Vodafone : Publication - 2017 Annual Report & 2017 AGM Notice

Vodafone Group Plc ('Vodafone' or the 'Company')

Publication of the 2017 Annual Report and 2017 Annual General Meeting Notice

Vodafone will today publish on the Company's website its Annual Report for the year ended 31 March 2017 (the 'Annual Report'), together with its 2017 Annual General Meeting Notice (the 'AGM Notice'). The Annual Report is available at vodafone.com/ar2017 and the AGM Notice is available at vodafone.com/agm.

In compliance with Listing Rule 9.6.1 of the UK Financial Conduct Authority ('FCA'), the 2017 Annual Report and AGM Notice will in due course be available for inspection atwww.morningstar.co.uk/uk/NSM

In accordance with FCA's Disclosure and Transparency Rule 6.3.5, the Appendix to this announcement contains a description of the principal risks and uncertainties affecting the Group, related party transactions and a responsibility statement.

A condensed set of Vodafone's financial statements and information on important events that have occurred during the financial year ended 31 March 2017 and their impact on the financial statements were included in Vodafone's final results announcement released on 16 May 2017. That information, together with the information set out below, which is extracted from the 2017 Annual Report, constitute the material required by Disclosure and Transparency Rule 6.3.5 which is required to be communicated to the media in full unedited text through a Regulatory Information Service. This announcement is not a substitute for reading the full 2017 Annual Report. Page and note references in the text below refer to page numbers in the 2017 Annual Report and notes to the financial statements.

APPENDIX

PRINCIPAL RISK FACTORS AND UNCERTAINTIES

A description of the principal risks and uncertainties that the Company faces is extracted from pages 28 to 34 of the 2017 Annual Report.

Identifying and managing our risks

We have a global framework for identifying and managing risk within our defined tolerance, both at an operational and strategic level. The framework has been designed to provide the Executive Committee and Board with a clear line of sight over risk and to enable informed decision making.

Our risk management framework

Our external operating environment is subject to constant and sometimes rapid change. We must be able to take appropriate levels of risk to protect our market position and take advantage of opportunities. Equally, failure to manage risk could have an adverse impact on the achievement of our strategic goals.

To understand our risk profile and align it with our objectives and decision making processes, we operate a global framework that ensures we identify risk, set tolerance levels and consistently manage risk across our business. This also allows us to consolidate our view on risk looking across all local markets, functions and specialist areas. This line of sight gives management the information they need to make the right decisions for our business.

Identify

- Risks identified in each Vodafone local market and entity

- Strategic risk reviews with senior leadership

- Group principal risks reviewed and agreed by Executive Committee and the Board

Measure

- Risk tolerance set by Executive Committee and the Board for all principal risks

- Consolidation and escalation across the Group using standardised scoring and categorisation

Manage

- Controls set to manage the risk within tolerance and ownership defined

- Risk action plans created to manage risks within tolerance

Monitor

- Co-ordinated assurance across the 'three lines of defence' assesses the effectiveness of controls

Report

- Inform the Executive Committee and Board on how effectively risks are being managed within tolerance

- Risk management information used to inform strategy, capex and resourcing decisions

Assurance and oversight of risks

In order to provide the Executive Committee, Audit & Risk Committee and Board with a clear view on how we mitigate our principal risks and whether the mitigations are effective, we apply a model of co-ordinated assurance. Our Risk, Compliance and Internal Audit communities work together on planning, executing and reporting assurance activities to ensure that there is adequate coverage across the control environment with a robust level of independent testing.

Information gathered through our coordinated assurance process is provided to the relevant committees to help drive informed decision making. It also helps senior management to understand our overall risk profile, current levels of control and the culture of our business.

Strengthening our framework

We constantly strive to improve risk management and have made the following enhancements over the last 12 months:

A consistent reporting and oversight methodology has been extended across all local markets and group entities;

We have increased our engagement with risk owners to increase monitoring of key risks, actions and indicators;

We have invested in a global risk tool, which allows us to standardise the data stored on all risks and to share information across the Group;

We have worked to develop our risk community through best practice sharing, training and our annual Global Risk Forum.

Our principal risks

We undertake a two stage process to identify our principal risks. All local markets and entities identify their priority risks which are consolidated into a Group wide view. We then conduct interviews with over 40 senior leaders to gain their insights. The results of both exercises are consolidated to produce our principal risks, as reported here.

Key changes in the year

Our risk profile remains stable relative to last year, with the following updates:

• The two technology risks are now considered separately, as the causes for these are different (now risks 5 and 7).

• The Customer Experience Excellence risk now focusses on digital capability (risk 8)

• The adverse political measures risk now includes upcoming 5G auctions (risk 3).

1. Cyber threat and information security - External or internal attack resulting in service unavailability or data breach.2. Market disruption - Disruptive technology, changes in competitor business models, lack of agility3. Adverse political and regulatory measures - Excessive pricing of 5G licences, tax authority challenges, changing national politics4. Failure to converge and integrate acquisitions - Incumbent re-monopolisation, failure to access critical content, inability to integrate acquisitions5. IT transformation failure - IT transformation failures impacting NPS6. Unstable economic conditions / inadequate liquidity - Global financial crisis reducing consumer spending and ability to refinance7. Technology failure - Failure of critical IT, fixed or mobile assets causing service disruption8. Failure to deliver on digital transformation and CXX - Failure to create a differentiated, digital customer experience9. Non-compliance with legal and regulatory requirements - Non-compliance with laws, regulations, network licence requirements10. Failure to deliver major Enterprise contracts profitably - Failure to meet commitments and/or deliver at appropriate profitability levels11. EMF health related risks - EMF found to pose health risks causing reduction in mobile usage or litigation

Cyber threat and information security

Executive Committee risk owners: Johan Wibergh / Matthew Kirk

Risk movement: Stable

Risk category: Operational

Link(s) to the strategic programmes: Network leadership / Customer eXperience eXcellence / People and culture

What is the risk?

A successful cyber-attack or internal event could result in us not being able to deliver service to our customers and/or failing to protect their data.

What is the impact?

Failing to protect our customer information and service availability could have major customer, financial, reputational and regulatory impact in all markets in which we operate.

What is our target tolerance position?

We aim for a secure digital future for our customers. Security underpins our commitment to protecting our customers with reliable connections and keeping their data safe.

This corresponds to strong preventative, detective and responsive controls to minimise the risk of a successful attack.

How do we manage it?We have a risk based security strategy that is delivered by a leading cyber defence team who implement customer-focused security controls centrally and in local markets, and we have embarked on a continuous improvement programme to mitigate the changing threats we face.

Key risk indicators

We monitor multiple trends including:

Privileged user access levels

Confirmed security incidents

Critical vulnerabilities

Changes since last report

Organisations in all sectors are targeted by an increasing volume and sophistication of cyber attacks. We have continued to: improve our cyber defences; upgrade our internal controls; and educate our people, suppliers and customers on how to protect our customers' information and communications, networks and assets.

Market disruption

Executive Committee risk owner: Serpil Timuray

Risk movement: Increased

Risk category:Strategic

Link(s) to the strategic programmes: Network leadership / Customer eXperience eXcellence

What is the risk?

We face increased competition from a variety of new technology providers, new market entrants and competitor consolidation. We must be able to keep pace with new technology and to compete in changing markets.

What is the impact?

Our market position and revenues could be damaged by failing to provide the services that our customers want at a fair price.

What is our target tolerance position?

We aim for a fair and competitive environment in all of our markets, and adopt strategies to deliver this through the use of innovative products, services and pricing models. We also work with regulators and governments to ensure a fair and competitive environment.

How do we manage it?

We aim to offer a superior customer experience and continually improve our offering through a wide set of innovative products and services, including fixed and mobile content, IoT and voice over LTE.

We monitor the competitor landscape in all markets, and react appropriately; working to make sure each market has a fair and competitive environment.

Key risk indicators:

Trends in competitor behaviour and new technologies

Level of customers actively using our new products and services

Changes since last report

This risk has increased due to a growing use of OTT voice apps, changing competitor business models and new entrants in some of our markets. In the case of new competitors, we have responded by changing our approach such as entering into a joint venture in India, to ensure that we remain in the best possible position to compete.

Adverse political and regulatory measures

Executive Committee risk owners: Nick Read / Matthew Kirk

Risk movement: Increased

Risk category: Financial

Link(s) to the strategic programmes: Network leadership / Fit for Growth

What is the risk?

We operate under licence in most markets and face regular changes in regulation, law and operating environments. Significant adverse changes, for example to tax laws, spectrum pricing or an unfavourable regulatory landscape for multi-national companies, could impact our ability to do business in our preferred manner.

What is the impact?

If the cost of operations were to significantly increase, directly or indirectly, this would impact our profitability and returns to shareholders.

What is our target tolerance position?

We seek actively to engage with governments and tax authorities to encourage good working relationships and to help shape potential impacts of legislative change on the Group.

We look for spectrum auctions to be fair for all participants both in terms of ability to access auctions and pricing of spectrum.

How do we manage it?

We maintain constructive but robust engagement with tax authorities, relevant government representatives and non-governmental organisations, as well as active engagement with a wide range of international companies and business organisations with similar issues.

We plan our approach to spectrum auctions to ensure we achieve fair access at sustainable prices.

Key risk indicators

We monitor

- Public sentiment, changes to laws and regulations, number and value of disputes across the Group

- Benchmarking of spectrum cost between countries

Changes since last report

This risk has increased due to the evolution of national politics, which could have an impact on multinational companies, the potential for government spectrum auctions to push pricing for 5G beyond reasonable levels, and increasing instability in some of our markets.

Failure to converge and integrate acquisitions

Executive Committee risk owner:Serpil Timuray

Risk movement: Decreased

Risk category: Strategic

Link(s) to the strategic programmes: Network leadership / Customer eXperience eXcellence / Fit for Growth

What is the risk?

We face competition in key markets from providers who have the ability to sell converged services on their existing infrastructure, with regulation that often fails to deliver a level playing field across fixed and content markets.

What is the impact?

If we fail to deliver converged services, either through not being able to access infrastructure or content at a reasonable price, or through ineffective integration of acquired fixed assets, this could lead to higher customer churn and / or significant downward pressure on prices.

What is our target tolerance position?

We seek a sustainable competitive position to protect our mobile market share and grow our fixed, broadband and TV activities in markets with increasing convergence.

How do we manage it?

We actively look for opportunities, in all markets, to provide services beyond mobile through organic investment, acquisitions, partnerships, or joint ventures.

We carefully manage the integration of acquired business and joint ventures through the alignment of policies, processes and systems to ensure maximum benefit is delivered.

Key risk indicators

We track various metrics around:

Achievement of synergies

Next Generation Network (NGN) reach

Available assets

Number of converged accounts

Changes since last report

This risk has decreased overall due to successful merger activities, improved access to assets and an increased number of converged customers. However, we need to continue to focus on ensuring our mobile our fixed customer bases are fully converged, and that we successfully integrate and manage our acquired assets.

IT Transformation failure

Executive Committee risk owner: Johan Wibergh

Risk movement:Stable

Risk category: Operational

Link(s) to the strategic programmes: Network leadership / Customer eXperience eXcellence / Fit for Growth

What is the risk?

As we undertake major IT change programmes in a number of markets, there is a risk that these projects disrupt services or do not provide the benefits that they should in a timely manner.

What is the impact?

A significant implementation and migration failure resulting in a major impact on our customers, revenues, costs and reputation.

What is our target tolerance position?

We seek successful IT Transformation initiatives as the vehicle for delivering a great customer experience, high quality reliable systems, improving our time to market and enabling best in class digital capabilities.

How do we manage it?

We use a standardised programme methodology across all major IT transformation programmes to ensure a high quality start up process and increase the certainty of the outcome.

We ensure careful testing of all new developments, particularly customer-facing solutions, prior to go-live.

Key risk indicators

We consider trends in -

Customer disruption

Unplanned spend

Return on capital employed

Changes since last report

We have launched a new global approach to IT transformation programmes. The process was designed to ensure that lessons learnt from previous transformation projects are fed into new projects to encourage consistency and strengthen governance.

Unstable economic conditions / inadequate liquidity

Executive Committee risk owner: Nick Read

Risk movement: Stable

Risk category: Financial

Link(s) to the strategic programmes: Fit for Growth

What is the risk?

As a multinational business, we operate in many countries and currencies so changes to global economic conditions can impact us. This could be because another global crisis results in reduced spending power for customers or because a relative strengthening or weakening of the major currencies in which we transact could impact our profitability and cash flow.

What is the impact?

The potential for another global financial crisis may lead to further economic instability and subsequent reductions in corporate and consumer spending or an impact on capital markets that could restrict our refinancing requirements.

What is our target tolerance position?

We take a conservative approach to financial risks which reflects our diverse business.

We carefully manage our liquidity and access to capital markets to limit our exposure to unstable economic conditions.

How do we manage it?

We maintain access to long and short term capital markets through diversified sources of funding.

We forecast with contingencies in our business plans to cater for negative operational impacts that could occur from a variety of drivers including the impact from lower economic growth than is generally expected.

Key risk indicators

Current credit rating

Average life and cost of debt

Currency and interest rate exposures

Monitoring of economic and financial market drivers

Changes since last report

We have taken action to increase the average life of our bond debt and interest rate fixing, thereby respectively reducing our refinancing risk and interest rate risk to material inflationary impacts.

Technology failure

Executive Committee risk owner:Johan Wibergh

Risk movement: Stable

Risk category: Operational

Link(s) to the strategic programmes: Network leadership / Customer eXperience eXcellence

What is the risk?

If our network or IT systems fail, voice, video or data transmissions may be significantly interrupted. We need to ensure that our critical assets are protected and our systems are resilient, so that the impact on our customers is avoided or minimised.

What is the impact?

Major incidents caused by suppliers, natural disasters or an extreme technology failure, although rare, could result in the complete loss of a key technology site causing severe impact on our customers, revenues and reputation.

What is our target tolerance position?

Our customer promise is based on reliable availability of our network, therefore the recovery of critical mobile, fixed and IT services must be fast and robust.

How do we manage it?

Unique recovery targets are set for critical sites to limit the impact of service outages. A global policy supports these targets with minimum controls to ensure effective resilience.

We monitor the lifespan of critical assets and maintain back up where necessary

Key risk indicators

Number of critical sites able to meet the recovery targets

Levels of incidents / near misses

Changes since last report

This risk is considered stable as we continue to implement improvements to the resilience capabilities of our critical mobile, fixed and IT sites.

Failure to deliver on digital transformation and CXX

Executive Committee risk owner: Serpil Timuray

Risk movement: Increased

Risk category: Operational

Link(s) to the strategic programmes: Network leadership / Customer eXperience eXcellence / People and culture

What is the risk?

Failure to deliver a digital, differentiated and superior experience to our customers in store, online and by phone, could diminish our brand and reputation. To do this we need to be agile with strong digital capabilities.

What is the impact?

This risk is relevant to all our markets, in both our consumer and Enterprise businesses.

Failure to deliver on our digital and customer experience objectives could result in lack of differentiation leading to increased customer churn and eventual loss of market share.

What is our target tolerance level?

The Customer Experience Excellence (CXX) programme is designed to ensure the customer is always at the heart of everything we do.

We have a customer experience framework and facilitate best practice sharing and support to local markets.

How do we manage it?

We have central and local CXX teams in place

Minimum standards and implementation plans have been developed for each local market. We link our senior leader's remuneration to customer appreciation KPIs. Benchmarking is underway on digital capabilities in each market.

Key risk indicators

Measurement of NPS

Implementation and monitoring of minimum CXX standards

Changes since last report

This risk has been expanded to include a focus on delivering a differentiated digital experience for our customers. For this reason, the risk is considered increased, despite the continued success of our CXX programme.

Non compliance with legal and regulatory requirements

Executive Committee risk owners: Rosemary Martin / Matthew Kirk

Risk movement: Stable

Risk category: Legal and Regulatory

Link(s) to the strategic programmes: Customer eXperience eXcellence / People and culture

What is the risk?

Vodafone must comply with a multitude of local and international laws as well as more specific regulations. These include licence requirements, customer registration, data privacy, anti-money laundering, competition law, anti-bribery law and economic sanctions.

What is the impact?

Non-compliance with legislation or regulatory requirements could lead to reputational damage, financial penalties and/or suspension of our license to operate.

What is our target tolerance level?

We seek to comply with all applicable laws and regulations in all of our markets.

We seek to process personal data honestly, ethically, with integrity, and always consistent with applicable laws and our values.

How do we manage it?

We have subject matter experts in legal and regulatory teams at a local and global level, and a robust policy compliance framework.

We train our employees in 'Doing what's right', our training and awareness programme which sets our ethical culture across the organisation and ensures employees understand their role in ensuring compliance.

Key risk indicators

Results of the annual compliance testing programme

Number of Speak Up cases in each market

Changes to applicable legal and regulatory requirements

Changes since last report

With mature compliance programmes in place, this risk remains stable. We actively seek to improve these programmes and this year will see a focus on ensuring compliance with the EU General Data Protection Regulation.

Failure to deliver major Enterprise contracts profitably

Executive Committee risk owner: Brian Humphries

Risk movement: Decreased

Risk category: Operational

Link(s) to the strategic programmes: Fit for Growth / People and culture

What is the risk?

If we do not understand the needs of our Enterprise customers and contract on the correct basis to account for the complexity of requirements, we will not be able to profitably deliver services.

What is the impact?

Failure to deliver these Enterprise services profitably may lead to a reduction in our expected revenue and could impact our credibility to deliver on large, complex deals.

What is our target tolerance level?

We pursue, win and deliver new Enterprise business profitably.

We deliver against the commitments made to the customer and will manage change throughout.

We will deliver the best customer experience at every interaction with Vodafone

How do we manage it?

We manage the commercial and reputational risks through strict new product development, deal governance, customer solution delivery and service management processes.

Key risk indicators

We track trends in

NPS

Revenue and major contract profitability

Order completion rates

Cumulative deal risk

Changes since last report

Due to the successful implementation of a number of process improvements, this risk has decreased. We have improved deal governance and now have stronger in-life contractual management processes.

Electro-magnetic fields related health risks

Executive Committee risk owner: Matthew Kirk

Risk movement: Stable

Risk category: Operational

Link(s) to the strategic programmes: Network leadership / Customer eXperience eXcellence / People and culture

What is the risk?

Electromagnetic signals emitted by mobile devices and base stations may be found to pose health risks, with potential impacts including: changes to national legislation, a reduction in mobile phone usage or litigation.

What is the impact?

This is an unlikely risk; however, it would have a major impact on services used by our customers in all our markets - particularly in countries that have a very low tolerance for environmental and health related risks.

What is our target tolerance position?

Vodafone does not want to expose anyone to levels of EMF above those mandated by regulators.

We comply with national standards, where existing, and with our own EMF policy, based on international science guidelines. Our vision is to lead within the industry in responding to public concern about mobiles, masts and health.

How do we manage it?

Our Group EMF Board manages potential risks through cross sector initiatives and oversees a global programme to respond to public concern.

We monitor scientific developments and engage with relevant bodies to support the delivery and transparent communication of the scientific research agenda set by the World Health Organisation.

Key risk indicators

We monitor:

Scientific research

International standards and guidelines

Public perception

Compliance with EMF policies

Changes since last report

There are no material changes to the risk.

Brexit implications

The Board continues to keep the possible implications of Brexit for Vodafone's operations under review.

A cross-functional team, led by two Executive Committee members, has identified ways in which Brexit might affect the Group's operations. Despite the Article 50 Notice having been served, there remains insufficient information about the likely terms of the post-Brexit arrangements between the UK and the EU, as well as about any possible transitional arrangements, to draw any conclusions about the probable impact.

Although we are a UK headquartered company, a very large majority of our customers are in other countries, accounting for most of our revenue and cash flow. Each of our national operating companies is a standalone business, incorporated and licensed in the jurisdiction in which it operates, and able to adapt to a wide range of local developments. As such, our ability to provide services to our customers in the countries in which we operate, inside or outside the EU, is very unlikely to be affected by Brexit. We are not a major international trading company, and do not use passporting for any of our major services or processes.

Depending on the arrangements agreed between the UK and the EU, two issues that could directly affect our operations, in both cases potentially causing us to incur additional cost, are:

- creation of a data frontier between the UK and the EU: the inability to move data freely between the UK and EU countries might cause us to have to move some technical facilities, and affect future network design.

- inability to access the talent we need to run a multinational Group operation from the UK: increased controls over or restrictions to our ability to employ leading talent from non UK markets could cause us to have to adjust our operating model to ensure that we attract and retain the best people for the roles we have.

A further, indirect, issue that could affect our future performance would arise if the Brexit process caused significant revisions to macro-economic performance in our major European markets including the UK, thus affecting the economic climate in which we operate, and in turn impacting the performance of the operating companies in those markets.

Long-Term Viability Statement

In accordance with the UK Corporate Governance Code, the Directors have assessed the prospects of the Group over a period significantly longer than 12 months from the approval of the financial statements. The Board has concluded that the most relevant time period for this assessment should be three years to align with the Group's normal business forecasting cycle and the long range plan to 31 March 2020, as well as taking into consideration the pace of ongoing change in the telecoms industry. The assessment for this three year period includes consideration of the forecast cash flows and obligations of Vodafone India.

The plans and projections prepared as part of this forecasting cycle include the Group's cash flows, committed and required funding and other key financial ratios. They were drawn up on the basis that debt refinance will be available in all plausible market conditions and that there will be no material changes to the business structure over the review period. As of 31 March 2017, the Group had sources of liquidity (primarily comprised of certain cash and cash equivalent balances) and available facilities, of €18.8 billion, which includes undrawn Revolving Credit Facilities expiring in FY2020/21.

The Risk Management Framework on page 28 outlines the approach the Board has taken to identifying and managing risk. In making this statement, the Board carried out a robust assessment of the principal risks facing the Group, detailed on pages 30 to 33, including those that would threaten its business model, future performance, solvency or liquidity.

Against this background, the output of the long-range plan has been used to perform central debt profile and cash headroom analysis, including a review of sensitivity to 'business as usual' risks to revenue and profit growth. In addition, severe but plausible scenarios in the event of each of the principal risks materialising individually and where multiple risks occur in parallel, were also tested. This combined scenario included the impact of failing to execute key elements of our strategy and respond to market disruption resulting in a significant loss of market share to converged and OTT players. This was considered together with a major cyber-attack and a subsequent GDPR fine, as well as the macro political uncertainty resulting in restricted access to capital markets and devaluation of emerging market currencies.

To assess viability, the headroom position under these scenarios has been calculated using the cash and facilities available to the Group. The assessment took into account the availability and likely effectiveness of the mitigating actions that could be taken to reduce the impact of the identified underlying risks. The headroom remained positive in all scenarios tested.

Having considered the principal risks that the Group may face, the Directors consider that this stress-testing based assessment of the Group's prospects is reasonable in the circumstances, taking into account the inherent uncertainty involved. Although this review has considered severe but plausible scenarios relevant to the Group, any such review cannot consider all risks which may occur, therefore an overall view of the total level of risk required to impede our viability was also considered. The cash and available facilities at year end, along with the mitigating actions available to reduce cash outgoings, provides a sufficient level of headroom.

Based on the results of their analysis, the Directors confirm that they have a reasonable expectation that the Group will be able to continue in operation and meet its liabilities as they fall due over the three-year period ending 31 March 2020.

RELATED PARTY TRANSACTIONS

The Group has a number of related parties including joint arrangements and associates, pension schemes and Directors and Executive Committee members (see note 12 'Investments in associates and joint arrangements', note 26 'Post employment benefits' and note 24 'Directors and key management compensation' to the consolidated statements in the 2017 Annual Report).

Transactions with joint arrangements and associates

Related party transactions with the Group's joint arrangements and associates primarily comprise fees for the use of products and services including network airtime and access charges, fees for the provision of network infrastructure and cash pooling arrangements.

No related party transactions have been entered into during the year which might reasonably affect any decisions made by the users of these consolidated financial statements except as disclosed below.

Note:

1 Amounts arise primarily through VodafoneZiggo, Vodafone Hutchison Australia, Indus Towers Limited and Cornerstone Telecommunications Infrastructure Limited. Interest is paid in line with market rates.

Dividends received from associates and joint ventures are disclosed in the consolidated statement of cash flows.

Transactions with Directors other than compensation

During the three years ended 31 March 2017, and as of 16 May 2017, no Director nor any other executive officer, nor any associate of any Director or any other executive officer, was indebted to the Company.

During the three years ended 31 March 2017 and as of 16 May 2017, the Company has not been a party to any other material transaction, or proposed transactions, in which any member of the key management personnel (including Directors, any other executive officer, senior manager, any spouse or relative of any of the foregoing or any relative of such spouse) had or was to have a direct or indirect material interest.

DIRECTORS' RESPONSIBILITY STATEMENT

As set out above, this statement is repeated here solely for the purposes of complying with Disclosure and Transparency Rule 6.3.5. This statement relates to and is extracted from the 2017 Annual Report.

Responsibility is for the full 2017 Annual Report not the extracted information presented in this announcement and the final results announcement.

Each of the Directors, whose names and functions are listed on pages 48 and 49 confirm that, to the best of their knowledge:

- the consolidated financial statements, prepared in accordance with IFRS as issued by the IASB and IFRS as adopted by the EU, give a true and fair view of the assets, liabilities, financial position and profit of the Group;

- the parent company financial statements, prepared in accordance with United Kingdom generally accepted accounting practice, give a true and fair view of the assets, liabilities, financial position and profit of the Company; and

- the Strategic Report includes a fair review of the development and performance of the business and the position of the Group together with a description and carried out a robust assessment of the principal risks and uncertainties that it faces.

The Directors confirm that they have carried out a robust assessment of the principal risks of the Group.

The Directors are also responsible under section 172 of the Companies Act 2006 to promote the success of the Company for the benefit of its members as a whole and in doing so have regard for the needs of wider society and stakeholders, including customers, consistent with the Group's core and sustainable business objectives. Having taken advice from the Audit and Risk Committee, the Board considers the report and accounts, taken as a whole, is fair, balanced and understandable and that it provides the information necessary for shareholders to assess the Company's position and performance, business model and strategy.

Neither the Company nor the Directors accept any liability to any person in relation to the Annual Report except to the extent that such liability could arise under English law. Accordingly, any liability to a person who has demonstrated reliance on any untrue or misleading statement or omission shall be determined in accordance with section 90A and schedule 10A of the Financial Services and Markets Act 2000.

By Order of the Board

Rosemary Martin

Group General Counsel and Company Secretary

16 May 2017

This document contains 'forward-looking statements' within the meaning of the US Private Securities Litigation Reform Act of 1995 with respect to the Group's financial condition, results of operations and businesses and certain of the Group's plans and objectives. Forward-looking statements are sometimes, but not always, identified by their use of a date in the future or such words as 'will', 'anticipates', 'aims', 'could', 'may', 'should', 'expects', 'believes', 'intends', 'plans' or 'targets'. By their nature, forward-looking statements are inherently predictive, speculative and involve risk and uncertainty because they relate to events and depend on circumstances that will occur in the future. There are a number of factors that could cause actual results and developments to differ materially from those expressed or implied by these forward-looking statements. A review of the reasons why actual results and developments may differ materially from the expectations disclosed or implied within forward-looking statements can be found under 'Forward-looking statements' on page 217 of the 2017 Annual Report. All subsequent written or oral forward-looking statements attributable to the Company or any member of the Group or any persons acting on their behalf are expressly qualified in their entirety by the factors referred to above. No assurances can be given that the forward-looking statements in this document will be realised. Subject to compliance with applicable law and regulations, Vodafone does not intend to update these forward-looking statements and does not undertake any obligation to do so.