AI Terminal
SSH Communications Security
Governance Information • Mar 5, 2025
3344_cgr_2025-03-05_72b25964-37f5-43f9-b968-1179e06759de.pdf
Governance Information
Open in ViewerOpens in native device viewer
SSH Communications Security Corporation Corporate Governance Statement March 5 2025
| Introduction 3 | |
|---|---|
| SSH Communications Security's Administrative Bodies 3 | |
| Annual General Meeting 3 | |
| Board of Directors 4 | |
| Election, Term of Office, and Composition of the Board 4 | |
| Board Members 2024 4 | |
| Principles Concerning Diversity of the Board of Directors 5 | |
| Description of the Operations of the Board of Directors 5 | |
| Independence of the Members of the Board6 | |
| CEO and Executive Management Team6 | |
| Executive Management Team Members (composition and holdings per 31 December 2024): 6 | |
| Remuneration Statement and Incentive Plans7 | |
| Insider Management8 | |
| Silent Period9 | |
| Internal Auditing and Control 9 | |
| Related Party Transactions10 | |
| Risk Management10 | |
| Risk management principles10 | |
| Responsibilities 11 | |
| SSH Communications Security´s largest risks and uncertainties 11 | |
| Auditors 11 | |
| Disclosure Policy12 | |
| Business Ethics and Responsibility12 | |
| Board of Directors (31.12.2024) 15 | |
| Executive Management Team (31.12.2024)17 |
Introduction
SSH Communications Security Group comprises of SSH Communications Security Corporation ("SSH") and its subsidiaries. SSH is registered in Helsinki, Finland and is a publicly listed company in Nasdaq Helsinki (SSH1V). Its subsidiaries are SSH Communications Security, Inc. (USA), SSH Government Solutions, Inc. (USA), SSH Communications Security Limited (HK), SSH Communications Security UK Limited (UK), SSH Technology Ltd. (FIN), SSH Operations Ltd. (FIN) which has a branch in Germany, and Kyberleijona Ltd. (FIN, 65% ownership) which owns SSH Secure Collaboration Ltd. (ex. Deltagon Ltd.) (100%).
SSH abides by its Articles of Association as well as principles of transparent and responsible corporate governance, and high ethical standards in its governance and decision-making. The company complies with the Finnish Limited Liability Companies Act, securities market legislation, including the market abuse regulation, rules of Nasdaq Helsinki and Finnish Corporate Governance Code 2025 adopted by the Securities Market Association. This Code is available at www.cgfinland.fi.
This Corporate Governance Statement has been composed in compliance with the Corporate Governance Code and securities market legislation. This statement is published as a separate report from the Report of the Board of Directors at SSH's website www.ssh.com.
SSH Communications Security's Administrative Bodies
SSH implements a one-tier governance model, where the management of the SSH Group is a responsibility of the General Meeting of shareholders, the Board of Directors, and the CEO. Duties are defined by the Finnish Limited Liability Companies Act and the company´s Articles of Association.
The General Meeting is where shareholders exercise their voting rights and is SSH's highest decision-making body, taking decisions on matters falling within its competence by virtue of the Limited Liability Companies Act and the Articles of Association.
The Annual General Meeting (AGM) elects the Board of Directors, which in turn appoints the Chief Executive Officer (CEO). The Board of Directors and CEO are responsible for the management of the Group. The Executive Management Team and other management personnel assist the CEO in his or her duties. The Board of Directors decides on the Group's administrative systems and ensures compliance with good governance principles.
Annual General Meeting
The Annual General Meeting is held within six months of the completion of the company's fiscal year, at a time decided by the Board. The AGM decides on matters as required in the provisions of the Limited Liability Companies Act and Articles of Association, such as adoption of the year-end financial statements, profit distribution, and the granting of discharge from liability to the members of the Board of Directors and to the CEO. The AGM also elects the members of the Board of Directors and the auditors and decides their remuneration. Extraordinary general meeting can be called as defined in Limited Liability Companies Act. Each SSH share conveys one vote at the shareholder's meeting. Shareholders have the right to have a matter falling within the competence of the general meeting under the Limited Liability Companies' Act to be addressed at the general meeting.
Board of Directors
Election, Term of Office, and Composition of the Board
In accordance with the company's Articles of Association, the Annual General Meeting appoints three to eight members to the Board of Directors. Their term of office ends with the closing of the next Annual General Meeting following their appointment. The Board has a quorum when more than half of its members are present. The company's Articles of Association do not restrict the members' terms in office or present any specific selection criteria for the members. The Board elects a chairperson from among its members.
Board Members 2024
The members elected for the Board of Directors in the Annual General Meeting held on 25 March 2024 were Henri Österlund, Kai Tavakka, Christian Fredrikson, Catharina Candolin and as a new member Tuomo Louhivuori.
At the organizing meeting of the Board of Directors after the Annual General Meeting, Henri Österlund was elected as the Chairman of the Board of Directors.
In the current Board of Directors, there is representation from the biggest shareholder which has been very successful in technology investments, a very experienced expert of international cybersecurity industry, an expert of cybersecurity and defense, and a technology executive experienced in services business and the technology sector. 20 % of the board members are female.
| Board Member | Born | Gender | Educa | Main occupation | Member | Shares* | Option |
|---|---|---|---|---|---|---|---|
| tion | since | rights | |||||
| Henri Österlund Chairman |
1971 | male | M.Sc. | Accendo Capital Management, Partner |
2020 | 148 595 | No option rights |
| Kai Tavakka | 1986 | male | M.Sc., CFA |
Accendo Capital Management, Partner |
2020 | 5 480 | No option rights |
| Christian Fredrikson |
1964 | male | M.Sc. | Board Professional | 2021 | 10 000 | No option rights |
| Catharina Candolin |
1977 | female | PhD | OP Financial Group, Cyber Security and Defence Expert |
2022 | 144 | No option rights |
| Tuomo Louhivuori | 1976 | male | DI | Core BTS, CTO | 2024 | 10 000 | No option rights |
| Share holdings, total |
174 219 |
* incl. controlled organizations
Principles Concerning Diversity of the Board of Directors
SSH has established principles on diversity in accordance with the Corporate Governance Code's recommendation number 9. SSH's principles on diversity are taken into account when considering nominations to the Board of Directors. Decisions on the election of directors shall always be made at the general meeting.
The company needs a wide range of expertise in the Board of Directors, bringing different perspectives to decision-making. The Board's principles of diversity are mainly based on the professional, educational, industry and geographical background of the members, also considering gender and age.
In 2024, the general meeting elected the board members according to the proposal of the largest shareholders (45 % of the votes). Considering the scope of the company's business, the diversity principles of the board have been realized, as the board has diverse professional expertise from different professional groups in industries relevant to SSH. In particular, the wide geographical background of the board members has been successful, as most of the board members work in international positions and live in different countries. The board members have both genders and different generations, as well as enough members independent of the company or its largest shareholders.
Description of the Operations of the Board of Directors
The Board of Directors handles the company's administration and the appropriate arrangement of its operations. The Board also ensures that the supervision of the bookkeeping and asset management is appropriate. The Board makes wide-ranging and strategically important decisions concerning the company. The Board's task is to steer the company's operations in a manner that will add the greatest possible value to the company's invested capital over the long term.
The Board of Directors has confirmed a written charter for its duties, the matters it deals with, meeting practice and the decision-making procedure. In accordance with the charter, the Board deals with and makes decisions on all matters that are financially, operationally or fundamentally significant to the Group.
The Board appoints and dismisses the CEO, supervises his or her actions, and decides on his or her remuneration and other terms and conditions of service. The Board also approves the Group's strategy, operating principles and guiding values, and ensures that they are up to-date and correctly implemented. The Board also ensures that the Group has a functional system of internal controls and that the Group's risk management principles have been defined. It also ensures that key business risks have been identified and are being systematically monitored. The Board approves the operational guidelines and annual plan for the internal audit and assesses its effectiveness. Board´s duties and responsibilities are described in more detail in Charter of the Board.
SSH Board of Directors convened 11 times in 2024. The attendance rate of Board members was:
| Member of the Board | Participation/No. of meetings | Participation-% |
|---|---|---|
| Henri Österlund, Chairman | 11/11 | 100% |
| Kai Tavakka | 11/11 | 100% |
| Christian Fredrikson | 11/11 | 100% |
| Catharina Candolin | 11/11 | 100% |
| Tuomo Louhivuori | 10/10 | 100% |
The Board evaluates its operations and processes to increase efficiency and quality. An internal self-evaluation is conducted once a year.
Due to the relatively small size of the company and number of Board Members currently, SSH has no separate Committees of the Board.
Independence of the Members of the Board
At the organizing meeting of the Board of Directors after the Annual General Meeting, Henri Österlund was elected as the Chairman of the Board of Directors. Fredrikson, Candolin, and Louhivuori are deemed to be independent of the company and of the significant shareholders of the company. Österlund and Tavakka are deemed independent of the company. The company's CFO acts as secretary to the Board.
Due to the election of the Board of Directors as described in above, the majority of the Board members are considered independent of the company.
| Member of the Board | Independence of the company | Independence of the significant shareholders of the company |
||
|---|---|---|---|---|
| Henri Österlund, Chairman | Yes | No | ||
| Kai Tavakka | Yes | No | ||
| Christian Fredrikson | Yes | Yes | ||
| Catharina Candolin | Yes | Yes | ||
| Tuomo Louhivuori | Yes | Yes |
CEO and Executive Management Team
The SSH Board of Directors appoints the CEO and decides the terms of his or her service contract. The CEO oversees the company's operative management in accordance with the Finnish Companies Act and the instructions and authority provided by the Board of Directors. The CEO is responsible for the day-to-day management of the company and business planning. The Company's CEO during 2024 was Teemu Tunkelo until February 26, and from that onwards Rami Raulas as Interim CEO. Raulas was appointed CEO on January 8, 2025.
The Executive Management Team supports the CEO in managing and developing SSH Communications Security Group, and the members of the Executive Management Team report to the CEO. The Executive Management Team meets regularly, and the CEO chairs the meetings. All issues addressed in the meetings and related decisions are recorded in the meeting minutes.
Executive Management Team Members (composition and holdings per 31 December 2024):
| Member | Born | Gender | Education | Responsibility area | Membe | Shares* | Option |
|---|---|---|---|---|---|---|---|
| r since | rights | ||||||
| Rami Raulas | 1961 | male | M.Sc. | Interim CEO | 2016 | 70 000 | 150 000 |
| Michael | |||||||
| Kommonen | 1982 | male | M.Sc. | Chief Financial Officer | 2023 | 5 000 | 100 000 |
| Miikka Sainio | 1977 | male | Upper secondary school |
Chief Technology Officer | 2024 | - | 78 000 |
|---|---|---|---|---|---|---|---|
Teemu Tunkelo left his position as the CEO and the Executive Management Team on February 26th, 2024.
CTO Miikka Sainio was appointed as a member of SSH Communications Security's Executive Management Team as of March 1st 2024.
Remuneration Statement and Incentive Plans
SSH Communication Security has established a Remuneration Policy of governing bodies, which complies with legislation and the Finnish Corporate Governance Code 2025. This policy sets out the principles for remuneration of the Board of Directors and the Chief Executive Officer. This Remuneration Policy was presented and accepted in AGM 2024 and is valid until the AGM 2028 unless the Board decides to bring it to an AGM before that. The Remuneration Policy can be found from the company webpage.
The Annual General Meeting confirms the remuneration payable to the members of the Board of Directors before the election. The Board of Directors decides the salary and other benefits of the CEO and determines the salaries and benefits payable to senior management.
Forms of remuneration for SSH Communications Security's senior management involve a performance-related bonus. The company has no other remuneration practices, nor does it have any differing pension arrangements for the CEO or other senior management. The targets for the company's senior management are fixed for the target period at a time.
Further information on remuneration can be found from company´s website, remuneration policy and annually published remuneration reports.
The Board of Directors decided on the following new stock option plan in 2024:
• 27th of March 2024, Stock Option Plan 2024 A (max. number of stock options 980 000, sub-scription period 23.2.2026–31.3.2028)
In Annual General Meeting 2024 approved following annual compensation for the Board of Directors: 28 800 euros for Chairman and 24 000 euros for other members of the Board.
Remunerations paid to the Board of Directors during 2024:
| Board Member | Remuneration EUR |
|---|---|
| Henri Österlund | 28 800 |
| Kai Tavakka | 24 000 |
| Christian Fredrikson | 24 000 |
| Catharina Candolin | 24 000 |
| Tuomo Louhivuori (starting 25.3.2024) | 18 000 |
The CEO's and Interim CEO's annual salary and other benefits in 2024 were:
| Teemu Tunkelo | 182 259 | € | (incl. | termination | |
|---|---|---|---|---|---|
| compensation 145 181 €) | |||||
| Rami Raulas | 166 803 € | 50 000 option rights |
The CEO's salary includes a performance-related bonus that is reviewed on an annual basis, on the target level it can be 100 % of the fixed salary. During 2024, Teemu Tunkelo was not paid a performance bonus. The performance bonus paid to Rami Raulas during 2024 was based on his goals and performance in 2023 when he was not Interim CEO, so that amount is not included in the figures above. Also, the income from the shares he redeemed during 2024 using his stock option rights is not included in the below figures, because these options rights were granted before he became Interim CEO. These amounts are, however, included in the total pay of the Executive Management Team, which is presented below. The CEO and the Board of Directors agree on the bonus and what it is based on once a year or once per quarter.
Board of Directors can grant stock options to CEO according to the same principles and terms as to other SSH employees, including same share subscription periods. Stock options are intended to form part of the incentive and commitment program of the key personnel of SSH Communications Group and to motivate the key personnel to work on a long-term basis to increase shareholder value of the company.
The CEO's retirement age and determination of pension comply with standard rules under the Employees' Pension Act. The period of notice for the CEO is three months, with 3 months' severance payment.
The number of shares and stock options held by the members of the Board of Directors, CEO and members of the Executive Management Team are included in the introduction tables above.
The remuneration of the executive team members consists of fixed monthly salary, personal incentives, and company-wide incentives. The executive management team members' salary and other benefits in 2024 were in total 648 287 EUR.
Insider Management
SSH strictly follows the legislation applying to the management of insiders, including, but not limited to the Market Abuse Regulation (EU), Securities Markets Act as well as the Guidelines for Insiders approved by Nasdaq Helsinki Ltd., and the stipulations and guidelines of the FSA.
SSH keeps a non-public register of the managers and persons closely associated with them that are subject to the obligation to notify transactions (Market Abuse Regulation, MAR, Article 19).
When significant projects are at the preparation stage, the company also draws up insider registers for the projects concerned (event-based) fulfilling the requirements of MAR and of secondary regulation adopted pursuant to it. Insiders are given a notification through insider management system of their status as insiders and instructions on the obligations that apply to insiders. All insiders must acknowledge in the system the duties entailed and be aware of the sanctions related to insider regulation.
SSH has ensured the reliable management of an insider list with an insider management system. Insider lists are kept updated at all times. Information included in the insider lists follows the template of Commission Implementing Regulation (Annex I). The insider list is stored for at least five (5) years.
Silent Period
SSH Communications Security follows a silent period starting 30 days before the publication of its financial reports, during which company refrains from contact with representatives of the capital markets and financial media. A closed period before the announcement of the company's annual financial statements starts from the year end.
In addition to other trading restrictions, during the silent period, the individuals belonging to SSH management are prohibited from dealing in SSH Communications Security's financial instruments. SSH has imposed similar closed periods preceding the financial performance disclosures also on persons involved in the preparation of SSH Communications Security's interim reports and financial statements.
Silent periods during the financial year 2025:
- 15.01.2025 14.02.2025
- 30.03.2025 29.04.2025
- 17.06.2025 17.07.2025
- 23.09.2025 23.10.2025
Internal Auditing and Control
Because of the relatively small size of the company, SSH Communications Security has no separate internal audit organization.
Internal control seeks to ensure that the Group's operations are efficient and profitable, that reporting is reliable, and that the Group's operating principles and applicable legislation and regulations are observed.
The Board of Directors is responsible for ensuring that the Group's internal controls and risk management are adequate and appropriately organized for the company's business operations. The Board supervises the CEO to ensure that he or she handles the company's business operations and administration in accordance with the guidelines and instructions issued by the Board of Directors. To ensure adequate risk management, the Board of Directors discusses the Group's business and financial reports, as well as any substantial changes that have occurred in the company's business. The Board also assesses the adequacy and appropriateness of internal controls and risk management.
The CEO is responsible for the practical organization of internal controls. Among other duties, he or she ensures that the company's accounting practices comply with the law and is handled in a reliable manner. The Group's directors and managers are responsible for internal controls within their own areas of responsibility.
The Board is responsible for ensuring that the Group has defined guidelines and practices on internal control and that the internal controlling is effective and monitored. The Board also confirms the risk management and reporting procedures, and supervises the adequacy, appropriateness and efficiency of the company's management processes.
The CEO, assisted by other executive management, is responsible for the organization of accounting, administration and control mechanisms, and ensures that laws and regulations, company policies and board decisions are followed. Internal rules and guidelines have been published to support the company's operations. It is also ensured that there is a process description of all key processes and that the different process interfaces are clearly defined and described. The purpose of defining the processes is to ensure that everyone in the organization knows how the company operates and how each employee´s work links into the company's overall activities. Supervision and monitoring measures ensure compliance with rules, instructions and processes.
The company sets financial targets annually for budgeting, and continuously monitors their implementation and fulfilment of these targets. The company's organizational structure supports effective business planning, implementation and control.
Related Party Transactions
Company evaluates and monitors transactions concluded between the company and its related parties to ensure that any conflicts of interest are taken into account appropriately in the decision-making process. The company keeps a list of parties that are related to the company. Regarding the related party transactions, the company also takes into account the general principles of the Limited Liability Companies Act, such as the purpose of generating profit for shareholders, the principle of equity of shareholders and the diligence obligation of the management.
All material decisions related to any agreements with related parties or any other related party transactions are made by the Board of Directors. Decision-making procedure for related party transactions is based on careful preparatory work and appropriate reports, opinions and assessments taking into account all relevant disqualification provisions under the applicable laws and corporate governance rules. Related party transactions are identified, reported, and controlled by the impartial board members and CFO, who monitors and reports the company's related party transactions in accordance with the company's reporting practices.
Related party will not participate in making decisions related to any agreement between him/her and the company, or related to any matter that concerns an agreement between the company and a third party, where the related party is likely to have an essential interest in the matter.
Risk Management
Risk management aims to ensure that company´s strategic and operational targets are reached and operations safeguarded.
Risk management principles
Risk management is based on the risk management policy approved by the Board of Directors. We define a risk as an external or internal uncertainty factor that, if realised, would either positively or negatively affect our potential to achieve our strategic and financial targets. We seek to forecast, identify, evaluate and control significant strategic, operative, financial and accident risks. The Board of Directors defines the Group's risk appetite and risk tolerance through its decisions and monitors the sufficiency and effectiveness of the Group's risk management.
Responsibilities
The CEO is responsible for the implementation of risk management. The CFO holds primarily responsibility for managing financial risks and coordinates the implementation of risk management processes, and reports risks to the CEO, the Executive Management Team and the Board of Directors. The Executive Management Team members are responsible for executing the risk management policy in their own areas. General Counsel is responsible for contractual and legal risk management and reports risks to the CEO and CFO. Every employee is responsible for identifying any risks relating to their own work and bringing them to the attention of their supervisor.
SSH Communications Security´s largest risks and uncertainties
Largest risks that might affect the profitability of the company have been updated and are listed below:
- Refinancing risk/liquidity risk such as being unable to pay obligations due to insufficient liquidity or difficulties in raising financing.
- Cybercrime, including, e.g., ransomware
- Delays in product development and closing new business as well as phasing of new business cases
- Ability to execute the strategy
- Ability to retain and recruit key personnel
- Maintaining the ability to innovate and develop the product portfolio including intellectual property rights (IPR)
- IPR litigation and utilization of the patent portfolio
- A large portion of the company revenue is invoiced in USD currency, and possible significant fluctuation in USD currency rates during the year could have unpredictable effects on profitability. The company decides on hedging of USD-based contracts case by case.
- Uncertainty of the macroeconomic environment, such as the COVID-19 pandemic and war in Ukraine.
- Impact of higher inflation and increasing market interest rates which may have an effect on increasing operational and financial costs
Other risks, which are currently either unknown or considered immaterial to the company may, however, become material in the future.
Principles and organization of risk management of SSH Communications Security can be read from company´s webpage: www.ssh.com.
Auditors
SSH Communications Security has one auditor, which must be a firm of authorized public accountants approved by Finland's Central Chamber of Commerce. The Annual General Meeting elects the auditor for a term of office that runs until the end of the following Annual General Meeting.
The scope of the audit encompasses the Group's accounting, administration, Financial Statements and Board of Directors' Report for each accounting period. The Auditor makes regular reports to the Board of Directors and submits an Auditors' Report to the Annual General Meeting. The Auditors' Report contains a statement as to whether the Financial Statements and the Board of Directors' Report give a true and fair view, as defined in the rules governing financial reporting, of the Group's operative result and financial position, and as to whether the information contained in the Board of Directors' Report is consistent with the Financial Statements. The auditor's fee is paid annually on the basis of an invoice, in accordance with the Annual General Meeting's decision.
| Auditor fees in 2024 | EUR |
|---|---|
| Principal Auditor (Ernst & Young) | |
| Statutory auditing | 107 674 |
| Other services | 17 900 |
| Other auditors | |
| Statutory auditing | 20 443 |
| Tax consultancy | 408 |
| Total | 146 425 |
SSH Communications Security's auditor is Ernst & Young Oy with Maria Onniselkä as principal auditor.
Disclosure Policy
SSH Communications Security Group's parent company, SSH Communications Security Corporation, is domiciled in Helsinki, Finland, and its share is listed on NASDAQ Helsinki. In its communications SSH Communications Security observes Finnish and EU legislation, the rules of Nasdaq Helsinki, the regulations of the Finnish Financial Supervisory Authority, as well as the principles set out in the Company's Corporate Governance Statement. SSH Communications Security's communications are based on facts and objectivity, and guided by the general principles of trustworthiness, openness and timeliness. SSH aims to provide the market with a clear and comprehensive picture of the company's operations and financial condition in accordance with the notification obligation of a listed company. The company favors communications in electronic form. All company stock exchange releases, other investor information on the company, and other latest information are available on the company's website. SSH Board of Directors approves the Disclosure Policy, which is revised when necessary.
Business Ethics and Responsibility
SSH operates in a socially and ethically responsible manner, respects the environment and society, promotes the internationally proclaimed human rights and ensures ethical business practices at all times.
SSH has set out a clear Anti-Bribery & Anti-Corruption Policy which prohibits all forms of bribery and corruption. The policy is communicated to all employees in a new employee training. Any allegations of bribery or corruption will be investigated thoroughly. The Anti-Bribery & Anti-Corruption Policy is available at www.ssh.com. SSH has also established a whistle-blower process which is initiated when someone reports suspected internal or external misconduct or violation of law, regulations, human rights, labor practices or similar within the operations of SSH Group or by its personnel.
SSH has introduced Code of Conduct as a generally applied guideline describing the expected conduct at SSH Communications Security. It is created for the benefit of all employees, partners, and stakeholders to promote a high standard of professional conduct and uniformity within the company. SSH expects professional, honest, and respectful conduct in all business dealings and relationships with colleagues, customers, and any other people.
SSH respects the surrounding environment and aims to make sure that all its offices are green and energyefficient, and that environmental impacts are maintained as low as possible. Office and server spaces are mainly environmentally certified and carbon neutral. Travel emissions from employee commuting and business travelling are minimized by supporting remote working and online conferencing options.
SSH has been certified as a Nasdaq ESG Transparency Partner in 2022. This partnership is used by Nasdaq to signal engagement in market transparency and in raising environmental standards. The Nasdaq ESG Matrix includes data points from Environmental, Social, Corporate Governance as well as Future Sustainability Goals all of which SSH considers in its operations. SSH continues reporting in accordance with the requirements of the Nasdaq ESG Transparency Partner partnership.
In addition to the above-listed, SSH has defined its own ESG and climate strategy performance indicators. These key indicators include the environmental impact of equipment and offices, ethical business practices, cybersecurity, and the diversity and well-being of the employees and good people management. SSH will systemize its reporting regarding these indicators and the following of the ESG and environmental standards.
SSH is a responsible employer and ensures that all employees of SSH have right to safe and healthy working environment. SSH has a zero-tolerance for any form of discrimination or harassment. SSH has internal policies for non-discrimination and harassment, and it provides training on these issues to all employees worldwide. The Company pays attention to the safety of its workplaces and the workability and satisfaction of its employees. The headquarters of SSH in Helsinki are located in a modern office space, where we moved in autumn 2024. In addition, the Company offers sport, culture and other benefits to its employees.
Every employee is treated with equal consideration and fairness. All decisions concerning employment are determined by the employee's performance, not on any discriminatory grounds, such as gender, age, nationality, ethnicity, religion, political affiliation, disability or sexual orientation. All full-time employees had individual development discussions and were part of the performance management program.
SSH considers diversity as a strength and actively encourages diversity throughout the organization, including top management and the Board of Directors. The principles on diversity are always taken into account when considering nominations to the Board of Directors. SSH aims to have board members representing both genders, as well as different professional and educational backgrounds.
At the end of 2024, SSH Communications Security Group had 134 employees decreased by 24 employees from the end of 2023. Approximately 20,9% (2023: 20,3%) of the personnel were female and 79,1% (2023: 79,7%) were male.
Average age of all employees was 41,1 years (2023: 40,6 years). 35,8% (2023: 38,0%) of employees worked in sales, marketing and customer services, 51,5% (2023: 48,7%) in R&D and 12,7% (2023: 13,3%) in administration.
Approximately 18,7% (2023: 37,3%) of the employees had been working at SSH for less than 2 years, 46,3% (2023: 34,8%) for 2-5 years, 23,1% (2023: 19,6%) for 5-10 years, and, 11,9% (2023: 8,2%) for over 10 years.
Board of Directors (31.12.2024)
Henri Österlund, b. 1971, M.Sc. Economics Chairman of the Board
Henri Österlund is an expert of international investing and funding. He is the founder of Accendo Capital fund and a partner of the managing company. Accendo Capital creates shareholder value through active ownership. Previously, Österlund has served as a Partner of Conventum Corporate Finance, Partner of Triton Private Equity investment fund in London, and as an Analyst at Doughty Hanson Private Equity fund in Stockholm. In addition to SSH board, he is a board member at Remedy (publ) and Doro AB (publ).
Kai Tavakka, b. 1986, M.Sc. Economics, CFA
Kai Tavakka is a partner at Accendo Capital Management which manages the Accendo Capital fund. He has been working in the firm since 2012. Kai has a strong background and knowledge on corporate finance, for example from PCA Corporate Finance and Danske Corporate Finance. In addition, Tavakka is a member of the Board of Directors at Careium AB.
Christian Fredrikson, b. 1964, M.Sc. Technology
Christian is a long-term investor and board professional. He has wide and diverse experience on internationalizing sales of developed technologies (mobile networks and fixed networks, cybersecurity cloud services, companies' cloud services and biometrics) as well as growing companies. Christian has previously worked as CEO at Fingerprint Cards and F-Secure and in many managerial roles at Nokia Networks and Nokia Siemens Networks, where he worked for example as Head of Asia Pacific Region, Head of Switching Business Unit, and Head of Sales, and also lived in Asia for over 10 years.
Additionally, he is a board member of Remedy Entertainment and an advisor at Edge Venture Capital.
Catharina Candolin, b. 1977, PhD Technology
Catharina is a cyber security and defence expert currently working at OP Group. Previously, she has worked at the Finnish Defence Forces in different positions, for example as Section Chief of the Cyber Defence Section. Additionally, she has worked as a Policy Advisor at NATO HQ in Brussels. Catharina has been awarded with the Medal for Military Merits in 2015 and The Knight First Class of the Order of the Lion of Finland in 2020. Prior to that, Catharina has worked in the academia and in private sector companies. She is an active public speaker. She holds a Doctorate Degree (PhD) from Helsinki University of Technology (currently Aalto University). She studied her minor at the National Defence University of Finland.
Tuomo Louhivuori, b. 1976, M.Sc. Technology
Tuomo Louhivuori is a Senior Technology Executive with extensive experience in successfully leading multibillion-dollar international businesses, building diverse highperforming teams, creating new business areas, and executing transformation. He has a deep understanding of the services business and technology sector with a special focus on providing mission-critical solutions for customers operating in all industries. Louhivuori has a proven track record of delivering business results and continuous improvements by harnessing emerging technologies to drive digital transformation while leveraging already-made investments.
Executive Management Team (31.12.2024)
Rami Raulas, b. 1961, M.Sc. Economics Interim Chief Executive Officer
Rami is an experienced sales professional who has had multiple managerial roles in sales, marketing and product control in international companies. He has successfully developed and led many regional and international sales teams for different companies, resulting in significant growth in sales and increased customer satisfaction. He has strong experience from go-to-market strategies and execution as well as controlling channel sales. Rami has been in managerial positions at Nokia, ICL, Fujitsu and Ahlström. Rami has a Master's degree in Economics from Aalto University.
Michael Kommonen, b. 1982, M.Sc. Economics Chief Financial Officer
Michael is a seasoned finance leader with a background in financial management, controlling, and analyst roles in several global companies. He has worked in various roles in major companies, including AbbVie, Novo Nordisk, Oriola, and Schindler.
He holds a Master of Science degree in economics from Hanken School of Economics in Helsinki.
Miikka Sainio, b. 1977, upper secondary school Chief Technology Officer
Miikka has a 25-year history of developing software and services in companies ranging from small startups to Nokia. Product usability and user happiness are close to Miikka's heart, and these were his focus when he joined SSH in 2016 as the Head of UX. Later, he moved to work as the principal architect and product owner for SSH PrivX Privileged Access Management solution, and then to CTO role. Miikka has worked with building and coordinating large, international software and service development teams in launching massive consumer products.
