Corporate Governance Statement

1.1 Board Responsibilities and Delegation

The Board has adopted a Board Charter that sets out the specific responsibilities reserved for the Board and those delegated to management. The Board Charter clearly articulates the division of responsibilities between the Board and management to ensure accountability.

The responsibilities reserved for the Board include: setting the strategic direction of the Company and monitoring management's implementation of that strategy; appointing and, where necessary, replacing the Chief Executive Officer and other senior executives; approving the annual budget and monitoring financial performance; ensuring the Company has appropriate risk management and internal control systems in place; setting the Company's values and standards of conduct; and ensuring that shareholders are kept informed of the Company's performance and major developments.

Responsibility for the day to day management of the Company is delegated to the Chief Executive Officer, who is accountable to the Board for the authority delegated. The Chief Executive Officer may further delegate authority to senior executives in accordance with the delegated authority framework approved by the Board.

1.2 Written Agreements with Directors and Senior Executives

The Company has entered into written agreements with each director and senior executive setting out the terms of their appointment. For non-executive directors, these letters of appointment set out the term of appointment, time commitment envisaged, expectations in relation to committee work, remuneration arrangements, and requirements to disclose interests and comply with Company policies.

Executive directors and senior executives have employment agreements that detail their duties and responsibilities, reporting lines, remuneration and other benefits, confidentiality and non-compete obligations, and termination provisions. These agreements ensure clarity regarding roles, responsibilities, and expectations.

1.3 Company Secretary

The Company Secretary is accountable directly to the Board, through the Chair, on all matters relating to the proper functioning of the Board. The responsibilities of the Company Secretary include advising the Board and its committees on governance matters, monitoring compliance with Board policies and procedures, coordinating the timely completion and dispatch of Board and committee papers, ensuring that the business at Board meetings is accurately captured in the minutes, and helping to organise and facilitate the induction and professional development of directors.

All directors have access to the Company Secretary. The decision to appoint or remove the Company Secretary is made by the Board as a whole.

1.4 Diversity Policy

The Company has adopted a Diversity Policy which sets out the Company's commitment to promoting a corporate culture that embraces diversity and supports the recruitment, retention, and advancement of employees from diverse backgrounds. The policy covers diversity in relation to gender, age, disability, ethnicity, cultural background, and other relevant factors.

The Board has established measurable objectives for achieving gender diversity in the composition of the Board and senior management. Progress towards achieving these objectives is reviewed annually by the Board and disclosed in the Annual Report.

As at 30 June 2025, the proportion of women on the Board was [X]%, in senior executive positions was [X]%, and across the whole organisation was [X]%. The Board is committed to improving gender diversity at all levels of the organisation.

1.5 Performance Evaluations

The Board undertakes an annual performance evaluation of the Board, its committees, and individual directors. This evaluation process is facilitated by the Nomination and Remuneration Committee. The evaluation considers the Board's role and composition, the effectiveness of Board processes, and the quality of the relationship with management.

Performance evaluations of senior executives are conducted annually by the Chief Executive Officer, with the evaluation of the Chief Executive Officer conducted by the Board. These evaluations assess performance against agreed key performance indicators and behaviours aligned with the Company's values. A performance evaluation for the Board, its committees, individual directors, and senior executives was undertaken during the reporting period in accordance with the processes described above.

2.1 Nomination Committee

The Company has established a Nomination and Remuneration Committee. The Committee comprises a majority of independent directors and is chaired by an independent director who is not the Chair of the Board. The Committee operates under a formal charter that has been approved by the Board.

The Committee is responsible for recommending to the Board candidates for appointment to the Board, reviewing Board succession planning, conducting annual reviews of Board composition, recommending the removal of directors, and overseeing the annual performance evaluation of the Board, its committees, and individual directors.

2.2 Board Skills Matrix

The Board has developed a skills matrix setting out the mix of skills and diversity that the Board currently has or is looking to achieve. The skills matrix is reviewed annually by the Nomination and Remuneration Committee and is used to identify any gaps in skills or experience that may need to be addressed through new director appointments or professional development.

Key skills and experience represented on the Board include: enterprise technology and software development; media and content management; financial management and reporting; risk management and compliance; corporate governance and legal; mergers, acquisitions, and capital markets; strategic planning and business development; and executive leadership and people management.

Details of each director's qualifications, experience, and skills are set out in the Directors' Report contained in the Company's Annual Report.

2.3 Board Composition and Independence

The Board comprises [X] directors, of whom [X] are independent non-executive directors. The Chair of the Board is an independent non-executive director. The roles of Chair and Chief Executive Officer are held by different individuals.

In determining the independence of directors, the Board has considered the relationships set out in Box 2.3 of the ASX Corporate Governance Principles and Recommendations and other relationships which could reasonably be perceived to affect independence. The Board assesses the independence of each director annually, and upon any change of circumstances which may affect that assessment.

Where a director has an interest, position, association, or relationship of the type described in Box 2.3, but the Board is of the opinion that it does not compromise the independence of the director, the nature of the interest, position, association, or relationship and the grounds for the Board's opinion is disclosed in the Annual Report.

2.4 Director Appointment Process

The Company undertakes comprehensive checks before appointing a director, or putting a candidate forward to shareholders for election, including verification of their experience and qualifications, criminal history checks, and bankruptcy searches. Candidates are also required to confirm that they will have sufficient time to fulfil their responsibilities as a director.

All material information relevant to a decision on whether to elect or re-elect a director is provided to shareholders in the Notice of Meeting for the relevant general meeting, including biographical details, other material directorships, term of office, qualifications, and the Board's assessment of independence.

The Company has a comprehensive induction program for new directors, which includes meetings with key executives, site visits where appropriate, and the provision of key Company documents and policies. Directors also have access to continuing education to update and enhance their skills and knowledge.

3.1 Company Values

The Board has articulated and disclosed the Company's values. These values underpin the expected standards of behaviour for all directors, senior executives, and employees. The Company's values are: Integrity, in acting honestly and transparently in all business dealings; Innovation, in pursuing excellence and continuous improvement in our technology and services; Accountability, in taking responsibility for our actions and commitments; and Respect, in treating all stakeholders with dignity and consideration.

These values are reinforced through the Company's Code of Conduct, performance management systems, and internal communications. The Board reviews the Company's values annually to ensure they remain relevant and appropriate.

3.2 Code of Conduct

The Company has adopted a Code of Conduct that applies to all directors, senior executives, and employees. The Code of Conduct sets out the standards of behaviour expected and the principles that guide decision making in all business activities. Key areas covered by the Code include: conflicts of interest; confidentiality; fair dealing with customers, suppliers, and competitors; compliance with laws and regulations; protection of Company assets; and workplace behaviour.

All employees are required to acknowledge their understanding of and commitment to comply with the Code of Conduct upon commencement of their employment and annually thereafter. The Code of Conduct is available on the Company's website.

3.3 Whistleblower Policy

The Company has adopted a Whistleblower Policy that complies with the requirements of the Corporations Act 2001. The policy encourages the reporting of any instances of suspected unethical, illegal, fraudulent, or undesirable conduct and provides protections and measures to ensure that those who report such conduct can do so confidentially and without fear of intimidation, disadvantage, or reprisal.

Reports may be made to designated Whistleblower Protection Officers, the Chair of the Audit and Risk Committee, or through an independent external whistleblower service. The identity of a discloser will be kept confidential except where disclosure is required by law or is necessary for the investigation of the matter.

The Board oversees the implementation of the Whistleblower Policy and receives regular reports on any matters raised through the whistleblower channels. The Whistleblower Policy is available on the Company's website.

3.4 Anti-Bribery and Corruption Policy

The Company has adopted an Anti-Bribery and Corruption Policy that sets out the Company's zero tolerance approach to bribery and corruption. The policy applies to all directors, employees, contractors, and third parties acting on behalf of the Company.

The policy prohibits: offering, promising, giving, or receiving bribes; making facilitation payments; providing or accepting gifts or hospitality that could influence business decisions; making political or charitable donations without proper approval; and engaging third parties who may engage in corrupt practices on the Company's behalf.

All employees receive training on the Anti-Bribery and Corruption Policy and are required to certify their compliance annually. The policy is available on the Company's website.

4.1 Audit and Risk Committee

The Company has established an Audit and Risk Committee. The Committee comprises [X] members, all of whom are non-executive directors, and a majority of whom are independent. The Chair of the Committee is an independent director who is not the Chair of the Board.

All members of the Committee are financially literate, and at least one member has relevant qualifications and experience as a qualified accountant or other finance professional. Details of the qualifications and experience of Committee members are set out in the Directors' Report.

The Committee operates under a formal charter approved by the Board. The charter sets out the Committee's responsibilities, which include: reviewing financial statements and other financial information; overseeing the relationship with the external auditor; reviewing the effectiveness of internal controls; and monitoring compliance with legal and regulatory requirements. A copy of the Audit and Risk Committee Charter is available on the Company's website.

4.2 CEO and CFO Declarations

Before the Board approves the Company's financial statements for a financial period, it receives from the Chief Executive Officer and the Chief Financial Officer a declaration that, in their opinion:

• The financial records of the Company have been properly maintained in accordance with section 286 of the Corporations Act 2001
• The financial statements and notes for the financial period comply with the applicable accounting standards and give a true and fair view of the financial position and performance of the Company
• The above opinion has been formed on the basis of a sound system of risk management and internal control which is operating effectively in all material respects in relation to financial reporting risks

The Board received declarations in the above form from the Chief Executive Officer and Chief Financial Officer in respect of the financial statements for the year ended 30 June 2025.

4.3 External Auditor Independence

The Company's external auditor is [External Auditor Name]. The external auditor attends each Annual General Meeting and is available to answer shareholder questions about the conduct of the audit and the preparation and content of the auditor's report.

The Audit and Risk Committee has established procedures to ensure that the independence of the external auditor is maintained. These procedures include: reviewing the qualifications, expertise, and resources of the external auditor; monitoring the provision of non-audit services to ensure they do not impair auditor independence; requiring the rotation of the audit engagement partner at least every five years; and obtaining annual confirmation from the external auditor that they have maintained their independence in accordance with the Corporations Act 2001 and applicable professional standards.

The Audit and Risk Committee reviews and makes recommendations to the Board on the appointment, reappointment, or replacement of the external auditor. The Committee has satisfied itself that the external auditor has maintained their independence throughout the reporting period.

5.1 Continuous Disclosure Policy

The Company has adopted a Continuous Disclosure Policy to ensure compliance with ASX Listing Rule 3.1 and the continuous disclosure requirements of the Corporations Act 2001. The policy establishes procedures for the identification, review, and disclosure of price-sensitive information.

The Chief Executive Officer and Company Secretary are jointly responsible for ensuring that the Company complies with its continuous disclosure obligations. All employees and directors are required to report any matters that may require disclosure to the Chief Executive Officer or Company Secretary immediately upon becoming aware of such matters.

The Board receives copies of all material announcements immediately after they have been released to the ASX. The Company also provides a summary of all ASX announcements at each Board meeting. A copy of the Continuous Disclosure Policy is available on the Company's website.

5.2 Market Announcements Process

The Company has established processes to ensure that all announcements made to the market are accurate, balanced, and provide investors with sufficient information to make informed decisions. Material announcements are reviewed by the Chief Executive Officer and, where appropriate, by the Board or relevant Board committee before release.

The Company aims to ensure that all announcements present information in a clear and balanced manner, with both positive and negative information presented objectively. New and substantive investor or analyst presentations are released to the ASX Market Announcements Platform before the presentation is delivered.

All announcements made to the ASX are posted on the Company's website promptly following their release, ensuring equal access to information for all stakeholders.

6.1 Shareholder Communication

The Company has adopted a Shareholder Communication Policy to promote effective two-way communication with shareholders and other stakeholders. The policy is designed to ensure that shareholders have timely access to information about the Company, including its governance, financial performance, and strategic direction.

Information is communicated to shareholders through: the Annual Report; the Notice of Annual General Meeting and explanatory memorandum; ASX announcements; the Company's investor relations website; results presentations and webcasts; and investor roadshows and one-on-one meetings.

Shareholders are encouraged to provide questions or comments ahead of the Annual General Meeting and other general meetings. The Company Secretary is the primary point of contact for shareholder enquiries.

6.2 General Meetings

The Company designs and implements its investor relations programs and shareholder meetings to facilitate effective communication with shareholders and encourage their participation. All substantive resolutions at general meetings are decided by poll rather than by a show of hands.

Shareholders who are unable to attend general meetings in person are able to vote by proxy. The Company has also implemented technology solutions to allow shareholders to participate in general meetings electronically where appropriate. The external auditor attends the Annual General Meeting and is available to answer questions from shareholders about the conduct of the audit and the preparation and content of the auditor's report.

The Company gives shareholders the option to receive communications from, and send communications to, the Company and its share registry electronically. Information on how to elect to receive electronic communications is available on the Company's website and in shareholder correspondence.

6.3 Website and Electronic Communications

The Company maintains a comprehensive investor relations section on its website at www.orisium.com/investors. The website contains information about the Company's directors and senior executives, corporate governance framework and policies, annual reports and ASX announcements, investor presentations, and details on how to contact the Company and its share registry.

The Company encourages shareholders to register for email alerts to receive notification when new announcements or other investor information is released. All ASX announcements are posted on the website immediately following their release.

7.1 Risk Management Framework

The Board, through the Audit and Risk Committee, is responsible for overseeing the establishment and implementation of a sound risk management framework. The Company has adopted a Risk Management Policy that sets out the Company's approach to identifying, assessing, managing, and reporting risks.

The risk management framework is based on the ISO 31000:2018 Risk Management standard and includes: establishing the context for risk management; identifying risks that could prevent the Company from achieving its objectives; analysing and evaluating the likelihood and impact of identified risks; developing risk treatment plans to manage material risks; monitoring and reviewing the effectiveness of risk treatments; and reporting on risk management performance to the Board.

The Audit and Risk Committee reviews the risk management framework at least annually to ensure it remains appropriate for the Company's circumstances. A review of the risk management framework was conducted during the reporting period, and the Board is satisfied that the framework is sound and that the Company is operating with due regard to the risk appetite set by the Board.

7.2 Risk Committee Oversight

The Audit and Risk Committee is responsible for overseeing the Company's risk management framework. The Committee receives regular reports from management on the Company's material risks and the effectiveness of controls in place to manage those risks.

Management maintains a risk register that documents all identified material risks, their potential impact, the controls in place to manage them, and any action plans to further mitigate risks. The risk register is reviewed and updated quarterly, with significant changes reported to the Audit and Risk Committee.

Key categories of risk identified and managed by the Company include: strategic risk; operational risk; technology and cybersecurity risk; financial risk; regulatory and compliance risk; and people and culture risk.

7.3 Internal Audit Function

The Company has an internal audit function that provides independent and objective assurance on the effectiveness of the Company's risk management and internal control systems. The internal audit function reports functionally to the Audit and Risk Committee and administratively to the Chief Financial Officer.

The internal audit plan is developed in consultation with management and approved by the Audit and Risk Committee. The plan is risk-based and covers key operational, financial, and compliance processes. The Committee receives reports on internal audit findings at each meeting and monitors management's progress in addressing any recommendations arising from internal audit reviews.

The Audit and Risk Committee reviews the effectiveness of the internal audit function annually, including its independence, scope of work, and resourcing. The Committee is satisfied that the internal audit function is appropriately qualified, experienced, and resourced.

7.4 Material Exposure to Environmental and Social Risks

The Company has identified material environmental and social risks relevant to its operations and has processes in place to manage those risks. As a technology company, the Company's direct environmental footprint is relatively limited, but the Board recognises the importance of operating sustainably and responsibly.

Key environmental and social risks identified include: climate-related risks, including the physical and transition risks associated with climate change; data privacy and cybersecurity risks; responsible use of artificial intelligence; and employee health, safety, and wellbeing. The Company's approach to managing these risks is disclosed in the Annual Report and on the Company's website.

8.1 Remuneration Committee

The Company has established a Nomination and Remuneration Committee. The Committee comprises [X] members, all of whom are non-executive directors, and a majority of whom are independent. The Chair of the Committee is an independent director.

The Committee is responsible for: reviewing and recommending to the Board remuneration arrangements for directors; reviewing and recommending to the Board remuneration arrangements for the Chief Executive Officer and senior executives; reviewing the Company's remuneration policies and practices to ensure they are fair and appropriate; overseeing incentive plans and equity-based plans; and ensuring compliance with applicable laws and regulations.

The Committee operates under a formal charter approved by the Board. A copy of the Nomination and Remuneration Committee Charter is available on the Company's website.

8.2 Remuneration Policy

The Company has adopted a Remuneration Policy that sets out the principles and framework for remuneration decisions. The policy is designed to ensure that remuneration: attracts and retains high quality directors and senior executives; motivates executives to achieve the Company's strategic objectives; aligns executive interests with the creation of value for shareholders; and is consistent with the Company's values and risk appetite.

Non-executive directors receive fixed fees for their services on the Board and its committees. Non-executive directors do not receive performance-based remuneration. The aggregate fee pool for non-executive directors is approved by shareholders and is set at a level that enables the Company to attract and retain directors of the highest calibre.

Executive remuneration comprises a mix of fixed remuneration and at-risk remuneration, including short-term incentives and long-term incentives. At-risk remuneration is structured to align executive interests with shareholder interests through equity-based remuneration with appropriate vesting conditions.

8.3 Equity-Based Remuneration

The Company has established equity-based incentive plans for executives and employees. These plans are designed to align the interests of executives and employees with those of shareholders by linking a component of their remuneration to the long-term performance of the Company.

The Company has a policy that participants in an equity-based remuneration scheme should not enter into transactions in associated products which limit the economic risk of participating in the scheme. This policy is communicated to all participants upon their participation in any equity-based scheme.

Details of the equity-based remuneration schemes, including their terms and conditions and participation by key management personnel, are disclosed in the Remuneration Report contained in the Annual Report.

8.4 Clawback Provisions

The Company's incentive plans include clawback provisions that allow the Board to reduce, cancel, or claw back unvested or vested incentive awards in certain circumstances. These circumstances include: where an award was granted based on financial statements that are subsequently restated; where a participant has engaged in fraud, dishonesty, or gross misconduct; where a participant has breached their obligations to the Company; or where the Board determines that the vesting of an award would produce an unfair or unintended result.

The clawback provisions apply to all participants in the Company's incentive plans, including the Chief Executive Officer and other key management personnel. The provisions are designed to protect the interests of shareholders and to promote accountability for individual performance and behaviour.