For secunet effective corporate governance is one of the main prerequisites for achieving corporate objectives and increasing corporate value.

Corporate governance spans a company’s entire system for management and monitoring including its organisation, business policy principles and guidelines as well as internal and external control and monitoring mechanisms. Outstanding and transparent corporate governance ensures responsible management and control of a company in alignment with the creation of value. It promotes trust in secunet on the part of investors, financial markets, business partners and staff as well as the general public.

Declaration on Corporate Management pursuant to § 289f and §315d of the German Commercial Code (HGB)

An effective and transparent organisation, as well as responsible and reliable corporate governance is very important at secunet Security Networks AG. The Company’s Management Board and Supervisory Board firmly believe that good corporate governance is key to the continued success of the Company on the market.

The term Corporate Governance describes the regulatory framework for the management and supervision of companies. In a general sense, this framework must be designed in such a way that the Management Board and Supervisory Board work to ensure that the company continues to exist and creates value sustainably. Recommendations and proposals for how this requirement can be implemented in the management and supervision of companies are summarised in the German Corporate Governance Code (Deutscher Corporate Governance Kodex, DCGK). The Code serves the purpose of increasing trust in companies listed on the German stock exchange.

The Management Board and Supervisory Board of secunet Security Networks AG therefore regularly check the implementation of the German Corporate Governance Code at secunet Security Networks AG. In the 2019 financial year, the Management Board and Supervisory Board of secunet Security Networks AG once again carefully deliberated on the recommendations and proposals of the German Corporate Governance Code, in the version applicable in the 2019 financial year, as amended on 7 February 2017. The Declaration of Conformity set out below regarding the German Corporate Governance Code was agreed on the basis of these deliberations. This declaration is permanently available on our website and constantly updated to reflect any amendments.

In accordance with Item 3.10 of the German Corporate Governance Code in the version applicable in the 2019 financial year and with Section 289f of the German Commercial Code (Handelsgesetzbuch, HGB), the Management Board and Supervisory Board give the following report:

Management and supervisory structure

secunet Security Networks AG is subject to German stock corporation law. As a German public limited company, it has a dual management and supervisory structure consisting of a Management Board and a Supervisory Board. The Management Board consisted initially of three members in the 2019 financial year and then of four members with effect from 1 June 2019. The Supervisory Board is made up of six members. The Management Board and Supervisory Board work together closely and on the basis of mutual trust in their management and supervision of the Company.

Supervisory Board

The Supervisory Board performs the tasks assigned to it by law and by the Company’s Articles of Association. It supervises and advises the Management Board with regard to the management of the Company. At regular intervals, the Supervisory Board discusses business performance and planning, as well as the strategy and its implementation. It discusses the half-year financial reports and quarterly updates with the Management Board before their publication, and approves the Annual Financial Statements of secunet Security Networks AG and the Group, taking into consideration the audit reports prepared by the auditors and its own examination. The Supervisory Board monitors the accounting process, the effectiveness of the internal control system, risk management and internal audit, as well as the auditing of the financial statements. Its tasks and responsibilities also include appointing members to the Management Board. Management Board decisions of fundamental importance, such as major acquisitions, disposals and financial measures, require the consent of the Supervisory Board. An extraordinary meeting of the Supervisory Board is convened as and when necessary should significant events arise. The Supervisory Board has drawn up rules of procedure for its work. Its Chairman coordinates the work carried out within the Supervisory Board, chairs its meetings and represents its interests externally. The Supervisory Board strives to continually improve the efficiency of its activities. In the 2019 financial year, the review of the Supervisory Board’s efficiency was again included as a separate item on the agenda for the meetings of the Supervisory Board.

In accordance with the Articles of Association, the Supervisory Board of secunet Security Networks AG comprises six members. Until the end of the 2019 Annual General Meeting, the Supervisory Board consisted solely of shareholder representatives. Since it became foreseeable in the 2018 financial year that secunet security Networks AG would now generally have more than 500 but not more than 2,000 employees and thus be subject to the One-Third Participation Act pertaining to employees on the Supervisory Board (Drittelbeteiligungsgesetz – DrittelbG), one third of the Supervisory Board must now consist of employee representatives. The Management Board of the Company instigated the change in the composition of the Supervisory Board by initiating status proceedings in October 2018 and the procedure for election of employee representatives to the Supervisory Board in December 2018. The latter procedure was concluded on 13 March 2019 with the election of two employee representatives, Ms Gesa-Maria Rustemeyer and Mr Jörg Marx. At the 2019 Annual General Meeting, Mr Ralf Wintergerst, Dr Peter Zattler, Professor Dr Günter Schäfer and Dr Elmar Legge were elected to the Supervisory Board as the four shareholder representatives.

The knowledge, skills and professional experience required to fulfil the remit are taken into account when drawing up the nominations for election to the Supervisory Board. In addition, the Supervisory Board has defined specific targets for its composition in accordance with Item 5.4.1 of the German Corporate Governance Code in the version applicable in the 2019 financial year, and has drawn up a skills profile for the entire Board. The purpose of the skills profile is to ensure that the members of the Supervisory Board possess all the knowledge and experience considered essential in light of the activities of secunet Group. Furthermore, an age limit of 70 years is planned for members of the Supervisory Board.

Taking into account the Company’s specific situation, the Supervisory Board strives to achieve diversity among candidates with the requisite professional and personal qualifications when its members are elected. The Supervisory Board therefore looks for international experience, independence and an appropriate degree of female representation among suitable candidates. In accordance with the recommendation in Item 5.4.1 of the German Corporate Governance Code in the version applicable in the 2019 financial year, at least one seat on the full Supervisory Board was reserved for a female member in the Supervisory Board elections held in 2019 in connection with the reconstitution of the Supervisory Board as a result of the One-Third Participation Act coming into effect.

One or more Supervisory Board members should also have many years of special experience abroad, acquired as a result of working abroad or due to a foreign country of origin. In addition, the Supervisory Board should include what it considers an appropriate number of independent members within the meaning of Item 5.4.2 of the German Corporate Governance Code in the version applicable in the 2019 financial year. Furthermore, on the basis of the resolutions passed by the Supervisory Board, the latter should include one independent member within the meaning of Item 5.4.2 of the German Corporate Governance Code in the version applicable in the 2019 financial year. In the opinion of the Supervisory Board, this requirement is currently met by the member Dr Elmar Legge. Until the Supervisory Board was reconstituted in May 2019, the Supervisory Board had another member, Mr Wolf-Rüdiger Moritz, who, in the Supervisory Board’s assessment, was independent within the meaning of Item 5.4.2 of the German Corporate Governance Code in the version applicable in the 2019 financial year. At least one member of the Supervisory Board should possess many years of international experience.

At its meeting on 4 May 2017, the Supervisory Board resolved the aforementioned objectives for its composition for the period until 30 June 2022 and took them into account in its election proposals to the 2019 Annual General Meeting.

The composition of the Supervisory Board complied with the specifications of the skills profile both before and after the Supervisory Board elections in 2019. The Supervisory Board members possessed and possess the professional and personal qualifications deemed necessary. They were and are all familiar with the sector in which the Company is active and had and have the essential knowledge, skills and experience for the Company.

The Supervisory Board does not have any committees. In the opinion of the Supervisory Board, this is not in fact necessary, as the Supervisory Board comprises only six members. Given a board of this size, efficient operation of the Supervisory Board can be guaranteed without the formation of committees.

Management Board

The Management Board, as the body responsible for managing the Company, conducts the Company’s business under its own responsibility and in the Company’s interests. Its aim is to increase the enterprise value on a sustainable basis. In particular, it determines the principles of the Company’s policy and is also responsible for developing the Company’s strategy, for planning and setting the Company’s budget, for allocating resources, and for controlling and managing the Company’s corporate and business divisions. Specific measures described in the Management Board’s rules of procedure require the approval of the Supervisory Board. The Management Board is responsible for preparing the Company’s quarterly updates, the Company’s half-year financial reports, the Annual Financial Statements of secunet Security Networks AG, and the Consolidated Financial Statements.

The Management Board works closely with the Supervisory Board. It informs the Supervisory Board regularly, comprehensively and without delay – by means of written and verbal reports – of all issues important to the Company as a whole with regard to strategy and strategy implementation, planning, business performance, the financial and earnings situation, and entrepreneurial risks. The Supervisory Board is involved without delay in all decisions fundamental to the Company.

Targets for the appointment of women

The Supervisory Board has implemented the requirements of the legislation that came into force on 1 May 2015 regarding the equal participation of women and men in management positions.

At its meeting on 4 May 2017, the Supervisory Board established a target of 17 percent for the Supervisory Board, relating to the implementation period from 1 July 2017 to 30 June 2022, which corresponds to the goal of electing one woman to the Supervisory Board. The Supervisory Board took this target into account in its election proposals to the Annual General Meeting in May 2019.

At the same meeting on 4 May 2017, the Supervisory Board also maintained the previously determined target of zero percent for the Management Board relating to the implementation period up to 31 May 2019, because no expansion of the Management Board in this period was intended at the time of the decision. Against the background of the expansion of the Management Board implemented as of 1 January 2018 through the appointment of Mr Axel Deininger, the Supervisory Board again addressed the targets for composition of the Management Board at its meeting on 27 March 2019, in particular the targets for the participation of women, and decided to retain the target of zero percent with regard to the proportion of women on the Management Board for the implementation period up to 31 May 2019 and beyond that up to 31 May 2020. This is essentially due to the fact that the search for suitable female candidates remains challenging in the current market environment and in secunet Security Networks AG’s areas of business, and therefore a higher target cannot at present be regarded as realistic from the point of view of the Supervisory Board. Mr Torsten Henn and Dr Kai Martius were appointed to the Management Board with effect from 1 June 2019.

With regard to the two management levels below the Management Board, the Management Board set the following targets for the period from 1 July 2017 to 30 June 2022: zero percent for the first level and eleven percent for the second level. In view of the small size of the Company, the limited number of management positions and the associated low level of fluctuation, the Management Board is of the opinion that more ambitious targets would currently not be realistic. However, the Management Board reiterates its intention to move towards a higher proportion of management positions being held by women to the greatest extent possible.

In the 2019 financial year, the proportion of women at the second management level below the Management Board was 8 percent (previous year: 10.5 percent).

Responsible risk management

Good corporate governance also means that the Company must take a responsible approach to risk. Systematic risk management as part of our value-oriented Group management ensures that risks are identified and evaluated at an early stage, and that risk positions are optimised. The Management Board reports regularly to the Supervisory Board on the current development of key risks. Details of risk management at secunet Security Networks AG can be found in the combined Management Report. It also contains the report on the key characteristics of the internal control and risk management system relating to accounting.

Transparent corporate governance

Transparency in corporate governance is very important to the Management Board and Supervisory Board of secunet Security Networks AG. Shareholders, all participants in the capital market, financial analysts, shareholder associations and the media are provided with comprehensive, regular and up-to-date information regarding the Company’s position and key changes to the Company’s business.

secunet Security Networks AG reports to its shareholders four times a year on business performance and on the financial and earnings situation, and makes all reports and information permanently available to shareholders on the Company’s website at www.secunet.com. The dates for regular financial reporting are listed in the financial calendar. If any circumstances arise at secunet Security Networks AG that might significantly influence the stock market price of secunet Security Networks AG, these are disclosed in ad hoc announcements in accordance with the legal requirements. The financial calendar and ad hoc announcements are available to view on the website of secunet Security Networks AG under >> The Company >> Investor Relations >> Financial News and Reports.

Shareholders and Annual General Meeting

The shareholders of secunet Security Networks AG may exercise their rights, including voting rights, at the Annual General Meeting. Shareholders can exercise their voting rights at the Annual General Meeting themselves or choose an agent or Company proxy bound by their instructions to exercise the voting rights. The Annual General Meeting takes place in the first eight months of the financial year. The Chairman of the Supervisory Board normally chairs the Annual General Meeting. Ahead of the Annual General Meeting, shareholders receive comprehensive information about the past financial year and about the individual items on the agenda of the upcoming meeting by way of the Annual Report and invitation to the meeting. All relevant documents and information on the Annual General Meeting, together with the Annual Report, are also available on our website.

In accordance with the provisions of law, the auditors are appointed by the Annual General Meeting. At the Annual General Meeting on 15 May 2019, the Düsseldorf branch of the auditing firm KPMG AG Wirtschaftsprüfungsgesellschaft was appointed as auditors for secunet Security Networks AG and Group auditors for secunet Group for the 2019 financial year, and was therefore selected to perform an audit review of the Condensed Financial Statements and the Interim Management Report of secunet Security Networks AG and secunet Group as at 30 June 2019.

Shareholders are notified of important dates by means of a financial calendar published in the Annual Report, in the quarterly updates and on the Company’s website.

Further detailed information about secunet Security Networks AG is available on our website at www.secunet.com.

Corporate governance guidelines

The Articles of Association of secunet Security Networks AG form the basis of our Company. The Company’s Articles of Association, the current Declaration of Conformity, the Declarations of Conformity for previous years and further corporate governance documents can be found online at www.secunet.com under >> The Company >> Investor Relations >> Corporate Governance.

The Management Board has introduced a Code of Conduct for the Company and its employees, summarising the business principles of secunet Security Networks AG. These principles are a crucial part of how secunet Security Networks AG sees itself, and of the expectations that it strives to meet. The Code of Conduct sets down standards of conduct for dealing with all the economic, legal and moral challenges that we face in our day-to-day business activities, and is intended to serve as a benchmark and guide when working with customers, suppliers and other business partners, as well as for our conduct towards our competitors. It also governs our conduct in financial matters and trading in secunet shares, their derivatives and other financial instruments. The Company has set up a compliance unit to handle questions arising in connection with the Code of Conduct.

In accordance with the provisions of Item 4.1.3, sentence 3 of the German Corporate Governance Code in the version applicable in the 2019 financial year, the Company has provided its employees with an opportunity to report, under protection, legal violations within the Company by means of an electronic whistleblower system. This option is also available to third parties.

Management Board and Supervisory Board remuneration

secunet Security Networks AG complies with statutory regulations and the recommendations of the German Corporate Governance Code in the version applicable in the 2019 financial year and discloses the remuneration of each individual member of the Management Board. In this Annual Report (more specifically, in the remuneration report, which forms part of the Management Report), we detail the remuneration of the members of the Management Board and Supervisory Board.

Information on stock option programmes and similar securities-based incentive systems

No stock option programmes or similar securities-based incentive systems exist for members of corporate bodies or employees of the Company.

Notification of transactions under Article 19 of the European Market Abuse Regulation (managers’ transactions)

Article 19 of the European Market Abuse Regulation (EU) No. 596 / 2014 requires members of corporate bodies (Supervisory Board / Management Board) and certain executives, as well as closely related parties, to disclose transactions in secunet shares or related financial instruments where the sum total of such transactions reaches or exceeds 20,000 euros (until 31 December 2019: 5,000 euros) within a single calendar year. Disclosures regarding managers’ transactions (directors’ dealings) are also published on our website under Investor Relations. No managers’ transactions were reported in the 2019 financial year, in which the threshold of 5,000 euros was applicable.

Accounting and auditing of the financial statements

secunet Security Networks AG prepares its Consolidated Financial Statements and Consolidated Interim Financial Statements in accordance with the International Financial Reporting Standards (IFRS) as applicable in the EU. The Annual Financial Statements of secunet Security Networks AG are prepared in accordance with German commercial law (HGB) and the German Stock Corporation Act. The Annual and Consolidated Financial Statements are compiled by the Management Board and audited by the auditors and the Supervisory Board. Quarterly updates and the half-year financial report are discussed by the Management Board and Supervisory Board prior to their publication.

secunet Security Networks AG’s Consolidated and Annual Financial Statements have been audited by KPMG AG Wirtschaftsprüfungsgesellschaft, Düsseldorf branch, the auditors appointed by the 2019 Annual General Meeting. The audits were performed in accordance with Section 317 HGB and with due consideration for the generally accepted standards for the audit of financial statements in Germany promulgated by the Institute of Public Auditors in Germany (IDW). The undersigned auditors for the Annual Financial Statements and Consolidated Financial Statements of secunet Security Networks AG are Mr Martin C Bornhofen and Dr Dominic Sommerhoff.

It was also contractually agreed with the auditors that they inform the Supervisory Board without delay of any potential grounds for exclusion or bias and of any findings or occurrences of significance to the Supervisory Board’s remit that came to light during the auditing of the financial statements.

The Condensed Consolidated Interim Financial Statements and the Interim Group Management Report as at 30 June 2019 were subjected to an audit review by KPMG AG Wirtschaftsprüfungsgesellschaft.

Declaration of Conformity under Section 161 of the German Stock Corporation Act dated 27 November 2019

The management and supervisory boards of companies listed on the German stock exchange are legally obliged, in accordance with Section 161 of the German Stock Corporation Act (Aktiengesetz, AktG), to annually declare whether the official recommendations of the Government Commission on the German Corporate Governance Code applicable at the time of making the declaration have been fulfilled and will be fulfilled. The Company is furthermore required to disclose which recommendations of the Code have not been applied or will not be applied and to explain the reasons for this. This Declaration of Conformity is printed in full below, with explanations. The Declaration of Conformity can also be found on secunet Security Networks AG’s website under >> The Company >> Investor Relations >> Corporate Governance. The Declarations of Conformity issued in the last five years are permanently available on the website.

The Company complies with, and will continue to comply with, the recommendations of the Government Commission on the German Corporate Governance Code, as amended in the version of 7 February 2017 applicable in the 2019 financial year and published by the German Ministry of Justice in the official part of the Federal Gazette on 24 April 2017, with the following exceptions:

3.8, para. 3
A similar deductible shall be agreed upon in any D&O policy for the Supervisory Board.

Explanation: The secunet Supervisory Board conducts its business with the utmost sense of responsibility. A deductible would not give rise to any additional improvement or incentive.

5.1.2, para. 2, sentence 3
An age limit for members of the Management Board shall be specified.

Explanation: secunet Security Networks AG does not stipulate an age limit for Management Board members, as the age of the particular Management Board member is not a blanket criterion for suitability to hold a position on the Management Board. An age limit would therefore generally limit the selection of suitable candidates to an unreasonable degree.

5.3.1
Depending on the specifics of the enterprise and the number of its members, the Supervisory Board shall form committees with sufficient expertise.

Explanation: The Supervisory Board of secunet Security Networks AG has no committees. In the opinion of the Supervisory Board, this is not in fact necessary, as the Supervisory Board comprises only six members. Four members are elected by the shareholders and two members by the employees (employee representatives) in accordance with the One-Third Participation Act pertaining to employees on the Supervisory Board (Drittelbeteiligungsgesetz). Given a board of this size, efficient operation of the Supervisory Board can be guaranteed without the formation of committees.

5.3.2
The Supervisory Board shall set up an Audit Committee.

Explanation: The Supervisory Board consists of six members. Four members are elected by the shareholders and two members by the employees (employee representatives) in accordance with the One-Third Participation Act pertaining to employees on the Supervisory Board (Drittelbeteiligungsgesetz). Due to the number of Supervisory Board members and the composition of the Supervisory Board, setting up a separate Audit Committee would not increase the efficiency of the work performed by the Supervisory Board with regard to accounting, risk management, compliance and the auditing of the financial statements.

5.3.3
The Supervisory Board shall form a Nomination Committee.

Explanation: The Supervisory Board of secunet Security Networks AG consists of only six members. Four members are elected by the shareholders and two members by the employees (employee representatives) in accordance with the One-Third Participation Act pertaining to employees on the Supervisory Board (Drittelbeteiligungsgesetz). Due to the number of Supervisory Board members and the composition of the Supervisory Board, setting up a separate Nomination Committee would not increase the efficiency of the work performed by the Supervisory Board with regard to the nomination of suitable candidates for the Supervisory Board’s proposals to the Annual General Meeting for the election of Supervisory Board members. An additional Nomination Committee has therefore not been set up.

5.4.1, para. 2, sentence 1
The Supervisory Board shall specify concrete objectives regarding its composition which, whilst considering the specifics of the enterprise, take into account the international activities of the enterprise, potential conflicts of interest, the number of independent Supervisory Board members within the meaning of number 5.4.2, an age limit and a regular limit to Supervisory Board members’ term of office, both to be specified, as well as diversity.

Explanation: The Supervisory Board of secunet Security Networks AG has not specified a regular limit for the term of office on the Supervisory Board. In the view of the Supervisory Board such a restriction is not necessary with regard to efficient operation of the Board, especially since the Board’s work may benefit from the experience of long-standing members.

5.4.6, para. 1, sentence 2
The status as Chair or membership of a committee shall also be taken into consideration when specifying the remuneration of Supervisory Board members.

Explanation: Since the Supervisory Board has no committees, there is currently no question of a special chairmanship and committee membership remuneration.

 

secunet Security Networks AG

Essen, 27 March 2020

- For the Management Board -              - For the Supervisory Board -

 

 

Former Corporate Governance Reports:

Declaration of conformity under section 161 AktG

The Management Board and Supervisory Board of secunet Security Networks AG hereby issue the following Declaration of Conformity regarding the recommendations of the Government Commission on the German Corporate Governance Code according to Article 161 of the German Stock Corporation Act (Aktiengesetz, AktG).

secunet Security Networks AG complies with the recommendations of the Government Commission on the German Corporate Governance Code, as amended in the version of 7 February 2017 and published by the German Ministry of Justice in the official part of the Federal Gazette on 24 April 2017, with the exceptions stated below. Furthermore, secunet Security Networks AG has complied with the recommendations subject to the exceptions below since it issued its last Declaration of Conformity in November 2018 and will continue to comply with the recommendations subject to these exceptions in future:

3.8 Para. 3 An excess should be agreed in D&O insurance for the Supervisory Board.

Explanation: The secunet Supervisory Board conducts its business with the utmost sense of responsibility. An excess would not give rise to any additional improvement or incentive.

5.1.2 Para. 2 Clause 3 An age limit should be set for Management Board members.

Explanation: secunet Security Networks AG does not stipulate an age limit for Management Board members, as the age of the particular Management Board member is not a blanket criterion for suitability to hold a position on the Management Board. An age limit would therefore generally limit the selection of suitable candidates to an unreasonable degree.

5.3.1 Depending on the specifics of the company and the number of its members, the Supervisory Board shall form professionally qualified committees.

Explanation: The Supervisory Board doesn’t have any committees. In the opinion of the Supervisory Board, this is not in fact necessary, as the Supervisory Board comprises only six members. Four members are elected by the shareholder and two members are elected by the employees (employee representatives) in accordance with the Act on the One-Third Participation of Employees in the Supervisory Board (One-Third Participation Act). In a panel of this size, efficient operation of the Supervisory Board is also guaranteed without the formation of committees.

5.3.2 The Supervisory Board should set up an Audit Committee.

Explanation: The Supervisory Board consists of six members. Four members are elected by the shareholder and two members are elected by the employees (employee representatives) in accordance with the Act on the One-Third Participation of Employees in the Supervisory Board (One-Third Participation Act). Due to the number of Supervisory Board members and the composition of the Supervisory Board, setting up a separate Audit Committee would not increase the efficiency of the work performed by the Supervisory Board in relation to accounting, risk management, compliance and the auditing of the financial statements.

5.3.3 The Supervisory Board should form a Nomination Committee.

Explanation: The Supervisory Board of secunet Security Networks AG consists of only six members. Four members are elected by the shareholders and two members are elected by the employees (employee representatives) in accordance with the Act on the One-Third Participation of Employees in the Supervisory Board (One-Third Participation Act). Due to the number of Supervisory Board members and the composition of the Supervisory Board, the establishment of a separate Nomination Committee would not increase the efficiency of the Supervisory Board’s work with regard to the nomination of suitable candidates for the Supervisory Board’s proposal to the Annual General Meeting for the election of Supervisory Board members. An additional Nomination Committee has therefore not been set up.

5.4.1 Para. 2 Clause 1 The Supervisory Board shall determine concrete objectives regarding its composition, and shall prepare a profile of skills and expertise for the entire Board. Within the company-specific situation the composition of the Supervisory Board shall reflect appropriately the international activities of the company, potential conflicts of interest, the number of independent Supervisory Board members within the meaning of number 5.4.2, an age limit and a regular limit to Supervisory Board members’ term of office, both to be specified, as well as diversity.

Explanation: The Supervisory Board of secunet Security Networks AG has not determined a regular limit for the length of membership in the Supervisory Board. In the view of the Supervisory Board such a restriction is not necessary with regard to efficient operation of the panel, especially since the panel's work can benefit from the experience of long-standing members.

5.4.6 Para. 1 Clause 2 When setting the remuneration of Supervisory Board members, committee chairmanship and committee memberships are to be taken into account.

Explanation: The Supervisory Board doesn’t have any committees; there is therefore currently no question of a special committee chairmanship and committee membership remuneration.

 

secunet Security Networks AG

Essen, 27 November 2019

- For the Management Board -          - For the Supervisory Board -

 


Former Statements:

 

German corporate governance code:

German corporate governance code

Renumeration of the Management Board and Supervisory Board

The remuneration report summarises the principles used to determine the remuneration of the Management Board of secunet AG and sets out the amount and structure of the income received by its members. It sets out the principles behind, and amount of, the remuneration received by the Supervisory Board, and also provides information on the shareholdings of Management Board and Supervisory Board members.

Remuneration of the Management Board

The Supervisory Board of secunet AG is responsible for determining the remuneration of the Management Board.

In the 2019 financial year, the remuneration package for the members of the Management Board who were active in the 2019 financial year was made up of five components: a fixed annual salary, a variable bonus, a special bonus, ancillary non-cash benefits and a contribution to the retirement pension.

The Management Board remuneration package is broken down as follows:

» The fixed component is paid monthly in the form of a salary.

» The variable component is based on the Company’s results. It consists of a short-term component and a long-term component. The short-term component is measured on the basis of sales revenue and EBIT for the current financial year (2019 in this case), while the long-term component is measured based on the average EBIT of the past three financial years (2017 – 2019 in this case).

» At its discretion, the Supervisory Board can award each of the members of the Management Board a special bonus for their exceptional contributions in the financial year.

» Non-cash and other benefits essentially comprise the taxable values of company car usage.

» The retirement pension contributions paid to members of the Management Board are set out in their individual contracts of employment. These pension commitments provide for a life annuity with provision for dependants.

Management Board contracts do not expressly provide for any severance payment in the event that the employment relationship is prematurely terminated. In addition, Management Board contracts do not include any specific regulations to govern the event that a “change of control” occurs – that is when one or several shareholders acting jointly obtain the majority voting rights of secunet AG and exert a dominating influence, causing secunet AG to become a dependent company by means of the conclusion of an intercompany agreement within the meaning of Section 291 of the German Stock Corporation Act (Aktiengesetz, AktG), or in the event of the merger of secunet AG with other companies.

The Management Board members do not receive any additional remuneration for the performance of their duties in the subsidiaries.

Following the recommendations of the German Corporate Governance Code (Deutscher Corporate Governance Kodex, DCGK), the remuneration of the secunet AG Management Board is constituted as follows:

The following payments were made for the remuneration of the members of the Management Board in the 2019 financial year:

Total remuneration of the members of the Management Board in the 2019 financial year was 1,961 thousand euros (previous year: 1,420 thousand euros).

The pension entitlements of the Management Board members were as follows as at 31 December 2019:

As at 31 December 2018, the pension entitlements of the Management Board members were as follows:

Owing to the right, in accordance with Article 67 (1) and (2) of the Introductory Act to the German Commercial Code (Einführungsgesetz zum Handelsgesetzbuch, EGHGB), to choose to annually add 1 / 15 to the difference resulting from the change in valuation under the German Accounting Law Modernisation Act (Bilanzrechtsmodernisierungsgesetz, BilMoG), there is a shortfall between the amount of the HGB obligation and the provision set aside, totalling 60 thousand euros.

As at 31 December 2019, the members of the Management Board held a total of 880 shares in secunet. No secunet shares were held by members of the Management
Board on the same reporting date of the previous year.

The members of the Management Board of the Company were not granted any loans during the reporting period.

Furthermore, in the past financial year no member of the Management Board was promised or granted any benefits by a third party in respect of his activity as a member
of the Management Board.

Remuneration of the Supervisory Board

The remuneration of the Supervisory Board is laid down in Article 17 of the Articles of Association of secunet AG. It is based on the tasks and responsibilities of the members of the Supervisory Board.

Remuneration of the Supervisory Board was revised at the Annual General Meeting of secunet AG on 15 May 2019. The members of the Supervisory Board receive a fixed remuneration of 12 thousand euros (previously: 8 thousand euros). The Chairman of the Supervisory Board receives a remuneration of 24 thousand euros (previously 16 thousand euros), and the Vice Chairman of the Supervisory Board receives 16 thousand euros (previously 12 thousand euros). This increases the total annual remuneration of the Supervisory Board from 60 thousand euros to 88 thousand euros. If changes are made within the Supervisory Board during the year, remuneration is granted on a pro-rata basis. Travel expenses associated with Supervisory Board activities are reimbursed separately according to travel expense reports.

For the 2019 financial year, Supervisory Board remuneration totalled 77.8 thousand euros (previous year: 60.0 thousand euros). The increase results from the prorata consideration of the increase in remuneration after the 2019 Annual General Meeting.

The members of the Supervisory Board do not receive any loans from the Company.

As on the same reporting date in the previous year, no Supervisory Board members held any secunet shares as at 31 December 2019.

In the year under review, members of the Supervisory Board did not receive any other remuneration or benefits for services provided personally, in particular consulting and agency services.

For the individual members of the Supervisory Board, the entitlements can be presented as follows:

Forecast, Opportunities and Risk Report

1. Risk report

1.1 Risk management objectives and methods

Risk management is carried out in the same way and in parallel for secunet Group and secunet AG. The function presented below and the description of individual risks and opportunities thus apply to both secunet Group and secunet AG.

Risk management at secunet is carried out by a risk committee. This comprises the members of the Management Board and the departmental manager responsible for risk management. The risk committee meets regularly once a quarter. Any developments that could jeopardise the fulfilment of objectives, or which may even threaten the survival of the Company, are subjected to intense analysis, scrutiny and assessment by the risk committee. The aim of doing this is to ensure that information about risks, and the associated financial implications, is detected as early as possible in order to implement suitable measures. The existing opportunities and associated potential for earnings are to be identified and leveraged.

As part of the preparation for meetings of the risk committee, a comprehensive risk inventory takes place in each area of the Company. Following a bottom-up approach, the risks are identified and aggregated, then assessed according to their damage extent and probability of occurrence.

The Company-specific risks surveyed in this manner are then discussed at the risk committee meetings, implementing a top-down approach. The effects of risks and opportunities are not offset against each other. A net presentation is shown when evaluating the potential effects of risks, i. e. the effects of any risk minimisation measures already taken are considered as part of the evaluation. Depending on the probability-weighted damage value of the risks (risk value), the further treatment of the risks is then determined. This ranges from pure documentation where the value is negligible (the probability-weighted damage value in the 2019 financial year was up to 1.25 million euros in EBIT losses) and further observation (monitoring of existing measures – for a risk value of up to 2.6 million euros in the 2019 financial year) to the need to take and monitor measures immediately (reporting threshold – at a probability-weighted damage value of over 2.6 million euros in the 2019 financial year). The value limits defined above are re-determined annually based on the planned annual result. Insofar as the identified risks are quantifiable, the corresponding risk values (relating to the reporting date) are adopted in the reporting system.

Proposals for countermeasures are then drawn up, if required. The Management Board examines these measures and implements them promptly. During the course of the 2019 financial year, several instances of risk were identified and necessitated measures. For the main part, these related to the areas of distribution and production. Operative damage management implemented in each of these cases was able to contribute to reducing the relevant risk value to significantly below the warning threshold in all cases.

The early risk detection and risk management system of secunet AG is being continuously developed and improved.

1.2 Individual risks

Since 2019, the risks for secunet Group and thus also for secunet AG as the parent company of the Group have been primarily classified according to their origin in the functional areas of secunet as follows:

» Sales risks: these are risks in all areas connected with distribution. They relate primarily to the functions purchasing and inbound logistics, sales and outbound logistics as well as distribution and marketing.

» Product risks: these are the risks that can arise in connection with products and solutions from secunet. They relate primarily to risks from technical defects or possible security weaknesses in the components used. Also included in this category are risks from the divisions responsible for planning and coordinating the market-readiness of products and solutions from secunet Group.

» Project risks: these are the risks that can arise in connection with development and consulting projects. They mainly include the risks relating to budget planning and subsequent budget compliance.

» Structural risks: these are the risks arising from support functions such as finance and controlling, legal and human resources, and IT. Risks from M & A activities and compliance risks are also recorded here.

In the early risk detection and risk management system for the year 2018, the classification of risks was still based on their impact on the stages of secunet’s value creation (risks to the corporate infrastructure, product management risks, distribution risks, risks in production). The revised and optimised classification categorises some risks more strongly according to areas of responsibility (product management and production risks have become product and project risks) while others remain largely unchanged (corporate infrastructure has become structural risks, distribution is now sales).

The coronavirus poses a further risk for business development in 2020. The virus has been spreading further around the world since January 2020. The Management Board is assessing the potential effects of the corona pandemic on secunet Group continuously and with high priority. All aspects of business operations are being examined and evaluated, with appropriate measures being developed where necessary. This applies in particular to outsourced supplies and the work performed on customer premises as well as to secunet Group’s own infrastructure and employees. It is not possible to reliably make any meaningful statements for secunet Group in this respect at the time of preparing this report.

As in previous years, the principal risks identified and quantified primarily concern sales risks (acquisition and execution of orders) and project risks (processing of projects).

1.2.1 Sales risks

The area of sales risks is dominated by distribution risk. secunet is active in the project business. Many projects relate to infrastructures and solutions that are designed on an individual basis. The IT security infrastructures based on these are often associated with high investment volumes, resulting in a complex and often protracted tendering and decision-making process for the customer. This applies to both Public Sector and Business Sector customers and places great limitations on the ability to plan for sales revenues, leading to a potential associated volatility in secunet’s business. The distribution risk is continuously monitored as part of risk management and in the ongoing Management Board meetings and, if necessary, it is countered with suitable measures. These measures for reducing the distribution risk often consist of establishing close contact, and thus ongoing cooperation with the customer, through the use of dedicated key account managers, for example.

Closely linked to distribution risk is the risk factor of customer structure to the extent that secunet conducts the majority of its business with public sector authorities and organisations. The loss of segments of demand from this customer group can have negative effects on sales revenue and earnings. This risk is regularly discussed in depth by the risk committee. Investments in IT, and notably in IT security, are seen as particularly important for the smooth delivery of projects for the public sector, particularly in a world where information technologies play an increasingly important role. The risk of a downturn in demand from public sector customers is therefore constantly monitored, although it is currently considered to be relatively low.

In order to be better placed in the medium term to react to the potential risk of a decline in demand from public sector customers, and in order to reduce and compensate for any resulting decline in sales revenue and earnings, secunet will continue to devote intensive efforts to the expansion of its activities for the private sector target group (Business Sector).

A further risk can be seen in the fact that a large part of the sales revenue is concentrated on a small number of public clients and companies. If one of these major customers is absent for even a short period of time, and the corresponding expected orders are delayed, secunet’s attainment of annual objectives may be endangered at the very least. In this case too, the use of key account managers in distribution can help towards risk reduction. Thanks to their close contact with the customer, they can ensure a timely reaction to changes in demand.

Furthermore, the fact that the business results are still heavily influenced by domestic demand is seen as a risk for the further growth of secunet. As a result, the expansion of high-performance international distribution, tapping of new markets and the acquisition of additional customers abroad will remain a focus of efforts for the future development of the Company. One strategic measure is the pooling of international distribution activities in the marketing company founded for this purpose.

The distribution risk at the time of creating this report is classified as negligible.

Sales risks also include warehousing risks. These increase as secunet AG’s product business grows. Warehousing risks include the risk associated with the ability to deliver at short notice, which is countered by suitably networked material planning. At the same time, hardware components in particular are becoming obsolete because of accelerating technical progress. Where applicable, inventories lose their value because of this technical ageing process. secunet stays abreast of these risks through professional inventory optimisation. Inventories were written down by 0.6 million euros in the 2019 financial year.

Positive commercial framework conditions in the German market for IT security have attracted new competitors, particularly in recent years. The changing intensity of the competition that this entails is continually monitored and evaluated by secunet. Currently, there are no signs of a negative impact on secunet’s market position.

Sales risks aggregated over all the individual risks identified in this area, totalling 0.2 million euros as at the end of December 2019, were classified as negligible.

1.2.2 Product risks

The secunet AG product portfolio is concentrated on solutions in the area of cyber security. In the case of the SINA product family in particular, these solutions are protected and approved at a high level in cryptographic terms.

One risk that is evaluated on an ongoing basis in connection with the technical properties of these products is the effect of any possible – as yet undetected – security weaknesses in these solutions. In this context, the focus is on the question of whether and to what extent the security promise made to its customers by secunet in connection with the solution as a whole might be compromised as a result of security holes in individual components.

A comprehensive process of ongoing risk identification and assessment takes place in this area for the purposes of risk minimisation. As part of this process, secunet collects and evaluates findings about potential security risks from a wide range of sources. Even if potential vulnerability of the systems merely seems possible as a result of this evaluation, customers are informed immediately and supported in closing the potential security hole.

This process of monitoring and solving potential technical security risks is implemented in close collaboration with the Company’s development and certification partner, the German Federal Office for Information Security (BSI).

In view of the risk minimisation measures in use, the economic risk connected with technical product security is believed to be low.

Potential warranty claims are taken into account by creating appropriate risk provisions.

In conjunction with the development of new products, the following risks are discussed and evaluated regularly:

» Risk of a possible decline in demand: the product fails to prove itself on the market.

» Risk of undesirable technical developments: the product contains defects that lead to warranty claims.

» Risk of failure to complete the product in time: the development project takes considerably more time than estimated.

In the past, secunet primarily developed products and solutions in response to orders to cover specific security needs in the public sector. Its high-security IT solutions are tailored precisely to customers’ needs; secunet products are generally not designed without a specific requirement in mind. Most of the products developed by secunet are made to order and are accordingly financed by the customer. Therefore, no development risks exist in terms of potentially waning demand. The risks associated with developing new products that subsequently prove unsuccessful on the market have therefore not been of primary significance for secunet in most product areas.

With the development of the secunet konnektor in the 2018 financial year and due to the volume of the associated investments, risk evaluation has focused more closely on development risks. Similar observations were made in the 2019 financial year with regard to the secunet Communicator in the Public Sector, and the secunet konnektor for data centres and secunet edge in the Business Sector. The focus here is less on the sales prospects associated with the products than on the duration of development and certification. The greatest risk for development projects is underestimation of the time required before new solutions are ready for acceptance. This can lead to expenditure of time and personnel, which limits the profitability of these projects. In order to keep these risks as low as possible, secunet uses extensive project planning and control mechanisms in different locations, paired with a dedicated reporting line. This part of the risk analysis and risk management is identical to the activities that apply for major projects. In the area of development projects, the risk at the time of creating this report is classified as low.

Product risks aggregated over all the individual risks identified in this area, totalling 0.1 million euros as at the end of December 2019, were classified as negligible.

1.2.3 Project risks

Major projects: distribution and project management (distribution and production risk)

In addition to the distribution risks for major projects already described under sales risks, there is also a project management risk. In addition, there are specific risks for very long-term major projects.

The project management risk arises after the commissioning of major projects: these projects are characterised by multiple uncertainties in their implementation due to the sheer fact of their size. The risk may then consist of a failure to maintain schedules and project budgets. secunet takes these risks into account by means of a comprehensive project management system, which is used to create regular management reports for project managers, division heads and the Management Board. The risks arising from major projects are continuously monitored – in the same way as development risks – with comprehensive project planning and control mechanisms, in conjunction with a risk-oriented reporting system. In the event of deviation from the set targets, measures to reduce the risk are resolved and implemented immediately. These can consist of making additional capacity available for processing the project or discussing deviations with the customer in order to bring expectations into line with the altered framework conditions.

In very long-term projects that extend over periods of more than five years, there may be additional risks, for example because the solutions implemented reach the end of their technological service life (update problems, problems with outdated technology). Furthermore, a replacement risk may be posed by suppliers who disappear from the market over the course of such projects.

Project risks aggregated over all the individual risks identified in this area, totalling 0.3 million euros as at the end of December 2019, were classified as negligible.

1.2.4 Structural risks
Structural risks resulting from support functions such as finance and controlling, legal and human resources, and IT were not identified in the 2019 financial year or were classified as harmless. The same applied to potential compliance risks.

The risks from M & A activities also include investment risk. In this context, the major shareholdings of secunet AG were continuously evaluated in the 2019 financial year. As at the end of 2019, the investment risk was classified as negligible.

2. Opportunities

The driving factors outlined below continue to have a positive effect on the future growth of secunet:

2.1 Growth through increasing awareness

Increasing sensitivity to IT security issues in recent years has received strong support as a result of reporting in the media on cyber security threats (such as wiretapping cases, attempted and successful hacking of the networks of authorities and companies, attacks on critical infrastructures) over the same time period.

Investigation into the medium to long-term assessment of risk among companies and decision-makers reveals that much greater importance will be placed on cyber security going forward. The issue of cyber security is the focus for a wide range of investigations and seminars, as well as publications derived from them. Cyber incidents are increasingly at the centre of risk assessments – not just those conducted on behalf of authorities, but also by private companies. Cyber incidents have consistently been included in the top three business risks in Germany over the past three years, as identified in the Allianz Risk Barometer 2020, for example; the same picture emerges in the global view. The World Economic Forum’s Global Risk Report 2020 also lists cyber attacks and the vulnerability of critical infrastructure among the top 10 risks worldwide.

A positive trend in the demand for high-quality, trustworthy IT security solutions “made in Germany” can be inferred from this. This applies both to authorities, which are adding IT system and infrastructure security to their existing efforts, and to companies, which are countering the now-specific risks of economic / industrial espionage, for example, with appropriate safeguards. An additional group is made up of providers of critical infrastructures for which IT security is becoming ever more important (see also “Growth due to increasing regulation”). With the relevant distribution activities aimed at authorities and companies, secunet intends to participate in this positive development of demand.

The increasing interest in IT security, driven also by prominent media attention, and the subsequent growth in demand are also resulting in increasing competition. This must be taken into account when evaluating opportunities.

2.2 Growth due to increasing regulation

The German federal government wants to increase the protection of critical infrastructures such as energy and telecommunications networks as well as that of IT systems. To this end, the German IT Security Act (IT-Sicherheitsgesetz, ITSiG) was passed in July 2015. This results in growth opportunities at different levels:

» The legislation particularly affects operators of critical infrastructures – i. e. facilities that are of central importance to the community – such as energy supply, for example. They are to meet specific IT security requirements. This will result in potential demand for implementation concepts to meet these requirements.

» Furthermore, the role of the BSI has been strengthened by this law and takes into account its growing importance as a central body for IT security. Among other things, the BSI has been empowered to inspect and evaluate IT products and systems on the market with regard to their IT security, and to publish the results if necessary. This could give rise to positive stimulus in the product business of secunet.

A further development of the laws regulating critical infrastructures is expected for the future. Both the specific targets and the sectors covered are to be extended, for example.

2.3 Growth through new markets

IT security solutions “made in Germany” enjoy a good reputation around the world due to their quality and trustworthiness. There is rising international demand for corresponding high-quality solutions such as those offered by secunet.

Under the pressure of wiretapping cases and cyber attacks coming to light, demand is likely to stimulate even greater differentiation between producer countries, from which secunet also benefits as a German manufacturer. In addition, many secunet products are approved for use in an international context, for example by the EU and NATO.

The range of products and services from the Business Sector division for customers in the industrial sector is to be expanded abroad, for example for foreign subsidiaries and production facilities of German corporations. To this end, promising potential is being identified and examined.

The expansion of foreign activities via secunet’s own distribution and via local multipliers will contribute to leveraging these potentials.

2.4 Growth through acquisitions

In addition to organic growth on domestic and foreign markets, secunet has for years pursued the objective of triggering additional growth through M&A activities. Growth in the product area through acquisition of the relevant solution providers is promising. The market for companies with high-quality, reliable IT security solutions for processing classified information – in which secunet is an active player – is split into many small to medium-sized providers. In addition, the M&A business remains characterised by very high price expectations on the part of sellers. The process of identifying promising targets at acceptable prices is time-consuming as a result, but is nonetheless being pursued on an ongoing basis.

3. Overview of risks and opportunities

An overview of opportunities and risks which could impact on the further development of secunet Group shows a promising evaluation overall.

The assessment revealed that the risks at the time of creating the report are negligible overall and can thus be controlled, and the identified risks, both individually and as a whole, do not threaten the continued existence of the Group and the Company in terms of illiquidity or excessive debts in the reporting period of at least one year. In the operational management of the Group, measures are continuously being taken to prevent a worsening of the risk situation. At the same time, the utilisation of the opportunities described above is being driven forward by a number of activities. No material risks are present as at the balance sheet date.

The business development of secunet AG is subject to the same risks and opportunities as those of the Group. The presentation and evaluation of risks and opportunities thus also apply in the same way for secunet AG.

4. Forecast

During the past financial year, sales revenue and EBIT increased sharply once again, and 2019 consequently ended with outstanding results. The Management Board of secunet AG is fundamentally optimistic about the conditions for good business performance in the coming year 2020. However, the coronavirus represents a risk for the development of business in 2020 that is difficult to assess.

The framework conditions for the 2020 financial year gave reason for optimism before taking the potential effects of the coronavirus into account:

» The macroeconomic growth outlook of the German federal government was positive: growth of 1.1% in the price-adjusted gross domestic product was forecast for the current year.

» For the domestic market, we were still expecting growing demand for IT security. This affects both the Public Sector, i.e. business with public customers, and the Business Sector, which serves companies in both the private sector and the healthcare sector. For 2020, Bitkom predicted growth of 7.5 percent to 4.9 billion euros in spending on hardware, software and services in the IT security sector. secunet will be able to meet this growing demand well in future, with optimised and new services, products and solutions.

» The foreign market holds significant growth potential, which secunet is fundamentally well positioned to leverage. The secunet AG and secunet International GmbH & Co. KG employees in international distribution have many years of experience in the Group and in dealing with international customers.

» During the course of the year, secunet Group again increased its number of productive employees and can therefore translate increasing demand and high capacity utilisation into good business results.

» The efforts to expand national and international defence budgets and the focus on cyber defence justify positive growth expectations.

At the time of preparing this report, the Management Board considers secunet Group and secunet AG to be well positioned and still sees the Company and the Group in a good situation:

» The economic and financial standing of secunet Group and secunet AG is good; growth so far has been achieved profitably, there are no loans, and liquid funds are high.

» The Management Board is of the opinion that secunet has high-performing, motivated and highly qualified employees, providing an excellent basis of expertise.

» The Company’s existing product and service portfolio has done well in terms of standing up to competition, and is continuing to expand in close cooperation with customers and their needs. Further additions to the product range will also support future growth.

» secunet believes that secunet’s products and solutions have an excellent reputation, the Company is well-known as a provider of high-quality and trustworthy IT security to meet the highest demands and therefore has a stable and reliable (existing) customer structure.

Nevertheless, risks might also be encountered in the coming year:

» secunet is still largely dependent on the procurement activities of the German federal authorities. At the present time, the effects of changing budgetary policy cannot yet be assessed. Negative implications for secunet could include the postponement or cancellation of planned projects.

» Project business also holds both opportunities and risks: the scope of investment decisions for major projects, especially if these are part of a political process, can significantly delay the start of expected procurements. In addition, ongoing major projects always face the potential risk of incalculable delays or budget overruns.

» The great attention focused on the topic of IT security is fuelling the expectation of growing demand. However, driven by the same attention, increasing competition is also apparent, with consequences that cannot yet be foreseen.

» The spread of the coronavirus poses a risk for business development in 2020. The virus has been spreading further around the world since January 2020. The Management Board is assessing the potential effects of the corona pandemic on secunet Group continuously and with high priority. All aspects of business operations are being examined and evaluated, with appropriate measures being developed where necessary. This applies in particular to outsourced supplies and the work performed on customer premises as well as to secunet Group’s own infrastructure and employees. According to an estimate by the ifo institute published on 19 March 2020, the German economy could shrink by 1.5 percent in 2020.

It is not possible to make any meaningful statements for secunet Group in this respect at the time of preparing this report.

The excellent business results achieved in the 2019 financial year represent a challenge for further growth – surpassing record results is becoming increasingly difficult. For example, the healthcare sector is no longer expected to experience the kind of extraordinary economic upswing triggered in the 2019 financial year by the roll-out of healthcare connectors in medical practices.

For this reason, the company’s Management Board is formulating its expectations for secunet Group for the coming 2020 financial year as follows, subject to the further development of the corona epidemic: a slight decline in sales revenue is anticipated. Accordingly, EBIT for secunet Group is expected to be slightly lower than that of the previous year.

The forecast for secunet AG is subject to the same risks and opportunities as those of secunet Group. Accordingly, the Management Board is expecting a slight decline in sales revenue and EBIT for secunet AG.

The effects of the coronavirus epidemic, which has been spreading since the beginning of the year, on the business development of secunet Group cannot be reliably assessed at present – they represent a considerable factor of uncertainty. The Management Board currently sees no need to adjust its expectations regarding the anticipated development in 2020 compared to the November 2019 planning taken into account in the above forecast and approved by the Supervisory Board.

Directors' Dealings

Article 19 of the European Market Abuse Directive (EU) No. 596 / 2014 requires members of Company bodies (Supervisory / Management Boards) and certain executives, as well as closely related parties, to disclose transactions in secunet shares or related financial instruments where the sum total of such transactions reaches 5,000 euros (with effect from 1 January 2020 20,000 euros) within a single calendar year. Directors’ Dealings disclosures are also published on our website under Investor Relations. No Directors’ Dealings were reported in the financial year 2019.

Annual Auditors

On 8 July 2020, the Annual General Meeting of secunet Security Networks AG appointed PriceWaterhouseCoopers GmbH, headquarters Frankfurt am Main, branche office Essen, to serve as the Auditor of secunet Security Networks AG and as the Consilidated Annual Auditor of the secunet Group for the Financial Year 2020, as well as the Auditor for a review of the Condensed Financial Statements and the Interim Management Report of secunet Security Networks AG and the secunet Group as at 30 June 2020.