==> picture [596 x 81] intentionally omitted <==

ASX ANNOUNCEMENT

22 August 2025

2025 Corporate Governance Statement

Cuscal Limited (ASX:CCL) ( Cuscal ) advises that its 2025 Corporate Governance Statement is enclosed.

The Corporate Governance Statement and Appendix 4G are also available on the website at: - https://www.cuscal.com/investors/corporate governance

ENDS

This announcement was authorised for release by the Cuscal Board.

For all enquiries:

Email [email protected] Ryan Thompson at Sodali & Co Mobile +61423 151 378 Phone +612 9066 4044

About Cuscal Limited (ABN 95 087 822 455; AFSL 244116)

Cuscal is an authorised deposit taking institution (ADI), with the licences, connectivity and processing capability to support all payment types and regulated data services. The combination of these capabilities and credentials within a single organisation in Australia is limited to the four major Australian banks and Cuscal. Cuscal powers seamless and secure connections for its clients and their customers. Having originally been formed in 1966 to service Australia’s mutual banking organisations, Cuscal’s business has focused on innovation and investment to expand its capabilities to be a leading player in Australian payments.

==> picture [97 x 23] intentionally omitted <==

PO Box Q279 Tel: (02) 8299 9000 Queen Victoria Building NSW 1230

Level 11, Tower 1 Darling Park 201 Sussex St Sydney NSW 2000

www.cuscal.com

==> picture [149 x 36] intentionally omitted <==

Corporate Governance Statement

2025

==> picture [511 x 43] intentionally omitted <==

==> picture [103 x 27] intentionally omitted <==

==> picture [133 x 589] intentionally omitted <==

Contents
Approach to Corporate Governance	4
1. Principle 1 – Lay solid foundations for management and oversight	5
1.1. The Role of the Board and Management	5
1.2. Appointment of Directors and Senior Executives	8
1.3. Letter of Appointment for Directors and Senior Executives	9
1.4. Company Secretary	9
1.5. Diversity	10
1.6. Director Performance Evaluation	11
1.7. Senior Executive Performance Evaluation	11
2. Principle 2 – Structure the Board to be effective and add value	12
2.1. Board Remuneration and Nominations Committee	12
2.2. Board Skills Matrix	13
2.3. Composition of the Board	16
2.4. Director Independence	17
2.5. Chairman and Managing Director are not the Same Person	17
2.6. Director Education and Induction	18
3. Principle 3 – Instil a culture of acting lawfully, ethically and responsibly	19
3.1. Values	19
3.2. Code of Conduct	20
3.3. Whistleblower Protection Policy	21
3.4. Anti-bribery and Corruption Policy	21
4. Principle 4 – Safeguard the integrity of corporate reports	22
4.1. Board Audit Committee	22
4.2. Declarations	22
4.3. Process to Verify the Integrity of Periodic Reports	22
5. Principle 5 – Make timely and balanced disclosure	23
5.1. Continuous Disclosure	23
5.2. Material Market Announcements	23
5.3. Material Market Presentations	23
6. Principle 6 – Respect the rights of security holders	24
6.1. External Communications	24
6.2. Investor Relations	25
6.3. General Meetings	25
6.4. Substantive Resolutions at General Meetings	25
6.5. Shareholder Communications	25
7. Principle 7 – Recognise and manage risk	26
7.1. Board Risk Committee	26
7.2. Risk Management	27
7.3. Internal Audit	27
7.4. Environmental and Social Risks	28
8. Principle 8 – Remunerate fairly and responsibly	29
8.1. Board Remuneration and Nominations Committee	29
8.2. Remuneration Practices	29
8.3. Equity Based Remuneration Scheme	30

==> picture [103 x 27] intentionally omitted <==

Approach to Corporate Governance

Cuscal Limited (Cuscal) is committed to continuously improving its governance practices and seeking to ensure they are aligned with Cuscal’s business and stakeholders’ needs. Effective corporate governance is key to Cuscal’s ability to deliver on its purpose and strategy.

The Cuscal Board has responsibility for the overall governance of Cuscal, including the formation of strategic direction and policy, approval of plans and goals for Management, and the review of performance against those goals. The Board has established appropriate structures for the management of Cuscal, including an overall framework of internal control, risk management, compliance and ethical standards.

This Corporate Governance Statement ( Statement ) describes the key governance arrangements and practices of Cuscal

==> picture [316 x 452] intentionally omitted <==

Limited ( Cuscal or the Company ) for the financial year ended 30 June 2025 ( FY2025 ).

Cuscal’s governance arrangements are set by the Board having regard to the ASX Corporate Governance Council’s Corporate Governance Principles and Recommendations (4th Edition) ( ASX Principles ). Cuscal must also comply with the Corporations Act 2001 (Cth) ( Corporations Act ), and the Financial Accountability Regime Act 2023 (Cth) ( FAR ) among other laws, and as an Authorised Deposit Taking Institution, with governance requirements prescribed by the Australian Prudential Regulation Authority ( APRA ), including Prudential Standard CPS 510 Governance.

The Board regularly reviews and refines its corporate governance arrangements and practices in light of new laws and regulations, evolving stakeholder expectations and the dynamic environment in which Cuscal operates. This Statement has been approved by the Board and is current as at 22 August 2025.

==> picture [103 x 27] intentionally omitted <==

Principle 1

Lay solid foundations for management and oversight

==> picture [31 x 560] intentionally omitted <==

1.1. The Role of the Board and Management

The Board has adopted a charter ( Board Charter ) that sets out the role, composition and responsibilities of the Board. The Board Charter clearly defines the matters expressly reserved for the Board and delegates the day-to-day management and administration of Cuscal to the Managing Director, within approved limits, and other specified delegations of authority approved by the Board.

The Board is ultimately responsible for matters including:

Approving and monitoring the implementation of Cuscal’s corporate strategy, business and financial plans and performance objectives;

Forming a view of Cuscal’s risk culture, and the extent to which that culture supports the ability of Cuscal to operate consistently within its Risk Appetite Statement ( RAS ); identify any desirable changes to risk culture; and ensure Cuscal takes steps to address those changes;

Approving Cuscal’s annual budgets and financial statements and monitoring financial performance against forecast and prior periods;

Approving the capital management of Cuscal including approval of the Internal Capital Adequacy Assessment Process;

Approving Cuscal’s Risk Management Framework and Strategy ( RMFS ) and RAS and, with the guidance of the Board Risk Committee, reviewing and undertaking oversight and challenge to ensure Management’s implementation and operation of the RMFS, reviewing overall current and future risk appetite and tolerance, and ensuring that Cuscal’s operational structure continues to facilitate effective risk management and adequate risk management resources are available;

Overseeing Cuscal’s operational and financial performance;

Setting Cuscal’s values and approving Cuscal’s Code of Conduct to foster the desired culture within Cuscal;

Ensuring ethical behaviour and compliance with Cuscal’s governing documents, including the Code of Conduct; External Communications Policy; Continuous Disclosure Policy; Diversity, Equity and Inclusion Policy; Remuneration Policy; Securities Trading Policy and the Whistleblower Protection Policy;

Approving the appointment and replacement of the Managing Director; and

With the guidance of the Board Remuneration and Nominations Committee, assessing and reviewing the performance of and approving remuneration for the Managing Director.

More information is set out in the Board Charter disclosed on Cuscal’s website at cuscal.com/investors/

==> picture [103 x 27] intentionally omitted <==

The authority and power to manage Cuscal and its business within levels of authority specified by the Board from time to time is delegated to the Managing Director. The Board will have scheduled meetings each year and meet as circumstances dictate, and at the Annual General Meeting ( AGM ).

The Chairman and the Managing Director establish Board meeting agendas, with the assistance of the Company Secretary. Board papers are distributed electronically for Directors to review in advance of each meeting. The Executive Leadership Team are regular invitees to Board meetings. Directors also meet from time to time without the Managing Director and the Executive Leadership Team.

The Annual Report discloses the names and tenure of Directors, the number of times the Board and Board Committees met for FY2025, and individual attendances at those meetings.

To assist in performing these duties in the most efficient manner, the Board has established three Board Committees:

1 Board Audit Committee ( BAC );
2 Board Risk Committee ( BRC )
Board Remuneration and
3 Nominations Committee ( BRNC ).

==> picture [247 x 273] intentionally omitted <==

The committees operated by the Board are to consider and determine the matters for which they are responsible in accordance with their Charter. The Board Charter sets out the matters that have been delegated by the Board to these committees and the matters on which the Board will seek assistance and/or guidance from these committees.

The Board invites members of the Executive Leadership Team to attend Board and Committee meetings where appropriate. Members of the Executive Leadership Team are required to report regularly to the Board to create a culture that promotes transparency, candor, contestability and foresight.

Directors are entitled to request additional information at any time they consider appropriate and an open dialogue between individual Directors, the Managing Director and members of the Executive Leadership Team is encouraged.

With effect from 31 July 2024 the Board comprised six Non-Executive Directors and one Executive Director, being the Managing Director. Of the NonExecutive Directors, four are independent Directors.

==> picture [103 x 27] intentionally omitted <==

1.2. Appointment of Directors and Senior Executives

The Board has adopted a selection framework for the appointment of Directors. Under this framework, the BRNC assesses all candidates in accordance with the criteria contained in the framework, as well as the Fit and Proper Policy, board skills matrix and the requirements of APRA Prudential Standards CPS 510 Governance and CPS 520 Fit and Proper, including appropriate background checks.

Other matters to be considered in the selection of candidates include:

Any ‘gaps’ in the skills and experience of the Directors identified in the board skills matrix;
Cuscal’s Diversity, Equity and Inclusion Policy;
Strategic issues, and commercial and other challenges facing Cuscal;
The overall balance of skill sets available on the Cuscal Board at the time and those likely to be required over the following three years, with reference to the board skills matrix, and taking into account competencies required under the Fit and Proper Policy;
Assessment of Cuscal’s position with respect to market-based remuneration levels for Directors; and
Whether the candidate’s professional skills, background, personal qualities and experience will augment the existing Board.

Additionally, appropriate background checks are also undertaken before putting forward a candidate for election or re-election as a Director by shareholders, appointing an Executive Leadership Team member, and periodically during each Director’s Executive Leadership Team member’s tenure. These include checks in relation to the person’s character, experience and qualifications, criminal history, bankruptcy as well as ensuring that the person is available to provide the appropriate time commitment to serve as a Director on the Board or a member of the Executive Leadership Team.

A Director who has been appointed by the Board to fill a vacancy will serve a term which will expire at the conclusion of the AGM following their appointment and be eligible to stand for election, subject to the Constitution. Additionally, Directors who have been in office without re-election for three years since their last appointment must retire and seek re-election at the AGM. In each case, the Company provides to shareholders all material information in its possession, concerning the Director standing for appointment or reelection, in the explanatory memorandum to the relevant Notice of Meeting. Directors will also include a recommendation within any Notice of Meeting on the manner in which shareholders are encouraged to vote with respect to any resolutions relating to the election of Directors.

==> picture [28 x 842] intentionally omitted <==

==> picture [103 x 27] intentionally omitted <==

1.3. Letter of Appointment for Directors and Senior Executives

Directors receive formal letters of appointment setting out the arrangements relating to their appointment including:

Similarly, the Managing Director and each member of the Executive Leadership Team has an employment contract that set out the key terms and conditions of their appointment and include details about their remuneration. These are updated from time to time, as appropriate. Background screening checks are undertaken in respect of all members of the Executive Leadership Team prior to appointment and periodically.

Term of appointment;
Entitlement to seek independent advice at the expense of the Company;
Specifics of the role;
Anticipated time commitment;
Insurance, indemnity and ongoing rights to access information arrangements;
Confidentiality obligations;
Remuneration;
Intellectual property;
Requirements to disclose interests which may affect independence;
Consent to the use of technology; and
Ongoing confidentiality obligations.
Requirements to comply with Company policies;

1.4. Company Secretary

During FY2025 the Company had two Company Secretaries, Ms Freya Smith and Mr Sean O’Donoghue. The Company Secretary is accountable to the Board through the Chairman, on all matters to do with proper functioning of the Board.

The Company Secretary and each Director communicate directly as required. The Company Secretary also has an internal reporting line to the Managing Director on legal matters in respect of the business. The Company Secretary is responsible for the dayto-day operations of the Company Secretary’s office, including the administration of Board and committee meetings; ensuring that policies and procedures are followed; ensuring

that the business at board and committee meetings is accurately captured in the minutes advising the Board and its Committees on governance matters; and co-ordinating the completion and dispatch of the Board agendas and papers. The Company Secretary is appointed and removed by the Board. Ms Smith’s and Mr O’Donoghue’s biographies are included within the Annual Report. Each director is able to communicate directly with the company secretary and vice versa

==> picture [103 x 27] intentionally omitted <==

1.5. Diversity

The Board has adopted a Diversity, Equity and Inclusion Policy and Cuscal is committed to providing and promoting a corporate culture which embraces diversity that is disclosed on its website at: cuscal.com/investors/

==> picture [249 x 266] intentionally omitted <==

The Diversity, Equity and Inclusion Policy includes a requirement for the Board to establish measurable objectives for achieving gender diversity and for the Board to assess annually both the objectives and progress in achieving them. The Board also has a responsibility to disclose these objectives as well as Cuscal’s progress in achieving those objectives in Cuscal’s Annual Report. The Annual Report will include disclosure of: (i) the respective proportions of men and women on the Board, in senior executive positions and across the whole workforce of Cuscal; and (ii) the additional information required under the Workplace Gender Equality Act 2012 (Cth) given Cuscal is a ‘relevant employer’ under this legislation. Cuscal prepares an annual report to the Workplace Gender Equality Agency, copies of which are disclosed on Cuscal’s website.

For FY2025 the Board set measurable objectives to:

Maintain or improve the composition of the Board of at least 40% female membership, 40% male membership and 20% of any gender that holds the relevant skills and experience;
Maintain or improve the composition of the Executive Leadership Team (comprising direct reports to the Managing Director) of at least 40% female membership, 40% male membership and 20% of any gender that holds the relevant skills; and
Maintain or improve gender pay equity at -0.3.

Cuscal also participates in the annual Workplace Gender Equality Act compliance reporting program.

57.1%

Representation of women on the Board.

As at 30 June 2025 females represented:

57.1% of the Board;
42.9% of the Executive Leadership Team;
36% of the Senior Leadership Team (comprising direct reports to the Executive Leadership Team); and
41% of all Cuscal’s employees; and

As at September 2024 Cuscal’s gender pay equity was 0.7%.

Cuscal’s work on diversity and inclusion is part of the Company’s overall ESG strategy and broader diversity targets are set out in the Annual Report.

In FY2026, as part of Cuscal’s ongoing commitment to fostering a diverse, equitable, and inclusive workplace, Cuscal is aligning its gender equality targets with the new legislative requirements introduced by the Workplace Gender Equality Agency (WGEA). Effective April 2026, Cuscal will be updating internal gender targets as set out in the Annual Report.

42.9%

Representation of women on the Executive Leadership Team.

As a ‘relevant employer’ under the Workplace Gender Equality Act 2012 (Cth) Cuscal has submitted reports on the standardised gender equality indicators to the Workplace Gender Equality Agency.

==> picture [103 x 27] intentionally omitted <==

1.6. Director Performance Evaluation

The Board will, with guidance from the BRNC, regularly review the performance of the Board, its Committees and each individual Director, using where necessary an external consultant, against appropriate measures. A performance evaluation has been undertaken during FY2025 in accordance with that process.

Directors must meet annual fit and proper standards in accordance with the requirements of CPS 520. All Board members are also all accountable persons under FAR.

1.7. Senior Executive Performance Evaluation

The Board and BRNC members meet to discuss areas for improvement and identify actions to be taken for improvement.

A performance review of the Board, its Committees and the individual Directors was conducted during FY2025 via an externally administered and collated questionnaire/survey. The next performance review is scheduled for December 2025 and will be a comprehensive, externally facilitated evaluation.

Key performance measures for the Managing Director and the Executive Leadership Team are reviewed and recommended to the Board by the BRNC at the commencement of each financial year. The BRNC, together with the Managing Director reviews and makes recommendations to the Board following the Managing Director’s annual performance assessment of the Executive Leadership Team against the agreed performance measures. The annual performance assessment of the Managing Director is undertaken by the BRNC. A performance evaluation of the Managing Director and the Executive Leadership Team was conducted in respect of FY2025. Key performance measures in respect of FY2026 for the Managing Director and the Executive Leadership Team have also been established and approved by the Board.

The Managing Director, members of the Executive Leadership and the Internal and External Auditor must meet annual fit and proper standards in accordance with the requirements of CPS 520. The Managing Director and the Executive Leadership Team members are also accountable persons under FAR.

==> picture [103 x 27] intentionally omitted <==

Principle 2

Structure the Board to be effective and add value

2.1. Board Remuneration and Nominations Committee

The Board has established a Board Remuneration and Nominations Committee ( BRNC ), governed by the BRNC Charter, available at cuscal.com/investors/ to assist the Board in discharging its responsibilities in relation to Cuscal’s people, nomination and remuneration related frameworks, policies and practices.

The BRNC consists of an independent Chairman plus two other Non-Executive Directors. A majority of Committee members are independent. The Managing Director is invited to attend BRNC meetings, except in relation to discussion on matters affecting their own remuneration or performance, or any other matters where a conflict may exist. The Chief Legal and People Officer and Company Secretary is also invited to attend except where a conflict exists, with other members of the Executive Leadership Team invited as required.

Details of the number of times the BRNC met during FY2025, as well as Director attendance at each of the meetings are included in the Annual Report.

==> picture [231 x 440] intentionally omitted <==

==> picture [103 x 27] intentionally omitted <==

2.2. Board Skills Matrix

The Board seeks to have an appropriate mix of skills, expertise and diversity to enable it to discharge its responsibilities and add value to the Company. The Board values diversity in all respects, including gender and differences in background and life experience, communication styles, interpersonal skills, education, functional expertise and problem-solving skills.

The Board regularly reviews its composition, including reviewing the skills matrix to ensure it continues to reflect the necessary and desirable competencies of Directors. Board succession planning and the selection of new Directors is guided by the skills matrix, taking into consideration the current Directors’ mix of skills, knowledge and experience.

Together, the Directors who served throughout FY2025 contribute the following key skills and experience:


Skill Area	Description	Collective Experience

Strategy	• Demonstrated experience in developing, implementing and delivering strategic business objectives; • Ability to think strategically; and • Identify, and critically assess, strategic opportunities and threats and develop effective strategies in the context of the strategic objectives of Cuscal’s relevant policies and priorities.


		Limited Some Extensive
Policy	Ability to identify key issues and opportunities for Cuscal within the financial services and payments industries and develop appropriate policies to define the parameters within which Cuscal can, and should, operate.
		Limited Some Extensive
Finance	Qualifications and/or proficiency in financial accounting and reporting and the ability to: • analyse key financial statements; • critically assess financial viability and performance; • manage capital requirements; • contribute to strategic financial planning; • oversee budgets and the efficient use of resources; and • oversee funding arrangements and accountability.


		Limited Some Extensive
Payments	• Deep understanding of payment systems. • Proven ability and understanding of regulatory frameworks impacting payments in Australia. • Proven ability to assess the strategic impact of emerging technologies on payments. • Experience with global payment trends and disruption.
		Limited Some Extensive

==> picture [103 x 27] intentionally omitted <==


Skill Area	Description	Collective Experience

Legal	Proven ability and understanding in the application of legal principles, including, but not limited to: • financial services law; • applicable legislation; and • sophisticated corporate governance structures, including duties as directors, and a commitment to high standards of corporate governance.
		Limited Some Extensive
Risk & Compliance	Ability, in respect of all material risk classes covering strategic, operational and financial risks to: • advise, review and challenge the design of the Enterprise Risk Management Framework & Strategy including the approach to managing each material risk class and associated risk appetite; • identify and oversee all material financial and non-financial risks to Cuscal including risks relating to strategy, Environmental, Social and Governance (ESG) operational resilience, service providers, cyber, data and technology, compliance and legal credit, market, capital adequacy and liquidity; • monitor risk and compliance management frameworks and systems; and • have oversight of a broad range of risk and compliance management policies.
		Limited Some Extensive

==> picture [596 x 399] intentionally omitted <==

==> picture [103 x 27] intentionally omitted <==


Skill Area	Description	Collective Experience

Specialised Risk Classes	Knowledge in industry frameworks, and understanding of relevant regulatory landscape and emerging risks to provide informed review and challenge on specialised risk classes including: • ESG (e.g. ESG principles, climate risks, opportunities and scenario analysis); • cyber (e.g. cybersecurity frameworks, threat landscape, incident response strategies); • artificial intelligence (e.g. ethical, governance and regulatory expectations); • scams (e.g. typologies, prevention, detection and response frameworks); • compliance topics (e.g. AML/CTF and Privacy); • capital adequacy and liquidity (e.g. funding strategies, stress testing); and • credit risk (e.g. credit analysis and reviews and counterparty exposures).
		Limited Some Extensive
IT/ Technology	Knowledge and experience in: • the strategic use and governance of information management and information technology including digital strategies, disruption and innovation; and • the use of technology in payments or other financial services contexts.
		Limited Some Extensive
Executive Management	Experience at an executive level including the ability to: • appoint and evaluate the performance of the Managing Director and senior executives; • oversee strategic human resource management including workforce planning, and employee and industrial relations; and • oversee large scale organisational change.


		Limited Some Extensive
Commercial	A broad range of commercial/business experience, preferably in the small to medium enterprise context, in areas including communications, marketing, branding and business systems, practices and improvement.
		Limited Some Extensive
Stakeholder Engagement	• High level reputation and networks in financial services industry including relationships with relevant industry organisations and business groups; and • The ability to effectively engage and communicate with government, regulators and other stakeholders.


		Limited Some Extensive
People and Workplace Health	Experience in overseeing and assessing senior management, remuneration frameworks, workplace health and safety and strategic people management.
		Limited Some Extensive

==> picture [28 x 842] intentionally omitted <==

==> picture [103 x 27] intentionally omitted <==

2.3. Composition of the Board

The Board currently comprises six Non-Executive Directors and one Executive Director, being the Managing Director. The Board’s size and composition is determined by the Directors, within limits set by the Company’s Constitution.

In FY2025 the Directors were as follows:

Independent Chairman, Elizabeth Proust, AO
Managing Director, Craig Kennedy
Independent Non-Executive Director, Trudy Vonhoff
Independent Non-Executive Director, Belinda Cooney
Independent Non-Executive Director, Claudine Ogilvie
Non-Executive Director, Wayne Stevenson
Non-Executive Director, Ling Hai

Daryl Johnson retired from the Board effective 31 July 2024. Daryl had been a Non-Executive Director on the Cuscal Board since 24 February 2021.

Directors’ profiles, duration of office and skills and experience are set out in the Annual Report.

==> picture [103 x 27] intentionally omitted <==

2.4. Director Independence

The Board considers an independent Director to be a Non-Executive Director who is free of any interest, position, association or relationship that might influence, or reasonably be perceived to influence, his or her capacity to bring an independent judgement to bear on issues before the Board and to act in the best interests of the Company and its security holders generally.

The Board will consider the materiality of an interest, position or relationship for the purposes of determining ‘independence’ on a case-by-case basis, in line with the definition and considerations set out in APRA Prudential Standard CPS 510 ( CPS 510 ).

The Board comprises a majority of independent Directors for the purpose of CPS 510.

2.5.

Chairman and

Managing Director are not the Same Person

The Board considers that each of Elizabeth Proust, Belinda Cooney, Trudy Vonhoff and Claudine Ogilvie is free from any interest, position, association or relationship that might influence, or reasonably be perceived to influence, the independent exercise of the Director’s judgement and that each of them is able to fulfil the role of independent Director for the purpose of CPS 510.

Craig Kennedy is currently considered by the Board not to be independent as he is employed by the Company in an Executive capacity.

Ling Hai and Wayne Stevenson are also currently considered by the Board not to be independent.

The Board will regularly review the independence of each Director, and any subsequent Directors appointed, in light of interests disclosed to the Board.

The Chairman of the Board is elected by the Non-Executive Directors. The Board supports the separation of the role of Chairman and Managing Director. The Chairman’s role is to manage the Board effectively, to provide leadership to the board, and to facilitate the Board’s interface with the Managing Director.

==> picture [103 x 27] intentionally omitted <==

2.6. Director Education and Induction

The Board Charter provides that new Directors will be briefed on their roles and responsibilities. All Directors are responsible for ensuring they remain current understanding their duties as Directors.

Cuscal has an induction program in place for new Directors, and the Board has established guidelines on the continuing professional development of Directors. Each Director is required to undertake appropriate annual professional development and is obliged to maintain their record of training and attest to its completion as part of the annual Directors’ Fit and Proper assessment process.

Training and development initiatives are also subject to regular review, having regard to Board composition and the particular circumstances relevant to Cuscal from time to time.

Directors as a collective are actively encouraged to enhance their knowledge of Cuscal’s operations, industry and market developments, and regulatory changes. This is enabled by the Board engaging with industry and regulatory leaders, participating in technical briefings, and undertaking regular deepdive, free-form discussions with the Executive Leadership Team and Senior Managers at Board meetings. Board educational and immersion sessions are also appropriately arranged.

The Board is entitled to seek any information it requires from any Cuscal employee or from any other source. The Board or a Committee regularly meets with employees and the Board may request employees and third parties to attend Board or Board Committee meetings with or without the presence of members of the Executive Leadership Team.

==> picture [255 x 842] intentionally omitted <==

==> picture [103 x 27] intentionally omitted <==

Principle 3

Instil a culture of acting lawfully, ethically and responsibly

3.1. Values

These values have been created to build a shared understanding of the pri ~~or~~ ities of the Company in its decision making and focus.

Cuscal has adopted the following values which embody its culture, behaviours and actions:

==> picture [54 x 126] intentionally omitted <==

We Earn Trust: Trust and transparency form the foundation of everything we do.

We Think Customer: Our partnership and service set us apart.

==> picture [54 x 126] intentionally omitted <==

We are One Team: One Cuscal, one team, one plan. What we achieve we achieve together.

We Adapt and Adopt: We are innovative on the growth edge. We lead the way into the future.

==> picture [429 x 250] intentionally omitted <==

==> picture [27 x 213] intentionally omitted <==

==> picture [103 x 27] intentionally omitted <==

3.2. Code of Conduct

The Board maintains high standards of ethical conduct and the Managing Director is responsible for ensuring that high standards of conduct are maintained by all staff.

Cuscal’s reputation as an ethical business organisation is critical to its ongoing success. Cuscal has adopted a Code of Conduct which applies to all Directors and employees and covers the practices necessary to maintain confidence in Cuscal’s integrity, the practices necessary to take into account Cuscal’s legal obligations and reasonable expectations of its stakeholders, and the responsibility and accountability of individuals for reporting and investigating reports of unethical practices. It is not a prescriptive set of rules but rather a practical set of principles giving direction and reflecting Cuscal’s approach to business conduct.

Cuscal encourages individuals to report known or suspected instances of inappropriate conduct, including breaches of the Code of Conduct and other policies and directives. There are policies in place designed to protect employees and contractors from any reprisal, discrimination or being personally disadvantaged as a result of their reporting a concern.

All Directors and employees are bound by Cuscal’s Conflicts of Interest Policy and have a continuing responsibility to avoid conflicts of interest (both real and apparent) between their duty to Cuscal and their own interests.

Directors are required to disclose any actual or potential conflicts of interest on appointment and are required to keep this disclosure up to date. Cuscal’s Board has a standing Board and Committee meeting agenda item for Directors to advise of any change in circumstances which may lead to real or perceived conflicts of interest.

All Directors have access to the Managing Director’s direct reports and the Company Secretary to discuss issues or obtain information on specific areas in relation to items to be considered at Board meetings or other matters as they consider appropriate. Further, Directors have unrestricted access to Group records and information. The Board, its Committees and each Director has the right, subject to the approval of the Chairman, to seek independent professional advice at the Group’s expense to assist them to carry out their responsibilities. Further, the Board and its Committees have the authority to secure the attendance at meetings of outsiders with relevant experience and expertise.

Cuscal’s Code of Conduct Cuscal is available on its website at cuscal.com/investors/

==> picture [596 x 207] intentionally omitted <==

==> picture [30 x 842] intentionally omitted <==

==> picture [103 x 27] intentionally omitted <==

3.3. Whistleblower Protection Policy

Cuscal has a current Whistleblower Protection Policy

The purpose of the Whistleblower Policy document’s Cuscal’s commitment to maintaining an open working environment of honesty and integrity, and the requirement for Cuscal’s people to observe high standards of business and personal ethics in the conduct of their duties and responsibilities.

3.4. Anti-bribery and Corruption Policy

Cuscal has an Anti-Bribery and Corruption Policy which incorporates its policy on bribery and corruption. Cuscal is committed to conducting its business in an ethical, lawful and socially responsible manner, and in accordance with the laws and regulations of the countries in which it operates. The BRC and Board are informed of material breaches of the policy.

Cuscal’s Anti-Bribery and Corruption Policy is available on its website at cuscal.com/investors/

Cuscal encourages its employees to speak up about improper conduct and commits to ensuring that people can do so without fear of intimidation, disadvantage or reprisal. This is to allow us to detect and address wrongdoing, as soon as possible.

Cuscal also has an independent whistleblower hotline, which employees can contact to make disclosures anonymously. The Whistleblower Protection Policy provides that in the event that there are any material incidents reported under the Whistleblower Policy, such incidents will be reported to the BRC and the Board.

Cuscal’s Whistleblower Protection Policy is available on its website at cuscal.com/investors/

==> picture [103 x 27] intentionally omitted <==

Principle 4

Safeguard the integrity of corporate reports

4.1. Board Audit Committee

The Board has established a Board Audit Committee ( BAC ), governed by the BAC Charter, available at cuscal.com/investors/ to advise the Board on the effectiveness of Cuscal’s financial and regulatory reporting and overall internal control frameworks, as well as to provide the Board with assurance that all key risks relevant to Cuscal have been appropriately identified, managed and reported to the Board in accordance with Cuscal’s Risk Management Framework and Strategy.

Following the retirement of Daryl Johnson effective 31 July 2024, during FY2025 the BAC consisted of an independent Chairman plus three Non-Executive Directors. A majority of the members are independent. All members are financially literate and the relevant qualifications and experience of the BAC members are available on Cuscal's website and in Cuscal's Annual Report. The Managing Director and Chief Financial Officer are invited to, and attend, all BAC meetings, with other selected senior management as required. A standing invitation is extended to External Audit and Internal Audit representatives.

Details of the number of times the BAC met during FY2025, as well as Director attendance at each of the meetings are included in the Annual Report.

4.2. Declarations

Before approving Cuscal’s financial statements, the Managing Director and Chief Financial Officer provide a written declaration to the Board that, in their opinion, Cuscal’s financial records have been properly maintained and the financial statements comply with the appropriate accounting standards and give a true and fair view of Cuscal’s financial position and performance and that the opinion has been formed on the basis of a sound system of risk management and internal control which is operating effectively.

4.3. Process to Verify the Integrity of Periodic Reports

The BAC assists the Board to discharge its responsibilities on matters relating to the external reporting of financial information for the Group. Cuscal has established principles for an approval process for public documents including periodic corporate reports such as the Annual Report. The External Auditor reviews the Annual Report, including the Directors’ Report and Remuneration Report. Periodic corporate reports that are not audited are verified internally by the Chief Financial Officer and the Chief Legal and People Officer. The Executive Leadership Team and relevant Senior Managers also provide attestations and declarations to support the verification process. The BAC reviews the process undertaken to verify the integrity of any such reporting

The current External Auditor is Ernst & Young. The lead audit and engagement partner for FY2025 was Mr Andrew Harmer.

==> picture [103 x 27] intentionally omitted <==

Principle 5

Make timely and balanced disclosure

5.1. Continuous Disclosure

Cuscal is committed to promoting investor confidence in the markets for its securities by complying with its disclosure obligations in a way that provides investors with equal access to timely, balanced and effective disclosures.

Market sensitive information is released to the ASX in compliance with Cuscal’s continuous disclosure obligations under the Corporations Act and the ASX Listing Rules.

Cuscal has a Continuous Disclosure Policy that outlines Cuscal’s processes for complying with these obligations and ensures that Cuscal is clear and transparent and provides investors and the market with timely, balanced and equal access to information that a reasonable person would expect to have a material effect on the price or value of Cuscal’s securities. Cuscal’s Continuous Disclosure Policy is available on its website at cuscal.com/investors/.

The Chief Legal and People Officer and Company Secretary, or a person appointed by the Chief Legal and People Officer and Company Secretary, will lodge announcements with ASX electronically and will ensure that the Board receives copies of all material market announcements promptly after they have been made. Ahead of any new and substantive investor or analyst presentation, a copy of the presentation materials must be released to ASX (even if the information in the presentation would not otherwise require market disclosure).

Cuscal posts all information released to the ASX via the Investors page on the Cuscal website at: cuscal.com/investors/.

5.2. Material Market

Announcements

5.3. Material Market Presentations

In accordance with the Continuous Disclosure Policy, the Board receives copies of all material market announcements promptly after they have been released to the ASX.

The Continuous Disclosure Policy ensures that material market presentations are released to the ASX ahead of any new and substantive investor or analyst presentations.

==> picture [103 x 27] intentionally omitted <==

Principle 6

Respect the rights of security holders

6.1. External Communications

Cuscal recognises that shareholders and other external stakeholders are entitled to be informed in a timely and readily accessible manner of major developments affecting Cuscal.

The Board has adopted an External Communications Policy, with the purpose of:

Promoting effective communication with shareholders and other external stakeholders;
Ensuring that Cuscal’s employees and other stakeholders are clear on the content restrictions and approval process required prior to release to an external party of any Cuscal branded communications which may be attributed to Cuscal;
Minimising the risk of regulatory breach, publicity, damage to Cuscal’s reputation or damage to stakeholder relationships by ensuring all external messaging and communication reflects the agreed position taken by Cuscal on the subject matter being communicated;
Establishing the protocol for handling media enquiries and for providing Cuscal related information to external parties; and
Encouraging and facilitating participation at Cuscal’s general meetings and dealing promptly with the enquiries of shareholders and other external stakeholders.

The corporate section of Cuscal’s website will provide governance-related information including details of the Board and Executive Leadership Team and copies of Cuscal’s Board Committee charters and company policies.

Communication with shareholders and other external stakeholders occurs through (but are not limited to) the following channels:

Releases to the ASX in accordance with continuous disclosure obligations;
The corporate, investor and media sections of Cuscal’s website;
Cuscal’s annual and half-yearly reports; and
Cuscal’s AGM.

Cuscal will ensure that all substantive resolutions at a meeting of shareholders are decided by a poll rather than by a show of hands. Cuscal encourages shareholders to receive company information electronically by registering their email address online with Cuscal’s share registry.

Shareholders are strongly encouraged to provide Cuscal’s share registry, MUFG Corporate Markets, with their email address so Cuscal can communicate important information efficiently. Cuscal’s share registry contacts details are provided at the Investors page on the Cuscal website at cuscal.com/investors/.

Cuscal’s External Communications Policy is available on its website at cuscal.com/investors/.

==> picture [103 x 27] intentionally omitted <==

6.2. Investor Relations

Cuscal has an investor relations engagement program that includes engaging with institutional investors, buyside and sell-side analysis, individual investors and prospective investors on a scheduled and ad hoc basis, including following the release of results, at industry conferences and to provide key updates.

During FY2025, Cuscal provided investor presentations following the release of its 1H2025 results. Cuscal invited current prospective investors and analysts to meet with the Managing Director and the Chief Financial Officer and other Executives. These discussions provide investors with insight to better understand Cuscal’s business operations and strategy, its culture, the industry in which Cuscal operates as well as its customers, and internal governance and risk processes.

6.4. Substantive Resolutions at General Meetings

Voting on resolutions will be conducted by a poll. This practice will be adopted at the 2025 AGM.

6.5. Shareholder Communications

Shareholders are encouraged to receive communications from and send communications to Cuscal and its share registry MUFG Corporate Markets electronically.

Cuscal’s share registry contacts details are provided at the Investors page on the Cuscal website at cuscal.com/investors/.

6.3. General Meetings

The Company’s last AGM was held on 18 October 2024. The Company intends to hold an AGM for 2025 on 30 October 2025 as a hybrid AGM. A copy of the Notice of Meeting will be provided on Cuscal’s website as well as being sent directly to shareholders via their nominated means of communication.

Cuscal’s Constitution permits shareholders to participate in the AGM electronically including facilities for shareholders to ask questions during the AGM.

==> picture [265 x 484] intentionally omitted <==

==> picture [103 x 27] intentionally omitted <==

Principle 7

Recognise and manage risk

7.1. Board Risk Committee

The Board has established a Board Risk Committee (BRC), governed by the BRC Charter, available at cuscal.com/investors/, to advise and assist the Board to fulfill its responsibilities in relation to Cuscal’s risk management including strategies, policies, frameworks for implementation and how these support Cuscal’s business strategy and culture.

The BRC’s responsibilities include recommending to the Board the setting and review of the appropriate risk appetite for Cuscal, including reviewing and approving within its delegations all Board level policies regarding strategic risks, balance sheet risks (market, liquidity and credit), operational risk, securitisation risk, legal risk, compliance risk, conduct risk, other non-financial risks and regulatory risk.

The BRC’s responsibilities also include receiving and reviewing a triennial report (or more frequently if required) on the appropriateness, effectiveness and adequacy of the RMFS to satisfy itself that the RMFS continues to be sound and that Cuscal is operating within the risk appetite set by the Board.

Following the retirement of Daryl Johnson effective 31 July 2024, during FY2025 the BRC consisted of an independent Chairman plus three other Non-Executive Directors. A majority of the members are independent.

The Managing Director and Chief Risk Officer are invited to all Committee meetings, with other senior management with risk responsibilities attending as required. A standing invitation is extended to External Audit and Internal Audit representatives.

Details of the number of times the BRC met during FY2025, as well as Director attendance at each of the meetings is included in the Annual Report.

==> picture [321 x 259] intentionally omitted <==

==> picture [103 x 27] intentionally omitted <==

7.2. Risk Management

Cuscal manages the risks inherent in its business activities and operations through disciplined risk management. This is critical in any ADI, and particularly one operating and growing in a dynamic environment. This approach assists Cuscal to identify the risks it wants to take, apply controls to manage them and seek to achieve returns reflective of the level of risk, both now and into the future.

Cuscal is committed to ensuring that a consistent approach to identifying, assessing and managing risk is established across the business and is embedded in processes and culture. Cuscal’s approach to risk includes:

Implementing a systematic risk assessment and escalation process;
Overseeing and considering the outcomes of reviews and testing of the Business Continuity Plan, material outsourced arrangements and disaster recovery plan;
Managing risks associated with approved risk acceptance and Cuscal’s risk appetite;
Managing and reporting risks in line with approved risk acceptance and Cuscal’s risk appetite; and
Embedding risk culture and awareness with regular training and education.

The Board is responsible for overseeing and approving Cuscal’s RMFS and RAS and is supported by a number of sub-committees dedicated to specific risk areas, including the BRC, BAC, and BRNC.

The Board delegates responsibility for the day-to-day management of risk to the Managing Director, who subdelegates to the Executive Leadership Team via the Enterprise Risk Committee ( ERCo ) and the Asset and Liability Committee ( ALCo ). Each committee has specific responsibilities to support the Managing Director and Board of Directors in managing risk. Cuscal’s Chief Risk Officer plays a central role in the governance of Cuscal’s risk and has unfettered access to the BAC, BRC and the Board.

Cuscal’s RMFS describes the various policies, processes, structures, systems, techniques and tools Cuscal uses to support the identification, measurement, management and monitoring of risk.

How Cuscal manages risk is executed within the parameters of its RMFS. This aims to ensure there is clear accountability and responsibility for risk management across Cuscal, including robust review and challenge.

The BRC reviews the effectiveness of Cuscal’s RMFS annually and confirms that Cuscal is operating with due regard to the risk appetite set by the Board. A review of the RMFS was conducted during FY2025.

7.3. Internal Audit

Cuscal has an internal audit function, which is currently outsourced to KPMG. The BAC is responsible for monitoring and ensuring the integrity of the internal audit function in accordance with the BAC Charter. The BAC is responsible for reviewing the engagement of the internal auditor and assessing its independence annually, as well as reviewing the audit plan, among other duties.

==> picture [103 x 27] intentionally omitted <==

7.4. Environmental and Social Risks

Cuscal maintains a Board-approved Risk Management Strategy ( RMS ), which sets out Cuscal’s risk management objectives in support of its strategic vision and business activities. The RMS is executed through the RMFS, which is the totality of systems, structures, policies, processes and people that identify, measure, monitor, control or mitigate and report on all material sources of risk, including environmental, social and governance ( ESG ) risks.

ESG-related exposures on a portfolio basis are monitored as part of the risk reporting frameworks. The appetite for these risks is then considered through the RAS, which sets the Board’s appetite and tolerance for risk. The BRNC and the BRC assists the Board to fulfil its responsibilities. Management is responsible for identifying, monitoring and managing risks.

As Cuscal continues to grow and mature, it has increased guidance to staff on how to identify and assess these risks and to improve reporting to management with respect to ESG-related exposures.

Cuscal recognises its responsibility to manage environmental and social impacts in the pursuit of its strategic vision. The Board has adopted a Sustainability Policy, Sustainability Framework and Diversity, Equity and Inclusion Policy.

Cuscal does not consider that it has any material exposure to environmental or social risks.

==> picture [498 x 309] intentionally omitted <==

==> picture [103 x 27] intentionally omitted <==

Principle 8

==> picture [29 x 512] intentionally omitted <==

Remunerate fairly and responsibly

8.1. Board Remuneration and Nominations Committee

The Board believes that attracting and retaining the right calibre of personnel at the Board, Executive and Employee level is critical to ensure Cuscal is able to pursue its strategic objectives.

The Board Remuneration and Nominations Committee ( BRNC ) assists the Board to achieve this. Its role and function are set out in the Board Remuneration and Nominations Committee Charter, available at cuscal.com/investors/.

The BRNC consists of an independent Chairman plus two other Non-Executive Directors. A majority of Committee members are independent. The Managing Director is invited to attend BRNC meetings, except in relation to discussion on matters affecting their own remuneration or performance, or any other matters where a conflict may exist. The Chief Legal and People Officer and Company Secretary is invited to attend except where a conflict exists, with other management invited as required.

8.2. Remuneration Practices

The Board believes that attracting and retaining the right calibre of personnel at the Board, Executive and Employee level is critical.

Cuscal has adopted a Remuneration Policy. The Policy applies to all of Cuscal’s workforce including those in positions classified as Accountable Persons and Senior Managers of Cuscal as applicable, and defined in CPS 511, CPS 520, and FAR excluding Appointed Auditors and NonExecutive Directors and provides the minimum standards for

determining Cuscal’s remuneration framework arrangements, articulates Cuscal’s remuneration strategy and performance management objectives.

Cuscal’s remuneration framework aligns with Cuscal’s RMFS and promotes the effective management of both financial and non-financial risks, sustainable performance and Cuscal’s long-term soundness. This is achieved by, among other things, subjecting variable remuneration to conduct gateways providing for the evaluation of behaviour against Cuscal’s values and conduct as well as risk measures in balanced scorecards.

The remuneration framework also supports the prevention and mitigation of conduct risk through linkages of variable remuneration to risk and conduct outcomes. Cuscal has adopted a Performance Management Framework ( PCMF ) under which, where risk or conduct events occur, the PCMF will permit Cuscal to apply a downward adjustment to variable remuneration.

The BRNC reviews Cuscal’s remuneration-related arrangements, including its consequence management arrangements, at least annually and makes recommendations to the Board as to any changes the Committee considers should be made to such arrangements as well as recommendations to the Board (as appropriate) on consequences to be applied under the PCMF.

The BRNC is also responsible for reviewing and making recommendations to the Board with respect to NonExecutive Directors fees and utilises external bench marking.

Cuscal seeks to achieve gender pay equity. During FY2025 the gender pay equity gap was reduced from - 0.3% (September 2023) to 0.7% (September 2024). Cuscal reviews pay equity throughout the year and as part of the Company’s annual remuneration review process.

==> picture [103 x 27] intentionally omitted <==

8.3. Equity Based Remuneration Scheme

The Company’s Securities Trading Policy regulates dealings in Cuscal securities by directors, officers, employees and certain other designated persons ( Cuscal Persons ) including where they hold ‘inside information’ and during trading windows.

The Securities Trading Policy prohibits participants from entering into transactions in financial products which operate to limit the economic risk of security holdings in the Company which are unvested or subject to a holding lock otherwise.

Directors, Executives and certain other employees are prohibited at all times from entering into any margin lending arrangement in relation to security holdings in the Company.

Cuscal’s Security Trading Policy is available on its website at cuscal.com/investors/.

This statement has been approved by the Board and is current at 22 August 2025.

==> picture [309 x 566] intentionally omitted <==

AI assistant

CUSCAL LIMITED — Governance Information 2025

64619_rns_2025-08-21_1a593426-868c-4cc7-a4e7-f896d05224a8.pdf

ASX ANNOUNCEMENT

2025 Corporate Governance Statement

ENDS

For all enquiries:

About Cuscal Limited (ABN 95 087 822 455; AFSL 244116)

Corporate Governance Statement

Contents

Approach to Corporate Governance

Lay solid foundations for management and oversight

1.1. The Role of the Board and Management

1.2. Appointment of Directors and Senior Executives

1.3. Letter of Appointment for Directors and Senior Executives

Directors receive formal letters of appointment setting out the arrangements relating to their appointment including:

1.4. Company Secretary

1.5. Diversity

57.1%

42.9%

1.6. Director Performance Evaluation

1.7. Senior Executive Performance Evaluation

Structure the Board to be effective and add value

2.1. Board Remuneration and Nominations Committee

2.2. Board Skills Matrix

Together, the Directors who served throughout FY2025 contribute the following key skills and experience:

2.3. Composition of the Board

In FY2025 the Directors were as follows:

2.4. Director Independence

2.5.

2.6. Director Education and Induction

Instil a culture of acting lawfully, ethically and responsibly

3.1. Values

3.2. Code of Conduct

The Board maintains high standards of ethical conduct and the Managing Director is responsible for ensuring that high standards of conduct are maintained by all staff.

3.3. Whistleblower Protection Policy

3.4. Anti-bribery and Corruption Policy

Principle 4

Safeguard the integrity of corporate reports

4.1. Board Audit Committee

4.2. Declarations

4.3. Process to Verify the Integrity of Periodic Reports

Make timely and balanced disclosure

5.1. Continuous Disclosure

5.2. Material Market

Announcements

5.3. Material Market Presentations

Respect the rights of security holders

6.1. External Communications

6.2. Investor Relations

6.4. Substantive Resolutions at General Meetings

6.5. Shareholder Communications

6.3. General Meetings

Recognise and manage risk

7.1. Board Risk Committee

7.2. Risk Management

7.3. Internal Audit

7.4. Environmental and Social Risks

Remunerate fairly and responsibly

8.1. Board Remuneration and Nominations Committee

8.2. Remuneration Practices

8.3. Equity Based Remuneration Scheme

More from CUSCAL LIMITED

CUSCAL LIMITED Governance Information 2025