Structure of the risk management system of the Uzin Utz Group

Executive Board/Supervisory Board

The Executive Board of Uzin Utz bears overall responsibility for an effective risk management system. It reports in detail to the Supervisory Board at least twice a year on the risk management system. In doing so, the Supervisory Board, together with the Executive Board, has the task of counteracting risks that could jeopardize the company's existence at an early stage and of reviewing the appropriateness and functioning of the risk management system in order to counteract the risks.

Risk Management

The Risk Manager, who reports directly to the Chief Financial Officer, is responsible for the operational implementation and coordination of the risk management system. He collects the risk maps of all companies, evaluates them at local and Group level and determines whether there are any risks that could jeopardize the continued existence of the company. Based on this risk analysis, he prepares the risk report for the Executive Board and Supervisory Board.

National companies

Responsibility for identifying, assessing and reporting risks lies with the operating companies. They identify their risks with the help of the Group-wide risk catalog and evaluate the identified risks in a uniform Group-wide risk map, which contains criteria such as the expected loss value or the probability of occurrence. Further assistance and active support in recording risks in the risk maps are provided by the Risk Manager. These risk maps are recorded by all risk owners and all companies using a project tool and reported to the Risk Manager after approval by the local managing director. In doing so, the legal requirements within the risk reporting of the individual companies are taken into account. Each individual risk of a risk owner must be reviewed and approved by the respective local managing director before processing by the Risk Manager can take place. This ensures that the management of the individual companies is informed about all risk areas of the respective company at all times.

Process of the risk management system

The risk early warning system, which has been set up in accordance with Section 91 (2) AktG, enables us to identify all significant developments and/or developments that could jeopardize the company's continued existence at an early stage. This is achieved through uniform framework conditions and standards for the design of risk identification within the Group.

The entire risk management system is geared towards recognizing risks that could jeopardize the company's continued existence at an early stage and taking countermeasures if necessary, as well as ensuring that business objectives are achieved. The principles, guidelines, processes and responsibilities of the internal risk management system have been defined and established. The risk management system essentially comprises the following risk groups:

The risk groups were specified in more detail compared to 2023 and expanded to include the categories "Sales" and "Environment". The "Other" category comprised a range of potential risk factors which, after analysis, were attributable to the sales area in particular. In addition, the "Environment" category was added mainly due to the introduction of the Corporate Sustainability Reporting Directive (CSRD).

In addition to risk-specific management measures, safety-oriented, commercially prudent corporate management, appropriate insurance cover and company-wide guidelines and instructions form the basis for risk-conscious action.

The explanations in the "Financial situation" and "Financial risks" sections of this report apply to financial instruments. In addition, the earnings and liquidity risks of financial assets are mapped in the form of an early warning system. The main elements here are detailed monthly reporting on all key income statement items and a quarterly report from the portfolio companies on the development of the general environment, the receivables and inventory risk as well as the liquidity and financing situation. Regular review meetings with the affiliated companies, group-wide accounting guidelines and mandatory, direct communication channels between the managing directors of the affiliated companies and the Executive Board of Uzin Utz SE in all key matters are the remaining main elements.

Identified risks are divided into different risk categories using a special weighting system. These are the following risk categories:

• Insignificant risk
• Low risk
• Medium risk
• High risk
• Risk threatening the existence of the company

The weighting system applied is made up of various characteristics of the risks, such as the probability of occurrence, the extent of damage and qualitative criteria such as the measures taken to reduce the risks, an early warning indicator or the frequency with which the risk is reviewed. Based on this qualitative weighting system, the risks are classified into the above-mentioned categories and reported to the Executive Board. The financially quantifiable risks are additionally assessed on the basis of Uzin Utz's risk-bearing capacity.

Process-independent monitoring

The auditor of Uzin Utz - as an independent external body within the scope of the audit of the consolidated financial statements - reviews the existence and functionality of the early risk detection system in accordance with Section 91 (2) AktG. In addition, an analytical review of the risk maps and the risk-bearing capacity calculation based on them is carried out internally. This audit measure enables potential irregularities to be identified at an early stage, the appropriateness of the risk management strategies implemented to be checked and risks to be dealt with appropriately in accordance with the company's objectives.