1.3 Double materiality assessment

At PostNL, we engage with internal and external stakeholders on a wide range of sustainability matters across the environmental, social, and governance (ESG) domains. To identify the most relevant topics, we apply a dual approach: assessing the impact of PostNL on society and its stakeholders (inside-out), and the risks and opportunities that sustainability developments present for PostNL (outside-in). This approach is known as the double materiality assessment (DMA).

Double materiality assessment

In 2025, we reassessed the relevance of the material topics identified in previous years, evaluated whether any new topics should be added and considered whether the previously identified material topics remain material. While our ambition is to update the DMA ahead of each financial year, the introduction and phased implementation of the CSRD in 2024 required an initial reassessment to take place in 2025. As a result, the update was scheduled for and completed in the second quarter of the year.

DMA 2024: starting point

For the 2025 DMA update, we used our finalised 2024 DMA, including value chain identification and mapping, as the starting point. In 2024, PostNL conducted its DMA in line with the ESRS requirements. The process began with identifying relevant ESG topics, drawing on a broad range of inputs, including previous assessments, stakeholder dialogues, desktop research, and internal documentation. A comprehensive mapping of PostNL’s business activities and value chain helped determine where sustainability matters are caused, contributed to, or linked to the company’s operations. The DMA covered both impact materiality (inside-out) and financial materiality (outside-in), applying ESRS-defined parameters and thresholds aligned with PostNL’s Enterprise Risk Management (ERM) framework.

Following the identification and assessment of sustainability matters, the outcomes were validated through internal consultations and external stakeholder sessions, including business partners, investors, NGOs, and employee representatives. Final approval was provided by the Board of Management and the Supervisory Board, ensuring strategic alignment and governance oversight. The outcome was a list of 21 material topics for 2024, each mapped to the value chain and ESRS topical standards. Non-material topics continue to be monitored and addressed through broader environmental strategies. The DMA is considered an ongoing process, with continuous improvement and integration into strategic planning and governance. For more information, we refer to the Double materiality assessment disclosure in the 2024 Annual Report.

DMA 2025: update

Our 2025 DMA update focused on confirming the continued relevance of the 2024 material topics and to assessing whether any new topics should be added or existing ones removed. The process follows a structured approach:

• Benchmarking and trend analysis – we compared our material topics with those of peers and reviewed in collaboration with internal stakeholders key external developments to assess whether changes in stakeholder expectations or sustainability risks required adjustments
• Assessment of changes during year - we evaluated whether any triggers, such as significant changes in our industry context, business activities, value chain, operating environment, or significant internal or external events, required reassessment. No such triggers were identified, and our value chain and business model remained stable. This assessment took into account PostNL’s new 2025 strategy, as described in the Our Strategy chapter in the Business Report
• Validation and governance – the outcomes were reviewed by the CSRD Steering Committee, formally approved by the Board of Management, and discussed with the Audit Committee.

As of 2025, cybersecurity is no longer included as a material IRO within S4 Consumers & End-users, sub-sub topic Access to Products and Services. Following our assessment, cybersecurity was found to relate primarily to the availability of products and services rather than the accessibility. It is therefore classified as an operational risk, managed within PostNL’s Enterprise Risk Management framework and addressed in the Risk Management Statement (VOR) and the Corporate Governance section of this report. While not material under the CSRD criteria, cybersecurity remains a key operational priority for PostNL.

The assessment concluded that no new material topics were required. As such, the 2024 material topics remain relevant and are addressed in full in the sustainability statements.

DMA 2026: outlook

In the 2026 we continue to build on the previous DMA cycles while implementing a more standardised assessment process, developed in close alignment with PostNL’s ERM framework. Further integration of the DMA and ERM processes will streamline future assessments and ensure a consistent approach to identifying and evaluating (potentially) material ESG topics. The 2026 DMA will be supported by dedicated assessments, including a Climate Risk & Resilience Assessment and a Human Rights Salience Assessment. These provide deeper insights into specific ESG topics and complement the overall DMA process. Existing material topics and IROs will be reassessed, while potential new topics will be evaluated for inclusion. We are embedding this standardised DMA cycle into our broader governance and reporting structure, ensuring that materiality assessments become an integral and recurring part of our strategy and risk management processes.