Principles

SSH Communications Security Corporation is registered in Helsinki, Finland and is a publicly listed company whose administration complies with current legislation such as the Finnish Companies Act, the Accounting Act and the Finnish Securities Markets Act, and the company’s Articles of Association. We also observe the rules, regulations and guidelines of NASDAQ OMX Helsinki Ltd and the Finnish Financial Supervisory Authority, and we adhere to the Finnish Corporate Governance Code.

The adoption and maintenance of high ethical standards is a core principle of the SSH Communications Security and its subsidiaries and affiliates worldwide. SSH Communications Security strives to undertake its business fairly with honesty and transparency. This must be reflected in every aspect of our business affairs. SSH Communications Security will comply with all laws, rules, and regulations governing anti bribery and corruption law, in all the countries where we operate. We have a zero tolerance approach to acts of bribery and corruption, by our employees or anyone acting on our behalf. SSH Communications Security Anti-Bribery and Anti-Corruption Policy

SSH Communications Security's administrative bodies

The General Meeting is where shareholders exercise their voting rights and is SSH Communications Security’s highest decision-making body. The Annual General Meeting (AGM) elects the Board of Directors, which in turn appoints the CEO. The Board of Directors and CEO are responsible for the management of the Group. The Group Management Team and other management personnel assist the CEO in his duties. The Board of Directors decides on the Group’s administrative systems and ensures compliance with good governance principles.

Whistleblowing Statement

The SSH Group Whistleblower system

Whistleblowing takes place when someone reports suspected internal or external misconduct of law or regulations within the operations of SSH Group or by its personnel. Whistleblowing can be carried out by the personnel of SSH Group or by any other external parties. All SSH personnel are encouraged to speak out their concerns related to any suspicions of fraud or misconduct. The primary channels for handling these issues are the normal command channels of the company. The whistleblower system is not for questions regarding applications for employment, questions about employment, commercial inquires or general questions.

If you believe a violation of law or regulations has occurred within the SSH Group, we encourage you to report your concerns directly to us, via your usual contact person or Group CEO. If normal reporting channels cannot be used for any reason, it is possible to report through general e-mail address whistleblow@ssh.com. You will receive guidance as you proceed.

All situations are handled with due consideration. While whistleblowing process can be carried out anonymously, it is recommended, for investigational and communications reasons, that the communication be made with the whistleblower’s name included, allowing further communication and questions.

Corporate Governance Announcement

Each year SSH Communications Security publishes Corporate Governance Statement which is prepared in accordance with the recommendation of the Finnish Corporate Governance Code.