Principles

At all times, the Company seeks to comply with the most recent applicable legal framework for companies listed on the Norwegian stock exchange. The Company endorses the “Norwegian code of practice for Corporate Governance” in its most recent revision (30 October 2014), which is available on www.nues.no. The Company conducts annual corporate governance reviews to ensure continued compliance.

Core corporate values
The Company has formulated core values that underpin the business goals of the Company. These are as follows:
Respect
• Integrity
• Innovation

Ethics and corporate social responsibility
The reverse takeover of Hiddn Solutions ASA by Hiddn Security was completed at the end of 2016 (29 December). The Group has immediately started the work to update the guidelines for:
• Social corporate responsibility
• Ethics
• Internal guidelines to identify and managing conflicts of interest

This section describes Hiddn Solutions ASA’s (“Hiddn” or “the Company”) compliance with the Norwegian code of practice for corporate governance. The Company’s Board of Directors embraces the principles for good corporate governance and is vigilant about the Company’s adherence to these principles.

Corporate governance report

Prevention of insider trading
When the updated policies building on the framework previously established by the former Board and management in Hiddn Solutions ASA (Agasti Holding ASA) have been completed, it will be communicated to all employees, consultants and
interest groups related to the Group. The guidelines will, as previously include a description of the Groups’ responsibility towards the people, society and environment affected by the Group’s operations. The guidelines formerly established need to be updated to reflect the changes in the size and operations of the Hiddn Solutions Group operations compared to prior years.

Operations
Hiddn’s business consists of research and development and commercialisation of hardware-based encryption products designed to safeguard data at rest, as well as key management systems supporting these products. The Company’s articles of associations maintain a somewhat wider scope to the Company’s operations, stating that the business of the Company is “research, development and commercialisation of security products, participation and investments in companies with similar business, as well as any other business naturally related thereto”. The business goals and key strategies of the Company are stated in a prospectus approved by the Board of Directors.

Hiddn Solutions ASA was formerly listed as Agasti Holding ASA and AgaTech ASA on the Oslo Stock Exchange main list, but changed its name and ticker on 21 December 2016. Hiddn is subject to Norwegian securities legislation and stock exchange
regulations.

Share capital and dividend
Equity
The company strives to maintain a healthy relation between the Company’s equity and other forms of financing, given t e Company’s strategy and risk profile. The Board of Directors shall take immediate and appropriate action should the equity or liquidity situation of the Company prove to be poorer than acceptable.

Per 31 December 2016, the Company’s consolidated equity was minus NOK 35.2 million. In February 2017 the Company successfully completed a rights issue yielding gross proceeds of NOK 69.7 million

Dividend policy
The Company seeks to provide its shareholders with a capital appreciation and dividend at a level that is at least equal to alternative investment possibilities with an equal risk profile.  As the Company is still in a growth phase, it has not yet
adopted a dividend policy. The Company will establish a dividend policy in alignment with the aforementioned objective in due course. There has not been given, nor proposed to give, a candiate to the Board of Directors to approve a distribution of dividends.

Board authorisations
Authorisations to the Board of Directors to approve share capital increases shall be confined to defined purposes, and should not be given for longer periods of time than until the next Ordinary General Meeting. If an authorisation encompasses several purposes, each purpose should be treated as a separate issue at the General Meeting. This also applies to authorisations permitting the repurchase of shares. The Board of Directors does not have any general authorisations to increase the Company’s share capital. On 13 January 2017, the Company’s extraordinary general meeting granted the Board of Directors with an authorisation to increase the share capital in connection with increasing the Company’s ownership in its subsidiary Hiddn Security
AS.

The Board of Directors has summoned for an extraordinary general meeting on 16 May 2017 in which it is proposed to grant the Board of Directors with an authorisation to increase the Company’s share capital in connection with the Company’s acquisition of Finn Clausen Sikkerhetssystemer AS and a private placement to the Company’s new CEO.

Equal treatment of shareholders and transaction with related parties

Class of sharesThe Company has one class of shares, without any form of voting restriction imposed. Each share represents one vote at the Company’s General Meeting. The par value per share is NOK 0.34.

Pre-emption rights of existing shareholders
The Company’s existing shareholders have pre-emption rights to subscribe for shares in the event of share capital increase, unless special circumstances necessitate a deviation from this principle. Any decision to deviate from the pre-emption rights of existing shareholders shall be justified and rooted in an authorisation given to the Board of Directors from the General Meeting. The justification shall be publicly disclosed in a stock exchange announcement issued in connection with the increase in share capital.

Transactions with related parties
The Company’s board members, management and significant shareholders are considered related parties. Transactions with these should be carried out on an arm’s length basis. If the value of such a transaction is significant, the Board of Directors is responsible for assigning an independent third party to perform a valuation. Alternatively, the transaction in question can be treated as an issue at the General Meeting, in accordance with the Norwegian Public Limited Liability Companies Act.

The Group’s transactions with related parties in 2016 is stated in note 21 to the financial statements.

Freely negotiable shares
The shares in the Company are freely transferable, and there are no constraints in the articles of association preventing or contradicting this.

General meetings
The General Meeting is the main governing body of the Company, this provides all shareholders with an opportunity to attend and exercise their voting rights.
The Company takes measures to ensure that as many of the shareholders as possible are able to participate in the General Meeting.

Notification
No later than 21 days prior to the Ordinary General Meeting (“OGM”), an invitation will be made available on the Company’s website, www.hiddnsolutions.com. This
will include supporting information on resolutions to be considered, as well as the recommendations of the nomination committee. The Board of Directors seeks to
ensure that all shareholders are provided with sufficient information to form qualified views on the matters discussed at the General Meeting.

The OGM will be held no later than 30 June each year.

The OGM will be held in Oslo, unless otherwise is clearly specified.

Participation by shareholders in absentia
Shareholders that are unable to attend the General Meeting in person, are encouraged to vote by proxy. The Company will provide information on proxy voting, designate a person who will be available to vote on behalf of the shareholders in question, and prepare a form for the appointment of a proxy.

Attendance, agenda and execution
Board members, the nomination committee and the auditor are encouraged to attend the General Meeting in person. The Company will make arrangements to ensure that an independent chairman for the General Meeting can be elected.

Nomination committee
Requirements for the Company’s nomination committee are outlined in the articles of association, §6.

Composition
According to the Company’s Articles of Association section 6, the Company shall have a nomination committee consisting of 3-5 members by the further decision of the General Meeting. Pursuant to the guidelines for the nomination committee, the nomination committee shall, inter alia, assess the need for change in the Board of Directors, propose candidates for election to the Board of Directors and propose remuneration to be paid to such members. The current members of the
nomination committee were elected at the Company’s ordinary general meeting in 2016 and are Ove Steinar Larsen, Line S. Bakkevig and Truls Foss. All members are independent of the Board of Directors and executive management.

Work
The nomination committee is responsible for assessing the need for change in the Board of Directors, proposing, in consultation with relevant shareholders, candidates for election to the Board of Directors, and proposing the remuneration to be paid to such members.

The Board of Directors – composition and independence

Corporate assembly
As mandated by the Norwegian Public Limited Liability Companies Act, §6-35, the Company is not required to establish a corporate assembly, and has thus chosen not to.

Composition of the Board of Directors
According to the articles of association, the Board of Directors should consist of three to seven members, chosen by the General Meeting. It is of great importance to the Company that the board members have the relevant competencies to
independently evaluate the cases presented to them by the executive management, as well as to monitor the daily operations of the Company. Per 30 of June 2017, the Board consisted of the following individuals:

• Øystein Tvenge (Chair)
• Cecilie Grue
• Jan Christian Opsahl
• Jeanette Dyhre Kvisvik
• Svein Willassen

Biographies on the members can be found on the Company’s website,
www.hiddnsolutions.com.

Independence
The Company strives to apply NUES’ criteria to evaluate whether a director is considered to be independent. The Board should have a composition that enables it to attend to the common interests of all shareholders and operate independently of special interests. Any eventual deviation from the independency principle will be properly explained by the Company.

Any director experiencing a change in his or her ability to act independently is obligated to notify the Chairman  of the Board.

Directors are favorable to long-term shareholders on the Board. At least two of the shareholder-elected board members shall be independent of the Company’s main shareholders.

The Board of Directors – work and instructions
The formal responsibilities of the Board of Directors are mandated by Norwegian law.

The fundamental responsibility of the directors is to oversee day-to-day management and evaluate strategy, to exercise their business judgment acting in what they reasonably believe to be the best interests of the Company and its shareholders. The Board of Directors is also to oversee such matters as are required by statutory law, the Company’s Articles of Association, policies, instructions and procedures as well as resolutions or the resolutions of the General Meeting.

It is the duty of the Board of Directors to monitor management’s performance to ensure that the Company operates in an effective and ethical manner, focused on creating value for the Company’s shareholders. The Board of Directors also evaluates the Company’s overall strategy and evaluates performance against the management’s operating plan.

The Board of Directors is responsible for supervising strategic, financial and execution risks, as well as exposures associated with the Company’s business strategy, product innovation and sales road map, policy matters, significant litigation and regulatory exposures, and other current matters that may present material risk to the Company’s financial performance, operations, infrastructure, plans, prospects or reputation, acquisitions and divestitures. Furthermore, the Board of Directors shall control the ongoing activities of the Company in a satisfactory manner.

Instructions for the Board of Directors
The Board of director’s instructions are subject to review every second year, and are revised as needed through a simple majority vote on a Board meeting. The current instruction was revised on, 4 May 2015. The instructions cover the following items:
Supervisory and governance responsibilities;

• Information concerning the nature of issues to be handled by the Board of Directors;
• Board meetings, and the preparations pertaining to these;
• The working procedures of the Board of Directors;
• Board committees;
• Quorum and majority requirements;
• Minutes;
• Independency and disqualification requirements.

Instructions for the CEO
Executive management and Board of Directors responsibilities are clearly segregated. There is a clearly defined gap between the responsibilities of the Board of Directors and those of the executive management. The Board has defined a set of instructions for the CEO. The current instruction was revised on May 4th, 2015

The instructions cover the following items:
• Responsibilities and authority of the executive management, including the special responsibilities and authority of the CEO;
• Commitments to the instructions and decisions of the Board of Directors;
• Independence and disqualification requirements;
• Confidentiality requirements.

Financial reporting
The Board is responsible for ensuring the integrity of financial information. The Board evaluates the integrity of the Company’s accounting and financial reporting systems, including the audit of the Company’s annual financial statements by the independent auditor, and that there are appropriate systems of internal control in place.

The main purpose of risk management and internal control is to provide reasonable assurance that the group will achieve:
• Compliance with legislation and regulations, as well as internal guidelines
• Quality and efficiency within internal operations
• Reliable internal and external reporting

Quarterly and annual financial reports are reviewed and approved at Board meetings, and form the basis for external financial reporting. Upon the presentation of year-end financial statements, the CEO and the CFO declare that the accounts have been prepared in accordance with generally accepted accounting principles, and that to the best of their knowledge, all information is accurate and no material information has been omitted.

Hiddn Solutions ASA uses BDO AS as its external accountant and has also appointed BDO as the accountant for all its Group companies, including Hiddn Security AS (as of 1 January 2017). Subsequent to the completion of the reverse takeover
on 29 December 2016, the Board has started the process of establishing routines for internal control and reporting.

Disqualification
The CEO or a member of the Board may not participate in the discussion on Board issues that are of special financial or personal interest to the individual in question.

Committees
The Board is the the process of evaluating the need for subcommittees, such as an audit committee and a renumeration committee.

Hiddn Solutions ASA (“Agasti H o l d i n g ASA”) had established an audit committee and renumeration committee as disclosed in the Annual Report in 2015. However, during 2016, Agasti Holding ASA sold its businesses and were in the process of delisting the Company from the Oslo Stock Exchange. After Hiddn Security AS arranged a reverse takeover of the Company, Hiddn Solutions ASA was an non-operating shell company and the old Board of Directors was replaced along with the former audit committee and remuneration committee.

The completion of the reverse takeover occurred on 29 December 2016. Hiddn Security AS, the acquirer in the transaction, was previously a privately held company, and has started the process to implement corporate governance policies commensurate with being a listed company.

The Hiddn Solutions ASA Group is a small company with less than 10 employees. At this time, the Board considers it premature to establish audit and remuneration committees. However, the Board will evaluate the need for such committees as the complexity and size of the operations increase.

Self-evaluation of the Board of Directors Once a year, the Board of Directors will conduct an evaluation of their performance for the past year against set objectives on both a collective and individual level. The results of this evaluation will be sent to the nomination committee, who in turn performs an assessment of the composition and remuneration of the Board of Directors.

Risk management and internal control
The Board of Directors performs an annual audit of the main risks and internal control routines of the Company. The audit shall encompass the issues that have been brought to the Board of Directors’ attention throughout the year.

In accordance with the Norwegian Accounting Act, §3-3, the Board of Directors produces a summary of the main routines in place for internal control and risk management, related to the process of financial reporting. This summary should be sufficiently exhaustive to enable the shareholders to understand the Company’s systems for internal control and risk management.

The routines for internal control shall encompass the Company’s adherence to its values, and its guidelines on ethics and corporate social responsibility.

Remuneration of the Board of Directors
The Ordinary General Meeting approves the remuneration paid to the Board of Directors. The nomination committee is responsible for issuing a proposal on the remuneration terms to the OGM.

The Company has not granted share options to board members.

Remuneration of executive management
In accordance with the Norwegian Public Limited Liability Companies Act, the Board of Directors establishes separate guidelines for the remuneration of the executive management team. These guidelines are presented to the General Meeting for an advisory vote. The Company’s general principle for management remuneration is to offer competitive terms, in order to attract and retain the competence it needs.

Share-based remuneration is approved by the General Meeting.

For details on the remuneration of the Company’s executive management, see note 5 to the annual financial statements.

Information and communication
Regular information to the Company’s shareholders, stakeholders and the market is provided through the Annual Report, quarterly reports and open presentations.  All reports and notices are issued and distributed according to the rules and regulations of the Oslo Stock Exchange. Insider information is treated in accordance with Norwegian law. Shareholder information, including the financial calendar, is available on www.hiddnsolutions.com/investor.

The Company’s CEO is responsible for all investorrelations.

The Company shall have procedures for discussions with shareholders other than ordinary general meetings. All information distributed to the Company’s shareholders is published on the Company’s website at the same time as it is sent to shareholders.

Takeovers
There are no defense mechanisms against takeover bids i n the articles of association or in any underlying steering document. In corporate takeovers or restructuring situations, the Board shall “exercise” due and proper care so that all shareholder values and interests are preserved. The Board of Directors will ensure that the shareholders are given sufficient information and time to form a view of the offer in a bid situation.

The Board of Directors will handle takeover bids in accordance with Norwegian laws and regulations. Furthermore, the Board of Directors will seek to comply with the recommendations set out in the Norwegian Code of Practice for Corporate Governance, including arranging for a valuation from an independent expert and making a recommendation as to whether or not the shareholders should accept the bid.

Other than the guidelines described above, the Board of Directors has not found it appropriate to establish any other written explicit principles for how it will act in the event of a take-over bid.

Auditor
The external auditor is elected by the General Meeting. The auditor is fully independent of the Company. Ernst & Young is the Company’s auditor. The Company represents a small share of the auditor’s total business. The Board of Directors is of the opinion that it enjoys good communications with the auditor. Each year the auditor presents the Board of Directors  with a plan for the implementation of the audit, and a written confirmation that the auditor satisfies established requirements pertaining to independence and objectivity. Upon request, the auditor shall be present at board meetings. The auditor presents the Board with its perspectives on the annual statement, and informs of any disagreements between the auditor and
the executive management. The Board of Directors also has contact with the auditor when required outside the situations mentioned above.

At least once a year, the auditor will attend a meeting with the Board of Directors in which no representatives from the Company’s executive management will be present.

The auditor is present at the General Meeting, where the Board of Directors also informs about the compensation for the auditory work required by law and remuneration associated with other assignments. Information of the fees paid to the auditor in 2016, including breakdown between statutory auditing and other assistance/service is presented in note 7 to the consolidated financial
statements.

In connection with the auditor’s presentation to the Board of Directors of the annual work plan, the Board of Directors considers if the auditor to a satisfactory degree also carries out a control function.