating the potential effects of risks, i. e. the effects of any risk minimisation measures already taken are considered as part of the evaluation. Depending on the probability-weighted damage value of the risks (risk value), the further treatment of the risks is then determined. This ranges from pure documentation where the value is negligible (the probability-weighted damage value in the 2021 financial year amounting to less than 0.5 million euros in EBIT losses) and further observation (monitoring of existing measures – for a risk value in the 2021 financial year in the amount of a mid-singledigit million amount) to the need to take and monitor measures immediately (reporting threshold – for a probability-weighted damage value in the 2021 financial year exceeding a mid-single-digit million amount).

The value limits defined above are re-determined annually based on the planned annual result. Insofar as the identified risks are quantifiable, the corresponding risk values (relating to the reporting date) are adopted in the reporting system.

Proposals for countermeasures are then drawn up, if required. The Management Board reviews these measures and ensures that they are implemented in a timely manner.

The risks considered in this part of risk management for secunet Group and thus also for secunet AG as the parent company of the Group are primarily classified according to their origin in the functional areas of secunet as follows:

» Sales risks: these are risks in all areas connected with distribution. They relate primarily to the functions purchasing and inbound logistics, sales and outbound logistics as well as distribution and marketing.
» Product risks: these are the risks that can arise in connection with products and solutions from secunet. They relate primarily to risks from technical defects or possible security weaknesses in the components used. Also included in this category are risks from the divisions responsible for planning and coordinating the market-readiness of products and solutions from secunet Group.
» Project risks: these are the risks that can arise in connection with development and consulting projects. They mainly include the risks relating to budget planning and subsequent budget compliance.
» Structural risks: these are the risks arising from support functions such as finance and controlling, legal and human resources, and IT. Risks from M & A activities and compliance risks are also recorded here.

Furthermore, the coronavirus pandemic represented a significant and constantly monitored risk for business development in 2021. The Management Board assessed its potential effects on secunet Group continuously and with high priority. Discussion of the risks and measures surrounding the coronavirus pandemic took place in a dedicated steering committee, which met considerably more often than the risk committee. All aspects of business operations were examined and evaluated, with appropriate measures being developed where necessary. In each case, the focus of the discussions was on maintaining the health of employees, the supplies from vendors and the services provided to our customers, as well as our own infrastructure. Since the beginning of the pandemic in 2020, secunet has proved to be a fast-reacting, flexible and adaptable organisation during this time of crisis, with the result that it was quickly possible to reduce risks in operational management.

During the 2021 financial year, it was mainly sales risks that were identified. None of these was individually above the upper limit for no longer being considered negligible. Operational damage management implemented in each case was able to contribute to a significant reduction of the relevant risk value in all cases.

The sales risks discussed here are dominated by distribution risks. secunet is active in the project business. Many projects relate to infrastructures and solutions that are designed on an individual basis. The IT security infrastructures based on these are often associated with high investment volumes, resulting in a complex and often protracted tendering and decision-making process for the customer. This applies to both Public Sector and Business Sector customers and places great limitations on the ability to plan for sales revenues, leading to a potential associated volatility in secunet's business. The distribution risks are continuously monitored as part of risk management and in the ongoing Management Board meetings and, if necessary, they are countered with suitable measures. These measures for reducing the distribution risk often consist of establishing close contact, and thus ongoing cooperation with the customer, through the use of dedicated key account managers, for example. The distribution risks at the time of creating this report are classified as low.

Sales risks also include warehousing risks. These increase as secunet Group's product business grows. Warehousing risks include the risk associated with the ability to deliver at short notice, which is countered by suitably networked material planning (forecast of potential sales and inventory build-up). At the same time, hardware components in particular are becoming obsolete because of accelerating technical progress. Where applicable, inventories lose their value because of this technical ageing process. secunet stays abreast of these risks through professional inventory optimisation. In the 2021 financial year, inventories were written down by 0.1 million euros (previous year: 0.9 million euros).

Procurement risks that can lead to supply bottlenecks and thus to sales risks were newly included during the course of 2021. secunet products are also affected by the global shortage of semiconductors. It proved possible to partially mitigate the risks through a build-up of inventories and continuous close coordination with the most important suppliers. The risk effects were also included in the forecast and planning. For the coming year 2022, the supply risks will continue to have a restrictive effect (please also refer to the aspects noted in the forecast report below).

At the meeting of the risk committee in the fourth quarter of 2021, the risk situation for secunet was regarded as negligible. Due to the very good results for 2021 and the well-filled order book, no significant short-term risks were identified.

There were no product, project or infrastructure risks as at the end of 2021. Consequently, these risk classes were also classified as low.

Operational risk management

Operational risks are risks affecting ongoing business operations that can arise repeatedly. They are recorded, assessed and eliminated to the fullest extent possible by means of specific risk minimisation routines. These control mechanisms are applied at various points in the value creation process.

Distribution or sales risks are discussed within the framework of distribution coordination via risk committees. Risk committees must be held in the case of orders that exceed a defined value. These committees are made up of at least the representatives of the responsible (sales) department, the division / business unit expected to be entrusted with the desired order, the commercial manager, representatives of the legal department and purchasing as well as a member of the Management Board. The goal of the risk committees is to decide for the respective order or invitation to tender, on the basis of transparent criteria, whether and how a bid can be submitted or an order accepted. Since a discussion of the risks, including an assessment of their acceptability, is conducted by the risk committees in each case, and the decision recognises the risks as acceptable, the associated risks are considered to be low at the time of writing this report.

In addition to the distribution risk for major projects already described under sales risks, there is also a project management risk. In addition, there are specific risks for long-term major projects. At secunet, such risks are identified and evaluated in the higher-level project coordination and mitigated by means of appropriate measures. The project management risk arises after the commissioning of major projects: these projects are characterised by multiple uncertainties in their implementation due to the sheer fact of their size. The risk may consist, for example, of a failure to maintain schedules and project budgets. secunet takes these risks into account by means of a comprehensive project management system, which is used to create regular management reports for project managers, division heads and the Management Board. The risks arising from major projects are continuously monitored – in the same way as development risks – with comprehensive project planning and control mechanisms, in conjunction with a risk-oriented reporting system. In the event of deviation from the set targets, measures to reduce the risk are resolved and implemented immediately. These can consist of making additional capacity available for processing the project or discussing deviations with the customer in order to bring expectations into line with the altered framework conditions. The risks arising in the course of project management are sufficiently mitigated by the corresponding measures. Accordingly, the project risks outlined are considered low at the time of writing this report.

There were no project risks as at the end of 2021; accordingly, this risk class was assessed as low.

Product risks can arise in various forms. They are largely mitigated within the framework of operational management processes, with the effect that these risks are considered low at the time of preparing this report.

Product risks can arise in the individual phases of a product life cycle. In conjunction with the development of new products – including corresponding major projects – the following risks are discussed and evaluated regularly:

» Risk of a possible decline in demand: the product fails to prove itself on the market.
» Risk of undesirable technical developments: the product contains defects that lead to warranty claims.
» Risk of failure to complete the product in time: the development project takes considerably more time than estimated.

In the past, secunet primarily developed products and solutions in response to orders to cover specific security needs in the public sector. Its high-security IT solutions are tailored precisely to customers' needs; secunet products are generally not designed without a specific requirement in mind. Most of the products developed by secunet are made to order and are accordingly financed by the customer. Therefore, no development risks exist in terms of potentially waning demand. The risks associated with developing new products that subsequently prove unsuccessful on the market have therefore not been of primary significance for secunet in most product areas.

The development of secunet's own products, such as the secunet konnektor, SINA Communicator and easykiosk, has increased the volume of related internal investments. This has brought development risks more into the focus of risk evaluation. The focus here is less on the sales prospects associated with the products than on the duration of development and certification. The greatest risk for development projects may be underestimation of the time required before they are ready for acceptance. This can lead to expenditure of time and personnel, which limits the profitability of these projects. In order to keep these risks as low as possible, secunet uses extensive project planning and control mechanisms in different locations, paired with a dedicated reporting line. This part of the risk analysis and risk management is identical to the activities that apply for major projects. In the area of development projects, the risk at the time of creating this report is classified as low.

The secunet AG product portfolio is concentrated on solutions in the area of cybersecurity. In the case of the SINA product family in particular, these solutions are protected and approved at a high level in cryptographic terms. One risk that is evaluated on an ongoing basis in connection with the technical properties of these products is the effect of any possible – as yet undetected – security weaknesses of these solutions. In this context, the focus is on the question of whether and to what extent the security promise made to its customers by secunet in connection with the solution as a whole might be compromised as a result of security holes in individual components. This is the task of operational incident management, another component of risk management at secunet. A comprehensive process of ongoing risk identification and assessment takes place in this area for the purposes of risk minimisation. As part of this process, secunet collects and evaluates findings about potential security risks from a wide range of sources. Even if potential vulnerability of the systems merely seems possible as a result of this evaluation, customers are informed immediately and supported in closing the potential security hole. This process of monitoring and solving potential technical security risks is implemented in close collaboration with the Company's development and certification partner, the German Federal Office for Information Security (BSI). In view of the risk minimisation measures in use, the economic risk connected with technical product security is believed to be low.

Strategic risk management and strategic risks

Medium and long-term risks for secunet are taken into account in the course of strategic planning. These framework conditions and the consequences for the strategy are regularly discussed with the Supervisory Board, which approves and follows up on this planning.

The risks considered here include the following:

Customer structure risk is to be seen as a medium-term distribution risk to the extent that secunet conducts the majority of its business with public sector authorities and organisations. The loss of segments of demand from this customer group can have negative effects on sales revenue and earnings. This risk is regularly discussed in depth. Investments in IT, and especially in IT security, are seen as particularly important for the smooth delivery of projects for the public sector, particularly in a world where information technologies play an increasingly important role. The risk of a downturn in demand from public sector customers is therefore constantly monitored, although it is currently considered to be relatively low.

In order to be better placed in the medium term to react to the potential risk of a decline in demand from public sector customers, and in order to reduce and compensate for any resulting decline in sales revenue and earnings, secunet will continue to devote intensive efforts to the expansion of its activities for the private sector target group (Business Sector segment).

Furthermore, the fact that the business results are still heavily influenced by domestic demand is seen as a risk for the further growth of secunet. As a result, the expansion of high-performance international distribution, tapping of new markets and the acquisition of additional customers abroad will remain a focus of efforts for the future development of the Company.

Opportunities

Ongoing management of opportunities

The ongoing management of risks during the year is contrasted with the management of opportunities. They are defined as events that give rise to expectations that the planning or forecast for the current financial year will be exceeded. As in the case of risks, they are recorded as part of the quarterly bottom-up inventories that are included in the report to the risk committee.

In most cases, significant opportunities are promptly incorporated into the planning or the forecast. There were therefore no opportunities to be discussed at the risk committee meeting either during the year or at the end of the year.

Long-term positive trends

In the opinion of the Management Board, the trends outlined below continue to have a positive effect on the future growth of secunet:

Growth through new markets

IT security solutions "made in Germany" enjoy a good reputation around the world due to their quality and trustworthiness. There is rising international demand for corresponding high-quality solutions such as those offered by secunet.

Under the pressure of wiretapping cases and cyberattacks coming to light, demand is likely to stimulate even greater differentiation between producer countries, from which secunet benefits as a German manufacturer. In addition, many secunet products are approved for use in an international context, for example by the EU and NATO.

The range of products and services from the Business Sector division for customers in the industrial sector is to be expanded abroad, for example for foreign subsidiaries and production facilities of German corporations. To this end, promising potential is being identified and examined.

The expansion of foreign activities via secunet's own distribution and via local multipliers will contribute to leveraging these potentials.

Growth through acquisitions

In addition to organic growth on domestic and foreign markets, secunet has for years pursued the objective of triggering additional growth through M&A activities. Growth in the product area through acquisition of the relevant solution providers is promising. The market for companies with high-quality, reliable IT security solutions for processing classified information – in which secunet is an active player – is split into many small to medium-sized providers. In addition, the M&A business remains characterised by very high price expectations on the part of sellers. The process of identifying promising targets at acceptable prices is time-consuming as a result, but is nonetheless being pursued on an ongoing basis.

Overview of risks and opportunities

An overview of risks and opportunities which could impact on the further development of secunet Group shows a confident evaluation overall. The assessment revealed that the risks at the time of creating the report are negligible overall and can thus be controlled, and the identified risks do not threaten the continued existence of the Group and the Company in terms of illiquidity or excessive debts in the reporting period of at least one year. In the operational management of the Group, measures are continuously being taken to prevent a worsening of the risk situation. At the same time, the utilisation of the opportunities described above is being driven forward by a number of activities. No material risks are present as at the balance sheet date.

The business development of secunet AG is subject to the same risks and opportunities as those of the Group. The presentation and evaluation of risks and opportunities thus also apply in the same way for secunet AG.

Forecast

During the past financial year, sales revenue and EBIT increased sharply once again, and 2021 consequently ended with outstanding results. The Management Board of secunet AG is fundamentally optimistic about the conditions for good business performance in the current year 2022.

The framework conditions for the 2022 financial year give reason for optimism.

» The macroeconomic growth forecast of the German federal government is positive: growth of 3.6% in the price-adjusted gross domestic product for the current year 2022. This is subject to the assumption that the restrictions due to the coronavirus pandemic will be lifted and supply bottlenecks will gradually ease over the course of the year.
» For the domestic market, we were still expecting growing demand for IT security. This affects both the Public Sector, i. e. business with public customers, and the Business Sector, which serves companies in both the private sector and the healthcare sector. For 2022, Bitkom predicts growth of 5.9% to 108.6 billion euros in spending on hardware, software and services in the IT sector. The market for IT security is likely to show relatively stronger growth. secunet will be able to meet this growing demand well in future, with optimised and new services, products and solutions.
» The foreign market continues to hold significant growth potential; secunet is generally well positioned to leverage this potential. The secunet AG and secunet International GmbH & Co. KG employees in international distribution have many years of experience in the Group and in dealing with international customers.
» During the course of the year, secunet Group again increased its number of productive employees and can therefore translate increasing demand and high capacity utilisation into good business results.
» The ongoing efforts to expand national and international defence budgets with a focus on cyber defence justify positive growth expectations.
» The increasing requirement for digital sovereignty can be satisfied primarily through trustworthy national solutions. secunet meets these demands with products such as SecuStack.

At the time of preparing this report, the Management Board considers secunet Group and secunet AG to be well positioned and still sees the Company and the Group in a good situation:

» The economic and financial standing of secunet Group and secunet AG is good; growth so far has been achieved profitably, there are no loans, and liquid funds are high.
» The Management Board is of the opinion that secunet has high-performing, motivated and highly qualified employees, providing an excellent basis of expertise.
» The Company's existing product and service portfolio has done well in terms of standing up to competition, and is continuing to expand in close cooperation with customers and their needs. Further additions to the product range will also support future growth.
» secunet believes that secunet's products and solutions have an excellent reputation, the Company is wellknown as a provider of high-quality and trustworthy IT security to meet the highest demands and therefore has a stable and reliable (existing) customer structure.

Nevertheless, risks might also be encountered in the coming year:

» secunet is still largely dependent on the procurement activities of the German federal authorities. At the present time, the effects of changing budgetary policy cannot yet be assessed. Negative implications for secunet could include the postponement or cancellation of planned projects.
» Project business also holds both opportunities and risks: the scope of investment decisions for major projects, especially if these are part of a political process, can significantly delay the start of expected procurements. In addition, ongoing major projects always face the potential risk of incalculable delays or budget overruns.
» The great attention focused on the topic of IT security is fuelling the expectation of growing demand. However, the same attention is also leading to increasing competition.
» Within the scope of a materiality analysis, climate risks have been assessed as not material for our business activities. In order to accommodate their high relevance for external stakeholders, however, voluntary environmental disclosures are included in the combined non-financial statement of the Group and the Company.

The Management Board reacts with concern and dismay to the news about the acts of war in Ukraine. No direct risks relating to procurement and sales are currently evident. The extent to which the sanction decisions will require action is under discussion. The German government is planning a special fund of 100 billion euros to improve its own defence capabilities as well as long-term increases in the defence budget. This will lead to a huge increase in defence spending. The extent to which this will create opportunities for secunet is also not yet foreseeable at this point in time.

The excellent business results achieved in the 2021 financial year represent a challenge for further growth – surpassing sustained record results is becoming increasingly difficult. An extraordinary economic boost as in the previous years is not expected for the 2022 financial year. In addition, the supply bottlenecks on the semiconductor market are leading to uncertainty with regard to the ability to deliver secunet products.

For this reason, the Management Board of the Company already published its forecast for secunet Group for the coming financial year 2022 on 16 November 2021 as follows: sales revenues of around 320 million euros and earnings before interest and taxes (EBIT) of around 50 million euros are expected.

The forecast for secunet AG is subject to the same risks and opportunities as those of secunet Group. Accordingly, the Management Board is expecting a comparably slight decline in sales revenue and EBIT for secunet AG.

Risk reporting with regard to the use of financial instruments

The financial management of the Company and the Group has a clear focus on the regulations and requirements applicable under corporate law. This ensures that all Group companies can operate as going concerns.

The Group and its associated companies were in a position to fulfil their payment obligations at all times. The investment of liquid funds occurs on a strictly risk-minimising basis. The ongoing monitoring of liquid funds and the coordination with liquidity demands serve to ensure the ongoing ability to pay. This is also the main objective of financial management.

Description of the key features of the accounting-related internal control and risk management system (Section 289 (4) and Section 315 (4) HGB)

Elements of the internal control and risk management system

secunet Group's internal control system includes all principles, procedures and measures for ensuring the effectiveness, efficiency and correctness of the accounting system and also assures compliance with the applicable legal provisions.

secunet Group's internal control system consists of an internal steering system and an internal monitoring system. The Management Board of secunet AG – in its function as the managing body of the Company – has assigned responsibility for the internal steering system in secunet Group to the Controlling, Finance, Legal and Human Resources departments in secunet AG.

Process-integrated and process-independent monitoring measures are the cornerstone of secunet Group's internal monitoring system. In addition to manual process controls – such as the dual control principle – automatic IT process controls are also a key feature of the process-integrated measures. Furthermore, process-integrated monitoring is assured by means of committees such as the risk committee and by specific functions within the Group such as the Legal department. The internal audit department of secunet AG is involved in secunet Group's internal monitoring system through process-independent auditing functions.

The risk management system presented here primarily focuses on avoiding the occurrence of damage through risks.

Use of IT systems

At secunet AG, accounting processes are mainly recorded by the ERP system provided by the manufacturer SAP.

Specific Group accounting-related risks

Specific risks related to Group accounting may result, for example, from the conclusion of unusual or complex transactions and from business transactions that are not routinely performed.

Key regulatory and controlling activities for ensuring the correctness and reliability of accounting within the Group

The controlling activities for assuring the correctness and reliability of the accounting system include tasks such as the analysis of circumstances and developments using specific analyses of key indicators. The separation of administrative, executive, billing and approval functions, and their performance by different individuals, reduce the possibility of fraudulent actions. The organisational measures also focus on recording restructuring or changes in the business activities of individual divisions in the Group accounting promptly and properly. They also ensure that in the event of changes to the IT systems for the underlying accounting in the affiliated companies, for example, the accounting processes are recorded in their entirety for the relevant periods. The internal control system also ensures the mapping of changes in the economic or legal environment of secunet Group and ensures that the Group accounting is adjusted in line with new legal provisions or amendments to such provisions.

The secunet Group accounting principles, which include compliance with International Financial Reporting Standards (IFRS), ensure that the companies included in the Consolidated Financial Statements of secunet AG follow consistent accounting and measurement policies.

The internal control system measures, which focus on the correctness and reliability of Group accounting, ensure that business transactions are recorded in good time and in accordance with the law and the Articles of Association. It is also ensured that inventories are carried out correctly and that assets and debts are reported, measured and declared appropriately in the Consolidated Financial Statements. Regulatory activities also ensure that reliable and transparent information is made available in the accounting documents.

The German subsidiaries and the parent company prepare their annual financial statements in accordance with German commercial law, the foreign subsidiaries in accordance with the respective national laws. As part of the consolidation process, the financial statements are reconciled by Group Accounting to commercial balance sheet II in accordance with IFRS as applicable in the EU, using uniform standards. The Consolidated Financial Statements are determined by consolidating capital, liabilities, expenses and income, as well as eliminating intra-Group results, in the aggregate balance sheet and income statement.

Restrictive details

In spite of the aforementioned internal organisation, control and monitoring structures, individual discretionary decisions, defective controls, criminal actions and other circumstances cannot be ruled out. This may lead to limited effectiveness and reliability of the internal control and risk management system used, to the extent that the Group-wide application of the system cannot absolutely guarantee security regarding the correct, complete and timely recording of facts in the Group accounting and in the annual financial statements of the individual companies.

Takeover-related information pursuant to Section 289a, sentence 1 and Section 315a, sentence 1 HGB

The Management Board of secunet AG provides the following information for the 2021 financial year in line with Section 289a, sentence 1 and Section 315a, sentence 1 HGB:

1. The share capital of secunet Security Networks AG remains unchanged at 6,500,000 euros and is divided into 6,500,000 bearer shares with no par value. Each share entitles the holder to one vote at the Annual General Meeting of secunet AG.
1. A restriction on the transfer of secunet shares may apply pursuant to the Foreign Trade and Payments Act (Außenwirtschaftsgesetz, AWG), owing to the products supplied by secunet Security Networks AG. Section 5 (3), sentence 1, no. 2, AWG stipulates that "Restrictions … can in particular be imposed with reference to the acquisition of domestic companies or shares in such companies by foreigners in order to guarantee the essential security interests of the Federal Republic of Germany if the domestic companies … manufacture products with IT security functions to process classified state material or components essential to the IT security function of such products, or have manufactured such products, and still dispose of the technology if the overall product was licensed with the knowledge of the Company by the Federal Office for Information Security." Apart from the restrictions under the AWG, the shareholders of secunet AG are not restricted either by German law or by the Company's Articles of Association in their decisions on the acquisition or disposal of the Company's shares. In particular, the acquisition and disposal of shares does not require the approval of the Company's corporate bodies or other shareholders in order to be valid. The voting rights of shareholders are not subject to any restrictions arising either from legislation or the Articles of Association of the Company. The Management Board is not aware of any agreements between shareholders that give rise to restrictions on the transfer of the Company's shares.
1. To the knowledge of the Management Board, 24.41% of the Company shares are free floating. To the Management Board's knowledge, direct and indirect capital holdings exceeding 10% of voting rights are held by Giesecke + Devrient GmbH, Munich, which had a direct stake of 75.12% as at 31 December 2021. MC Familiengesellschaft mbH, Munich, has an indirect holding of 75.58% in secunet AG (including the treasury shares held

by secunet AG) via its participation in Giesecke + Devrient GmbH. In turn, Verena von Mitschke-Collande, Germany, likewise has an indirect holding of 75.58% in secunet AG via her majority holding in MC Familiengesellschaft mbH.

1. secunet Security Networks AG has not issued any shares that grant special rights.
1. Like the rest of the Company's shareholders, employees and members of the Management Board who hold some of its capital also make their own decisions on the exercise of their voting and control rights and therefore exercise their control rights directly.
1. The Management Board of secunet AG is appointed and dismissed in accordance with the applicable legal provisions, in particular Sections 84 and 85 of the German Stock Corporation Act (Aktiengesetz, AktG). The Articles of Association do not contain any special provisions governing the appointment and dismissal either of individual members or of the entire Management Board. The Supervisory Board has sole responsibility for its / their appointment and dismissal. It appoints members of the Management Board for a maximum term of five years. Members may be reappointed or have their term of office extended, in each case for a maximum of five years. In accordance with Section 179 AktG, changes to the Articles of Association require a decision by the Annual General Meeting; changes that only affect the wording may also be conferred to the Supervisory Board. The amendment becomes effective upon entry in the Commercial Register. In accordance with Article 22 of the Articles of Association, the resolutions of the Annual General Meeting require a simple majority of the votes cast, insofar as the Articles of Association or statutory legal provisions do not specify anything to the contrary. Article 10 (5) of the Articles of Association entitles the Supervisory Board to decide on amendments to the Articles of Association that only affect the wording.
1. The Management Board is not authorised to issue new shares. The Articles of Association of secunet AG do not provide for a contingent capital increase, nor do they include any authorisation for the Management Board to increase the share capital by issuing new shares in return for capital contribution (approved capital). Furthermore, as set out in Section 71 (1), no. 8, AktG, there is no authorisation to purchase treasury stock. As at 31 December 2021, the Company held 30,498 bearer shares, which it purchased on the basis of an authorisation issued during the Annual General Meeting held on 29 May 2001. As per resolution of the Annual General Meeting on 27 May 2009, the Management Board is entitled to divest these shares on a stock exchange with the agreement of the Supervisory Board. As at 31 December 2021, the Management Board of secunet AG had not made use of this authorisation.
1. The Company has no significant agreements that are contingent upon a change of control due to a takeover bid.
1. The Company has concluded no compensation agreements with any members of the Management Board or employees in the event of a takeover bid.

Management and control – reference to the Corporate Governance Statement pursuant to Sections 289f HGB and 315d HGB

As a German public company limited by shares, secunet AG has a dual management and control structure. The Company and the Group are managed by the Management Board, whose members are appointed by the Supervisory Board. The Supervisory Board advises the Management Board and monitors its conduct of business. A detailed explanation of the management of secunet Group can be found in the Corporate Governance Statement pursuant to Sections 289f HGB and 315d HGB, which is also made available on the Company's website (www.secunet.com).

In accordance with Section 317 (2), sentence 6 of the German Commercial Code (HGB), the information in the Corporate Governance Statement is not included in the audit of the annual and consolidated financial statements.

Combined non-financial statement of the Company and the Group

About this statement

With this combined non-financial statement of the Company and the Group, secunet is meeting its obligation to disclose non-financial information for the 2021 financial year as set forth in the "Act to strengthen non-financial reporting by companies in their management reports and group management reports (CSR Directive Implementation Act, CSR-RUG)" pursuant to Sections 315b, 315c in conjunction with 289c – 289e of the German Commercial Code (HGB) and REGULATION (EU) 2020 / 852 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 18 June 2020 on the establishment of a framework to facilitate sustainable investment, and amending Regulation (EU) 2019 / 2088. The present statement is accessible to the public together with the combined Management Report on the position of the Company and the Group on the Company's website (www.secunet.com) under >> About Us >> Investors >> Relevant financial reports and presentations.

In accordance with Section 317 (2), sentence 4 of the HGB, the information in the combined non-financial statement of the Company and the Group is not included in the audit of the combined Management Report. Instead, the combined non-financial statement of the Company and the Group has been audited with limited assurance by PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft in accordance with the requirements of the International Auditing Standard ISAE 3000 (Revised).

When preparing the non-financial statement, we adhere to the classification based on the statutory requirements pursuant to Section 289c HGB in the selection of relevant aspects and the description of concepts. When choosing the individual topics within these matters, we are guided by the requirements of the Sustainability Reporting Standards (SRS) framework for non-financial reporting issued by the Global Reporting Initiative (GRI 102-46, GRI 102-47). For the purpose of preparing the non-financial statement, a dedicated internal process was established in order to analyse and evaluate the sustainability topics with respect to statutory requirements. In addition to the relevant specialist departments, the Company management is also involved in this process.

The basis for selecting the content of the material sustainability topics for the statement was a materiality analysis conducted in 2021. This analysis was performed through a dialogue with key stakeholders with regard to these matters within the Company: this involved the CTO, Operational Services, Data Protection, Compliance, HR and Quality and Environmental Management departments. On the basis of the materiality analysis, those topics were selected that have a relevant impact on the respective aspects and on the business performance, the operating result and the position of secunet AG and secunet Group.

secunet's goal in matters of sustainability is to generate a positive impact on the individual aspects with its products and services and to minimise negative consequences to the greatest extent possible. The materiality analysis was therefore followed by a risk analysis of the matters under consideration. To this end, the risks associated with the aspects of the matters were evaluated. The method of evaluating the risk scenarios associated with the individual non-financial aspects is consistent with the method used for evaluating corporate risks, which is described in the "Risk management objectives and methods" section of this Management Report. In doing so, net risk values were likewise applied, which were determined with consideration of the measures taken to minimise risk. Principal risks are

defined in Section 289c (3), no. 3 and 4, as risks that are associated with the business activity and business relationships of the Company and the Group and are highly likely to have a severely negative impact on the aspects of the matters.

The risk assessment did not identify any significant non-financial risks.

In 2021, a comprehensive materiality analysis was carried out. In accordance with the requirements of the law, the following topics were deemed to be dually material for the non-financial statement for the 2021 financial year:

» Diversity and inclusion in the workplace (employee matters)
» Wellbeing, occupational health and safety (employee matters)
» Employee management and development (employee matters)
» Informational self-determination and security (social matters: digital sovereignty and data protection)
» Responsible corporate governance (compliance)
» Resilience of the business model (as a result of the individual topics and as a contribution to social matters and employee matters)

In our materiality analysis, we came to the conclusion that the aspects of human rights and the environment are not material according to the legal requirements for presentation in the non-financial statement. Due to the high relevance for external stakeholders, we have decided to disclose information on our environmental management on a voluntary basis.

The Management Board of secunet AG was involved in the process of preparing and approving the non-financial statement.

secunet has recognised the strategic relevance of sustainability issues and the increasing demands of external stakeholders. In connection with the matters identified as material, the Supervisory Board of secunet AG resolved in the 2020 reporting year to introduce a new remuneration system for members of the Management Board for the coming financial year. The remuneration system includes a long-term variable remuneration component based on non-financial performance targets, or ESG targets. The ESG targets, their weighting and the respective target achievement are determined by the Supervisory Board for each assessment period. The remuneration system for members of the Management Board of secunet AG is described in detail in the remuneration report pursuant to Section 162 of the German Stock Corporation Act (AktG).

Business model

The business model of secunet Group and secunet AG as well as their resilience are described in detail in the "Principles of the Group" section of this combined Management Report for 2021. Responsible conduct, social acceptance and a high degree of integrity are essential preconditions for the economic success of our Company. With this in mind, secunet, as one of the leading German providers of sophisticated IT security, has set itself the goal of contributing to sustainable economic, environmental and societal development.

When decisions are made on measures and management concepts relating to sustainability, relevant non-financial topics are reported to and discussed by the Management Board of secunet AG.

Employee matters

The creativity, motivation and integrity of our employees are decisive factors for the success of our Company. Their commitment, flexibility and expertise are part and parcel of the strengths our Company has been shown to possess. secunet implements various measures with the aim of providing employees with a working environment that promotes these strengths.

secunet's employees are permanently employed in Consulting, Development, Sales, Product Management, Administration and Services. They are joined by student trainees and interns and, in rare cases where there is a specific need, external staff (e. g. temporary workers) as stand-in personnel in administration departments. On account of the relative uniformity of these groups, the measures described below apply to all employees.

In addition to the permanent employees, secunet also engages freelancers in certain productive areas in order to overcome capacity bottlenecks or if highly specific expertise is required. Considering that the number of freelancers is low in relation to the permanent employees, the following statements concerning measures or key indicators apply exclusively to the permanent employees defined at the outset.

The overall responsibility for managing HR-specific topics lies with the relevant specialist department, which reports directly to the Chairman of the Management Board.

Diversity and inclusion in the workplace

secunet not only regards diversity in its workforce as a source of enrichment, it also sees potential for success in the plurality of its employees. It is important to us that diversity and equal opportunities are lived out responsibly by all employees and the management and supervisory bodies in all areas of the Group and across all hierarchical levels, genders, religious views and nationalities.

By treating each other with trust and respect, secunet aims to create the necessary basis for enabling each individual employee to realise his or her potential to the full. All employees, including management and supervisory bodies, must observe the secunet-wide principles of conduct and values in the Code of Conduct. Violations of these principles of conduct and values can be communicated to the appropriate bodies within the Group and Company via internal reporting channels.

In the 2021 reporting year, no reports of suspected violations or abuses against the principles set out in the Code of Conduct were submitted via these channels.

Employee management and development

The IT sector is growing at a far greater rate than the number of qualified workers available. Competition for the recruitment of experienced employees and junior staff talent is therefore fierce. In light of this, recruiting and junior staff development are becoming critical success factors in the long-term positive development of the Company.

For this reason, secunet is intent on being an appealing employer and maintaining an attractive image in the future too. To achieve this goal, secunet is pursuing a number of measures under the leadership of the HR department. One of the means of doing so is through a continuous exchange with the individual employees and the workforce as a whole.

Regular surveys are also conducted to gauge employee satisfaction. The last survey took place in the first quarter of the 2021 financial year. Conduct of the survey and implementation of the results will in the future be included as a non-financial component in the remuneration of the Management Board.

Concrete measures are derived from the results of the survey. These currently include three projects: personnel development, improvement of collaboration and processes, as well as leadership in general.

In the area of personnel development, secunet is continuing the efforts of recent years. This includes strengthening the feedback culture in all directions – which is intended to allow for more in-depth, higher-quality feedback with regard to the respective activities. The existing annual review meeting will be enhanced for this purpose. The review meeting is a standardised, structured dialogue during which the employee and the supervisor assess each other in a form of performance evaluation. At the same time, questions are asked about the employee's level of satisfaction with their work situation, any potential work overload and the desire for personal development. From the information provided it is possible to deduce, amongst other things, whether the employees require training. In the future, this will be further improved and intensified. In addition, there are increased education and training activities in the area of personnel development.

The projects for the improvement of collaboration and processes, as well as leadership will be launched in 2022. They are each under the sponsorship of a member of the Management Board and are staffed by employees from all departments.

In order to create an attractive work environment and pleasant working conditions, fringe benefits such as free drinks and fruit, assistance in individual workplace design and the opportunity to lease company bicycles are offered.

Other measures are aimed at junior staff recruitment and continuous development of the existing workforce. This includes the ongoing qualification of permanent employees.

In 2021, an average of about 1,385 euros was invested in training measures for each employee, compared to an average of around 1,128 euros in 2020 and 1,190 euros in 2019. Since the fourth quarter of 2021, secunet employees have been able to access the very extensive and wide-ranging learning content and courses offered by the LinkedIn Learning platform for their individual development – secunet has acquired company-wide licences for this. The choice of content is entirely up to the individual.

Junior staff development and recruiting are also key factors in developing the secunet workforce. secunet operates sites in the vicinity of universities, providing opportunities for regular contact with potential employees of the future. secunet is able to secure employees for the coming years by offering students work placements during their studies, supporting them in writing their final dissertations and much more. Cooperation projects with universities are a further means of establishing networks and expanding the qualified workforce of secunet. Beyond this, secunet awarded a so-called Deutschlandstipendium (German Scholarship) in 2021 to promote young IT talent.

Starting in the 2022 financial year, secunet will resume vocational apprentice training in both the commercial and IT sectors. Besides this, there is a trainee programme aimed at young graduates.

Wellbeing, occupational health and safety

It is a matter of course for secunet to comply with all relevant regulations and recognised standards on employee rights. Various measures that have an impact on the occupational health and safety of the workforce are in place. These include statutory occupational health and safety provisions. The occupational health and safety officers and the HR department of secunet, supported by the occupational physician service, carry out a number of measures in order to minimise work-related physical and mental stress. It is inherent in secunet's business model that most of the workforce's tasks are carried out within office buildings and at the employees' desks.

Accident prevention is another important aspect of health promotion to which secunet attaches great importance in its organisation. In the 2021 reporting year, a total of eight occupational accidents were registered in secunet Group (2020: five) and reported to the relevant employers' liability insurance association. An occupational accident is a sudden event of external origin and limited duration, which damages the body and has a causal connection with the work activity at secunet. Occupational accidents also include accidents that occur during a business trip or when travelling between home and work (commuting accident).

secunet also enables its employees to have a free health check with the occupational physician service. In the 2021 reporting year, flu vaccination campaigns were also carried out at secunet's major locations.

Since 2020, secunet has been confronted with the coronavirus pandemic. The spread of the pandemic presented challenges for both secunet and its workforce. To date, the top priority in dealing with the pandemic has been health and safety within the workforce and along the entire value chain.

Dealing with the requirements arising from the pandemic and, in particular, protecting and maintaining the health of the workforce have been on the agenda of a steering committee set up by secunet at the start of the pandemic and maintained continuously ever since. The steering committee exchanges information at regular intervals, monitors developments relating to the pandemic and decides on the necessary measures. In addition to the Management Board, the members of the steering committee also include managers from various Group divisions.

Working from mobile offices has been the preferred form of work since March 2020 (Corona Mobile Office arrangement). Due to the equipment of the workforce with secure mobile workstations and thanks to the flexible reaction of the employees, secunet was able to cope well with the lockdown periods. If physical contact with other colleagues or business partners is necessary, the applicable legal regulations and the respective hygiene concept must be strictly observed. In addition, the number of business trips was greatly reduced.

As a token of appreciation for the special achievements of the employees in the coronavirus pandemic, a special payment was granted at the end of 2021 and 2020.

secunet offers its workforce the opportunity to structure and develop their own working hours to meet their individual needs. This allows every employee, within the framework of what is operationally possible, to organise their working hours, for example, to suit their needs with regard to their family, individual life situation or an appropriate work-life balance.

This is supplemented by the Mobile Office arrangement originating from the employee survey, which allows employees complete freedom to determine their work environment on a dynamic basis. For the time being, working in mobile offices is the preferred form of work (Corona Mobile Office arrangement), which means that an unlimited number of days are available for this purpose. For the time after the coronavirus pandemic, a new Mobile Office arrangement provides that employees can opt for this model two days per week. Employees who do not necessarily have to work on site can use the shared desk arrangement, which stipulates being present one day per week at the respective location and that workstations are no longer permanently assigned but can be booked from a pool.

Social matters: digital sovereignty and data protection

Through its product portfolio, secunet makes a contribution to societal issues with regard to the needs for data protection and digital sovereignty. Data protection or informational self-determination is one of the fundamental rights of citizens in the European Union. Information security is an essential building block for ensuring effective data protection. Digital sovereignty refers to all efforts to achieve successful digitalisation without new structural, economic and political dependencies. Information security plays an essential role in this area as well.

secunet is one of the leading German providers of high-quality IT security. Our products and services are designed to assure information security, in particular by using cryptographic methods. Information security is, in itself, an essential precondition for digitalisation based on trust.

Moreover, information security lays a foundation for effective data protection. The applicable technical requirements, as set out in the EU GDPR for example, are supplemented by consultative approaches and coupled with organisational measures. We have structured our own internal processes to ensure a high level of data security and data protection. To this end, we have integrated comprehensive measures in our business processes and implemented due diligence processes. We pursue our corresponding objectives with the assistance of the IT security officer and the secunet data protection officer. secunet AG is certified according to ISO / IEC 27001:2013 and thus meets stringent quality standards with regard to in-house information security. The continuous refinement of associated technical and organisational security measures is indicative of our commitment to providing the greatest possible data protection. We communicate requirements on data security and data protection to our suppliers via the General Terms and Conditions, which form the basis for the provision of services.

Information security and data protection are of paramount importance in all our dealings with customers. Our IT security partnership with the Federal Republic of Germany as well as the extensive number of secunet products and solutions that have been approved and certified by the Federal Office for Information Security are good indicators of this. secunet also works towards ensuring data security and data protection by providing consultative services in the fields of information security systems and data protection. The increase in revenue and the growing proliferation of secunet solutions from year to year, particularly in the public sector, are proof that the number of customers who place their trust in secunet in this regard is rising.

One example of how secunet makes a positive contribution to society is the provision of secure mobile workstations that were needed for the home-based work of public authorities as a result of contact restrictions. Since the spring of 2020, at the onset of the coronavirus pandemic, many authorities have provided secure mobile workstations to their employees quickly and comprehensively. In order not to jeopardise security in the process, they have often opted for the SINA Workstation S. The SINA Workstation S is part of the SINA crypto system, which secunet developed on behalf of the German Federal Office for Information Security (BSI). The solution allows existing systems to be easily migrated to the secure SINA environment. Users then continue to work without restrictions in their familiar environment, for example in MS Windows, and access the public authority network securely.

Another contribution made by secunet to society is the equipment of medical providers with the healthcare connector. With the development and certification of the secunet konnektor, secunet has applied its experience in IT security to the healthcare sector. The secunet konnektor serves as a central element for medical practices, pharmacies and hospitals, for example, to connect their computer networks to the telematics infrastructure (TI). In the future, the resilient security infrastructure of the secunet konnektor will contribute, among other things, to enabling secure and fast retrieval of personal health data (such as previous illnesses), which are immediately required especially in emergency situations.

The debate concerning digital sovereignty has its origins in the discussion about the security of 5G networks. The same situation has now emerged with cloud services. The focus here is on the dependencies that have already arisen and the difficulties of still ensuring a secure and available infrastructure despite this degree of dependency. Technological building blocks for digital sovereignty – such as a cloud operating system, encryption, virtualisation and operational competence – are available at any rate. Harnessing and scaling them is predominantly a political decision. For infrastructure providers in sensitive areas (public authorities, eHealth, critical infrastructures), secunet offers SecuStack – a certifiable and transparent solution with a high security level. SecuStack is a highly secure turnkey cloud infrastructure solution that ensures the protection of business-critical applications, sensitive data and confidential information. SecuStack guarantees trustworthiness and digital sovereignty in the cloud.

Our products and solutions are primarily tailored to the needs of our customers. We attach corresponding importance to customer satisfaction. This has therefore been included in the non-financial components as an element of the variable Management Board remuneration from 2021 onwards. To measure customer satisfaction, a Net Promoter Score survey was conducted for the first time in 2021.

secunet pays particular attention to anticipating technological developments. The research and development activities of secunet aim at improving and innovating processes, products and solutions. In this way secunet stays abreast of the growing need of its customers for higher security in existing infrastructures as well as for solutions dealing with threats in new technological environments.

Responsible corporate governance (compliance)

Integrity is of paramount importance at secunet. The effective prevention of corruption and bribery is an essential aspect of this. To this end, secunet has implemented a comprehensive compliance management system. The compliance management system is currently geared towards the internal structures of secunet AG and secunet Group. It is also planned to oblige all secunet suppliers to provide a self-declaration in order to draw attention to compliance and ethical issues in the upstream value chain and to raise suppliers' awareness accordingly. These measures are expected to be enacted in the course of implementing the requirements of the Act on Corporate Due Diligence Obligations in Supply Chains.

Various measures are derived from the management team's unwavering commitment to integrity ("tone from the top").

Two examples are training and consultancy services. secunet employees are regularly made aware of and trained in compliance issues. Participation in classroom training is mandatory for all employees every two years. Since the outbreak of the coronavirus pandemic, training sessions have taken place online.

The Compliance Officer can be consulted on any compliance issues that go beyond this scope. The Compliance Officer consults with the Management Board member responsible for the department on a weekly basis.

In addition, there are policies on how to deal with conflicts of interest and corruption. At compliance training sessions, attendees are made aware of the importance of adhering to the guidelines and regulations stipulated by secunet's business partners.

As a matter of principle, secunet does not make monetary or material donations to political organisations, parties or individual politicians. Employees must also ensure that politically motivated donations made in their capacity as private individuals cannot be linked to secunet in any way. Since 2018, a whistleblower system has been in place, giving customers, suppliers, employees and any other parties involved in the business operations the opportunity to report internal grievances and risks anonymously. The processes associated with this meet the requirements of the EU Whistleblower Protection Directive.

In 2021, the Compliance department received no information about possible cases of corruption. Nor were any reports registered with the authorities responsible for secunet and communicated to secunet.

Environmental matters: environmental management

The materiality analysis carried out for non-financial matters revealed that, for secunet, environmental aspects are only to be considered material to a limited extent. This is supported by the following recitals: secunet does not operate any energy-intensive production facilities. The equipment required for operations comprises only the IT equipment of the employees, the company's own data centres, company vehicles and facilities. Packaging material is used, however, when hardware is sold and, at the end of the product life cycle, there is electronic scrap to dispose of. These impacts on the environment are therefore directly linked to our business operations. Due to this fact and the high external stakeholder relevance, secunet has decided to provide information on environmental management on a voluntary basis.

Within secunet, general environmental protection guidelines are currently in place as part of the Code of Conduct that applies to the entire secunet Group. Findings on individual concepts and measures currently relate to the use of (company) vehicles, energy audits and supplier management. For example, company vehicles with lower CO2 emissions are promoted by means of lower leasing rates. secunet Group is obliged to perform an energy audit pursuant to DIN EN 16247-1. The most recent audit was carried out in September 2019. The next audit will take place in 2023 in accordance with the specified four-year cycle. Furthermore, secunet obliges its suppliers to comply with legal regulations on the return and environmentally compatible disposal of electrical and electronic equipment as well as regulations on electromagnetic compatibility and to ensure that the resulting obligations are met. The introduction of an environmental management system is planned for 2022.

Since the 2021 financial year, climate protection has been one of the variable components in remuneration of the secunet AG Management Board. The targets are based on CO2 emissions. This is why the systematic recording of the main sources of energy consumption (electricity and gas consumption as well as travel activities and the vehicle fleet) was already started in 2020 in order to determine our carbon footprint on this basis. Information on the remuneration of the Management Board can be found in the remuneration report, which is part of this Annual Report.

EU Taxonomy

As part of its Action Plan on Financing Sustainable Growth, the European Union aims to redirect capital flows towards sustainable investment. Against this backdrop, the EU Taxonomy Regulation came into force in mid-2020, classifying which economic activities are considered environmentally sustainable in the EU.

The EU has currently published standards for sustainable economic activities as defined by the Taxonomy Regulation for the first two environmental objectives (climate change mitigation and climate change adaptation). The description of economic activities in the delegated acts determines which economic activities may, in principle, be regarded as "taxonomy-eligible economic activities". Only taxonomy-eligible economic activities may be considered environmentally sustainable upon meeting certain technical screening criteria. If an economic activity meets the screening criteria specified in the delegated acts, it is to be classified as taxonomy-compliant and thus environmentally sustainable.

In accordance with relief granted by the EU for the 2021 reporting year, only the proportions of taxonomy-eligible and non-taxonomy-eligible economic activities in a company's turnover (sales revenues), capital expenditure and operating expenses need to be disclosed under the first two environmental objectives.

On the basis of Section 289 (1) of the German Commercial Code (HGB), secunet is obliged to apply the regulatory provisions of the Taxonomy Regulation. Pursuant to Section 315e (1) HGB, the Consolidated Financial Statements of secunet as at 31 December 2021 have been prepared in accordance with IFRS. The amounts used for calculation of the turnover, CapEx and OpEx KPIs are correspondingly based on the figures reported in the Consolidated Financial Statements. Based on an analysis of the economic activities, the proportion of taxonomy-eligible turnover / capital expenditure (CapEx) and operating expenses (OpEx) in the respective secunet Group values is stated for the 2021 financial year.

A cross-functional project team was formed to identify secunet's taxonomy-eligible economic activities. A detailed analysis of the turnover, capital expenditure and operating expenses was carried out to identify potentially taxonomy-eligible economic activities. Both the items reported in the consolidated income statement and internal financial KPIs were used for this purpose.

The publication of the delegated acts for the other four environmental objectives has been announced for 2022. secunet will carefully analyse their effects, too, and report transparently on them.

Turnover KPI

Under Annex I (climate change mitigation), no material taxonomy-eligible turnover-relevant economic activities were identified for secunet. As a result, secunet's business activities do not belong to the sectors which, in the estimation of the European Commission, are responsible for approximately 80% of direct greenhouse gas emissions in Europe and have thus been included in Annex I.

Instead, secunet's business model is essentially covered under 8.2. Computer programming, consultancy and related activities in Annex II (climate change adaptation). However, taking into account the second FAQ published on 2 February 2022 on issues of interpretation in relation to Article 8 of the EU Taxonomy Regulation of the European Commission, no turnover (sales revenues) is to be disclosed hereunder.

CapEx KPI

At secunet, the CapEx KPI indicates the proportion of capital expenditure that is either associated with a taxonomy-eligible economic activity or relates to the acquisition of products and services resulting from a taxonomy-eligible economic activity.

The basis of the capital expenditure comprises the additions to property, plant and equipment and intangible assets and right-of-use assets from leases during the financial year under review, before depreciation and any revaluations for the financial year concerned and excluding changes in fair value (see 3, 4 and 5 in the notes to the balance sheet).

The sum of the material additions reflecting a taxonomy-eligible investment forms the numerator of the CapEx KPI. Outside its core business, secunet can potentially make a contribution to climate change mitigation with its investments in the vehicle fleet (6.5. Transport by motorbikes, passenger cars and light commercial vehicles (Annex I)) and in buildings (7.7. Acquisition and ownership of buildings (Annex I)).

OpEx KPI

Under Annex I, no material taxonomy-eligible operating expenses were identified for secunet. Instead, secunet's operating expenses are essentially covered under 8.2. Provision of information technology services in Annex II in accordance with the business model. However, taking into account the second FAQ published on 2 February 2022 on issues of interpretation in relation to Article 8 of the EU Taxonomy Regulation of the European Commission, no operating expenses are to be disclosed hereunder.

secunet's EU Taxonomy KPIs

	Taxonomy eligible proportion	Non-taxon omy-eligible proportion
Turnover	0 %	100 %
Capital expenditure (CapEx)	17 %	83 %
Operating expenses (OpEx)	0 %	100 %

Management Board report pursuant to Section 312 (3) AktG

Pursuant to Section 312 (3) of the German Stock Corporation Act (AktG), the Management Board has issued a report on the relations with affiliated companies for the 2021 financial year. The report contains the following closing statement: "It is hereby declared that, according to the circumstances known to the Management Board in which the legal transaction was undertaken, our Company received an appropriate consideration for each of the legal transactions listed and was not disadvantaged. This assessment has been made on the basis of the circumstances known at the time of the reportable proceedings. There were no further reportable legal transactions, measures or omissions in addition to the activities reported."

Essen, 22 March 2022

Axel Deininger Torsten Henn

Dr Kai Martius Thomas Pleines

of secunet Security Networks Aktiengesellschaft, Essen

Consolidated balance sheet
Consolidated income statement
Statement of comprehensive income
Cash flow statement
Statement of changes in equity
Notes to the Consolidated Financial Statements
Independent auditor's report
Responsibility statement

Consolidated Financial Statements

of secunet Security Networks Aktiengesellschaft, Essen

Consolidated balance sheet

(according to IFRS) as at 31 December 2021

Assets

in euros	Note	31 Dec 2021	31 Dec 2020
Current assets
Cash and cash equivalents	1	119,476,061.19	101,648,590.01
Trade receivables	2, 11	31,703,067.78	49,006,783.78
Intercompany financial assets	2	124,011.53	134,047.27
Contract assets	2, 11	3,946,989.09	4,154,705.96
Inventories	7	50,073,088.25	27,898,725.41
Other current assets	2	3,751,333.41	4,877,213.77
Total current assets		209,074,551.25	187,720,066.20
Non-current assets
Property, plant and equipment	3	7,629,143.38	6,344,752.84
Right-of-use assets	5	17,109,040.57	18,335,082.30
Intangible assets	4	13,234,004.81	8,205,796.53
Goodwill	6	10,322,966.13	4,625,031.00
Non-current financial assets	8	6,414,381.00	6,275,349.00
Trade receivables	2, 11	1,575,669.48	3,151,338.96
Deferred taxes	9	2,680,603.90	2,379,381.74
Other non-current assets	2	5,980,822.34	2,741,245.77
Total non-current assets		64,946,631.61	52,057,978.14

Total assets	274,021,182.86	239,778,044.34

Liabilities

in euros	Note	31 Dec 2021	31 Dec 2020
Current liabilities
Trade accounts payable	10	23,276,779.95	25,513,127.45
Intercompany payables	10	102,952.71	75,120.94
Lease liabilities	5, 10	3,132,248.03	3,279,197.48
Other provisions	13	24,181,873.57	19,999,751.98
Income tax liabilities	10	9,105,676.54	12,897,980.39
Other current liabilities	10	4,546,725.61	5,997,733.75
Contract liabilities	10, 11	20,889,875.70	14,673,571.17
Total current liabilities		85,236,132.11	82,436,483.16
Non-current liabilities
Lease liabilities	5, 10	14,277,862.90	15,241,779.74
Deferred taxes	9	4,253,671.95	1,813,090.84
Provisions for pensions	12	8,030,046.00	8,580,576.47
Other provisions	13	2,306,469.40	397,037.00
Contract liabilities	10, 11	30,093,159.77	28,543,452.86
Total non-current liabilities		58,961,210.02	54,575,936.91
Equity
Subscribed capital	15	6,500,000.00	6,500,000.00
Capital reserves	15	21,922,005.80	21,922,005.80
Other reserves	15	-1,737,932.33	-2,248,386.33
Revenue reserves	15	102,876,356.60	76,211,556.97
Equity attributable to parent company shareholders		129,560,430.07	102,385,176.44
Non-controlling interests	15	263,410.66	380,447.83
Total equity	23	129,823,840.73	102,765,624.27

Total liabilities		274,021,182.86	239,778,044.34

Consolidated income statement

(according to IFRS) for the period from 1 January 2021 to 31 December 2021

in euros	Note	1 Jan – 31 Dec 2021	1 Jan – 31 Dec 2020
Sales revenue	16	337,620,237.25	285,590,810.35
Cost of sales		-236,013,880.11	-204,773,851.92
Gross profit on sales		101,606,357.14	80,816,958.43
Selling expenses		-21,902,970.56	-19,934,935.22
Research and development costs	18	-7,505,955.34	-1,927,781.10
General administrative costs		-8,330,635.38	-7,254,373.89
Impairment losses / impairment reversals on trade receivables and contract assets	2	39,032.00	-77,653.33
Other operating income		11,397.42	17,469.10
Other operating expenses		-38,613.71	-425.00
Earnings before interest and taxes (EBIT)		63,878,611.57	51,639,258.99
Interest income	19	5,631.49	27,731.34
Interest expenses	19	-294,855.99	-337,108.43
Earnings before taxes (EBT)		63,589,387.07	51,329,881.90
Income taxes	20	-20,609,089.53	-16,345,893.77
Group profit for the period		42,980,297.54	34,983,988.13
of which attributable to shareholders of secunet AG		43,097,334.71	35,111,697.37
of which attributable to non-controlling interests	15	-117,037.17	-127,709.24
Earnings per share (diluted / undiluted)		6.66	5.43
Average number of shares outstanding (diluted / undiluted, units)		6,469,502	6,469,502

Group statement of comprehensive income

(according to IFRS) for the period from 1 January 2021 to 31 December 2021

in euros	Note	1 Jan – 31 Dec 2021	1 Jan – 31 Dec 2020
Group profit for the period		42,980,297.54	34,983,988.13
Items not reclassified to the income statement
Revaluation of defined benefit pension plans	15	750,447.00	-141,356.00
Income tax attributable to components of the other comprehensive income / loss		-239,993.00	45,219.79
		510,454.00	-96,136.21
Items that can be reclassified to the income statement
Currency conversion differences (change not affecting income)	15	0.00	8,109.95
Other comprehensive income / loss		510,454.00	-88,026.26
Consolidated comprehensive income / loss		43,490,751.54	34,895,961.87
of which attributable to shareholders of secunet AG		43,607,788.71	35,023,671.11
of which attributable to non-controlling interests		-117,037.17	-127,709.24

Consolidated cash flow statement

(according to IFRS) for the period from 1 January 2021 to 31 December 2021

in euros	1 Jan – 31 Dec 2021	1 Jan – 31 Dec 2020
Cash flow from operating activities
Earnings before taxes (EBT)	63,589,387.07	51,329,881.90
Depreciation and amortisation of tangible and intangible fixed assets	9,933,084.86	8,057,814.05
Other non-cash income	-182,112.36	-175,248.16
Changes in provisions	6,204,700.52	6,441,893.00
Book losses on the sale of intangible assets and of property, plant and equipment	25,840.29	425.00
Interest result	289,224.50	309,377.09
Change in receivables, contract assets, inventories and other assets	-4,971,917.90	-13,723,294.32
Change in liabilities and contract liabilities	3,449,492.82	13,128,947.18
Tax paid	-24,573,757.43	-8,994,599.54
Cash from operating activities	53,763,942.37	56,375,196.20
Cash flow from investing activities
Purchase of intangible assets and of property, plant and equipment	-6,780,942.00	-9,206,975.53
Payments received for grants	863,650.00	3,665,560.72
Proceeds from the sale of intangible assets and of property, plant and equipment	21,921.71	24,781.00
Purchase of financial assets	-61,619.64	-61,625.68
Proceeds from financial assets	104,700.00	103,407.84
Acquisition of subsidiaries less cash and cash equivalents acquired		0.00
Cash outflow from investing activities	-15,709,023.39	-5,474,851.65
Cash flow from financing activities
Dividend payment	-16,432,535.08	-10,092,423.12
Repayment portion of lease payments	-3,592,458.22	-3,463,571.11
Interest received	5,631.49	27,731.34
Interest paid	-208,085.99	-224,343.43
Cash outflow from financing activities	-20,227,447.80	-13,752,606.32
Effects of exchange rate changes on cash and cash equivalents	0.00	8,109.95
Change in cash and cash equivalents	17,827,471.18	37,155,848.18
Cash and cash equivalents at the beginning of the period	101,648,590.01	64,492,741.83
Cash and cash equivalents at the end of the period	119,476,061.19	101,648,590.01

For further explanations, see Note 21.

Consolidated statement of changes in equity

(according to IFRS) for the period from 1 January 2021 to 31 December 2021

in euros	Subscribed capital	Capital reserves
Equity as at 31 Dec 2019 / 1 Jan 2020	6,500,000.00	21,922,005.80
Group profit 1 Jan – 31 Dec 2020
Other comprehensive income / loss 1 Jan – 31 Dec 2020
Consolidated comprehensive income 1 Jan – 31 Dec 2020
Dividend payment
Equity as at 31 Dec 2020 / 1 Jan 2021	6.500.000,00	21.922.005,80
Group profit 1 Jan – 31 Dec 2021
Other comprehensive income / loss 1 Jan – 31 Dec 2021
Consolidated comprehensive income 1 Jan – 31 Dec 2021
Dividend payment
Equity as at 31 Dec 2021	6.500.000,00	21.922.005,80

Other reserves

Revaluation of defined benefit pension plans

Income tax attributable to components of the other comprehensive income / loss

Currency conversion differences from the currency conversion of financial statements of foreign subsidiaries

Reserve for treasury shares

Equity of secunet AG shareholders

Noncontrolling

For further information on the development of the Group's equity, see Note 15.

						Other reserves
Total	Non controlling interests	Equity of secunet AG shareholders	Revenue reserves	Total other reserves	Income tax attributable to compo nents of the other com prehensive income / loss	Revaluation of defined benefit pen sion plans	Currency conversion differences from the currency conversion of financial statements of foreign subsidiaries	Reserve for treasury shares
77,962,085.52	508,157.07	77,453,928.45	51,192,282.72	-2,160,360.07	1,122,427.81	-3,439,407.20	260,359.15	-103.739,83
34,983,988.13	-127,709.24	35,111,697.37	35,111,697.37	0.00	0.00	0.00	0.00	0.00
-88,026.26	0.00	-88,026.26	0.00	-88,026.26	45,219.79	-141,356.00	8,109.95	0.00
34,895,961.87	-127,709.24	35,023,671.11	35,111,697.37	-88,026.26	45,219.75	-141,356.00	8,109.95	0.00
-10,092,423.12	0.00	-10,092,423.12	-10,092,423.12	0.00	0.00	0.00	0.00	0.00
102,765,624.27	380,447.83	102,385,176.44	76,211,556.97	-2,248,386.33	1,167,647.60	-3,580,763.20	268,469.10	-103,739.83
42,980,297.54	-117,037.17	43,097,334.71	43,097,334.71	0.00	0.00	0.00	0.00	0.00
510,454.00	0.00	510,454.00	0.00	510,454.00	-239,933.00	750,447.00	0.00	0.00
43,490,751.54	-117,037.17	43,607,788.71	43,097,334.71	510,454.00	-239,993.00	750,447.00	0.00	0.00
-16,432,535.08	0.00	-16,432,535.08	-16,432,535.08	0.00	0.00	0.00	0.00	0.00
129,823,840.73	263,410.66	129,560,430.07	102,876,356.60	-1,737,932.33	927,654.60	-2,830,316.20	268,469.10	-103,739.83

Consolidated statement of changes in equity

(according to IFRS) for the period from 1 January 2021 to 31 December 2021

For further information on the development of the Group's equity, see Note 15.

Notes to the Consolidated Financial Statements

for the 2021 financial year (according to IFRS)

General principles

Reporting company

secunet Security Networks Aktiengesellschaft (hereinafter referred to as "secunet AG" or "secunet") is registered with Essen Local Court, Germany (under HRB 13615). It is a listed company in the Prime Standard segment of the regulated market in Frankfurt. The address of the company's registered office is: secunet Security Networks Aktiengesellschaft, Kurfürstenstrasse 58, 45138 Essen, Germany.

secunet Group (hereinafter "secunet") and secunet Security Networks Aktiengesellschaft, Essen, are a German provider of high-quality cybersecurity solutions and IT security partner of the Federal Republic of Germany. secunet offers public sector clients and private sector companies a comprehensive portfolio of products and consulting services for the protection of data, infrastructures and digital identities as well as for information transmission, storage and processing. This includes, above all, network components with BSI-approved encryption technology up to the highest security level.

Declaration of compliance with IFRS

The Consolidated Financial Statements have been prepared in accordance with the International Financial Reporting Standards (IFRS) as applicable in the European Union. The requirements of Sections 315, 315e (1) of the German Commercial Code (Handelsgesetzbuch, HGB) have been met. The IFRS standards used consist of the IFRS as newly issued by the International Accounting Standards Board (IASB), the International Accounting Standards (IAS), and the interpretations of the International Financial Reporting Interpretations Committee (IFRIC) and of the Standing Interpretations Committee (SIC). All standards and interpretations issued by the IASB and applicable at the time of preparation of the Consolidated Financial Statements have been implemented, provided that they have been endorsed by the EU. In this respect the Consolidated Financial Statements of secunet AG comply with IFRS.

The Consolidated Financial Statements and the combined Management Report – Company and Group Management Report were released by the Management Board on 22 March 2022 following their preparation.

Disclosure

The Consolidated Financial Statements – as well as the Annual Financial Statements of secunet AG – are filed with the operator of the electronic Federal Gazette and subsequently announced there. They are available for download on the website https://www.secunet.com/en/about-us/investors. They may also be requested from secunet AG at the above address or inspected at the Company's business premises.

Parent company

The parent company is Giesecke + Devrient GmbH based in Munich, Germany. It holds a direct share of 75.12% in secunet AG.

Via the Consolidated Financial Statements of Giesecke + Devrient GmbH, Munich (smallest consolidated group), the Consolidated Financial Statements of secunet AG are included in the Consolidated Financial Statements of MC Familiengesellschaft mbH, Munich, which prepares the Consolidated Financial Statements for the largest group of companies. The Consolidated Financial Statements of MC Familiengesellschaft mbH and Giesecke + Devrient GmbH are filed with the operator of the electronic Federal Gazette.

First-time adoption of new and revised standards and interpretations

Compared with the Consolidated Financial Statements as at 31 December 2020, the following new and revised standards and interpretations were to be applied for the first time following the EU endorsement or entry into force of the standard / interpretation:

Standard / interpretation	Key amendment	Entry into force for financial years commenc ing on or after:
Revised standards
Amendments to IFRS 9, IAS 39, IFRS 7, IFRS 4 and IFRS 16	Interest Rate Benchmark Reform – Phase 2	1 January 2021
Amendments to IFRS 4	Extension of the Temporary Exemption from Applying IFRS 4	1 January 2021
Amendments to IFRS 16	Covid-19-Related Rent Concessions beyond 30 June 2021	1 April 2021

The application of the modified standards did not have any material impact on the Consolidated Financial Statements.

New accounting rules

The following standards and interpretations had been published at the time the Financial Statements were prepared but were either not yet required to be applied in accordance with the provisions of the respective standard or interpretation, or had not yet been endorsed by the EU.

Standard / interpretation	Key amendment	First-time adoption
New standards (EU endorsement completed by 31 December 2021)
IFRS 17	Insurance Contracts	FY 2023
Amended standards (not yet endorsed by the EU)
Amendments to IAS 1	Classification of Liabilities as Current or Non-current, including Deferral of Effective Date	FY 2023
Amendments to IAS 1	Disclosure of Accounting Policies	FY 2023
Amendments to IAS 8	Definition of Accounting Estimates	FY 2023
Amendments to IAS 12	Deferred Tax related to Assets and Liabilities arising from a Single Transaction	FY 2023
Amendments to IFRS 17	Initial Application of IFRS 17 and IFRS 19 – Comparative Information	FY 2023
Amended standards (EU endorsement completed by 31 December 2021)
Amendments to IFRS 3	Reference to the Conceptual Framework	FY 2022
Amendments to IAS 37	Cost of Fulfilling a Contract	FY 2022
Amendments to IAS 16	Proceeds before Intended Use	FY 2022
Amendments to AIP 2018 – 2020	IFRS 1, IFRS 9, IFRS 16, IAS 41	FY 2022

An early adoption of these standards and interpretations is not planned.

No material effects on the secunet Consolidated Financial Statements are expected to result from adopting the new and amended standards and interpretations.

Accounting principles

The present Consolidated Financial Statements as at 31 December 2021, with the exception of the amendments due to the first-time adoption of new or amended IAS / IFRS provisions above, have been prepared using the same accounting and measurement methods and the same methods of computation as in the previous year. Items in the balance sheet as at 31 December 2021 are classified by maturity. The income statement is based on the cost of sales method. In order to improve the clarity of presentation, various items in the consolidated balance sheet and consolidated income statement have been summarised and are explained in the notes.

The Consolidated Financial Statements of secunet AG are presented in euros. All amounts are stated in euros, unless indicated otherwise.

Consolidated Group

In addition to secunet Security Networks Aktiengesellschaft, the Consolidated Financial Statements include all associate companies that are controlled by secunet AG. Control is considered to be in place if secunet has the authority to dispose of the associate company, has a right to variable returns from participation and has the opportunity to use the authority to dispose of the associate company in a way that can influence the variable returns.

The consolidated Group has changed compared to the previous year. secunet Service GmbH was merged into secunet AG (entry in the Commercial Register of secunet AG on 21 May 2021). stashcat GmbH was included in the consolidated Group by acquisition as at the initial consolidation date of 31 May 2021.

As at 31 December 2021, the consolidated Group consisted of the parent company secunet AG and six (previous year: six) fully consolidated subsidiaries.

Company	Registered office	Equity holding	Non-controlling interests	Equity as at 31 Dec 2021	Net income for 2021
secunet International GmbH & Co. KG	Essen	100 %	0 %	97 kEUR	2,453 kEUR
secunet International Management GmbH	Essen	100 %	0 %	48 kEUR	3 kEUR
secustack GmbH	Dresden	51 %	49 %	586 kEUR	-238 kEUR
finally safe GmbH	Essen	100 %	0 %	223 kEUR	-231 kEUR
secunet s. r. o. i. L.	Prague / Czech Republic	100 %	0 %	85 kEUR	0 kEUR

In accordance with IFRS, the subsidiaries report the following figures:

The consolidated subsidiary secunet s. r. o., Prague (Czech Republic) is in liquidation. The liquidation of finally safe GmbH, Essen was rescinded with effect from 30 June 2021.

stashcat GmbH Hanover 100 % 0 % 3,476 kEUR -825 kEUR

secunet Inc., Austin, Texas (USA), 100% participation, is no longer operational and has not been consolidated since the 2002 financial year on the grounds that it is not material.

The Group's accounting and measurement policies are applied consistently to the financial statements of secunet AG and its subsidiaries included in the Consolidated Financial Statements. The reporting date for secunet AG and for all consolidated companies is 31 December 2021.

The wholly-owned subsidiary secunet International GmbH & Co. KG, which is fully included in these Consolidated Financial Statements, makes use of the exemption provisions of Section 264b HGB for the 2021 financial year with regard to disclosure requirements. secunet International Management GmbH is a partner with unlimited liability of secunet International GmbH & Co. KG.

First-time consolidation of stashcat GmbH, Hanover

In May 2021, 100% of stashcat GmbH was acquired. stashcat is a provider of secure, GDPR-compliant messaging with integrated file storage and video conferencing functionality. secunet exercises control over stashcat GmbH through the majority of voting rights as of the effective date. The company is fully consolidated. The date of initial consolidation is 31 May 2021.

The purchase price of the company was 10 million euros.

The acquisition was made with the aim of providing secunet AG's customers with an additional offering for secure and flexible communication and collaboration in companies, administrative bodies and security authorities.

The fair values of the acquired assets and liabilities recognised at the acquisition date are as follows:

in thousand euros
Intangible assets	6,473
Tangible fixed assets	235
Receivables and other assets	179
Cash and cash equivalents	143
Provisions	95
Liabilities	15
Contract liabilities	547
Deferred tax liabilities	2,072

The goodwill resulting from the business combination amounts to 5,698 thousand euros. No tax-relevant goodwill resulted from this transaction.

The goodwill is attributable to the strong market position of stashcat GmbH in the segment of GDPR-compliant communication and collaboration platforms as well as to the synergies expected from the business combination.

In the context of reporting as at 30 June 2021, only provisional values for intangible assets, goodwill and deferred taxes could be included in the Consolidated Financial Statements. After completion of the purchase price allocation, intangible assets increased by 2,105 thousand euros. At the same time, an increase of 627 thousand euros in deferred tax liabilities was recognised. The goodwill disclosed has thus decreased by 1,478 thousand euros.

For the tangible assets, receivables and other assets, liabilities, and cash and cash equivalents, the carrying amounts are considered to be a reasonable approximation of fair value.

It is considered unlikely that the trade receivables will be uncollectible.

Since the date of initial consolidation, 1,339 thousand euros in sales and -825 thousand euros in net income have been recognised for stashcat GmbH in the Consolidated Financial Statements.

If the initial consolidation had already taken place on 1 January 2021, Group sales would have totalled 338.5 million euros. Group profit would have amounted to 42.5 million euros.

Basis of consolidation

Capital consolidation is carried out in accordance with the purchase method. When consolidated for the first time, the acquisition cost of the shareholdings acquired is offset against the remeasured equity. The assets and liabilities of the acquired subsidiary are recognised at their fair values. Any remaining positive differences are capitalised as goodwill in accordance with IFRS 3 and subjected to an annual impairment test.

Non-controlling interests are initially measured at their proportionate share of the identifiable net assets of the acquired company at the time of acquisition.

Changes in the Group's interest in a subsidiary that do not result in a loss of control are accounted for as equity transactions.

Both expenses and income, and receivables and payables between the consolidated companies are eliminated. Intercompany profits are eliminated unless they are immaterial.

Write-downs of shares in consolidated companies that have been carried out in individual financial statements as well as intercompany receivables are reversed within the framework of consolidation.

Reporting currency

The Group's reporting currency is euros.

Following IAS 21 (Effects of Changes in Foreign Exchange Rates), foreign subsidiaries' Annual Financial Statements prepared in foreign currency are converted into euros in accordance with the functional currency concept. The functional currency in this context is the currency of the primary economic environment in which the subsidiary is active. In the Consolidated Financial Statements, the balance sheet items of all foreign companies are converted from the local currency into euros at the average exchange rates prevailing on the balance sheet date, as the functional currencies of the foreign subsidiaries are their local currencies; the income statement items are converted using the average exchange rate for the financial year. Equity items are translated using historical exchange rates. Differences arising from the conversion of Annual Financial Statements of foreign subsidiaries are treated without affecting the operating result and are recorded in the currency conversion reserve.

For the currency conversion, the following exchange rates were used in respect of currencies of countries not belonging to the European Monetary Union:

	2021	2020
1 EUR =	CZK	CZK
31 Dec	24.9031	26.2076
Average	24.8580	26.5082

Financial instruments

Recognition and initial measurement

Trade receivables are recognised at the time they arise. They are measured at the transaction price.

Financial assets and financial liabilities are recognised if a Group company is party to the agreement on the financial instrument. Financial assets or financial liabilities are initially recognised at the fair value. If the change in fair value is not recognised through profit or loss (FVTPL), the transaction costs directly attributable to the acquisition are added.

Classification and subsequent measurement

They are grouped into one of the following categories at the time of acquisition:

» At amortised cost
» FVOCI debt instruments (investments in debt instruments carried at fair value with changes in other comprehensive income)
» FVOCI equity instruments (equity investments carried at fair value with changes in other comprehensive income)
» FVTPL (at fair value with changes in fair value reported in profit or loss)

Financial assets are not reclassified after initial recognition unless the Group changes its business model for managing financial assets. In this case, all affected financial assets are reclassified on the first day of the reporting period following the change in the business model.

A financial asset is measured at amortised cost if the following cumulative conditions are met and it has not been designated as FVTPL:

» It is held within a business model whose objective is to hold financial assets for the purpose of collecting the contractual cash flows, and
» the contractual terms of the financial asset give rise, on specified dates, to cash flows that are solely payments of principal and interest on the principal amount outstanding.

A debt instrument is designated as FVOCI if both of the following conditions are met and it has not been designated as FVTPL:

» It is held within a business model whose objective is both to hold financial assets for the purpose of collecting the contractual cash flows and to sell financial assets; and
» its contractual terms give rise, on specified dates, to cash flows that are solely payments of principal and interest on the principal amount outstanding.

On initial recognition of an equity investment that is not held for trading purposes, the Group may irrevocably elect to report subsequent changes in the fair value of the investment in other comprehensive income. This choice is made on a case-by-case basis for each investment.

All financial assets that are not measured at amortised cost or FVOCI are measured at FVTPL. On initial recognition, the Group may irrevocably decide to designate financial assets that otherwise qualify for measurement at amortised cost or at FVOCI as FVTPL if this serves to eliminate or significantly reduce accounting mismatches.

The Group makes an assessment of the objectives of the business model in which the financial asset is held at a portfolio level. In the past, secunet Group acquired all financial instruments exclusively for the purpose of holding them to collect interest and principal payments. On this basis, it is assumed that this will also apply in the future.

For the purpose of assessing the cash flow criterion, in other words whether the contractual cash flows are exclusively interest and principal payments on the principal amount (fair value at initial recognition), the Group considers the contractual agreements relating to the instrument. This includes an assessment of whether the financial asset contains a contractual agreement that could change the timing or amount of the contractual cash flows with the effect that they no longer meet these conditions.

When making this assessment, the Group takes into account:

» specific events that would change the amount or timing of the cash flows
» conditions that would affect the interest rate, including variable interest rates
» early repayment and extension options, and
» conditions that restrict the Group's entitlement to cash flows from a particular asset (for example, no right of recourse).

An early repayment option is consistent with the criterion of exclusive interest and principal payments if the early repayment amount substantially represents unpaid amounts of principal and interest on the outstanding principal; this may include reasonable additional compensation for early termination of the contract.

In addition, a condition for a financial asset acquired at a premium or discount on the contractual nominal amount that permits or requires early repayment at an amount that substantially represents the contractual nominal amount plus accrued (but unpaid) contractual interest (which may include reasonable additional compensation for early termination of the contract) is treated as consistent with the criterion, provided the fair value of the early repayment option at the beginning is not significant.

Subsequent measurement and recognition of gains and losses

Financial assets at FVTPL

These assets are subsequently measured at fair value. Net gains and losses, including any interest or dividend income, are recognised in profit or loss.

Based on the measurement hierarchy levels stated in IFRS 13, financial assets and liabilities are measured subject to the availability of relevant information. For the first level, listed (unadjusted) market prices for identical assets and liabilities can be directly observed on active markets. On the second level, they are measured based on measurement models that assess variables that can be observed on the market. The third level does not permit the use of measurement models which rely on input factors that cannot be observed on the market.

If the input factors used to determine the fair value of an asset or a liability can be allocated to different levels of the fair value hierarchy, measurement at fair value is allocated in its entirety to the fair value hierarchy level that corresponds to the lowest input factor which is overall essential to measurement.

Financial assets that are measured at fair value through profit or loss include long-term financial instruments. These include the premium reserve shares from reinsurance contracts. Fair value of the premium reserve is measured by the insurance company and, for the vast majority of reinsurance capital, recognised actuarial processes are followed in this respect (cash method using swap interest rates plus issuer-specific risk premiums). Due to the composition of the reinsurance capital, fair value hierarchy level 2 classification has been applied.

Financial assets at amortised cost

These assets are subsequently measured at amortised cost using the effective interest method. The amortised cost is reduced by impairment losses. Interest income, foreign exchange gains and losses, and impairments are recognised in profit or loss. A gain or loss resulting from derecognition is reported accordingly.

Debt investments at FVOCI

These assets are subsequently measured at fair value. Interest income calculated using the effective interest method, foreign exchange gains and losses, and impairments are recognised in profit or loss. Other net gains and losses are recorded under other comprehensive income / loss. On derecognition, the accumulated other comprehensive income is reclassified to profit or loss.

Equity investments at FVOCI

These assets are subsequently measured at fair value. Dividends are recognised as income in profit or loss unless the dividend clearly serves to cover part of the investment cost. Other net gains and losses are recorded under other comprehensive income / loss and never reclassified to profit or loss.

Derecognition

The Group derecognises a financial asset when the contractual rights with regard to the cash flows from the financial asset expire or when it transfers the rights to receive the cash flows in a transaction in which all significant risks and rewards incidental to ownership of the financial asset are transferred.

Derecognition also takes place if the Group neither transfers nor retains all significant risks and rewards incidental to ownership and does not retain control of the transferred asset.

The Group derecognises a financial liability when the contractual obligations have been fulfilled, cancelled or have expired. Furthermore, the Group also derecognises a financial liability if its contractual terms are changed and the cash flows of the modified liability are significantly different. In this case, a new financial liability is recognised at fair value based on the revised terms.

When a financial liability is derecognised, the difference between the carrying amount of the extinguished liability and the consideration paid (including non-cash assets transferred or liabilities assumed) is recognised in profit or loss.

Cash and cash equivalents

The Group regards all highly liquid assets for which withdrawal or usage is not restricted as cash and cash equivalents. Alongside cash in hand and deposits held at call with banks, these also include short-term bank deposits with original maturities of three months or less. The measurement takes place based on the relevant nominal value.

Contract assets

Services already rendered in connection with customer projects but not yet invoiced to the customer are recorded under contract assets.

Inventories

Inventories, which consist almost exclusively of trade goods, are measured at the lower of historical cost or cost of production, or net realisable value less costs not yet incurred. Historical cost is calculated in accordance with the weighted average cost method.

Finished goods and work in progress are valued at the cost of acquisition of the materials used and the cost of production.

Property, plant and equipment

Property, plant and equipment consist not only of office and operating equipment, but generally also of assets under construction and are measured at historical cost or production cost less regular depreciation. When items of property, plant and equipment are disposed of or retired, their historical costs or production costs, accumulated depreciation and impairment are eliminated from the balance sheet and the gain or loss resulting from their sale is recognised in the income statement. Historical costs also include individually attributable additional and subsequent costs of acquisition. Purchase price reductions are offset.

Subsequent costs are only included in the asset's carrying amount or recognised as a separate asset, as appropriate, when it is probable that future economic benefits associated with the asset will flow to the Group and the cost of the asset can be reliably measured. Repairs and maintenance are charged to the income statement during the financial year in which they are incurred.

The depreciation period is based on the useful economic life and is between three and ten years. Depreciation is on a straight-line basis.

The assets' carrying amounts and useful lives are reviewed, and adjusted if appropriate, at each balance sheet date.

Intangible assets

Intangible assets with a finite useful life acquired for a consideration are measured at historical cost plus additional costs of acquisition less accumulated amortisation calculated using the straight-line method. Acquired software is amortised over three to seven years on a straight-line basis.

Costs incurred in preserving the original economic benefits of existing software systems are recognised as an expense when the maintenance work is carried out.

Internally produced intangible assets are capitalised if the criteria in IAS 38.57 are fulfilled. Amortisation of the intangible asset begins at the time of its operational readiness.

Goodwill

Goodwill represents the excess of the cost of an acquisition over the fair value of the Group's share of the net identifiable assets of the acquired company at the date of the acquisition.

Under IFRS 3 in conjunction with IAS 36 and IAS 38, goodwill is not subject to scheduled amortisation. It is instead subjected to an annual impairment test and carried at original historical cost less accumulated impairment losses.

Where a cash-generating unit is sold, the relevant share of goodwill attributable to that unit is taken into account when calculating the profit from the sale.

Impairment of assets

Assets that are subject to scheduled amortisation are reviewed for impairment whenever events or changes in circumstances indicate that the carrying amount may no longer be recoverable. An impairment loss is recognised for the amount by which the asset's carrying amount exceeds its recoverable amount. The recoverable amount is the higher of an asset's fair value less costs to sell and its value in use. For the purposes of the impairment test, assets are grouped at the lowest levels for which there are separately identifiable cash flows (cash-generating units).

Where there is an indication that the impairment no longer exists or has decreased, the impairment reversal is recognised as income in the income statement for the asset in question. There were no unscheduled impairments or impairment reversals in the reporting year.

In impairment testing, goodwill acquired in a business combination is allocated to those cash-generating units that are expected to benefit from the synergies arising from the business combination. Impairment testing is carried out on an annual basis and additionally whenever there are indications of impairment in the respective cash-generating unit.

If the carrying amount of the cash-generating unit exceeds its recoverable amount, the carrying amount of the goodwill allocated to this cash-generating unit must be reduced by the amount of the difference. Impairment losses already recognised are not reversed in this process. If the impairment of the cash-generating unit exceeds the carrying amount of the goodwill allocated to it, the remaining impairment loss is recognised by reducing, on a pro-rata basis, the carrying amounts of the cash-generating unit's identifiable assets.

Income taxes

Income taxes comprise all current taxes based on the result for the year as well as deferred taxes. In accordance with IAS 12 (Income Taxes), deferred taxes are recognised, using the liability method, for all temporary differences arising between the carrying amounts of assets and liabilities for IFRS accounting purposes and the amounts used for tax purposes. Deferred tax assets may also comprise tax reduction claims that arise from the expected use of existing loss carryforwards in subsequent years. Deferred tax assets are recognised only to the extent that it is probable that future taxable profit will be available against which the temporary differences can be utilised.

Deferred tax is calculated using the tax rates that are expected to apply at the time of realisation in accordance with the legal regulations valid at the balance sheet date. Deferred tax is recognised in the income statement as tax income or expense, except to the extent that it is directly linked to equity or items included in other comprehensive income / loss. Deferred taxes resulting from the accounting of right-of-use assets and lease liabilities are shown netted.

Leases

At the start of a contract, the Group assesses whether the contract constitutes or contains a lease. This is the case if the contract grants the right to control the use of an identified asset for a specified period of time in return for the payment of a consideration. In order to assess whether a contract contains the right to control an identified asset, the Group uses the definition of a lease in accordance with IFRS 16.

This method is applied to contracts concluded on or after 1 January 2019.

Lessee

On the date of provision or when a contract containing a lease component is amended, the Group separates the contractually agreed consideration into lease and non-lease components on the basis of the relative stand-alone selling prices.

On the date of provision, the Group recognises an asset for the right of use granted and a lease liability. The right-of-use asset is initially measured at cost, which is equal to the initial measurement of the lease liability, adjusted for payments made on or before the date of provision, plus any initial direct costs and the estimated costs of dismantling or removing the underlying asset or restoring the underlying asset or the site at which it is located, less any lease incentives received.

Subsequently, the right-of-use asset is amortised on a straight-line basis from the date of provision to the end of the lease term unless ownership of the underlying asset is transferred to the lessee at the end of the lease term or the cost of the right-of-use asset takes into account the fact that the lessee will exercise a purchase option. In this case, the rightof-use asset is depreciated over the useful life of the underlying asset, which is determined in accordance with the rules for property, plant and equipment. Additionally, the right-of-use asset is adjusted continuously – where necessary – for impairment and to take specific revaluations of the lease liability into account.

For the first time, the lease liability is recognised at the present value of the lease payments not yet made at the date of provision, discounted at the underlying interest rate of the lease or, if this cannot be readily determined, at the lessee's incremental borrowing rate. The Group normally uses its incremental borrowing rate as the discount rate.

The lease payments included in the measurement of lease liabilities comprise fixed payments, amounts that are expected to be paid on the basis of a residual value guarantee and the exercise price of a purchase option if the lessee is sufficiently certain to exercise it.

Lease payments for lease extension options are taken into account if the lessee is sufficiently certain to exercise them.

The lease liability is measured at amortised cost using the effective interest method. Interest expenses are included in the financial result, and the payments made reduce the carrying amount of the lease liability. It is remeasured if future lease payments change due to a change in the index or (interest) rate, if the lessee adjusts its estimate of the expected payments under a residual value guarantee, if the lessee changes its assessment regarding the exercise of a purchase, extension or termination option or if a de facto fixed lease payment changes.

In the case of such remeasurement of the lease liability, a corresponding adjustment is made to the carrying amount of the right-of-use asset or, if the carrying amount of the right-of-use asset has been reduced to zero, this adjustment is recognised in the income statement.

The Group has decided not to recognise right-of-use assets and lease liabilities for leases based on low-value assets and for short-term leases, including IT equipment. The lessee recognises the lease payments associated with these leases as an expense on a straight-line basis over the term of the lease.

Other provisions

Other provisions comprise all legal and constructive obligations towards third parties identifiable at the balance sheet date that are based on past events, where the amount can be reliably estimated, and where it is probable that an outflow of resources embodying economic benefits will be required to settle the obligation. The provisions are recognised in the amount of the best estimate of the expected settlement value. Possible claims for reimbursement are not offset against the provisions.

Provisions for pensions

In accordance with IAS 19, pension provisions are measured using the projected unit credit method for defined benefit plans. This means that future obligations are measured using actuarial methods to estimate the relevant variables and to determine their present value.

All actuarial gains and losses are recorded in the other comprehensive income / loss as they arise and without affecting the operating result. Reported pension provisions are based on actuarial certificates issued by an independent actuary.

Pension commitments under defined contribution plans are recognised in the relevant functional areas as expenses for employee services in the period during which the employee provides the related services.

Share-based remuneration

secunet has remuneration plans under which the members of the Management Board of secunet AG are granted virtual shares which are settled entirely in cash at the end of a four-year performance period. The fair value at the time of allocation is determined using recognised financial models and reported as an expense over the vesting period with a corresponding provision being recognised. The provision is revalued at each balance sheet date within the performance period and at the time of payment. Changes in fair value are recognised in the operating result.

Contract liabilities

Income received before the balance sheet date is deferred as a contract liability to the extent that it results in revenue after that date.

Equity

The subscribed capital is 6,500,000 euros. It is divided into 6,500,000 bearer shares without par value. All shares are fully paid.

Of secunet AG's capital reserves, 1,902,005.80 euros results from payments by the shareholder before the transformation of secunet AG into a public limited company. The price premium paid in the initial public offering accounts for 20,020,000.00 euros of the total. The capital reserves are available – subject to statutory regulations – for the purposes of offsetting any losses incurred and for capital increases from the Company's own funds.

The other reserves include the reserve for treasury shares and the other comprehensive income / loss.

Treasury shares are shares in secunet AG held by the Company itself. The acquisition of treasury shares is shown in the Consolidated Financial Statements as a change in equity (reserve for treasury shares). No gain or loss is shown in the income statement for the sale, issue or recalling of treasury shares. The consideration in such transactions is recognised in the Consolidated Financial Statements as a change in equity.

Profits from the current financial year and the previous years that are not paid out to shareholders are recognised in the revenue reserves.

Non-controlling interests

Non-controlling interests are initially measured at their proportionate share of the identifiable net assets of the acquired company at the time of acquisition.

The non-controlling interests' share of the Group profit or loss leads to an increase or decrease in the non-controlling interests.

Changes in the Group's interest in a subsidiary that do not result in a change of control are accounted for as equity transactions.

Sales revenue recognition

secunet Group realises its revenue through the sale of hardware, licences, service and maintenance, both separately and in product bundles, and through the provision of services as part of service and work contracts. Payments are typically due within 30 – 90 days.

I. Separate sale of hardware or licences

For the separate sale of hardware or licences, the breakdown into contractual obligations is unnecessary, since each respective individual sale represents a contractual obligation. With regard to the sale of hardware, revenue is recognised in line with IFRS 15 at the time at which the customer takes control of the asset. In the case of licence transfers, IFRS 15 necessitates an assessment as to whether the customer receives access or a right of use as a result. This shall determine whether sales revenue is recognised over time or at a point in time.

II. Sale of product bundles

The sale of product bundles is a transaction involving multiple elements according to IFRS 15. IFRS 15 requires the separable, independent contractual obligations within a product bundle to be identified in the case of multiple-element transactions. Subsequently, it must be determined whether the revenue is recognised over time or at a point in time for each of these contractual obligations. When doing so, the focus should be on the general principles for sales revenue recognition, as outlined above.

For the services included in the product bundles (for example, software subscription, Service Level Agreements, support services or extended warranties), discretionary decisions must be used to determine whether these are separate respective contractual obligations or whether these services form a service bundle in combination with another contractual obligation from the product bundle.

III. Provision of services

The provision of services occurs both on the basis of service contracts and on the basis of work contracts within the Group.

Service contracts

Generally, consulting services involving the temporal coincidence of service provision and service consumption are provided in the form of service contracts. According to the nature of a service contract, it is the provision of the service that is owed, rather than the result.

Pursuant to IFRS 15.35, the service in these cases is recognised over the period during which the service is provided in accordance with the share of the total service provided (output-oriented).

Work contracts

With respect to the work contracts, the result is owed, which constitutes a distinguishing characteristic between these and the service contracts, meaning that in the wider sense, an asset is created for the customer. The Group has no alternative way to use this asset. The Group uses this type of contract to cover mainly customer-specific software developments, but also licence sales with extensive customisation.

In the case of these work contracts, the sales revenue must be recognised in relation to the percentage of completion (IFRS 15.39). The percentage of completion is estimated on the basis of the costs incurred in relation to the expected total costs (input-oriented).

Assumptions and estimates

In the preparation of the Consolidated Financial Statements, assumptions and estimates were made that affected the reported amounts of assets, liabilities, income and expenses. These assumptions and estimates relate primarily to an estimate of the useful life for depreciable tangible and intangible assets (see Notes 3 and 4), the impairment of receivables (see Note 2), the recognition and measurement of provisions (see Notes 12 and 13), the capitalisation of deferred taxes on loss carryforwards (see Note 9) and the recognition of revenue in the case of services (see section on sales revenue recognition in this Chapter). For the purposes of calculating the value in use of the cash-generating units, as part of the impairment test for the goodwill, estimates and assumptions are required for determining the future cash flows from the cash-generating unit and for calculating the discount interest rate (see Note 6). Estimates and assumptions also play a role in the purchase price allocation within the scope of initial consolidations. Here, particularly in the determination of the discount interest rate for the useful life and the determination of licence fees. Actuarial gains and losses from the pension provision calculation are recorded in other comprehensive income / loss without affecting the operating result. In some cases, actual results may differ from these estimates and assumptions. Changes are taken into account in the income statement at the time when better knowledge becomes available.

In the year under review, the coronavirus pandemic did not have a negative impact overall on secunet Group's business performance. In particular, increased demand for products and solutions from the SINA product family, in response to changes in the organisation of work by German authorities, led to higher revenue and earnings. Furthermore, the impairment tests performed on goodwill (see Note 6), other intangible assets and property, plant and equipment (see Notes 3 and 4), deferred tax assets (see Note 9), trade receivables and contract assets (see Note 2) did not result in any impairment losses in this connection.

Climate change does not give rise to any risks or opportunities for secunet AG's business.

Grants

In accordance with the option provided by IAS 20.24 and IAS 20.27, government grants for assets are offset directly against the acquisition/production costs of the subsidised asset and thus represent a reduction in the cost of acquisition. The grants are recognised on a pro-rata basis in the income statement in the form of lower depreciation. In the 2021 financial year, grants amounting to 0.9 million euros were received (previous year: 3.7 million euros).

Other grants are recognised as income in the period in which the entitlement arises.

Discretionary decisions

Discretion is exercised when determining cash-generating units for the purpose of goodwill impairment testing (see Note 6), when categorising financial assets and liabilities (see Notes 2 and 8) and when determining interest rates for lease accounting (see Note 5).

Notes to the balance sheet

The balance sheet is classified into non-current and current assets and liabilities. Assets and liabilities due within one year are recognised as current.

In accordance with IAS 12, deferred tax balances are recognised as non-current assets and liabilities.

1. Cash and cash equivalents

Cash and cash equivalents comprise cash in hand and bank balances.

The movement in cash and cash equivalents is shown in the consolidated cash flow statement.

2. Receivables and other assets, contract assets

The trade receivables amount to 33,278,737.26 euros (previous year: 52,158,122.74 euros).

In the year under review, contract assets of 3,946,989.09 euros (previous year: 4,154,705.96 euros) were reported for services already rendered in connection with customer projects but not yet invoiced (thereof 38,657.00 euros to affiliated companies; previous year: 5,085.00 euros).

Intercompany financial assets amount to 124,011.53 euros (previous year: 134,047.27 euros) and, as in the previous year, result in full from trade receivables.

The maturities of all the trade receivables are as follows:

Days overdue

in euros	31 Dec 2021	31 Dec 2020
Not due	25,029,871.30	38,913,394.30
1 – 30	8,221,109.00	11,063,253.00
31 – 90	15,376.00	2,158,401.28
91 – 180	36,695.00	90,094.22
181 – 360	70,435.00	64,876.00
> 360	108,783.00	132,543.00
Total	33,482,269.30	52,422,561.80

The valuation allowance for trade receivables and contract assets was as follows:

in euros	2021	2020
As at 1 Jan	130,391.79	66,988.46
Amounts written off	-11,839.28	-14,250.00
Revaluation of allowances	-39,032.00	77,653.33
As at 31 Dec	79,520.51	130,391.79

A specific valuation allowance is posted to a separate valuation allowance account in cases where receivables are clearly overdue (> 180 days) and owed from non-public-sector clients or in the event of special information in individual cases. The receivable is derecognised in the income statement in the event of established insolvency or in cases where the receivable is estimated to be irrecoverable for other reasons.

In the case of trade receivables from third parties that are not subject to a specific valuation allowance, an allowance is calculated on a collective basis for the amount of the expected credit losses over the term of the receivables. Calculation of the expected losses on a collective basis is based on an impairment matrix containing an analysis of historical data over the last five years. The collective allowance is already to be recognised by applying historical data when the trade receivable from third parties is initially recognised and is to be adjusted at each reporting date on the basis of current information and expectations.

Receivables and other assets that are not yet due and not individually impaired are assessed by the Management Board to be recoverable. This assessment is based on past experience, the customer structure and long-term business relationships.

Additions to and reversal of valuation allowances are disclosed separately in the income statement under the item "Impairment reversals/impairment losses on trade receivables and contract assets".

The other current and non-current assets totalling 9,732,155.75 euros (previous year: 7,618,459.54 euros) predominantly concern other receivables from suppliers, advance payments for travel expenses, prepayments for future services and other receivables. No impairments were made.

3. Property, plant and equipment

The changes in property, plant and equipment may be summarised as follows:

	2021			2020
in euros	Assets under construction	Office and operating equipment	Property, plant and equipment	Assets under construction	Office and operating equipment	Property, plant and equipment
Accumulated historical cost as at 1 Jan	18,509.84	19,995,077.88	20,013,587.72	0.00	17,391,001.05	17,391,001.05
Change in the consolidated Group	0.00	392,807.50	392,807.50	0.00	0.00	0.00
Additions	41,683.38	4,418,386.89	4,460,070.27	18,509.84	3,391,703.59	3,410,213.43
Reclassifications	-18,509.84	18,509.84	0.00	0.00	0.00	0.00
Disposals	0.00	-1,193,285.75	-1,193,285.75	0.00	-787,626.76	-787,626.76
As at 31 Dec	41,683.38	23,631,496.36	23,673,179.74	18,509.84	19,995,077.88	20,013,587.72

Accumulated depreciation as at 1 Jan	0.00	13,668,834.88	13,668,834.88	0.00	11,672,831.05	11,672,831.05
Change in the consolidated Group	0.00	157,511.36	157,511.36	0.00	0.00	0.00
Additions	0.00	3,375,239.87	3,375,239.87	0.00	2,758,424.59	2,758,424.59
Disposals	0.00	-1,157,549.75	-1,157,549.75	0.00	-762,420.76	-762,420.76
As at 31 Dec	0.00	16,044,036.36	16,044,036.36	0.00	13,668,834.88	13,668,834.88
Carrying amount as at 31 Dec	41,683.38	7,587,460.00	7,629,143.38	18,509.84	6,326,243.00	6,344,752.84

There were no restrictions on disposal or fixed assets pledged to lenders.

4. Intangible assets

The changes in intangible assets may be summarised as follows:

	2021
in euros	Internally generated intangible assets	Purchased intangible assets	Advance payments for intangible assets	Total intangible assets
Accumulated historical cost as at 1 Jan	6,280,250.00	6,444,595.19	0.00	12,724,845.19
Change in the consolidated Group	0.00	7,023,324.04	0.00	7,023,324.04
Additions	1,196,455.00	220,890.61	0.00	1,417,345.61
Disposals	0.00	-66,978.89	0.00	-66,978.89
As at 31 Dec	7,476,705.00	13,621,830.95	0.00	21,098,535.95

Accumulated depreciation as at 1 Jan	1,672,500.00	2,846,548.66	0.00	4,519,048.66
Change in the consolidated Group	0.00	550,224.04	0.00	550,224.04
Additions	947,092.00	1,903,119.33	0.00	2,850,211.33
Disposals	0.00	-54,952.89	0.00	-54,952.89
As at 31 Dec	2,619,592.00	5,244,939.14	0.00	7,846,531.14
Carrying amount as at 31 Dec	4,857,113.00	8,376,891.81	0.00	13,234,004.81

	2020
in euros	Internally generated intangible assets	Purchased intangible assets	Advance payments for intangible assets	Total intangible assets
Accumulated historical cost as at 1 Jan	5,215,932.00	4,658,554.23	863,674.43	10,738,160.66
Additions	1,064,318.00	924,512.73	0.00	1,988,830.73
Reclassifications	0.00	863,674.43	-863,674.43	0.00
Disposals	0.00	-2,146.20	0.00	-2,146.20
As at 31 Dec	6,280,250.00	6,444,595.19	0.00	12,724,845.19
Accumulated depreciation as at 1 Jan	869,700.00	1,696,303.70	0.00	2,566,003.70
Additions	802,800.00	1,152,391.16	0.00	1,955,191.16
Disposals	0.00	-2,146.20	0.00	-2,146.20
As at 31 Dec	1,672,500.00	2,846,548.66	0.00	4,519,048.66
Carrying amount as at 31 Dec	4,607,750.00	3,598,046.53	0.00	8,205,796.53

Regular depreciations are recorded under the area of activity associated with the asset. As in the previous year, there were no unscheduled depreciations in the year under review.

In connection with the development of internally generated intangible assets, and after the deduction of grants in accordance with IAS 20.27, development costs totalling 1,196,455.00 euros were capitalised (previous year: 1,064,318.00 euros), as the requirements of IAS 38.57 were met in full. Since October 2021, initial revenues have been generated with company-produced and capitalised assets. The time of operational readiness has thus been reached and scheduled depreciation is taking place on a straight-line basis over the estimated useful life.

5. Leases

The development of right-of-use assets and lease liabilities is as follows:

Development of lease liabilities

	2021
in euros	Rented buildings	Vehicles	Short-term leases	Low-value leases	Total
As at 1 Jan	17,597,107.50	923,869.72	0.00	0.00	18,520,977.22
Additions	1,958,589.32	523,002.61	0.00	0.00	2,481,591.93
Lease payments	-3,217,719.10	-582,610.11	-86,438.88	-185,703.28	-4,072,471.37
Interest expense	202,477.05	5,393.94	0.00	0.00	207,870.99
As at 31 Dec	16,540,454.77	869,656.16	0.00	0.00	17,410,110.93

	2020
in euros	Rented buildings	Vehicles	Short-term leases	Low-value leases	Total
As at 1 Jan	16,761,464.58	775,765.52	0.00	0.00	17,537,230.10
Additions	3,786,679.89	660,638.34	0.00	0.00	4,447,318.23
Lease payments	-3,166,755.05	-521,171.88	-101,712.87	-62,097.91	-3,851,737.71
Interest expense	215,718.08	8,637.74	0.00	0.00	224,355.82
As at 31 Dec	17,597,107.50	923,869.72	0.00	0.00	18,520,977.22

For a maturity analysis of the lease liabilities as at 31 December 2021, see Note 10 Liabilities.

Development of right-of-use assets

	2021
in euros	Rented buildings	Vehicles	Total
As at 1 Jan	17,416,583.41	918,498.89	18,335,082.30
Additions	1,958,589.32	523,002.61	2,481,591.93
Depreciation and amortisation	-3,135,321.01	-572,312.65	-3,707,633.66
As at 31 Dec	16,239,851.72	869,188.85	17,109,040.57

	2020
in euros	Rented buildings	Vehicles	Total
As at 1 Jan	16,459,764.40	771,840.46	17,231,604.86
Additions	3,786,679.89	660,638.34	4,447,318.23
Depreciation and amortisation	-2,829,860.88	-513,979.91	-3,343,840.79
As at 31 Dec	17,416,583.41	918,498.89	18,335,082.30

Presentation of undiscounted payment obligations from existing lease agreements

in euros	31 Dec 2021	31 Dec 2020
Up to 1 year	3,791,516.89	292,854.73
1 to 5 years	10,184,394.16	14,242,982.19
More than 5 years	4,116,469.16	5,265,236.00
Total	18,092,380.21	19,801,072.92

Payments amounting to 5,576,124.00 euros (previous year: 4,552,917.00 euros) may be due in the next few years for rental options not yet recognised in the balance sheet.

6. Goodwill

The breakdown of the goodwill carrying amount by segment is as follows:

	2021				2020
in euros	Public Sector	Business Sector	Total	Public Sector	Business Sector	Total
Accumulated historical cost as at 1 Jan	3,325,331.00	1,299,700.00	4,625,031.00	3,325,331.00	1,299,700.00	4,625,031.00
Change in the consolidated Group	5,697,935.13	0.00	5,697,935.13	0.00	0.00	0.00
Additions	0.00	0.00	0.00	0.00	0.00	0.00
Disposals	0.00	0.00	0.00	0.00	0.00	0.00
As at 31 Dec	9,023,266.13	1,299,700.00	10,322,966.13	3,325,331.00	1,299,700.00	4,625,031.00

Accumulated depreciation as at 1 Jan	0.00	0.00	0.00	0.00	0.00	0.00
Additions	0.00	0.00	0.00	0.00	0.00	0.00
Disposals	0.00	0.00	0.00	0.00	0.00	0.00
As at 31 Dec	0.00	0.00	0.00	0.00	0.00	0.00
Carrying amount as at 31 Dec	9,023,266.13	1,299,700.00	10,322,966.13	3,325,331.00	1,299,700.00	4,625,031.00

Goodwill was allocated to the cash-generating units based on expected synergies from the respective business combination. These cash-generating units represent the lowest reporting level in the Group at which goodwill can be monitored by the management for internal management purposes. The cash-generating units correspond to the segments.

secunet Group is split into two divisions: the Public Sector division and the Business Sector division.

In testing goodwill for impairment in accordance with IAS 36, the recoverable amount of the individual cash-generating unit is determined by its value in use. The test takes place annually as at 31 December. The value in use is calculated from the discounted cash flows of the relevant unit. Cash flows are derived from the EBIT determined as part of the annual planning adopted by the Management Board and approved by the Supervisory Board. This is reconciled to Noplat (net operating profit less adjusted taxes) and adjusted for depreciation and investments. A discount rate (WACC) of 8.1% was used for these calculations (previous year: 8.1%).

A risk-free interest rate (based on market data) of -0.2% (previous year: -0.2%), a market risk premium of 7.5% (previous year: 7.5%) and a beta factor of 1.1 (previous year: 1.1) are used to calculate the discount rate. Since the Company largely operates in the European Economic Area, standardised parameters are used for all cash-generating units. The underlying projections employed for the test are based on a period of three years and take into account past experience and the management's expectations regarding the future development of the market, while also considering growth in the detailed planning period. Projections further into the future are made by extrapolating cash flows in perpetuity, while factoring in a growth rate of 0.5% (previous year: 0.5%) for value in use.

As the discounted cash flows exceeded the carrying amounts of the goodwill, no impairment of goodwill was necessary. As part of a sensitivity analysis, the risk premium was increased by 1% and flat-rate discounts of 20% were applied to the expected cash flows from the individual cash-generating units. Even under these conditions there was no need for impairment with regard to any of the goodwill allocated to the cash-generating units.

7. Inventories

in euros	31 Dec 2021	31 Dec 2020
Trade goods	47,797,424.15	25,361,467.93
Finished goods	231,853.10	1,211,635.00
Work in progress	502,058.35	1,208,442.00
Advance payments	1,541,752.65	117,180.48
Total	50,073,088.25	27,898,725.41

Trade goods are measured at historical cost calculated using a sliding average.

The production costs of finished goods and work in progress are valued at the cost of acquisition of the materials used and the cost of production.

In order to safeguard the sustained growth in the product business, the inventory level has increased by 22.2 million euros.

During the reporting year, value adjustments for trade goods resulted in an expense in the amount of 134 thousand euros (previous year: 1,302 thousand euros).

8. Non-current financial assets

The premium reserve shares from reinsurance contracts shown under non-current financial assets amount to 6,414,381.00 euros (previous year: 6,275,349.00 euros). This increase is a result of the regular contributions and credit notes issued on income by the insurance companies. Disbursements for pension payments have a counteracting effect.

These reinsurance contracts deal with the reinsurance of the existing defined benefit obligations related to current and former secunet employees from pension commitments assumed from previous employers. The existing reinsurance contracts are not plan assets as defined under IAS 19.

9. Deferred taxes

The Group has loss carryforwards amounting to 4,236 thousand euros (previous year: 3,249 thousand euros), which relate exclusively to domestic companies, as in the previous year.

No deferred tax assets were formed on losses amounting to 2,680 thousand euros (previous year: 2,680 thousand euros), as it is not expected that these loss carryforwards will be realised in the short to medium term. They do not expire. Deferred tax claims not recognised totalled 857 thousand euros (previous year: 852 thousand euros).

Deferred tax assets of 1,427 thousand euros (previous year: 588 thousand euros) were formed on losses amounting to 456 thousand euros (previous year: 188 thousand euros). There is sufficient substantial evidence of future taxable earnings to allow capitalisation. The losses do not expire.

A tax rate of 31.98%, or 16.15% for partnerships, was used to calculate deferred taxes (previous year: 31.99%, or 16.16% for partnerships). The average trade income tax rate changed slightly due to the difference in the weighting of wage payments. The tax rate for deferred taxes includes trade tax and corporate tax plus solidarity surcharge.

The breakdown of deferred taxes recognised in the balance sheet is as follows:

Balance sheet entry

in euros	31 Dec 2021	31 Dec 2020
Deferred tax assets
from provisions for pensions	1,576,943.07	1,753,003.69
from goodwill	21,749.28	26,564.82
from intangible assets	41,574.00	41,587.00
from tangible fixed assets	3,259.40	7,339.15
from leases as defined by IFRS 16	96,282.51	115,450.31
from loss carryforwards	456,380.16	187,986.74
from other items	484,415.48	247,450.03
	2,680,603.90	2,379,381.74
Deferred tax liabilities
from trade receivables and contract assets	-169,470.34	-90,357.04
from intangible assets	-3,548,939.24	-1,649,667.36
from goodwill	-37,022.93	-22,890.12
from tangible fixed assets	-51,306.15	-50,176.32
from other items	-446,933.29	0.00
	-4,253,671.95	-1,813,090.84
Total	-1,573,068.05	566,290.90

Deferred tax assets of 1,993 thousand euros (previous year: 2,215 thousand euros) and deferred tax liabilities of 2,014 thousand euros (previous year: 1,365 thousand euros) were formed for items with a term of more than 12 months.

No deferred taxes were recognised on temporary differences amounting to 1 thousand euros (previous year: 76 thousand euros) in connection with shares in subsidiaries.

The changes in deferred taxes in the income statement may be summarised as follows:

Income statement for expenses / income

in euros	1 Jan – 31 Dec 2021	1 Jan – 31 Dec 2020
Deferred tax assets
from provisions for pensions	63,932.33	-31,081.27
from goodwill	-4,815.54	-4,720.47
from intangible assets	-13.00	-5,996.95
from tangible fixed assets	-4,079.75	-4,046.60
from leases as defined by IFRS 16	-19,167.80	18,037.28
from loss carryforwards	268,393.42	-9,772.09
from other items	236,965.45	67,872.49
	541,215.11	30,292.39
Deferred tax liabilities
from trade receivables and contract assets	-79,113.30	85,647.06
from intangible assets	172,458.12	-19,879.13
from goodwill	-14,132.81	-14,169.30
from tangible fixed assets	-1,129.83	-26,145.41
from other items	-446,933.29	44,707.77
	-368,851.11	70,160.99
Income from deferred taxes	172,364.00	100,453.38

In the 2021 financial year, a deferred tax expense of 239,992.95 euros was recorded under other comprehensive income / loss (previous year: tax income of 45,219.79 euros). Within the scope of the initial consolidation of stashcat GmbH, deferred tax liabilities of 2,071,730.00 euros were recognised on intangible assets.

10. Liabilities

The intercompany payables relate to trade accounts payable (102,952.71 euros (previous year: 75,120.94 euros)). The carrying amounts of trade payables and other liabilities correspond to the nominal value.

Other current liabilities break down as follows:

in euros	31 Dec 2021	31 Dec 2020
Payable value-added tax	3,657,780.38	5,194,002.34
Payable wage income tax and church tax	787,687.54	697,783.87
Payable social security contributions	14,861.25	17,613.03
Other liabilities	86,396.44	88,334.51
Total	4,546,725.61	5,997,733.75

The maturities of the liabilities are as shown below:

		Total	Remaining term Remaining term up to 1 year of 1 year to 5 years		Remaining term of over 5 years
in euros	2021	2020	2021	2020	2021	2020	2021	2020
Trade accounts payable	23,276,779.95	25,513,127.45	23,276,779.95	25,513,127.45	0.00	0.00	0.00	0.00
Intercompany payables	102,952.71	75,120.94	102,952.71	75,120.94	0.00	0.00	0.00	0.00
Lease liabilities	17,410,110.93	18,520,977.22	3,132,248.03	3,279,197.45	10,018,035.28	10,509,054.90	4,259,827.62	4,732,724.87
Income tax liabilities	9,105,676.54	12,897,980.39	9,105,676.54	12,897,980.39	0.00	0.00	0.00	0.00
Other current liabilities	4,546,725.61	5,997,733.75	4,546,725.61	5,997,733.75	0.00	0.00	0.00	0.00
Contract liabilities	50,983,035.47	43,217,024.03	20,889,875.70	14,673,571.17	30,093,159.77	28,543,244.72	0.00	208.14

11. Contract balances

The following table presents information on receivables, contract assets and contract liabilities for customer contracts:

in euros	31 Dec 2021	31 Dec 2020
Trade receivables	33,278,737.26	52,158,122.74
Contract assets	3,946,989.09	4,154,705.96
Contract liabilities	50,983,035.47	43,217,024.03

The contract assets include services already rendered under work or service contracts but not yet invoiced to the customer. No value adjustments had to be recognised in this regard in the financial year.

The contract assets are transferred to receivables when the customer is invoiced.

The contract liabilities include customer payments that are recognised as revenue after the balance sheet date. This item contains transactions where the Group generates cash inflow in advance due to multiple-year maintenance and support contracts and extended warranties or receives advance payments for later supplies or services. The sales revenue is generated over a period corresponding to the maturities reported in Note 10.

The contract liabilities developed as follows in the financial year:

in euros	2021	2020
As at 1 Jan	43,217,024.03	29,817,985.38
Recognised in sales revenue	-14,673,571.17	-10,731,592.00
Additions due to initial consolidation	546,718.31	0.00
Additions from payments received	21,892,864.30	24,130,630.65
As at 31 Dec	50,983,035.47	43,217,024.03

12. Provisions for pensions

in euros	2021	2020
Opening balance as at 1 Jan	8,580,576.47	8,229,598.00
Benefits paid	-68,329.00	-77,670.00
Additions	268,245.53	287,292.47
Addition not affecting profit / loss in other income	-750,447.00	141,356.00
Closing balance as at 31 Dec	8,030,046.00	8,580,576.47

Provisions for pensions and similar liabilities are formed on the basis of the Group company's individual contract commitments towards its employees. 25 current and former employees of secunet Group who were employed at other companies in the past are entitled to a pension (previous year: 25 employees). The 25 pensionable persons consist of 22 candidates and three pension beneficiaries.

As a result of business combinations and taking over of employees from other companies, the Company has a variety of pension plans. These can largely be split into two types of plans.

The first type of plan grants the beneficiary a defined percentage (between 0.6% and 1.5%) of remuneration as an old-age pension, for each year of service. In the second type of plan, the beneficiary is granted a fixed component for the old-age pension.

Both types of plan allow for early retirement taking reductions in benefits into account.

Both plans include a disability pension and a widow's and orphans' pension.

The certificates for the eligible employees of secunet Group as at 31 December 2021 are based on trend assumptions of 2.5% for salary growth (previous year: 2.5%), pension growth of 1.7% p. a. (previous year: 1.7% p. a.), a rate of inflation of 2.0% p. a. (previous year: 2.0% p. a.) and an actuarial interest rate of 1.2% p. a. (previous year: 0.75% p. a.). Prof Klaus Heubeck's 2018 G mortality tables were used as the basis for the calculation.

To determine the actuarial interest rate, a yield curve as at the balance sheet date is derived using bootstrapping based on corporate bonds with an AA rating. The actuarial interest rate is calculated by matching the yield curve with the actual term of the obligations.

The parameters were set based on the data from December 2021.

Sensitivity analysis

	2021			2020
Valuation parameter	Sensitivity	Baseline value	Effect on provisions (in thousand euros)	Baseline value	Effect on provisions (in thousand euros)
Actuarial interest	+ 1.00 %	1.20 %	-1,409	0.75 %	-1,605
Actuarial interest	- 1.00 %	1.20 %	1,857	0.75 %	2,144
Salary growth	+ 0.50 %	2.50 %	132	2.50 %	155
Salary growth	- 0.50 %	2.50 %	-127	2.50 %	-148
Pension growth	+ 0.50 %	1.70 %	646	1.70 %	715
Pension growth	- 0.50 %	1.70 %	-474	1.70 %	-518
Life expectancy	+ 1 year	Heubeck 2018 G	311	Heubeck 2018 G	353
Life expectancy	- 1 year	Heubeck 2018 G	-308	Heubeck 2018 G	-347

The sensitivity calculations are based on the average terms of the pension obligations as at 31 December 2021. Separate calculations were performed for all actuarial parameters considered to be material, so as to separately show the effects on the present value of defined benefit obligations as at 31 December 2021. Since the sensitivity analyses are based on the average duration of expected pension obligations, and expected payment deadlines are therefore not considered, they can only provide rough information or statements on trends.

The evaluation and definition of the parameters are at the discretion of the Management Board.

Changes to the defined benefit obligations in the reporting year were as follows:

in euros	2021	2020
As at 1 Jan	8,580,576.47	8,229,598.00
Current service cost	204,151.53	193,116.00
Interest expense	64,094.00	94,176.00
Actuarial gains and losses from
experience-based adjustments	20,636.00	-244,735.53
changes to financial assumptions	-771,083.00	386,092.00
Benefits paid	-68,329.00	-77,670.00
As at 31 Dec	8,030,046.00	8,580,576.47

Of the defined benefit obligations, 64.00% (previous year: 63.60%) relate to active claimants. 14.80% (previous year: 14.80%) relate to claimants who have left and 21.24% (previous year: 21.64%) relate to pension beneficiaries. Pension commitments do not expire.

The weighted average duration of the defined benefit obligations up to 31 December 2021 is 20.0 years (previous year: 22.0 years).

Costs arising from the defined benefit obligations and included in the income statement are broken down as follows:

in euros	2021	2020
Current service cost	204,151.53	193,116.00
Interest expense	64,094.00	94,176.00
Cost for the year	268,245.53	287,292.00

In line with actuarial certificates, expenses arising from the commitments are distributed over the service life of employees and consist of the interest expenses and the service expenses. Interest expenses are included in the financial result, and the service expenses are shown under personnel expenditure in the respective functional areas.

In the reporting year, pension payments of 68,329.00 euros (previous year: 77,670.00 euros) were paid directly by the employer.

The defined benefit obligation is offset by premium reserve shares from reinsurance contracts in the amount of 6,414,381.00 euros (previous year: 6,275,349.00 euros), which do not represent plan assets under IAS 19.

A pension provision of 8,236,427 euros is expected as at 31 December 2022, based on an annual expense of 282,842 euros and planned pension payments of 76,461 euros.

In the reporting year, secunet Group paid contributions of 4,008 thousand euros (previous year: 3,727 thousand euros) into the statutory pension insurance plan, which is regarded as a defined contribution plan. In the case of defined contribution pension plans, there are no further obligations beyond the payment of contributions.

13. Other provisions

The changes in other provisions are shown in the table below:

1 Jan 2021	Utilisation	fication	Released	Additions	31 Dec 2021

397,037.00	0.00		0.00	56,595.00	453,632.00
0.00	0.00	877,552.17	0.00	430,196.23	1,307,748.40
0.00	0.00	0.00	0.00	545,089.00	545,089.00
397,037.00	0.00	877,552.17	0.00	1,031,880.23	2,306,469.40

14,709,657.00	-14,282,049.20	0.00	-427,607.80	19,012,837.00	19,012,837.00
1,503,536.32	0.00	0.00	0.00	285,288.06	1,788,824.38
1,361,242.49	-1,268,064.06	0.00	-51,338.27	738,729.27	780,569.43
877,552.17	0.00	-877,552.17	0.00	0.00	0.00
422,000.00	0.00	0.00	0.00	149,000.00	571,000.00
0.00	0.00	0.00	0.00	384,000.00	384,000.00
277,920.00	0.00	0.00	0.00	0.00	277,920.00
189,000.00	-189,000.00	0.00	0.00	260,150.00	260,150.00
658,844.00	-398,000.00	0.00	0.00	845,728.76	1,106,572.76
19,999,751.98	-16,137,113.26	-877,552.17	-478,946.07	21,675,733.09	24,181,873.57
20,396,788.98	-16,137,113.26	0.00	-478,946.07	22,707,613.32	26,488,342.97
			Reclassi

The provision formed in the previous year for warranties and goodwill in the product and project business was not utilised in the 2021 financial year.

The provision for asset retirement and maintenance measures essentially involves asset retirement and maintenance measures to be performed by the Company for the leased properties in Essen, Dresden, Hanover and Munich.

Overall provisions have been represented at the level of the expected realisation arising from the risks.

The estimation of the probability of occurrence for the expected realisation of the provisions is at the discretion of the Management Board.

14. Share-based remuneration

A Performance Share Plan (PSP) was launched for the members of the Management Board as of 1 January 2021. This is a long-term variable remuneration component.

The PSP is granted in annual tranches with a four-year performance period. At the beginning of each tranche, a number of virtual shares are initially allocated provisionally on the basis of the average share price of the last 30 trading days prior to the allocation date. The number of virtual shares finally allocated to the Management Board members at the end of the term of a tranche depends on the development of the respective performance criteria within the respective performance period. The amount of the payouts is determined by multiplying the adjusted number of virtual shares by the average share price of the last 30 trading days before the end of the four-year performance period. The final number of virtual shares at the time of payment may therefore differ from the number of virtual shares provisionally granted.

Under the Performance Share Plan for the performance period 2021 – 2024, a total of 1,866 virtual shares were granted to the members of the Management Board.

The final number of virtual shares at the end of the four-year performance period is determined by the three linked performance criteria of relative total shareholder return (TSR – measure of the development of the value of a shareholding over a certain period of time, in terms of share price development and dividends), achievement of strategic targets and sustainability, for which the Supervisory Board establishes target and threshold values before granting a new tranche.

A recognised financial model ("Monte Carlo simulation") is used to determine the fair values of the virtual shares to be settled in cash, which are the basis for determining the provision as at the balance sheet date.

The following parameters were used in the calculation as at 31 December 2021:

Parameter	Value
Term	4 years
Share price of secunet AG as at the reporting date	413.50 euros
Dividend paid to date	2.54
Risk-free interest rate (determined by the Svensson method)	-0.62 %
Expected volatility of the secunet share (derived from historical volatilities)	54.93 %

Assumptions regarding correlations between the secunet share price and the performance of the TecDAX were determined on the basis of historical share price and index developments. The fair value of the secunet share is 455.30 euros (uncapped) and 291.96 euros (capped).

The tranche for the performance period 2021 – 2024 has a remaining term of 3 years.

A long-term provision of 545 thousand euros (previous year: 0 thousand euros) was recognised as a liability for sharebased remuneration as at the balance sheet date.

15. Equity

The development of the Group's equity is shown in the consolidated statement of changes in equity.

As in the previous year, secunet AG holds 30,498 treasury shares as at the balance sheet date. This corresponds to a share of 0.469% of the subscribed capital.

The subscribed capital remains unchanged at 6,500,000.00 euros. It is divided into 6,500,000 bearer shares without par value. All shares are fully paid. Calculated on Group profit for the period attributable to the shareholders of secunet AG of 43,097,334.71 euros, diluted and undiluted earnings per share were 6.66 euros per share (6,469,502 shares), compared with 5.43 euros (6,469,502 shares) in the previous year.

The minority interests developed as follows in the financial year:

in euros	2021	2020
Opening balance as at 1 Jan	380,447.83	508,157.07
Share in net income	-117,037.17	-127,709.24
Closing balance as at 31 Dec	263,410.66	380,447.83

The number of shares outstanding remained unchanged, at 6,469,502 shares. Each share grants the holder one voting right and, in the event of a distribution, an equivalent dividend entitlement.

secunet AG's capital reserves were unchanged from the previous year, with 1,902,005.80 euros of the total resulting from payments by the shareholder before the transformation of secunet AG into a public limited company. The price premium paid in the initial public offering accounts for 20,020,000.00 euros of the total. The capital reserves are available – subject to statutory regulations – for the purposes of offsetting any losses incurred and for capital increases from the Company's own funds.

The other reserves consist of the reserve for treasury shares and the other comprehensive income / loss.

The reserve for treasury shares consists of the historical cost of the shares of the Company held by the Group. The Company currently holds 30,498 of its own shares.

Other comprehensive income/loss consists of currency conversion differences from the currency conversion of financial statements of foreign subsidiaries, actuarial gains and losses as part of pension provision calculation as well as deferred taxes.

Revenue reserves increased by 76,211,556.97 euros to 102,876,356.60 euros compared to the previous year's figure. This increase was based on the Group profit for the period attributable to the shareholders of secunetAG of 43,097,334.71 euros, less the dividend payments of 16,432,535.08 euros paid during the reporting year and the adjustment of revenue reserves due to consolidation effects.

Appropriation of the balance sheet profit

From the balance sheet profit of 16,432,535.08 euros reported for the 2020 financial year in the Annual Financial Statements under commercial law, dividends of 2.54 euros per share (amounting to a total of 16,432,535.08 euros) were distributed in the 2021 financial year in accordance with the resolution of the Annual General Meeting on 12 May 2021.

secunet AG's Annual Financial Statements under commercial law for the 2021 financial year show net income for the year of 43,480,634.15 euros. The Management Board and the Supervisory Board decided to deposit an amount of 8,674,713.39 euros from this sum into other revenue reserves. There is a balance sheet profit of 34,805,920.76 euros under commercial law for 31 December 2021.

The Management Board will propose to the Annual General Meeting that a regular dividend of 3.37 euros per dividend-bearing share (corresponding to a regular distribution of 50% of net income for the year) and a special dividend of 2.01 euros per dividend-bearing share, and thus a total of 5.38 euros per dividend-bearing share (in total: 34,805,920.76 euros), be distributed on the dividend-bearing share capital of 6,469,502.00 euros. When determining the share capital entitled to a dividend, the total of 30,498 treasury shares was deducted.

in euros	2021
Carryforward as at 1 Jan 2021	16,432,535.08
Net income for the year 2021	43,480,634.15
Dividend payment in 2021 for 2020	-16,432,535.08
Transfer to other revenue reserves	-8,674,713.39
Balance sheet profit at 31 Dec 2021	34,805,920.76
Proposal for the appropriation of distributable earnings
Dividend payment for 2022	34,805,920.76
Carryforward	0.00

Notes on the income statement

16. Sales revenue

secunet Group realises its sales revenue entirely within the framework of contracts with customers.

The following overview breaks down sales by geographical characteristics, main revenue streams and revenue recognition.

	Public Sector		Business Sector		Group
in thousand euros	2021	2020	2021	2020	2021	2020
Geographical allocation
Domestic	248,588.2	210,383.1	59,215.6	48,164.9	307,803.8	258,548.0
Abroad	29,533.8	26,745.9	282.6	297.1	29,816.4	27,043.0
Total	278,122.0	237,129.0	59,498.2	48,462.0	337,620.2	285,591.0
Revenue generation
Consultancy business	39,734.8	24,329.4	7,099.7	7,619.7	46,834.5	31,949.1
Product business	238,387.2	212,799.6	52,398.5	40,842.3	290,785.7	253,641.9
Total	278,122.0	237,129.0	59,498.2	48,462.0	337,620.2	285,591.0
Recognition of sales revenue
Over time	60,182.2	44,776.8	16,464.9	16,984.9	76,647.1	61,761.7
At a point in time	217,939.8	192,352.2	43,033.3	31,477.1	260,973.1	223,829.3
Total	278,122.0	237,129.0	59,498.2	48,462.0	337,620.2	285,591.0

Domestic sales revenue totalled 307,803.8 thousand euros (previous year: 258,548.0 thousand euros), while sales revenue generated abroad was 29,816.4 thousand euros (previous year: 27,043.0 thousand euros). The breakdown of sales revenue is based on the location of the customers.

Approximately 240.7 million euros of this sales revenue is attributable to the Group's major customer as defined in IFRS 8.34. This sales revenue was generated in the Public Sector division. No other individual customer accounted for 10% or more of the Group's sales revenues in 2021.

17. Presentation of selected expenses according to cost types

With the exception of materials expenses, which must always be included under cost of sales, all the cost types are recorded under the cost of sales, the selling expenses and the general administrative costs. The following amounts are recorded for the cost types listed below:

in euros	2021	2020
Expenses for raw materials, consumables and operating materials	154,776,094.96	151,596,110.35
Cost of purchased services	16,484,304.54	14,125,387.94
Materials expenses	171,260,399.50	165,721,498.29
Wages and salaries	65,117,604.97	54,875,579.56
Social security costs	9,734,814.71	7,879,203.42
Expenses for retirement pensions	209,308.89	263,396.36
Personnel expenses	75,061,728.57	63,018,179.34
Depreciations (scheduled)	9,933,084.86	7,744,064.05

18. Research and development costs

Research and development costs for the financial year amounted to 7,505,955.34 euros (previous year: 1,927,781.10 euros).

2.2 million euros (previous year: 0.7 million euros) is attributable to cost components that cannot be capitalised in connection with the development of the SINA Communicator H. A further 1.2 million euros (previous year: 1.1 million euros) was capitalised as development costs associated with this development in accordance with IAS 38.

5.3 million euros (previous year: 1.2 million euros) was attributable to development projects that did not fully meet the criteria set out in IAS 38.57 for the justification of mandatory capitalisation.

19. Interest income / expense

In the 2021 financial year, interest income of 5,631.49 euros (previous year: 27,731.34 euros) was generated. Of this amount, 0.00 euros (previous year: 26,075.00 euros) relates to interest income from short-term loans to the shareholder Giesecke + Devrient GmbH. The remaining amount is attributable to default interest on trade receivables (5,631.49 euros; previous year: 257.34 euros).

The interest expense for 2021 of 294,855.99 euros (previous year: 337,108.43 euros) mainly consists of interest on pension provisions (64,094.00 euros, previous year: 112,765.00 euros) and interest expense in connection with lease accounting under IFRS 16 (207,870.99 euros, previous year: 224,355.82 euros). The remaining amount mainly relates to interest on other non-current provisions.

20. Income taxes

In the reporting year, current taxes of 20,781,453.53 euros were incurred (previous year: 16,446,347.15 euros). This includes taxes for previous years in the amount of 71,698.02 euros (previous year: 109,700.90 euros). For deferred taxes see Note 9.

The income tax expense is derived from the theoretical tax expense. A tax rate of 31.98% (previous year: 31.99%) is applied to the earnings before taxes. The tax expense arising from the application of the tax rate for the Group is derived as follows:

in euros	2021	2020
Group profit before tax	63,589,387.07	51,329,881.90
Expected tax expense	-20,337,857.26	-16,417,862.73
Non-recognition of losses	-6,842.99	0.00
Trade tax adjustments	-69,489.09	-68,376.52
Utilisation of losses not recognised in the previous year		15,419.62
Prior-year taxes	-71,698.02	-109,700.90
Non-deductible expenses	-21,239.88	-17,665.62
Other items	-101,962.29	252,292.38
Effective tax expense	-20,609,089.53	-16,345,893.77

As at 31 December 2021, the tax rates used to calculate deferred tax assets and liabilities were changed only slightly compared with the previous year.

The effective tax rate in the reporting year, based on the Group profit before tax, was 32.4% (previous year: 31.8%).

21. Cash flow statement

The cash flow statement shows the changes in cash over the course of the reporting year, broken down into cash flows from operating, business, investment and financing activities. Cash and cash equivalents comprise cash in hand and bank balances.

The cash flow from operating activities was determined using the indirect method.

22. Segment reporting

secunet Group is split into two divisions: the Public Sector division and the Business Sector division. Both divisions are shown separately for the purposes of segment reporting, as they meet at least one of the quantitative thresholds defined in IFRS 8.13.

Segment report 2021

in thousand euros	Public Sector	Business Sector	secunet 2021
Segment revenue	278,120	59,501	337,620
Cost of sales	-190,636	-45,378	-236,014
Selling expenses	-17,259	-4,604	-21,863
Research and development costs	-5,950	-1,555	-7,505
Administrative costs	-6,927	-1,453	-8,380
Segment result (EBIT)	57,369	6,510	63,879
Interest result			-290
Income from investments			0
Group profit before tax			63,589
Goodwill	9,023	1,300	10,323

Segment report 2020

in thousand euros	Public Sector	Business Sector	secunet 2020
Segment revenue	237,129	48,462	285,591
Cost of sales	-160,571	-44,203	-204,774
Selling expenses	-14,852	-5,083	-19,935
Research and development costs	-1,911	-17	-1,928
Administrative costs	-5,989	-1,327	-7,316
Segment result (EBIT)	53,806	-2,168	51,638
Interest result			-310
Income from investments			0
Group profit before tax			51,328
Goodwill	3,325	1,300	4,625

One aspect of the Public Sector division's offering to its customers is the SINA product family, encompassing solutions (software, hardware and management) for highly secure, cryptographic processing, transmission and storage of classified information with different confidentiality levels. Additionally it offers public customers a wide range of IT security products and services, from IT security consulting and training to products for electronic passports, automated (biometric) border control systems, the ELSTER electronic tax return system and the equipment of large infrastructures with high-security technology and public key infrastructures.

The Business Sector division offers IT security consulting and solutions for the healthcare market and to meet the specific requirements of companies in the private sector. The range of solutions in the healthcare market consists mainly of the secunet konnektor for connection to the telematics infrastructure (TI) in the healthcare sector. The consulting services for private sector companies range from security assessments (known as penetration tests) via security consulting (for security policies and their implementation, for example) up to support for certification projects. The customer-specific solutions in the Business Sector are focused particularly on providers and operators of critical infrastructures, such as telecommunications companies, energy and utility companies, and on the automotive industry, as well as on companies with network-controlled, digital production and service processes (Industry 4.0). The portfolio contains, for example, the eID PKI Suite solution, which is used to generate, use and manage digital certificates. The certificates serve the purpose of authenticating users and technical components as well as signing and encrypting data and messages. Also included is the secunet edge product, which protects networked sensors, machines and systems in Industry 4.0 against cyberattacks.

The accounting principles for the segments are identical to those used for the Consolidated Financial Statements. Using apportionments, expenses (for example, overhead costs) that are not directly allocable to the reportable segments are allocated to the reportable segments.

The segments are managed on the basis of the segment results.

With the exception of non-essential components, the segments' assets are focused on the domestic market. There were no significant changes to the segment assets as at the balance sheet date.

Further details on sales revenue can be found in Note 16.

In segment reporting, the general administrative costs as well as other operating expenditure and income from the profit and loss account are summarised under administrative costs.

The selling expenses are combined with the net impairment loss on trade receivables and contract assets.

23. Other disclosures

Employees

In the 2021 financial year, the Group had an average of 819 employees (720 permanent employees and 99 temporary workers; previous year: 687 employees (614 permanent employees and 73 temporary workers)).

Capital management

The capital management of secunet Group is geared primarily to the provisions and requirements of company law. The aim is to ensure that all Group companies can operate as going concerns. Where no special provisions dictate otherwise, the equity for tax purposes is the same as the balance sheet equity. In all other cases the balance sheet equity is adjusted in line with regulatory or contractual requirements. The Group is not subject to any minimum equity requirements.

The Group's equity (including non-controlling interests) as at 31 December 2021 was 129,823,840.73 euros (previous year: 102,765,624.27 euros).

Financial instruments

Risks from financial instruments

The risks arising from financial instruments relate to liquidity, default and market risks.

Liquidity risks

To ensure that it has sufficient funds at its disposal, the Group prepares a liquidity plan as part of its three-year planning. This is then compared against each set of month-end figures and subsequently analysed.

The finance department informs the CFO of the current level of available funds on a daily basis. In conjunction with a permanent reminder function, this ensures a high cash reserve at all times.

Given the high level of available funds, the Group has, to date, not needed to make use of credit lines.

Guarantee facilities totalling 12.0 million euros existed as at the balance sheet date (previous year: 12.0 million euros), of which 4.3 million euros (previous year: 2.7 million euros) has been drawn down.

At the end of the year, the Group had cash and cash equivalents amounting to 119,476,061.19 euros at its disposal (previous year: 101,648,590.01 euros). Current financial liabilities stood at 51,948,582.00 euros (previous year: 62,436,731.18 euros).

Default risks

Default risks, or risks that counterparties cannot meet their payment obligations on time, are addressed with approval and control processes.

The Group also assesses the solvency of its customers on a regular basis.

The maximum amount of the default risks arising for the Group corresponds to its total receivables. The Group is not exposed to any unusual default risks in respect of individual contracting partners or groups of contracting partners. Default risks are recognised through valuation allowances.

There are no concentrations of default risks in respect of individual customers. The overall default risk is estimated to be low.

An analysis of the trade receivables that were overdue can be found in the overview under Note 2.

Market risks

The Group generates the majority of its sales in the European currency area. The risks resulting from exchange rate fluctuations are therefore not significant. Fixed interest rates are agreed for the Company's interest-bearing call deposits and time deposits. Due to the high level of cash and cash equivalents, no financing through loans is required. Risks resulting from changes in interest rates can therefore also be regarded as low.

Other notes on financial instruments

During the reporting year, there were no reclassifications of financial assets between the measurement categories under IFRS 9. With the exception of the premium reserve from reinsurance contracts (non-current financial assets), no financial assets or liabilities were measured at fair value through profit or loss (FVTPL).

The carrying amounts of current financial assets and liabilities as well as non-current trade receivables represent an appropriate approximation of fair value for the purposes of IFRS.

The fair value of non-current financial instruments – disclosed under non-current financial assets – corresponds to the carrying amount. They developed as follows:

in euros	2021	2020
Carrying amount as at 1 Jan	6,275,349.00	6,141,883.00
Incoming payments	61,619.64	61,625.68
Outgoing payments	-104,700.00	-103,407.84
Income recorded in the income statement	182,112.36	175,248.16
Carrying amount as at 31 Dec	6,414,381.00	6,275,349.00

No OCI effects resulted from the subsequent measurement of the premium reserve shares of reinsurance contracts.

For financial instruments measured at amortised cost, expenses of 0 thousand euros (previous year: 77 thousand euros) due to impairments and write-downs, and income of 39 thousand euros from reversals of impairment losses (previous year: 0 thousand euros) were reported in the 2021 financial year.

Additional notes on financial instruments

The carrying amounts and fair values of the financial instruments reported in the balance sheet are as follows:

31 Dec 2021		Carrying amounts
in euros	Mandatory as FVTPL	At amortised cost	Other financial liabilities	Total carrying amounts
Financial assets measured at fair value
Non-current financial assets	6,414,381.00	-	-	6,414,381.00
Financial assets not measured at fair value
Cash and cash equivalents	-	119,476,061.19	-	119,476,061.19
Trade receivables	-	33,278,737.26	-	33,278,737.26
Intercompany financial assets	-	124,011.53	-	124,011.53
Other current and non-current assets	-	9,732,155.75	-	9,732,155.75
	0.00	162,610,965.73	0.00	162,610,965.73
Financial liabilities not measured at fair value
Trade accounts payable	-	-	23,276,779.95	23,276,779.95
Intercompany payables	-	-	102,952.71	102,952.71
Other current liabilities	-	-	4,546,725.61	4,546,725.61
	0.00	0.00	27,926,458.27	27,926,458.27

31 Dec 2020		Carrying amounts
in euros	Mandatory as FVTPL	At amortised cost	Other financial liabilities	Total carrying amounts
Financial assets measured at fair value
Non-current financial assets	6,275,349.00	-	-	6,275,349.00
Financial assets not measured at fair value
Cash and cash equivalents	-	101,648,590.01	-	101,648,590.01
Trade receivables	-	52,158,122.74	-	52,158,122.74
Intercompany financial assets	-	134,047.27	-	134,047.27
Other current and non-current assets	-	7,618,459.54	-	7,618,459.54
	0.00	161,559,219.56	0.00	161,559,219.56
Financial liabilities not measured at fair value
Trade accounts payable	-	-	25,513,127.45	25,513,127.45
Intercompany payables	-	-	75,120.94	75,120.94
Other current liabilities	-	-	5,997,733.75	5,997,733.75
	0.00	0.00	31,585,982.14	31,585,982.14

		Fair value
Total
fair values	Level 3	Level 2	Level 1

- 6,414,381.00		6,414,381.00	-

- 0.00		-	-
- 0.00		-	-
- 0.00		-	-
- 0.00		-	-
0.00	0.00	0.00	0.00

- 0.00		-	-
- 0.00		-	-
- 0.00		-	-
0.00	0.00	0.00	0.00

The carrying amounts and fair values of the financial instruments reported in the balance sheet are as follows:

31 Dec 2020	Carrying amounts Fair value

Total fair values	Level 3	Level 2	Level 1

6,275,349.00	-	6,275,349.00	-

0.00	-	-	-
0.00	-	-	-
0.00	-	-	-
0.00	-	-	-
0.00	0.00	0.00	0.00

0.00	-	-	-
0.00	-	-	-
0.00	-	-	-
0.00	0.00	0.00	0.00

Net profit / loss from financial instruments for the two financial years was as follows:

in euros	2021	2020
Loans and receivables
Interest result	5,631.49	27,731.34
Losses from derecognised receivables	0.00	-14,250.00
Gains on receivables written off	0.00	0.00
Impairment losses (–) / impairment reversals (+)	39,032.00	-77,653.33
	44,663.49	-64,171.99
Financial assets measured at fair value through profit or loss
Interest result	182,112.36	175,248.16
Total	226,775.85	111,076.17

Corporate Governance

The Management Board and Supervisory Board issued the declaration pursuant to Section 161 AktG in respect of secunet AG and made it permanently available to the shareholders on the Company's website (www.secunet.com/en/ about-us/investors).

Corporate bodies

In the reporting year, the Company's Management Board comprised the following members:

Qualified industrial engineer Axel Deininger Qualified engineer Torsten Henn Dr - Ing Kai Martius Qualified business economist (FH) Thomas Pleines

Fees for auditors of Consolidated Financial Statements

In the financial year and in the previous year, the following fees paid to the auditors of the Consolidated Financial Statements, PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft, were recognised.

in euros	2021	2020
Audit services	239	198
Other assurance services	54	10
Tax advisor services	0	0
Other services	102	21
Total	395	229

The total fee charged by the Company's auditors is broken down into audit services, other assurance services and other services in the corresponding disclosure in the Consolidated Financial Statements of secunet Security Networks AG. For secunet Security Networks AG and the companies it controls, other assurance services were provided mainly for services in connection with the economic audit of the non-financial statement and the substantive audit of the Management Board remuneration report.

Other services include, in particular, project-related consulting services in connection with issues in the areas of analysis and evaluation of business processes, compliance and internal control system.

Related party disclosures

Transactions with related persons

The remuneration of key management personnel breaks down into the following categories pursuant to IAS 24:

in thousand euros	2021	2020
Management Board
Short-term employee benefits	1,927.4	1,842.9
Post-employment benefits	61.8	66.7
Other long-term employee benefits	0.0	400.0
Share-based remuneration	545.1	0.0
Total	2,534.3	2,309.6

Supervisory Board
Short-term employee benefits	88.0	88.0

The service cost resulting from the pension provisions for active members of the Management Board and the past service cost are reported as post-employment benefits. The disclosure of share-based remuneration refers to the expense from share-based remuneration in the financial year.

The remuneration of members of the Management Board active during the reporting year totalled 1,908 thousand euros for the reporting year (previous year: 2,243 thousand euros).

Provisions for pensions for members of the Management Board are recognised in the amount of 1,758 thousand euros (previous year: 1,862 thousand euros). According to the regulations of the German Commercial Code (HGB), these provisions amount to 1,482 thousand euros (previous year: 1,272 thousand euros).

Provisions for pensions (IFRS) for former members of the Management Board are recognised in the amount of 1,481 thousand euros (previous year: 1,598 thousand euros). According to the regulations of the German Commercial Code (HGB), these provisions amount to 1,332 thousand euros (previous year: 1,260 thousand euros).

Pension payments for former members of the Management Board were made in the amount of 44.1 thousand euros (previous year: 44.1 thousand euros).

Former members of the Management Board received fees of 40.7 thousand euros (previous year: 39.3 thousand euros) in connection with consultancy contracts.

The total remuneration of the active members of the Management Board pursuant to Section 314 (1) no. 6a of the German Commercial Code (HGB) for their work in the reporting year amounted to 2,472 thousand euros (previous year: 2,243 thousand euros). This includes the basic remuneration, fringe benefits and benefits in kind, short-term variable remuneration and the expense for long-term variable remuneration recognised in the financial year. For the long-term variable remuneration, provisional virtual shares were granted within the framework of the 2021 – 2024 tranche, the fair value of which amounted to 545 thousand euros at the time of allocation.

A provision of 860 thousand euros was recognised for short-term variable remuneration in the financial year. The payment is measured according to the target achievement determined by the Supervisory Board on the basis of the applicable Management Board remuneration system and is scheduled for June 2022. The determination is made using the financial performance criteria of EBIT and sales revenue on an equally weighted basis.

In the financial year, members of the Management Board held 880 shares (previous year: 880 shares) in secunet Security Networks AG. As in the previous year, members of the Supervisory Board held no shares in secunet AG.

Supervisory Board remuneration for the reporting year totalled 88.0 thousand euros (previous year: 88.0 thousand euros).

Transactions with related companies of MC Familiengesellschaft mbH

secunet AG is a majority holding of Giesecke + Devrient GmbH, Munich, which has a 75.12% stake in the Company. secunet AG is included in the Consolidated Financial Statements of MC Familiengesellschaft mbH, Munich.

The following transactions were carried out in the specified period with group companies of MC Familiengesellschaft mbH on the usual market terms:

1. Sales revenues resulting from services performed for affiliated companies in the MC Familiengesellschaft Group

in euros	2021	2020
Parent company
Giesecke + Devrient GmbH, Munich	121,098.48	36,577.51
Other affiliated companies
Giesecke + Devrient Mobile Security GmbH, Munich	29,301.76	58,634.95
Veridos GmbH, Berlin	140,555.00	204,859.00
Veridos Mexico S. A. de C.V., Mexico City	5,120.00	0.00
Giesecke + Devrient Currency Technologies GmbH, Munich	252,841.60	266,973.90
Giesecke + Devrient Mobile Security Asia Pte. Ltd., Singapore	207.85	1,153.38
Giesecke + Devrient Mobile Security Australia Pty Ltd., Knoxfield, Victoria	0.00	1,646.94
Giesecke + Devrient advance52 GmbH, Munich	98,759.38	0.00
Total	647,884.07	569,845.68

The sales revenues with affiliated companies of the MC Familiengesellschaft Group are generated within the framework of hardware and service projects.

For projects with affiliated companies in the MC Familiengesellschaft Group, provisions for deferred costs of 0 thousand euros (previous year: 0 thousand euros) were created.

2. Financial result for services performed for affiliated companies in the MC Familiengesellschaft Group

Interest income of 0.00 euros (previous year: 26,075.00 euros) was generated from the provision of short-term loans to Giesecke + Devrient GmbH, Munich.

3. Services purchased from affiliated companies in the MC Familiengesellschaft Group

in euros	2021	2020
Parent company
Giesecke + Devrient GmbH, Munich	78,348.73	97,858.35
Other affiliated companies
Giesecke + Devrient Mobile Security GmbH, Munich	354,964.02	509,164.33
Giesecke + Devrient Mobile Security Australia Pty Ltd, Knoxfield, Victoria	0.00	5,849.69
Giesecke + Devrient Mobile Security Asia Pte. Ltd., Singapore	133,097.07	160,907.57
Giesecke + Devrient Immobilien Management GmbH, Munich	25,543.56	0.00
Veridos GmbH, Berlin	0.00	21,632.00
Veridos Mexico S. A. de C.V., Mexico City	336.00	0.00
Giesecke + Devrient advance52 GmbH, Munich	0.00	63,969.43
Giesecke + Devrient Currency Technology FZE, Dubai, UAE	254,512.59	146,818.97
Total	846,801.97	1,006,200.34

4. Receivables from affiliated companies in the MC Familiengesellschaft Group

in euros	2021	2020
Parent company
Giesecke + Devrient GmbH, Munich	3,784.79	12,224.99
Other affiliated companies
Giesecke + Devrient Mobile Security GmbH, Munich	0.00	0.00
Giesecke + Devrient Currency Technologies GmbH, Munich	88,996.68	252.30
Veridos GmbH, Berlin	0.00	121,569.98
Giesecke + Devrient advance52 GmbH, Munich	31,230.06	0.00
Total	124,011.53	134,047.27

Receivables from Group companies comprise 124,011.53 euros as trade receivables (previous year: 134,047.27 euros).

5. Payables to affiliated companies in the MC Familiengesellschaft Group

in euros	2021	2020
Parent company
Giesecke + Devrient GmbH, Munich	638.80	4,969.97
Other affiliated companies
Giesecke + Devrient Immobilien Management GmbH, Munich	4,342.41	4,155.61
Giesecke + Devrient Currency Technology FZE, Dubai, UAE	50,365.39	48,595.36
Giesecke + Devrient Mobile Security GmbH, Munich	47,606.11	17,400.00
Total	102,952.71	75,120.94

Payables to Group companies consist entirely of trade accounts payable.

Events after the balance sheet date

In February 2022, acts of war began in Ukraine. No direct risks relating to procurement and sales are currently evident. The extent to which the sanction decisions will require action is under discussion. The German government is planning a special fund of 100 billion euros to improve its own defence capabilities as well as long-term increases in the defence budget. This will lead to a huge increase in defence spending. The extent to which this will create opportunities for secunet is also not yet foreseeable at this point in time.

The Management Board

Essen, 22 March 2022

Axel Deininger Torsten Henn

Dr Kai Martius Thomas Pleines

Independent auditor's report

To secunet Security Networks Aktiengesellschaft, Essen

Report on the audit of the consolidated financial statements and of the Group management report

Audit opinions

We have audited the consolidated financial statements of secunet Security Networks Aktiengesellschaft, Essen, and its subsidiaries (the Group), which comprise the consolidated statement of financial position as at 31 December 2021, consolidated statement of comprehensive income, consolidated income statement, consolidated statement of changes in equity and consolidated cash flow statement for the financial year from 1 January to 31 December 2021, and notes to the consolidated financial statements, including a summary of significant accounting policies. In addition, we have audited the Group management report of secunet Security Networks Aktiengesellschaft, which is combined with the Company's management report, for the financial year from 1 January to 31 December 2021. In accordance with the German legal requirements, we have not audited the content of the non-financial statement pursuant to Section 289b (1) HGB and Section 315b (1) HGB.

In our opinion, on the basis of the knowledge obtained in the audit,

» the accompanying consolidated financial statements comply, in all material respects, with the IFRSs as adopted by the EU, and the additional requirements of German commercial law pursuant to Section 315e (1) HGB [Handelsgesetzbuch: German Commercial Code] and, in compliance with these requirements, give a true and fair view of the assets, liabilities and financial position of the Group as at 31 December 2021, and of its financial performance for the financial year from 1 January to 31 December 2021, and
» the accompanying Group management report as a whole provides an appropriate view of the Group's position. In all material respects, this Group management report is consistent with the consolidated financial statements, complies with German legal requirements and appropriately presents the opportunities and risks of future development. Our audit opinion on the Group management report does not cover the content of the above-mentioned non-financial statement.

Pursuant to Section 322 (3), sentence 1 HGB, we declare that our audit has not led to any reservations relating to the legal compliance of the consolidated financial statements and of the Group management report.

Basis for the audit opinions

We conducted our audit of the consolidated financial statements and of the Group management report in accordance with Section 317 HGB and EU Audit Regulation No. 537 / 2014 (referred to subsequently as "EU Audit Regulation") and in compliance with German Generally Accepted Standards for Financial Statement Audits promulgated by the Institut der Wirtschaftsprüfer [Institute of Public Auditors in Germany] (IDW). Our responsibilities under those requirements and principles are further described in the "Auditor's responsibilities for the audit of the consolidated financial statements and of the Group management report" section of our auditor's report. We are independent of the Group entities in accordance with the requirements of European law and German commercial and professional law, and we have fulfilled our other German professional responsibilities in accordance with these requirements. In addition, in accordance with Article 10 (2), point (f) of the EU Audit Regulation, we declare that we have not provided non-audit services prohibited under Article 5 (1) of the EU Audit Regulation. We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our audit opinions on the consolidated financial statements and on the Group management report.

Key audit matters in the audit of the consolidated financial statements

Key audit matters are those matters that, in our professional judgement, were of most significance in our audit of the consolidated financial statements for the financial year from 1 January to 31 December 2021. These matters were addressed in the context of our audit of the consolidated financial statements as a whole, and in forming our audit opinion thereon; we do not provide a separate audit opinion on these matters.

In our view, the matter of most significance in our audit was as follows:

Revenue recognition

Our presentation of this key audit matter has been structured as follows:

» Matter and issue
» Audit approach and findings
» Reference to further information

Hereinafter we present the key audit matter:

Revenue recognition

» Revenue amounting to € 337 million is reported in the income statement in the consolidated financial statements of secunet Security Networks Aktiengesellschaft. Revenue is recognised as at the date on which it arises or in the period during which it arises, depending on which services are rendered to customers.

secunet Group generates revenue from the sale of hardware products and software licences, which it recognises at the time the power of disposition transfers to the customer. If at that time further services are agreed with the customer, particularly for maintenance, updates and extended warranty commitments, revenue is realised for the period in which it arises over the term of the agreement. To that end, the individual components are allocated in the agreement to separate performance obligations and the agreed transaction price is allocated to the individual performance obligations according to the relative individual selling prices.

Furthermore, secunet Group realises revenue from the provision of specialised services relating to consulting on the implementation of comprehensive IT security solutions as well as the development of software, on the basis of work hours performed as at the reporting date or based on the percentage of completion.

Due to the structure of the customer base, which largely comprises public entities and entities from the industrial sector, such as automotive manufacturers, the number of orders and accordingly the volume of work contracted and performed is relatively greater in the fourth quarter of a given financial year than in the other quarters.

In light of the large number of business transactions at the end of the financial year, combined with the different contractual agreements and a high share of multiple-component agreements, there is a material risk that the revenue in the financial year ended is not allocated to the correct period. Against this background, this matter was of particular significance for our audit.

» As part of our audit, we used IT-based audit techniques to assess, among other things, the appropriateness and effectiveness of the Company's established internal control system with respect to order acceptance and invoicing to ensure full and correct recognition of revenue as well as the allocation of that revenue to the correct periods. Furthermore, we obtained an understanding of the underlying contractual agreements and assessed them with regard to the time at which revenue can be recognised in accordance with the rules of IFRS 15. We consulted and evaluated the corresponding contractual documents to assess the recognition of revenue, and primarily compared invoices for revenue, which were selected on a test basis for revenue which was realised in December 2021 and January 2022, against the associated orders, contracts, external delivery documentation, acceptance certificates and timesheets. Moreover, we obtained balance confirmations for trade receivables on a test basis. In instances where we did not receive responses with respect to the requested balances, we reviewed those balances on the basis of alternative audit procedures, particularly by comparing balances against the aforementioned external documents.

We were able to satisfy ourselves that the systems and processes in place, as well as the established controls, are appropriate overall for the purpose of ensuring that revenue is allocated to the correct periods.

» The disclosures relating to revenue are contained in the section "General principles" of the notes to the financial statements and in Section 16 "Sales revenue".

Other information

The executive directors are responsible for the other information. The other information comprises the non-financial statement pursuant to Section 289b (1) HGB and Section 315b (1) HGB as a non-audited part of the Group management report.

The other information also comprises:

» the corporate governance statement pursuant to Section 289f HGB and Section 315d HGB
» the remuneration report pursuant to Section 162 AktG, for which the Supervisory Board is additionally responsible
» all remaining parts of the annual report excluding cross-references to external information with the exception of the audited consolidated financial statements, the audited Group management report and our auditor's report.

Our audit opinions on the consolidated financial statements and on the Group management report do not cover the other information, and consequently we do not express an audit opinion or any other form of assurance conclusion thereon.

In connection with our audit, our responsibility is to read the other information and, in so doing, to consider whether the other information

» is materially inconsistent with the consolidated financial statements, with the Group management report disclosures audited in terms of content, or with our knowledge obtained in the audit, or
» otherwise appears to be materially misstated.

Responsibilities of the executive directors and the Supervisory Board for the consolidated financial statements and the Group management report

The executive directors are responsible for the preparation of the consolidated financial statements that comply, in all material respects, with IFRSs as adopted by the EU and the additional requirements of German commercial law pursuant to Section 315e (1) HGB and that the consolidated financial statements, in compliance with these requirements, give a true and fair view of the assets, liabilities, financial position and financial performance of the Group. In addition, the executive directors are responsible for such internal control as they have determined necessary to enable the preparation of consolidated financial statements that are free from material misstatement, whether due to fraud or error.

In preparing the consolidated financial statements, the executive directors are responsible for assessing the Group's ability to continue as a going concern. They also have the responsibility for disclosing, as applicable, matters related to going concern. In addition, they are responsible for financial reporting based on the going concern basis of accounting unless there is an intention to liquidate the Group or to cease operations, or there is no realistic alternative but to do so.

Furthermore, the executive directors are responsible for the preparation of the Group management report that, as a whole, provides an appropriate view of the Group's position and is, in all material respects, consistent with the consolidated financial statements, complies with German legal requirements, and appropriately presents the opportunities and risks of future development. In addition, the executive directors are responsible for such arrangements and measures (systems) as they have considered necessary to enable the preparation of a Group management report that is in accordance with the applicable German legal requirements, and to be able to provide sufficient appropriate evidence for the assertions in the Group management report.

The Supervisory Board is responsible for overseeing the Group's financial reporting process for the preparation of the consolidated financial statements and of the Group management report.

Auditor's responsibilities for the audit of the consolidated financial statements and of the Group management report

Our objectives are to obtain reasonable assurance about whether the consolidated financial statements as a whole are free from material misstatement, whether due to fraud or error, and whether the Group management report as a whole provides an appropriate view of the Group's position and, in all material respects, is consistent with the consolidated financial statements and the knowledge obtained in the audit, complies with the German legal requirements and appropriately presents the opportunities and risks of future development, as well as to issue an auditor's report that includes our audit opinions on the consolidated financial statements and on the Group management report.

Reasonable assurance is a high level of assurance, but is not a guarantee that an audit conducted in accordance with Section 317 HGB and the EU Audit Regulation and in compliance with German Generally Accepted Standards for Financial Statement Audits promulgated by the Institut der Wirtschaftsprüfer (IDW) will always detect a material misstatement. Misstatements can arise from fraud or error and are considered material if, individually or in the aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis of these consolidated financial statements and this Group management report.

We exercise professional judgement and maintain professional scepticism throughout the audit. We also:

» Identify and assess the risks of material misstatement of the consolidated financial statements and of the Group management report, whether due to fraud or error, design and perform audit procedures responsive to those risks, and obtain audit evidence that is sufficient and appropriate to provide a basis for our audit opinions. The risk of not detecting a material misstatement resulting from fraud is higher than for one resulting from error, as fraud may involve collusion, forgery, intentional omissions, misrepresentations, or the override of internal controls.
» Obtain an understanding of internal control relevant to the audit of the consolidated financial statements and of arrangements and measures (systems) relevant to the audit of the Group management report in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an audit opinion on the effectiveness of these systems.
» Evaluate the appropriateness of accounting policies used by the executive directors and the reasonableness of estimates made by the executive directors and related disclosures.
» Conclude on the appropriateness of the executive directors' use of the going concern basis of accounting and, based on the audit evidence obtained, whether a material uncertainty exists related to events or conditions that may cast significant doubt on the Group's ability to continue as a going concern. If we conclude that a material uncertainty exists, we are required to draw attention in the auditor's report to the related disclosures in the consolidated financial statements and in the Group management report or, if such disclosures are inadequate, to modify our respective audit opinions. Our conclusions are based on the audit evidence obtained up to the date of our auditor's report. However, future events or conditions may cause the Group to cease to be able to continue as a going concern.
» Evaluate the overall presentation, structure and content of the consolidated financial statements, including the disclosures, and whether the consolidated financial statements present the underlying transactions and events in a manner that the consolidated financial statements give a true and fair view of the assets, liabilities, financial position and financial performance of the Group in compliance with IFRSs as adopted by the EU and the additional requirements of German commercial law pursuant to Section 315e (1) HGB.
» Obtain sufficient appropriate audit evidence regarding the financial information of the entities or business activities within the Group to express audit opinions on the consolidated financial statements and on the Group management report. We are responsible for the direction, supervision and performance of the Group audit. We remain solely responsible for our audit opinions.
» Evaluate the consistency of the Group management report with the consolidated financial statements, its conformity with German law, and the view of the Group's position it provides.

» Perform audit procedures on the prospective information presented by the executive directors in the Group management report. On the basis of sufficient appropriate audit evidence we evaluate, in particular, the significant assumptions used by the executive directors as a basis for the prospective information, and evaluate the proper derivation of the prospective information from these assumptions. We do not express a separate audit opinion on the prospective information and on the assumptions used as a basis. There is a substantial unavoidable risk that future events will differ materially from the prospective information.

We communicate with those charged with governance regarding, among other matters, the planned scope and timing of the audit and significant audit findings, including any significant deficiencies in internal control that we identify during our audit.

We also provide those charged with governance with a statement that we have complied with the relevant independence requirements, and communicate with them all relationships and other matters that may reasonably be thought to bear on our independence, and where applicable, the related safeguards.

From the matters communicated with those charged with governance, we determine those matters that were of most significance in the audit of the consolidated financial statements of the current period and are therefore the key audit matters. We describe these matters in our auditor's report unless law or regulation precludes public disclosure about the matter.

Other legal and regulatory requirements

Assurance report in accordance with Section 317 (3a) HGB on the electronic reproduction of the consolidated financial statements and the Group management report prepared for publication purposes

Reasonable assurance conclusion

We have performed an assurance engagement in accordance with Section 317 (3a) HGB to obtain reasonable assurance about whether the reproduction of the consolidated financial statements and the Group management report (hereinafter the "ESEF documents") contained in the electronic file secunet_AG_KA_KLB_ESEF_2021_12_31.zip and prepared for publication purposes complies in all material respects with the requirements of Section 328 (1) HGB for the electronic reporting format ("ESEF format"). In accordance with German legal requirements, this assurance engagement only extends to the conversion of the information contained in the consolidated financial statements and the Group management report into the ESEF format and therefore relates neither to the information contained within this reproduction nor to any other information contained in the above-mentioned electronic file.

In our opinion, the reproduction of the consolidated financial statements and the Group management report contained in the above-mentioned attached electronic file and prepared for publication purposes complies in all material respects with the requirements of Section 328 (1) HGB for the electronic reporting format We do not express any opinion on the information contained in this reproduction nor on any other information contained in the above-mentioned electronic file beyond this reasonable assurance conclusion and our audit opinion on the accompanying consolidated financial statements and the accompanying Group management report for the financial year from 1 January to 31 December 2021 contained in the "Report on the audit of the consolidated financial statements and on the Group management report" above.

Basis for the reasonable assurance conclusion

We conducted our assurance engagement on the reproduction of the consolidated financial statements and the Group management report contained in the above-mentioned attached electronic file in accordance with Section 317 (3a) HGB and the IDW Assurance Standard: Assurance in Accordance with Section 317 (3a) HGB on the Electronic Reproduction of Financial Statements and Management Reports Prepared for Publication Purposes (IDWPS 410 (10.2021)) and the International Standard on Assurance Engagements 3000 (Revised). Accordingly, our responsibilities are further described below in the "Group auditor's responsibilities for the assurance engagement on the ESEF documents" section. Our audit firm has applied the IDW Standard on Quality Management: Requirements for Quality Management in the Audit Firm (IDW QS 1).

Responsibilities of the executive directors and the Supervisory Board for the ESEF documents

The executive directors of the Company are responsible for the preparation of the ESEF documents including the electronic reproduction of the consolidated financial statements and the Group management report in accordance with Section 328 (1), sentence 4, no. 1 HGB and for the tagging of the consolidated financial statements in accordance with Section 328 (1), sentence 4, no. 2 HGB.

In addition, the executive directors of the Company are responsible for such internal control as they have considered necessary to enable the preparation of ESEF documents that are free from material non-compliance with the requirements of Section 328 (1) HGB for the electronic reporting format, whether due to fraud or error.

The Supervisory Board is responsible for overseeing the preparation of the ESEF documents as part of the financial reporting process.

Group auditor's responsibilities for the assurance engagement on the ESEF documents

Our objective is to obtain reasonable assurance about whether the ESEF documents are free from material non-compliance with the requirements of Section 328 (1) HGB, whether due to fraud or error. We exercise professional judgement and maintain professional scepticism throughout the assurance engagement. We also:

» Identify and assess the risks of material non-compliance with the requirements of Section 328 (1) HGB, whether due to fraud or error, design and perform assurance procedures responsive to those risks, and obtain assurance evidence that is sufficient and appropriate to provide a basis for our assurance conclusion.
» Obtain an understanding of internal control relevant to the assurance engagement on the ESEF documents in order to design assurance procedures that are appropriate in the circumstances, but not for the purpose of expressing an assurance conclusion on the effectiveness of these controls.
» Evaluate the technical validity of the ESEF documents, i. e. whether the electronic file containing the ESEF documents meets the requirements of the Delegated Regulation (EU) 2019 / 815 in the version applicable as at the balance sheet date on the technical specification for this electronic file.
» Evaluate whether the ESEF documents enable an XHTML reproduction with content equivalent to the audited consolidated financial statements and to the audited Group management report.
» Evaluate whether the tagging of the ESEF documents with Inline XBRL technology (iXBRL) in accordance with Articles 4 and 6 of the Delegated Regulation (EU) 2019 / 815 in the version applicable as at the balance sheet date enables an appropriate and complete machine-readable XBRL copy of the XHTML reproduction.

Further information pursuant to Article 10 of the EU Audit Regulation

We were elected as Group auditor by the Annual General Meeting on 12 May 2021. We were engaged by the Supervisory Board on 28 July 2021. We have been the Group auditor of secunet Security Networks Aktiengesellschaft, Essen, without interruption since the 2020 financial year.

We declare that the audit opinions expressed in this auditor's report are consistent with the additional report to the audit committee pursuant to Article 11 of the EU Audit Regulation (long-form audit report).

Reference to any other matter – use of the auditor's report

Our auditor's report should always be read in conjunction with the audited consolidated financial statements and the audited Group management report as well as the audited ESEF documents. The consolidated financial statements and the Group management report converted into the ESEF format – including the versions to be published in the Federal Gazette – are merely electronic reproductions of the audited consolidated financial statements and the audited Group management report and do not replace them. In particular, the "Assurance report in accordance with Section 317 (3a) HGB on the electronic reproduction of the consolidated financial statements and the Group management report prepared for publication purposes" and our assurance conclusion contained therein can only be used in conjunction with the audited ESEF documents provided in electronic form.

German public auditor responsible for the engagement

The German public auditor responsible for the engagement is Lutz Granderath.

Essen, 23 March 2022

PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft

Lutz Granderath Michael Herting German Public Auditor German Public Auditor

Responsibility statement

"To the best of our knowledge, and in accordance with the applicable accounting principles, the Consolidated Financial Statements give a true and fair view of the assets, liabilities, financial position and results of operations of the Group, and the Group Management Report includes a true and fair presentation of the development and performance of the business and the position of the Group, together with a description of the principal opportunities and risks associated with the expected development of the Group."

Essen, 22 March 2022

Axel Deininger Torsten Henn

Dr Kai Martius Thomas Pleines

of secunet Security Networks Aktiengesellschaft, Essen

Balance sheet
Income statement
Notes
Independent auditor's report
Responsibility statement

Annual Financial Statements

of secunet Security Networks Aktiengesellschaft, Essen

Balance sheet

(according to HGB) as at 31 December 2021

Assets

in euros	Note	31 Dec 2021	31 Dec 2020
A. Fixed assets
I. Intangible fixed assets		2,441,799.00	2,802,112.00
II. Tangible fixed assets		7,231,691.86	6,041,135.84
III. Financial assets		17,795,208.76	7,920,526.76
Total fixed assets	1	27,468,699.62	16,763,774.60
B. Current assets
I. Inventories	2	51,609,166.90	28,424,764.72
II. Receivables and other assets	3	40,925,106.61	54,259,169.32
III. Cash in hand and balances with credit institutions	4	106,230,783.40	93,401,283.42
Total current assets		198,765,056.91	176,085,217.46
C. Prepaid expenses and accrued income		8,992,876.95	7,155,565.18

Total assets		235,226,633.48	200,004,557.24

Liabilities

in euros	Note	31 Dec 2021	31 Dec 2020
A. Equity
Subscribed capital		6,500,000.00	6,500,000.00
Nominal value of treasury shares		-30,498.00	-30,498.00
I. Issued capital		6,469,502.00	6,469,502.00
II. Capital reserves		21,656,305.42	21,656,305.42
III. Revenue reserves
Other revenue reserves		57,956,113.28	49,281,399.89
IV. Net accumulated profit		34,805,920.76	16,432,535.08
Total equity	6	120,887,841.46	93,839,742.39
B. Provisions	7	42,341,928.90	39,315,854.01
C. Liabilities	8	25,779,715.61	28,851,229.10
D. Deferred income and accrued expenses	9	46,217,147.51	37,997,731.74

Total liabilities		235,226,633.48	200,004,557.24

Income statement

(according to HGB) for the period from 1 January 2021 to 31 December 2021

in euros	Note	1 Jan – 31 Dec 2021	1 Jan – 31 Dec 2020
Sales revenue	10	327,421,606.76	279,064,555.59
Decrease / increase of unfinished services, work in progress & finished goods		-741,776.81	1,160,216.41
Other operating income	11	3,378,635.96	5,909,098.54
Materials expenses	12	-168,429,812.57	-149,963,047.13
Personnel expenses	13	-70,653,078.36	-54,160,343.12
Depreciation and amortisation of intangible fixed assets and tangible fixed assets	14	-4,068,632.97	-3,383,773.86
Other operating expenses	15	-24,007,781.65	-30,091,790.29
Income from equity investments	16	2,449,194.78	826,610.24
Financial result	17	-1,567,374.67	-610,656.33
Income taxes	18	-20,306,557.68	-15,917,552.67
Earnings after taxes		43,474,422.79	32,833,317.38

Other taxes	18	6,211.36	-22,364.00
Net income for the year		43,480,634.15	32,810,953.38

Accumulated profit carryforward		16,432,535.08	10,092,423.73
Dividend payment		-16,432,535.08	-10,092,423.73
Transfer to other revenue reserves		-8,674,713.39	-16,378,418.30
Net accumulated profit	19	34,805,920.76	16,432,535.08

Notes

regarding secunet Security Networks Aktiengesellschaft for the 2021 financial year (according to HGB)

General principles

secunet Security Networks Aktiengesellschaft in Essen, Germany (hereinafter referred to as "secunet AG" or the "Company") is a large public liability company within the meaning of Section 267 (3), sentences 1 and 2 of the German Commercial Code (Handelsgesetzbuch, HGB) and is entered in the Commercial Register at Essen Local Court (Reg. No. 13615).

The Annual Financial Statements of secunet AG are prepared in accordance with the regulations of the HGB and taking the supplementary provisions of the German Stock Corporation Act (Aktiengesetz, AktG) into account.

The valuations as at 31 December 2020 were adopted unchanged.

The financial statements have been prepared on the assumption that the Company is a going concern.

The income statement is based on the total expenditure format.

In order to enhance the clarity and transparency of the reporting, the balance sheet and the income statement combine certain individual items, which are reported in depth and explained in the Notes. In addition to the standard breakdown under commercial law, the item "Premium reserve shares from reinsurance contracts" was added to the item "Financial assets" in the "Changes in fixed assets" overview (Appendix to the Notes).

Accounting and valuation methods

Recognition and measurement are performed according to the principles set out below:

Assets

Fixed assets

Intangible and tangible fixed assets

The purchased intangible fixed assets are capitalised at their historical costs upon acquisition and are depreciated on a scheduled straight-line basis over their expected useful life. The useful life is between 3 and 5 years. An impairment loss is recognised in the event of permanent impairment. Using the option permitted under Section 248 (2), sentence 1 HGB, development costs are not capitalised.

Under this item, goodwill purchased during the 2016 financial year is being depreciated on a straight-line basis over a useful life of ten years in accordance with Section 253 (3), sentence 4 HGB, as the expected useful life cannot be estimated reliably.

Assets were acquired as part of an asset deal as of 1 July 2017. The assets and liabilities acquired are recognised at the fair value, and the purchase price in excess of this value has been reported as goodwill. This goodwill will be depreciated on a straight-line basis over an average remaining useful life of nine years, since the software purchased as part of the asset deal must be retained for a customer project with an average lifetime of nine years.

Tangible fixed assets are measured at the lower of historical cost or fair value if a long-term impairment is expected and are depreciated on a straight-line basis over the expected useful life. The useful life is between 3 and 10 years. An impairment loss is recognised in the event of permanent impairment.

Since 2008, newly acquired assets have been depreciated exclusively on a straight-line basis.

Fixed assets with historical costs of less than 1,000 euros (low-value fixed assets) are divided into two groups. Since the 2018 financial year, assets with historical costs of up to 250 euros have been written off to their full amount in the year of purchase. Assets with historical costs between 250 euros (previously 150 euros) and 1,000 euros are placed in a so-called "collective item" and written off in the year of purchase and over the next four years on a straight-line basis.

Financial assets

Shares in affiliated companies and holdings are recognised at historical cost.

Value adjustments to the lower fair value are made if there is likely to be a permanent impairment. Lower valuations are retained unless a higher carrying amount up to a maximum of the original historical cost is required.

Loans to affiliated companies and to companies in which there is a participating interest are shown at nominal value.

Reinsurance contracts are measured at fair value.

Current assets

Inventories are measured at historical cost or production cost or at the lower fair value on the balance sheet date. The production cost of unfinished services as well as work in progress and finished goods includes not only the directly allocable costs, but also necessary material and production overheads as well as general administrative expenses. Voluntary social security contributions, occupational pension expense and interest on borrowings are not carried as an asset. The principles of loss-free valuation are applied.

Trade goods are measured at the lower of historical cost calculated using a sliding average and fair value.

Receivables and other assets are measured at nominal value less appropriate discounts for identifiable individual risks. The general credit risk is taken into account by means of a general loan loss provision of 1%.

Cash in hand and balances with credit institutions are measured at their nominal value.

Expenses prior to the balance sheet date, insofar as they represent expenses for a specific period after the balance sheet date, are reported under prepaid expenses and accrued income.

Liabilities

Provisions

Provisions for pensions and similar liabilities are determined in accordance with the expert opinion of an actuary, based on the projected one-off contribution method ("Projected Unit Credit Method"), using Prof Klaus Heubeck's 2018 G mortality tables. An actuarial interest rate of 1.99% (previous year: 2.42%) was calculated for the valuation, which in accordance with the provisions of Section 253 (2), sentence 2 HGB was derived in December 2021 from the average market interest rate of the past ten (previous year: ten) financial years with an assumed residual term of 19 (previous year: 19) years, projected to 31 December 2021.

Applying an average market interest rate from the past seven financial years (1.47% (previous year: 1.73%)), this would lead to an obligation in the amount of 7,611,403 euros as at 31 December 2021. The difference in relation to the pension provisions evaluated with an average market interest rate from the past ten financial years (1.99%) stood at 725,092 euros as at 31 December 2021 (previous year: 857,904 euros); this amount must be taken into account in determining the amount blocked for distribution purposes (Section 253 (6), sentence 2 HGB).

The impact on income from the change to the actuarial interest rate is recorded in the financial result. Furthermore, the valuation of direct pension obligations is based on the assumption of 2.5% dynamic growth of eligible remuneration (previous year: 2.5%), 1.7% dynamic adjustment of current pensions (previous year: 1.7%) and a fluctuation of 5.5% (previous year: 5.5%) on average.

In accordance with the valuation rules of Section 253 (1), sentence 2 HGB, provisions for pensions must be reported at their settlement value with effect from 2010.

The amount required to be allocated to the pension provisions was calculated as at the transition date of 1 January 2010. The difference at that time from the revaluation of the obligations totalled 746,432 euros. With reference to the option provided for under Article 67 (1), sentence 1 of the Introductory Act to the German Commercial Code (Einführungsgesetz zum Handelsgesetzbuch, EGHGB), secunet AG allocated the amount of 49,763 euros (1 / 15 minimum allocation p. a.) to other operating expenditure in the 2021 financial year. The resulting coverage shortfall as at 31 December 2021 is therefore 149,276 euros.

Tax provisions and other provisions are created according to prudent business judgement, taking account of all identifiable and uncertain obligations and the required settlement amount expected. Provided that provisions with a residual term of longer than one year exist, these are discounted at the average market interest rate from the past seven financial years corresponding to their residual term (1.35% (previous year: 1.60%)).

The liabilities are recognised at their settlement value.

Earnings prior to the balance sheet date that represent income for a certain period after this date are reported under deferred income and accrued expenses.

Assets and liabilities denominated in foreign currency with a remaining term of up to one year are converted on the basis of the average spot exchange rate on the reporting date. The initial valuation was carried out at the spot exchange rate.

Deferred taxes

The table below shows asset and liability surpluses, these being only asset surpluses in the case of secunet AG.

in euros	Assets	Liabilities
Fixed assets	44,833.40	0.00
Goodwill	61,951.01	0.00
Provisions for pensions	1,163,438.16	0.00
Other provisions	426,521.10	0.00
Total	1,696,743.67	0.00

A tax rate of 31.98% (previous year: 31.99%) is applied. Using the option permitted under Section 274 (1), sentence 2 HGB, deferred tax assets were not posted in the balance sheet.

Income statement

The sales revenue is recognised once the service has been provided or the risk associated with the products sold has passed to the customer. Services are usually invoiced on the basis of the hours worked. For mixed transactions, the recognition criteria must be applied separately for each partial delivery. Satisfaction of a performance obligation in project business is basically defined by means of acceptance protocols.

Sales revenue is shown less value-added tax and any discounts when the sale of goods or services has taken place and the risks and rewards associated with ownership have been substantially transferred.

Notes to the balance sheet and income statement

1. Fixed assets

The breakdown of and changes in the fixed assets of secunet AG can be found in the statement of fixed assets, included as an Appendix to the Notes.

The ownership of shares can be shown as follows at the balance sheet date:

» secunet s. r. o., Czech Republic, Prague, 100% participation, equity of the Company as at 31 December 2021 85 thousand euros, net income for 2021 0 thousand euros.
» secunet International GmbH & Co. KG, Essen, 100% participation, equity of the Company as at 31 December 2021 100 thousand euros, net income for 2021 2,449 thousand euros.
» secunet International Management GmbH, Essen, 100% participation, equity of the Company as at 31 December 2021 48 thousand euros, net income for 2021 3 thousand euros.
» finally safe GmbH, Essen, 100% participation, equity of the Company as at 31 December 2021 -63 thousand euros, net income for the short financial year from 1 July 2021 – 31 December 2021 -18 thousand euros.
» secustack GmbH, Dresden, 51% participation, equity of the Company as at 31 December 2021 398 thousand euros, net income for 2021 -238 thousand euros.
» secunet Inc., Austin, Texas, USA, 100% participation; the equity and net income for the year have not been disclosed due to the secondary importance of the company.
» stashcat GmbH, Hanover, 100% participation, equity of the Company as at 31 December 2021 -373 thousand euros, net income for 2021 -634 thousand euros.

2. Inventories

in euros	31 Dec 2021	31 Dec 2020
Unfinished services	2,865,802.83	1,643,493.84
Work in progress	502,058.35	1,208,442.00
Finished goods	231,853.10	1,211,635.25
Trade goods	46,467,699.97	24,287,677.03
Advance payments	1,541,752.65	73,516.60
Total	51,609,166.90	28,424,764.72

The increase in the levels of trade goods at the balance sheet date was due to efforts to ensure the short to medium-term delivery capacity of the product business.

3. Receivables and other assets

in euros	31 Dec 2021	31 Dec 2020
Trade receivables	29,621,127.48	46,069,469.66
Intercompany receivables	10,652,803.95	6,990,713.60
of which trade receivables	(8,211,829.00)	(6,164,103.36)
of which transfer of net income	(2,440,974.95)	(826,610.24)
Other assets	651,175.18	1,198,986.06
Total	40,925,106.61	54,259,169.32

Trade receivables include receivables of 1,575,669.48 euros (previous year: 3,151,338.97 euros) with a residual term of more than one year.

The residual term of all other receivables and other assets was up to one year.

4. Cash in hand and balances with credit institutions

The liquid funds comprise cash in hand and bank balances amounting to a total of 106,230,783.40 euros (previous year: 93,401,283.42 euros). At the end of 2021, 40,000,000.00 euros was deposited at Nationalbank Essen as a deposit at notice.

5. Prepaid expenses and accrued income

Prepaid expenses include accruals of 8,992,876.95 euros (previous year: 7,155,565.18 euros). These are mainly short and long-term advance payments for product services sold as part of customer projects.

6. Equity

The share capital is 6,500,000.00 euros. It is divided into 6,500,000 bearer shares without par value.

In total, the Company continues to hold 30,498 treasury shares as at the balance sheet date (previous year 30,498 shares). They correspond to an arithmetical value of 0.469% or 30,498 euros of the share capital (previous year 0.469%). The nominal value of the treasury shares was openly offset against share capital.

The treasury shares were purchased as part of a share option programme for secunet employees in the years from 2001 to 2002.

The Annual General Meeting on 12 May 2021 resolved to appropriate the balance sheet profit of 16,432,535.08 euros for the 2020 financial year to pay out a dividend. As of 18 May 2021, a payment of 2.54 euros per share (6,469,502 individual shares) was made, making a total of 16,432,535.08 euros.

8,674,713.39 euros (= 19.95%) of the net income for the year 2021 totalling 43,480,634.15 euros will be deposited in the other revenue reserves in accordance with Section 58 (2), sentence 1 AktG.

The balance sheet profit as at 31 December 2021 is therefore 34,805,920.76 euros (previous year: 16,432,535.08 euros).

The majority shareholder, Giesecke + Devrient GmbH, holds a stake of 75.12% in secunet AG.

7. Provisions

in euros	31 Dec 2021	31 Dec 2020
Provisions for pensions and similar liabilities	6,737,035.00	5,720,186.00
Provisions for taxes	8,467,136.54	12,351,523.00
Other provisions	27,137,757.36	21,244,145.01
Total	42,341,928.90	39,315,854.01

The breakdown of other provisions is shown in the table below:

in euros	31 Dec 2021	31 Dec 2020
Non-current provisions
Provisions for anniversary bonuses	446,991.00	348,360.00
Long-term provision for share-based remuneration	545,089.00	0.00
Asset retirement and maintenance measures	1,060,489.50	0.00
Current provisions
Annual employee bonuses	18,066,484.00	12,884,033.00
Commissions	1,115,865.07	1,967,229.26
Covid-19 employee bonus	361,000.00	0.00
Warranties	571,000.00	422,000.00
Outstanding incoming invoices	1,568,109.07	2,535,566.70
Accrued holidays	1,668,566.66	1,317,753.72
Deferred costs	661,098.95	631,830.15
Asset retirement and maintenance measures	0.00	666,594.18
Accounting and auditing costs	194,940.00	158,500.00
Professional association contributions	255,650.00	170,000.00
Others	622,474.11	142,278.00
Total	27,137,757.36	21,244,145.01

For the 2021 financial year, the provision for commissions comprises payments due for the distribution of SINA licences, Elster sticks and connectors.

The warranty provisions pertain to a provision for obligations arising from a three-year warranty agreement for specific SINA core modules in the amount of 571 thousand euros.

The provision for asset retirement and maintenance measures essentially involves asset retirement and maintenance measures to be performed by the Company for leased properties in Dresden, Essen, Munich and Hanover.

8. Liabilities

in euros	31 Dec 2021	31 Dec 2020
Advance payments received on account of orders	1,047,612.44	900,838.94
Trade accounts payable	20,043,355.23	19,803,406.71
Intercompany payables	59,440.26	1,929,647.64
of which trade payables	(59,440.26)	(1,929,647.64)
Other liabilities	4,629,307.68	6,217,335.81
of which taxes	(4,564,388.70)	(6,155,023.11)
of which relating to social security	(4,668.64)	(5,120.33)
Total	25,779,715.61	28,851,229.10

All liabilities have a term of less than one year.

9. Deferred income and accrued expenses

Given the increase in the support business, earnings are increasingly accrued in conjunction with performance after the balance sheet date.

10. Sales revenue

The sales revenue was generated in the following regions:

in euros	2021	2020
Domestic	319,998,594.72	273,242,745.91
Abroad	7,423,012.04	5,821,809.68
Total	327,421,606.76	279,064,555.59

This sales revenue can be attributed to the divisions as follows:

in euros	2021	2020
Public	267,723,386.87	230,839,517.49
Business	59,698,219.89	48,225,038.10
Total	327,421,606.76	279,064,555.59

11. Other operating income

The other operating income of 3,378,635.96 euros (previous year: 5,909,098.54 euros) mainly includes public project grants (922,633.57 euros, previous year: 3,807,406.00 euros), reimbursements from damages (28,076.21 euros, previous year: 206,498.00 euros), income from the release of provisions (599,883.21 euros, previous year: 1,055,723.67 euros), income from secunet Service GmbH merger profit 1,509,552.98 euros, actuarial income from the adjustment of old-age and survivors' insurance premium reserve (182,112.36 euros, previous year: 175,248.16 euros) and other income (136,863.21 euros, previous year: 212,505.01 euros).

Income from currency conversion stood at 5,165.28 euros (previous year: 2,983.76 euros).

Approximately 600 thousand euros (17.8%) of the other operating income relates to other periods and results from the release of provisions.

12. Materials expenses

in euros	2021	2020
Cost of purchased goods	153,866,943.27	136,199,155.76
Cost of purchased services	14,562,869.30	13,763,891.37
Total	168,429,812.57	149,963,047.13

13. Personnel expenditure

in euros	2021	2020
Wages and salaries	61,285,328.31	47,374,744.62
Social security costs	9,129,001.33	6,734,348.48
Expenses for retirement pensions	207,231.06	8,029.53
Expenses for support	31,517.66	43,220.49
Total	70,653,078.36	54,160,343.12

14. Depreciation and amortisation of intangible fixed assets and tangible fixed assets

Depreciation and amortisation are broken down by individual item in the statement of fixed assets (see Appendix to the Notes).

15. Other operating expenses

in euros	2021	2020
secunet Group services	14,432.00	8,988,722.69
Rental costs	4,892,333.30	4,562,866.76
Inspection, consulting, legal protection	1,775,176.03	1,988,171.40
Travel expenses	847,833.23	1,032,973.28
Sales commission	1,702,318.30	1,967,090.82
Addition to other provisions	1,270,036.75	785,387.00
Advertising costs	2,270,056.33	536,476.73
Ancillary personnel expenses	1,989,208.67	763,744.22
Communication costs	1,713,051.53	1,335,460.02
Company car costs	1,015,766.33	828,204.35
Maintenance costs	2,321,075.24	1,546,862.99
Other third-party services	1,667,821.69	2,196,825.56
Entertainment and representation	187,548.10	217,735.20
Insurance premiums	332,896.62	283,587.50
Fees	255,208.11	247,559.28
Extraordinary items arising in relation to BilMoG – Revaluation of pension provisions	49,763.00	49,763.00
Other costs	1,703,256.42	2,760,359.49
Total	24,007,781.65	30,091,790.29

Expenses resulting from currency conversion stood at 12,819.95 euros (previous year: 7,917.40 euros).

16. Income from equity investments

Income from equity investments includes the net income for the year of secunet International GmbH & Co. KG, Essen, in the amount of 2,449,194.78 euros (previous year: 826,610.24 euros).

17. Financial result

in euros	2021	2020
Other interest and similar income	2,103.95	27,562.28
of which from affiliated companies	(-1,746.30)	(-26,075.00)
Depreciation of financial assets – all affiliated companies	-862,000.00	0.00
Interest and similar expenses	-707,478.62	-638,218.61
of which from interest accrued during the year	(-707,446.62)	(-627,863.00)
Total	-1,567,374.67	-610,656.33

18. Taxes

in euros	2021	2020
Income taxes	20,306,557.68	15,917,552.67
Other taxes	-6,211.36	22,364.00
Total	20,300,346.32	15,939,916.67

The income taxes relate predominantly to the 2021 financial year. Expenses of 91,276.72 euros and income of 8,947.00 euros are related to other accounting periods.

19. Appropriation of the balance sheet profit

Proposal for the appropriation of distributable earnings

From the balance sheet profit of 16,432,535.08 euros reported for the 2020 financial year, dividends of 2.54 euros per share (totalling 16,432,535.08 euros) were distributed in the 2021 financial year in accordance with the resolution of the Annual General Meeting on 12 May 2021.

secunet AG's Annual Financial Statements under commercial law for the 2021 financial year show net income for the year of 43,480,634.15 euros. Of this sum, 8,674,713.39 euros (= 19.95%) will be transferred to the other revenue reserves in accordance with Section 58 (2), sentence 1 AktG. This results in a balance sheet profit of 34,805,920.76 euros.

The Management Board will propose to the Annual General Meeting that a regular dividend of 3.37 euros per dividend-bearing share (corresponding to a regular distribution of around 50% of net income for the year) and a special dividend of 2.01 euros per dividend-bearing share, i. e. a total of 5.38 euros per dividend-bearing share, thus totalling 34,805,920.76 euros, be distributed on the dividend-bearing share capital of 6,469,502.00 euros. When determining the share capital entitled to a dividend, the total of 30,498 treasury shares was deducted.

in euros	2021
Carryforward as at 1 Jan 2021	16,432,535.08
Net income for the year 2021	43,480,634.15
Dividend payment in 2021	-16,432,535.08
Transfer to other revenue reserves	-8,674,713.39
Balance sheet profit at 31 Dec 2021	34,805,920.76
Proposal for the appropriation of distributable earnings
Dividend payment in 2022	-34,805,920.76
Carryforward	0.00

Other Notes

Employees

The average headcount over the year was 682 (previous year: 528). In addition, 97 temporary workers (previous year: 65) were also employed, making a total of 780 (previous year: 593) employees.

Other financial liabilities

As at the balance sheet date, other financial liabilities totalled 17,121,295.83 euros. They consisted mainly of the nominal amount of liabilities arising from office tenancy agreements and lease agreements for company vehicles, of which 3,425,568.53 euros have less than one year to run and 9,556,220.58 euros are due within a period of between one year and five years. Liabilities amounting to 4,139,506.72 euros are due after more than five years. None of the total liabilities are towards affiliated companies.

Open purchase orders

As at 31 December 2021, there were liabilities with regard to open purchase orders for goods and services in the amount of 16,285,267.65 euros.

Contingent liabilities

The Company has contingent liabilities in the amount of 6,113.00 euros (previous year: 203,835.00 euros) from a debt entry and release agreement with secunet International GmbH & Co. KG, Essen, with regard to secured direct commitments (pension, anniversary and death benefit obligations) to employees, which were transferred to the respective company as part of the transfer of operations in accordance with Section 613a of the German Civil Code (BGB) with effect from 1 January 2018.

It is not expected that these contingent liabilities will be realised due to the current economic situation of the subsidiaries.

Relations with affiliated companies

Through Giesecke + Devrient GmbH, Munich, the Company is an affiliated company of MC Familiengesellschaft mbH, Munich, which prepares the Consolidated Financial Statements for the largest group of companies. Additionally, the Company is included in the Consolidated Financial Statements of Giesecke + Devrient GmbH, Munich. Giesecke + Devrient GmbH prepares the Consolidated Financial Statements for the smallest group of companies. The Consolidated Financial Statements are published in the Federal Gazette.

Auditors' fees

The total fee charged by the Company's auditors is broken down into audit services, other assurance services and other services in the corresponding disclosure in the Consolidated Financial Statements of secunet AG. For secunet Security Networks AG and the companies it controls, other assurance services were provided mainly for services in connection with the economic audit of the non-financial statement and the substantive audit of the Management Board remuneration report.

Miscellaneous

The total remuneration of the active members of the Management Board pursuant to Section 285 no. 9 of the German Commercial Code (HGB) for their work in the reporting year amounted to 2,472 thousand euros (previous year: 2,243 thousand euros). This includes the basic remuneration, fringe benefits and benefits in kind, short-term variable remuneration and the expense for long-term variable remuneration recognised in the financial year. For the long-term variable remuneration, provisional virtual shares were granted within the framework of the 2021 – 2024 tranche, the fair value of which amounted to 545 thousand euros at the time of allocation.

For former members of the Management Board, liabilities from pension commitments amounted to 1,332 thousand euros as at the reporting date (previous year: 1,265 thousand euros).

Pension payments for former members of the Management Board were made in the amount of 44.1 thousand euros (previous year: 44.1 thousand euros).

Former members of the Management Board received fees of 40.7 thousand euros (previous year: 39.3 thousand euros) in connection with consultancy contracts.

Supervisory Board remuneration in the financial year totalled 88.0 thousand euros (previous year: 88.0 thousand euros).

Members of the Management Board held 880 shares in the Company as at the reporting date.

The members of the Supervisory Board held no shares in the Company as at the reporting date.

The Management Board and Supervisory Board issued the declaration pursuant to Section 161 AktG in respect of secunet AG. This has been made permanently available to shareholders on the Company's website (www.secunet.com) under >> About Us >> Investors.

Declarations pursuant to Section 160 (1), no. 8 AktG:

Voting rights are held in the Company as at the balance sheet date for 2021. The following disclosures are based on those disclosures made by the parties subject to notification obligations in accordance with Section 33 (1) of the German Securities Trading Act (Wertpapierhandelsgesetz, WpHG).

8 November 2021: Publication of voting-right notices in accordance with Section 40 (1) WpHG:

Axxion S. A., Grevenmacher, Luxembourg informed us in accordance with Section 33 (1) WpHG on 5 November 2021 that its share of the voting rights in secunet Security Networks AG, Essen, Germany, ISIN: DE0007276503, WKN: 727650, fell below the threshold of 3% of the voting rights on 4 November 2021, and on this date totalled 2.97% (corresponding to 193,018 voting rights).

11 October 2012: Publication of voting-right notices in accordance with Section 21 (1) WpHG (old version)

MC Familiengesellschaft mbH, headquartered in Tutzing, Germany informed us in accordance with Section 21 (1) WpHG on 9 October 2012 that the MC Familiengesellschaft mbH share of the voting rights in secunet Security Networks AG, Essen, Germany, ISIN: DE0007276503, WKN: 727650, exceeded the thresholds of 3%, 5%, 10%, 15%, 20%, 25%, 30%, 50% and 75% of the voting rights on 8 October 2012, and on this date totalled 79.43% (corresponding to 5,163,102 voting rights).

Of these, in accordance with Section 22 (1), sentence 1, no.1 WpHG, 78.96% are attributable to MC Familiengesellschaft mbH (corresponding to 5,132,604 voting rights) via Giesecke + Devrient Gesellschaft mit beschränkter Haftung, Munich, and 0.47% (corresponding to 30,498 voting rights) via secunet Security Networks AG, Essen.

12 February 2009: Publication of a voting-right notice in accordance with Section 21 (1) WpHG (old version)

Giesecke & Devrient Holding GmbH, Munich, Germany, informed us in accordance with Section 21 (1) WpHG on 10 February 2009 that its share of the voting rights in secunet Security Networks AG, Kronprinzenstrasse 30, 45128 Essen, Germany, ISIN: DE0007276503, exceeded the thresholds of 5%, 10%, 25%, 50% and 75% on 30 November 2006 and amounted to 76.38% (corresponding to 4,964,958 voting rights) as of that date.

Of these, 50% + 1 share (corresponding to 3,250,001 voting rights) are attributable to Giesecke & Devrient Holding GmbH pursuant to Section 22 (1), sentence 1, no. 1 WpHG via Giesecke & Devrient GmbH, Munich, and 26.38% (corresponding to 1,714,957 voting rights) pursuant to Section 22 (2) WpHG via RWTÜV AG, Essen.

Corporate bodies

Management Board

Qualified industrial engineer Axel Deininger, Chairman of the Management Board / CEO

Torsten Henn, Member of the Management Board / COO

Dr Kai Martius, Member of the Management Board / CTO

Qualified business economist Thomas Pleines, Chief Financial Officer / CFO

Supervisory Board

Dr Ralf Wintergerst, Baldham

Chairman

Chairman of the Management Board and CEO of Giesecke + Devrient GmbH, Munich

Other directorships:

» Chairman of the shareholders' committee of Veridos GmbH
» President of the Board of Directors of Netcetera AG, Zurich, Switzerland

Dr oec Peter Zattler, Grünwald

Vice Chairman

Member of the Management Board of Giesecke + Devrient GmbH, Munich

Other directorships:

» Veridos Matsoukis S. A., Athens, Greece
» Member of the shareholders' committee of Veridos GmbH, Berlin

Dr rer pol Elmar Legge, Schermbeck Member of the Supervisory Board

Member of the Management Board of the GREIF Foundation, Mülheim an der Ruhr

Other directorships:

» AKTAIOS GmbH, Essen
» RWTÜV GmbH, Essen
» TÜV Thüringen e. V., Erfurt

Jörg Marx, Dresden Employee representative

No other directorships

Gesa-Maria Rustemeyer, Berlin

Employee representative

No other directorships

Prof Dr-Ing Günter Schäfer, Berlin

Member of the Supervisory Board

University professor, University of Technology, Ilmenau

No other directorships

Events after the balance sheet date

Essen, 22 March 2022

Axel Deininger Torsten Henn

Dr Kai Martius Thomas Pleines

Changes in fixed assets

of secunet Security Networks Aktiengesellschaft in the 2021 financial year (Appendix to the Notes)

			Historical costs
in euros	as at 1 Jan 2021	Additions	Change due to merger of secunet Service GmbH	Reclassifica tions	Disposals	as at 31 Dec 2021
I. Intangible fixed assets
1. Acquired concessions, industrial property rights and similar rights and values, and licences to such rights	120,000.00	0.00	0.00	0.00	0.00	120,000.00
2. Acquired software	3,985,402.41	216,312.60	408,623.76	0.00	-66,978.89	4,543,359.88
3. Goodwill	3,795,966.00	0.00	0.00	0.00	0.00	3,795,966.00
4. Intangible assets under construction	0.00	0.00	0.00	0.00	0.00	0.00
Intangible fixed assets, total	7,901,368.41	216,312.60	408,623.76	0.00	-66,978.89	8,459,325.88
II. Tangible fixed assets
1. Other equipment, factory and office equipment	19,105,042.56	4,275,897.01	174,113.51	18,509.84	-1,151,859.72	22,421,703.20
2. Assets under construction	18,509.84	41,683.38	0.00	-18,509.84	0.00	41,683.38
Tangible fixed assets, total	19,123,552.40	4,317,580.39	174,113.51	0.00	-1,151,859.72	22,463,386.58
III. Financial assets
1. Shares in affiliated companies	3,814,208.75	10,022,650.00	-25,000.00	0.00	0.00	13,811,858.75
2. Shares in affiliated partnerships	108,231.00	0.00	0.00	0.00	0.00	108,231.00
3. Loans to affiliated companies	613,550.26	600,000.00	0.00	0.00	0.00	1,213,550.26
3. Premium reserve shares from reinsur ance contracts	6,275,349.00	139,032.00	0.00	0.00	0.00	6,414,381.00
Financial assets, total	10,811,339.01	10,761,682.00	-25,000.00	0.00	0.00	21,548,021.01
Total fixed assets	37,836,259.82	15,295,574.99	557,737.27	0.00	-1,218,838.61	52,470,733.47

	Carrying amounts			Accumulated depreciations
as at 31 Dec 2020	as at 31 Dec 2021	as at 31 Dec 2021	Disposals	Change due to merger of secunet Service GmbH	Additions	as at 1 Jan 2021



0.00	0.00	120,000.00	0.00	0.00	0.00	120,000.00
2,294,641.00	2,025,948.00	2,517,411.88	-54,952.89	108,555.76	773,047.60	1,690,761.41
507,471.00	415,851.00	3,380,115.00	0.00	0.00	91,620.00	3,288,495.00
0.00	0.00	0.00	0.00	0.00	0.00	0.00
2,802,112.00	2,441,799.00	6,017,526.88	-54,952.89	108,555.76	864,667.60	5,099,256.41


6,022,626.00	7,190,008.48	15,231,694.72	-1,116,815.72	62,128.51	3,203,965.37	13,082,416.56
18,509.84	41,683.38	0.00	0.00	0.00	0.00	0.00

6,041,135.84	7,231,691.86	15,231,694.72	-1,116,815.72	62,128.51	3,203,965.37	13,082,416.56

1,536,946.76	10,672,596.76	3,139,261.99	0.00	0.00	862,000.00	2,277,261.99

108,231.00	108,231.00	0.00	0.00	0.00	0.00	0.00
0.00	600,000.00	613,550.26	0.00	0.00	0.00	613,550.26

6,275,349.00	6,414,381.00	0.00	0.00	0.00	0.00	0.00
7,920,526.76	17,795,208.76	3,752,812.25	0.00	0.00	862,000.00	2,890,812.25
16,763,774.60	27,468,699.62	25,002,033.85	-1,171,768.61	170,684.27	4,068,632.97	21,243,169.49

Changes in fixed assets

of secunet Security Networks Aktiengesellschaft in the 2021 financial year (Appendix to the Notes)

Independent auditor's report

To secunet Security Networks Aktiengesellschaft, Essen

Report on the audit of the annual financial statements and of the management report

Audit opinions

We have audited the annual financial statements of secunet Security Networks Aktiengesellschaft, Essen, which comprise the balance sheet as at 31 December 2021, and the income statement for the financial year from 1 January to 31 December 2021, and notes to the annual financial statements, including the presentation of the recognition and measurement policies. In addition, we have audited the management report of secunet Security Networks Aktiengesellschaft, which is combined with the Group management report, for the financial year from 1 January to 31 December 2021. In accordance with the German legal requirements, we have not audited the content of the non-financial statement pursuant to Section 289b (1) HGB and Section 315b (1) HGB.

In our opinion, on the basis of the knowledge obtained in the audit,

» the accompanying annual financial statements comply, in all material respects, with the requirements of German commercial law and give a true and fair view of the assets, liabilities and financial position of the Company as at 31 December 2021 and of its financial performance for the financial year from 1 January to 31 December 2021 in compliance with German Legally Required Accounting Principles, and
» the accompanying management report as a whole provides an appropriate view of the Company's position. In all material respects, this management report is consistent with the annual financial statements, complies with German legal requirements and appropriately presents the opportunities and risks of future development. Our audit opinion on the management report does not cover the content of the above-mentioned non-financial statement.

Pursuant to Section 322 (3), sentence 1 HGB [Handelsgesetzbuch: German Commercial Code], we declare that our audit has not led to any reservations relating to the legal compliance of the annual financial statements and of the management report.

Basis for the audit opinions

We conducted our audit of the annual financial statements and of the management report in accordance with Section 317 HGB and EU Audit Regulation No. 537 / 2014 (referred to subsequently as "EU Audit Regulation") and in compliance with German Generally Accepted Standards for Financial Statement Audits promulgated by the Institut der Wirtschaftsprüfer [Institute of Public Auditors in Germany] (IDW). Our responsibilities under those requirements and principles are further described in the "Auditor's responsibilities for the audit of the annual financial statements and of the management report" section of our auditor's report. We are independent of the Company in accordance with the requirements of European law and German commercial and professional law, and we have fulfilled our other German professional responsibilities in accordance with these requirements. In addition, in accordance with Article 10 (2), point (f) of the EU Audit Regulation, we declare that we have not provided non-audit services prohibited under Article 5 (1) of the EU Audit Regulation. We believe that the evidence we have obtained is sufficient and appropriate to provide a basis for our audit opinions on the annual financial statements and on the management report.

Key audit matters in the audit of the annual financial statements

Key audit matters are those matters that, in our professional judgement, were of most significance in our audit of the annual financial statements for the financial year from 1 January to 31 December 2021. These matters were addressed in the context of our audit of the annual financial statements as a whole, and in forming our audit opinion thereon, we do not provide a separate audit opinion on these matters.

In our view, the matter of most significance in our audit was as follows:

Revenue recognition

Our presentation of this key audit matter has been structured as follows:

» Matter and issue
» Audit approach and findings
» Reference to further information

Hereinafter we present the key audit matter:

Revenue recognition

» Revenue amounting to € 327 million is reported in the income statement in the annual financial statements of secunet Security Networks Aktiengesellschaft.

secunet Security Networks Aktiengesellschaft generates revenue from the sale of hardware products and software licences, which it recognises at the time the service is rendered and the risks transfer to the customer. If at that time further services are agreed with the customer, particularly for maintenance, updates and extended warranty commitments, the realisation criteria for each component are applied separately.

Furthermore, secunet Security Networks Aktiengesellschaft realises revenue from the provision of specialised services relating to consulting on the implementation of comprehensive IT security solutions as well as the development of software, essentially on the basis of work hours performed as at the reporting date.

» As part of our audit, we used IT-based audit techniques to assess, among other things, the appropriateness and effectiveness of the Company's established internal control system with respect to the full and correct recognition of revenue as well as the allocation of that revenue to the correct periods. Furthermore, we obtained an understanding of the underlying contractual agreements and assessed them with regard to the time at which revenue can be recognised. We consulted and evaluated the corresponding contractual documents to assess the recognition of revenue, and primarily compared invoices for revenue, which were selected on a test basis for revenue which was realised in December 2021 and January 2022, against the associated orders, contracts, external delivery documentation, acceptance certificates and timesheets Moreover, we obtained balance confirmations for trade receivables on a test basis. In instances where we did not receive responses with respect to the requested balances, we reviewed those balances on the basis of alternative audit procedures, particularly by comparing balances against the aforementioned external documents.

» The Company's disclosures relating to revenue are contained in the section "Accounting and valuation methods" of the notes to the financial statements and in Section 10 "Sales revenue".

Other information

The other information also comprises:

» the corporate governance statement pursuant to Section 289f HGB and Section 315d HGB
» the remuneration report pursuant to Section 162 AktG, for which the Supervisory Board is additionally responsible
» all remaining parts of the annual report excluding cross-references to external information with the exception of the audited annual financial statements, the audited management report and our auditor's report.

Our audit opinions on the annual financial statements and on the management report do not cover the other information, and consequently we do not express an audit opinion or any other form of assurance conclusion thereon.

In connection with our audit, our responsibility is to read the other information and, in so doing, to consider whether the other information

» is materially inconsistent with the annual financial statements, with the management report disclosures audited in terms of content, or with our knowledge obtained in the audit, or
» otherwise appears to be materially misstated.

Responsibilities of the executive directors and the Supervisory Board for the annual financial statements and the management report

The executive directors are responsible for the preparation of the annual financial statements that comply, in all material respects, with the requirements of German commercial law, and that the annual financial statements give a true and fair view of the assets, liabilities, financial position and financial performance of the Company in compliance with German Legally Required Accounting Principles. In addition, the executive directors are responsible for such internal control as they, in accordance with German Legally Required Accounting Principles, have determined necessary to enable the preparation of annual financial statements that are free from material misstatement, whether due to fraud or error.

In preparing the annual financial statements, the executive directors are responsible for assessing the Company's ability to continue as a going concern. They also have the responsibility for disclosing, as applicable, matters related to going concern. In addition, they are responsible for financial reporting based on the going concern basis of accounting, provided no actual or legal circumstances conflict therewith.

Furthermore, the executive directors are responsible for the preparation of the management report that as a whole provides an appropriate view of the Company's position and is, in all material respects, consistent with the annual financial statements, complies with German legal requirements, and appropriately presents the opportunities and risks of future development. In addition, the executive directors are responsible for such arrangements and measures (systems) as they have considered necessary to enable the preparation of a management report that is in accordance with the applicable German legal requirements, and to be able to provide sufficient appropriate evidence for the assertions in the management report.

The Supervisory Board is responsible for overseeing the Company's financial reporting process for the preparation of the annual financial statements and of the management report.

Auditor's responsibilities for the audit of the annual financial statements and of the management report

Our objectives are to obtain reasonable assurance about whether the annual financial statements as a whole are free from material misstatement, whether due to fraud or error, and whether the management report as a whole provides an appropriate view of the Company's position and, in all material respects, is consistent with the annual financial statements and the knowledge obtained in the audit, complies with the German legal requirements and appropriately presents the opportunities and risks of future development, as well as to issue an auditor's report that includes our audit opinions on the annual financial statements and on the management report.

Reasonable assurance is a high level of assurance, but is not a guarantee that an audit conducted in accordance with Section 317 HGB and the EU Audit Regulation and in compliance with German Generally Accepted Standards for Financial Statement Audits promulgated by the Institut der Wirtschaftsprüfer (IDW) will always detect a material misstatement. Misstatements can arise from fraud or error and are considered material if, individually or in the aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis of these annual financial statements and this management report.

We exercise professional judgement and maintain professional scepticism throughout the audit. We also:

» Identify and assess the risks of material misstatement of the annual financial statements and of the management report, whether due to fraud or error, design and perform audit procedures responsive to those risks, and obtain audit evidence that is sufficient and appropriate to provide a basis for our audit opinions. The risk of not detecting a material misstatement resulting from fraud is higher than for one resulting from error, as fraud may involve collusion, forgery, intentional omissions, misrepresentations, or the override of internal controls.
» Obtain an understanding of internal control relevant to the audit of the annual financial statements and of arrangements and measures (systems) relevant to the audit of the management report in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an audit opinion on the effectiveness of these systems of the Company.
» Evaluate the appropriateness of accounting policies used by the executive directors and the reasonableness of estimates made by the executive directors and related disclosures.
» Conclude on the appropriateness of the executive directors' use of the going concern basis of accounting and, based on the audit evidence obtained, whether a material uncertainty exists related to events or conditions that may cast significant doubt on the Company's ability to continue as a going concern. If we conclude that a material uncertainty exists, we are required to draw attention in the auditor's report to the related disclosures in the annual financial statements and in the management report or, if such disclosures are inadequate, to modify our respective audit opinions. Our conclusions are based on the audit evidence obtained up to the date of our auditor's report. However, future events or conditions may cause the Company to cease to be able to continue as a going concern.
» Evaluate the overall presentation, structure and content of the annual financial statements, including the disclosures, and whether the annual financial statements present the underlying transactions and events in a manner that the annual financial statements give a true and fair view of the assets, liabilities, financial position and financial performance of the Company in compliance with German Legally Required Accounting Principles.
» Evaluate the consistency of the management report with the annual financial statements, its conformity with German law, and the view of the Company's position it provides.
» Perform audit procedures on the prospective information presented by the executive directors in the management report. On the basis of sufficient appropriate audit evidence we evaluate, in particular, the significant assumptions used by the executive directors as a basis for the prospective information, and evaluate the proper derivation of the prospective information from these assumptions. We do not express a separate audit opinion on the prospective information and on the assumptions used as a basis. There is a substantial unavoidable risk that future events will differ materially from the prospective information.

From the matters communicated with those charged with governance, we determine those matters that were of most significance in the audit of the annual financial statements of the current period and are therefore the key audit matters. We describe these matters in our auditor's report unless law or regulation precludes public disclosure about the matter.

Other legal and regulatory requirements

Assurance report in accordance with Section 317 (3a) HGB on the electronic reproduction of the annual financial statements and the management report prepared for publication purposes

Reasonable assurance conclusion

We have performed an assurance engagement in accordance with Section 317 (3a) HGB to obtain reasonable assurance about whether the reproduction of the annual financial statements and the management report (hereinafter the "ESEF documents") contained in the electronic file secunet_AG_JA_LB_ESEF_2021_12_31.zip and prepared for publication purposes complies in all material respects with the requirements of Section 328 (1) HGB for the electronic reporting format ("ESEF format"). In accordance with German legal requirements, this assurance engagement only extends to the conversion of the information contained in the annual financial statements and the management report into the ESEF format and therefore relates neither to the information contained within this reproduction nor to any other information contained in the above-mentioned electronic file.

In our opinion, the reproduction of the annual financial statements and the management report contained in the above-mentioned attached electronic file and prepared for publication purposes complies in all material respects with the requirements of Section 328 (1) HGB for the electronic reporting format We do not express any opinion on the information contained in this reproduction nor on any other information contained in the above-mentioned electronic file beyond this reasonable assurance conclusion and our audit opinion on the accompanying annual financial statements and the accompanying management report for the financial year from 1 January to 31 December 2021 contained in the "Report on the audit of the annual financial statements and on the management report" above.

Basis for the reasonable assurance conclusion

We conducted our assurance engagement on the reproduction of the annual financial statements and the management report contained in the above-mentioned attached electronic file in accordance with Section 317 (3a) HGB and the IDWAssurance Standard: Assurance in Accordance with Section 317 (3a) HGB on the Electronic Reproduction of Financial Statements and Management Reports Prepared for Publication Purposes (IDW PS 410 (10.2021)) and the International Standard on Assurance Engagements 3000 (Revised). Accordingly, our responsibilities are further described below in the "Auditor's responsibilities for the assurance engagement on the ESEF documents" section. Our audit firm has applied the IDW Standard on Quality Management: Requirements for Quality Management in the Audit Firm (IDW QS 1).

Responsibilities of the executive directors and the Supervisory Board for the ESEF documents

The executive directors of the Company are responsible for the preparation of the ESEF documents including the electronic reproduction of the annual financial statements and the management report in accordance with Section 328 (1), sentence 4, no. 1 HGB.

The Supervisory Board is responsible for overseeing the preparation of the ESEF documents as part of the financial reporting process.

Auditor's responsibilities for the assurance engagement on the ESEF documents

» Identify and assess the risks of material noncompliance with the requirements of Section 328 (1) HGB, whether due to fraud or error, design and perform assurance procedures responsive to those risks, and obtain assurance evidence that is sufficient and appropriate to provide a basis for our assurance conclusion.
» Obtain an understanding of internal control relevant to the assurance engagement on the ESEF documents in order to design assurance procedures that are appropriate in the circumstances, but not for the purpose of expressing an assurance conclusion on the effectiveness of these controls.
» Evaluate the technical validity of the ESEF documents, i. e. whether the electronic file containing the ESEF documents meets the requirements of the Delegated Regulation (EU) 2019 / 815 in the version applicable as at the balance sheet date on the technical specification for this electronic file.
» Evaluate whether the ESEF documents enable an XHTML reproduction with content equivalent to the audited annual financial statements and to the audited management report.

Further information pursuant to Article 10 of the EU Audit Regulation

We were elected as auditor by the Annual General Meeting on 12 May 2021. We were engaged by the Supervisory Board on 28 July 2021. We have been the auditor of secunet Security Networks Aktiengesellschaft, Essen, without interruption since the 2020 financial year.

Reference to any other matter – use of the auditor's report

Our auditor's report should always be read in conjunction with the audited annual financial statements and the audited management report as well as the audited ESEF documents. The annual financial statements and the management report converted into the ESEF format – including the versions to be published in the Federal Gazette – are merely electronic reproductions of the audited annual financial statements and the audited management report and do not replace them. In particular, the "Assurance report in accordance with Section 317 (3a) HGB on the electronic reproduction of the annual financial statements and the management report prepared for publication purposes" and our assurance conclusion contained therein can only be used in conjunction with the audited ESEF documents provided in electronic form.

German public auditor responsible for the engagement

The German public auditor responsible for the engagement is Lutz Granderath.

Essen, 23 March 2022

PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft

Lutz Granderath Michael Herting German Public Auditor German Public Auditor

Responsibility statement

"To the best of our knowledge, and in accordance with the applicable accounting principles, the Annual Financial Statements give a true and fair view of the assets, liabilities, financial position and results of operations of the Company, and the Management Report includes a true and fair review of the development and performance of the business and the position of the Company, together with a description of the principal opportunities and risks associated with the expected development of the Company."

Essen, 22 March 2022

Axel Deininger Torsten Henn

Dr Kai Martius Thomas Pleines

Remuneration report pursuant to Section 162 AktG
Independent auditor's report on the audit of the remuneration report pursuant to Section 162 AktG
Independent practitioner's report on a limited assurance engagement on non-financial reporting
Service

Remuneration report pursuant to Section 162 AktG

The remuneration report explains the remuneration of former and current members of the Management Board, the remuneration of members of the Supervisory Board of secunet Security Networks Aktiengesellschaft in accordance with the Articles of Association in the 2021 financial year and the other benefits paid to the current members of the Management Board. It contains detailed information on the remuneration system which is necessary for understanding the disclosures, covering the remuneration of and benefits paid to members of the Management Board, the remuneration of members of the Supervisory Board and explanations of how the remuneration promotes the long-term development of secunet Security Networks Aktiengesellschaft. Preparation of the remuneration report in accordance with Section 162 AktG is the responsibility of the Management Board and the Supervisory Board. The remuneration report and the auditor's report on the substantive audit carried out are available on the secunet Security Networks Aktiengesellschaft website (www.secunet.com under >> About Us >> Investors). Information on the respective current remuneration systems can also be found on the website. The remuneration report is based in particular on the new requirements arising from the Act Implementing the Second Shareholder Rights Directive (ARUG II) and the recommendations of the German Corporate Governance Code (GCGC) as amended on 16 December 2019 (GCGC 2020).

Remuneration system of the members of the Management Board

Changes to and approval of the remuneration system

The changes essentially concern the following points:

» Change in multi-year variable remuneration (agreement on new non-financial performance targets from the area of environmental, social and corporate governance (ESG) criteria as well as capital market targets)
» Introduction of a malus / clawback provision (Section 162 (1), sentence 2, no. 4 AktG)
» Determination of maximum remuneration for Management Board members (Section 162 (1), sentence 2, no. 7 AktG)

The current remuneration system was presented for approval for the first time at the Annual General Meeting on 12 May 2021. The remuneration system presented was adopted with an approval rate of 97.44%. Pursuant to the provisions of Section 120a AktG, the Supervisory Board must present the remuneration system for approval at the Annual General Meeting whenever there is a significant change, but at least every four years. The remuneration agreements of the active Management Board members have been adjusted to the amended remuneration system.

Remuneration system of the Management Board as of the 2021 financial year

General principles of remuneration

The system for the remuneration of Management Board members makes a significant contribution to implementation of the corporate strategy of secunet Security Networks AG (hereinafter also secunet AG). The structure of the individual remuneration components is to be linked to the achievement of key Company targets. In this respect, Management Board remuneration is based in particular on long-term and sustainable growth, increased profitability, competitiveness and sustainability targets. Besides key financial indicators, it also takes non-financial performance indicators into account, which are equally essential to the long-term and sustainable success of the Company. These incentives align the interests of the Management Board with those of shareholders, employees, customers and other stakeholders for the benefit of the Company's successful development. The remuneration system also ensures that the members of the Management Board are remunerated appropriately according to their performance and respective area of responsibility.

When structuring the remuneration of the Management Board, the Supervisory Board takes into account the following principles in particular:

» Promotion of the corporate strategy
» Long-term and sustainable development
» Appropriateness
» Pay for performance
» Alignment with shareholder interests
» Market conformity
» Consistency of the remuneration system

Procedures for establishing, implementing and reviewing the remuneration system

General procedure

The remuneration system for the Management Board is determined by the Supervisory Board pursuant to the provisions of Sections 87 (1) and 107 (3), sentence 7 of the Stock Corporation Act. The Supervisory Board may, if necessary, make use of external consultants for developing the system. When appointing remuneration consultants, particular attention is paid to their independence.

In structuring the remuneration system, due consideration is given to the appropriateness of Management Board remuneration. When determining the variable remuneration parameters, the Supervisory Board also ensures consistency with the remuneration system in relation to the employees of secunet AG by fundamentally applying at least partially identical performance criteria for the variable remuneration of employees as for the Management Board.

The requirements of the German Stock Corporation Act, the requirements of the Act Implementing the Second Shareholder Rights Directive (ARUG II), in particular, and the recommendations of the German Corporate Governance Code in the version adopted on 16 December 2019 (GCGC 2020) for handling conflicts of interest on the Supervisory Board are also observed in the establishment, implementation and review of the remuneration system. Members of the Supervisory Board are required to disclose any potentially conflicting interests. In such cases, the members concerned shall not be involved in the items subject to conflict.

The present system for remuneration of the members of the Management Board of secunet AG has been in force since 1 January 2021. Granted remuneration, including that from previously relevant provisions on variable remuneration, for periods prior to 1 January 2021 is based on the respective underlying contracts of the Management Board members. Where relevant, this remuneration is also presented and explained below.

Determination of the appropriate target remuneration by the Supervisory Board for the 2021 financial year

In keeping with the remuneration system, the Supervisory Board determines the amount of the total target remuneration for the individual members of the Management Board as well as the assessment basis or performance criteria for the variable remuneration components. In this context, care is taken to ensure that the total target remuneration is commensurate with the duties and performance of the Management Board member as well as the situation of the Company, is geared towards the long-term and sustainable development of the Company and does not exceed the customary remuneration without special reasons. When assessing the customary level of remuneration of the respective Management Board member, both the comparable external corporate environment (horizontal comparison) and the internal Company remuneration (vertical comparison) are taken into account:

Horizontal comparison

In horizontal terms, reference is made to an appropriate comparison group (so-called peer group) when determining the remuneration level. Generally, the peer group is selected using the criteria of sales, market capitalisation, balance sheet total, company location, number of employees and sector comparability. Against the background of the Company's specialisation in IT security solutions, the Supervisory Board normally takes into account a representative number of comparable IT companies headquartered in Germany as the peer group.

Vertical comparison

In the vertical comparison, the appropriateness of the remuneration is reviewed with due regard to the remuneration of the group of senior executives (in the sense of the first level below the Management Board without the central divisions (secunet Services and staff departments)) and the relevant total workforce, also taking into account the development of remuneration over time.

The target remuneration of the Management Board members for the 2021 financial year is as follows:

Remuneration component (in euros)	Deininger (full member of the Management Board from 1 January 2018 to 31 May 2019, Chairman of the Management Board since 1 June 2019)	Henn (full member of the Management Board since 1 June 2019)	Dr Martius (full member of the Management Board since 1 June 2019)	Pleines (full member of the Management Board since 18 March 1999)
Basic remuneration	270,000.00	205,000.00	205,000.00	250,000.00
Fringe benefits 1	27,708.00	24,925.00	31,190.00	28,058.00
Short-term variable remuneration	130,000.00	100,000.00	100,000.00	100,000.00
Long-term variable compensation	140,000.00	105,000.00	105,000.00	110,000.00
Pension benefits 2	24,567.00	12,750.00	12,750.00	37,298.00
Total	592,275.00	447,675.00	453,940.00	525,356.00

1 In the case of fringe benefits, the actual value of the financial year is used, as no cap amount has been established here.

2 Deininger and Pleines: allocation in accordance with IFRS to the pension provisions for direct pension commitments; Henn and Dr Martius: pension remuneration for indirect pension commitments

Compared to the remuneration system that applied in the 2020 financial year, the target remuneration decreased on average by -3.4%.

The options existing in the remuneration system for deviating from the remuneration system were not exercised in determining the target remuneration for the financial year nor in determining the remuneration granted and owed.

The Supervisory Board considers the remuneration for the 2021 financial year to be appropriate.

Overview of the remuneration system structure

The remuneration of the members of the Management Board comprises performance-based and non-performance-based components. An overview of the remuneration system is outlined below:

Overview of the remuneration system

Remuneration component		Purpose	Contractual design
Non-performance-based components	Basic remuneration	Assurance of an appropriate income Consideration of portfolio / duties of the Management Board member	Fixed contractually agreed remuneration paid in twelve equal monthly instalments
	Fringe benefits	Assumption of costs / compensation for disadvantages	Benefits in kind and other benefits; essentially the granting of private use of company cars and insur ance allowances (accident insurance, allowances for health, long-term care and pension insurance), con payment of remuneration in the event of illness, and death grants	clusion of a D & O insurance policy as well as continued
	Pension commitment	Establishment of private pension assets	Different pension commitments depending on the date of joining the Management Board: lifelong pen sion with surviving dependants' benefits or payment of a monthly pension contribution.
			For one Management Board member who was already appointed to the Company's Management Board in 1999, a defined benefit pension commitment applies in accordance with the pension scheme of Rheinischer Westfälischer TÜV in its currently valid version, with the pensionable remuneration as the assessment parameter being individually capped
			For the Management Board member appointed in 2017, a defined contribution, module-based pension a fixed annual pension module applies	commitment in the form of a direct commitment with
			For the other members of the Management Board who joined after this date and for any new Man agement Board members joining in the future who are to be remunerated in accordance with this remuneration system, a defined contribution plan applies, which is generally implemented externally amount of a specific percentage	and provides for an annual pension contribution in the
Performance-based components	Short-term (one-year) variable remuneration	Achievement of Company targets for the current financial year	Type	Bonus (paid in cash)
			Assessment period	Financial year
			Bonus cap	200% of target achievement 200% payment of target value
			Performance criteria	Financial Company tar gets related to the finan cial year (e. g. earnings target (EBIT) and growth target (sales)), where the targets and their weight ing can be redefined for each financial year

Remuneration component		Purpose	Contractual design
Performance-based components	Short-term (one-year) variable remuneration	Achievement of Compa ny targets for the current financial year	Type	Bonus (paid in cash)
			Option of adjustment in the event of extraordi nary developments	Adjustment by decreas ing or increasing the calculated bonus by up to 20% possible in the event of extraordinary develop ments, but limited by the bonus cap; if the calcu lated payout amount is zero, an increase to up to 10% of the target bonus amount can be made
			Payout	In the following financial year, one month after adoption of the annual financial statements for the respective previous financial year
	Long term (multi-year) variable remuneration	Incentive to sustainably increase the Company's success Special consideration of shareholder interests	Plan type	Virtual (forward-looking) Performance Share Plan (cash payout)
			Assessment period	Four years
			Limitation / Cap	150% of target achievement 200% payment of target amount
			Performance criteria	Capital market tar get, e. g. relative total shareholder return (TSR) compared to benchmark index Strategic targets Environmental, social, governance (ESG) targets / sustainability targets
			Option of adjustment in the event of extraordi nary developments	Adjustment by decreas ing or increasing the calculated PSP payout amount by up to 20% possible in the event of extraordinary develop ments, but limited by the cap; if the calculated PSP payout amount is zero, an increase to up to 10% of the target bonus amount can be made
			Payout	Payment with the next possible salary statement after adoption of the Company's consolidat ed financial statements following the end of the respective performance period, but not later than 31 December of the financial year following the end of the perfor mance period

Remuneration component		Purpose	Contractual design
Other remuneration arrangements	Maximum remuneration	Inappropriate levels of disbursement are avoided	The highest possible maximum remuneration under this remuneration system is set at 1,000,000 euros gross per year for the Chairman of the Management Board and at 900,000 euros gross per year for each of the other members of the Management Board; a lower maximum remuneration may be agreed contractually
	Malus and clawback	Compliance Rectification of incorrect bases	Partial or complete reduction (malus) or recovery (clawback) of the variable remuneration if the varia ble remuneration is determined on the basis of incor rect data or in case of intentional or grossly negligent breach of duty
	Early termination of contract	Limitation of inappropri ately high severance payments in case of	Linking clause with severance pay entitlement (limited to max. two years' salary or remuneration for the remaining term)
		(early) termination of contract	So-called good leaver / bad leaver arrangements in relation to outstanding tranches under the Perfor mance Share Plan

Structure of the remuneration elements in detail

The remuneration system comprises all non-performance-based (fixed) and performance-based (variable) remuneration components, the sum of which constitutes the total remuneration of the respective Management Board members and is presented below in its individual components.

The non-performance-based fixed remuneration consists of basic remuneration as well as benefits in kind and other benefits (so-called fringe benefits) as well as pension benefits.

The performance-based remuneration of the Management Board members comprises a short-term and a long-term variable component. The short-term variable remuneration is paid in the form of a bonus. The long-term variable remuneration is based on a (virtual) Performance Share Plan.

In this remuneration structure, the target level of long-term variable remuneration exceeds the target level of short-term variable remuneration.

	Financial year	Year 2
Performance remuneration based	Fixed remuneration (basic remuneration/ fringe bene ts/ pension commitment)
Non-performance remuneration based	Short-term variable remuneration (bonus)
		Long-term variable remuneration (Performance Share Plan)

Depending on the Management Board member, the basic remuneration is between approximately 50% and 55% of the target direct remuneration (i. e. excluding fringe benefits and company pension benefits). The short-term variable remuneration (bonus) represents approximately 21% to 25% of the target direct remuneration (i.e. excluding fringe benefits and company pension benefits), while the long-term variable remuneration (Performance Share Plan) contributes between approximately 23% and 26% to the target direct remuneration (i. e. excluding fringe benefits and company pension benefits), thereby ensuring that long-term variable remuneration exceeds short-term variable remuneration in the target amounts (i. e. for 100% target achievement).

The share of the fixed remuneration components in the total target remuneration for one year (i. e. including fringe benefits and company pension benefits) thus lies between approximately 55% and 62%, with the performance-based variable remuneration components being set at the value for 100% target achievement, while the variable remuneration components account for between approximately 38% and 45% of the total target remuneration. Minor shifts of a few percentage points may occur due to fluctuating valuation of the pension costs and fringe benefits, which, for the purposes of the percentage shares of the target total remuneration stated here, were set at a lump sum amount based on past experience with a small supplement.

This can be summarised as follows:

Fixed remuneration components (basic remuneration, fringe benefits and pension benefits)
Variable remuneration components in case of 100% target achievement	38 % – 45 %
Total target remuneration	100 %

Non-performance-based (regular) remuneration

Basic remuneration

The basic remuneration is a fixed cash remuneration based on the full year and paid in twelve equal monthly instalments. The amount of the respective basic remuneration is based on the role on the Management Board (Chairman, full member), the area of responsibility, the experience and the position of the respective Management Board member.

The basic remuneration for 2021 is as follows:

Basic remuneration / in thousand euros	2021	2020
Deininger (full member of the Management Board from 1 January 2018 to 31 May 2019, Chairman of the Management Board since 1 June 2019)	270,000.00	255,000.00
Henn (full member of the Management Board since 1 June 2019)	205,000.00	175,000.00
Dr Martius (full member of the Management Board since 1 June 2019)	205,000.00	175,000.00
Pleines (full member of the Management Board since 18 March 1999)	250,000.00	235,000.00
Total	930,000.00	840,000.00

Fringe benefits

In addition, each member of the Management Board receives benefits in kind and other benefits (so-called fringe benefits). These essentially include the granting of private use of company cars, continued payment of remuneration in the event of illness and allowances for insurance. In particular, Management Board members receive accident insurance as well as allowances for private health, long-term care and pension insurance and participate in a D & O insurance policy (with the usual deductible provided for by law). In addition, a death grant is paid to their dependants in the event of their death. All members of the Management Board are essentially entitled to the same benefits in kind, although the amount may vary depending on their personal situation. The taxes attributable to the pension and accident insurance allowances are borne by the Company. The Supervisory Board may grant other or additional fringe benefits customary in the market, such as the possibility of private use of company mobile devices or, in the case of newly appointed members, the assumption of relocation costs.

Pension commitment (benefits in the event of regular termination of employment)

The Company provides a pension commitment to the members of the Management Board. Depending on the date of appointment of the Management Board member, there are performance-related, contribution-related and indirect commitments. In particular, the following agreements have been made:

The pension commitment for the Chairman of the Management Board, Mr Deininger, is based on a direct commitment from 2017 with a fixed annual pension component (defined contribution), which is credited to a personal pension account. The pension module allocated annually to the pension account is determined on the basis of a fixed notional pension contribution and an age-related actuarial transformation factor valid at the time of annual allocation. The sum of the earned pension components results in the pension capital to which the Management Board member is entitled upon reaching the age of 67 and which at the same time forms the assessment basis for pension benefits to be paid prematurely, namely due to early retirement benefits (from the age of 62 at the earliest), disability benefits and benefits to surviving dependants in the event of death. If the Management Board member leaves the Management Board prior

to the occurrence of a pension event, the entitlement to pension benefits achieved at that time shall be maintained in the amount of the pension modules earned at that time. Irrespective of this, there is a minimum survivor benefit, which in principle amounts to twice the relevant annual fixed salary of the Management Board member in accordance with the employment contract when the insured event occurs. In the event of early retirement before the requirements for the payment of a pension benefit are met, the minimum survivor benefit based on twice the annual fixed salary last paid by the Company is multiplied by the ratio of the actual length of service from entry into service to the possible length of service up to the fixed retirement age. In principle, the Management Board member can choose between payment as a one-time capital benefit or as a regular monthly pension, where in the latter case the Company can redefine the implementation method (for example, through a pension fund). In addition, the Management Board member is entitled to pension benefits from a previous pension commitment as an employee (in the form of a defined contribution plan).

Mr Pleines' pension is based on a defined benefit pension commitment from 1999 in accordance with the pension scheme of Rheinischer Westfälischer TÜV in the currently valid version, from which he is entitled to a retirement pension or, if applicable, to an early retirement pension upon reaching a certain age limit or an occupational or disability pension or a widower's / widow's pension, with the pensionable remuneration as the assessment parameter being individually capped.

The allocations to pension provisions determined in accordance with IFRS regulations and the total amounts accrued under IFRS are shown in the following table.

		Pension cost	Defined benefit obligation (DBO)
in euros	2021	2020	2021	2020
Current members of the Management Board
Deininger	24,567.00	25,975.00	607,363.00	646,093.00
Pleines	37,298.00	40,719.00	1,151,052.00	1,215,961.00
Total	61,865.00	66,694.00	1,758,415.00	1,862,054.00

For the other members of the Management Board, there are indirect pension commitments in the form of a lifelong pension with surviving dependants' benefits, which is managed externally. For these purposes, secunet AG pays an annual contribution (in 2021: 12,750 euros; previous year: 9,000 euros) amounting to 4% of the fixed annual salary (basic remuneration) plus the target value of the short-term one-year variable remuneration (bonus). The pension commitment comprises old-age pension benefits and benefits to surviving dependants in the event of death. In the event of the premature departure of a Management Board member, any pension benefit is maintained. The amount of the entitlement acquired up to that point corresponds to the benefits from the reinsurance exempted from premium payment at the time of departure. With regard to payment of the pension benefit, the member of the Management Board can generally choose between payment as a one-time capital benefit or as a regular monthly pension, with the Management Board member and his surviving dependants remaining bound by the decision regarding payment once it has been made. In the event of death of the Management Board member before drawing an old-age pension benefit, the surviving spouse as beneficiary receives a one-off capital payment as a survivor benefit. Regular pension benefits are increased annually by at least 1% of their last payment amount, commencing one year after the start of payment. If profit participation from the reinsurance policy taken out by the provident fund results in a higher adjustment, this higher adjustment shall be granted.

Performance-based (variable) remuneration

The variable remuneration is intended to promote sustainable development of the Company and the ambitious strategic orientation of secunet AG by focusing on both short-term and long-term success. The performance-based variable remuneration consists of the short-term oriented bonus and the long-term oriented variable remuneration from the Performance Share Plan.

The parameters for short-term (bonus) and long-term (Performance Share Plan) variable remuneration differ primarily with regard to the assessment period and the respective performance criteria. While the bonus is based exclusively on financial performance criteria, the Performance Share Plan also takes into account non-financial (in particular ESG or sustainability) targets. When selecting the respective performance criteria, the Supervisory Board pays attention to measurability, at least in the case of the financial performance criteria, as well as to strategic relevance, which means the key performance indicators are geared in particular to the growth and increase in profitability of secunetAG. To the extent that non-financial performance criteria are assessed on a discretionary basis, the Supervisory Board shall ensure that the assessment is transparent. The consideration of various performance categories under the Performance Share Plan ensures a holistic and comprehensive representation of the Company's success.

In addition, even after setting the relevant performance criteria and targets, the Supervisory Board may take appropriate account of extraordinary developments in the context of determining the achievement of targets in justified exceptional cases, in particular by eliminating the resulting special effects. In the event of extraordinary developments, this may lead to an increase (but not exceeding the respective cap for the variable remuneration component) as well as to a reduction of the variable remuneration component by up to 20% in each case; if the variable remuneration component is zero, the Supervisory Board may increase the variable remuneration component in such cases to up to 10% of the respective target amount in order to take appropriate account of extraordinary developments. Extraordinary developments during the year include, in particular, unusually far-reaching changes in the economic environment, provided that neither they nor their concrete effects were foreseeable. In contrast, any normal fluctuations in market developments are not considered to be extraordinary developments. The option of reduction pursuant to Section 87 (2) of the German Stock Corporation Act shall remain unaffected.

Short-term variable remuneration (bonus)

The one-year variable remuneration (bonus) aims to reward the respective contribution to the operational implementation of secunet AG's strategy within a specific financial year.

The target achievement for the bonus in the 2021 financial year is determined on the basis of the financial targets for the Company, the earnings target (EBIT) and the growth target (sales). The Company's financial targets as well as the relevant financial target values are set annually with the approval of annual planning. For the 2021 financial year, the EBIT target was set at 38 million euros and the sales target at 260 million euros. Both targets are weighted equally (50% each). Performance measurement for each of the defined performance targets is based on the ratio of the achieved result at the end of the financial year to the respective planned target. The bonus is based on a target amount specified in the employment contract, assuming 100% target achievement. The total payout amount from the bonus is capped at 200% of the target amount (bonus cap).

Before the beginning of each financial year, the Supervisory Board determines for each target a target value derived from the budget (with 100% target achievement being assumed if this is reached) as well as a target corridor with a minimum value and a maximum value. If the target value for a set target is reached, the target achievement level is 100% in each case. The minimum value forms the lower end of the target corridor, at which the target achievement level is 50% for the respective target. The maximum value forms the upper end of the target corridor, at or above which the target achievement level is 200% for the respective target. If the value achieved in respect of a target falls below the minimum value, the target achievement level for this target corresponds to 0%. If the value achieved in respect of a target exceeds the minimum value but does not reach the target value, or if the value achieved exceeds the target value but does not reach the maximum value, the target achievement level for the target in question is determined by linear interpolation between the respective minimum and target values or between the respective target and maximum values.

In accordance with the relative weighting of the target categories, an overall target achievement level is determined from the calculated individual target achievement levels, on the basis of which the payout amount, limited by the bonus cap, is calculated with the aid of the bonus target amount:

Total target achievement level x bonus target amount = bonus payout amount (not exceeding the bonus cap)

Target achievement is determined for each year as part of the annual financial statements of secunet Group. Any bonus shall be paid for the respective past financial year in the month following the adoption of the annual financial statements in the financial year following the financial year to which the bonus relates.

Short-term variable remuneration (bonus)

Achievement of targets for the financial performance criteria

Company financial target	Weighting	Threshold value for 50% target achievement	Target value for 100% target achievement	Threshold value for 200% target achievement	Result 2021	Target achievement in %
EBIT (in million euros)	50 %	31.70	38.00	50.70	63.90	200 %
Sales (in million euros)	50 %	238.30	260.00	303.30	337.60	200 %

For the 2021 financial year, this results in the following overall target achievement for the bonus:

in euros	Target amount	EBIT target achievement (50% weighting)	Sales target achievement (50% weighting)	Overall target achievement	Bonus amount
Deininger (full member of the Management Board from 1 January 2018 to 31 May 2019, Chairman of the Management Board since 1 June 2019)	130,000.00	200 %	200 %	200 %	260,000.00
Henn (full member of the Management Board since 1 June 2019)	100,000.00	200 %	200 %	200 %	200,000.00
Dr Martius (full member of the Management Board since 1 June 2019)	100,000.00	200 %	200 %	200 %	200,000.00
Pleines (Full member of the Management Board since 18 March 1999)	100,000.00	200 %	200 %	200 %	200,000.00
Total	430,000.00	200 %	200 %	200 %	860,000.00

The bonus is paid in the subsequent year following the adoption of the annual financial statements.

Payment of the short-term variable remuneration and the special bonus for the 2020 financial year

The short-term variable remuneration paid after the 2021 Annual General Meeting and the special bonus for the 2020 financial year are to be included in the remuneration granted and owed in the 2021 financial year in accordance with Section 162 (1) AktG.

The short-term variable remuneration as well as the special bonus are based on the remuneration system valid in the previous year. The target achievement for the short-term variable remuneration is measured using the key performance indicators of EBIT and sales revenue with equal weighting (50% each).

When assessing the sales target, the percentage increase in sales revenue on the previous year's sales revenue is used. An increase in sales revenue of less than 5% means a target achievement of 0%. A 10% increase in sales revenue results in a 100% target bonus. Sales growth of 15% and above means a 200% bonus. The bonus for all values in between are determined on a linear basis. The bonus for the sales target is capped at 200%.

In 2020, Group sales revenue of 285.6 million euros was generated. Group sales revenue for the 2019 financial year amounted to 226.9 million euros. The increase in sales revenue from 2019 to 2020 is thus more than 25%. This means a bonus for the sales target of 200%.

The EBIT target was assessed on the basis of the target figure of 32 million euros set for the 2020 financial year.

The bonus was determined using a linear function between 50% target achievement (0% bonus) and 150% target achievement with a 200% bonus payout. A target achievement of 100% meant 100% of the target bonus.

For 2020, a Group EBIT of 51.6 million euros was generated. This corresponds to a target achievement of over 161% and a bonus payout of 200%.

The special bonus may be granted by the members of the Supervisory Board at their discretion for exceptional performance in the financial year.

This discretion was exercised for the 2020 financial year.

Overall, the following payments were made in 2021 for 2020:

Remuneration in 2021 for activities in 2020

	Short-term variable remuneration
in euros	EBIT target amount	EBIT target achieve ment	EBIT bonus amount	Sales target amount	Sales target achieve ment	Sales bonus amount	Special bonus	Total remu neration
Deininger (full member of the Management Board from 1 January 2018 to 31 May 2019, Chairman of the Management Board since 1 June 2019) 3	37,500.00	200 %	76,000.00	37,500.00	200 %	76,000.00	100,000.00	252,000.00
Henn (full member of the Management Board since 1 June 2019)	25,000.00	200 %	50,000.00	25,000.00	200 %	50,000.00	100,000.00	200,000.00
Dr Martius (full member of the Management Board since 1 June 2019)	25,000.00	200 %	50,000.00	25,000.00	200 %	50,000.00	100,000.00	200,000.00
Pleines (Full member of the Management Board since 18 March 1999) 4	32,500.00	200 %	66,000.00	32,500.00	200 %	66,000.00	100,000.00	232,000.00
Total	120,000.00	200 %	242,000.00	120,000.00	200 %	242,000.00	400,000.00	884,000.00

3 Due to rounding, there was a slight overpayment for the 2020 bonus in 2021. This will be corrected in 2022.

4 Due to rounding, there was a slight overpayment for the 2020 bonus in 2021. This will be corrected in 2022.

Long-term variable remuneration (Performance Share Plan)

Overview of the functional principle of the Performance Share Plan

The Performance Share Plan of secunet AG implements the new recommendations of the GCGC 2020 with regard to the granting of share-based variable remuneration components, including the four-year blocking period for long-term remuneration components (GCGC 2020 G.10, sentences 1 and 2).

The Performance Share Plan is divided into three consecutive steps, beginning with the allocation of virtual shares, followed by the measurement of target achievement during the four-year forward-looking performance period, and ending with determination of the payout amount.

In the first step, a tranche of virtual shares (performance shares) is allocated annually. This is done by converting the contractually agreed target amount into virtual shares in accordance with the initial price of the secunet share (commercially rounded to the nearest full number of virtual shares). The initial price corresponds to the average Xetra closing price of the secunet share – rounded to two decimal places – on the last 30 trading days before the start of the respective performance period. Allocation of the virtual shares takes place on 1 January of each year. The four-year assessment period for the respective tranche also begins at this time. It ends on 31 December of the third following year (four-year performance period).

For the performance share tranche issued in the 2021 financial year, a total of 1,866 virtual shares (performance shares) were provisionally allocated to the members of the Management Board:

Long-term variable remuneration in 2021 – Allocation

Allocation value (euros)	Allocation price (euros) (Ø price of the secunet share)	Number of virtual shares provisionally allotted	Maximum pos sible number of virtual shares (150% target achievement)


			852


			639

105,000.00	246.43	426	639

110,000.00	246.43	446	669
460,000.00	246.43	1,866	2,799
	140,000.00 105,000.00	246.43 246.43	568 426

In the second step, performance is measured on the basis of the performance targets in three performance categories, taking into account their relative weighting over a forward-looking performance period of four years.

In the third step, the final number of virtual shares is determined according to the overall target achievement level and the payout amount is calculated on this basis. For this purpose, the annual target achievement levels for the four years of the performance period are first determined. These are derived from the sum of the target achievement levels for the three performance categories, taking into account their relative weighting, with the target achievement level for each performance target being limited to 150%. The average overall target achievement level for the performance period is then determined on the basis of the annual target achievement levels.

The payout amount corresponds to the product of the final number of performance shares and the sum of the arithmetic mean of the Xetra closing prices on the last 30 trading days before the end of the performance period (commercially rounded to two decimal places) and the dividends paid per share during the performance period. No interest is calculated for the dividends, nor are they reinvested. The payout amount is limited to 200% of the target amount. In the event of a capital increase from Company funds or a capital reduction without repayment of contributions, the number of performance shares allocated shall increase or decrease in the same proportion as the total amount of the share capital. In the case of other measures under company law that affect the value of a share, the Supervisory Board shall adjust the initially allocated number of performance shares in such manner as is reasonably necessary to take account of the relevant measure.

In principle, the annual measurement of the performance targets over the four-year performance period is carried out as summarised in the following overview:

The payout amount will be paid with the next possible salary statement after adoption of the Company's consolidated financial statements following the end of the respective performance period, but not later than 31 December of the financial year following the end of the performance period.

Performance criteria of the Performance Share Plan in detail

The Performance Share Plan links target achievement to three performance categories, namely (i) a capital market target, generally based on the relative total shareholder return (TSR) compared to a peer group, (ii) at least one strategic target and (iii) sustainability targets or environmental, social, governance (ESG) targets. These three performance categories are in principle weighted at (i) 30%, (ii) 40%, (iii) 30%. The specific targets within the performance categories as well as their relative weighting can be redefined with each new performance period.

Performance Share Plan

Performance criteria	Influence on the corporate strategy
Capital market, e. g. relative TSR (generally 30%)	For example, relative performance measurement and incentivisation for long-term outperformance on the capital market
Strategic target (generally 40%)	For example, incentivising profitable and profit-oriented management
	For example, generating long-term and sustainable growth by achieving the strategic targets of secunet AG
ESG / Sustainability (generally 30%)	Holistic implementation of the sustainability strategy relevant to secunet AG, taking account of employee interests, compliance structures and environmental and social issues by setting relevant sustainability targets on an annual basis

» The capital market target is included in the long-term variable remuneration with a basic weighting of 30% and is an external performance criterion geared to the capital market. In particular, the relative total shareholder return comes into consideration as the capital market target. This takes into account the share price performance of secunet AG plus notionally reinvested gross dividends during the four-year assessment period compared to a benchmark index.

The relative performance measurement of the TSR directly links the interests of the Management Board with those of the shareholders. In this way, long-term outperformance on the capital market and thus the attractiveness of the capital investment for shareholders are particularly incentivised. In principle, the TecDAX is to be used as the benchmark index for measuring the TSR, as long as this constitutes an adequate peer group for secunet AG as an IT service company. However, the Supervisory Board may also use a different suitable stock exchange index as a benchmark if the Company were to be listed in another index in the future.

To calculate the TSR of the secunet AG share and the relevant benchmark index, the arithmetic mean of the Xetra closing prices over the last 30 trading days before the start of each year of the performance period and over the last 30 trading days before the end of the respective year of the performance period is determined for each year of the performance period. The annual TSR of the secunet AG share thus calculated is compared with the annual TSR of the benchmark index. The notionally reinvested gross dividends of the secunet shares are also taken into account when determining the arithmetic mean of the closing prices at the end of the respective year.

TSR target achievement is 100% if the TSR performance of the secunet share equals the TSR performance of the benchmark index. If the TSR performance of the secunet share is 10 percentage points below the TSR performance of the benchmark index, the target achievement is 50% (minimum threshold). If the TSR performance of the secunet share is 15 percentage points or more above the TSR performance of the benchmark index, the target achievement is 150% (cap). If the TSR performance falls below the minimum threshold, the target achievement is 0%. The levels of target achievement between the defined reference values are determined by linear interpolation. When each new tranche of performance shares is issued, the Supervisory Board may redefine the target or threshold values for determining the target achievement levels.

Target achievement measurement for capital market target "Relative TSR":

» As a further performance category, strategic objectives are included in the assessment, generally with a weighting of 40%. The strategic objective is initially based on the strategic target of sales growth in the sense of a sustainable increase in the share of business both in the private sector and in the international environment. The background to this is the incentive to align secunet AG in a profit-oriented manner and thus ensure long-term profitability. In this context, appropriate account is taken of secunet AG's strategic orientation, particularly with regard to securing and expanding its good market position with German public authorities, expanding business in the (national) private sector as well as internationalisation.

Against this backdrop, the strategic target is initially assessed on the basis of the planned sales figures in the Business and International segments. For this purpose, target sales values are set for these segments as well as a minimum threshold and a maximum threshold. If the sales volume falls below the minimum threshold, the target achievement is 0%. If the minimum threshold is reached, the target achievement for the strategic target is 50%. If the target value is reached, the target achievement level is 100%. If the maximum threshold is reached or exceeded, the target achievement is 150% (cap). Between the individual target or threshold values, the level of target achievement is determined by linear interpolation.

When each new tranche of performance shares is issued, the Supervisory Board may redefine the specific strategic targets – including targets other than the aforementioned sales growth targets – or the thresholds for determining the target achievement levels.

» As an integral element of corporate strategy, the topic of sustainability is also reflected in the long-term variable remuneration as a performance criterion, generally with a weighting of 30%. As an innovation and market leader in the field of IT security solutions, secunet AG is committed to the goal of contributing to societal development and economic sustainability – particularly in the thematic cluster of IT security and combating cybercrime – through high-performance software and hardware products and services as well as state-of-the-art corporate structures. In doing so, the Supervisory Board focuses primarily on the needs of the employees, an effective compliance strategy and consideration of environmental and social issues.
» Against this backdrop, the Supervisory Board usually defines up to three different sustainability or ESG targets each year. Examples include diversity targets within the workforce, junior staff development and the attractiveness of secunet AG as an employer, occupational health and safety, as well as training and further education goals. Attention to environmental concerns or the creation and maintenance of compliance structures, for example, can also be included in the sustainability performance category.

The progress of the corresponding measures in the area of the relevant annual sustainability targets is assessed at yearly intervals (in particular on the basis of a sustainability report) and the respective performance of the Management Board member is evaluated on a scale from 50% to 150%, with the aim of achieving measurability of target achievement as far as possible. To the extent that measurability of target achievement is not ensured, the Supervisory Board shall determine target achievement in relation to all sustainability / ESG targets at its due discretion. If the minimum performance of 50% of the set sustainability targets is not attained, the target achievement is 0%. It is not possible to exceed the 150% threshold.

In summary, the following chart illustrates the annual target achievement levels of the performance criteria for the PSP tranche launched in the 2021 financial year:

	Performance criterion	Weighting	Threshold value for 50% target achievement	Target value for 100% target achievement	Threshold value for 150% target achievement	Result 2021	Target achievement
Capital market	Total share holder return (TSR)	30 %	= -10 %	– %	15 %	40 %	150 %
Strategy	Sales revenue of Business and Inter national segments (in million euros)	40 %	= 50	75	100	88,7	127 %
ESG	Employee satisfaction	10 %	= 3.02	2,59	2,16	1,94	150 %
	Net Promoter Score (NPS)	10 %	= -13	2	17	25	150 %
	Reduction of the CO2 value (t / employee)	10 %	= 4.84	4,15	3,46	2	150 %

Payment of the multi-year variable remuneration according to the profit sharing model in 2021

The multi-year variable remuneration paid after the 2021 Annual General Meeting for the 2020 financial year is to be included in the remuneration granted and owed in the 2021 financial year in accordance with Section 162 (1) AktG.

The multi-year variable remuneration is based on the remuneration system valid in the previous year. It is a long-term bonus within the framework of a profit sharing model. The assessment parameter for profit sharing is EBIT (IFRS), averaged over the past three financial years. Of the amount exceeding the average 3-year EBIT (here 2018 – 2020) of 2 million euros, 2% is distributed as a profit share up to a maximum of 100,000 euros gross per Management Board member. The minimum is 0 euros.

Calculation for 2020

in euros
EBIT 2018	26,909,088
EBIT 2019	33,179,668
EBIT 2020	51,639,259
Average value	37,242,672
Base value	2,000,000
Amount exceeding the base value	35,242,672
Profit sharing (2%)	704,853
Maximum limit	100,000

The following amounts were thus paid out in the 2021 financial year:

Remuneration in 2021 for activities in 2020

in euros	Multi-year variable remuneration (in euros)
Deininger (full member of the Management Board from 1 January 2018 to 31 May 2019,
Chairman of the Management Board since 1 June 2019)	100,000.00
Henn (full member of the Management Board since 1 June 2019)	100,000.00
Dr Martius (full member of the Management Board since 1 June 2019)	100,000.00
Pleines (full member of the Management Board since 18 March 1999)	100,000.00
Total	400,000.00

Other provisions relevant to remuneration

Amount and determination of maximum remuneration

The variable remuneration is intended to appropriately reflect both opportunities and risks of the Management Board's activities. If the targets are not met, the entire variable remuneration may be forfeited. For the performance-based remuneration promised and granted in the previous financial years up to and including 2020, the maximum remuneration is 200% of the target amount for the short-term bonus and a maximum of 100,000 euros for the multi-year variable remuneration according to the profit sharing model. For the performance-based remuneration components promised in the 2021 financial year, the payment in later financial years is limited to 200% of the respective target amount.

Taking into account the new version of Section 87a (1), sentence 2, no. 1 of the German Stock Corporation Act as well as the GCGC 2020, the Supervisory Board has also set an amount as the upper limit for the maximum total remuneration (overall cap) per Management Board member. This maximum total remuneration represents the highest value that may accrue to a member of the Management Board for a financial year in accordance with this remuneration system and includes all fixed and variable remuneration components. The amount of the maximum total remuneration is therefore composed of the basic remuneration, the one-year and multi-year variable remuneration components, fringe benefits and the expense for benefits under the company pension scheme, including allocations to pension provisions. The maximum possible remuneration determined by the Supervisory Board under this remuneration system is thus 1,000,000 euros gross per year for the Chairman of the Management Board and 900,000 euros gross per year for each of the other full members of the Management Board. A lower maximum remuneration may be agreed contractually. Use was made of this within the framework of the current Management Board service agreements.

The contractually agreed remuneration and maximum remuneration are shown in the table below:

Remuneration component (in euros)	Deininger (full member of the Management Board from 1 January 2018 to 31 May 2019, Chairman of the Man agement Board since 1 June 2019)	Henn (full member of the Management Board since 1 June 2019)	Dr Martius (full member of the Management Board since 1 June 2019)	Pleines (full member of the Management Board since 18 March 1999)
Maximum contractual remuneration	880,000.00	675,000.00	675,000.00	760,000.00
Maximum remuneration	1,000,000.00	900,000.00	900,000.00	900,000.00

The determination of the actual total remuneration (and thus compliance with the contractual maximum remuneration) for the 2021 financial year cannot be reviewed or assured until 2025, as only then will the final remuneration component for the 2021 financial year be established and accrue to the Management Board member.

No maximum remuneration was defined for the former Management Board member DrBaumgart. Dr Baumgart received consultancy fees in addition to the current pension benefits. This was contractually granted and owed to him at a daily rate of 1,500 euros. The contract does not provide for any further maximum limits in terms of amount.

Malus and clawback provisions

The remuneration system approved by the Annual General Meeting on 12 May 2021 gives the Supervisory Board the option of reducing variable remuneration components that have not yet been paid out and/or of reclaiming variable remuneration components that have already been paid out if the contractual preconditions are met.

In the event of a breach of duty that has led to or would justify a legally effective extraordinary termination, or in the event of a grossly negligent or intentional breach by a member of the Management Board of one of his material duties of care within the meaning of Section 93 of the German Stock Corporation Act, the Supervisory Board may reduce the variable remuneration components (bonus or payout amounts under the Performance Share Plan) at its due discretion (if necessary also to "zero"): malus.

If the variable remuneration components in question have already been paid out, the Supervisory Board may, at its due discretion and in accordance with the contractual preconditions, demand partial or full return of the amounts of variable remuneration paid out: clawback.

If variable remuneration components were determined or paid out on the basis of incorrect data (for example, due to incorrect consolidated financial statements), the Supervisory Board may correct the determination or reclaim remuneration components already paid out that are affected by the incorrect data.

In the event of breaches of duty in the aforementioned sense, the reduction or recovery shall in principle apply to the variable remuneration for the year in which the significant breach of duty was committed. The clawback period ends one year after payment of the respective variable remuneration component. Recovery is also still possible if the term of office or the employment relationship with the respective Management Board member has already ended.

Any obligation of the Management Board member to pay damages to secunet AG remains unaffected by the reduction or recovery of variable remuneration components.

For the 2021 financial year, there are no circumstances giving rise to the need to make use of the above-mentioned provisions.

Third-party benefits

No member of the Management Board has been promised or granted any remuneration in the financial year by a third party in respect of his activity as a member of the Management Board.

Remuneration due to internal and external mandates

Any remuneration received by a member of the Management Board for activities in corporate bodies (for example, supervisory boards, advisory boards, executive boards, management) of companies in which the Company holds an interest, which are in a group relationship with the Company, or which the member performs at the request of the Company, shall be offset against the remuneration of the Management Board member in accordance with this remuneration system. In the event of the acceptance of supervisory board mandates outside the Group, the Supervisory Board shall decide whether and to what extent any remuneration paid for such mandates is to be offset.

Benefits upon premature termination of contract

Contract term and premature termination

The employment contracts of the members of the Management Board are concluded for a fixed term covering the period of appointment. When appointing members of the Management Board, the Supervisory Board observes in particular the legal requirements of Section 84 of the German Stock Corporation Act. In accordance with the provisions of company law, the employment contracts do not provide for the possibility of ordinary termination; the right of both parties to terminate for good cause without notice (cf. Section 626 (1) of the German Civil Code) remains unaffected, however. Additionally, according to the Management Board service contracts, personal suitability is a prerequisite for Management Board activity; this also includes a positive result of the official security clearance.

The Supervisory Board is entitled to revoke the appointment to the Management Board for good cause within the meaning of Section 84 (3), sentence 2 of the German Stock Corporation Act. In this case and in the event that the Management Board member for his part resigns from office for good cause prematurely and unilaterally, the employment contract shall automatically terminate upon the expiry of a notice period in accordance with statutory periods of notice, but no later than the end of the regular term of office of the Management Board member.

In the event of a Management Board member's appointment being revoked or resignation from office for good cause for which the Company is responsible, the employment contracts for the Management Board members provide for a severance payment, the amount of which shall be limited to the remuneration for the remaining term of the employment contract, but no more than two years' total remuneration (severance payment cap). In other cases of premature termination, too, any payments shall be limited to a maximum of two years' total remuneration or the remuneration for the remaining term of the employment contract. Calculation of the severance payment or severance payment cap is based on the total remuneration for the financial year preceding the premature termination of the Management Board activity and, under certain circumstances, on the expected total remuneration for the current financial year. No severance payment shall be made in the event of extraordinary termination by the Company for good cause or in the event of premature termination of the Management Board activity at the request of the Management Board member or if the result of the security clearance is negative for good cause for which the Management Board member is responsible.

In the event of premature termination of the employment contract due to death or permanent disability, the performance shares already granted whose four-year performance period has not yet expired will, by way of exception, be converted into a payout amount and paid out early. The payout amount corresponds to the respective allocation value (i. e. the target value) of the relevant tranche of the Performance Share Plan.

Appointment or departure during the year

If a member of the Management Board joins or leaves the board during an ongoing financial year, the total remuneration – including the short-term variable remuneration and the allocation value under the long-term Performance Share Plan – shall be reduced pro rata temporis in accordance with the length of the employment relationship in the relevant financial year. For certain departure situations (so-called bad leaver cases), performance shares for performance periods that have not yet expired shall lapse without compensation.

Deviations from the remuneration principles

The Supervisory Board may temporarily deviate from the remuneration system if this is necessary in the interests of the welfare of secunet AG. Extraordinary developments in this sense include, in particular, unusually far-reaching changes in the economic environment. Generally unfavourable market developments are explicitly not regarded as extraordinary developments.

However, such deviations from the remuneration system are only possible through a corresponding Supervisory Board resolution. In particular, the latter shall establish the extraordinary circumstances and the necessity of a deviation.

Temporary deviations in this sense are possible with regard to the performance criteria for the short-term and long-term variable remuneration elements and the total maximum remuneration as well as the relation between fixed and variable remuneration components and also the temporary expenses for extraordinary fringe benefits.

If an adjustment of the existing remuneration components is not sufficient to restore the incentive effect of the remuneration of the Management Board member, the Supervisory Board retains the option of temporarily granting additional remuneration components in the event of extraordinary developments within the term of the Management Board contracts.

Furthermore, the Supervisory Board has the right to grant special payments to newly appointed members of the Management Board to compensate for salary losses from a previous employment relationship or to cover costs arising from a change of location.

Individual remuneration of the members of the Management Board in the 2021 financial year (disclosure pursuant to Section 162 AktG)

Remuneration granted and owed to the current members of the Management Board in the past financial year pursuant to Section 162 AktG

The following table shows the fixed and variable remuneration components granted and owed to the current members of the Management Board in the past financial year, including the relative share pursuant to Section 162 AktG. This comprises the basic remuneration paid out in the financial year, the fringe benefits accrued in the financial year, the one-year variable remuneration paid out for 2020 in the financial year, the special bonuses paid out for 2020 in the financial year and the multi-year variable remuneration paid out for the 2018 – 2020 profit share in the financial year. By definition, ongoing expenses for pension commitments are not taken into account.

	Deininger Full member of the Management Board from 1 January 2018 to 31 May 2019, Chairman of the Management Board since 1 June 2019

	2021		2020
	in euros	in %	in euros	in %
Non-performance-based remuneration
Basic remuneration	270,000	41.6 %	255,000	42.7 %
Fringe benefits	27,708	4.3%	26,904	4.5 %
Pension remuneration	0	– %	0	– %
Total	297,708	45.9 %	281,904	47.2 %
Performance-based remuneration
One-year variable remuneration
Financial year 2019	0	– %	115,096	19.3 %
Financial year 2020	152,000 5	23.4 %	0	– %
Special bonus
Financial year 2019	0	– %	100,000	16.8 %
Financial year 2020	100,000	15.4 %	0	– %
Multi-year variable remuneration
Profit share 2017 – 2019	0	– %	100,000	16.8 %
Profit share 2018 – 2020	100,000	15.4 %	0	– %
Total	352,000	54.2 %	315,096	52.9 %
Total remuneration	649,708	100.0 %	597,000	100.0 %

5 Due to rounding, there was a slight overpayment for the 2020 bonus in 2021. This will be corrected in 2022.

		Henn
		Full member of the Management Board since 1 June 2019
		2021		2020
	in euros	in %	in euros	in %
Non-performance-based remuneration
Basic remuneration	205,000	37.8 %	175,000	44.1 %
Fringe benefits	24,925	4.6 %	27,588	7.0 %
Pension remuneration	12,750	2.3 %	9,000	2.3 %
Total	242,675	44.7 %	211,588	53.4 %
Performance-based remuneration
One-year variable remuneration
Financial year 2019	0	– %	51,979	13.1 %
Financial year 2020	100,000	18.4 %	0	– %
Special bonus
Financial year 2019	0	– %	75,000	18.9 %
Financial year 2020	100,000	18.4 %	0	– %
Multi-year variable remuneration
Profit share 2017 – 2019	0	– %	58,333	14.7 %
Profit share 2018 – 2020	100,000	18.4 %	0	– %
Total	300,000	55.2 %	185,312	46.7 %
Total remuneration	542,675	100.0 %	396,900	100.0 %

		Dr Martius
		Full member of the Management Board since 1 June 2019
	2021			2020
	in euros	in %	in euros	in %
Non-performance-based remuneration
Basic remuneration	205,000	37.3 %	175,000	41.4 %
Fringe benefits	31,190	5.7 %	53,421	12.6 %
Pension remuneration	12,750	2.3 %	9,000	2.1 %
Total	248,940	45.3 %	237,421	56.1 %
Performance-based remuneration
One-year variable remuneration
Financial year 2019	0	– %	51,979	12.3 %
Financial year 2020	100,000	18.2 %	0	– %
Special bonus
Financial year 2019	0	– %	75,000	17.7 %
Financial year 2020	100,000	18.2 %	0	– %
Multi-year variable remuneration
Profit share 2017 – 2019	0	– %	58,333	13.8 %
Profit share 2018 – 2020	100,000	18.2 %	0	– %
Total	300,000	54.6 %	185,312	43.8 %
Total remuneration	548,940	100.0 %	422,733	100.0 %

	Pleines Full member of the Management Board since 18 March 1999

	2021		2020
	in euros	in %	in euros	in %
Non-performance-based remuneration
Basic remuneration	250,000	41.0 %	235,000	41.0 %
Fringe benefits	28,058	4.6 %	32,832	5.7 %
Pension remuneration	0	– %	0	– %
Total	278,058	45.6 %	267,832	46.7 %
Performance-based remuneration
One-year variable remuneration
Financial year 2019	0	– %	104,700	18.3 %
Financial year 2020	132,000 6	21.6 %	0	– %
Special bonus
Financial year 2019	0	– %	100,000	17.5 %
Financial year 2020	100,000	16.4 %	0	– %
Multi-year variable remuneration
Profit share 2017 – 2019	0	– %	100,000	17.5 %
Profit share 2018 – 2020	100,000	16.4 %	0	– %
Total	332,000	54.4 %	304,700	53.3 %
Total remuneration	610,058	100.0 %	572,532	100.0 %

6 Due to rounding, there was a slight overpayment for the 2020 bonus in 2021. This will be corrected in 2022.

Remuneration granted and owed to former members of the Management Board in the past financial year pursuant to Section 162 AktG

	Dr Baumgart 7
	2021			2020
	in euros	in %	in euros	in %
Performance-based remuneration 8
One-year variable remuneration
Financial year 2019	0	– %	44,553	26.3 %
Multi-year variable remuneration
Profit share 2017 – 2019	0	– %	41,667	24.6 %
Miscellaneous
Retirement pension benefits	44,100	52.0 %	44,100	26.0 %
Fees for consulting services	40,678	48.0 %	39,251	23.1 %
Total	84,778	100.0 %	83,351	49.1 %
Total remuneration	84,778	100.0 %	169,571	100.0 %

7 Member of the Management Board from 31 May 1999 to 31 January 2001; Chairman of the Management Board from 1 February 2001 to 31 May 2019

8 Pro rata temporis for the period of service as Chairman of the Management Board from 1 January 2019 to 31 May 2019

Supervisory Board remuneration in the 2021 financial year

General

The provisions and remuneration for the members of the Supervisory Board are set out in Article 17 of the Articles of Association of secunet Security Networks AG, which are permanently accessible to the public on the Internet. The Supervisory Board remuneration is reviewed at appropriate time intervals. The time expected to be spent on exercising the office as well as the usual practice at companies of comparable size and complexity and in a similar industry are taken into account when doing so.

At the Annual General Meeting on 12 May 2021, a resolution was passed to change the remuneration of the members of the Supervisory Board and to amend the Articles of Association accordingly. The approval rate was 99.98%. The remuneration applies to financial years beginning after 1 January 2021.

Remuneration system of the Supervisory Board

The remuneration system of the Supervisory Board as set out in the Articles of Association is designed to attract and retain highly qualified members on the Supervisory Board. This promotes the efficiency of the Supervisory Board's work and the long-term development of secunet AG.

The members of the Supervisory Board receive a remuneration of 12,000 euros on completion of the financial year. The Chairman of the Supervisory Board receives 24,000 euros, the Vice Chairman of the Supervisory Board 16,000 euros. Proven expenses and any value-added tax payable by the members are reimbursed in addition.

Until the Annual General Meeting on 15 May 2019, the remuneration for Supervisory Board members amounted to 8,000 euros. The Chairman of the Supervisory Board received 16,000 euros, the Vice Chairman 12,000 euros.

In the event of changes on the Supervisory Board during the year, remuneration is granted on a pro rata basis.

At the Annual General Meeting on 12 May 2021, the Supervisory Board remuneration was adjusted as follows:

In addition to the reimbursement of proven expenses, the members of the Supervisory Board receive a fixed amount of 15,000 euros, payable at the end of the financial year. The Chairman of the Supervisory Board receives twice this amount, and his deputy 1.5 times this amount.

For their work in committees of the Supervisory Board, the members of the Supervisory Board receive an additional annual remuneration of 5,000 euros per committee.

Any value-added tax payable on their remuneration shall be reimbursed to the members of the Supervisory Board by the Company.

According to Article 17 (5) of the Articles of Association, the members of the Supervisory Board may receive further remuneration, provided that this is resolved by the Annual General Meeting with the required majority.

In addition, the members of the Supervisory Board are covered by a D & O insurance policy taken out in the interest of the Company for an appropriate amount. The premiums for this are paid by the Company. There is a deductible, for the amount of which the Supervisory Board members may take out private insurance.

Since the remuneration of Supervisory Board members does not consist of variable, but rather of fixed components only, there is no need to determine a maximum total remuneration.

The following table shows the remuneration granted and owed to current and former Supervisory Board members in the 2021 financial year pursuant to Section 162 AktG. The payment in the financial year is made for the remuneration of the previous year in each case. The remuneration paid for the 2020 financial year in 2021 and for the 2019 financial year in 2020 is 100% attributable to the fixed remuneration for Supervisory Board activities in each case. No attendance fees or remuneration for committee work were paid.

Remuneration for Supervisory Board activities

	2021		2020
	in euros	in %	in euros	in %
Dr Wintergerst (Chairman)	24,000.00	100 %	21,063.01	100 %
Dr Zattler (Vice Chairman)	16,000.00	100 %	14,531.51	100 %
Kunz (Member of the Supervisory Board) 9	0.00	– %	2,958.90	100%
Dr Legge (Member of the Supervisory Board)	12,000.00	100 %	10,531.51	100 %
Marx (Member of the Supervisory Board) 10	12,000.00	100 %	7,594.52	100 %
Moritz (Member of the Supervisory Board) 11	0.00	– %	2,958.90	100 %
Rustemeyer (Member of the Supervisory Board) 12	12,000.00	100 %	7,594.52	100 %
Prof Dr Schäfer (Member of the Supervisory Board)	12,000.00	100 %	10,531.51	100 %
Total remuneration	88,000.00	100 %	77,764.38	100 %

9 Member of the Supervisory Board until 15 May 2019

10 Member of the Supervisory Board since 15 May 2019, employee representative

11 Member of the Supervisory Board until 15 May 2019

12 Member of the Supervisory Board since 15 May 2019, employee representative

In the 2021 financial year, proven expenses amounting to 611.78 euros were reimbursed.

Apart from the work performed by the employee representatives under their employment contracts, the members of the Supervisory Board did not perform any personal services, such as consulting or agency services, for secunet AG or its subsidiaries in the 2021 financial year and therefore did not receive any additional remuneration for such services.

Comparative presentation of remuneration and earnings development

The following comparative presentation shows the annual change in the remuneration granted and owed to current and former members of the Management Board and Supervisory Board as well as the development of the Company's earnings and the remuneration of secunet AG employees on a full-time equivalent basis.

For the comparison with the development of the average remuneration of employees, the average remuneration of permanent, domestic employees is taken as a basis – since comparable remuneration structures can be assumed here. If employees also receive remuneration as a member of the Supervisory Board of secunet AG, this remuneration has not been taken into account. To ensure comparability, the remuneration of part-time employees was extrapolated to the full-time equivalent.

The remuneration of the employees includes the agreed fixed salaries, including benefits in kind for company cars as well as the bonuses and coronavirus payments paid in the financial year.

Comparative presentation of remuneration and earnings development for members of the Management Board

	Remuneration granted and owed in 2021	Remuneration granted and owed in 2020	Change 2021 vs 2020
	in thousand euros	in thousand euros	in thousand euros	in %
Current members of the Management Board
Deininger	649.7	597.0	52.7	9 %
Henn	542.7	396.9	145.8	37 %
Dr Martius	548.9	422.7	126.2	30 %
Pleines	610.1	572.5	37.6	7 %

Former members of the Management Board
Dr Baumgart	84.8	169.6	-84.8	(50 %)

Employees
Ø salary of employees	75.7	71.7	4.0	6 %

Earnings development
Group profit (in million euros)	42.9	35.0	7.9	23 %
secunet AG net income for the year (in million euros)	43.5	32.8	10.7	33 %

Comparative presentation of remuneration and earnings development for members of the Supervisory Board

	Remuneration granted and owed in 2021	Remuneration granted and owed in 2020	Change 2021 vs 2020
	in thousand euros	in thousand euros	in thousand euros	in %
Current members of the Supervisory Board
Dr Wintergerst	24.0	21.1	2.9	14 %
Dr Zattler	16.0	14.5	1.5	10 %
Dr Legge	12.0	10.5	1.5	14 %
Marx	12.0	7.6	4.4	58 %
Rustemeyer	12.0	7.6	4.4	58 %
Prof Dr Schäfer	12.0	10.5	1.5	14 %
Former members of the Supervisory Board 13
Kunz	0.0	3.0	-3.0	(100 %)
Moritz	0.0	3.0	-3.0	(100 %)
Employees
Ø salary of employees	75.7	71.7	4.0	6 %
Earnings development
Group profit (in million euros)	42.9	35.0	7.9	23 %
secunet AG net income for the year (in million euros)	43.5	32.8	10.7	33 %

13 Member of the Supervisory Board until 15 May 2019

Independent auditor's report on the audit of the remuneration report pursuant to Section 162 AktG

To secunet Security Networks Aktiengesellschaft, Essen.

We have audited the remuneration report of secunet Security Networks Aktiengesellschaft, Essen, prepared in accordance with Section 162 of the German Stock Corporation Act (AktG) for the financial year from 1 January to 31 December 2021 including the related disclosures.

Responsibilities of the executive directors and the Supervisory Board

The executive directors and the Supervisory Board of secunet Security Networks Aktiengesellschaft are responsible for the preparation of the remuneration report, including the related disclosures, in compliance with the requirements of Section 162 AktG. The executive directors and the Supervisory Board are also responsible for such internal controls as they deem necessary to enable the preparation of a remuneration report, including the related disclosures, that is free from material misstatement, whether due to fraud or error.

Auditor's responsibility

Our responsibility is to express an opinion on this remuneration report, including the related disclosures, based on our audit. We conducted our audit in accordance with generally accepted standards in Germany for the audit of financial statements set out by the Institute of Public Auditors in Germany (IDW). Those standards require that we comply with ethical requirements and plan and perform the audit to obtain reasonable assurance about whether the remuneration report, including the related disclosures, is free from material misstatement.

An audit involves performing procedures to obtain audit evidence about the valuations and the related disclosures contained in the remuneration report. The audit procedures are selected at the auditor's due discretion. This includes assessing the risks of material misstatement, whether due to fraud or error, of the data in the remuneration report including the related disclosures. In assessing these risks, the auditor considers the internal control system relevant to the preparation of the remuneration report, including the related disclosures. The objective is to plan and perform audit procedures that are appropriate in the specific circumstances, but not to express an audit opinion on the effectiveness of the Company's internal control system. An audit also includes an assessment of the accounting principles used and the reasonableness of accounting estimates made by the executive directors and the Supervisory Board, as well as an evaluation of the overall presentation of the remuneration report, including the related disclosures.

We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our audit opinion.

Audit opinion

In our opinion, based on the findings of our audit, the remuneration report for the financial year from 1 January to 31 December 2021, including the related disclosures, complies in all material respects with the accounting provisions of Section 162 AktG.

Reference to any other matter – Formal audit of the remuneration report pursuant to Section 162 AktG

The substantive audit of the remuneration report described in this auditor's report includes the formal audit of the remuneration report required by Section 162 (3) of the German Stock Corporation Act (AktG), including the issuance of a report on this audit. As we express an unqualified audit opinion on the substantive audit of the remuneration report, this audit opinion includes the conclusion that the disclosures pursuant to Section 162 (1) and (2) AktG have been made in all material respects in the remuneration report.

Restriction on use

We issue this auditor's report on the basis of the engagement concluded with . The audit was conducted for the purposes of the Company and the auditor's report is intended solely to inform the Company about the results of the audit. Our responsibility for the audit and for our auditor's report is to the Company alone in accordance with this engagement. The auditor's report is not intended for any third parties to base any (investment and / or financial) decisions thereon. We therefore do not assume any responsibility, duty of care or liability towards third parties; in particular, no third parties are included in the scope of protection of this contract. Section 334 of the German Civil Code (BGB), according to which objections arising from a contract may also be raised against third parties, is not waived.

Essen, 23 March 2022

PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft

Lutz Granderath Michael Herting German Public Auditor German Public Auditor

Independent practitioner's report on a limited assurance engagement on non-financial reporting

To secunet Security Networks AG, Essen

We have performed a limited assurance engagement on the combined non-financial statement of secunet Security Networks AG, Essen (hereinafter referred to as the "Company"), contained in the section of the combined management report, for the period from 1 January to 31 December 2021 (hereinafter referred to as the "combined non-financial statement").

Within the scope of our engagement, we did not perform an audit on external sources of information or expert opinions referred to in the combined non-financial statement.

Responsibilities of the executive directors

The executive directors of the Company are responsible for the preparation of the combined non-financial statement in accordance with Sections 315c in conjunction with 289c to 289e HGB and Article 8 of REGULATION (EU) 2020 / 852 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 18 June 2020 on establishing a framework to facilitate sustainable investment and amending Regulation (EU) 2019 / 2088 (hereinafter the "EUTaxonomy Regulation") and the delegated acts adopted in relation thereto, as well as with their own interpretation of the wording and terms contained in the EU Taxonomy Regulation and the delegated acts adopted in relation thereto, as set out in the section "EU Taxonomy" of the combined non-financial statement.

This responsibility of the Company's executive directors includes the selection and application of appropriate methods of combined reporting as well as making assumptions and estimates related to individual non-financial disclosures which are reasonable in the circumstances. Furthermore, the executive directors are responsible for such internal controls as they have considered necessary to enable the preparation of a combined non-financial statement that is free from material misstatement, whether due to fraud (manipulation of the non-financial statement) or error.

The EU Taxonomy Regulation and the delegated acts adopted in relation to it contain wording and terms that are still subject to considerable uncertainties of interpretation and for which clarifications have not yet been published in all cases. For this reason, the executive directors have set out their interpretation of the EU Taxonomy Regulation and the delegated acts adopted in relation to it in the section "EU Taxonomy" of the combined non-financial statement. They are responsible for the defensibility of this interpretation. Due to the inherent risk that undefined legal terms can be interpreted differently, the legal conformity of the interpretation is subject to uncertainties.

Independence and quality control of the audit firm

We have complied with the German professional provisions regarding independence as well as other ethical requirements.

Our audit firm applies the national legal requirements and professional standards – in particular the Professional Code for German Public Auditors and German Chartered Auditors ("Berufssatzung für Wirtschaftsprüfer und vereidigte Buchprüfer": "BS WP / vBP") as well as the Standard on Quality Control 1 published by the Institut der Wirtschaftsprüfer (Institute of Public Auditors in Germany; IDW): Requirements to quality control for audit firms (IDW Qualitätssicherungsstandard 1: An-forderungen an die Qualitätssicherung in der Wirtschaftsprüferpraxis – IDW QS 1) – and accordingly maintains a comprehensive system of quality control including documented policies and procedures regarding compliance with ethical requirements, professional standards and applicable legal and regulatory requirements.

Practitioner's responsibility

Our responsibility is to express a limited assurance conclusion on the disclosures in the combined non-financial statement based on the assurance engagement we have performed.

We conducted our assurance engagement in accordance with the International Standard on Assurance Engagements (ISAE) 3000 (Revised): "Assurance Engagements other than Audits or Reviews of Historical Financial Information" issued by the IAASB. This standard requires that we plan and perform the assurance engagement to allow us to conclude with limited assurance that nothing has come to our attention that causes us to believe that the condensed non-financial statement of the Company for the period from 1 January to 31 December 2021 has not been prepared, in all material respects, in accordance with Section 315c in conjunction with 289c to 289e HGB and the EU Taxonomy Regulation and the related delegated acts as well as the interpretation by the executive directors as set out in the section "EU Taxonomy" of the combined non-financial statement.

In a limited assurance engagement, the audit procedures performed are less extensive than in a reasonable assurance engagement, resulting in a substantially lower level of assurance. The assurance procedures selected depend on the practitioner's judgement.

Within the scope of our assurance engagement, we performed amongst others the following assurance procedures and further activities:

» Obtaining an understanding of the structure of the sustainability organisation and of the stakeholder engagement
» Inquiries of the personnel involved in the preparation of the combined non-financial statement regarding the preparation process, the internal control system relating to this process and selected disclosures in the combined non-financial statement
» Identification of the likely risks of material misstatement of the combined non-financial statement
» Comparison of selected disclosures with corresponding data in the consolidated financial statements and in the combined management report
» Evaluation of the presentation of the non-financial disclosures
» Evaluation of the process for identifying taxonomy-eligible economic activities and the corresponding disclosures in the combined non-financial statement.

The executive directors have to interpret undefined legal terms when determining the disclosures in accordance with Article 8 of the EUTaxonomy Regulation. Due to the inherent risk that undefined legal terms can be interpreted differently, the legal conformity of the interpretation and, accordingly, our assurance in this regard are subject to uncertainties.

Assurance conclusion

Based on the assurance procedures performed and the assurance evidence obtained, nothing has come to our attention that causes us to believe that the combined non-financial statement of the Company for the period from 1 January to 31 December 2021 has not been prepared, in all material respects, in accordance with Sections 315c in conjunction with 289c to 289e HGB and the EU Taxonomy Regulation and the related delegated acts as well as the interpretation by the executive directors as set out in the section "EUTaxonomy" of the combined non-financial statement. We do not provide an opinion on external sources of information or expert opinions referred to in the combined non-financial statement.

Restriction on use of the assurance report

We draw attention to the fact that the assurance engagement was performed for the purposes of the Company and the report is intended solely to inform the Company about the results of the limited assurance engagement. Consequently, it may not be suitable for any purpose other than the aforementioned. The report is thus not intended for any third parties to base any (financial) decision thereon. Our sole responsibility is to the Company. We do not assume any responsibility towards third parties. Our assurance conclusion is not modified in this respect.

Düsseldorf, 23 March 2022

PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft

Aissata Touré ppa. Juliane von Clausbruch German Public Auditor

Service

Locations

Headquarters Essen

secunet Security Networks AG Kurfürstenstraße 58 45138 Essen Tel: + 49 201 5454 - 0 Fax:+ 49 201 5454 - 1000

Berlin

secunet Security Networks AG Alt-Moabit 96 10559 Berlin

Bonn

secunet Security Networks AG Dreizehnmorgenweg 6 53175 Bonn

Dresden

secunet Security Networks AG Ammonstraße 74 01067 Dresden

Frankfurt secunet Security Networks AG Mergenthalerallee 77 65760 Eschborn

Hamburg secunet Security Networks AG Osterbekstraße 90 b 22083 Hamburg

Hanover

Stashcat GmbH Hamburger Allee 2 – 4 30161 Hanover

Ilmenau

secunet Security Networks AG Werner-von-Siemens-Straße 6 98693 Ilmenau

Munich

secunet Security Networks AG Konrad-Zuse-Platz 2 – 12 81829 Munich

Paderborn secunet Security Networks AG Hauptstraße 35 33178 Borchen

Siegen

secunet Security Networks AG Weidenauer Straße 223 – 225 57076 Siegen

Stuttgart

secunet Security Networks AG Neue Brücke 3 70173 Stuttgart

Training Center Dresden

secunet Security Networks AG Ammonstraße 74 01067 Dresden

Financial Calendar 2022

25 March Annual Report 2021

25 March Analysts' / Investors' Conference

10 May Group Quarterly Statement as at 31 March 2022

25 May Annual General Meeting 2022

10 August Half-year Financial Report as at 30 June 2022

8 November Group Quarterly Statement as at 30 September 2022

Imprint

Issued by secunet Security Networks AG Kurfürstenstraße 58 45138 Essen

Phone: + 49 201 54 54 - 0 e-mail: [email protected] www.secunet.com

Investor Relations Phone: + 49 201 54 54 - 39 37 e-mail: [email protected]

Press Phone: + 49 201 54 54 - 12 34 e-mail: [email protected]

Concept, design and setting sam waikiki GbR, Hamburg www.samwaikiki.de

Text secunet Security Networks AG

Information

This financial report contains statements regarding the future performance of secunet Group, as well as economic and political developments. These statements are opinions that we have formed based on the information currently available to us. Should the assumptions on which these statements are based not be applicable or should further risks arise, the actual results may deviate from the results currently expected. We cannot therefore offer any guarantee as to the accuracy of these statements.

Due to rounding, it is possible that individual figures in this Annual Report may not add up precisely to the totals provided and percentages presented may not accurately reflect the absolute values to which they relate.

For better readability, we use only the grammatically masculine form in this Annual Report. Titles always refer to all applicable genders: male, female, diverse.

All the brand and trade names or product names mentioned in this Annual Report are the property of the corresponding holder. This applies in particular for DAX, MDAX, SDAX, TecDAX and Xetra as registered trademarks and property of Deutsche Börse AG.

This Annual Report was published on 25 March 2022. It is available in German and English. Both versions are available for download at www.secunet.com. The German version is legally binding in cases of doubt.

secunet Security Networks AG Kurfürstenstraße 58 45138 Essen

Phone: + 49 201 54 54 - 0 Fax: + 49 201 54 54 - 1000

e-mail: [email protected] Internet: www.secunet.com

AI Terminal

secunet Security Networks AG

386_10-k_2022-04-14_8eab4a1d-bdf5-4f15-8ef7-69651c09ac5e.pdf

Key Figures

of secunet Group according to IFRS

Long-term development of sales and EBIT

Public Sector

Digital sovereignty for state and society

Business Sector

Secure digitalisation in industry and healthcare

secunet – protecting digital infrastructures

Annual Report 2021

1. To the Shareholders

2. Management Report

3. Consolidated Financial Statements

4. Annual Financial Statements

5. Other Information

Foreword by the Management Board

Dear Shareholders, Ladies and Gentlemen,

A new record year

Outlook and challenges

Supervisory Board report

Dear Shareholders, Ladies and Gentlemen,

Supervision and examination methods

Meetings of the Supervisory Board

Corporate Governance

Supervisory Board topics

Committee work

Annual Financial Statements and Consolidated Financial Statements for 2021

Expression of thanks

Spotlight

Digitalisation of industrial things: more efficiency, new business models

Intelligent production processes and cloud manufacturing

Challenges on the way to a secure Industry 4.0.

Turning old into new: leverage digital optimisation potential with secunet edge

A single platform for all industrial sectors

The secunet share

Stock market development

The secunet share

Dividend and proposed dividend

Annual General Meeting

Shareholder structure

Shareholder structure

Communication with the capital market

Key figures and trading data

Master data and indices

Corporate Governance Statement

Management and supervisory structure

Supervisory Board

Management Board

Targets for the appointment of women

Diversity and long-term succession planning for the Management Board

Responsible risk management

Transparent corporate governance and corporate values

Shareholders and Annual General Meeting

Corporate governance guidelines

Management Board and Supervisory Board remuneration

Disclosures on share-based incentive schemes

Notification of transactions under Article 19 of the European Market Abuse Regulation (managers' transactions)

Accounting and auditing of the financial statements

Declaration of Conformity under Section 161 of the German Stock Corporation Act dated 23 November 2021

Age limit for Management Board members

Committees of the Supervisory Board

Determination of the amount of the variable remuneration components (Management Board remuneration) Recommendation G.8 GCGC 2020: Subsequent changes to the target values or comparison parameters shall be excluded.

Remuneration of committee members

Principles of the Group

Business model and Group structure

Business model

Legal structure of the Group

Divisions and sales markets

Public Sector

Business Sector

Corporate management

Research and development activities

Economic report

General economic environment

Sector-specific framework conditions

Business performance in 2021

Business performance of secunet Group

Business performance of secunet AG