Sanoma Oyj — Governance Information 2018

Feb 28, 2018

Introduction	2
Organisational Structure and Statutory Governance Bodies	2
General Meeting 2
Board of Directors2
President and CEO7
Executive Management Group 7
Internal Control and Risk Management Systems	8
Audit & Assurance8
Internal Controls8
Control Environment8
Risk Management 9
Compliance9
Monitoring of Financial Reporting Process9
Audit	10
Insider Administration	10
Related Party Transactions	10

Corporate Governance Statement

Introduction

Sanoma Corporation (the 'Company' or 'Sanoma') complies with the Finnish Corporate Governance Code (the 'Code') issued by the Securities Market Association in 2015. This Corporate Governance Statement ('Statement') has been prepared in accordance with the Code. The Statement has been reviewed by Sanoma's Audit Committee. The statutory auditors of Sanoma have checked that the Statement has been issued and that its description of the main features of internal control and risk management systems related to the financial reporting process complies with the financial statements of the Company. This Statement is presented as a separate report from the Board of Directors' Report.

In addition to this Statement, Sanoma has issued a separate Remuneration Statement, prepared in accordance with the Code.

The Finnish Corporate Governance Code is available at www.cgcode.fi.

Updated information on Sanoma's governance is available on the Company's website under the Investors – Corporate Governance section (https://sanoma.com/investors/corporate-governance/).

Organisational Structure and Statutory Governance Bodies

Sanoma Group consists of three operating segments, or Strategic Business Units ('SBUs'): Sanoma Media BeNe, Sanoma Media Finland and Sanoma Learning. In addition, non-core operations, head office functions, real estate companies and group eliminations are reported under 'Other companies and eliminations' in the Group's financial reporting. Sanoma Corporation is the Parent Company of the Sanoma Group. Sanoma's administrative bodies are the General Meeting of Shareholders, the Board of Directors ('Board') and its committees, the President and CEO and the Executive Management Group ('EMG').

General Meeting

The General Meeting is Sanoma's highest decision-making body. In accordance with the Company's Articles of Association, it convenes at least once a year.

The Annual General Meeting is to be held each year by the end of June. It handles the matters falling under its authority according to the Finnish Companies Act (624/2006, as amended) and any matters proposed to the General Meeting. Extraordinary General Meetings are convened to handle specific matters proposed to a General Meeting.

As required by the Finnish Companies Act, notices of General Meetings shall be published no earlier than three (3) months prior to the record date of the General Meeting, and no later than three (3) weeks prior to the General Meeting, but in any case at least nine (9) days before the record date of the General Meeting. The Notice shall be published in at least one widely circulated newspaper determined by the Board.

The General Meeting handles the matters presented on its agenda prepared by the Board. According to the Finnish Companies Act, a shareholder may request his or her proposal to be included in the agenda of the next General Meeting. Such request shall be made in writing to the company's Board and the proposed matters shall fall within the competence of General Meetings according to the Finnish Companies Act. Sanoma informs well in advance on its website the date by which a shareholder shall notify the Board of any proposals that he or she requests to be included in the agenda of the General Meeting.

Shareholders holding a minimum of ten (10) per cent of all shares and the Company's auditor may request the handling of a specified matter at a General Meeting, which the Board shall convene without a delay upon receipt of such request.

According to the Finnish Companies Act, e.g. the following matters are subject to the decision-making power of a General Meeting:

• Amendments to the Articles of Association
• Increases or decreases in share capital
• Issues of shares or other rights entitling to shares
• Acquisition of own shares
• Decisions on the number, election and remuneration of members of the Board of Directors
• Adoption of the financial statements
• Distribution of profits or allocation of losses

Board of Directors

ELECTION AND TERM

In accordance with the Articles of Association of Sanoma, the Board shall be composed of five to eleven members elected by the General Meeting. The General Meeting also elects the Chairman and the Vice Chairman of the Board.

The term of a member of the Board begins at the end of the Annual General Meeting in which he or she has been elected and expires at the end of the Annual General Meeting following the election. If the office of a member of the Board becomes vacant before the end of the term, a new member shall be elected for the remaining term.

Sanoma has not established a Nomination Committee, but the largest shareholders of Sanoma may propose new members to the Board based on applicable rules and regulations, including the Finnish Corporate Governance Code.

COMPOSITION, INDEPENDENCE AND DIVERSITY

The members of the Board shall have the qualifications and experience necessary to perform their duties as well as the possibility to devote sufficient time for the Board work. They shall also meet the independence and other requirements applicable to publicly listed companies in Finland. Both genders shall be represented in the Board.

All members of the Board are non-executive and independent of the Company. Seven out of nine members are also independent of major shareholders.

In order to ensure that the Board has sufficient and versatile competencies, mutually complementing experience and knowledge of the industry, the Board considers a range of diversity aspects, such as business experience, international experience, age, education and gender, when preparing its proposal of the composition of the Board to the Annual General Meeting.

Matters related to the diversity of the Board are defined in the Group's Diversity Policy, approved by the Board. At the end of 2017, 33% of Board members were women. During 2012–2016, the share of women in the Board has varied between 30–50%. Sanoma had Board members both from Finland and the Netherlands with versatile business experience.

The following members were elected to the Board of Directors at the AGM 2017:

Pekka Ala-Pietilä (Chairman)

• Born 1957, Finnish citizen
• Independent of the Company and major shareholders
• Board member since 2014, term ends in 2018
• Member of the Executive Committee
• Education: M.Sc. (Econ.), D.Sc. (Tech.) h.c., D.Sc. h.c.
• Main occupation: Chairman of the Board, Huhtamäki Oyj
• Primary work experience: Co-founder and CEO of Blyk Services Oy 2006–2012. Various positions with Nokia Corporation 1984–2005, among others as President 1999–2005, President, Nokia Mobile Phones 1992–1998 and Group Executive Board Member 1992–2005
• Key positions of trust: Huhtamäki Oyj (Finland) (Chairman), SAP AG (Germany) (Supervisory Board)

Antti Herlin (Vice Chairman)

• Born 1956, Finnish citizen
• Independent of the Company
• Board member since 2010, term ends in 2018
• Member of the Executive Committee
• Education: D.Sc. (Econ.) h.c. (The State University of Economics and Finance of St. Petersburg), D.Sc. (Econ.) h.c. (Helsinki School of Economics), D.Sc. (Art and Design) h.c. (University of Art and Design Helsinki), D.Sc. (Tech.) h.c. (The Aalto University Schools of Technology)
• Main occupation: Chairman of the Board, KONE Corporation
• Primary work experience: Vice Chairman of KONE Corporation 1996–2003 and CEO 1996–2006
• Key positions of trust: KONE Corporation (Finland) (Chairman), Caverion Corporation (Finland), Holding Manutas

Oy (Finland) (Chairman), Security Trading Oy (Finland) (Chairman), Thorsvik Invest Oy (Finland) (Chairman), KONE Corporation Centennial Foundation (Finland) (Chairman), Tiina and Antti Herlin Foundation (Finland) (Chairman), Archive Foundation of the President of the Republic (Finland)

Anne Brunila

• Born 1957, Finnish citizen
• Independent of the Company and major shareholders
• Board member since 2013, term ends in 2018
• Chairman of the Audit Committee
• Education: Ph. D. (Econ.), D.Sc. (Econ.) h.c.
• Main occupation: Professor of Practice, Hanken School of Economics (Finland)
• Primary work experience: Executive Vice President, Corporate Relations and Strategy and Member of the Management Team of Fortum Group 2009–2012. President and CEO of the Finnish Forest Industries Federation 2006–2009. Finnish Ministry of Finance 2002–2006, of which Director General 2003–2006. Economic Advisor in the European Commission 2000–2002. Several specialist and managerial positions in the Bank of Finland 1991–1999
• Key positions of trust: KONE Plc (Finland), Stora Enso Oyj (Finland), Aalto University Board (Finland) (Chairman)

Mika Ihamuotila

• Born 1964, Finnish citizen
• Independent of the Company and major shareholders
• Board member since 2013, term ends in 2018
• Member of the Human Resources Committee
• Education: Ph. D. (Econ.)
• Main occupation: Executive Chairman of the Board of Marimekko Corporation
• Primary work experience: Chairman of the Board and CEO of Marimekko Corporation 2015–2016. President and CEO of Marimekko Corporation 2008–2015. President and CEO of Sampo Bank Plc 2001–2007. President and CEO of Mandatum Bank Plc 2000–2001. Executive Director of Mandatum Bank Plc 1998–2000. Partner of Mandatum & Co Ltd 1994–1998. Visiting scholar of Yale University (USA) 1992–1993
• Key positions of trust: Rovio Entertainment Ltd. (Chairman), Foundation for Economic Education (Finland), Finnish Cultural Foundation (Supervisory Board)

Nils Ittonen

• Born 1954, Finnish citizen
• Independent of the Company
• Board member since 2014, term ends in 2018
• Member of the Audit Committee and the Executive Committee
• Education: B.Sc. (Econ.)
• Main occupation: -
• Primary work experience: Various positions with Sanoma Group 1977–2010, including Group Treasurer, Senior Vice President of Group Treasury, Real Estate and Risk Management. Member of the Executive Management Group 1999–2007
• Key positions of trust: Jane and Aatos Erkko Foundation (Finland) (Chairman)

3

Denise Koopmans

• Born 1962, Dutch citizen
• Independent of the Company and major shareholders
• Board member since 2015, term ends in 2018
• Member of the Audit Committee
• Education: LL.M., AMP Harvard Business School, IDP Insead
• Main occupation: Independent Board Director
• Primary work experience: Managing Director of the Legal & Regulatory Division at Wolters Kluwer Law & Business (The Netherlands) 2011–2014. CEO at LexisNexis Intelligence Solutions and LexisNexis Analytics (France) and a member of the Senior Leadership team at LexisNexis International (UK) 2007–2011. Various senior executive roles at Altran Group (France, USA, Spain) 2000–2007
• Key positions of trust: UDG United Digital Group (Germany) (Chairman, Advisory Board), Coöperatie VGZ (the Netherlands) (Supervisory Board), Janssen de Jong Groep B.V. (the Netherlands) (Supervisory Board)

Robin Langenskiöld

• Born 1946, Finnish citizen
• Independent of the Company and major shareholders
• Board member since 2013, term ends in 2018
• Member of the Audit Committee
• Education: B.Sc. (Econ.)
• Main occupation: -
• Primary work experience: Member of the Board of Sanoma Osakeyhtiö 1990–1999 and Sanoma WSOY Corporation 1999–2008
• Key positions of trust: -

Rafaela Seppälä

• Born 1954, Finnish citizen
• Independent of the Company and major shareholders
• Board member since 2008, term ends in 2018
• Member of the Human Resources Committee
• Education: M.Sc. (Journalism), Columbia University School of Journalism
• Main occupation: -
• Primary work experience: SanomaWSOY Corporation Board member 1999–2003. President of Lehtikuva Oy 2001–2004. Project Manager at Helsinki Media Company Oy 1994–2000. Member of the Board of Directors of Sanoma Osakeyhtiö 1994–1999
• Key positions of trust: Finnish National Gallery, Globart Projects Oy (Finland) (Chairman), Globart Projects Sweden AB (Sweden) (Chairman), Adtile Technologies Inc. (USA), ELO Foundation for the Promotion of Finnish Food Culture

Kai Öistämö

• Born 1964, Finnish citizen
• Independent of the Company and major shareholders
• Board member since 2013, term ends in 2018
• Chairman of the Human Resources Committee
• Education: Ph.D. (Tech.), M.Sc. (Eng.)
• Main occupation: Executive Partner, Siris Capital Group LLC
• Primary work experience: -
• Key positions of trust: Fastems Oy (Finland) (Chairman), Helvar Oy (Finland) (Chairman), Oikian Solutions Oy (Finland) (Chairman), InterDigital Inc. (US), Qt Group Oyj (Finland), Mavenir LLC (UK)

SHARES OWNED BY THE MEMBERS OF THE BOARD OF DIRECTORS

The AGM determines the remuneration of the members of the Board and the Board committees. More information on the remuneration of the Board members is available in the Remuneration Statement, which is available on the Sanoma's website.

Sanoma shares owned by the members of the Board

Board member	Shareholding* at 31 December 2017
Pekka Ala-Pietilä (Chairman)	10,000
Antti Herlin (Vice Chairman)	19,036,800
Anne Brunila	910
Mika Ihamuotila	150,000
Nils Ittonen	59,000
Denise Koopmans	0
Robin Langenskiöld	12,273,371
Rafaela Seppälä	10,273,370
Kai Öistämö	8,265

* Shares owned by the Board member, including corporations over which the member exercises control.

DUTIES OF THE BOARD OF DIRECTORS

The duties of the Board are set forth in the Finnish Companies Act and other applicable legislation. The Board is responsible for the management of the Company and its business operations. In addition, the Board is responsible for the appropriate arrangement of the control of the Company's bookkeeping and financial administration.

The operating principles and main duties of the Board have been defined in the Charter of the Board of Directors. The Board, for example

• decides on the long-term goals and business strategy of the Group for achieving the long-term goals;

• approves the Group's reporting structure;

• decides on acquisitions and divestments, financial matters and investments, which have a value exceeding EUR 3.0 million, are otherwise strategically significant, involve significant risks, or relate to divestment, lay-off or termination of employment of 100 employees or more (for the time being, the Board has delegated its decision-making authority to Executive Committee on acquisitions and divestments, financial matters and investments which have a value exceeding EUR 3.0 million but below EUR 5.0 million);

• ensures the adequacy of planning, internal control and risk management systems and reporting procedures;
• performs reviews and follow-ups of the operations and performance of the Group companies;
• approves the Interim Reports, the Half-Year Report, the Financial Statements and the Board of Directors' Report as well as the Statement of Non-financial Information, Corporate Governance Statement and Remuneration Statement of the Company;
• appoints and dismisses as well as decides on the remuneration of
• the President and CEO,
• his or her deputy,
• the CEOs of the SBUs,
• the executives of Sanoma, who are Executive Management Group members,
• certain executive positions ('Key Executives') as determined by the Board;
• confirms the Group's values; and
• approves the Group's key policies.

During 2017, the Board convened 15 times with an average attendance rate of 94%.

Members' attendance at Board meetings in 2017

Board member	# of meetings attended	Attendance rate, %
Pekka Ala-Pietilä (Chairman)	15/15	100
Antti Herlin (Vice Chairman)	12/15	80
Anne Brunila	14/15	93
Mika Ihamuotila	15/15	100
Nils Ittonen	15/15	100
Denise Koopmans	14/15	93
Robin Langenskiöld	15/15	100
Rafaela Seppälä	14/15	93
Kai Öistämö	13/15	87

In order to develop its performance, the Board conducts an evaluation of its operations and working methods on an annual basis. The purpose of the evaluation is also to assess the composition of the Board and define qualifications for the possible new Board members. The evaluation may be done as an internal self-assessment or by using an external evaluator.

COMMITTEES APPOINTED BY THE BOARD OF DIRECTORS

The Board may appoint committees, executive committees and other permanent or fixed-term bodies to focus on certain duties assigned by the Board. The Board also confirms the charter of the committees as well as provides the policies given to other bodies appointed by the Board. The committees report regularly to the Board.

The Board has an Executive Committee that prepares proposals for matters to be decided or noted by the Board. In addition to the Executive Committee, Sanoma's Board committees include the Audit Committee and the Human Resources Committee.

The members of the committees are appointed among the members of the Board in accordance with the charter of the respective committee. In addition to Board members, the President and CEO is a member of the Executive Committee. The committees are neither decisionmaking nor executive bodies.

Executive Committee

The Executive Committee prepares matters to be considered at the Board meetings. For the time being, the Board has delegated its decision making authority to the Executive Committee on acquisitions and divestments, financial matters and investments, which have a value exceeding EUR 3.0 million, but below EUR 5.0 million. The Executive Committee consists of the Chairman and Vice Chairman of the Board, the President and CEO and at the Chairman's invitation one or several members of the Board.

In 2017, the Executive Committee comprised Pekka Ala-Pietilä (Chairman), Antti Herlin, Nils Ittonen and Susan Duinhoven. The Executive Committee convened 3 times in 2017 with an average attendance rate of 92%.

Members' attendance at Executive Committee meetings in 2017

Member	# of meetings attended	Attendance rate, %
Pekka Ala-Pietilä (Chairman)	3/3	100
Antti Herlin	2/3	67
Nils Ittonen	3/3	100
Susan Duinhoven	3/3	100

Audit Committee

The Audit Committee has been established to assist the Board in fulfilling its oversight responsibilities for matters pertaining to financial reporting and control, risk management as well as external and internal audit in accordance with the charter approved by the Board, the Finnish Corporate Governance Code as well as applicable laws and regulations. The Audit committee reviews the Corporate Governance Statement.

During 2017 the Audit Committee

• approved the annual schedule for the Audit Committee,
• discussed distributable funds, dividend and the outlook for 2017,
• reviewed the Corporate Governance Statement and recommended its approval to the Board,
• proposed amendments to the Audit Committee Charter due to certain regulatory changes,
• discussed interest rate hedging and proposed to the Board temporary change to the maximum hedging ratio,
• reviewed or noted regular compliance updates,
• reviewed the audit plan as well as audit and non-audit fees,
• reviewed reports prepared by the auditors,
• reviewed the draft of the Statement of Non-Financial Information,
• discussed accounting principles and changes in IFRS standards,
• followed up certain improvement initiatives regarding financial reporting,
• reviewed the results of the Related Party Assessment,
• reviewed and discussed tax matters,
• reviewed and approved the internal audit plan and followed up on its progress (including audit assurance updates),
• reviewed or noted quarterly claim overviews to assess litigation risks,
• reviewed or noted information security and privacy reports,
• followed the progress of internal controls,
• reviewed the interim reports, half-year report and related investor presentations,
• reviewed impairment calculations and recommended their approval to the Board,
• reviewed the Group Contribution plan,
• reviewed or noted quarterly reports on treasury matters and mid- and long-term refinancing and funding plans as well as internal credit limits,
• noted an update on the risk map,
• noted an update on group insurance policies, and
• reviewed proposed changes to Information Security Policy, Code of Conduct and Travel Policy and proposed recommendation of the same to the Board.

In accordance with its Charter, the Audit Committee comprises three to five members, appointed annually by the Board. Members of the Committee shall be independent of the Company and at least one member shall also be independent of significant shareholders. The Committee meets at least four times a year.

In 2017, the Audit Committee comprised Anne Brunila (Chairman), Nils Ittonen, Denise Koopmans and Robin Langenskiöld. All members of the Committee are independent of the Company and three members (Anne Brunila, Denise Koopmans and Robin Langenskiöld) independent of significant shareholders of the Company. The Audit Committee convened 5 times in 2017 with an average attendance rate of 90%.

Members' attendance at Audit Committee meetings in 2017

Member	# of meetings attended	Attendance rate, %
Anne Brunila (Chairman)	5/5	100
Nils Ittonen	5/5	100
Denise Koopmans	5/5	100
Robin Langenskiöld	3/5	60

Human Resources Committee

The Human Resources Committee is responsible for preparing human resources matters related to the compensation of the President and CEO and Key Executives, evaluation of the performance of the President and CEO and Key Executives, Group compensation policies, Human Resources policies and practices, development and succession plans for the President and CEO as well as Key Executives and other preparatory tasks as may be assigned to it from time to time by the Board and/or Chairman of the Board. In addition, the Committee discusses the composition and succession of the Board.

During 2017 the Human Resources Committee

• reviewed total compensation levels for key executives and prepared their total compensation decisions for the approval of the Board,
• discussed 2018 salary review principles of the senior management,
• submitted the realisation of 2016 long-term incentive targets to the Board for approval,
• submitted the pay-out of the Performance Share Plan 2014–2016 and 50% of Restricted Share Plan 2015–2017 long-term incentive plans to the Board for approval,
• discussed and submitted the performance targets for the Performance Share Plans 2017–2019 and 2018–2020 for the approval of the Board,
• prepared the proposal for 2017 long-term incentive grants for Key Executives for the approval of the Board,
• reviewed the long-term incentive principles and the short-term incentive framework,
• discussed the annual targets for Key Executives and submitted them for the approval of the Board,
• discussed organisational changes as well as top-level leadership appointments and related compensation packages with the management,
• discussed the succession plans for top management positions,
• discussed the employee engagement survey results and actions based on the results with management,

6

• discussed the preparations for say-on-pay (EU Shareholders' Rights Directive) with management, and
• reviewed and discussed with the management of remuneration policy and remuneration reporting.

The Human Resources Committee comprises three to five members, who are appointed annually by the Board. The majority of the members shall be independent of the Company. The Committee meets at least twice a year.

In 2017, the Human Resources Committee comprised Kai Öistämö (Chairman), Mika Ihamuotila and Rafaela Seppälä. All members of the Committee are independent of the Company and major shareholders of the Company. The Human Resources Committee convened 4 times with an average attendance rate of 100%.

Members' attendance at Human Resources Committee meetings in 2017

Member	# of meetings attended	Attendance rate, %
Kai Öistämö (Chairman)	4/4	100
Mika Ihamuotila	4/4	100
Rafaela Seppälä	4/4	100

President and CEO

The duties of the President and CEO of Sanoma are governed primarily by the Finnish Companies Act. The President and CEO assumes independent responsibility for the Group's daily operations, in line with, e.g., the following duties:

• Ensuring the Company's accounts comply with the law and its financial affairs have been arranged in a reliable manner
• Managing the Group's daily operations in line with the longterm goals and business strategy of the Group approved by the Board and in accordance with the general policies adopted by the Board and other applicable guidelines and decisions
• Deciding on acquisitions and divestments, as well as financial matters and investments, which have a value up to EUR 3.0 million or relate to the divestment, lay-off or termination of employment of 50 employees or more
• Preparing decision proposals and matters for information for the meetings of the Board (together with the Chairman of the Board and/or the Executive Committee) and presenting these matters and the agenda to the Board and its Committees
• Approving Group level standards
• Chairing Sanoma's Executive Management Group

The President and CEO may take extraordinary or wide-ranging action only under a separate authorisation from the Board, or when the time delay involved in waiting for a decision from the Board would cause substantial losses to Sanoma.

Susan Duinhoven has served as the President and CEO of Sanoma Corporation since 1 October 2015.

Susan Duinhoven, President and CEO

• Born 1965, Dutch citizen
• Chairman of the EMG since October 2015
• Education: Ph.D. (Physical Chemistry), M.Sc. (Physical Chemistry)
• Work experience: CEO and Chairman of the Executive Board at Koninklijke Wegener N.V. (The Netherlands) 2013–2015. CEO of Western Europe at Thomas Cook Group Plc (The Netherlands, Belgium and France) 2012–2013. CEO at Thomas Cook Nederland B.V. 2010–2011. Managing Director of Benelux & New Acquisitions Europe at Reader's Digest 2008–2010. CEO at De Gule Sider A/S (Denmark) 2005–2007. COO & Marketing Director at De Telefoongids (The Netherlands) 2002–2005.

Executive Management Group

The Executive Management Group (EMG) supports the President and CEO in his or her duties in co-ordinating the Group's management and preparing matters to be discussed at Board meetings. The matters include, e.g.:

• The long-term goals of the Group and its business strategy for achieving them
• Acquisitions and divestments
• Organisational and management issues
• Development projects
• Internal control
• Risk management systems

The EMG is chaired by the President and CEO. In 2017 the EMG comprised the CEOs of Sanoma Media Finland, Sanoma Media BeNe and Sanoma Learning as well as the Chief Financial Officer and Chief Operating Officer (CFO and COO) of Sanoma Corporation.

The following persons served as members of the EMG at the end of 2017:

Susan Duinhoven, President and CEO

Markus Holm, CFO and COO

• Born 1967, Finnish citizen
• Member of the EMG since February 2017
• Education: M.Sc. (Econ.)
• Work experience: CFO of Metsä Board Corporation (Finland) 2014–2016 and of Metsä Tissue Corporation (Finland) 2008–2013. Finance and ICT Director in GlaxoSmithKline Oy (Finland) 2005–2008. Various managerial positions in finance, treasury, global sourcing and investor relations in Huhtamaki Group, 1994–2004 in Finland and 1999–2002 in Brazil.

Kim Ignatius, Executive Vice President

• Born 1956, Finnish citizen
• Member of the EMG since 2008
• Education: B.Sc. (Econ.)
• Work experience: Executive Vice President and CFO of TeliaSonera (Finland) 2000–2008. CFO of Tamro Corporation (Finland) 1997–2000.

Pia Kalsta, CEO, Sanoma Media Finland

• Born 1970, Finnish citizen
• Member of the EMG since 2015
• Education: M.Sc. (Econ.)
• Work experience: Various positions at Nelonen Media (part of Sanoma Group) (Finland) 2001–2015, e.g. President 2014–2015, President, acting 2013–2014, Senior Vice President, Head of Consumer Business, Marketing & Business Development 2012–2013, Senior Vice President, Sales and Marketing 2008–2012, Vice President, Sales 2006–2008, Marketing Manager 2001–2006, among others. Several positions at SCA Hygiene Products (Finland) e.g. Key Account Manager, Product Manager and Marketing Manager 1996–2001.

John Martin, CEO, Sanoma Learning

• Born 1970, British citizen
• Member of the EMG since 2011
• Education: Ph.D. (Molecular Biology), B.Sc. (Hons) (Biochemistry)
• Work experience: CEO of Sanoma Digital, acting 2014, Chief Strategy & Digital Officer of Sanoma 2011–2013, Chief Operating Officer, Learning at Sanoma Learning 2009–2011. Director of ContentConnected, consulting on online publishing and information services 2006–2009. Chief Commercial Officer in the Executive Board of Swets Information Services (the Netherlands) 2004–2006 and Managing Director of Swets & Zeitlinger Publishers (the Netherlands) 2001–2003. Various roles in scientific publishing at Swets and Wolters Kluwer (the Netherlands) 1996–2001.

Peter de Mönnink, CEO, Sanoma Media BeNe

• Born 1963, Dutch citizen
• Member of the EMG since 2014
• Education: -
• Work experience: CEO of Reed Business Information International and the Netherlands (the Netherlands) 2009–2013 and Global Chief Strategy & Internet Officer 2002–2008. Several leadership positions at Reed since 1988.

Kim Ignatius, Executive Vice President, and Peter de Mönnink, CEO, Sanoma Media BeNe, acted as members of the EMG only until the end of 2017.

Marc Duijndam, born 1968, was appointed as the CEO of Sanoma Media BeNe as of 1 January 2018.

Sanoma shares owned by the President and CEO and the members of the EMG

Member	Shareholding as of 31 December 2017
Susan Duinhoven	75,000
Markus Holm	18,185
Pia Kalsta	5,655
John Martin	12,395
Kim Ignatius	9,500
Peter de Mönnink	10,973

Internal Control and Risk Management Systems

Audit & Assurance

The Audit and Assurance function reports to Sanoma's CFO and COO, and to the Audit Committee of the Board. It co-operates with the management of the Group and the SBUs as well as with the Group's statutory auditors.

The scope of Audit and Assurance covers Internal Audits and Risk Assessments as well as monitoring Internal Control process related work regarding all organisational levels and businesses. The Audit and Assurance function supports the development of the organisation and provides additional assurance with a risk based approach.

The operations of the Audit and Assurance are steered by Sanoma's Corporate Governance Framework and Group Policies on Internal Audit, Internal Control and Enterprise Risk Management.

Internal controls

Sanoma's Internal Control Policy defines the internal control process applicable to all subsidiaries. The process includes internal control objective setting, control design and implementation, operating effectiveness testing, monitoring and continuous improvement and reporting.

The Company's values and Code of Conduct lay the foundations and set the tone for the internal control framework. The Internal Controls framework has been defined by using a top-down and risk-based approach. Internal Controls consist of entity-level controls, processlevel controls and ICT general controls.

Entity-level controls are applied on all levels of Sanoma (i.e. Group, SBU, business and entity-level) and can relate to more than one process. The existence and active implementation of codes of conduct and different Group policies and guidelines are examples of entitylevel control activities.

Process-level control activities are designed to mitigate risks relating to certain key processes. Examples of such processes are sales, purchase-to-pay and payroll processes. Automated or manual reconciliations and approvals of transactions are typical process-level controls.

ICT general controls are embedded within ICT processes that provide a reliable operating environment and support the effective operation of application controls. Controls that prevent inappropriate and unauthorised use of the system and controls over the effectiveness of acquisition are examples of ICT general controls.

Control environment

Management of the Group and its businesses is based on a clear organisational structure, well-defined areas of authority and responsibility, common planning and reporting systems and policies and guidelines.

The Board approves all Group-level policies such as Sanoma's Corporate Governance Framework, Code of Conduct, Enterprise Risk Management Policy, Internal Control Policy and Treasury Policy. Sanoma's strategy and business objectives as well as Sanoma's Corporate Governance Framework set the foundation for the Internal Control processes.

The Audit Committee assists the Board in its responsibilities by dealing with matters related to financial reporting procedures, the Group's risk management, the reliability and effectiveness of internal control systems and compliance with Sanoma's Corporate Governance Framework, as well as matters related to statutory audit and internal audit work.

The Parent Company Sanoma Corporation is responsible for carrying out publicly listed company's statutory duties under, for example, the Finnish Securities Market Act, for managing communications with key stakeholders including investor relations, centralised treasury activities, as well as Group compliance with applicable laws and regulations. In addition, the Parent Company supports the President and CEO in driving the performance of the SBUs and in the management of the Group's daily operations. The Parent Company drives crossbusiness and cross-border co-operation projects and improvement initiatives and provides support and guidance to the SBUs in areas such as finance and control, human resources, procurement, communications, legal affairs, taxation, M&A, treasury, ICT systems and real estate.

Sanoma's SBUs operate within the approved scope of strategic goals and financial targets, Sanoma's Corporate Governance Framework as well as within Group policies and guidelines. In addition, Sanoma's shared values govern the daily operations of the personnel.

Risk management

The Audit and Assurance function coordinates the Group risk management process and produces periodical risk reports for the President and CEO and the Executive Management Group. Updated Group risk assessment results with related ongoing or planned mitigation actions are communicated to the Audit Committee and further to the Board twice a year.

The main objective of Sanoma's Risk Management Policy is to identify and manage essential risks related to the execution of the Group's strategy and operations. The Risk Management Policy defines Groupwide risk management principles, objectives and responsibilities within the Group.

The Board is responsible for setting and approving Sanoma's Risk Management Policy and for overseeing the effectiveness of risk management.

The Audit Committee regularly reviews and monitors the implementation of the Risk Management Policy and risk management process.

The President and CEO is responsible for defining risk management strategies and procedures and setting risk management priorities.

Sanoma has a Group-wide process for assessment of significant risks. Risk assessment is closely linked to the Group's strategy process and strategic objectives. A risk framework is used for identifying and assessing risks, as well as for defining risk management activities. Risks and their probability of occurrence are assessed in different stages of decision-making.

Managing business risks and opportunities is a core element in the daily operational responsibilities of Sanoma's management. Risktaking is an essential part of a competitive business. While executing its strategy, Sanoma and its SBUs are exposed to numerous risks and opportunities.

More information on risk management at Sanoma is available on a separate Risk Management review and in the Statement of Non-Financial Information for 2017, available at Sanoma.com.

Compliance

Sanoma is committed to complying with international and local laws and ethical policies in accordance with the Sanoma Code of Conduct approved in 2014 and updated in 2017. The Company has a Compliance function, which supports business operations and Group administration by developing practices related to identifying and complying with applicable laws and regulations, as well as internal policies and guidelines. The key tasks of Sanoma's Compliance function are to minimize the risk of infringement of applicable regulatory requirements in all operations, to maintain Sanoma's compliance programme and to ensure the continuous development of an ethical business culture.

Each Group function in the Parent Company prepares policies for Board approval and standards to be approved by the President and CEO regarding its area of responsibility. Group policies and standards are available on the Sanoma intranet. In addition, SBUs and Business Units may have their own supplementary instructions. These instructions are available on the unit's intranet.

Breaches of the Code of Conduct or related policies or laws may be reported through internal channels or through an externally hosted confidential hotline, which may be used anonymously. Sanoma does not tolerate retaliation against any employee who makes a report in good faith.

Claims against Sanoma are monitored by Group Legal Affairs through a process covering material claims irrespective of whether they have been taken by a governmental body, partner, agreement counterpart, personnel, or any other party.

Monitoring of financial reporting process

The Group Finance and Control function is a part of the Parent Company and prepares control point guidelines for transactions and periodic controls for the SBUs. The guidelines are approved by the President and CEO. Periodic controls are linked to monthly and annual reporting processes and include reconciliations and analyses to ensure the accuracy of financial reporting. These control activities seek to ensure that potential deviations and errors are prevented, discovered and corrected both at the Parent Company and the SBU level. Internal control systems cover the whole financial reporting process.

The Group's financial performance is monitored on a monthly basis using a Group-wide financial planning and reporting system, which includes actualised income statements, balance sheets, cash flow statements and key performance indicators, as well as estimates for the current financial year.

Furthermore, business reviews between Group and SBU management are held at least quarterly. In addition to the SBUs' financial performance, issues including changes in the operating environment, future expectations, structure and status of business development are also discussed. The business reviews also have a role in the process of ensuring the functioning of the continuous risk assessment and internal control systems.

Audit

The main function of the statutory audit is to verify that the financial statements provide a true and fair view on the Group's financial performance and financial position for the financial year. Sanoma's financial year is the calendar year.

The auditor's responsibility is to audit the Group's and the parent company's financial statements and administration in the respective financial year and to provide auditors' opinion to the Annual General Meeting. The auditor reports to the Board at least once a year.

According to the Articles of Association, Sanoma shall have one auditor, which shall be an audit firm approved by the Patent and Registration Office. The term of office of the auditor expires at the end of the next Annual General Meeting following the election.

According to the Finnish Auditing Act (1141/2015, as amended), the aggregate duration of the consecutive terms of a person or an audit firm acting as the auditor in a public company may not exceed ten years. The statutory auditor or audit firm shall be elected after the maximum term of ten years only if the audit is tendered in accordance with the EU Audit regulation1 Article 16, paragraphs 2–5.

The Annual General Meeting 2017 elected the Authorised Public Accounting firm PricewaterhouseCoopers Oy as the statutory auditor of the Company. Samuli Perälä, Authorised Public Accountant, acts as the Auditor in Charge. Prior to the Annual General Meeting 2017, KPMG Oy Ab acted as Sanoma's statutory auditor since 2006, with Virpi Halonen, Authorised Public Accountant, as Auditor in Charge since 2012.

Remuneration paid for audit services in 2017 amounted to EUR 1.1 million (2016: 1.2). Remuneration paid to the Company's auditors for non-audit services in 2017 amounted to EUR 0.3 million (2016: 0.2).

Insider Administration

Sanoma's Insider Policy complies with the Guidelines for Insiders issued by Nasdaq Helsinki Ltd.

According to Sanoma's Insider Policy a person who has learned Inside Information may not use the information by acquiring or conveying Sanoma's Financial Instruments (either on his own or a third party's behalf, directly or indirectly), or give advice on their acquisition or disposal (either directly or indirectly). This also applies to advice not to trade.

A person possessing Inside Information related to Sanoma's Financial Instruments is not allowed to disclose Inside Information. The duty of confidentiality does not restrict providing such information to employees who need to share this information to fulfil their tasks for Sanoma.

Permanent insiders have access to all Inside Information due to the nature of their position at Sanoma ("Permanent Insider"). Permanent Insiders do not need to be reported separately on each deal-specific/ event based insider list. Based on the decision by the Board on 26 July 2016, there are at the moment no Permanent Insiders at Sanoma.

The so called "Closed Period" is a thirty (30) calendar day period before the announcement of the year-end Financial Statements Release and the Interim Reports of Sanoma, during which the members of the Board and the President and CEO shall not conduct any Transactions in Sanoma Instruments on their own account, or on the account of a third party, whether they possess Inside Information or not. Transactions are also not allowed during the entire publication day. In addition, Sanoma recommends that the EMG members and persons engaged in financial reporting process do not trade in Sanoma Instruments during the Closed Period or the publication day.

The picture below illustrates the process that the Board members, the President and CEO and "Persons Closely Associated" with them strictly need to comply with when notifying the Finnish Financial Supervisory Authority (FSA) and Sanoma of their transactions with Sanoma Instruments.

Related Party Transactions

Sanoma has a Related Party Policy, under which members of the management defined by the policy are under obligation to submit for prior approval envisaged related party transactions.

More information on related party transactions in 2017 is availa-

1 REGULATION (EU) No 537/2014 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 16 April 2014