Compliance Management System

DMG MORI AG Compliance Introduction 2

Compliance Management System at DMG MORI

Elements

Compliance monitoring and improvement Compliance communication Compliance organisation Compliance programme Compliance culture Compliance objectives Compliance risks

Compliance Management System

Our Compliance Management System is designed to ensure that laws and internal requirements are complied with by the managers and employees and violations are systematically prevented.

Compliance Management System at DMG MORI

Compliance Culture and Communication

Group-wide distribution of the code of conduct and the leadership message

• with the leadership message, the Executive Board addresses employees and points out the importance of compliance • circulation of 8,000 copies in German (4,750) and English (3,250) in the form of a brochure

• new employees receive a copy in their language together with their employment contract

Compliance classroom trainings and setting up an web-based training

• classroom training seminars for selected managers and employees by Chief Compliance Officer

• web-based training will ensure that all employees – particularly new employees – promptly receive adequate information and training

Communication of the compliance helpdesk: [email protected] Further internal and external Communication

• Communication to management and employees • Compliance web presence

DMG MORI AG Compliance Introduction 4

Determination of the subareas/risk areas

• determination of subareas/risk areas on the basis of risk considerations by the CCO

• final decision is recorded by the annual Management Board resolution on the description of the compliance management system

• current subareas: Anti-Corruption, Antitrust Law, Export Control

• new areas will follow: Tax Compliance, Data Privacy and IT-Security etc.

Anti-corruption

• Bribery • Passive corruption • Extortion • Misappropriation of assets • Falsifying financial statements/financial irregularities • Nepotism

Antitrust law

• Horizontal restraints on competition • Vertical restraints on competition

• Abuse of a dominant market position

• Company mergers subject to merger controls

Export control

• Export of high-precision

machine tools

• Export of spare parts • Transfer of technology,

software and/or know-how

Derivation of typical risk scenarios

• Determination of typical risk scenarios by central Compliance Management department • Special consideration given to the DMG MORI business model

Compliance Management System at DMG MORI

Annual Reporting: Compliance Risk Assessment

Part I – Compliance Scoping

• Risk measurement based on inherent risk factors such as e.g. • Corruption Perception Index

• Sales

• Headcount

• Sales

Part II – scenario-based risk identification

• systematic and standard analysis of centralised and decentralised compliance risks

• preparation of a guideline for identifying local risk assessment • risk workshops presented by the CCO for selected companies, contributing to a better risk awareness within these companies

Compliance Management System at DMG MORI

DMG MORI AG Compliance Introduction 6

Control system

Based on the management culture, the Code of Conduct defines the binding corporate governance rules and measures for the responsible conduct of all employees. The Code of Conduct is the basic framework used by the DMG MORI group when dealing with stakeholders and is further defined by

various guidelines, handbooks and other regulations. Process

The drawing up, amendment and disapplication of different types of regulations is managed by a holistic control process:

• Identification of regulation requirement • Drawing up of regulation

• Approval

• Resolution

• Entry into force and publication

• Update • Disapplication Management culture Code of Conduct Group guidelines Group handbooks Other group regulations e.g

IT standards and works agreements

Company guidelines Company handbooks Other company regulations e.g. Operating procedures and works

agreements

Compliance Management System at DMG MORI

Access to guidelines and handbooks

• All group guidelines and handbooks are stored in Sharepoint

• There is a direct link to Sharepoint from the Outlook and from the intranet • All employees have access to group guidelines and handbooks

Extract from Sharepoint

Compliance Management System at DMG MORI

DMG MORI AG Compliance Introduction 8

Extract from the Compliance Due Diligence check list for agents and dealers

Compliance Due Diligence

In order to counter our compliance risks, a detailed due diligence check is performed within the DMG MORI group.

Agents/dealers

An integrity check is carried out for agents/dealers using a three-stage process:

• Background research

linked to the potential agent/dealer’s self-assessment provided in a detailed questionnaire

• Risk assessment

• Integrity check

The amount of detail in the integrity check depends on the results of the relevant risk assessment. Every agent/dealer must also be given a copy of the Code of Conduct.

Suppliers

The compliance and sustainability requirements, as well as our Code of Conduct are a key component of our relationship with suppliers.

Compliance Management System at DMG MORI

Risk-reducing measures of our compliance management systems • organisational assurance measures

• control activities

Compliance Management System at DMG MORI