REPORT ON GOVERNANCE CORPORATE AND OWNERSHIP STRUCTURE OF DOVALUE S.P.A. IN ACCORDANCE WITH ART. 123(2) OF THE CONSOLIDATED FINANCE LAW.

Approved by the Board of Directors on 23 March 2023

Leading the evolution of the servicing industry

Report on Corporate Governance and ownership structure of doValue S.p.A. pursuant to Article 123 bis of the Consolidated Law on Finance

Registered Office: Viale dell'Agricoltura, 7 - 37135 Verona Fully paid-up share capital €41,280,000.00 Registration at the Companies Register, Chamber of Commerce Industry Crafts and Agriculture of Verona and Tax Code no. 00390840239 Economic & Administrative Index no.: VR/19260 - VAT no. 02659940239 www.doValue.it

Report on Corporate Governance and Ownership Structure - 2022 Financial Year

GLOSSARY 4
1. ISSUER'S PROFILE 7
2 INFORMATION ON SHAREHOLDERS (pursuant to Article 123-bis, paragraph 1, TUF) AS OF 31
DECEMBER 2022 10
a) Share capital structure (pursuant to Article 123-bis(1)(a) TUF) 10
b) Restrictions on the transfer of securities (pursuant to Article 123-bis(1)(b) TUF) 11
c) Significant shareholdings in the capital (pursuant to Article 123-bis(1)(c) TUF)11
d) Securities conferring special rights (pursuant to Article 123-bis(1)(d) TUF) 11
e) Employee shareholding: mechanism for exercising voting rights (pursuant to Art. 123 bis (1)(e) TUF) 11
f) Voting restrictions (pursuant to Art. 123 bis (1)(f) TUF) 11
g) Shareholder agreements known to doValue pursuant to Article 122 TUF (formerly Article 123-bis(1)(g) TUF) 11
h) Change of control clauses (pursuant to Article 123-bis(1)(h) of the Consolidated Law on Finance) and statutory provisions on takeover bids (pursuant to Article 104(1-ter) of the TUF) ) 11
i) Powers of attorney to increase the share capital and authorisations to purchase treasury shares (pursuant to Article 123-bis(1)(m) TUF)) 13
l) Management and co-ordination activities (pursuant to Article 2497 et seq. of the Italian Civil Code) 14
3 COMPLIANCE (pursuant to Article 123-bis(2)(a) first part, TUF) 15
4 BOARD OF DIRECTORS 16
4.0 ROLE OF THE BOARD OF DIRECTORS 16
4.1 APPOINTMENT AND REPLACEMENT (pursuant to Article 123-bis(1)(l), first part, TUF) 18
4.2 COMPOSITION (pursuant to Article 123-bis, paragraph 2, letters d) and d-bis), TUF) 21
4.3 OPERATION OF THE BOARD OF DIRECTORS (pursuant to Article 123-bis(2)(d) TUF) 30
4.4 ROLE OF THE CHAIRMAN OF THE BOARD OF DIRECTORS 32
4.5 EXECUTIVE DIRECTORS 34
4.6 INDEPENDENT DIRECTORS AND LEAD INDEPENDENT DIRECTOR 36
MANAGEMENT OF CORPORATE INFORMATION 38
Management of Inside Information 38
Internal Dealing 39
6 BOARD COMMITTEES (pursuant to Article 123-bis, Section 2(d), TUF) 41
7. SELF-ASSESSMENT AND SUCCESSION OF DIRECTORS - APPOINTMENTS AND REMUNERATION COMMITTEE 43
7.0 SELF-ASSESSMENT AND SUCCESSION OF DIRECTORS 43
8 DIRECTORS' REMUNERATION - APPOINTMENTS AND REMUNERATION COMMITTEE 46
8.0 DIRECTORS' REMUNERATION46
INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM - CONTROL AND RISKS COMMITTEE 50
9.0 CHIEF EXECUTIVE OFFICER 67
9.1 CONTROL AND RISKS COMMITTEE 69
	2

HEAD OF THE INTERNAL AUDIT FUNCTION 76
ORGANISATION MODEL pursuant to Italian Legislative Decree 231/2001 78
AUDITING FIRM 79
9.5 MANAGER IN CHARGE OF PREPARING THE CORPORATE ACCOUNTING DOCUMENTS AND OTHER COMPANY ROLES AND FUNCTIONS 80
COORDINATION BETWEEN ENTITIES INVOLVED IN THE INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM 82
10 INTERESTS OF DIRECTORS AND TRANSACTIONS WITH RELATED PARTIES 83
11 BOARD OF STATUTORY AUDITORS 84
APPOINTMENT AND REPLACEMENT 84
COMPOSITION AND OPERATION (pursuant to Article 123-bis, paragraph 2, letters d) and d- bis),
12 RELATIONSHIPS WITH SHAREHOLDERS 89
13 SHAREHOLDERS' MEETINGS 91
14 FURTHER CORPORATE GOVERNANCE PRACTICES (pursuant to Article 123-bis(2)(a), second part,
TUF) 94
15 CHANGES SINCE YEAR-END OF REFERENCE 95
16 CONSIDERATIONS ON THE LETTER OF THE CHAIRMAN OF THE CORPORATE GOVERNANCE
COMMITTEE 95
TABLES 97
TABLE 1: INFORMATION ON OWNERSHIP STRUCTURE AT THE DATE OF 31/12/2022 97
TABLE 2: STRUCTURE OF THE BOARD OF DIRECTORS AT THE YEAR-END DATE 99
TABLE 3: STRUCTURE OF THE BOARD COMMITTEES AT THE YEAR-END DATE 101
TABLE 4: STRUCTURE OF THE BOARD OF STATUTORY AUDITORS AT THE YEAR--END DATE . 102

GLOSSARY

Adsolum: Adsolum Real Estate S.L., with registered office at Calle José Echegaray, 6 - Las Rosas - Madrid, share capital of EUR 100,000, registered in the Madrid Register of Companies, tax code B67826578 and VAT number ES28065

Altamira Cyprus: Altamira Asset Management Cyprus Limited, with registered office at 1 Megalou Alexandrou Ave., 2235 Latsia, Nicosia, registered with the Cyprus Companies Register under No. HE 376434, VAT No. 10376434S.

Arpitan Capital, Arpitan Capital S.L., with registered office at calle Josè Echegaray, 6 Las Rozas de Madrid, Madrid, share capital of 100,000 euros, registered in the Madrid Register of Companies, tax code B10755866 Shareholders' Meeting: the doValue Shareholders' Meeting.

Avio: Avio S.à r.l., with registered office in Luxembourg, 26 Boulevard Royal, L-2449, tax code 97754310155 and VAT No. LU28038434, registered at the Companies Register of Luxembourg at No.

Self-Regulation Corporate Governance Code: the Self-Regulation Corporate Governance Code of listed companies approved, in its latest version, in July 2018 by the Corporate Governance Committee and promoted by Borsa Italiana S.p.A., ABI, Ania, Assogestioni, Assonime and Confindustria, replaced by the new Corporate Governance Code.

Corporate Governance Code: the code of listed companies approved in January 2020 by the Corporate Governance Committee and promoted by Borsa Italiana S.p.A., ABI, Ania, Assogestioni, Assonime and Confindustria which replaced the Self-Regulation Corporate Governance Code. The Corporate Governance Code is available at the page http://www.borsaitaliana.it/comitato-corporate-governance/codice/codice.htm and applies commencing from the first financial year starting after 31 December 2020, giving information to the market in the corporate governance report to be published during 2022.

Civil Code/ C.C.: the Italian Civil Code.

Board of Statutory Auditors: the doValue Board of Statutory Auditors.

Committee/CG Committee/Corporate Governance Committee: the Italian Committee for Corporate Governance of listed companies, promoted, as well as by Borsa Italiana S.p.A., by ABI, Ania, Assogestioni, Assonime and Confindustria.

Board Committees: Appointments and Remuneration Committee and the Risk, Related Party Transactions and Sustainability Committee, collectively.

Appointments and Remuneration Committee: the board committee set up on 13 May 2021 with investigative, proposing and advisory functions on Appointments and Remuneration matters. availing itself of the power set forth in Recommendation 16 of the Corporate Governance Code.

Risk, Related-Party Transactions and Sustainability Committee: the board committee set up on 15 July 2021, availing itself of the option set forth in Recommendation 16 of the Corporate Governance Code. with investigative,

propositional and advisory functions on the subject of Risk and Related-Party Transactions to which, on 16 December 2021, the functions relating to sustainability were also assigned, in compliance with Recommendation 1 of the Corporate Governance Code

Board of Directors: the doValue Board of Directors.

doData: doData S.r.l., with registered office in Rome, Via del Ghirlandaio 5, share capital EUR 100,000, enrolled in the Rome Register of Companies under no. RM-1345543, tax code and VAT no. 12034491006.

doNext (formerly Italfondiario S.p.A. with change of name as of 10 February 2022), doNext S.p.A. with registered office in Rome, Lungotevere Flaminio 18, share capital EUR 4,000,000, registered with the Companies' Register of Rome, in the R.E.A. under no. RM-30794, tax code 00399750587, VAT no. 00880671003.

doValue Cyprus: doValue Cyprus Limited, with its registered office at 20 Costi Palama Aspelia Court, 1096 Nicosia, Cyprus, registered in the Cyprus Register of Companies under No. HE 403669, tax code and VAT No. 10403669U.

doValue Greece: doValue Greece Loans and Credits Claim Management S.A., with registered office in 27, Kyprou & Archimedous Str. 18346 Moschato (Greece), VAT No. 099755919, GEMI Registration No. 121602601000.

doValue Greece Real Estate: doValue Greece Real Estate Services Single Member Société Anonyme with registered office at Kyprou & Archimidous 19-21, 18346 Moschato, Athens, VAT No: 801420067 GEMI Registration: 156425101000

doValue Portugal: doValue Portugal Unip. Lda. (formerly Altamira Asset Management Portugal Unip. Lda., with registered office at Avenida da República 90, Piso 2, 1600-206 Lisbon, registered at the Companies Register of Lisbon, VAT no. 514 323 736.

doValue Spain (formerly Altamira Asset Management S.A., with change of name as of 15 March 2023) doValue Spain Servicing S.L. with registered office at calle José Echegaray, 6 Las Rozas de Madrid, Madrid, share capital of €937,500, registered in the Madrid Companies Register, tome 31469, folio 40, page M566434, tax code A86819596 and VAT number ESA86819596.

Issuer / doValue / Company / Parent Company: doValue S.p.A., with registered office in Viale dell'Agricoltura, 7 - 37135 Verona share capital of Euro 41,280,000.00 fully paid-in, registered with the Verona Company Register, in the R.E.A. under no. VR/19260, tax code 00390840239 and VAT no. 02659940239.

Financial Year: the company financial year to which this Report relates, from 1 January to 31 December 2022.

Fortress: Fortress Investment Group LLC, based at Corporation Trust Center 1209, Orange Street, 19801, Wilmington, Delaware, DE, United States

Group / doValue Group: the doValue Group, at the date of 31.12.2022 based upon the consolidation perimeter, consisting of doValue in the capacity of Parent Company, doNext, doData, Altamira, Altamira Cyprus, doValue Portugal, doValue Greece, doValue Greece Real Estate and doValue Cyprus.

Fortress Group: Fortress and any company or entity directly or indirectly controlled by it, or subject to common control of the same.

MAR.: "Market Abuse Regulation" - Regulation EU no. 596/2014 on market abuse.

MTA: the Screen-Based Stock Exchange organised and run by Borsa Italiana on which the doValue shares are traded.

Listing: the listing of the Issuer's shares on the MTA, organised and managed by Borsa Italiana S.p.A, with start of trading on 14 July 2017.

Implementing Regulation: Regulation EU no. 347/2016 for the implementation of the MAR.

Consob Regulation on Issuers: the Regulation issued by Consob with Resolution No. 11971 of 1999 (as subsequently amended) on issuers.

CONSOB Related Parties Regulation: the Regulation issued by Consob with Resolution No. 17221 of 12 March 2010 (as subsequently amended) concerning related party transactions.

Report: the report on corporate governance and ownership structure, which companies are required to prepare pursuant to Article 123 bis of the Consolidated Law on Finance.

Financial Year: the financial year to which the report refers

Remuneration Report: the report on the remuneration policy and compensation paid in 2022, prepared by the Company pursuant to Article 123-ter TUF and 84-quater Consob Regulation on Issuers.

Internal Controls System: the internal controls system adopted by the Group.

doValue Website: the Company's website available at the page www.doValue.it.

Independent Auditing Company: EY S.p.A.

SoftBank: SoftBank Group Corporation based in 1-9-1 Higashi-Shinbashi, Minato-ku - Tokyo - Japan.

Articles of Association: the existing doValue articles of association as published on the Company's website at the approval date of this document.

TUF: Legislative Decree No. 58 of 24 February 1998, (the "Consolidated Law on Finance"), as updated from time to time

ZARCO: ZARCO STC S, with registered office at Avenida da República, nº 90, 2º, Freguesia de Alvalade, Lisbon, share capital of EUR 125,000, registered in the Lisbon Register of Companies, tax code 515886068

1. ISSUER'S PROFILE

doValue, listed on the MTA of Borsa Italiana (now Euronext Milan) since 14 July 2017, is a servicing company (ex art. 115 of the T.U.L.P.S. which regulates the debt collection sector); since 3 June 2022, doValue's ordinary shares have been admitted to trading on the Euronext STAR Milan segment. The Company has adopted the "traditional" type of management and oversight model, the structure of which is centred on the presence of the Board of Directors and the Board of Statutory Auditors, as a body with control functions, both appointed by the shareholders' meeting. It is also envisaged for the Board of Directors to appoint a Chief Executive Officer.

doValue, Parent Company of the doValue Group (formerly doBank Group), is Southern Europe's leading operator in credit management and real estate services, mainly deriving from non-performing loans, on behalf of banks and investors. The Group operates mainly in Italy, Spain, Portugal, Greece and Cyprus and provides integrated credit and real estate asset management services, with the aim of supporting banks and proprietary investors of assets in their goals of creating value.

The Group's main areas of activity are the following:

servicing of performing loans and early arrears,
servicing of UTP (unlikely-to-pay) loans,
servicing of NPL (non-performing-loans),
servicing of real estate assets,
data provision services and other services ancillary to the servicing activity.

The Group also aims to guarantee the implementation of significant synergies and its organisation involves close integration between the subsidiaries and the Parent Company.

The Group's unitary governance is guaranteed by the role of guidance, governance and support played by the Parent Company as well as by the respect, by all companies that form part of it, of a set of common principles constituting the basis of the business operations.

doValue holds 100% of the capital of the following companies belonging to the doValue Group:

doNext, a company specialised in master servicing and cash management activities, also having as its object the granting of loans pursuant to Article 106 TUB and authorised by the Bank of Italy on 29 October 2019 to provide payment services pursuant to Article 1, paragraph 2, lett. h.septies.1), no. 3 of Legislative Decree no. 385/1993 (TUB), through the establishment of a dedicated asset, in order to provide ancillary services to the management of UTP;
doData, with the mission to provide business information and data quality management services specifically for non-performing loans;
doValue Greece Real Estate, a Greek company, operating in the real estate sector.

doValue also directly controls the following companies active in the field of credit management and recovery:

doValue Greece, of which it holds 85% of the capital 1 .
doValue Cyprus of which it holds 94% of the capital²
doValue Greece, of which it holds 80% of the capital 3 .

doValue indirectly controls the following companies, again active in the field of credit management and recovery:

• doValue Portugal, Altamira Cyprus, Adsolum Real Estate through doValue Spain, Arpitan Capital S.L. through Adsolum Real Estate and Zarco through doValue Portugal.

On the aforementioned subsidiaries, doValue exercises management and coordination activities pursuant to Articles 2497 et seq. of the Civil Code.

doValue holds direct minority shareholdings in

QUERO QUITAR S.A. for a share of 11.46% of the capital, a Brazilian fintech company operating in the field of digital collection;
BidX1 Acquisitions Limited for a share of 17.70% of the capital, a British company specialising in the promotion and execution of real estate transactions by way of real time online auction processes.

Finally, doValue - through doNext - holds an indirect minority interest of 16% of the capital in Società Gestione Crediti Delta S.p.A. ("SGCD"), a company operating in the field of debt management and debt collection in Italy. In line with Principle I of the Corporate Governance Code, the Board of Directors plays a fundamental guidance role over the Issuer with the aim of pursuing its sustainable success. In that regard, on 16 December 2021, the Board of Directors attributed to the Risks and Related Party Transactions Committee also functions in relation to sustainability, with the aim of receiving support from that Committee in the analysis of issues relevant to the pursuit of sustainable success, namely the generation of value in the long-term to the benefit of the shareholders, taking account of the interests of other relevant stakeholders for the Company. For an in-depth analysis of the duties and responsibilities of the committee in question, see Section 9.2 of this Report.

doValue, in the capacity of Issuer included in entities of public interest, presented during the Financial Year the Non-Financial Consolidated Declaration drafted in conformity with Legislative Decree 254/2016 - which implements Directive 2014/95/EU - for the 2021 financial year and the respective Consob Implementing Regulation adopted with Resolution no. 20267 of 18 January 2018, approved by the Board of Directors on 17 March 2022.

Sustainability is one of the five pillars of the Group's 2022-2024 Business Plan approved and presented to the financial community in January 2022, to which doValue will continue to commit in line with the best international standards. Following the publication of the Sustainability Policy and Plan 2021-2023, which was approved by the Board of Directors on 16 December 2021, doValue continued on the path of integrating its sustainability strategies by strengthening ESG Governance, Diversity & Inclusion, Privacy and Cybersecurity programmes, and the focus

¹ The remaining 15 per cent of the share capital is held by Deva Capital Servicer Company, S.L.U, a company related to the Santander group.

² The remaining 6 per cent of the share capital is held by Altamira.

³ The remaining 20% of the share capital is held by Eurobank S.A..

on people and the environment.

In 2022, the principles of the Charter of Values were defined and the Code of Ethics for the External Network was updated in line with the high quality standards set out in the Group Code of Ethics. Dialogue, Transparency, Fairness, Respect, Involvement are the principles of the Charter of Values that inspire relationships and behaviour to actively contribute to the creation of a more inclusive and sustainable future.

The Consolidated Non-Financial Statement, the Plan, the Sustainability Policy and the Charter of Values can be found at www.dovalue.it.

doValue's strong and unwavering commitment to acting responsibly to foster the creation of sustainable value in the medium to long term in the interests of all stakeholders has also been recognised by Sustainalytics with an upgrade from medium risk to low risk.

doValue's operational excellence and concrete commitment to sustainability is also demonstrated by the excellent ratings assigned to the company by MSCI ESG Ratings (AA rating) and Vigeo Eiris ("limited risk" rating).

See Section 8 on the remuneration of the directors and Section 9 on the internal control and risk management system with regard to the respective interventions on sustainability.

doValue, as of January 2023, is no longer included in the list of issuers of listed "SME" shares, as defined pursuant to Article 1, paragraph 1, letter w-quater.1), of the TUF and Article 2-ter of the Consob Issuers' Regulations, considering that its average market capitalisation during the year 2022 exceeded the reference threshold of €500 million. The capitalisation of the Company as at 30.12.2022 is € 572.8 million, while turnover as at 31.12.2022 is approximately € 168 million.

doValue does not fall within the Corporate Governance Code definition of "large company" or that of "company with concentrated ownership".

2 INFORMATION ON SHAREHOLDERS (pursuant to Article 123-bis, paragraph 1, TUF) AS OF 31 DECEMBER 2022

a) Share capital structure (pursuant to Article 123-bis(1)(a) TUF)

The doValue share capital – which is described in more detail and comprehensively in Table 1 at the foot of this Report - is made up entirely of ordinary shares, traded on the MTA. By order of Borsa Italiana No. 8858 of 25 May 2022, the ordinary shares of doValue, as of 3 June 2022, were admitted to trading on the Euronext STAR Milan segment of the Euronext Milan market. The share capital of doValue as of 31 December 2022 amounted to Euro 41,280,000.00 (fully subscribed and paid up), divided into 80,000,000 shares - indivisible and registered - with no indication of par value, and did not change as of the date of this Report.

Entity holding indirect investment	Shareholders	Number of shares	Share held	Total no. shares	Total share held
	AVIO S.a.r.l. (*)	20,040,000	25.05%
Softbank Group Corp.	Other investors			22,614,211	28.27%
	attributable to Softbank
	Group Corp. (*)	2,574,211	3.22%
Bain Capital Credit	Sankaty European
Member, LLC	Investments S.à r.l. (**)	10,863,638	13.58%	10,863,638	13.58%
	Jupiter Asset Management Ltd (***)	5,237,481	6.55%	5,237,481	6.55%
	Global Alpha Capital Management Ltd. (* * *
	*)	4,249,399	5.31%	4,249,399	5.31%
	doValue (Treasury shares)	900,434	1.13%	900,434	1.13%
	Other Shareholders	36,134,837	45.16%	36,134,837	45.16%
	TOTAL	80,000,000	100.00%	80,000,000	100.00%

(*) Shareholders attributable to Softbank Group Corp. as resulting from the communication of 15 December 2021

(**) Shareholders attributable to Bain Capital Credit Member LLC, as recorded by the communication dated 13 July 2021

(***) Shareholder, as recorded by the communication Form 120A dated 16 June 2021

(****) Shareholder, as recorded by the communication Form 120A dated 28 March 2022

The capitalisation of the Company is affected by fluctuations of the market values and, considering the value of the Company shares in the 2022 Financial Year, the dynamics indicated below can be identified:

DATE	SHARE VALUE	CAPITALISATION
Closing value 3 January 2022	€ 8.50	€ 680,000,000.00
Closing value 30 December 2022	€ 7.16	€ 572,800,000.00

There are currently no employee shareholding schemes in doValue which exclude the direct exercise of the voting rights.

In relation to treasury shares, see paragraph i) below of this section.

b) Restrictions on the transfer of securities (pursuant to Article 123-bis(1)(b) TUF)

There are no restrictions on the transfer of share securities, as the shares are transferrable by the legal methods.

c) Significant shareholdings in the capital (pursuant to Article 123-bis(1)(c) TUF)

At 31 December 2022 the following entities possess shareholdings:

Based upon the communications received from doValue, at 31 December 2022 there are four "Entities" which hold, even indirectly, a share of more than 3% of the share capital; more specifically, these are:

(i) SoftBank, which indirectly holds 28.27 per cent of the share capital of doValue (unchanged since the end of 2021);
(ii) Bain Capital Credit Member, LLC, which indirectly holds 13.58% of the doValue share capital.
(iii) Jupiter Asset Management Limited, which indirectly holds 6.55% of the doValue share capital;
(iv) Global Alpha Capital Management Ltd, which directly holds 5.31% of doValue's share capital (up slightly from 5.06% at the end of 2021).

The Company no longer qualifies as an SME as of January 2023; this entails the application of an additional materiality threshold for the purposes of the disclosure obligations of significant shareholdings, pursuant to Article 120 of the TUF, of 3% of the capital. The shareholders who consequently disclosed that they hold stakes above the new threshold of 3% of the capital and below 5%, in accordance with Articles 117(2-bis) and 121(3-bis) of the Regulation on Issuers were: (see paragraph 15).

d) Securities conferring special rights (pursuant to Article 123-bis(1)(d) TUF)

There are no securities granting special rights of control over doValue.

e) Employee shareholding: mechanism for exercising voting rights (pursuant to Art. 123 bis (1)(e) TUF)

There are employee shareholding schemes in doValue. For an overall view, see the contents of the Company's Remuneration Policy; employees holding shares of the Company exercise their rights as shareholders in the same manner as the other shareholders.

f) Voting restrictions (pursuant to Art. 123 bis (1)(f) TUF)

There are no restrictions on the voting right with reference to the Issuer's shares, or mechanisms that may constitute potential restrictions.

g) Shareholder agreements known to doValue pursuant to Article 122 TUF (formerly Article 123-bis(1)(g) TUF)

At the date of this Report, no existing agreements and/or establishment of associations or committees between Shareholders of the Company have been received or are even known to doValue.

h) Change of control clauses (pursuant to Article 123-bis(1)(h) of the Consolidated Law on Finance) and statutory provisions on takeover bids (pursuant to Article 104(1-ter) of the TUF) )

This section sets out contracts that include change of control clauses (pursuant to Article 123-bis(1)(h) of the

TUF), in force as at 31 December 2022:

The servicing contract between UniCredit and doValue (UniCredit MSA) gives the UniCredit Group companies participating in the contract the right to withdraw, in whole or in part, from the contract, without the payment of any penalty, upon the occurrence of certain events (which will therefore constitute just cause for revocation pursuant to Article 1725 of the Italian Civil Code), including the possibility that one or both of the first two, or both of the first two, major competitors of UniCredit operating in Italy and/or Germany ("Main Competitors") may come to hold, directly or indirectly, the absolute majority of the voting shares of the Servicer or the right to appoint the majority of the directors.
The servicing contracts signed between doValue and the securitisation companies Romeo SPV Srl and Mercuzio Securitization Srl (transferees of the portfolio previously held by doValue) include among the events that entitle the SPV to withdraw from the contract cases in which the Fortress Group ceases to a) hold, in aggregate form, an investment in the doValue share capital of at least 51%; or b) have the right, directly or indirectly, to appoint the majority of members of the doValue board of directors.
The servicing agreements related to the following securitisation vehicles (Prisma SPV, BCC NPLs, Belgirate vehicle, Relais SPV, Ortles 21 S.r.l., Luzzati POP NPLs 2021 S.r.l., Olympia SPV S.r.l. Itaca SPV s.r.l.) in which doValue and/or Italfondiario (now doNext) hold, as appropriate, the role of servicer, special servicer or master servicer, include as a cause for revocation of the appointment the case where the servicer transfers all, or a significant part, of its activities relating to the services indicated in the contract to a company that does not form part of the Servicer's group, or eliminates the structure responsible for the administration and collection of credits, without the prior consent of the issuer, if those circumstances, individually or jointly, may reasonably prejudice the correct fulfilment by the Servicer of its obligations under the contract.
The contracts signed between AMCO Asset Management Company S.p.A. and, respectively, Italfondiario (UTP perimeter) and doValue (NPL perimeter), in the capacity of Servicer include a "Change of Control" clause which contemplates "any event that alternatively (i) involves a substantial modification of the Servicer's ownership structure, (ii) involves the transfer of control to a company not forming part of the Servicer's corporate group of all, or a significant part, of its company or corporate group, (iii) eliminates the structure in charge of activities of administration and recovery of credits", which would entitle AMCO, if it considers it prejudicial, to declare autonomously the respective contracts to be terminated, in accordance with and for the effects of Article 1456 of the Italian Civil Code.
The terms and conditions that regulate the guaranteed senior bond loans issued, respectively, in the year 2020 and in 2021, by doValue envisage, in the circumstance where:
- (i) a third party enters into possession, directly or indirectly, of over 50% of the total voting rights of the doValue voting shares;
- (ii) the sale, lease, transfer or any other act of disposition of all or a significant part of the activities of doValue

and its subsidiary companies occurs;

the right of each bondholder to ask the Company to purchase all, or part, of the bonds held at a purchase price equal to 101% of the nominal amount of those bonds, plus interest accrued and unpaid up to the purchase date (not before 10 and within 60 days from the communication of the change of control to the bondholders and to the trustee by the shareholders, which must be made within 60 days from that event); unless doValue exercises its right to repay in full the bond loan according to the terms established by the regulation.

The servicing contract (Project Solar) signed between doValue Hellas and 4 systemic Greek banks envisages a condition of withdrawal, in favour of the latter, if Fortress ceases to hold (directly or indirectly) at least 10% per cent of the doValue shares issued and outstanding or if the majority of the doValue directors cease to be elected by Fortress or if, finally, doValue or doValue Hellas are reorganised by methods that configure one or both of the cases indicated above. In July 2021, doValue Hellas was merged by incorporation into doValue Greece and, in that context, the 4 systemic Greek banks waived the exercise of the right of withdrawal.
The servicing agreement (Project Icon) signed between Eagle Issuer DAC (entity controlled by Bain) and doValue Greece, provides for a unilateral termination right in favour of Eagle in the event of a change of control, direct or indirect, of the servicer, defined as the occurrence of one of the following events: (i) a change, direct or indirect, in the person holding or controlling 50.01% or more of the equity interests in the servicer; (ii) a change, direct or indirect, in the person holding or controlling 50.01% or more of the voting rights of the servicer; and/or (iii) a change, direct or indirect, in the person holding or controlling the right to appoint all, or a majority of, the members of the board of directors or the members of the management body of the servicer.
The servicing agreement (Project Neptune) entered into between Poseidon Financial Investor DAC (an entity controlled by Fortress) and doValue Greece, as servicer, provides for a unilateral termination right in favour of Poseidon in the event of a change of control, direct or indirect, of the servicer, defined as the occurrence of one of the following events: (i) the servicer ceases to be a subsidiary of doValue S.p.A. or (ii) the servicer continues to be a subsidiary of doValue S.p.A., but the latter company becomes a subsidiary of one or more entities not related to Fortress Investment Group LLC.

The By-laws of the Company do not provide for any exceptions to the provisions on the passivity rule set forth in Article 104, Sections 1 and 1-bis, of the TUF, nor do they provide for the application of the neutralisation rules set forth in Article 104-bis, Sections 2 and 3, of the TUF.

i) Powers of attorney to increase the share capital and authorisations to purchase treasury shares (pursuant to Article 123-bis(1)(m) TUF))

On 26 May 2020, the Shareholders' Meeting granted the Board of Directors the power to increase the share capital, in one or more tranches and, in any case, in divisible form, with the exclusion of option rights pursuant to Articles 2443 and 2441, paragraph 4, second sentence, of the Italian Civil Code, i.e. by payment and in cash, through the issue, also in several tranches, of a number of ordinary shares not exceeding 10% of the total number of doValue shares outstanding at the date of any exercise of the power (Article 5).

On 28 April 2022, the Shareholders' Meeting revoked the authorisation for the purchase and disposal of treasury shares granted by the same to the Board of Directors with the resolution dated 29 May 2021.

At the same time, with 98.818% of the votes (equal to 81.890% of total share capital) it granted the Company's Board of Directors a new authorisation for the purchase and disposal of treasury shares in one or more transactions, according to the same terms and conditions as the previous meeting resolution, as indicated in the resolution proposal approved by the Board of Directors on 28 March 2022 and illustrated in the report available on the Company's website ww.dovalue.it in the section "Governance - Shareholders' meeting of 28 April 2022".

In accordance with the applicable regulations and in a manner that ensures equal treatment of shareholders, the resolution concerns the purchase, in one or more transactions, of up to 8,000,000 ordinary shares of the company, equal to 10% of the total, for a period of 18 months from the shareholders' approval.

as of 31 December 2022, doValue held 900,434 treasury shares equal to 1.134% of the share capital. The 2022 purchases were made in implementation of the shareholders' meeting resolution dated 28 April 2022, in respect of the prescribed processes.

l) Management and co-ordination activities (pursuant to Article 2497 et seq. of the Italian Civil Code) The Issuer is not subject to management and coordination activities pursuant to Article 2497 et seq. of the Italian Civil Code.

Therefore, the determination of the strategic and management guidelines of doValue and, more generally, the entire activity of the Company is the result of free the self-determination of its corporate bodies.

As regards the additional:

information required by Article 123 bis, paragraph 1, letter i) of the TUF, in relation to "agreements between the company and the directors […] that involve an indemnity in the event of resignation or dismissal without just cause or if their employment relationship ceases following a public takeover bid", see the Section of this Report dedicated to the remuneration of the Directors;
information required by article 123 bis, paragraph 1, letter l) of the TUF, in relation to "the rules applicable to the appointment and replacement of the directors […] as well as the modification of the articles of association, if different from the legislative and regulatory rules applicable on a supplementary basis", see the Section of this Report dedicated to the Board of Directors.

3 COMPLIANCE (pursuant to Article 123-bis(2)(a) first part, TUF)

doValue has adopted the traditional governance model which is not influenced by non-Italian legal provisions.

doValue adhered to the Corporate Governance Code on 25 February 2021.

In this Report, doValue intends to illustrate in detail the methods by which the Corporate Governance Code has been applied by the Company, also highlighting the principles that have been accepted.

The corporate governance practices adopted by the Company are illustrated below in this Report and further information on doValue's corporate governance structure is available on the Internet Website www.dovalue.it.

4 BOARD OF DIRECTORS

4.0ROLE OF THE BOARD OF DIRECTORS

In conformity with existing regulations aimed at companies with shares listed on regulated markets and in compliance with the recommendations of the Corporate Governance Code, the Board of Directors plays a central role in the governance model of the Company and of the Group.

Consistent with Principle III of the Corporate Governance Code and pursuant to Article 17 of the By-laws, the Board of Directors is vested with all powers for the ordinary and extraordinary administration of the Company, with the exception of those reserved by law or by the By-laws to the Shareholders' Meeting, and has the authority to perform all acts it deems appropriate to carry out the activities constituting the corporate purpose and instrumental to it.

The following resolutions are under the exclusive remit of the Board of Directors:

the appointment and revocation of the Chief Executive Officer as well as the Manager in Charge of preparing the corporate accounting documents;
adjustments of the Articles of Association that become necessary to guarantee their conformity with the regulatory provisions applicable each time;
the merger by incorporation of companies in the cases envisaged by Articles 2505 and 2505 bis of the Civil Code;
demerger in the cases provided for in Article 2506 ter of the Civil Code;
the reduction of the capital in the case of shareholder withdrawal;
the indication of which persons, in addition to those indicated in the articles of association, are entitled to represent the Company;
the opening or closure in Italy or abroad of secondary headquarters with permanent representation;
the transfer of the registered office within the country.

The Board of Directors, also by way of the Board Committees for the respective areas of activity, has, over time, assessed and overseen, insofar as it is responsible, the adequacy of the organisational, administrative and accounting structure, with particular reference to the internal control and risk management system; that activity is implemented by way of the competent company functions, which have duly reported in that regard to the Board of Directors.

With regard to the assessment of the adequacy of the organisational, administrative and accounting structure of strategically important subsidiaries, with particular reference to the internal control and risk management system (Recommendation 1. c), the initiative was implemented during the year 2022 in line with the objectives of implementing more uniform operating and control standards at Group level.

The Board of Directors directs the Group, bearing in mind the Recommendations of the Corporate Governance Code and national and international best practices when analysing relevant issues of social and environmental

value for shareholders and all other stakeholders; in particular, with regard to sustainability, the Board examines and approves:

the content of the Group's Non-Financial Consolidated Declaration pursuant to Italian Legislative Decree 254/2016 (the "Non-Financial Consolidated Declaration"), therein including the analysis of materiality and the respective stakeholder engagement activities;
the guidelines of the Sustainability Plan and Company policies on human rights, corporate ethics and integrity, diversity and inclusion, as well as integration policies of environmental, social and governance issues in the business model as well as initiatives undertaken by the Company to address issues related to climate change and the related reporting;
in relation to governance of the risks and internal control system of the Company and of its subsidiary companies and in relation to sustainability, initiatives and activities aimed at creating shared value for all Stakeholders and disseminating a sustainability culture in all countries in which the Group is present;
the profit and non-profit strategy, as well as the Company's sustainable finance initiatives.

In accordance with the Corporate Governance Code, coherently with the provisions at statutory level and in its Regulation, the Board of Directors, inter alia:

a) in line with Recommendation 1, letter c), defines the nature and risk level compatible with the Company's strategic objectives, including in its assessments all risks that may become significant from the perspective of the medium-long term sustainability of its activity;
b) in line with Recommendation 1, letters a) and b), approves the general guidelines as well as the adoption and modification of the Group's consolidated industrial, strategic and financial plans, periodically monitoring their implementation and the Group's performance in general;
c) in line with Recommendation 1, letter d), second part, resolves on the strategic guidelines of the Company and continuously verifies their implementation, assessing the adequacy of the organisational, administrative and accounting structure as well as the Group's overall internal control system (see Section 9 for further details);
d) in line with Recommendation 1, letter e), resolves on the transactions of the Company and its subsidiaries which have significant strategic, economic, capital or financial importance for the Issuer itself, establishing the general criteria to identify transactions of strategic significance;
e) establishes the criteria for coordination and management of the Group companies;
f) verifies, inter alia, the coherence of the remuneration and incentive systems with the business objectives and values, in order to attract, retain and motivate people having the professional qualifies required to run the company successfully;
g) appoints and revokes, having liaised with the Board of Statutory Auditors, the Head of the Internal Audit function, the Head of AML and the Manager in Charge;
h) appoints and revokes the Head of the Internal Controls Department along with the Heads of structures reporting directly to the Chief Executive Officer -, the Data Protection Officer, as well as the Supervisory Body

in accordance with Italian Legislative Decree 231/01 and, for the latter, establishing their remuneration; defines the criteria for identifying the most significant transactions to be submitted for the prior approval of the Risks, Related Party Transactions and Sustainability Committee and resolves on related party transactions in accordance with the procedures adopted in that sense and establishes their thresholds in terms of economic value.

In line with Recommendation 1, letter f), the Board of Directors has for some time adopted, in conformity with legal provisions in force at the time, specific procedural rules aimed at guaranteeing the maximum level of correctness, accuracy and timeliness in the process of managing and disseminating corporate information, with particular reference to inside information, as well as the broadest transparency and accessibility in favour of the market (for further details see Section 5).

The Board of Directors also, in line with Recommendation 3 of the Corporate Governance Code, on 16 December 2021, with a view to facilitating the creation of value sustainable in the medium to long-term and defining the strategy that inspires the actions of the company, has adopted the policy for managing dialogue in general with stakeholders (see Section 12 for details).

4.1 APPOINTMENT AND REPLACEMENT (pursuant to Article 123-bis(1)(l), first part, TUF)

In accordance with the statutory and regulatory provisions applicable to listed companies, Article 13 of the By-laws provides that the Board of Directors is appointed by the Shareholders' Meeting on the basis of lists submitted by the shareholders or by the Board of Directors, in which the candidates, listed in a number not exceeding 11, are matched with a progressive number.

In addition to any list submitted by the Board of Directors, only shareholders who, alone or together with others, hold a stake in the share capital with voting right of no less than 2.5%, or no less than that determined by Consob in accordance with existing regulations, may submit lists for the appointment of the Directors ⁴ .

Each shareholder may submit or contribute to submitting only one list and each candidate may only appear on one list, under penalty of ineligibility.

Each list that has a number of candidates equal to or greater than three must be made up of candidates belonging to both genders, so as to ensure respect of the gender balance at least to the minimum extent required by the legislation, including regulatory, in force at the time.

The list of the Board of Directors, where submitted, must be filed at the Company's registered office by the thirtieth day prior to the date of the Shareholders' Meeting and must form the subject of the publicity formalities envisaged by existing regulations.

Lists submitted by the shareholders must, under penalty of forfeiture, be filed at the registered office, by the twenty-

4 Percentage confirmed by Consob Executive Determination No. 76 of 30.01.2023

fifth day before the date of the Shareholders' Meeting and they are made available to the public at the registered office, on the doValue internet website and by the other methods envisaged by existing regulations, at least twenty-one days before the date of the Shareholders' Meeting.

The lists submitted must also be accompanied, as well as by the other documentation required by existing regulations, (a) by information regarding the identity of the shareholders who submitted the lists, indicating the total percentage of the share capital held, it being understood that the certification proving such ownership may be produced by the deadline set for publication of the same by the Company;

(b) by a declaration of the shareholders other than those who hold, even jointly, a controlling or relative majority investment, certifying the absence of relationships of connection, as defined by existing regulations;

(c) by comprehensive information on the personal and professional backgrounds of the candidates and any indication of their suitability to qualify as Independent Directors under the applicable law, and a statement by those candidates declaring that they meet the requirements established by the legislation, including regulations, in force at the time and by the Articles of Association, including the requirements of integrity and, where applicable, independence, and their acceptance of the candidacy and the role, if elected;

(d) by any other further or different declaration, information and/or document envisaged by the legislation, including regulatory, in force at the time.

The lists for which the requirements indicated above are not respected are considered not to have been submitted.

Each entity entitled to vote may vote upon a single list and the vote of each shareholder will concern the list and, consequently, all candidates indicated on it, with no possibility of variations, additions or exclusions.

Based upon the provisions of the By-laws, the election of the Board of Directors occurs, at the end of the vote, in accordance with what is indicated below:

(i) all directors to be elected, except one, are taken from the list that came first by number of votes, in the sequential order in which they are indicated on that list;
(ii) the remaining director to be elected, in possession of the independence requirements, is taken from the list that came second by number of votes and who is not connected, in any way, even indirectly, in accordance with the legislation, including regulatory, in force at the time, with the entities legitimated to vote who submitted or voted on the list that came first; the first candidate in sequential order on the list in possession of the independence requirements is therefore elected;
(iii) if the first two lists obtain the same number of votes validly cast in the Shareholders' Meeting, the list submitted by the Shareholders holding the biggest investment will prevail;
(iv) if the number of candidates indicated in both the majority and minority lists submitted is less than the number of Directors to be appointed, the remaining Directors will be appointed by a resolution adopted by the Shareholders' Meeting by relative majority guaranteeing respect of the principles of independence and gender balance envisaged by the legislation, even regulatory, in force at the time. In the event of equal votes between two or more candidates, a ballot will be held between the same in the Shareholders' Meeting;
(v) if only one list is submitted, the Shareholders' Meeting will vote on that list, and if that list obtains the relative

majority of the votes cast in the Shareholders' Meeting, the candidates, listed in sequential order, will be appointed up to the number determined by the Shareholders' Meeting, guaranteeing respect of the requirements of independence and gender balance envisaged by the legislation, even regulatory, in force at the time;

(vi) if no list is submitted, or only one list is submitted, and that list has not obtained the relative majority of the votes cast in the Shareholders' Meeting, the Shareholders' Meeting will resolve by the methods indicated in paragraph (iv) above;
(vii) if the necessary minimum number of Independent Directors and/or Directors belonging to the less represented gender has not been elected, the Directors on the List which came first, marked by the highest sequential number and not having the requirements in question, are replaced by the next candidates having the necessary requirement or requirements belonging to the same List;
(viii) if, even applying the replacement criteria indicated in paragraph (vii) above, suitable replacements are not identified, the Shareholders' Meeting resolves by relative majority. In this case, the replacements will be made starting with the lists that progressively received the highest number of votes and with the candidates bearing the highest sequential number;
(ix) the list voting procedure described in this paragraph applies only in the case of appointment of the entire Board of Directors. If the entire Board of Directors is not to be renewed or if, for any reason, it is not possible to appoint the Board of Directors by the methods indicated in this paragraph, the Shareholders' Meeting resolves according to the methods indicated in paragraph (iv) above.

In the event of termination from the role, for any reason, of one or more directors, they are replaced according to the following methods:

(i) if the outgoing director is taken from a minority list, and provided that the majority of the directors is still made up of directors appointed by the Shareholders' Meeting, the Board of Directors will appoint the replacement by way of co-opting in accordance with Article 2386 of the Civil Code, by resolution approved by the Board of Statutory Auditors, from candidates belonging to the same list as the outgoing director, if they are in possession of the necessary requirements and willing to accept the role. If, for any reason, there are no names available and eligible or if the outgoing director is taken from the list that came first, the Board of Directors will appoint the replacement or replacements by co-opting in accordance with Article 2386 of the Civil Code without restrictions on the choice between the members of the lists submitted.
(ii) If the Shareholders' Meeting must proceed in accordance with the law to appoint the directors required to supplement the Board of Directors as a result of termination, the provisions of the Articles of Association will be followed, namely:
(a) if it necessary to replace one or more members of the Board of Directors taken from the list that came first, the replacement will occur by decision of the ordinary Shareholders' Meeting which resolves with the relative majority of votes represented therein, without restrictions on the choice between the members of the lists submitted;
(b) if, on the other hand, it is necessary to replace the member of the Board of Directors taken from the list that

came second, the Shareholders' Meeting proceeds, with the vote assumed by relative majority of the votes represented therein, to choose them, where possible, from the candidates indicated in the list of which the replaced director formed part, who have confirmed in writing, at least 10 (ten) days before that fixed for the Shareholders' Meeting, their candidacy, together with declarations on the absence of causes of ineligibility or forfeiture, as well as the existence of the requirements laid down by the legislation, including regulatory, in force at the time or by the Articles of Association for the assumption of the role. If that replacement procedure is not possible, the member of the Board of Directors will be replaced by a resolution to be passed by relative majority of the votes represented at the Shareholders' Meeting in respect, where possible, of the representation of minorities;

(iii) The replacements indicated above must, in any case, be made in respect of the legislation, including regulatory, in force at the time on gender balance and the minimum number of Independent Directors.
(iv) The Directors appointed by the Shareholders' Meeting in replacement of the outgoing members expire together with those in office at the time of their appointment.

Finally, any time, for any reason or cause, the majority of Directors appointed by the Shareholders' Meeting is no longer in place, the entire Board of Directors is understood to be forfeited and the Directors remaining in office must convene the Shareholders' Meeting to appoint the new Board of Directors by the procedure indicated above.

With regard to information on the role of the Board of Directors and the board committees in the processes of selfassessment, appointment and succession of the directors, refer to the contents of Section 7 below.

4.2 COMPOSITION (pursuant to Article 123-bis, paragraph 2, letters d) and d-bis), TUF)

The Board of Directors currently in office was appointed by the Shareholders' Meeting on 29 April 2021 which determined its number at 10 members and fixed its expiry at the date of the Shareholders' Meeting convened to approve the financial statements of the 2023 Financial Year. The Shareholders' Meeting of 28 April 2022 confirmed in office the Director already co-opted at the meeting of 4 August 2021, Prof. Cristina Finocchi Mahne, who will remain in office until the expiry of the current Board.

The Board currently in office, as also verified by the Appointments and Remuneration Committee, includes various members having the professionalism and expertise adequate to the duties entrusted to them, considered necessary to guarantee adequate internal dialectics as well as an appropriate number of independent members in accordance with the Corporate Governance Code.

At its meeting of 4 June 2021, the Board of Directors, having obtained the unanimous opinion of the Appointments and Remuneration Committee, identified the quantitative and qualitative criteria for assessing the materiality of the relationships referred to in Recommendation No. 7 (c) and (d) of the Corporate Governance Code. With reference to direct relationships, the Company considers significant those that have generated a consideration, when considered on an annual basis, in excess of EUR 50,000.00 and that at the same time represent at least 30% of the director's annual income.

With reference to indirect relationships, on the other hand, it considered significant those that generated a fee at least

equal to a certain percentage of the annual turnover of the company or the entity in which the director has control or is a director, or of the professional firm or consulting company of which he is a partner.

On 23 February 2023, the Board of Directors assessed the continued existence of the independence requirements, according to the quantitative and qualitative criteria identified by the Company, for the Chairman Giovanni Castellaneta and the Directors Nunzio Guglielmino, Giovanni Battista Dagnino, Marella Idi Maria Villa and Cristina Finocchi Mahne. The Board of Statutory Auditors verified the correct application of the criteria and procedures adopted by the Board of Directors, supported by the Appointments and Remuneration Committee, for the purposes of the aforementioned assessment, and both outcomes (Board assessments and Board of Statutory Auditors' verification) were communicated to the market.

The Company is therefore broadly in line with the indication of the Code which envisages the presence of at least onethird of independent Directors.

The doValue Board of Directors in office at the date of this report consists of the following ten members, all having professionalism and expertise adequate to the duties entrusted to them:

•	Chairman	Giovanni Castellaneta
•	Chief Executive Officer	Andrea Mangoni
•	Non-executive Director	Emanuela Da Rin
•	Independent Director	Giovanni Battista Dagnino
•	Non-executive Director	Francesco Colasanti
•	Independent Director	Cristina Finocchi Mahne
•	Independent Director	Nunzio Guglielmino
•	Non-executive Director	Roberta Neri
•	Non-executive Director	Giuseppe Ranieri
•	Independent director	Marella Idi Maria Villa

The current composition of the Board of Directors guarantees the gender balance, in respect of legislative and regulatory provisions applicable at the time of appointment (in accordance with Art. 147 ter, paragraph 1 ter of the TUF and in conformity with the provisions of Law no. 160 of 27 December 2019).

For each Director, a brief curriculum vitae is provided below and additional relevant information is provided in Table 2 at the foot of this Report.

Giovanni Castellaneta has been Chairman of the Board of Directors since 2015.

Born in Gravina in Puglia (BA) on 11/09/1942, he graduated in Law from the La Sapienza University of Rome. He was Head of the Press Service and Spokesperson for the Ministry of Foreign Affairs, Italian Government Representative for Reconstruction in Albania. He was Italian ambassador in Iran, Australia and in some Pacific Ocean States, in the USA and in the Bahamas. He was, from 2001 to 2005, diplomatic counsellor of the President of the Council and his personal representative for the G7/G8 Summits.

He has also served in other countries, including Somalia, Portugal, France and Switzerland/UN, and has worked for the FAO in Rome and for the European Commission in Brussels.

From 2002 to 2012 he covered the role of Board Director of Leonardo/Finmeccanica and Vice Chairman of the homonymous Group. From 2010 to 2016 he was Chairman of the Board of Directors of SACE and from 2012 to 2017 he covered the role of Chairman of doNext S.p.A. (formerly Italfondiario S.p.A.).

From 2013 to June 2018, he was Chairman of Torre SGR S.p.A. and from 2014 to 2018 he was Chairman of Milanosesto S.p.A..

At doValue SpA he also covered the role of member of the Risks and Related Party Transactions Committee and the Appointments Committee.

He was Chairman of the Board of Directors of Retelit Med S.r.l.

He has been a director of Exprivia S.p.A. since 2020 and of Vantea Smart S.p.A since 2022.

He has been General Secretary of the Iniziativa Adriatico Ionica (IAI) since June 2017.

He is a Knight of the Grand Cross of the Italian Republic and Officer of the Legion of Honour of the French Republic.

Andrea Mangoni has, since April 2016, been Chief Executive Officer of doValue.

Born in Terni in 1963, he graduated in Economic Sciences and began his career working with the Inter-American Development Bank, dealing with restructuring projects in Brazil and Argentina.

In 1996 he covered in Acea the role of Head of Extraordinary Finance and coordinated the activities relating to the company's stock market listing, occurring in 1998. Thereafter, he became Head of Planning and, from 2001, CFO. In 2003 he was appointed Chief Executive Officer.

In 2009 he joined Telecom Italia in the role of Group CFO and operational Chairman of Telecom Italia Sparkle, a company responsible for managing traffic and the international network. He was also the Head of ERM at Telecom from 2009 to 2012. In 2012 he was appointed International Operations General Manager of Telecom Italia and managed, amongst other things, the crisis and re-launch of Tim Brasil, becoming its CEO.

From June 2013 to March 2015 he held the role of Chairman and CEO of Sorgenia (CIR Group), and managed the financial restructuring of the company. In 2015 he held the role of General Manager of Fincantieri, which he left after a few months.

From March 2018 to April 2019 and again from September 2019 to January 2023, he was Chairman of the Board of Directors of doNext S.p.A., formerly Italfondiario S.p.A., a company of the doValue Group, of which he is currently Chief Executive Officer. From July 2019 to April 2021 and again from November 2021, he has been Chairman of the Board of Directors of Altamira Asset Management s.a., a Spanish-registered company of the doValue Group.

From April 2022 to January 2023, he was a member of the Board of Directors of Atlantia S.p.A.

In addition, since August 2020, he has covered ad interim the role of Italy Country & Region Manager of the doValue Group.

Francesco Colasanti, born in Frosinone on 29/12/1975, graduated in Economics from the LUISS Guido Carli

University of Rome.

Since 2001 he has been working at Fortress Investment Group where he was Managing Director and CO-Head of Fortress European NPL Business. From 2023 onwards, following his appointment as Co-head of Fortress Credit Europe, Francesco Colasanti will focus on the development of the Fortress Group in Spain, Greece, Portugal and other European countries.

He has participated in the main investment processes of the Fortress Group in the NPL sector and in the real estate sector. Among the most significant transactions, in 2015 he participated in the acquisition of UCCMB (Unicredit Credit Management Bank listed on the Milan Stock Exchange in 2017, now doValue). In 2005, he participated in the acquisition of IGC (Intesa Group's Intesa Gestione Crediti Servicer) and a portfolio of financial assets with GBV of EUR 13 billion from Intesa SanPaolo; from 2001 to 2022, he managed the acquisitions in Italy of 37 NPL portfolios for about EUR 42 billion of GBV. In the Greek market since 2019 he participated in the acquisition of significant financial assets sold by Alpha Bank and National Bank of Greece for a nominal value of EUR 11.3 billion.

Since 2015 she has been the Board Director of doValue S.p.A. (formerly doBank S.p.A.), where he also serves as a member of the Nomination and Remuneration Committee.

From 2000 to 2001 he worked at PricewaterhouseCoopers in the Audit and Transaction Support team.

Emanuela Da Rin was born in Rome in 1967 and graduated in Law in 1989 at the Rome University "La Sapienza". She was authorised to practise as a lawyer in 1993 and has been registered at the Bar of Rome since 1993.

Until 2001 she worked at Studio Legale Chiomenti. Thereafter, she joined BonelliErede, where, from 2003, she was a partner in the Banking and Financial Department. At Studio BonelliErede she covered the role of Team Leader of the Banks Focus Team and Real Estate Focus Team. She deals with real estate finance and corporate finance operations. In recent years, she has provided continuous assistance in the sector of special/distressed credits, working for both credit institutions as part of restructuring and valorisation operations of non-performing loans and for funds in the acquisition of credit portfolios.

From 2017 to 2019, she was a Board Member of SITAF Società Italiana Traforo Autostradale del Frejus S.p.A. (a subsidiary of ANAS S.p.A.).

Since 2018 she has been the Board Director of doValue S.p.A.

Since July 2020 she has been a member of the Board of Directors of Blue SGR S.p.A. and since 2021 she has been a member of the Board of Directors of Banca CF+Credito Fondiario S.p.A..

Giovanni Battista Dagnino was born in Pully (Switzerland) on 25 April 1966. He graduated from the Milan Bocconi University and achieved a PhD in Business Administration; he is registered on the Register of Statutory Auditors of the Ministry of Economy and Finance. He is a Full Professor of Economics and Business Management at LUMSA University, Palermo campus, where he teaches "Corporate Governance & Sustainable Leadership", "Digital Strategy" and "Management Consulting". At LUMSA he also teaches the module "Firm Strategy and

Sustainability" in the Sustainable Development Goals Master Degree, and "Corporate Governance" and "Big Data & Digital Transformation" in the Executive MBA of which he is co-director. In addition, he is a Faculty Member at the European Institute for Advanced Studies in Management of Brussels, a Fellow of the Strategic Planning Society of London and Friend of the European Investment Bank Institute of Luxembourg and the Strategic Management Society of Chicago.

He previously covered the role of Full Professor at the University of Catania from 2006 to 2018, teaching from 2004 to 2018 "Financial and Insurance Business Management" and from 2008 to 2018 "Corporate Strategy" in the Master's Degree Courses in "Business Finance" and in "Business Management"; he has also covered visiting positions in authoritative international business schools. He is the author of over two hundred publications distributed internationally and nationally on corporate governance, entrepreneurship and business strategy. He has developed operational managerial experiences in enterprises active in the LPG-liquefied petroleum gas industries and in the real estate sector. He was formerly a member of the Young Entrepreneurs Group of Confindustria Palermo, at which he was Director/Treasurer and member of the "Area Euro-Mediterranea" National Commission in Confindustria Roma.

Since 2018 he has been Independent Director of doValue S.p.A., where he covered the roles of Chairman of the Risks and Related Party Transactions Committee and member of the Appointments Committee; currently, he is a member of the Risks, Related Party Transactions and Sustainability Committee.

Cristina Finocchi Mahne graduated in Economics and Commerce from the La Sapienza University of Rome, she gained the MBA from the Luiss Business School and obtained further specialisations in finance, financial communication and management skills in London and in Los Angeles.

She has gained over 20 years of experience as a C-suite Executive/Board Director in listed banking groups/consulting companies in senior management.

Since 2010 she has sat on the Boards of Directors of FTSE/STAR/AIM Italy and NYSE listed companies (sectors: banking, consumer discretionary, media/IT/communication, industrial/infrastructure, telco towers, healthcare), also gaining consolidated experience in regulated sectors. Since 1999 she has dealt proactively with ESG sustainability.

Since 2021 she has been an Independent Director at doValue S.p.A., where she also covers the role of Chairman of the Risks, Related Party Transactions and Sustainability Committee. Since 2022 she has been an independent Director of Maire Tecnimont and, until April 2023, of Banco Desio, where for 10 years she was Member/Chairman of the Risk and Sustainability Control Committee, Appointments Committee and Related Parties Committee.

Previously she covered board roles at other listed companies, including that of Chairman of the Control, Risks and Sustainability Committee of Elica and of Italiaonline; Chairman of the Appointments and Remuneration Committee of INWIT and of GHC, Director of BF Holding and Natuzzi.

A speaker at national and international conferences, she is the author of publications and articles on economicfinancial and ESG sustainability topics.

She is a member of the Scientific Committee of the CSEA (Centre for Applied Economics Studies) and an adjunct lecturer at the Faculty of Banking, Finance and Insurance Sciences, Università Cattolica del Sacro Cuore. She was a lecturer in Advanced Business Administration, Faculty of Economics, La Sapienza University of Rome, and lecturer in Corporate Governance, International MBA, Luiss Business School.

She is a member of the Scientific Committee of the Vatican Centesimus Annus Foundation, and of Kindacom, an executive and consulting communication company on neurosciences applied to business. She is a member of the Global Visionary Awards Committee of WCD (WomenCorporateDirectors), a global foundation that promotes best practices in corporate governance and ESG sustainability in Boards.

She is a member of the London Advisory Board of Fordham University NY, USA.

Nunzio Guglielmino, born in Rome on 14 January 1946, graduated in Law and in Political Sciences from the University of Rome. From 1980 to 1984 he was an official at the Ministry of the Treasury and from 1984 to 1993 he covered the role of Councillor for Economic and Monetary Affairs at the Permanent Representation of Italy in Brussels, actively participating at meetings of the Council of Financial Ministers of the European Union (ECOFIN) and contributing to preparing the Maastricht Treaty as a member of the delegation appointed by the Italian Government. From 1993 to 1995 he worked at the Ministry of Economy and Finance and, in 1996, he was appointed General Manager at the Treasury Department of the Ministry of Economy and Finance. From 1993 to 2000 he was on the Board of Directors of the European Investment Bank and from 2000 to 2015 he was Deputy Governor of the Council of Europe Development Bank (CEB). He was Deputy Chairman of Poste Italiane and Board Director of Cassa Depositi e Prestiti, in Alitalia and in other companies, both public and private. From October 2016 to 30 June 2018 he held the position of expert advisor for the examination and in-depth analysis of EU law matters, at the Presidency of the Council of Ministers.

Since 2015 he has been an independent Board Director of doValue S.p.A., where he chairs the Appointments and Remuneration Committee and was a member of the Risks and Related Party Transactions Committee. Since June 2021, he has been an independent Board Member of doNext S.p.A. (formerly Italfondiario S.p.A.), a company of the doValue Group, where he currently holds the position of Chairman of the Board of Directors.

Roberta Neri, born in Rome, she graduated with full marks in Economics and Commerce from the La Sapienza University of Rome. She is qualified as an accountant and is registered on the Register of Statutory Auditors. She started her career at Italsiel S.p.A. - Società Italiana Sistemi Informativi Elettronici, S.p.A.; since 1999, she has held positions of primary responsibility at ACEA S.p.A., first dealing with budget, control and strategic planning, then becoming Head of Planning and later Chief Financial Officer. In 2009, she founded Manesa Srl (now Byom Srl), working, as Managing Director until 2015, on investment activities and technical/financial advisory services to financial and industrial investors for structured transactions in the Energy and Infrastructure sectors. She is currently a partner and board member at Byom.

From 2015 until May 2020 she was Managing Director of ENAV, where she managed the Company's IPO process

on the Italian Stock Exchange.

From March 2015 to September 2015 she was also a member of the Board of Directors, as well as a member of the Related Parties and Control, Risks and Corporate Governance Committees of Autostrade Meridionali SpA. From April 2015 to April 2017, she was a member of the Board of Directors of Acea SpA, Chairman of the Control and Risks Committee and member of the Related Party Transactions Committee and the Appointments and Remuneration Committee.

From January 2018 to December 2019, she was Chairman of A6, the "European Air Navigation Service Providers" alliance. From 2017 to 2020 she was a member of the Board of Directors of Cementir Holding S.p.A. and of Aireon LLP.

Since September 2018 she has been, firstly, Industrial Advisor and, subsequently, in October 2020. Operating Partner of Asterion, a Spanish fund specialising in infrastructural investments in Europe in the sectors of transport, telecommunications, energy and other utilities. Since July 2020 she has been a member of the Advisory Board of Equita Group, Italy's main independent investment bank.

Since October 2020 she has been Chairman of the Board of Directors of MPS Leasing&Factoring.

Since November 2020 she has been Board Director of Sorgenia S.p.A., an role previously covered from 2015 to 2018.

Since 2021, following the acquisition through VTO (Voluntary Tender Offer) by the Asterion Fund, she has been Chairman of the Board of Directors of Retelit.

Since 2021 she has been Board Director of doValue S.p.A and member of the Risks, Related Party Transactions and Sustainability Committee.

Since December 2022, following the acquisition by the Asterion Fund, she has been Chairman of the Board of Directors of Irideos.

Giuseppe Ranieri, born in Rome on 19 February 1974, graduated in Economics from the "La Sapienza" University of Rome and from 2013 covered the role of Director at the Fortress Investment Group. From 1998 to 1999 he worked as an analyst at Nusa SIM S.p.A. and later, from 2000 to 2005, as Manager at PricewaterhouseCoopers-Transaction Services. From 2005 to 2009, he worked at Morgan Stanley Real Estate Fund and Prelios S.p.A., and from 2009 to 2012 at First Atlantic Real Estate NPL S.p.A. (now Frontis S.p.A.). Since 2016 she has been the Board Director of doValue S.p.A.

Marella Idi Maria Villa, Born in Milan on 23 October 1977, she graduated in Law at the Università Cattolica del Sacro Cuore in Milan and qualified as a lawyer in 2006 in Milan.

From 20 she worked with Grande Stevens Studio Legale Associato, where, from 2014, she was Salary Partner, providing assistance in areas related to Banking & Finance, Capital Markets and Mergers and Acquisitions, advising, in particular, listed companies with reference to the Consob regulations (Consolidated Finance Law and Issuers' Regulation), Bank of Italy rules and Borsa Italiana instructions.

She acquired experience in debt restructuring of listed companies with banks and in their subsequent recapitalisation, performing consultancy activity in the sector of real estate investment funds and extraordinary corporate operations (acquisitions, mergers and sale of companies).

She dealt with the banking area of numerous corporate finance, acquisition and leveraged finance, real estate and project finance operations; as part of structured finance, she has assisted investors, arrangers, sellers and issuers during securitisation operations and transfers of credits and in issuances of listed bonds.

She most recently took on the role of Legal Counsel Finance and Capital Market at the Gate Group, a Swiss global leader in airline catering, in-flight retail and hospitality services, at the group's headquarters in Zurich.

Since 2019 she has been Independent Board Director of doValue S.p.A., at which she currently also performs the role of member of the Appointments and Remuneration Committee.

Diversity criteria and policies in the composition of the Board and in the company organisation

doValue has regulated its diversity criteria and policies for the composition of the Board of Directors through the document "Composition Policy of the Corporate Bodies of the doValue Group", approved by the Board of Directors on 25 February 2021. The Policy requires there to be an adequate diversification of skills, experience, age, gender, geographical origin and international projection.

The different members and different professional and managerial skills, as also envisaged in the document "Guidelines on the Qualitative and Quantitative Composition of the new Board of Directors considered optimal", formulated by the Board of Directors which terminated in 2021, published on 3 March 2021 on the website www.doValue.it - Governance/2021 Shareholders' Meeting Section, are currently adequately represented within the current Board of Directors, taking account of the outcomes of the Self-Assessment. In particular, the following characteristics are considered to be components that, as a whole, identify a collegial body having a balanced, complete and varied set of skills and professionalism:

managerial and/or professional profile of high seniority,
cross-sectional skills in the Financial Services sector,
experience in Risk Management,
experience in sustainability (ESG) and social responsibility,
experience in the field of digital transformation and innovation,
knowledge in the legal field,
significant experience on Boards of Directors of companies,
specific international vocation and experience.

The Company also asked, in the notice of convocation of the Shareholders' Meeting of 29 April 2021, those who wanted to submit a list containing a number of candidates higher than half of the number of members to be elected, to provide adequate information, in the documentation submitted for filing the list, on the compliance of the list with the guidelines given by the Board of Directors and to indicate the candidate to the role of Chairman of the Board of Directors.

The new distribution criterion established by Law No. 160 of 27 December 2019, by virtue of which at least two fifths of the members of the management body must be reserved for the least represented gender, has been applied in the current composition of the Board of Directors, since there are four directors belonging to the least represented gender. Within the business organisation, the commitment to favour virtuous behaviours in relation to equal treatment and opportunities between the genders is expressed in the Company's Code of Ethics which regulates the Group's values of correctness, transparency, respect of human rights and protection of diversity. These values are incorporated and reflected in the processes governed by ad hoc company functions with particular reference to the process of selection and recruitment of staff through which equal opportunities are guaranteed. Furthermore, the Group favours and promotes non-discriminatory behaviours through internal communication and business initiatives organised through logics of inclusion and enhancement of diversity.

On 16 December 2021, the doValue Board of Directors approved the Sustainability Plan and Policy which guide the Group's activities, combining the aim of creating sustainable value over time with respect for the environment and attention to all Stakeholders: shareholders, investors, employees, customers and the community.

The attention to people is one of the areas of engagement of the Sustainability Plan - defined in line with the SDGs of the 2030 United Nations Agenda - to which goals and targets are linked with a view to spreading a culture of inclusivity and non-discrimination and developing the support of the local communities and areas in which the Group is present. Internal relationships are based upon principles of respect of human rights, development of individual skills, fairness, inclusivity, diversity and non-discrimination.

In 2021, the Diversity & Inclusion Council was established at Group level to promote initiatives aimed at strengthening and spreading diversity and inclusion, which are fundamental elements of its corporate culture and at the core of its value system, and which can be summarised in two principles: i) creating a work environment that leverages diversity and fosters an inclusive culture to support individual and organisational growth, and ii) appreciating diversity by promoting a respectful environment in which everyone can express their authenticity, particularly in relation to the issues of Gender, Disability, Gender and Multi-culturality.

The Company also, in the capacity of supporting partner, adheres to "Valore D", the first Association established in Italy to promote diversity and inclusion within companies. The Association values the different characteristics of personnel (age, gender, nationality, religion, work experience) to create a working environment that emphasises Gender Diversity and the culture of inclusion within the company.

The overall workforce of the Group companies records the presence of 58% of female personnel; in the Group Functions - structures of the parent company doValue which perform management, coordination and control activities, for the areas under their respective remits - 49% of the personnel are female; the roles of responsibility within the same are covered by females in the amount of 40%.

Maximum accumulation of assignments held in other companies

Without prejudice to the limits on the number of assignments that members of the management body may hold in accordance with legal rules, once again for the 2022 financial year, general criteria were adopted relating to the number

of management and control assignments in other companies listed on regulated markets, Italian or foreign, considered compatible with the effective conduct of the role at doValue, also considering the participation of the directors in the Board Committees, as defined by the policy approved on 25 February 2021 by the Board of Directors.

In particular, the policy which regulates the maximum number of assignments that the doValue directors may cover envisages that:

the executive directors, in addition to the role covered in doValue, may not cover the role of executive director in other Italian or foreign companies listed on regulated markets, and may not cover the role of non-executive director or standing member of the control body in more than one other company, Italian or foreign, listed on regulated markets;
non-executive directors may not, in addition to their assignment in doValue, hold office as an executive or nonexecutive director or as a standing member of the audit body in more than 4 other Italian or foreign companies listed on Italian or foreign regulated markets.

The Directors are required to inform the Company of assignments covered at other companies and entities.

Table 2, at the foot of this Report and cited in point 4.2 above, highlights, in conformity with the provisions of the Corporate Governance Code, the number of management and control assignments covered by the doValue directors in office in other companies.
The current composition of the Board of Directors respects the general criteria envisaged in accordance with the audit performed on 4 June 2021, on 4 August 2021 [and on 3 March 2022].

4.3 OPERATION OF THE BOARD OF DIRECTORS (pursuant to Article 123-bis(2)(d) TUF)

The Board of Directors has defined rules and procedures for its functioning with a specific Regulation approved in the version updated to 13 May 2021, published on the Company's Internet Website.

The Chairman is responsible for planning the items on the agenda of the various meetings of the Board of Directors. The Chairman also ensures that, during the meetings, the Board of Directors dedicates the necessary time to the matters to be discussed and stimulates the directors to provide their precious contributions, functional to a constructive debate. In order to ensure that all Board members can plan their attendance at the board meetings, the Chairman establishes, from time to time, along with the Chief Executive Officer, the expected duration of each board meeting, indicating for each item on the agenda the estimated time for its discussion. The Chairman manages the board meetings in order to ensure, insofar as possible, compliance with these timescales.

The Articles of Association provides at Article 16 that the Board of Directors is convened, even by means of telecommunication, at the registered office of the Company or elsewhere, both in Italy and abroad, at intervals usually not exceeding three months and, in any case, every time the Chairman deems it necessary or a request is made by the Chief Executive Officer or by at least two directors.

The Board of Directors may also be convened at the initiative of the Board of Statutory Auditors.

The notice of convocation must be sent to all Directors and Standing Auditors, at least 3 (three) days before the date fixed for the meeting. In case of urgency, the Board may be convened 24 (twenty-four) hours before the meeting.

Still under Article 16, paragraph 4 of the Articles of Association, in the absence of convocation, the Board of Directors is validly constituted when the majority of the Directors and Auditors in office are in attendance, including in any case the director appointed from the minority list, and all those entitled have been informed in advance of the meeting.

The Articles of Association also allow for attendees at the Board of Directors' meeting to attend remotely, using telecommunication systems (including audio/video links), provided that each of the attendees can be identified by all the others and that each person is able to intervene in real time in the discussion of the matters discussed, as well as to receive, send and read documents.

To facilitate the informed and aware participation by all directors and to allow the same to express their informed opinions on the matters being resolved, the Regulation of the Board of Directors requires the notice of convocation to contain the agenda of the items under discussion, along with the appropriate supporting documentation, and for the related necessary information to be made available to the Directors and Auditors at least 2 days before the board meeting, or in the case of an urgent convocation, at least the day before that meeting, by methods that guarantee the confidentiality and timeliness of the convocation.

In any case, if it is not possible to respect the terms indicated above for the availability of the documentation, the Chairman ensures that precise and adequate information is provided during the board meetings.

The documentation is made available in a specific Reserved Area of the doValue Internet Website, which guarantees the confidentiality of the data and information provided (with dedicated and exclusive access via personal user ID and encrypted password). This platform allows for the digitisation of board and committee meetings, making it possible on the one hand to make the documentation available in the days leading up to the meeting in a coherent and secure manner, and on the other hand to be able to consult the documentation on a computerised medium during the meeting itself, pursuing the goal of completely overcoming the paper printing of all documents pertaining to meetings and archiving the documentation.

Once again during 2022, the documentation was usually made available, both for meetings of the Board of Directors and for the Board Committees, in respect of the established timescales. The documentation supporting the decisions to be made, containing any resolution proposals and information suitable from a quality-quantity standpoint to support the Board's work, is made available to the Directors and Auditors at least two days before the day set for the meeting or, in the event of an urgent convocation, at least the day before the same meeting, with the exception of a reasoned exception ordered by the Chairman. In the case of transactions with more stringent time lines, such as participation in tenders, acquisition of mandates, M&A transactions, the documentation was adequately presented to the Board, also with the participation of the managers involved on each occasion, with the possibility of extensive discussion and debate.

In order for meetings of the Board to be valid, the presence of the majority of its members in office is required; the resolutions are made by majority of voters, excluding those abstaining. It is specified that, as regards the Financial Year and in conformity with Recommendation 11 of the Corporate Governance Code, the Chairman of the Board of Directors acts as the diligent party not only in ensuring that the documentation relating to the items on the agenda of the various board meetings is made available to all directors and auditors in respect of the timescales indicated above

but also that the documentation, on many occasions, is made available even further in advance. Specific minutes are prepared at each meeting, submitted for approval at the next Board meeting, transcribed in the appropriate corporate book and signed by the Chairman and by the Secretary.

In order to provide to the company representatives adequate support on particularly significant issues, specific pre-Board meetings are held with regard to the following matters:

analysis of the main features of a securitisation transaction of loans and non-performing loans for servicing purposes;
presentation of the draft Industrial Plan 2022 2024, dedicated to the analysis and in-depth analysis of the underlying objectives and rationale;
analysis of the main features of a transaction for the acquisition of the single servicing mandate and search for diversification opportunities in adjacent businesses to the traditional one of managing non-performing loans on behalf of banks and professional investors

During 2022, the Board of Directors held 17 meetings, each of which having an average duration of approximately 3 and a half hours, also using means of telecommunication, as envisaged by the Articles of Association, so as to allow for respect of the measures dictated for the containment and combating of the Covid-19 virus across the entire country. For further information on the availability of time given by each director, see Table 2 at the bottom of this Report. For the 2023 financial year, 12 meetings are planned, 4 of which have already been held at the date of this Report.

4.4 ROLE OF THE CHAIRMAN OF THE BOARD OF DIRECTORS

of the activity of the Board Committees with the activity of the Board;

In line with Principle X of the Corporate Governance Code, the Chairman promotes the effective functioning of the corporate governance system, ensuring a balance of powers between the Company's resolving bodies, and also performs a leading role of coordination for the Board of Directors to pursue the Company's interests.

During the Financial Year, the Chairman of the Board, in line with Recommendation 12, dealt with: - the suitability of the pre-Board briefing, as well as the additional information provided during Board meetings, to enable directors to act in an informed manner in the performance of their role; the coordination
- in agreement with the Chief Executive Officer, the intervention at board meetings of managers of the Company and of other Group companies, the heads of the company functions in charge with regard to the particular topic, so as to provide the appropriate further information on the items on the agenda. In particular, the heads of the relevant departments participated at meetings depending on the subject, including the Corporate Functions General Manager, the Chief Financial Officer, General Counsel, and the Chief Group Control Officer. These persons were only present at the board meetings for the discussion of the items within their competence and left the meeting after the deliberation by the board. During 2022, the Chairman regularly invited the General Counsel, who attended almost all Board meetings; the General Manager Corporate Functions and the Chief Financial Officer actively participated by presenting, among

other things, the quarterly and annual Financial Reports, the budget, and the Strategic Plan;

the Chairman also ensures that the heads of the relevant corporate functions and any managers concerned with the items on the agenda are available to attend meetings when requested.
the participation of members of the management and control bodies, after the appointment and during the mandate, in initiatives aimed at providing them with adequate knowledge of the business sectors in which the Company operates, the company dynamics and their evolution also with a view to achieving the sustainable development of the Company itself, as well as the principles of correct risk management and the relevant regulatory and self-regulatory context.

Based on Recommendation 22 of the Corporate Governance Code, the Board of Directors, in view of the renewal of the Board of Directors, will carry out a self-assessment of the management body for the current financial year at the beginning of 2024.

The Chairman also ensured, in accordance with the provisions of the Engagement Policy, issued in 2021 in adherence to Recommendation 3 of the Corporate Governance Code, that the Board is informed, within the first useful meeting, on the development and significant contents of the dialogue with shareholders.

The Chairman guarantees the most appropriate management of the timescale of board meetings, facilitating the optimisation of the debate and timing the extent of the discussion based upon the significance of the items on the agenda; in this perspective, possible pre-board meetings between the Directors, both executive and non-executive, and the Chair will be incentivised, to perform an informal preliminary investigation of the main issues which will then be discussed during the meeting.

Board Secretary

For the organisation of its activities, the Board obtains support from a Secretary, appointed at the proposal of the Chairman, who may even be chosen from outside the members themselves. In the event of the appointed Secretary's absence, the Board designates a replacement.

As established in the doValue Board of Directors' Regulation, updated during 2021, the Secretary must possess adequate requirements of professionalism, experience and independence of judgment. In particular, the Secretary must:

a) be in possession of master's degree in economics or law;
b) have performed, for at least 3 years, the function of board of directors' secretary for listed issuers or in medium or large sized companies; and/or
c) have had at least 3 years of experience in law firms specialising in corporate law and corporate governance,

or have held for the same period managerial roles in legal/corporate departments of listed issuers or medium or large sized companies.

During the 2022 financial year, the designed Secretary supported the activity of the Chairman of the Board (particularly in relation to the aspects indicated in Recommendation 12 of the Code) and provided with impartiality of judgment assistance and advice to the Board on every relevant aspect for the correct functioning of the corporate governance system (Recommendation 18). In particular, he provided support in preparing for the board and

shareholders' meetings, in preparing the respective resolutions, in ensuring the adequacy, completeness and clarity of the information flows to the Board, in communications with the Directors, and in organising "board inductions" and "board reviews".

The Secretary also assists the Chief Executive Officer in his relationships with the Board and provides assistance to the Board in all aspects related to the correct operation of the corporate governance system.

The Secretary coordinates the administrative office of the Committees and supports their works, drafts the minutes of each meeting and signs them together with the Chairman; he also retains the minutes and company books.

4.5 EXECUTIVE DIRECTORS

Chief Executive Officer

Under Article 15 of the Articles of Association, the doValue Board of Directors - appointed on 29 April 2021 confirmed, on that same date, Mr Andrea Mangoni as Chief Executive Officer of the Company.

In order to ensure the coherence of the new operations of the Company and of the whole Group, with a view to continuing to guarantee the ordered and correct conduct of the corporate activities, both current and prospective, on 29 April 2021 the Board of Directors updated the operational delegations previously granted to the Chief Executive Officer.

The categories of actions, whose implementation has been entrusted to Andrea Mangoni, (the list of which is recorded at the Companies Register of Verona, at which the respective resolution was filed and registered and to which express reference is made) are determined analytically and broken down with clarity and precision, also in the indication of the quantitative limits and limits on value and any methods of exercise; this also allows the Board of Directors to assess exactly and verify precisely the correct fulfilment as well as the possible exercise of its management powers and right of retention. The Chief Executive Officer's powers in any case exclude the operations reserved by law and/or by regulations to the remit of the Board of Directors. The Chief Executive Officer is therefore directly responsible for managing the Company.

The Chief Executive Officer is attributed management duties, namely the implementation of the guidelines resolved by the Board of Directors.

The Chief Executive Officer, in summary:

supervises the Company and Group management in conformity with the general planning and strategic guidelines determined by the competent Corporate Bodies - promoting the unitary nature of business management and the management and coordination activity of the Group;
manages and coordinates the activity of the operating structures having strategic significance and control functions, in respect of the resolutions made from time to time by the BoD;
exercises every right attributed to him in respect of the law and the internal regulations in force each time as well as contracts with principals and lender banks;

defines the operational and executive structure of the Company and ensures that the organisational, administrative, accounting aspects as well as the overall system of internal controls are adequate to the nature and dimensions of the Company itself;
supervises the functionality of the internal controls and risk management system, from the start of trading of the Company shares on the MTA;
deals with managing the Company investments.
makes expenditure decisions (thereby meaning both opex and capex) within the limits envisaged by the powers attributed to the same and in respect of the overall annual budget of expenditure approved by the BoD (where not otherwise envisaged); In particular:
- he decides and deals with transactions, even of joint investment, acquisition of credit portfolios or individual credits, or securities issued by securitisation companies up to a maximum amount of €7.5 million per individual transaction;
- he decides and deals with sales transactions of credit portfolios, individual credits, or securities of owned securitisation vehicles up to a maximum amount of €50 million per individual sale, in any case within the limits, per individual transaction, of accounting losses from disposal in an amount not exceeding €2 million;
- he decides and deals with purchase transactions of moveable and immoveable instrumental assets, even by way of the stipulation of leasing contracts, for a fee per individual transaction not exceeding €2 million;
- he decides and deals with the disposal of moveable and immoveable assets, for individual accounting losses from disposal in an amount not exceeding €1 million per individual transaction;
- he decides and deals with transactions of acquisition, concerning businesses, business branches, legal relationships as a block (other than credit portfolios) as well as shareholdings, even majority, in companies (including JV), in any form even by way of capital subscription or other form of investment, up to a maximum amount of €5 million per individual transaction, also establishing any shareholder agreements;
- he decides and deals with transactions of disposal, concerning businesses, business branches, legal relationships as a block (other than credit portfolios), shareholdings, even majority, in companies up to a maximum amount of €5 million per individual transaction, in any case within the limits, per individual transaction, of accounting losses from disposal in an amount not exceeding €2 million;
- he decides on the costs and investments necessary for the Company operations within the limit of €10 million per individual acquisition; For consulting contracts, the limit is €2 million per individual contract.
- he may also make motivated decisions on expenditure beyond the limits of the approved annual budget up to a maximum annual amount of 5% of the operating costs scheduled in the budget.

This is without prejudice to the attribution to the Chief Executive Officer of the legal representation of the Company,

in accordance with the Articles of Association.

The doValue Board of Directors, coherently with the provisions laid down by the Corporate Governance Code, has also attributed to the Chief Executive Officer the role of director instructed to supervise the functionality of the internal controls and risk management system, also considering his previous experience gained in the field of ERM. Subject illustrated in detail in point 9.1 below.

Chairman of the Board of Directors

The Chairman of the Board of Directors has not received management delegations and, as a consequence, does not cover any executive role.

The Chairman has no specific role in the elaboration of corporate strategies and is qualified as an Independent Director.

Information to the Board by the directors/delegated bodies

Under Article 15 of the Articles of Association, the Chief Executive Officer has reported to the Board of Directors and to the Board of Statutory Auditors, on a quarterly basis and in the methods established by the Board of Directors itself, on the activity performed in exercising the delegations granted to him, illustrating, inter alia, the general management performance and its outlook, as well as the most significant economic, financial and capital transactions implemented by the Company and by its subsidiaries.

Other executive directors

In addition to the Chief Executive Officer, at the approval date of this Report, there are no other Directors having management delegations or who may be considered executive.

4.6 INDEPENDENT DIRECTORS AND LEAD INDEPENDENT DIRECTOR

Independent Directors

The following are independent directors - pursuant to both Article 148 of the TUF (applicable to directors pursuant to Article 147-ter, paragraph 4, of the TUF) and Article 2 of the Corporate Governance Code: the Chairman of the Board of Directors, Giovanni Castellaneta, the Directors Nunzio Guglielmino, Giovanni Battista Dagnino, Cristina Finocchi Mahne and Marella Idi Maria Villa.

At the time of filing the lists for the appointments made during the Shareholders' Meeting of 29 April 2021, the ambassador Giovanni Castellaneta was indicated as candidate to cover the role of Chairman of the Board of Directors and assessed as independent during the board meeting of 4 June 2021 as none of the circumstances that compromise, or appear to compromise, the independence specified by Art. 7 of the Corporate Governance Code were in place.

The Board of Directors considered that the number and expertise of the directors qualified as independent were adequate to the requirements of the Company and the functioning of the Board itself, as well as the constitution of the respective committees. With regard to the recommendations of the Corporate Governance Committee, as well as the indications of the new Code, relating to the assessment of the significance of the relationships in question (any commercial, financial or professional relationships) and the definition in advance of quantitative and/or qualitative criteria of reference for that assessment, without prejudice to the discretion applied in assessing the specific situation

taking account of the Company's best interests, of the significance of the relationship and its likelihood of affecting the independence of the Director, the Board pre-defined, at the start of its mandate, the aforementioned quantitative and qualitative criteria for assessing the significance of the circumstances relevant in accordance with the Code for assessing the independence of the directors; it distinguished cases in which the commercial, financial or professional relationship was "direct" from those in which it was "indirect" (for example by way of subsidiary companies or those of which the individual is an executive director or a partner of a professional firm or consulting company).

With reference to direct relationships, it considered significant those which generated a fee, considered overall on an annual basis, above a certain amount and which at the same time represent a percentage at least equal to a certain percentage of the director's annual income.

With reference to indirect relationships, on the other hand, it considered significant those that generated a fee at least equal to a certain percentage of the annual turnover of the company or the entity in which the director has control or is a director, or of the professional firm or consulting company of which he is a partner. It is therefore noted, with regard to the recommendations formulated by the Corporate Governance Committee, that the cited assessment of independence by the Board of Directors did not involve any case of non-application of or deviation from respect of the criteria of independence defined by the Code.

On 17 March 2022 and 23 February 2023, the Board verified the continued existence of the independence requirements for directors, the results of which were disclosed to the market by means of a press release.

The check was performed with reference to the documentation produced by the director and the qualitativequantitative criteria identified for the management body; with the support of some company functions of doValue a check was performed internally to the Group in order to ascertain any existence of agreements, assignments, relationships and/or links by the directors (even indirectly, by way of the entities indicated in the declaration issued for the purposes of the relevant information for Related Parties) and likely to constitute conditions hindering the possession of the requirement of independence.

The following are not independent Directors - neither in accordance with the Consolidated Finance Law nor the Corporate Governance Code - the Chief Executive Officer Andrea Mangoni and the Directors Francesco Colasanti, Emanuela Da Rin, Roberta Neri and Giuseppe Ranieri.

The Board of Statutory Auditors then verified the correct application of the assessment criteria and procedures adopted by the Board of Directors to assess the independence of its members.

It should be noted that the independent directors met on 29 June 2022 and 13 January 2023 to discuss, among other things, issues relating to the governance of the Company and the organisational structure of the Group

Lead Independent Director

As none of the presuppositions identified by the Corporate Governance Code (Recommendation 13) are in place, the Board of Directors has not appointed any Independent Director as lead independent director.

MANAGEMENT OF CORPORATE INFORMATION

The current regulatory system (TUF; MAR and Enforcement Regulations; Consob Issuers' Regulations) and the Corporate Governance Code (Article 1, paragraph 1(f)), in defining the role of the management body body, places on the latter, in order to ensure the proper management of corporate information, the task of adopting a procedure for the internal management and external disclosure of documents and information concerning the company, with particular reference to inside information.

In conformity with those provisions, therefore, the Board of Directors – at the initiative and proposal of the Chairman and the Chief Executive Officer - has identified and defined the processes and procedures for the internal management, and related external communication, of information and documents on the Company, also with reference to inside information.

Management of Inside Information

doValue, in line with the legislation, including regulatory, applicable to listed companies on market abuse as well as the recommendations and/or indications, even of interpretative nature, aimed - nationally and in Europe - at listed companies, has adopted the internal policy for the management of inside information and has established the record of persons having access to inside information ("Insider Register") in accordance with the MAR and the other relevant regulations applicable each time.

That policy was updated during 2021 and approved by the Board of Directors on 25 January 2022 and is available on the Company's website in the Governance section.

The Policy, in particular (i) illustrates the process of identification, management and processing of Relevant Information and Inside Information (as defined below) regarding the Company, and (ii) the procedures to be observed for the communication, both internally and externally to the company, of documents and information regarding doValue and its subsidiaries, considered as Inside Information; iii) imparts, in accordance with Article 114, paragraph 2 of the Consolidated Finance Law, the necessary provisions so that the subsidiaries of doValue provide promptly all information necessary to fulfil the reporting obligations envisaged by law.

The correct dissemination of inside information thus protects the market and investors, guaranteeing to the same adequate knowledge of the affairs concerning the issuer, on which to base their investment decisions.

The rationale of the obligation to disseminate inside information in conformity with pre-established methods is aimed at avoiding:

abuse or attempted abuse of inside information;
recommending or inducing others to abuse inside information; or
communicating to others inside information outside the normal exercise of the job, profession, function or office, preventing other entities or categories of entities from using information not known by the public to

complete speculative operations on the markets to the detriment of investors, who are unaware of that information.

The Insider Register is kept by the Compliance & Global DPO Function - reporting to General Counsel - in electronic format in compliance with the models indicated in the Implementing Regulation in order to guarantee at any time:

the confidentiality of the information contained therein, ensuring that the list may only be accessed by clearly identified persons;
the accuracy of the information contained therein;
access to and retrieval of previous versions of the List.

As early as from 2018, following the issuance by Consob of the Guidelines on the Management of Inside Information, doValue also established the Register of Relevant Information (RRI) deeming it appropriate to track the individual pieces of information that, at a later stage, may potentially assume inside nature, also involving their monitoring. At the same time, the mapping of Relevant Information or the list of Types of Relevant Information which can reasonably be expected to become specific Relevant Information and/or Inside Information was carried out - and constantly updated. In the course of 2022 following the enactment of Commission Executive Regulation (EU) 2022/1210 of 13 July 2022 - laying down implementing technical rules for the application of Regulation (EU) No 596/2014 of the European Parliament and of the Council, a gap analysis was carried out to ensure the formal alignment of the lists of persons with access to information.

Internal Dealing

In conformity with the applicable regulatory provisions on market abuse cited above (Consolidated Finance Law; M.A.R. and Implementation Regulation; Consob Issuers' Regulation), the Board of Directors adopted the "Internal Dealing" policy (hereafter, the "ID Policy"), aimed at regulating the implementation of reporting obligations and conduct towards the Company and the market, relating to transactions completed, even by way of interposing person, on the Company shares and in financial instruments, as well as in the related financial instruments, by persons that perform administrative, control or management functions and/or relevant entities and/or by persons closely linked to them.

The Policy ID was updated during 2022, following doValue's entry into the Star Segment. The updated document, approved by the Board of Directors on 28 May 2022, is available on the Company website in the "Governance" section.

The ID Policy regulates, with mandatory effectiveness, the reporting obligations and conduct towards the Company and the market, relating to Relevant Transactions (as defined below) carried out, even by interposing person, by the MAR Relevant Entities and/or by the IR Relevant Entities and/or by Persons Closely Related to them, identified in absolute adherence to the provisions of the MAR Regulation and the Consob Issuers' Regulation.

The ID Policy also establishes that "Relevant Transactions" are all transactions concerning the Shares and/or derivative instruments and/or other financial instruments related to them, completed on their own behalf, even by interposing person, by the MAR Relevant Entities by Persons Closely Related to them (as provided by the regulations

and incorporated in the Policy). the Company, by way of the Manager in Charge, prepares a list of the MAR Relevant Entities, the IR Relevant Entities and the Persons Closely Related (the "Internal Dealing List"), checking on an annual basis the need to make modifications, rectifications and/or additions to that List.

The ID Policy also illustrates the sanctions and specifies that, in addition to the sanctions provided by the provisions of law and regulations in force on abuse of privileged information and internal dealing, in the event of a violation of the provisions of the Policy, doValue will, in relation to those responsible, adopt the measures provided by the applicable regulation. In addition, the ID Policy notes that the violation of the provisions contained therein may constitute serious damage, also in terms of image, with major consequences on the economic-financial level. The ID Policy also specifies that, if the violation is committed by an employee, this may constitute a disciplinary offence and, in the most serious cases, may give rise to dismissal.

6 BOARD COMMITTEES (pursuant to Article 123-bis, Section 2(d), TUF)

Art. 21 of the Articles of Association attributes to the Board of Directors the right to establish committees within it, determining the number of their members.

Based on Principle XI and Recommendation 16 of the Code, the Board of Directors established the Nomination and Remuneration Committee and the Risk, Related Party Transactions and Sustainability Committee

both with proposing, advisory and coordinating functions.

The Board of Directors, in establishing the two Board Committees, took account of its composition as well as the number and availability of the independent and non-executive Directors; it therefore opted for a composition of the Board Committees formed by members, mostly independent, from which the Chairman is identified, in respect of the conditions imposed by the Corporate Governance Code. The Board determined the composition of the Committees adopting criteria aimed at avoiding the excessive concentration of assignments.

The members of the Board Committees are in possession of the expertise and experience required to manage the duties and roles attributed to those committees.

The Board of Directors has not retained any function that the Code attributed to the Committees (Recommendation 16).

Each of the Board Committees has its own Regulation on functioning, approved by the Board of Directors and made available on the company's internet website, which includes, inter alia, provisions regulating mechanisms of coordination and reciprocal information between the various corporate bodies.

The Committee members, and - for information - all members of the Board of Directors, are informed of the date of each meeting and of the agenda of the same by e-mail sent by the secretary, with prior notice of at least three days. The Committees periodically receive, according to established procedures and timescales, the documentation and information relevant for the informed performance of their assigned responsibilities.

Access to the deeds and documents of the Committees is subject to the same storage and access rules as those that apply to the deeds of the Board of Directors. The Committee members, attendees and those invited to meetings are required to keep confidential any news and information acquired in performing their respective functions. They must not disclose confidential news or information to unauthorised persons and must refrain from using confidential information for purposes other than the performance of the Committee functions.

Minutes are duly taken of the meetings of all Board Committees and the respective Chairmen give information thereof at the next meeting of the Board of Directors, during which they illustrate the opinions expressed in support of the assessments of the Board itself (Recommendation 17 of the Corporate Governance Code). The members of the Board Committees are given the right to access all information that, in the opinion of their members, is deemed necessary for the conduct of their duties (Recommendation 11). The Board Committees may make use of external consultants, whose cost is covered by the Company, within the limits of the budget approved by the Board of Directors and made available to each Committee.

Additional committees

The Board of Directors has not established additional Committees other than those envisaged by the legislation or recommended by the Code.

7. SELF-ASSESSMENT AND SUCCESSION OF DIRECTORS - APPOINTMENTS AND REMUNERATION COMMITTEE

7.0 SELF-ASSESSMENT AND SUCCESSION OF DIRECTORS

In accordance with Recommendation 22 of the Corporate Governance Code, the Board of Directors periodically carries out, at the proposal of the Chairman and, in any case, at least every three years, in view of the renewal of the body, an assessment of its composition and functioning ( "board review") in accordance with the procedures provided for by the laws and regulations in force from time to time, verifying, in particular, the functioning of the Board itself and its Committees, as well as their size and composition, also taking into account elements such as the professional characteristics, experience, including managerial experience, and gender of its members, as well as their seniority in office; all in accordance with the provisions of the policy on the subject and composition of the Group's corporate bodies in force from time to time, as approved by the Board.

The last self-assessment carried out related to the 2020 financial year, concluded in February 2021, and was conducted with the support of the independent advisor Spencer Stuart and the Appointments Committee, by compiling a specific questionnaire and by direct interviews with the Directors on the effectiveness, dimension, composition and functioning of the Board with the aim of performing a structured assessment of the effectiveness of the doValue Board from the operational perspective and identifying, where necessary, areas of improvement, to best carry out the role of guidance and control of a complex and continuously evolving company.

The initiative became even more appropriate in view of the renewal of the Board of Directors during the 2021 financial year and the preparation of "Guidelines on the qualitative and quantitative composition of the new Board of Directors considered optimal", which takes account of the self-assessment outcomes.

The self-assessment process revealed that the directors were extremely satisfied with the effective functioning of the Board of Directors and the Board Committees, the centrality of the figure of the Chief Executive Officer and the effective performance of the board works, assisted by constant informative and documentary support activity.

The main areas of improvement included the need to strengthen the expertise in the field of the risk management and control system in order to guarantee an adequate composition of the Risks and Related Parties Committee and of the Board in some areas such as: technology, governance and, no less important, sustainability.

It was also suggested to consider a higher number of Independent Directors.

As a matter of fact, the current composition of the Board of Directors meets the above-mentioned requirements, as the Board currently in office has a diversification of professionalism and skills, deemed necessary to ensure an adequate internal dialectic. Furthermore, the number of independent directors increased from 4 to 5.

For a full examination of the curricula of each member, see Section 4.3.

Furthermore, in line with Principle XIII, the Board ensures that the appointment and succession process of the directors is transparent and functional to achieving the optimal composition of the board of directors.

In particular, as envisaged by Recommendation 23 of the Corporate Governance Code, on 25 February 2021, the previous Board of Directors, whose mandate expired with the approval of the 2020 financial statements, in view of its

renewal, approved the document entitled "Guidelines on the qualitative and quantitative composition of the new Board of Directors considered optimal" taking account of the outcomes of its self-assessment; those guidelines were published on the Company's internet website www.dovalue.it on 3 March 2021, appropriately in advance of the publication of the notice of convocation of the Shareholders' Meeting relating to the renewal of the Board.

In line with Recommendation 23, in addition, the notice of convocation of the Shareholders' Meeting stated that those who had submitted a list containing a number of candidates greater than half of the members to be elected should have provided adequate information, in the documentation submitted for filing the list, on the compliance of the list with the guidelines expressed by the Board of Directors and indicated their candidate for the role of chairman of the Board of Directors.

It should also be noted that, by voluntarily adhering to Recommendation 24 of the Corporate Governance Code, on 30 March 2021 the Board of Directors approved the update of the "Contingency Succession Plan", which meets the provisions of the Recommendation in question and provides for a specific procedure concerning the actions to be taken in the event of sudden events that prevent the CEO, during his term of office, from exercising his functions, in order to ensure the regular management of company operations.

As the new Corporate Governance Code recommends that it is adopted only by large sized companies (which do not include doValue), the Company has approved the "Contingency Succession Plan" in line with best practices and in accordance with the outcomes of the self-assessment process.

The Contingency Succession Plan for managing unexpected causes of impediment of the Chief Executive Officer identifies the company bodies involved, the objectives, timescales and tools. It also contains a description of the process by which the bodies are asked to intervene in order to implement the same, including the Appointments and Remuneration Committee.

The Contingency Succession Plan approved by the Board of Directors provides a detailed list of the causes that activate the process: circumstances related to the sudden onset of causes and elements that prevent the holder of the role of Chief Executive Officer of the doValue Group, permanently or temporarily (in any case for more than 30 days), from exercising the role and guaranteeing the full and correct functioning of the Group's activities.

Therefore, it establishes the main activities and related processes to be carried out in the immediacy of the impediment and as it continues.

The Contingency Succession Plan is to be updated every 12 months with particular reference to activating causes, profiles of the candidates, procedures and tools used.

On 23 February 2023, the Board of Directors resolved to update the Contingency Succession Plan by identifying the direct reports who could take on the role of interim CEO, as well as by launching a market mapping exercise to identify potential candidates to quickly take on the role of CEO in the event of the sudden impediment of the Group CEO.

Finally, consistent with Recommendation 24 the Company's Board of Directors also acknowledged the existence of an internal process, led by the Group HR department, to ensure the monitoring and updating of succession plans for senior positions reporting directly to the Group CEO. The succession risk for those positions, measured as the level of coverage of the positions, is analysed in order to identify the potential gaps and the actions to be implemented.

The process is aimed at verifying for each senior position the number of internal candidates that may form part of the succession tables and the related time frame (interim from 0 to 1 year, short-term 1 to 3 years and medium-term 3 to 5 years).

8 DIRECTORS' REMUNERATION - APPOINTMENTS AND REMUNERATION COMMITTEE

8.0 DIRECTORS' REMUNERATION

As regards the information to be provided in this Report, see the relevant parts of the Remuneration Report published in accordance with Art. 123 ter TUF.

8.1. APPOINTMENTS AND REMUNERATION COMMITTEE

Composition and functioning of the committee (pursuant to Art. 123-bis(2)(d) TUF)

The Appointments and Remuneration Committee, established on 13 May 2021, is composed of three non-executive directors, two of whom are independent.

The current members are:

Nunzio Guglielmino - Chairman (Independent);

Marella Idi Maria Villa - Member (Independent);

Francesco Colasanti - Member.

The members of the Committee are in possession of skills and experience in terms of finance or remuneration policies, considered appropriate by the Board at the time of appointment (Recommendation 26),

The Appointments and Remuneration Committee is regulated by a specific Regulation - updated by the Board of Directors on 15 July 2021 - published on the doValue Website, at the page https://www.doValue.it/it/governance/comitati-endoconsiliari - which determines its responsibilities and regulates its functioning. The Appointments and Remuneration Committee has specific and adequate resources for the conduct of its functions as well as being able to make use of external experts, involving, where necessary, the competent company functions.

The works of the Committee are coordinated by the Chairman and the meetings are duly recorded; the Chairman gives information thereof at the next meeting of the Board of Directors, during which the opinions expressed in support of the assessments of the Board itself are illustrated.

In adherence to Recommendation 26 of the Corporate Governance Code, Article 6 of the aforementioned Regulation stipulates that no director takes part in Committee meetings in which proposals concerning his or her remuneration are formulated.

In carrying out its tasks, the Committee takes account of the objective of ensuring that the decision-making processes of the Board of Directors are not dominated by a single entity or by groups of entities which might cause prejudice to the Company.

The Committee identifies the information flows which must be sent to it for the proper performance of its functions and may access relevant company information for the purposes of carrying out these functions. The Committee is also equipped with sufficient financial resources to guarantee its operational independence and can employ external experts. As regards the internal control system, the Committee also collaborates with the Risks, Related Party Transactions and Sustainability Committee in order to identify the Heads of the Internal Audit and Anti-Money Laundering functions who will be appointed by the Board of Directors, having consulted the Company's Board of Statutory Auditors.

The Appointments and Remuneration Committee met during 2022, 7, from the date of its establishment, 3 times and the average duration of the meetings was about one hour.

During 2022, the Committee performed the activity under its remit and collaborated with the Board of Directors; at the invitation of the Chairman, some managers of the Company participated at the meetings, informing the Chief Executive Officer of the same, in relation to the discussion of specific items on the agenda. All members of the Board of Statutory Auditors took part in the meetings and works of the Committee.

Functions of the committee

The Appointments and Remuneration Committee is responsible for assisting the Board of Directors with advisory, investigatory and propositional functions, in the following areas:

In relation to the composition and appointment of the respective members:

(a) it assists the Board in the self-assessment process of the corporate bodies;
(b) it participates in the prior definition of the qualitative-quantitative composition of the Management Body and its Committees considered optimal in relation to the governance objectives identified by the industry regulations. In this context, the Committee: (a) gives opinions to the Board of Directors on the dimension and composition of the same; (b) expresses recommendations on the professional figures whose presence within the Board of Directors is deemed appropriate by virtue of the characteristics of professionalism and any independence of each candidate; (c) expresses recommendations, as per the Corporate Governance Code, on the maximum number of assignments as director or auditor that a director may hold which are considered compatible with the effective conduct of the assignment as director of the Company, considering the participation of the directors in committees within the Board of Directors. To that end, it identifies general criteria differentiated based upon the commitment connected to each role (of executive, non-executive or independent director), also in relation to the nature and dimensions of the companies in which the assignments are covered, as well as performance of the assignment in group companies;
(c) it provides support in assessing any problematic circumstances relating to the appointments of directors occurring by virtue of the authorisation - general and preventive - by the Shareholders' Meeting of the Company to derogate from the competition prohibition envisaged by Article 2390 of the Italian Civil Code;
(d) it proposes to the Board of Directors candidates for the role of director in cases of co-opting, expressing its opinion on the suitability of candidates who, based on a previous analysis, the Board of Directors has identified to fill the role, including making specific proposals, where necessary, to replace independent directors;
(e) it gives opinions to the Board of Directors on resolutions concerning any replacement of the members of the Board Committees that become necessary during the time in office of the Committee;
(f) it supports any submission of a list by the outgoing management body to be implemented based on procedures that ensure a transparent formation and submission;
(g) with reference to the need to ensure an adequate level of diversification in the collective composition of the Board of Directors, determination of a target in terms of share of the less represented gender and preparation

of a plan to increase this share up to the fixed target;

(h) it provides to the Board of Directors its support in the ex post assessment of the coherence between the effective composition and that defined in advance as optimal as well as in verifying the existence of the regulatory and statutory requirements required for directors and auditors;
(i) it supports the Board of Directors in the preparation, updating and implementation of any succession plan for the Chief Executive Officer and the other executive directors.
(j) it also collaborates with the Risks, Related Party Transactions and Sustainability Committee in order to identify the managers of the Internal Audit and Anti-Money Laundering functions who will be appointed by the Board of Directors, having consulted the Company's Board of Statutory Auditors.

In relation to the remuneration and incentive systems

a) it supports the Board of Directors in preparing the remuneration policy for directors, members of the control body and senior management based on the company's pursuit of sustainable success and taking into account the need to retain and motivate people in possession of the expertise and professionalism required by the position held in the company.
b) it presents proposals or opinions to the Board of Directors in relation to establishing the performance targets related to the variable component of that remuneration, concerning the remuneration of executive directors and other directors who hold specific offices; monitoring of the decisions adopted in that regard by the Board of Directors
c) it monitors the actual application of the remuneration policy, verifying, in particular, the actual achievement of the performance goals;
d) it carries out a periodic assessment on the adequacy and overall coherence of the remuneration policy for directors and senior management to which incentive plans are linked and on the assessment of other conditions established for the payment of remuneration;
e) it performs a periodic assessment of the adequacy, overall coherence and actual application of the remuneration policy of the directors and senior management, also using information provided by the Company's Chief Executive Officer; formulation of proposals to the Board of Directors in that regard;
f) it directly oversees the correct application of the rules on the remuneration of managers of the company functions with specific duties in relation to internal control and risk management, in close collaboration with the Company's Board of Statutory Auditors (the "Board of Statutory Auditors");
g) it prepares the documentation to be submitted to the Board of Directors for the relevant decisions (including the remuneration report pursuant to Article123-ter of Legislative Decree No. 58 of 24 February 1998 (TUF), in compliance with the deadlines for its submission to the Company's Shareholders' Meeting);
h) it contributes, involving the competent company functions, to the definition of the remuneration and incentive policies of the Company and of its subsidiaries - and Associates, where applicable - and with their periodic assessment;

The Appointments and Remuneration Committee, in its new composition, has assessed and expressed its opinion in support of the Board of Directors in relation to:

issuing an opinion for the appointment of a Director to supplement the Board;
analysis of the proposals received from shareholders on the appointment of a director at the shareholders' meeting convened for 28 April 2022;
annual assessment of the independence requirements of Corporate Officers; verification of the professionalism, honourableness and independence requirements of the corporate officer appointed by the Shareholders' Meeting on 28 April 2022;
issuing the opinion for the appointment of the Chairman of the Risk, Related Party Transactions and Sustainability Committee;
issuing the opinion for the update of the Contingency Succession Plan of the Chief Executive Officer;
- Updating the perimeter of the DIRSs (Executives With Strategic Responsibilities) and issuing an opinion for the appointment of the Executive in charge;
- 2022 Remuneration Policy (2022 Policy and 2021 implementation/accountability), Issue of a waiver opinion on the 2021 Remuneration Policy, in relation to the variable remuneration of the Chief Executive Officer for the year 2021 and the related amendments to the Chief Executive Officer's contract;
- Implementation of the Long-Term Incentive Plan 2022 2024;
- metrics of the Long-Term Incentive Plan 2022 2024 Deferred stock grants to management and stock grants to the CEO; use of withhold to cover for tax liabilities;
- Update on the payment of variable remuneration of the CEO and DIRSs in 2021 and previous years
- Calculation of variable remuneration 2021 of DIRSs, including the deferred component
- MBO 2022: DIRSs targets.

The Appointments and Remuneration Committee established the calendar of its meetings for the year 2023 by scheduling 11 meetings (4 of which have already been held).

INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM - CONTROL AND RISKS COMMITTEE

The Group, in line with the relevant regulations and best practices, has established an Internal Controls System aimed at constantly overseeing the main risks connected to the Group's activities, so as to be able to guarantee sound and prudent business management, coherent with the set objectives (Principle XIX of the Corporate Governance Code).

The Group's Internal Controls System is therefore constituted by the set of rules, procedures and organisational structures aimed at the effective and proper identification, measurement, management and monitoring of the main risks, in order to contribute to the sustainable success of the company (Principle XVIII of the Corporate Governance Code) as well as to guarantee the reliability, accuracy, soundness and timeliness of the financial information.

Its functioning is based upon control bodies and functions, information flows and methods of involvement between the entities involved and governance mechanisms of the Group. In particular, the Group has structured its organisation model of internal controls pursuing the need to guarantee integration and coordination between those involved in the Internal Controls System, in respect of principles of integration, proportionality and cost-effectiveness.

Over the last two years, the audit activities of the internal controls system have been aimed at accompanying the organisational evolution and international growth of the Group. In previous reports, detailed account was given of the impacts on the internal control system resulting from the reorganisations prepared, on the one hand, to take account of the changed regulatory framework of reference for the Group in Italy following the transformation of the banking parent company into a credit management company authorised pursuant to Art. 115 TULPS [Consolidated Public Security Laws] and the related dissolution of the pre-existing Banking Group, and, on the other hand, to support the reorganisation of activities in homogeneous geographical areas and their transversal coordination (e.g. in the definition and implementation of business development strategies and in the management of corporate processes) as well as the alignment with the Group's strategic objectives through the establishment of Group functions dedicated to this purpose.

In this context and with specific reference to the structure of the departments that contribute to the functioning of the internal control and risk management system, the main interventions carried out over time concerned the establishment of the following Group departments responsible for guaranteeing the transversal coordination of local control activities in the areas within their competence:

• Control Office Group, reporting hierarchically to the Parent Company's Board of Directors, responsible for coordinating at Group level, for the areas within its competence, the control activities aimed at guaranteeing a constant and independent assessment of the overall internal control and risk management system, reporting periodically to the Corporate Bodies, as well as ensuring the adoption of homogeneous methodological approaches and operating models by the Group's Internal Audit and Anti-Money Laundering departments in compliance with the requirements of independence and autonomy provided for by local regulations;

Internal Audit Group, reporting hierarchically to the Chief Group Control Officer, responsible for defining a common methodology for the execution of internal audit activities, common tools for the performance of controls, common reporting to the Bodies and Management of the various components of the Group, and for ensuring their adoption by the various local Internal Audit departments that functionally report to it;
Group AML, reporting hierarchically to the Chief Group Control Officer, responsible for issuing Group guidelines and policies on prevention of the risk of money laundering, developing a common methodological approach to the management of those risks and common reporting to the Bodies and Management of the different members of the Group, supervising their adoption by the different Anti-Money Laundering functions established at local level and reporting functionally to it.
Compliance & Global DPO, reporting hierarchically to Group General Counsel, responsible for developing a uniform framework of compliance at Group level in order to guarantee conformity with the regulations in the perimeter (e.g. Market Abuse, Related Parties, Consob Regulations, Anti-Corruption, Privacy) by defining common guidelines and policies, regulatory monitoring and implementing interventions necessary to guarantee compliance with the applicable regulations as well as the introduction of specific intergroup information flows.• In the area of data protection, the Global DPO defines the Group's organisational model and a common framework of DPO controls, and is mainly responsible for coordinating data protection activities, receiving information flows from local DPOs and, consequently, reporting to the doValue Board of Directors.
Group Administration & Internal Control for Financial Report, reporting hierarchically to the Group Finance Function, within which the Internal Control for Financial Report structure is responsible for supporting the Manager in Charge pursuant to Law no. 262/2005 in fulfilling his responsibilities with reference to the issuer and to the set of Group companies included in the consolidation.

Lastly, in 2022, the Group Enterprise Risk Management Department was established, reporting hierarchically to the Corporate Functions General Manager, with the task of coordinating the management of strategic, operational, reputational, legal and financial risks to which the Group is exposed by defining the relevant guidelines and identifying the criteria for monitoring the aforesaid risks, using for this purpose suitable methodological approaches, procedures and tools and ensuring the appropriate reporting to the Corporate Bodies;

Aside from the aforementioned organisational changes, aimed at strengthening coordination at Group level of the control activities in the relevant areas and the effectiveness of the instruments available to the Company Bodies to fulfil their duties of supervision of the overall internal controls and risk management system, in the context of the doValue Group, that system continues to be structured as follows:

• Primary responsibility for the completeness, adequacy, functionality and reliability of the system is attributed to the governing bodies, and, in particular, to the Board of Directors, which is responsible for the strategic planning, management, evaluation and monitoring of the overall Internal Control System, supported in this by the Risk, Related Party Transactions and Sustainability Committee. In that context, the Chief Executive Officer, by virtue of a specific delegation attributed by the Board of Directors, supervises the functionality of

the internal controls and risk management system, in accordance with the Corporate Governance Code of Borsa Italiana. It is the duty, on the other hand, of the Board of Statutory Auditors to oversee the completeness, adequacy and functionality of the Internal Controls System, ascertaining the adequacy of the company functions involved, the correct conduct of the duties and adequate coordination of the same, as well as promoting any corrective interventions;

third-level controls are aimed at assessing periodically the completeness, functionality, adequacy and reliability in terms of efficiency and effectiveness of the Internal Controls System as to the nature and intensity of the risks of company requirements, identifying, in addition, any violations of the organisational measures adopted by the Group. Within the framework of the Internal Control and Risk Management System outlined, the Internal Audit Departments established at the Parent Company and the main subsidiaries (i.e. Altamira Asset Management, doValue Greece and Altamira Cyprus) are attributed the direct management of the internal auditing activities, with a view to third level control and in coherence with the principles and methodological standards defined at Group level, without prejudice to the responsibilities and remits of the respective Corporate Bodies.
second-level controls seek to ensure the correct implementation of the risk management process, to verify compliance with the limits assigned to the various operating departments, to control the consistency of the operations of the individual operational areas with the risk-return objectives assigned as well as guarantee the compliance of company operations with applicable provisions of regulations (including self-regulation). The organisational structure and the scopes of competence of the functions within the Group that are in charge of overseeing the aforesaid areas are directly influenced by the structure of the business processes implemented in the various components that make up the Group, by the nature and relevance of the risks associated with them, as well as by the presence of specific regulatory requirements on risk governance.
the first level controls are aimed at ensuring the correct conduct of the operations and are the responsibility of the company functions in charge of the business/operational activities which are asked, as part of daily operations, to identify, measure, monitor and mitigate risks deriving from the ordinary company activity in conformity with the risk management process and the applicable internal procedures.

Board of Directors and Risks, Related Party Transactions and Sustainability Committee

In line with Principle XIX of the Corporate Governance Code, the guidelines of the internal controls and risk management system are defined by the Parent Company's Board of Directors in coherence with the strategic guidelines and the risk appetite established by the same. In that way, the Board guarantees that the main risks are correctly identified, measured and monitored adequately also taking account of their evolution and interaction.

During the examination of the 2021-2024 business plan of the doValue Group, approved on 25 November 2022, the Parent Company's Board of Directors thus assessed positively its sustainability in the medium to long-term also in terms of coherence of the assumptions at the basis of its preparation with the nature and levels of risk defined as compatible with the strategic objectives of the Group, in conformity with Recommendation 1, letter c of the Corporate

Governance Code. The continuous maintenance of those sustainability conditions is then monitored by the Board itself during the assessment and approval of the annual budget and the draft financial statements in which the implementation of that business plan manifests. In this regard, on 22 December 2022, the Board examined and approved the Group's annual budget for 2023.

Furthermore, in coherence with Principle XX of the Corporate Governance Code, the Board defines the principles relating to the coordination and information flows between the different entities involved in the internal control and risk management system, in order to maximise the efficiency of the system itself, to reduce duplications of activity and to guarantee the effective conduct of the duties of the control body. That role materialises in the examination and approval of the Regulation of the Internal Controls System prepared with the contribution of all persons involved in it.

The Board of Directors evaluates and makes decisions on the internal control system and risk management with the support of the Risk, Related Party Transactions and Sustainability Committee. In implementation of this prerogative, on 13 July 2022, the doValue Board of Directors, also based on the favourable opinion issued by the Risk, Related Party Transactions and Sustainability Committee, approved the update of the doValue Group's Internal Control System Regulations in Italy. This document, in fact, consolidated all the organisational changes related to the revision of the structure of local control departments following the introduction of the new Group organisation, which provides for the coexistence of different levels of organisational centralisation/decentralisation (e.g., depending on the operational and control areas considered). Officer, Enterprise Risk Management, Data Protection Officer and Compliance Department for the Prevention of Corruption) as well as their impact on reporting lines and the structure of information flows. To complete the governance framework of the overall internal control system, a further regulation is currently being drafted to regulate the operation of the internal control system over the entire doValue Group, including both the Group departments located in the parent company and the foreign subsidiaries.

As part of its responsibilities, the Board of Directors approves the establishment of company control functions, the respective duties and responsibilities, the methods of coordination and collaboration, the information flows between the same and between them and the company bodies, appointing and revoking their respective managers, having heard from the Board of Statutory Auditors, at the proposal of the Risks, Related Party Transactions and Sustainability Committee, which, in turn, obtains the opinion of the Appointments and Remuneration Committee. During 2022, the Board therefore examined and approved, having heard the opinion of the Risks, Related Party Transactions and Sustainability Committee, the updates to the Regulations of the Internal Audit and Anti-Money Laundering Functions as well as the Manager in Charge with a view to reflecting the impacts of the organisational changes occurring on the structure and missions of those Functions.

The Board has also instructed the Chief Executive Officer to implement the guidelines defined by the same through the design, management and monitoring of the Internal Controls and Risk Management System. In that perspective, the Board guarantees that the company control functions are independent and may have access to all activities of the Group and to any information relevant to the fulfilment of its duties.

The Board of Directors verifies periodically that the organisational structure and the resources of the company control functions are qualitatively and quantitatively adequate to and coherent with the strategic guidelines of the Group and defines any organisational and personnel adjustments of the Internal Audit function.

In coherence with Recommendation 33, letter a) of the Corporate Governance Code, in order to assess annually the adequacy, effectiveness and efficiency of the Internal Controls and Risk Management System, the Board of Directors, with the support of the Risks, Related Party Transactions and Sustainability Committee, at the meetings on 17 March 2022 and 7 April 2021, examined the reports of the heads of the company control functions and the information of the Manager in Charge of preparing the corporate accounting documents, in conformity with the accounting standards and the requirements of homogeneity dictated by the preparation of the consolidated financial statements, as well as any further information useful for monitoring the company risks produced by the competent structures and/or by the company instructed to perform the accounts audit. At the end of that analysis, the Committee expressed its adequacy assessment also based upon the constant monitoring carried out during the year regarding the prompt adoption of suitable corrective measures against the criticalities that emerged from the activities performed by the company control functions.

In that context, the Board of Directors approves the guidelines of the Internal Audit function, overseeing their implementation and approves annually, in line with Recommendation 33 letter c) of the Corporate Governance Code, the audit plan, having heard from the Board of Statutory Auditors and the Chief Executive Officer. In implementation of that prerogative, on 17 April 2022, the doValue Board of Directors, also based upon the favourable opinion issued by the Risks, Related Party Transactions and Sustainability Committee, approved the 2022 Audit Plan of the Internal Audit Function. Subsequently, on 14 December 2022, the Board examined, with the support of the Risks, Related Party Transactions and Sustainability Committee, an update to this Plan, aimed at reflecting the impacts on the activities of the Departments established at the subsidiaries doValue Spain and doValue Greece resulting from a temporary reduction in available resources as well as the need to replace certain tasks initially planned with other activities assessed as higher priority during the year. These changes, previously examined and approved by the respective Boards of Directors, were accompanied by a confirmation of the initial scope of the Group's planned audits in Italy, although some additional assignments were conducted during the year to address specific requests from the Boards and Management.

Not least, the Board of Directors promotes the dissemination of a business culture of internal controls that enhances the company control functions, so that all company personnel are aware of the role attributed to them. To that end, the Board of Directors has approved a Code of Ethics, attached to the Organisation and Management Model pursuant to Italian Legislative Decree 231/2001, which formalises the principles that the members of the company bodies and employees must respect in the performance of the attributed matters.

Board of Statutory Auditors

The Board of Statutory Auditors monitors the comprehensiveness, appropriateness and functionality of the Internal Control System and the risk management and control processes, ensuring the adequacy of the corporate functions

involved, the correct performance of their duties and the appropriate coordination of activities, promoting corrective actions for any shortcomings or irregularities found.

For the same purpose, the Board of Statutory Auditors, availing itself of the company's control functions, carries out checks to ensure the regularity and legitimacy of management, participating, inter alia, in the work of the Board of Directors.

The Board of Statutory Auditors of the Parent Company operates in close relation with the corresponding bodies of the companies controlled by it and is also responsible for informing the Supervisory Authorities without delay of all acts or facts of which it becomes aware in the course of its activities which may constitute an irregularity in the management of the Group.

According to the governance model adopted by the Group, the Parent Company's Board of Statutory Auditors is also attributed the functions of supervisory body pursuant to Italian Legislative Decree 231/2001.

Company Control Units

After the completion of the restructuring of the Group's internal controls system implemented in recent years and indicated in the previous report, doValue's corporate control units include the Internal Audit and Anti-Money Laundering departments, reporting directly to the Internal Controls Department, and the Manager in Charge of preparing the accounting documents in accordance with Italian Law No. 262/05 and Compliance & DPO, with specific reference to the role of Data Protection Officer. Those functions are separate between them as well as hierarchically independent from the company functions that perform the activities subject to their controls.

As part of the Group reorganisation, fully implemented during 2021, in some cases the establishment of Group Functions, such as the Group Internal Audit Function and Group AML within the Group Control Office structure, was aimed at guaranteeing the definition and implementation of common operational, methodological and reporting standards, leaving to the respective local functions the full responsibility for executing the control activities under their remit. In other cases, such as for the Manager in Charge, that reorganisation led to the centralisation, within the Group Function (i.e. Group Administration & Internal Control for Financial Report), of the ultimate responsibility for governance of the control process which, to that end, uses the support of local representatives to carry out the controls under its remit.

Internal Controls Department

The Internal Control Department ensures the uniform coordination of risk governance - in accordance with the lines of strategic development pursued by the Parent Company and conducts, on an ongoing basis, an overall and forwardlooking assessment of the adequacy of the controls implemented in corporate processes and systems across the doValue Group's scope in Italy.

The Head of the Internal Control Department is appointed by the Board of Directors of the Parent Company, to which he/she reports both hierarchically and functionally in order to ensure his/her full independence. Commencing from the date of establishment of that Department, occurring together with the approval by the Bank of Italy of the

application to relinquish the banking licence, the role of Head has been covered by Mr Paolo Poncetta who previously held the role of Head of the Internal Audit Function.

In order to pursue the aim of integrating the Internal Controls System and guaranteeing its correct functioning, the Internal Controls Department, in coordination with the Group Control Office Function, applies a methodological approach which expresses a summary assessment of the internal controls through the analysis of the risks inherent in the company activities and the corresponding organisational and control measures.

In order to ensure the centralised oversight and coordination of the control activities, and the planning and performance of audits, and to develop risk governance guidelines, Audit and Anti-Money Laundering report directly to the head of the Internal Control Department in order to monitor, respectively:

the adequacy, functionality, reliability and compliance of the business and support corporate processes and the adequacy of the organisational, administrative and accounting structure;
the risk of money laundering and terrorist financing.

The Head of the Internal Controls Department also performs the role of Secretary of the Coordination Committee of the Internal Controls System.

Internal Audit Department

In the context of the centralised organisational model adopted by the Group in Italy, the Internal Audit function established at the Parent Company performs the role of internal audit on behalf of both the Parent Company and the Italian subsidiaries, ensuring a constant, independent and objective assessment of the overall internal control system, so that its purpose is guaranteed and the improvement of the organisation's effectiveness and efficiency is pursued.

In particular, the function is instructed to ensure, in the perspective of third level controls, also through verifications in situ, supervisory action over the due performance of the operations and the processes of the Parent Company and the subsidiaries with the aim of preventing or identifying the onset of anomalous and risky behaviours or situations. It also assesses the completeness, adequacy, functionality and reliability of the organisational structure and the other components of the internal controls system, the risk management process and the other company processes. As part of its verification activities, the function also assesses the effectiveness of the procedural and control framework implemented to control the accuracy, reliability and timeliness of the financial information, therein including the verification activities carried out by the Manager in Charge, the respective outcomes as well as the methodology used by them. The function thus brings the attention of the corporate bodies to the results of the activity performed and the possible improvements, to the risk management process, to the tools for measuring and controlling the same and to the internal organisational measures in force.

As part of the reorganisation process of the internal controls system of doValue following the debanking process, the responsibilities of the Function have also been extended to the performance of compliance checks with the relevant external regulations applicable each time, of the company processes of legislative or regulatory derivation (e.g. market abuse, privacy, usury, complaints, occupational health and safety, etc.) relating to the various non-supervised Companies of the Group.

The Function communicates directly to the relevant structures the results of the assessments and the evaluations carried out. The link between the same and the Chief Executive Officer of the Parent Company is in any case guaranteed through adequate information flows and the managerial coordination committee of the Internal Controls System which has the duty of addressing, in a coordinated and structured manner, issues relating to the correct functioning of the Internal Controls System and the remedial plans related to it as well as those connected to the management and monitoring of risks. The Function also has direct access to the Board of Statutory Auditors and communicates with it without restrictions or intermediation.

In general, the function provides support to the senior bodies in promoting and disseminating an adequate and solid culture of controls within the Group.

From the organisational profile, the Internal Audit Function is permanent and independent and has the authority, resources and expertise required to perform the duties attributed to it.

The Internal Audit Function is in fact equipped with adequate personnel, by number and technical-professional skills, receiving continuous training programmes. In addition, it has economic resources that can be activated autonomously, including recourse to external consultancy.

The Internal Audit Function has free access to all activities - including those outsourced, to all company premises of the Group, both at central offices and at peripheral structures, to internal rules and procedures, to IT systems, to management data and to that of any other nature, as well as freedom to perform interviews with personnel, both of the Parent Company and of the subsidiaries, except as otherwise established by law.

In line with the provisions of its mission and without compromising its independence the Internal Audit Function participates, where requested, with consultancy role, in company working groups on planning issues (e.g. new products, channels, systems, processes, etc.), also for the purpose of contributing to the correct design of the controls system. Finally, it deals with the adoption of initiatives aimed at facilitating the coordination and interchange of information with other company control functions to guarantee a unitary and integrated vision of the internal controls system.

In the context of the overall doValue Group, Internal Audit Departments are also established at the main foreign subsidiaries (i.e. Altamira Asset Management, doValue Greece, and Altamira Cyprus). Those functions respect all requirements mentioned above with reference to the function of the doValue Parent Company; their unitary coordination, therein including the same Parent Company function, is guaranteed through functional reporting lines to the Group Internal Audit Function which is responsible for supervising the precise application of the common methodological principles adopted from 2021.

Anti-money Laundering Function

Albeit in the context of a governance model focused on the regulatory and methodological framework aimed at preventing the phenomenon of money laundering, in line with the requirements of the V Community Directive in that regard, the organisation model adopted by the doValue Group, also at the outcome of the reorganisation following the debanking process, envisages the presence of Anti-Money Laundering Functions at the Parent Company and the other

subsidiary companies subject to the industry regulations issued by the respective national supervisory authorities. In that context, therefore, the Group AML Function, positioned at the Parent Company, with the support of the doValue Anti-Money Laundering Function, is responsible for defining common standards for managing the money laundering risk at the level of the entire Group as well as for supervising and monitoring the coherent adoption of those standards by its different members.

Below is a more detailed illustration of this organisation and governance model in which the Anti-Money Laundering Function of doValue is included.

Strategic decisions at Group level on managing the money laundering and terrorist financing risk are made by the Company Bodies of the Parent Company. The company bodies of the other companies belonging to the Group are responsible, each for their own areas of expertise, for implementing within their own company the strategies and policies of managing the money laundering and terrorist financing risk defined by the Parent Company.

The Group AML Function and the doValue Anti-Money Laundering Function are working to create a common information base which allows all Group Companies to assess clientele homogeneously; they also identify, in coordination with the Anti-Money Laundering Functions positioned in the subsidiaries, the organisational solutions suitable to guarantee respect of the applicable provisions in relation to the different areas of operations and they exercise supervisory activity to ensure that the risk management takes account of all elements of assessment and measurement in possession of the individual Companies.

They also ensure that the procedures at Italian subsidiaries and Group companies based in third countries are aligned to the Group standards and allow for the sharing of information within it. In that regard, in the last quarter of 2021, a Group AML Policy was issued, which, following the approval of the Parent Company's Board of Directors, having heard the opinion of the Risks, Related Party Transactions and Sustainability Committee, was incorporated by the Boards of Directors of all subsidiary companies that are recipients, in various capacities, of the anti-money laundering legislation.

The doValue Anti-Money Laundering Function, despite being positioned organisationally beneath the Internal Controls Department, reports functionally to the Chief Executive Officer and to the Group AML Function and has direct access to the Board of Directors and to the Board of Statutory Auditors. It therefore constitutes a permanent and independent structure that has the authorities, resources and competencies required to carry out its duties. The Head is appointed by the Parent Company's Board of Directors, having liaised with the Board of Statutory Auditors, subject to verifying possession by the latter of the requirements envisaged by the regulations.

The Function continuously verifies that the company procedures are coherent with the aim of preventing and combating the violation of the anti-money laundering rules. To that end, the Function:

identifies the applicable rules and assesses their impact on the processes and internal procedures;
collaborates in identifying the internal controls system and procedures aimed at preventing and combating the money laundering and terrorist financing risks;
continuously verifies the adequacy of the management process of money laundering risks and the suitability of

the internal controls system and procedures and proposes organisational and procedural changes aimed at guaranteeing adequate control of the money laundering risks;

implements second level controls and defines the appropriate corrective actions to be implemented to mitigate the risk of money laundering and terrorist financing;
performs activity of consultancy, assistance and support to the operating structures;
collaborates in defining the governance policies of the money laundering risk and the various phases involved in the management process of that risk;
carries out, in connection with the other company functions involved and the Anti-Money Laundering Departments established at other subsidiaries, Italian and foreign, the annual performance of the selfassessment of money laundering risks to which the recipient is exposed;
verifies the reliability of the information system for the fulfilment of the obligations of customer due diligence, data storage and reporting of suspicious transactions;
deals with, in conjunction with the other company functions in charge of training, the preparation of an adequate training plan, aimed at providing a continuous update of personnel;
promptly informs the company bodies of violations or significant deficiencies identified in the exercise of the respective duties as well as prepares periodic information flows sent to the company bodies and senior management;
manages relationships with the FIU [Italian Financial Intelligence Unit], the MEF [Italian Ministry of Economy and Finance] and the Supervisory Authorities.

With reference to fulfilments in relation to customer due diligence, the Anti-Money Laundering Function performs the following activities:

• defines the requirements of support tools for due diligence and customer profiling processes;

verifies the enhanced due diligence process conducted by the line structures and respective outcomes.

• provides support in enhanced due diligence activities in relation to the opening of a new relationship, the execution of an occasional transaction or the maintenance of an existing relationship, based upon defined rules;

With reference to fulfilments in relation to suspicious transaction reporting, the Anti-Money Laundering Function, also by way of the Delegate for the assessment and transmission of reports of Suspicious Transactions ("STR Delegate"), performs the following activities:

provides consultancy to the operating structures as to fulfilments concerning the preparation of the suspicious transactions reports and any abstention from completing the transactions;
assesses suspicious transaction reports and sends reports deemed to be well-founded to the FIU;
communicates, via the defined organisational methods, the outcome of the assessment to the manager of the branch that made the report;
liaises with the FIU and manages any further information requests received from the competent Authorities, therein including the judicial authority.

The responsibility and duties of the Function are attributed to the Head of Anti-Money Laundering, a role covered in

2022, together with that of Head of the Group AML Function, by Ms Elisa Francesconi who is in possession of the following requirements:

she is positioned in an adequate hierarchical-functional position; in particular, she reports functionally to the Chief Executive Officer of the Parent Company;
she is adequately independent, authoritative and professional;
she does not have direct responsibility for operating areas subject to control and is not hierarchically subordinate to the heads of those areas;
she reports directly to the Company Bodies; in particular the Head of the Anti-Money Laundering Function has direct access to the Board of Directors and to the Board of Statutory Auditors of doValue and communicates with them without restrictions or intermediation.

The Anti-Money Laundering Officer is also assigned the role of STR Delegate for doValue pursuant to Article 36(6) of Legislative Decree no. 231/2007, by virtue of a specific delegation of the Board of Directors. The role and responsibilities of the STR Delegate have been adequately formalised and communicated to all structures involved.

Compliance & Global DPO / Compliance & DPO

Data Protection Officer:

In line with the "Data Protection Office Control Framework" adopted by the Group and with specific reference to the area of personal data protection, the figure of the DPO is framed as a third-level corporate control function. In fact, limited to this area, the roles and responsibilities of the Internal Audit and the DPO are defined as follows: i) as regards the DPO, he/she has the task of carrying out independent monitoring of the level of risk to the rights and freedoms of data subjects; ii) as regards the Internal Audit department, it has the task of carrying out overall monitoring of the risks to which the business processes are exposed in relation to data protection. These functions interact and report directly to the Board of Directors of the Company.

In compliance with the principle of accountability, the assessment as to whether it is necessary to appoint the Local DPO pursuant to Article 37 GDPR, is the responsibility of the legal entity itself, after sharing the relevant assessments with the Global DPO, who may provide an opinion on the matter to support the company - the Data Controller - in the decision.

In order to ensure that the DPO is easily accessible at local level, each company, after assessing whether the prerequisites set out in Article 37 GDPR regarding the mandatory designation of a DPO are met, shall appoint a Local DPO. Currently, doValue's DPO is located within the local Compliance & DPO department and reports hierarchically to the Legal department and functionally to the Board of Directors, which represents the Data Controller.

By virtue of specific intragroup outsourcing agreements, doValue's DPO also performs this role for the Group's other Italian legal entities (doNext and doData), consistent with the privacy organisational model adopted by the Group, which provides for the possibility of outsourcing the role of DPO both within the Group and to third parties. In the case of outsourcing, a Data Protection Correspondent is to be appointed at the company, an optional figure to support the local DPO in the operational management of data protection issues.

The Local DPO independently fulfils all obligations under Article 39 of the GDPR. In addition, the Local DPO must perform his or her duties within the local unit of reference, taking into account the guidelines provided by the Global DPO, who must be constantly updated on processing activities carried out locally.

In particular, the Local DPO performs the following activities:

inform and advise the Data Controller/Data Manager as well as the employees carrying out the processing about their obligations under local data protection legislation;
oversee compliance with the requirements of the European Regulation and other regulations on Personal Data Protection as well as this Policy and the internal rules on the personal data processing, including the attribution of responsibilities, awareness-raising and training of personnel who participate in the processing and related monitoring activities. To this end, he/she prepares an annual plan of control activities that he/she submits to the Company's Board of Directors, after sharing it with the Global DPO (the DPO Local Plan);
give an opinion and assess processing activities that have an impact on the rights and freedoms of data subjects. In addition, recommend and assist in carrying out a data protection impact assessment for activities that present a high risk to the rights and freedoms of the data subject;
support the People department in training staff on data protection issues;
cooperate and act as a contact for the supervisory authority in matters related to the processing of personal data carried out within the subsidiary;
act as a contact for data subjects in all matters concerning the processing of their personal data and the exercise of their rights;
in the event of a personal data breach, pursuant to Article 33 GDPR, assist the Controller who must notify the Supervisory Authority of the incident within 72 hours of becoming aware of it;
prepare reports on the surveillance activities functional to the management of the risk for the rights and freedoms of the Interested Parties, for all corporate governance and control bodies (Board of Directors, Supervisory Board);
prepare a report addressed to the Global DPO on the results of monitoring activities carried out locally, on any local data breaches or data subject complaints that could have a significant impact on the Group or on any inspections by the Data Protection Authority;
supervise the implementation of Group policies and regulations.

As part of the Internal Controls System, Compliance & Global DPO is organisationally positioned reporting hierarchically to Group General Counsel and is responsible for correctly controlling the risk of non-compliance by the Group as well as for coordinating the local Compliance departments positioned in the different legal entities of the Group.

The duties of Compliance & Global DPO include defining the Group's compliance framework through the following

activities:

monitoring of external legislation applicable to its various components;
consulting and support to operational and business structures in assessing the necessary interventions to guarantee continuous compliance with the requirements in force at the time;
support in staff training to guarantee the dissemination of a business culture based upon principles of honesty, correctness and respect of company rules;
preparation of adequate information flows on activities performed in managing the non-compliance risk.

The structure also guarantees all activities with a view to ensuring the correct application of some regulations resulting from the Consob legislation, applicable to the Parent Company as an issuer of shares listed on the screen-based stock exchange organised and managed by Borsa Italiana S.p.A., guaranteeing centralised management of the main obligations arising from those regulations.

Finally, the following "control areas" within Compliance & Global DPO are identified in accordance with the SNI:

Data Protection Officer or DPO of the Group;
Compliance Manager for the prevention of corruption.

The implementation of the compliance framework within the Company is guaranteed by the local Compliance & DPO structure, reporting directly to the Legal Manager, who is responsible for managing the non-compliance risk for the perimeter of regulations applicable to doValue.

The Compliance & DPO structure includes the local data protection control which covers the role of Local DPO, as well as the anti-corruption control which provides operational support to the Group Anticorruption Manager for managing the anti-corruption risk in doValue.

* * *

The respective data protection and anti-corruption frameworks are indicated below.

The Group's current data protection framework, reflected in the Group Data Protection Policy, approved by the doValue Board of Directors on 17.12.2020, regulates:

revision of the Group's current privacy organisation model and the respective duties and responsibilities attributed as part of the management of personal data of the data subjects, particularly in order to integrate the foreign subsidiaries into the framework;
revision of the personal data management model which outlines the fulfilments envisaged by the GDPR for correct governance of personal data processing within the Group;
definition of a framework of control of the DPO common to the whole Group reflected in the Group DPO Regulation approved by the doValue BoD on 17.12.2020.

As part of the supervision roles, with particular regard to the role of the DPO, the Group's new privacy organisation model involves the appointment of a Global DPO operating at the Parent Company (doValue S.p.A.) while, at the level of individual local legal entity, a Local DPO will be appointed (if the regulatory requirements are in place).

The Global DPO mainly has duties of coordination of the data protection activities and receipt of information flows from the local DPOs in relation to monitoring activities performed locally, local data breaches or complaints by data

subjects, inspections by local authorities and consequent reporting to the doValue Board of Directors. Limited to any processing performed at corporate level, the Global DPO also performs duties of control of processing activities, acting as the focal point for authorities and data subjects involved in the data processing activities and performing informative and consulting duties.

Within each company, on the other hand, the Local DPO, in respect of the guidelines and coordination instructions issued by the Parent Company, performs the following main activities:

monitoring of the data processing activities at local level;
focal point for the authorities and data subjects involved in the local processing activities;
reporting to the local Board of Directors;
support and consultancy at local level;
coordination with the Global DPO for the monitoring activities performed locally, local data breaches, inspections by the local authority, any complaints by data subjects or third parties received locally.

The Head of Compliance & Global DPO, Ms Isabella Ferri, from 17.12.2020 has covered the role of Global and Local DPO of doValue.

In the capacity of Global DPO she is positioned within the Compliance & Global DPO function and reports hierarchically to General Counsel and functionally to the Board of Directors which is the Data Controller.

In the capacity of Local DPO of doValue she is positioned within the Country Compliance & DPO function and reports hierarchically to the Legal Department and functionally to the Board of Directors, which is the Data Controller; she has a coordinating information flow to the Global DPO.

The doValue Global and Local DPO possesses adequate requirements of professionalism; she does not have direct responsibility for the operational areas subject to control and is not hierarchically subordinate to the managers of those areas.

The doValue Local DPO is also outsourced the role of Local DPO of the Italian subsidiaries (Italfondiario and doData), in line with the privacy organisational model adopted which envisages the possibility pursuant to Article 37, paragraph 2 of the GDPR of appointing a single DPO "provided that he or she is easily accessible from each establishment".

On the other hand, the foreign subsidiaries have appointed an autonomous local DPO, so that he/she is easily accessible from the respective local offices.

Formally, each legal entity (in the capacity of Data Controller) has formalised the appointment of the DPO by resolution of the Board of Directors (or other equivalent management body) of each company.

* * *

COMPLIANCE

The Group's anti-corruption framework finds its expression in the Policy for the Prevention of Corruption of doValue S.p.A. and the Group, resolved by the Board of Directors of doValue S.p.A. on 04/08/2021, which defines the System for the Prevention of Corruption adopted by doValue with the aim of mitigating and managing the Group's risk of corruption.

on 02 November 2022, doValue S.p.A. obtained a certificate from Bureau Veritas Italia S.p.A. stating that the

organisation's Management System was assessed and found to be compliant with the requirements of the ISO 37001:16 management system standard.

Obtaining the certification was the culmination of a journey that began in 2021 with a project to revise the Group's anti-corruption framework following the evolution of the Group's corporate/organisational model, the extension of its geographical scope and the applicable reference legislation.

The System described in the Policy, the implementation of which took place during 2022, is detailed within a framework - Procedure for the Implementation of the Management System for the Prevention of Corruption in Accordance with the ISO 37001:2016 Standard - approved by the Chief Executive Officer on 11 March 2022, the purpose of which is to:

define the operating procedures for the proper implementation of the Corruption Risk Management System in business processes, pursuant to the ISO 37001 Standard and consistent with the aforementioned Policy (the "Management System");
identify Roles and Responsibilities of the main structures involved in the management of the System and risks through dedicated controls, as well as the system of related information flows.

The document is currently applicable only to doValue (Legal Entity subject to certification), however, Subsidiaries are also involved, which, as "Business Partners" within the meaning of ISO 37001, contribute to the implementation and maintenance of the System. To this end, specific information flows and control activities of Subsidiaries are identified.

The Management System consists of:

· Internal and External Organisational Context;
· SCOPE OF APPLICATION
· Risk Assessment;
· Planning and execution of controls;
· Information Flows;
· Review.

The Anti-Corruption Control System, consistent with the Group's Internal Control System ("ICS"), consists of three lines of defence:

first-level controls carried out by the operational structures and ensured through internal procedures or IT systems; this also includes the Due Diligence described below;
second-level controls carried out by the Compliance department, aimed at ensuring the adequacy of the Management System, mainly through the coordination of Risk Assessments, consultancy support in the definition of regulatory and control safeguards, as well as through specific Due Diligence controls, i.e., through the monitoring of flows pursuant to Law 262/2005 and Legislative Decree 231/01 based on the financial and non-financial controls listed below;
third-level controls performed by Internal Audit on the basis of a three-year planning cycle and risk-based prioritisation, aimed at verifying the adequacy of the internal control system.

The following new controls are introduced in the above-mentioned System of Controls:

Due Diligence Due diligence activities are aimed at collecting information in relation to the parties with which the Group operates or intends to operate, to verify their reputation and to ensure compliance by the latter with the principles set out in this Policy. Due diligence, as a first level check, is conducted for all those relationships and transactions whose corruption risk is above the low level. doValue applies the Due Diligence process to:
- Subsidiaries;
- Customers;
- Suppliers of goods and services
- External professionals
- Human resources.
Financial controls: The process is designed to verify whether the organisation's current processes for managing and recording financial transactions are carried out in an accurate, complete and timely manner. All in full respect of potential corruption prevention risks. These are second and third level controls.
Non-financial controls: The controls are aimed at verifying compliance with the ISO 37001 Standard of nonfinancial processes related to procurement, contracting, and operational and commercial aspects. These are second and third level controls.

The ISO 37001:16 standard also introduced the Management System Review, aimed at annually reassessing the adequacy and effectiveness of the System, as well as new opportunities for improvement and/or mitigation actions to address any general deficiencies related to the elements of the System.

The Review was approved by the Board of Directors on 17 March 2022 and was drafted on the basis of the evidence gathered and processed by the Compliance Department for the prevention of corruption and by the Top Management (identified in the Chief Executive Officer pursuant to the Policy) within the scope of their responsibilities, formalised respectively in the following documents:

Compliance Department Review > A document in which the Compliance Department, on the basis of the controls performed, assesses whether the System is adequate to effectively manage the corruption risks to which the organisation is subject and is implemented effectively.

Top Management Review > A document in which top management analyses the System to ensure its continuing suitability, adequacy and effectiveness.

In December 2022, a new project was started, one of the activities of which is the integration of the doValue 231 Framework with the Anti-Corruption Framework.

Other Company departments with control functions

As already illustrated in the introduction to this chapter, the structure of the other functions in charge of managing and monitoring the main company risks within the overall doValue Group is directly influenced by the structure of business processes implemented in the different entities of which it consists and by the nature and significance of the risks associated with them as well as by the presence of specific regulatory requirements in terms of risk governance.

In the context of the Parent Company, the perimeter of Company Functions involved in the management of the internal controls system controlling specific regulatory/risk areas (i.e. Compliance & DPO and the Enterprise Risk Management Department. Indeed, the Operational Risk Management unit, previously responsible for the management and monitoring of local operational risks, was incorporated into this latter Group Department.

Operational Risk Management Unit

On 4 July 2022, the Enterprise Risk Management Department (hereinafter also referred to as 'ERM') was established, whose mission is to ensure integrated risk management across the Group, acting as a facilitator of business growth and development through the identification, measurement and management of potential risks that may affect the Group.

The Enterprise Risk Management department was placed at Group level within the "Group Organisation & Enterprise Risk Management" area reporting directly to the Corporate Functions General Manager.

As part of the establishment of ERM at Group level, it was decided to merge the former Operational Risk Management unit existing in Italy into ERM, thus ensuring synergies in terms of both processes and activities and related results.

At the same time, and in order to guarantee constant and adequate supervision at Country Italy level, the organisational position of Focal Point for Risk Management activities was established within the Operations Department, which guarantees, also through the collaboration and operational support of the Group's ERM department, the constant monitoring and proactive management of risks connected to business and support processes and their possible impact in terms of provisions and losses with a specific focus on Country Italy.

From the perspective of ERM's key organisational responsibilities, they are listed and described below:

ensuring a Risk-Informed approach, i.e. providing information to doValue's Management and Board of Directors in order to support decision-making, based not only on expected performance but also on the underlying risk profile
ensuring integrated monitoring for potentially applicable risk categories at Group level, in line with the second level control model
defining a common Group-wide framework for identifying, assessing, measuring and monitoring risks, linking strategies, policies, processes and operational mechanisms and receiving information flows from local risk management departments and other departments where necessary
identifying and assessing the risks associated with the group's main initiatives and identify potential events that may affect the business at group level, in particular emerging risks that are currently unattended by the different components of the organisation
supporting the definition of both the level of risk and the relative tolerance with respect to the predefined strategic objectives and analyse the deviations
ensuring Group-wide monitoring, analysis and reporting on risk development, mitigation actions, the overall risk profile and compliance with predefined risk tolerance thresholds
defining and carrying out the Group risk assessment in order to ensure the identification of the Group's risk profile

supporting the evaluation of strategic options (e.g. investments, new markets, new products/services, new partnerships, etc.), in order to allow the selection of initiatives that, on the basis of the expected risk return profile, are most consistent with the company's risk appetite.
supporting the monitoring of risk provisions in the Group-wide financial statements in cooperation with Group Finance.

Listed below are the four risk categories that have been identified for the doValue Group and whose analysis and subsequent monitoring was started in 2022:

External risks are those external elements that may affect the achievement of strategic objectives due to political, economic, social, technological, environmental and legal (external) changes. They are beyond the Group's control and may have an adverse effect on the Group's business and assets. The objective of risk management is to monitor these risks and try to mitigate the impact if they occur.
Strategic risks are characteristic of the business sector and/or are closely linked to doValue's strategic decisions. In this case, the objective is to monitor the objectives and evolution of the Business Plan, through close interaction with both Top Management and the Group Investor Relator and Group Finance departments
Financial risks are risks related to the availability of capital, credit and liquidity management and/or linked to the volatility of key market variables; for this type of risk, risk management activities are aimed at measuring and monitoring risk, in line with Risk Appetite and defined limits.
Operational, legal and reputational risks include risks generated by the inadequacy or malfunctioning of internal processes and systems, as well as by errors attributable to human activity in the performance of processes. The objective is to try to mitigate the potential impact and or likelihood, from a cost/benefit perspective in line with the defined Risk Appetite. With regard to operational risk, the risks identified are Transactional and Process Risks, Conduct Risk, External Fraud, ICT Risk, Outsourcing, and Supplier Risk.

A system of information flows from the Group and Local departments has been implemented, relating to all risk categories, which are merged in order to create an overview of the risks monitored at Group level.

9.0 CHIEF EXECUTIVE OFFICER

Without prejudice to the responsibility of the Board of Directors in relation to the establishment of company control

Report on Corporate Governance and Ownership Structure - 2022 Financial Year

functions and to defining the respective roles and responsibilities, the doValue Board of Directors, coherently with Recommendation 32, letter b) of the Corporate Governance Code, has entrusted to the Chief Executive Officer, Mr Andrea Mangoni, the role of director in charge of supervising the functions of the internal control and risk management system, attributing to him the following main responsibilities, in line with the provisions of Recommendation 34 of the Corporate Governance Code:

deal with identifying the main business risks, taking account of the characteristics of the activities performed by the Issuer and its subsidiaries, and submit them periodically for examination by the Board of Directors;
implement the strategic guidelines defined by the Board of Directors, dealing with the planning, implementation and management of the Internal Control and risk management system and constantly verifying its adequacy and effectiveness;
adapt the Internal Controls System to the dynamics of the operating conditions and the legislative and regulatory panorama;
entrust to the Internal Audit Function the conduct of checks on specific operating areas and on respect of the internal rules and procedures in the execution of business operations, giving simultaneous communication thereof to the Chairman of the Board of Directors, to the Chairman of the Risks, Related Party Transactions and Sustainability Committee and to the Chairman of the Board of Statutory Auditors;
report promptly to the Risks, Related Party Transactions and Sustainability Committee, on issues and criticalities emerging in the conduct of his activities or of which he has in any case been informed, so that the Board of Directors can take the appropriate initiatives.

In the conduct of his role, the Chief Executive Officer is supported by the Managerial Coordination Committee of the Internal Controls System, of which he is the Chairman, and in which the Head of the Internal Controls Department, the Heads of the company control functions and the other company functions with duties of control participate, as permanent members, and, in the capacity of invitees, the Heads of the other business or support functions who are asked, each time, to discuss specific issues. Within that committee, issues are addressed, in a coordinated and structured manner, relating to the correct functioning of the Internal Controls System and to the remedial plans related thereto as well as those relating to risk management and monitoring.

Also through the participation in that committee and the analysis of the respective information flows, the Chief Executive Officer acquires the necessary information to:

guarantee the alignment of the organisation and the Internal Controls System with the principles and requirements envisaged by existing regulations;
verify continuously the effective management of the overall company risks and the adequacy, effectiveness and efficiency of the related controls;
make proposals aimed at supplementing the annual plans of the company control functions, also through the request for verification activity on specific operating or risk areas, as well as to supervise their effective implementation during the year.

In execution of his mandate and in coherence with the aforementioned Recommendation 34 of the Corporate Governance Code, the Chief Executive Officer therefore:

ensures the effective management of risks in their various components, preparing adequate policies and procedures to be observed within the Company, ascertaining that in the case of violations, the necessary corrective actions are made and outlining information flows aimed at guaranteeing to the competent company bodies full awareness of the risk management methods;
implements the necessary initiatives to guarantee continuously the completeness, adequacy, functionality and reliability of the internal controls system and informs the Risks, Related Party Transactions and Sustainability Committee as well as the Board of Directors of the results of the checks made, preparing and implementing the necessary corrective or adjustment interventions in the case of deficiencies or anomalies as well as following changes to the legislative or regulatory context or the introduction of new relevant activities, services and processes;
guarantees to the Risks, Related Party Transactions and Sustainability Committee and the Board of Directors effective and constant dialectic discussion, also obtaining collaboration from the company structures reporting to the same as Head of the internal structure, to allow them to verify over time the choices and decisions assumed by them in relation to the internal control and risk management system.

During 2022, based upon information flows received from the different control functions, the Chief Executive Officer analysed and discussed the following main issues:

main findings of the audit activities performed in 2020 and reported in the final annual reports of the company control functions;
risk assessments at the basis of the preparation of audit plans of the Group's internal controls system for 2022;
stage of progress of the auditing activities planned in 2022 and any modifications to be made to those plans, main criticalities emerging from those audits as well as from the quarterly monitoring activities of the action plans aimed at resolving the existing findings.

9.1 CONTROL AND RISKS COMMITTEE

Composition and functioning of the control and risk committee (pursuant to Article123-bis(2)(d) TUF)

As of the date of this report, the Risk, Related Party Transactions and Sustainability Committee was composed of the non-executive directors:

Cristina Finocchi Mahne - Chairman (independent);

Giovanni Battista Dagnino - Member (independent)

Roberta Neri - Member (non-independent).

The composition of the Committee was confirmed following the Board resolution of 3 May 2022, following the appointment of Prof. Cristina Finocchi Mahne, co-opted on 4 August 2021, by the Shareholders' Meeting held on 28 April 2022.

The three members of the Committee, as already specified, by majority independent, have broad experience and

knowledge of Risk Management, the financial services sector and sustainability (ESG) along with social responsibility. In line with the indications of the new Code, the Committee as a whole possesses expertise in the sectors in which the Company operates, considered adequate by the Board of Directors and by the Appointments and Remuneration Committee.

In cases of related party transactions submitted to the Committee, it met in the composition of independents as envisaged by the Consob "Related Party Transactions Regulation", as well as by the specific Group Policy.

On 16 December 2021, the Committee was attributed specific functions in relation to sustainability and assumed the new name of the Risks, Related Party Transactions and Sustainability Committee.

The Committee is regulated by a specific Regulation - updated on 16 December 2021 and published on the doValue Website, at the page https://www.doValue.it/it/governance/comitati-endoconsiliari - which determines its tasks and regulates its functioning.

The Committee has specific and adequate resources for the conduct of its functions as well as being able to make use of external experts, involving, where necessary, the competent company functions.

The Risks and Transactions with Related Parties Committee during 2022 met 12 times, and the average duration of the meetings, all duly recorded, was about 3 hours.

During 2022, the Committee performed the activity under its remit and collaborated with the Board of Directors; at the invitation of the Chairman, also informing the Chief Executive Officer thereof, some Company managers attended at the meetings, in relation to specific items on the agenda. All members of the Board of Statutory Auditors normally took part at the meetings and works of the Committee

The Risk, Related-Party Transactions and Sustainability Committee set the schedule of its meetings for the year 2023, scheduling 11 meetings (of which 3 have already been held).

Functions attributed to the control and risks committee

The Risks, Related-Party Transactions and Sustainability Committee, in fulfilling its functions as a proactive body, supports the Board of Directors in relation to the risks and internal control system, remuneration and incentives, conflicts of interest, related party transactions and sustainability. In particular:

A) RISKS AND INTERNAL CONTROLS SYSTEM

In relation to the risks and internal controls system, in conformity with the provisions of the Corporate Governance Code, the Committee:

a) supports the Board of Directors in evaluating and making decisions regarding the internal control and risk management system and the approval of periodic financial and non-financial reports.
b) examines in advance the programmes of activity (including the audit plan) and the annual reports prepared at consolidated level by the Company Functions with specific duties in relation to internal control and risk management and addressed to the Board of Directors;
c) assesses the correct use of the accounting standards for preparing the consolidated financial statements and the financial statements of the Company and to that end liaises with the Manager in Charge of preparing

the accounting documents and with the Board of Statutory Auditors of the Company (the "Board of Statutory Auditors");

d) expresses its opinion to the Board of Directors with regard:
- to proposals on the appointment, revocation and, coherently with the company policies, the definition of the structure of fixed and variable remuneration of the Head of Internal Audit, as well as the adequacy of the resources assigned to the latter for the performance of his duties;
- to the definition of the guidelines of the internal control and risk management system, so that the main risks relating to the Company and its subsidiaries are correctly identified, as well as adequately measured, managed and monitored, and the level of compatibility of those risks with business management coherent with the strategic objectives identified is determined;
- to the assessment, at least on an annual basis, of the adequacy of the internal control and risk management system with respect to the characteristics of the business and the risk profile assumed, as well as its effectiveness;
- to the approval on at least a yearly basis, of the work plan prepared by the Head of the Internal Audit function. after consulting with the Board of Statutory Auditors and the Chief Executive Officer;
- the assignment of the supervisory functions pursuant to Article 6(1)(b) of Legislative Decree No. 231/2001 to the Board of Statutory Auditors or to a specially constituted body;
- to the description, in the company governance report, of the main internal control and risk management system characteristics and the procedures for coordination of the persons involved, indicating the models and national and international best practices, expressing its assessment on the adequacy of the same and decisions made in relation to the composition of the supervisory body;
- to the assessment, after consulting with the Board of Statutory Auditors, of the findings identified by the independent auditor in the letter of suggestions, if any, and in the additional report addressed to the Board of Statutory Auditors;
- to the appointment and revocation of the Head of Internal Audit and the Head of AML who will be appointed by the Board of Directors having heard from the Board of Statutory Auditors of the Company (the "Board of Statutory Auditors");
- to the assessment of the opportunity to adopt measures to ensure effective and impartial judgement of the other company departments - in addition to Internal Audit and AML - involved in the audits (such as the risk management function and control of legal risk and non-compliance), verifying that they possess adequate professionalism and resources;
e) expresses opinions on specific aspects relating to the identification of the main business risks, including in its assessments all risks that may become significant in the perspective of medium to long-term sustainability;
f) examines the periodic reports, concerning the assessment of the internal control and risk management system, and those of particular relevance prepared by the Internal Audit function;

g) monitors the autonomy, adequacy, effectiveness and efficiency of the Internal Audit function;
h) requests from the Internal Audit function, where the need or opportunity arises, the conduct of checks on specific operational areas, simultaneously notifying the chairman of the Board of Statutory Auditors;
i) reports to the Board of Directors, at least half-yearly, on the occasion of the approval of the annual and half-yearly report, on the activity performed as well as on the adequacy of the internal control and risk management system;
j) supports, with adequate preliminary activity, the assessments and decisions of the Board of Directors on managing risks deriving from prejudicial events of which the Board of Directors has become aware;
k) assesses the adequacy of the periodic information, financial and non-financial, to represent the business model, the company strategies, the impact of its activities and the performances achieved correctly;
l) examines the contents of the periodic information of non-financial nature relevant for the internal control system and risk management so that those risks are correctly identified, as well as adequately measured, managed and monitored;
m) assesses and expresses an opinion to the Board of Directors on the economic-financial sustainability and solidity of the pool bonus allocated in the budget and/or revised during the year.

B) SUSTAINABILITY

The Committee performs advisory, investigatory and propositional functions towards the Board of Directors on the sustainability of the company policies and its interaction dynamics with all stakeholders. In particular:

a) it monitors the alignment of the governance system with the law, the Recommendations of the Corporate Governance Code and national and international best practices in analysing issues relevant to the long-term generation of economic-financial value and social and environmental value for all other stakeholders, preparing proposals for the Board of Directors;
b) it promotes the dissemination of the sustainability culture to all its stakeholders: employees, shareholders, customers and suppliers;
c) it examines the guidelines of the sustainability plan and Company policies on human rights, corporate ethics and integrity, diversity and inclusion, as well as integration policies of environmental, social and governance issues in the business model as well as initiatives undertaken by the Company to address issues related to climate change and the related reporting;
d) it examines and supervises the guidelines, objectives and consequent processes, sustainability and sustainability reporting submitted annually to the Board of Directors, as well as the non-financial information pursuant to Legislative Decree 254/2016 (the "Non-Financial Consolidated Declaration") of the Group, including the analysis of materiality and respective stakeholder engagement, assessing its completeness and reliability, based upon the requirements of Legislative Decree 254/2016;
e) it supports the assessments and decisions of the Board of Directors on the approval of the reporting on risks, generated or suffered, related to socio-environmental issues deriving from the business activities, from its

services or commercial relationships, including the supply chains and subcontracting, as required by Legislative Decree 254/2016;

f) it expresses, when requested by the Board of Directors or the Chief Executive Officer, opinions on sustainability issues;
g) it examines the profit and non-profit strategy, as well as the Company's sustainable finance initiatives;
h) it monitors the evolution of sustainability also in light of new legislation and international principles, monitoring the Company's position with respect to the financial markets on sustainability issues, with particular reference to the Company's positioning in ESG indexes, as well as international environmental, social and governance initiatives and the Company's participation in them, aimed at building the Company's reputation on an international scale;
i) it reports to the Board of Directors, at least half-yearly, on the occasion of the approval of the annual and half-yearly report, on the activity performed in relation to sustainability.

C) RELATED-PARTY TRANSACTIONS

In relation to the management of related party transactions within the limits of the role attributed to the same by the relevant legislation, the Committee supports the Board of Directors of doValue and of the Group's subsidiaries in assessing and managing related party transactions, expressing its prior opinion on the internal procedures as well as (where required by internal rules) on the approval of specific transactions, in order to guarantee their compliance with the Consob Related Party Transactions Regulation. In particular, by way of example, the Committee:

a) issues prior and motivated as well as binding opinions, for the purpose of the resolution of the Board of Directors, on the overall adequacy of the Policy and procedures in relation to the management of related party transactions covered therein, as well as later updates, to achieve the objectives established by the Consob Related Party Transactions Regulation;
b) is involved, either collectively or through its own delegated independent member, as early as in the stages of negotiation and preliminary investigation of some transactions (particularly Significant Transactions) of the Parent Company and of the Subsidiaries, by receiving a complete and timely information flow and with the right to request information as well as to provide observations to the delegated bodies and to the persons in charge of carrying out the negotiations and preliminary investigation;
c) issues, where applicable, prior and motivated opinions on the transactions of the Parent Company and the Subsidiaries with regard to the interest in carrying out those Transactions as well as on the convenience and substantial correctness of the relevant terms;
d) expresses an opinion based on information made available on significant issues regarding the Related Parties Perimeter;
e) may be assisted in issuing opinions by independent experts of its choice, after verification their independence;

f) verifies the correct application of the exemption conditions applied to Significant Transactions defined as ordinary and concluded at market or standard conditions, communicated to the same;
g) based on the annual information flow received, performs a subsequent check on the application of the exemption cases on exempt transactions during the year and assesses the adequacy of the exemption procedures, also for the purpose of their periodic review.

The Committee is attributed the right to carry out constant monitoring of the transactions envisaged by the procedures for identifying and managing related party transactions also in order to allow the same to propose any corrective interventions.

The Chief Executive Officer of the Company may submit to the Committee issues or matters for which the preliminary investigation is deemed useful for the subsequent approval/information to the Board of Directors.

The Committee identifies the information flows which must be sent to it in relation to risks (subject, format, frequency, etc.) and may access relevant company information for the purposes of carrying out these functions.

More specifically, the Committee, during the 2022 Financial Year, assessed and expressed its opinion, in support of the Board of Directors, on the following main issues:

relevant policies: Update of the Control Function Methodology of the Manager Responsible for Financial Reporting, of the Impairment Test Manual in accordance with International Accounting Standard IAS 36, of the Internal Dealing Policy and of the Policies and Procedures of the Consolidated Financial Statement structure; Strategic Planning, Operations and Control Policy; Group Compliance Regulation; Extraordinary Finance Operations Policy Guidelines for initiatives aimed at generating social value; Data Breach Management Policy; Business Continuity Management Policy; doValue Group Internal Control System Regulation in Italy; Enterprise Risk Management Policy; Business Continuity Roles and Responsibilities Policy; AML Policy of Country Italy including the Anti-Money Laundering Model.
2021 annual report of the Internal Audit Function and 2022 Group Audit Plan;
2022 half-yearly report of the Internal Audit Function;
audit reports with negative assessments issued during 2022 by the Internal Audit Function;
quarterly reporting on the outcomes of the action plan monitoring activities of the doValue Group aimed at guiding the audit findings;
revision of the Group Audit Plan 2022;
2021 annual report of the AML function including outcomes of the self-assessment of the exposure to the risk of money laundering and the annual plan of activities for 2022;
2022 half-yearly report of the Anti-Money Laundering Function;
revision of the AML 2022 Plan;
half-yearly reports issued by the AML Function at the outcome of the campaigns of compliance checks performed in the field of anti-money laundering;
2021 annual report of the Data Protection Officer and 2022 action plan;
2022 half-yearly reports of the Data Protection Officer;

updating the Data Protection Officer's Plan;
monitoring of actions plans relating to the implementation of the GDPR legislation;
2021 annual report of the Operational Risk Management Function and 2022 planning;
Tableau de Bord of 2022 quarterly risks;
Establishment of the Group function for Enterprise Risk Management (ERM) and Updating activities;
assessment, also on the basis of reports of the control functions indicated in the above points, on the adequacy of the organisational, administrative and accounting structure of doValue, as well as the internal control and risk management system;
Business Continuity activities performed during 2021;
Business Continuity and Disaster Recovery plans;
examination of the Individual and Consolidated Draft Financial Statements at 31 December 2021; Non-Financial Declaration in accordance with Legislative Decree 254/2016 at 31 December 2021, together with the Manager in Charge, having heard from the independent auditing company and the Board of Statutory Auditors, also with the aim of ascertaining the correct use of the accounting standards;
examination of the separate doValue Financial Statements and the Consolidated Interim Report of the doValue Group as at 30 June 2022 and 30 September 2022;
analysis of the impairment test results in accordance with IAS 36 on the net book value of the intangible fixed assets originating from the PPA of the investee Altamira and doValue Greece at 31.12.2021;
analysis of the Group Business Plan 2022 2024;
analysis of the updated and preliminary 2022-2024 Business Plan of Altamira and AdSolum subsidiaries;
analysis of the doValue Group's Consolidated Budget 2023;
Annual Report on remuneration and incentive policies: a) Sect. I 2022 policy: pursuit of the long-term interests of the company;
related party transaction in relation to the new contract of the Chief Executive Officer of doValue;
Bonus Pool
update of the perimeter of the Executives with Strategic Responsibilities (DIRSs) in relation to the appointment of the Executive in Charge;
examination of transactions with characteristics of significance and/or with related parties;
Committee Controls on Excluded Related Party Transactions;
information flows on related party transactions implemented by the company and by the subsidiaries;
issuance of opinions on the risk assessment of business projects and related financial operations;
Definition of Materiality Analysis 2021;
Analysis of guidelines for initiatives to generate social value;
Analysis of the Project to define the Charter of Values and update the Code of Ethics of the External Network developed in collaboration with FEduF - Foundation for Financial and Savings Education
Update on ongoing sustainability activities;

9.2 HEAD OF THE INTERNAL AUDIT FUNCTION

In coherence with Recommendation 32, letter b) of the Corporate Governance Code, the Board of Directors resolves with exclusive responsibility on the appointment and revocation of the Head of Internal Audit Department, at the proposal of the Risks, Related Party Transactions and Sustainability Committee, which, in turn, obtains the opinion of the Appointments and Remuneration Committee, and having heard the opinion of the Board of Statutory Auditors. Following the reorganisation initiatives of the Group related to the debanking process and the international growth of the Group, the Head of Internal Audit Function, whose role is covered by Ms Silvia de Grassi, reports to the Board of Directors by way of the Head of the Internal Controls Department, as well as functionally to the Group Internal Audit Function. In coherence with the contents of Recommendation 36 of the Corporate Governance Code, she is not responsible for any operational area and reports to the Board of Directors directly or by way of the Risks, Related Party Transactions and Sustainability Committee, at least on an annual basis or at the next opportunity, in cases of particular significance, regarding the adequacy, effectiveness and effective functioning of the Internal Controls System.

In line with Recommendation 33, letter b) of the Corporate Governance Code, the Board of Directors also resolves, subject to the favourable opinion of the Risks, Related Party Transactions and Sustainability Committee and having heard from the Board of Statutory Auditors, on the remuneration of the Head of Internal Audit Department based upon criteria and parameters separate from the performance of the Company, coherently with the provisions of the company policies.

In order to fulfil her mandate to verify the operations and suitability of the Internal Control and Risk Management System, the Head of Internal Audit Function performs the following activities:

defines and implements an annual and long-term audit plan based upon a risk assessment methodology that considers the evolutionary aspects of the business and the related development strategies of the Group, the emerging risks and the significant changes in the organisational structures and processes, the restrictions deriving from regulatory and contractual rules, the requests of Management and the Company Bodies (Recommendation 36, letter a) of the Corporate Governance Code. As part of that Plan, the reliability of the information systems is also verified, including the accounts recording systems (Recommendation 36 letter e). The long-term plan is also updated on an annual basis in order to reflect promptly any significant evolutions in the risk profile of the Company following modifications in the business, organisational or regulatory context. In order to guarantee that the plan is dynamic and to address, during the year, any unplanned intervention requests, the annual plan envisages the establishment of a suitable reserve of resources from those available. The audit plans are submitted for approval to the Board of Directors subject to the examination of the Risks, Related Party Transactions and Sustainability Committee;
prepares and sends to the Chairmen of the Board of Statutory Auditors, of the Risks, Related Party Transactions Committee and of the Board of Directors, as well as to the Chief Executive Officer, periodic reports containing

an assessment on the suitability of the internal control and risk management system and adequate information on its activity and on the methods by which the risk management is carried out (half-yearly and annual) as well as an update on respect of the action plans defined by Management for their containment (quarterly) in coherence with Recommendation 36, letters b) and d) of the Corporate Governance Code;

promptly informs the Chairmen of the Board of Statutory Auditors, of the Risks, Related Party Transactions Committee and of the Board of Directors, as well as the Chief Executive Officer, of the reports prepared at the outcome of the individual audit interventions that contain aspects of particular significance for the purposes of assessing the overall Internal Controls and risk management system (Recommendation 36, letters c) and d) of the Corporate Governance Code);
communicates appropriately and transparently with the supervisory authorities, with reference to the audit activities;
maintains qualified resources within the Internal Audit Function equipped with expertise, knowledge, capacity and experience necessary for the full implementation of its mission;
has direct and unlimited access to all information and documentation useful for the conduct of the individual assignments, in coherence with Recommendation 36 of the Corporate Governance Code.

For the fulfilment of her duties, the Head of Internal Audit Function has an adequate annual budget, subject to approval by the competent Company Bodies and able to cover, in particular, the main requirements linked to the use of technical advice on specific matters and the professional training requirements of the resources.

With reference to the audit activities on subsidiary companies centralised at the Parent Company and in particular for the supervised company Italfondiario, in line with what is regulated within the outsourcing contract prepared in conformity with the relevant regulations, the Board of Directors of the company has designated within it a Director, not having operational delegations, as a representative for the outsourced third level control activities. That Director has the duty of overseeing the activity of the Supplier's Internal Audit Function, the adequacy of the hedging of risks and the execution of the planned activities, in order to guarantee constant liaison and free access of the Head of Internal Audit Function to the Board of Directors of the supervised company.

In relation to the other non-supervised Italian subsidiary companies, there is no similar representative but the Head of Internal Audit Function guarantees the necessary coverage of the main operating processes and the respective related risks through their inclusion within the Group audit plan. For those companies, the Group's Head of Internal Audit Function has the duty of informing the Company Bodies of the individual company controlled by the Parent Company of the results of the checks performed by virtue of exercising the management and coordination activities, by way of the overall reporting on the audit activities performed at Group level.

During 2022 the Internal Audit Department, under the supervision of its Manager and coherently with the planning approved by the Board of Directors on 17 March 2022, performed interventions involving both the Parent Company and its subsidiary companies attributable to three main areas of intervention connoted by logics of priority and peculiar risk profiles:

governance processes, relating to defining the business strategies, planning and management control, risk management and controls, management of the corporate bodies;
business processes that include the "core" activities of the Company, with regard to both the management and recovery of portfolios granted on mandate and/or deriving from securitisation operations and to the services ancillary to them;
support processes, aimed at the correct functioning of the company, through the management of projects, processes and procedures and the conduct of administrative and management activities of company, financial, human, technological, tangible and intangible resources.

This latter area includes verification activities aimed at assessing the reliability of the information systems (Recommendation 36, letter e) of the Corporate Governance Code). In the course of 2022, these audit activities focused mainly on assessing the adequacy of the IT processes to safeguard the proper functioning of the information system as a whole and its various components, such as logical access management, backup management, automatic transaction management (e.g. batch), incident management, and measures to protect the security and integrity of applications and the information they contain. A further area of coverage is the review of disaster recovery processes aimed at ensuring the recovery of key application and infrastructure components following a crisis event.

Lastly, during 2022, doValue's Internal Audit Department continued to support the Group Internal Audit Department in the process of integrating and consolidating internal audit activities at the level of the entire Group through the application of a common control and risk assessment methodology by all the Internal Departments established within the Group in the various phases of the audit cycle (i.e. risk assessment and annual planning, process and compliance audits, monitoring of the resolution status of findings and reporting to the Bodies).

9.3 ORGANISATION MODEL pursuant to Italian Legislative Decree 231/2001

During 2020, doValue conducted a specific project aimed at updating the Group's 231 framework The current Organisation and Management Model pursuant to Legislative Decree 231/2001 of doValue (the '231 Model'), approved on 17 December 2020 by the doValue Board of Directors, is structured as follows:

General Part, which includes:

the Company's Governance Model and the existing corporate tools supporting the Model;
the purposes pursued by the adoption of the Model;
the methodology adopted for the analysis of activities sensitive to the offences referred to in Leg. Decree 231/2001 and the relevant safeguards;
the identification and appointment of the Company's Supervisory Board (hereinafter also "SB") with an indication of its powers, duties and information flows;
the disciplinary system and its sanctioning apparatus;
the information and training plan to be adopted in order to ensure awareness of the measures and provisions of the Model;
the criteria for updating and adapting the Model;

Special Part, which includes the decision-making protocols whereby the risk-crime activities identified in the Risk Assessment phase are distributed into Sensitive Areas concerning one or more families of offences and/or types of offences, identified by commonality of sensitive activities and control and conduct principles.

The following Annexes also form an integral part of the Model:

Code of Ethics of the doValue Group;
document "Group Governance on 231 Models", in which the guidelines are provided to the doValue Group Companies operating in Italy, so that they contribute to the implementation of a "231 System" coordinated at the Group level, in order to allow an integrated and homogeneous management of risks concerning the administrative liability of Entities, without prejudice to the autonomy and specificity of individual Companies;

The Predicate Crimes annex to Legislative Decree 231/2001".

Predicate crimes of Legislative Decree 231/2001

The annex to the 231 Model, entitled "Predicate crimes of Legislative Decree 231/2001", an integral part of the 231 Model itself, provides a description of the crimes and administrative offences whose commission determines, upon the occurrence of the presuppositions envisaged by Legislative Decree 231/2001, the occurrence of administrative liability of the entity pursuant to the aforementioned legislation will also be updated in line with the organisational changes that have taken place and the introduction of new offences.

The 231 Model, as well as the Group Code of Ethics, can be consulted on the doValue website, at the page: https://www.dovalue.it/it/governance/modello-ex-dlgs-23101

In order to ensure the alignment with the changed corporate, operational and organisational structure of the Group, as well as the updating of the contents with respect to the new offences introduced by the legislator since the last update, a new project was launched in December 2022, mainly aimed at:

updating the 231 Model of the Company (and the Italian subsidiaries doNext and doData) and the Group's Code of Ethics;
integrating the doValue 231 Framework with the Anti-Corruption Framework.

In the course of 2023, when the project is completed, it is planned: (i) to integrate risk assessment in addition to the provision of integrated 231/anti-bribery/whistleblowing training to the entire population

9.4 AUDITING FIRM

The Shareholders' Meeting on 17 June 2016 granted to Ernst & Young S.p.A. the statutory auditing assignment of the financial statements and the consolidated financial statements of the Group as well as the accounts audit limited to the consolidated half-yearly report for each of the nine financial years closing from 31 December 2016 to 31 December 2024.

Ernst & Young S.p.A. was also granted, by way of separate formalised agreements, the auditing activities of the financial statements of some of the doValue subsidiary companies.

Concerning the subsidiary doNext S.p.A. (formerly Italfondiario S.p.A.), with the approval of the 2018 Financial Statements BDO Italia S.p.A. was granted the assignment of statutory audit of the financial statements for each of the nine financial years closing from 31 December 2019 to 31 December 2027, with the previous statutory auditing assignment of Ernst & Young S.p.A. having ended.

On 31 January 2020, the Company's Board of Directors approved a policy for granting and managing assignments to independent auditing companies within the doValue Group in order to safeguard the requirement of independence of the entity instructed to perform the statutory audit of the accounts and its network.

Finally, it is noted that the Board, on 3 May 2022, assessed, having heard from the Board of Statutory Auditors, the results illustrated by the independent auditor in the additional report to the annual financial statements at 31 December 2021 addressed to the Board of Statutory Auditors.

9.5 MANAGER IN CHARGE OF PREPARING THE CORPORATE ACCOUNTING DOCUMENTS AND OTHER COMPANY ROLES AND FUNCTIONS

With a board resolution of 17 March 2022, following the favourable opinion of the Board of Statutory Auditors, the Board of Directors, having assessed the candidate's curriculum and verified that he meets all the requirements envisaged by current regulations, appointed Mr Davide Soffietti, Country Italy Chief Financial Officer, hierarchically also placed within the Group Finance structure as Group Deputy CFO, as the Executive in Charge of Financial Reporting until the approval of the financial statements as of 31 December 2023.

The Manager in Charge is granted adequate powers and means to exercise the duties attributed by the regulation, while the Board of Directors is responsible for overseeing the fact that the Manager in Charge has those powers and means and that she respects the administrative and accounting procedures. The presence of an adequate structure reporting directly to the Manager in Charge is the principal element that characterises the availability of adequate means and powers provided by the regulation. To this end, the doValue Group has provided for the Manager in charge to be supported by a team of human resources dedicated to carrying out the activity, in order to cover all the entities of the group. The workgroup is composed as follows:

Manager of Activities at the Subsidiary for the Manager in Charge (MASMC), where appointed by resolution of the Board of Directors of the individual entity, usually identified, if present, as the Chief Financial Officer (CFO) of the represented entity, who carries out at local level, for the represented entity and any additional specifically selected direct and indirect subsidiary companies, the activities of coordination and certification envisaged for the Manager in Charge (Taraboulous Alvertos for the company doValue Greece and Carlos Maceda for Altamira Asset Management SA);
Management 262 (Italy), which carries out the checks required for 262 activities in Italy and for consolidation;
Management 262 (Territorial), where appointed, which is responsible for carrying out the controls foreseen for 262 activities, according to its scope of competence.

The Manager in Charge is responsible for certifying:

the adequacy and effective application of the administrative and accounting procedures during the financial year to which the documents refer;
the conformity of the documentation drawn up according to the IAS/IFRS international accounting standards transposed into Italian law by Legislative Decree No. 38/2005, which exercised the option provided for by EU Regulation No. 1606/2002 on international accounting standards;
the correspondence of the documents with the results of the accounting books and records;
the suitability of the documents to provide a true and correct representation of the capital, economic and financial situation of the issuer and the set of Companies included in the consolidation;
for the financial statements and consolidated financial statements, that the management report includes a reliable analysis of the management performance and result, as well as the situation of the issuer and the consolidated companies, together with a description of the main risks and uncertainties to which they are exposed;
for the abbreviated half-yearly financial statements, that the interim management report contains references to the important events of the first six months of the financial year and their incidence, together with a description of the main risks and uncertainties for the rest of the financial year.

The Manager in Charge participates at meetings of the Board of Directors of the Group Companies and/or of the Board of Statutory Auditors, where the agenda concerns matters under her remit.

The information flows between the Manager in Charge and the other company control functions are regulated in the "Regulation on the Internal Controls System of the doValue Banking Group". In addition, the Manager in Charge holds meetings and information exchanges with the Independent Auditing Company regarding the respective activities, with particular reference to any points of attention on internal controls.

In order to be able to fully comply with the provisions of the regulations, the Board of Directors approved a specific Global "Regulation of the Control Function of the Executive in Charge", which has provided the general criteria and description of the responsibilities and relations between the Parent Company and the doValue Group Companies. In addition, a Global Procedure "Methodology of the Control Function of the Executive in Charge" was approved and sent to the companies included in the consolidation and subject to certification for the purposes of Law No. 262/2005, on the basis of criteria approved from time to time, which regulates the process and operational methods of application of the aforementioned general criteria.

The adopted internal control system relating to Financial Reporting provides for the application of a common methodological structure, based on:

the use of a uniform, centrally defined internal control system model based on internationally recognised methodological standards;
its updating and dissemination within the Group on the basis of centrally defined parameters. The methodological approach adopted by the doValue Group in order to comply with the Savings Protection Law (Law No. 262/2005) is inspired by the "Internal Control - Integrated Framework" (CoSO Framework), produced by the Committee of Sponsoring Organisations of the Treadway Commission (CoSO).

The Heads of the other company functions, having specific duties in relation to internal control and risk management, in conformity with Principle 32.P.3, letter C of the Corporate Governance Code, were indicated in the above paragraphs of this Report, within the specific sections dedicated to the individual functions.

9.6 COORDINATION BETWEEN ENTITIES INVOLVED IN THE INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM

In coherence with Principle XX of the Corporate Governance Code, the duties and responsibilities of the various control bodies and functions, along with the information flows between the different functions/bodies and between these and the company bodies, are defined in detail in the Regulation on the Internal Controls System of the doValue Group, whose latest update was approved by the doValue Board of Directors on 13 November 2022.

In order to guarantee a unitary and integrated vision of the Internal Controls System and to guarantee correct interaction and integration between the company control functions, a series of coordination and collaboration mechanisms are also defined, in coherence with Recommendation 33, letter g), aimed at maximising the synergies and avoiding any potential area of overlapping or deficiency of control.

In particular, productive interaction between the company control functions is guaranteed through the pursuit of the following objectives:

sharing of methodologies and metrics with which the different functions perform their assessments;
improvement of communication between the company control functions and the company bodies;
sharing of information and assessments made.

Those objectives are achieved through the following interaction mechanisms which are positioned within the more general framework of active and constant collaboration between the company control functions:

participation in the process of definition/update of the internal regulations on risks and controls;
exchange of information flows, documentary and of data, such as on the planning of control activities and the outcome of the same;
participation in Board Committees (Risks, Related Party Transactions and Sustainability Committee) and Managerial Committees (Internal Controls System Coordination Committee);

The improvement of the interaction between control functions and the constant update to the company bodies by the same, in relation to the activities performed, are aimed at contributing over time to company governance that guarantees sound and prudent management also through a more effective safeguarding of risk at all company levels. The coordination mechanisms between the various entities involved in the Group's system of internal controls and the overall system of information flows that support the aforementioned mechanisms were reviewed in 2022 with regard to the perimeter of Italian legal entities. As already represented in this report, in order to provide an overall representation of the coordination mechanisms between functions and the relative information flow system, as redesigned in light of the Group's new organisational structure, a further Regulation on the Internal Control System of the entire doValue Group is currently being prepared and will be submitted to the Parent Company's Board of Directors for approval.

10 INTERESTS OF DIRECTORS AND TRANSACTIONS WITH RELATED PARTIES

The Board of Directors, by decision made on 17 June 2021 (already subject to a previous update dating back to February 2020) approved the new version of the "Policy for the management of related party transactions and transactions in conflict of interest of the doValue Group" (hereafter: the "RPT Policy").

That update takes account of the issuance of the update of the "Regulation laying down provisions on related party transactions" (hereafter "RPT Regulation"), in force from 1 July 2021, as well as the organisational changes occurring in 2021 and guarantees the application of the principles contained therein to all subsidiaries, even foreign.

The RPT Policy was submitted in advance for the opinion of the Risks and Related Parties Committee, which expressed a favourable opinion on its approval.

The purpose of the RPT Policy is to define, as part of the operations of the Parent Company and of the Subsidiaries, the principles and rules to be observed to ensure transparency and substantial and procedural correctness of Related Party transactions, carried out directly by the Parent Company or by means of its Subsidiaries.

In this regard, it establishes for the entire Group, among other things:

• the criteria for identifying Related Parties;

• the cases of total or partial exemption from the application of the rules of preliminary investigation, resolution and disclosure to the Corporate Bodies and from the rules of market disclosure;

• the preliminary investigation, proposal and resolution procedures for Related Party transactions;

• the subsequent disclosure obligations to the Corporate Bodies of the Parent Company concerning Related Party transactions

• the controls required to provide disclosure on Related Party transactions to the market.

Therefore, the RPT Policy aims to implement the above regulations by introducing, for the entire Group, rules on the methods of preliminary investigation, decision-making, reporting and information powers. Therefore, the indications contained in the RPT Policy are valid for the entire structure of the Parent Company and the Subsidiaries. All Subsidiaries are required to implement the RPT Policy, which is adopted by the Parent Company as a Group regulation, subject to the resolution of their respective competent bodies, without prejudice to the application, at the time of implementation, of local and/or sector regulations applicable from time to time, in line with the principles established by the RPT Policy.

The full text of the RPT Policy, to which reference is made for any further detail, is available on the doValue website, in the Governance section. Finally, it should be noted that the principles laid down in Article 2391 of the Civil Code are also regulated in the RPT Policy. Civil Code. (on the subject of directors' interests).

To this end, the Directors, Statutory Auditors and other DIRSs of the Company have communicated, and periodically update, declarations containing data functional to the maintenance of the perimeter of related parties and therefore to the identification and management of related party transactions and/or any transactions in conflict of interest. A similar process has been applied for updating shareholder declarations (where applicable).

11 BOARD OF STATUTORY AUDITORS

11.1 APPOINTMENT AND REPLACEMENT

Art. 23 of the Articles of Association establishes that the Board of Statutory Auditors is appointed by the Shareholders' Meeting based upon lists submitted by the legitimated parties, in which the candidates are listed in sequential order.

The lists are to split into two sections, indicating, respectively, up to 3 (three) candidates for the role of Standing Auditor and up to 2 (two) candidates for the role of Alternate Auditor. If a list presents candidates for the role of Standing Auditor and Alternate Auditor, at least the first candidate for the role of Standing Auditor and at least the first candidate for the role of Alternate Auditor indicated in the respective sections must have been registered for at least three years in the register of statutory auditors and must have exercised the activity of statutory accounts auditing for a period of no less than 3 years. If a list presents a number of candidates equal to or greater than 3, each section for the appointment to Standing Auditor and to Alternate Auditor must present a number of candidates belonging to the less represented gender that ensures, within that section, respect of the gender balance at least to the minimum extent required by the legislation, even regulatory, in force.

No candidate may appear in more than one list, under penalty of disqualification from his/her candidacy.

Each entity legitimated to vote (as well as (i) the legitimated entities belonging to the same group, thereby meaning, the controlling entity, even non-corporate, in accordance with Art. 2359 of the Civil Code and every company controlled by or under the common control of the same entity or (ii) parties to the same shareholders' agreement pursuant to Article 122 of the Consolidated Finance Law, or (iii) legitimated entities that are otherwise connected between them by virtue of significant relationships of connection in accordance with the legislation and/or regulations in force and applicable) may present or contribute to presenting only one list, just as each candidate may appear in only one list under penalty of ineligibility.

In accordance with the Articles of Association, Shareholders that, at the time of submitting the list, are holders, alone or together with other submitting Shareholders, of shares with voting right representing at least 2.5%⁵ of the share capital having the right to vote in the ordinary Shareholders' Meeting, or in the lower amount established by mandatory legal or regulatory provisions, may submit a list for the appointment of the Auditors.

The ownership of the minimum number of shares required to submit the lists is determined by taking into account the shares registered in each shareholder's name, or in the name of several Shareholders jointly, at the time the lists are filed at the Company's registered office. Certification of the minimum share of investment may be produced even after the deposit provided that this is done by the deadline laid down for the publication of those lists by the Company.

The lists must, under penalty of forfeiture, be filed at the company's registered office, even by way of a distance communication technique and according to methods indicated in the notice of convocation that allow for the

⁵ Percentage coinciding with the provisions of Article 144 Quater, paragraph 1, of the Consob Issuers' Regulations and confirmed by Consob Executive Determination no. 76 of 30.01.2023

identification of entities filing the list, by the twenty-fifth day before the date of the Shareholders' Meeting (or by the different deadline laid down from time to time by the applicable regulations) and they are made available to the public at the registered office, on the doValue Internet Website and by the other methods envisaged by the regulations in force, at least twenty-one days before the date of the Shareholders' Meeting (or by the different deadline laid down from time to time by the applicable regulations).

Together with the lists, and again by the deadline indicated above, the legitimated entities that have submitted them must also file the additional documentation and declaration required by the legislation, even regulatory, in force each time. Lists that do not comply with the requirements outlined above shall be deemed not to have been submitted.

Each person with voting rights may vote for one list only.

The election of the members of the Board of Statutory Auditors occurs as follows:

(i) 2 (two) Standing Auditors and 1 (one) Alternate Auditor are taken from the list that obtained the highest number of valid votes, in the sequential order in which they are listed on that list;
(ii) the remaining Standing Auditor and the remaining Alternate Auditor are taken from the list that obtained the highest number of votes after that identified in point (i) above, which is not connected in any way, even indirectly, with the persons legitimated to vote who submitted the list indicated in point (i) above; the first candidates of the respective sections will be elected, respectively, Standing Auditor and Alternate Auditor.

The Standing Auditor taken from the list that obtained the highest number of votes after than indicated in point (i) above is assigned as Chairman of the Board.

If, in the terms and methods indicated above, only one list is submitted, or if no list is submitted, or even if a number of candidates equal to that to be elected is not present in the lists, the Shareholders' Meeting resolves on the appointment or supplementation by relative majority. In the event of a tied vote among several candidates, a ballot shall be held between such candidates, by means of another vote at the Shareholders' Meeting. In any event, the Shareholders' Meeting is required to ensure the gender balance as envisaged by the legal and regulatory provisions in force.

In the case of death, resignation or forfeiture or absence for any other reason of a Standing Auditor, he/she is replaced by the Alternate Auditor belonging to the same list on which the outgoing Auditor was listed according to the sequential listing order, in respect of the minimum number of members registered in the register of statutory auditors who have exercised statutory accounts auditing activity and the principle of gender balance. If this is not possible, the outgoing Auditor is replaced by the Alternate Auditor who has the characteristics indicated and drawn progressively from the minority lists which received the highest number of votes, according to the sequential order of the list. If the Auditors were not appointed in accordance with the list voting system, the Alternate Auditor envisaged by the provisions of law takes over. The replacing Alternate Auditor also assumes the role of Chairman in any circumstance that envisages replacing the Chairman of the Board of Statutory Auditors. The Shareholders' Meeting envisaged under Article 2401, paragraph 1 of the Civil Code appoints or replaces the Auditors, in accordance with the principle of the necessary representation of minorities and gender balance. If the Alternate

Auditor who replaces the Standing Auditor is not confirmed in office by that Shareholders' Meeting, the Alternate Auditor will return to his/her role as Alternate Auditor.

11.2 COMPOSITION AND OPERATION (pursuant to Article 123-bis, paragraph 2, letters d) and dbis), TUF)

At the Date of the Report, the Board of Statutory Auditors is made up of three standing auditors and two alternate auditors, who are in possession of the requirements of existing legislation, even regulatory; to that end, the matters and sectors closely relating to those of the business are the ones indicated in the corporate purpose, with particular reference to companies or entities operating in the financial, industrial, banking, insurance, real estate and services sectors in general. The ordinary shareholders' meeting elects the Board of Statutory Auditors and determines its fee.

The auditors act autonomously and independently even in relation to the shareholders who elected them.

All Statutory Auditors must meet the requirements of eligibility, honourableness and professionalism set forth by law and other applicable provisions and, for the purposes of Article 1, paragraph 2, letters b) and c) of Ministry of Justice Decree No. 162 of 30 March 2000, which establishes the requirements of professionalism and honourableness.

Furthermore, in accordance with Principle VIII of the Corporate Governance Code, the auditors of doValue must meet the independence requirements of Article 2, Recommendation 9, of the same code, as well as the requirements of Article 148, paragraph 3, of the TUF.

The assessment of independence is carried out by the Control Body immediately after appointment as well as during the term of office, upon the occurrence of circumstances relevant to independence and in any case at least once a year, on the basis of the information provided by each member of the Control Body.

The Auditors may hold administration and control positions in other companies within the limits established by the provisions, also regulatory, in force.

The Board of Statutory Auditors, in the conduct of its duties and activity, constantly liaises - through periodic and reciprocal involvements as well as prompt information exchanges - with both the Risks, Related Party Transactions and Sustainability Committee, and with the Internal Audit Function as well as with the Internal Controls Department. That activity was completed through the constant participation of the Chairman of the Board of Statutory Auditors, and/or another Auditor instructed for this purpose, at meetings of the cited committee (as, moreover, already highlighted in Section 9 above) and the Head of Internal Audit Function and/or the Head of Internal Controls Department at periodic meetings of the Board of Statutory Auditors).

The Shareholders' Meeting on 29 April 2021, with the list voting system regulated by the Articles of Association, appointed the auditors of the Company for the 2021-2023 three-year period.

The voting was performed on the basis of 2 lists:

List No. 1, submitted by the shareholder AVIO S.a.r.l., obtained a total of 23,215,024 votes (34.027% of the votes cast and 29.019% of the total share capital).

List No. 2, submitted by Studio Legale Trevisan & Associati on behalf of a group of institutional investors, obtained a total of 36,188,396 votes (53.043% of the votes cast and 45.235% of the total share capital).

As a result of the aforementioned votes and considering that List No. 2 contained only one name and List No. 1 three members, pursuant to the provisions of Art. 23.10 of the articles of association, the following were elected as Auditors:

Nicola Lorito Chairman
Francesco Mariano Bonifacio Standing Auditor
Chiara Molon Standing Auditor
Maurizio De Magistris – Alternate Auditor
Sonia Peron Alternate Auditor

The appointment was made on the basis of the list voting mechanism, as regulated in the Articles of Association and described in point 11.1 above of this Report. The Company therefore confirmed its compliance with the provisions on gender balance in the composition of the audit body (in accordance with Art. 148 of the Consolidated Finance Law and in conformity with the provisions of Law No. 160 of 27 December 2019).

As a consequence, for the Auditors in office, the mandate will expire at the date of the Shareholders' Meeting convened to approve the financial statements of the 2023 Financial Year.

During 2022, the Board of Statutory Auditors held 27 meetings, each lasting an average of about two hours. With reference to the percentage of attendance of each Auditor at the meetings, see Table 4 at the foot of this Report.

Table 4 also indicates the relevant information in relation to each member of the Board of Statutory Auditors in office, at the approval date of this Report.

For the 2023 financial year, 14 meetings are planned, 7 of which have already been held at the date of this Report.

Diversity criteria and policies

doValue has continued to pursue the adoption of diversity criteria and policies for the composition of its corporate bodies and, in the report prepared pursuant to Article125-ter of the Consolidated Law on Finance for the renewal of the control body at the Shareholders' Meeting held on 29 April 2021, the Board of Directors, among other things, took into account the diversity policies provided for by current company and Group regulations, as well as the applicable regulations on the subject and, in particular, those relating to gender and educational background. In that regard, it is noted that the Board of Directors has favoured the existence of those characteristics, irrespective of the age of the individuals. The policies on gender diversity, as indicated above, were applied with the renewal of the roles by the Shareholders' Meeting on 29 April 2021 and, in that sense, the Board of Statutory Auditors has 2 members of the less represented gender, one in the role of Standing Auditor and one in the role of Alternate Auditor.

Independence

All Auditors have declared to possess the requirements of independence required by the existing rules. In relation to the requirements of independence of the members of the Board of Statutory Auditors, the investigation implemented by the Board of Directors at the meeting on 17 June 2022 revealed the existence of the requirements

of independence, in conformity with the provisions of the Consolidated Finance Law and, in particular, with the provisions of the combined contents of Articles 23(4), paragraph 2023 and 147, paragraph 3 of the Consolidated Finance Law and in accordance with Recommendation 148, cited by Recommendation 3 of the Corporate Governance Code, by all members of the Board of Statutory Auditors, thereby fulfilling the obligations of assessment to be carried out at least once during the Financial Year for the members of the Board of Statutory Auditors.

In this regard, on 17 March 2022 and 23 February 2023, pursuant to Article 144-novies, paragraph 1-bis, of the Consob Issuers' Regulations, the Company regularly informed the market of the results of the assessments carried out, based on the information provided by the interested parties or otherwise available to the Company, on whether the members of the control body meet the independence requirements.

Consideration

The Shareholders' Meeting, held on 29 April 2021, attributed to the members of the Board of Statutory Auditors remuneration that it considered adequate to the role, to the professionalism and to the commitment required by the significance of the role covered and the dimensions and sector characteristics of the company and its situation, in application of Recommendation 30 of the Corporate Governance Code.

In that regard, it is noted that, for the purposes of determining the remuneration of the Auditors, the Shareholders' Meeting, in particular, considered the increasing commitment required as a result of the greater international dimension of the Group to be present.

Management of interests

With reference to Recommendation 37 of the Corporate Governance Code, it is noted that, the "Policy for managing related party transactions and transactions in conflict of interests of the doValue S.p.A. Group" provides, in addition to the management of any transactions for the company representatives, that, where the members of the Board of Statutory Auditors have an interest in the transaction, on their own behalf or that of third parties, they inform the other Auditors, specifying the nature, terms, origin and scope of the interest.

12 RELATIONSHIPS WITH SHAREHOLDERS

Access to information

The establishment and maintenance of a constant and productive dialogue with the shareholders, institutional investors and other specific stakeholders is considered by doValue to be a duty towards the market.

That dialogue, according to the rules and procedures that regulate the disclosure of inside information, is aimed at adopting the best applicable professional practices and is based upon principles of transparency, promptness and completeness of information.

Also with the aim of ensuring broad and simple dissemination of the same among the public, doValue publishes relevant information of strategic, financial and corporate governance nature, price sensitive press releases, the main metrics on the performance of the shares on the Stock Exchange, and the appointments scheduled by the Company's financial calendar in the "Investor Relations" section of the doValue Internet Website; that information also facilitates the participation of the shareholders in the shareholders' meeting, simplifying the exercise of their rights. From August 2020, in concomitance with the first bond issuance of the Group, a specific section of the doValue internet website was also activated entitled "Bond and Credit Rating", with information intended for those specifically interested in this financial instrument.

The Company, in conformity with Application Criterion 9.C.1 of the Corporate Governance Code, has chosen to establish a dedicated company structure for managing relationships with the shareholders, "Group Investor Relations", reporting to the General Manager Corporate Functions and Chief Financial Officer, Ms Manuela Franchi. The structure can be reached through the following channels:

e-mail: [email protected]

Telephone: +39 02 83460127

Dialogue with shareholders

On 16 December 2021, the Board of Directors, at the proposal of the Chairman in agreement with the Chief Executive Officer, adopted the so-called Engagement Policy aimed at aligning to the new corporate governance code and formalising the activity performed continuously and ordinarily by the Company with the market. The policy illustrates the general principles, the management methods and the principles contained in the dialogue between the Company and the Market in order to facilitate the creation of value sustainable in the medium to long-term, the definition of the strategy that inspires the actions of the Company, and the activities aimed at guaranteeing high standards of governance that the Company is committed to pursuing. The Engagement Policy was prepared also taking account of the engagement policies that institutional investors and asset managers are required, in light of the legal and regulatory rules applicable to them, to adopt and to communicate to the public. The policy, in particular, identifies the stakeholders, matters subject to discussion, timescales and interaction channels. The methods by which the communication is made vary depending on the stakeholders, in relation to their respective characteristics as well as the scope and nature of their involvement in the Company activities, always in respect of the principles of information symmetry, transparency, timeliness, integrity and correctness, subject to the consideration of the requirements of ordered operations, cost-effectiveness and confidentiality required for the responsible and sustainable conduct of the

business.

The document can be consulted on the doValue.it website in the Governance section.

During 2022, the company maintained a constant dialogue with its shareholders and bondholders, participating in more than 20 rallies and conferences (both virtual and in-person) organised by both Italian and international brokers and meeting more than 150 investors. Discussion topics with shareholders and bondholders focused mainly on corporate strategy, the market environment, the company's approach to innovation, its approach to potential market consolidation, governance, financial performance, relevant servicing mandates and market pipeline.

13 SHAREHOLDERS' MEETINGS

In conformity with existing provisions of law and regulations, the Articles of Association of the Company provide that the ordinary Shareholders' Meeting is convened at least once a year, within 120 days from year-end, to resolve upon the matters attributed by law and by the Articles of Association to its remit. If the legal conditions are in place, that term may be extended to 180 days.

The Shareholders' Meeting, both ordinary and extraordinary, is convened within the terms of law and regulations by way of notice published on the Company's internet website at the page https://www.dovalue.it/it/governance/assemblea-azionisti-new, as well as by the other methods provided by the legislation in force, including regulatory.

The Shareholders' Meeting is held at single convocation. The Board of Directors may decide that the Shareholders' Meeting may be held on multiple convocations. The majorities required by law shall apply.

In order for the constitution of the Shareholders' Meeting, both ordinary and extraordinary, and its respective resolutions to be valid, the provisions of law and the articles of association are observed; the majorities provided by existing regulations are applied.

In accordance with the Articles of Association, the ordinary Shareholders' Meeting establishes the remuneration due to the bodies elected by it.

The agenda is established by those exercising the power of convocation in the terms of law and the Articles of Association. If the Meeting is convened at the request of the shareholders, its agenda will be set by taking into account the indications contained in the convocation request.

The right to add to the agenda may be exercised, in conformity with existing regulatory provisions, by as many shareholders as, even jointly, represent at least 2.5% of the share capital: in that case, they also prepare a report that sets out the motivation of the resolution proposals on new matters that they propose be discussed. The Shareholders may also submit further resolution proposals on matters already on the agenda, indicating the respective motivations. By the deadline for publishing the notice of convocation, or in the different term provided by law, the Board of Directors guarantees the provision to the public of a report on each item on the agenda.

In accordance with the Articles of Association and in respect of existing regulations, the holders of shares having voting right may attend at the Shareholders' Meeting, provided that their legitimacy is certified according to the methods and terms provided by the legislation, including regulatory, in force at the time.

The legitimacy to attend at the Shareholders' Meeting and to exercise the right to vote is certified by a communication to the Company, made by the intermediary in favour of the entity holding the right to vote, based upon the respective evidence at the end of the accounting day of the seventh open trading day prior to the date fixed for the Shareholders' Meeting at first convocation.

Art. 9 of the Articles of Association reserves to the Chairman of the Shareholders' Meeting the right to ascertain, in general, the legitimacy to attend at the Shareholders' Meeting, as well as to resolve any disputes.

The Articles of Association do not provide the right for the Shareholders to attend at the Shareholders' Meeting by means of telecommunication, or to exercise the voting right electronically.

The Articles of Association also provide that the Shareholder holding the right to attend at the Shareholders' Meeting may be represented by written proxy by another person, even a non-shareholder, provided that this is in respect of the provisions of law. The voting delegation may also be granted by electronic document signed digitally in accordance with the provisions of existing regulations and notified to the Company by specific e-mail address by the methods indicated in the notice of convocation, or by other methods chosen from those provided by the legislation, including regulatory, in force and indicated in the notice of convocation.

By resolution made on 26 May 2020, the Shareholders' Meeting of doValue, approved its Regulation. The respective document is available to the shareholders and the public indistinctly on the doValue, in the section Governance, as well as, for those who are legitimated to attend and exercise the voting right, at the registered office of the Company and in the locations in which the Shareholders' Meetings are held each time.

Art. 16 of the Shareholders' Meeting Regulation grants to those entitled to participate based upon the law and the Articles of Association (the "Legitimate Attendees" being shareholders or their delegates, Directors, Auditors or the meeting Secretary) the right to attend at the Shareholders' Meeting and to take the floor on each of the items up for discussion and to make proposals relating to the same.

Those intending to exercise the right to take the floor must make a request to the Chairman (by show of hand or by submitting a written request, if ordered in that sense by the Chairman) not before the item on the agenda to which the intervention request refers has been read aloud and in any case before the discussion on the item has been declared closed.

Art. 10 of the Articles of Association also provides that the Chairman is assisted by a Secretary, appointed by majority among the attendees. As well as in the cases provided by law, when the Chairman deems it opportune, a notary may be asked to act as Secretary, appointed by the Chairman himself.

In the year 2022 the Shareholders' Meeting met on 28 April and resolved favourably on the proposals presented by the Board of Directors in relation to the following points:

Financial statements and consolidated financial statements at 31 December 2021; 2. Remuneration policies; 3.Authorisation to purchase and dispose of treasury shares and to perform acts on them, subject to revocation of the authorisation resolution passed by the Ordinary Shareholders' Meeting on 29 April 2021; 4. Appointment of a Director to fill a vacancy; 5. Integration of the fees for the year 2021 of the auditing company EY S.p.A., entrusted with the legal auditing of the accounts for the period 2016-2024. It should be noted that in addition to the Chairman and the Managing Director, 6 Directors and 3 Standing Auditors attended the meeting. On that occasion, the Board of Directors took steps to provide to the Shareholders adequate information on the necessary elements to make its decisions, in full awareness, making available in advance to the Shareholders, by the methods and terms envisaged by the legislation in force, all documentation on the items on the agenda.

In view of the Covid-19 health emergency and the health and hygiene restrictions consequently applied, taking account of the fundamental principles of protection of the health of the shareholders and all entities involved, the intervention and exercise of the voting right by the shareholders were only able to take place by granting a specific delegation, containing voting instructions on all or some of the proposals on the agenda, to the Representative of the shareholders

designated by the Company in accordance with Art. 135-undecies TUF, in accordance with the procedures set out in the notice of call.

The foregoing is without prejudice to the right, in any case, for shareholders who do not intend to avail themselves of the described methods of intervention, to grant the Appointed Representative proxies and/or sub-delegations pursuant to Article 135-novies of the TUF, with related voting instructions.

In addition, in consideration of the described procedures for attending the Shareholders' Meeting and exercising voting rights, in order to make it possible for those concerned to exercise the right set forth in Art. 126-bis, paragraph 1, penultimate sentence of Article 126-bis of the TUF (submission of individual resolution proposals to the Shareholders' Meeting), albeit with terms and procedures compatible with the health emergency situation, as well as with the need for timely disclosure of such proposals, the Company has provided those entitled to attend the Shareholders' Meeting and exercise their vote with the right to submit individual resolution proposals on items already on the agenda by the deadline of 8 April 2022, undertaking to subsequently publish them on its website at least fifteen days prior to the date set for the Shareholders' Meeting, in order to allow those entitled to vote consciously also on the basis of such new proposals, giving the Appointed Representative any relevant voting instructions.

14 FURTHER CORPORATE GOVERNANCE PRACTICES (pursuant to Article 123 bis(2)(a), second part, TUF)

On 5 November 2020 the Board of Directors approved the new "Procedure for use and management of the whistleblowing system" (known as "Whistleblowing Procedure").

The new Whistleblowing Procedure is inserted in a regulatory framework, both external and internal, that, over time, has progressively evolved with a view to guaranteeing its precise implementation and the gradual extension of the areas of application.

The legislator intervened by regulating the phenomenon also in the private sector through Law 30/11/2017, no. 179 ("Provisions for the protection of the authors of reports of crimes or irregularities of which they have become aware in the context of a public or private job"), introducing precisely an organic ad hoc discipline on the institute of whistleblowing.

In addition to this fundamental legislative provision, the phenomenon also formed the subject of further industry regulations referring, for example, to the anti-money laundering sector, market abuse and anti-corruption, with respect to which the Company considered it necessary to use the whistleblowing channel for managing reports.

Following the approval by the Cabinet on 9 December 2022 of the legislative decree transposing EU Directive 1937/2019 on whistleblowing, the Company immediately started gap analysis activities in order to identify any adjustments that will be made during 2023.

The current Wistleblowing Procedure is published on the Company's website at https://segnalazioni.dovalue.it/SitePages/HomePage.aspx and provides for the following active reporting channels:

Ordinary Post
Email
Digital Channel an alternative internal channel for reporting violations through access to the dedicated application on the official website www.dovalue.it.

15 CHANGES SINCE YEAR-END OF REFERENCE

On 17 March 2023, CEO Andrea Mangoni announced his intention to resign from his position, effective 27 April 2023 (date scheduled for the Company's Shareholders' Meeting), to pursue new professional opportunities. The Board of Directors activated the relevant internal procedures aimed at initiating the succession process for the role of Chief Executive Officer.

16 CONSIDERATIONS ON THE LETTER OF THE CHAIRMAN OF THE CORPORATE GOVERNANCE COMMITTEE

During the board meeting on 23 December 2023, the Chairman of the Board of Directors of doValue delivered and illustrated to the Directors, also as members of the Board Committees, as well as to the Board of Statutory Auditors, the letter - dated 25 December 2023 - containing the "Recommendations of the Corporate Governance Committee for 2023", addressed by the Chairman of the Corporate Governance Committee to the Chairmen of the Boards of Directors of all Italian listed companies.

The letter was also sent for information to the chairman of the control body for the appropriate assessments and made available on the Company website, so that all directors, even in the capacity of members of the Board Committee, have the document available for any consideration.

The letter accompanies, as is the norm, the analysis performed for the Corporate Governance Committee on the application of the recommendations of the Corporate Governance Code by all Italian companies listed in the MTA segment, contained in the "2022 REPORT on the evolution of the corporate governance of listed companies - 9th Report on the application of the Corporate Governance Code" (available on the Borsa Italiana internet website).

Among the Committee's "Recommendations for 2023", aimed at "further encouraging companies adhering to the Code to strengthen their practices in order to ensure ever greater effectiveness of self-regulation and to respond to the changing expectations of the market and society as a whole," are those to be provided in the Corporate Governance Report:

adequate information on the criteria and the manner in which the board of directors promoted dialogue with the other relevant stakeholders;
information on the most relevant issues that were the subject of the dialogue with shareholders and on any initiatives taken to take account of the indications that emerged;
details of any failure to comply with the notice period specified in the procedures for the submission of board documents, giving reasons and explaining how the appropriate consideration was ensured at the board meeting.
information on the actual participation of managers in board and committee meetings, indicating the departments involved and the frequency of involvement;

quantitative parameters and qualitative criteria for assessing the significance of any commercial, financial or professional relationships and any additional remuneration for a director's independence;
include in the remuneration policy of the CEO and the other executive directors an executive summary, in table form, showing the composition of the remuneration package, with an indication of the characteristics and weighting of the fixed, short-term variable and long-term variable components with respect to the total remuneration, at least with reference to the achievement of the target objective of the variable components;

and

assess the appropriateness of providing for quantitative parameters, also defined in monetary terms or as a percentage of the remuneration attributed for the office and for participation in committees recommended by the Code.
provide in the remuneration policies for a variable component with a multi-year horizon, consistent with the company's strategic objectives and the pursuit of sustainable success;

As a result of the assessments carried out by the internal structures, as represented to the Board of Directors, it appears that the Company is already in compliance with what the Committee calls for in relation to most of the recommendations (in particular, with respect to the adoption of the shareholder dialogue policy, long-term horizons in remuneration policies and ESG parameters for directors' remuneration); with respect to the recommendations to provide detailed information in the corporate governance report on the transparency of remuneration policies, the weight of variable components, information on the criteria and methods by which the board of directors has promoted dialogue with other relevant stakeholders, pre-audit disclosures, and the participation of managers in board meetings, the Company has put in place a series of initiatives to achieve a substantial alignment process.

In 2022, the active dialogue with our Stakeholders continued and the Stakeholder Engagement activity was strongly expanded. In order to enhance the sense of belonging, the third edition of the People Engagement Survey and the Survey to Customers, Banks and Investors was conducted to continuously measure the level of satisfaction and quality of services offered.

In addition, as part of the preparation of the Consolidated Non-Financial Statement 2022, doValue expanded the categories of Stakeholders involved to redefine the Materiality Matrix, aimed at identifying the environmental, social and governance priorities most relevant to the Group, by including BoD, Top Management, Investors, External Network and Suppliers in the Stakeholder Engagement Survey.

The dialogue with our stakeholders, the governance system, the focus on people and the environment are the strategic elements behind the Group's Sustainability Plan 2021-2023 for sustainable growth.

TABLES

TABLE 1: INFORMATION ON OWNERSHIP STRUCTURE AT THE DATE OF 31/12/2022

SHARE CAPITAL STRUCTURE
	No. shares	No. voting rights	Listed (indicate the markets) / not listed	Rights and obligations
Ordinary shares
(specifying if there is the possibility of increasing the voting rights)	80,000,000	100	100
Inside Information
Multiple voting shares	//	//	//	//
Other categories of shares with voting right
Saving shares	//	//	//	//
Convertible saving shares
Other categories of shares without voting right	//	//	//	//
Other

OTHER FINANCIAL INSTRUMENTS (attributing the right to subscribe newly-issued shares)
	Listed No. shares in (indicate the No. Category of shares in service service of markets) / outstanding of conversion/exercise conversion/exercis not listed instruments e
Convertible bonds	//	//	//	//
Warrants	//	//	//	//

Report on Corporate Governance and Ownership Structure - 2022 Financial Year

SIGNIFICANT SHAREHOLDINGS IN THE CAPITAL
Affiant	Direct shareholder	% share of voting capital
SoftBank Group	Avio S.à r.l. - Luxembourg	25.05
Corporation	Other investors attributable to Softbank Group Corp.	3.22	28.60
Bain Capital Credit Member, LLC	Sankaty European Investments S.à r.l.	13.58	13.73
	Jupiter Asset Management Ltd	6.55	6.62
	Global Alpha Capital Management Ltd.	5.31	5.37
	Other	45.16	45.68
	doValue Treasury Shares	1.13	--

TABLE 2: STRUCTURE OF THE BOARD OF DIRECTORS AT THE YEAR-END DATE

he d o f D ire T Bo cto ar rs
Po st	be Me m rs	f b Ye ar o irt h	Fir st int ap po me da ( *) nt te	f fic In o e fro m	f fic In o e i l t un	( Lis bm itt ing t su ) ( **) ies rt pa	) ( ( Lis t M/ m ) ***	Exe c	No n- exe c	de In p. Co de	de In p . T UF	No he ot r ig ass nm ts en ( ) * *	ic ipa ion Pa rt t ( ) *
Ch airm an	ni Cas Gio van tell ta ane	194 2	30/ 10/ 201 5	29/ 04/ 202 1	Ap val of the pro Fin ial anc Sta tem ent t s a 31/ 12/ 202 3	SHA REH OLD ERS	m	NO	YES	YES	YES	2	17/ 17
Ch ief Exe ive cut Off ice r	dre An a M oni ang	196 3	02/ 03/ 201 6	29/ 04/ 202 1	val of the Ap pro ial Fin anc Sta tem ent t s a 31/ 12/ 202 3	SHA REH OLD ERS	m	YES	NO	NO	NO	1	17/ 17
Dir ect or	Em ela Da Rin anu	196 7	19/ 04/ 201 8	29/ 04/ 202 1	val of the Ap pro ial Fin anc Sta tem ent t s a 31/ 12/ 202 3	SHA REH OLD ERS	m	NO	YES	NO	NO	---	17/ 17
Dir ect or	Gio ni B ista att van Dag nin o	196 6	19/ 04/ 201 8	29/ 04/ 202 1	val of the Ap pro Fin ial anc Sta tem ent t s a 31/ 12/ 202 3	SHA OLD ERS REH	M	NO	YES	YES	YES	---	17/ 17
Dir ect or	Fra nce sco Co las i ant	197 5	30/ 10/ 201 5	29/ 04/ 202 1	Ap val of the pro Fin ial anc Sta tem ent t s a 31/ 12/ 202 3	SHA REH OLD ERS	m	NO	YES	NO	NO	---	15/ 17
Dir ect or	cch Cri stin i Ma a F ino hne	196 5	04/ 08/ 202 1	04/ 08/ 202 1	of Ap val the pro Fin ial anc Sta tem ent t s a 31/ 12/ 202 3	-----	//	NO	YES	YES	YES	2	17/ 17
Dir ect or	nzi o G liel min Nu ug o	194 6	30/ 10/ 201 5	29/ 04/ 202 1	val of the Ap pro ial Fin anc Sta tem ent t s a 31/ 12/ 202 3	SHA REH OLD ERS	m	NO	YES	YES	YES	---	16/ 17
Dir ect or	Rob eri ert a N	196 4	29/ 04/ 202 1	29/ 04/ 202 1	val of the Ap pro ial Fin anc Sta tem ent t s a 31/ 12/ 202 3	SHA REH OLD ERS	m	NO	YES	NO	NO	---	17/ 17
Dir ect or	Giu Ran ieri sep pe	197 4	15/ 07/ 201 6	29/ 04/ 202 1	val of the Ap pro Fin ial anc Sta tem ent t s a	SHA REH OLD ERS	m	NO	YES	NO	NO	---	13/ 17

Report on Corporate Governance and Ownership Structure - 2022 Financial Year

					31/ 12/ 202 3
Dir ect or	Ma rell a Id i M aria Vill a	197 7	25/ 01/ 201 9	29/ 04/ 202 1	val of the Ap pro Fin ial anc Sta tem ent t s a 31/ 12/ 202 3	SHA OLD ERS REH	m	NO	YES	YES	YES	---	17/ 17
--D IRE CT OR S C EA SIN G O FF ICE DU RIN G T HE FI NA NC IAL YE AR --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --

Indicate the number of meetings held during the Financial Year: 17

The quorum required for the submission of lists by minorities for the election of one or more members (pursuant to Art. 147-ter of the TUF) is 2.5% as per the Articles of Association (Percentage confirmed by Consob Executive Determination No. 76 of 30.01.2023)

NOTES

The symbols indicated below must be inserted in the column "Role":

• This symbol indicates the director in charge of the internal control and risk management system.

(*) First appointment date of each director means the date on which the director was appointed for the first time (absolutely) in the Issuer's BoD.

(**) This column indicates if the list from which each director was taken was submitted by shareholders (indicating "Shareholders") or by the BoD (indicating "BoD")..

(***) This column indicates if the list from which each director was taken is "majority" (indicating "M"), or "minority" (indicating "m").

(****) This column indicates the number of assignments as director or auditor covered by the relevant person in other listed companies or of large dimensions. In the Corporate Governance Report the assignments are indicated in full.

(*****) This column shows the attendance of directors at board meetings

TABLE 3: STRUCTURE OF THE BOARD COMMITTEES AT THE YEAR-END DATE

B.o .D.	Ris ks Re lat , Tra t ion nd ns ac s a Co mm	d Pa rty e Su sta ina b ilit y itte e	Ap int d nts p o me an Re ion rat mu ne Co itte mm e
Ro le/ Qu lifi ion t a ca	Me mb ers	( *)	( )	( *)	( )
C ha irm f t he B.o .D. ive cut an o no n-e xe - ind de in a rda it h t he Co lida d nt te ep en cco nce nso w Fin Law d t he Co de an ce an	G Ca iov ni llan ste eta an	----	----	----	----
C hie f E ive O ffic cut xe er	An dre Ma i a ng on	----	----	----	----
No ive d ire cut cto n-e xe r - no n ind de nt ep en	Em la Da R in an ue	----	----	----	----
No ive - i nd de d ire r in cut nt cto n-e xe ep en rda it h t he Co lida d Fin Law te ac co nce w nso an ce d t he Co de an	G iov ni Ba ista Da nin tt an g o	12/ 12	M	----	----
No ive d ire cut cto n-e xe r - no n ind de nt ep en	Co Fra las i t nce sco an	----	----	6 /7	M
No ive - i nd de d ire r in cut nt cto n-e xe ep en rda it h t he Co lida d Fin Law te ac co nce w nso an ce Co d t he de an	Cr ist ina Fi hi Ma hn no cc e	12/ 12	P	----	----
No ive - i nd de d ire r in cut nt cto n-e xe ep en rda it h t he Co lida d Fin Law te ac co nce w nso an ce d t he Co de an	Nu io Gu lie lmi nz g no	----	----	7/7	P
No ive d ire cut cto n-e xe r - no n ind de nt ep en	Ro be Ne ri rta	12/ 12	M	----	----
No ive d ire cut cto n-e xe r - no n ind de nt ep en	G ius Ra nie ri ep p e	----	----	----	----
No ive - i nd de d ire r in cut nt cto n-e xe ep en Co rda it h t he lida d Fin Law te ac co nce w nso an ce d t he Co de an	Ma lla Id i M ia Vil la re ar	----	----	7/7	M

NOTES

(*) This column shows the participation of directors in committee meetings

(**) This column indicates the qualification of the director within the committee: "C": chairman; "M": member.

--------------------------------DIRECTORS CEASING OFFICE DURING THE FINANCIAL YEAR--------------------------------

-----NONE------ -------------------------------- MEMBERS WHO ARE NOT DIRECTORS-------------------------------- NONE

101

Report on Corporate Governance and Ownership Structure - 2022 Financial Year

TABLE 4: STRUCTURE OF THE BOARD OF STATUTORY AUDITORS AT THE YEAR--END DATE

B O A R D O F S T A T U T O R Y A U D I T O R S
Po st	be Me m rs	f b h Ye irt ar o	Fir st int nt ap po me ( *) da te	f fic fro In o e m	f fic l In i nt o e u	Lis t ( ) M/ m ( **)	de In p. Co de	Pa ic ipa ion rt t at d m Bo ing eet ar s ( ) ***	No he t . o r ig ts ass nm en ( ) **
ha C irm an	NIC OL A L OR ITO	19 61	30 / 10/ 20 15	29 / 04 / 20 21	l o f t he Ap pro va Fin cia l St ate nts an me 31 / 12/ 20 23 at	m	YE S	27 / 27	13
d ing Sta n d ito au r	CH IAR A M OL ON	19 83	19/ 04 / 20 18	29 / 04 / 20 21	Ap l o f t he pro va l St Fin cia ate nts an me 31 / 12/ 20 23 at	M	YE S	27 / 27	9
d ing Sta n d ito au r	FR AN CE SC O M AR IAN O BO AC IO NIF	19 54	30 / 10/ 20 15	29 / 04 / 20 21	l o f t he Ap pro va Fin cia l St ate nts an me 31 / 12/ 20 23 at	m	YE S	27 / 27	24
A lte Au d ito te rna r	MA UR IZI O D E M AG IST RIS	19 58	29 / 04 / 20 21	29 / 04 / 20 21	Ap l o f t he pro va l St Fin cia ate nts an me 31 / 12/ 20 23 at	m	YE S	/ /	23
lte d A Au ito te rna r	SO NIA PE RO N	19 70	19/ 04 20 18 /	29 04 20 21 / /	l o f t he Ap pro va Fin cia l St ate nts an me 31 / 12/ 20 23 at	M	S YE	/ /	4
	--A UD ITO RS CE AS ING OF FIC E D UR ING TH E F INA NC IAL YE AR --- --- --- --- --- --- --- --- --- --- --
NO NE

Indicate the number of meetings held during the Financial Year: 27

Pursuant to the Articles of Association, the quorum required for the submission of lists by minorities for the election of one or more members (pursuant to Art. 148- TUF) is 2.5 % (Percentage confirmed by Consob Executive Determination No. 76 of 30.01.2023

NOTES

* Date of first appointment of each auditor means the date on which the auditor was appointed for the first time (absolutely) in the issuer's board of auditors.

(***) This column indicates if the list from which each director was taken is "majority" (indicating "M"), or "minority" (indicating "m").

(***) This column indicates the participation of the auditors at meetings of the board of statutory auditors (indicate the number of meetings he/she attended with respect to the overall number of meetings he/she could have attended; e.g. 6/8; 8/8 etc.).

(****) This column shows the number of directorships or auditor appointments held by the person concerned pursuant to Article 148-bis of the TUF and its implementing provisions contained in the Consob Issuers' Regulations. The complete list of appointments is published by Consob on its website pursuant to Article 144-quinquiesdecies of the Consob Regulation on Issuers.

102

Leading the evolution of the servicing industry

103

AI Terminal

Dovalue

4145_cgr_2023-03-31_5e34dfa4-0ae4-47c6-809a-3b15f6ea4d96.pdf

REPORT ON GOVERNANCE CORPORATE AND OWNERSHIP STRUCTURE OF DOVALUE S.P.A. IN ACCORDANCE WITH ART. 123(2) OF THE CONSOLIDATED FINANCE LAW.

Report on Corporate Governance and ownership structure of doValue S.p.A. pursuant to Article 123 bis of the Consolidated Law on Finance

CONTENTS

GLOSSARY

1. ISSUER'S PROFILE

2 INFORMATION ON SHAREHOLDERS (pursuant to Article 123-bis, paragraph 1, TUF) AS OF 31 DECEMBER 2022

a) Share capital structure (pursuant to Article 123-bis(1)(a) TUF)

b) Restrictions on the transfer of securities (pursuant to Article 123-bis(1)(b) TUF)

c) Significant shareholdings in the capital (pursuant to Article 123-bis(1)(c) TUF)

d) Securities conferring special rights (pursuant to Article 123-bis(1)(d) TUF)

e) Employee shareholding: mechanism for exercising voting rights (pursuant to Art. 123 bis (1)(e) TUF)

f) Voting restrictions (pursuant to Art. 123 bis (1)(f) TUF)

g) Shareholder agreements known to doValue pursuant to Article 122 TUF (formerly Article 123-bis(1)(g) TUF)

h) Change of control clauses (pursuant to Article 123-bis(1)(h) of the Consolidated Law on Finance) and statutory provisions on takeover bids (pursuant to Article 104(1-ter) of the TUF) )

i) Powers of attorney to increase the share capital and authorisations to purchase treasury shares (pursuant to Article 123-bis(1)(m) TUF))

3 COMPLIANCE (pursuant to Article 123-bis(2)(a) first part, TUF)

4 BOARD OF DIRECTORS

4.0ROLE OF THE BOARD OF DIRECTORS

4.1 APPOINTMENT AND REPLACEMENT (pursuant to Article 123-bis(1)(l), first part, TUF)

4.2 COMPOSITION (pursuant to Article 123-bis, paragraph 2, letters d) and d-bis), TUF)

Diversity criteria and policies in the composition of the Board and in the company organisation

Maximum accumulation of assignments held in other companies

4.3 OPERATION OF THE BOARD OF DIRECTORS (pursuant to Article 123-bis(2)(d) TUF)

4.4 ROLE OF THE CHAIRMAN OF THE BOARD OF DIRECTORS

Board Secretary

4.5 EXECUTIVE DIRECTORS

Chief Executive Officer

Chairman of the Board of Directors

Information to the Board by the directors/delegated bodies

Other executive directors

4.6 INDEPENDENT DIRECTORS AND LEAD INDEPENDENT DIRECTOR

Independent Directors

Lead Independent Director

MANAGEMENT OF CORPORATE INFORMATION

Management of Inside Information

Internal Dealing

6 BOARD COMMITTEES (pursuant to Article 123-bis, Section 2(d), TUF)

Additional committees

7. SELF-ASSESSMENT AND SUCCESSION OF DIRECTORS - APPOINTMENTS AND REMUNERATION COMMITTEE

7.0 SELF-ASSESSMENT AND SUCCESSION OF DIRECTORS

8 DIRECTORS' REMUNERATION - APPOINTMENTS AND REMUNERATION COMMITTEE

8.0 DIRECTORS' REMUNERATION

8.1. APPOINTMENTS AND REMUNERATION COMMITTEE

Composition and functioning of the committee (pursuant to Art. 123-bis(2)(d) TUF)

Functions of the committee

In relation to the composition and appointment of the respective members:

In relation to the remuneration and incentive systems

INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM - CONTROL AND RISKS COMMITTEE

Board of Directors and Risks, Related Party Transactions and Sustainability Committee

Board of Statutory Auditors

Company Control Units

Internal Controls Department

Internal Audit Department

Anti-money Laundering Function

Compliance & Global DPO / Compliance & DPO

Data Protection Officer:

COMPLIANCE

Other Company departments with control functions

Operational Risk Management Unit

9.0 CHIEF EXECUTIVE OFFICER

9.1 CONTROL AND RISKS COMMITTEE

Composition and functioning of the control and risk committee (pursuant to Article123-bis(2)(d) TUF)

Functions attributed to the control and risks committee

B) SUSTAINABILITY

C) RELATED-PARTY TRANSACTIONS

9.2 HEAD OF THE INTERNAL AUDIT FUNCTION

9.3 ORGANISATION MODEL pursuant to Italian Legislative Decree 231/2001

Predicate crimes of Legislative Decree 231/2001

9.4 AUDITING FIRM

9.5 MANAGER IN CHARGE OF PREPARING THE CORPORATE ACCOUNTING DOCUMENTS AND OTHER COMPANY ROLES AND FUNCTIONS

9.6 COORDINATION BETWEEN ENTITIES INVOLVED IN THE INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM

10 INTERESTS OF DIRECTORS AND TRANSACTIONS WITH RELATED PARTIES

11 BOARD OF STATUTORY AUDITORS

11.1 APPOINTMENT AND REPLACEMENT

11.2 COMPOSITION AND OPERATION (pursuant to Article 123-bis, paragraph 2, letters d) and dbis), TUF)

Diversity criteria and policies

Independence