Extended policy for: SCANDIC FINANCE GROUP LIMITED

1.1 Purpose of the policy

This policy defines the principles of responsible, transparent, lawful and compliant corporate governance for SCANDIC FINANCE GROUP LIMITED by Scandic Banking (hereinafter referred to as the "Company") and the SCANDIC BRAND ECO-SYSTEM:

This expanded policy forms the binding framework for management, control, compliance, risk management, sustainability and integrity in business operations.

1.2 Scope

This policy applies to:

• the managing director of the company;
• and all other managing directors or executive officers;
• all senior employees and decision-makers within the SCANDIC Group, insofar as they are involved in management and control;
• mutatis mutandis, employees and affiliated companies, insofar as internal regulations refer to this.

1.3 Legal framework

In its activities, the management of SCANDIC FINANCE GROUP LIMITED must take particular account of: Hong Kong company and supervisory law, insofar as the company is registered and supervised there. European and German law, insofar as the company or affiliated companies operate in the EU/Germany or serve customers there, in particular the German Commercial Code (HGB), the Limited Liability Companies Act (GmbHG), the Income Tax Act (EStG), the Corporation Tax Act (KStG), the Foreign Tax Act (AStG), the Supply Chain Due Diligence Act (LkSG), the General Data Protection Regulation (GDPR) and supplementary data protection laws, EU money laundering regulations (including money laundering directives, national implementation), antitrust and competition law, capital market and financial market law, where relevant. Where several legal systems apply, the stricter standard shall generally be applied (best practice approach).

1.4 Values and mission statement

The management of SCANDIC FINANCE GROUP LIMITED undertakes to comply with the following principles:

• Legality: Strict compliance with all applicable laws and regulatory requirements.
• Integrity: Honest, transparent and unbiased conduct in all business relationships.
• Responsibility: Long-term safeguarding and enhancement of the company's value in the interests of shareholders, customers, employees and business partners.
• Sustainability and human rights: Respect for human rights, avoidance of environmental and human rights violations in supply chains.
• Transparency & accountability: Disclosure of essential financial, non-financial and compliance-related information in accordance with legal requirements.

2.1 General management and representation duties

The managing director of SCANDIC FINANCE GROUP LIMITED manages the company on his own responsibility and represents it externally. Insofar as reference is made to international standards, these apply mutatis mutandis:

• He must exercise the diligence of a prudent and conscientious manager (cf. Section 43 GmbHG analogously).
• He is responsible for the proper organisation of the company, effective risk management and an appropriate internal control system (ICS).
• He shall ensure proper bookkeeping and accounting (cf. Sections 238, 242, 264 HGB, where applicable) and timely disclosure (e.g. Section 325 HGB).

2.2 Duty of loyalty and conflicts of interest

• The managing director acts exclusively in the interests of the company and its shareholders.
• Their own or third-party special interests must not influence decision-making.
• Conflicts of interest must be identified at an early stage, disclosed and mitigated by appropriate measures (e.g. abstention from decisions, delegation).
• Transactions with related parties are only permitted at arm's length conditions; risks of hidden profit distributions must be avoided.

2.3 Responsibility for tax compliance

The managing director shall ensure that all tax obligations are fulfilled completely, correctly and on time, in particular:

• Submission of all relevant tax returns and timely tax payments (KStG, EStG, UStG and other tax laws, if applicable).
• Withholding and paying income tax for employees and, where necessary, for the managing director (Section 38 EStG).
• Withholding and paying capital gains tax on distributions (Section 43 EStG) and issuing tax certificates (Section 45a EStG).
• Ensuring arm's length transfer pricing for cross-border group transactions, in particular documentation in accordance with Section 1 AStG.
• Compliance with tax obligations for payments to foreign service providers and suppliers, including any withholding taxes (Section 50a EStG).
• Management can and should consult tax advisors to ensure compliance with these obligations.

2.4 Responsibility for the compliance management system (CMS)

Management is responsible for establishing, maintaining and continuously improving an effective compliance management system, which includes in particular:

• Compliance organisation with clearly defined responsibilities (e.g. compliance officer, data protection officer, money laundering officer, LkSG officer).
• A risk-based approach to identifying, assessing and managing compliance risks (corruption, money laundering, sanctions, data protection, antitrust law, human rights, environment).
• Development and implementation of internal guidelines and training programmes.
• Monitoring, regular checks, audits and reporting to shareholders and, where necessary, supervisory authorities.

3.1 Appointment

The managing director is appointed by the shareholders' meeting in accordance with the applicable provisions of company law (e.g. Sections 37 and 38 of the German Limited Liability Companies Act (GmbHG), where relevant). The appointment may be revoked; important reasons include, in particular, gross breach of duty, inability to manage the company properly or serious violations of compliance obligations.

3.2 Requirements for qualification and integrity

The following criteria are particularly relevant when selecting the managing director:

Professional suitability:

• Demonstrable experience in the relevant business areas (real estate, payment transactions/fintech, yachts, aviation, trade, trust services, banking/finance)
• Sound knowledge of finance, accounting, taxation, risk management and law, understanding of international financial markets and their regulations.

Personal integrity:

• impeccable reputation,
• no relevant criminal convictions,
• Reliability in accordance with relevant financial market and supervisory standards ("Fit & Proper").

Compliance expertise:

• Experience in implementing compliance systems,
• Knowledge of human rights and environmental protection standards, particularly in the context of the Supply Chain Due Diligence Act (LkSG) and corresponding EU regulations,
• Understanding of AML/CFT rules (anti-money laundering, counter-terrorist financing).

Diversity and independence:

• Promotion of diversity in corporate governance,
• No significant personal or business ties that could compromise independence.

3.3 Disclosure and adjustment obligations

Any significant change in the managing director's professional situation, reliability or allocation of tasks must be reported to the shareholders' meeting without delay. The shareholders' meeting regularly reviews (at least annually) whether the managing director is still suitable for the position.

4.1 Code of conduct

The company has a binding code of conduct that applies to management, employees and, where contractually agreed, to suppliers and business partners. This code includes in particular:

• Compliance with laws and internal guidelines,
• Prohibition of corruption, bribery, granting and accepting advantages,
• Rules on dealing with gifts, invitations and hospitality,
• Obligation to avoid and disclose conflicts of interest,
• Confidential and lawful handling of insider information and confidential data,
• Respect for human rights and environmental standards.

4.2 Human rights and the environment (LkSG framework)

The management adopts a policy statement on human rights and environmental standards in accordance with Section 4 LkSG (where applicable), in which it stipulates respect for human rights and protection of the environment. Supply chain processes are established to prevent forced labour, child labour, discrimination, inappropriate working conditions and serious environmental damage. Suppliers are contractually obliged to comply with these standards; in the event of violations, preventive and remedial measures are taken (up to and including termination of the business relationship).

4.3 Anti-corruption and competition law

• Any form of corruption, bribery, kickbacks or undue influence is strictly prohibited.
• Business decisions must not be influenced by inappropriate benefits.
• Management provides training on antitrust and competition law and ensures that no anti-competitive practices (price fixing, market sharing, etc.) take place.

5.1 Performance appraisal

• At least once a year, the shareholders' meeting evaluates the performance of the managing director on the basis of clearly defined criteria (financial target achievement, risk management, compliance implementation, strategic development, employee management).
• The implementation of the compliance framework, including human rights and environmental due diligence obligations under the LkSG, is a key assessment criterion.

5.2 Succession planning

• The management develops a structured succession plan together with the shareholders to ensure continuity and stability in the management of the company.
• Potential internal and external succession candidates are identified at an early stage and, where appropriate, developed.

5.3 Remuneration

The remuneration of the management is determined by the shareholders' meeting (cf. Section 38 GmbHG mutatis mutandis). It is appropriate, in line with market conditions and performance-oriented, and is intended to promote sustainable, long-term value creation. Variable remuneration components must not create incentives to violate the law or take excessive risks. Tax requirements, in particular those relating to wage and income tax treatment, are observed.

6.1 Business organisation

The managing director must ensure a clear organisational and procedural structure, including written definitions of responsibilities, representation arrangements and powers. A risk management system and an internal control system (ICS) must be established, covering in particular financial, operational, regulatory and reputational risks.

6.2 Meetings and reporting

In the case of a sole managing director, there are no internal management meetings; however, the managing director is obliged to consult regularly with the shareholders' meeting (e.g. quarterly, but at least annually). These meetings must cover at least the following topics

• financial situation,
• significant risks,
• compliance status,
• complaints and reports (whistleblowing),
• progress in the area of LkSG/sustainability.

6.3 Documentation and storage

Important decisions made by management, especially those with significant economic or legal implications, must be documented in writing ("business judgement rule") and stored in an orderly manner. Statutory retention periods must be observed.

7.1 Optional committees

The shareholders' meeting of SCANDIC FINANCE GROUP LIMITED has established committees to support the management, in particular:

• Audit Committee for Finance, ICS and Risk Management,
• Nomination and Remuneration Committee,
• Compliance and Sustainability Committee, in particular to monitor the implementation of the LkSG.

7.2 Representatives

The following roles have been appointed within the regulatory environment of SCANDIC FINANCE GROUP LIMITED:

• Compliance Officer,
• Data Protection Officer,
• Anti-Money Laundering Officer (AML/CTF),
• LkSG Officer / Human Rights Officer,
• IT Security Officer).

Their duties, responsibilities and reporting lines are set out in written mandates.

8.1 Communication with shareholders

Shareholders of SCANDIC FINANCE GROUP LIMITED can contact the managing director in particular by e-mail at:
Email: Office@ScandicFinance.Global
The managing director of SCANDIC FINANCE GROUP LIMITED must respect the shareholders' rights to information and inspection and provide them with sufficient information upon request.

8.2 External communication and transparency

• External communication (press, investors, supervisory authorities, public) must be truthful, clear and consistent.
• Confidential information is protected; insider information within the meaning of capital market regulations may only be used in a manner permitted by law.

8.3 Complaints and reporting system / whistleblowing

SCANDIC FINANCE GROUP LIMITED has established a confidential complaints and whistleblowing system through which employees, suppliers and external third parties can report possible violations. Whistleblowers are protected from reprisals in accordance with the EU Whistleblower Directive and relevant national laws. Complaints within the meaning of the LkSG (e.g. regarding human rights or environmental violations in the supply chain) are systematically recorded, investigated and documented.

9.1 Appointment and dismissal

Appointment and dismissal are governed by the articles of association and the relevant applicable laws. An important reason for dismissal exists in particular in the case of:

• gross breaches of duty,
• serious violations of this guideline, or
• violations of compliance and LkSG obligations.

9.2 Liability

The managing director of SCANDIC FINANCE GROUP LIMITED is liable to the company for damages resulting from the breach of his statutory or contractual obligations, in particular in the areas of finance, tax, compliance, human rights and the environment. The business judgement rule applies to decisions made within the scope of entrepreneurial discretion: liability does not apply if the managing director acts in the best interests of the company on the basis of reasonable information.

SCANDIC FINANCE GROUP LIMITED has D&O insurance (Directors & Officers Liability) with: Allianz Deutschland AG, Königinstraße 28, 80802 Munich, Federal Republic of Germany, in favour of the managing director, without reducing the personal duty of care.

10.1 Accounting

• SCANDIC FINANCE GROUP LIMITED keeps its books in order and prepares annual financial statements in accordance with the applicable accounting regulations.
• The annual financial statements are audited by independent auditors, where necessary, and disclosed in a timely manner.

10.2 Tax treatment

Accounting and tax profit determination are carried out in accordance with legal requirements. Operating expenses are recorded correctly. Tax risks are recorded as part of risk management and assessed with external consultants as necessary.

10.3 Non-financial reporting and LkSG

The annual report contains, where applicable, a non-financial statement with information on environmental, social and governance (ESG) issues, including

• human rights and environmental issues,
• corruption prevention,
• employee issues.

Information on compliance with the LkSG and corresponding EU due diligence obligations (e.g. risk analyses, preventive and remedial measures, complaint procedures) is disclosed in accordance with Section 10 LkSG.

11.1 Data protection

• Personal data is processed in accordance with the GDPR and the applicable data protection laws of other jurisdictions (e.g. Hong Kong data protection law).
• The company appoints a data protection officer where necessary.
• Data protection guidelines, deletion concepts, processing directories and appropriate technical and organisational measures (TOM) are in place.

11.2 Information security

• Management establishes an information security concept that ensures the confidentiality, integrity and availability of data.
• Cyber risks (e.g. hacking, ransomware, data leakage) are included in risk management; appropriate contingency plans are drawn up.

12.1 Money laundering and terrorist financing (AML/CTF)

SCANDIC FINANCE GROUP LIMITED has established a risk-based AML/CTF system that complies with the requirements of international and European Union anti-money laundering directives, national implementations and Hong Kong regulations. The core components are:

• KYC/KYB (Know Your Customer/Know Your Business) checks,
• Continuous transaction monitoring,
• Suspicious activity reports to the competent authorities,
• Regular training of all relevant employees.

12.2 Sanctions and embargo rules

The management of SCANDIC FINANCE GROUP LIMITED ensures that no business is conducted with sanctioned persons, organisations or countries. Sanctions list checks are carried out against EU, UN and, where applicable, other relevant lists (e.g. UK, USA/OFAC). Violations of sanctions regulations can lead to serious criminal and civil law consequences and must be strictly avoided.

13.1 Training

The management ensures that all relevant employees receive regular training on the following topics:

• Compliance basics,
• Code of conduct, anti-corruption, antitrust law,
• Data protection & IT security,
• Anti-money laundering (AML/CTF),
• LkSG, human rights and environmental standards,
• Whistleblower system and complaints procedure.

13.2 Compliance culture

The management of SCANDIC FINANCE GROUP LIMITED promotes a "tone from the top" culture in which compliance and integrity are exemplified. Violations are sanctioned consistently, proportionately and transparently.

14.1 Monitoring and internal audits

The effectiveness of internal guidelines and the CMS is regularly reviewed through monitoring and internal audits. Any weaknesses identified are documented, and measures for improvement are initiated and monitored.

14.2 External audits

External audits (auditors, supervisory authorities, external compliance audits) are to be supported in a cooperative manner. Findings from external audits are systematically evaluated and incorporated into the improvement programme.

15.1 Entry into force

This policy shall enter into force upon resolution by the shareholders' meeting of SCANDIC FINANCE GROUP LIMITED.

15.2 Regular review:

The policy shall be reviewed at least once a year and as required (e.g. in the event of changes in legislation, significant structural changes or new business areas). Regulations requiring adjustment shall be revised and re-approved as part of a formal amendment process.

15.3 Binding nature:

Group management is obliged to actively implement this policy and monitor compliance with it. Violations of this policy may result in consequences under labour law, civil law and criminal law.