Extreme Networks, Inc.
Conflict Minerals Report
For The Calendar Year Ended December 31, 2025
This Conflict Minerals Report (the “Report”) for Extreme Networks, Inc. (“we” or “our”) is provided in accordance with Rule 13p-1 under the Securities Exchange Act of 1934 (“Rule 13p-1”) for the reporting period from January 1 to December 31, 2025. Rule 13p-1 requires the disclosure of certain information by companies that manufacture or contract to manufacture products that use minerals specified in Rule 13p-1 that are necessary to the functionality or production of these products. These minerals are columbite-tantalite (coltan), cassiterite, wolframite, gold, or their derivatives, which the Securities and Exchange Commission has limited to tantalum, tin, tungsten and gold (collectively, the “Minerals”).
We have determined that certain Minerals are necessary to the functionality or production of our networking equipment. We generally manufacture our products through contract manufacturers. As a result, we do not have direct relationships with many of our suppliers. Due to the depth of the supply chain, we are far removed from the sources of ore from which these metals are produced and the smelters/refiners that process those ores. Consequently, we rely on our contract manufacturers, direct and indirect suppliers, and industry initiatives for source information on the Minerals in our products.
For the reporting period from January 1 to December 31, 2025, we conducted reasonable country of origin (“RCOI”) activities followed by due diligence investigations to determine the source and chain of custody of the Minerals that are necessary to the functionality or production of our products.
We have reason to believe, based on our reasonable country of origin inquiry and due diligence, that certain smelters within our supply chain may source Minerals from the Democratic Republic of the Congo (“DRC”) or from Conflict-Affected and High-Risk Areas (“CAHRAs”), as defined by the Responsible Minerals Initiative (“RMI”). Although Rule 13p-1 defines “Covered Countries” as the DRC and its adjoining countries, we consider CAHRAs more broadly as part of our responsible sourcing risk assessment, consistent with RMI guidance.
RMI’s definition of CAHRAs includes countries identified as high risk under applicable conflict minerals frameworks, including the DRC and its adjoining countries, as well as other regions identified by regulatory bodies such as the European Commission pursuant to Article 14.2 of Regulation (EU) 2017/821.
A majority of identified Smelters were classified by RMI as Responsible Minerals Assurance Process (“RMAP”) conformant. Where smelters are identified as RMAP non-conformant and source Minerals from the DRC or CAHRAs, we engage with the relevant suppliers to obtain remediation plans and timelines for transitioning away from such smelters, and we take additional steps, where appropriate, to mitigate associated risks within our supply chain. Because we are a downstream company and rely on supplier-provided information, we do not have direct relationships with smelters or refiners and, in many cases, cannot determine whether specific smelters reported by suppliers contributed to our products.
Company Overview
We are a provider of cloud networking solutions, software, and services. We design, develop, and manufacture wired, wireless, and software-defined wide area network (“SD-WAN”) infrastructure equipment, software, and cloud-based network management solutions. Our cloud-based platform offers unified network management across wireless access points, switches, and SD-WAN, and leverages machine learning, artificial intelligence for information technology operations and analytics to help customers deliver secure connectivity at the edge, accelerate cloud deployments, and derive actionable insights to save time, lower costs, and streamline operations. We conduct our sales and marketing activities on a worldwide basis through distributors, resellers, and our field sales organization.
Conflict Minerals Program
We are committed to the responsible sourcing and use of conflict-free minerals as components of any products linked to our business endeavors. We are a member of the Responsible Business Alliance (“RBA”). As a member of the RBA, we expect all suppliers to abide by the RBA Code of Conduct.
We have established a conflict minerals compliance program that is based on the framework established by the Organisation for Economic Cooperation and Development (the “OECD Framework”) applicable to downstream companies. We have continued to expand our conflict minerals compliance program to improve alignment between the Company’s due diligence activities and the current OECD Framework.
We engage a third-party service provider to collect data from our suppliers. We rely in good faith on the information suppliers provide and expect them to maintain responsible and ethical business practices consistent with the OECD Due Diligence Guidance for Responsible Supply Chains of Minerals from Conflict-Affected and High-Risk Areas.
Reasonable Country of Origin Inquiry
We conducted a RCOI survey of all of our suppliers. Of the 42 suppliers contacted by the Company, 41 suppliers provided valid responses to our questionnaires. Suppliers were asked to utilize the RMI Conflict Minerals Reporting Template (“CMRT”) to report on their usage and sourcing of materials containing the Minerals, and all responding suppliers provided CMRTs. The RMI CMRT was developed by several of the world’s leading consumer electronics companies and is generally regarded as the most common reporting tool for conflict minerals content and sourcing information. As a downstream company, we rely primarily on supplier-provided CMRTs and RMI data, and therefore our ability to determine the specific mine or location of origin of the necessary Minerals is limited.
These surveys listed a total of approximately 341 unique smelters and refiners (“Smelters”) that may process the necessary Minerals contained in our products. Due to the use of company-wide surveys by some suppliers, the multiple tiers in our supply chain, and the fact that many suppliers provide company-level rather than product-level data, we cannot determine with certainty which reported Smelters actually provide the specific Minerals used in our products, and the resulting list of Smelters may be over-inclusive.
Based on the data obtained through our RCOI and due diligence:
•210 Smelters were identified as RMAP conformant,
•9 were categorized as “Active” (in the process of becoming conformant), and
•122 were identified as non-conformant or requiring further outreach.
We assess smelter status using information provided by the RMI and other publicly available sources and engage with suppliers, as appropriate, regarding higher-risk smelters. We are actively working on smelter outreach and removal where the smelter sources Minerals from the DRC or CAHRAs and is designated as RMAP non-conformant.
Certain additional information regarding smelters and refiners identified through our due diligence process is made available on our corporate website for transparency purposes. The contents of such website are not incorporated by reference into, and are not a part of, this Report.
Design of Due Diligence Measures
The following are the due diligence measures we performed as a result of our RCOI:
1.Establish Strong Company Management Systems. Our Supply Chain team, reporting to a Senior Vice President, oversees supply chain due diligence related to the Minerals. Our Supply Chain team communicates our Extreme Networks Conflict Minerals Policy (“Conflict Minerals Policy”) and our
Supplier Code of Conduct to our suppliers and works with our third-party service provider to gather information for this Report. Our Conflict Minerals Policy directs our suppliers to comply with the RBA Code of Conduct and to utilize a supply chain that does not support the conflict in the DRC and CAHRA. Copies of our Conflict Minerals Policy and Supplier Code of Conduct are available on our website at https://www.extremenetworks.com/company/csr/.
2.Identify and Assess Risk in the Supply Chain. We are continually trying to identify risks within our supply chain. Each year, we conduct a thorough evaluation of our supply chain based on the previous year’s spend. Using a third-party service provider, we conduct supply-chain surveys with our direct suppliers using the CMRT to identify the smelters and refiners and to determine the risks of any sources from the DRC and CAHRAs within our supply chain. We utilize third parties to evaluate supplier responses for plausibility, consistency, and gaps, both in terms of which products were stated to contain or not contain the Minerals, and the origin of the Minerals. In addition, we validate the information we receive from our suppliers, to the extent possible, using different procedures such as comparing different supplier responses for inconsistencies related to the same Minerals. We and our third-party service provider follow up with the suppliers surveyed, to the extent possible, on missing and inconsistent information. Over time, we anticipate that the amount of information globally available regarding the traceability and sourcing of the Minerals will increase.
In addition to direct queries to our suppliers, we utilize industry supply chain management tools and our third-party service provider to determine if there is any risk that the Minerals being used in our products are from DRC or CAHRAs and benefit armed groups in these areas. For example, we check the conflict-free status of smelters and refiners on the RMI’s website.
Upon receiving information about all smelters within our supply chain, we assess their risk based on their RMI status and the origins of their minerals.
In addition to research regarding whether Minerals have been sourced from the DRC or CAHRA, we also conduct inquiries to determine whether refineries reported by suppliers have been sanctioned by the U.S. Department of the Treasury, Office of Foreign Assets Control (OFAC) (“Sanctioned Entities”) as a source of Minerals. If we find such reports, we will continue to conduct due diligence to attempt to confirm whether or not the refineries in question were sanctioned at the time the suppliers acquired Minerals, and whether or not the refinery actually exists in our supply chain. If a supplier continues to use Sanctioned Entities in their supply chain, we will request that the suppliers provide us with schedules for eliminating those Sanctioned Entities from their supply chains.
3.Design and Implement a Strategy to Respond to Identified Risks. If the source of Minerals is identified as originating in the DRC or CAHRAs or is otherwise identified as high risk, we contact suppliers using that source of Minerals to request a remediation plan to address the risk. The remediation plan must detail which Extreme Networks components contain minerals from high-risk smelters, provide a list of high-risk smelters and a timeline for removing high-risk smelters from the supply chain. The supplier will be asked to acknowledge Extreme Networks’ compliance requirements.
4.Product Impact Assessment: If the high-risk smelter is found to be used in products we manufacture and sell, we take further action to remove the component/smelter from our products by seeking suitable alternatives.
5.Third-Party Audits of Supply Chain at Identified Points in the Supply Chain. As a downstream user of Minerals, we do not purchase Minerals directly from smelters or refineries. We rely on entities closer to the smelters and refineries to conduct in-person audits. We rely on sources such as RMI to determine the conflict-free status of smelters or refineries.
6.Report on Supply Chain Due Diligence. This Report summarizes our due diligence processes and aggregated findings relating to Smelters identified through such processes. We file this Report with the Securities and Exchange Commission and post it on our website at https://investor.extremenetworks.com/overview/default.aspx. We have not obtained an independent private sector audit of this Report, and we do not describe any of our products as “DRC conflict free.”
Steps To Be Taken To Mitigate Future Risk
We take the following steps to improve the program and further mitigate any risk that the necessary Minerals in our products could benefit armed groups in the DRC or CAHRA:
1.Compliance Consulting Services. We use a third-party service provider to assist us with follow up on responses to the suppliers’ surveys and validate responses from suppliers.
2.Quality Management System. We follow our Quality Management System (“QMS”) process, which includes requiring compliance with the RCOI and conflict minerals disclosure processes as part of the supplier qualification and audit processes. The QMS includes a “corrective action-preventive action process” that is consistent with the OECD Framework.
3.Work with Suppliers on Quality of Information. We continue to communicate our expectations regarding the quality of information to be provided by our suppliers. We request that all our suppliers provide a completed and accurate RMI CMRT for the products that such suppliers manufacture for us that include the Minerals.
4.Provide a Reporting Mechanism. The Company maintains an email address, extr-supplier-coc@extremenetworks.com, which is available internally and externally for reports of supply chain-related concerns, including those related to conflict minerals.
FORWARD-LOOKING STATEMENTS
Statements relating to due diligence improvements are forward-looking in nature and are based on our current expectations or beliefs. These forward-looking statements are not a guarantee of performance and are subject to a number of uncertainties and other factors that may be outside of our control and which could cause actual events to differ materially from those expressed or implied by the statements made herein. Such factors include, among others, risks related to supply chain disruptions and component availability; global macroeconomic, political, and geopolitical factors; and a dependency on third parties for certain components and for the manufacturing of the Company’s products. More information about potential factors that could affect the forward-looking statements contained in this Report is described in “Risk Factors” included in our Annual Report on Form 10-K for the year ended June 30, 2025, Quarterly Report on Form 10-Q for the quarters ended September 30, 2025, December 31, 2025 and March 31, 2026, and other documents on file with the Securities and Exchange Commission (available at www.sec.gov). Any forward-looking statements in this Report are based on current information as of the date of this Report, and we assume no obligation to correct or update any such statements in the future, except as required by applicable law.
DOCUMENTS INCORPORATED BY REFERENCE
Unless otherwise stated herein, any documents, third-party materials or references to websites (including our website) are not incorporated by reference in, or considered to be a part of this Report, unless expressly incorporated by reference herein.
INHERENT LIMITATIONS ON DUE DILIGENCE MEASURES
Our due diligence measures can provide only reasonable, not absolute, assurance regarding the source and chain of custody of the Minerals. Our due diligence processes are based on the necessity of seeking data from our direct suppliers and those suppliers seeking similar information within their supply chains to identify the original sources of the Minerals. Such sources of information may yield inaccurate or incomplete information and may be subject to fraud.
Appendix A
Countries of Origin
Based on information provided by our suppliers in CMRTs and RMI, the identified countries of origin of the Minerals processed by the smelters and refiners identified in our supply chain may include the countries listed below, from either mined or scrap/recycled sources in those countries. The listed countries of origin are derived from information made available to the Company by RMI as of May 29, 2026.
|
|
|
Albania |
Georgia |
Norway |
Andorra |
Germany |
Oman |
Angola |
Ghana |
Panama |
Argentina |
Guatemala |
Papua New Guinea |
Armenia |
Guinea |
Peru |
Australia |
Guyana |
Philippines |
Austria |
Honduras |
Poland |
Azerbaijan |
Hong Kong |
Portugal |
Belarus |
Hungary |
Russian Federation |
Belgium |
India |
Rwanda |
Benin |
Indonesia |
Saudi Arabia |
Bermuda |
Ireland |
Senegal |
Bolivia (Plurinational State of) |
Israel |
Serbia |
Botswana |
Italy |
Sierra Leone |
Brazil |
Japan |
Singapore |
Bulgaria |
Jersey |
Slovakia |
Burkina Faso |
Kazakhstan |
Solomon Islands |
Burundi |
Kenya |
South Africa |
Cambodia |
Korea |
South Sudan |
Canada |
Kyrgyzstan |
Spain |
Central African Republic |
Liberia |
Sudan |
Chile |
Liechtenstein |
Suriname |
China |
Lithuania |
Sweden |
Colombia |
Luxembourg |
Switzerland |
Congo |
Madagascar |
Taiwan |
Cyprus |
Malaysia |
Tajikistan |
Democratic Republic of the Congo |
Mali |
Tanzania |
Djibouti |
Mauritania |
Thailand |
Dominica |
Mexico |
Turkey |
Dominican Republic |
Mongolia |
Uganda |
Ecuador |
Morocco |
United Arab Emirates |
Egypt |
Mozambique |
United Kingdom |
El Salvador |
Myanmar |
United States of America |
Eritrea |
Namibia |
Uruguay |
Estonia |
Netherlands |
Uzbekistan |
Ethiopia |
New Zealand |
Vietnam |
Fiji |
Nicaragua |
Zambia |
Finland |
Niger |
Zimbabwe |
France |
Nigeria |
|