Fraport : Combined non-financial Statement 2023

Combined non-financial Statement

About this combined statement

The combined non-financial statement complies with the commercial law requirements and was prepared in accordance with Sections 289c to 289e the German Commercial Code (HGB), Sections 315c in conjunction with 289c to 289e HGB and Article 8 of Regulation (EU) 2020/852 of the European Parliament and of the European Council of June 18, 2020 on the establishment of a framework for facilitating sustainable investment and amending the Regulation (EU) 2019/2088 and the Delegated Acts issued thereunder. Deloitte GmbH Wirtschaftsprüfungsgesellschaft has subjected the content of this combined non-financial statement to a limited assurance review in accordance with ISAE 3000 (revised) as part of a separate engagement.

To avoid duplicates within the combined management report, further information in other chapters is referred to at relevant points. The "Control System" and "Non-financial Performance Indicators" chapters describe the important non-financial performance indicators and their development during the reporting period. The respective concepts and measures are presented in this combined non-financial statement. The target values set for the Fraport Group and Fraport AG can also be found in the chapters, which are part of this combined non-financial statement. The forecast figures for fiscal year 2024 can be found in the "Business Outlook" chapter. The Fraport business model, competitive position, and organizational structure can be found in the "Situation of the Group" chapter. Fraport takes risks related to the non-financial aspects into account in the Group-wide risk management system (see the "Risk and Opportunities Report" chapter). References to information beyond the scope of the combined management report and consolidated financial statements are additional information and do not form part of this combined non-financial state- ment, therefore they are not audited.

Use of frameworks

For a structured presentation of the contents in accordance with Section 289c of the HGB in the combined non-financial statement, Fraport applies the standards of the Global Reporting Initiative 2021 (GRI). The concepts on the aspects are based on "GRI 3-3 Management of material topics". This concerns the explanations relating to "Anti-corruption and bribery matters", "Respect for human rights", "Customer satisfaction and security", "Employee-related matters", "Social matters", and "Environmental matters". In addition, the ESG Factbook, available at www.fraport.com/publications, provides a detailed overview of the relevant GRI indicators in the Fraport Group.

Correlations with the financial statements

The reportable correlations with the combined management report, the consolidated financial statements, and the Fraport AG annual financial statements are explained at the end of each respective non-financial aspect.

Derivation of materiality

The Fraport mission statement continues to form the basis of the Group's strategy. It encompasses the Group goals "Growth in Frankfurt and internationally", "Service-oriented airport provider", "Economically successful through optimal cooperation", "Learn- ing organization and digitalization", and "Fairness and recognition for partners and neighbors". The vision of establishing Fraport as Europe's top airport operator and of setting global standards forms the basis for this.

Based on these Group goals, the Executive Board has defined the six most important non-financial performance indicators in accordance with Section 315 (3) of the HGB in conjunction with Section 289 (3) of the HGB. Global passenger satisfaction, baggage connectivity, satisfaction of employees, women in management positions, sickness rate, and CO2 emissions. As explained in the "Control System" chapter, the employee satisfaction survey is carried out every two years and is therefore not recorded quantitatively in the reporting period.

The basis for the aspects reported in this combined non-financial statement is the materiality matrix. Key aspects are those that, according to Section 289c (3) of the HGB, are relevant to the business development, business result, as well as the effects of the business activities of Fraport on non-financial aspects. The materiality matrix is the result of a systematic exchange with internal and external stakeholders. Fraport management and representatives of the most important stakeholders (analysts, shareholders, employee representatives, banks, employees, airlines, residents living near airports, business partners, media, non-governmental organizations (NGOs), passengers, politicians and authorities, economic associations, and science) confirmed the relevance of the current topics. Both groups also prioritize the topics. The materiality matrix shows the impact of direct and indirect business

activities on the corresponding aspect, its relevance for stakeholders, and for the long-term business activities of Fraport. The last comprehensive materiality analysis was performed in 2018. On the basis of this, the topics are regularly checked to ensure they are up to date. The Executive Board has confirmed the relevance of the topics for 2023.

The key aspects identified have been attributed to the non-financial aspects in accordance with Section 289c (2) of the HGB. Beyond these reportable non-financial aspects, Fraport has also identified "Customer satisfaction and security" as an additional aspect. The distribution of the aspects among the non-financial aspects can be found in the table below. The crossover aspect "Supply and subcontracting chain" is not an individual aspect but deals with the information in connection with the non-financial aspects in a separate chapter. Fraport does not engage in research and development in the strict sense in the "Innovation and Digitalization" section (see "Research and Development" chapter). The measures derived from the Group strategy aim to increase customer satisfaction and product quality. Reporting on this can be found in the "Customer Satisfaction and Security" chapter.

Allocation of material topics to non-financial aspects

The Executive Board remuneration system also includes non-financial elements in addition to the financial objectives for the long- term performance-based remuneration. The expansion of the master plan and package of measures on reducing CO2 in the Group, concept development for alternative drive systems at the Frankfurt site, and the increase in process efficiency in procurement and staffing requirements were determined as non-financial components for the 2023 fiscal year (see also the Remuneration Report at www.fraport.com/publications).

Identification of risks

Fraport defines risks as future developments or events that may negatively affect the non-financial aspects. The risk evaluation is conservative, which means that it reflects the worst-case scenario for Fraport. A distinction is made between a gross risk and net risk. The gross risk is the greatest possible negative impact of the risk prior to countermeasures. The net risk includes the remaining expected impact after countermeasures have been initiated or implemented. The risk assessment in this non-financial statement reflects the net risk.

The risk management system described in the "Risk and Opportunities Report" chapter in the combined management report contains the analysis of the risks that may have potential negative effects on the non-financial aspects.

For fiscal year 2023, there were no additional reportable risks for Fraport which are very likely to have or will have a substantial negative impact on the reportable aspects in accordance with Section 289c (3) sentence 1, Nos. 3 and 4 HGB, beyond the material risks already listed in the "Risk and Opportunities Report" chapter as part of risk management.

Consideration of the supply and subcontracting chain specific to the business model

The crossover topic "Supply chain and subcontracting" is not an individual aspect but deals with the information on the supply chain and subcontracting in connection with the non-financial aspects in this separate chapter. Unlike manufacturing companies, Fraport management does not focus on the supply chain. Instead, the focus is placed on the quality of the services offered and the functionality of the infrastructure required for this purpose. It is crucial, however, that business partners and suppliers are selected carefully.

Fraport compels business partners and suppliers to comply with its Supplier Code of Conduct, (which can be viewed at www.fraport.com/en/compliance) as part of its General Terms and Conditions (GTC), depending on the local conditions. It details how to deal with employees and respect human rights as well as environmental and climate protection, integrity during business, and the prohibition of corruption and bribery. A violation of this supplier code of conduct may result in the termination of the business relationship. Business partners and suppliers must also undertake to demand and ensure that these principles are

adhered to when dealing with their own suppliers.

All suppliers and service providers of Fraport AG are audited daily regarding the relevant sanction lists of the EU and the United States. Sanction lists are official lists of people, groups, or organizations subject to economic or legal restrictions. If there are irregularities, further checks are planned which may result in the withdrawal of an order.

The fully consolidated Group companies each have their own procurement management and are required to comply with the Group Compliance Management System (CMS). An important part of the Group policy is the Code of Conduct for Employees (which can be viewed at www.fraport.com/en/compliance), which is obligatory in the Fraport Group. The policy also includes instructions to make the Supplier Code of Conduct part of the General Terms and Conditions insofar as this is possible for the Group companies pursuant to national applicable law.

The Group company Fraport Ausbau Süd defined a separate procurement process for the Expansion South project, in particular for Terminal 3 at Frankfurt Airport, due to the size and complexity of the project. When submitting an offer in this procurement process, construction companies are obliged to comply with all requirements in the German Posted Workers Act (AEntG) and the German Minimum Wage Act (MiLoG). In addition, they must make contributions to the collective bargaining parties' joint facilities (e.g., wage compensation and vacation pay), and only engage subcontractors or other third parties that meet these requirements.

In the past fiscal year, Fraport AG has implemented the due diligence obligations resulting from the German Supply Chain Act (LkSG), which entered into force on January 1, 2023. After existing structures had been expanded and new processes created, the statutory obligations were transferred into the line organization. In addition to the policy statement on the human rights strategy, core elements of the implementation include expanding the risk analysis, updating the complaints procedure, and establishing suitable preventive and corrective measures.

Anti-corruption and bribery matters and respect for human rights

Anti-corruption and bribery matters

Objective - Conduct in compliance with laws and regulations has the highest priority at Fraport. Fraport does not tolerate any form of corruption or other unfair business practices. In addition, Fraport is committed to internationally recognized standards, guidelines, and principles, in particular the principles of the UN Global Compact, the Universal Declaration of Human Rights, and the Core Labour Standards of the International Labour Organization, as well as the OECD Guidelines for Multinational Enterprises.

Concepts, measures, and results - Within the scope of its management responsibilities, the Executive Board determines the values and codes of conduct of the Fraport Group and draws up the framework conditions for the legally compliant and ethical behavior of its executives and employees. Combating corruption is a key component of the Fraport Code of Conduct, which has been rolled out globally. The Executive Board is expressly committed to the fundamental values set out in the Code of Conduct and takes a clear stand with a "zero tolerance principle".

The Group-wideCompliance Management System (CMS) contains various measures for combating corruption for which Group- wide minimum standards apply. The minimum requirements need the Group companies to have comprehensive regulations for the handling of gifts and invitations, conflicts of interest, and the compliance audit of business partners. In addition, uniform specifications for the processing of information about compliance violations are prescribed. The responsibility for the CMS of each respective Group company lies with its local management. In the role of Chief Compliance Officer, the head of the "Legal Affairs and Compliance" central unit is responsible for the content, organization, upkeep, and further development of the CMS of Fraport AG. This officer reports directly to the Executive Director of Retail and Real Estate.

The CMS of Fraport AG is based on and starts with a compliance risk analysis, which is carried out regularly - most recently in 2022 - and whose main areas of focus include the fight against corruption. With its Compliance Helpdesk, the Compliance department of Fraport AG supports and advises employees of all positions and hierarchy levels.

The Compliance department of Fraport AG informs the Executive Board in a semi-annualreport on the status of the anti-corruption measures. The Executive Board receives information on material compliance violations immediately after they become known.

The Compliance Board of Fraport AG supports and promotes the cooperation between the Compliance Management (CMS), Risk Management (RMS), Internal Control System (ICS), and audit subsystems. It is the central body that brings together topics specific to the departments and interfaces, and further develops the CMS on an ongoing basis.

Guidelines on receiving invitations and gifts have been defined for the employees of Fraport AG in a separate policy. This regu- lates, among other things, the electronic documentation of the approval of received gifts and invitations. An internal policy on how to deal with conflicts of interest also exists. The employees of Fraport AG are obliged to report any situations, in which they find themselves, where personal interests could contradict Fraport's business interests. This allows reportable facts to be disclosed electronically, and the required measures to then be initiated. The electronic processes support employees in complying with existing laws and internal regulations.

Examining adherence to the Fraport Group's compliance regulations falls under the remit of Internal Auditing. This department provides independent and objective audit as well as consulting services in all major business units of Fraport AG, its subsidiaries and joint ventures, and Group companies. The department also carries out compliance audits. A standardized and risk-oriented planning process is the foundation for the focus points of the audit.

Measures to battle corruption, along with information and instructions on how individual employees can contribute to this, are regularly communicated to the employees of the Fraport Group. Employees must complete training on anti-corruption matters. In addition to a clear presentation of why compliance is important in everyday working life, the e-learning program for Fraport AG employees contains the Fraport Code of Conduct, dealing with gifts and invitations, and conflicts of interest. In addition, the central reporting channels for compliance violations are detailed. In 2023, a new e-learning course, Compliance Basic Knowledge for Executives at Fraport AG, has been additionally rolled out.

can be submitted anonymously via this online system. It is available 24 hours a day worldwide. The factual content of each report is thoroughly reviewed, and sanctions are initiated, if necessary. The requirements of the Whistleblower Protection Act (Hinweis- geberschutzgesetz) are complied with. Furthermore, Fraport AG has an ombudswoman, an external, independent lawyer, at its disposal. Employees at the Frankfurt site can also contact an internal confidant.

A risk-basedcompliance due diligence conducted by the "Acquisitions and Investments" strategic business unit is in place to examine the integrity of Fraport AG business partners' activities in foreign-related investment projects - material compliance risks of a potential business partner are considered accordingly as part of a standard process.

The Group companies implement their own targeted measures to combat corruption and bribery based on the Group-wide CMS requirements. The implementation of the requirements of the German Supply Chain Act and the German Whistleblower Protection Act was the focus at the Group companies in fiscal year 2023.

Performance indicator - No performance indicator, target value, or term has been defined within the scope of the Sustainability Program.

Respect for human rights

Objective - Fraport aims to comply with the international codes of conduct that it endorses. These are especially the principles of the UN Global Compact, the Universal Declaration of Human Rights, the OECD Guidelines for Multinational Enterprises, and the Core Labour Standards of the International Labour Organization (ILO).

Concepts, measures, and results - The "Corporate Development and Sustainability" central unit of Fraport AG deals with, among other things, coordinating Group-wide respect of human rights. Violations can be reported anonymously via the whistle- blower system that is freely accessible worldwide via www.fraport.com/en/compliance. In the context of implementing the due diligence obligations from the LKSG, the electronic whistleblower system was expanded by the categories "Human Rights Viola- tions" and "Environmental Crimes" as of January 1, 2023. In addition, employees in Germany can contact the Compliance department of Fraport AG if required.

Respect for human rights is anchored in the Group-wide binding Fraport Code of Conduct for Employees: Fraport undertakes to respect the fundamental right to freedom of association and the right to collective bargaining that governs the general working conditions within the Group.

As an international oriented company, Fraport encourages diversity in its workforce and pursues the objective of rejecting any form of discrimination. Fraport undertakes not to distinguish, exclude, or favor people based on their ethnic, national and social origin, skin color, gender, age, religion, or belief system. Fraport also prohibits any discrimination based on political activity, membership in a union organization, disability, or sexual orientation. The principle of mutual appreciation and respect is an essential part of the Fraport value culture: Fraport stands for fair, respectful, and cooperative relationships.

Fraport has the same expectations regarding respect for human rights toward its business partners - these requirements are set out in the Supplier Code of Conduct. In this code, Fraport business partners are obliged to work toward ensuring that all other companies, such as subcontractors, involved in the provision of services, consistently comply with these standards.

The Group companies implement their own specific measures to ensure respect for human rights.

Performance indicators - No performance indicator, target value, or term has been defined within the scope of the Sustainability Program.

Customer satisfaction and security

Customer satisfaction and product quality

Objective - The customer comes first at Fraport, both in Frankfurt as well as at all international Group airports. The objective is therefore to continuously improve the focus on customers and service at Group airports. Global passenger satisfaction and baggage connectivity are considered the most important criteria for service quality (see the "Control system" and "Non-financial Performance Indicators" chapters). Protecting the health of employees and customers is also a top priority.

Concepts, measures, and results - To increase the service quality and sense of cleanliness in the sanitary facilities, additional contactless Smiley Boxes were installed at the Frankfurt Airport to collect feedback. As part of the modernization of the security inspection process, 20 check lanes with new computer tomography technology were introduced in Terminal A at Frankfurt Airport in the reporting year. The benefits for passengers is a faster, more efficient process because liquids and electronic devices can remain in hand baggage. The PaxZ system was expanded in order to enable optimum measurement of waiting times at security checks and check-in areas and thus guarantee better forecasts of process times for passengers.

Fraport AG is expanding the digital and contactless travel experience for passengers at Frankfurt Airport together with its system partners. Biometric methods play a central role here. Automatic face recognition replaces passengers presenting documents, provides a fast and convenient service, and increases customer satisfaction. Further biometric touchpoints were put into operation in Pier A/Z, B, and Terminal 2 in 2023.

In order to guarantee service quality and to meet passengers' and airlines' requirements, Fraport conducted extensive modernization measures at the Group airports. Several measures to improve passenger and business processes such as self bag tag print and replacing the terminal equipment were implemented in Greece. A new software to manage lost baggage was introduced at the Airport in Lima.

In the context of the permanent passenger survey Fraport-MONITOR, which was conducted at Frankfurt Airport in order to collect information about global satisfaction, self-assessment interviews were carried out on the passenger's own mobile device (smartphone, tablet, laptop) or on a tablet provided on-site by the interviewers. The basic questionnaire from 2022 was broadly adopted for the 2023 reporting year.

At the fully consolidated international Group airports, regular surveys to measure passenger satisfaction, which were resumed in 2022, were continued in 2023, albeit with some reduced case numbers compared to pre-crisis levels. As in the previous year, the sample sizes are sufficient to provide a valid figure for global satisfaction in both the international portfolio and the Group for the 2023 reporting year.

The reliable loading of luggage for departing flights and the fast delivery of luggage to the baggage claim for arriving flights have a major impact on customer satisfaction. Fraport AG measures this performance for departure baggage based on the non-financial performance indicator Baggage Connectivity (see also the "Control System" and "Non-financial Performance Indicators" chap- ters). The recruitment campaign for Ground Handling started in 2022 at the Frankfurt site was continued in the 2023 reporting year. However, the success was limited by strong traffic growth and the associated further increase in demand for personnel. Infrastructure measures were also introduced to improve baggage connectivity. This means that the forwarding of non-transported baggage items is now fully automated for many airlines so that passenger waiting time is shortened. In technical terms, the required X-ray checks of connecting baggage was optimized in order to save valuable time in the transfer process by reducing the malfunctions of the systems.

The Executive Board is informed about the development of baggage connectivity on a monthly basis. Management receives information on a daily basis so that measures can be taken at any time. Fraport regularly discusses the values with the airlines and ensures improvements are made. For example, Deutsche Lufthansa frequently receives a detailed monitoring report, and optimization measures are managed jointly with Fraport within the scope of regular meetings.

Performance indicators - Global passenger satisfaction and baggage connectivity are considered the most important criteria for measuring service quality (see the "Control System" and "Non-financial Performance Indicators" chapters).

Information and airport security

Security is the key requirement for air traffic. This principle applies equally to passenger traffic and air freight. Accordingly, security management has always been a top priority at Fraport.

All countries in which Fraport is active belong to the International Civil Aviation Organization (ICAO) and have contractually committed to comply with the organization's safety standards and recommended practices for airports. In contrast to most ICAO member states, German law allocates passenger and baggage checks to government authorities, whereas in other countries this is usually the responsibility of the airports.

Information security

Objective - All important business and operating processes at Fraport are supported by IT systems. Due to the ongoing development of new technologies and the increasing global threat of cyberattacks generally, there is an underlying risk potential for IT systems. The objective is therefore to protect all IT systems and data against failure, manipulation, and unwanted publication.

Concepts, measures, and results - Fraport protects its IT systems and data against failure, manipulation, and unwanted publication with active and preventive IT security management. These systems are configured redundantly and are housed at separate sites. The risks in the area of IT security are included in the risk management system (see also the "Risk and Opportunities Report" chapter). The requirements for IT security are specified in the IT security policy and security guidelines that must be followed throughout the Group. Compliance with these requirements is checked regularly by Internal Auditing, IT Security Management, or external advisors. In 2023, Fraport AG once again implemented a variety of projects to adequately respond to the growing risks arising from information technology. In addition, further personnel were hired in this section. The level of IT security is also part of the annual management report for the quality management certification according to ISO 9001 and is therefore regularly audited by external auditors. In addition, potential for improvement identified within the scope of internal audits as well as in the latest KRITIS audit conducted in 2023 according to the German IT Security Act for critical infrastructures (KRITIS) will be processed and the Information Security Management System (ISMS) will be developed further.

Within the scope of a working group in the German Aviation Association, Fraport AG along with other airport operators, Deutsche Lufthansa, and German Air Traffic Control has developed the security standards of the industry. These are based on the new KRITIS requirements. The aim is to comply with regulatory requirements and establish a high security standard within the aviation industry.

The Group companies outside of Frankfurt use their own IT infrastructure, which they protect according to the Group's IT security guidelines. As a rule, the IT systems of the Group companies at the Frankfurt site as well as the SAP systems of Fraport Greece and Fraport Slovenija are integrated into the technology of Fraport AG and managed from Frankfurt. Using other IT systems is only possible with the consent of the Executive Board. At Fraport AG, a separate section within the "Information and Telecommu- nication" service unit is responsible for IT security. Its tasks are, among other things, the ongoing identification and implementation of measures to meet high security standards.

Performance indicator - The security management system at Fraport receives a variety of performance indicators that measur e the effectiveness of the measures implemented. These indicators cannot be published for security reasons.

Data protection

Objective -The objective is to ensure the handling of personal data in compliance with the data protection laws and to safeguard the rights of data subjects. It is irrelevant whether this involves data from passengers, customers, employees, or external compa- nies.

Concepts, measures, and results - Fraport AG has a reporting system for processes that require the company to process personal data. These processes are recorded in a central processing directory. To consolidate the processes and rules at Fraport AG, existing processes were implemented in a data protection management system and a data protection policy was estab- lished. In the data protection policy, the Executive Board has laid out the principles, procedures, and obligations to be observed by all employees when they collect, disclose, transmit, modify, store, or delete personal data such as names, addresses, personnel numbers, or IP addresses in the course of their business activities. Specific data protection topics, such as data subject information or data subject rights, the deletion of data, or the reporting of data protection violations, have been set out in action guidelines with practical information, instructions, process descriptions and reference samples. The guidelines are to be implemented as an annex to the data protection directive for all employees. Extensive training concepts such as an e-learning tool and video training have been established, which can be accessed on the Intranet. At Fraport AG, the separation between the audit and control function and the specification function is ensured by filling the roles of data protection officer and data protection manager.

The data protection officer monitors whether all data protection regulations are complied with at the company. This officer reports directly to the Executive Board and is independent in their tasks. Violations of the EU's General Data Protection Regulation (GDPR) are reported directly to this officer - anonymously if so desired. The data protection manager is responsible for the processing directory of Fraport AG and organizes the processes required for this. This manager has authority to issue guidelines and reports to the Executive Board at regular intervals. The fundamental task of the data protection manager is to initiate, plan, implement, and control the data protection management system.

The majority of the personal data processed by Fraport is due to the issue of airport ID cards and is thus compulsory for security reasons. Fraport AG has implemented both technical and organizational measures to protect data against misuse. Access to this system is allowed to only a limited group of people for a specifically defined task. Fraport AG collects personal data of passengers primarily for the use of parking garages, baggage handling, and specific processes at the terminal. Special regulations were therefore established while implementing biometric passenger processes (biometric eGates at the integrated pre-checks). Travel data is processed exclusively by the airlines. There are clear guidelines for the use of video technology at the Frankfurt site in order to ensure the personal rights of passengers, visitors, and employees. It also regulates the extent to which authorities are allowed to use Fraport video technology.

Given the advancing digitalization, the data protection team implemented specific processes in order to meet future requirements within a reasonable period of time. The procedures introduced ensure that data protection law is taken into account from the outset, both for business processes in general and for specific data protection topics, such as the processing of data subject inquiries. Checklists and automated evaluations are essential components here.

The level of data protection is part of the annual management report for the quality management certification according to ISO 9001. In addition, the data protection officer prepares an activity report. Since 2022, quality management audits will regularly include questions on data protection. Specific core questions are asked about the implementation of data protection. Depending on the answers, the data protection team develops an action plan for the following cycle. In addition, Internal Auditing reviews selected data protection topics annually.

The Executive Board of Fraport AG works toward ensuring that Group companies in Europe comply with the European General Data Protection Regulation and the timely implementation of the relevant legal requirements. In addition to offering training for employees, the Group companies have also created technical requirements to always take data protection into account. The Group companies outside the EU comply with the relevant national laws on data protection.

Performance indicator - No performance indicator, target value, or term has been defined within the scope of the Sustainability Program.

Airport safety

This area encompasses both security and safety: safety refers to the operational safety of the overall airport as well as the safety within the airport site. Security is understood in terms of defending against terrorist threats and protecting civil aviation.

Objective - For all operational processes, this focuses on safeguarding the safety and security of everyone at Fraport's airports.

Concepts, measures, and results - The measures include passenger, baggage, and cargo inspections, as well as the access control points for airport employees and suppliers. Regular weekly or monthly meetings are held with airlines, security service providers, and authorities to exchange current information.

At the international Group airports, the security requirements of each respective country as well as international standards for safety and security management are in effect. It is the responsibility of the local Group companies to implement and comply with these requirements. They include, among other things, a safety management system and access controls when entering the security area.

Fraport AG supports the Group companies in planning and implementing security measures. It also provides needs-based training for employees online, for example within the context of safety and security trainings. Within the scope of specialist exchange events, there is also a regular exchange between the Group companies.

Safety

Based on European statutory regulations, Fraport AG is obliged to operate a Safety Management System (SMS) at Frankfurt Airport. The EASA Safety Manager follows the guidelines of the European Aviation Safety Agency (EASA) and has a direct reporting right to the Executive Board.

The SMS focuses on the safety of airport operations. The SMS takes into account all the risks - technical, organizational, or human - that may affect them. The SMS coordinates security measures in daily operations. It records safety-related events and is able to detect vulnerabilities. The objective is for all parties involved in air travel to implement the requirements contained in the Safety Policy of Fraport AG. Airport employees can submit safety-related reports to the SMS. In addition, anyone with access to the airside areas (apron and runway) must regularly complete safety training.

As a central reporting and alarm point for security matters, Fraport AG operates a security control center at Frankfurt Airport, which activates the emergency and crisis management, if required. The airport fire department, medical services, ambulance service, and the security services then coordinate operations on site. A crisis unit commences operation in the "Emergency Response and Information Center" (ERIC). It coordinates and executes all measures that require a concerted approach at the site beyond any routine damage and risk prevention. If necessary, the Fraport Emergency Team, consisting of volunteer employees of Fraport AG and the Group companies at the Frankfurt site, is deployed, which takes care of passengers, greeters, and relatives on site.

The contingency plan for Frankfurt Airport "FRA Not" documents which preparations have been made for various emergency scenarios and defines procedures to minimize the impact. ICAO and EASA prescribe regular exercises to be carried out by the respective airport operating company at the Group airports to train for the handling of emergencies and other security-related scenarios. Such exercises have no impact on flight operations. The results are used for further education and training.

Security

Both international and European regulations contain guidelines on the structural design of airport infrastructure to prevent attacks such as sabotage or terrorist activities.

In Germany, the German Aviation Security Act (LuftSiG) regulates the passenger and baggage controls as well as personnel and goods checks for access to the security areas. In addition, the LuftSiG defines the access and approach controls to airside areas as being within the direct responsibility of the airport operator. On January 1, 2023, Fraport took over the organiza- tion, management, and operation of aviation security services at Frankfurt Airport from the German Federal Police. Personnel and goods checks are carried out by the Group company, FraSec Flughafensicherheit GmbH.

Fraport AG develops measures to maintain high security standards independently and in agreement with the competent authorities. In the reporting year, responsibility for performing security services and passenger controls at Frankfurt Airport was transferred. Since then, it has been possible for the airport operator to make greater progress with control and quality management and thus to make processes more flexible and more efficient.

Performance indicator - No performance indicator, target value, or term has been defined within the scope of the Sustainability Program.

Employee-related Matters

Group-wide, Fraport aims to remain competitive so as to provide workplaces with fair and just working conditions and guarantee appropriate salaries and wages.

Pursuant to responsible corporate governance, Fraport has made a commitment to comply with internationally recognized standards of conduct, such as those defined in the principles of the UN Global Compact, the OECD guidelines, and the ILO Core Labour Standards. They are published in the Code of Conduct, which obliges employees to comply with these fundamental principles.

Important non-financial performance indicators in the context of personnel matters are the key figures employee satisfaction, women in management positions, and sickness rate in Germany. Another indicator used to monitor accident development is LTIF (Lost Time Injury Frequency).

Attractive and responsible employer

Objective - Fraport seeks to create good working conditions and increase employee satisfaction (see also the "Control System" and "Non-financial Performance Indicators" chapters).

Concepts, measures, and results - The Group Barometer, which is used to measure employee satisfaction, was redesigned in 2022 in terms of content and procedure. One of the goals is to make well-founded statements on employee satisfaction at Group level. This should make it easier to derive target-oriented improvement measures on the basis of the results throughout the Group. The survey is conducted every two years since the 2022 reporting year. Optimizing the derivation and implementation