Atea ASA

Norway|IT Infrastructure & Services|FY2024|Auditor: Deloitte AS|View original report →

ESRS 2General Disclosures

GOV-1The role of the administrative, management and supervisory bodies
Reported

Reference: page 40

Atea's Board of Directors consists of nine members, an increase from eight since 2023. Four are women (44%) and five are men (56%); Corporate Management is eight people of whom one is female (13%) and seven male (87%). The company's largest shareholder, Systemintegration ApS, is represented by two Board members, so 78% of directors are independent of the largest shareholder and management. All Board members are non-executive, and three are employee-elected representatives. Atea targets at least 40 percent female representation in line with Norwegian law. The sustainability governance structure runs from the Board (approval) through the Audit Committee and Sustainability Steering Group (oversight) to the Sustainability Committee and Corporate Responsibility and Sustainable Business departments (implementation). The Steering Group includes the CFO, COO, Group Director of Sustainability and Director of Corporate Responsibility. The Board oversees risk management, internal control and business conduct, and formally approves the Annual Report including the sustainability statement.

GOV-2Information provided to and sustainability matters addressed by the undertaking's administrative, management and supervisory bodies
Reported

Reference: page 40

During the double materiality assessment, the Sustainability Steering Group and the Audit Committee received regular updates on progress. The outcomes of the DMA were presented to the CFO and COO before being submitted to the Audit Committee for approval, and were integrated into the new business strategy. During the year the Sustainability Committee addressed material impacts, risks and opportunities relating to SBTi targets, upcoming regulations such as CSRD and CSDDD, and initiatives including the Atea Sustainability Forum. Topics covered included greenhouse gas emissions across the value chain, energy use by Atea and in the use of sold products, full implementation of the LCM strategy, conflict financing, supply chain management and governance, and promotion of the circular economy among customers. Decisions on addressed impacts, risks and opportunities formed part of quarterly updates to the Audit Committee and Corporate Management. The Board is also kept informed of any policy updates following the annual review of policies.

GOV-2(was GOV-3)Integration of sustainability-related performance in incentive schemes
Reported

Reference: page 41

The performance-based bonus system is designed to incentivize Corporate Officers and executives for achievements aligned with company needs and individual performance in their functional areas. Each year the Board of Directors meets with the Corporate Officers to evaluate the Group's long-term business strategy and translate it into business development plans and financial targets for the coming year. The cash bonus for the Corporate Executive Officer is based on the Group's annual business results, supplemented by an evaluation of performance against specific objectives developed with the Chairman of the Board at the start of the year. These objectives include Atea's performance in sustainability, specifically ratings such as EcoVadis at Platinum or Gold level. The proportion of additional bonus for the CEO dependent on sustainability-related targets is 5%. The terms of incentive schemes are updated and approved by the General Meeting, with the Board, including the Chairman, playing a significant role in review and recommendation. The Board itself does not have performance-related remuneration.

GOV-3(was GOV-4)Statement on due diligence
Reported

Reference: page 41

Atea has an established due diligence process on sustainability matters, based on the OECD Due Diligence Guidance for Responsible Business Conduct and the UN Guiding Principles on Business and Human Rights. This prepares Atea for the Corporate Sustainability Due Diligence Directive (CSDDD) approved by the European Council in May 2024. The goal of due diligence is to identify and address adverse human rights and environmental impacts and to minimize risks through a system to prevent, limit and remediate impacts. The process has six core elements: embedding responsible business conduct; identifying and assessing adverse impact; ceasing, preventing or mitigating impacts; tracking; communicating; and providing for or cooperating in remediation. A statement maps these elements to disclosures across ESRS 2 GOV-2, GOV-3, SBM-2, SBM-3, IRO-1, MDR-P, MDR-A, MDR-M and MDR-T, and to topical standards E1, E5, S1, S2, S3 and S4. A salient human rights assessment conducted in 2023 supports the process, alongside the Supplier Assessment Program and a third-party whistleblower channel.

GOV-4(was GOV-5)Risk management and internal controls over sustainability reporting
Reported

Reference: page 44

The Audit Committee carries out an overall assessment of the risks related to sustainability reporting processes at least once a year. The Board of Directors and the Audit Committee continuously consider risks and the measures needed to mitigate or eliminate them, and based on the outcome, revisions to relevant policies and manuals are considered and implemented. The Board and Audit Committee assess Atea's organizational structure and staffing in key areas at least once a year to ensure well-defined reporting lines, delegated authorities, documentation and appropriate segregation of duties, supporting the internal control mechanism known as the four-eye principle. They establish and approve Group-wide procedures and controls for both financial and non-financial reporting. Internal controls applied to sustainability reporting include review of each report section by at least two designated individuals under the four-eyes principle, analysis of outliers, and comparison of figures to previous years so errors are caught and corrected before publication. Reporting processes and controls are reviewed and adjusted as needed.

SBM-1Strategy, business model and value chain
Reported

Reference: page 44

Atea operates in the Information Technology service sector across the Nordic and Baltic regions, aiming to deliver long-term, sustainable financial performance by creating shared value for customers, suppliers and investors through high-quality, innovative IT solutions and services. Its range of solutions falls into three areas: Digital Workplace, Hybrid Platforms and Information Management. Operations are organized into segments described in Note 4 of the Group Financial Statements, with no associated companies or joint ventures. Although Atea is not engaged in manufacturing, its value chain spans raw material extraction and component manufacturing upstream, through brands and distributors, to downstream distribution channels, customers, takeback partners, repair, reuse and recycling. Inputs are IT infrastructure products and services from a wide range of suppliers, secured through supplier assessments and sustainability standards; outputs are IT solutions and services. The current business strategy concluded at the end of 2024, and a new strategy for 2025 to 2027 was approved in December 2024, incorporating outcomes of the double materiality assessment and Vision 2030 within a Transition plan.

SBM-2Interests and views of stakeholders
Reported

Reference: page 46

Atea's key stakeholders are customers, suppliers and business partners, employees, shareholders and investors, workers in the value chain, consumers and end-users, and affected communities. Atea conducted stakeholder dialogue with key stakeholders as part of the double materiality assessment in 2024, and the salient human rights assessment performed in 2023 also included engagement with external stakeholders. Further information on key stakeholders and how engagement was organized is provided under IRO-1. Corporate Management and the Board of Directors have been informed about stakeholders' interests and views on sustainability matters. The company acknowledges that its business model and strategies contribute to both positive and negative impacts on stakeholders, so stakeholders' interests and views were used as input to the new business strategy approved in December 2024. Recognizing limited direct influence, Atea focuses on collaborating with partners, evaluating suppliers' priorities and engaging through industry associations to prevent, mitigate and address negative material impacts on environment and people across its value chain.

SBM-3Material impacts, risks and opportunities and their interaction with strategy and business model
Reported

Reference: page 46

A summary table outlines Atea's material impacts, risks and opportunities identified during the 2024 materiality assessment, mapped across upstream, own operations and downstream locations and across short, medium and long-term horizons. Under E1 Climate change these include greenhouse gas emissions across the value chain, energy use by Atea and in the use of sold products, and customer requirements for sustainable data centers. Under E5 Resource use and circular economy they include promotion of the circular economy among customers, unnecessary e-waste, extended customer consumption cycles, fully implementing the LCM strategy, and traceability of take-back products. Social matters cover discrimination and harassment and career development (S1), lack of living wage and labor, health and safety concerns (S2), conflict financing and sold products associated with human rights violations (S3), and insecure data handling and privacy breaches (S4). Under G1 Business conduct they include bribery risks, supply chain management and governance, and corporate culture to attract and retain talent. More detail appears under each topical standard.

IRO-1Description of the processes to identify and assess material impacts, risks and opportunities
Reported

Reference: page 48

Atea has conducted materiality assessments since 2015 and performed its double materiality assessment in 2024, coordinated and reported at Group level with input from key stakeholders across multiple countries. Internal experts and the Sustainability Committee ensured regional differences were captured through region-specific workshops. The 2023 salient human rights assessment and a TCFD-based climate scenario analysis, using IEA and IPCC scenarios SSP1-2.6 and SSP5-8.5 for the present year and 2060, served as inputs. The process had four steps: understand the organization's context (drawing on prior assessments, the WEF Global Risk Outlook, the MSCI ESG Industry Materiality Map, SASB standards and peer reviews); identify actual and potential impacts, risks and opportunities; assess significance; and prioritize for reporting. Impacts were scored on severity (scale, scope, irremediability) and likelihood, while risks and opportunities used size of financial effect and likelihood, on one-to-five scales. Material stakeholders were identified with the Sustainability Committee. The materiality threshold was an average score of four; results were validated with experts, the CFO, COO, Audit Committee and Board.

IRO-2Disclosure requirements in ESRS covered by the undertaking's sustainability statement
Reported

Reference: page 51

Atea used the results of its double materiality assessment, together with an analysis of the materiality of information for stakeholders and readers, to determine which standards, disclosure requirements and data points to disclose. It reports on all standards, disclosure requirements and data points concerning its material impacts, risks and opportunities. The material topical standards are E1 Climate change, E5 Resource use and circular economy, S1 Own workforce, S2 Workers in the value chain, S3 Affected communities, S4 Consumers and end-users, and G1 Business conduct. E2 Pollution, E3 Water and marine resources, and E4 Biodiversity and ecosystems were assessed as not material. Some metrics, disclosure requirements and data points were determined not material based on the DMA and the materiality of information. As Atea's first ESRS reporting year, transitional phase-in provisions were applied to omit anticipated financial effects from material risks and opportunities, including E1-9 and E5-6. An index of data points from other EU legislation, with their locations and any not material indications, is included at the end of the statement.

E1Climate Change

E1-1Transition plan for climate change mitigation
Reported

Reference: page 52

In 2024 Atea introduced its first Transition plan to align with the Paris Agreement goal of limiting warming to 1.5C and to support its path to net-zero emissions. The plan is embedded in long-term business goals and was approved by Corporate Management and the Board of Directors. It is built on SBTi-validated targets and the outcomes of the double materiality assessment, with the Chief Operating Officer responsible for business strategy. Atea states the long-term ambition of reaching net-zero emissions by 2040. The plan identifies key decarbonisation levers: fleet electrification, transitioning to renewable energy sources, enhancing energy efficiency in data centres and circularity of IT equipment. Locked-in emissions stem mainly from the vehicle fleet (82% of Scope 1 and 2) and from the use phase of sold IT products. Projected locked-in emissions from key assets are 2,167 tCO2e in 2030 and zero in 2050, while use-phase emissions are projected at 421,745.8 tCO2e by 2030 and zero by 2050, using 2019 as the base year.

E1-4(was E1-2)Policies related to climate change mitigation and adaptation
Reported

Reference: page 57

Atea's Climate Policy aligns with the 1.5C scenario of the Paris Agreement, the UN Sustainable Development Goals and the Science Based Targets initiative. It outlines actions to reduce emissions, enhance energy efficiency and promote low-carbon solutions across all operations, including the value chain. The policy applies to all Atea companies and requires all employees and business units to adopt it in their activities and decision-making. It specifies steps to reduce GHG emissions, improve energy efficiency and support low-carbon solutions for customers, with a commitment to track and reduce emissions across the entire value chain in line with the Greenhouse Gas Protocol. To support these efforts, Atea's Supplier Code of Conduct emphasises tracking, documenting and publicly reporting energy consumption and GHG emissions, and encourages suppliers to improve efficiency and cut emissions. Both the Climate Policy and the Supplier Code of Conduct are published on atea.com. The most senior level accountable for implementation is addressed under ESRS 2 GOV-1.

E1-5(was E1-3)Actions and resources in relation to climate change policies
Reported

Reference: page 57

Atea implements four decarbonisation levers to reduce locked-in emissions and meet its targets, with progress monitored annually against SBTi targets. Fleet electrification: transitioning vehicles to electric, which reduced emissions by 439 tCO2e versus the prior year, with further reductions of about 3,300 tCO2e expected by 2030; Scope 1 and 2 must fall 7% annually to meet the 80% target. Transitioning to renewable energy: aiming for 100% renewable electricity by end of 2025, up from 39% in 2019, projected to cut about 6,000 tCO2e annually; 69% of energy came from renewable sources in the reporting period, with a 2030 target of 100% renewable energy and an 80% Scope 1 and 2 reduction. Enhancing data centre energy efficiency through advanced cooling, server virtualisation and energy-efficient hardware; centres in Trondheim, Oslo and Umea will be screened against the EU Code of Conduct for Data Centres. Circularity of IT equipment through refurbishment, reuse and recycling contributed a 17% reduction in Scope 3 emissions, supporting the 50% Scope 3 reduction target by 2030 (about 5% annually).

E1-6(was E1-4)Targets related to climate change mitigation and adaptation
Reported

Reference: page 58

Atea's emission reduction targets were first approved by the SBTi in 2018 and updated in 2023 to align with a 1.5C scenario and a net-zero goal; the updated targets were approved by the SBTi in 2024. Targets are set at Group level using 2019 as the base year and are absolute, with no intensity targets. Near-term targets by 2030 are: transition to 100% renewable electricity by 2025; an 80% reduction in Scope 1 and 2 emissions; and a 50% reduction in Scope 3 emissions. The long-term target is a 90% reduction across all scopes by 2040, with Atea committing to reach net-zero greenhouse gas emissions across the value chain by 2040. Performance against the 2019 base year by 2024: renewable electricity reached 96%, Scope 1 and 2 reduction reached 63%, and Scope 3 reduction reached 48%. Roughly 99% of Atea's emissions are Scope 3. The remaining 10% balance toward net-zero will be addressed through investments beyond the value chain.

E1-7(was E1-5)Energy consumption and mix
Reported

Reference: page 61

Atea reports energy consumption at Group level based on operational control, consistent with its financial consolidation scope. Total energy consumption was 53,254 MWh in 2024, down from 55,431 MWh in 2023. Total fossil energy consumption was 16,473 MWh (31% of the total), comprising natural gas of 163 MWh, crude oil and petroleum products of 12,235 MWh, and purchased fossil electricity, heat, steam and cooling of 4,075 MWh. Nuclear consumption was 16 MWh. Total renewable energy consumption was 36,765 MWh, representing 69% of the total, up from 62% in 2023. Renewable consumption included 1,050 MWh of renewable fuel, 35,329 MWh of purchased renewable electricity, heat, steam and cooling, and 387 MWh of self-generated non-fuel renewable energy. Energy intensity based on net revenue was 1.54 MWh per MNOK in 2024. Renewable energy assessment considers self-generated sources, purchased Guarantee of Origin certificates and Power Purchase Agreements. All operations fall within high climate impact sectors under NACE G46.5.

E1-8(was E1-6)Gross Scopes 1, 2, 3 and Total GHG emissions
Reported

Reference: page 62

Atea calculates GHG emissions per the WRI GHG Protocol for all sites under operational control, with Scope 2 reported on both market and location bases. In 2024 Gross Scope 1 emissions were 3,317 tCO2e (down 20% versus 2023 and down from 3,747 in the 2019 base year). Gross location-based Scope 2 was 2,069 tCO2e and gross market-based Scope 2 was 688 tCO2e (down 90% versus 2019). Total gross indirect Scope 3 emissions were 993,988 tCO2e, down 17% versus 2023 and down 48% versus the 2019 base year of 1,893,322 tCO2e. The largest Scope 3 categories were purchased goods and services at 776,387 tCO2e and use of sold products at 196,926 tCO2e. Total GHG emissions were 993,374 tCO2e location-based and 997,993 tCO2e market-based. Scope 3 represents about 99% of total emissions. Approximately 1% of emissions are based on primary data. GHG intensity was 28.86 tCO2e per MNOK on a market basis.

E1-9(was E1-7)GHG removals and GHG mitigation projects financed through carbon credits
Reported

Reference: page 66

Atea has purchased 307 tCO2e of carbon credits from the Vanga Blue Forest project on the south coast of Kenya in Kwale County, managed by the Association of Coastal Ecosystem Services and the Community Forest Association of Vanga Jimbo and Kiwegu. The project restores and protects mangrove ecosystems, prevents emissions from deforestation and degradation, and promotes sustainable development for local communities. It achieves GHG removals through biogenic carbon sequestration via mangrove restoration, following the Verified Carbon Standard methodology VM0033 for Tidal Wetlands and Seagrass Restoration. The project is expected to avoid over 100,379 tCO2e over a 20-year crediting period, an annual average of 5,019 tCO2e. These purchases are a complementary action driven by customer requirements and disclosed through the CDP questionnaire. They are not part of Atea's emission reduction strategy and are not included in reported reductions. For its net-zero target, Atea plans to invest in mitigation activities beyond its value chain only in the year the net-zero target is reached.

E1-10(was E1-8)Internal carbon pricing
Not Reported
E1-11(was E1-9)Anticipated financial effects from material physical and transition risks and potential climate-related opportunities
Omitted

E5Resource Use and Circular Economy

E5-1Policies related to resource use and circular economy
Reported

Reference: page 69

Atea's resource use and circular economy approach is governed by several policies. The Climate Policy focuses on preventing waste generation and promotes the use of secondary recycled resources to minimise environmental impact, applying to both the upstream and downstream value chain. The Environmental Policy emphasises sustainable IT solutions and responsible waste management, aiming to minimise environmental impact through proactive and circular approaches. It extends the life cycle of IT products through re-use and refurbishment, prioritising these actions before recycling or disposal, and ensures responsible disposal of waste as a last resort in line with regulations. It encourages practices such as re-use, repair, refurbish, remanufacture and repurpose, treating waste as a valuable resource. The Responsible Minerals Policy ensures ethical sourcing of minerals through due diligence aligned with international frameworks. Atea's operations are certified to ISO 14001, and the Supplier Code of Conduct requires suppliers to track, document and report energy use and emissions. The scope of these policies covers the whole Atea Group, and all referenced policies are available on atea.com. The most senior accountable level is addressed under ESRS 2 GOV-1.

E5-2Actions and resources related to resource use and circular economy
Reported

Reference: page 70

In 2024 Atea focused on strengthening sustainable lifecycle management and take-back solutions and published its first Transition plan, which includes the transition to a circular economy. Lifecycle management (LCM) is treated as a strategic approach that facilitates IT governance and a circular business model, refined and implemented during 2024 through the LCM Track framework that helps customers align IT strategy with best lifecycle practices. Take-back services have been offered since 2008, allowing customers to return used IT equipment for reuse or recycling; Atea collects and processes equipment, securely erases data and prepares devices for reuse or recycling, and provides customers a climate report showing potential savings from reuse. As part of take-back services, customers can order unpackaged delivery of up to 100 laptops in a safety cabinet and return up to 100 end-of-life laptops, preventing roughly 300 tons of packaging annually. Atea also increased engagement in its 1:1 goal and participates in initiatives including the Responsible Business Alliance, the Atea Sustainability Focus initiative with over 600 customers, the ASF Leadership for Change group and the 100% club of over 500 organisations.

E5-3Targets related to resource use and circular economy
Reported

Reference: page 71

In 2020 Atea launched a circular economy goal as part of its Vision 2030: to achieve a 1:1 ratio between IT units sold and units recovered, taking back at least one unit for every unit placed on the market to extend IT lifespan and preserve resources. This goal addresses multiple layers of the waste hierarchy, including prevention of virgin raw material use, preparation for reuse and recycling, and minimising waste and landfill. Atea acknowledges that the circular economy field is still evolving in how progress is measured, and in coming years it will investigate setting measurable, time-bound and outcome-oriented targets. GHG emissions from waste are already included in its science-based targets, which are measurable, outcome-oriented and time-bound. Although measurable circular targets are not yet set, Atea tracks the effectiveness of its policies and actions by measuring the amount of IT equipment collected through take-back services, and it collaborated with the IVL Swedish Environmental Research Institute to develop a methodology for calculating avoided emissions from reuse.

E5-4Resource inflows
Reported

Reference: page 72

Because Atea's business model does not include producing IT equipment or hiring others to manufacture it, its material resource inflows are water for office use and closed-loop cooling in data centres, natural gas and electricity for offices and data centres, diesel, petrol and electricity for transportation, and various IT equipment purchased and collected through take-back services ranging from cables to data centre units. The data for resource inflows uses the same methodologies and boundaries as Scope 3 reporting. During 2024 Atea reported 22,530 cubic metres of water consumed across operations, 39,969 MWh of energy from natural gas and electricity to power offices and data centres and for car charging, and 13,285 MWh of diesel and petrol consumed by the car fleet. The largest share of inflows comes from two streams: purchases of IT equipment from leading global brands that are sold to customers, and take-back services collecting no-longer-used equipment. Atea notes it does not have direct access to the weight or percentage of secondary reused or recycled components and materials, as the production of electronic devices involves long and complex supply chains.

E5-5Resource outflows
Reported

Reference: page 73

Atea does not manufacture products; it supplies IT infrastructure and helps customers prolong the life of IT equipment such as laptops, computers, mobile phones and tablets by selling spare parts, preparing equipment for reuse and selling refurbished products. During 2024 Atea recovered over 640 thousand units of IT equipment through take-back services (640,739 units, a 19% decrease versus 760,900 in 2023) and achieved a reuse rate of 55%, meaning more than half of collected equipment was refurbished and resold. Total units reused or repurposed were 352,124 and total units recycled were 288,615, with the remaining 45% of equipment recycled responsibly to recover valuable materials. The entity-specific metric Atea-1 quantifies potential savings through reuse: working with the IVL Swedish Environmental Research Institute, Atea calculated avoided emissions of 75,705 tCO2e in 2024 (down from 88,812 in 2023), with avoided manufacturing of new products accounting for over 95% of the savings. Atea places EEE on the market and recovers used equipment; in 2024 it placed 1,829.2 tons of EEE in the market.

E5-6Anticipated financial effects from resource use and circular economy-related impacts, risks and opportunities
Omitted
E5-5(was E5-5-Waste)Waste
Reported

Reference: page 74

During the reporting period Atea's operations generated 2,107.6 tons of waste, up from 1,830.1 tons in 2023, of which 16% was hazardous. Of the total waste generated, 77% was reused or recycled and only 23% was disposed of through incineration, with energy recovery prioritised; no waste went to landfill and no radioactive waste was generated. Non-hazardous waste was 1,764.4 tons and hazardous waste was 343.2 tons. The total amount diverted from disposal was 1,290.1 tons of non-hazardous waste plus 342.9 tons of hazardous waste, with non-hazardous recycling of 1,071.7 tons and EE waste recycling of 218.4 tons (non-hazardous) and 323.3 tons (hazardous). Incineration with energy recovery totalled 113.3 tons and incineration without energy recovery 361.0 tons. The majority of value chain waste is generated downstream by customers at end of life, creating significant e-waste. Atea partners with waste handling and recycling companies and sorts materials such as metals, plastics, cardboard and glass. In 2024 Atea collected 541.7 tons of WEEE, reported based on the waste data in E1-6.

S1Own Workforce

S1-1Policies related to own workforce
Reported

Reference: page 87

Atea strictly prohibits discrimination based on gender, age, national origin, religion, sexual orientation, disability and other factors, as stipulated in the Anti-Discrimination Act, and adapts workplaces for employees with disabilities. The company upholds international standards including the Universal Declaration of Human Rights and the ILO Declaration on Fundamental Principles and Rights at Work, and operates in countries that have ratified the ILO Fundamental Conventions. Key policies include a Diversity and Inclusion Policy, an Anti-Discrimination and Harassment Policy with training and reporting mechanisms, and a Human Rights Policy with grievance and remediation procedures. A zero-tolerance approach to discrimination and harassment applies. These complement the Code of Conduct and Supplier Code of Conduct, apply to all Atea Group entities and employees, and are available on atea.com. Atea has not identified specific groups of employees at particular risk of vulnerability.

S1-2Processes for engaging with own workforce and workers' representatives about impacts
Reported

Reference: page 88

Atea regularly engages employees through multiple methods to ensure their voices are heard and feedback informs decision-making. The company conducts annual surveys on the work environment and job satisfaction, holds at least monthly one-on-one manager meetings, and conducts development dialogues at least annually. An Atea Workers Council (AWC) was established with representatives from national trade unions, the CEO and the Chief Human Resources Officer to discuss the economy of Atea, challenges, possibilities and significant employee matters, meeting quarterly with additional sessions as needed. Stakeholder dialogues with employees from various countries fed into the double materiality assessment. Feedback is analyzed and used to inform policies and practices; for example, annual survey insights led to new well-being initiatives and improvements in communication, goal setting and support systems. Outcomes are communicated back through internal meetings, and Corporate Management is responsible for ensuring engagement occurs.

S1-2(was S1-3)Processes to remediate negative impacts and channels for own workforce to raise concerns
Reported

Reference: page 88

Atea encourages reporting of discrimination, harassment and other misconduct through multiple channels, ensuring confidentiality and protection against retaliation. The Human Rights Policy includes measures to provide or enable remedy through clear reporting mechanisms, thorough investigations and corrective actions. Employees are encouraged to report concerns directly to their managers or the HR department, which conducts investigations, develops action plans, implements remedies and assesses effectiveness by monitoring and gathering feedback from affected employees. Atea also offers a confidential, anonymous, web-based whistleblower hotline provided by a third party and managed by an external law firm to ensure impartiality and confidentiality, described in detail in G1-1. The company assesses employee awareness, trust and the effectiveness of these structures through regular employee surveys conducted by third-party companies to guarantee anonymity, with results presented in groups so individual responses cannot be identified.

S1-3(was S1-4)Taking action on material impacts on own workforce
Reported

Reference: page 89

As Atea operates in seven European countries, it established Group-wide policies on diversity and inclusion and on anti-discrimination and anti-harassment to ensure a common understanding and unified approach across all locations. A structured process using regular surveys, focus groups and direct communication identifies where to respond to issues affecting the workforce; data is analyzed to pinpoint issues and develop targeted action plans, with effectiveness monitored through employee feedback and misconduct reports. Key actions performed in 2024 include reviewing and updating recruiting processes, job descriptions, job evaluations and total reward policies for gender-neutral pay criteria and Pay Transparency Directive compliance by June 2027; webinars on mental health, burnout prevention and stress management; eNPS surveys; inclusion and diversity training for leaders and employees; and a comprehensive employee survey including questions on perceived discrimination or harassment. Resources are incorporated into annual budgets rather than allocated specifically per action.

S1-4(was S1-5)Targets related to own workforce
Reported

Reference: page 90

Discrimination and harassment are complex issues with a real negative impact on employees. Currently Atea has not set any measurable, time-bound and outcome-oriented targets regarding these issues. To address this, the company will use its annual survey to measure progress through the Employee Net Promoter Score (eNPS), which indicates how likely employees are to recommend the workplace. For 2024, the score gathered was 32, suggesting a moderate level of employee satisfaction and highlighting areas for improvement. Since this is the first year, eNPS data was gathered at Group level and will be analyzed, after which Atea will set a time-bound and outcome-oriented target based on the findings. To advance its positive impact on career development, Atea will also establish time-bound and outcome-oriented targets using the outcomes of the annual employee survey. No risks or opportunities were identified through the double materiality assessment related to its own workforce.

S1-5(was S1-6)Characteristics of the undertaking's employees
Reported

Reference: page 90

Atea welcomed 1,080 new employees in 2024 (71% male, 29% female), bringing the total workforce to 8,359 employees by year end (74% male, 26% female). 1,121 employees left (75% male, 25% female), an overall turnover rate of 13.4%. By gender, end-of-year headcount was 6,157 male and 2,202 female (average 6,211 and 2,187; total average 8,398); zero reported as not reported, and no non-binary data was collected. Headcount by country: Norway 1,862, Sweden 3,077, Denmark 1,476, Finland 551, Lithuania 653, Latvia 667, Estonia 73. By contract type, 8,168 were permanent (2,147 female, 6,021 male), 139 temporary, 55 non-guaranteed hours, 7,848 full-time and 494 part-time. Roughly 98% of employees are permanent and 2% temporary. In November 2024 Atea Sweden reduced 75 employees in a cost efficiency program, with restructuring costs of SEK 39 million.

S1-6(was S1-7)Characteristics of non-employee workers
Reported

Reference: page 93

Atea engages self-employed individuals for specific tasks or projects under contractual agreements. These contractors are not directly employed but provide essential services in roles such as consultants, service engineers, managed services specialists and administrative and support functions. During the reporting period, Atea engaged 190 non-employees, with 77% male and 23% female. Of these, 91 were engaged in Sweden and 80 in Denmark. The information is collected through HR and payroll systems and reported as headcount figures for those still engaged at the end of the year. By leveraging the skills and knowledge of these individuals, Atea maintains flexibility and adapts to varying project demands. Denmark and Sweden, which also have higher numbers of part-time employees, reflect a more flexible employment structure. This type of engagement is not included in standard turnover calculations and is not reported as new hires or leavers in S1-6.

S1-7(was S1-8)Collective bargaining coverage and social dialogue
Reported

Reference: page 93

Atea fully supports employees' freedom of association and their right to be represented by a trade union for collective bargaining without interference. Approximately 48% of Atea's employees are covered by collective bargaining agreements and/or universally binding collective agreements. Collective bargaining is used in Denmark, Sweden and Finland; where agreements are not used, employment terms are similar to those that exist elsewhere. Per country, coverage is 20-39% in Denmark and 80-100% in Sweden and Finland, with workplace representation (social dialogue) present in Sweden, Denmark, Norway and Finland. There are no collective bargaining agreements for headquarters in Norway or for other entities in Norway, Lithuania, Latvia and Estonia. At the end of 2023, Atea established a works council for transnational matters covering Sweden, Denmark, Norway and Finland; by the end of the reporting period a member representing the Baltic region (Lithuania, Latvia, Estonia) had not yet been elected.

S1-8(was S1-9)Diversity metrics
Reported

Reference: page 94

Atea is committed to attracting a diverse workforce and fostering an inclusive work environment, with leadership in diversity and inclusion exemplified from the top by the Board. The definition of top management aligns with the Authority Matrix and includes the country leadership team comprising employees who report directly to the Group or Country Managing Director. At the end of the reporting period, 81 employees were part of the country leadership team, with a gender distribution of 68% male and 32% female. The age distribution of employees was: under 30 years, 1,444 employees (17%); 30 to 50 years, 4,542 employees (54%); and over 50 years, 2,373 employees (29%). Overall the workforce is approximately 74% male and 26% female. For Board and Corporate Management diversity, the report refers to GOV-1.

S1-9(was S1-10)Adequate wages
Reported

Reference: page 94

All Atea employees receive wages that meet or exceed the applicable adequate wage as determined by legislation or collective bargaining agreements. During the annual salary review process, the company ensures compliance with local legal requirements and aligns with peers and similar companies through regional benchmark analysis. This confirms that all employees are paid at or above the adequate wage benchmark relevant to their country of operation.

S1-10(was S1-11)Social protection
Reported

Reference: page 94

Atea complies with local legislation and laws in all countries where it operates, adhering to international standards and collective agreements. The company ensures all employees are protected against income loss due to significant life events such as sickness, unemployment, employment injury, parental leave and retirement, as stated in national laws. This indicates effectively full social protection coverage of employees through statutory national social protection systems in the Nordic and Baltic countries where Atea operates.

S1-11(was S1-12)Persons with disabilities
Reported

Reference: page 94

Atea firmly believes in the equality of all individuals and is committed to ensuring equal opportunities for everyone to contribute and pursue a rewarding career. To prevent potential mistreatment or discrimination and to protect privacy, Atea does not collect or disclose the number of employees with disabilities. This approach aligns with legal requirements in the Nordic and Baltic regions, where explicit consent is necessary for gathering and processing sensitive data, including disability information, governed by national laws such as the Non-Discrimination Act in Finland and the Comprehensive Anti-Discrimination Law in Norway. The General Data Protection Regulation (GDPR) mandates that employers have a lawful basis for processing sensitive data and obtain explicit consent. By focusing on reasonable accommodations and preventing discrimination, Atea supports and values all employees without compromising their privacy. As a result, no headcount of persons with disabilities is reported.

S1-12(was S1-13)Training and skills development metrics
Reported

Reference: page 95

Continuous employee development is a core value at Atea, supporting its vision of being The Place to Be. Development plans include internal and external training and certifications from key technology partners such as Microsoft, Cisco, HP, Apple, Lenovo, Citrix, HPE, IBM and VMware, plus leadership training in communication, conflict resolution, performance management, diversity and inclusion and ethical decision-making. For the period, the average number of training hours per employee completed was 27 overall, broken down as 21 hours for female employees and 29 hours for male employees, across 2,202 female and 6,157 male employees (8,359 total). In 2024, development dialogues were conducted with 84% of male employees and 81% of female employees, with 84% overall participation. Training hours were collected from internal training systems and time registration systems, with estimates applied where actual time was unavailable (for example assuming eight hours for full-day sessions).

S1-13(was S1-14)Health and safety metrics
Reported

Reference: page 96

Atea ensures work conditions meet or exceed legal standards in every country, covering 100% of its workforce through a health and safety management system based on legal requirements. The only location with external certification is Atea Baltics, specifically the Lithuania region, covering 653 employees by headcount, with the certificate available on atea.com. During the reporting period there were no fatalities due to work-related injuries or ill health among employees or other workers at sites and offices. The number of recordable work-related accidents was 36, resulting in a recordable work-related accident rate of 2.4, and 210 days were lost to work-related injuries. Incidents included falls from chairs, missed steps on stairs, bicycle accidents, slips on ice while commuting, and injuries at construction sites. Due to legal restrictions on data collection regarding ill health, no instances of work-related ill health were recorded. Hours worked used 224 working days multiplied by eight hours.

S1-14(was S1-15)Work-life balance metrics
Reported

Reference: page 97

All employees are entitled to family-related leave through national laws and/or collective bargaining agreements, meaning 100% of employees can access family-related leave, which includes parental leave (covering both maternity and paternity leave) and carers' leave. During the reporting period, 10.9% of employees took parental leave, comprising 7.5% male and 3.4% female. In addition, 4.8% of employees took carers' leave, comprising 3.5% male and 1.3% female. These figures are calculated based on the headcount reported in S1-6. Atea also invests annually in activities aimed at achieving a balanced, positive work-life experience for all employees, recognizing that maintaining physical and mental health is essential for both company performance and employees' personal well-being.

S1-15(was S1-16)Compensation metrics (pay gap and total compensation)
Reported

Reference: page 97

Annual total compensation includes fixed compensation (base salary, fringe benefits), variable compensation (performance-based cash bonus, share-based compensation) and pension costs. The unadjusted gender pay gap between male and female employees, reported per entity, was: Atea Norway 7.7%, Atea Sweden 9.4%, Atea Denmark 5.7%, Atea Finland 2.7%, Atea Logistics -0.2%, Atea Global Services 14.4%, Atea Lithuania 31.7%, Atea Latvia 22.9%, Atea Estonia 12.6% and AppXite -2.9%. The CEO, Steinar Sonsteby, is the highest-paid individual; the total compensation ratio of CEO versus employee average is 21.76, and the ratio of change in total compensation (CEO versus employee average) is -1.73. The CEO's pay change ratio is lower than that of regular employees because a significant share of executive remuneration is variable pay. Atea is implementing a job architecture and external salary benchmarks, aiming for full Pay Transparency Directive compliance by June 2027.

S1-16(was S1-17)Incidents, complaints and severe human rights impacts
Reported

Reference: page 98

In 2024, a total of 20 complaints were reported to the whistleblower hotline, which is managed by an external law firm to ensure impartiality and confidentiality. Excluding reports concerning the same or similar circumstances, there were a total of 16 reports during the review period. All cases received were investigated and appropriately handled within the Atea Group, with none remaining open at the end of the year. No fines, penalties or compensations were paid by Atea in 2024 due to cases of discrimination or harassment. Among the 16 reports, 14 were HR matters, including three cases of discrimination or harassment and nine cases concerning behavioral conduct, the use of workplace tools, and privacy and social media activities. For each case, HR conducted thorough investigations, developed action plans, implemented remedies and assessed effectiveness. More information about human rights incidents is described in S2-4.

S2Workers in the Value Chain

S2-1Policies related to value chain workers
Reported

Reference: page 100

Atea's Supplier Code of Conduct and Human Rights Policy together cover adverse impacts on workers in the value chain and form the basis for identifying, assessing and managing impacts. The Human Rights Policy addresses the elimination of forced or compulsory labor, abolition of child labor, the right to collective bargaining and the elimination of discrimination in employment. Atea adheres to the UN Convention against Transnational Organized Crime, including the protocol on preventing human trafficking. The Supplier Code of Conduct sets clear expectations for core-business suppliers and their contractors, sub-suppliers and business associates at any level of the supply chain, requiring them to identify and assess actual and potential adverse impacts on people, cease, prevent and mitigate those impacts, improve worker welfare and increase the supply of responsibly sourced minerals.

S2-2Processes for engaging with value chain workers about impacts
Reported

Reference: page 100

Engaging directly with value chain workers across all segments is a significant challenge, especially in raw material sourcing, because a single component manufacturer may supply many factories and brands. Rather than engaging workers directly, Atea relies on credible proxies through its regular supplier assessment program, engaging suppliers to gain insights into labor conditions and the implementation of management systems for selected high-risk suppliers. As a member of the Responsible Business Alliance, Atea is also part of the Responsible Minerals Initiative and the Responsible Labor Initiative, using established frameworks and collaborative platforms so workers can raise concerns safely. Corporate Management is responsible for ensuring stakeholder engagement occurs and that insights inform actions. Atea hosted its Atea Sustainability Forum in 2024 under the theme Scaling Impact.

S2-2(was S2-3)Processes to remediate negative impacts and channels for value chain workers to raise concerns
Reported

Reference: page 101

Atea's management systems and due diligence processes are implemented to identify, prevent, mitigate and account for adverse human rights impacts caused or contributed to by its activities or linked through business relationships. Atea offers a confidential, anonymous, web-based whistleblower hotline provided by a third party, accessible 24/7 at report.whistleb.com/en/ATEA, with reports managed by an external law firm to ensure impartiality and protection against retaliation. Atea has not assessed whether value chain workers are aware of or trust these structures. The Responsible Business Alliance offers an RBA Grievance Mechanism, though these channels are rarely used by value chain workers. To understand effectiveness, Atea includes an assessment of whether preferred suppliers have grievance mechanisms for their supply chain employees as part of its supplier assessment program.

S2-3(was S2-4)Taking action on material impacts on value chain workers
Reported

Reference: page 101

Atea's efforts focus on cooperation and dialogue with suppliers, customers and peers, using a supplier assessment program to manage and verify supplier compliance with international guidelines, the Supplier Code of Conduct and customer requirements. Atea detects breaches through media monitoring, supplier and stakeholder dialogues and a third-party whistleblower channel, then runs an allegation management process; verified allegations trigger demands for corrective action and follow-up, with escalation and possible business restriction where cooperation is lacking. In 2024 Atea closely investigated three allegations while maintaining dialogue with suppliers and experts; two of the three cases were confirmed to involve severe human rights violations. None of the investigated allegations resulted in termination or suspension of supplier relationships, nor the payment of remedies. Atea participated in initiatives including the RBA Annual Conference.

S2-4(was S2-5)Targets related to managing material negative impacts, advancing positive impacts, and managing material risks and opportunities
Reported

Reference: page 102

Atea has not yet developed targets concerning workers in the value chain. Instead it focuses on assessing its suppliers, monitoring and measuring more than 50 key performance indicators related to value chain workers covering suppliers' governance systems, ESG policies, the value chain and transparency. These indicators help Atea track progress on actions to minimize negative impacts on value chain workers and achieve the objectives of its policies. In coming years, Atea plans to develop measurable, outcome-oriented targets as part of its implementation of the Corporate Sustainability Due Diligence Directive, which must be transposed into national law by July 2026. Upcoming EU regulations prohibiting products made with forced labor, taking effect in 2027, will further strengthen its commitment to ethical practices across its own operations and suppliers.

S3Affected Communities

S3-1Policies related to affected communities
Reported

Reference: page 104

In 2024 Atea adopted a Responsible Minerals Policy aimed at advancing responsible mining and trading activities and ensuring these do not directly or indirectly finance armed conflicts. The policy is applied alongside the Supplier Code of Conduct, encompasses all Atea Group entities and outlines expectations towards suppliers of hardware and electronic devices. It aligns with the OECD Due Diligence Guidance for Responsible Supply Chains of Minerals from Conflict-Affected and High-Risk Areas, the OECD Guidelines for Multinational Enterprises, the UN Guiding Principles on Business and Human Rights, the ILO Declaration on Fundamental Principles and Rights at Work and the UN Universal Declaration of Human Rights. Atea expects suppliers to source conflict-free minerals, conduct due diligence, establish responsible sourcing management systems and verify smelters or refiners through independent audits. Two of the seven countries where Atea operates, Norway and Denmark, have ratified ILO Convention No. 169. Policies are reviewed annually and available on atea.com.

S3-2Processes for engaging with affected communities about impacts
Reported

Reference: page 105

While Atea's operations are in the Nordic and Baltic regions, it is closest to the Sami indigenous people in Norway, Sweden and Finland, and acknowledges there may be other affected communities it is not yet aware of. Those living in affected communities, including indigenous people, might not know Atea is part of this value chain, so Atea has not adopted a general process for engaging directly with these communities. Instead it relies on credible proxies, such as interviews with international organizations and NGOs and publicly available information from trusted sources and media coverage, to understand conditions in affected communities. In its 2023 salient human rights assessment, Atea interviewed international organizations and NGOs with knowledge of human rights impacts; that knowledge informs its double materiality assessment and its actions. Corporate Management is responsible for ensuring stakeholder engagement occurs.

S3-2(was S3-3)Processes to remediate negative impacts and channels for affected communities to raise concerns
Reported

Reference: page 105

Atea currently lacks a structured process for providing or contributing to remedies for affected communities, but its management systems and due diligence processes are designed to identify, prevent, mitigate and account for adverse human rights impacts caused by its activities or linked through business relationships. In the coming years, Atea will revise this process to accurately identify and contribute remedies where it has directly caused or contributed to negative impacts on affected communities. While the Responsible Business Alliance, Atea and many of its suppliers and customers have whistleblower functions available to everyone, these mechanisms are rarely used by those in affected communities, and there are significant challenges in making communities aware of the grievance mechanisms. Atea aims to make progress through collective action with the IT industry, its partners and customers.

S3-3(was S3-4)Taking action on material impacts on affected communities
Reported

Reference: page 105

Atea's approach focuses on preventing, mitigating and remedying negative impacts on affected communities and indigenous people, with attention to conflict minerals (tin, tantalum, tungsten and gold, known as 3TGs) and cobalt, which is sourced largely from the Democratic Republic of Congo and associated with dangerous conditions and child labor. Atea's commitment began in 2014 with its Conflict Minerals Campaign. It is a member of the Responsible Minerals Initiative, alongside more than 500 companies, using RMI tools and its risk portal and participating in monthly meetings. In 2024 Atea assessed several suppliers on responsible sourcing, incorporated RMI information on the DRC escalation and the Reasonable Country of Origin Inquiry, and co-authored two articles on conflict minerals and cobalt. No material risks or opportunities related to affected communities have been identified.

S3-4(was S3-5)Targets related to managing material negative impacts, advancing positive impacts, and managing material risks and opportunities
Reported

Reference: page 106

Currently Atea does not have any time-bound or outcome-oriented targets for affected communities, as setting measurable targets for affected communities is complex. Atea recognizes the need to seek external expertise and learn from best practices outside the company to effectively develop and implement these targets. In the upcoming years, Atea will seek external expertise to set and implement these targets. Atea also notes that, in the coming years, it seeks to develop processes to identify necessary actions, track and assess their effectiveness and create action plans with allocated resources to address adverse impacts on affected communities, while remaining committed to continuous improvement and proactive measures even though no material risks or opportunities related to affected communities have been identified.

S4Consumers and End-Users

S4-1Policies related to consumers and end-users
Reported

Reference: page 109

Atea's policies include respect for the human rights of consumers and end-users and commit the company to a secure, safe and healthy environment, with personal data handled securely and data privacy and protection rights upheld. Atea has adopted four policies related to information security, data protection and data privacy covering employees, customers, partners, suppliers, consumers and end-users across the whole Atea Group: a Data Privacy Policy explaining treatment of personal data in line with GDPR, a Data Protection Policy setting the standard for processing personal data and mandating staff training, an Information Security Policy establishing principles to protect information systems, and an Information Security Risk Management Policy providing a framework to identify and mitigate security risks. These are part of an Information Security Management System certified to ISO 27001. The Code of Conduct is the overarching guiding document. Policies align with the UN Guiding Principles on Business and Human Rights, with no reported cases of non-respect.

S4-2Processes for engaging with consumers and end-users about impacts
Reported

Reference: page 110

Atea collaborates with customers, vendors and suppliers, viewing them as key representatives of consumers and end-users rather than engaging directly with those groups. Dialogue with customers, vendors and suppliers is part of Atea's double materiality assessment; Atea maintains conversations with customers and holds annual discussions with vendors, and engages when signing data processing agreements (DPAs). The purpose of DPAs is to ensure secure, correct and legal processing of personal data, comply with legal requirements and ensure adequate protection of the personal data processed. Atea's adherence to GDPR, together with its ISO/IEC 27001 certification across the Nordic and Baltic regions, ensures the perspective of consumers and end-users is considered in operations. Corporate Management is responsible for ensuring stakeholder engagement occurs and that insights inform Atea's actions.

S4-2(was S4-3)Processes to remediate negative impacts and channels for consumers and end-users to raise concerns
Reported

Reference: page 110

Atea provides channels for consumers and end-users to raise concerns or exercise their GDPR rights to access, correct and erase personal data. It provides email addresses to Data Protection Officers appointed for each business unit, available on atea.com, who address the issues received. For anonymous complaints, consumers and end-users can use Atea's Whistleblower Hotline on its website. Atea does not assess whether consumers and end-users are aware of or trust these channels. Consumers can also submit complaints to national supervisory authorities. Atea expects all suppliers to comply with laws through data protection agreements, controlled annually. For data breaches, Atea acts under GDPR, notifying national data protection authorities within 72 hours where there is risk to rights and freedoms; each business unit's DPO investigates, while the Group Privacy Officer and Chief Information Security Officer evaluate risk and determine reporting and remedial action.

S4-3(was S4-4)Taking action on material impacts on consumers and end-users, and approaches to managing material risks and pursuing material opportunities related to consumers and end-users, and effectiveness of those actions
Reported

Reference: page 111

Atea has measures in place to prevent data breaches and to mitigate and remediate negative impacts on consumers and end-users, determined through a comprehensive risk assessment aligned with GDPR and ISO 27001. Key actions in 2024 included monthly information security trainings for employees, basic GDPR training for new employees during onboarding, ISO 27001 audits and re-certifications of business units and Atea ASA every third year with annual surveillance audits, an annual internal GDPR audit on the Atea Group, and preparations for implementing NIS2. Most actions are ongoing and incorporated into annual budgets rather than separately resourced. Atea conducts internal phishing campaigns, continuously monitors its infrastructure, and penetration tests critical internet-exposed services annually via an external party, with monthly internal vulnerability scans. A dedicated project team is preparing the organization for NIS2 compliance.

S4-4(was S4-5)Targets related to managing material negative impacts, advancing positive impacts, and managing material risks and opportunities
Reported

Reference: page 112

Atea's primary goal is to implement all necessary processes and procedures to prevent sanctioned breaches and protect consumers and end-users from negative impacts. Atea does not have measurable, outcome-oriented, time-bound targets; instead it maintains overarching ambitions and objectives related to personal data processing and information security aligned with its business strategy. It argues that specific targets for data protection or breach reporting could be misleading or create a false sense of security. Objectives include complying with applicable laws, governing DPAs, achieving employee behavior maturity through awareness training, preventing or minimizing breaches and maintaining ISO 27001 certification. In 2024 Atea recorded zero sanctioned complaints, incidents or breaches related to privacy, data leaks, theft or loss of data, with phishing campaign successes below 10 percent and a 95 percent organizational low-risk level.

G1Business Conduct

G1-1Business conduct policies and corporate culture
Reported

Reference: page 115

Atea has a strong corporate culture built on respect, trust, accountability and equal treatment, supported by an onboarding program, annual training and guiding documents, and evaluated through an annual employee survey. Atea has adopted three business conduct policies in its own operations, the Code of Conduct, Business Ethics at Atea and the Whistleblower Policy, alongside the Supplier Code of Conduct. The Code of Conduct sets principles for ethical practice and anti-corruption compliance, applies to all employees and contracted consultants, and must be reviewed and signed by every employee; violations may lead to disciplinary measures, dismissal or criminal prosecution. The Business Ethics Policy is supported by a management system adhering to the ISO 37001 anti-bribery standard, third-party certified, with mandatory annual Code of Conduct training. The Whistleblower Policy aligns with the EU Whistleblowing Directive and uses an independent third-party law firm, with multiple channels for raising concerns. The Code currently aligns with several aspects of UNCAC.

G1-2Management of relationships with suppliers
Reported

Reference: page 116

Managing supplier relationships is central to Atea's sustainable business practices and a way to manage social and environmental risks. Atea expects all suppliers to comply with applicable laws and its Supplier Code of Conduct, which is based on the Global Compact's Ten Principles, the UN Guiding Principles on Business and Human Rights and the RBA Code of Conduct, and which requires suppliers to embed responsible conduct and implement zero-tolerance for bribery and corruption. The Supplier Assessment Program checks whether suppliers have completed an EcoVadis assessment, committed to the Science Based Targets initiative, are RBA members and have responsible sourcing policies, using an in-house tool covering over 50 parameters supported by EcoVadis and RBA-Online. In 2024 Atea assessed 98 suppliers, representing 87 percent of direct hardware and software spend; 83 percent had responsible mineral sourcing policies and 86 percent had a Supplier Code of Conduct. Sub-suppliers' facilities are covered by the RBA Validated Audit Program.

G1-2(was G1-3)Prevention and detection of corruption and bribery
Reported

Reference: page 117

Atea has mechanisms to guide employees on challenging legal or ethical situations to prevent incidents. Employees needing guidance can contact their direct manager, HR manager, national Compliance Officers or the Chief Compliance Officer, and can use The Openness test to evaluate whether an action would withstand public scrutiny. Atea has a process for investigating whistleblower cases, allegations and incidents relating to corruption and bribery; reports submitted to the third-party law firm are investigated confidentially, with feedback provided within three months where possible. Confirmed serious breaches are handled by the law firm, which suggests measures to the Compliance Committee. The Chief Compliance Officer reports case statistics quarterly to the Compliance Committee and the Audit Committee. Atea runs a comprehensive training program; in 2024, 7,474 employees were enrolled in mandatory training with a 99.8 percent completion rate. Functions most at risk are front-line employees and those handling public sector tenders.

G1-4Incidents of corruption or bribery
Reported

Reference: page 119

A total of 20 concerns were reported to Atea's whistleblower channel in 2024. Excluding reports concerning the same or similar circumstances, there were 16 reports in total. Four of the 16 reported concerns were classified as actual whistleblowing matters, while the remaining were categorized as human resources matters related to the own workforce. None of the cases were related to corruption or bribery or to human rights violations. Throughout the year, all whistleblower reports received were investigated and appropriately handled, and none remained open at the end of the year. Incident metrics for 2024 were: 20 submitted whistleblower reports; 4 reported whistleblower cases; 0 confirmed incidents of corruption or bribery; 0 incidents in which own workers were dismissed or disciplined for corruption or bribery-related incidents; and 0 legal cases regarding corruption and bribery.

G1-5Political influence and lobbying activities
Not Reported
G1-6Payment practices
Not Reported