Rules of Procedure for Festi hf.’s Audit Committee

Festi hf.’s Audit Committee is a sub-committee of the Company's Board of Directors and is appointed by the board in accordance with chapter IX, section A of Act no. 3/2006, on annual accounts. The committee shall operate in accordance with Icelandic laws and regulations and good corporate governance.

The Audit Committee is intended to ensure the quality of the Company's Annual Financial Statement and other financial information and independence in its audit. The committee’s role is monitoring the procedures used in the preparation of financial statements, risk analysis, the execution of internal monitoring as well as internal and external auditing.

Roles and tasks are specified in more detail in Article 4 of these rules.

‍

The Board of Directors is responsible for appointing an Audit Committee, and the committee reports directly to the board. At least three members shall be appointed to the committee, no later than one month after the Annual General Meeting.

The members of the committee shall be independent of the auditor or auditors of the Company, and the majority of members shall also be independent of the Company and its day-to-day management. In addition, one committee member, who is independent of both day-to-day management and the Company, shall be independent of the Company's major shareholders.

The Company's CEO and other day-to-day managers shall not be members of the Audit Committee. In the event that the Chairman of the Board of Directors sits on the committee, he shall not hold the position of Chairman of the Committee. Thus, the CEO, board member and Chairman of the Audit Committee must not be the same person.

Committee members must have relevant knowledge and experience in accordance with the tasks of the committee, and at least one committee member must have sound knowledge and experience in the field of accounting and auditing.

Committee members are bound by confidentiality regarding the Company's affairs and other matters of which they learn during their time on the committee.

‍

The Audit Committee is authorized to collect the necessary information within the Company in order to fulfill its obligations according to these rules of procedure.

The Audit Committee has unrestricted access to the Company’s Board of Directors, management, employees and internal and external auditors in order to obtain information on processes and working procedures or any other information that the committee deems necessary to obtain as part of its duties.

The Audit Committee may request management's authorization to seek consultation as it deems necessary to fulfill these duties. This shall be reported to the Chairman of the Board of Directors in a formal manner.

‍

The Audit Committee shall in every possible way ensure the quality of the Company's Annual Financial Statement and any other financial information, as well as its auditors’ independence.

The Committee shall act as a liaison between the Company’s Board of Directors, management and external and internal auditors in connection with their reporting and matters related to inspections. The committee shall also assist the Board of Directors in fulfilling its obligations by acting as an independent and objective body and carrying out the duties stipulated by these rules.

The committee shall review the processes of providing information from management, internal audit and external auditors.

In accordance with Article 108 b of Act no. 3/2006 on annual accounts, the Audit Committee shall, among other things, have the following roles regardless of the responsibility of the Board of Directors, management and others in this area:

a. Supervision of the preparation of financial statements

The Audit Committee shall review the main issues in the financial statements with the Company's management during the preparation of the Annual Financial Statement and interim accounts signed by auditors, before the Board of Directors approves the accounts. The committee shall do its utmost to resolve disputes that may arise during the preparation of financial statements.

b. Supervision of the arrangement and effectiveness of internal audit, risk management and other types of supervisory activities

The Audit Committee supervises the Board of Directors to ensure that with its policy and procedures, the Company has implemented appropriate internal control that addresses risks in the business and that these internal control elements work effectively. The committee, along with management and external auditors, reviews as necessary whether internal control, risk management and other supervisory measures are sufficient at all times.

The Audit Committee shall inform the Board of Directors of any instances of fraud of which the committee becomes aware, if there is suspicion of violations of laws, rules or regulations or instances where internal controls have failed.

c. Supervision of the audit of the Annual Financial Statement, consolidated accounts and other financial information of the Company

The Audit Committee shall meet with the Company's auditor and review the scope of the audit and the audit plan.

Auditors and audit firms must annually report to the Audit Committee on their work and independence and submit a report on the audit and its results. The report shall specifically mention weaknesses in internal control and process for the preparation of financial statements. The committee must be informed of important issues that arise during the auditing process as soon as possible.

The Audit Committee can meet privately with the internal auditor, external auditor or management if the committee deems it necessary.

d. Assessment of the independence of external auditor or audit firm and supervision of other duties of external auditors

The Audit Committee makes sure that the provisions of Act no. 79/2008 on auditors are followed, among other things regarding the time limits of the auditor's work for the Company and that the Company's auditor is not permitted to act in the Company's interest for anything other than auditing.

The Audit Committee shall annually receive written confirmation from the auditor that the provisions of Act no. 79/2008 on auditing are followed, where, among other things, a declaration that the auditor is independent of the Company must be made.

In the Audit Committee's assessment of the auditor's independence, the committee must make sure that the auditor and audit firm should be independent of their client, both in practice and appearance. An auditor should not perform an audit if there is any kind of relationship between the auditor and the client, that might call into question their independence from a well-informed third party, such as a business connection, direct or indirect financial relationship or business relationships other than those resulting from the audit.

e. Make recommendations to the Board of Directors regarding the selection of an external auditor or auditing firm.

The Audit Committee submits a proposal to the Board of Directors regarding the selection of an auditor or auditing firm.

f. Other tasks

The Audit Committee, in consultation with the Board of Directors, shall assess the need for and make a proposal regarding an internal auditor.

‍

‍

The Chairman shall call meetings on his own initiative or at the request of other committee members, but no fewer than four times a year. At the beginning of each working year, the Audit Committee makes a plan for the year's tasks, committee meetings and meetings with auditors, the Board of Directors and Company employees. Furthermore, the committee makes a schedule of meeting agenda.

It is the committee's decision whether the Company's management, internal auditors or external auditors are present at the committee's meetings.

Meeting minutes must be written and approved by committee members. Minutes are stored in the committee's user area in the CoreData archive system. The Board of Directors and CEO have access to the user area where the minutes of the committee's meetings are saved.

‍

The Audit Committee shall at least annually submit a report on its work to the Company's Board of Directors.

The report to the Board of Directors must contain information about the committee's relations with the board, auditors and employees of the Company. The committee's supervision of the work process for the preparation of financial statements, the effectiveness of internal control, internal audit and risk management shall also be reported on.

The committee's supervision of the audit of the Company's Annual Financial Statement and assessment of the auditor's independence shall also be included.

‍

The Audit Committee is responsible for the obligations set out in these rules, but is not responsible for the financial statements or the audit of annual statements. The Company's Board of Directors and CEO are responsible for the financial statements, the implementation of internal controls, and the independent auditors are responsible for auditing the Company's Annual Financial Statements.

‍

The Audit Committee shall evaluate its effectiveness as well as review and revise these operating rules as necessary, but at least annually. The committee proposes to the Board of Directors the appropriate changes or increases in the tasks and role of the committee.

Managers can request the committee's assistance with special resolution matters concerning the Company.

Approved at the Audit Committee meeting on October 1, 2018, last confirmed at the committee meeting on April 19, 2021.