Lifeline SPAC I Plc’s risk management processes and internal control are based on Finnish Limited Liability Companies Act, the Company’s Articles of Association and on the company’s internal risk management plan. The company’s risk management aims to ensure that the company’s financial reports provide materially correct information about the company’s finances. The objective of risk management in the company is to ensure the continuity of the business and the operational capability of the company in all identifiable risk scenarios.

Risk management principles

The Company’s risk management is guided by the risk management policy. The objective of the risk management is to create operational conditions in which business-related risks are managed comprehensively and systematically at all levels of the organisation. The principle is to identify risks, assess their magnitude and significance, define risk mitigation measures and decide on their implementation and monitor of their effects.

The company uses a risk assessment and monitoring model and conducts a comprehensive risk assessment annually, in which the most significant risks to the company’s strategy and other objectives are assessed, as well as their probability and impact on business, and risk management measures are mapped. If necessary, the risk assessments are updated, for example, for the risk assessments in the interim reports.

Risk management organisation

The Company’s Board of Directors is responsible for defining the company’s risk-taking level, decides on taking strategic risks and is responsible for monitoring the results of risk management and evaluating its effectiveness. The CEO is responsible for the company’s risk management and its organisation, allocating resources for the work and reviewing the risk management principles. Management of financial risks is coordinated by the company’s CFO. Risks and associated changes are reported to the Company’s Board of Directors as appropriate.

Identification and evaluation of risks

The company’s strategic and operative goals i.e. to find, analyse and execute a transaction with a target suitable for the company’s investment strategy are used as a basis for identifying risks. Risk analysis and evaluations are conducted as self-assessments. In assessing the impact of a risk, the probability of the risk and its impact on the company’s shareholder value and working capital reserves are taken into account.

Separate risk analysis can be made concerning significant projects, in accordance with company guidelines.

Internal control

Internal control is essential in ensuring the company’s operating capability, a critical component in risk management, and it enables creating and maintaining the company’s value. The purpose of internal control is to protect the company’s and its business units’ resources from misuse, ensure the appropriate authorisation of business transactions, support management of IT systems, and ensure the reliability of financial reporting. Internal control is a process which enables minimizing the probability of mistakes related to accounting.

The company does not have a separate internal audit function, and internal audit responsibilities have been divided inside the company among different bodies and functions. The Board of Directors may use external experts to conduct separate evaluations of the control environment or control functions. The audit plan of the company’s external auditor must take into account the fact that the company does not have an internal audit function.