Investor contacts

Disclosure policy

Disclosure Policy

1. Purpose

This Disclosure Policy describes the principles and procedures applicable to the external communication of F-Secure to the capital market representatives.

F-Secure’s financial instruments are listed in Nasdaq Helsinki Ltd. In its communication, F-Secure complies with Finnish and EU legislation, The Market Abuse Regulation (EU 596/2014, “MAR”), the rules of Nasdaq Helsinki Ltd., the regulations and guidance of European and Finnish Financial Supervisory Authorities, Finnish Corporate Governance Code as well as its internal policies.

The goal of F-Secure’s external communications is to ensure that relevant and accurate information about the company’s activities, operating environment, strategy, objectives and financial results is disclosed to the financial markets in a timely manner and non-selectively to all participants. F-Secure strives to provide good service and to meet actively with capital market representatives.

This Disclosure Policy has been approved by the Board of Directors.

2. Communications Principles add

Spokespeople

F-Secure’s financial situation and performance, its markets as a whole and its future outlook are commented on by F-Secure’s CEO and the CFO or a person designated by them. Investor Relations centrally handles communications with investors and analysts.

Discussions and Meetings

F-Secure actively engages with representatives of capital markets and the media, replying to queries by investors, analysts and the media without unnecessary delay. Discussions are always based on information already made available to the markets. Investor Relations coordinates communication with investors and analysts, whereas meetings with the media are coordinated by corporate communications.

Channels

F-Secure publishes stock exchange releases and press releases via the Helsinki Stock Exchange and main media channels. Stock exchange releases and press releases are made available on the company’s website as soon as they are published.

Availability

All F-Secure’s stock exchange releases can be found on the website for at least five (5) years from the date of the publication. Financial statements, Board of Directors’ reports including Sustainability Statements, auditors’ reports, half year reports, interim reports, remuneration reports and corporate governance statements are available at the website at least for ten (10) years.

Language

The official reporting language of F-Secure is Finnish. The stock exchange releases and financial reports, which are published under the disclosure obligation, are published in Finnish and English.

Silent Period

F-Secure observes a silent period of 30 days prior to publication of financial reports, during which it refrains from engaging in discussions with capital market representatives or the media regarding F-Secure’s financial position or the factors affecting it.

If any incident occurs during a silent period that requires timely disclosure, F-Secure will disclose the information in accordance with the disclosure regulations and comment on that particular matter.

3. Releases Published by F-Secure add

Stock Exchange Releases

Financial reporting and other periodic reporting

F-Secure publishes its financial reports according to a predetermined schedule: two interim reports, a half year report and a financial statements release. In addition, F-Secure publishes a statutory sustainability statement, which is included in the Board of Directors’ report. Auditors’ report shall be disclosed together with the financial statements. Furthermore, F-Secure publishes annually a corporate governance statement and remuneration report.

The publication dates for financial reports are announced prior to the end of the previous financial period.

Ongoing reporting

Inside information

F-Secure publishes a stock exchange release as soon as possible of any inside information concerning F-Secure, for example (but without limitation) key strategic issues, significant business acquisitions and divestitures, significant investments and financial arrangements, material business reorganizations and customer contracts that materially deviate from F-Secure normal business due to either exceptionally high expected value or extraordinary strategic importance.

Inside information means information of a precise nature, which has not been made public, relating, directly or indirectly, to F-Secure and which would be likely to have a significant effect on the price of F-Secure financial instruments (definition of EU Market Abuse Regulation, MAR). What constitutes inside information is analyzed case by case based on thorough qualitative and quantitative assessment, relevant facts and circumstances, applicable laws and stock exchange rules as well as internal guidelines for assessing the significance and relevance of information. As a principle, trigger value for customer contracts disclosed as a stock exchange release is either 7 percent of F-Secures revenue in a single year or 15 percent in total over three consecutive years of F-Secure's current year revenue. The assessment is based on the discounted revenue for the first three contract years. The discounting takes into account the time value and risk factors such as the estimated certainty of revenue realization and other similar factors.

When assessing the value of customer contracts, due regard is given to perceived certainty of revenue which has been discounted by time value and riskiness thereof, and other similar attributes. Inside information may not be disclosed to analysts, journalists, or any other parties (except in certain situations specified in MAR), either individually or in groups, without making the same information public to the market.

F-Secure may justifiably delay the disclosure of inside information under the following conditions:

  • Immediate publication is likely to prejudice the legitimate interests of F-Secure,

  • Delay of disclosure is not likely to mislead the public, and

  • The confidentiality of the information can be ensured.

The decision to delay the disclosure is always made in accordance with the regulatory requirements and F-Secure's Insider Policy (as in force from time to time). The decision can be made by the authorized persons only and it will be documented and archived accordingly. The information shall be published as a stock exchange release as soon as possible after the conditions of delaying the disclosure are not met anymore.

Other regulatory stock exchange releases

Stock exchange releases are also used to publish regulated information that is required to be disclosed (such as management transactions, changes in the number of own shares, flagging notifications etc).

F-Secure publishes a stock exchange release of changes in the members of the Board of Directors, Auditors as well as changes in the CEO and CFO positions. Changes in other leadership team will also be disclosed as stock exchange release.

Rumors, information leaks and market forecasts

F-Secure does not typically comment on market rumors. However, if a market rumor significantly impacts the company’s stock price, the company may consider issuing a statement in order to provide accurate information to the markets or to rectify incorrect or misleading information.

In certain situations, a rumor may explicitly relate to inside information which has not yet been made public (delayed disclosure). If the rumor is sufficiently accurate to indicate that the confidentiality of that information is no longer ensured, inside information is disclosed to the markets as soon as possible.

F-Secure is not responsible for the estimates or assessments concerning F-Secure made by capital market representatives. If requested, F-Secure may, in its discretion, decide to review an analysis or report made by an analyst to confirm the factual accuracy of relevant information, but F-Secure does not comment on the conclusions drawn.

If F-Secure detects that conclusions presented by an analyst on the value of the company’s financial instruments significantly deviate from F-Secure’s own estimates, F-Secure will consider whether it has given correct and sufficient information on matters that are relevant for preparing estimates on F-Secure and its financial instruments. If deemed necessary, F-Secure publishes at the same time to all capital market representatives relevant and complementary information to ensure the fair and correct valuation of F-Secure financial instruments.

Outlook and profit warnings

F-Secure may release forecasts on the group’s likely future financial performance (outlook). Outlook is based on views at the time of the release regarding the development of the group and its business operations.

F-Secure constantly monitors the company’s financial performance, position and outlook. In the event that F-Secure’s financial position or outlook deviates in an unexpected and significant positive or negative way from what has been previously disclosed by F-Secure, or what can be reasonably inferred from previously published information, F-Secure will publish a profit warning as a stock exchange release as soon as possible.

The persons responsible for assessing the deviation and issuing a profit warning are the CFO and CEO together with the Board of Directors, taking into consideration that a profit warning has to be issued as soon as possible and that it cannot be delayed. The decision to issue a profit warning is made by the Board of Directors. If the Board of Directors cannot convene in due time, the CEO may decide on issuing the profit warning together with the Chairpersons of the Board of Directors and the Audit Committee or, in an exceptional case, alone.

Press releases

Press releases are used to announce matters which do not meet the criteria for stock exchange releases but are deemed to be of value as news items. Such matters may include smaller acquisitions, investments, divestments or financial arrangements, sales contracts related to the normal scope of business as well as partnership agreements. Press releases can be published globally or regionally, and they are also typically published on F-Secure's website.

4. Changes to the Disclosure Policy add

This policy has been approved by the Board of Directors of F-Secure on 17 July 2025. This policy will be revised and amended as necessary. F-Secure may also adopt more detailed internal guidelines and processes to ensure compliance with this policy and relevant laws and regulations. The CEO is entitled to deviate in specific cases from the policy for weighty reasons within applicable laws and regulations.