AIM Rule 26

QCA Corporate Governance Statement

Croma Security Solutions Group PLC (the "Company") is committed to maintaining high standards of corporate governance appropriate for an AIM‑quoted company of its size and complexity. The Board recognises that strong governance supports long‑term value creation for shareholders and underpins effective decision‑making, accountability and risk management.

The Company applies the QCA Corporate Governance Code (2023), adopting a proportionate approach that reflects the Group’s scale, development stage and business model. This statement explains how the Company applies the principles of the QCA Code and, where appropriate, how it has adapted its governance arrangements to suit the nature of the business.

This statement was last reviewed and approved by the Board on 27 February 2026.

1. Establish a purpose, strategy and business model which promote long‑term value for shareholders

The Group’s purpose and strategy are set out in the CEO’s Statement and Strategic Report within the Annual Report and Accounts. In summary, the Group seeks to build a recognised national security brand, delivering high‑quality locksmith, fire and electronic security solutions to commercial and residential customers.

The Board focuses on sustainable growth through a combination of organic development and disciplined acquisitions, supported by a strong balance sheet and robust cash generation. Strategic decisions are assessed with regard to long‑term shareholder value, regulatory compliance and operational resilience.

2. Promote a corporate culture that is based on ethical values and behaviours

The Group seeks to operate with integrity, transparency and accountability. While the Group does not maintain a formal written values statement, its culture is underpinned by ethical behaviour, openness and responsibility.

The Group maintains policies covering areas such as anti‑bribery and anti‑slavery, which are reviewed periodically. Employees are encouraged to raise concerns without fear of retaliation.

3. Seek to understand and meet shareholder needs and expectations

The Board places a high priority on maintaining open and constructive dialogue with shareholders. The Chief Executive Officer acts as the primary point of contact for investors and regularly engages with major shareholders following the publication of interim and annual results.

The Annual General Meeting provides shareholders with an opportunity to engage directly with the Board. Feedback from shareholders is considered by the Board and, where appropriate, reflected in strategy, capital allocation and governance practices.

4. Take into account wider stakeholder interests, including social and environmental responsibilities, and their implications for long‑term success

The Board recognises the importance of stakeholders to the long‑term success of the Group, including employees, customers, suppliers, regulators and the communities in which the Group operates.

Employee engagement is supported through regular communication, staff councils and an open‑door culture. Customer feedback is actively monitored, and service quality is a key operational focus. 

The Group also considers environmental and social factors in decision‑making, taking a proportionate approach aligned with the scale of its operations.

5. Embed effective risk management, internal controls and assurance activities, considering both opportunities and threats, throughout the organisation

The Board is responsible for the Group’s system of risk management and internal control. A formal risk register is maintained and reviewed regularly, identifying principal risks and mitigating actions.

The Board is supported by a Risk Committee, which oversees risk appetite, emerging risks and the effectiveness of mitigation strategies. Internal controls are designed to manage, rather than eliminate, risk and to provide reasonable assurance against material misstatement or loss.

6. Establish and maintain the Board as a well‑functioning, balanced team led by the Chair

The Board comprises Executive and Non‑Executive Directors with a balance of skills, experience and knowledge relevant to the Group’s activities. The Board considers that this balance enables effective leadership, constructive challenge and informed decision‑making.

The Chair is responsible for ensuring that the Board operates effectively, that agendas focus on key strategic and operational matters, and that Directors receive accurate and timely information.

7. Maintain appropriate governance structures and ensure that individually and collectively the Directors have the necessary up to date experience, skills and capabilities

The Board has established Audit, Risk and Remuneration Committees with formal terms of reference. Given the size and complexity of the Group, the Board has determined that a separate Nominations Committee is not currently required, with nomination matters handled by the Board as a whole. 

A formal schedule of matters reserved to the Board is in place and reviewed periodically.

Directors are appointed based on their experience, professional competence and ability to contribute to the long‑term success of the Group. The Board regularly reviews its composition to ensure it retains an appropriate mix of skills and experience.

Directors are encouraged to undertake ongoing professional development to maintain and enhance their effectiveness.

8. Evaluate Board performance based on clear and relevant objectives, seeking continuous improvement

The Board undertakes regular reviews of its performance and that of individual Directors. Performance evaluation considers financial performance, strategic delivery, shareholder feedback, and the effectiveness of Board and Committee processes.

Where improvements are identified, actions are agreed and implemented to enhance Board effectiveness.

9. Establish a remuneration policy which is supportive of long-term value creation and the Company’s purpose, strategy and culture

The Board recognises the importance of remuneration in supporting the long‑term success of the Group. The Company’s remuneration policy is intended to align with its purpose, strategy and culture, and to support sustainable value creation for shareholders.

Remuneration arrangements are kept under review by the Remuneration Committee to ensure they remain appropriate and proportionate for an AIM‑quoted company of the Group’s size and development stage.

10. Communicate how the Company is governed and is performing by maintaining a dialogue with shareholders and other relevant stakeholders

The Company communicates its governance arrangements and performance through its Annual Report, regulatory announcements and its website. The Board is committed to transparent reporting and timely disclosure in accordance with AIM Rules.

Shareholders are encouraged to engage with the Company, and the Board remains available to respond to reasonable enquiries.

The Board and its Committees

The Board is responsible for the long‑term success of the Company, providing entrepreneurial leadership within a framework of effective controls. It sets the Group’s strategy, oversees management performance, ensures appropriate risk management and internal controls are in place, and maintains high standards of corporate governance.

The Board comprises a combination of Executive and Non‑Executive Directors with a balance of skills, experience and independence appropriate to the size and complexity of the Group. Executive Directors are responsible for the day‑to‑day management of the business, while Non‑Executive Directors provide independent oversight, constructive challenge and strategic guidance.

To support effective decision‑making, the Board has established the following Committees, each operating under formal terms of reference:

Audit Committee – responsible for overseeing the integrity of the Group’s financial reporting, reviewing the effectiveness of internal controls and risk management systems, and managing the relationship with the external auditor.

Risk Committee – responsible for identifying and monitoring principal and emerging risks, reviewing the Group’s risk appetite, and overseeing the effectiveness of mitigation strategies.

Remuneration Committee – responsible for determining the remuneration policy for Executive Directors and senior management, ensuring that remuneration is aligned with the Company’s strategy and long‑term shareholder interests.

Given the small size of the Board, the Company has determined that a separate Nominations Committee is not currently required. Responsibility for Board appointments, succession planning and Board composition is retained by the Board as a whole.

Board and Director Information

Details of the Board, Committees, Director biographies are and attendance at meetings are set out in the Company’s Annual Report and Accounts.

All Directors are subject to election by shareholders at the first Annual General Meeting following appointment and to re‑election thereafter at intervals of no more than three years, in accordance with the Company’s Articles of Association.

Given the small size of the Board, the Company does not currently require annual re‑election of all Directors. The Board considers that a three‑year rotation cycle provides an appropriate balance between continuity, stability and accountability, while allowing the Board to retain critical experience and institutional knowledge. The Board keeps this approach under regular review as the Group develops and the Board composition evolves.

The Board considers that the Company has complied with the principles of the QCA Corporate Governance Code (2023) in a manner that is appropriate to its size, structure and stage of development.