QPR

QPR Software's

Corporate

Governance

Statement 2024

QPR SOFTWARE'S CORPORATE GOVERNANCE STATEMENT 2024

The Finnish Corporate Governance Code

Compliance with the Corporate Governance Code

QPR Software Plc (hereinafter also the "Company", "QPR" or "QPR Software") has complied with the Finnish Corporate Governance Code (2020) issued by the Finnish Securities Market Association since the financial year started on January 1, 2020. QPR Software Plc complies with the revised Finnish Corporate Governance Code 2025 as of the financial year started on January 1, 2025.

Availability of the Corporate Governance Code on the Internet

The Finnish Corporate Governance Code is publicly available, for example, on the website of the Finnish Securities Market Association, at www.cgfinland.fi.

Board of Directors

Composition of the Board of Directors

The Board of Directors of QPR Software consists of the following members elected at the Annual General Meeting on May 15, 2024: Pertti Ervi (Chairman), Antti Koskela, Linda von Schantz and Jukka Tapaninen.

Pertti Ervi

Chairman of the Board

b. 1957, engineer

Antti Koskela

Member of the Board

b. 1971

Master of Science in Technology

About

Chairman of the Board since March 2021.

Key experience

Independent management consultant and professional board member
Computer 2000 AG, Co-CEO 1995 – 2000.
Computer 2000 Finland Oy, Founding Member and Managing Director 1983 – 1995.

Key positions of trust

Chairman of the Board, F-Secure Oyj, 2022 – present
Member and Chairman of the Board, Chairman of the Audit Committee, WithSecure Oyj, 2003 – 2023
Member and Chairman of the Board, Efecte Oyj, 2008 – present
Chairman of the Board, Mintly Oy, 2017 – 2022
Member of the Board, Pointsharp Holding AB, 2021 – present
Member and Chairman of the Board, Teleste Oyj, 2009 – 2020
Member and Chairman of the Board, Comptel Oyj, 2011 – 2017
Chairman of the Board, Stonesoft Oyj, 2004 – 2007

About

Member of the Board since March 2021.

Key experience

WithSecure Oyj, President and CEO 2024 – present
WithSecure Oyj, Executive Vice President and Chief Product Officer, 2021 – present
Elisa Oyj, Vice President, Business Development, 2020 – 2021
Nokia Software, CDO and Vice President, 2018 – 2020
Comptel, CTO and Executive Vice President, 2011 – 2017
Nokia Siemens Networks, various managerial positions, 2007 – 2011
Nokia Networks, various managerial positions, 1999 – 2007

Linda von Schantz

Member of the Board
b. 1973
Master of Science in Technology

Jukka Tapaninen

Member of the Board
b. 1963
M.Sc., Economics

About

Member of the Board since May 2024.
Independent of the Company and its significant shareholders

Key experience:

UPM-Kymmene Oyj, Vice President, Information Technology, 2022 - present
UPM Communication Papers, Vice President, Business Processes and Solutions, 2019-2022
UPM, various global expert and managerial positions, 2010-2022
ABB, various global expert and managerial positions, 2001-2010

About

Member of the Board since March 2021.

Key experience

Aiforia Technologies, CEO, 2020 – present
Pegasystems, VP and Managing Director EMEA, APAC and Japan, 2016 – 2020
SAP, Vice President Global/EMEA, 2005 – 2016
Basware, SVP and General Manager, 2002 – 2005
Stonesoft Inc, CEO Americas, 2000 – 2002
HP, Regional and Global managerial roles, Sales and Business Development, 1995 – 2000

Key positions of trust

Vice Chairman of the Board, Aiforia Oy, 2015 – 2020
Member of the Board, WeVision Oy, 2014 – present
Member of the Board, Meshworks Wireless Oy, 2011 – present
Chairman of the Board, Addoro Ab, 2014 – 2017 (acquisition)
Member of the Board, Findity Ab, 2013 – 2016
Member of the Board, VeliQ B.V., 2015

Charter of the Board (Summary)

Board meetings:

The Board convenes regularly, at least 8 times a year, according to a pre-agreed schedule.
At least one meeting focuses on strategy and one on the budget.
When necessary, the Chairman of the Board or the CEO may convene a Board meeting.
The agenda and material shall be delivered to Board members no less than three working days before the meeting, unless otherwise agreed with the Chairman.

Information:

Board members shall receive a monthly report containing the Group's actual results, budget comparison, and commentary on the results including reasons for any significant budgetary deviations. The report also includes a summary of other significant matters within the Group.
All significant matters shall be informed to the Board immediately.
The Board is presented a risk management report as part of the management reporting at least once a year.

Matters to be handled at Board meetings include, for example:

Matters specified in the Finnish Companies Act.
Approves the strategy and annual budget, and monitors their execution.
Appoints and discharges the CEO and decides on the terms of their employment.
Approves the hiring of personnel reporting directly to the CEO and their terms of employment.
Determines the principles of compensation for senior management.
Approves incentive pay schemes for the CEO and personnel.
Makes proposals to the General Meeting other than those made by the Shareholders' Nomination Board.
Decides on employee share-incentive and stock option plans, and their allocation to employees.
Reviews and approves interim reports and financial statements.
Approves acquisitions and significant unbudgeted investments, and other materially significant decisions.
Approves the dividend distribution policy and prepares a proposal to the General Meeting on the distribution of dividend.
Approves the investment policy.
Approves related party transactions.
Monitors the implementation of internal controls, internal audits, and risk management.
Handles other matters that have been agreed upon by the Chairman of the Board and the CEO to be handled by the Board of Directors or that otherwise fall within the Board's decision-making authority pursuant to the Finnish Companies Act, the Articles of Association, or other applicable laws and regulations.

Operations during the financial year 2024

During the financial year 2024, QPR Software Plc's Board of Directors convened 15 times. The average attendance rate of the Board members was 95%. The Board of Directors conducts a self-assessment of its activities. The Board has not established any committees. The members of the Board of Directors attended the meetings as follows:

Member	Attendance
Pertti Ervi (Chairman)	15/15
Matti Heikkonen
(member of the Board until May 15, 2024)	7/7
Antti Koskela	13/15
Linda von Schantz
(member of the Board as of May 15, 2024)	7/8
Jukka Tapaninen	15/15

Diversity of the Board

The Board of Directors of QPR Software Plc are elected based on business needs and the merits of the candidates, bearing in mind the advantages of diversity. The selection criteria consist of the candidates' competence, experience, and personal qualities. In assessing competence and experience, special attention is paid to experience in international software business and business development, as well as experience in financing, economics, and entrepreneurship.

The Company aims to have both genders represented on the Board. In 2024, four Board members were elected at the General Meeting. The Board of Directors consists of three male members (Pertti Ervi, Antti

Koskela, and Jukka Tapaninen), representing 75% of the Board members, and one female member (Linda von Schantz) (25%).

The Board of Directors of QPR Software Plc has set these diversity principles. The principles and their implementation are presented and reported as part of the Company’s Corporate Governance Statement.

Committees

The Board has deemed, considering the size of the Group, the scope of its operations, and existing control systems, that separate committees are not necessary. The Board as a whole is responsible for the duties of the audit committee as well as other committees.

Supervisory Board

QPR Software Plc does not have a Supervisory Board.

Shareholders’ Nomination Board

QPR Software Plc has a Shareholders' Nomination Board, which is responsible for preparing proposals to the Annual General Meeting for the election and remuneration of the members of the Board of Directors as well as the remuneration of the Board committees. The Nomination Board consists of three members who represent QPR Software's three largest shareholders who, on August 30th preceding the next year's Annual General Meeting, hold the largest number of votes calculated of all shares in QPR Software.

During the financial year 2024, the Chair of the Nomination Board was Roger Kempe, representing Oy Finncorp Ab, and the members were Erkki Myllärniemi, representing UMO Capital Oy, and Eero Leskinen, representing Vesa-Pekka Leskinen.

The Shareholders' Nomination Board gave its proposals to the Annual General Meeting 2024 on November 30, 2023, and to the Annual General Meeting 2025 on January 27, 2025.

The Charter of QPR Software's Shareholders' Nomination Board is available on the Company's website at www.qpr.com/company/investors.

CHIEF EXECUTIVE OFFICER

Chief Executive Officer of QPR Software Plc

The CEO of QPR Software Plc is Heikki Veijola (b. 1970). Veijola holds a Master of Science degree in Economics (M.Sc. Econ., Turku School of Economics) and assumed the position on March 1, 2023.

Prior to joining QPR, Veijola served as the Director of International Partner Business and a member of the executive team at Enreach Oy, overseeing business operations within the Microsoft and Salesforce ecosystems and collaborating with system integrators, consultants, and other strategic partners, particularly in Northern Europe. Before this, Veijola held the position of Sales Director at Enreach Oy.

Veijola possesses extensive experience in sales, international expansion, partner ecosystems, and the development and transformation of cloud and SaaS (Software as a Service) businesses. Throughout his career, he spent 11 years at Salomaa Group, Finland's largest marketing conglomerate, where he served as the CEO of KASKI Agency and advertising agency Adsek Oy, leading both companies through two transformational periods.

Heikki Veijola did not hold shares of QPR Software Plc on December 31, 2024. On December 31, 2024, Heikki Veijola held a total of 420,308 stock options, divided as follows: 97,908 stock options 2022, 200,000 stock options 2023, and 122,400 stock options 2024A.

Duties of the Chief Executive Officer

QPR's Board of Directors appoints the CEO and decides on the terms of their service. The CEO's terms of service have been agreed on in writing. The CEO is not appointed for a certain term as he is appointed indefinitely until further notice.

The CEO manages the Company's operations in accordance with the Finnish Companies Act and the Board of Directors' instructions and rules, and informs the Board of Directors about the development of the Company's business and financial situation. The CEO is also in charge of the Company's day-to-day management and for ensuring that the Company's financial administration is arranged in a reliable manner. The CEO is the primary presenter in Board meetings and responsible for preparing proposals for Board decisions.

EXECUTIVE MANAGEMENT TEAM

Executive Management Team of QPR Software Plc

QPR Software has an Executive Management Team, the Chairman of which is the Company's CEO and the members who are Senior Vice Presidents (SVP) responsible for the Company's business operations and business units and corporate support functions. The Executive Management Team can be expanded if this is considered necessary for the matter under consideration. The Executive Management Team's main responsibility is to assist the CEO, monitor and develop the Company's business in line with the objectives set, and disseminate information. The Executive Management Team is informed about all business plans, profit performance and a majority of the matters that are handled by QPR Software's Board of Directors, and it also participates in the preparation of these matters as appointed by the CEO. The Executive Management Team meets regularly twice a month.

Composition, duties, responsibilities, and shareholding of the Executive Management Team

In addition to the CEO, QPR Software's Executive Management Team includes:

Taru Mäkinen (b. 1975, M.Sc. Econ.), Chief Financial Officer, responsible for QPR Software's finance and administration, including external and internal reporting, monitoring and managing the financial performance of the business, capital allocation and procurement. She also oversees investor relations, compliance with the insider policy, coordination of risk management and treasury functions.
Matti Erkheikki (b. 1978, M.Sc. Tech.), Chief Product Officer, responsible for the Company's products and the vision and strategy of the product portfolio. It is on Erkheikki's responsibility that the Company's products and their characteristics are in line with the organization's goals and that the product portfolio is constantly developed and improved in accordance with the needs of customers and target groups.
Tero Aspinen (b. 1985, M.Sc. Tech.), VP Middle East Business, responsible for the Company's business in the Middle East market and for sales and development of Performance Management software solutions globally.
Mika Maliniemi (b. 1980, degree in Business Information Technology), Chief Operating Officer, responsible for the Company's software product development, cloud service development and production, and customer support services.
Sanna Salo (b. 1977, M.Sc. Econ., Certified Board Member (HHJ)), Chief Marketing Officer, responsible for the strategy, planning, development, and implementation of the Company's brand, marketing, communication, and stock exchange communication.
Teemu Lehto (b. 1970, D.Sc. Tech.), Chief Professional Services, responsible for the professional services business.
Antti Kivalo (b. 1974, M.Sc. Econ.), Sales Director, responsible for developing and implementing the Company's sales strategy in global markets. He leads the sales team, fosters customer relationships, ensures the achievement of sales targets, and monitors market trends and competitive dynamics.

The table below outlines the share and stock option holdings of the members of the Executive Management Team on December 31, 2024:

Member	Shareholding	Options 2022	Options 2023	Options 2024A
Taru Mäkinen	0	85 670	150 000	64 800
Matti Erkheikki	0	70 983	100 000	64 800
Tero Aspinen	0	58 745	85 000	64 800
Mika Maliniemi	0	29 463	85 000	64 800
Sanna Salo	5121	58 745	85 000	64 800
Teemu Lehto	34 000	29 463	85 000	64 800
Antti Kivalo	0	-	-	64 800

Internal Control and Risk Management

Internal Control

The Group's internal control and risk management aim to ensure that the Group operates efficiently and effectively, distributes reliable information, complies with regulations and operational principles, reaches its strategic goals, reacts to changes in the market and operating environment, and ensures continuity of its business.

It is the duty of QPR Software's Board of Directors to monitor the appropriateness, effectiveness, and efficiency of risk management and internal controls within the Group. The Board is presented with a risk management report addressing the risks described in the Risk Management section at least once a year.

The Board assesses the risks based on the threat they pose to shareholders. The Board also oversees that the Company has defined operating principles for internal control and that the Company monitors the effectiveness of controls.

Internal Control and Risk Management Systems Associated with Financial Reporting

The ultimate responsibility for accounting and financial management lies with QPR Software Plc's Board of Directors. The Board is responsible for internal control, while the CEO is responsible for the practical organization of internal controls and for monitoring the effectiveness of controls.

Business operations are controlled and monitored through a Group-wide reporting and forecasting system. The CEO and the CFO provide monthly reports of the Group's situation and development for the Board and Executive Management Team meetings.

Risk Management

The Group's CFO is responsible for the coordination and reporting of the Group's internal controls and risk management. The Group's risk management is driven by the requirements arising from legislation, shareholder expectations regarding business objectives, as well as the expectations from customers, personnel, and other important stakeholders.

QPR's risk management aims to systematically and comprehensively identify the risks related to the Group's operations and to ensure that risks are managed and considered in decision-making. Risk management is a part of the routine responsibilities throughout the organization. Risk management is developed by continuously improving the Company's operational processes.

The principle of materiality is used as the basis for identifying risks: the realization of monitored risks must have a material effect on the Company's business operations.

QPR Software has identified the following three risk groups related to its operations:

risks related to business operations,
risks related to information and products, and
risks related to financing.

Property, disruption, and liability risks are covered by insurance.

QPR Software Plc's Management System was awarded the ISO 9001:2015 quality certificate covering all of the Company's activities, which is audited annually by an external evaluator.

RISKS RELATED TO BUSINESS OPERATIONS

The following risks are related to QPR Software's business operations:

Country risk. Risk is measured by assessing the potential loss of country-specific revenue. Risk is managed by continuously gathering market information and diversifying business across geographical markets and industries.
Customer risk. Risk is measured in terms of software maintenance customer churn and the share of overdue accounts receivable of total receivables (%). Risk is managed by taking good care of every customer and reseller, as well as by actively following up on accounts receivable.
Personnel risk. Risk is measured in terms of personnel churn. Risk is managed through skilled recruitment, professional management practices, and by providing opportunities for job rotation as well as learning and growth.
Legal risk. Risk is measured by comparing the cumulative euro-value of all open legal disputes with annual net sales (%). Risk is managed with good knowledge of contract law and standard terms, and by conducting activities that are both ethical and in line with Company values.

QPR's country and customer risks are mitigated by conducting business in more than 50 countries, in both public and private sectors, as well as in several different industries.

Reasonable credit risk concerning individual business partners is characteristic to any international business. The Company seeks to limit this risk by continuously monitoring standard payment terms, receivables, and credit limits.

RISKS RELATED TO INFORMATION AND PRODUCTS

QPR Software has identified the following three risks related to information and products:

Risk related to products. Risk is managed by ensuring that the Company's product range remains competitive by differentiating itself from competitors through the strengths of its content and products. The Company seeks to ensure the security of its products through automatic malware prevention.
Intellectual Property Rights. The Company's Intellectual Property Rights (IPR) are protected by the confidentiality of the source code, its secure storage, and selected patent applications. In its new process mining business, the Company has adopted a more active IPR strategy. As a result, QPR filed patent applications for five separate inventions in Finland and the USA in 2012. The inventions relate to automated business process discovery based on processing event data. In April 2015, the U.S. Patent and Trademark Office granted a patent as a result of the applications. In May 2016, QPR announced that the U.S. Patent and Trademark Office had granted an additional patent to its process mining technology. In addition, the Company uses contract management and internal training to ensure that third-party IPRs are not used without permission in its products. The Company has a legal expenses insurance.
Information and security risks. QPR Software regularly monitors and strives to mitigate information security risks in its operations and reports to the Board of Directors. QPR uses both governance and technological means to improve the security of its systems. To mitigate information security risks, QPR has adopted data and vendor governance models, conducted annual audits of its partners, and organized relevant in-house training to improve security awareness.

QPR has had no significant information security events or problems related to product management, and no significant changes in the risks of these have been observed during 2024.

RISKS RELATED TO FINANCING

QPR Software has identified the following two financing risks:

Currency risk. Foreign currency risk is measured by calculating the share of all non-euro receivables or an individual non-euro currency of all receivables (%). The risk is managed by using the euro as the primary invoicing currency and by currency hedging in accordance with the Company's hedging policy. The Company constantly monitors the development of open positions of the most important invoicing currencies. At the end of the financial year, the Company had not hedged its foreign currency (non-euro) trade receivables.
Liquidity risk. The risk is measured based on the forecasted cash flow. The risk is managed by actively monitoring the forecast and effectively collecting overdue receivables. The risks related to the Company's financial position are mitigated by the relatively high proportion of recurring revenue in its net sales. The Company's financial position on December 31, 2024, was satisfactory. The EBITDA covenant is tested every six months, and the equity ratio covenant is tested annually according to the situation on the last day of the year. In the testing of covenants carried out on December 31, 2024, EBITDA and equity ratio exceeded the agreed covenant limit. In December 2024, the bank undertook not to exercise its advancement right of receivables under the financing agreement in the event of a potential breach of the Group's covenants as per the 2024 financial statements. The financing limit will be repaid in installments of EUR 500 thousand on January 31, 2025, and January 31, 2026.

To manage the liquidity risk, the Company also has an agreement for a credit limit of EUR 500 thousand, which was not in use on December 31, 2024.

OTHER INFORMATION TO BE PROVIDED IN THE CORPORATE GOVERNANCE STATEMENT

Main Procedures Relating to Insider Administration

QPR's Insider Policy follows Nasdaq Helsinki Ltd's Guidelines for Insiders of Listed Companies (updated on December 4, 2024) and the Market Abuse Regulation (MAR). Both documents are included in QPR's Insider Policy as such. QPR's Insider Policy sets trading restrictions prohibiting Persons Discharging Managerial Responsibilities (PDMRs), permanent insiders and project-specific insiders from making transactions with QPR's securities during a closed period of 30 days ("closed window") prior to the Company's interim reports or financial statements bulletin. The closed window ends the day after the publication of the interim reports or financial statements bulletin. According to QPR's Insider Policy, permanent insiders must notify the CEO and the Chairman of the Board about the intention to trade QPR's securities prior to executing a transaction.

The members of the Board of Directors, the CEO and the Executive Management Team are considered PDMRs, as they are regularly exposed to inside information and have the right to make decisions regarding the future of the Company and organization of business operations. The Company's permanent insiders include employees or other outsourced persons that, due to their position or the nature of their responsibilities, have access to inside information.

In case the Company prepares an event that could significantly impact on value of the Company's share (e.g., a corporate acquisition), a project-specific insider list is established for the project. Project-specific insiders are persons that work for the Company based on an employment or other agreement, and have access to inside information, as well as any persons that are provided inside information about the project.

The Company's CFO manages insider matters and supervises compliance with QPR's Insider Policy. The CFO also maintains QPR's insider registers.

Due to the MAR regulation, the information in the insider register system, NetSire, is based on the status of July 2, 2016, and is no longer updated.

QPR Software Plc's managers and their closely associated persons, as referred to in the MAR regulation, have been obligated to notify their transactions as of July 3, 2016.

Audit

The Annual General Meeting elects an audit firm approved by the Finnish Central Chamber of Commerce as the Company's auditor. In 2024, the elected auditor was KPMG Oy Ab, Authorized Public Accountants, which declared Petri Kettunen, Authorized Public Accountant, as the principal auditor. The auditor's term expires at the close of the next Annual General Meeting following the election.

In 2024, the auditor was paid EUR 62,473 for audit services and EUR 0 for non-audit services. EUR 32,392 of the fees were related to the year 2023 audit and EUR 30,081 was related to the 2024 audit.

AI assistant

QPR Software Oyj — Governance Information 2025

3334_rns_2025-04-03_3a1cbde9-0840-4ced-96ac-4b2d724e5eaf.pdf

QPR Software's

QPR SOFTWARE'S CORPORATE GOVERNANCE STATEMENT 2024

The Finnish Corporate Governance Code

Compliance with the Corporate Governance Code

Availability of the Corporate Governance Code on the Internet

Board of Directors

Composition of the Board of Directors

Pertti Ervi

Antti Koskela

About

Key experience

Key positions of trust

About

Key experience

Linda von Schantz

Jukka Tapaninen

About

Key experience:

About

Key experience

Key positions of trust

Charter of the Board (Summary)

Board meetings:

Information:

Matters to be handled at Board meetings include, for example:

Operations during the financial year 2024

Diversity of the Board

Committees

Supervisory Board

Shareholders’ Nomination Board

CHIEF EXECUTIVE OFFICER

Chief Executive Officer of QPR Software Plc

Duties of the Chief Executive Officer

EXECUTIVE MANAGEMENT TEAM

Executive Management Team of QPR Software Plc

Composition, duties, responsibilities, and shareholding of the Executive Management Team

Internal Control and Risk Management

Internal Control

Internal Control and Risk Management Systems Associated with Financial Reporting

Risk Management

RISKS RELATED TO BUSINESS OPERATIONS

RISKS RELATED TO INFORMATION AND PRODUCTS

RISKS RELATED TO FINANCING

OTHER INFORMATION TO BE PROVIDED IN THE CORPORATE GOVERNANCE STATEMENT

Main Procedures Relating to Insider Administration

Audit

More from QPR Software Oyj

QPR Software Oyj Governance Information 2025