Annual Report 2022

02 F-Secure 2022

F-Secure 2022

Key figures	03
President and CEO's review 04
F-Secure in brief .	06
Highlights 07
Business model .	08

Sustainability Statement

Sustainability .		10
------------------	--	----

Financials

Board of Directors' Report .	16
Key figures	24
Shares and shareholders .	25
Calculation of key ratios .	26
Consolidated financial statements .	27
Statement of comprehensive of income .	27
Statement of financial position .	28
Statement of cash flows .	29
Statement of changes in equity .	30
Notes to the financial statements .	31
F-Secure Corporation financial statements .	52
Auditor's Report .	63
Information for shareholders .	68

Corporate Governance

Corporate Governance Statement .	70
Board of Directors .	75
Leadership team .	78
Remuneration Report .	84

F-Secure is a globally operating cyber security company that offers award-winning security and privacy products and services. We help tens of millions of consumers to protect themselves against online threats, and our solutions allow customers to take care of all their cyber security and privacy needs.

F-Secure delivers brilliantly simple, frictionless security experiences that make every digital moment more secure, for everyone. Our offering includes a comprehensive range of cyber security products and services related to endpoint security, privacy protection, password management and digital identity protection, and router security that protects consumer's entire connected home.

F-Secure has led the cyber security industry for more than 30 years and was reborn through the demerger of the consumer business from WithSecure Corporation in June 2022. F-Secure operates globally in over 100 countries and has approximately 17 million subscribers in all channels. F-Secure revenue in 2022 was EUR 111.0 million and we employed around 380 people. F-Secure head office is in Helsinki, Finland.

F-Secure was created through the demerger on 30 June 2022, when WithSecure's consumer security business was transferred into a new independent company. F-Secure shares are listed on the official list of Nasdaq Helsinki. The financial information presented in this report is based on actual figures as an independent

group after the consummation of the partial demerger and carve-out figures prior to the consummation of the partial demerger.

This Annual Report is not an xHTML document compliant with the ESEF (European Single Electronic Format) regulation. The Financial Statements and Board of Directors' report 2022 in accordance with ESEF regulations are available electronically as an xHTML document at www.f-secure.com/en/investors.

03 F-Secure 2022

Key figures 2022

* The Board's proposal to the Annual General Meeting. F-Secure Corporation has formed a separate legal group as of June 30, 2022, and therefore only half year's dividend will be distributed for the year.

Revenue by channel, % Revenue by geography, %

04 CEO letter

President and CEO's review

2022 was a year of change for F-Secure. The demerger from WithSecure was carried out and completed at the end of June, followed by the listing of F-Secure Corporation on the main market of Nasdaq Helsinki on 1 July 2022. F-Secure embarked on a new era as an independent company, with focusing solely on securing the digital moments that give consumers' online lives meaning and purpose.

Our mission is to continuously deliver brilliantly simple, frictionless security experiences to make digital moments secure for our partners and customers. F-Secure strategy strives for delivering profitable growth and it builds on three strategic pillars: increase average revenue per user (ARPU), develop current offering and new products, and expand into new channels. The roll-out of the latest version of F-Secure Total, which combines VPN, password management, and endpoint and identity protection into one unified application experience started and accelerated towards the year-end. Expansion into new important vertical partnerships progressed well with for example bank and insurance companies signing up for F-Secure Total. During the year approximately 35 existing partners signed up for F-Secure Total upgrade. This supports our growth strategy to increase average revenue per user and to convert existing customer base from standalone products to our all-in-one security suite.

F-Secure has a strong position in the consumer security market through our global partner network, and we see great potential to expand into new channel partnerships and thereby widen our potential customer base. Our other products, such as F-Secure Sense and ID Protection have also been well received by the market which is reflected in the positive revenue development.

05 CEO letter

In 2022, we are happy to deliver revenue growth and solid profitability while facing a more challenging operating environment towards the end of the year. The underlying market demand for F-Secure products and solutions has been favorable across geographies. We witnessed dropped consumer confidence amid tightening inflation, although the cyber security space has proven to be resilient in economic turbulence. Weaker consumer sentiment towards the end of the year resulted in a weaker new business sales in the direct channel.

Revenue in 2022 amounted to EUR 111.0 million, growing by 4.5% year-on-year. This is a solid achievement, which demonstrates the strength of our offering and the stable demand for security and privacy solutions. The adjusted EBITA for the year was EUR 43.9 (47.2) million, with EBITA margin 39.6% (44.4%).

The purpose of F-Secure is to make every digital moment more secure, for everyone. Consumers today encounter digital moments at home, on the move, on multiple devices and through numerous applications. For a comprehensive coverage and seamless security of these digital moments, we have created a new product business cell, called 'Embedded Security'. This new offering complements our existing portfolio and allows our partners to embed F-Secure capabilities and experience natively through their own applications.

F-Secure is committed to offering consumers and partners brilliantly simple security experiences. That

focus will enable us to increase average revenue per user, drive the development of current offering and new products, and our expansion into new channels. Throughout the year, we have witnessed that this focus has delivered results. We have made great progress with our strategic priorities, and it has been a pleasure to see how the demand for comprehensive cyber security solutions is growing and the customer feedback is very positive. Cyber security is a growing concern for people around the world as the number and complexity of cyber threats continue to increase, and the growing demand for cyber security solutions will accelerate our growth.

Our vision is to become the number one security experience company in the world. To support this vision, and a as part of the new era as an independent company we have designed a new brand identity. It will form part of our new generation F-Secure Total product launch starting in February 2023.

The year of 2022 was unusual by all standards, but it provides a solid foundation for our future. During the year I have witnessed the exceptional commitment and spirit of all of us, building the future success of the company, and I am proud of the strong performance of our people during the year. I would like to thank all our fellows, customers and partners for the cooperation during the year.

Timo Laaksonen

I would like to thank all our fellows, customers and partners for the cooperation during the year."

06 F-Secure 2022

F-Secure in brief

Three strategy pillars

Increase Average Revenue Per User (ARPU)

Our aim is to drive the adoption of the all-in-one security suite (F-Secure Total) which we expect to provide new business opportunities to our channel partners and increase both our and channel partners' ARPU.

Developing current offering and new products

We aim to expand market coverage and the accessible market by developing new product groups. New products increase the possible combinations of products and services that we can offer to our channel partners.

Expand into new channels

We aim to reach out to a wide range of service providers, such as insurance companies, and retailers who are facing similar business challenges to Communication Service Providers, which in turn, enables us to replicate our proven business model and service offering and significantly expand our potential customer base.

Financial targets by 2025

Growth

High single digit organic revenue growth

Profitability

After initial growth investments, adjusted EBITA margin of above 42%

Dividend Yield

F-Secure aims to pay around or above 50% of net profit as dividend on an annual basis

Purpose, mission and vision

	We exist to make every digital moment more secure, for everyone.
Mission
	Our mission is to continuously deliver brilliantly simple, frictionless security experiences to make things easy for its partners and customers.
Vision
	Our vision is to become the number one security experience company in the world.

07 F-Secure 2022

Highlights of 2022

Q1

In February, the demerger plan concerning the partial demerger of WithSecure was approved and F-Secure Corporation's Board of Directors decided to pursue towards the separation of the Consumer Security business.

Q2

In April, Timo Laaksonen was appointed President and CEO of F-Secure, and rest of the Leadership Team members of F-Secure were appointed.

In May, the Extraordinary General Meeting of WithSecure decided about the demerger of F-Secure from WithSecure.

In June, the partial demerger was completed F-Secure became an independent company.

Q3

In July, trading in F-Secure shares started on the official list of Nasdaq Helsinki under the trading code FSECURE.

In August, the Board of Directors of F-Secure Corporation decided to establish an Employee Share Savings Plan (ESSP) for the employees of F-Secure Corporation and its subsidiaries.

Q4

In November, a new product business cell, called 'Embedded Security' was introduced. It is a new offering that complements our existing portfolio and allows our partners to embed F-Secure capabilities and experience natively through their own applications. Embedded Security enhances our offering in the service provider segment and provides a new point of entry into new vertical partnerships.

08 Business model

Our business model

Sustainability Statement

Sustainability

One of the worst enemies of cyber security is complexity. We have therefore made it our mission to provide brilliantly simple security experiences to all. It is our responsibility as a provider of cyber security services to tackle the complexity that consumers face and help making people and society cyber-resilient. We've now embarked on this journey investing into cyber security research and enhancing

and perfecting consumer cyber security into an engaging, easily understandable and value-enhancing experience.

Together with our Service Provider partners we can provide simpler experiences for consumers enabling wider adoption. We'll deliver on our mission by developing F-Secure into the best environment for people to develop and apply their skills, competencies and experience for a great purpose – to keep people and society safe. Today, our employees represent already over 40 nationalities, and we intend to continue building a team of people with diverse backgrounds, ensuring everyone can join our community and be who they are."

Timo Laaksonen, President and CEO

Securing consumer trust when using online services is in the very heart of our strategy and purpose. We fight against cyber attacks to create a safe environment for everyone: an environment, where consumers are protected against financial losses and attacks against their privacy and identity. Since founding of our company, we've emphasized strong business ethics as well as equal treatment of our employees.

We've wanted that the feeling of safety, being yourself, and being respected are something we provide to all our employees, wherever we operate. As with our employees, diverse background, talent, and broad experiences were something we emphasized when forming our Board of Directors. And I'm proud to say that we've succeeded on these goals and will continue on the same path".

Pertti Ervi, Chair of the Board of Directors

We are committed to keeping people and society safe

Digitalization, accentuated through the Covid-19 pandemic, has required consumers to adopt new digital skills over the past couple of years. As these new digital skills and online behaviors have become the norm, an increasing portion of modern consumers' day is lived online. And as the time spent online has increased, so have the consumers concerns about online security. Yet, a large majority of even technically savvy consumers are saying that protecting themselves against online threats is extremely complex and difficult.

In our typically annual security survey carried out in 7 countries among more than 7,000 consumers in 2022, we learned that 66% of consumers find cyber security too complicated. Furthermore as many as three out of four consumers want to learn more about cyber security – to better understand the threats and learn how to stay safe.

Towards brilliantly simple security experiences

Our purpose is to make every digital moment more secure for everyone, and this is further supported by our mission to create brilliantly simple security experiences. Through these activities we can increase people's trust in online services and society. We are delivering on our purpose and mission through four practices.

Firstly, we want to perfect consumer cyber security. We drive towards engaging, easily understandable and value-enhancing security experience with our products and services. We constantly monitor the success of our journey through, e.g., Net Promoter Score (NPS). In 2022, we were happy to see that our Endpoint Protection offering NPS was 52 (a score above 20 is favorable and above 50 is excellent). Main feedback among our

customers included 'ease of use', 'good protection' and 'very reliable'.

Secondly, we are directing our cyber security research efforts towards simplification. We are constantly investigating ways to further simplify the user experience to enable wider adoption. As an example of this, we recognized the need to protect all household members and connected smart devices at home such as TVs, gaming consoles, thermostats and implemented the needed security for home WiFi routers. This requires no activity on behalf of the consumer as the functionality can be turned on by the Communication Service Provider.

On top of this, we'll continue to invest into our proven cyber security cloud to protect consumers' digital moments. Today we process daily more than 900 million URL requests, analyze 8 million unique samples while more than half a million malware related events are detected and blocked. These security capabilities have allowed F-Secure during the past eleven years to win AV-Test's Best Protection Award seven times and in 2022 F-Secure SAFE/TOTAL for Windows has received the AV-Test's TOP Product rating in every malware detection test. AV-Test GmbH is an independent research institute in Germany providing international comparisons and individual tests for IT security products and awards the best products annually.

Thirdly, we maintain a constant flow of relevant cyber security related content for consumers to strengthen their skills and for our ecosystem partners to share

with their users. This includes blogs about new threats, tips and guidelines on how to protect yourself and your family when online. We also make various free tools available for consumers to increase their security understanding and cyber-resilience. Furthermore, we drive global cooperation with business partners, public authorities, cyber security expert organizations and cyber security companies to design and run awareness and competence campaigns.

Fourthly, we see our Service Provider partners with large customer bases playing a major role in protecting consumers against online threats. Many of these partners see security as an integral part of their offering and brand promise and they are committed to increase consumer trust and confidence when being online. For more than a decade, F-Secure has built processes and technologies that culminate in its Security Business Platform. Through this platform, our products and services can be made available to consumers as an integrated offering that partners can easily sell and deliver. Our channel partners appreciate our offering and the day-to-day support we provide around security and privacy, and we're very pleased with our Service Provider partner Net Promoter Score of 57. In 2022, we additionally closed 18 new Service Provider contracts to increase consumer security product adoption across regions.

Through its actions and products, F-Secure stands on the frontline in the battle of keeping our digitalizing society safe.

We exist to make every digital moment more secure, for everyone

We make consumer cyber security easily accessible

New partners won during 2022:

2022 Partner Channel NPS:

Engaged employees

People are the key to our success and focus on people development and well-being continued after the demerger at all levels of the organization.

To facilitate dialogue within F-Secure, Employee Net Promoter Score results were monitored quarterly. The results were reviewed by the Leadership Team and discussed in respective teams as well as companywide townhalls. Each function further developed their own, more detailed improvement plans, while key company level actions were agreed upon by the Leadership Team. Summary of the employee survey results and related actions were also discussed with the Board of Directors.

The demerger naturally required significant efforts from all employees and we were particularly proud to see the eNPS result of 45 at the end of 2022, which was higher than that of Q2 2022, proving that our focus on employee well-being had paid off. We also established

a dedicated Wellbeing Taskforce that composes of both employees and HR representatives to ensure wellbeing remains at a good level also in the future.

We are also committed to providing our people with competence development and career opportunities as well as a safe working environment where people can become the best version of themselves. Additionally, we have built a transparent and fair salary system. All our positions are rated against defined job grades and each job grade has a pre-defined salary range to ensure that our employees are compensated in a fair manner.

F-Secure is a truly international company. We are committed to respecting diversity, equality, and inclusion in all its forms, and we have zero tolerance on any discrimination in any areas of our business. By the end of 2022, the average representation of male versus female were 69% male and 31% female among personnel, 85% male and 15% female among leadership team and 67% male 33% female among the Board of Directors.

It is evident that technology and cyber security are both fields that are traditionally male dominated. We believe that true long-term success is built on diverse backgrounds, diverse knowledge and diverse perspectives and we continue building our activities to ensure F-Secure is a company that offers interesting and inclusive career paths to everyone. We have already identified few practical topics to ensure we are on a right path and those include, for example, reviewing and developing our job description and advertising practices, recruitment processes, and engagement channels with job candidates

F-Secure is already highly appreciated as an employer being the #5 most appreciated employer in the Finnish IT technology sector (Universum 2022). Going into 2023, we can develop further and make our company an even better one.

We are a global company, where people truly enjoy working

Building safer online behavior, sustainably, for everyone

F-Secure takes its role as a cyber security ambassador seriously and we continued increasing awareness related to safe online behavior. This was achieved by publishing freely available informative blogs and reports about cyber security. We've also created a community to help people with generic cyber security issues and product usage and continued to blog on cyber security as well as giving tips on how consumers can protect themselves against cyber-threats.

As an example, F-Secure launched F-Alert, a free monthly threat reporting service in November. It provides consumers with the latest threat updates and insights from our experts covering what's happening and information on how to help consumers secure their digital moments.

During November and December, F-Alert already provided insights and expert tips on multiple topics. These included, for example, how scammers target consumers and Facebook users, and how AI and chatbots could be used for cyber-crime. Similarly, it was identified that cyber-criminals weaponized consumers' curiosity and through TikTok challenges tricked people into installing malware. Also, as data breaches happen every day, F-Secure experts go through them in detail and focus on the ones most likely affecting consumers and providing further insights on data breach implications.

In October 2022, F-Secure emphasis on safer digital societies was further highlighted as we became a Cyber Security Awareness Month Champion and focused on awareness campaigns throughout the month. In addition to offering free tools to consumers to improve their understanding of cyber threats, we also offered free cyber-security products in selected

countries together with our Service Provider partners to further help building trust and increase awareness on the importance online safety.

Starting in the spring of 2022, we have also supported the humanitarian crisis in Ukraine by providing our Privacy VPN service FREEDOME to Ukrainians for free. This allows people in Ukraine to have secure and private digital communications with their families and authorities to the extent possible at time of war.

As a software company our environmental impacts are low. However, we believe that every action matters. Majority of our products are sold in electronic form and without any physical packaging such as printed manuals or DVDs. At the end of 2022 physical packaging was used only within our retail channel and even there only to a minor extent, corresponding to 0.08% of the group revenue.

We also participate in industry events aimed at, for example, telecom operators, insurers, banks and retailers. If a physical booth is required, we aim to minimize our environmental footprint, where possible. For example, in October 2022, we built our stand in Broadband Forum event with 100% recyclable materials to emphasize our commitment towards sustainability.

Redefining the focus areas of sustainability

After the demerger from WithSecure in June 2022 F-Secure launched an initiative to renew its sustainability program. We arranged internal workshops, which included Leadership Team members and key personnel from various functions, to assess material sustainability topics. Discussion was driven by existing and upcoming regulation on sustainability reporting and other regulative requirements, which will be impacting the businesses and markets in a few years.

Progress has so far included assessing the impacts of main sustainability megatrends on F-Secure business and evaluating the scale and scope of impacts the company has on various sustainability topics. To be able to properly evaluate the company's position regarding sustainability, we utilized various materials and information sources including scientific studies, statistics and perception studies on climate change, gender equality, cyber security, corruption, and state of human rights.

Our materiality assessment further confirmed that people and society, our employees, cyber security, and general compliance are the sustainability aspects where F-Secure can have the biggest impact and that reciprocally have an impact on F-Secure. In addition, F-Secure recognizes the importance of climate change and assumes a position in the battle against one of the biggest challenges the world is facing during the next decade.

During 2023, F-Secure will build a sustainability program around the identified key topics to ensure that the relevant issues are managed and monitored to the extent needed and to continue building a positive impact on society and people. At the same time, we continue to carefully listen to the requirements of our

internal and external stakeholders and monitor the development of upcoming regulation once we finalize the ESG agenda and setting relevant targets.

To build a strong foundation for sustainability management, F-Secure will also redefine the sustainability management structure through which the efficiency and development of ESG agenda can be monitored and integration of the ESG agenda into the company strategy can be ensured. The work is underway and the company's Leadership Team is involved in the ESG strategy planning. Key findings from the process and the strategy are also presented to the Board of Directors and the Audit Committee for approval. The governance structure for sustainability topics is in line with the company's general corporate governance system.

Financials

F-Secure Corporation in 2022

F-Secure Corporation is a globally operating cybersecurity company. F-Secure designs and offers award-winning security and privacy products and services that help tens of millions of consumers to protect themselves against online threats. F-Secure offering includes a comprehensive range of security and privacy products and services related to endpoint security, privacy protection, password management and digital identity protection, and router security that protects consumers' entire connected home.

F-Secure Corporation was established as a result of a partial demerger from WithSecure Corporation. On 17 February 2022, WithSecure Corporation announced that the Board of Directors of WithSecure had decided to pursue the separation of WithSecure's consumer security business and had approved a demerger plan according to which all assets and liabilities of WithSecure's consumer security business would be transferred without a liquidation procedure to a company to be incorporated in connection with the Demerger and to be named F-Secure Corporation.

The Extraordinary General Meeting of WithSecure Corporation, held on 31 May 2022 resolved to approve the demerger plan. The General Meeting also resolved that the shareholders of WithSecure will receive as demerger consideration one (1) new share in F-Secure for each share they hold in WithSecure on the effective date on 30 June 2022. The Demerger was registered with the Trade Register maintained by the Finnish Patent and Registration Office on the effective date on 30 June 2022. Trading in the shares of F-Secure on the official list of Nasdaq Helsinki commenced on 1 July 2022.

Presentation of financial information

F-Secure Corporation has formed a separate legal group as of June 30, 2022. The financial information presented in this report is based on actual figures as an independent group after the consummation of the partial demerger and carve-out figures prior to the consummation of the partial demerger.

Financial performance

Revenue

F-Secure revenue increased in January–December by 4.5% year-on-year to EUR 111.0 million (106.3 million). At comparable exchange rates, revenue increased by 2.9%. Weakened consumer confidence resulted in a lower new business sales volume in the Direct Channel towards the end of the year.

Partner Channel

Revenue from the partner channel grew by 4.6% to EUR 88.1 million (EUR 84.2 million) with an increase in sales across several regions, such as in Nordic countries, Asia and in North America, where the growth was supported by the strong US dollar. Growth in the partner channel was offset partially by lower retail sales and a regulatory change in Poland in 2021 that had a negative impact on adoption rates on the local market. The roll-out of the latest version of F-Secure Total continued in the partner channel throughout the review period, with 35 existing partners having signed up for F-Secure Total upgrade.

Direct Channel

Revenue from direct channel increased by 3.9% to EUR 23.0 million (EUR 22.1 million). Revenue development was good especially in Germany. Consumer interest in bundled security and privacy solutions drives sales of F-Secure Total and accelerates the development

of the average revenue per user (ARPU). Renewal performance was on a solid level throughout the period, but weaker consumer sentiment impacted new business sales in the direct channel negatively, especially towards the end of the review period.

Gross margin

Gross margin increased by EUR 4.2 million to 101.7 million (EUR 97.4 million) and was 91.6% of revenue (91.7%). Royalties and hosting costs increased in the review period, due to negative USD currency impacts. In connection with the demerger from WithSecure, F-Secure and WithSecure entered into transitional services agreements ("TSA") to support the continuous operations of F-Secure. The TSA costs incurred during the second half of the year and were EUR 1.8 million in total in cost of revenue. These TSAs in cost of revenue are planned to terminate latest by the end of 2023.

Operating expenses

Operating expenses including depreciation, amortization and items affecting comparability (IAC) were EUR 64.0 million (EUR 54.5 million). Sales and marketing costs were EUR 29.9 million (EUR 28.7 million). Research and development costs were EUR 16.4 million (EUR 16.9 million). Administration costs were EUR 17.7 million (EUR 8.8 million). Figures for comparison period are not fully comparable as the classification and allocation method used in carve-out vary from actuals, see more in Note 1, Basis of Preparation on page 31. After the demerger and throughout the second half of the year, a lot of focus has been on ramping and building up the necessary capabilities to operate as an independent company, which has resulted in increased and partially overlapping operating expenses, especially in administration. In connection with the demerger from WithSecure, F-Secure and WithSecure entered into transitional services agreements ("TSA")

to support the continuous operations of F-Secure. The TSA costs incurred in the second half of the year and totaled EUR 1.9 million in R&D and EUR 5.3 million in administration. Majority of the administration TSAs terminated at the end of 2022, and the rest of admin and all of R&D are planned to terminate by the end of 2023.

Items affecting comparability (IAC) totaled EUR 3.8 million (EUR 2.4 million), attributable to costs incurred due to the listing in the first half of 2022 (described in a table on page 24).

Depreciation and amortization totaled EUR 2.0 million (EUR 1.5 million). The increase is related to subleasing agreements F-Secure entered in for its office premises in connection with the demerger in May 2022.

Profitability

Adjusted EBITA was EUR 43.9 million and 39.6% of revenue (EUR 47.2 million, 44.4%). EBIT was EUR 38.8 million and 34.9% of revenue (EUR 43.5 million, 40.9%), including EUR 3.8 million of costs related to the listing. The demerger-related ramp-up process burdened profitability as we are building up and strengthening our operations as an independent company.

Cash flow, financial position and financing

In January–December 2022, cash flow from operating activities before financial items and taxes amounted to EUR 44.4 million (EUR 45.1 million). Cash flow from operations was EUR 36.4 million (EUR 36.1 million) and the cash conversion rate was 96.2% (95.6%). Prior to the Demerger on 30 June 2022, no cash or cash equivalents were allocated to F-Secure in the carve-out financial information, instead it was presented as Receivable from WithSecure. The receivable from WithSecure was

Revenue by sales channel

EUR million	1–12/2022	1–12/2021	Change %
Revenue from external customers
Partner channel	88.1	84.2	4.6%
Direct channel (E-commerce)	23.0	22.1	3.9%
Total	111.0	106.3	4.5%

Revenue by geography

EUR million	1–12/2022	1–12/2021	Change %	Comparable change %
Revenue from external customers
Nordic countries	39.4	36.9	6.9%	6.8%
Rest of Europe	48.7	49.6	–2.0%	–2.0%
North America	17.1	14.6	17.2%	4.5%
Rest of the world	5.9	5.2	13.4%	18.4%
Total	111.0	106.3	4.5%	2.9%

transferred as cash to F-Secure in July 2022, and as at 31 December 2022, cash and cash equivalents were EUR 23.0 million in total.

Total assets were EUR 62.7 million (EUR 38.9 million) at the end of December 2022. Equity ratio was 39.6% (24.5%), while gearing was –63.0%. F-Secure net cash was EUR 19.3 million (net debt of EUR 0.2 million) at the end of December 2022.

As at 31 December 2022, current lease liabilities were EUR 1.0 million (EUR 0.1 million) and non-current lease liabilities were EUR 0.9 million (EUR 0.1 million). The lease liabilities relate to leases for office premises and cars. In May 2022, in connection with the Demerger, F-Secure entered lease agreements for its office premises.

Prior to completion of the Demerger, WithSecure's consumer business conducted by its foreign subsidiaries was separated from the rest of the business into separate companies through business acquisitions or similar transactions in each relevant country. In these transactions, WithSecure or its subsidiary is the buying entity if the transferring business is a corporate security business, and F-Secure or its subsidiary is the buying entity if the transferring business is a consumer security business. The transaction prices vary between approximately EUR 70 thousand and EUR 3.0 million. The payback time for the resulting payables and receivables is primarily three years from the effective date of each local transaction, and prepayment is allowed. The interest rate for the unpaid transaction price varies by country. F-Secure's payables to WithSecure totaled EUR 5.5 million and the receivables from WithSecure totaled EUR 3.7 million.

In January–December 2022, capital expenditure was EUR 4.6 million (EUR 1.7 million). Capital expenditure was mainly related to research and development and IT.

Acquisitions and financial arrangements

F-Secure made no acquisitions or disposals in 2022.

In connection with the demerger process, WithSecure negotiated on behalf of F-Secure, a revolving credit facility with Nordea Bank Abp amounting to EUR 10 million with a maturity of three years and with an equity ratio-based margin grid. Financial covenants include Net Debt to EBITDA and an equity ratio and other standard covenants to similar unsecured transactions. The credit facility agreement was signed by Nordea Bank Abp in May 2022. The revolving credit facility was undrawn as at 31 December 2022.

Group structure and changes

F-Secure Corporation has formed a separate legal group as of 30 June 2022. In connection with the Finnish demerger, 16 subsidiaries were also transferred to F-Secure Group. The subsidiaries are listed in note 23 in the financial statement.

Significant events during the review period

On 31 May 2022, the Extraordinary General Meeting of WithSecure decided that F-Secure will demerge through a partial demerger. The completion of the Demerger was registered with the Finnish Trade Register on 30 June 2022. Trading in F-Secure's shares commenced on the Helsinki Stock Exchange on 1 July 2022. The trading code of the shares in F-Secure is FSECURE.

On 12 April 2022, WithSecure announced appointments of F-Secure's President and CEO and management team with effect upon the completion of the Demerger. Timo Laaksonen was appointed President and CEO. See more information about the management team starting on page 78..

WithSecure negotiated on behalf of F-Secure, a revolving credit facility with Nordea Bank Abp amounting to EUR 10 million with a maturity of three years and with an equity ratio-based margin grid. Financial covenants include Net Debt to EBITDA and an equity ratio and other standard covenants to similar unsecured transactions. The credit facility agreement was signed by Nordea Bank Abp in May 2022. The revolving credit facility transferred to F-Secure on the effective date on 30 June 2022, and is undrawn as at 31 December 2022.

On 23 August 2022, F-Secure announced that the Board of Directors of F-Secure Corporation had decided to establish an Employee Share Savings Plan (ESSP) for the employees of F-Secure Corporation and its subsidiaries. The aim of the ESSP is to encourage employees to acquire and own F-Secure shares, and it is intended to align the interests of the shareholders and the employees as well as to increase employees' long-term commitment to the company. Participation in the ESSP is voluntary and the employees will be invited to participate in one plan period at a time. The first plan period commenced on 1 October 2022 and will end on 30 September 2025. The holding period of the first plan period begins at the first acquisition of savings shares and ends on 30 September 2025.

Research and development

F-Secure Corporation research and development expenditure amounted to EUR 16.4 (16.9) million in 2022, representing 14.8% (15.9%) of revenue and 25.7% (31.0%) of all expenditures. Capitalized development expenses were EUR 4.6 (1.7) million in 2022.

F-Secure research and development activities concentrated on three primary areas: strengthening our teams, systems and processes after the demerger, building our own research capabilities, and developing the next iteration of our Total product.

In 2022, F-Secure invested heavily in securing its technology foundation, increasing R&D headcount to 190, reorganizing its technology operations to take end-to-end responsibility as an independent company, and ensuring the autonomy of its core technology platforms. This work will continue in 2023 until the end of the TSA.

As part of the R&D organization F-Secure has created a research unit, "F-Secure Labs", that conducts independent research on consumer cyber threats. The findings of this research unit guide the direction of our product development. It also develops technology to be used in products to detect and counteract cyber threats. In addition to independent research, F-Secure researchers are active in research and development projects together with external industrial partners and universities.

In 2022 we also saw substantial progress on the roadmap of our flagship product, F-Secure Total, the comprehensive all-in-one security suite. We added new capabilities, including a focus on improved usability and industry-first mobile security features. This product has been available in the Partner Channel since April, but the latest version will be launched also in the Direct Channel in February 2023. Development of this product will continue in 2023 with development of further security capabilities.

Personnel, management and auditors of the company

Personnel

The number of personnel employed by F-Secure at the end of the reporting period 2022 was 376 (248*). In July–December 2022, the average number of personnel was 368 (245*). Wages and salaries were EUR 20.8 million in 2022 (16.1).

* Prior to the demerger on 30 June 2022, the figure consisted of personnel directly employed by the consumer security business and did not include the share of personnel in shared group functions.

Management team

On 12 April 2022, WithSecure announced appointments of F-Secure President and CEO and Management Team with effect upon the completion of the Demerger on 30 June 2022. Timo Laaksonen was appointed President and CEO. At the end of the year the composition of the Leadership Team was the following:

Timo Laaksonen	President & Chief Executive Officer
Sari Somerkallio	Chief Financial Officer
Toby White	Chief Technology Officer
Kitta Virtavuo	Chief People Officer
Paul Palmer	Senior Vice President, Partner Business
Perttu Tynkkynen	Senior Vice President, Direct Business
Michal Iwan	Vice President, Security Suite Business Team
Mikko Kestilä	Vice President, Operations

Richard Larcombe Chief Marketing Officer

Antero Norkio	Senior Vice President, Corporate Development
Steven Offerein	Vice President, Portfolio Management
Dmitri Vellikok	Vice President, Network Security Business Team
TL Viswanathan	Vice President, Embedded Security (as of 1 November 2022)

The Board of Directors

On 16 March 2022, WithSecure announced appointments of members of the Board of Directors of F-Secure Corporation. The members of the Board of Directors are Pertti Ervi, Risto Siilasmaa, Petra Teräsaho, Thomas Jul, Madeleine Lassoued and Calvin Gan.

Auditor

The auditor of F-Secure Corporation is the Authorized Public Accountant PricewaterhouseCoopers Oy with Janne Rajalahti, APA, as the auditor with the principal responsibility.

Shares and shareholders

Demerger from WithSecure Corporation

F-Secure was created through the Demerger on 30 June 2022, when WithSecure's consumer security business was transferred into a new independent company. WithSecure Corporation announced on 17 February 2022 that the Board of Directors of WithSecure had decided to pursue the separation of WithSecure's consumer security business and had approved a demerger plan according to which all assets and liabilities of WithSecure's consumer security business would be transferred without a liquidation procedure to a company to be incorporated in connection with the Demerger and to be named F-Secure Corporation.

After the completion of the demerger at 30 June 2022, F-Secure had 30,805 shareholders, 174,526 944 shares and EUR 80,000 in share capital. Trading in the shares of F-Secure, admitted to trading on the official list of Nasdaq Helsinki under the trading code FSECURE (ISIN code: FI4000519236), commenced on 1 July 2022. F-Secure is classified as a Mid Cap company in the Technology sector.

Shares and share capital

At the end of the year 2022, the registered share capital of F-Secure was 80,000 and the company had 174,526,944 fully paid shares. The company has one share class and the company's shares are included in a book-entry system.

Trading of shares

Trading of F-Secure share commenced on the official list of Nasdaq Helsinki on 1 July 2022. In July–December, the highest price paid was EUR 3.26 and the lowest EUR 2.29. The closing price of the share at the end of December 2022 was EUR 2.83. In July–December, the share's volume weighted average price was EUR 2.68. The share trading volume in the review period was EUR 42 million and 15.8 million shares. On December 31, 2022, the company's market capitalization was EUR 494 million.

Shareholders

The number of registered shareholders at the end of the 2022 was 31,399, including nominee registers. The proportion of nominee-registered and direct foreign shareholders was 16.63 per cent of the company's shares at the end of the year. The list of the shareholders of F-Secure Corporation is based on the information given by the Euroclear Finland Ltd.

Treasury shares

During or at the end of the financial year, F-Secure did not hold any treasury shares.

Short-term risks and uncertainties

Risks related to the Demerger

F-Secure's business organizations are dependent to a certain extent on certain functions provided by WithSecure under the transitional services agreement, and WithSecure's inability to provide these functions would have a material adverse effect on F-Secure's business operations.

The Demerger may have undesirable effects on the uninterrupted continuity of certain functions and processes central to F-Secure's operations, such as IT systems, which may result in interruptions and disturbances in F-Secure's business operations and its financial reporting.

F-Secure may not be able to implement its business organization and its independent strategy in the manner and timeframe currently anticipated, and it may not be able to realize any or all of the anticipated benefits.

F-Secure may be liable for certain obligations of WithSecure following the effective date of the Demerger and such obligations could have an adverse effect on F-Secure's financial position and results of operations.

Risks related to F-Secure's operating environment

Intensifying competition in the consumer security market could lead to a general decline of the price level and affect F-Secure's ability to maintain or increase its market share, and the intensifying competition could thus have an adverse effect on F-Secure's revenue, profitability and market share.

F-Secure may not be able to keep up with rapid changes in customer demand, distribution channels, technologies and the evolution of malware and cyber security threats, which could have an adverse effect on F-Secure's reputation, competitiveness, results of operations and financial position.

Inflation has increased the risk of negative development of the cost structure, especially inflation in salary levels could have adverse effect on F-Secure personnel expenses. Rising energy prices could have an impact mainly on cost of revenue through cloud production cost. Inflation may have a negative impact due to lower consumer sentiment mostly indirectly due to decreasing sales of devices for which F-Secure products are typically purchased, but as well directly due to lower renewal rates.

Uncertainty on F-Secure's key markets, financial markets and general economic situation could have an adverse effect on F-Secure's business and growth opportunities, and reduce the demand for the products and services offered by F-Secure. The Ukraine war has increased the uncertainty in the world and the risk of unexpected disruptions of the world economy. The war in Ukraine has caused some exceptional consequences to the cyber security landscape, such

as highly visible governmental activities, as well as organized civilian response to the war efforts.

Risks related to F-Secure's business operations and strategy

The loss of key persons and skilled employees, the possible delay of new hires or the increase in personnel expenses can weaken F-Secure's profitability and the standard of its services or solutions, hinder operations and prevent F-Secure from successfully developing and growing its business.

Actual, possible or perceived defects, disruptions or vulnerabilities in F-Secure products or services, including risks from cyber security attacks and errors or abuses by F-Secure employees and business partners, could harm F-Secure or its customers reputation, decrease sales, hinder operations, tie up personnel resources and give rise to claims for damages and increase other costs.

If F-Secure's agreement with a significant business partner or Channel Partner ends or is terminated, or if F-Secure is unable to continue cooperating with a business partner or Channel Partner under acceptable terms, or if there is a failure by a Channel Partner to fulfil its duties, this could significantly decrease F-Secure revenue, increase its costs, hinder its operative business and weaken its ability to offer services or solutions to its customers.

Risks related to the technology used by F-Secure, intellectual property rights and other regulations

Any malfunctions in technologies, IT systems or network connections used by F-Secure or any security breaches could engender disruptions to F-Secure's service offering. F-Secure may not succeed in registering, protecting, managing, maintaining and enforcing its intellectual property rights, and

F-Secure may be targeted by intellectual property right infringement claims which can cause significant costs. Leakage of personal data collected by F-Secure may have a material adverse effect on F-Secure's business and reputation and result in claims for damages as well as fines and orders imposed by the authorities.

Risks related to F-Secure's financial position and financing

The number of operations and sites outside the Eurozone in different currencies exposes F-Secure to a risk related to currency fluctuations. Changes in the exchange rates between currencies could have an adverse effect on F-Secure's revenue, results and financial position. F-Secure is exposed to transaction risks caused by purchasing and selling products and goods in currencies that are not F-Secure's home currencies, investment risks in units abroad and translation risks that arise when investments in subsidiaries in different currencies are converted into F-Secure's operational currency, i.e., the euro.

Decisions of the Extraordinary General Meeting 2022 and Board authorisations

The Extraordinary General Meeting of WithSecure Corporation was held on 31 May 2022. The Extraordinary General Meeting resolved to approve the demerger plan and the partial demerger, in which all assets and liabilities relating to the company's consumer security business transferred without a liquidation procedure to F-Secure Corporation in accordance with the demerger plan.

The General Meeting's resolution concerning the Demerger included also the resolutions concerning amending WithSecure's Articles of Association, the demerger consideration, reducing WithSecure's share capital and dissolving WithSecure's share premium

reserve as well as authorizing F-Secure's Board of Directors to decide on the repurchase of F-Secure's own shares and on the issuance of shares, option rights and other special rights entitling to shares.

Demerger consideration

The General Meeting resolved that the shareholders of WithSecure receive as demerger consideration one (1) new share in F-Secure for each share they hold in WithSecure on the Effective Date.

Authorization of the Board of Directors of F-Secure to decide on the repurchase of F-Secure's own shares

The General Meeting resolved, conditional upon the completion of the Demerger, to authorize the Board of Directors of F-Secure to decide upon the repurchase of a maximum of 15,000,000 of F-Secure's own shares in total in one or several tranches and with F-Secure's own unrestricted equity.

By virtue of the authorization, the Board of Directors shall decide on the repurchase also in deviation from the proportional holdings of the shareholders (directed repurchase). The authorization comprises the repurchase of shares either in the public trading or otherwise in the market on the trading price determined for the shares in public trading on the date of purchase, or with a purchase offer to the shareholders in which case the repurchase price must be the same for all shareholders. F-Secure's own shares shall be repurchased to be used for carrying out acquisitions or implementing other arrangements related to F-Secure's business, for optimizing the company's capital structure, as part of the implementation of the company's incentive scheme or otherwise to be transferred further or cancelled. The authorization includes the right of the Board of Directors of F-Secure to decide on all other terms related to the repurchase of the company's own shares.

The authorization is proposed to be valid until the conclusion of the first Annual General Meeting of F-Secure following the Effective Date as set forth in the demerger plan, in any case until no later than 30 June 2023.

Authorization of the Board of Directors of F-Secure to decide on the issuance of shares as well as the issuance of options and other special rights entitling to shares

The General Meeting resolved, conditional upon the implementation of the Demerger, to authorize the Board of Directors of F-Secure to decide on the issuance of a maximum of 15,000,000 shares in total through a share issue as well as by issuing options and other special rights entitling to shares pursuant to Chapter 10, Section 1 of the Limited Liability Companies Act in one or several tranches. The authorization concerns both the issuance of new shares and the transfer of treasury shares held by F-Secure.

The authorization entitles the Board of Directors of F-Secure to decide on all terms related to the share issue as well as the issuance of options or other special rights entitling to shares. The issuance of shares may be carried out in deviation from the shareholders' pre-emptive subscription right (directed issue). The authorization may be used for carrying out potential acquisitions or other arrangements, share-based incentive programs or otherwise for purposes decided by the Board of Directors. The Board of Directors of F-Secure is also entitled to decide on the sale of treasury shares on the regulated market of Nasdaq Helsinki Ltd in accordance with its rules and guidelines.

The authorization will be valid until the conclusion of the first Annual General Meeting of F-Secure following the Effective Date as set forth in the demerger plan, in any case until no later than 30 June 2023.

Handling of the remuneration policy for governing bodies of F-Secure

The General Meeting resolved, conditional upon the completion of the Demerger, to support the proposed remuneration policy for governing bodies of F-Secure. The resolution is advisory.

Resolution on the number of members of the Board of Directors of F-Secure

The General Meeting resolved, conditional upon the completion of the Demerger, that the number of members of the Board of Directors of F-Secure shall be six (6).

Resolution on the remuneration of the members of the Board of Directors of F-Secure

The General Meeting resolved, conditional upon the completion of the Demerger, that the remuneration for the term of the Board of Directors of F-Secure shall be paid as follows:

EUR 80,000 for the Chairperson of the Board of Directors,
EUR 48,000 for the Committee Chairpersons
EUR 38,000 for the members of the Board of Directors, and
EUR 12,667 for the members of the Board of Directors employed by F-Secure.

Further, the General Meeting resolved that approximately 40 per cent of the remuneration be paid as shares in F-Secure repurchased from the market and that F-Secure pay any transfer tax levied on the

repurchase of shares. F-Secure will repurchase the shares or transfer shares held by F-Secure as treasury shares in the name and on behalf of the members of the Board of Directors of F-Secure. The travel expenses and other costs of the members of the Board of Directors of F-Secure directly related to board work are paid in accordance with the F-Secure's compensation policy in force from time to time. Each member of the Board of Directors of F-Secure is paid a predetermined travel fee in addition to travel expenses for meetings held outside their country of residence in accordance with F-Secure's travel policy in force from time to time.

Election of members of the Board of Directors of F-Secure

The General Meeting resolved, conditional upon the implementation of the Demerger and in accordance with the Board of Directors' recommendation, to elect Pertti Ervi, Thomas Jul, Madeleine Lassoued, Risto Siilasmaa, Petra Teräsaho and Calvin Gan, who belongs to the personnel of F-Secure, as members of the Board of Directors of F-Secure.

Resolution on the remuneration of the auditor of F-Secure

The General Meeting resolved, conditional upon the implementation of the Demerger and in accordance with the Board of Directors' recommendation, that the remuneration to the auditor of F-Secure be paid in accordance with the approved invoice.

Election of the auditor of F-Secure

The General Meeting resolved, conditional upon the implementation of the Demerger and in accordance with the Board of Directors' recommendation, to elect PricewaterhouseCoopers Oy as auditor of F-Secure. PricewaterhouseCoopers Oy has stated that Mr Janne Rajalahti, APA, will act as the Responsible Auditor.

Organizing meeting of the Board of Directors

In its organizing meeting held after The Extraordinary General Meeting of WithSecure, the members of F-Secure's Board of Directors resolved to elect from among its members Pertti Ervi as the Chairperson of the Board of Directors. The members of the Board of Directors of F-Secure resolved at the same time to establish an Audit Committee and elect Petra Teräsaho as its Chairperson and Pertti Ervi and Risto Siilasmaa as its members.

Outlook for 2023

F-Secure expects the global demand for cyber security solutions to grow while our operating environment has turned more challenging and consumer confidence remains unstable as inflation has risen, causing higher risk for weaker development on new business sales in the direct channel.

We have made a number of growth-related investments in 2022 and continue to do so in 2023. There is a level of uncertainty when these will have a concrete effect on our financial performance.

F-Secure expects revenue to grow by 4–8% year-on-year.

Adjusted EBITA for the full year 2023 is expected to be within 38–41%.

Financial targets (unchanged)

Mid-term financial targets until the end of 2025 are:

Growth: High single digit organic revenue growth
Profitability: After initial growth investments, adjusted EBITA margin of above 42%
Dividend Yield: Around or above 50% of net profit on an annual basis

F-Secure Corporation follows the Rule of 40 metric as internal performance measurement and guiding principle, according to which the combined revenue growth rate and profitability margin should be equal to or greater than 40%.

Board of Directors' proposal for the distribution of profit

According to the company's dividend policy F-Secure aims to pay around or above 50% of net profit as dividend on an annual basis. F-Secure Corporation has formed a separate legal group as of June 30, 2022, and therefore only half year's dividend will be distributed for the year. On December 31, 2022, distributable funds of F-Secure Corporation were EUR 14.9 million. The Board of Directors will propose to the Annual General Meeting that a dividend of EUR 0.07 per share be paid. Earnings per share (EPS) for the period 7–12/2022 was EUR 0.09 and the proposed dividend is 78% of the group bi-annual net profit. No material changes have occurred in the company's financial position since the end of the financial year.

Annual General Meeting 2023

The Annual General Meeting of F-Secure Corporation is planned to be held on March 23, 2023. The Board of Directors will convene the meeting.

Significant events after the review period

F-Secure had no significant events after the period.

Helsinki, 16 February 2023

F-Secure Corporation

Board of Directors

The Corporate Governance Statement and Remuneration Report have been issued separately and are presented in a section of this F-Secure Corporation Annual Report 2022 publication. The reports are also available on the Group's website www.investors.f-secure. com/en/investors/reports\_and\_presentations.

Key figures

	2022*	Carve-out 2021	Carve-out 2020	Carve-out 2019
Revenue	111.0	106.3	100.1	94.8
Revenue growth %	4.5%	6.1%	5.5%
Adjusted EBITDA	44.5	47.4	46.7	40.1
% of revenue	40.1%	44.6%	46.7%	42.3%
EBITA	40.2	44.8	46.5	39.1
% of revenue	36.2%	42.2%	46.5%	41.2%
Adjusted EBITA	43.9	47.2	46.5	39.9
% of revenue	39.6%	44.4%	46.5%	42.0%
EBIT	38.8	43.5	44.7	37.7
% of revenue	34.9%	40.9%	44.6%	39.0%
Adjusted EBIT	42.5	45.9	44.7	37.7
% of revenue	38.3%	43.2%	44.6%	39.8%
Profit before taxes	38.6	43.6	43.7	36.8
% of revenue	34.7%	41.0%	43.6%	38.8%
Result for the period	30.2	34.4	34.2	28.6
% of revenue	27.2%	32.4%	34.2%	30.2%
R&D costs	16.4	16.9	15.3	14.6
% of revenue	14.8%	15.9%	15.2%	15.4%
Investments	4.6	1.7	1.7	3.1
% of revenue	4.2%	1.6%	1.7%	3.3%
Operating cash flow	36.4	36.1	34.5	32.0
Net debt (+)/Net cash (–)	–19.3	0.2	0.2	0.3
Equity ratio %	39.6%	24.5%	24.5%	5.9%
Cash conversion	96.2%	95.6%	89.8%	89.0%
Wages and salaries	20.8	16.1	14.3	16.2
Personnel on average 1)	368	245	233	223
Personnel on Dec 31	376	248	243	227

Reconciliation between adjusted EBITDA, EBITDA, adjusted EBITA, EBITA, adjusted EBIT and EBIT

	2022*	Carve-out 2021
Adjusted EBITDA	44,510	47,395
Adjustments to EBITDA
Strategic review		–2,378
Costs related to listing	–3,764
EBITDA	40,746	45,017
Depreciation and amortization	–1,976	–1,519
EBIT	38,770	43,499

Adjusted EBITA	43,921	47,180
Adjustments to EBITA
Strategic review		–2,378
Costs related to listing	–3,764
EBITA	40,157	44,802
Amortization	–1,387	–1,303
EBIT	38,770	43,499

Adjusted EBIT	42,534	45,877
Adjustments to EBIT
Strategic review		–2,378
Costs related to listing	–3,764
EBIT	38,770	43,499

* Presented as a combination of carve-out financial information for 1 January – 30 June 2022 and consolidated financial information for 1 July – 31 December 2022. Comparison period is presented on a carve-out basis. Refer to note 1 Basis of preparation, accounting principles and carve-out principles.

* The key figures are presented combining actuals and carve-out basis for 1–12/2022 and on an actuals basis for financial position as at 31 December 2022. All other financial information is on carve-out basis. Refer to note 1 Basis of preparation, accounting principles and carve-out principles.

1) Average number of personnel for 2022 represents the average employees after demerger. For other periods the average number of personnel consists of direct personnel working in the Consumer Security Business.

Shares and shareholders

Shares and share ownership distribution, 31 Dec 2022

Shares	Number of shareholders	% of shareholders	Total shares	% of shares
1–100	10,189	32.45%	456,855	0.26%
101–1,000	16,816	53.56%	6,208,406	3.56%
1,001–50,000	4,323	13.77%	16,506,178	9.46%
50,001–100,000	27	0.09%	2,033,549	1.17%
100,001-	44	0.14%	149,321,956	85.56%
Total	31,399	100.00%	174,526,944	100.00%

Shareholders by category, 31 Dec 2022	Total shares	% of shares
Private individuals	83,367,459	47.77%
Pension & Insurance companies	30,421,061	17.43%
Fund companies	17,297,943	9.91%
Companies	6,554,785	3.76%
Foundations	1,373,877	0.79%
Nominee registered	29,025,244	16.63%
Others	6,486,575	3.72%
Total	174,526,944	100.00%

Largest shareholders and administrative register

Owner	Shares	% of shares	% of votes
Risto Siilasmaa	60,022,804	34.39%	34.39%
Nordea Nordic Small Cap Fund	11,557,976	6.62%	6.62%
Mandatum Henkivakuutusosakeyhtiö	8,284,187	4.75%	4.75%
Keskinäinen Eläkevakuutusyhtiö Ilmarinen	6,020,000	3.45%	3.45%
Keskinäinen Työeläkevakuutusyhtiö Elo	4,265,000	2.44%	2.44%
Keskinäinen Työeläkevakuutusyhtiö Varma	3,970,660	2.28%	2.28%
Valtion Eläkerahasto	3,900,000	2.23%	2.23%
Nordea Finnish Stars Fund	2,554,157	1.46%	1.46%
Op Fin Small Cap	2,248,120	1.29%	1.29%
Keskinäinen Vakuutusyhtiö Kaleva	1,967,073	1.13%	1.13%

Administrative register	Shares	% of shares	% of votes
Skandinaviska Enskilda Banken	23,234,966	13.31%	13.31%
Citibank Europe Plc	4,194,690	2.40%	2.40%
Other registers	1,595,588	0.91%	0.91%

Other shareholders	145,501,700	83.37%	83.37%
Total	174,526,944	100.00%	100.00%
Own shares F-Secure Corporation
Total	174,526,944	100.00%

Ownership of management

Board of Directors	Shares	% of shares
Risto Siilasmaa	60,022,804	34.39%
Pertti Ervi	82,442	0.05%
Petra Teräsaho	6,871	0.00%
Thomas Jul	5,439	0.00%
Madeleine Lassoued	5,439	0.00%
Calvin Gan	1,813	0.00%
Total	60,124,808	34.45%

Executive team	Shares	% of shares
Antero Norkio	37,526	0.02%
Timo Laaksonen	13,450	0.01%
Perttu Tynkkynen	6,288	0.00%
Sari Somerkallio	2,298	0.00%
Mikko Kestilä	2,229	0.00%
Michal Iwan	639	0.00%
Dmitri Vellikok
Steven Offerein
Richard Larcombe
Kitta Virtavuo
Paul Palmer
TL Viswanathan
Toby White
Total	62,430	0.04%

Ownership of management

The Board of Directors owned a total of 60,124,808 shares on 31 December 2022. This represents 34.45 percent of the Company's shares and 34.45 percent of votes.

Calculation of key ratios

Key figure	Definition	Key figure	Definition
EBITDA	EBIT + Depreciation, amortisation and impairment	Operating cash flow	Corresponds to the Statement of Cash Flows line item Cash flow from operations
EBITA	EBIT + Amortisation and impairment	Net debt (+) / Net cash (–)	Interest-bearing liabilities – Interest-bearing receivables – Cash and cash equivalents
EBIT	Result before taxes and net financial items
Adjusted EBITDA	EBITDA before items affecting comparability	Equity ratio, %	Total equity Total assets	× 100
Adjusted EBITA	EBITA before items affecting comparability	Cash conversion, %	(Adjusted EBITDA – Capital expenditure –/+ Change in net working capital)	× 100
Adjusted EBIT	EBIT before items affecting comparability		Adjusted EBITDA
Items affecting comparability	Items affecting comparability are associated with strategic reviews and cost related to listing	Earnings per share, EUR	Profit attributable to equity holders of the company Weighted average number of outstanding shares
Operating expenses	Sales and marketing, research and development, and administration expenses	Shareholders' equity per share, EUR	Equity attributable to equity holders of the company
Capital expenditure	Corresponds to the Statement of Cash Flows line item Investments in intangible and tangible assets	Gearing, %	Number of outstanding shares at the end of period (Interest-bearing liabilities – cash and bank) Total equity	× 100

Statement of comprehensive of income

EUR 1,000	Note	2022*	Carve-out 2021

REVENUE	(3)	111,017	106,250
Cost of revenue	(7)	–9,342	–8,806
GROSS MARGIN		101,675	97,444
Other operating income	(4)	1,076	523
Sales and marketing	(5, 6, 7)	–29,857	–28,746
Research and development	(5, 6, 7)	–16,434	–16,891
Administration	(5, 6, 7)	–17,690	–8,831

EBIT		38,770	43,499
Financial income	(9)	1,476	276
Financial expenses	(9)	–1,691	–208
PROFIT (LOSS) BEFORE TAXES		38,556	43,567
Income tax	(10)	–8,403	–9,148
RESULT FOR THE FINANCIAL YEAR		30,153	34,418
Other comprehensive income
Exchange difference on translation of foreign operations		79	75
COMPREHENSIVE INCOME FOR THE YEAR		30,233	34,493
Result of the financial year is attributable to: Equity holders of the parent		30,153	34,418
Comprehensive income for the year is attributable to: Equity holders of the parent		30,233	34,493
Earnings per share – basic and diluted	(11)	0.17	0.20

Earnings per share is based on the average number of shares after Demerger and on the number of shares upon formation of F-Secure on 30 June 2022 for all other periods.

Statement of financial position

EUR 1,000	Note	2022	Carve-out 2021

ASSETS
NON-CURRENT ASSETS
Tangible assets	(12)	154	28
Right-of-use assets	(5, 12)	1,834	250
Intangible assets	(12)	9,064	5,908
Deferred tax assets	(20)	93	223
Interest-bearing receivables	(14, 19)	3,693
Total non-current assets		14,838	6,409

CURRENT ASSETS
Inventories	(13)	41	51
Accrued income	(15)	1,651	1,285
Trade and other receivables	(14, 15, 19)	23,040	19,105
Income tax receivables	(15)	143
Receivable from WithSecure	(14, 19)		12,099
Cash and cash equivalents	(14, 19)	22,953
Total current assets		47,828	32,540
TOTAL ASSETS		62,667	38,949

EUR 1,000	Note	2022	Carve-out 2021

SHAREHOLDERS' EQUITY AND LIABILITIES
SHAREHOLDER'S EQUITY	(16)
Share capital		80
Translation differences		–79
Reserve for invested unrestricted equity		9,590
Retained earnings		15,213
Equity attributable to equity holders of the parent		24,804

TOTAL INVESTED EQUITY	(16)		9,546

NON-CURRENT LIABILITIES
Interest bearing liabilities, non-current	(5, 18, 19)	6,381	109
Deferred tax liabilities	(20)	528	227
Other non-current liabilities	(21)	3,702	3,158
Total non-current liabilities		10,612	3,494

CURRENT LIABILITIES
Interest bearing liabilities, current	(5, 18, 19)	957	136
Trade and other payables	(19,21)	7,818	9,213
Income tax liabilities	(21)	1,152
Other current liabilities	(21)	17,324	16,560
Total current liabilities		27,251	25,909

TOTAL EQUITY AND LIABILITIES		62,667	38,949

The financial position is presented on an actuals basis for 2022 and on carve-out basis for 2021. Refer to note 1 Basis of preparation, accounting principles and carve-out principles.

Statement of cash flows

EUR 1,000	2022*	Carve-out 2021

Cash flow from operations
Result for the financial year	30,153	34,418
Adjustments
Depreciation and amortization	1,976	1,524
Other adjustments	676	484
Financial income and expenses	214	–68
Income taxes	8,403	9,148
Cash flow from operations before change in working capital	41,423	45,506

Change in net working capital
Current receivables, increase (–), decrease (+)	3,238	–1,810
Inventories, increase (–), decrease (+)	10	23
Non-interest bearing debt, increase (+), decrease (–)	–288	1,385

Cash flow from operations before financial items and taxes	44,383	45,105

Interest expenses paid	–63	–25
Interest income received	180	7
Other financial income and expenses	–1,156	58
Income taxes paid	–6,963	–9,020
Cash flow from operations	36,381	36,125

EUR 1,000	2022*	Carve-out 2021

Cash flow from investments
Investments in intangible and tangible assets	–4,635	–1,665
Proceeds from sale of intangible and tangible assets	1	37
Other investments	–4
Cash flow from investments	–4,638	–1,628
Cash flow from financing activities
Increase in interest bearing liabilities	5,663
Increase in long term receivables	–3,789
Repayments of lease liabilities	–612	–225
Equity financing with WithSecure, net	–10,068	–34,272
Cash flow from financing activities	–8,806	–34,497
Change in cash	22,937
Cash and bank at the beginning of the period
Effects of exchange rate changes	16
Cash and bank at period end	22,953

Statement of changes in equity

Attributable to the owners of F-Secure

		Invested equity and retained		Unrestricted	Retained	Translation
EUR 1,000	Note	earnings	Share capital	equity reserve	earnings	difference	Total
Carve-out invested equity 31 December 2020		9,053					9,053
Result of the financial year		34,418					34,418
Translation difference		75					75
Total comprehensive income for the year		34,493					34,493
Cost of share based payments	(17)	401					401
Equity transaction with WithSecure		–34,402					–34,402
Carve-out invested equity 31 December 2021		9,546					9,546
Carve-out invested equity 31 December 2021		9,546					9,546
Result of the period		14,521					14,521
Translation difference		–151					–151
Total comprehensive income for the period		14,370					14,370
Cost of share-based payments	(17)	–208					–208
Equity transactions with WithSecure		–14,796					–14,796
Carve-out invested equity 30 June 2022		8,912					8,912
Demerger 30 June 2022		–8,912	80	9,590	–759		0
Result of the financial year					15,632	–79	15,553
Total comprehensive income for the year					15,632	–79	15,553
Cost of share-based payments	(17)				339		339
Equity 31 December 2022			80	9,590	15,213	–79	24,804

Refer to note 1 Basis of preparation, accounting principles and carve-out principles, for details of the financial information prepared on an actual basis (financial position as at 31 December 2022), combining actuals and carve-out figures for income statement 2022 and carve-out basis (all other financial information presented).

Notes to the financial statements

1. Basis of preparation, accounting principles and carve-out principles

1.1 Basis of preparation

Background

F-Secure is a Finnish and globally operating cybersecurity company. The parent company of the Group is F-Secure Corporation incorporated in Finland and domiciled in Helsinki, Finland. Company's registered address is Tammasaarenkatu 7, 00180 Helsinki. F-Secure operates globally with presence in multiple locations, and its headquarters is located in Helsinki.

F-Secure Corporation formed a separate legal group ("F-Secure", the "Group") as of 30 June 2022 when all assets and liabilities of the Consumer Security Business were transferred from WithSecure Corporation ("WithSecure") to a company incorporated in connection with the partial demerger ("Demerger") and named F-Secure Corporation ("F-Secure"). The trading in F-Secure's shares on Nasdaq Helsinki began 1 July 2022.

A copy of consolidated financial statements can be downloaded on www.f-secure.com or can be received from the parent company's registered address. These financial statements were authorized for issue by the Board of Directors on 16 February 2023. According to the Finnish Companies Act, the Annual General Meeting can confirm or reject the consolidated financial statements after publication. The Annual General Meeting can also decide to change the financial statements.

F-Secure business

F-Secure designs and offers security and privacy products and services that help millions of consumers to protect themselves against online threats. F-Secure's offering includes a comprehensive range of security and privacy products and services related to endpoint security, privacy protection, password management and digital identity protection, and router security that protects consumers' entire connected home. The majority of F-Secure's sales come from selling products and services through its extensive and global Channel Partner network, including approximately 180 Channel Partners. Channel Partners include, for example, communication service providers, retailers, banks, and insurance companies. In addition to selling products through Channel Partners, F-Secure makes standalone and all-in-one security offerings available to consumers through various e-commerce channels such as mobile application stores and its own online store.

Basis of preparation for the consolidated financial statements

The consolidated financial statements for the year ended 31 December 2022 have been prepared for the purpose of presenting the financial position, results of operations and cash flows of F-Secure on a consolidated and carve-out basis. F-Secure did not exist as a separate legal group prior to the Demerger on 30 June 2022 and therefore has not prepared consolidated financial statements. Until 30 June 2022 the financial statements have been presented on a carve-out basis, as explained in the note 1.3 Carve-out Principles and following the formation of the legal group on 1 July 2022, the financial statements have been prepared on a consolidated basis, as explained in the note 1.1 Basis of preparation, section Background. Thus, the statement of comprehensive income and statement of cash flows

for the year ended 31 December 2022 are presented as a combination of carve-out financial information for the period 1 January – 30 June 2022 and consolidated financial information for the period 1 July – 31 December 2022. Management believes that such presentation of financial information results in a faithful representation of the financial performance and cash flows for F-Secure providing investors with relevant information on a full financial year basis. The balance sheet figures as at 31 December 2022 are reported consolidated figures. The comparative figures as at and for the year ended 31 December 2021 are presented on carve-out basis.

The consolidated financial statements of F-Secure Corporation of 2022 have been prepared in accordance with International Financial Reporting Standards (IFRS), applying the IAS and IFRS standards as well as SIC and IFRIC interpretations that were in force and had been approved by the EU by 31 December 2022. In addition, Finland's accounting and limited liability company legislation and official regulations have also been considered in the preparation of the consolidated financial statements.

F-Secure publishes its financial statements in XHTML format in accordance with the European Single Electronic Format (ESEF) reporting requirements. In line with the ESEF requirements, the primary financial statements have been labelled with XBRL tags. Notes to financial statements have been labelled with XBRL block tags. The XBRL tags have not been subject to audit.

The consolidated financial statements have been prepared on a going concern basis. This assumes that the Group has sufficient resources to continue as a going concern and that the management intends to

do so, at least for one year from the date of signing the financial statements.

The financial information is presented in thousands of euros unless otherwise stated. All figures have been rounded which may cause the sum of individual figures to deviate from the sum of the presented line-item totals.

Intangible assets

Research and development expenditure

Research expenditure is recognized as an expense at the time it is incurred. Development expenditure on new products or product versions with significant new features are recognized as intangible assets when F-Secure has the technical feasibility to complete the asset, has the ability and intention to use or sell the asset; can demonstrate that the asset will generate future economic benefits; has resources available to complete the asset; and has the ability to measure reliably the expenditure during development. Amortization is recorded on a straight-line basis over the estimated useful life, which is 3–5 years for these assets.

Other intangible assets

Other intangible assets include intangible rights and software licenses, all with a finite useful life. Other intangible assets are recorded at historical cost less accumulated amortization and possible impairment. Amortization is recorded on a straight-line basis over the estimated useful life, which is 3–5 years for these assets.

Tangible assets

Tangible assets are recorded at historical cost less accumulated depreciation and possible impairment. Depreciation is recorded on a straight-line basis over the estimated useful life of an asset. The estimated useful lives of tangible assets are as follows:

Machinery and equipment 2–8 years

Other tangible assets 2 years

Impairment of assets

At each reporting date, or more frequently if needed, F-Secure assesses whether there is any indication that an asset may be impaired. Where an indicator of impairment exists, F-Secure makes a formal estimate of the recoverable amount. The recoverable amount of intangible assets that are not ready for use are estimated annually regardless of whether any indication of impairment exists.

Where the carrying amount of an asset exceeds its recoverable amount, the asset is considered impaired and the carrying amount is reduced to its recoverable amount. The recoverable amount is the fair value of an asset less costs of disposal or value in use, whichever is higher. An impairment loss is recorded in the statement of comprehensive income.

A previously recognized impairment loss is reversed only if there has been a change in the estimates used to determine the asset's recoverable amount since the last impairment loss was recognized. The maximum reversal of an impairment loss amounts to no more than the carrying amount of the asset if no impairment loss had been recognized, net of depreciation.

Inventories

Inventories are measured at the lower of cost and net realizable value. Cost is determined by the first-in first-out method. Net realizable value is the estimated selling price that is obtainable, less estimated costs of completion and the estimated costs necessary to make the sale.

Financial instruments

Financial assets

Financial assets are originally measured at fair value. Trade receivables are originally measured with transaction price and later with amortized cost reduced by an expected credit loss for trade receivables. Trade receivables and other receivables are written off from the balance sheet as the rights to associated cash flows end or become transferred to the counterparty. An expected credit loss is recognized for trade receivables according to IFRS 9, Financial Instruments. The amount of expected credit loss is updated at each reporting date to reflect changes in credit risk since initial recognition of the respective financial instrument. The expected credit loss is estimated using a provision matrix where trade receivables are grouped based on historical credit loss experience and characteristics that depict the credit risk of receivables (e.g. geographical area and days past due).

Financial liabilities

F-Secure classifies loans from WithSecure, trade payables and other payables as other financial liabilities which are measured at amortized cost. Financial liabilities are classified as current unless F-Secure has an unconditional right to postpone their repayment by at least 12 months from the end date of the reporting period.

Provisions

Provisions are recognized when F-Secure has a present obligation (legal or constructive) as a result of a past event, the outflow of resources is probable, and a reliable estimate of the amount of the obligation can be made. The amount recognized is a best estimate of the consideration required to settle the obligation at each reporting date. Risks and uncertainties are taken into account when making the estimate.

Management has not recognized nor allocated any provisions in the statement of financial position as at 31 December 2022.

Share-based payment transactions

F-Secure provides incentives to employees in the form of equity-settled share-based instruments. F-Secure's share-based incentive programs are targeted to F-Secure's key personnel. The programs are equity settled. Equity-settled program is valued at fair value at grant date, and the expense is recognized evenly in the statement of comprehensive income over the vesting period with the counter-entry in retained earnings. In programs with market based conditions, the fair value is determined by utilizing commonly used valuation techniques. If a person leaves the company before vesting, the reward is forfeited. F-Secure updates its estimate of the ultimate number of shares at each reporting date. These changes in the estimate are recorded in the statement of comprehensive income.

Presentation of expenses

Classification of expenses by function has been made by presenting direct expenses in their respective functions.

Operating result

IAS 1, Presentation of Financial Statements, does not define the concept of Earnings before interest and taxes (EBIT). F-Secure has defined it as follows: EBIT is the net amount, which consists of revenue and other operating income less cost of revenue, personnel costs, depreciation and amortization, possible impairment losses, and other operating expenses.

Covid-19 impacts on financial reporting in 2022 and 2021

According to management's assessment, the Covid-19 pandemic may have had an impact on the liquidity of F-Secure's customers in the short and longer term. In 2021, a slight risk element in the allowance for expected credit losses was maintained. During 2022 there is no risk element in the provision.

New standards and interpretations not yet effective

New or amended standards or interpretations are not expected to have an impact on the financial statements.

1.3 Carve-out principles

Basis of preparation for the carve-out financial information (until 30 June 2022)

F-Secure operated as part of WithSecure until the completion of the partial demerger on 30 June 2022. The consolidated financial statements have been prepared on a carve-out basis until 30 June 2022 as F-Secure did not operate and report as a separate legal consolidated group throughout the historical periods presented.

The carve-out financial information of F-Secure until 30 June 2022 has been prepared on a carve-out basis from WithSecure's consolidated financial statements using the historical book values for income and expenses, assets and liabilities and cash flows attributable WithSecure's Consumer Security Business transferred to the F-Secure through the partial demerger. WithSecure's Consumer Security Business has historically operated worldwide in legal entities that comprise both Consumer Security Business and Corporate Security Business, including the parent company WithSecure Corporation. Therefore assets, liabilities, income, revenue and expenses and cash flows which are either directly attributable to, have been allocated to or will transfer to F-Secure have been included in the carve-out financial information.

The carve-out financial information has been prepared in accordance with International Financial Reporting Standards (IFRS) as adopted by the EU by 31 December 2022, and in consideration of the specified carve-out principles described in "Carve-out principles applied in the F-Secure carve-out financial information" for determining which assets and liabilities, income and expense as well as cash flows are allocated to F-Secure for the purpose of presenting the carve-out financial information.

IFRS does not provide direct guidance for the preparation of carve-out financial information, and accordingly in preparing the F-Secure's carve-out financial information, certain accounting conventions commonly used for the preparation of historical carve-out financial information have been applied as described below.

F-Secure's carve-out financial information does not necessarily illustrate the results of operations, financial position and cash flows that F-Secure would have generated had it been an independent group. Further, the objective of the carve-out financial information is neither to illustrate or be indicative of F-Secure's future performance, financial position or cash flows.

Carve-out principles applied in the F-Secure carve-out financial information

The following summarizes the carve-out principles applied in preparing F-Secure's carve-out financial information.

The carve-out financial information reflects the revenue and expenses attributable to F-Secure. Revenue and operating expenses of F-Secure that have been specifically identified as pertaining to F-Secure have been attributed directly without separate allocation and apportionment.

Balance sheet items have been generally attributed based on their actual use during the periods presented, that is, if assets and liabilities are primarily used by and relate to F-Secure, they have been attributed to the carve-out statement of financial position. If the asset or liability is not legally transferring to F-Secure in connection with the Demerger, the corresponding cost of using the asset/liability has been included in the carve-out statement of comprehensive income as described in more detail below.

The carve-out financial information also includes the separate allocation of income, expense, assets, liabilities and cash flows which are based on management judgement, assumptions and estimates as described below. The most significant estimates, judgements and assumptions relate to the allocation of the costs of certain centrally provided shared services, leasing arrangements, shared tangible and intangible assets, cash management and financing, determination on current and deferred income taxes and invested equity.

Management considers that the allocations described below have been made on a reasonable basis, but they are not necessarily indicative of the income and costs that would have been incurred if F-Secure had been a standalone entity preparing consolidated financial statements for the periods presented.

The structure of the carve-out financial information

Prior to Demerger, F-Secure did not represent a separate group of legal entities but combines operations that are dedicated to F-Secure Business but that have historically operated as part of the WithSecure entities. The following represents an overview of the WithSecure legal entities that comprised the portion of the results of operations and financial position dedicated to the F-Secure Business and thus form the basis for the carve-out financial information:

WithSecure Corporation (former F-Secure Corporation), Finland
F-Secure Inc, United States
WithSecure GmbH (former F-Secure GmbH), Germany
F-Secure (UK) Ltd, United Kingdom
WithSecure KK (former F-Secure KK), Japan
WithSecure AB (former F-Secure AB), Sweden
WithSecure Srl (former F-Secure Srl), Italy
WithSecure Sp. z.o.o. (former F-Secure Sp z.o.o.), Poland
WithSecure B.V. (former F-Secure B.V.), the Netherlands
F-Secure Iberia SL, Spain,
WithSecure (M) Sdn Bhd (former F-Secure Corporation (M) Sdn Bhd), Malaysia
WithSecure SARL (former F-Secure SARL), France
F-Secure Pvt Ltd, India
WithSecure A/S (former F-Secure Danmark A/S), Denmark
F-Secure do Brasil tecnol. Da informãcao Ltda, Brazil
WithSecure Norge AS (former F-Secure Norge AS), Norway

F-Secure's structure in the carve-out financial information does not represent the legal structure after the Demerger.

Inter-company transactions and transactions with related parties

Intercompany transactions, including assets and liabilities between the F-Secure Business within WithSecure legal entities have been eliminated from F-Secure's carve-out financial information. Intercompany transactions and balance sheet items between the Consumer Security Business and the Corporate Security Business, previously considered as intercompany transactions in WithSecure reporting, have been reported as transactions with related parties in the carve-out financial information. Related party receivables from the remaining WithSecure operations are presented separately in the statement of financial position in the carve-out financial information.

Income statement transactions are presented within the related statement of comprehensive income line item. F-Secure sells consumer products to WithSecure and the amounts in the carve-out financial information were as follows during the periods presented: EUR 50 thousand in the period of 1 January – 30 June 2022 and EUR 407 thousand in 2021. F-Secure purchases corporate products from WithSecure and the amounts were as follows during the periods presented: EUR 171 thousand in the period of 1 January – 30 June 2022 and EUR 415 thousand in 2021.

Centrally provided shared services

WithSecure has historically provided shared support services to Consumer Security and Corporate Security Businesses. WithSecure support functions include Security Research & Technologies ("SRT") and Information & Business Services ("IBS"). SRT is a common R&D unit supporting the whole WithSecure. IBS contains a 24/7 customer support and IT services. WithSecure also has the following common shared functions: People, Operations & Culture, Finance, Legal, Strategy, Marketing and Management ("Other Functions"). SRT, IBS and Other Functions are defined together as "Group Functions".

Historically, WithSecure shared Group Function costs have been allocated to businesses using pre-defined allocation methods. The allocation methods used have been defined to reflect the nature of the underlying function and the utilization of the services of the functions. In the carve-out financial information, the WithSecure shared Group Function costs have been allocated to F-Secure based on utilization of the services such as certain server hosting costs that have been allocated based on the usage of the service or cloud servers and customer care related costs that have been allocated based on the support provided to

F-Secure or using pre-defined allocation keys such as revenue or number of employees.

Management considers these allocations to be a reasonable reflection of the utilization of services provided. These allocated expenses have been affected by the arrangements that existed in WithSecure and are not necessarily representative of the position that may prevail in the future for F-Secure.

Centrally provided shared services costs allocated to the carve-out financial information has been split to different profit and loss statement categories as follows:

EUR 1,000	1–6/2022	2021
Cost of revenue	–1,978	–4,790
Other operating income	371	523
Sales and marketing	–2,991	–4,436
Research and development	–3,595	–6,685
Administration	–7,052	–8,593
Total	–15,246	–23,981

Shared assets and leasing arrangements with remaining WithSecure operations

Historically, Consumer Security Business and Corporate Security Business have operated in shared leased premises and offices in all locations, including the following main premises: Helsinki and Oulu in Finland, Poznan, Poland, and Kuala Lumpur, Malaysia. In the carve-out financial information, no office lease agreements have been allocated to F-Secure as F-Secure is not a legal owner of the lease agreements and those lease agreements have not transferred to F-Secure in connection with the Demerger. Instead, an expense related to the usage of the premises has been included in the carve-out financial information. The expenses allocated to F-Secure for usage of the leased shared assets during the periods presented were EUR

727 thousand in first half of 2022 prior to Demerger and EUR 1,547 thousand in 2021.

Lease expenses related to machinery and cars, that are shared with the remaining WithSecure operations, have been allocated to the carve-out financial information to reflect usage of these assets. These lease agreements will not transfer to F-Secure in connection with the Demerger. The lease expense allocations in the carve-out financial information related to usage by F-Secure during the periods presented were EUR 7 in first half of 2022 prior to Demerger EUR 25 thousand in 2021.

All the above lease expenses were presented as part of operating costs and no right-of-use assets or lease liabilities have been allocated to the carve-out financial information. Lease agreements directly attributable to F-Secure that are transferring to F-Secure in connection with the Demerger have been presented as lease agreements of F-Secure (see notes 5, 12 and 18 for more information).

Certain computers and other IT equipment have been shared between Consumer Security Business and Corporate Security Business. These IT related assets will not transfer to F-Secure in connection with the Demerger. An expense was allocated to the carve-out financial information to reflect the usage of these assets. The allocated expenses included in the carve-out financial information during the periods presented were EUR 65 thousand in first half of 2022 prior to Demerger and EUR 146 thousand in 2021.

Certain intangible assets, mainly computer software, have also been shared between Consumer Security Business and Corporate Security Business. In the carve-out financial information, these intangible assets have not been allocated to F-Secure as they will remain with WithSecure after the Demerger. Instead, an

expense was recognized to reflect the benefit F-Secure has received from these assets during the periods presented in the carve-out financial information. The expense related to utilization of the intangible assets by F-Secure included in the carve-out financial information during the periods presented were EUR 81 thousand in first half of 2022 prior to Demerger and EUR 162 thousand in 2021.

The assets and leasing arrangements presented in the carve-out financial information may differ significantly from the requirements of the standalone F-Secure. F-Secure has entered into new leasing agreements related to premises, other equipment and machinery for its standalone business operations when the Demerger was consummated.

Share-based payment transactions

Historically, F-Secure key personnel have participated in WithSecure's share-based incentive programs. For carve-out purposes, the expenses related to F-Secure personnel are included in the carve-out financial information. The portion related to the Group function participants in the share-based incentive programs has also been allocated to the carve-out financial information as described in the section Centrally provided shared services. The historical cost allocations may not be indicative of the future expenses that will arise through incentive schemes that will be established for F-Secure key personnel in the future.

Income tax

Historically, the F-Secure Business has been included within the same WithSecure legal entities as the WithSecure operations. No tax filings have been made separately for the F-Secure business. The tax expenses in F-Secure's carve-out financial information are determined based on the separate tax return

method as if the F-Secure business represented separate taxpayers in the jurisdiction of their primary operations. The current tax expense in the carve-out financial information is the amount of tax payable or refundable based on hypothetical current year profits of the F-Secure Business and have been presented as current tax expense and as a shareholder transaction through invested equity in the carve-out financial information. Deferred tax has been recorded in F-Secure's temporary differences and the recoverability of deferred tax assets has been assessed as if the two businesses were separate taxpayers. Tax losses have been included to the extent they directly relate to the F-Secure business. The line-item Income tax paid in the cash flow statements in the carve-out information represents the estimated tax to be paid by each F-Secure business in different jurisdictions. The tax expenses recorded in the carve-out financial information might not represent the tax expenses that may arise in the future for the F-Secure business.

Management considers the separate tax return approach to be reasonable, but not necessarily indicative of the tax income or expenses that would have been incurred if the entities and operations were indeed separate taxable entities.

Cash management and financing

Historically, WithSecure has managed the financing of the F-Secure Business and utilized a centralized approach to cash management. In addition to the cash and cash equivalents balances held directly at legal WithSecure group companies, WithSecure pools cash balances, cash deposits and funding directly with the centralized WithSecure Treasury function and therefore there are no balances directly attributable to F-Secure.

As a result, cash and cash equivalents, cash pool receivables and payables, and related interest expense and income are excluded from the carve-out financial information. Corporate level debt or related interest expenses were not allocated to F-Secure, as they were not deemed to be attributable to the F-Secure Business.

In the Demerger, a relative share of the cash related to advance payments received by WithSecure for the sale of F-Secure's products via its direct sales channel, was paid to F-Secure based on the actual deferred revenue balance as at the effective date of the Demerger. The receivable from the parent company has been recognized in the carve-out statement of financial position to reflect the share attributable to F-Secure during the periods presented. Change in this receivable has been recognized against invested equity.

Transfers of cash between WithSecure and F-Secure are included within the Equity financing with WithSecure, net in the Statement of Cash Flows and Equity transactions with WithSecure in the Statement of Changes in Equity.

The financing presented in the carve-out financial information may differ significantly from the future financing requirements of F-Secure on a standalone basis.

Invested equity

Total invested equity attributable to shareholders of F-Secure represents WithSecure's interest in the recorded net assets of F-Secure. Historically, F-Secure has not formed a separate legal group or presented any stand-alone consolidated financial statements, nor does it consist of separate identifiable entities within WithSecure and accordingly, it is not feasible to present share capital or any analysis on equity reserves. The net assets of F-Secure, presented as capital invested in F-Secure, and reported as Invested equity in the statement of financial position, are comprised

of retained earnings, invested equity and cumulative translation differences.

Changes in net assets allocated to F-Secure are presented separately in the statement of changes in equity as Equity transactions with WithSecure and in the statement of cash flows through the line item Equity financing with WithSecure, net reflecting the internal equity financing between WithSecure and F-Secure during the financial periods presented prior to the Demerger. The amounts are affected by the net assets allocated to the F-Secure business consisting of allocation of income and expense and assets and liabilities from the remaining WithSecure operations.

Translation differences arising from translating the results for the financial period and invested equity are recognized in a separate cumulative translation difference account within total invested equity and the changes are presented in other comprehensive income.

The capital structure attributed to F-Secure in connection with the preparation of the carve-out financial information is presented as total invested equity attributable to the shareholders of WithSecure, and as such, is not indicative of the capital structure that F-Secure would have required had it been a standalone entity during the periods presented prior to the Demerger.

Transactions in foreign currency

In carve-out financial information, translated balance sheet and income statement items are allocated to F-Secure or to the remaining WithSecure operations. As part of the allocations, a translation difference related to these allocated items is recognized in invested equity and its change is recorded in the statement of comprehensive income.

2. Segment information

Consumer Security Business consists of designing and providing a comprehensive range of cybersecurity products and services related to data security, privacy protection as well as privacy protection and digital identity protection of consumers' terminal devices, networks and devices connected to a network, sold, in each case, either directly or indirectly, to consumers. F-Secure's operations and profitability is reported as a single operating segment which is consistent with the internal reporting and the way that operative decisions and assessment of performance have been made by F-Secure's management team.

Geographical information

Geographical information about revenue is presented in note 3.

EUR 1,000	2022	Carve-out 2021
Long-term assets
Nordic countries	10,695	6,016
Europe excl. Nordics	1,809	163
North America	2,174	223
Rest of world	160	7
Total	14,838	6,409

3. Revenue

Principles of revenue recognition are stated in Note 1.2 Accounting principles, section Revenue recognition.

Disaggregation of revenue

EUR 1,000	2022	Carve-out 2021
Sales channels
Revenue from external customers
Partner channel	88,052	84,156
Direct channel (E-commerce)	22,965	22,094
Total	111,017	106,250

Geographical information
Revenue from external customers
Europe excl. Nordics	48,653	49,644
Nordic countries	39,426	36,873
North America	17,082	14,572
Rest of world	5,856	5,162
Total	111,017	106,250

Assets and liabilities from contracts with customers

Satisfied performance obligations from contracts with customers that have not yet been invoiced on the reporting date are presented in the balance sheet as Accrued income. The balances relate to products delivered to customers and recognised as revenue but not invoiced. Liabilities from contracts with customers are presented in the balance sheet as Deferred revenue and included in Total non-current liabilities or Total current liabilities depending on the duration of the liability. Prior year current deferred revenue is recognised as revenue in the current period. Remaining performance obligations from contracts with customers represent contracted revenue that has not yet been recognised. These balances are presented as Deferred revenue and relate to obligations to provide software subscription services in contracts with a duration of multiple years.

EUR 1,000	2022	Carve-out 2021
Accrued income	1,651	1,285
Deferred revenue, non-current	3,621	3,112
Deferred revenue, current	17,324	16,660

Increases in deferred revenue resulting from billing were EUR 17,833 thousand for the year ended (EUR 16,556 thousand). Decreases in deferred revenue resulting from satisfying performance obligations were EUR 16,660 thousand for the year (EUR 15,981 thousand)

4. Other operating income

EUR 1,000	2022	Carve-out 2021
Government grants	506	487
Transition services	291
Gains from sale of business	189
Other	90	36
Total	1,076	523

The government grants are received for certain research and development projects and are recognised as income over those periods in which the corresponding expenses arise.

None of the amounts included in Other are individually significant.

No single customer represents 10% or more of revenue.

40 Financial statements F-Secure consolidated

5. Leases

The principles of lease accounting are stated in Note 1.2 Accounting principles, section Leases.

EUR 1,000	2022	Carve-out 2021
Depreciation
Right of use assets
Buildings	438
Cars	131	207
Total	569	207

Interest expense on lease liabilities	20	9
Short-term leases booked as rent expense	34
Right of use assets and liabilities
Right of use assets
Buildings	1,674
Cars	160	250
Total	1,834	250
Lease liabilities
Buildings	1,679
Cars	161	245
Total	1,840	245
Repayments of lease liabilities	612	225

Right of use assets related changes are stated in disclosure 12. Non-current assets.

Interest payments related to lease liabilities are stated in disclosure 9. Financial income and expenses.

Maturity of lease liabilities is stated in disclosure 18. Financial liabilities.

6. Depreciation and amortization

EUR 1,000	2022	Carve-out 2021
Depreciation and amortization of non-current assets
Other intangible assets	38
Capitalized development	1,350	1,303
Intangible assets	1,387	1,303
Machinery and equipment
Right of use assets	569	207
Other tangible assets	20	13
Tangible assets	589	221
Total depreciation and amortization	1,976	1,524
Depreciation and amortization by function
Sales and marketing	601	211
Research and development	1,357	1,313
Administration	18
Total depreciation and amortization	1,976	1,524

41 Financial statements F-Secure consolidated

7. Personnel expenses

Personnel costs presented in the table below combines actual and carve-out figures for 2022. Actual costs for Jul–Dec 2022 includes costs for personnel employed by F-Secure and carve-out costs (all other periods) include costs for direct personnel working for Consumer Security Business.

EUR 1,000	2022	Carve-out 2021
Personnel expenses
Wages and salaries	20,785	16,114
Pension expenses – defined contribution plan	3,204	2,246
Share-based payments	735	551
Other social expenses	1,604	1,291
Total	26,328	20,202

Share-based payments include actual cost for Jul–Dec 2022 and a portion of sharebased payment costs of WithSecure which have been allocated based on Group function allocation for other periods. See further in disclosure Note 17 Share-based payment transactions.

Employee benefits of the management are stated in disclosure 22. Related party transactions.

Average number of personnel	368	245

Personnel by function December 31
Delivery	68	23
Sales and marketing	91	130
Research and development	190	95
Administration	27
Total	376	248

Average number of personnel for 2022 represents the average employees after demerger. For comparison period the average number of personnel consists of direct personnel working in the Consumer Security Business.

8. Audit fees

EUR 1,000	2022	Carve-out 2021
Group auditor
Audit fees, PricewaterhouseCoopers	–103	–134
Other consulting, PricewaterhouseCoopers		–347
Total	–103	–481

The carve-out expenses for the comparison period presented in the table above consist of the expenses of the WithSecure auditor. PricewaterhouseCoopers Oy has provided permissible non-audit services to entities of WithSecure including the above amounts allocated to F-Secure carve-out financial statements, all of which are related to other services. The non-audit fees in 2021 relate to WithSecure's review and evaluation of different strategic options. Audit fees for 2022 consist of fees for the period after 30 June 2022.

Other auditors
Audit fees	–15	–24
Total	–15	–24

9. Financial income and expenses

EUR 1,000	2022	Carve-out 2021
Financial income
Exchange gains	1,289	266
Interest income from receivables	180	7
Other financial income	7	3
Total	1,476	276

Financial expenses
Exchange losses	–1,440	–174
Other interest expenses	–230	–25
Interest expense from lease liabilities	–20	–9
Total	–1,691	–208

42 Financial statements F-Secure consolidated

10. Income tax

This note presents F-Secure's income tax expenses included in the financial statements. The accounting principles of income taxes are stated in Note 1.2 and 1.3, section Income tax.

EUR 1,000	2022	Carve-out 2021
Current income tax for the year	7,979	9,020
Change in deferred tax	424	128
Total	8,403	9,148

A reconciliation of income tax expense in the income statement and income tax calculated at the parent company's country of residence income tax rate (20%):

Result before taxes	38,556	43,567

Income tax at Finnish tax rate of 20%	–7,711	–8,713
Effect of overseas tax rates	–184	–44
Non-deductible expenses/tax-exempt revenue	22	–263
Unrecognised tax losses		60
Utilized tax losses	–242
Adjustments for prior period tax	–20
Other	–268	–188
Total	–8,403	–9,148

Utilized and recognized tax losses included in the financial statements are related to F-Secure's operations in the United States.

11. Earnings per share

Basic earnings per share amounts are calculated by dividing net profit for the year attributable to ordinary equity holders of the parent by the weighted average number of ordinary shares outstanding during the year. Diluted earnings per share amounts are calculated by dividing the net profit attributable to ordinary shareholders by the weighted average number of ordinary shares outstanding during the year adjusted for the effects of dilutive options.

EUR 1,000	2022	Carve-out 2021
Net profit attributable to equity holders	30,153	34,418
Weighted average number of ordinary shares (1,000)	174,527	174,527

Basic and diluted earnings per share (EUR/share)	0.17	0.20

Earnings per share is based on the average number of shares after Demerger and on the number of shares upon formation of F-Secure on 30 June 2022 for all other periods. During the period, F-Secure hasn't had Treasury shares.

12. Non-current assets

	INTANGIBLE ASSETS		TANGIBLE ASSETS
EUR 1,000	Other intangible	Capitalized development	Advance payments & incomplete development	Total	Machinery & equipment	Right of use assets	Other tangible	Total
Acquisition cost Dec 31, 2020	350	14,189	1,711	16,249	171	701		872
Additions			1,643	1,643	22	220		242
Transfers		2,019	–2,019
Disposals						–83		–83
Acquisition cost Dec 31, 2021	350	16,207	1,335	17,893	193	837		1,031
Translation difference					–1	–10		–10
Additions			4,506	4,506	95	2,258	91	2,443
Transfers	588	3,265	–3,853		–2	272		269
Disposals	–350	–11,635		–11,985	–162	–726		–888
Acquisition cost Dec 31, 2022	588	7,837	1,988	10,413	124	2,631	91	2,845
Acc. depreciation Dec 31, 2020	–350	–10,331		–10,681	–152	–426		–578
Depreciation for the period		–1,303		–1,303	–13	–207		–220
Depreciation of disposals						46		46
Acc. depreciation Dec 31, 2021	–350	–11,635		–11,985	–165	–587		–752
Translation difference						9		9
Transfers					2	–272		–269
Depreciation for the period		–1,350		–1,350	–31	–569	–19	–619
Depreciation of disposals	350	11,635		11,985	154	622		775
Acc. depreciation Dec 31, 2022	0	–1,350		–1,350	–41	–797	–19	–857
Book value as at Dec 31, 2021		4,572	1,335	5,908	28	250		278
Book value as at Dec 31, 2022	588	6,487	1,988	9,064	83	1,834	71	1,988

The book values of the right of use assets presented in the above table relate to buildings EUR 1.7 million (0.0m) and cars EUR 0.2 million (0.3m).

Capitalised development expenses relate to capitalised expenditure for F-Secure's development projects (refer to the section on Research and development expenditure included within Intangible assets in Note 1.2 Accounting principles).

44 Financial statements F-Secure consolidated

13. Inventories

The accounting principles of inventories are stated in Note 1.2 Accounting principles, section Inventories.

EUR 1,000	2022	Carve-out 2021
Inventories	41	51

The inventory balances included in the financial statements consist of the packaging used for license key cards.

14. Financial assets

This note presents F-Secure's financial assets included in the financial statements. The accounting principles of financial assets are stated in Note 1.2 Accounting principles, section Financial instruments.

EUR 1,000	2022	Carve-out 2021
Cash at bank and in hand	22,953
Related party receivable from WithSecure		12,099
Interest-bearing receivables	3,693
Trade receivables	18,243	14,890
Total	44,890	26,990

Prior to Demerger on 30 June 2022, no cash was allocated to F-Secure in the carve-out financial information. Refer to the section on Cash management and financing in Note 1.3 Carve-out principles.

Trade receivables

Ageing of trade receivables

Not fallen due	15,068	13,611
1–90 days past due	3,139	1,292
Over 90 days past due	430	593
Less allowances for expected credit losses	–394	–606
Total	18,243	14,890

Movements in loss allowances on trade receivables

Book value as at Jan 1	606	737
Change for the year	–104	–127
Receivables written off during the year	–107	–4
Book value as at Dec 31	394	606

15. Other receivables

EUR 1,000	2022	Carve-out 2021
Current receivables
Other receivables	702	118
Prepaid expenses	3211	3768
Accrued income	1,651	1,285
Accrued tax	1,028	329
Total	6,591	5,499

Material items included in prepaid expenses
Prepaid royalty	846	936
Grant receivables	52	242
Other prepaid expenses	2,313	2,589
Total	3,211	3,768

16. Shareholders' Equity

Issued and fully paid

	Number of shares	Share capital	Unrestricted equity reserve
Demerger 30.6.2022	174,526,944	80	9,590
31.12.2022	174,526,944	80	9,590

The share capital amounted to 80,000 euro was formed in the demerger on 30 June 2022.

The number of shares was 174,526,944 (no own shares) at the end of 2022.

A share has no nominal value. Accountable par value is EUR 0.01.

Translation differences

The translation difference is used to record exchange difference arising from the translation of the financial statements of foreign subsidiaries.

Unrestricted equity reserve

Unrestricted equity reserve was formed in connection with demerger on 30 June 2022.

Dividends proposed

Proposed for approval at AGM for financial year 2022 is that dividend of 0.07 euro per share will be paid.

Treasury shares

At the end of 2022 company doesn't hold any treasury shares.

17. Share-based payment transactions

Prior to demerger, F-Secure personnel have participated in the incentive plans in WithSecure and the ongoing incentive programs from WithSecure continue. All long-term incentive plan allocations made originally in the shares of WithSecure were adjusted through a modification to be the allocation of F-Secure Corporation after the demerger. The effect of the plans and related expenses attributable to F-Secure for each financial year are presented below. Additionally during the carve-out period, the total costs include a portion of share-based payments related to Group Functions which have been allocated to F-Secure as part of the centrally provided shared services as described in Note 1.3, Carve-out principles. Accounting principles for share-based payments are stated in Note 1.2 Accounting principles, section Sharebased payment transactions.

Share-based incentive programs

During the period the Group had several share-based incentive program. The share-based incentive programs have been established as part of the key employee incentive and retention system within F-Secure. The programs offer for the participants a possibility to receive shares of F-Secure Corporation as an incentive reward if the Company's financial targets set for the earning period have been achieved. No reward can be given to any participating employee, whose employment has terminated before the end of the lock-up period.

Share-based incentive program 2020–2022

WithSecure established originally in February 2020 a new share-based incentive program 2020–2022. The program's duration is five years and it comprises three earning periods, 2020–2022 with the grant date in April 2020, 2021–2023 with the grant date in April 2021, and 2022–2024 with the grant date in March 2022. Each earning period lasts for three years. The program ends on December 31, 2024. The value of WithSecure share at grant date for the program were EUR 2.18 for the 2020–2022 earning period, EUR 3.42 for the 2021–2023 earning period, and EUR 5.12 for the earning period 2022–2024. After demerger, there were adjustments made to earning periods 2021–2023 and 2022–2024 using the reference prices of the two new companies. Criteria measurement for 2020–2022 was decided to execute as if the two companies would still form the old entity. After the demerger allocations made originally in the sares of WithSecure were adjusted through modifications. There was no fair value increase resulting from the modifications. The rewards will be settled equity-settled.

The vesting of the rewards for all periods was conditional to the participant remaining in the service of F-Secure. In addition, the 2020–2022 period has a performance condition based on F-Secure's and WithSecure's relative total shareholder return of WithSecure's and F-Secure's share and the periods 2021–2023 and 2022–2024 have a performance condition based on absolute total shareholder return of F-Secure's

share. The Board approves the metrics, targets and participants on annual basis for each earning period.

In accordance with the terms of the program, no retentions are expected at the date of this financial statement. The expense arising from the Share-based incentive program 2020–2022 was EUR 269 thousand in 2022 after the demerger, EUR 333 thousand during carve-out period in 2022 and EUR 378 thousand in 2021.

Restricted share plan

WithSecure established a restricted share plan in February 2020. The program's duration is five years. The restricted share plan complements the incentive programs and comprises three earning periods: 2020–2021 with the grant date in October 2020, 2021–2022 with the grant date in August 2021, and 2021–2023 with the grant date in January 2021. Only 2021–2022 program is applicable for F-Secure. The values of the WithSecure share at grant date for this program was EUR 4.04 and the maximum total of shares to be given is 40,000 shares. The rewards will be equity settled.

The vesting of the rewards for all periods is conditional on the participant remaining in the service of F-Secure. The Board approved the metrics, targets and participants on an annual basis for each earning period. In accordance with the terms of the program, no retentions are expected at the date of this financial statement. The expense arising from the restricted share plan was EUR 59 thousand in 2022, EUR 59 thousand during carve-out and EUR 121 thousand in 2021.

The participating employee of a share-based incentive program shall be entitled to the shareholder rights of the reward shares (e.g., dividend) from the moment the shares have been entered into the participating employee's book-entry account.

The costs of equity-settled transactions are measured by reference to the fair value of shares at the date on which they are granted. Fair value for performance based programs is based on the share price on the grant date. Fair value for market based programs is based on externally accepted valuation methods. The costs of cashsettled transactions are measured by reference to the market price of the share on the balance sheet date. F-Secure updates the estimate of the number of equity instruments that will ultimately vest at each reporting date.

Employee share savings plan

During 2022, F-Secure launched a employee share savings plan which was available for all employees. The plan consists of annually commencing plan periods, each one comprising of a 12-month savings period and a holding period following the savings period. The first plan period commenced on 1 October 2022 and ends on 30 September 2025. Every employee was eligible to save a proportion of their salaries and invest those savings in F-Secure shares. The savings will be used for acquiring F-Secure shares quarterly after the publication of the respective interim reports. F-Secure grants the participating employees a gross reward of one matching share

for every two shares acquired with their savings. The first acquisition of shares is in Q1 2023 and the maximum number of of matching shares is approximately 200,000 shares.

The vesting of the rewards is conditional on the participant remaining in the service of F-Secure and on an initial investment. The Board approves the metrics, targets, and participants on an annual basis for each earning period. The expense arising from the employee shares savings plan was EUR 16 thousand in 2022.

Impacts of share-based payment transactions on financial statements

	2022	Carve-out 2022	Carve-out 2021
Booked as expense during the period	344	392	551
Booked in retained earnings during the period	344	–208	401
Balance sheet liability at the end of the period	16		263

18. Financial liabilities

F-Secure's financial liabilities consist of trade payables and interest-bearing liabilities. Interest-bearing liabilities include structuring loans towards WithSecure as well as leased cars and buildings (see Note 1.2 Accounting principles, section Leases and Note 5. Leases).

Contractual maturities of financial liabilities

Interest-bearing liabilities

EUR 1,000	2022	Carve-out 2021
Lease liabilities	1,840	245
Other interest-bearing liabilities	5,498
Total	7,338	245

Prior to completion of the demerger, WithSecure's consumer business conducted by its foreign subsidiaries was separated from the rest of the business into separate companies through business acquisitions or similar transactions in each relevant country. The transaction prices vary between approximately EUR 70 thousand and EUR 3.0 million. The payback time for the resulting payables and receivables is primarily three years from the effective date of each local transaction, and prepayment is allowed. The interest rate for the unpaid transaction price varies by country. F-Secure's payables totaled EUR 5.5 million, presented in the table above as Other interest-bearing liabilities (non-current).

F-Secure has a revolving credit facility with Nordea Bank Abp amounting to EUR 10.0 million with a maturity of three years and with an equity ratio-based margin grid. Financial covenants include Net Debt to EBITDA and an equity ratio and other standard covenants to similar unsecured transactions. Revolving credit facility is undrawn as at the period end.

Contractual maturities of interest-bearing liabilities

EUR 1,000	2022	Carve-out 2021
Amount due for settlement within 12 months	957	136
Amount due for settlement after 12 months	6,381	109
Total	7,338	245

2022 EUR 1,000	Less than 1 year	1 to 2 years	2 to 3 years	3 to 4 years	Total contractual cash flows	Carrying amount
Lease liabilities	982	845	41	6	1,873	1,840
Other interest-bearing liabilities			5,498		5,498	5,498
Trade payables	1,398				1,398	1,398
	2,380	845	5,539	6	8,770	8,737

Carve-out 2021					Total contractual cash
EUR 1,000	Less than 1 year	1 to 2 years	2 to 3 years	3 to 4 years	flows	Carrying amount
Lease liabilities	140	68	33	10	250	245
Trade payables	1,439				1,439	1,439
	1,579	68	33	10	1,689	1,684

47 Financial statements F-Secure consolidated

19. Financial assets and liabilities

Classes and categories of financial assets and liabilities and their fair values

Fair value hierarchy levels 1 to 3 are based on the degree to which the fair value is observable:

Level 1: Fair values of financial instruments are based on quoted prices in active markets for identical assets and liabilities

Level 2: Financial instruments are not subject to trading in active and liquid markets. The fair values of financial instruments can be determined based on quoted market prices and deduced valuation.

Level 3: Measurement of financial instruments is not based on verifiable market information, and information on other circumstances affecting the value of the instruments is not available or verifiable.

The carrying amounts of F-Secure's financial assets and liabilities are considered to approximate their fair values based on their nature and short maturity. F-Secure's financial assets and liabilities are presented in the following tables.

		Carrying value
2022		Financial assets	Financial liabilities
EUR 1,000		Note Amortized cost Amortized cost		Total
Cash and bank	(14)	22,953		22,953
Interest-bearing receivables	(14)	3,693		3,693
Trade receivables	(14)	18,243		18,243
Trade payables	(18)		1,398	1,398
Lease liabilities	(18)		1,840	1,840
Other interest-bearing liabilities	(18)		5,498	5,498

Carve-out 2021		Financial assets	Financial liabilities
EUR 1,000	Note Amortized cost Amortized cost			Total
Related party receivable from WithSecure	(14)	12,099		12,099
Trade receivables	(14)	14,890		14,890
Trade payables	(18)		1,439	1,439
Lease liabilities	(18)		245	245

General

The responsibility for F-Secure's risk management lies with the CEO, management and ultimately with the Board of Directors. The goal of risk management is to identify risks that may hinder the company from achieving its business objectives. The risks related to F-Secure's financial instruments are mainly related to credit risks. Currency risk is monitored also. After demerger, F-Secure has established its own treasury function and developed its own financial risk management policies in order to maintain an effective risk management function.

Credit risk

F-Secure trades only with recognized, creditworthy third parties. Trade receivables are monitored and collected on an ongoing basis. The maximum exposure to credit risk at the reporting date is the carrying value of trade receivables. Trade receivables do not include any major concentrations of credit risk by customer. The top three customers account for 8.7%, 8.2% and 8.1% in 2022 (9.3%, 9.2% and 6.1% in 2021) of trade receivables. See Note 14 Financial assets.

Liquidity risk

Liquidity risk arises if the Group's existing liquidity reserves, net cash flows and available additional financing are not sufficient to cover commitments falling due within next 12 months. Group manages its liquidity risk by centralizing the management of cash and liquid assets and thereby optimizing the use of liquid funds for operational and refinancing needs. Group Treasury is responsible for monitoring cash balances and cash forecasts to keep liquidity risk at manageable level. The Group has not identified any significant concentrations of liquidity risks in sources of available financing.

Foreign currency risk

The Group operates globally and is exposed to a currency risk arising from exchange rate fluctuations against its reporting currency euro. Transaction risk is related to foreign currency transactions in sales and expenses. Translation risk arises from the Group's net investments outside euro zone.

Transaction risk

Transaction risk arises from future commercial transactions and recognized assets and liabilities denominated in a currency that is not the functional currency of the relevant group entity. The majority of sales is invoiced in euro. The other main currencies for invoicing are US dollar (USD), the Swedish krona (SEK), the pound sterling (GBP) and the Japanese yen (JPY). The currency risk arising from sales invoicing is reduced by operational expenses arising in the same currencies as the sales invoicing. The transaction risk is managed centrally such that the F-Secure operations mainly have transactions in their legal entities' functional currency and intercompany transactions are carried out in the group entities functional currencies.

The main foreign currency risk arises from USD denominated sales invoicing, purchases and intercompany transactions at the F-Secure parent entity level, creating volatility in the financial income and expenses.

	2022	Carve-out 2021
Sales in different currencies	%	%
EUR	73	75
USD	15	13
SEK	4	4
GBP	4	3
JPY	3	3
Other currencies	1	2
	100	100

The carrying euro (thousand) amounts of the Group's financial assets and liabilities at the reporting date are as follows:

Financial assets	2022	%	Carve-out 2021	%
EUR	31,183	69	23,503	87
USD	7,834	17	2,631	10
GBP	2,904	6	455	2
Other currencies	2,968	7	401	1
	44,890	100	26,989	100

Financial liabilities	2022	%	Carve-out 2021	%
EUR	5,648	65	828	49
JPY	1,511	17
MYR	933	11
USD	56	1	347	21
Other currencies	589	6	508	30
	8,737	100	1,684	100

Financial liabilities in the above table also include lease liabilities.

The table below demonstrates how sensitive F-Secure's profit before taxes is to foreign exchange rate fluctuations when all other variables are held constant. The open exposure against USD arising from F-Secure trade receivables and trade payables have an impact on F-Secure's profit before taxes. The sensitivity calculation is based on a change of 10% in the Euro exchange rate against the functional currencies F-Secure operates in. There were no other material exposures.

EUR million	2022	Carve-out 2021
USD	–0.7/+0.8	+/–0.2

Translation risk

Translation risk arises from the F-Secure's net investments in foreign currencies. Translation differences arise from translating balances into euro using exchange rates prevailing on the reporting date. According to current policy, F-Secure does not hedge investments made in its subsidiaries.

Foreign exchange translation differences range from EUR 0.1 million to EUR 0.2 million for the periods reported with limited sensitivity to foreign exchange rate fluctuations.

Interest rate risk

F-Secure is exposed to interest rate risk due to other interest-bearing liabilities which relate to structuring loans against WithSecure. The interest rate varies by country. In addition F-Secure has a revolving credit facility (RCF) of EUR 10 million. The RCF carries a variable interest rate. At the end of period revolving credit facility is undrawn.

Capital management

F-Secure's shareholders' equity is managed as capital. The objective of F-Secure's capital management is to maintain an efficient capital structure that ensures the functioning of business operations and promotes shareholder value. F-Secure's capital structure is reviewed regularly as a part of financial performance monitoring. The capital structure can be adjusted among other things by distribution of dividends, share repurchase or capital repayment. The dividend policy of F-Secure Corporation is to aim to pay around or above 50 per cent of its net profit as dividend on an annual basis. Subject to circumstances, the F-Secure can deviate from this policy.

20. Deferred tax

EUR 1,000	2022	Carve-out 2021
Deferred tax assets relate to following:
Accruals and provisions	127
Tax losses carried forward		223
Total	127	223
Offset against deferred tax liabilities	–34
Net deferred tax assets	93	223

Change in deferred tax assets:
Recognized in profit or loss	–223	–188

Deferred tax liabilities relate to the following:
Accruals and provisions	–563	–227
Total	–563	–227
Offset against deferred tax assets	34
Net deferred tax liabilities	–528	–227

Change in deferred tax liabilities:
Recognized in profit or loss	86	60

At 31 December 2021 F-Secure had EUR 0.2 million losses carried forward that are available to be offset against future taxable profits in the companies in which the losses have been generated. The losses have been used during 2022.

21. Other liabilities

EUR 1,000	2022	Carve-out 2021
Non-current liabilities
Deferred revenue	3,621	3,112
Other non-current liabilities	81	46
Total	3,702	3,158

Current liabilities
Deferred revenue	17,324	16,560
Trade payables	1,398	1,439
Other liabilities	1,156	1,126
Accrued expenses	5,263	6,647
Income tax liabilities	1,152
Total	26,294	25,772

Material amounts shown under accrued expenses
Accrued personnel expenses	4,952	5,950
Deferred royalty		36
Other accrued expenses	312	661
Total	5,263	6,647

Other liabilities under Current liabilities consist mainly of personnel and VAT related accruals.

22. Related party disclosures

The Group's related parties include Parent company and subsidiaries as well as members of the Board, CEO and other members of the Leadership Team, their family members and organizations in which these individuals have direct or indirect control or significant influence.

For carve-out period the related party included WithSecure's CEO and other members of the Leadership Team and the members of the Board of Directors of WithSecure, as F-Secure didn't have a separate management team prior to demerger. Related party transactions and balances with the remaining WithSecure entities are presented in the section Inter-company transactions and transactions with related parties in Note 1.3 Carve-out principles. After the partial demerger it has been concluded that F-Secure's related party doesn't consist of WithSecure anymore.

The table below presents compensation of key management. For carve-out periods the amounts presented are indicative and based on allocation.

Compensation of key management personnel of the Group

EUR 1,000	2022	Carve-out 2022	Carve-out 2021
Wages and other short-term employee benefits	1,187	559	823
Pensions	299	92	139
Share-based payments		52	73
Total	1,486	703	1,035

The table below presents the portion of the employee benefits of the key employees belonging to F-Secure's management after demerger 30 June 2022. For comparison period carve-out expenses for Board of Directors allocated to F-Secure were EUR 54 thousand.

Wages and other short-term employee benefits

EUR 1,000	2022
Wages and other short-term employee benefits
CEO	180
Leadership Team	1,007
Members of the Boards of Directors	255
Total	1,442

Board of Directors and Managing Director

EUR 1,000	Wages	Fees
Timo Laaksonen, Managing Director	180
Pertti Ervi, Chair of the Board		80
Risto Siilasmaa		38
Thomas Jul		38
Madeleine Lassoued		38
Petra Teräsaho		48
Calvin Gan		13
Total	180	255

The CEO's retirement age and the determination of his pension conform to the standard rules specified by Finland's Employee Pension Act (TYEL). The pension cost of the CEO during the period after demerger on 30 June 2022 was 45 thousand euro. The period of notice for the CEO is six (6) months both ways and CEO is entitled to severance payment equivalent of six (6) months' salary.

23. Subsidiaries

Name	Country of incorporation	Group (%)
Parent F-Secure Corporation, Helsinki	Finland
F-Secure Data Oy, Helsinki	Finland	100
F-Secure Data Oy, Norwegian branch	Norway	100
F-Secure Data Oy, Danish branch	Denmark	100
F-Secure Inc., Palo Alto	United States	100
F-Secure (UK) Ltd, Buckinghamshire	United Kingdom	100
F-Secure KK, Tokyo	Japan	100
F-Secure GmbH, Munich	Germany	100
F-Secure SAS, Paris	France	100
F-Secure AB, Stockholm	Sweden	100
F-Secure Srl, Milan	Italy	100
F-Secure Poland SP z.o.o., Poznan	Poland	100
F-Secure Sdn Bhd, Kuala Lumpur	Malaysia	100
F-Secure Pvt Ltd, Mumbai	India	100
F-Secure B.V., Hilversum	The Netherlands	100
F-Secure Iberia SL, Barcelona	Spain	100
F-Secure do Brasil Tecnol. da Informãcao Ltda, Saõ Paulo	Brazil	100

24. Subsequent events

No material changes regarding the company's business or financial position have materialized after the end of the financial year.

Income statement 30 June–31 December 2022

EUR 1,000		FAS 30 June – 31 December 2022

REVENUE	(1)	53,391

Cost of revenue	(4)	–4,181
GROSS MARGIN		49,210

Other operating income	(2)	1,090
Sales and marketing	(3, 4)	–14,759
Research and development	(3, 4)	–7,873
Administration	(3, 4)	–13,670

EBIT		13,998

Financial income and expenses	(6)	2,022
PROFIT (LOSS) BEFORE APPROPRIATIONS AND TAXES		16,020

Income taxes	(7)	–2,735

RESULT FOR THE FINANCIAL YEAR		13,285

Balance sheet 31 December 2022

EUR 1,000		FAS 2022

ASSETS
NON-CURRENT ASSETS
Intangible assets	(9)	9,064
Tangible assets	(9)	61
Investments in group companies	(9)	53
Total non-current assets		9,178

CURRENT ASSETS
Inventories	(10)	41
Trade and other receivables	(11)	24,219
Cash and bank accounts	(12)	18,673
Total current assets		42,933

TOTAL ASSETS		52,110

EUR 1,000		FAS 2022

SHAREHOLDERS' EQUITY AND LIABILITIES
SHAREHOLDERS' EQUITY	(13, 14)
Share capital		80
Reserve for invested unrestricted equity		9,590
Retained earnings
Profit for the financial year		13,285
Total shareholders' equity		22,956
LIABILITIES
Long-term liabilities	(16)	4,740
Short-term liabilities	(16)	24,414
Total liabilities		29,155

TOTAL SHAREHOLDERS' EQUITY AND LIABILITIES		52,110

Cash flow statement 30 June–31 December 2022

EUR 1,000	FAS 30 June – 31 December 2022
Cash flow from operations
Result for the financial year	13,285
Adjustments
Depreciation and amortization	684
Other adjustments	1,594
Financial income and expenses	–2,022
Income taxes	2,735
Cash flow from operations before change in working capital	16,276
Change in net working capital
Current receivables, increase (–), decrease (+)	–26,154
Inventories, increase (–), decrease (+)	–41
Non-interest bearing debt, increase (+), decrease (–)	29,008
Cash flow from operations before financial items and taxes	19,088
Interest expenses paid	–1
Interest income received	36
Other financial income and expenses	–251
Income taxes paid	–2,636
Cash flow from operations	16,237

EUR 1,000	FAS 30 June – 31 December 2022

Cash flow from investments
Investments in intangible and tangible assets	–9,808
Acquisition of subsidiaries,	–53
Dividends received	2,565
Cash flow from investments	–7,296
Cash flow from financing activities
Increase in share capital	9,670
Cash flow from financing activities	9,670
Change in cash	18,611
Effect of exchange rate changes on cash	62
Cash and bank at the beginning of the period	-
Cash and bank at period end	18,673

Notes to the parent company Financial Statements

Basic information

F-Secure is a cybersecurity company who designs and offers security and privacy products and services to consumers to protect themselves against online threats.

F-Secure Corporation is the parent company of F-Secure Group, incorporated in Finland and domiciled in Helsinki. F-Secure Corporation was established through partial demerger on 30 June 2022 and the accounting period is 30 June – 31 Dec 2022. In the demerger F-Secure Corporation received assets and liabilities from WithSecure Corporation on 30 June 2022. Assets and liabilities were transferred with book values, and the transferred net equity was 9,670 thousand euro. Demerger plan, dated 17 February 2022, defines further which assets and liabilities were transferred. Company's registered address is Tammasaarenkatu 7, 00180 Helsinki. Copy of consolidated financial statements can be downloaded from www.f-secure. com or can be received from the Company's registered address.

Accounting principles

The financial statement of F-Secure Corporation has been prepared in accordance with Finnish Accounting Standards (FAS).

Foreign currency translation

Foreign currency transactions are translated using the exchange rates prevailing at the dates of the transactions. On the reporting date, assets and liabilities denominated in foreign currencies are translated using the European Central Bank's exchange rates prevailing at that date. Exchange rate gains and losses are recognized in financial items in the income statement.

Revenue recognition

Presentation of receivables and liabilities from contracts with customers

Receivables from contracts with customers are presented in the balance sheet as Accrued Income. Liabilities from contracts with customers are presented in the balance sheet as Deferred revenue and included in Total non-current liabilities or Total current liabilities depending on the duration of the liability.

Pensions

F-Secure's pension arrangements are defined contribution plans in accordance with local statutory requirements. Contributions to defined contribution plans are recognized in income statement in the period to which the contributions relate. The Company recognizes the disability commitment of TyEL pension plan when disability appears.

Leases

Leases where the lessor retains substantially all the risks and benefits of ownership of the asset are classified as operating leases. Operating lease payments are recognized as an expense in the income statement on a straight-line basis over the lease term. The Company has only operating leases.

Income taxes

Current income taxes are calculated in accordance with the local tax and accounting rules.

Tangible and intangible assets

Intangible assets include intangible rights and software licenses. Tangible and intangible assets are recorded at historical cost less accumulated depreciation, amortization, and possible impairment. Depreciation and amortization is recorded on a straight-line basis over the estimated useful life of an asset. The estimated useful lives of tangible and intangible assets are as follows:

Machinery and equipment	2–3 years
Capitalized development costs	3–5 years
Intangible rights	3–5 years
Intangible assets	3–5 years

Ordinary repairs and maintenance costs are charged to the income statement during the financial period in which they are incurred. The cost of major renovations is included in the assets' carrying amount when it is probable that the Company will derive future economic benefits in excess of the originally assessed standard or performance of the existing asset. Any gain or loss arising on derecognition of the asset (calculated as the difference between the net disposal proceeds and the carrying amount of the asset) is included in the income statement in the year the asset is derecognized.

Research and development expenditure

Research expenditure is recognized as an expense at the time it is incurred. Development expenditures are capitalized as intangible assets.

Inventories

Inventories are measured at the lower of cost and net realizable value. Cost is determined by first-in first-out method. Net realizable value is the estimated selling price that is obtainable, less estimated costs of completion and the estimated costs necessary to make the sale.

Financial assets and liabilities

Cash and cash equivalents in the balance sheet comprise cash at bank and in hand and other highly liquid short-term investments.

F-Secure classifies loans from financial institutions, trade payables and other payables as other financial liabilities which are measured at amortized cost. Financial liabilities are classified as current unless F-Secure has unconditional right to postpone their repayment by at least 12 months from the end date of the reporting period.

Presentation of expenses

Classification of the functionally presented expenses has been made by presenting direct expenses in their respective functions.

1. Revenue

EUR 1,000	FAS 2022
Geographical information
Nordic countries	19,832
Europe excl. Nordics	24,184
North America	6,914
Rest of the world	2,462
Total	53,391

2. Other operating income

EUR 1,000	FAS 2022
Government grants	181
Transition services	291
Other	618
Total	1,090

Government grants are recognized as income over those periods in which the corresponding expenses arise. Other operating income includes e.g. subsidiary recharges.

3. Depreciation and amortization

EUR 1,000	FAS 2022
Depreciation and amortization of non-current assets
Other intangible assets	–4
Capitalized development	–675
Intangible assets	–679

Machinery and equipment	–5
Tangible assets	–5

Total depreciation and amortization	–684

Depreciation and amortization by function
Sales and marketing	–6
Research and development	–678
Total depreciation and amortization	–684

4. Personnel expenses

Personnel expenses

Wages and salaries	–6,814
Pension expenses	–1,425
Other social expenses	–254
Total	–8,493

Compensation of key management personnel
Wages and other short-term employee benefits	–897

Wages and other short-term employee benefits
Managing Director	–180
Members of the Board of Directors	–255

Wages and other short-term employee benefits of the Board of Directors and Managing Director: see group disclosure 22. Related party disclosures.

The Managing Director's retirement age and the determination of his pension conform to the standard rules specified by Finland's Employee Pension Act (TYEL). The pension cost of the Managing Director during the period after demerger on 30 June 2022 was 45 thousand euro. The period of notice for the Managing Director is six (6) months both ways and Managing Director is entitled to severance payment equivalent of six (6) months' salary.

	FAS 2022
Average number of personnel	243

Personnel by function Dec 31
Delivery	36
Sales and marketing	34
Research and development	153
Administration	21
Total	244

5. Audit fees

EUR 1,000	FAS 2022
Audit fees, PricewaterhouseCoopers	–95
Total	–95

7. Income taxes

EUR 1,000	FAS 2022
Income tax for the year	–2,735
Total	–2,735

Result before appropriations and tax	16,020

6. Financial income and expenses

EUR 1,000	FAS 2022
Interest income	36
Interest expense	–1
Other financial income	5
Dividends	2,565
Exchange gains and losses	–430
Other financial expenses	–153
Total	2,022

8. Non-current assets

	INTANGIBLE ASSETS			TANGIBLE ASSETS
	Other intangible	Capitalized development	Incomplete development	Advance payments	Total	Machinery & equipment	Other tangible	Total
Acquisition cost Jun 30, 2022		3,898	2,346	134	6,378	9		9
Additions	588		2,359	413	3,361	28	33	60
Transfers		3,265	–3,265
Acquisition cost Dec 31, 2022	588	7,162	1,441	548	9,739	37	33	69
Acc. depreciation Jun 30, 2022
Depreciation for the period		–675			–675	–5	–4	–9
Acc. depreciation Dec 31, 2022		–675			–675	–5	–4	–9
Book value as at June 30, 2022		3,898	2,346	134	6,378	9		9
Book value as at Dec 31, 2022	588	6,487	1,441	548	9,064	32	29	61

9. Investments in group companies

	Shares in group companies	Total
Book value as at June 30	53	53
Book value as at Dec 31	53	53

Name	Country of incorporation	Share of ownership (%)
Parent F-Secure Corporation, Helsinki	Finland
F-Secure Data Oy, Helsinki	Finland	100
F-Secure Inc., Palo Alto	United States	100
F-Secure (UK) Ltd, Buckinghamshire	United Kingdom	100
F-Secure GmbH, Munich	Germany	100
F-Secure Pvt Ltd, Mumbai	India	100
F-Secure Iberia SL, Barcelona	Spain	100

10. Inventories

EUR 1,000	FAS 2022
Other inventories	41

11. Receivables

EUR 1,000	FAS 2022
Current receivables
Trade receivables	14,255
Other receivables	1,066
Prepaid expenses and accrued income	4,133
Total	19,454

Receivables from group companies
Trade receivables	3,798
Other receivables	967
Total	4,765

Current receivables total	24,219

Material items included in prepaid expenses and accrued income
Prepaid royalty	846
Grant receivables	52
Other prepaid expenses	1,738
Accrued income	1,497
Total	4,133

12. Cash and short-term deposits

EUR 1,000	FAS 2022
Cash at bank and in hand	18,673

13. Statement of changes in shareholders' equity

Parent Company FAS

EUR 1,000	Share capital	Unrestricted equity reserve	Retained earnings	Total equity
Equity Jun 30, 2022	80	9,590		9,670
Result of the financial year			13,285	13,285
Equity Dec 31, 2022	80	9,590	13,285	22,956

60 Financial statements F-Secure Corporation

14. Shareholders' equity

Issued and fully paid

	Number of shares	Share capital	Unrestricted equity reserve
Demerger 30. 6. 2022	174,526,944	80	9,590
31. 12. 2022	174,526,944	80	9,590

The share capital amounted to 80,000 euro was formed in the demerger on 30 June 2022.

The number of shares was 174,526,944 (no own shares) at the end of 2022.

A share has no nominal value. Accountable par value is EUR 0.01.

Distributable shareholders' equity on December 31, 2022

EUR 1,000
Unrestricted equity reserve	9,590
Result of the financial year	13,285
Less capitalized development expense	–7,928
Distributable shareholders' equity on December 31, 2022	14,947

15. Share-based payment transactions

See group disclosure 17. Share-based payment transactions.

16. Liabilities

EUR 1,000	FAS 2022
Non-current liabilities
Deferred revenues	3,541
Total	3,541

Liabilities to the group companies
Cashpool	1,199
Total	1,199

Total non-current liabilities	4,740

Current liabilities
Deferred revenues	16,856
Trade payables	1,563
Other liabilities	408
Accrued expenses	4,971
Total	23,797

Liabilities to the group companies
Trade payables	54
Other liabilities	563
Total	617

Total current liabilities	24,414

Material amounts shown under accruals and deferred income
Accrued personnel expenses	3,677
Accrued expenses	1,194
Accrued tax	99
Total	4,971

17. Financial risk management objectives and policies

See Group disclosure 19. Financial assets and liabilities.

18. Operating lease commitments

The Group has commercial leases on office space and on motor vehicles. Leases have an average life of two to three years with renewal terms included in the contracts.

Future minimum rentals payable under non-cancellable operating leases as at 31 December are as follows:

As lessee

EUR 1,000	FAS 2022
Within one year	808
After one year but not more than five years	807
Total	1,615

Signatures of the Board of Directors

Helsinki, February 16, 2023

Pertti Ervi Risto Siilasmaa Madeleine Lassoued Chair

Thomas Jul Petra Teräsaho Calvin Gan

Timo Laaksonen Managing director

Auditors' note

Our auditors' report has been issued today.

Helsinki, February 16, 2023

PricewaterhouseCoopers Oy Authorized Public Accountants

Janne Rajalahti Authorized Public Accountant

63 Auditor's report

Auditor's Report

(Translation of the Finnish Original)

To the Annual General Meeting of F-Secure Oyj

Report on the Audit of the Financial Statements

Opinion

In our opinion

the consolidated financial statements give a true and fair view of the group's financial position and financial performance and cash flows in accordance with International Financial Reporting Standards (IFRS) as adopted by the EU
the financial statements give a true and fair view of the parent company's financial performance and financial position in accordance with the laws and regulations governing the preparation of the financial statements in Finland and comply with statutory requirements.

Our opinion is consistent with the additional report to the Audit Committee.

What we have audited

We have audited the financial statements of F-Secure Oyj (business identity code 3269349-7) for the year ended 31 December 2022. The financial statements comprise:

statement of financial position 31 December 2022, the statement of comprehensive income, statement of cash flows, statement of changes in equity and notes, including a summary of significant accounting policies for the period 1 January – 31 December 2022.
balance sheet 31 December 2022, the parent company's income statement, cash flow statement and notes for the period 30 June – 31 December 2022.

Basis for Opinion

We conducted our audit in accordance with good auditing practice in Finland. Our responsibilities under good auditing practice are further described in the Auditor's Responsibilities for the Audit of the Financial Statements section of our report.

We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our opinion.

Independence

We are independent of the parent company and of the group companies in accordance with the ethical requirements that are applicable in Finland and are relevant to our audit, and we have fulfilled our other ethical responsibilities in accordance with these requirements.

To the best of our knowledge and belief, the non-audit services that we have provided to the parent company and to the group companies are in accordance with the applicable law and regulations in Finland and we have not provided non-audit services that are prohibited under Article 5(1) of Regulation (EU) No 537/2014. The non-audit services that we have provided are disclosed in note 8 to the Financial Statements.

Emphasis of Matter – Basis of preparation

We draw attention to the fact that, as described in F-Secure's consolidated financial statements note 1.1 Basis of preparation section Basis of preparation for the consolidated financial statements, the financial statements have been prepared on a consolidated and carve-out basis. Until 30 June 2022 the financial statements have been presented on a carve-out basis and following the formation of the legal group on 1 July 2022, the financial statements have been prepared on a consolidated basis. Our opinion is not modified in respect of this matter.

Our Audit Approach

Overview

Overall group materiality: €1,100,000, which represents approximately 3% profit before taxes
Audit scope: We have audited parent company and we have performed audit procedures related to one subsidiary. In addition, we have performed group level analytical procedures to assess unusual movements across all entities.
Capitalization of R&D costs
Revenue recognition
Accounting for the transferred assets and liabilities of WithSecure corporation in the receiving parent company

64 Auditor's report

As part of designing our audit, we determined materiality and assessed the risks of material misstatement in the financial statements. In particular, we considered where management made subjective judgements; for example, in respect of significant accounting estimates that involved making assumptions and considering future events that are inherently uncertain.

Materiality

The scope of our audit was influenced by our application of materiality. An audit is designed to obtain reasonable assurance whether the financial statements are free from material misstatement. Misstatements may arise due to fraud or error. They are considered material if individually or in aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis of the financial statements.

Based on our professional judgement, we determined certain quantitative thresholds for materiality, including the overall group materiality for the consolidated financial statements as set out in the table below. These, together with qualitative considerations, helped us to determine the scope of our audit and the nature, timing and extent of our audit procedures and to evaluate the effect of misstatements on the financial statements as a whole.

Overall group materiality	€1,100,000
---------------------------	------------

How we determined it	Approximately 3% of profit before taxes
----------------------	-----------------------------------------

Rationale for the materiality benchmark applied We chose profit before tax as the benchmark because, in our view, the performance of the Group is most commonly measured by using this criteria, and it is a generally accepted benchmark. We chose 3% which is within the range of acceptable quantitative materiality thresholds in auditing standards.

How we tailored our group audit scope

We tailored the scope of our audit, taking into account the structure of the Group, the industry in which the Group operates and the accounting processes and controls.

Group operates globally through several legal entities. Group's sales are mainly generated by the parent company and we have audited the parent company as part of our audit of the consolidated financial statements. In addition, we have performed audit procedures related to one subsidiary. We have considered that the remaining subsidiaries don't present a reasonable risk of material misstatement for consolidated financial statements and thus our procedures have been limited to targeted audit procedures over significant balances and to analytical procedures performed at Group level.

By performing the procedures above at legal entities, combined with additional procedures at the Group level, we have obtained sufficient and appropriate evidence regarding the financial information of the Group as a whole to provide a basis for our opinion on the consolidated financial statements.

Key Audit Matters

Key audit matters are those matters that, in our professional judgment, were of most significance in our audit of the financial statements of the current period. These matters were addressed in the context of our audit of the financial statements as a whole, and in forming our opinion thereon, and we do not provide a separate opinion on these matters.

As in all of our audits, we also addressed the risk of management override of internal controls, including among other matters consideration of whether there was evidence of bias that represented a risk of material misstatement due to fraud.

65 Auditor's report

Capitalization of R&D costs

Refer to accounting principles and note 12 for the consolidated financial statements.

F-Secure has focused on strengthening research and development activities to develop new products and product amendments for consumer customers.

Capitalization of R&D costs requires use of judgment as capitalization requires estimating technical and economical feasibility of the product developed. In addition, there is judgement involved in assessing recoverability of capitalized R&D costs as future cash flows generated by these intangible assets needs to be estimated.

Due to materiality and judgment associated with capitalization of R&D costs, we have considered capitalization of R&D as key audit matter in the audit of the Group.

Revenue recognition

Refer to note 3 to the consolidated financial statements for the related disclosures.

The majority of revenue comes from the sale of endpoint protection products through partner channel, and F-Secure also sells consumer products through various retail partners, as well as F-Secure's own web shop.

Consumer products are treated as Security-as-a-Service and customers are provided with access to continuously updated software. Revenue is accounted for as a single performance obligation and recognised over time on a straight-line basis for the contract period.

In partner channels sales through operators most of the sales are usage-based and revenue recognised based on usage reports, but there are also fixed price operator agreements. The terms of these agreements may vary significantly and their revenue recognition is therefore defined case-by-case.

Revenue recognition is considered as key audit matter in the audit of the Group based on high volume of transactions, materiality and because revenue is a key financial performance measure for the Group.

Key audit matter in the audit of the group How our audit addressed the key audit matter

We assessed appropriateness of the company's R&D capitalization policy.

We evaluated the design of controls over R&D capitalization.

We assessed whether capitalization criteria for R&D projects are met.

We tested a sample of costs capitalized during the year.

We evaluated the relevant assumptions used in the impairment testing of intangible assets, focusing on the reasonableness of the forecasted economic information.

We evaluated the design of the company's revenue recognition process.

We tested a sample of revenue recognized during the year.

We tested deferred revenue on a sample basis to assess appropriateness of revenue recognition.

We tested a sample of fixed priced agreements.

66 Auditor's report

Key audit matter in the audit of the parent company How our audit addressed the key audit matter

Accounting for the transferred assets and liabilities of WithSecure corporation in the receiving parent company

Refer to the notes to the parent company Financial Statements.

In the partial demerger of WithSecure Corporation, the assets and liabilities of Consumer business were transferred into the receiving F-Secure Corporation by using carrying values as of 30 June 2021. The total book value of net assets transferred amounted to 9.7 million euro.

The accounting for the transfer in the receiving parent company was considered a key audit matter because the transferred assets and liabilities had significant impact on the equity and balance sheet of F-Secure Corporation.

Our audit procedures in respect of the accounting for the transferred assets and liabilities included, among others:

assessing the partial demerger against the Limited Liability Act and the demerger plan
evaluation of the appropriateness of the transferred assets and liabilities by comparing them to the demerger plan
testing of the carrying amounts of transferred assets and liabilities by comparing the balances in the receiving entity to the balances in the demerging entity.

There are no significant risks of material misstatement referred to in Article 10(2c) of Regulation (EU) No 537/2014 with respect to the consolidated financial statements or the parent company financial statements.

Responsibilities of the Board of Directors and the Managing Director for the Financial Statements

The Board of Directors and the Managing Director are responsible for the preparation of consolidated financial statements that give a true and fair view in accordance with International Financial Reporting Standards (IFRS) as adopted by the EU, and of financial statements that give a true and fair view in accordance with the laws and regulations governing the preparation of financial statements in Finland and comply with statutory requirements. The Board of Directors and the Managing Director are also responsible for such internal control as they determine is necessary to enable the preparation of financial statements that are free from material misstatement, whether due to fraud or error.

In preparing the financial statements, the Board of Directors and the Managing Director are responsible for assessing the parent company's and the group's ability to continue as a going concern, disclosing, as applicable, matters relating to going concern and using the going concern basis of accounting. The financial statements are prepared using the going concern basis of accounting unless there is an intention to liquidate the parent company or the group or to cease operations, or there is no realistic alternative but to do so.

Auditor's Responsibilities for the Audit of the Financial Statements

Our objectives are to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, and to issue an auditor's report that includes our opinion. Reasonable

assurance is a high level of assurance but is not a guarantee that an audit conducted in accordance with good auditing practice will always detect a material misstatement when it exists. Misstatements can arise from fraud or error and are considered material if, individually or in the aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis of these financial statements.

As part of an audit in accordance with good auditing practice, we exercise professional judgment and maintain professional skepticism throughout the audit. We also:

Identify and assess the risks of material misstatement of the financial statements, whether due to fraud or error, design and perform audit procedures responsive to those risks, and obtain audit evidence that is sufficient and appropriate to provide a basis for our opinion. The risk of not detecting a material misstatement resulting from fraud is higher than for one resulting from error, as fraud may involve collusion, forgery, intentional omissions, misrepresentations, or the override of internal control.
Obtain an understanding of internal control relevant to the audit in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness of the parent company's or the group's internal control.
Evaluate the appropriateness of accounting policies used and the reasonableness of accounting estimates and related disclosures made by management.

67 Auditor's report

Conclude on the appropriateness of the Board of Directors' and the Managing Director's use of the going concern basis of accounting and based on the audit evidence obtained, whether a material uncertainty exists related to events or conditions that may cast significant doubt on the parent company's or the group's ability to continue as a going concern. If we conclude that a material uncertainty exists, we are required to draw attention in our auditor's report to the related disclosures in the financial statements or, if such disclosures are inadequate, to modify our opinion. Our conclusions are based on the audit evidence obtained up to the date of our auditor's report. However, future events or conditions may cause the parent company or the group to cease to continue as a going concern.
Evaluate the overall presentation, structure and content of the financial statements, including the disclosures, and whether the financial statements represent the underlying transactions and events so that the financial statements give a true and fair view.
Obtain sufficient appropriate audit evidence regarding the financial information of the entities or business activities within the group to express an opinion on the consolidated financial statements. We are responsible for the direction, supervision and performance of the group audit. We remain solely responsible for our audit opinion.

We communicate with those charged with governance regarding, among other matters, the planned scope and timing of the audit and significant audit findings, including any significant deficiencies in internal control that we identify during our audit.

We also provide those charged with governance with a statement that we have complied with relevant ethical requirements regarding independence, and to communicate with them all relationships and other matters that may reasonably be thought to bear on our independence, and where applicable, related safeguards.

From the matters communicated with those charged with governance, we determine those matters that were of most significance in the audit of the financial statements of the current period and are therefore the key audit matters. We describe these matters in our auditor's report unless law or regulation precludes public disclosure about the matter or when, in extremely rare circumstances, we determine that a matter should not be communicated in our report because the adverse consequences of doing so would reasonably be expected to outweigh the public interest benefits of such communication.

Other Reporting Requirements

Appointment

We were first appointed as auditors by the annual general meeting on 31 May 2022.

Other Information

The Board of Directors and the Managing Director are responsible for the other information. The other information comprises the report of the Board of Directors and the information included in the Annual Report, but does not include the financial statements and our auditor's report thereon.

Our opinion on the financial statements does not cover the other information.

In connection with our audit of the financial statements, our responsibility is to read the other information and, in doing so, consider whether the other information is materially inconsistent with the financial statements or our knowledge obtained in the audit, or otherwise appears to be materially misstated. With respect to the report of the Board of Directors, our responsibility also includes considering whether the report of the Board of Directors has been prepared in accordance with the applicable laws and regulations.

In our opinion

the information in the report of the Board of Directors is consistent with the information in the financial statements
the report of the Board of Directors has been prepared in accordance with the applicable laws and regulations.

If, based on the work we have performed, we conclude that there is a material misstatement of the other information, we are required to report that fact. We have nothing to report in this regard.

Helsinki 16 February 2023

PricewaterhouseCoopers Oy

Authorised Public Accountants

Janne Rajalahti

Authorised Public Accountant (KHT)

Information for shareholders

Contact information

Sari Somerkallio Chief Financial Officer [email protected] +358 40 356 9251

Financial calendar

During the year 2023, F-Secure Corporation will publish financial information as follows:

• Interim Report for January-March 2023, Wednesday, 26 April 2023
• Half-Year Financial Report for January–June 2023, Thursday, 20 July 2023
• Interim Report for January–September 2023, Wednesday, 25 October 2023

Annual General Meeting 2023

The Annual General Meeting of F-Secure Corporation is planned to be held on 23 March 2023. The Board of Directors will convene the meeting.

F-Secure Corporate Governance Statement 2022

Corporate Governance at F-Secure

F-Secure corporate governance practices are based on applicable Finnish laws, the rules of Helsinki Stock Exchange (Nasdaq Helsinki Oy) and the regulations and guidelines of Finnish Financial Supervisory Authority as well as with the company's Articles of Association. This corporate governance statement (later simply referred to as 'statement') has been prepared in accordance with the Finnish Corporate Governance Code 2020 (publicly available at http://cgfinland.fi/en/) issued by the Securities Market Association of Finland.

Up-to-date information about F-Secure corporate governance is available on the company's investor website at https://investors.f-secure.com/en. This statement is issued separately from the Board of Directors' report, and is also available on the investor website, as well as is included in the 2022 Annual Report.

F-Secure was created by partial demerger of WithSecure Corporation, whereby the consumer security business was separated into an independent,

new legal entity. The partial demerger was completed on 30th June 2022. Trading with the shares of new F-Secure Corporation commenced on 1st July 2022. All figures and data presented in this statement reflect the time since establishment of F-Secure until 31st December 2022 (said date included), except where otherwise expressly indicated otherwise.

Governing bodies

The highest decision-making body in F-Secure is the General Meeting of Shareholders which elects the members of the Board of Directors. The Board of Directors is responsible for the administration of F-Secure Corporation and appropriate organization of its operations. The Board of Directors appoints the CEO. The CEO, assisted by the Leadership Team, is responsible for managing the company's business and implementing its strategic and operational targets.

General Meeting of Shareholders

Under the Finnish Companies Act, shareholders exercise their decision-making power at the General Meeting.

adoption of the Financial Statements
distribution of profit for the year
discharging the members of the Board of Directors and the President and CEO from liability
selection of members of the Board
the decision on the remuneration of the Board members
approval of the Remuneration Policy and the Remuneration Report
election of the auditor and the decision on the auditor's remuneration, and
other proposals submitted to General Meeting

Each share carries one vote in the General Meeting.

A shareholder may propose items to be included on the agenda provided they are within the authority of the General Meeting, and the Board of Directors has received the request in advance in accordance with the set schedule. The invitation to the AGM is published as a stock exchange release and is made available on the company's website.

2022:

As F-Secure was created on 30 June 2022 as a result of the partial de-merger of WithSecure Corporation, no AGM of the company has yet been held. The first AGM of the company is scheduled to be held on 23 March 2023 at the company's headquarters in Helsinki.

Members of the Board of Directors and the Audit Committee

Members	Independence of the company	Independence of major shareholders	Board of Directors (meeting attendance)	Audit Committee (meeting attendance)
Pertti Ervi	Yes	Yes	Chair (18/18)	Member (4/4)
Petra Teräsaho	Yes	Yes	Member (18/18)	Chair (4/4)
Risto Siilasmaa	Yes	No 1)	Member (17/18)	Member (4/4)
Thomas Jul	Yes	Yes	Member (18/18)
Madeleine Lassoued	Yes	Yes	Member (18/18)
Calvin Gan	No 2)	Yes	Member (15/18)

1) Risto Siilasmaa is the founder of F-Secure and on 31 December 2022 owned 34.39% of F-Secure shares.

2) Calvin Gan was elected from among F-Secure personnel, according to the process described below in 2022.

Board of Directors

The Board of Directors is responsible for the administration of F-Secure Corporation and appropriate organization of its operations. The Board's operations, responsibilities and duties are based on the Finnish Companies Act and other applicable legislation and are supplemented by the Board Charter. These cover the following main areas:

approving the strategy of F-Secure, overseeing its operations and annual budgets
appointing and dismissing the President and CEO
approving any major investments, acquisitions, changes in corporate structure or other matters that are significant or far-reaching
ensuring that the supervision of the company's accounting and financial management is duly organized
ensuring that internal control and risk management systems are in place
approving personnel policies and rewards systems
preparing matters to be handled at the General Meeting

The Board of Directors meets as frequently as necessary and according to the Board Charter at least five times during its term. The Board of Directors has quorum when more than half of the members are present. An annual self-assessment is carried out by the Board to evaluate its operations. The Board of Directors primarily strives at unanimous decisions. If a decision cannot be made unanimously, the decision will be made by voting and with single majority. If the votes are even, the Chair's vote is decisive.

In accordance with F-Secure's Articles of Association, the Board of Directors comprises three to seven members, who are elected at the Annual General Meeting for a period of office that extends to the end of subsequent AGM. The Board of Directors represents all shareholders.

Diversity is an essential part of F-Secure success. According to Diversity Principles established by the Board of Directors, an optimal mix of diverse backgrounds, expertise and experience strengthens the Board's performance and promotes creation of longterm shareholder value. The Diversity Principles of the Board of Directors aim to strive towards appropriately

balanced gender distribution. Both genders are represented in the Board of Directors.

To create openness, one member of the Board of Directors is proposed to be elected from among F-Secure personnel. An election is arranged annually for F-Secure personnel and each permanent F-Secure employee is eligible to stand as a candidate. The representatives of the Board of Directors interview three persons who have obtained the highest number of votes in the elections and choose a candidate from amongst them to be proposed for election as a member of the Board by the Annual General Meeting. Calvin Gan was appointed to the Board of Directors from among the employees in 2022. The proposal in 2022 was based on an earlier election held by WithSecure Corporation due to the timeline for incorporating F-Secure Corporation as separate legal entity through a partial demerger of WithSecure Corporation. As an employee of the company, the Board member elected from among F-Secure personnel does not participate in any matters that relate to, for example, leadership appointment (or dismissal), remuneration or other terms of employment or service, or industrial action, as the Board may handle from time to time.

The majority of Board members are independent from the company and from its major shareholders. For a detailed description of the members of the Board of Directors and their shareholdings see the end of this statement.

Before the partial demerger of WithSecure was completed, Mr. Pertti Ervi had been instructed to organize the work of F-Secure Board of Directors as if F-Secure already existed as an independent company, for the period until the term of office of its Board members formally commenced pursuant to the demerger plan and the Finnish Companies Act ("Shadow Board"). The powers of the Shadow Board were subject to the limitations arising from both the demerger plan and the Finnish Companies Act. The Board of Directors of F-Secure was formally established and elected by the extraordinary meeting of WithSecure (the demerging company), held on 31 May 2022.

2022:

In 2022 the Board of Directors convened 18 times (out of which 6 times as "Shadow Board") and Audit Committee convened 4 times (out of which once as "Shadow Audit Committee").

Audit Committee

In 2022, the Board established one committee, i.e. Audit Committee. The Board of Directors appoints from among itself the members and the Chair of the Audit Committee. The Audit Committee must have at least three members. The Board of Directors confirms the main duties and operating principles of the Audit Committee.

The Audit Committee monitors and evaluates risk management, internal controls, IT strategy and practices, financial reporting as well as auditing. The Audit Committee also prepares a proposal for the election of an auditor to the Board of Directors and regularly considers the need for a separate internal audit function. Members of the Audit Committee must have broad business knowledge, as well as sufficient expertise and experience with respect to the committee's area of responsibility and the mandatory tasks relating to auditing.

The majority of members of the Audit Committee shall be independent of the company and at least one member shall be independent of the company's significant shareholders. The Audit Committee invites experts to its meetings when necessary for the issues to be discussed. External auditors are permanent invitees to the meetings of the Audit Committee. Materials of the Audit Committee meetings are made available for all members of the Board of Directors.

The Audit Committee convenes at least four (4) times a year as notified by the Chair of the Committee. Members of the Audit Committee are listed in the table above.

President and CEO

The Board of Directors appoints and may dismiss the President and CEO and decides upon the President and CEO's remuneration and other benefits in accordance with the Remuneration Policy. The CEO is responsible for the day-to-day management of the company. The CEO's main duties include:

managing the business according to the instructions issued by the Board of Directors
presenting the matters to be handled in the Board of Directors' meetings
implementing the decisions made by the Board of Directors
other duties determined in the Finnish Companies Act

2022:

Timo Laaksonen has been F-Secure President and President and CEO since 30 June 2022.

The biographical details of the President and CEO including the President and CEO's shareholdings are specified at the end of this statement. The remuneration of the President and CEO is specified in F-Secure Remuneration Policy and Report.

Leadership Team

The Leadership Team supports the President and CEO in the daily operative management of the company.

2022:

Current information on the F-Secure Leadership Team can be found on our website: https://investors.f secure.com/en/investors/corporate\_governance/ leadership\_team.

For descriptions of all members of the Leadership Team during 2022 and their roles, respective membership periods and shareholdings, see the end of this statement.

Internal control and risk management

Risk management

Risk management and internal control processes at F-Secure seek to ensure that risks related to the business operations of the company are properly identified, evaluated, monitored, mitigated and reported in compliance with the applicable regulations.

F-Secure Board of Directors defines the principles of risk management and internal controls which are followed within the company. The Audit Committee assists the Board in the supervision of F-Secure risk management process. The President and CEO is accountable for ensuring that the risk management principles are implemented and applied constantly and consistently across the organization, supported by the Corporate Development function.

The primary goal of F-Secure risk management principles is to empower the organization to identify and manage risks more effectively. The potential negative impact and probability of different situations arising from business operations of the company, its markets, its customers, or its partners are monitored as part of the risk management process.

F-Secure promotes continuous risk evaluation by the company's personnel. The relevant operational risks identified through the risk management process are regularly reviewed by the President and CEO and Leadership Team and the company's statutory auditor. Risk Management is an integrated part of F-Secure's governance and management, and the risk management process is aligned with the ISO-31000:2018

guidelines. The Audit Committee regularly evaluates the effectiveness of the risk management system.

Internal control

The purpose of Internal Control is to ensure that operations are effective and aligned with the strategy, and that financial reporting and management information is reliable and in compliance with applicable regulations and operating principles.

Internal control consists of all the guidelines, policies, processes, practices and relevant information about organizational structure that help ensure that the business conduct is in compliance with all applicable regulations. The purpose of internal control is also to ensure that accounting and financial information provides a true and accurate reflection of the activities and financial situation of the company.

The company constantly monitors its key financial processes linked to sales, revenue, costs and profitability as well as incoming and outgoing payment transactions. If any inconsistencies appear, the issues are handled without delay. The company's finance department is responsible for the consistency and reliability of internal control methods. The finance team, led by the CFO, works in close cooperation with businesses, providing relevant data for business planning purposes and sales estimates. The team also regularly assesses and monitors the reliability of estimates and revenue recognition.

Internal audit

Audit Committee considers the need for and appropriateness of a separate Internal Audit function on a regular basis. To date, the Audit Committee has concluded that, due to the size, organizational structure and largely centrally controlled financial management

of the company, a separate Internal Audit function is not necessary.

In the absence of an Internal Audit function, attention is paid to periodical review of the written guidelines and policies concerning accounting, reporting, documentation, authorization, risk management, internal control and other relevant matters across the company. Related controls are also tested from time to time. The guidelines and policies are coordinated by the company's finance team with active involvement by the legal team.

The absence of a separate Internal Audit function is considered when defining the scope of the company's external audit. Where necessary, the Internal Audit services will be purchased from an external service provider.

To facilitate transparency and exchange of information on Internal Audit related matters, the financial management team has frequent meetings with the auditors. The auditors also participate in the meetings of the Audit Committee as permanent invitees.

The company has taken into use a Whistleblowing Channel for employees and other stakeholders to report any possibly corrupt, illegal, or other undesirable conduct.

Related party transactions

The Audit Committee defines the principles for monitoring and assessing F-Secure related party transactions. The definition of the related parties is based on IAS 24 standard. F-Secure collects information about its related parties on regular basis. The Board of Directors decides on related party transactions that are not conducted in the ordinary course of business of the company or are not implemented under arm's-length terms. Related party transactions are disclosed as part

of financial statements according to the applicable legislation.

Insider management

F-Secure complies with the applicable legislation, including EU Market Abuse Regulation (MAR), the regulations of the Finnish Financial Supervisory Authority as well as Nasdaq Helsinki's Guidelines for Insiders. F-Secure has established its own insider policy to complement the regulation and guidelines above.

F-Secure maintains a list of all persons who have regular access to company's financial data. Due to the sensitive nature of financial information, persons having access to financial information before publication of an interim financial report or a year-end report shall be subject to a thirty (30) day trading restriction prior to publication of such report.

In addition, F-Secure maintains a project-specific insider list of any projects and events which, if realized, would be likely to have a significant effect on the value of F-Secure share or other financial instruments, and which have been subject to delaying of disclosure in accordance with MAR.

F-Secure has decided not to include any persons as permanent insiders. All persons with inside information regarding a project will be included in the project specific insider list.

Persons discharging managerial responsibilities comprise the Board of Directors, the President and CEO and other members of the Leadership Team. These persons have a duty to notify F-Secure and the Finnish Financial Supervisory Authority of every transaction in their own account relating to Financial Instruments of F-Secure within three business days (after a cumulative threshold of EUR 5,000 per annum). The company publishes these notifications as stock exchange

releases, as specified by MAR. All releases published on managers' transactions are available on the company's website.

Auditors

The auditor is elected by the Annual General Meeting for a term of service ending at the close of the next Annual General Meeting. The auditor is responsible for auditing the consolidated and parent company financial statements and accounting. The auditor reports to the Board of Directors or the Audit Committee at least once a year.

2022:

F-Secure has been audited by PricewaterhouseCoopers with Janne Rajalahti, Authorized Public Accountant, as the responsible auditor.

F-Secure paid the auditor EUR 103 thousand in audit fees after the demerger.

Board of Directors

Pertti Ervi, born 1957

Chair of the Board since 2022

Member of the Board's Audit Committee since 2022 Finnish citizen

Main occupation: Independent management consultant and a professional board member

Key positions of trust

WithSecure, member of the Board of Directors since 2003, Chair of the Board (2004–2006) and Chair of the Audit Committee (2008–2022)

Efecte Corporation, Chair of the Board of Directors of 2011 (a member of the Board of Directors since 2008)

QPR Software Corporation, Chair of the Board of Directors since 2021 Pointsharp Holding AB, member of the Board of Directors since 2021

Mintly Oy, founding member and Chair of the Board of Directors between 2017 and 2022

Teleste Corporation, member of the Board of Directors between 2009 and 2020 (Chair: 2017–2020)

Comptel Corporation, Chair of the Board of Directors between 2011 and 2017 Stonesoft Corporation, Chair of the Board of Directors between 2004 and 2007 Previously Chair/Board member of several listed and growth companies, including several Audit Committee chair positions

Primary working experience

Computer 2000 AG, Co-CEO and member of the Executive Board between 1995 and 2000

Computer 2000 Finland Corporation, Co-founder and CEO in 1983-1995

Education

Mr. Ervi holds a Bachelor of Science degree in electronics and several management studies

Holdings: number of shares 82,442, holding 0.05%

Risto Siilasmaa, born 1966

Board member since 2022 Member of the Board's Audit Committee since 2022 Finnish citizen

Key positions of trust

WithSecure, Chair of the Board of Directors since 2006 (member of the Board of Directors since 1988)

Quanscient Oy, member of the Board of Directors since 2022 CybExer Technologies, member of the Board of Directors since 2022 Upright Oy, member of the Board of Directors since 2022 Pixieray Oy, member of the Board of Directors since 2021 Ministry of Finance's Technology Advisory Board, chair since 2020 Global Advisory Board of Yonsei University School of Business, member since 2020 Komatsu International Advisory Board, member since 2020 International Advisory Board of IESE, member since 2019 Futurice Corporation, member of the Board of Directors since 2018

Global Tech Panel, an initiative of the EU High Representative for Foreign Affairs and Security Policy, member since 2018

Federation of Finnish Technology Industries, Chair of the Board of Directors between 2016 and 2018, Vice-Chair of the Board of Directors between 2007 and 2010 and between 2013 and 2015 (a member of the Board of Directors between 2007 and 2019)

Confederation of Finnish Industries EK, Vice Chair of the Board of Directors between 2017 and 2018 (a member of the Board of Directors between 2007 and 2010 and 2013 and 2016) Nokia Corporation member of the Board of between 2008 and 2020 (Chair: 2012–2020)

Primary working experience

F-Secure and WithSecure, Founder and CEO of WithSecure 1988–2006 First Fellow Partners, Founding Partner and the Chair of the Board of Directors since 2016 Nokia Corporation, interim CEO 2013–2014

Education

Mr. Siilasmaa holds a Master of Science degree in engineering Holdings: number of shares 60,022,804, holding 34.39%

Thomas Jul, born 1967 Board member since 2022 Danish citizen Main occupation: CEO of Inpay

MATTA Holding, Co-founder and CEO between 2019 and 2021 Nets Group, CEO and Country Director in Denmark between 2017 and 2019 Ericsson, President and CEO of PT Ericsson Indonesia between 2014 and 2017, Head of the Customer Unit in Central Europe between 2012 and 2014 and President of Ericsson Austria GmbH between 2012 and 2013

Nokia Siemens Networks, Head of West Europe between 2011 and 2012, Head of the Global Customer Business Team Deutsche Telekom between 2009 and 2011, CEO of the Danish Branch between 2007 and 2010 and Head of Nordics between 2006 and 2009

Nokia, various position including Country Manager, General Manager and Business Development Director between 1998 and 2007

Systematic Software Engineering, various positions between 1993 and 1998 Education

Mr. Jul holds a Master of Science degree in Software Engineering Holdings: number of shares 5,439, holding 0.00%

Madeleine Lassoued, born 1990

Board member since 2022 Swedish citizen Main occupation: Head of Marketing at Volvo On Demand

Key positions of trust NEWS Group AB, member of the Board of Directors since 2021 and 2022

Primary working experience

Coupleness, Investor and Marketing & Growth Advisor since 2021

Plansmaid, Co-founder

Bisnode, Head of Digital Marketing (2017–2019) and as a Digital Marketing Team Leader (2016–2017)

BannerFlow, various positions

Education

Ms. Lassoued holds a Master of Business Administration degree in International Economics and a Bachelor of Business Administration degree in International Marketing

Holdings: number of shares 5,439, holding 0.00%

Petra Teräsaho, born 1966

Board member since 2022 Chair of the Board's Audit Committee since 2022 Finnish citizen Main occupation: CFO at Valmet Automotive (starting during Q1 2023)

Key positions of trust

Paulig Group, member of the Board of Directors since 2020, and Chair of Audit Committee

Primary working experience

Enfo Group, CFO between May and November 2022 Stora Enso, Senior Vice President, Group Controller between 2016 and April 2022 Outotec Group, Vice President Group Controller between 2014 and 2015 Nokia Corporation, Head of Finance in Global Marketing between 2012 and 2014, CFO of Nokia Mobile Phones operations in India between 2007 and 2012. Nokia Networks, Head of Business Planning of Mobile Applications unit between 2000 and 2001, Head of Value-Based Marketing between 1999 and 2001 Education

Ms. Teräsaho holds a Master of Science in Accounting and Finance Holdings: number of shares 6,871, holding 0.00%

Calvin Gan, born 1988

Board member since 2022 Malaysian citizen Main occupation: F-Secure, Senior Manager

Primary working experience

F-Secure, Manager between 2017 and 2020, F-Secure, Security Vulnerability Expert between 2014 and 2017 F-Secure, Team Lead between 2013 and 2014 F-Secure, Malware Analyst between 2010 and 2013

Education

Mr. Gan holds a Bachelor of Science degree in Computing, Cyber Security Holdings: number of shares 1,813, holding 0.00%

Leadership team

Timo Laaksonen born 1961

President and Chief Executive Officer since 2022 Finnish citizen

Primary working experience

WithSecure, Executive Vice President of Consumer Security, and various other positions since 2012 Tecnotree Corporation, Chief Commercial Officer between 2010 and 2012 Xtract, CEO between 2008 and 2010 First Hop, CEO between 2001 and 2008 Sonera SmartTrust, Executive Vice President between 1998 and 2001

Teamware Group Ltd, Vice President between 1993 and 1998

ICL Travel Systems, Marketing Manager between 1992 and 1993

Key positions of trust

Finnish American Chamber of Commerce in New York, member of the Board of between 2018 and 2019 Broadband Multimedia Marketing Association (USA), a member of the Board of Directors between 2018 and 2019

Kvalion Ltd, member of the Board of Directors between 2008 and 2011

Education

Mr. Laaksonen holds a Master of Science degree in Economics (international marketing and international trade law).

Holdings: number of shares 13,450, holding 0.01%

Antero Norkio born 1972

Senior Vice President, Corporate Development since 2022 Finnish citizen

Primary working experience

WithSecure, Vice President Product Management (Consumer Business), and various other positions since 2011

Airwide Solutions, Head of Global Channel Partners and Director of Product Management between 2002 and 2011 (including the acquisition of First Hop 2007) Taika Technologies Oy, Vice President of Product Management 2001 and 2002

Sonera SmartTrust, Director of Product Management between 1997 and 2001

Education

Mr. Norkio holds a Master of Science degree in Industrial Engineering and Management (Strategy and International Business).

Holdings: number of shares 37,526, holding 0.02%

Paul Palmer born 1967

Senior Vice President, Partner Business since 2022 British citizen

Primary working experience

WithSecure, Vice President of Service Provider Business and various other positions since 2014

Bubbly, Vice President of Global Sales between 2011 and 2014

Adaptivemobile, Vice President of Sales APAC between 2009 and 2011

Ubiquisys, Business Development Director in the Asia Pacific region in between 2008 and 2009

mFormation Technologies, Regional Director in Asia between 2006 and 2008, as a Strategic Account Director between 2004 and 2006

Sonera SmartTrust, Director of Pre Sales in Europe, Middle East and Africa between 2002 and 2004 Lucent Technologies, Manager of GSM/3G Pre Sales-Technical Support between 1998 and 2002 Bridge This Gap, Director since 2019

Key positions of trust

Mobile Ecosystem Forum, member of the Board of Directors between 2015 and 2017

Education

Mr. Palmer holds a Bachelor of Science degree in Electronics and Computing

Holdings: number of shares 0, holding 0.00%

Toby White born 1977 Chief Technology Officer since 2022 British/Finnish dual citizen

Primary working experience

WithSecure, Vice President of Consumer Security in Research and Development since 2020 Wärtsilä, Vice President of Digital Engineering between 2017 and 2020

GlobalData Plc, Group CTO between 2014 and 2017 Timetric, Founder and CTO between 2008 and 2016 Met Office, Unified Model System Developer in 2003 Cambridge University Chemical Laboratory, Research Associate between 2002 and 2003

Education

Dr. White holds a Master of Chemistry degree in Chemistry and a Doctor of Philosophy degree in Theoretical Chemistry.

Holdings: number of shares 0, holding 0.00%

Sari Somerkallio born 1972

Chief Financial Officer since 2022 Finnish citizen

Primary working experience

WithSecure, Head of Finance in Consumer Security since February 2022

Fiskars Group, Vice President of Business Finance between 2020 and 2021

Fiskars Group, Senior Vice President of Finance & Business Development between 2019 and 2020 Fiskars Group, Manager of Development Projects between 2009 and 2011

Wärtsilä Corporation, Project Manager and Process Manager between 2002 and 2008

Wärtsilä Corporation, Investor Relations Manager between 1999 and 2002

Merita Stockbrokers, Analyst between 1997 and 1999 Interbank, Analyst between 1996 and 1997

Education

Ms. Somerkallio holds a Master of Science degree in Mathematics and a Master of Science degree in economics (Finance).

Holdings: number of shares 2,298, holding 0.00%

Kitta Virtavuo born 1972

Chief People & Culture Officer since 2022 Finnish citizen

Primary working experience

Fiskars Group, Vice President of HR, Sales between 2020–2021

Fiskars Group, Vice President of HR, Living Business between 2017 and 2020

Fiskars Group, HR Director of Business Region Europe between 2016 and 2017

Nokia Corporation and Nokia Siemens Networks, various international HR leadership positions between 1999 and 2016

Education

Ms. Virtavuo holds a Bachelor of Business Administration degree in Business Management and Marketing.

Holdings: number of shares 0, holding 0.00%

Richard Larcombe born 1974 Chief Marketing Officer since 2022 British citizen

Perttu Tynkkynen born 1974

Senior Vice President, Direct Business since 2022 Finnish citizen

Primary working experience

WithSecure, Vice President of Global Consumer Sales and Marketing since 2015

WithSecure, Director of Direct Consumer Business between 2011 and 2015

WithSecure, Business Manager of Consumer Sales in Finland between 2008 and 2011

Logitech, Region Sales Manager between 2005 and 2008

PC-SuperStore, various roles between 1997 and 2005 Education

Mr. Tynkkynen holds a Bachelor of Science degree in Business Administration

Holdings: number of shares 6,288, holding 0.00%

Mikko Kestilä born 1967

Vice President, Operations since 2022 Finnish citizen

Primary working experience

WithSecure, different positions since 2016 Synchronoss Technologies, Director in Product Management between 2015 and 2016 WithSecure, Director Services between 2014 and 2015 Goodmill Systems Ltd, Vice President Between 2012 and 2014

Xtract Oy, Vice President of Customer Operations between 2009 and 2012

Airwide Solutions, Vice President of Professional Services and R&D between 2008 and 2009 First Hop, Vice President and Manager between 2004 and 2008

Tellabs, several roles between 1994 and 2004 Nokia Corporation, Project Manager and Software Engineer between 1990 and 1994

Education

Mr. Kestilä holds a Master of Science degree in electrical engineering.

Holdings: number of shares 2,229, holding 0.00%

Primary working experience

WithSecure, Vice President of Global Marketing between 2019 and 2021

ismybillfair.com, co-founder and Chief Marketing Officer between 2017 and 2019

Tesco Bank, Brand and Marketing Director between 2015 and 2017

Virgin Media, Chief Marketing Officer and Director of Advertising and Sponsorship between 2010 and 2015 The Times, Sunday Times and Times Online, Head of Marketing between 2004 and 2010

AMV BBDO, Account Director between 1998 and 2004 Grey, Account Director between 1996 and 1998

Education

Mr. Larcombe holds a degree in Psychology (BA Hons) Holdings: number of shares 0, holding 0.00%

Steven Offerein born 1986

Vice President, Portfolio Management since 2022 Dutch citizen

Primary working experience

WithSecure, Business Development Manager between 2020 and 2021

TalkTalk, Head of Product Management between 2018 and 2019 and in various product management roles between 2014 and 2018

New Motion, Product Manager between 2013 and 2014 VodafoneZiggo, Product Manager between 2010 and 2013

@home (previously Essent Kabelcom), Business Analyst between 2008 and 2010, Information and Business Analyst between 2006 and 2008

Education

Mr. Offerein has studied Management Sciences. Holdings: number of shares 0, holding 0.00%

Michal Iwan born 1976

Vice President, Security Suite Business Team since 2022 Polish citizen

Primary working experience

WithSecure, Regional Vice President of Service Provider Business in Central & Eastern Europe since 2020

WithSecure, Head of Region of Operator Sales in DAHC, Iberia, Italy, Poland and Balkans between 2015 and 2020 WithSecure, Country Manager in Poland between 2006 and 2015

WithSecure, Channel Manager in Poland between 2005 and 2006

Key positions of trust

Salumanus Sp. Z.o.o., member of the Supervisory Board since 2022

Education

Mr. Iwan holds a master's degree in Economy and Investments.

Holdings: number of shares 639, holding 0.00%

Dmitri Vellikok born 1984

Vice President, Network Security Business Team since 2022 Finnish citizen

Primary working experience

WithSecure, Director of Business Development in the Americas, and various positions 2008–2022 IBM, Technical Support Engineer between 2007 and 2008

Techdata, Microsoft Sales Specialist

Education

Mr. Vellikok holds a degree from Helsinki Business College (commercial institute) in information technology services and marketing

Holdings: number of shares 0, holding 0.00%

TL Viswanathan born 1979

Vice President, Embedded Security since 2022 Indian citizen

Primary working experience

Nokia Corporation, Head of Digital Operations Portfolio, between 2018 and 2022 Comptel, Director & Vice President Global Alliances, between 2014 and 2018 Oracle, Senior Account Manager APAC, between 2013 and 2014 Nokia Siemens Networks, various leadership and business development roles for Applications, Systems integration business between 2006 and 2013 Siemens Communications, Solution Consultant,

between 2000 and 2006 Education

Mr. Viswanathan holds a Master's degree in Business Administration (International Business). Holdings: number of shares 0, holding 0.00%

Remuneration

Introduction

This Remuneration Report 2022 has been prepared in accordance with the Finnish Corporate Governance Code 2020 (publicly available at http://cgfinland.fi/en/) and contains comprehensive information on remuneration of the Board of Directors and the President and CEO from the establishment of F-Secure Corporation on 30 June 2022. All remuneration information in this report is from the establishment of F-Secure Corporation on 30 June 2022 until 31 December 2022, except that the Board of Directors remuneration is based on their term of office that began in 2022 and will expire at the end of the 2023 Annual General Meeting (as explained in further detail in the F-Secure Corporate Governance Statement 2022).

F-Secure Remuneration Policy was presented to the Extraordinary General Meeting of WithSecure on 31 May 2022 that decided on the partial demerger of WithSecure into F-Secure. The Extraordinary General Meeting resolved, conditional upon the completion of the Demerger, to support the proposed remuneration policy for governing bodies of F-Secure. The Demerger was registered with the Trade Register maintained by the Finnish Patent and Registration Office on the effective date on 30 June 2022. Upon registration the Demerger was completed, and the Remuneration Policy became applicable in F-Secure.

F-Secure Remuneration Policy describes the remuneration for the Board of Directors and the President and CEO and the considerations of determining the policy and operation of the policy. Remuneration Policy of F-Secure complies with the recommendations of the Finnish Corporate Governance Code for listed companies, Shareholders' Rights Directive legislation and any other regulations and guidelines concerning

remuneration in listed companies. The Remuneration Policy is available at F-Secure website.

Remuneration principles at F-Secure

According to F-Secure Remuneration Policy, the remuneration for F-Secure management is designed to advance the business objectives and long-term profitability of the company. F-Secure remuneration in general is based on rewarding for performance and competencies. Remuneration is designed to be competitive compared to relevant reference markets, increase commitment and work engagement and to be consistent across the organization. Incentive schemes are developed to support company's strategy by aligning the interests of the shareholders and the key employees for strong performance and long-term value creation of the company. The remuneration of employees across the company is reviewed regularly with the intention that all employees are paid appropriately in the context of market and considering their individual competencies and performance.

These principles have been considered in the company's remuneration in the financial year 2022. In 2022, the remuneration of the Board of Directors and the President and CEO complied with the Remuneration Policy, and there were no deviations.

The President and CEO's remuneration follows the same principles as the remuneration of all other employees, and this is evident in the performance criteria set for the variable remuneration. Approximately half of the President and CEO's remuneration package is based on performance. The existing short- and long-term incentive plans are based on the company's financial performance, employee engagement and shareholder value development to ensure a strong link between the company's performance and CEO remuneration. The President

and CEO is recommended to hold at least 50% of the shares received as rewards from the long-term incentive programs and to accumulate the shares from the incentive programs until the value of the shares received from the share programs equals the annual gross base salary of the President and CEO. There are no other restrictions set for the shares received from the share-based incentive programs.

Remuneration in 2022

In 2022 no new F-Secure LTI programs were set for the management. The company aims to build a relevant and competitive share based LTI program according to the principles used in similar companies, that aligns the interests of the management and shareholders and retains, motivates and rewards individually selected key employees in the long term. The ongoing LTI programs prior to demerger from WithSecure continue. All LTI allocation (PSP and RSP) made originally in the shares of WithSecure were adjusted to be the allocations of F-Secure Corporation. Adjustments to PSP 2021–2023 and PSP 2022–2024 were made using the reference prices of the two new companies. Criteria measurement in PSP 2020–2022 was decided to execute as if the two companies would still form the old entity.

The total remuneration paid to the President and CEO in 2022 from July to December was EUR 179,880 of which EUR 29,760 was in the form of variable pay. Short Term Incentive payment made to the President and CEO in August 2022 was based on objectives related to his prior role at WithSecure during the first half of 2022. No share-based payments were made to the President and CEO after 30 June 2022.

At the end of 2022, the President and CEO held 13,450 shares of F-Secure.

Remuneration of the Executives 2022

F-Secure executive compensation in 2022 is described in the table below.

Average annual remuneration (EUR)	2022
President and CEO 1)	179,880
Chair of the Board	80,000
Other Board Members 2)	40,500
Average employee 3)	27,686

1) Remuneration paid for 30 June 2022 – 31 December 2022, including the base salary as well as short -term incentive 1H2022 payment in August for the role at WithSecure prior to being the President and CEO of F-Secure.

2) The average remuneration paid to the Board Members, excluding the employee Board member.
3) The total wages and salaries paid during 30 June 2022–31 December 2022/ average headcount during the same period in all countries.

Revenue development 2019–2022 1)

● Revenue, MEUR ● Revenue development, %

Adjusted EBITDA development 2019–2022 1)

● Adjusted EBITDA, MEUR ● Adjusted EBITDA Development, %

1) The financial information of F-Secure that is illustrated above has been derived from the audited carve-out financial statements as at and for the years ended 31 December 2021, 2020 and 2019. Financial information presented for 2022 is on an actual basis for the period Jul–Dec/2022 and on carve-out basis for the period Jan–Jun/2022.

Remuneration of the Board of Directors

WithSecure's Extraordinary General Meeting, held on 31 May 2022, decided that the remuneration for the Board of Directors of F-Secure shall be paid as follows for the term ending at the end of the next Annual General Meeting: EUR 80,000 for the Chairperson of the Board of Directors, EUR 48,000 for the Chairperson of each Committee, EUR 38,000 for other members of the Board of Directors, and EUR 12,667 for a member of the Board of Directors employed by F-Secure.

WithSecure's Extraordinary General Meeting decided that approximately 40 percent the Board of Directors' remuneration is paid as shares in F-Secure to be repurchased from the market. F-Secure Corporation will repurchase the shares or transfer shares held by F-Secure Corporation as treasury shares for the account of and on behalf of the members of the Board of Directors of F-Secure.

For the Members of the Board of Directors, changes in the holdings of the company shares and rewards paid in shares are reported according to the Market Abuse Regulation. Related stock exchange releases are available on the company's website.

The travel expenses and other costs of the members of the Board of Directors of F-Secure directly related to board work are paid in accordance with F-Secure compensation policy in force from time to time.

Each member of the Board of Directors of F-Secure is paid a predetermined travel fee in addition to travel expenses for meetings held outside their country of residence. A separate meeting fee of EUR 1,000 is paid to the Board members travelling from another country to an on-site meeting within the European continent. If inter-continental travel is required, the fee is EUR 2,000. The travel expenses and other costs directly related to the Board work of the members of the Board of Directors are paid in accordance with the company's compensation policy in force at any given time.

The Board of Directors Remuneration in 2022

Member	Annual fee paid in cash, EUR	Annual fee paid in shares, EUR	Annual fee paid in shares, pcs	Total, EUR
Pertti Ervi	48,001	31,999	11,452	80,000
Madeleine Lassoued	22,802	15,198	5,439	38,000
Thomas Jul	22,802	15,198	5,439	38,000
Risto Siilasmaa	22,802	15,198	5,439	38,000
Petra Teräsaho	28,801	19,199	6,871	48,000
Calvin Gan 1)	7,601	5,066	1,813	12,667
Total	152,809	101,858	36,453	254,667

1) Board member selected among personnel

87 Remuneration Report

Remuneration of the President and CEO

The Board of Directors of WithSecure Corporation appointed Timo Laaksonen as the President & CEO of F-Secure upon the implementation of the Demerger on 30 June 2022. The remuneration of the President and CEO is decided by the Board of Directors. The main components of the President and CEO's total remuneration are base salary and short- and long-term incentives. In addition, he may participate in the voluntary Employee Share Savings Plan (ESSP) which was approved by the Board of Directors on 23 August 2022. The aim of the ESSP is to encourage employees to acquire and own F-Secure shares, and it is intended to align the interests of the shareholders and the employees as well as to increase employees' long-term commitment to the company.

Short-term incentive (STI) payout for the President and CEO is 50% of annual base salary if targets are met, maximum payout being equal to the annual base salary.

F-Secure Short Term Incentive plan objectives were set for the period of 1 July – 31 December 2022. The STI Plan of 2022 for the President and CEO was based on F-Secure H2 revenue growth with 40% weight and H2 adjusted EBITDA with 40% weight and employee Net Promoter Score with 20% weight of total. The overall performance for these 3 criteria was evaluated and will be paid during the first quarter of 2023, provided that the Board of Directors has approved the results and the payments.

In 2022, the President and CEO, Timo Laaksonen also received a STI payment in August based on objectives related to Timo Laaksonen's prior role at WithSecure during January–June 2022. The objectives of the plan were WithSecure revenue with 50% weight, adjusted EBITDA 20% and Consumer Business Unit revenue with 30% weight of total. The weighted performance for these three criteria for 1H 2022 was 105%. The reward was in total EUR 29,760

				STI Target				Total
Salaries and financial benefits paid in and accrued as			STI Plan	(% of base	salary) Performance Criteria		Weight Performance	Weighted Performance	Payment
of 30 June 2022 are described in the table below:					Revenue Growth	40%	75%
			STI 2022	50%	Adjusted EBITDA	40%	109%	114%	Q1 2023
EUR	Payments in 2022	Accrued based on 2022	(July–December)		Employee Engagement (eNPS)	20%	200%
Base salary, including fringe benefits	150,120	–
Pension / Other financial benefits	–	–	STI Plan	STI Target (% of base	salary) Performance Criteria		Weight Performance	Total Weighted Performance	Payment
Short-term incentive (STI)					Revenue (WithSecure)	50%	119%
Earning period H1/2022	29,760		STI 2022 30% (January–June)		Adjusted EBITDA
Earning period H2/2022		78,115		(WithSecure)	20%	0%	105%	August 2022
Long-term incentive (LTI) EUR/shares	–	–			Consumer BU revenue (WithSecure)	30%	153%
Total	179,880	78,115

No Long-term incentive (LTI) payments were made to the President and CEO during 30 June – 31 December 2022.

The President and CEO has been granted 41,562 shares within the Performance Share Plan (PSP) 2022–2024 according to the guidelines defined in the company's Remuneration Policy. This grant represents the target level reward, the maximum reward being two times the target allocation. Final reward is determined based on the extent to which the targets have been reached

The key terms of service of the President and CEO

The contract of the President and CEO is an indefinite contract with a six-month period of notice both ways. If the Company terminates the contract for reasons other than a breach of the contract, the President and CEO shall be entitled to receive severance pay equivalent to six (6) months' salary in addition to the salary for the notice period.

during the performance period. Target remuneration The Company has obtained a life insurance for the President and CEO with an amount equaling the annual gross salary of the President and CEO.

The President and CEO does not have a supplementary pension plan, and the determination of his pension conforms to the standard rules specified by Finland's Employee Pension Act (TYEL). The President and CEO's retirement age is also determined by the statutory pension system and is 65 years under the applicable Finnish legislation.

The President and CEO – Current LTI Plans

Share Plan	(pcs of shares) Performance Criteria	Performance	Payment
PSP 2020–2022	23,978 Absolute Total Shareholder Return	100% – / Plan ongoing	H1 / 2023
PSP 2021–2023	43,160 Absolute Total Shareholder Return	100% – / Plan ongoing	H1 / 2024
PSP 2022–2024	41,562 Absolute Total Shareholder Return	100% – / Plan ongoing	H1 / 2025

President and CEO Pay mix 2022

F-Secure Corporation Tammasaarenkatu 7 00180 Helsinki Tel. +358 9 2520 0100 [email protected] www.f-secure.com

AI Terminal

3268_10-k_2023-02-17_b5824f0a-483e-47cf-b975-1ce4a801829d.pdf

Annual Report 2022

02 F-Secure 2022

Contents

F-Secure 2022

03 F-Secure 2022

Key figures 2022

Revenue by channel, % Revenue by geography, %

President and CEO's review

05 CEO letter

06 F-Secure 2022

F-Secure in brief

Three strategy pillars

Increase Average Revenue Per User (ARPU)

Developing current offering and new products

Expand into new channels

Financial targets by 2025

Profitability

Dividend Yield

Purpose, mission and vision

07 F-Secure 2022

Highlights of 2022

Q1

Q2

Q3

Q4

Our business model

Sustainability Statement

Sustainability

We are committed to keeping people and society safe

Towards brilliantly simple security experiences

We exist to make every digital moment more secure, for everyone

Engaged employees

We are a global company, where people truly enjoy working

Building safer online behavior, sustainably, for everyone

Redefining the focus areas of sustainability

Financials

F-Secure Corporation in 2022

Presentation of financial information

Financial performance

Revenue

Partner Channel

Direct Channel

Gross margin

Operating expenses

Profitability

Cash flow, financial position and financing

Revenue by sales channel

Revenue by geography

Acquisitions and financial arrangements

Group structure and changes

Significant events during the review period

Research and development

Personnel, management and auditors of the company

Personnel

Management team

The Board of Directors

Auditor

Shares and shareholders

Demerger from WithSecure Corporation

Shares and share capital

Trading of shares

Shareholders

Treasury shares

Short-term risks and uncertainties

Risks related to the Demerger

Risks related to F-Secure's operating environment

Risks related to F-Secure's business operations and strategy

Risks related to the technology used by F-Secure, intellectual property rights and other regulations

Risks related to F-Secure's financial position and financing

Decisions of the Extraordinary General Meeting 2022 and Board authorisations

Demerger consideration

Authorization of the Board of Directors of F-Secure to decide on the repurchase of F-Secure's own shares

Authorization of the Board of Directors of F-Secure to decide on the issuance of shares as well as the issuance of options and other special rights entitling to shares

Handling of the remuneration policy for governing bodies of F-Secure

Resolution on the number of members of the Board of Directors of F-Secure

Resolution on the remuneration of the members of the Board of Directors of F-Secure

Election of members of the Board of Directors of F-Secure

Resolution on the remuneration of the auditor of F-Secure