Skip to main content

AI assistant

Sign in to chat with this filing

The assistant answers questions, extracts KPIs, and summarises risk factors directly from the filing text.

Sign up Log in

Span d.d. Annual Report 2023

Apr 30, 2024

Preview isn't available for this file type.

Download source file

SPAN ANNUAL REPORT 2023

2 SPAN ANNUAL REPORT 2023

3

Contents

  1. STATEMENTS ON RESPONSIBILITY FOR COMPILING THE REPORT FOR THE OBSERVED PERIOD 124

  2. AUDITED FINANCIAL STATEMENTS OF SPAN GROUP AND SPAN D.D. 125

  3. INTRODUCTION 4
    2.1.3.2.1. MICROSOFT PARTNER OF THE YEAR 2023 IN CROATIA AND UKRAINE 65
    1.1. STATEMENT BY NIKOLA DUJMOVIĆ, PRESIDENT OF THE MANAGEMENT BOARD 4
    2.1.3.2.2. SPAN BECOMES THE HOLDER OF ALL SIX MICROSOFT SOLUTION PARTNER STATUSES 66
    1.2. ABOUT SPAN 6
    2.1.3.2.3. MICROSOFT ADVANCED SPECIALIZATIONS 67
    1.2.1. SPAN IN NUMBERS 8
    2.1.3.2.4. HEWLETT PACKARD ENTERPRISE GOLD PARTNER STATUS 68
    1.2.2. HISTORY AND DEVELOPMENT 9
    2.1.3.2.5. SAVIYNT – FASTEST TRANSACTION IN 2022 68
    1.2.3. ORGANIZATIONAL STRUCTURE OF THE GROUP 12
    2.1.3.2.6. SPAN CYBERGRX BENCHMARKING 69
    1.2.4. CORPORATE GOVERNANCE 12
    2.1.3.2.7. SEVENTH ISO CERTIFICATE 69
    1.2.4.1. STATEMENT OF THE APPLICATION OF THE CORPORATE GOVERNANCE CODE 13
    2.1.3.2.8. CROATIA GRAND PRIX SECURITY 2023 70
    1.2.4.2. CORPORATE GOVERNANCE CODE - COMPLIANCE QUESTIONNAIRE FOR 2022 16
    2.1.3.2.9. TD SYNNEX SOLUTION DAYS 2023 70
    1.2.4.3. CORPORATE GOVERNANCE STRUCTURE 16
    2.1.3.2.10. CEP RECERTIFICATION 70
    1.2.4.3.1. MANAGEMENT BOARD 17
    2.1.3.2.11. SAP SUCCESSFACTORS - CONTRACTS SIGNED 71
    1.2.4.3.2. SUPERVISORY BOARD 24
    2.1.3.2.12. VOLUNTEERING OSCAR AWARD 72
    1.2.4.3.2.1. AUDIT COMMITTEE 31
    2.1.3.2.13. SPAN - ”HEALTH-FRIENDLY COMPANY” 72
    1.2.4.3.2.2. NOMINATION AND REMUNERATION COMMITTEE 32
    2.2. FINANCIAL INDICATORS FOR 2023 73
    1.2.4.3.3. GENERAL ASSEMBLY 36
    2.2.1. OPERATING REVENUE, EBITDA AND NET PROFIT OF SPAN GROUP 73
    1.3. OVERVIEW OF OPERATION 37
    2.2.2. OPERATING REVENUE, EBITDA AND NET PROFIT OF SPAN D.D. 73
    1.3.1. DESCRIPTION OF THE OPERATION AND MAIN ACTIVITIES 37
    2.2.3. KEY FEATURES OF THE PERIOD – 2023 74
    1.3.2. MAIN MARKETS 43
    2.2.4. REVENUES BY SEGMENTS 77
    1.3.3. INDUSTRY TRENDS 43
    2.2.5. REVENUES BY GEOGRAPHIC MARKETS 78
    1.3.4. IMPACT OF THE NIS2 DIRECTIVE ON THE BUSINESS COMMUNITY 44
    2.2.6. BALANCE SHEET 79
    1.3.5. THE GROUP BUSINESS STRATEGY 47
    2.2.7. CASH FLOW 82

  4. KEY FEATURES OF THE PERIOD 48
    2.2.8. OPERATION OF TOV SPAN UKRAINE 82
    2.1. KEY EVENTS IN 2023 48
    2.3. INFORMATION FOR SHAREHOLDERS 84
    2.1.1. CORPORATE EVENTS 48
    2.3.1. SHARE CAPITAL 84
    2.1.1.1. 30 YEARS OF SPAN 49
    2.3.2. OWNERSHIP STRUCTURE AND 10 LARGEST SHAREHOLDERS 84
    2.1.1.2. ACQUISITIONS, ESTABLISHMENTS AND DISSOLUTIONS OF COMPANIES 50
    2.3.3. SHARE MOVEMENTS AND TRADING VOLUME 85
    2.1.1.2.1. THE ACQUISITION OF GTTARKVAR, ESTONIA’S LARGEST MICROSOFT PARTNER 50
    2.3.4. SHARE BUY-BACK PROGRAM 88
    2.1.1.2.2. ESTABLISHING A SPAN COMPANY WITH THE REGISTERED OFFICE IN GEORGIA 51
    2.3.5. ACQUISITIONS AND DISPOSALS OF OWN SHARES 88
    2.1.1.2.3. DECISION OF THE SWISS AGBOARD OF DIRECTORS ON THE DISSOLUTION OF THE COMPANY 51
    2.3.6. DIVIDEND PAYMENT POLICY 89
    2.1.1.3. CHANGES IN THE SUPERVISORY BOARD 51
    2.3.7. CONTRACTS WITH AFFILIATED PERSONS 89
    2.1.1.4. GENERAL ASSEMBLY OF SPAN D.D. 52
    2.4. RISKS 90
    2.1.1.5. DECISION ON THE UTILIZATION OF PROFIT AND PAYMENT OF DIVIDEND 52
    2.4.1. FINANCIAL RISKS 92
    2.1.1.6. IMPLEMENTATION OF THE REGISTRATION OF SHARE CAPITAL ADJUSTMENT 52
    2.4.2. LEGAL RISKS 93
    2.1.1.7. ESOP – ALLOCATION OF ADDITIONAL SHARES 52
    2.4.3. RISKS RELATED TO THE OPERATION OF THE COMPANY 94
    2.1.1.8. RESIGNATION OF A MEMBER OF THE MANAGEMENT BOARD OF SPAN D.D. 53
  5. PEOPLE AND COMMUNITY 98
    2.1.1.9. EMPLOYEES’ REPRESENTATIVE IN THE SUPERVISORY BOARD OF SPAN D.D. ELECTED 53
    3.1. HUMAN RESOURCE EXCELLENCE 99
    2.1.1.10. ACQUISITIONS AND DISPOSALS OF OWN SHARES 53
    3.2. RECRUITMENT, DEVELOPMENT AND RETENTION OF EMPLOYEES 100
    2.1.2. BUSINESS EVENTS AND ACHIEVEMENTS 54
    3.2.1. RECRUITING AND EMPLOYING PROFESSIONAL EMPLOYEES 100
    2.1.2.1. SOFTWARE ASSET MANAGEMENT AND LICENSING 54
    3.2.2. DEVELOPMENT OF TECHNOLOGICAL AND LEADERSHIP CAPACITIES 104
    2.1.2.2. INFRASTRUCTURE SERVICES, CLOUD & CYBERSECURITY 54
    3.2.3. RETENTION OF EMPLOYEES – ENGAGEMENT, REMUNERATION AND RETENTION 107
    2.1.2.3. SOFTWARE & BUSINESS SOLUTIONS DEVELOPMENT 56
    3.3. IMPROVEMENT OF INTERNAL BUSINESS PROCEDURES 108
    2.1.2.4. SERVICE CENTER MANAGEMENT AND TECHNICAL SUPPORT 59
    3.4. ENCOURAGING POSITIVE CHANGES – RESULTS OF THE ORGANIZATIONAL CLIMATE SURVEY 109
    2.1.2.5. INTERNATIONAL OPERATIONS 60
    3.5. BRAND AND COMMUNICATIONS 110
    2.1.3. AWARDS, RECOGNITIONS AND ACHIEVEMENTS 63
  6. SUSTAINABILITY IN SPAN 111
    2.1.3.1. AWARDS, RECOGNITIONS AND ACHIEVEMENTS RELATED TO THE SHARE 63
    4.1. CORPORATE SOCIAL RESPONSIBILITY 112
    2.1.3.1.1. LISTING INTO CROBEX10® AND CROBEX10 TR® 63
    4.2. SUSTAINABILITY REPORT FOR 2022 113
    2.1.3.1.2. ENLISTING IN THE FRONTIER MARKETS SMALL CAP INDEX 64
    4.3. CORPORATE VOLUNTEERING IN SPAN 114
    2.1.3.1.3. ZAGREB STOCK EXCHANGE AWARD FOR THE STOCK WITH THE HIGHEST INCREASE IN TRADING VOLUME 64
    4.4. MEMBERSHIPS IN UN GLOBAL COMPACT AND HRPOR 116
    2.1.3.2. AWARDS, RECOGNITIONS AND ACHIEVEMENTS IN OPERATIONS 65
    4.5. RTL HELPS CHILDREN 117
    4.6. GREEN SPAN 118
  7. PROCESSES AND TECHNOLOGY 119
    5.1. ISO STANDARDS 120
    5.2. PARTNERSHIPS 122
    5.3. CODE OF BUSINESS CONDUCT 123

SPAN ANNUAL REPORT 2023
4

SPAN ANNUAL REPORT 2023
5

1. Introduction

Everybody is clear that the need for digital solutions will not cease to exist and will almost certainly grow, but the question is how to determine the realistic needs and priorities in these new circumstances. Our customers did not cancel or stop or shut down projects. They wanted some time off, different priorities, lower budgets, only in this year. While big “classic” projects slowed down, two new giants of the IT industry – artificial

A year of challenges and a year of new opportunities

1.1. Statement by Nikola Dujmović, President of the Management Board

Modern developed societies are increasingly relying on digital technologies. This was especially so under the pressure of the pandemic, when the need for information and communication solutions increased day by day. Each segment of our industry grew little by little. There was a lack of professionals, especially developers, but there was plenty of work for everyone. Until, suddenly, almost over the night, the IT industry became saturated. Projects were slowing down. IT companies of all sizes started to lay off workers. Analysts were thinking of definitions of this phenomenon that occurred suddenly, caused by external factors, though without any evident announcement. Digital budget saturation might be the best description I have heard. When the pressure of the pandemic subsided and the threat of a global conflict increased, many felt fed up with that ”digital“ growth and wanted to get a break from that fast and almost forced digital revolution of the last couple of years. intelligence and cyber security – started to appear around the corner. The frequency of cyber attacks, their scope and the damage they cause are increasing and becoming a question of national, social and economic stability. Both current wars, in Ukraine and Israel, are waged both in the traditional battlefield and cyberspace at the same time. Cyber war is literally global and has not spared the area of Croatia either. At the same time, artificial intelligence, a branch of the digital economy that has been developed for seventy odd years, has been speedily transitioning from labs and academic community to the traditional economy. Artificial intelligence increases productivity, replacing people in demanding and boring tasks. Particularly rapid acceleration came with the commercialization of generative models that create a new value. We have made ourselves ready for this new order in the IT industry excellently.# S P A N A N N U A L R E P O R T 2 0 2 3

1.2. About Span

We were established on 23 March 1993, as a limited liability company. Under the decision of the company’s Assembly, we became a joint stock company on 13 December 2019. Our main activities include the provision of services of software asset management and licensing, infrastructure services of design and maintenance of information systems, work in Cloud and cyber security, management of information technology and technical support service centers, as well as the development of software and business solutions. During the 30 years of operation, we have developed from an IT system integrator in Croatia, to a group that today operates on the international market. We are focused on our long-term relationships with customers and we cooperate with leading global and regional corporations. As a leading expert in Microsoft technologies and leading regional Microsoft partner, we are continuously working on improving the knowledge of our employees with the aim of providing higher quality solutions to our customers.

Our affiliated company Bonsai.tech has been developing solutions for our international customers with AI tools for years, thus we are ready for new opportunities in this market. We have been developing a cybersecurity team for years and we have readily countered cyber attacks that are growing day by day.

Span Group 2022

Country Percentage
Croatia 32%
USA 19%
Slovenia 17%
UK 11%
Ukraine 9%
Others 12%

Span Group 2023

Country Percentage
Croatia 34%
Slovenia 15%
USA 11%
UK 9%
Estonia 8%
Others 23%

As an IT service provider, we successfully monitor and respond to trends in the digital transformation of the operation, and with our work and company values, we try to be an example of the responsible and sustainable operation in Croatia.

1.2.1. Span in numbers

  • 24/7 availability of Span support
  • 58,700+ proactively monitored devices
  • 202,000+ resolved tickets in 2023
  • 375 successfully completed projects in 2023
  • 99.96% incidents resolved in terms of SLA*
  • 34 years average age of employees
  • 72.95% of employees with university or college degree
  • 400+ employees with professional certification

* Service Level Agreement

1.2.2. History and development

We started our journey in 1993 as a license provider and system integrator. Focused on Microsoft technologies, we became the first certified provider of Microsoft solutions in 1996, only to become a Microsoft Certified Solution Provider Partner in 1999. A year later, a Hungarian system integrator, Synergon, joined our ownership structure.

The 1996 to 2001 period saw a significant transformation in the operation. Having obtained the status of the first Gold Microsoft Partner in Croatia and the leading Microsoft Partner in the Croatian market in 2001, we started providing technical support to customers, and this branch of operation, which we have developed continuously, is our largest division in terms of numbers today. At that time, we started offering consultancy services and designing business solutions for our customers.

In the years that followed, we expanded to international markets. We opened offices in Great Britain, Slovenia, the United States, Azerbaijan, Germany, Ukraine, Switzerland, Moldova and finally, Georgia in 2023.

The new goal that we set and achieved was listing our shares on the regulated Zagreb Stock Exchange market, becoming a joint stock company in 2019, and listing our shares on the Zagreb Stock Exchange in September 2021. By doing so, we started a new development phase of operation oriented to an accelerated organic growth in the existing markets and an opportunity to continue to expand in international markets. Only six months after the Initial Public Offering, our share was included in the CROBEX® and CROBEXtr® indices, whereas in March 2023, it joined the 10 most liquid shares, being listed in the CROBEX10® and CROBEX10tr® indices. In the same year, the largest provider of stock indices on the global level, MSCI, enlisted our share in the MSCI Frontier Market Small Cap Index, which gives it additional visibility with global investors.

We continue to further focus on cloud and cyber security, and in addition to Microsoft as our main partner, we continue to operate with Google, Amazon and other renowned partners. In continuation of the business development plan, in September 2022 we opened Span Cyber Security Center d.o.o., with a view to providing education, training and consultancy services to the business community in Croatia and the region. We also acquired GT Tarkvara, the Estonian leading Microsoft partner, and thus confirmed the strategic direction to further growth and expansion to new markets.

Timeline:

  • 1993: Span is founded.
  • 1995: First Microsoft Certified Solution Provider Partner.
  • 1996: First Croatian Microsoft Certified Solution Provider. Launches Microsoft CTEC Education center.
  • 1998: Span partners with Hungarian system integrator.
  • 1999: Synergon First Microsoft Enterprise Agreement in Croatia established.
  • 2000: Span d.o.o., Ljubljana, Slovenia established. Development Academy partner.
  • 2001: First Croatian Microsoft Gold Partner.
  • 2006: ISO 9001.
  • 2007: Span management buy out.
  • 2009: TOV Span awarded best Microsoft LSP partner in Ukraine. Microsoft Partner of the Year – Croatia achieved.
  • 2011: ISO/IEC 27001.
  • 2012: ISO/IEC 20000.
  • 2013: Microsoft Partner of the Year – Croatia.
  • 2014: McDonald’s UK Operator of the Year Award.
  • 2015: European Business Award. Acquisition of Ekobit.
  • 2016: Microsoft Partner of the Year – Croatia.
  • 2018: TOV Span, Kyiv, Ukraine established.
  • 2019: 17 Microsoft competencies achieved, 16 Gold. Span management buy out. Shares listed on Zagreb Stock Exchange.
  • 2020: AWS and Google Cloud Services. Span Cyber Security Center established. 12 Microsoft Advanced Specializations Certified System Engineer employed.
  • 2021: McDonald's Global Technology Partner. Microsoft Partner of the Year – Croatia & Ukraine. Span-IT S R L, Chișinău, Moldova established. ISO/IEC 14001. ISO/IEC 50001.
  • 2022: 12 Microsoft Advanced Specializations achieved. 6 Microsoft Solutions Provider designations. Microsoft Partner of the Year - Croatia & Ukraine. Span LLC, Tbilisi, Georgia established.
  • 2023: Acquisition of GT Tarkvara. ISO/IEC 22301. 12 Microsoft Advanced Specializations achieved. Microsoft Partner of the Year - Croatia & Ukraine. GRIT Award for UN Sustainable Development Goal 8. In-house installation of Exchange 4.0 – email exchange system.

1.2.3. Organizational structure of the Group

On 31 December 2023, Span d.d. (Span or Company) had business shares in the following companies:

DOMESTIC SUBSIDIARIES

Company Ownership Percentage
Bonsai d.o.o. 100%
Trilix d.o.o. 70%
Span Cyber Security Center d.o.o. 60%
Ekobit d.o.o. 35%
Fintech digital services d.o.o. 82.13%

INTERNATIONAL SUBSIDIARIES

Company Ownership Percentage
Span USA Inc., Chicago 100%
Span SWISS AG, Zurich 100%
Span Azerbaijan LLC, Baku 100%
Span d.o.o, Ljubljana 100%
Span IT Ltd, London 100%
Span-IT s.r.l., Kišinje 100%
Span GmbH, Munich 100%
Span GT Tarkvara, Tallinn 100%
Span LLC, Tbilisi 100%

1.2.4.1. Statement of the application of the Corporate Governance Code

Pursuant to Article 272.p, in relation to Article 250.a of the Companies Act (Official Gazette no. 111/1993, 34/1999, 121/1999, 52/2000, 118/2003, 107/2007, 146/2008, 137/2009, 111/2012,125/2011, 68/2013, 110/2015, 40/2019, 34/2022, 114/2022, 18/2023, 130/2023 hereinafter: “the Act”) and Article 22 of the Accounting Act (Official Gazette no.# STATEMENT OF THE APPLICATION OF THE CORPORATE GOVERNANCE CODE

Span d.d., Zagreb, Koturaška cesta 47, Company ID: 19 680551758 (hereinafter: “Span” or “Company”) hereby issues the following STATEMENT OF THE APPLICATION OF THE CORPORATE GOVERNANCE CODE

I. Span shares have been listed on the Zagreb Stock Exchange on 21 September 2021, and Span applies the Corporate Governance Code of the Zagreb Stock Exchange (ZSE) and the Croatian Financial Services Supervisory Agency (CFSSA) publicly available at the website of the ZSE (www.zse.hr) and the CFSSA (www.hanfa.hr).

II. Span hereby confirms that it operates in line with the good corporate governance practices and predominantly in compliance with the recommendations in the Code, and publishes all information required by positive regulations. Span shall present detailed explanations of departures from individual recommendations and additional adjustments in the Annual Compliance Questionnaire for Issuers of Shares and the Corporate Governance Practice Questionnaire for Issuers of Shares which, as defined in the Ordinance on the data concerning corporate governance, the issuers are required to deliver to the Croatian Financial Services Supervision Agency and on the form, deadlines, and manner of their submission (OG 59/2020, 12/2023), submit them for 2023 to the Croatian Financial Services Supervision Agency (CFSSA) not later than 30 April of the current calendar year and publish them on the websites of the Company and the Zagreb Stock Exchange.

III. Controlling and Internal Audit, supervised by the Audit Committee, are in charge of internal control and risk management systems with regard to the financial reporting system.

1.2.4. Corporate Governance

Span is a joint stock company whose shares are listed on the regulated Zagreb Stock Exchange market and which applies the Corporate Governance Code of the Zagreb Stock Exchange and the Croatian Financial Services Supervisory Agency (HANFA), which is available online on the sites of the Zagreb Stock Exchange and HANFA (Corporate Governance Code). A Statement on the application of the Corporate Governance Code is a constituent part of the Annual Report of the Span Group.

Span’s internal rules and management procedures, based on the fundamental principles of corporate governance, particularly the principles of impartiality, transparency, equity, and accountability, ensure more efficient operations and timely and objective communication of all key business activities and results the company achieved to the public. At the same time, they enable equal treatment of all shareholders, thus strengthening the trust of all stakeholders, including employees, partners, customers and other interested parties.

In line with the Audit Act (OG 127/17, 27/2024), in addition to the tasks defined in the Regulation (EU) No 537/2014 of the European Parliament and of the Council on specific requirements regarding statutory audit of public-interest entities and repealing Commission Decision 2005/909/EC and all relevant regulations, the Audit Committee shall monitor the financial reporting process and deliver recommendations and suggestions for securing the integrity thereof, as well as monitor the effectiveness of the Company’s internal quality control and risk management systems, including the effectiveness of procedures for approving and disclosing transactions among Management and Supervisory Board members and the Company, as well as internal audit, without breaching its independence.

Internal Audit’s key goals are providing senior management and the Supervisory Board with guarantees and information that will help to achieve the organization’s goals, including the evaluation of the effectiveness of risk management activities. Controlling reports to the Management Board of the Company, and Internal Audit to the Audit Committee of the Supervisory Board, and the Management Board.

Span Group (“Group”) consists of Span d.d. (”Company”) and its subsidiaries Span LLC, Kijev

SPAN ANNUAL REPORT 2023 14

SPAN ANNUAL REPORT 2023 15

Internal Audit prepares a report once the audit has been completed, and this report contains the following:
* list of the audits carried out
* assessment of the adequacy and efficiency of internal controls and recommendations for improvements
* unlawfulness and irregularities determined during the audit, and recommendations and proposed measures to address them
* activities undertaken in relation to the previously issued recommendations.

Reports are delivered to the Management Board and Audit Committee.

During 2023, Span continued to maintain and continuously improve the existing six management systems certified by ISO standards. Special attention was directed towards information security management and IT services, as well as towards the ethical aspects of management in accordance with ISO 37001 standard.

During 2023, the Risk management methodology was improved and the application for monitoring business objectives and risk management was completed. Moreover, at the beginning of 2023, the business continuity management system was certified (BCMS) in accordance with ISO 22301 standard. This has ensured a higher level of reliability of Span’s business processes and services it offers to its customers, and thus a higher level of trust.

IV. Ten significant Span shareholders as at 29/12/2023 are as follows:

No. Name Number of shares Percentage (%)
1 DUJMOVIĆ NIKOLA 701,072 35.769
2 PONGRAC MARIJAN 112,198 5.7244
3 BANEK ZVONIMIR 107,995 5.5099
4 RAIFFEISEN BANK AUSTRIA D.D./ RAIFFEISEN VOLUNTARY PENSION FUND 101,111 5.1587
5 ERSTE & STEIERMARKISCHE BANK D.D./ PBZ CO OMF - CATEGORY B 65,200 3.3265
6 PRIVREDNA BANKA ZAGREB D.D./THE BANK OF NEW YORK AS CUSTODIAN 50,525 2.5778
7 BOČKAL DAMIR 46,516 2.3733
8 PRIVREDNA BANKA ZAGREB D.D./ GENERALI JUGOVZHODNA EVROPA, DELNISKI 43,810 2.2352
9 PODRAVSKA BANKA D.D./OMNIBUS ACCOUNT FOR M21 - NATURAL PERSONS 36,253 1.8496
10 ERSTE & STEIERMARKISCHE BANK D.D./ PBZ CO OMF - CATEGORY A 26,128 1.3331

Span does not have holders of securities with special control rights or holders of securities with limited voting rights with a certain percentage or number of votes, time restrictions for exercising the right to vote or cases where, in cooperation with the company, the financial rights from securities are separated from holding those securities.

Span does not have special rules on appointing or revoking members of the Management Board or the Supervisory Board, amending the Articles of Association or special rules on the powers of the members of the Management Board or the Supervisory Board. Provisions of the Companies Act and the Articles of Association, available on Span’s website (www.span.eu), apply to all of the cited relations.

V. The operation and competences of the General Assembly and the way of exercising and realizing the rights of shareholders are defined in the Companies Act and the Articles of Association of the Company. Calls and proposed decisions, as well as the decisions adopted, are published in line with the provisions of the Companies Act, provisions of the Capital Market Act, and Rules of the Zagreb Stock Exchange. Each share ensures the right to 1 vote.

VI. In 2023, the Management Board consisted of 5 members, with a maximum 5-year term. Once their term expires, Management Board members and President may be reappointed for an infinite number of terms. The Management Board is responsible for managing the affairs of the Company, assuming a duty of care and conscientiousness, in line with the Companies Act, the Articles of Association and Rules of Procedure of the Management Board.

In 2023, the Supervisory Board had 4 members. The President of the Supervisory Board, Jasmin Kotur, and the Member Zvonimir Banek resigned from their positions at the Supervisory Board, and at the meeting of the General Assembly of the Company that took place on 14 June 2023 Ivana Šoljan and Mirjana Marinković were elected as the new Members of the Supervisory Board. The two were elected for a period from the adoption of the decision of the General Assembly to the expiry of terms of office of the other members of the Supervisory Board of the Company, i.e. by 30 September 2024. The right to appoint and recall the fifth member of the Supervisory Board is given to Span employees, who elected Barbara Gradečak on 29 December 2023 as the representative of employees in the Supervisory Board with a four year term. Supervisory Board members have a maximum 4-year term.Powers of the Supervisory Board are defined by the provisions of the Companies Act, the Articles of Association of the Company, and the Rules of Procedure of the Supervisory Board. Within its competence, the Supervisory Board adopts decisions, assessments, opinions, gives consent to the decisions of the Management Board in line with the Rules of Procedure, the law, or the Articles of Association, gives orders to auditors and together with the Management Board, defines which proposed decisions are to be adopted by the General Assembly. The Management Board and the Supervisory Board usually hold meetings or adopt decisions without holding a meeting, via correspondence, in line with the provisions of the Rules of Procedure, the law, and the Articles of Association. The Supervisory Board, acting in line with the provisions of the law, the Corporate Governance Code and the Rules of Procedure of the Supervisory Board, formed two committees, the Audit Committee and the Nomination and Remuneration Committee. Description of the jobs and competences of the Audit Committee and the Nomination and Remuneration Committee is available on Span’s website (www.span.eu).

VII. The Management Board of Span

The Management Board of Span has adopted the Policy on Diversity and Inclusion (hereinafter: Policy) on 18 December 2023 and signed the Diversity Charter of the Croatian Business Council for Sustainable Development. The policy is based on diversity, inclusivity and emphasizing the importance of fairness in ensuring equality of opportunity. It includes principles of individual uniqueness, practical adaptation, individual responsibility of each individual, a positive approach to diversity, openness and transparency, zero tolerance for discrimination, harassment or violence, equal opportunities and inclusive leadership, described in more detail in the Policy. The foundation of the Policy lies in the legal framework prescribed by the Anti-Discrimination Act. By adopting this Policy, the Management Board has committed to implementing the above-mentioned principles to create a positive and inclusive organizational culture. Due to the fact that the policy was adopted in December of 2023, the manner in which the Policy is implemented and the results during the reporting period will be published as part of the Annual Report for 2024.

VIII.

In line with the provisions of Article 250 (4) and Article 272.p of the Act, this Statement represents a separate section and integral part of the annual report on the financial position and business performance of the Company for the business year 2023.

SPAN ANNUAL REPORT 2023 16
SPAN ANNUAL REPORT 2023 17

1.2.4.2. Corporate Governance Code - Compliance Questionnaire for 2022

Applying the best practices of corporate governance, we ensure unbiased, transparent and responsible decision-making in our operations. In line with the requirements of the Corporate Governance Code, in 2023 we have published a Compliance Questionnaire for 2022.

1.2.4.3. Corporate Governance Structure

The three fundamental bodies of Span are as follows:
1. Management Board
2. Supervisory Board
3. General Assembly

1.2.4.3.1. Management Board

The Management Board of the Company is responsible for the strategic management and long-term performance of the whole Span Group. It is obliged to act only on behalf of Span and its shareholders at all times, taking care of the interests of the employees and the wider community, with a view to increasing Span value. Members of the Management Board manage the affairs of the Company together, as well as independently as per individual areas of business as specified in more detail in the Rules of Procedure for the Management Board. Irrespective of the division of competences, all members of the Management Board are responsible for the overall management of the affairs of the Company. The Management Board manages its affairs in compliance with the applicable laws and by-laws, the Articles of the Association of the Company and the Rules of Procedure for the Management Board.

The Rules of Procedure for the Management Board regulates tasks, responsibility, organization, way of operation and decision-making of the Company Management Board, as part of the corporate management process, especially:
a) Tasks and responsibilities of the Management Board;
b) Organization and manner of operation and decision-making of the Management Board;
c) Fields of work that members of the Management Board manage on their own;
d) Authorizations and restrictions in managing the affairs of the Company;
e) Preparing and convening meetings of the Management Board;
f) Work at meetings and decision-making process;
g) Record and conclusions, acts and archives;
h) Rules for preventing conflict of interest;
i) Cooperation with and relation to the Supervisory Board;
j) Other issues of significance for the work of the Management Board.

The division of labor and competences of the members of the Management Board is elaborated in more detail in the Appendix of the Rules of Procedure.

The Management Board of Span consisted of 5 members in 2023. The number of the members of the Management Board is determined by a decision of the Supervisory Board. The Management Board is appointed for a term of office of not more than 5 years, with a possibility for reappointment, without restriction of the number of terms.

The Management Board members in 2023 were:
1. Nikola Dujmović - President
2. Marijan Pongrac - Member
3. Dragan Marković - Member
4. Antonija Kapović – Member
5. Saša Kramar - Member

Board/Committee Term of Office Number of Members Appointment
Management Board 5 year mandate 1-9 members Appointed by Supervisory Board
Supervisory Board 4 year mandate 5 members 4 appointed by General Assembly, 1 appointed by employees
Audit Committee 4 year mandate 3 members President (independent member of the Supervisory Board), 2 external members
Nomination and Remuneration Committee

Corporate Governance Principles:

  • I Shareholders: To protect shareholders rights and treat all shareholders equally, including minorities.
  • II Accountability: To establish an effective internal control and effective accountability system at all levels.
  • III Fairness: To protect shareholders rights and treat all shareholders equally, including minorities.
  • IV Independence Procedures: To avoid conflicts of interest of all relevant parties.
  • Transparency: To ensure timely, accurate disclosure on all material matters (financial information, ownership and corporate governance information).

Robust corporate governance model enabling the execution of governance responsibilities at all levels and ensures investor confidence.

SPAN ANNUAL REPORT 2023 18

Term of office of the Management Board members:

Name and last name Start of the term Expiry of the term
Nikola Dujmović 16.12.2019 16.12.2024
Marijan Pongrac 16.12.2019 16.12.2024
Dragan Marković 16.12.2019 16.12.2024
Antonija Kapović 16.12.2019 31.12.2023*
Saša Kramar 23.01.2020 16.12.2024
  • Antonija Kapović resigned from the position of Member of the Management Board on 31 December 2023.

During 2023, 14 meetings of the Management Board took place, with the membership attendance of 96%. The Members Nikola Dujmović, Antonija Kapović, Marijan Pongrac and Saša Kramar attended 14 meetings, and Dragan Marković attended 12 meetings. The Management Board evaluated its effectiveness and the individual members' effectiveness, and communicated its conclusions to the Supervisory Board.

Nikola Dujmović, President of the Management Board

Nikola is a co-founder and has been the company’s Director since its foundation. An engineer by trade, he sees the possibilities for improvement and growth in everything he does, with an exceptionally rare talent to recognize or anticipate upcoming global tech trends. Nikola's business philosophy is simple – trust in what you do and follow the social responsibility concept, provide support and try to give the community more than you have received from it. From the start, Nikola saw the importance of investing in people and their skills. That is why today Span’s employees have a chance to expand their knowledge by working with state-of-the-art tech, using that knowledge to efficiently solve their clients’ business challenges. Nikola is also responsible for Span’s expansion far beyond Croatian borders and he was the force behind Span’s partnership with Microsoft, making us the company’s leading partner in the region. Everything from design and development of strategically important projects, corporate security, quality and compliance with legal matters and office administration falls under Nikola’s direct jurisdiction.# S P A N A N N U A L R E P O R T 2 0 2 3

Thanks to his efforts and vision, Span is today one of the leading Croatian IT companies and one of the top Croatian exporters of software and services. With 35 years of rich experience, Nikola is also a member of the Management Boards of Span Cyber Security Center, and affiliated companies Trilix and Bonsai. He graduated from the Faculty of Electrical Engineering and Computing, University of Zagreb in 2002.

S P A N A N N U A L R E P O R T 2 0 2 3 19

S P A N A N N U A L R E P O R T 2 0 2 3 20

S P A N A N N U A L R E P O R T 2 0 2 3 21

Marijan Pongrac, Member of the Management Board, 23 years in Span

Marijan is the Member of the Management Board for technology. He is a certified Microsoft IT expert, a system engineer and trainer. In Span, he is in charge of all Span’s technology projects, from infrastructure to software, overseeing every phase of projects, from development to support. Marijan started his career in Span as a System Engineer and Architect, quickly becoming a Business Unit Manager. He has forged his team of three into an expert crew of 460 professionals, and that is something he cites as one of his greatest achievements. Marijan’s work on creating a top-level IT team, ensuring its growth and development, and spreading its influence and knowledge is something that has cemented Span’s reputation as a trusted and competent company. For more than two decades, Marijan has led teams that design innovative solutions for clients with their knowledge and work with state-of-the-art technologies. With Marijan at the helm, Span teams design diverse technical solutions, manage software and infrastructure projects and organize follow-up and support services. Marijan’s business path started in 1992 in the family business, Skok, where he was the company Director until 1996. In the same year, he was employed as a system engineer in the Croatian public television (HRT), where he worked until 2001, when he came to Span. He graduated from the Faculty of Transport and Traffic Sciences, University of Zagreb in 1997.

Dragan Marković, Member of the Management Board, 8 years in Span

As the Management Board Member in charge of operations management, Dragan supervises the work of the Financial, Controlling, Accounting, and Internal IT departments. Relationships with assorted financial institutions, creditors, and investors also fall inside his area of responsibilities, as well as all the mergers and acquisitions Span is involved in. After Antonija Kapović’s resignation, he has taken over her duties until the end of the mandate of this composition of the Management Board. Dragan started his career path as an IT manager at ایکسپandia Invest and went on to develop his rich 28-years-long working experience at managing positions in the companies Iskon, Verso Mrežne Tehnologije, Hrvatski Telekom, King-ICT, and Proficio. He graduated from the Faculty of Electrical Engineering and Computing, University of Zagreb in 1998.

S P A N A N N U A L R E P O R T 2 0 2 3 22

S P A N A N N U A L R E P O R T 2 0 2 3 23

Antonija Kapović, Member of the Management Board, 14 years in Span

Until her resignation that became effective on 31 December 2023, Antonija was the Member of the Management Board in charge of human resources. The main purpose of HR at Span is attracting, developing, motivating, and finally, retaining the best IT experts. Under her leadership, Span implemented a unique performance management system, leading to significant increase of employees' engagement and satisfaction. Together with her team, she initiated Span Academy, a successful summer internship program intended for promising students of technical and information sciences, and Span Management Academy, a program intended for the development of future managers. Antonija started her career in HR back in 2001 at Belupo and went on to acquire experience in Microsoft Croatia, S&T Croatia, and in Atento in her 23 years of work. She graduated from the Faculty of Philosophy at the University of Zagreb in 2000, Psychology major, and completed her MSc studies of organizational behavior at the Birkbeck University in London in 2015.

Saša Kramar, Member of the Management Board, 4 years in Span

As the Member of the Management Board for Marketing, Sales and Business Development, Saša is responsible for Span’s international business development, managing a full portfolio of marketing and sales activities. Together with his team, he is strengthening relationships with our current and future clients, suppliers and partners. Besides overseeing these activities in Croatia, he also supervises Slovenia, Ukraine, Moldavia and Azerbaijan, Estonia and Georgia, with a constant focus on expanding to new international markets. During his first year in Span, we have already seen him restructure our Sales and Marketing departments with great success. His immense experience in organizing these corporate branches as well as managing business development and strategic growth help transform Span into a truly international company. During his 34-years-long productive career, Saša has worked on managing positions in technology and telecommunication companies. He started his career at the Apple Center NOVEL in 1990 and moved to Iskon Internet in 2016. In the same year, he became the member of the Management of Hrvatski Telekom and performed that function until January 2020, at the same time performing the function of the President of the Supervisory Board of Combis since 2016, and the Member of the Supervisory Board of Crnogorski Telekom since 2017. He studied at the Faculty of Electrical Engineering and Computing, University of Zagreb, only to continue to improve his knowledge in Croatia and abroad.

S P A N A N N U A L R E P O R T 2 0 2 3 24

1.2.4.3.2. Supervisory Board

The Supervisory Board of Span consisted of 4 members by 14 June 2023:
1. Jasmin Kotur, President of the Supervisory Board;
2. Aron Paulić, Vice President of the Supervisory Board;
3. Ante Mandić, Member of the Supervisory Board;
4. Zvonimir Banek, Member of the Supervisory Board.

The President of the Supervisory Board, Jasmin Kotur, and the Member Zvonimir Banek resigned from their positions at the Supervisory Board, and the General Assembly of the Company that took place on 14 June 2023 elected Ivana Šoljan and Mirjana Marinković as the new Members of the Supervisory Board. The two were elected for a period from the adoption of the decision of the General Assembly to the expiry of terms of office of the other members of the Supervisory Board of the Company, i.e. by 30 September 2024.

After the meeting of the General Assembly of 14 June 2023 where the new members of the Supervisory Board were appointed, a constitutive meeting of the Supervisory Board of Span was held and Ante Mandić was unanimously appointed the new President of the Supervisory Board, so as of 14 June 2023 the Supervisory Board of Span consisted of four members:
1. Ante Mandić, President of the Supervisory Board;
2. Aron Paulić, Vice President of the Supervisory Board;
3. Ivana Šoljan, Member of the Supervisory Board;
4. Mirjana Marinković, Member of the Supervisory Board.

Employees of the Company have the right to appoint and recall the fifth member of the Supervisory Board. The employees have, in free and direct elections held based on the provisions of the Labor Law, for the employees' representative in the Supervisory Board of the Company, elected Mrs. Barbara Gradečak as the employees’ representative with the term of office of 4 years, starting on 29 December 2023.

Ante Mandić

Ante is the President of the Supervisory Board. He started his career in 1978 in the army where, after initial activities directed to performing commanding duties, he continued to develop as a lecturer at the military academy, and then as a researcher and military advisor abroad. He left the army in 1991 and in the same year founded a company, IN2 for the development and implementation of software and provision of related services. By 2018, IN2 developed into a Group of 12 regional companies with more than 630 employees, and in the same year, it was sold to the Canadian group, Constellation Software. Today, Ante is the majority owner of INsig2 and advisor for business development. He is an active participant of the Croatian IT community, and through his career, he has performed the functions of the president of associations within the Croatian Employers’ Association and the Croatian Chamber of Economy. The President of the Republic of Croatia decorated him with the Order of Danica Hrvatska in 2014 for his contribution to the development of the Croatian economy. He was also declared the Manager of the Year in 1999 and 2021, and the Entrepreneur of the Year in 2014 and 2018. He graduated from the Technical Military Academy in Zagreb in 1978, acquiring the title Bachelor of Science in Nuclear Physics, i.e. an expert for nuclear weapons. He obtained a Master’s Degree in 1985 in the area of computer simulation.

S P A N A N N U A L R E P O R T 2 0 2 3 25

S P A N A N N U A L R E P O R T 2 0 2 3 26

S P A N A N N U A L R E P O R T 2 0 2 3 27

Aron Paulić

Aron is the Vice President of the Supervisory Board and President of the Nomination and Remuneration Committee.He is responsible for the recruitment of candidates and the supervision of the process of nomination for the Supervisory Board and the Management Board so as to ensure transparency and decency. Moreover, he considers proposals for the remuneration of the members of the Management Board and supervises the amounts and the structure of remuneration of the senior management and employees as a whole. He started his career as a developer and has worked on system development and the sale of advanced solutions. He has spent the biggest part of his career in managerial positions in the media industry. He has been an active creator of the Croatian information industry for 30 years, a publisher of IT magazines, books and digital publications, an author of numerous articles and interviews, and an organizer of fairs, conferences and seminars. He has collaborated with more than 800 associates in his career, many of whom form the backbone of the local IT industry today. He started his career in 1991 at AC NOVEL, where he worked on software development and sale positions. In 1993 he co-founded the media company BUG and has been its director since then. He graduated from the then Faculty of Electrical Engineering of the University of Zagreb in 1991, now the Faculty of Electrical Engineering and Computing.

Ivana Šoljan graduated with a degree in theater directing and radio broadcasting and business communication. She also completed MSc studies in communication. One of the first entrepreneurs in Croatia with the experience in launching, funding and selling projects in media, tourism and telecommunication industry, she also boasts great experience in management since she has held executive positions in a couple of managerial teams (IN2, Jupiter Adria, Hrvatski telekom, Iskon, Europapress Holding, Z3 tv, etc.) as the Executive Director and Member of the Management Board, where she was mostly responsible for sales, marketing and business development. She also has great general management experience. Together with Ivica Mudrinić, she is the co-founder of Foundation Luka (Zaklada Luka), a charity that finances university tuition fees for talented female students lacking financial resources. Ivana is the Director and a Member of the Management Board in Backstage consulting d.o.o., Include d.o.o., and Nest 01 d.o.o. and the founder and Director of the Hub385 coworking area.

SPAN ANNUAL REPORT 2023 28

SPAN ANNUAL REPORT 2023 29

Mirjana Marinković

Mirjana is the Director of Sapientia Nova d.o.o. Zagreb, and of a series of project companies where she develops entrepreneurial ideas. She graduated from the Faculty of Economics, the University of Zagreb, in 1998. She went on to acquire formal education at the postgraduate studies in Accounting, Finance and Auditing major. In 2008, Mirjana was awarded the annual award Prof. dr. sc. Ferdo Barbara

Barbara acquired the Senior Economist for Internal and Foreign Trade title at the Faculty of Economics in Zagreb in 2006. She started her career in Amadeus M.A.J., and since 2010, she has worked in Span. She is assigned with payroll, incoming invoice booking, calculation of VAT and preparation of final accounts for other members of Span Group. She was actively involved in Spajić by the professional organization Croatian Association of Accountants and Financial Professionals (Hrvatska zajednica računovođa i financijskih djelatnika). She is certified as a professional TQ trainer. Her 25-year professional career has been connected to investment funds and the companies Expandia Invest and CAIB Invest since its very beginning, along with the leasing industry in Croatia, for which she organizes and manages the regional education program called Leasing Academy. She took part in important restructuring projects in Croatia, including the position of the Finance Director/Procurator at Hypo Alpe Adria Bank in the period from 2011 to 2012, and the Group Consolidation Manager in the project for restructuring Agrokor Group. She is specialized primarily for launching businesses, risk management, consolidation, IFRS/IAS standards and entrepreneurial activity. Mirjana has been a member of the Supervisory Board of Span d.d. since 14 June 2023. key activities of Span's operation, such as going public on the Zagreb Stock Exchange and implementation of the ESOP (Employee Stock Ownership Plan), which confirmed her expertise and professionalism. At the end of 2023, she was elected the representative of employees in the Supervisory Board of Span, which is also a recognition of her dedication to the improvement of the Company's operation.

SPAN ANNUAL REPORT 2023 30

SPAN ANNUAL REPORT 2023 31

Independent Members account for 80% of the Members of the Supervisory Board.
* The Supervisory Board held 6 meetings where it adopted the Business plan for 2023, amendments to the Rules of Procedure for the Management Board and the Rules of Procedure for the Supervisory Board and adopted the Business plan for 2023.
* The Supervisory Board adopted the Annual plan for internal audit and Plan of the selected auditor of Span Group for 2023, reviewed and determined the Annual Financial Statements compiled by the Management Board, and the decision on the distribution of profits, auditor’s report composed by the audit company Deloitte d.o.o. and Remuneration Reports of the Management Board and the Supervisory Board. Based on the recommendation of the Audit Committee, the Supervisory Board proposed to the Assembly to appoint Deloitte d.o.o. as the auditor of Span Group for 2023.
* The cooperation between the Supervisory Board and the Management Board was assessed positively.
* At the meetings, the attendance of members was recorded at 96%. All the members of the Supervisory Board were present at all meetings, except for Aron Paulić, who attended 5 out of 6 meetings.
* The Supervisory Board decided by correspondence 5 (five) times in 2023, when it decided on the approval of contracts with associated entities, approved payment of bonuses to the Management Board based on the established goals and criteria for 2022, and approved the Questionnaire on Management Practices and Compliance Questionaire for issuers.
* The Supervisory Board gave its approval for the Risk Appetite Statement for Span, adopted by the Management Board.
* The Supervisory Board carried out self-evaluation of the profiles and competences of the members of the Supervisory Board and members of its committees where all the circumstances referred to in Article 41 of the Code were evaluated. The self-evaluation was conducted by the Deputy President of the Supervisory Board without engaging an external auditor. The Supervisory Board determined that its composition and profile, as well as the composition and profile of its committees, correspond to the needs and activities of the Company. Based on a recommendation from the evaluation of the prior period, two new female members were appointed at the positions of member employees of Span who had resigned, and together with the female representative of employees in the Supervisory Board, women now accounted for 60% of the total number of members. Consequently, with the number of female members in the Supervisory Board, which consists of a total of six members, the percentage of women was 50% and the level of women's representation was evaluated as above average.
* Having conducted the evaluation, the Supervisory Board established that all the members of the Supervisory Board and its committees possess knowledge, abilities and professional experience required for decision-making in all the issues that were on the agenda at the meetings of the Supervisory Board and its committees.
* Administrative support when preparing meetings of the Supervisory Board is provided by the Secretary of the Company in an effective and timely manner.
* The Supervisory Board of the Company was informed by the Management Board in a proper, timely and transparent manner about all crucial issues concerning the operation of the Company and companies dependent on it, which are important for the existence of the Company.
* No other payments, apart from the fee for their work in the Supervisory Board, were made to the Members of the Supervisory Board in 2023.

The Supervisory Board of Span founded the Audit Committee and the Nomination and Remuneration Committee.

1.2.4.3.2.1.# Audit Committee

Audit Committee performed tasks in line with the Audit Act, the Regulation (EU) 537/2014, other positive regulations and the Rules of Procedures of the Audit Committee. The Rules of Procedure of the Audit Committee of Span are available at the Company websites: Rules of Procedure of the Audit Committee.

In 2023, the Audit Committee acted in the following composition:
* Ante Mandić - President
* Nataša Zelenika - Member
* Tomislav Skorin - Member

Nataša Zelenika

Nataša graduated from the Faculty of Economics and Business in Zagreb. She started her career in 1999 as an auditor at EY Croatia, the position she left in 2008. Then, she occupied the position of the Finance and Accounting Manager at PBZ Croatia d.d., where she was in charge of the finance and accounting of the company and the fund. In 2010, she continued her path in the finance of Agrokor d.d. where she mostly worked on coordination and resolution of taxation issues on the level of the holding company, while cooperating closely with external consultants. Since 2017, she has been the owner and Director of a consultancy company, which provides consulting services in the area of finance and accounting, as well as functions of external accounting to various customers. She has been a member of the Audit Committee of Span since its establishment.

Tomislav Skorin

Tomislav graduated from the Faculty of Economics and Business in Zagreb in 2001. He started his career in the same year as an auditor for Deloitte & Touche in Zagreb. Later, he worked as an Audit Supervisor for Confida revizija, a company in Zagreb. Tomislav continued his career as a Senior Controller at Iskon Internet only to become the CFO and the member of the Management of Tvornica plinskih turbina d.o.o. in Karlovac, and finally the member of the Management of the Croatian Mint until November of 2023. Tomislav is an experienced CFO with a proven track record in the industry of production and audit and consultancy services. He is exceptionally committed to long-term prosperity and professional goals of the company, he believes in open communication and consistently achieves and overcomes the agreed goals, frequently in very demanding circumstances.

During 2023, the Audit Committee held 4 (four) meetings where the recorded attendance of its members was 100%. During the meetings, the Committee considered and adopted the annual plan for audit and the report and the annual plan for internal audit for 2023.

The Code of the Zagreb Stock Exchange stipulates that the Management Board, upon prior agreement of the Supervisory Board, has to adopt a policy that determines the nature and scope of risk the company must and is willing to take in order to achieve all long-term strategic goals (“tendency to take risks“). The Audit Committee gave a recommendation on the adoption of a Risk Appetite Statement, adopted by the Management Board of Span, which the Supervisory Board gave consent to.

The Audit Committee considered and gave recommendations to the Supervisory Board to adopt the annual financial statements and consolidated annual financial statements of Span Group, along with a report on the condition of the Company and affiliates, with the reports of the authorized auditor, Deloitte d.o.o. for 2022.

The Audit Committee gave recommendation to the Supervisory Board to adopt a submitted proposed Decision on appointing the auditor for 2023, appointing Deloitte d.o.o. as the auditor of the Group for 2023, and refer it to the General Assembly for decision-making, where the proposal was adopted.

The Audit Committee evaluated the effectiveness of risk management and the internal control system, procedures for approval and announcement of transactions between members of the Management Board or the Supervisory Board and the Company (or persons related to any party) and effectiveness of the procedure for reporting irregularities and its application.

The Audit Committee regularly presented its conclusions and recommendations to the Supervisory Board.

1.2.4.3.2.2. Nomination and Remuneration Committee

Nomination and Remuneration Committee performed tasks specified in the Decision of the Supervisory Board on establishment of the Nomination and Remuneration Committee and provisions of the Rules of Procedure of the Committee, which are available at the websites of the Company: Rules of Procedure of the Nomination and Remuneration Committee.

In 2023, the Committee worked with the following composition:
* Aron Paulić - President
* Hana Horak - Member
* Lucia Ana Tomić - Member

The Committee held 4 (four) meetings, which were attended by all the members.

Hana Horak

Prof. Hana Horak, PhD is a tenured Professor at the Faculty of Economics and Business, University of Zagreb, and head of a Jean Monnet Chair. She teaches Commercial Law and Company Law, European Company Law, EU Internal Market Law, Corporate Management and International Commerce Law. She is also the Head of the postgraduate specialist program “Legal and Economic Framework of Business in the European Union.” Since 2011, she has been the Chair of the Program Committee of the International Conference on European Company Law and Corporate Governance. She is the founder and Editor-in-Chief of the scientific magazine INTEREULAWEAST – Journal for International and European Law, Economics and Market Integrations. She has been a member of the European Law institute /ELI/ for years, and actively participates in ELI SIG Business and Financial Law as a member of the project team on the project "Corporate Sustainability, Financial Accounting and Share Capital." Since 2020, she has been a member of the Advisory Board of the Croatian Hub, the European Law Institute. In 2022, she was elected a member of the Supervisory Board of the Croatian Academy of Legal Sciences. She is the President of ICC Croatia Commission on Corporate Responsibility and Anti-corruption.

In 2023, within an education by the ESG Academy of the Croatian Chamber of Commerce, she gave a series of lectures on the legal framework of corporate governance in the area of sustainability and implementation of ESG factors. Moreover, she provided education for the Croatian Banking Association and lectures within ESG workshops of Privredna banka Zagreb and ASB Sisak. In 2023, she published a paper titled "Directors, information, remuneration and risk management // European company case law,” 2 (2023), 2; 149-161. doi: DOI: 10.5771/2752-177X-2023-2-149 (Horak, Hana; Tomić, Lucia)”, and as a project associate, she took part in the preparation of ELI Guidance on Company Capital and Financial Accounting for Corporate Sustainability // ELI Guidance on Company Capital and Financial Accounting for Corporate Sustainability. Vienna, Austria: European law Institute - ELI, 2023. 68. She participated in the conference “Companies at a Crossroad – a Way Forward,” organized by the Department of Corporate and Financial Law of the Faculty of Law in Rijeka, and co-organized by the Jean Monnet Inter-University Center of Excellence in Opatija, with a lecture entitled “Critical review of the EU Proposal for Corporate Sustainability Due Diligence Directive.“ As a speaker and moderator, she took part in the conference “Enhancing Integrity and Compliance in Operation – ESG Standards as an Instrument for the Prevention of Corruption,” organized by ICC Croatia and Croatian Chamber of Commerce. She has been a member of Span's Nomination and Remuneration Committee since its establishment.

Lucia Ana Tomić

Lucia boasts more than twenty years of experience working in the area of legal affairs and human resources. Working in a law office, in the banking and insurance sector, she specialized in the area of financial crime, prevention of money laundering and fraud and data protection. Currently, she is leading the Sector for Conformity, Regulatory Affairs and Procurement at Wiener Insurance, Vienna Insurance Group d.d. She has been appointed a member of the Nomination and Remuneration Committee in Span. Lucia has acquired degrees at the Faculty of Law in Zagreb and the Faculty of Economics, where she continued her education and acquired an MBA degree in the area of management and international mergers and acquisitions. In 2023, she took part in various conferences as a speaker (Leader events, Money Motion, European Company Law Association…) and gave lectures in universities in the region as a visiting lecturer. She is a full-time lecturer on Social Criteria and Governance at the ESG Academy. An author of a series of scientific articles in the HR area concerning remuneration and assessment of eligibility of members of management boards, her latest paper was published in 2023 under the title "Directors, information, remuneration and risk management // European company case law," 2 (2023), 2; 149-161. doi: DOI: 10.5771/2752-177X-2023-2-149 (Horak, Hana; Tomić, Lucia). She is the Vice President of the ICC Commission on Corporate Social Responsibility and a licensed Coach at the European Mentoring and Coach Council.# c) Individual Audit Plan

The strategic plan, the annual plan, and the individual internal audit plan are proposed by the person responsible for managing internal audit, and are adopted by the Audit Committee. Within the annual plan of internal audit for 2023, the following areas of work and scope of implementation, as well as documents analyzed and reviewed within the audit, were identified and audited: GDPR – personal data management and protection, human resources, accounting and finance area, service area – Cloud, Security and SOC, and audit of the information system in the area of information system security and risk management.

The Nomination and Remuneration Committee determined the proposed goals of the Company for 2023, and key performance indicators (KPI) in order to determine the annual bonus for the Management Board, which was referred to the Supervisory Board and adopted, and also determined fulfillment of goals in order to determine the amount of the annual bonus for the Management Board for the previous year. It supervised the amount and structure of remuneration for the senior management and employees as a whole and gave a positive assessment and recommendations to the Management Board concerning the latter's policies. It also assessed the composition, size, membership and quality of work of the Supervisory Board. It determined the proposal of the Remuneration Report of the Management Board and Supervisory Board for 2022. At an emergency meeting, the Committee gave its positive opinion for the proposal of new members of the Supervisory Board of the company and recommended to the Supervisory Board to adopt the submitted proposal and refer it to the General Assembly for adoption, by which the target percentage of female members of the Supervisory Board of at least 40% of positions in supervisory boards was met, in line with the provisions of the Directive improving gender balance among directors of listed companies proposed by the European Commission in 2012. The Nomination and Remuneration Committee notified the Supervisory Board on a regular basis on recommendations adopted at its meetings and submitted annual reports on their work to the Supervisory Board.

Internal audit

Internal audit that was nominated in Span within good corporate governance practice is performed in line with the internationally recognized audit standards concerning internal audit, the code of professional ethics of internal auditors and rules of action of the internal audit. The internal audit affairs are performed in line with:

a) Strategic Plan: The Strategic Plan for internal audit is adopted for a three-year (five-year) period by the Company, is based on risk assessment and is adjusted every year.

b) Annual Plan: The Annual Plan for internal audit is produced by the Company based on the strategic plan and it must encompass:
* Areas of operation that are a priority given the risk assessment,
* List of planned audits,
* Order of internal audits

SPAN ANNUAL REPORT 2023 36
SPAN ANNUAL REPORT 2023 37

1.2.4.3.3. General Assembly

The General Assembly decides on issues specified by the Company Act and the Articles of the Association of the Company. The Articles of the Association of the Company, available at the websites at the following link: the Articles of the Association of the Company, prescribe the manner of work of the General Assembly, its authorizations, rights of shareholders and manner of their realization.

The General Assembly can adopt valid decisions if it is attended by shareholders, in person or through an attorney-in-fact, whose shares make more than a half of the share capital of the Company. The right to participate in the General Assembly is ensured to shareholders who have the share of the Company registered at their securities account in the computer system of the Central Depository and Clearing Company, and have reported their participation at the General Assembly in advance. An invitation to the General Assembly regulates the conditions for applying for participation at the General Assembly in more detail.

The regular General Assembly of the Company was held on 14 June 2023. The Assembly was chaired by Stjepan Lović, Attorney at Law. The Assembly was attended by shareholders and their representatives who held a total of 1,370,326 (one million three hundred seventy thousand three hundred twenty-six) shares, which entitle to 1,370,326 (one million three hundred seventy thousand three hundred twenty-six) votes or 70.52% (seventy point fifty-two percent) out of the total number of votes, or 69.91% (sixty-nine point ninety-one percent) of the share capital of the Company.

In accordance with the published agenda, the Assembly made the following decisions:

  • Payment of dividend in the amount of HRK 10 (ten kuna)/ EUR 1.33 (one Euro and thirty-three cents), per share to the shareholders of the Company, proportionally to the number of shares they hold, and net profit for the business year 2022 that was left after the payment of dividend shall remain in the retained (undistributed) profit of the company;
  • Discharge was given to Members of the Management Board and the Supervisory Board of the Company;
  • The share capital and the nominal amount of shares were adjusted to EUR as the official currency in the Republic of Croatia in a manner that the share capital was increased to EUR 3,920,000.00 (three million nine hundred twenty thousand EUR), and the nominal amount of the share was increased to EUR 2.00 (two EUR);
  • The Articles of the Association of the Company were amended in line with the adjustment of the share capital and nominal amount of the share to EUR, and provisions of the Articles of the Association of the Company concerning the General Assembly were complemented;
  • Revised Remuneration Report of the Management Board and the Supervisory Board during the business year 2022 was approved;
  • Remuneration for the Supervisory Board was specified;
  • New members of the Supervisory Board, Ivana Šoljan and Mirjana Marinković, were elected;
  • Deloitte Limited Liability Company for audit services was appointed as the auditor of the operation of the Company and Span Group in the business year 2023.

All Decisions from the General Assembly meetings, as well as records thereof have been published in line with the legal regulations and are available at the websites of the Company.

1.3. Overview of operation

Software Asset Management & Licensing

Our business model is directed to providing a full service, with a possibility to adjust solutions to the business needs of an individual client. Our business activities are divided into four business segments: Infrastructure services, Cloud&Cyber Security Service Center Management & Technical Support.

1) Software Asset Management and Licensing 4
The first step in the business relationship with a customer is licensing. This business segment includes the sales of program licenses and assistance to customers concerning the selection of the most appropriate program licenses for their operation and taking care of the timely renewal of the licenses purchased. During this phase, the overall business operation of a customer is analyzed with the purpose of identifying the actual needs for adequate software and optimizing its operation. In this way, we strive to achieve savings for the customer and reduce IT risks they are exposed to as early as with the very contracting of the procurement of software, and we become the customer’s long-term consultant when the management of their software assets is involved. Our software asset management service unites expertise and the most sophisticated technology so that we can simplify licensing, ensure compliance, automate governance and optimize software use expenses for our customers.

To provide software asset management services, we use modern technological tools and standards, and we are a certified partner of Snow, one of the leading suppliers of IT tools for the management of licenses and software assets. When it comes to sales of licenses, the most important supplier of the Group is Microsoft, and we have been a part of their partner network since the establishment. As a Microsoft Solutions Partner, we have become their hub of expertise for communication solutions, solutions for security, and Azure platform as well as advanced business applications.

https://www.span.eu/en/solutions-services/software-asset-management-sam-licensing/

SPAN ANNUAL REPORT 2023 38
SPAN ANNUAL REPORT 2023 39

2) Infrastructure Services, Cloud & Cyber Security 5
Infrastructure services include the design and development of information systems according to the business needs of a customer, with an emphasis on Cloud&Cyber Security. To that end, we use advanced and innovative solutions and software tools of global leaders in the IT sector. Projects## development of information systems can be of different duration, from one-year to multi-year projects, and we design and develop them according to specific business needs and standards of the customer (tailor-made solutions). The idea is to develop an IT system adjusted to the customer, which will support their current operation and business growth to the optimum, so this process includes a detailed analysis of the existing business processes of the customer. When Cloud services are involved, we have ensured complete solutions to our customers, from the service for the assessment of the preparedness of the customer, preparation and enabling the transition of the customer to the Cloud platform, to the management of Cloud itself. By multicloud environment services (use of more than one Cloud platform of different suppliers in the same environment), we ensure the supervision of the Microsoft Azure, Microsoft Dynamics, Microsoft Power Platform, Microsoft 365 Cloud environment, optimization of expenses and safety of the IT system. We are their leading partner with a permit to provide licensing services (LSP) and Cloud services (CSP) in the EU/EFTA region, Ukraine, Azerbaijan, Belarus and the CIS region. With our Microsoft Solutions Provider status in 5 areas, we continuously prove our success in innovation and implementation of Microsoft solutions. Our wide portfolio of suppliers is a result of our added value approach and cooperation with leading software producers which guarantee successful meeting of all user requirements for licensing. We are a certified partner of leading platforms of Cloud operations in the world - Microsoft Azure, Amazon Web Services and Google Cloud Partner, and these companies are our most significant suppliers in the segment of the infrastructure services and Cloud. 5 https://www.span.eu/en/solutions-services/cloud-services/

SPAN ANNUAL REPORT 2023 40
SPAN ANNUAL REPORT 2023 41

Our goal is to convey knowledge and empower the business community to respond as efficiently as possible to the ever-present and increasingly sophisticated cyber threats, which are one of the greatest risks for the operation. We want to achieve this through the Span Cyber Security Center which we opened in September 2022. The Center offers education, training and consultancy services intended for employees in the public and private sector, and the program is tailored to specific needs of the participants or a company, and includes active participation in real-life situations where professional hackers simulate real attacks on their business systems.

3) Service Center Management and Technical Support

This segment of the operation involves services of complete supervision and management of the IT environment which we provide to customers depending on the contracted level of service. We ensure the complete availability of service, 24 hours a day, 7 days a week, and 365 days a year, independent on whether the systems were designed, developed and put into operation by us or the respective customer. Even though contracting these services usually follows after we implement or integrate certain technological solutions for the customer in their own IT environment, we also provide them independently of the previous integration of technology in the customer’s environment, especially in cases when a customer has a need for specific know-how, better availability of professional IT support or additional resources capable to perform high-risk large-scale operating actions. Span IT support service is organized in a manner adequate to the standards (ISO 20000, ISO 27001, ISO 9001, ISO 50001, ISO 14001, ISO 37001 and ISO 22301) and the best practice in industry (Information Technology Infrastructure Library – “ITIL”). This segment of the operation also includes taking care of the security of the IT systems 6 which we strive to make resilient to cyber threats or attacks. In the world of continuous threat evolution, increasing mobility and digitalization, you need around-the-clock vigilance, alertness and agility. Our Security Operations Center (SOC) is a full-service solution that protects your company from a wide range of cyber threats, 24 hours a day, 365 days a year. Our security analysts use advanced technologies, their extensive experience, and insight into the most recent threat intelligence knowledge to rapidly and effectively identify and prioritize all key events. Our professional certifications also prove our competences in this segment:

6 https://www.span.eu/en/solutions-services/security-services/
7 https://www.span.eu/en/solutions-services/24x7-support-services/
8 https://www.span.eu/en/solutions-services/business-solutions-development/

4) Software and Business Solutions Development

This business segment includes the development of our own IT solutions, or software platforms, software solutions, software products, and Microsoft business solutions. The development of software platforms implies the development of digital platforms of high performance, ready for global scaling that we base on the solutions of Cloud operation and micro service architecture.

SPAN ANNUAL REPORT 2023 42
SPAN ANNUAL REPORT 2023 43

The development of software solutions concerns the development of specific software solutions according to the customer’s requirements in the area of different technologies. We have developed the so-called “Data Segregation Framework,” a specific solution based on Blockchain technology and intended for a transparent and secure monitoring of the access to confidential data and the so-called “RAM,” a comprehensive solution for the real time monitoring of the used hardware and licensed resources. The development of software products implies the production of our own software solutions among which: Span Resolution, 9 a flexible solution for IT service management, “Personal Data Protector (PDP),” 10 a comprehensive solution for collection and harmonization with the requirements of the General Data Protection Regulation 2016/679 (GDPR) and “Domain Name System C&A,” 11 an intelligent security solution that helps in the protection from and analysis of cyber attacks, stand out. We use the most sophisticated technologies and the most advanced tools in order to support the development of optimal software solutions. Our deep understanding of our clients’ business needs enables us to always offer the right IT solutions, utilizing cutting-edge technologies and the most advanced tools to support the development of optimal software solutions.

1.3.2. Main markets

We divide the main markets in:
* Key International Clients
* Domestic markets (include markets in the Republic of Croatia and the Republic of Slovenia)
* Fast-growing markets (include markets in countries of East Europe and Central Asia).

1.3.3. Industry trends

Stagnation and recession were primary market indicators in 2023 that led to a budget reduction for IT projects and generally more cautious investments. The reason for that was the war in Ukraine to a great extent, and in late 2023, we witnessed the start of a new war – in Israel. Despite all those factors, the business did not stop. Investments and projects that were slowed down or skipped in 2023 are expected to be gradually relaunched so the IT industry is projected to see a positive shift in 2024. The digitalization of operation is necessary for the survival of any company. Stopping this development can seriously harm the endurance of the business. Cyber security is still the focus of all companies which have become aware of the fact that the development of technology entails the development of cyber crime as well. Attacks are ever more frequent and sophisticated. According to research conducted by Cybersecurity Ventures, costs of cyber attacks over years are expected to grow exponentially, which means that in 2025, we can expect that USD 10.5 trillion 12 will be spent on them. A term that increasingly appears together with cyber security is cyber resilience. Continuing monitoring of the resilience of the company is of great importance in order to ensure the continuity of operation. Research says that one in two companies 13 was a victim of a successful cyber attack in the past three years. Artificial intelligence can help cyber security experts through the automation of anomaly monitoring. Artificial intelligence collects, summarizes and analyzes large amounts of data, making experts' job easier. They can direct “Cloud and cyber security still remain the main technology trends in 2024, and are now joined by artificial intelligence. Artificial intelligence will permeate every segment of operation and technology with a view of automation.It will be a key point for more than a half projects in IT, and AI-related projects will be granted additional budgets,“ says Marijan Pongrac, Member of the Management Board of Span in charge of technology. 9 https://www.span.eu/en/solutions-services/business-solutions-development/span-products-solutions/itsm-solution-span-resolution/ 10 https://www.span.eu/en/solutions-services/business-solutions-development/span-products-solutions/personal-data-protector-pdp/ 11 https://www.span.eu/en/solutions-services/business-solutions-development/span-products-solutions/dns-ca/ their expertise to giving context to situations and specific actions. It is well known that the world lacks several million cyber experts and this is the way to partially resolve it. A key thing for the implementation of AI in organizations will be the preparation of a secure environment. For instance, it is necessary to integrate Microsoft Copilot in the existing system, but the existing system has not been made in a way to ensure confidentiality and the protection of data against AI tools. Cyber experts will have to assess the environment, identify things that require adjustment and ensure the protection and confidentiality of data in the cloud. 12 2023 Cybersecurity Almanac: 100 Facts, Figures, Predictions, And Statistics (cybersecurityventures.com) 13 Human Risk Review 2023 | SoSafe (sosafe-awareness.com) S P A N A N N U A L R E P O R T 2 0 2 3 4 4 S P A N A N N U A L R E P O R T 2 0 2 3 4 5 It is predicted that the investments of companies in cloud in 2024 will exceed USD 1 trillion for the first time 14 . One of the greatest values of cloud is that it is easily accessible and enables the selection of a wide range of services in IaaS, PaaS and SaaS service models. With cloud, companies can focus on business operation and goal achievement, and entrust technical details of implementation and maintenance of complex services to dedicated experts. Encryption, authentication and disaster recovery will be increasingly demanded services in the cloud due to ever more frequent cyber threats. Cloud, inter alia, has a great role in ensuring the availability of AI to the public. AI models use great amounts of data the processing of which “Cloud is no longer a tool to save time and money; rather, it enables innovation, agility, and greater success of a company. Therefore, it is not surprising that an increase of 9% 15 in the number of companies that will implement multicloud in 2024 can be expected.“, emphasizes Marijan Pongrac, Member of the Management Board responsible for technology. To apply the new Directive, it is crucial that each EU Member State enacts its law no later than by 17 October 2024 . 16 In order to be as prepared as possible for the NIS2 Directive, companies will have to change their existing policies and security practice. Therefore, before the final deadline for law amendments, it is important to assess risks and carry out the necessary training for raising cybersecurity awareness, and verify the effectiveness of security measures the requires great computer power. Most companies do not have available resources to launch such programs, but when AI is accessed as a service available through a platform in the cloud, everybody can use the benefits of the new technologies. In order to increase cyber resilience, the European Union has adopted Directive NIS2. It wants to achieve a high EU-wide common level of cyber security. Concerning the 2016 NIS Directive, Directive NIS2 significantly increases the field of application to a large number of companies and organizations that have not been covered so far. EU Member States have a deadline by 17 October 2024 to draft and adopt local laws to transpose the provisions of the Directive into their national legislations. The Directive NIS2 will also be important for international companies doing business with the EU Member States. For the above reasons, a high demand for management and harmonization services is expected in order to ensure readiness for the application of the Directive NIS2. Span also anticipated this and in the past period, it invested in enhanced employment of cyber security experts so that it can provide high quality services to customers in their complying with the Directive NIS2. company is currently implementing. The introduction of the Directive led to holding an education for the users, named NIS2 Directive in practice. During the education, the users had the opportunity to get even more familiar with the Directive. They learnt what the timeframes for the introduction and application are, got explanations of specifics related to the key and important entities and were introduced with the role of the National CERT. The readiness of cyber experts, their expertise and know-how is what will contribute to the implementation and enforcement of the Directive in every company to a great extent. In Croatia, the share of ICT experts among employees is below the EU average. The need for such personnel is great and over time, it will continue to increase, which is why Croatia should strengthen its capacities in the area of the education of ICT experts, especially those related to the cybersecurity area. These are the highlights from the recently published Digital Decade, the first report of the European Commission on the technological development 1.3.4. Impact of the NIS2 Directive on the business community NIS2 Directive was adopted as an update of the 2016 NIS Directive to increase the total level of cybersecurity in the European Union. NIS2 Directive will relate to key service operators and digital service providers, though in a much wider scope - it includes ten mandatory cybersecurity measures, such as incident handling, supply chain security, access control, asset management, education, in Europe. The highlights from the report have special weight when we take into account the ever increasing number of cyber attacks, posing a great risk for the survival of a large number of companies, as well as for the whole economy and society, if adequate protection and experts do not exist. and assessing the effectiveness of measures. The wish is to prevent cyber attacks in supply chains, which have become increasingly common in recent years, and increase the level of cybersecurity at the European Union level. Span employs more than 200 cybersecurity specialists who protect large systems and re-solve real cyber challenges on a daily basis. Their expertise will be available to companies in need of assistance concerning the implementation of the NIS2 Directive. Furthermore, Span Cyber Security Center continuously carries out training customized for all the employees from 14 Cloud Adoption and Opportunities Will Continue to Expand Leading to a $1 Trillion Market in 2024, According to IDC | Business Wire 15 The 10 Biggest Cloud Computing Trends In 2024 Everyone Must Be Ready For Now (forbes.com) 16 Croatian Cyber Security Act (Official Gazette No. 14/2024) entered into force on 15 February 2024 (https://www.span.eu/en/insights/cyber-security-act-application-of-the-nis2-directive-in-croatia/) S P A N A N N U A L R E P O R T 2 0 2 3 4 6 S P A N A N N U A L R E P O R T 2 0 2 3 4 7 the private and public sectors. Their goal is to create defense abilities on the level of the whole organization by means of providing adequate training of all employee profiles, which does not only include the education of the employees dedicated to cybersecurity, but also the ICT employees and all other employees in the organization, including the leading employees and the top-level management. The need for education in the area of cybersecurity is indispensable, which is confirmed by data. This way, by raising awareness and increasing knowledge, it is possible to improve the level of cybersecurity in both the company and one's private life. 1.3.5. The Group Business Strategy The business strategy of the Group is growth based on new technologies, solutions and markets. We design, perform and maintain safe information systems of high availability, directed at a significant increase of productivity of our customers. Operating management services ensure 24x7 data integrity and overall cyber security. We base business systems and solutions on platforms of leading global providers of Cloud technologies – Microsoft, Amazon and Google. We boast experience and expertise by which we ensure scalability, reliability, and cyber security of our solutions. To additionally increase the productivity of our users, we implement artificial intelligence systems integrated in personal productivity tools. We pay special attention to responsible and sustainable operation, corporate management, environmental impact and the wellbeing of the society and our employees. S P A N A N N U A L R E P O R T 2 0 2 3 4 9 2.1.1.1. 30 years of Span In Span, we started to write our history in 1993, when it was officially established as a limited liability company. The exact date when the Agreement on the Establishment of the Company was signed was 23 March 1993, and Span's small software shop was opened in Tesla St. in Zagreb in June of the same year.# SPAN ANNUAL REPORT 2023

Back then, Nikola Dujmović had a vision that Span should follow the path of software, not hardware. That vision and faith in success, together with arduous work and sacrifice, have taken Span to what it is today – a leading Croatian IT company with more than 850 employees that offers high quality services and solutions to global and regional customers. Span entered a new developmental phase of operations in 2021, and went public on the Zagreb Stock Exchange as the first domestic IT company in the past 18 years. There is no organization that has existed in the market for 30 years and has not experienced a series of memorable events, tense moments, tectonic upheavals, and crucial crossroads, and Span is not an exception. Our 30th birthday was a perfect occasion to look back, summarize impressions and launch the shooting of a documentary film about the 30 years of Span. Thus, “Random Access Memory“ was gradually created through recollecting and talking about various themes and moments that have rendered Span as the company it is today, and have made Span employees people that can really take pride in what they have created in these thirty years. A story of what Span means to Span employees. A story about people, our most important resource, and the unique Span atmosphere that makes our company such a pleasant workplace. That is a success story that has been worked on for thirty years. We celebrated our birthday twice. First time, we invited our customers and partners to join us in celebrating this jubilee birthday in September, and then all Span employees from the whole Group gathered and celebrated in December.

2. Key Features of the Period

2.1. Key Events in 2023

2.1.1. Corporate Events

SPAN ANNUAL REPORT 2023 50
SPAN ANNUAL REPORT 2023 51

2.1.1.2. Acquisitions, establishments and dissolutions of companies
2.1.1.2.1. The acquisition

On 31 March 2023, we signed an agreement on the acquisition of 100% share in GT Tarkvara, Tallinn, Estonia. The estimated value of the transaction amounted to EUR 11,377,457.00 with a part of the purchase and sale price that depends on the operating results of GT Tarkvara in 2023 and 2024 being subject to adjustment. GT Tarkvara is a leading 2.1.1.2.2. Establishing a Span company with the registered office in Georgia

On 8 September 2023, the LEPL National Agency of Public Registry issued a decision on the registration of the incorporation of the company under the name Span Limited Liability Company, Tbilisi, Vake District, Nikoloz Kipshidze Street, N12B, Apartment 51, Georgia, ID: 405645734. The founder and sole member of the company is Span d.d. Markets of Eastern Europe and Central Asia are our strategic

of GT Tarkvara, Estonia’s largest Microsoft partner Estonian company for licensing and managing software assets with more than 25 years of experience. Our latest acquisition was realized only a year after the acquisition of the domestic software company Ekobit. focus, which we additionally confirm by establishing this company, alongside our already existing affiliated companies in Ukraine, Moldova, and Azerbaijan. Back when TOV Span in Ukraine was established, we received Microsoft Licensing Solution Provider status for Georgia and Moldova. After registering the company in Moldova, The acquisition of GT Tarkvara confirms our strategic course to further growth and expansion to new markets. The Baltic and Scandinavian countries are extremely digitally advanced and show a growing need for additional expertise in the area of Cloud and Cyber Security, where we are internationally recognizable. “With this acquisition, Span has entered the market of Estonia, one of the most digitally developed we wanted to start registration in Georgia as well, but the COVID-19 pandemic, the Russian aggression against Ukraine and threats to Georgia required special caution. During the year, we have made quality contacts and secured everything necessary to enter the Georgian market. At the same time, Microsoft is consolidating LSP partners in many markets, including Georgia, so this is the optimal moment to enter the market as an experienced medium-sized partner on a global scale. “Span and GT Tarkvara are leading Microsoft partners which have joined their long-term know-how and experience within this takeover. I am happy that our existing customers will now have access to advanced cloud and cyber security services based on Span’s long-term experience in operation with large, global companies,” said Taivo Remmelgas, the owner and member of the Management Board of GT Tarkvara. GT Tarkvara is a reliable partner to the largest companies in the software industry, like Microsoft, Adobe, Veritas, Citrix, countries in Europe. The expertise and market position of GT Tarkvara, in combination with our advanced cloud and cyber security services, are a perfect foundation for further growth and development of Span’s operation in that part of Europe,” said Nikola Dujmović, the founder and President of the Management Board of Span.

2.1.1.2.3. Decision of the Swiss AG Board of Directors on the dissolution of the company
2.1.1.3. Changes in the Supervisory Board

Span Swiss AG, with the registered office in Zug, Switzerland, was established in 2019 and is 100% owned by Span d.d. The company has been inactive since its foundation, as the planned business activities did not even begin due to the coronavirus pandemic. To end the long period of non-operation and in line with the provisions of Swiss legislation, Board of Directors of Span Swiss AG made a decision on the dissolution of the company on 13 November 2023. The resignation of Jasmin Kotur and Zvonimir Banek took effect on 27 April 2023. At the inaugural meeting of the Supervisory Board held on that same day, Mr. Ante Mandić was appointed as the new President of the Supervisory Board by unanimous decision. The meeting of the Supervisory Board was held after the meeting happy that our existing customers will now have access to advanced cloud and cyber security services based on Span’s long-term experience in operation with large, global companies,” said Taivo Remmelgas, the owner and member of the Management Board of GT Tarkvara. GT Tarkvara is a reliable partner to the largest companies in the software industry, like Microsoft, Adobe, Veritas, Citrix, of the General Assembly of the Company that took place on 14th June 2023, where Ivana Šoljan and Mirjana Marinković 17 were elected members of the Company’s Supervisory Board. When submitting proposals for new members of the Supervisory Board, it was the intention of the Company to comply with the provisions of the Code of Corporate Governance of the Zagreb Stock Exchange d.o.o. and the Croatian Financial Services Supervisory Agency on the independence of Supervisory Board members and the composition of the Supervisory Board, which includes members of different genders, ages, profiles and experiences. Symantec, VMWare, and others. It has recorded a continuing revenue growth over years, and is focused on projects related to digital transformation, cloud and cyber security. In addition to the private sector, they are also strongly positioned in the public and educational sector. 17 The Members of the Company’s Supervisory Board are elected for the period from the adoption of the Decision of the General Assembly until the expiry of the term of other members of the Company’s Supervisory Board, i.e. 30 September 2024.

SPAN ANNUAL REPORT 2023 52
SPAN ANNUAL REPORT 2023 53

2.1.1.4. General Assembly of Span d.d.

Invitation to the General Assembly of Span d.d. was announced on 3 May 2023. Based on the provisions of the Capital Market Act and Rules of the Zagreb Stock Exchange, a regular meeting of the General Assembly of the Company was held on 14 June 2023.

2.1.1.8. Resignation of a Member of the Management Board of Span d.d.

Member of the Management Board of the Company Antonija Kapović, submitted her resignation on 15 December 2023. The resignation was submitted for personal reasons and became effective on 31 December 2023. Antonija Kapović's duties will be taken over by a Member of the Management Board, Dragan The full contents of the decisions is available on the following link: General Assembly of Span d.d. Marković, until the expiry of the mandate of this composition of the Management Board.

2.1.1.5. Decision on the utilization of profit and payment of dividend

The meeting of the Supervisory Board of the Company was held on 28 April 2023, during which the Management Board proposed adopting a Decision on the utilization of profits and payment of dividend in the amount of HRK 10.00 / EUR 1.33 per share. The dividend was paid 2.1.1.9. Employees’ representative in the Supervisory Board of Span d.d. elected

Pursuant to Article 164, paragraph 3 of the Labour Act (NN 93/14, 127/17, 98/19, 151/22, 64/23), the employees of the Company, voting in free and direct elections for the employees' representative in the Supervisory Board of the Company, elected Mrs. Barbara Gradečak as the employees’ representative with the term of to shareholders of the Company who were registered as shareholders of the Company in the Central Depository and Clearing Company (SKDD) on 20 June 2023 (record date). The date from which the share of the Company will be traded without dividend payment right is 19 June 2023 (ex date). The claim for dividend payment was due on 3 July 2023 (payment date) in line with the proposal, and dividend was paid from the Company’s profit realized in 2022 18. office of 4 years, starting on 29 December 2023.

2.1.1.10. Acquisitions and disposals of own shares

On 31 December 2022, the share capital of the Company consisted of 1,960,000 shares with the nominal value of HRK 10, and the Company held 20,029 own shares. Acquisitions and disposals of own shares over the year:

2.1.1.6.# I m p l e m e n t a t i o n of the registration of share capital adjustment

Based on the Decision of the General Assembly of the Company of 14 June 2023, in line with the Law on the Introduction of the Euro as the Official Currency in the Republic of Croatia (Official Gazette 57/22, 88/22) the Commercial Court in Zagreb on 29 September implemented and on 30 September 2023 published the registration of the share capital adjustment in line with the Companies Act (Official Gazette 111/93, 34/99, 121/99, 52/00, 118/03, 107/07, 146/08, 137/09, 125/11, 152/11, 111/12, 68/13, 110/15, 40/19, 34/22, 114/22, 18/23). The Company's share capital was adjusted to the Euro and was increased from EUR 2,601,367.04 by the amount of EUR 1,318,632.96 to EUR 3,920,000.00, with the increase of the individual nominal amount of common shares with the stock symbol SPAN-R-A from EUR 1.33 by EUR 0.67 to EUR 2.00. Accordingly, the Articles of Association of the Company have been also amended.

2.1.1.7. ESOP – allocation of additional shares

Pursuant to Article 474 of the Capital Market Act, on 12 October 2023, the Company released 4,178 own shares, in line with the terms and conditions announced in the Prospectus regarding the public offering and listing of shares on the regulated market, which refers to the allocation of Additional Shares that the Issuer will allocate to an individual Employee in accordance with the ESOP program. Prior to the said release, Span d.d. owned 20,076 own shares, representing 1.0243% of the share capital, and after the release, it owns a total of 15,898 shares, representing 0.8111% of the share capital.

18 In the business year that ended on 31 December 2022, Span Group made net consolidated profit in the amount of HRK 50,536,506.14, and net profit of Span d.d. was HRK 41,944,428.10 After the noted acquisitions and disposals, on 31 December 2023, the Company held 15,673 shares, which was 0.7996% of the share capital of the Company 19.

19 The share capital of the Company amounts to EUR 3,920,000.00 and is divided into 1,960,000 shares with the nominal value of EUR 2, under the security code SPANR-A and the ISIN code HRSPANRA0007 (https://eho.zse.hr/obavijesti-izdavatelja/view/51651).

Date Corporate event Purpose Number of shares Number of shares after corporate event % of share capital before corporate event % of share capital after corporate event
30 March 2023 Disposal of own shares Share Buy-Back Program 6,415 13,614 1.0219% 0.6946%
6 April 2023 Disposal of own shares Share Buy-Back Program 70 13,544 0.6946% 0.6910%
28 April 2023 Acquisition of own shares Share Buy-Back Program 3,411 16,955 0.6910% 0.8651%
21 June 2023 Disposal of own shares Share Buy-Back Program 4,615 12,340 0.8651% 0.6296%
3 July 2023 Acquisition of own shares Share Buy-Back Program 2,911 15,251 0.6296% 0.7781%
4 August 2023 Acquisition of own shares Share Buy-Back Program 100 15,351 0.7781% 0.7832%
8 August 2023 Acquisition of own shares Share Buy-Back Program 4,419 19,770 0.7832% 1.0087%
9 August 2023 Acquisition of own shares Share Buy-Back Program 60 19,830 1.0087% 1.0117%
10 August 2023 Acquisition of own shares Share Buy-Back Program 500 20,330 1.0117% 1.0372%
14 September 2023 Disposal of own shares Share Buy-Back Program 254 20,076 1.0372% 1.0243%
12 October 2023 Disposal of own shares ESOP - allocation of additional shares 4,178 15,898 1.0243% 0.8111%
13 December 2023 Disposal of own shares Share Buy-Back Program 225 15,673 0.8111% 0.7996%
As of 31 December 2023 15,673 0.7996%

SPAN ANNUAL REPORT 2023 54
SPAN ANNUAL REPORT 2023 55

2.1.2. Business events and achievements

During 2023, we continued to provide solutions of excellent quality to our customers. We expanded our team and improved internal processes and services that will be available in 2024. The Project Management Department grew by 34% in 2023, and to be able to ensure our colleagues the simplest possible onboarding and monitoring of their development, we developed a new onboarding system and released it in the internal Learning Management System. The Project Management Department manages projects on the level of the whole Span Group, which is confirmed by the percentage of implemented projects, more than 60%, under the competence of the Project Management Department. Most projects implemented in 2023 related to migration or consolidation of data from on-premises services to cloud. The scope of those projects included work in several countries, ensuring compliance, security and efficiency, and reducing costs, complexity and potential risks. We also started to prepare for the implementation of Microsoft AI solutions for customers, such as Microsoft Copilot, Unified Endpoint Management and Data Governance.

2.1.2.1. Software Asset Management and Licensing

Span is a leading Microsoft partner for the provision of licensing, technical support and consultancy services. Licensing and software asset management services are based on a set of procedures and best practice, which are instrumental in cost optimization and licence managing. Analysing the overall operation of users, we identify the actual needs for adequate software and optimize its use. In this way, we strive to make savings and reduce IT risks, and become a long-term consultant of users when it comes to their software asset management. During 2023, by hiring new employees, we further enhanced our teams for technical support related to delivery and license management, and software asset management. Most projects and the renewal of user contracts in 2023 continued the trend of the transition of users to cloud. Optimizations were made for the existing cloud users in accordance with the needs of the business. Span’s Software Asset Management services are not dependent on a vendor, and special expertise is connected to Microsoft solutions. Late last year, Microsoft made a significant shift towards AI-based solutions and issued a product, Copilot for M365, which generated great interest among users. We accompanied it by offering a whole portfolio of services that will enable users the preparation of the environment and optimum application. As of this year, SAP optimization and negotiations for licensing the new service are available in our portfolio. In that area, we also established a new partnership with Voquz Labs. We are continuing to develop the existing portfolio of services and license selling.

The Cloud Services department deals with providing support to users when it comes to adopting, migration and production of solutions based on public, private and hybrid cloud, using IaaS and PaaS service models. In 2023, within the department, we formed two new teams – Cloud Security and Private and Hybrid Cloud. The Cloud Security Team was established at the very start of the year so as to enhance security competences in the area of cloud security. Services provided by the department include analysis and production of reports on the current status of the user environment in cloud in terms of security, and implementation of security solutions specializing in protection of data, applications and identity in cloud. The Private and Hybrid Cloud Team is assigned with implementation of solutions primarily intended for data and application hosting in the customer's data center, but supporting all the characteristics and features of solutions in the cloud. Thus, we geared up for a trend where corporations do not exclusively use private data centers, or exclusively public clouds, but rather hybrid solutions that provide flexibility. Projects based on the Microsoft Azure platform were most prevalent in 2023. We continuously monitor technological development in order to be able to offer our customers the best services that are in line with the best practice at any time. In addition, we continued to invest resources in AWS and Google Cloud Platform. The most significant project we implemented and which did not involve the Microsoft platform related to analysis and migration of the existing on-premises environment into Google Cloud Platform, using IaaS and PaaS solutions.

2.1.2.2. Infrastructure Services, Cloud & Cyber Security

In the Infrastructure Services, Cloud & Cyber Security segment, we provide users with complete solutions, which include the design and development of information systems, taking care of security and cloud services.

The Solution Consulting Services (SCS) department gathers experts who possess specific knowledge and skills in the areas of project management, architecture of solutions and solution engineering. Our focus is on providing top-level services in shaping, planning, adopting and implementing projects related to Modern Workplace and Modern Desktop solutions, SAP Basis and on-premises technology. As in the prior year, we continued to make analysis and plans for the migration of existing on-premises environments into cloud, so we launched such a project for a large regional bank. A positive trend of the increasing use of public cloud as well as the platform for migration of## 2.1.2.2. Software & Business Solutions Development

Existing and development of new applications was recorded with Croatian banks. Thus, during 2023, we started a cooperation on migration projects for two banks in Croatia, and we are continuously working with the third one on the implementation of new business solutions based on technology in the public cloud. The Cyber Security department focuses on creating, designing and delivering security solutions. With already available Span services such as the Security Operations Centre (SOC), solutions in the area of offensive, defensive, and proactive cyber security were introduced. In 2023, we presented two new services in the market, “Threat Hunting“ and “Red Teaming“. Threat Hunting is a repetitive and proactive protection measure that detects threats from the environment, and Red Teaming is an offensive service whose goal is to perceive and report studied user’s weaknesses. Due to the increase in workload, we continued to employ cyber security experts this year as well. We noticed an increased demand in the market in the areas of risk management and compliance. During the year, our Red Team intensively provided its services in the regional and international markets, which resulted in an increased number of customers, and thus a 45% increase in the number of reported incidents. We are continuously working on improving our security operations center, which has been recognized by customers, whose numbers continue to grow, and our wish is to standardize and automate SOC services. During the year, we took part in resolving a series of security incidents and are proud of the fact that all those incidents were resolved without major consequences for the operation of our customers. We are also proud of the conducted PEN tests with local and international customers, where we showed a high level of expertise and set high standards for their implementation. Moreover, our Information Security Team assisted customers during the whole year in improving the level of security and compliance. We placed a special focus on preparing for the implementation of the incoming NIS2 Directive and DORA regulation.

Business cooperation with Ekobit, a company we acquired in 2022, is becoming more and more intense through cooperating on projects and learning programs. We develop applications in Microsoft technologies: C#.NET, with Angular as a frontend. On-premise installations are almost completely overshadowed by deployments in Azure, as well as by intensive use of Azure as a development platform. We also launched the DevSecOps process through cooperation with MEND and procurement of licenses that have enabled us to implement security testing in the existing DevOps processes by means of an automated process. Moreover, we are also working on the development of competences for the implementation of mobile applications using React Native technology, which enables concurrent development for iOS and Android mobile platforms using the same source code. Furthermore, we started development in containerization environments, which provide us with a simulated environment that is the same for all engineers. The projects we implemented in 2023 mostly related to foreign customers, but some of them were also related to the improvement of Span's operation. Thus, for example, the Asset Management Tool that was developed for the largest world's restaurant chain reached installation in 99.25% restaurants, or, more precisely, in 41,400 restaurants in 93 markets. In the same restaurant chain, a solution for the collaboration of employees was developed and installed in the United States and most European countries. Within the Data Platform program, we developed two portals, CustomerVoice and Data Platform Portal, in a large restaurant chain for coffee and beverages. Both portals are used to collect the experience of users with a view to improving operation. One of the projects that certainly marked last year was PassSport, a startup which enabled us to develop new skills for the implementation of mobile applications, as well as new modern architecture for their development. We upgraded the existing solution span.zone with a new product, Licence Zone, which ensured the replacement of the existing Cloudmore portal and better monitoring of the needs of customers and licenses they use. Replacement will be completed next year, and the goal is achieving savings and opening multicloud sales of licenses (AWS and Google Cloud license).

In 2023, restructuring was carried out in Ekobit by means of introducing team and team leaders. A Quality Assurance team (software testing) was also formed, and all those who carry out tests were unified, so that they would have equal guidelines for technology and career development. Besides, the Business Analyst roles were separated from the classical development role, and this was implemented on an analysis project for a large international customer. As this is the first split into teams, it is important that team leaders take responsibility and manage them. A continuous development of technical and soft skills is crucial, as is goal setting and valuing team members – all this in line with career path. The manner of work was reshaped during 2023 from agency to project type, and even though at first sight it might seem simple, it requires a change in the attitude and way of work of all employees. As Ekobit has been relying on Span to a greater extent, as required, we are joining team resources to ensure the delivery of certain services or solutions on an excellent level. Therefore, Ekobit's premises in Zagreb Tower were cancelled, and teams were joined at the premises of Span. Significant savings have thus been made, and the hybrid model of work allows for the maximum utilization of the existing premises. In addition, we are organizing meetups in four cities – Zagreb, Varaždin, Osijek and Rijeka, in joint cooperation, all this with the purpose of connecting with the local community.

One of the projects in 2023 that is worth emphasizing is the development of BDX as an anonymization solution. Although the project started as the development of BDX as a product, it was concluded that instead of a generic BDX solution, a solution that adjusts to the specific needs of the customer is a better direction. With this approach, BDX maximized its profitability.

A decrease in market demand for software development services was felt in 2023. For example, the hitherto stable and active Scandinavian market reduced investments in new products and solutions and turned to savings, which consequently led to decreasing demands from that market. Partners selling technological solutions in those countries show nervousness due to slowing growth and reduced need for new digital solutions. The existing solutions are amortized and there is more support for already delivered solutions than the production of new ones. In 2023, we reinforced the Software Solutions department with Data Processing and Identity management teams and solutions. There are two crucial reasons for that – every user portal requires authentication, and identity is the first level. For that reason, we want to approach digital identity and authorization by means of a specialized team.

Leading Croatian hotel chains and a leader in tourist accommodation generally selected Span for the implementation of the CRM system for data unification on customers and management of all guest relations including the loyalty platform, processes and automation of marketing communication. In the same year, we continued to implement the CRM system for the contact center of an insurance company in Croatia, and launched a CRM project in a leading production company in the energy sector.

2.1.2.4. Service Center Management and Technical Support

The Service Center Management and Technical Support segment achieved significant success in 2023, following the latest technology trends. Our goal is to continuously provide superior customer support by means of implementing the latest technology solutions while focusing on the latest Microsoft technologies, including the Azure cloud platform and related services.In 2023, Ekobit retained its large customers and, together with Span teams, worked on diverse products such as span.zone and Licence Zone, as well as the PassSport platform. In the future, we strive to consolidate resources, turn to more profitable models of work, and develop domain knowledge in Ekobit. We believe domain knowledge will be crucial for providing added value on the labor market in the long run. Simple items will be assisted by AI, and domain knowledge will be required for the description and understanding of the issues, which is what the company is preparing for. The Enterprise Business Solutions department develops solutions on the Microsoft Business Applications platform with the focus on Microsoft Dynamics 365 and Microsoft Power platforms. At the start of 2023, our Delivery Department, which saw strong development during 2022 and is key in the solution development and delivery, was divided into three teams. The newly renamed Business Applications Department now consists of Functional Consultants, Data and Development team. During 2023, Microsoft continued to strongly invest in and develop the Business Applications Platform, constantly improving it with new functionalities. The greatest emphasis was on functionalities and application of AI in specific business processes. With omnipresent AI, the greatest development focus was in the domain of omnichannel communication, integrated Teams telephony and real-time marketing automation. Based on our large experience and capacity to provide services, this year we became the holders of the Microsoft Business Application Partner status, which confirms the expertise in the delivery of solutions through Dynamics 365 and Power platform. Projects we implemented in 2023 only confirm that. Thus, we continued to implement the CRM and Marketing Automation System for a global pharmaceutical company in several markets. We also produced a tablet application on the Power Platform for the creation and administration of customer's orders. The application itself is deeply integrated with several systems, including the ERP and CRM systems. We successfully started projects with one of the leading car companies, where we implemented a system for the management of car pools and leasing. Moreover, one of the In 2023, we successfully resolved more than 202,000 customer incidents, providing fast and effective response to our customers. This result confirmed our team's commitment to providing superior services. In addition, we got an exceptionally high score from our customers – the average satisfaction score was 4.95 out of 5. This score is the result of the analysis of 2,220 responses to randomly sent polls which we carried out in order to continuously improve the quality of our support. Dominating technologies in our business segment arose from the operation of the Microsoft Azure ecosystem, even though competencies for all cloud service providers are acquired within Span support. Cloud technologies provided a stable infrastructure and optimization tools to our many customers, and in 2023, we focused on security and optimization challenges as well as projects for our users. The internal integration of AI tools within the Service Center Management and Technical Support enabled the optimization of internal processes, which will be a major focus in the following year. Those tools provided us a deeper insight in the performance of the system and identification of potential problems before they impact customer experience. In 2023, we accomplished excellent results in resolving customer requests, achieving high customer satisfaction scores. The focus on employees and certification additionally enhanced our department and improved the quality of our services. SPAN ANNUAL REPORT 2023 61

2.1.2.5. International operations

We received Microsoft Partner of the Year 2023 award for the second year in a row as confirmation of our effort and delivery of superior solutions to our customers.

Slovenia

Span Slovenia has operated for almost 10 years, and in 2023, we achieved growth in all business segments, with Solution Consulting services adjusting the portfolio of products and services to the growing needs of customers in that market. Coordinated marketing activities increased the awareness of the Span brand and enhanced our position between competitors and customers, with the main focus on the financial sector (FSI), telecommunications (TelCo) and fast-moving consumer goods (FMCG).

Azerbaijan

The market development strategy in Azerbaijan is directed at ranking at the first place. This segment plays a crucial role in ensuring a stable growth and helps establish independence from fluctuations in licensing services. Due to a higher amount of work in the areas of Solution Consulting and sales support, in 2023, we employed four new colleagues. We are continuously monitoring changes in the preferences of our customers and market trends. A growth in demand for services related to security – especially in the areas of Endpoint Detection and Response (EDR) and eXtended Detection and Response (XDR) is noticeable. The increased focus on security solutions confirms the growth of awareness regarding risks brought about by cyber attacks, and of how much investment in cyber security will be important for the future of any business. Along with cyber security, artificial intelligence (AI) is also witnessing a growing trend. Business entities from various sectors are showing increasing interest in the use of AI technologies with the purpose of improving the operational effectiveness, decision-making processes and the overall results. A series of implemented projects in 2023 related to the implementation of the Azure Landing Zone, the purpose of which was to establish solid foundations for the implementation of the Azure solutions. In this way, we have significantly improved our cloud service portfolio, enabling our customers effective, secure and adjusted solutions. In 2023, we recorded a zero employee turnover rate, proving a high level of satisfaction within our team. This success shows our commitment to developing a positive and team environment at work that values the growth and progress of every individual. Satisfied employees do not only contribute to a stable and experienced team, but maintain our constant effort in encouraging the personal and professional development of each of them.

A large number of companies in Azerbaijan are undergoing the process of digital transformation, which consequently leads to an even greater demand for services in the area of cloud and security, software asset management, and infrastructure services. Piracy is still present, but a significant progress in the legalization of the use of software has been achieved. For that reason, an increased need for services in the Software Asset Management segment is expected in the following years. The number of projects in the public sector in Azerbaijan is further increasing. The goal is to increase productivity, transparency and security of public entities. We continue to invest in the knowledge of our experts so that we can continue to provide services and solutions at an excellent level, with the focus on cloud and cyber security. The number of our projects is on the rise, and in 2023 we are especially proud of the first penetration test conducted with a customer in the finance sector and a project of the implementation of Microsoft 365 licenses, with the continuation of consulting services provision for customers in the FMCG industry.

Moldova

Span's affiliated company in Moldova has operated for two years and in that period we have been committed to our positioning in the market and appealing to new customers. In 2023, most of our customers came from the public and financial sectors, and when we speak of the size of our customers, most often, they were large companies.

Ukraine

The population and economy of Ukraine in 2023 adjusted to life and work in war conditions. The trend of the relocation of operations to safer areas was still present, which created conditions for new employment. A part of the Ukrainian population returned from forced migrations, and commercial, production and agricultural companies expanded alternative export routes. The companies dealing with service activities expanded their operations to neighboring markets. All this resulted in a positive impact on the Ukrainian GDP. The aforementioned factors also positively influenced the IT industry. Increased investments into cloud and information security were also observed. It was in the area of information security that we implemented numerous projects in 2023, and some of them were implementation of solutions like Microsoft Entra, Defender, Purview, Intune, Azure Monitor, Backup, Site Recovery and Azure Networking Services. Microsoft remained the leading technology provider in the cloud for Ukrainian customers via the Azure platform, and we offered implementation services. Owing to the increased demand for IT services, our number of employees increased by 30%. The increase of the number of employees was followed by the increase of the number of new customers. Cloud and cyber security, infrastructure services and services of the Security and Operations Center (SOC) are often demanded in our market. The projects we want to emphasize relate to the banking sector.# 2.1.3. Awards, recognitions and achievements

2.1.3.1. Awards, recognitions and achievements

2.1.3.1.1. Listing into CROBEX10 ® and CROBEX10tr ®

Based on the data on share trading from 1 September 2022 to 28 February 2023, our share was included among the 10 most liquid shares on the Zagreb Stock Exchange. Those results enabled our share the entry within the CROBEX10® and CROB10tr® indices.

Remote and hybrid work are the new normal. The coronavirus pandemic speeded up the process of digital transformation, which is why it is not surprising that a high demand for cyber security solutions, penetration testing and cyber resilience is noticeable. Along with this, data management and data analysis are high on the priority list of customers. In 2023, we realized long-term business cooperation in the public sector of the Czech Republic, Lithuania and Estonia. We are especially proud of a project we implemented in cooperation with Microsoft, which related to ensuring a high level of cyber security regarding parliamentary elections in Estonia. Furthermore, we implemented identity and access management projects as well as system management projects for the largest operator of the electromagnetic network in Estonia.

More than 660,000 Span’s shares worth EUR 22 million have been traded in a year and a half. A growth of the share of almost 113% was recorded, and the number of shareholders increased to more than 1,700 from the initial 1,200.

“I am proud that we managed to enter CROBEX10® and CROBEX10tr® in such a short time. The liquidity of Span’s share was one of the main goals in the IPO. We are happy that we continue to be interesting to investors, that interest does not wane, and this is confirmed with the datum that our share is traded almost on a daily basis,” said Nikola Dujmović, the founder and President of the Management Board of Span.

The price of the share increased by 31.4% in the observed period.

2.1.3.1.2. Enlisting in the Frontier Markets Small Cap Index

The largest global provider of share indices, MSCI, published its regular revision of the Frontier Market Index in August of 2023 and enlisted our share in the MSCI Frontier Market Small Cap Index. The index analyzes shares from 28 countries, and now, along with ours, it boasts 12 shares from the Croatian market. The shares included in this index receive increased visibility and become the focus of global investors.

In the observed period of 2023, 466,700 shares were traded, and the turnover made with the share was EUR 25,301,207.10.

2.1.3.1.3. Zagreb Stock Exchange award for the stock with the highest increase in trading volume

Zagreb Stock Exchange Awards were presented for the twelfth year in a row. In selecting the best performers, the Awards Committee considered objective and statistical criteria, as well as the overall contribution to the education and development of the domestic capital market. The award for the stock with the highest increase in trading volume compared to the previous year was won by Span.

In the 11 months of 2023, 561,371 shares of Span were traded, marking a 70 percent increase compared to the same period last year. The total value of transactions amounted to almost EUR 30 million.

2.1.3.2. Awards, recognitions and achievements in operations

2.1.3.2.1. Microsoft Partner of the Year 2023 in Croatia and Ukraine

At the end of June, we were awarded as Microsoft Partner of the Year 2023 for Croatia and Ukraine. This award honors the best partners for demonstrating excellence in their work and delivering solutions based on Microsoft technologies.

Microsoft’s Partner of the Year is granted to companies that have successfully conceived, developed and implemented solutions using Microsoft technologies. The award is bestowed in several categories, and winners are selected among more than 4,200 nominated companies from more than 100 countries worldwide. We have been awarded for providing superb services and solutions in Croatia and Ukraine.

“This recognition is the result of our long-term relationship based on mutual trust and the quality work of our experts who always find the best way to improve the business of our users. There are more than 850 employees in Span today, and the desire for knowledge and constant improvement is our greatest strength,” said Nikola Dujmović, President of the Management Board of Span.

“Congratulations to the winners and finalists of the 2023 Microsoft Partner of the Year Awards!” said Nicole Dezen, Chief Partner Officer and Corporate Vice President of Global Partner Solutions at Microsoft. “Innovative new Microsoft Cloud technology solutions and services that positively impacted the digital transformation of their users are this year’s winners.”# Microsoft Advanced Specializations

Microsoft Advanced Specializations are a guarantee of excellence and are awarded to the most professional Microsoft partners. We are proud to announce that we acquired Low Code Application Development.

Span Becomes the Holder of All Six Microsoft Solution Partner Statuses

We have become the holders of all 6 Microsoft Solution Partner Statuses. Microsoft has categorized areas where its partners can prove great experience and abilities in providing services, and those areas are Business Applications, Data and AI, Digital and App Innovation, Infrastructure, Security, and Modern Work. The sixth Partner Solution Status that has complemented our collection relates to the area of Business Applications with the focus on the delivery of solutions through Dynamics 365 and Power platforms.

The market of tools for low code application development is growing very fast, especially in the past couple of years. Using the Microsoft low code application development platform, which includes Microsoft Power Apps and Microsoft Power Automate, we help users quickly develop adjusted and flexible low code business solutions that integrate already existing systems and data with the purpose of initiating innovations and effectiveness across organizations. The Microsoft Low Code Application Development Specialization demonstrates our tested knowledge, valuable experience, and recorded success in providing support to customers who apply Microsoft Low Code solutions.

Microsoft continuously improves its partner program by introducing new, merging the existing ones, and revoking individual partner programs. Advanced specializations and Solution Partner Statuses are interconnected in technological entities. Transition periods of the renewal of the existing statuses.

“Our path to this achievement was marked with investing in the knowledge and skills of our employees, who are our greatest power. By obtaining this Microsoft Solution Partner Status, we have proven once again that we are continuously working on providing the best services and solutions for our customers,” said Mihaela Trbojević, Product Marketing Director of Span.

Microsoft uses advanced specializations to identify best partners who will respond to specific needs of users, and we are proud to be a part of that collective. We are also proud that this specialization reflects Span’s long-term commitment to achieving excellent results and justification for the trust of our customers.

Span Annual Report 2023

2.1.3.2.2. Low Code Application Development

The Microsoft Advanced Specialization for Low Code Application Development was awarded to Span. This specialization recognizes our expertise in helping clients leverage Microsoft Power Apps and Microsoft Power Automate to build custom business solutions quickly and efficiently.

2.1.3.2.4. Hewlett Packard Enterprise Gold Partner Status

We are proud to have been successfully renewing the Hewlett Packard Enterprise Gold Partner status for many years now, and 2023 is not an exception. This is new evidence of our dedication and excellence in the area of hybrid cloud with tested quality products and services of the IT and technical solutions related to data protection. The demonstration of our expertise in the HPE hybrid cloud portfolio and completion of the training program and certification for HPE hybrid solutions are a confirmation of the high level of knowledge of Span’s experts. Thus, our focus on helping users by implementing demanding and complex HPE solutions so that they could respond faster to unpredictable business requirements.

2.1.3.2.5. Saviynt – Fastest Transaction in 2022

In 2022, Span became a partner of reputable Saviynt, a global leader in the area of smart solutions related to identity management, and we have already won their award. In London, at the conference of Saviynt’s partners and customers, we were awarded for the Fastest Transaction in 2022, or, for an agreement signed in the fastest way. With Saviynt tools and platform, we work on the implementation of solutions in the area of identity, access, and supervision, and this award is another confirmation that Saviynt made a good decision when they gave us their trust.

2.1.3.2.6. Span CyberGRX Benchmarking

For our customers, especially international ones, the way we manage our information security is becoming ever more important given the services we provide to them. Therefore, we are receiving an increasing number of diverse inquiries where we answer questions about our business processes (employment, awarding the right to access, incident management, etc.) related to data protection. To minimize the number of various questionnaires with identical or very similar questions, last year, we completed a questionnaire created by CyberGRX. CyberGRX is dedicated to transforming third-party cyber risk management for companies around the world. Span underwent an assessment by its providers through the CyberGRX digital platform in 2023 as well, and received high ratings for its information security management maturity. CyberGRX is utilized worldwide by companies that, like Span, provide services to global enterprises, to assess their business process maturity and security measures. We want our users to understand that we prioritize the security of both our data and theirs, proving that we are a dependable strategic partner. Our users can access the CyberGRX platform to see for themselves that Span is their loyal ally that genuinely values security.

2.1.3.2.7. Seventh ISO Certificate

Implementation of ISO standards is an important factor for increasing competitiveness in the international market, so we are rejoiced at the fact that in its operation, Span applies as many as seven of them. Our latest certificate is for ISO 22301, the international standard that provides additional recognition. ISO 22301 allows us to better manage risks and emergencies and ensures the continuation of business even in unpredictable situations – and, as we all know, unfortunate circumstances happen more often than we could have imagined a few years ago. It is a valuable tool for Span because it promotes systematic thinking and continuous improvement and strengthens relationships with stakeholders.

2.1.3.2.8. Croatia Grand Prix Security 2023

In September, we were awarded Croatia Grand Prix Security 2023 in the media promotion of security for our campaign “SAFETY NET – bitka za sigurnost“ (Battle for Security), which we carried out in cooperation with the Split–Dalmatia Police Administration, DUMP Association of Young Programmers, Radio Split, and Split–Dalmatia County Security Committee. The goals of the campaign were making citizens aware of the real danger of being exposed to criminal acts in the area of cybercrime, which most often involves online and social media scams, and slowing down the negative trend of the increasing number of criminal acts in the area of cybercrime. The campaign was carried out through direct contact with citizens – especially those who are not very good at technology. It was also covered by the media on radio and TV stations, in daily newspapers, and on web portals.

Span’s result in all categories was above 80%, and what makes us especially happy is the result of the maximum 100% in the part related to inclusion and well-being of our employees. In the year in which the recertification criteria were made significantly stricter, we achieved a total result of 90%, which is also higher than the average of other certified organizations by 8%.

Results on Employee life cycle steps
100 %: Recruiting and employment, Onboarding and development, Inclusion and inspiration, Transformation and growth, Retention and well-being, Leaving and returning, HR strategic counselling
75 %
50 %
25 %
0 %

All this is only an indicator of the continuing effort we invest in attracting, recruiting, retaining, and developing employees – in short, in the overall care for employees.

2.1.3.2.9. TD Synnex Solution Days 2023

A recognition for excellent selling results in the security sector was handed to us at the TD Synnex Solution Days 2023 – Highway to Cloud in Crikvenica. We provide security solutions to our customers and give recommendations for improvement measures to each customer with great attention and commitment. For all those reasons, we are grateful and proud that our effort has been recognized, and we consider this occasion another strong impetus for us to continue striding forward.

2.1.3.2.10. CEP Recertification

We started 2023 with the third successful Employer Partner recertification. With the Certificate Employer Partner (CEP), the leading Croatian consultancy company, Selectio, once again acknowledged the excellent practice of Span and the high quality in the area of human resource management.

2.1.3.2.11. SAP Success Factors - Contract Signed

In the second quarter, we officially started the implementation of the new HR system – SAP Success Factors. SAP SF Enterprise is a solution that is used by more than 9,400 organizations worldwide and brings us the best HR practice that includes process automation, a higher level of reporting, and monitoring procedures within Span Group. SAP SF has been granted the Gartner recognition of the leader in the area of cloud HR solutions for the sixth year in a row, for companies with more than 1,000 employees. This recognition additionally confirms its value and continuous implementation.Our HR processes were evaluated in 7 categories (so-called employee life cycle steps) – from recruiting and employment, onboarding and development through inclusion and inspiration, transformation and growth, innovativeness by which it follows changes in the current dynamic market. Transition from the current software to the new one is driven by the high growth last year and the need for the improvement and optimization of processes that will continue to support Span's development. Besides, the new application will enable us to centralize existing processes and procedures and standardize them at the level of the whole Span Group.

2.1.3.2.12. Volunteering Oscar Award

Even though nobody volunteers to get an award but to help and support those in need, sometimes it is nice to see that our effort and initiatives have been recognized. The latest recognition of our volunteering actions came in the form of the Volunteering Oscar Award, organized by the Volunteers’ Center Zagreb, and Span won it in the Companies category. In the last two years, we have invested a lot in corporate volunteering, finalized the official Policy on Corporate Volunteering, and signed the Charter of Employee Volunteering. We have also done a big volunteering action with O2 project and volunteering projects based on our skills for associations Hrabri telefon and Nismo same. This Volunteering Oscar has crowned our efforts, confirming that we are going in the right direction and giving us a new drive to continue giving back to the community in an even more ambitious and organized manner through numerous similar actions.

2.2. Financial indicators for 2023

2.2.1. Operating Revenue, EBITDA and Net Profit of Span Group

Metric 2023 Value YoY Change
OPERATING REVENUE EUR 142.8 mil. +30%
EBITDA YoY before one-off items EUR 7.1 mil. -25%
EBITDA YoY EUR 5.6 mil. -39%
NET PROFIT YoY after one-off items EUR 1.2 mil. -81%

2.1.3.2.13. Span - ”Health- Friendly Company”

Span has always been a company that pays special attention to the health and well-being of its employees. With that in mind, in cooperation with the Croatian Institute of Public Health, in the spring of 2023 we officially started the process of certification and acquiring the right to display the "Health-Friendly Company" title. This title is acquired within the framework of the "Live Healthy" National Program, which was designed and launched by the Ministry of Health and the Croatian Institute of Public Health, and it is given to companies that recognize healthy values and care about improving the health of their employees. The certification process involved organizing various lectures and workshops on topics such as nutrition, physical activity, and mental health, as well as diverse actions and initiatives in which a large number of our employees participated throughout the year. A company that wants to acquire the "Health-Friendly Company" label must meet certain criteria assessed and set by a team of Croatian Institute of Public Health’s experts, which are divided into six areas – nutrition, promotion of physical activity, protection of the health of employees at the workplace, smoking ban, alcohol consumption ban and environmental care. According to the recommendations and guidelines for earning the "Health- Friendly Company" label, last year we set specific goals in the first three areas (because the other three are implied, to a certain extent) and we’re proud to report that we’ve successfully achieved them.

2.2.2. Operating Revenue, EBITDA and Net Profit of Span d.d.

Metric 2023 Value YoY Change
OPERATING REVENUE EUR 99.6 mil. +9%
EBITDA before one-off items EUR 3.8 mil. -52%
EBITDA after one-off items EUR 3.3 mil. -57%
NET PROFIT after one-off items EUR 0.5 mil. -92%

2.2.3. Key features of the period – 2023

Profit and Loss Account – shortened

Revenues

The total consolidated revenue increased by EUR 29,191 thousand, or 25% compared to 2022. Operating revenue increased by EUR 32,666 thousand in the observed period. The highest growth was recorded by the Software Asset Management and Licensing segment, mostly as a result of the acquisition of GT Tarkvara. In the same period, Span d.d. recorded an increase of revenue by EUR 8,694 thousand, or 9%. The growth mostly came from the operating revenue, which increased by EUR 8,266 thousand. The strongest growth of revenue was recorded in the Software Asset Management and Licensing segment, amounting to 16%.

Operating expenses

Total consolidated operating expenses increased by EUR 32,829 thousand, or 31% compared to 2022. The greatest generator of the growth of expenses was the cost of the goods and services sold, following the revenue growth. The increase of personnel expenses was EUR 6,398 thousand, and resulted from the higher number of employees in the segment of IT services with high added value. The average number of employees in the Group in 2023 was 834, whereas in the prior year, the average number of employees in the Group was 704. Other operating expenses of the Group decreased by EUR 1,496 thousand compared to 2022. Total expenses of Span d.d. increased by EUR 13,082 thousand, or 16%. The highest growth resulted from the cost of goods and services sold, following the revenue growth. The personnel expenses increased by EUR 4,165 thousand, or 22%. The average number of employees in the Company in the observed period was 626, an increase compared to the prior year when the average number of employees in the Company was 538. Most of the new employees were employed in the segment of IT services with high added value.

EBITDA

EBITDA of the Group before one-off items was EUR 7,111 thousand. One-off items of EBITDA of the Group were EUR 1,463 thousand and related to:
1) value adjustment of receivables in Span Slovenia for Studio Moderna;
2) cost of tax and surtaxes on capital gains, resulting from the Share Allocation Plan awarding employees of Ekobit, defined in the purchase and sale agreement;
3) expenses resulting from the acquisition of GT Tarkvara;
4) reserved expenses for the ESOP program for the allocation of shares to employees. According to the requirements announced in the Prospectus, Span will award every employee who keeps in their ownership one or more ESOP packages in a period of three years with 25% shares in relation to the number of shares the respective employee holds within the ESOP package. After the expiry of the first year from the date of the public announcement of the results, 5% of the total number of shares will be allocated, and 10% will be allocated upon the expiry of the second and third years each.

EBITDA of the Group after one-off items in the observed period was EUR 5,648 thousand and recorded a 39% decline compared to the same period of the prior year. Span d.d. recorded a fall of EBITDA before one-off items of EUR 4,139 thousand, or 52%, amounting to EUR 3,759 thousand. In the observed period, Span d.d. recorded EBITDA fall after one-off items of EUR 4,388 thousand to EUR 3,339 thousand, a drop of 57%. In 2022, Span d.d. started a new investment cycle by employing experts in the segment of services with added IT value, which led to an increase of salary expenses as the main driver of the fall of EBITDA.

Span Group (in thousands of EUR)

2022 2023 ∆ %
Total revenue 115,140 144,331 25%
Operating revenue 110,170 142,836 30%
Other revenue 4,970 1,496 -70%
Total costs 105,854 138,683 31%
Costs of goods and services sold 66,768 94,695 42%
Personnel expenses 25,799 32,197 25%
Other business expenses 13,288 11,791 -11%
EBITDA before one-off items 9,533 7,111 -25%
EBITDA one-off items 247 1,463 491%
EBITDA after one-off items 9,285 5,648 -39%
Depreciation and amortization 2,572 3,559 38%
EBIT 6,714 2,089 -69%
Net financial result (226) (343) -52%
Profit/loss before taxation before one-off items 6,734 3,209 -52%
Profit/loss before taxation after one-off items 6,487 1,746 -73%
Corporate tax (223) 499 324%
Profit/loss after taxation before one-off items 6,958 2,710 -61%
Profit/loss after taxation after one-off items 6,710 1,246 -81%

2.2.3. Financial Result

In thousands of EUR 2022 2023 ∆ %
Total revenue 91,740 100,433 9%
Operating revenue 91,284 99,550 9%
Other revenue 456 883 94%
Total costs 84,012 97,094 16%
Costs of goods and services sold 57,351 65,618 14%
Personnel expenses 19,311 23,476 22%
Other business expenses 7,350 8,001 9%
EBITDA before one-off items 7,898 3,759 -52%
EBITDA one-off items 171 420 146%
EBITDA after one-off items 7,727 3,339 -57%
Depreciation and amortization 1,882 2,303 22%
EBIT 5,845 1,036 -82%
Net financial result (705) (371) 47%
Profit/loss before taxation before one-off items 5,311 1,085 -80%
Profit/loss before taxation after one-off items 5,141 665 -87%
Corporate tax (429) 204 148%
Profit/loss after taxation before one-off items 5,740 882 -85%
Profit/loss after taxation after one-off items 5,569 461 -92%

Net profit in 2023. The employment of experts in the area of Cloud and Cyber Security was a realized investment of the Company in the expected trend of growth in the following years.

Profit after taxation before one-off items of the Group decreased by EUR 4,248 thousand, to EUR 2,710 thousand. In the observed period, profit after taxation after one-off items of the Group decreased by EUR 5,463 thousand, to EUR 1,246 thousand. This fall was driven by the increase of depreciation and amortization reflecting 1) procurement of the necessary equipment for the work of the increased number of employees in the prior year, and 2) amortization of the long-term intangible assets (allocation of initially recognised goodwill of Ekobit and GT Tarkvara to relevant position of intangible assets in accordance with IFRS 3 Business Combinations, and internally generated intangible assets). Cost of the corporate tax in 2023 mostly reflected the release of the deferred tax assets for both obtained tax reliefs based on the Investment Promotion Act.

Span d.d. recorded a fall of profit after taxation before one-off items by EUR 4,859 thousand, to EUR 882 thousand. Span d.d. recorded a fall of profit after taxation after one-off items by EUR 5,108 thousand, to EUR 461 thousand, caused by higher cost of depreciation and amortization and value adjustment of investment into Span Swiss AG in Switzerland in the amount of 100%, or EUR 136 thousand, and Span Germany in the amount of 100%, or EUR 110 thousand.

2.2.4. Revenues by segments

The Span Group generates revenues in the following segments:
1. Software Asset Management and Licensing
2. Infrastructure Services, Cloud & Cyber Security
3. Service Center Management and Technical Support
4. Software and Business Solutions Development.

Data on revenues by segments of the operation of the Group and Span d.d. for 2022 and 2023 is illustrated below.

Revenues by segments

Span Group (In thousands of EUR)
| | 2022 | 2023 | ∆% |
|---|---|---|---|
| Total operating revenue | 110,170 | 142,836 | 30% |
| Software Asset Management and Licensing | 67,267 | 99,147 | 47% |
| Infrastructure Services, Cloud & Cyber Security | 16,409 | 14,051 | -14% |
| Service Center Management and Technical Support | 16,917 | 19,365 | 14% |
| Software and Business Solutions Development | 9,577 | 10,273 | 7% |

Span d.d. (In thousands of EUR)
| | 2022 | 2023 | ∆% |
|---|---|---|---|
| Total operating revenue | 91,284 | 99,550 | 9% |
| Software Asset Management and Licensing | 55,473 | 64,268 | 16% |
| Infrastructure Services, Cloud & Cyber Security | 14,701 | 12,677 | -14% |
| Service Center Management and Technical Support | 16,262 | 18,357 | 13% |
| Software and Business Solutions Development | 4,848 | 4,248 | -12% |

Revenues by segments

Span Group 2022 Span Group 2023
Software Asset Management & Licensing 61% Software Asset Management & Licensing 69%
Infrastructure services, Cloud & Cyber Security 15% Infrastructure services, Cloud & Cyber Security 10%
Service Center Management & Technical Support 15% Service Center Management & Technical Support 14%
Software & Business Solutions Development 9% Software & Business Solutions Development 7%
Span d.d. 2022 Span d.d. 2023
Software Asset Management & Licensing 61% Software Asset Management & Licensing 65%
Infrastructure services, Cloud & Cyber Security 16% Infrastructure services, Cloud & Cyber Security 13%
Service Center Management & Technical Support 18% Service Center Management & Technical Support 18%
Software & Business Solutions Development 5% Software & Business Solutions Development 4%
  1. Software Asset Management and Licensing recorded a growth of revenues by 47%. The Group recorded higher revenues compared to 2022, mostly as a result of the investment in new markets in the Baltic region. The share of revenues in the total operating revenues was 69%.
  2. Infrastructure Services, Cloud & Cyber Security were lower in the observed period by 14% compared to 2022 when the Group recorded an exceptional growth of projects in the domestic and foreign markets. Expanding operating activities in the area of Cloud and Cyber Security continued to be the focus of operation of the Group.
  3. Service Center Management and Technical Support contributed to the continuous growth of revenues through the supervision and management of the IT environment, with the increase of revenues in this segment amounting to 14% compared to 2022.
  4. Software and Business Solutions Development achieved the most significant growth of 7% in the observed period. The growth of this segment resulted from the focused development of own IT solutions and platforms, as well as the development of specific business solutions for individual key customers, such as CRM, automation and robotization of their business processes. The growth of this segment was additionally enhanced by the acquisition of Ekobit, whose operation is directed to development of software solutions.

2.2.5. Revenues by geographic markets

Revenues by geography show the geographic market where goods and services are invoiced. The share of revenues the Group makes in foreign markets accounts for 66% of the total revenues. A significant growth of revenues was recorded by the markets of Croatia (EUR 12,191 thousand) and Estonia (EUR 10,911 thousand). An additional growth in segment “Other” was supported by the growth of revenues in the Baltic and Central Europe markets realized by GT Tarkvara. 45% of revenues of Span d.d. in the observed period related to the Croatian market, which also recorded the highest growth of EUR 10,787 thousand (31%) in the observed period.

Span Group 2022 Span Group 2023
Croatia 32% Croatia 34%
USA 19% Slovenia 15%
Slovenia 17% USA 11%
UK 11% UK 9%
Ukraine 9% Estonia 8%
Others 12% Others 23%
Span d.d. 2022 Span d.d. 2023
Croatia 38% Croatia 45%
USA 22% Slovenia 17%
Slovenia 17% USA 15%
UK 14% UK 13%
Sweden 3% Sweden 2%
Others 6% Others 8%

2.2.6. Balance Sheet Assets

Span d.d.
| | 31.12.2022 | 31.12.2023 |
|---|---|---|
| | 46,467 | 52,984 |
| | 17,489 | 28,870 |
| | 1,341 | 1,145 |
| | 11,329 | 15,497 |
| | 14,212 | 3,792 |
| | 2,096 | 3,681 |
| | 46,467 | 52,984 |
| | 29,347 | 27,082 |
| | 2,319 | 2,995 |
| | 11,202 | 18,093 |
| | 3,598 | 4,813 |

The total value of the assets of the Group was higher by EUR 17,007 thousand amid the increase of long-term assets as a result of the acquisition of the 100% share of GT Tarkvara on 31 March 2023 and the increase of the current assets as a result of 1) growth of receivables; 2) growth of financial assets as a result of short-term fixed deposits in a foreign currency.

Span Group (In thousands of EUR)
| | 31.12.2022 | 31.12.2023 |
|---|---|---|
| ASSETS | 55,254 | 72,261 |
| Fixed assets | 16,616 | 23,927 |
| Deferred tax assets | 1,661 | 1,724 |
| Current assets | 15,942 | 29,354 |
| Cash and cash equivalents | 18,815 | 13,339 |
| Prepaid expenses and accrued income | 2,220 | 3,916 |
| LIABILITIES | 55,254 | 72,261 |
| Equity and reserves | 31,606 | 30,423 |
| Long-term liabilities | 2,907 | 3,509 |
| Current liabilities | 16,050 | 32,014 |
| Accrued expenses and deferred revenue | 4,691 | 6,315 |

Cash and cash equivalents
A decrease in cash compared to the prior period partially resulted from the investment activities of the Group in 2023, and partially from financial activities – the payment of dividend and purchase of own shares.

Deferred tax assets
Deferred tax assets represent income tax return amounts which are recoverable based on future deductions of taxable profit. Deferred tax assets are recognized up to the amount of taxable revenues which are likely to be achieved. When determining future taxable profit and the amount of taxable revenues which are likely to be achieved in the future, the Group judges and creates estimates based on taxable profit from the previous years and the expected future revenues which are considered to be reasonable in existing circumstances. The Group made an assessment of the usability of tax relief for the estimate of the amount of deferred tax assets, based on the support gained from the Ministry of Economy, Entrepreneurship and Crafts. The aforementioned financial support allows Span d.d.## 2.2.6. Financial position and Financial Instruments

to be exempt from paying corporate income tax from 2015 to 2025, for 50% of the amount of the tax base, up to the maximum threshold in the amount of the total investment according to the Investment Promotion Law (ZOPI). In December 2021, Span d.d. and Bonsai d.o.o. applied for the use of a new round of support entitled Investment in expansion of the research and development capacity and capacity for delivery of IT solutions project. They received a positive decision on 25 February 2022, based on which the Company accomplished additional 50% relief of the tax rate. Thus, Span d.d. ensured that by 2025, i.e. by the utilization of the maximum threshold of the investment, it has a corporate income tax rate of 0%.

Equity and reserves

The total equity of the Group decreased by EUR 1,183 thousand. On June 30th 2023, the company transferred a dividend to the SKDD (Central Depository and Clearing Company) account, in the amount of EUR 2,584 thousand, which was paid to the shareholders on 3 July 2023. The share capital of the Company increased from EUR 2,601 thousand by the amount of EUR 1,319 thousand, to EUR 3,920 thousand, with the increase of the individual nominal amount of regular shares from the amount of EUR 1.33 by the amount of EUR 0.67 to EUR 2.00, in line with the Law on the Introduction of the Euro as the Official Currency in the Republic of Croatia. The presentation also includes investments in assets related to the increase in assets resulting from the merger of the company Infocumulus and the inclusion of the amount related to investment in Right-of-use assets.

Investments of Span Group in tangible assets are mostly related to expenses for the procurement and replacement of worn-out computers and other equipment for the work of employees. Investment in Intangible Assets in preparation related to internally generated intangible assets that resulted from the continuation of the development of software available for further sale/use. Other intangible assets relate to assets generated by the acquisition of the companies Ekobit in 2022 and GT Tarkvara in 2023, as well as investments in business premises leased by the Company.

Long-term and short-term liabilities

The total long-term liabilities increased by EUR 601 thousand. Increase of the long-term liabilities resulted from the acquisition of GT Tarkvara. The short-term liabilities increased primarily as a result of 1) liabilities to suppliers 2) acquisition of GT Tarkvara 3) short-term liabilities to banks as a result of the withdrawal of the framework, and 4) liabilities to former owners for the purchase of own shares.

Span Group In thousands of EUR
2022 2023
Computer equipment and other equipment 1,452 958
Tangible assets in preparation - 4
Other intangible assets 3,335 3,218
Intangible assets in preparation 566 1,188
Right-of-use assets 1,223 961
Investment in assets total 6,576 6,329
Span d.d. In thousands of EUR
2022 2023
Computer equipment and other equipment 932 544
Tangible assets in preparation - 1
Other intangible assets 344 406
Intangible assets in preparation 408 1,475
Right-of-use assets 703 810
Investment in assets total 2,387 3,236

Current Assets, Current Liabilities and Working Capital

Span Group In thousands of EUR 31.12.2022 31.12.2023
Current assets 36,977 46,609
Current liabilities 20,741 38,329
Working capital 16,237 8,280
Current liquidity ratio 1.78 1.22
Span d.d. 31.12.2022 31.12.2023
Current assets 27,637 22,969
Current liabilities 14,801 22,906
Working capital 12,837 631
Current liquidity ratio 1.87 1.00

Net debt

Span Group In thousands of EUR 31.12.2022 31.12.2023
Short-term and long-term bank loans 937 2,107
Cash and cash equivalents 18,815 13,339
Net debt (17,879) (11,232)
Total equity 31,606 30,423
Net debt and total equity ratio - -
Span d.d. In thousands of EUR 31.12.2022 31.12.2023
Short-term and long-term bank loans 937 2,107
Cash and cash equivalents 14,212 3,792
Net debt (13,276) (1,685)
Total equity 29,347 27,082
Net debt and total equity ratio - -
Span Group In thousands of EUR
2022 2023
Net cash from operating activities 10,746 6,009
Net cash used in investment activities (6,214) (6,881)
Net cash used in financial activities (4,271) (4,605)
Net increase / decrease in cash and cash equivalents 261 (5,477)
Span d.d. 2022 2023
Net cash from operating activities 7,760 4,324
Net cash used in investment activities (6,608) (10,495)
Net cash used in financial activities (3,785) (4,250)
Net increase / decrease in cash and cash equivalents (2,633) (10,421)

The current liquidity ratio points to a high ability of the Group to settle its short-term liabilities.

2.2.7. Cash flow

The Group generated positive cash flows from business activities. The negative cash flow from investment activities is mostly a consequence of the acquisition of GT Tarkvara and investment in tangible and intangible assets. The negative cash flow from financial activities mostly derives from the payment of dividend, acquisition of shares, and establishing term deposit.

TOV Span standalone

In thousands of EUR
| | 2022 | 2023 | ∆% |
| :---------------------- | :------- | :------- | :---- |
| Total revenue | 10,007 | 8,297 | -17% |
| Operating revenue | 5,749 | 7,821 | 36% |
| Other revenue | 4,258 | 476 | -89% |
| Total costs | 10,004 | 7,618 | -24% |
| Costs of goods and services sold | 4,876 | 5,836 | 20% |
| Personnel expenses | 840 | 1,281 | 53% |
| Other business expenses | 4,289 | 502 | -88% |
| EBITDA before one-off items | 2 | 679 | 38% |
| One-off items | - | - | - |
| EBITDA | 2 | 679 | 38% |
| Depreciation and amortization | 29 | 29 | 2% |
| EBIT | (26) | 650 | 2571% |
| Net financial result | 47 | 28 | -40% |
| Profit/loss before taxation before one-off items | 21 | 678 | 3158% |
| Profit/loss before taxation | 21 | 678 | 3158% |
| Corporate tax | 122 | - | -100% |
| Profit/loss after taxation before one-off items | (101) | 678 | 772% |
| Profit/loss after taxation | (101) | 678 | 772% |

Contribution of TOV Span in Span Group

2.2.8. Operation of TOV Span Ukraine

An individual profit and loss statement of TOV Span for 2022 and 2023, and contribution to the consolidated results of Span Group is provided below. In the observed period, Microsoft further enabled our users in Ukraine to use its products and services free of charge for the period from 1 January 2023 to 31 December 2023. In 2022, other revenue reflects the consequence of the write-off of debts to Microsoft, whereas other operating expenses reflect the provision of the obtained relief to end users. The aforementioned resulted in a decline of other revenues and other operating expenses in 2023. Revenues of TOV Span accounted for 6% of the consolidated revenues of the Span Group in the observed period of 2023. In 2023, the contribution to consolidated EBITDA before one-off items was EUR 610 thousand, and the contribution in EBITDA before one-off items of the Group was 9%.

Span Group Contribution of TOV Span in Span Group Share of TOV Span in Span Group
In thousands of EUR 2022 2023 2022 2023 2022 2023
Total revenue 115,140 144,331 9,836 8,216 9% 6%
Operating revenue 110,170 142,836 5,578 7,740 5% 5%
Other revenue 4,970 1,496 4,258 476 86% 32%
Total costs 105,854 138,683 10,002 7,606 9% 5%
Costs of goods and services sold 66,768 94,695 4,876 5,824 7% 6%
Personnel expenses 25,799 32,197 840 1,281 3% 4%
Other business expenses 13,288 11,791 4,287 502 32% 4%
EBITDA before one-off items 9,533 7,111 (166) 610 -2% 9%
EBITDA one-off items 247 1,463 - - - -
EBITDA after one-off items 9,285 5,648 (166) 610 -2% 11%
Depreciation and amortization 2,572 3,559 29 29 1% 1%
EBIT 6,714 2,089 (195) 580 -3% 28%
Net financial result (226) (343) 47 28 -21% -8%
Profit/loss before taxation before one-off items 6,734 3,209 (148) 609 -2% 19%
Profit/loss before taxation after one-off items 6,487 1,746 (148) 609 -2% 35%
Corporate tax (223) 499 122 - - 55%
Profit/loss after taxation before one-off items 6,958 2,710 (269) 609 -4% 22%
Profit/loss after taxation after one-off items 6,710 1,246 (269) 609 -4% 49%

2.3. Information for shareholders

The table below shows information on the number of shares held by the Members of the Management Board and the Supervisory Board on 31 December 2023.

  • Nikola Dujmović: 35.77%
  • Marijan Pongrac: 5.72%
  • Zvonimir Banek: 5.51%
  • Raiffeisenbank Austria d.d. / Raiffeisen Voluntary Pension Fund: 5.16%
  • Erste & Steiermärkische Bank d.d. / PBZ CO OMF - Category B: 3.33%
  • Privredna Banka Zagreb d.d.: 2.58%
  • Damir Bočkal: 2.37%
  • Privredna Banka Zagreb d.d. / Generali Jugovzhodna Evropa, Delniski: 2.24%
  • Podravska Banka d.d.: 1.85%
  • Erste & Steiermärkische Bank d.d. / PBZ CO OMF - Category A: 1.33%# Management Board

2.3.1. Share capital

Based on the Decision of the General Assembly of the Company of 14 June 2023, in line with the Law on the Introduction of the Euro as the Official Currency in the Republic of Croatia (Official Gazette 57/22, 88/22), the Commercial Court in Zagreb on 29 September implemented and on 30 September 2023 published the registration of the share capital adjustment in line with the Companies Act (Official Gazette 111/93, 34/99, 121/99, 52/00, 118/03, 107/07, 146/08, 137/09, 125/11, 152/11, 111/12, 68/13, 110/15, 40/19, 34/22, 114/22, 18/23). The Company's share capital was adjusted to the Euro and was increased from EUR 2,601,367.04 by the amount of EUR 1,318,632.96 to EUR 3,920,000.00, with the increase of the individual nominal amount of common shares with the stock symbol SPAN-R-A from EUR 1.33 by EUR 0.67 to EUR 2.00. Accordingly, the Articles of Association of the Company have been also amended. The Company has one type of common shares that do not confer the right to a fixed return. The Company has no losses in 2023 and no carried-forward losses from previous years.

2.3.2. Ownership structure and 10 largest shareholders

On 31 December 2023, the largest individual share of 35.77% in the ownership structure was held by Nikola Dujmović, President of the Management Board. The structure of the 10 largest shareholders is as follows:

Name and surname Position Number of shares %
Nikola Dujmović President of the Management Board 701,072 35.77%
Marijan Pongrac Member of the Management Board 112,198 5.72%
Dragan Marković Member of the Management Board 19,698 1.01%
Antonija Kapović* Member of the Management Board 5,939 0.30%
Saša Kramar Member of the Management Board 19,778 1.01%

*Antonija Kapović has resigned as the Member of the Management Board, effective on December 31st, 2023.

Name and surname Position Number of shares %
Aron Paulić Member of the Supervisory Board 300 0.02%
Barbara Gradečak Member of the Supervisory Board 98 0.01%

2.3.3. Share movements and trading volume

In 2023, the trading of the share started on 2 January with its price being EUR 35.80. The last day of trading on the Zagreb Stock Exchange was on 29 December 2023, when the price of the share amounted to EUR 50.00, which was a growth of 39.66%. Compared to the price of the share in the Initial Public Offering (HRK 175 / EUR 23.23), the price of the share had increased by 115.27%.

SPAN ANNUAL REPORT 2023 86

SPAN ANNUAL REPORT 2023 87

Increase of SPAN share price since the Initial Public Offering: 115.27%

23.09.2021 29.12.2023

23.23 € 50.00 €

The trading volume of the share in the observed period amounted to EUR 30,790,402.30.

SPAN ANNUAL REPORT 2023 88

SPAN ANNUAL REPORT 2023 89

2.3.4. Share Buy-Back Program

The Company adopted the Share Buy-Back Program on the meeting of the Management and the Supervisory Board of the Company that took place on 2 December 2022. The Program is implemented with the purpose of the disposal of shares within the ESOP Program of the Company, remuneration of the members of the Management Board, the employees of the Company and affiliated companies, potential acquisition of companies, and for any other purposes that are provided for as such and allowed under the applicable legislation of the Republic of Croatia, in line with the decision of the General Assembly of the Company on 13 June 2022. The Company plans to repurchase treasury shares on the regulated market of the Zagreb Stock Exchange, up to the maximum of 175,000 (one hundred and seventy-five thousand) shares with the amount of funds allocated with the Program in the amount of HRK 87,500,000.00 (eighty-seven million five hundred thousand). The Company is not obliged at any point to purchase its own shares, acting as a purchaser depending on the market conditions. The Program started on 5 December 2022, and will end by 5 December 2024, at the latest. It depends on the market conditions and strategic decisions of the Company, and may be suspended, discontinued, or modified in any way during the Program period. This Program does not regulate the purchase of own shares through organized tender offers at the Zagreb Stock Exchange.

The price at which treasury shares are acquired must not be above 10% (ten percent), or below 10% (ten percent) of the average market price realised for those shares during the previous day of trading.

2.3.6. Dividend Payment Policy

At the meeting of the Management Board of the Company that took place on 25 February 2022, a Dividend Payment Policy of the Company was adopted. The Policy will be implemented in line with the development plans of the Company, the capital market situation, net profit growth, revenue levels, and other relevant factors. When adopting the proposed decision on the payment and the amount of dividend, the Company will pay regard to ensuring successful regular operations, continuing growth on the markets where it already operates, as well as the growth on new markets. In the event the described conditions are met, the Company will pay the shareholders 20 to 50 percent of the consolidated profit in the form of dividend. The proposals of the Management Board and the Supervisory Board of the Company for the payment of dividend will reflect the stated position, but the final decision on the dividend payment, its amount and the method of its disbursement will be determined by a decision of the General Assembly of the Company.

According to the above-mentioned, a session of the Supervisory Board of the Company took place on 28 April 2023, where the Supervisory Board, together with the Management Board, proposed to the General Assembly the adoption of the decision on the use of profits and dividend payment in the amount of HRK 10.00 / EUR 1.33 per share. The dividend was paid to the shareholders of the Company who were registered as the Company shareholders in Central Depository and Clearing Company d.d. (SKDD), on 20 June 2023 (record date). The date from which the share of the Company was traded without the right to the dividend payment was 19 June 2023 (ex date). The claim for the dividend payment became due on 3 July 2023 (payment date). Dividend was paid from the Company profit made in 2022.

25

2.3.5. Acquisitions and disposals of own shares

In accordance with the above-mentioned Share Buy-Back Program, the Company acquired and disposed of own shares during the year.

On 31 December 2022, the Company held 20,029 shares, which represents 1.0219% of the share capital of the Company. After the above-mentioned acquisitions and disposals during the year, on 31 December of 2023, the Company held 15,673 shares, representing 0.7996% of the share capital.

In the business year that ended as at 31 December 2022, the Span Group made net consolidated profit in the amount of HRK 50,536,506.14, and net profit of Span d.d. was HRK 41,944,428.10.

Date Corporate event Purpose Number of shares Number of shares after corporate event % of share capital before corporate event % of share capital after corporate event
30 March 2023 Disposal of own shares Share Buy-Back Program 6,415 13,614 1.0219% 0.6946%
6 April 2023 Disposal of own shares Share Buy-Back Program 701 13,544 0.6946% 0.6910%
28 April 2023 Acquisition of own shares Share Buy-Back Program 3,411 16,955 0.6910% 0.8651%
21 June 2023 Disposal of own shares Share Buy-Back Program 4,615 12,340 0.8651% 0.6296%
3 July 2023 Acquisition of own shares Share Buy-Back Program 2,911 15,251 0.6296% 0.7781%
4 August 2023 Acquisition of own shares Share Buy-Back Program 100 15,351 0.7781% 0.7832%
8 August 2023 Acquisition of own shares Share Buy-Back Program 4,419 19,770 0.7832% 1.0087%
9 August 2023 Acquisition of own shares Share Buy-Back Program 60 19,830 1.0087% 1.0117%
10 August 2023 Acquisition of own shares Share Buy-Back Program 500 20,330 1.0117% 1.0372%
14 September 2023 Disposal of own shares Share Buy-Back Program 254 20,076 1.0372% 1.0244%

24

2.3.7. Contracts with affiliated persons

During 2023, Span signed three contracts with Bug d.o.o., a company whose Director is the Vice President of the Supervisory Board, Aron Paulić. One contract concerned the realization of an annual media package by which Bug will provide Span with promotional activities in its issues (bug.hr, mreza.bug.hr, magazine Bug, magazine Mreza) in the amount of EUR 21,600.00, whereas the second contract related to the coverage of an annual sponsorship package in the amount of EUR 22,800.00. Both contracts were signed for a period from 1 January to 31 December 2023. The third contract was a contract on the provision of subscription services for Microsoft services through the CSP program, which Span as a Microsoft CSP (Cloud Solution Provider) partner offered to Bug d.o.o. as the customer. The annual value of the contract was EUR 1,497.36.

Prava Formula d.o.o., a company whose founder and Director is an affiliated person of the Member of the Management Board Dragan Marković, provided workshops for members of Span Management Academy and Span Learning Hub in the total amount of EUR 21,200.00. The workshops were held during 2023.

25# S P A N A N N U A L R E P O R T 2 0 2 3 9 0

Financial risks

  • Foreign currency risk
  • Interest rate risk
  • Accounts receivable risk
  • Liquidity risk
  • Risk of over-indebtedness
  • Risk of the susceptibility of the profitability of the Group, its operating results and working capital to significant fluctuations

Legal risks

Risks related to the operation

  • Risk of the loss of key staff and risk of the lack of skilled labour
  • Risk of exposure to cyber attacks
  • Maintenance of the continuity of operation risk
  • Competition risk
  • Risk related to retaining the current, and finding new clients and risk of concentration of key customers
  • Supplier risk
  • Risk of the business environment and political risk
  • Risks related to the protection of personal data and intellectual property
  • Risk of the change of regulation and regulatory risk

Span also signed a contract with Prava Formula d.o.o. on the provision of subscription services to Microsoft services through the CSP program, which Span as a Microsoft CSP (Cloud Solution Provider) partner provides to Prava Formula d.o.o as a customer. The annual value of the contract was EUR 1,141.20. All the above contracts and affairs had been approved by the Supervisory Board.

2.4. Risks

Span has established and maintained a risk management system on the level of the Company in order to connect strategic goals and risks with the operative risks and in this way manage the operations in the best possible way. By late 2022, the Company started the implementation of the risk management system according to ISO 31000 standard. The standard contains recommendations and good practice in the area of risk management and there is no official ISO certificate for it. The Risk Management Policy 26 was defined, applying to all temporary, occasional and permanent employees of Span, depending on defined roles and responsibilities. The Policy specified competences, responsibilities and principles. The risk assessment frequency and reference to the Risk Appetite document were defined.

26 Created on 30 November 2022, and the current version is of 6 November 2 0 2 3

It is specified that Span will accomplish its business goals offering products and services while taking taking into account:

  • Maintenance and respect of high ethical standards of operation and sustainability (ESG)
  • Preservation of long-term financial profitability and business sustainability of Span
  • Protection of interests of customers and ensuring decent treatment by providing high quality services
  • Ensuring operations in full compliance with the legislation and regulatory requirements
  • Maintaining the internal control system in order to preserve and maintain continuity and security of operation.

Furthermore, a document with the context of the influence of the main shareholders was created, as well as Risk Appetite 27 , and the Risk Management Methodology , elaborated based on the previous Information Security Management System methodology. A significant progress in risk management was achieved in 2023. Through activities of i d e n t i f i c a t i o n , t r a i n i n g a n d e d u c a t i o n , a n d t h e s y s t e m i c a p p l i c a t i o n o f c o n t r o l s , t h e C o m p a n y created an environment that encourages proactivity in facing risks. The goal was to create a transparent risk management system suitable for risk processing in every domain of the operation of Span. Based on the probability of occurrence and the potential reach of negative impacts of t h e o p e r a t i o n s , t h e f i n a n c i a l c o n d i t i o n a n d r e s u l t s o f t h e o p e r a t i o n o f t h e G r o u p , t h e f o l l o w i n g risks were identified:

T h e r i s k s w e r e d i s t r i b u t e d b y c a t e g o r i e s d e p e n d i n g o n t h e i r n a t u r e , a n d t h e y c a n be mutually connected. There is a possibility of the occurrence of additional risks that could influence the operations, financial condition and results of the operations of the Group, if they were realized, but they are currently not known or they are not considered key risks at the m o m e n t .

27 On 23 March 2023, the Management Board of the Company adopted the Risk Appetite Statement , which defines appetites for operational, reputation and financial risks and the compliance risk in line with the strategic guidelines

S P A N A N N U A L R E P O R T 2 0 2 3 9 2

S P A N A N N U A L R E P O R T 2 0 2 3 9 3

2.4.1. Financial risks

Foreign currency risk

Span Group operates on an international level and is exposed to the foreign currency risk that arises from changes in the exchange rate of foreign currencies. As of January 1st, 2023, the official currency in the Republic of Croatia is euro and the official parity is 1 EUR = 7.53450 HRK. The most significant risk is the one related to the change in the exchange rate of the US dollar (USD) and the British pound (GBP). The risk is mostly present in relation to the conversion costs; USD - Euro (EUR), Ukrainian Hryvnia (UAH) – USD and GBP – Euro (EUR). Exchange rate changes between the aforementioned currencies, as well as their relationship with the euro, may have an impact on the results operations and future cash flows of Group companies. The company has concluded an agreement on derivative financial instruments for protection against exchange rate risk. More detailed the description can be found in the audit report under note 37 - Financial instruments.

Interest rate risk

The Group is exposed to interest rate risk because the Company and its subsidiaries a r e d e b i t e d a t f i x e d a n d v a r i a b l e i n t e r e s t r a t e s . T h e G r o u p m a n a g e s t h e s t a t e d r i s k b y maintaining an appropriate borrowing ratio with the fixed and changing interest rate. A more detailed description can be found in the Audit report under Note 37. Financial instruments.

Accounts receivable risk (credit risk)

Accounts receivable risk (credit risk) is a risk of a customer’s failure to pay, i.e. default by the customer concerning the contracted liabilities, which impacts possible financial loss o f t h e C o m p a n y o r t h e G r o u p . T o r e d u c e t h e a c c o u n t s r e c e i v a b l e r i s k , t h e G r o u p a d o p t e d a policy of operation only with creditworthy customers and obtaining collaterals securing the c o l l e c t i o n . T h e e x p o s u r e o f t h e G r o u p , c r e d i t w o r t h i n e s s o f t h e c u s t o m e r s , a n d o r d e r l i n e s s in meeting the contracted obligations of customers towards the Group is continuously monitored. A more detailed description can be found in the Audit report under Note 37. Financial instruments.

Liquidity risk

Liquidity means the maintenance of sufficient quantities of cash and working capital and ensuring adequate financial instruments in form of credit lines. The liquidity risk itself relates to a case where the Group cannot meet its due financial liabilities on time due to the lack of its own cash, shortage of available assets on the cash market or impossibility of crediting by financial institutions. The Management Board has responsibility for the liquidity risk management, and it has set up an appropriate framework for the liquidity risk management by which it is guided in the management of the short-term, medium term, and long-term r e q u i r e m e n t s o f t h e G r o u p f o r f u n d i n g a n d l i q u i d i t y . T h e G r o u p m a n a g e s t h e l i q u i d i t y r i s k i n a manner that it maintains adequate reserves and credit lines, constantly oversees the projected a n d a c t u a l c a s h i n f l o w s a n d o u t f l o w s a n d a d j u s t s m a t u r i t y o f t h e f i n a n c i a l a s s e t s a n d f i n a n c i a l liabilities. A more detailed description can be found in the Audit report under Note 37. Financial i n s t r u m e n t s .

Risk of over-indebtedness

The risk of over-indebtedness is expressed in the too high level of debt that adversely affects the financial stability. The Group monitors its status of over-indebtedness and manages the risk of over-indebtedness through the indicators of the level of indebtedness.

Risk of the susceptibility of the profitability of the Group, its operating results and working capital to significant fluctuations

The operating results of the Group can be influenced by the fact that the operations on which the Group makes a significant part of its revenues are not contracted for the long term and thus there is no certainty that the Company will make revenues of these jobs in the long run. Customers are not obliged by volume commitment. Revenues of the Group based on license subscription are relatively stable in the short term (excluding the effects of potential foreign currency fluctuations), but in the long run, they can vary due to the pace of the IT industry and market in which the Group operates. However, low margins in relation to license subscription reduce the effects of the concerned revenues on the profitability of the Group. With a strong focus on long-term growth and investments oriented to strengthening the capacities for growth of the Group, the Group expects the profitability and the working capital to vary on quarterly and annual levels.

2.4.2.# Legal risks

Risks related to the protection of personal data and intellectual property

Within their operations, the members of the Group process the personal data of participants (e.g. employees, clients, business partners and third persons, such as job candidates). Obligations concerning processing personal data differ depending on whether the members of the Group process them in the role of the controller or in the role of the processor. GDPR and the Croatian Act on the Implementation of the GDPR, i.e. national and other regulations on data protection according to the territorial application for different members of the Group, provide for regulations in accordance with which the members of the Group act in relation to personal data, and competent bodies, primarily Croatian Personal Data Protection Agency (AZOP) in Croatia, monitor the compliance with the said regulations.

The Group encounters different forms of intellectual property of its partners and customers through its operation. There is a risk posed by possible violations of the intellectual property rights specific for the operation of the Group, such as the use of the source code and IT products contrary to the terms and conditions from the license and the use of open source solutions contrary to restrictions set by the clients of the Group. A risk is also posed by potential and successful cyber attacks directed at personal data of clients. The very perception that a threat or violation of personal data has occurred, whether the danger is real or not, can significantly disturb the business reputation and make future operation of the Group difficult.

SPAN ANNUAL REPORT 2023 94
SPAN ANNUAL REPORT 2023 95

Risk of change of regulations and regulatory risk

Given that the Group does business in the global market, it is subject to the risk of change of tax regulations in a manner that would adversely affect profitability of the operations of the Group. This risk is also reflected through possible changes of tax rates as well as the subject of taxation. The presence of the Group in different jurisdictions implies different global and regional economic, political, legal, regulatory and operational risks, which instills additional complexity in the operation due to diversity of the rules applied, including regulations governing the access to and use of the Internet, data privacy and IT security, along with labor law and other issues in each jurisdiction where the Group operates. There is a risk that the Group will not be able to detect and/or prevent a breach of regulations, i.e. that the standards of control and risk management applied by the Group will not be implemented efficiently in all affiliated companies.

2.4.3. Risks related to the operation of the Company

Risk of the loss of key employees and of the lack of skilled labor

The operation of the Group largely depends on retaining the founding company, the management and experts in the area of IT technologies, and the ability of the Group to continue to attract and retain new professional employees required for a successful operation. A demand for IT experts has increased, and the labor market features a constant lack and increased turnover of IT experts on all levels of expertise. Therefore, there is a risk that the Group will not be able to respond adequately to the demanding pace of the labor market and timely engage the required additional employees or retain the existing one. The exposure to increased costs related to attempts to respond adequately to the needs for employment of skilled labor is an additional risk.

To maintain the quality of IT employees it employs, the Group organizes training for advancement and obtaining professional certificates required for the performance of specific IT services, demanded by technology partners on the one hand, and customers on the other. Owing to its proactive approach and well-conceived HR initiatives, the Group mitigated this risk with exceptional success during 2023, so the reduction of the turnover rate continued, from 10.47% in 2022 to only 8.15%, with a further stable increase of the number of employees. That is proof that the Management and HR of the Group showed a high ability to attract qualified labor force and retain key personnel.

Risk of exposure to cyber attacks

The Group, as well as the customers of the Group, are exposed to risks of cyber attacks and security threats. In its operations with customers, the Group is obliged to maintain systemic security, provide security patches and improvements, antivirus measures of protection against a malicious code, and ensure credibility of its own employees who cooperate with the customers of the Group. IT security breaches can lead to setbacks in the provision of services and/or functioning of the system controlled by the Group and to potential endangering of reliable information.

Every year, the Group increases investments in order to better protect itself against risks of exposure to cyber attacks and security threats. One of the key services the Group provides to its clients are IT solutions related to cyber attacks and threats, which means that the Group has the required expertise to take the required precautions. The Group implements extensive security training measures and training of IT security experts and at the same time continuously invests in its security capacity.

Maintenance of the continuity of operation risk

The total operation of the Group depends on the possibility for proper functioning of its own IT infrastructure and ability of the Group to protect it in case of unpredictable events (continuity of operation). Smooth functioning of its own IT systems is a prerequisite for regular operation and the foundation of trust the customers have in the Group’s services. Besides, technology used by the IT infrastructure is susceptible to difficulties in functioning caused by the human factor, delays in the supply of electricity, systemic errors, telecommunication problems, natural disasters, and similar events that can cause significant obstructions in regular operation of the Group and cause violations of the assumed contractual obligations, if the Group cannot eliminate them within a reasonable time span.

The Group uses the IT infrastructure of renowned global technological companies such as Microsoft Corporation, Cisco Systems, Google and others and has backups of all important data, which is not stored at one location. Furthermore, the Group also uses the IT infrastructure of third persons that it does not control, such as services of operation in Public Cloud, i.e. the operation of the Group is largely dependent on proper functioning of the infrastructure concerned and the connection with customers of the Group.

Competition risk

Markets in which the Group operates are highly competitive and are characterized by fast changes in technology and frequent introduction of new products and services. Future profitability of the Group significantly depends on the successful improvement of its solutions and implementation of new services, and on efficient interoperability between an increasing number of operative systems, applications and software solutions. There is no guarantee that the future effort of the Group to be harmonized with the current requirements of the market will be successful. Any belatedness in adopting new technologies, which would result in the lack of competition, would reflect adversely on the business results of the Group.

Moreover, it is possible that competitor companies will meet the requirements for changes in the IT technologies in the future more efficiently, and in that way jeopardize the profitability of the operation of the Group. Even though the Company is among the leading companies in its industry, there is a risk that some of the current competitors could make a high financial investment and launch an attempt to take over customers or employees of the Group. Given the trends of consolidation in markets where the Group competes, some of the global competitors are also likely to try to access the market.

SPAN ANNUAL REPORT 2023 96
SPAN ANNUAL REPORT 2023 97

Risk related to retaining the current and finding new customers and risk of concentration of key customers

The operation of the Group depends on its ability to keep and expand the cooperation with the current customers through cross-selling and up-selling, and successfully attracting new customers. Growth of revenues of the Company depends on the growth of sales to the current customers through an increase of the number and types of services rendered, which makes the retaining of the existing customer base especially important.A significant category of customers of the Group, as per their share in the revenues, is made up of customers of the Microsoft licenses that are by rule renewed annually. However, customers are not obliged to renew their subscription after the expiry of the contracted duration of a license, therefore we cannot be certain that after the expiry, those same customers will renew the subscription for a license. In addition, we are exposed to the risk of the concentration of key customers. The risk is reflected in the concentration of revenue in relation to customers that belong to one business group given that a possibility cannot be ruled out that they can cease to use the services of the Group for any reason, or to continue to use them to a lower extent.

Supplier risk
Results of the Group largely depend on a possibility of sale of Microsoft program licenses and use of Microsoft solutions of operation in Cloud, which the services the Group renders to their customers are based on to a significant extent. Therefore, global acceptance of Microsoft programs and solutions in relation to operation in Cloud is a significant factor in the business model of the Group. Even though Microsoft IT solutions are widely prevalent, there is no guarantee that they will keep the current market position in the future so the risk of adjustment to fast changes in technology on the competitive market is applicable to Microsoft itself as well.

The authorization of the Group for sales of Microsoft products to customers and the business requirements of the cooperation are related to the status of the provider of services of licensing that is based on a contract that is not exclusive and should be renewed on an annual basis for each geographic area where the Group sells Microsoft products. Successful cooperation of the Group with Microsoft also depends on a successful adjustment to business requirements of cooperation specified by Microsoft, which include various incentives in form of rebates, investments, marketing assets and other payments. The incentives Microsoft offers to its Microsoft LSP (Licensing Solution Provider) partners, including the Group, depend on whether a partner meets certain indicators of success such as the revenue growth in certain areas of products or services, finding new customers, acquiring certain Microsoft competencies and specializations, etc. Business requirements for cooperation are subject to annual changes, so if the Group is not able to adapt to those changes on time, this can result in a significant reduction of the received incentives and adversely affect the profit margins of the Group. The Group, a multiyear Microsoft partner with more than 30 years of successful cooperation, enjoys business trust, but there is no guarantee that the cooperation will continue equally successfully in the future. Finally, concerning Microsoft as a supplier, along with other IT companies whose products are used by the Group, one cannot rule out that the mentioned companies will offer their products and services directly at certain markets or to certain customers. Such a change of the business model of companies that can be considered suppliers of the Group could adversely impact the operation of the Group.

Risk of business environment and political risk
The risk of the business environment is determined by political, economic and social conditions in a country, and includes political, macroeconomic and economic risks. The political risk of a country includes all the risks related to a possibility for political instability, and in its extreme, includes the integrity and survival of the state. Risks of this nature are not present significantly relating to the Group, apart from the Ukranian market where Russian aggression and the war is still going on. The decline in income in Ukraine in 2023 was fully compensated at other markets and at the end of 2023 revenues in Ukraine make up 6% of the Group's revenues. Span continues with operations in Ukraine, and the individual report on the operations of TOV Span can be found in point 2.2.8. Business overview Ukraine.

S P A N A N N U A L R E P O R T 2 0 2 3 9 9

3.1. Human resource excellence

Span has been the winner of the Certificate Employer Partner (CEP) for the third year in a row. This once again acknowledged Span’s excellent practice and the high quality in the area of human resource management. In the third year of certification, our HR processes were evaluated in seven key categories, which include all parts of the employee life cycle – from attracting and employment to leaving, and possible returning.

Results on Employee life cycle steps

Span's result in all categories was above 80%, and what makes us especially happy is a result of the maximum 100% in the part related to the inclusion and well-being of our employees. In the year in which recertification criteria were made significantly stricter, we achieved a total result of 90%, which was also higher than the average of other certified organizations by 8%. All this is only an indicator of the continuing effort we invest in attracting, recruiting, retaining and developing employees – in short, in the overall care of employees.

Employee Life Cycle Step Span's Result
Recruiting and employment 83 %
Onboarding and development 87 %
Inclusion and inspiration 87 %
Transformation and growth 89 %
Retention and well-being 90 %
Leaving and returning 90 %
HR strategic counselling 100 %

S P A N A N N U A L R E P O R T 2 0 2 3 1 0 0

S P A N A N N U A L R E P O R T 2 0 2 3 1 0 1

3.2. Recruitment, development and retention of employees

3.2.1. Recruiting and employing professional employees

Successful cooperation and enhancing the relationship with the academic and IT community
Span is committed to attracting, developing and retaining superior IT experts, and the key strategy in achieving these goals lies in the successful cooperation with the academic and IT community. Through our longstanding partnership with faculties and students' associations, we show dedication to the development of talents and support educational initiatives in the IT sector. Our cooperation includes a wide range of activities, including visiting lectures, professional workshops and practice, as well as innovative programs such as SpanIT Gym practice. Taking part in 16 visiting lectures and organizing 14 professional workshops in 2023, point to our commitment to sharing knowledge with young talents. Our dedication to sharing knowledge is also shown in our move for establishing elective courses (so-called Skills) in prestigious faculties such as the Faculty of Electrical Engineering and Computing in Zagreb and the Faculty of Organization and Informatics in Varaždin. Within these subjects, our experts participate in shaping future IT experts, providing them with relevant knowledge and skills required for fast development in the industry. Besides, it is important to emphasize that more than 50% of students who underwent our SpanIT Gym professional practice in 2023 got an opportunity for employment in Span. We are drawing attention to this because it confirms our long-term commitment to creating professional employees within the organization, thus reducing dependency on external sources.

A dose of innovation is always welcome in recruitment strategy, as shown by Span’s first participation and victory in the esports competition Good Game Zagreb 2023. During the weekend of the competition, Span attracted more than 80 new followers by means of social networks, whereas posts related to Good Game reached more than 21,000 people. Our strategy for cooperation with the academic IT community acknowledges our dedication to the development of IT talents, accomplishing a two-way communication with potential employees, which also helps us to ensure competitive advantage and sustainability in the growing world of information technology. Furthermore, with all these activities, we are helping the academic community to create educational programs adjusted to the needs of the future.

S P A N A N N U A L R E P O R T 2 0 2 3 1 0 2

S P A N A N N U A L R E P O R T 2 0 2 3 1 0 3

Key indicators for employees and operations of Span Group

Indicator 2020 2021 2022 2023
1) Overview of employees over years Span d.d Span G r o u p
The number of employees in Span recorded a growth of 6% compared to 2022, whereas the number of employees at the level of the whole Group increased by 8%
Country Share of Employees
Croatia 90.87%
Ukraine 4.28%
Slovenia 3.00%
Other 1.85%
Business Segment Overview of Employees
Age Structure of Employees 18 - 29 30 - 39 40 - 59 60 +
34 % 40 % 21 % 5 %
Gender Structure of Employees of the Span Group Female Male
30% 70%
Average Age of the Span Group Average Work Experience

At the moment, 30% of women work in Span, which is an increase by 1% compared to the prior year. According to Eurostat data, it is also higher by 12% than the Croatian average of women employed in IT.# Software Asset Management and Licensing Infrastructure Services, Cloud & Cyber Security Service Center Management and Support Software and Business Solutions Development Managing and Corporate Functions

28 h t t p s : / / e c .e u r o p a .e u / e u r o s t a t / s t a t i s t i c s - e x p l a i n e d / i n d e x .p h p ? t i t l e = I C T _ s p e c i a l i s t s _ i n _ e m p l o y m e n t # I C T _ s p e c i a l i s t s _ b y _ s e x

6 % 15 % 15 % 32 % 32 % 34 years 4.7 years 52 24 175 7446 98026 08865644 SPAN ANNUAL REPORT 2023 104

SPAN ANNUAL REPORT 2023 105

Furthermore, the proportion of employed women and men in Span is better when compared to the rest of the market because, according to data from Eurostat, 18% women on average are represented in IT organizations 29. employees and perception of their future in the organization. In the third year of the program, we recognized 15 new talents, who will be ready to take new positions after this program.

2020 2021 2022 2023

Establishing an internal education system

One of Span’s long-term goals is certainly increasing the share of women in IT positions. Year by year, we are gradually accomplishing that goal, and one of the cooperations that particularly contribute to it is the one with Algebra University College. We continued this cooperation in 2023 as well, and owing to the Work in Tech project, 17 female attendees completed their professional practice in Span.

3.2.2. Development of technological and leadership capacities

Span Management Academy 2023

The development of managerial skills, retaining and motivating employees, promoting the culture of transfer of knowledge and excellence in leadership, and filling existing and future k e y p o s i t i o n s i n t h e o r g a n i z a t i o n i n a f a s t e r a n d b e t t e r w a y a r e s o m e o f t h e m a i n g o a l s w e wanted to achieve with the establishment of the internal management academy. Within this nine-month structured development program, the attendees acquire skills for development of competencies in line with the strategic needs and goals of Span. This year, we successfully closed the second and launched the third generation of our Span Management Academy program. In the second generation of students, who completed the program in June, out of 27 attendees, as many as 93% assumed leadership positions, whereas a positive change in satisfaction was observed with the attendees of the Span Management Academy in the segments “relation to the organization“ and “experience of perspective.“ In the said segments, the highest increase was also visible in the questions that examined the proactivity of

Within the training and development of employees, in early 2023 we launched an internal education system, Span Learning Hub as a response to the needs of the management and employees for more education that would develop skills useful in their daily work. Training covers topics from business areas and the development of the so-called soft skills. Thus, during 2023, we conducted educations in security awareness, leading m e e t i n g s , t i m e m a n a g e m e n t , p r o j e c t m a n a g e m e n t , a s s e r t i v e c o m m u n i c a t i o n a n d f e e d b a c k , divisions overview, training for understanding and accepting differences, and by the end of the year, we recognized a need for another topic, mentoring in onboarding, and implemented it. The feedback of the attendees and managers is exceptionally positive so we are continuing with the same topics in 2024, while monitoring the needs of our employees and organization with the purpose of expanding the topics we cover. In the first year of the program, 75% of the total number of employees of Span attended the t r a i n i n g.

Career development and advancement

One of our strategic goals in 2023 was the improvement of technological and leadership capacities in Span, so we elaborated new career paths and positions. In cooperation with managers, responsibilities and roles were defined and solid foundations for the future development of our employees were laid.

29 h t t p s : / / e c .e u r o p a .e u / e u r o s t a t / s t a t i s t i c s - e x p l a i n e d / i n d e x .p h p ? t i t l e = I C T _ s p e c i a l i s t s _ i n _ e m p l o y m e n t # I C T _ s p e c i a l i s t s _ b y _ s e x

22 % 35 % 34 % 64 % 65 % 66 % 78 %

SPAN ANNUAL REPORT 2023 106

SPAN ANNUAL REPORT 2023 107

B y u s i n g t h i s a p p r o a c h , w e w a n t e d t o s t r e n g t h e n t h e i n t e r n a l c o h e s i o n a n d e f f i c i e n c y of the teams, be more transparent and provide perspective and clearer guidance for the advancement of employees that would positively influence their satisfaction and retention, and reinforce the foundations for the long-term success of the organization. What we would like to especially point out is the share of women in managerial positions. Thus, 33.33% of managerial positions in Span are performed by women, which is an increase by 3.33% compared to 2022. In accordance with the provisions of the Corporate Governance Code of the Zagreb Stock Exchange, guidelines of the Croatian Financial Services Supervisory Agency and EU directives on representation of women in management boards, in 2023, we added three new female members to the Supervisory Board. One of them was selected by election as a representative of employees, whereas the others were nominated formally. The development of technological capacities certainly implies a high percentage of certified employees. In 2023, the share of certified employees of Span d.d. was 70%. Compared to 2022, another 52 people were certified and 321 more certificates were passed.

Year Number of certified employees Number of acquired certificates
2021 341 2349
2022 397 2475
2023 449 2796

E m p l o y e e s t r u c t u r e o f S p a n G r o u p a c c o r d i n g t o t h e d e g r e e o f e d u c a t i o n

High School Bachelor’s Degree Master’s Degree Doctorate
47.63% 27.05% 25.20% 0.12%

3.2.3. Retention of employees – engagement, remuneration and retention

Well-being, health and life balance

Taking into account the specifics of our job, in which life balance issues are decisive, in Span we are continuously working on creating a working experience that ensures a good work- l i f e b a l a n c e , w h i c h i s k e y i n e n s u r i n g p e r s o n a l w e l l - b e i n g a n d s a t i s f a c t i o n. For that reason, last spring, in cooperation with the Croatian Institute of Public Health, we started the process of certification and acquisition of the right to display the title “ Health- Friendly Company.“ More than 15 such initiatives were conducted within our LifeSpan program in 2023, where we explored various topics – from healthy diet to the importance of movement and physical exercise at the workplace, to workshops with parents and the importance of mental health. On Women's Day, an educational lecture for women on the importance of self- examination and prevention of breast cancer was organized, whereas in November, we conducted a similar initiative for men, focusing on their health. This year again Span took part in the largest business race, B2Run, and our most recognizable initiative, Fit Happens, saw more than 250 employees of Span Group summing up steps and taking part in raising awareness and encouraging healthy habits.

With the aforementioned, we showed that we really are a company that continuously invests in the health and well-being of its employees, and we acquired our official recognition and certificate in early June. Span is now officially a “Health-Friendly Company,” and new numerous initiatives are ahead of us.

33.33%

SPAN ANNUAL REPORT 2023 108

SPAN ANNUAL REPORT 2023 109

3.3. Improvement of internal business procedures

Implementation of SAP Success Factors

To be able to successfully continue to support the future development of the organization, in late 2023, we successfully introduced SAP SuccessFactors, a sophisticated cloud-based solution for HRM 30. The goal of the transition to this system was to improve our existing information system of human resource management and adjust ourselves to the best practice, with a special focus on the greater centralization of data and enhanced protection of employees' personal data. In the first phase of the implementation, we focused on the Employee Central m o d u l e, o f f e r i n g a c o m p r e h e n s i v e s o l u t i o n f o r b a s i c H R f u n c t i o n s. W e p l a n t o c o n t i n u e t h i s t r a n s f o r m a t i o n b y i m p l e m e n t i n g a m o d u l e f o r m o n i t o r i n g a n d m a n a g i n g e m p l o y e e s ' performance (Performance & Goals), and creating, monitoring and managing training and development of employees (Learning Management System). The implementation of the said modules not only reflects our commitment to improving HR processes, but contributes to creating an ever more agile and effective working environment in the long run.

Successful onboarding

One of the key steps in onboarding optimization is the implementation of the so-called Onboarding Success tool. This tool was conceived as a questionnaire by which superiors evaluate four key areas of employment of new employees, encompassing orientation a n d e d u c a t i o n, i n t e g r a t i o n a n d c o o p e r a t i o n, d e v e l o p m e n t o f s k i l l s a n d i n d e p e n d e n c e a n d performance.The implementation of this tool enables us to systematically measure and improve the effectiveness of the process of onboarding of new employees, and leads to a faster achievement of full work performance and reduction of the time required for their integration into the team. Additionally, we recognized the importance of preparing new leaders and managers and implemented a specific onboarding program for them as well. The goal of this program is to ensure that new leaders fully understand the key aspects of their role, including processes such as employment, Performance Evaluation interviews, system of compensations and benefits and other key elements pertaining to their new function.

Safe working environment
The foundations for protection against discrimination and protection of dignity of our employees have been incorporated in Span's key internal documents – Rules of Procedure, the Whistleblower Protection Procedure and Code of Business Conduct. To adjust internal documents and processes with the latest amendments to the Labor Act and to improve and additionally emphasize the importance of a safe working environment, we decided to adopt a specialized Rulebook on procedures and measures for the protection of employees' dignity. One big novelty introduced with this Rulebook was the appointment of new Commissioners for the protection of employees' dignity. To ensure equal, secure and unbiased environment for the employees, we decided to entrust the role of the commissioners to external law professionals, i.e. to a third, neutral party. Our goal is to continue to promote equality, respect and understanding of employees by making these changes, and ensure a zero tolerance to any kind of discrimination, harassment and abuse at the workplace. This important step clearly shows the intention of the company to continue to positively influence the society by planning the development of specialized policies that encourage diversity, inclusivity and equality of opportunities.

3.4. Encouraging positive changes – results of the organizational climate survey

An employee satisfaction and organizational climate survey is a tool we use in order to gather information about the satisfaction of employees concerning their conditions, leadership, and working environment. We regularly collect this information, leading us to create a better and more comfortable working environment, better conditions and everything our employees need to be more satisfied and happier in Span. The climate survey conducted this year showed the most significant increase of satisfaction in the aspects of management, image and organizational climate. The increase of satisfaction in the aspects concerning the organization and management is the confirmation of our employees’ trust in Span and people leading it. Furthermore, positive shifts compared to last year were visible concerning the issue of leaves and work-life balance. This growth made us especially happy because it shows that the effort and investment in benefits and initiatives undertaken to positively influence our employees' health and well-being really paid off. Finally, we would like to refer to the results of the survey in the area of employee proactivity. Proactivity is one of the key characteristics of success of both individuals and organizations. In this area, our survey results this year recorded one of the largest increases. Proactivity has a positive influence on innovation, efficiency and satisfaction of clients, it strengthens team work and organizational adaptability, which is crucial for our long-term success and competitiveness in the market.

Retention of employees in the strategic focus
Retention of expert employees and a stable turnover rate was and remained one of the key strategic HR goals in 2023.

30 Human Resourse M a n a g e m e n t S P A N A N N U A L R E P O R T 2 0 2 3 1 1 0

Despite the dynamic environment marked with significant economic, social and geopolitical changes, we have recorded the lowest turnover rate for the second year in a row, both at the level of Span (7.83%), and at the level of the Group (8.15%).

Employee turnover rate of the Span Group

Year Span (%) Group (%)
2018 15.84% -
2019 14.89% -
2020 13.04% -
2021 11.90% -
2022 10.47% -
2023 7.83% 8.15%

4. Sustainability in Span

3.5. Brand and Communications

A New Brand and Communications department was established in the first quarter of 2023 to enable the unification of all Span’s teams dealing with communications and to create a central place that takes care of the Span brand and its development. Within the department, there are marketing communications, public relations, internal communications and digital production, which report to the Member of the Management Board responsible for Marketing and Sales concerning their plans, tasks and results. The scope of the responsibility of the department includes taking care of the Span brand and its reputation, the creation and implementation of a series of activities in the area of external and internal communications and taking care of Span’s promotional activities. A digital production team also works within the department, serving as support for all communications activities in the form of producing graphic, photograph and video materials. The department also takes care of the continuous implementation of two major projects – Span TV, internal television broadcast once a month, and Span optic, a podcast intended for the public, released through YouTube channel. Given the intensive expansion of the company in the past years, during 2023 we started a project of revising Span’s brand strategy. Our goal is to determine what Span is today and define the strategic guidelines for the future. The project includes research of Span within all the target groups (employees, customers, investors), and according to the results of that research, we will define new brand values, personality, promise and brand essence.

S P A N A N N U A L R E P O R T 2 0 2 3 1 1 2
S P A N A N N U A L R E P O R T 2 0 2 3 1 1 3

4.1. Corporate Social Responsibility

During 2023 as well, Span tried to contribute to corporate social responsibility through numerous cooperations, projects and activities. We continued to organize now traditional voluntary blood donation in cooperation with the Croatian Institute for Transfusion Medicine, in which as many as 82 Span employees took part. For the first time, we organized a voluntary blood sampling action for blood typing and informing the donors in cooperation with Ana Rukavina Foundation. During 2023, our employees held three donor actions, two traditional ones for the needs of the Mali Zmaj association and one for the needs of the Pediatric Clinic KBC Zagreb. With all the above, in 2023, we supported as many as 37 different civil society organizations, initiatives and projects through Span's socially responsible program focused on children and youth, STEM areas, sports without institutional and organized funding, and green initiatives. In addition to taking care of gender equality and equal opportunities, we continued to support the Softball Club Span, which achieved enviable results in 2023. The club has been accomplishing good results since its establishment, it is an active member of the Zagreb and Croatian softball association and is consistently at the top of the domestic and European softball scene. This year, they triumphed at the Croatian Championship, Croatian Cup and the Zagreb Championship.

We also supported the campaign “Kindle equality,“ aimed at spreading awareness of the importance of combating gender biases, and a part of the project “Equality IN – Stereotypes OUT,“ intended to contribute to equality among male and female students.

Aware of the importance of integrating criteria for sustainability into operations, and additionally encouraged by new directives and regulations on reporting, in 2023, we drafted the first Sustainability Strategy. With this, we laid the foundations for the future assessment of risks arising from the issues of sustainability and adaptation of business processes, taking into account the environmental and social processes.

4.2. Sustainability Report for 2022

When we started working on our first Sustainability Report last year, numerous perspectives of the world in which we operate today opened to us. Those were not only challenges and risks global trends pose to us, but also opportunities to be more responsible in our work, and to develop our operation using just the opportunities this challenging world is offering us.

During 2023, we continued with the education initiative ESGym, used to introduce sustainability topics to Span’s employees through various formats. This time, we introduced basic sustainability topics and notions, their differences and importance for the future of operation and the company as a whole through a series of short videos. Our Sustainability Report for 2022, entitled “Securing sustainability: Protecting our digital and environmental future,“ contains the assessment of the influence of the organization on the economy, society and the environment. Along with internal assessments, the results of the research implemented among 270 relevant stakeholders were also the basis for this report. Accordingly, topics and influences we report about were defined.# SPAN ANNUAL REPORT 2023

SECURING SUSTAINABILITY: PROTECTING OUR DIGITAL AND ENVIRONMENTAL FUTURE 2022 Sustainability Report

Following the idea that influences arising from the fundamental operation are most significant, influences in the area of cyber security, privacy and data protection, provision of reliable solutions for customers, and creating relations of trust with customers are the most important ones for Span. In the area of cyber security, we undertook a series of activities in order to deliver quality solutions for defense against cyber threats and raise the awareness about this topic in the public. Therefore, 2022 was marked with the establishment of Span Cyber Security Center and development of advanced solutions for customers in this segment.

Areas of positive influence on employees, providing opportunities for advancement and cherishing the culture of respect and diversity turned out to be exceptionally important. Moreover, we report about responsibility in our own operations, emphasizing the issues of risk management, ethical operation, financial sustainability, responsibility in work with suppliers, taking care of our own environmental footprint, and social engagement. We place great focus on gender balance as well. In that segment, one of the goals is increasing the share of women in IT positions.

In corporate volunteering programs feel comfortable, that their rights are respected and their health and security are protected. We also took part in the 6th National Conference on Employee Volunteering organized by the Volunteers' Center Zagreb under the title “Contribution to the community through socially responsible business.” The conference also presented an initiative to sign the Charter of Employee Volunteering, which applies to all private and public organizations and is intended to encourage the introduction of a more systematic approach to volunteering by defining volunteering rules, creating a suitable environment for volunteering, and adopting volunteering standards. Span was also one of the signatories of the Charter in 2023.

4.3. Corporate volunteering in Span

Span has taken numerous steps in the past several years so that we can elevate our corporate volunteering on an even more advanced, effective and organized level. The steps we made include the development and implementation of two types of corporate volunteering – volunteering based on skills and volunteering actions. Two cooperations we had with the Hrabri telefon association in 2022 and Nismo sami association in 2023, in the form of volunteering based on skills, laid the foundations for all future projects and cooperation of that kind. Using our expertise, know-how and technology at our disposal, we improve the work of associations and contribute to the development of the civil society in Croatia.

Together with these two projects, we also realized two volunteering actions; in cooperation with the Project O2 in March, we engaged in afforestation, and in December, in cooperation with the Volunteers' Center Zagreb and the Medveščak Home for the Elderly, we arranged the joint areas of the home. As many as 67 Span employees participated in 632 voluntary hours of voluntary activities. As our voluntary initiatives began to grow in number, the need arose to make them more official. Therefore, in October, we adopted the official Policy on Corporate Volunteering in Span. This Policy now more clearly defines what corporate volunteering is and what it entails, so that all employees involved.

For the end of the year, the recognition for all our effort and investment in the development of corporate volunteering came in the form of the Volunteering Oscar in the organization of the Volunteers' Center Zagreb, which Span won in the category of companies. This Volunteering Oscar is sort of a crown for our endeavors, an affirmation that we are moving in the right direction and a new encouragement to continue returning to the community in an even more ambitious and organized manner through numerous similar actions.

4.4. Memberships in UN Global Compact and HRPSOR

In 2023, Span became a part of the UN Global Compact, the world's largest initiative for sustainable development and corporate sustainability, and a member of the Croatian Business Council for Sustainable Development (HRPSOR). The inclusion of Span in the initiatives and organizations that actively promote and encourage the business sector towards accomplishing the goals of the sustainable development and achieving corporate sustainability is essential because it gives us an opportunity to contribute as a company to raising the awareness about sustainable development and encourages us to continue making improvements in this regard. The inclusion in the membership of the Croatian Business Council for Sustainable Development opened the opportunity for us to take part in the training program “Workplace Inclusion Champion“ (WIC), held from March to September for representatives of Croatian companies. Four female employees of Span participated in the educational program, which was co-created with organizations in Slovenia and Romania with the support of the European Commission. The goal of the program is enhancing companies in the area of inclusion, equality and diversity.

Policy on Diversity and Inclusion

In addition to acquiring new knowledge and raising the capacity of Span in topics related to inclusion, equality and diversity, the aforementioned WIC program enabled us to draft the Policy on Diversity and Inclusion under the mentorship of Darija Mateljak, a partner and Director in the consultancy company Hauska & Partner. For the purpose of drafting the Policy, we launched the SpanVoices program dedicated to the topics of equality, diversity and inclusion, or simply said – what it means to be yourself in Span! In order to conduct an analysis of the existing situation and needs, we carried out the Span Speaks Out survey in order to learn what Span employees think about it. All obtained data was used as the foundation for the creation of the Policy on Diversity and Inclusion and the related Action Plan.

4.5. RTL helps children

Span’s cooperation with the charity association "RTL helps children" (RTL pomaže djeci) has now developed into a long-standing tradition. So, in 2023, we implemented two projects together. The first project included Ludbreško sunce, an association for individuals with mental challenges, which has been active for almost thirty years. One of its main goals is to improve the quality of life for people with developmental difficulties while also providing assistance to their families. What initially began as informal socializing back in 1996 when the association was founded has evolved into a day center where they now serve three meals a day to over a hundred users. Thanks to the support of “RTL pomaže djeci" and Span, the association has acquired a new professional kitchen for its day center. In addition to providing daily and half-day stay, the association regularly operates through an active office of a speech therapist and a defectologist, a small school for children with developmental difficulties, supported living arrangements, and numerous other activities. The second project was directed at the Day Rehabilitation Center Veruda – Pula, which has been doing big things for little patients with motor disabilities since 2000. As part of the “Window to the World” project, we ensured the Quha ZONO instrument, which scans changes in the position of the head or the airflow from the nostrils or mouth and turns them into precise commands on the screen of the communicator, serving to control the environment and the computer / communicator. The project aims to provide support to children with severe motor difficulties so that they can communicate, read, write and control the environment with the help of the instrument. A large number of little beneficiaries of the Center Veruda – Pula are aware of their surroundings and understand everything, but they cannot adequately express themselves, and this is where assistive technology comes into play. As many as 60 users of the Center will benefit directly from this device.

4.6. Green Span

Calculation of the carbon footprint of Span d.d., continuation of cooperation with Humana Nova We performed our activities in the area of sustainable operations through the calculation of emissions of greenhouse gasses for Span d.d. and the related offices in Zagreb, Osijek and Rijeka. The calculation was made for Scope 1 and Scope 2, and a related strategy and action plan for reducing Span’s emissions were created. Furthermore, we continued our cooperation with the Humana Nova Social Cooperative, with which we carry out the collection of textile waste during the whole year.

5.# Processes and technology

5.1. ISO standards

We started 2023 with six certified management systems compliant with the ISO standards:
* ISO 9001 – Quality management system (QMS)
* ISO/IEC 27001 – Information security management system (ISMS)
* ISO/IEC 20000 – Service management system (SMS)
* ISO 14001 – Environmental management system (EMS)
* ISO 50001 – Energy management system (EnMS)
* ISO 37001 – Anti-bribery management system (ABMS)

In January 2023, we successfully completed a control audit for our anti-bribery management system according to ISO 37001. At the beginning of March, we successfully performed external re-certification audits for ISO 9001 (Quality management system) and ISO/ IEC 27001 (Information security management system). In March, we additionally certified the new business continuity system according to ISO 22301 , which is a very important progress in supporting our key business processes. We continue to maintain the existing management systems and implement new ones. We finished the year with seven certificates :

  • ISO 9001 (Quality management): Maintaining the strong system of quality management since 2006, we continue to support and improve our dedication to providing exceptional products/services, ensuring satisfaction of customers and continuous improvement.
  • ISO 27001 (Information security management): Since 2011, our practice of information security management has developed, complying with the latest standards so that we can secure integrity, reliability and availability of data. This experience will help us adjust to the NIS2 initiative in the following years, and we are developing competencies for assisting our customers in the adjustment.
  • ISO 20000 (Service management system): With the certificate obtained in 2012, our service management practice has consistently met the international standards, ensuring the effective delivery of services.
  • ISO 14001 (Environmental management) and ISO 50001 (Energy management): Obtained in 2021, these certifications emphasize our commitment to environmentally sustainable practice and energy effectiveness, contributing to a greener future.
  • ISO 37001 (Anti-bribery management): Implemented in 2022, this certification strengthens our dedication to operations in an ethical and transparent manner, preventing bribery and corruption. In line with ISO 14001 and ISO 50001, this system significantly helps us comply with the ESG initiative, one of a few strong regulatory guidelines in the next few years.
  • ISO 22301 (Business continuity management): We successfully implemented and certified this system in early 2023. Our business continuity management system ensures resilience to disruptions, preserving key business processes and trust of the customers.

Implementation of ISO 31000 Recommendations: During 2022 and 2023, Span d.d. implemented ISO 31000 Recommendations, improving our risk management practice. This integration ensures a proactive approach to recognition, assessment and mitigation of risks in all business functions.

By adopting these systems, we have enabled:
* Risk and opportunity management.
* Improving the quality of our products/services.
* Better organization of internal processes.
* Adequate protection of information in accordance with their sensitivity.
* Managing the environmental impact and energy efficiency.
* Compliance with best global practice.
* Independent proof of the strategic focus on the structure of our processes.

As we are always strongly committed to excellence, the proactive maintenance of our management systems reflects our orientation to continuous improvement, ensuring the highest standards of quality, security, responsibility to the environment and total operational resilience.

5.2. Partnerships

In 2023, Span realized all six Solutions Partner for Microsoft Cloud platform statuses , which prove our deep professional ability in the delivery of technology scenarios for all Microsoft cloud areas. Span is specifically distinguished as a Microsoft Security Solution Partner, with all four advanced specializations in the area of security in cloud.

Microsoft recognized Span as a valuable partner in the market of Central and East Europe and granted it two awards Partner of the Year for 2023, for Croatia and Ukraine . This was the first time Span received two awards in one year. Microsoft award Partner of the Year is bestowed to companies that successfully conceived, developed and implemented solutions using Microsoft technologies. The award is granted in several categories, and the winners are selected among more than 4,200 nominated companies, from more than 100 countries worldwide. Span was awarded for the provision of superior services and solutions in Croatia and Ukraine.

We continually develop our competencies in the MPN (Microsoft Partner Network) ecosystem of independent suppliers of software and service providers, integrating our solutions and portfolio of services with Microsoft, while focusing on artificial intelligence and cyber security technologies.

TD Synnex awarded Span with recognition for excellent sales results in the security sector within the “Solution Days 2023 – Highway to cloud” event. The recognition is a proof of Span's focus on solutions in the cyber security segment.

In London, at the conference of Saviynt partners and customers, Span was awarded for the “Fastest transaction in 2022 ”. This award is proof that Span is oriented to providing assistance to customers in implementing solutions in the area of identity management with Saviynt tools.

Our comprehensive list of competencies is a result of continuous improvement, research and practical experience.

Our work is guided by the principles and standards mentioned in the Code of Business Conduct , which we adhere to in all our interactions with customers, partners, employees and the wider public. We have achieved our position on the market based on solid professional and ethical foundations, and are resolved to make all future business decisions in accordance with all legal requirements and moral principles. We, therefore, expect all our employees and partners to commit to honest business practices and behavior in accordance with our core values.

We are growing according to all business parameters year after year. Span Group is currently employing over 850 people and constantly increasing the number of its employees. More than 400 of our employees have been awarded one or more professional certificates. Thus, the Code of Business Conduct is an expression of Span values that reflects the principles and policies that govern our business, and provides concrete guidelines for employee and partner behavior. We believe that strong corporate governance requires transparency and trust of all stakeholders. Therefore, our governance principles, in addition to compliance with rules and regulations, emphasize the need for socially responsible business conduct and the application of our core values in relationships with partners, employees, and customers. Our Code applies to Span and all its affiliated companies (Span Group), all our employees and business partners, including users, suppliers, consultants, external associates, shareholders and other business partners appropriately associated with Span in accordance with local legal requirements and regulations.

5.3. Code of Business Conduct

Span is one of the leading Croatian IT companies. We have devoted 30 years to software development, and service and system integration.

We have all six solution areas status for EU/EFTA/Ukraine/ Azerbaijan + BS and CIS Google Cloud Partner Select Consulting Partner Certified Microsoft Cloud Services Provider Certified Gold Partner Dynatrace Master Partner for six solution areas status for EU/EFTA/Ukraine/Azerbaijan + BS and CIS Google Cloud Partner Select Consulting Partner Certified Microsoft Cloud Services Provider Certified Gold Partner Dynatrace Master Partner

6. Statements on responsibility for compiling the report for the observed period

The financial statements of Span d.d. and Span Group for the period that ended on 31 December 2023, are shown to be fair and truthful in accordance with International Financial Reporting Standards which have been consistently applied in relation to the previous years. All materially significant transactions were accordingly recorded in the accounting records, which were the basis of the financial statements. They provide a true and complete overview of the assets and liabilities, the financial position and operations of Span d.d. and Span Group.

Nikola Dujmović
President of the Management Board, Span d.d.

7. Audited Financial Statements of Span Group and Span d.d.

More from Span d.d.

Transaction in Own Shares 2026
May 22
Transaction in Own Shares 2026
May 22
Transaction in Own Shares 2026
May 19
Transaction in Own Shares 2026
May 19
Transaction in Own Shares 2026
May 15
Transaction in Own Shares 2026
May 15
Transaction in Own Shares 2026
May 14
Transaction in Own Shares 2026
May 14
Transaction in Own Shares 2026
May 12
Transaction in Own Shares 2026
May 12
View all filings →