Bittium Oyj

Governance Information • Mar 20, 2023

Corporate Governance Statement Reporting Period Jan. 1–Dec. 31, 2022

Contents

Corporate Governance	4
The Board of Directors	5
Description of Activities	5
Diversity Principles of the Board of Directors	6
The Board Committees	9
Chief Executive Officer	10
Management Group	12
Election and Remuneration of the Auditor	15
Main Features of Internal Control and
Risk Management Processes Related to
Financial Reporting Processes	15
Insider Guidelines	18
Related Party Transcations	18

Corporate Governance

The governance of Bittium Corporation (hereinafter ´Company´) is determined by the Company's Articles of Association, the laws of Finland (such as the Finnish Limited Liability Companies Act and Securities Market Act), and the Company's Corporate Governance Code. The Company follows the Finnish Corporate Governance Code 2020 prepared by the Finnish Securities Market Association and entered into force on January 1, 2020. The Governance Code may be viewed, inter alia, at the Finnish Securities Market Association website at www.cgfinland.fi.

This Statement is made separately from the Report by the Board. The Board's Audit Committee and the Company's auditor have reviewed this Statement. The statutory governing bodies of the Company are the Shareholders' meeting, the Board of Directors, the Chief Executive Officer, and the Auditor. The Management Group supports the statutory governing bodies of the Company. The Company's domicile is Oulu.

This Statement is publicly available on the Company's website at www.bittium.com.

The Board of Directors

The Board of Directors is responsible for the Company´s governance and proper organization of operations. The Board of Directors comprises three to seven (3–7) members and in addition, it may have one to three (1–3) deputy members. The Annual General Meeting shall elect the members of the Board of Directors for a term that expires at the end of the following Annual General Meeting. The number of terms for the members of the Board of Directors is not limited. The Board of Directors selects a Chairman among its members.

The Board conducts an annual evaluation of the independence of its members in accordance with recommendation 10. A member of the Board is required to submit to the Company the information necessary to conduct the evaluation of independence. A Board member is also required to notify the Company of any changes in information relating to independence.

The Annual General Meeting held on April 16, 2022, decided that the Board of Directors shall comprise five (5) members. Mr. Erkki Veikkolainen, Ms. Riitta Tiuraniemi, Mr. Veli-Pekka Paloranta, Mr. Petri Toljamo, and Mr. Pekka Kemppainen were re-elected as members of the Board of Directors for a term of office expiring at the end of the next Annual General Meeting. At its assembly meeting held on April 6, 2022, the Board of Directors elected Mr. Erkki Veikkolainen as the Chairman of the Board of Directors. Further, the Board has resolved to keep the Audit Committee. Ms. Riitta Tiuraniemi (Chairman of the committee), Mr. Petri Toljamo, and Mr. Veli-Pekka Paloranta were elected as members of the Audit Committee.

Description of Activities

The Board of Directors has defined a working order and evaluates its performance annually. The Board of Directors shall implement the decisions of the General Meeting. The Board of Directors supervises the operations and management. The Board of Directors makes decisions on the Company´s guiding principles for operation, strategy, and budget. The Board of Directors decides on mergers and acquisitions and other strategic alliances as well as significant investments and significant matters regarding organization and finance. The Board of Directors supervises that the control of the Group companies´ accounting and financial affairs is duly organized. The Board of Directors appoints the CEO and possible Deputy for him or her as well as approves the Company´s organizational structure.

The CEO, CFO, and CLO (who acts as secretary of the Board of Directors) attend the meetings of the Board of Directors. Other management attends the meetings when necessary or upon invitation by the Board of Directors. The Chairman of the Board approves the agendas of the meetings of the Board of Directors. The agendas are prepared by the CEO and the CLO.

An annual clock, according to which the regular subjects to be handled are determined, is applied in the Board´s work. In addition to the regular subjects of the annual clock, the most important subjects of the Board during the year were the corporate structure changes, ensuring growth and profitability, and the change of CEO.

The Annual General Meeting decides on the compensation of the members of the Board of Directors and the compensations can be publicly reviewed on the Company's website at www.bittium.com.

In 2022 the Board convened 13 times. The Board members attended the meetings as follows:

January 1–December 31, 2022	Board	Audit committee
Erkki Veikkolainen	13/13
Veli-Pekka Paloranta	12/13	6/6
Riitta Tiuraniemi	12/13	6/6
Pekka Kemppainen	13/13
Petri Toljamo	13/13	6/6

Diversity Principles of the Board of Directors

In the Company, diversity is seen as an essential part of corporate responsibility and as a factor in success that enables the achievement of strategic targets and continuous improvement of customer intimacy.

In planning the composition of the Board of Directors, the requirements of the Company´s business operations, the phases of development, and the competence requirements of the Board committees are taken into account. In appointing members of the Board the target is to ensure that the Board as a whole supports the development of the Company´s current and future business operations. Diversity plays a part in supporting this goal, so the Company aims to reach a situation where the facts supporting diversity are taken into account as significant criteria in planning the composition of the Board of Directors.

Diversity of the Board is considered from different perspectives. From the Company´s point of view, it is important to have Board members with diverse backgrounds in terms of competence, training, and experience in different business operations, varying stages of business development, and leadership as well as diverse personal characteristics. Experience in international business environments and different cultures in addition to consideration of age and gender will support the diversity of the Board. The objective is that both genders are represented on the Board and the Company aims to maintain a good and balanced distribution of genders.

To fulfill the diversity principles, the diversity principles are taken into account in the process of finding and assessing member candidates, and representatives of both genders are looked for to the process. The status of diversity and progress of the goal mentioned above is monitored in the self-assessment discussions of the Board. A person elected as a Board member of the Company must have the competence required for the position and be able to devote a sufficient amount of time to the duties required. In forming the composition of the Board long-term needs and successor planning will be taken into account.

According to the Articles of Association of the Company, the Board of Directors comprises three to seven (3–7) members, and in addition, it may have one to three (1–3) deputy members. The composition of the Board and the number of members shall be such that they enable the Board to perform its duties efficiently. The members of the Board are appointed annually at the Company´s Annual General Meeting.

During the financial period of January 1, 2022–December 31, 2022, the Board of Directors has comprised five members. Four of the members have been males and one female. The self-assessment discussions of the Board have concluded that the members of the Board are so different in their special skills, backgrounds, and age, and gender that the Board as a whole has therefore been able to effectively support the business of the Company and its development.

Board of Directors' Annual Clock 2022

Key topics covered during the year

HYR: Half Year Reports JM: Joint Meeting with management team BR: Business Review

Bittium Corporation

The Board of Directors

Erkki Veikkolainen

b. 1952, M.Sc. (EE), eMBA Full-time occupation: Mevita Invest Oy, CEO

Positions of trust:

• •Bittium Corporation (prev. Elektrobit Corporation), Member of the Board 2008–2015, Chairman of the Board 2015–.
• KoskiRent Ltd,
• Member of the Board 2020–.
• Lumous lighting Ltd, Member of the Board 2019–.
• Elcoflex (Suzhou) Co. Ltd,
• Member of the Board 2007–. • Elcoflex Oy,
• Member of the Board 2015–, Chairman of the Board 2006–2015. • Maustaja Oy,
• Member of the Board 2006–.

Previous work history:

• •Bittium Technologies Ltd (prev. Elektrobit Technologies Ltd.),
• Member of the Board 2011–2015. • Elektrobit Corporation, Executive Vice President, Contract R&D and
• Test Business Units 2002–2003. • Elektrobit Technologies Ltd.,
• Managing Director 2001–2003. • Elektrobit Ltd., Vice President,
• Business Development 1998–2001. • Nokia Mobile Phones, various positions
• 1985–1998, latest Vice President.

Holdings Dec. 31, 2022:

Holds 1,817,665 Bittium Corporation shares.

Independent as regards both the Company and its significant shareholders.

Pekka Kemppainen

b. 1954, Lic.Sc. (Tech.) Full-time occupation: Professional Board Member

Positions of trust:

• •Bittium Corporation, Member of the Board 2019–.
• Valmet Corporation,
• Member of the Board 2018–. • Junttan Ltd,
• Member of the Board 2018–.

Previous work history:

• Nestor Cables, Member of the board, 2020,
• Chairman of the Board 2021–2022. • KONE Corporation,
• Executive Vice President, Service business 2010–2017.
• KONE Corporation, Executive Vice President & Area Director Asia Pacific, 2004–2010.
• KONE Corporation, Senior Vice President, New Elevator and
• Escalator Business, 1999–2004. • KONE Corporation, various
• positions 1984–1999, last R&D and Technology Director.

Holdings Dec. 31, 2022:

Holds 5,785 Bittium Corporation shares.

Independent as regards both the Company and its significant shareholders.

Veli-Pekka Paloranta

b. 1972, M.Sc, (Econ.) Full-time occupation: Lehto Group Oyj, Chief Financial Officer

Positions of trust:

• •Bittium Corporation,
• Member of the Board and Member of the Audit Committee 2020–.

Previous work history:

• •Bittium Corporation
• (former Elektrobit Corporation), Chief Financial Officer, 2010–2015.
• Elektrobit Corporation, Director, Finance, 2008–2010.
• JOT Automation Ltd,
• Chief Financial Officer, 2007–2008.
• Elektrobit Group Corporation, Business Controller, 2000–2007.

Holdings Dec. 31, 2022

Holds 6,021 Bittium Corporation shares.

Independent as regards both the Company and its significant shareholders.

Riitta Tiuraniemi

b. 1962, M.Sc, Electrical Engineering Full-time occupation: Professional Board Member

Positions of trust:

• •Bittium Corporation, Member of the Board 2018–, Member of the Audit Committee 2018–2020, Chairman of the Audit Committee 2020–.
• Skoggi Ltd, Member of the Board 2022–. • Gratis Finland Ltd, Founder and
• Chairman of the Board 2022–. • Wamma Consultants Ltd,
• Founder and Member of the Board 2021–.

Previous work history:

• Celltrum Ltd,
• Member of the Board 2020–2022.
• Skoggi Ltd, Operational Director, Founder and Chairman of the Board
• 2019–2022. • HealthOperator Ltd., CEO, Founder and Member of the Board 2014–2019.
• •DNA Ltd, CEO 2009–2013.
• •DNA Finland Ltd, CEO 2005–2008.
• •DNA Networks Ltd, CEO 2004–2005.
• •DNA Networks Ltd, CTO, Member of
• Management Group 1999–2005. • Omnitele Oy, Department Head,
• Mobile Communications Consultancy, Member of Management Group 1990–1999.
• Technology Development Centre, TEKES, Finland Senior Technical Adviser, Information Technology 1996–1997.
• Nokia Telecommunications, System Designer, Chief System Designer 1986–1990.

Holdings Dec. 31, 2022:

Holds 16,751 Bittium Corporation shares.

Independent as regards both the Company and its significant shareholders.

Petri Toljamo

b. 1974, M.Sc, Radio Engineering, eMBA Full-time occupation: Professional Board Member

Positions of trust:

• •Bittium Corporation,
• Member of the Board, Member of the Audit Committee, 2021–.
• •Bittium Corporation, Member of the Board, 2018–2020.
• HT Growth Partners Oy, Founder, CEO, and Chairman of the Board, 2022–.
• Moontalk Oy,
• Member of the Board, 2020–2021, Chairman of the Board 2021–.
• Manea Capital Oy, Chairman of the Board, 2016–.

Previous work history:

• Keysight Technologies Inc., NEMO Wireless-Network Testing, Vice President and Keysight Technologies Finland Oy, Managing Director and Chairman of the Board, 2017–2022.
• •Anite Finland Oy, Managing Director and Anite Network Testing Business Unit, Managing Director, 2013–2017.
• Pulse Electronics, Mobile Division Director and Pulse Finland,
• Managing Director 2011–2013. • Elektrobit Wireless Communications,
• Vice President, Device and Network Solutions Business Area, 2010.
• Elektrobit Wireless Communications, Vice President, Mobile Device Solutions Business Area, 2008–2009.
• Elektrobit Wireless Communications, Cellular Terminal Solutions Business Area, Director, 2007–2008.
• Elektrobit Wireless Communications, Platform R&D and Head of Terminal
• Programs, Director, 2005–2006. • Elektrobit GmbH, Business Development,
• Director, 2004–2005. • Elektrobit Oy, various product development, project management and business positions, 1996–2004.

Holdings Dec. 31, 2022:

Holds 23,635 Bittium Corporation shares.

Independent as regards both the Company and its significant shareholders.

The Board Committees

The proper function of the corporate governance of a company requires that Board work is organized as efficiently as possible. For this reason, the Company has established an Audit Committee.

The Directors on the Committee can concentrate on the matters delegated to the Committee more extensively than the entire Board of Directors. The purpose of the Committee is to enhance the efficient preparation of matters within the competence of the Board, increase transparency, and ensure the quality and efficiency of the decision-making of the Board.

The Committee assists the Board by preparing matters falling within the competence of the Board. The Board remains responsible for the duties assigned to the Committee. The Committee has no autonomous decision-making power, and thus the Board makes the decisions within its competence collectively.

The Committee shall regularly report on its work to the Board. The reports shall include at least a summary of the addressed matters and measures taken by the Committee.

The central duties and operating principles of the Audit Committee are described in the next chapter. The Annual General Meeting decides on the compensation of the members of the Board Committee, and such compensations can be publicly viewed on the Company´s website at www.bittium.com.

Audit Committee

The Audit Committee has the following duties:

• to monitor and assess the reporting process of financial statements;
• to monitor and assess the financing reporting system;
• to supervise the financial reporting process and risk management process;
• to monitor and assess the efficiency of the Company´s internal control, internal audit, if applicable, and risk management systems;
• to monitor and assess how agreements and other legal acts between the Company and its related parties meet the requirements of the ordinary course of business and arm´s -length terms;
• to handle the Company´s corporate governance statement and nonfinancial report;
• to monitor the Company´s auditing;
• to monitor and evaluate the independence of the auditor and, in particular, the offering of services other than auditing services by the auditor; and
• to prepare the appointment of the Company´s auditor.

The Chairman and the members of the Audit Committee are appointed by the Board of Directors of the Company. At least one member of the audit committee must have expertise in accounting or auditing. The Board of Directors elected in the Annual General Meeting held on April 6, 2022 decided in its assembly meeting held on the same day to elect Ms. Riitta Tiuraniemi (Chairman of the Committee), Mr. Petri Toljamo and Mr. Veli-Pekka Paloranta as members of the Audit Committee. All members of the Committee are independent of the immediate interest of both the Company and its significant shareholders and they have long-term experience in business management.

In addition to Committee members, other regular participants in the committee meetings are CEO, CFO, and CLO who acts as the Committee´s secretary and optionally external auditors. Further, the Committee members may meet the external auditors without the operative management being present in such meetings. In 2022, the Audit Committee convened 6 times to ordinary meetings. The Committee has evaluated, prepared, and reviewed, inter alia, the following subject matters during the financial period of January 1, 2022–December 31, 2022:

• Financial Statements of 2021;
• Business Reviews and Half Year Financial Reports of 2022;
• Annual audit plan for 2022;
• Observations based on auditing during the financial period;
• Starting to prepare the appointment of the Company´s auditor;
• Observation by the internal control;
• Cash flow monitoring and evaluation of the sufficiency of financing;
• M&A-related issues and their effects on the result, balance sheet and financing status of the Group;
• Group legal structure-related questions; and
• Impairment testing of the subsidiary shares and goodwill.

During 2023 the Committee´s focus areas are:

• Near future changes in Sustainability Reporting; and
• Cashflow Forecasting Process.

Chief Executive Officer (CEO)

The CEO is in charge of the operative management of the Company in accordance with the Finnish Limited Liability Companies Act, the Articles of Association as well as the instructions and orders given by the Board of Directors. The CEO is responsible for the preparation of the Board meetings and implementation of any decisions made therein. Further, the CEO is responsible for ensuring that the Company´s accounting methods comply with the applicable law and that the financial matters are being handled in a reliable manner. The CEO prepares strategy, long-term planning, investments, mergers and acquisitions, financing and makes decisions thereof to the extent that such decisions are not tasks of the Board of the Directors. The CEO is responsible for financial planning, the Group´s communications and investor relations.

The Board of Directors defines and approves the essential terms of the service of the CEO, including the CEO´s remuneration, in the form of a written agreement. The CEO´s service contract is effective until further notice and can be terminated by the Company with twelve (12) and the CEO with six (6) months´ written notice.

The pension security of CEO is statutory and he does not have supplementary pension. According to the pension legislation, the lowest limit of the pension age for CEO is 65 years and 3 months at the moment.

Hannu Huttunen

Chief Executive Officer, 2015–. b. 1966, M.Sc. (Econ.)

Positions of trust:

• Oulu University of Applied Sciences, Member of the Board, 2021–.
• Advisory Board of Oulu University 2019–.
• Technology Industries of Finland, Member of the Board 2017–.

Previous work history:

• Elektrobit Technologies Ltd., President, Wireless Business Segment 2010–2015.
• Tekniseri Oy, Member of the Board 2012–2016.
• EXFO Inc., Vice President, Wireless Division (previously NetHawk Oyj) 2010.
• NetHawk Oyj, CEO 2003–2010, NetHawk Oy, Executive Vice President 2002–2003.
• Nokia Mobile Phones Oy, Vice President, IP Convergence 2002, Vice President Special Products Business 1998–2002, NMT450 Business unit leader 1995–1998.

Holdings Dec. 31, 2022: Holds 21,369 shares in Bittium Corporation.

Management Group

The management group supports the CEO in his tasks and consists of the CEO as the chairman, CFO, CLO, Vice President, Communications and Marketing, Directors responsible for product and service areas, and Vice President responsible for Engineering.

The management group supports the CEO in operative management, implementation, and follow-up of the CEO´s competence area, in particular as regards the operative business, the management and development of the business portfolio, asset management and taxation, internal audit, Corporate Governance of the Company, investor and marketing communications, and risk management.

Jari-Pekka Innanen

Vice President, Engineering, 2015–. b. 1968, M.Sc. (ME)

Previous work history:

• Elektrobit Wireless Communications Ltd., Vice President, Engineering, Wireless
• Business Segment, 2011–2015. • Elektrobit, Senior Manager,
• WS Global Resourcing, 2007–2010.
• Elektrobit, Manager, Head of Global HW, 2006–2007.
• Elektrobit, Manager, Mobile Terminal Solutions, Head of HW Competence areas, 2006.
• Elektrobit, Manager, Mechanical Competence Center, 2003–2005.
• Elektrobit, Project Manager, 1999–2003.
• Elektrobit, Mechanical Designer, 1998–1999.
• Outokumpu Stainless Steel, Supervisor Cold Rolling Mills, 1994–1997.

Holdings Dec. 31, 2022:

Holds 7,320 Bittium Corporation shares.

Kari Jokela

Chief Legal Officer, 2014–. b. 1969, LL.M., trained on the bench, Mag.Iur. (Saarbrücken), M.Sc. (Econ.)

Previous work history:

• Elektrobit Technologies Ltd.,
• Senior Legal Counsel, 2012–2014. • Elektrobit Corporation,
• Senior Legal Counsel, 2010–2012.
• Elektrobit Automotive GmbH, Senior Legal Counsel, 2008–2010.
• Elektrobit Corporation, Senior Legal Counsel, 2008.
• Polar Electro Ltd., Group Legal Counsel, 2000–2007.
• •Asianajotoimisto Gilbert, Segall and Young Oy, Attorneys at Law Helsinki,

attorney, 1998–2000. Holdings Dec. 31, 2022:

Holds 2,420 Bittium Corporation shares.

Tommi Kangas

Senior Vice President, Connectivity Solutions, 2019–. b. 1971, Master of Engineering, Machine Automation

Previous work history:

• •Bittium, Sales Director, Connectivity Solutions Product and Service Area and Sales, 2015–2019.
• Elektrobit, Senior Account Manager, Wireless Solutions Business Segment, 2010–2014.
• Elektrobit, Key Account and Business Line Manager, Mobile Infra Solutions Business Area, 2009–2010.
• Elektrobit, Business Line Manager, Radio Network Solutions Business Unit, 2006–2008.
• Elektrobit, Project Manager, Radio Network base station project, 2004–2005.
• Elektrobit, Mechanical Chief Designer
• and Specialist, 2000–2004. • Elektrobit, Mechanical Designer, 1998–2000.

Holdings Dec. 31, 2022:

Holds 2,741 Bittium Corporation shares.

Pekka Kunnari

Chief Financial Officer, 2015–. b. 1967, M.Sc. (Econ.), LL.M.

Positions of trust:

• Partnera Corporation, Member of the Board 2019–2020, Chairman of the Board 2020–.

Previous work history:

• Elektrobit Technologies Ltd., Vice President, Finance, 2011–2015.
• Elektrobit Corporation, Director, Finance, 2005–2011.
• Elektrobit Inc, Group Controller, 2004–2005.
• Elektrobit Group Corporation,
• Group Controller, 2003–2004.
• Elektrobit Ltd.,
• Business Controller, 2001–2003. •RPC Rapid Prototyping Center Oy,
• Finance Manager, 2000–2001.
• Tilintarkastajien Ltd. Ernst & Young, Auditor, 1998–2000.
• Tuottotieto Ltd., Business Consultant, 1994–1998.

Holdings Dec. 31, 2022:

Holds 4,320 Bittium Corporation shares.

Karoliina Malmi

Vice President, Communications and Marketing, 2015–. b. 1977, M.A. International Business Communications

Previous work history:

• Elektrobit Corporation, Corporate Communications Manager, 2015.
• Elektrobit Automotive GmbH, Corporate Communications Manager, 2013–2015.
• Elektrobit Corporation, Corporate Communications Manager, 2009–2013.
• Elektrobit Corporation, Internal
• Communications, 2006–2008. • Elektrobit Group Plc,
• Communications, 2002–2006. • JOT Automation Group Plc,
• Investor Relations and Communications, 2001–2002.

Holdings Dec. 31, 2022:

Holds 2,920 Bittium Corporation shares.

Antti Näykki

Senior Vice President, Medical Technologies, 2022– b. 1976, B.Eng. Embedded Systems

Previous work history:

• Bittium Oyj, Director,
• Medical Product Management, 2020–2022. • Bittium Oyj, Director, Corporate Business
• Development, 2019–2020.
• Jutel Oy, Chief Executive Officer, 2015–2019.
• Polystar AB, Director of Sales, 2012–2013.
• EXFO Inc., Director of Sales EMEA, Wireless, 2010–2013.
• EXFO Inc./NetHawk Oyj,
• Global Key Account Manager, 2007–2010. • NetHawk Oyj, Area Sales Manager MEA,
• 2004–2007.
• NetHawk Oyj, Technical Support, 2002–2003.

Holdings Dec. 31, 2022:

Does not hold any shares in Bittium Corporation.

Jari Sankala

Senior Vice President, Defense & Security, 2016–. b. 1966, M.Sc. (Electrical Engineering, Digital Communications)

Previous work history:

•Bittium Corporation,

• Senior Vice President, Sales, 2015–2016. • Elektrobit Wireless Communications Ltd, Senior Vice President, Sales & Marketing,
• Wireless Business Segment, 2014–2015. • Elektrobit Wireless Communications Ltd,
• Executive Vice President, Defence and Security, 2011–2014.
• NetHawk Group, Executive Vice President of Sales & Marketing, 2005–2011.
• NetHawk Germany, Managing Director, 2001–2005.
• Siemens AG, Sales Director Northern Europe, Mobile Networks, Germany, 1996–2001.

Holdings Dec. 31, 2022:

Holds 30,141 Bittium Corporation shares.

Election and Remuneration of the Auditor

The Company shall have one (1) auditor that has qualified as Certified Public Accountant and if the auditor is not an auditing company as defined by the law, one (1) deputy auditor shall be elected. The term of office of the auditor expires at the end of the following Annual General Meeting.

The General Meeting 2022 re-elected Ernst & Young Oy as auditor of the Company for a term of office ending at the end of the next Annual General Meeting. Ernst & Young Oy has notified that Mr. Jari Karppinen, APA, will act as the responsible auditor. It was decided that the remuneration to the auditor shall be paid against the auditor's reasonable invoice.

The auditor´s fees in 2022 amounted to EUR 102,000 (EUR 84,000 in 2021). Of the aggregate fees, EUR 91,000 was attributable to auditing (EUR 74,000 in 2021), EUR 7,000 to tax advice (EUR 8,000 in 2021), and EUR 4,000 to other services (EUR 2,000 in 2021).

Main Features of Internal Control and Risk Management Processes Related to Financial Reporting Processes

Risk Management

The purpose of risk management is to secure the positive development of earnings of the Company and the continuation of the business by implementing risk management cost-effectively and systematically throughout the different businesses.

Risk management is part of the Company´s strategic and operative planning, daily decision-making process, and internal control system. Business objectives, risks, and risk management operations are combined through risk management as one chain of events.

Main Principles of Organizing Risk Management

Company adheres to the risk management policy approved by the Board.

Risk management contains all actions, which are connected to setting up targets, identification of risks, measurement, review, handling, reporting, follow-up, monitoring and reacting to risks.

The Aim of Risk Management of the Company is to:

• systematically and thoroughly identify and assess all major risks which threaten the achievement of objectives, including risks related to business operations, property, agreements, competence, currencies, financing, and strategy;
• optimize business opportunities and secure continuation of business;
• recognize and identify uncertainties and subsequently develop the prediction of risks and measures needed to manage risks;
• take only calculated and assessed risks with respect to, e.g., expanding the business, increasing market share and creating new businesses;
• avoid or minimize liability risks;
• ensure the safety of products, solutions, and services;
• establish a safe working environment for the employees;
• minimize possibilities for unhealthy occurrences, crimes or misconduct by operating procedures, control, and supervision;
• inform interest groups of risks and risk management; and
• be cost-effective in risk management.
• The Aim of Risk Management is not to:
• exclude all risks in their entirety;
• adopt unnecessary control and management procedures; or
• take bureaucratic processes and procedures into use.

Main Principles of the Risk Management Process

In connection with the strategy process and annual planning the CEO reviews business risks which could endanger the achievement of strategic or financial targets. Risk assessment reports are produced to support the strategy process. Strategic and operative risks are monitored through monthly reporting by businesses in the Board of the Company. Businesses must produce assessments of risks in their designated areas of responsibilities and provide action plans to manage risks as well as to report on measures taken including the stage and effectiveness of such measures.

General Description of Internal Control and Operational Procedures

Internal control is a process applied by the Board of Directors, management and all levels of personnel in the Company to ensure that management has reasonable assurance that:

• 1. operations are effective, efficient, and aligned with strategy;
• 1. financial reporting and management information is reliable, complete and timely made; and
• 1. the Company complies with applicable laws and regulations as well as the Company´s internal policies and ethical values including sustainability.

The first category addresses the basic business objectives, including performance and profitability goals, strategy, implementation of objectives and actions and safeguarding resources. The second category relates to the preparation of reliable published financial statements, including half year financial reports and condensed financial statements and selected financial data derived from such statements, such as earnings releases, reported publicly. The third category deals with complying with those laws and regulations to which the Company is subject to.

Internal Control Framework of the Company

Bittium's internal control framework consists of

• the internal control, risk management and corporate governance policies and principles set by the Company´s Board of Directors;
• management overseeing the implementation and application of the policies and principles;
• finance function and business controllers monitoring the efficiency and effectiveness of the operations and reliability of the financial and management reporting;
• enterprise risk management process identifying, assessing, and mitigating risks threatening the realization of the Company´s objectives;
• monitoring possible agreements and other legal acts between the Company and its related parties;
• compliance procedures making sure that all applicable laws, regulations, internal policies and ethical values (including sustainability) are adhered to;
• effective control environment at all organizational levels including control

activities tailored for defined processes and creating group minimum requirements for product and service areas as well as for geographical areas;

• shared ethical values and strong internal control culture among all employees; and
• internal audit assignments reviewing the effectiveness of the internal controls as needed.

Risks and Controls in Core Business Processes

Risk management procedures are in place for business processes in the form of defined control points:

• relevant process risks are identified;
• common control points / Company´s minimum requirement control points are identified;
• common control points are implemented in business processes; and
• additional control points can be determined as needed at business or functional levels.

Control activities are the policies and procedures that help ensure that management directives are carried out. They help ensure that necessary actions are taken to address risks to the achievement of the Company´s objectives. Control activities are set throughout the organization, at all levels, and in all functions. They include various range of activities including but not limited to approvals, authorizations, verifications, reviews of operating performance, securing of assets, and segregation of duties.

Internal Controls over Financial Reporting

The Company´s external financial reporting process, internal control, and risk management systems are briefly described in this section. The main focus is on financial accounting and related controls.

Financial Reporting Organization

The financial management of the Company is responsible for organizing the accounting, money transactions, and other daily financial operations of the companies belonging to it as well as organizing the internal reporting that supports the business.

The tasks of the Company´s financial administration consist of, inter alia, monthly consolidation of the Group entity, preparation of quarterly financial reports and consolidated financial statements, management and investment of monetary assets of the Group, management of liabilities, protection against exchange risk, and transfer pricing. The finance function of the Company implements operative supervision under the CFO who reports any supervisory findings to the Audit Committee. The tasks and responsibilities of the accounting function of the parent company and each subsidiary are included in the job descriptions of the teams and employees.

Financial Reporting Systems

Consolidated financial statements are prepared by using the chosen consolidation tool. The accounting of the Group´s subsidiaries is done by using the local accounting systems from which the actual figures are reported either manually or by automatic transfer to the group consolidation system. The accounting system in use includes general ledger accounting, accounts payables, and accounts receivables. Current assets and payroll accounting are organized through various programs or purchased as an outsourced service. Purchase invoices are circulated through an electronic invoice processing system. Global forecasts and budgets are prepared by using the forecast and reporting program.

Internal Controls

The Company´s internal control mechanisms are based on policies, instructions, limited process descriptions, authorization matrix, financial reporting review meetings, and segregation of key accounting duties.

Compliance Procedures

Compliance processes are in place at all levels of the organization to ensure that all applicable laws, regulations, internal policies, and ethical values, including sustainability, are adhered to. The management and businesses are responsible for following up on developments in legislation and regulations in their respective areas and communicating them to the organization. The members of the Management Group are responsible for setting up adequate compliance controls and compliance-related training in their units. The CLO of the Company coordinates the appropriateness and compliance of the compliance processes.

Roles and Responsibilities Regarding Risk Management and Internal Control

The key roles and responsibilities regarding the Company´s internal control and risk management are defined as follows:

Board of Directors

The Board of Directors is ultimately responsible for the administration and the proper organization of the operations of the Company. According to good corporate governance, the Board also ensures that the Company has duly endorsed the corporate values applied to its operations. The Board approves the internal control, risk management, and corporate governance policies. The Board establishes the risk-taking level and risk-bearing capacity of the Company and re-evaluates them regularly as part of the strategy and goal-setting of the Company. The Board reports to the shareholders of the Company.

Audit Committee

Audit Committee is responsible for the following internal control-related duties:

• to monitor the reporting process of financial statements;
• to supervise the financial reporting process;
• to monitor the efficiency of the company´s internal control and internal audit, if applicable, and risk management systems;
• to review the description of the main features of the internal control and risk management systems pertaining to the financial reporting process, which is included in the company´s corporate governance statement; and
• to monitor the statutory audit of the financial statements and consolidated financial statements.

More detailed descriptions of how the Audit Committee is fulfilling its monitoring role are defined in the Committee's annual plan. The Audit Committee reports to the Board of Directors of the Company.

Chief Executive Officer

The CEO is in charge of the day-to-day management of the Company in accordance with the instructions and orders given by the Board. The CEO sets the ground for the internal control environment by providing leadership and direction to senior managers and reviewing the way they are controlling the business. The CEO is in charge of the risk management process of the Company and its continuous development, allocation of resources to the work, review of risk management policies as well as defining the principles of operation and the overall process. The CEO reports to the Board on risk management as part of the monthly reporting. The CEO and the Management Group, which operates under the CEO, are responsible for the management of risks endangering the fulfillment of objectives set for the Company.

Management Group

The members of the Management Group are responsible for internal control implementation in their responsibility areas. More specific internal control policies and procedures are established within the principles set by the Board and CEO. Additionally, the management of the subgroup and the Group Management is responsible for implementing risk management practices in the planning cycle and daily operations and ensuring adherence of:

• laws;
• regulations;
• internal policies; and
• ethical values

in their designated responsibility areas.

The CFO:

• ensures a setup of adequate control activities for product and service areas in cooperation with the business management;
• follows the adequacy and effectiveness of control activities; and
• ensures that external reporting is correct, timely, and in compliance with regulations.

The finance function does not have a separate internal control function. CFO reports any supervisory findings to the Audit Committee.

The CLO ensures that the Group´s corporate governance practices comply with the law and that legal matters of the Group are handled appropriately, in particular the contractual risks relating to business operations.

Internal Audit

The Company has no specific internal audit organization. This is taken into account in the content and scope of the annual audit plan. On one hand, external auditing focuses on specific areas in turn to be audited, and on the other hand, on separately agreed priority areas.

Insider Guidelines

The Company adheres to the Insider Guidelines for Listed Companies prepared by Nasdaq Helsinki Ltd (previously NASDAQ OMX Helsinki Ltd, OMX Nordic Exchange Helsinki Ltd, and Helsinki Stock Exchange), the Central Chamber of Commerce, and the Confederation of Finnish Industries. The Company has complemented the Guidelines with its internal insider guidelines. The insider and trading guidelines approved by the Company include regulations on insiders, publication and the postponement of publication of inside information, prohibited use of inside information, insider registers, the duty of notification of managers and their closely associated persons´ transactions, and personnel´s own trading with the Company´s financial instruments. The purpose of the guideline is to explain the content of the guideline published by Nasdaq Helsinki Ltd and other regulations and restrictions relating to the matter and to unify and coordinate the processing of insider and trading matters within the Company.

The managers of the Company must comply with the EU Market Abuse Regulation´s prohibition on dealing in the Company´s financial instruments (closed period). In accordance with the Company´s Board of Directors´ decision, the Company has in addition determined certain time periods during which persons taking part in the preparations of the Company´s financial reporting and other persons who have access to information pertaining to the Company´s financial status are prohibited to trade the Company´s financial instruments. The purpose of the trade restrictions is to control the trading of the Company´s financial instruments and thereby increase trust in the Company and the operation of the securities market. Trading with the Company´s financial instruments is completely prohibited for the aforementioned persons for a period of 30 days before the publication of earnings information of the Company. The most common publications are the release of business reviews and half year report as well as the release of the Company´s financial statements. The restriction is applicable also to any possible preliminary information regarding the financial statements and business review, and half year report.

Persons included in a project-specific insider register are prohibited from all trading and business transactions until the project has expired or has been publicly announced. If the project falls upon another listed company or may affect the price of the financial instruments of another listed company, the project-specific insiders have no right to trade with such company´s financial instruments.

The Company voluntarily maintains on its website a list of the financial instruments owned by the Company´s managers or by the institutions operating under the authority of the managers. The list is updated on the last day of each month.

Related Party Transactions

The purpose of the Company's Guidelines on Related Party Transactions is to ensure that any business transactions involving persons belonging to the Company's related parties are made independently and based on market terms. This also applies to business transactions that otherwise may raise suspicions on whether the transaction was made on market terms. The Company assesses and monitors that any related party transactions promote the purpose and interests of the Company and are commercially justified and overall in the best interests of the Company and that any conflicts of interest are duly taken into account when making decisions on related party transactions.

According to the definition in the Limited Liability Companies Act, a related party transaction is not part of the company's ordinary course of business or is made in deviation from customary commercial terms. These kinds of related party transactions are uncustomary in the company's business. In addition to the general monitoring concerning related party transactions, the Company prepares a special report on transactions that are not part of the Company's ordinary course of business or are made in deviation from customary commercial terms.

The Company has defined its related parties according to the IAS 24.9 standard and maintains an up-to-date register of major business transactions between the Company and its related parties, the parties, and the key terms of such transactions. The information about the related parties is collected annually from the persons belonging to the Company's related parties and serving the Company. The Company monitors possible related party transactions as a part of its internal control. Roles and responsibilities regarding internal control are described on the Company's internet site. In addition, the above-mentioned persons are obliged to notify the Company's related party administration of any related party transactions which have come to their knowledge. Such notification must be made without delay after receiving such information. The transactions are considered major if their total amount exceeds € 20,000 during the financial period.

The Company's related party register is not public, and any information entered in it will not be disclosed to third parties, with the exception of any authorities and the auditor entitled to receive such information. Any major transactions to be performed with the Company's management and its related parties shall be approved by the Board of Directors.

The Company discloses the related party transactions relevant to the shareholders at the latest when the transaction is binding on the Company. The principles of the Guidelines on Related Party Transactions are observed throughout the Bittium Group and in the decision-making concerning all of the Group companies.

Connectivity to be trusted. www.bittium.com

Bittium / Ritaharjuntie 1, FI-90590 Oulu, Finland / t. +358 40 344 2000 / www.bittium.com

Copyright 2023 Bittium. All rights reserved. The information contained herein is subject to change without notice. Bittium retains ownership of and all other rights to the material expressed in this document. Any reproduction of the content of this document without prior written permission from Bittium is prohibited.