A sound governance framework and a set of well-defined management responsibilities provide strong support for the efficient operations of VNET. The Group has established a governance structure comprising the general meeting of shareholders, the Board and Board committees, and the management. The Board of Directors offers guidance and suggestions to management, including strategic formulation and implementation oversight, monitoring operational and financial performance, and ensuring effective internal controls and risk management systems are in place. Each Board committee is responsible for overseeing and reviewing matters within their respective domains to ensure stable corporate operations. The terms of reference for each committee are published on the Group’s website1 and are available to stakeholders. The Board convenes regularly, and in 2025, the average Board meetings attendance was 100%.
We emphasize the importance on the independence and diversity of our Board of Directors. The Audit Committee, the Nomination & Corporate Governance Committee, and the Compensation Committee under the Board are all chaired by independent non-executive directors. When selecting and appointing directors, the Board prioritizes diversity and considers multiple dimensions, including but not limited to professional expertise, industry experience and qualifications, educational and cultural backgrounds, gender, ethnicity, etc. This ensures that comprehensive perspectives and profound insights can be brought to the Company based on the skills, experiences, knowledge, and viewpoints of the Board members.
To enhance the Board’s awareness on compliance and capabilities to perform duties and improve operational efficiency, we regularly provide directors with systematic professional training and courses covering updates on market regulation and risk management. This ensures that the Board’s decision-making aligns with regulatory norms and the Company’s long-term development.
As of the release of this Report, the Board of Directors consisted of five members, including one executive directors and four independent directors. Independent directors account for 80% of the Board.
The Group has established an ESG governance structure with the Board of Directors assuming the responsibility and the management taking the lead, enhancing cross-functional cooperation and cross-level collaboration. The Group has incorporated ESG management into its decision-making process to promote well-rounded development of the enterprise. The Board of Directors serves as the highest decision-making body for the Group's ESG matters, being responsible for providing comprehensive guidance and supervision over ESG initiatives, and for ensuring the effectiveness of the ESG management processes to support the continuous optimization and improvement of the ESG performance.
VNET places significant emphasis on risk management and internal controls in its operations. In compliance with the requirements of the Sarbanes-Oxley Act, we have established sound risk management and internal control systems based on the Integrated Framework for Internal Control (hereinafter referred to as the “Framework”) issued by the Committee of Sponsoring Organizations of the Treadway Commission (hereinafter referred to as “COSO”), while integrating the characteristics of our business. We identify and provide early warnings for both financial and non-financial risks during operations, thereby forming an effective risk prevention and control mechanism. We have implemented the three-lines-of-defense structure for risk management, integrating risk management into our corporate governance and operational processes. By clearly defining the roles and responsibilities of the Board of Directors, management, the internal audit function, and external audit institutions within the risk prevention system, we ensure the integrity and effectiveness of our risk management framework.
Under the guidance of the COSO framework, VNET has formulated the Guidelines on Risk Management to conduct annual risk assessments on key risk factors that may impact the Group’s business development. We implement a structured risk management process through the steps of “risk information collection - risk assessment - risk management strategy – risk control and response – and risk monitoring and improvement” to enhance the ability to identify and respond to risks.
Based on its independence, the Group’s independent internal audit function annually tests and performs self-evaluation of the design and execution effectiveness of the internal control system and also carries out special audits on a regular basis. In 2025, the focus of special audits included operational efficiency, integrated IT governance, and procurement management. Additionally, we annually engage an external auditor to audit the Group’s financial statements and related internal controls. We received evaluations from our auditor on whether there are any material deficiencies and insights to support the Group’s continuous improvement of internal control practices. The full report on the audit conclusions can be found on the Group’s website for the review and supervision of all relevant stakeholders.
We foster a environment that values risk management across all organizational levels and instill such principles as core values. The Board of Directors prioritizes the cultivation of risk culture, with directors and senior executives leading these efforts across the Group. Managers and business operators of key management and business processes and risk control points serve as the backbone of this initiative. Risk factors are systematically incorporated into all business operations and key processes (including strategic planning, product development, procurement, production safety, labor rights, environmental protection, and climate change, etc.), ensuring rigorous adherence to the risk management process.
We develop a risk management culture through integrating measures within the compensation and human resources systems to strengthen risk awareness among all management levels, preventing behaviors such as reckless expansion, obsessively performance chasing, and neglect of risk. Cybersecurity, anti-corruption, occupational health and safety, and other risk-related metrics are incorporated into performance evaluations and incentives for senior executives and employees. Assessment results directly impact compensation, incentives, bonuses, and promotions, ensuring effective implementation of risk management practices.
The Group regularly provides specialized risk management training to all directors, including non-executive directors, to keep them updated on emerging trends and practices. Through diverse channels such as training sessions, official posts and promotional articles, we extend risk-related education to all employees. Additionally, we have established a pre-employment risk management training program for managers and business operators of key management and business processes and risk control points. Diverse training methods are adopted to reinforce risk management principles, knowledge, procedures, and controls, nurturing a pipeline of risk management professionals. In 2025, the Group conducted a series of training programs focusing on risk management and internal controls, trade compliance, revenue process internal controls, and tax governance, and published 10 awarness-building articles, with risk-related training reaching over 4,300 participants.
VNET focuses on risks that are highly relevant to enterprise operations, including risks associated with related-party transactions, market risks, information security risks, human resources risks, etc. The Group adheres to a forward-looking mindset, actively identifies and addresses emerging risks to better adapt to the continuously changing external environment, and regularly assesses and analyzes risk exposures through formal risk management processes.
VNET adheres to the business principles of integrity and honesty and is committed to jointly creating a harmonious and fair business environment with its partners. We strictly comply with the relevant laws and regulations of where we operate and have established a sound business ethics and compliance management system tailored to the Group. This system explicitly addresses fair competition, anti-monopoly, and anti-corruption practices, while systematically defining departmental responsibilities, reporting lines, and accountability mechanisms. The Board of Directors assumes ultimate oversight and responsibility for ethics-related matters.
The Group has formulated the Code of Business Conduct and Ethics, which is reviewed regularly and overseen by the Board of Directors to ensure its effectiveness. All employees and third parties associated with the Group must comply fully with this Code during commercial activities. We provide training on the Code for all employees, including both full-time and part-time staff, as well as for suppliers.
VNET maintains a “zero-tolerance” stance toward all forms of corruption and is committed to preventing and combating corrupt practices through effective measures that safeguard an ethical operating environment.
The Group has established and continuously enhances its anti-corruption management system by referring to the Anti-bribery Management Systems (ISO 37001). Internal frameworks, such as the Integrity Inspection System and the Gift Registration System have been implemented to strengthen accountability mechanisms. Additionally, the Group has strengthened the “Dual Responsibility” system for senior executives, ensuring that all executives sign anti-fraud accountability agreements to promote the effective implementation of anti-corruption efforts.
To regulate the business ethics of partners, we have formulated the Supplier Code of Conduct, requiring suppliers to establish corresponding policies, codes of conduct, and operational procedures to eliminate any form of bribery, corruption, or fraud. Compliance reviews are conducted as needed. We also require all employees, third-party suppliers, and customers to sign the Anti-bribery Commitment Letter, pledging adherence to relevant laws, regulations, and Group policies to collectively maintain an integrity-based ecosystem.
We have integrated anti-corruption risks into the enterprise-wide risk management system and continuously conduct risk identification and assessment on key risk positions and critical business processes. Annual risk identification processes—including business process analysis, and historical case reviews—are conducted to pinpoint potential corruption risks. This year, we proactively analyzed risks through methods including employee anonymous surveys, interviews with key positions, partner visits, and data analysis. For identified anti-corruption risks, relevant departments investigate, analyze, and assess risk likelihood and impact, and formulate mitigation strategies tailored to risks of different natures or levels. The relevant departments track the risks and ensure the effective implementation of the measures taken, with the integrity department overseeing the implementation.
The Group emphasizes robust anti-corruption audits and monitoring mechanisms, employing formal audit procedures encompassing risk assessments, internal control testing, contract reviews, analytical procedures, and interview protocols. Anti-corruption audits are conducted regularly across procurement and sales, human resources, construction activities, etc. The Group’s anti-corruption audits cover all office operation locations every year and all business segments at least every three years. The Group has obtained the ISO 37001 certification, with full coverage across all office operation locations.
VNET has joined the Enterprise Anti-Fraud Alliance and the Trust and Integrity Enterprise Alliance. We actively participate in industry exchanges on anti-fraud and integrity risk prevention, and are committed to integrating into the industry-wide collaborative ecosystem for integrity. This engagement provides valuable insights into broadening perspectives on integrity risk prevention and upholding the principles of ethical and compliant business practices.
In 2025, there were no concluded legal cases regarding corrupt practices corrupt practices brought against the Group or its employees.
VNET is committed to creating an open and transparent working environment and encourages employees, customers, suppliers, and other stakeholders to report any suspected violations. The Group has established formal whistleblowing and grievance procedures, along with a dedicated department and personnel responsible for overseeing these mechanisms, ensuring timely and professional handling of all reports. Stakeholders may submit reports either anonymously or non-anonymously. This year, the Group has expanded its reporting channels by adding new options, such as a dedicated section on the corporate website, a reporting QR code, an internal network platform, in addition to the existing email, mailbox, whistleblowing hotline, and offline reporting channels. The Group also accepts feedback and supervision from relevant parties through third-party reporting channels, such as labor protection supervision authorities. We have also provided training to employees on how to use these reporting channels and familiarize themselves on such available avenues and procedures.
The Group respects and protects whistleblowers and complainants, strictly controlling the scope of access to internal whistleblowing and complaint information. Investigative materials are kept confidential and rigorously safeguarded through technical encryption, physical segregation, and other measures. Personal information is not disclosed without the consent of the complainant or whistleblower, ensuring their rights and interests are fully protected. The Group adopts a zero-tolerance policy toward investigators who breach confidentiality obligations, fail to perform their duties properly, or retaliate against complainants/whistleblowers, as well as individuals who take hostile actions against investigators. Such violations will be met with severe disciplinary action in accordance with the law, with egregious cases referred to judicial authorities for prosecution.
To build a transparent and ethical culture, the Group delivers multi-dimensional training and awareness programs on anti-corruption to strengthen all employees’ capabilities in preventing corruption risks. This year, we set up a dedicated integrity education column and published 23 educational videos and articles, reaching 5,300 readers, and the coverage rate of anti-corruption training for directors and employees reached 100%.
Contact Us
marketing@vnet.com
