At Acosta Verde, our Board of Directors is the pillar of strong corporate governance, based on transparency, accountability and alignment with ESG best practices.. Its main function is the oversight and approval of corporate strategies, ensuring that decisions are governed by principles of ethics, integrity and sustainability. To strengthen decision-making, the Board works in close coordination with senior management and specialized committees, promoting risk management, regulatory compliance and the integration of ESG factors in the company’s operations.

At the end of 2024, the Board of Directors was comprised of 11 members, of which five are independent, ensuring an appropriate balance between experience, independence and diversity of perspectives.

The Nominations Committee is responsible for the search, evaluation and proposal of candidates for the Board, with a focus on experience, independence and alignment with ESG principles. This process is carried out under the guidelines of the Securities Market Law (LMV) and industry’s best practices.

In accordance with the Company’s bylaws, the following criteria must be met:

• The members of the Board of Directors may or may not be shareholders of the Company and must have the legal capacity to perform their duties.
• Each proprietary director may have an alternate, and in the case of independent directors, their alternate must also comply with this characteristic.
• At least 25% of the directors must be independent.
• Both the Chairman of the Board of Directors and the Secretary are appointed by the General Shareholders’ Meeting.

At Acosta Verde, we recognize the importance of having a Board of Directors that is informed and aligned with best practices in sustainability. For this reason, in 2024 we will continue with ESG training for its members, with the objective of strengthening their knowledge of global trends, emerging regulations and key frameworks for sustainability management and disclosure.

During the year, sessions included topics such as:

• GAV today and key ESG Frameworks
• Current climate standards disclosure overview
• ESG certifications
• ESG reporting standards

Sessions of the Board of Directors in 2024

At Acosta Verde we promote a diverse Board of Directors, made up of members with broad experience in strategic and relevant issues for the Company. We value the integration of different perspectives, considering their professional background, knowledge, gender, nationality and length of time on the Board, to strengthen decision making and guarantee an integral vision in the management of the company

E The Board of Directors is supported by four operating committees, which play a key role in supervision and strategic decision-making. The selection of its members is carried out in accordance with the provisions of the Securities Market Law (LMV), ensuring that each committee has the participation of independent directors, which strengthens objectivity and transparency in its operation..

Audit and Corporate Practices Committee

Compensation Committee

Investment Committee

Nominations Committee

Acosta Verde’s management team is responsible for designing, executing and ensuring the correct implementation of the business strategy. In addition, it is committed to following and implementing the recommendations issued by the Board of Directors and its committees, ensuring management is aligned with corporate objectives and best governance practices.

Compensation at Acosta Verde is managed in a structured manner and in compliance with corporate governance processes:

• The compensation of the Chief Executive Officer is approved by the Board of Directors.
• The compensation of the independent members of the Board of Directors is authorized by the Shareholders’ Meeting.
• All other compensation within the Company is analyzed and discussed by the Compensation Committee.

As for our team members, the compensation structure includes a fixed and a variable portion, ensuring incentives aligned with performance. Additionally, the variable compensation of the Chief Legal and Operations Officer, responsible for the sustainability area, is linked to the fulfillment of strategic objectives, including ESG goals, thus reinforcing our commitment to sustainability and responsible performance.

Edgar Maldonado de los Reyes is retiring from Acosta Verde on March 31, 2025, and will be replaced by Rosalinda Fernández Castillón. For more information, please refer to the relevant event.

At Acosta Verde, we recognize that risk management is a fundamental pillar to guarantee the sustainability and continuity of our business. We understand that risk exposure is inherent to our operations, so we adopt a comprehensive approach that allows us to identify, evaluate and mitigate potential impacts on our processes. To do so, we consider operational, economic, financial, regulatory, social and environmental factors, ensuring informed decision making aligned with our strategic objectives.

Currently, our risk management methodology is based on the COSO (Committee of Sponsoring Organizations) framework, which allows us to structure a solid process of risk identification, analysis, evaluation and monitoring. This strategy helps us to implement timely and effective controls that reinforce the stability and resilience of the organization.

Our risk management process is comprised of six key steps designed to ensure appropriate and timely treatment of risks throughout the company.

At Acosta Verde, we maintain a zero-tolerance policy for corruption, ensuring that our operations are governed by the highest standards of ethics and transparency. We are committed to corporate integrity, implementing strict controls that reinforce a culture of compliance and mitigate any risk of improper practices.

To this end, we adopt the best practices and international anti corruption standards, ensuring compliance with key regulations, such as the Foreign Corrupt Practices Act (FCPA), which prohibits any act of bribery, whether direct or indirect, of public officials to obtain improper advantages.

Our anti-corruption and anti-bribery strategy is supported by a series of measures and controls that ensure transparency in our operations, including:

Anti-corruption policy

Guiding document that establishes strict guidelines to prevent and sanction any act of corruption.

Internal compliance team

Attached to the Legal and Operations Department, in charge of monitoring and enforcing anti-corruption policies.

Continuous training

Ethics and corruption prevention training for team members and suppliers.

Supplier evaluation

Review of compliance with anti-corruption standards before establishing business relationships.

Contracts with anti-corruption clauses

All leasing and service agreements include specific provisions to ensure transparency.

During 2024, we strengthened our actions to ensure compliance with our anti-corruption policies and adherence to FCPA standards. As a result:

• 100% of our 745 supplier transactions were assessed for corruption risks under FCPA standards.
• 100% of supplier contracts include an anti-corruption clause.
• 100% of team members and suppliers were informed about our anti-corruption policies and procedures.
• 90% of team members at Plaza Sendero shopping centers received training on anti-corruption and internal FCPA policy.
• 100% of new team members completed training on anti-corruption and FCPA policy guidelines.

In 2024, there were no confirmed cases of corruption in our operations, and no monetary losses arising from legal proceedings related to professional integrity, fraud, negligence, or regulatory non-compliance.

These results reflect our strong commitment to transparency, business ethics and regulatory compliance, ensuring that our operating practices remain aligned with the highest standards of integrity.

At Acosta Verde, ethics and transparency are the fundamental pillars of our organizational culture and our way of doing business. We believe that management based on principles of integrity, responsibility and regulatory compliance is essential to generate trust with our stakeholders and ensure the sustainable growth of the company.

Our commitment to business ethics is reflected in the implementation of policies, regulations and control mechanisms that ensure the adoption of best practices in governance. Through our Code of Ethics, we establish the principles that guide the conduct of our team members, managers and business partners, promoting a work environment based on respect, fairness and accountability.

In addition, we have whistle-blowing systems and confidential communication channels designed to detect and prevent any type of improper practice, thus reinforcing our commitment to transparency.

At Acosta Verde, we implement a due diligence process for the evaluation of new projects and the acquisition of operating assets. This analysis allows us to ensure that each investment meets sustainability and regulatory compliance criteria, aligned with our principles of responsible operation.

During this phase, we review the following factors:

• Environmental studies and assessments, including Phase I Studies and Environmental Impact Studies.
• Compliance with municipal, state and federal environmental regulations.
• Land use review to ensure the viability of new Plaza Sendero shopping centers.
• Road impact studies, ensuring accessibility and mitigation of impacts.
• Waste management analysis, promoting sustainable practices.
• Evaluation of water and energy consumption, promoting operational efficiency.
• Measurement of greenhouse gas emissions, with a focus on reduction and mitigation.
• Community impact, ensuring responsible social and environmental integration.
• Value generation, prioritizing long-term benefits for our stakeholders.

This process allows us to make informed decisions aligned with our commitment to sustainability and responsible growth.

At Acosta Verde, we believe that ethics, transparency and accountability are fundamental principles that guide the way we operate and make decisions. Our Code of Ethics establishes guidelines that govern the conduct of all team members, managers and business partners, ensuring a work environment based on integrity, respect and fairness.

This document defines our commitments in terms of business practices, regulatory compliance and stakeholder relations, promoting an organizational culture aligned with the highest standards of governance.

The Code establishes guidelines on working conditions, safety in the workplace, interactions with third parties, safeguarding of information, prevention of corruption and money laundering, management of conflicts of interest, human rights, and our responsibility to the environment and the community.

We have an Ethics Action Line, a reporting system accessible to all our stakeholders. This mechanism is managed by Ethics Global, an independent provider that guarantees the management of reports in an impartial, orderly and confidential manner.

Through this platform, anyone can report possible breaches of the Code of Ethics or our internal policies.

Ethics Action Line

01 800 04 38422

Website

accionetica.ethicsglobal.com

Each complaint received is channeled to the Ethics Committee, which is responsible for its analysis and determines the corresponding measures or sanctions.

Complaints received during the period

Complaints closed during the period

Complaints that were not closed during the period

Complaints received during the period that are in the process of being closed.

Complaint that was unfounded

• 1 Inappropriate treatment of clients (25%)
• 2 Transactions (50%)
• 1 Related to harassment or discrimination (25%)

At Acosta Verde, we recognize the dignity and freedom of all people, promoting a work environment based on respect, equality and inclusion. We are committed to guaranteeing compliance with Human Rights within our organization, in our value chain and in the communities where we operate.

We reject any form of discrimination, child labor, forced labor and human trafficking. We promote gender equity, freedom of association and participation in collective agreements, guaranteeing fair and safe working conditions for all our employees. We also strictly prohibit harassment, coercion and threats, ensuring an environment of respect and integrity.

Additionally, in 2024 we participated in the Business and Human Rights Accelerator Program, which aims to help organizations identify, manage and communicate their impact on human and labor rights, aligning with international standards such as the Universal Declaration of Human Rights and the ILO Declaration on Fundamental Principles and Rights at Work.

Through evaluations, workshops, knowledge sharing among employees and dialogues among various stakeholders, we were given tools to identify our responsibilities in respecting human and labor rights, establish a continuous due diligence process, following international standards and how to report and communicate on our progress in human rights, including compliance with the United Nations Global Compact’s Communication on Progress (CoP).

To ensure compliance with these policies, we have an Ethics Action Line, operated by an independent third party, where employees and stakeholders can confidentially report any non-compliance.

To learn more about our policies visit our website.

At Acosta Verde, cybersecurity is a strategic priority to guarantee the protection of information, operational continuity and the trust of our stakeholders. Aware of the constant evolution of digital threats, we have strengthened our technological infrastructure and our security protocols, ensuring proactive management of cyber risks.

In 2024, we conducted our annual vulnerability analysis with the support of a consultant specializing in cybersecurity. This process included:

• External tests (“pentest”) to evaluate the resistance of our systems to simulated attacks.
• Internal testing to detect security breaches within the digital infrastructure.
• Social engineering to measure the susceptibility of personnel to manipulation and fraud attempts.

The results reflected a significant improvement over the previous year, highlighting the effectiveness of our security patch management policies and controls.

During the year, we reinforced our patch update policy with a preventive approach to mitigate risks of software vulnerabilities. We implemented a model that:

• Aligns updates with manufacturers’ schedules for agile response to new threats.
• Increases patch deployment frequency, reducing exposure to security risks.

To strengthen the protection and availability of information, we implemented a new backup system that:

• Optimizes data backup and recovery times.
• Increase restoration points to improve operational continuity.
• Integrates new functionalities for greater shielding against cybersecurity incidents.

Strategic adjustments were made to our Disaster Recovery Plan (DRP) infrastructure, enabling:

• Improved restoration capacity in case of incidents.
• Significant reduction in contingency response time.