Public Disclosure

Pillar 3

31.12.2021 www.bancaifis.it

	Background	3
	References to regulatory reporting requirements	4
1.	General Information Requirement	7
1.1.	Organisation of the Risk Management organisational unit14
1.2.	Risk profile and risk management and measurement systems18
1.3.	Monitoring and Reporting 29
1.4.	Governance System30
2.	Scope of Application	32
3.	Composition of Own Funds	36
4.	Capital adequacy	49
5.	Financial leverage	56
6.	Liquidity risk	62
7.	Credit risk	70
7.1.	General information70
	7.1.1. Details by business segment 70
	7.1.2. Methodologies used to determine impairment losses79
7.2.	Use of ECAI94
8.	Encumbered assets	97
9.	Counterparty risk	100
10.	Risk mitigation techniques	104
11.	Securitisation transactions	106
12.	Operational risk	110
13.	Equity exposures: information on positions included in the banking portfolio	116
14.	Interest rate risk	118
15.	Market risk	124
16.	Concentration risk and large exposures	128
17.	Compensation and incentive systems and practice	130
18.	CEO declaration pursuant to article 435, letters e) and f) of Regulation (EU) no. 575/2013	145
19.	Declaration by the Manager charged with preparing the Company's financial reports	146

Background

As of 1 January 2014, reforms of the Basel Committee's ("Basel III") agreements were transposed into European Union law to strengthen banks' ability to absorb shocks resulting from financial and economic tensions, regardless of their origin, to improve risk management and governance, and to strengthen transparency and disclosure. The Basel Committee has maintained the three-pillar approach on which the previous agreement on capital ("Basel 2") was based. It integrated and strengthened it in order to increase, in qualitative and quantitative terms, the capital position of intermediaries by introducing countercyclical supervisory instruments, regulations on liquidity risk management and leverage limits.

In particular, the Third Pillar (hereinafter also "Pillar 3") is based on the assumption that the Market Discipline may contribute to strengthen capital regulations and therefore promote the stability and soundness of banks and the financial sector.

Therefore, the purpose of Pillar 3 is to combine the minimum capital requirements (Pillar 1) and the process of prudential monitoring (Pillar 2) through the identification of a set of disclosure transparency requirements which allow the market operators to be provided with relevant, comprehensive and reliable information about capital adequacy, exposure to risks and general characteristics of the systems intended to identify, measure and manage said risks.

Within the European Union, 'Basel 3' measures have been transposed into two legislative acts:

Directive no. 2013/36/EU of 26 June 2013 (hereinafter "CRD IV") endorsed by the Bank of Italy through Circular no. 285 of 17 December 2013 "Supervisory provisions for banks". These EU provisions govern, inter alia, the conditions for accessing banking activities, the freedom of establishment and the freedom to provide services, the supervisory review and additional capital buffers;
EU Regulation no. 575/2013 of 26 June 2013 (hereinafter "CRR") which governs the prudential supervisory institutions set by Pillar 1 and the rules on public disclosure (Pillar 3). Further indications on Pillar 3 were then provided by the EBA (European Banking Authority) through a number of documents.
With a communication of 30 June 2020, the Bank of Italy implemented the EBA Guidelines on reporting and public disclosure requirements for exposures subject to measures applied in light of the Covid-19 crisis (EBA/GL/2020/07). The objective of the guidelines is to monitor, on a European level and to a harmonised extent, the moratoria granted to support customers in response to the crisis triggered by Covid-19 as well as to provide an adequate and suitable understanding of the risk profile of supervised institutions, consistent with the information related to the consolidated Finrep reporting.

With the publication of Regulation (EU) no. 876/2019 (CRR2), the EBA has introduced a number of significant changes to the regulatory framework. These changes, which relate in particular to Part Eight of the CRR, aim to standardise the periodic information to be provided to the market. In this regard, in Implementing Regulation (EU) no. 637/2021, instructions have

been provided to operators for mapping the information to be published. According to the CRR2 Regulation, banks publish the required information at least annually; it is up to the institutions themselves to assess the need to provide the required information more frequently, in light of the relevant characteristics of the business in place and elements that are likely to change rapidly. The guidelines indicate minimum content consistent with the relevance of the reporting entity, with particular reference to capital requirements, composition and capital adequacy, leverage ratio, exposure to risks and general characteristics of the systems in charge of identifying, measuring and managing these risks.

Figures are shown in millions of Euro, unless otherwise indicated.

The Banca Ifis Group publishes this public disclosure and any subsequent updates on its website at www.bancaifis.it, in the Investor Relations - Financial Results and Presentations section.

References to regulatory reporting requirements

The tables below provide a summary of the location of the disclosures made to the market, in compliance with the regulatory disclosure requirements governed by European legislation, in particular CRR2 Part VIII and Regulation (EU) no. 637/2021.

Article CRR2	Pillar 3 section reference
435 - Risk management objectives and policies	Paragraph 1 - General information requirement
436 - Scope of application	Paragraph 2 - Scope of application
437 - Own funds	Paragraph 3 - Composition of shareholders' equity
438 - Capital requirements	Paragraph 4 - Capital adequacy
439 - Exposure to counterparty risk	Paragraph 9 - Counterparty risk: standardised method Paragraph
440 - Countercyclical capital reserves	Paragraph 4 - Capital adequacy
441 - Indicators of global systemic importance	N.A.
442 - Adjustments for credit risk losses	Paragraph 7 - Credit risk: general information
443 - Unrestricted assets	Paragraph 8 - Restricted assets
444 - Use of ECAIs	Paragraph 7.2 - Credit risk: use of ECAIs
445 - Exposure to market risk	Paragraph 15 - Market risk
446 - Operational risk	Paragraph 12 - Operational risk
447 - Exposures in equities not included in the trading portfolio	Paragraph 13 - Exposures in equity instruments: information on positions included in the banking portfolio
448 - Exposures to interest rate risk on positions not included in the	Paragraph 14 - Interest rate risk on positions in the banking
trading portfolio	book

Reference to information required by CRR2

Article CRR2	Pillar 3 section reference
449 - Exposure to securitisation positions	Paragraph 11 - Securitisation transactions
450 - Remuneration policies	Paragraph 17 - Compensation and incentive systems and practice
451- Financial leverage	Paragraph 5 - Financial leverage
452 - Use of the IRB approach to credit risk	N.A.
453 - Use of credit risk mitigation techniques	Paragraph 10 - Risk mitigation techniques
454 - Use of advanced measurement methods for operational risk	N.A.
455 - Use of internal models for market risk	N.A.

Reference to EBA requirements - Regulation (EU) no. 637/2021, EBA/GL/2020/07 and EBA/GL/2020/12

Tables	Type of information	Paragraph
EU OVA, EU OVB, EU OVC	Qualitative	Paragraph 1 - General information requirement
EU LI1, EU LI2, EU LI3, EU LIA, EU LIB	Qualitative & Quantitative	Paragraph 2 - Scope of application
EU CC1, EU CC2, EU CCA	Qualitative & Quantitative	Paragraph 3 - Composition of shareholders' equity
EU KM1	Quantitative
IFRS9-FL	Qualitative & Quantitative	Paragraph 4 - Capital adequacy
EU OV1	Quantitative
EU CCyB1, EU CCyB2	Quantitative
EU LR1, EU LR2, EU LR3, EU LRA	Qualitative & Quantitative	Paragraph 5 - Financial leverage
EU LIQ, EU LIQ2, EU LIQA, EU LIQB	Qualitative & Quantitative	Paragraph 6 - Liquidity risk
EU CRA, EU CRB, EU CR1, EU CR1-A, EU CR2, EU CQ1, EU CQ3, EU CQ5, Table 1, Table 2, Table 3	Qualitative & Quantitative	Paragraph 7.1 - Credit risk: general information and credit quality tables
EU CR4, EU CR5	Quantitative	Paragraph 7.2 - Credit risk: ECAI
EU AE1, EU AE2, EU AE3, EU AE4	Qualitative & Quantitative	Paragraph 8 - Restricted assets
EU CCR1, EU CCR2, EU CCR3, EU CCR4,		Paragraph 9 - Counterparty risk
EU CCR5, EU CCRA	Qualitative & Quantitative
EU CR3, EU CRC	Qualitative & Quantitative	Paragraph 10 - Risk mitigation techniques
EU-SEC,EU-SEC2 ,EU-SEC4,EU-SEC5,		Paragraph 11 - Securitisation transactions
EU-SECA	Qualitative & Quantitative
EU-OR1	Quantitative	Paragraph 12 - Operational risk

Tables	Type of information	Paragraph
	Qualitative & Quantitative	Paragraph 13 - Exposures in equity instruments: information on positions included in the banking portfolio
	Qualitative & Quantitative	Paragraph 14 - Interest rate risk on positions in the banking book
EU MR1 EU MRA	Qualitative & Quantitative	Paragraph 15 - Market risk
EU REMA, EU REM1, EU REM2, EU REM3 EU REM4, EU REM5	Qualitative & Quantitative	Paragraph 17 - Compensation and incentive systems and practice

1.General Information Requirement

The supervisory activity is based on a system of rules and incentives allowing to pursue more effectively the objectives of a more accurate measurement of the potential risks related to banking and financial activities, and to maintain a capital base that is more closely commensurate with the actual degree of risk exposure of each intermediary.

The Banca Ifis Group

At 31 December 2021, the Banca Ifis Group comprises the Parent Company Banca Ifis S.p.A. and the subsidiaries Ifis Rental Servicing S.p.A., Ifis NPL Servicing S.p.A., Ifis NPL Investing S.p.A., Ifis Real Estate S.p.A., Cap.Ital.Fin. S.p.A., Credifarma S.p.A., Farbanca S.p.A., Ifis Finance Sp. z o.o., Ifis Finance I.F.N. S.A. and Ifis Npl 2021-1 SPV S.r.l.

At 31/12/2021, the Banca Ifis Group was composed as follows:

The scope of consolidation at the reporting date includes the subsidiaries listed previously, as well as the SPVs (Special Purpose Vehicles) set up for securitisation purposes, for which control is considered to exist in accordance with IFRS 10. These SPVs, with the exception of the vehicle Ifis Npl 2021-1 SPV S.r.l. for which the Group holds the majority of the shares at 31 December 2021, are not companies legally belonging to the Banca Ifis Group and are summarised below:

Indigo Lease S.r.l.
Ifis ABCP Programme S.r.l.
Emma S.P.V. S.r.l.
Urano S.P.V. S.r.l.

Mission and social responsibility

The organisational structure is divided into the following areas:

Commercial and Corporate Banking Segment;
NPL Segment:
Governance & Non-Core Services Segment.

Commercial and Corporate Banking Segment

The Commercial and Corporate Banking Segment, represents the commercial offer of the Group dedicated to companies and consists of the Business Factoring, Leasing, Corporate Banking & Lending Areas outlined below:

Factoring: Area dedicated to supporting the trade credit of SMEs operating on the domestic market, which develop towards export, or which from export, turn to Italian customers; it also includes an organisational unit dedicated to supporting trade credit of suppliers of the local health authorities and an organisational unit specialised in credit to pharmacies; these activities are also carried out through the subsidiary Credifarma, as well as a business unit specialised in the acquisition of tax receivables: transferred from bankruptcy proceedings. This unit acquires tax receivables, accrued and accruing, already requested for reimbursement, or future, arising from proceedings or in previous years.
Leasing: Area that provides finance and operating leases but not real estate leases, as the Group does not offer them - to small economic operators and SMEs.
Corporate Banking & Lending: Business area that aggregates multiple units: Structured Finance area, which supports companies and private equity funds in arranging bilateral or syndicated loans; the Special Situations area, which supports the financial recovery of businesses that managed to overcome financial distress; the Equity Investment area, dedicated to investing in non-financial companies and intermediaries; and the Lending area, dedicated to the Group's medium/long-term operations, oriented to supporting the company's operating cycle through services ranging from funding optimisation to working capital financing and the support for productive investments.

NPL Segment

This is the Banca Ifis Group's Segment dedicated to non-recourse acquisition and managing secured and unsecured distressed retail loans, as well as third party portfolio management. The business is closely associated with converting nonperforming loans into performing assets and collecting them. This business can be divided up into three macro categories:

post-purchase management, where all the activities of researching information preparatory to the routing of the position towards the most suitable transformation methods are carried out. This typically occurs after 6-12 months;
non-judicial operations, which deal with practices that can be handled through collection by settlement;
legal management, which covers all practices in the various stages of legal processing, ranging from obtaining a court order to a garnishment order.

Governance & Non-Core Services Segment

The Segment comprises, among other things, the resources required for the performance of the services of the Audit, Administration-Accounting, Financial, Planning, Organisation, ICT, Marketing and Communication, and HR functions, as well as the structures responsible for raising, managing and allocating financial resources to the operating segments. It also includes the Proprietary Finance business (proprietary desk securities) and the economic results of the subsidiary Cap.Ital.Fin. S.p.A., a company operative in salary- or pension-backed loans. The Segment also includes run-off portfolios originated from the former Interbanca as well as other personal loan portfolios.

Strategic governance, management and control bodies

The overall risk management and control process involves, with different roles, the administrative and control bodies of the Group's companies and subsidiaries as well as the Parent Company's Management and the operational units of the entire Group.

In the model adopted by the Parent Company Banca IFIS S.p.A.:

strategic supervision is performed by the Board of Directors;
the CEO is responsible for the company's operations. The management function includes the Joint General Managers (Chief Operating Officer, Chief Commercial Officer)
control is performed by the Board of Statutory Auditors.

The Parent Company's Board of Directors plays a crucial role in the corporate organisation as it is the body responsible for determining the company guidelines and strategic objectives and for verifying their implementation, complying with industrial plans and implement strategic transactions, also by setting the principles of the direction and coordination activity of the Banca IFIS Group's companies, in the interest of the Shareholders. It carries out a supervisory function with regards to the achievement of the strategic objectives of the Bank and of the Group as a whole. In particular, concerning governance and risk controls, it is responsible for:

defining strategic guidelines and risk assumption, management and control with their periodic review, thanks also to an accurate, comprehensive and timely information flow system;
approving and periodically reviewing organisational, disclosure and risk control procedures;
defining and updating the roles and responsibilities of organisational functions entrusted with the performance of company processes related to risk management;
guaranteeing the implementation, efficiency and effectiveness of the risk management and control system through periodical reviews and by deciding the measures to be taken to remove any deficiencies and dysfunctions that may have emerged during the risk management process.

Within the Board of Directors are:

the Control and Risks Committee, providing consulting services and support to the resolutions issued by the Board of Directors, in particular on the internal control and risk management system, as well as to the approval of the periodic financial reporting documents;
the Appointments Committee, which has the task of providing support in the appointment and co-option of directors, in the self-assessment of the Company's governing bodies (Board of Directors and Internal Committees), in verifying the existence of the requisites of professionalism, honourableness and independence of company representatives, and in defining the succession plans for top management positions;
the Remuneration Committee, submitting proposals and providing consulting and monitoring services in the area of remuneration and incentive policies in compliance with the relevant supervisory provisions.

The management function is carried out by the Chief Executive Officer, who also avails himself of the Joint General Managers. The CEO is responsible for implementing the strategies and guidelines defined by the Board of Directors, to which they directly report in that regard, as well as the adoption of all the interventions necessary to ensure the adherence of the organisation and the internal control system to the principles and requirements established by the supervisory provisions, by continuously monitoring their compliance with them. For this purpose, the CEO defines the risk management, control and mitigation processes.

The following Management Committees have been set up:

the Management Committee, which supports the Chief Executive Officer in the implementation and performance of the business guidelines approved by the Board of Directors by constantly monitoring economic performance, the development of programmes, plans and initiatives relevant to the Group;
the Credit Committee, with the task of collegially assessing credit operations originating from the chain of the Joint General Manager, Chief Commercial Officer and the Credit Department;
the Finance Committee, with deliberative tasks, within the limits and in the manner defined by the Board of Directors in the System of Delegations for the assumption of financial risks and the support of asset & liability management and liquidity and portfolio management issues, overseen respectively by the ALM Technical Committee and liquidity and the Technical Committee for Proprietary Finance;
the Products Committee, whose task is to manage the product catalogue through the preliminary screening of new business ideas for the development of new products or the significant modification of existing ones;
the Brand Committee, with advisory functions in defining the guidelines of the company's activities in terms of brand identity;
Committee for Investments in illiquid financial assets, with advisory and coordination functions relating to the analysis of initiatives and portfolio positions with reference to the Bank's investments in illiquid financial assets.
Operational Quality Committee, with the aim of outlining, and sharing, operational improvements that allow the Bank to continuously refine its attention to internal/external regulatory frameworks and IT security.

• Sustainability Committee, with investigative, propositional and advisory functions within the scope of the assessment and decision-making process of the Bank and the Group concerning ESG issues, wherever they are dealt with, working together with the competent corporate bodies and the competent structures of the Bank.

The Board of Statutory Auditors oversees compliance with the law, regulations and articles of association, correct administration, the adequacy of the Bank's accounting and organisational structure, and the functionality of the overall internal control system. Considering the plurality of functions and corporate structures having control tasks and responsibilities, this body is required to check the effectiveness of all the structures and functions involved in the internal control system and their adequate coordination, promoting the corrective actions for any deficiencies and irregularities detected. Due to the importance of these tasks for supervisory purposes, the Board of Statutory Auditors must immediately inform the Bank of Italy of all the facts and actions of which it becomes aware that could constitute an irregularity in the management of the Bank or a violation of the rules governing banking activity.

Internal Control System

The Banca Ifis Group's Internal Control System plays a central role in the company's organisation. It represents a fundamental element of knowledge for the management bodies in order to guarantee full awareness of the situation and effective control of company risks and their interrelationships. In this context: i) it guides changes in strategic guidelines and corporate policies and enables them to be adapted in a coherent manner to the organisational context; ii) it supervises the functionality of management systems and compliance with prudential supervisory requirements; iii) it encourages the dissemination of a correct culture of risks, legality and corporate values.

The Internal Control System consists of the set of regulations, functions, structures, resources, processes and procedures aimed at ensuring, in compliance with a sound and prudent management, the achievement of the following objectives:

executing business strategies and policies;
the identification of tasks and responsibilities such as to ensure the separation between operating and control functions;
containing risk within the limits set out in the Bank's Risk Appetite Framework ("RAF");
the safeguard of the value of assets and protection against losses; the effectiveness and efficiency of business processes; the reliability and security of company information and IT procedures;
preventing the risk that the Group might become involved, including involuntarily, in unlawful activities (and specifically those associated with money laundering, usury, and terrorist financing);
ensuring operations comply with the law and supervisory regulations as well as internal policies, rules and procedures.

The Parent Company, Banca Ifis S.p.A., formalises and informs its Subsidiaries of the criteria governing the different stages that constitute the risk management process. It also validates the risk management processes within the Group. As regards

credit risk in particular, the Parent Company sets the assessment criteria for the positions, and creates a common information base that allows the Subsidiaries to know the customers' exposure to the Group as well as the assessments related to the positions of the borrowers. The Parent Company decides on the adoption of the internal systems to be used for measuring risks, and determines its main characteristics, thus taking on the responsibility of carrying out the project as well as supervising the correct implementation of these systems and their constant adjustment from a methodological, organisational and procedural point of view.

The Parent Company also provides the Subsidiaries with directives for creating their internal control systems. The Subsidiaries must adopt an internal control system that is consistent with the strategy and the policies of the Group, in terms of controls, without prejudice to compliance with regulations applicable on an individual basis. In any case, it is necessary for the Parent Company, in compliance with local constraints, to adopt all initiatives aimed at guaranteeing standards of control and supervision comparable to those envisaged by Italian supervisory provisions, even in cases where foreign regulations do not envisage similar levels of attention.

In order to verify that the Group companies conduct is in compliance with Parent Company guidelines, as well as the effectiveness of the internal control system, the Parent Company takes action so that, within the regulations' scope of application, the consolidated internal audit function periodically performs on-site checks on the Group components, taking into account the importance of the different types of risk taken on by different entities.

The internal control system is designed in compliance with the applicable regulations and the peculiarities of the business carried out by both Banca Ifis S.p.A. and its Subsidiaries. At the date of this document, the control functions of Ifis NPL Investing S.p.A., Ifis NPL Servicing S.p.A., Farbanca S.p.A., Credifarma S.p.A., Cap.Ital.Fin S.p.A. are centralised at the Parent Company, while with reference to Ifis Rental Services, Ifis Real Estate, Ifis Npl 2021-1 SPV S.r.l. and Ifis Finance Sp. z o.o., Ifis Finance IFN SA, given their operational characteristics and the limited level of risk they bring to the Group, no control functions have been established. However, Ifis Finance Sp. z o.o., in compliance with local legislation and regulatory requirements, has appointed a member of its Board as head of its anti-money laundering operations.

Audits involve, with different roles, the Corporate Bodies of the Group's companies and subsidiaries, the Parent Company's Management and the Group's personnel.

Some types of audits are highlighted below:

• line audits aim to ensure operations are carried out correctly. These audits are carried out by the operational structures themselves, incorporated in procedures, or performed as part of back office operations. The operational structures are primarily responsible for the risk management process: as part of their day-to-day operations, they shall identify, measure or assess, monitor, mitigate, and report the risks arising from ordinary operations in accordance with the risk management process; they shall comply with the operational limits assigned to them in accordance with the risk objectives and the procedures that form part of the risk management process;

risk and compliance controls ("second line of defence") are intended to ensure the risk management process is correctly implemented in accordance with the operational limits assigned to the various functions, and that business operations comply with regulations - including corporate governance rules;
internal auditing ("third line of defence") is aimed at identifying breaches of procedures and regulations as well as regularly assessing the comprehensiveness, adequacy, functionality (in terms of both efficiency and effectiveness), and reliability of the internal control and IT systems on a regular basis based on the nature and extent of the risks.

The corporate bodies promote a corporate culture that enhances the control function: all levels of personnel within the organisation must be aware of the role assigned to them in the internal control system and be fully involved in it.

The role of the different players involved in the Internal Control System (the Board of Directors, the Control and Risks Committee, the Director in charge of the Internal Control and Risk Management System, the Supervisory Body pursuant to Italian Legislative Decree no. 231/2001, Internal Audit, Chief Financial Officer, Risk Management, Compliance, Anti-Money Laundering and Coordination function for Controlling Subsidiary Companies) are described in detail in the Report on Corporate Governance and Ownership Structures prepared in accordance with the third paragraph of article

123 bis of Italian Legislative Decree 24 February 1998 no. 58 (TUF) and subsequent updates, the latest version of which was approved by the Board of Directors on 11 March 2021 and published on the Bank's website in the Corporate Governance section.

Briefly, in addition to that already stated in the previous paragraph in terms of the roles and tasks performed by the administrative bodies, the roles and tasks assigned to the remaining players of the internal control system are summarised below, in particular:

Executive director in charge of the internal control and risk management system: the Parent Company's Board of Directors has identified the CEO as the executive director in charge of overseeing the functioning of the internal control and risk management system. The CEO, availing himself in particular of the Joint General Managers and of the Head of the Internal Audit Department, ensures effective management of operations and associated risks; he constantly verifies the overall functionality, overall effectiveness and efficiency of the Internal Control System, adjusting it if necessary; he identifies and assesses risk factors, and defines the tasks of the control units and the relevant information flows;
Supervisory Body pursuant to Italian Legislative Decree no. 231/2001: for full compliance with and interpretation of the Organisation, Management and Control Model pursuant to Italian Legislative Decree no. 231/2001 of Banca Ifis, the Supervisory Body was set up by a resolution of the Board of Directors on 26 October 2004. The members of the Body are not subject, in this capacity and in the performance of their duties, to the hierarchical and disciplinary power of any corporate body or function. The Supervisory Body consists of one Auditor, chosen by the Board of

Statutory Auditors, the Managers, from time to time in office, of the Internal Audit and Compliance departments and two independent Directors, chosen by the Board, one of whom acts as Chair;

The Financial Reporting Officer: the Financial Reporting Officer, consistently with the provisions of article 154-bis of the Consolidated Finance Act, ensures the reliability of the equity, economic and financial position of the Bank and the Group, contributing to the overall assessment of the adequacy of the internal control system for financial reporting;
Internal Audit Department: the Parent Company's Internal Audit Department has the task, on the one hand, of monitoring the regular performance of operations and the development of risks from the standpoint of third-level controls, including on-site checks, and, on the other hand, of assessing the completeness, adequacy, functionality and reliability of the organisational structure and the other components of the internal control system, bringing possible improvements to the attention of corporate bodies, with particular reference to the Group's RAF, the risk management process and the tools for measuring and controlling these risks;
Risk Management Function: the Risk Management control function of the Parent Company aims to: (i) identify the relevant risks to which the Parent Company and Group companies are exposed; (ii) assess, measure and monitor the Group's significant risks, and (iii) guarantee a holistic and integrated view of the risks to which the group as a whole and the companies that make it up are exposed, ensuring adequate information to the governing bodies;
Compliance Department: the mission of the Parent company's Compliance department is to oversee, according to a risk-based approach, the management of non-compliance risk in connection with the entire company activity. This is done by assessing the adequacy of internal procedures to prevent the violation of external rules (laws and regulations) and self-regulation (e.g. codes of conduct and ethical codes) applicable to both the Bank and its subsidiaries;
Anti-Money Laundering Department: the Anti-Money Laundering control department of the Parent Company verifies on an ongoing basis that company procedures are consistent with the objective of preventing the involvement of and countering the carrying out of money laundering or terrorist financing operations as well as avoiding the violation of external rules (laws and regulations) and self-regulation on money laundering and terrorist financing.

1.1. Organisation of the Risk Management organisational unit

Mission of the Parent Company's Risk Management department

The mission of the Parent Company's Risk Management department is to:

guarantee a holistic and integrated vision of the risks to which the Group and the Companies that are part of it are exposed while ensuring adequate reporting to the Corporate Bodies;
identify, measure, evaluate and monitor risks that are relevant to the Group;

ensure adequate reporting on the assumed risks to the Corporate Bodies and Committees, to the Control Functions and to the Managers of the areas subject to the risk management process;
monitor the governance and risk management processes in accordance with the strategies and policies defined by the corporate bodies;
guarantee an on-going development and improvement of methodologies, models, metrics and risk measurement and integration instruments;
facilitate the transposition of supervisory regulations and directives;
assist the Corporate Bodies in carrying out their respective tasks within the internal control system, facilitating: the timely and coordinated interception of relevant information for the purpose of quantifying and managing risks; (ii) a condensed description of the corporate risks and main issues identified by the risk management system; (iii) the adoption of appropriate and timely corrective measures addressing any identified issues and priorities.

The Parent Company's Risk Management carries out its functions for Banca IFIS and, within its own management and coordination activities, it expands its scope of competence to all the companies of the Group.

Organisational positioning of the Parent Company's Risk Management Department

Within the internal control system, the risk control function is part of the Risk Management Department, which reports hierarchically to the CEO. The Head of Risk Management (also Chief Risk Officer or CRO) has direct access to the Board of Directors and the Board of Statutory Auditors and communicates with them without restrictions or intermediaries.

Risk Management:

has the authority, resources and expertise necessary for carrying out its tasks;
has access to corporate data and to external data in order to appropriately manage its tasks;
has access to all the activities of the Parent Company and of the Group companies, carried out at the head offices and at the branches, as well as to all information that is relevant for carrying out the assigned tasks, also through individual meetings with the personnel;
has access to resources that are qualitatively and quantitatively adequate in terms of number, technical and professional skills, continuous updating, also through participation in on-going training programmes.

The Risk Management Department is separate from the Internal Audit Department and from the Compliance and Anti-Money Laundering Departments from an organisational standpoint. Moreover, it is not involved in risk assumption processes. The structures which are deemed to be involved in risk assumption, have the following characteristics (even not collectively):

authorise the taking of a risk;
are remunerated in proportion to business results;
have goals that involve risk taking.

Main activities

The Parent Company's Risk Management Department, in fulfilling its own mission, plays a central role in governing and managing risks.

The Chief Risk Officer is the Head of this department, and, through the Chief Executive Officer, supports the Parent Company's Board of Directors in defining the Group RAF, the general lines of the ICAAP and ILAAP processes, the Contingency Funding Plan, the Group policies for the governance and management of risks and the various phases that make up the risk management process.

This department identifies the risks to which the Parent Company and Group companies are exposed and provides for the measurement and periodic monitoring of the same through specific risk indicators, planning any mitigation actions for significant risks. In this context, it ensures adequate information to the governing bodies.

The Risk Management activities are subject to periodic reporting to the corporate bodies and to the Committees through the Tableau de Bord, and, where required, also to the Bank of Italy, Consob and the Market. In particular, the Department guarantees the preparation, for that within its responsibility, of the group disclosures on the various regulatory (Risk Map, RAF, ICAAP and ILAAP reports, Group Contingency Funding Plan and Recovery Plan) and market (this Pillar 3, disclosure, sections E of the notes to the consolidated and individual financial statements) risk profiles.

The CRO, at the beginning of each management cycle, defines the Program of activities of the organisational units that supervises, taking into account both any deficiencies that have emerged in the checks, and any new risks. The program includes the activities to be carried out both for the Bank on an individual basis and for the Group as a whole. This document is shared with the CEO, submitted to the Control and Risk Committee and to the Board of Statutory Auditors, and approved by the Board of Directors.

At the end of each management cycle, the CRO prepares, at least annually, a Report that shows the checks performed, the results that have emerged, the weaknesses that have been detected and the proposals for actions to be taken for their removal. This report is shared with the Chief Executive Officer and subsequently sent to the Control and Risk Committee and the Board of Statutory Auditors, as well as to the Board of Directors.

The CRO reports to the Chief Executive Officer, for issues falling within their responsibility, as regards completeness, adequacy, functionality and reliability of the Group's internal control system. They also support the CEO in the implementation of the Group RAF.

The CRO ensures the development and maintenance of methodologies, models, metrics and tools for integrated risk measurement and management. Furthermore, he oversees the process of validating the internal management models used for measuring Group risks.

The CRO supports the Parent Company's Board of Directors in defining the criteria and processes for identifying significant transactions (OMRs) and, through the organisational units that report to him, formulates preventive opinions on OMRs'

consistency with the RAF; these significant transactions are subject to his assessment, during which the CRO acquires, based on the nature of the transaction, the opinion of other departments involved in the risk management process.

Furthermore, through the organisational units that report to him, the CRO:

guarantees the monitoring of the risks arising from new products and services and those arising from entry into new business and market segments;
guarantees the monitoring of risks arising from transactions with related parties and associated persons;
participates in the definition of remuneration and incentive policies;
participates in the strategic planning process with reference to aspects relating to capital requirements, prospective funding requirements and prospective assessment of Group risks;
supports the Finance department, for the activities within his remit, in preparing the Group's periodic financial information;
guarantees the performance of second-level controls on credit activity and, in general, to the extent applicable, on the Group's risks;
guarantees the risk awareness process also through specific training provided to the various Group structures;
prepares analyses and disclosures in response to specific requests from the Supervisory Authority within the scope of his responsibility.

The Risk Management unit, at the reporting date, includes four second-level units, specialised in relation to individual risk profiles ("Corporate Credit Risks"¹ , "''NPL and Tax receivables", "Operational and Reputational Risks", and "Financial Risks"). In addition to these, there are three additional second-level organisational units: i) "Risk Data Governance", aiming to develop and ensure the adequacy of data quality standards in all risk areas; ii) "Model Development", aiming to continuously develop and improve risk measurement methodologies, models and metrics; iii) "Anti- Fraud Control", aiming to monitor the risk of fraudulent actions that may be perpetrated against the Group in the course of its operations.

The Risk Management structure is completed by the presence of two additional organisational units that work for the Chief Risk Officer, i) "Risk Governance", with the task of supporting the CRO in the decision-making processes and ensuring an overall view of the various risks and their mutual interaction; ii) "Validation", which is responsible for the validation of internal risk measurement systems for management purposes.

The main objective of the aforementioned organisational units, within the scope of their activities, is:

• to provide support to the CRO in defining the Group's processes and instruments for the identification, assessment, monitoring, mitigation and reporting, linking up with the other Companies' Risk Management structures;

¹ In the area of "Corporate Credit Risks", in order to make the most of the different skills and specific verticality of the structures, two third-level organisational units have been set up, identified on the basis of the specific businesses carried out by the Group: "Receivables from Companies", "Leasing".

to control, monitor and evaluate risk profiles, carrying out the checks and analyses defined in the relevant group policies for managing credit, financial, operational and reputational risks;
to guarantee the development and improvement of risk measurement methodologies and models, by continuously assessing the reliability and consistency of the results;
to collaborate in the preparation and updating of the reports and of directional and regulatory information pertaining to the Risk Management Function.

The Parent Company's Risk Management Regulation, in compliance with the Supervisory Provisions for banks pursuant to Circular no. 285/2013 of the Bank of Italy, describes in detail the scope and the mission of the same, also with reference to the management and coordination activity carried out by the Parent Company on the subsidiaries, the related organisational structure, the tasks of the staff, second-level and third-level organisational units that comprise it, the relationships that the Function maintains with the Corporate Bodies and the other organisational units of Banca IFIS as well as with the Group subsidiaries involved in the process of risk management and finally the main information flows implemented.

For the companies belonging to the Group, risk management and control activities have been centralised at the Parent Company's Risk Management department, following the outcome of the assessments carried out on the advisability of centralising risk control activities there.

1.2. Risk profile and risk management and measurement systems

Determination of risk appetite and processes for managing relevant risks

Specifically, Banca Ifis S.p.A. has prepared a Taxonomy of Risks describing how it identifies the existing and/or potential risks the Group could be exposed to in pursuing its strategic goals as well as the tools for preventing and mitigating each type of risk.

The Parent Company carries out a first identification of the risks starting with the list of minimum risks identified by the current supervisory regulations and expanding it with further significant risks which emerged from the analysis of the business model and the reference markets in which the various Group companies operate, of the strategic prospects, the operating methods and the characteristics of loans and sources of financing. To ensure the analysis reflects its specific business models, the Group has classified risks into macro-categories.

Identifying risks and regularly updating the relevant taxonomy of risks is the result of the joint work of second line of defence functions (Risk Management, Compliance, Anti-Money Laundering, Financial Reporting Officer) and third line of defence functions (Internal Audit), which meet once a year to discuss whether to introduce new risk events and/or review the assessment of potential risks based on the risk management outcomes of the previous year.

The process of assessing the potential relevance of risks (the so-called "inherent risk") does not consider possible controls or other mitigating factors that the Group has put in place.

The potential relevance of individual risks is summarised on a three-value scale (High, Medium, Low) based on a joint subjective assessment by the Parent Company's control functions (so-called judgemental approach).

The Parent Company, for the purposes of the group processes adopted for the assessment of capital adequacy (ICAAP) and of the liquidity management and governance system (ILAAP), considers as significant risks the types of risk to which it has assigned the relevance levels "High" and "Medium" at the conclusion of the above risk assessment process.

The following types of risk fall within the relevant risks:

Credit Risk Area - within this area, the following risks are considered to be significant:

Credit risk;
Concentration risk.

Financial Risk Area - within this areas, the following risks are considered to be significant:

Interest rate risk;
Liquidity Risk;
Risk related to the amount of encumbered assets.

Operational and Reputational Risk Area, - within this area, the following risks are considered to be significant:

Operational Risk;
Reputational Risk;
IT Risk;
Model risk.

Other types of Risk Area, it is important:

• Strategic Risk.

The Parent Company's Risk Management function focuses on the remaining risks, which are considered to be of low relevance. Please refer to the internal company regulations for the description of the risk management and control processes adopted for some of them.

The following types of risk fall into this "low significance" category:

Credit Risk Area:

Counterparty Risk;
Country risk;
Transfer Risk;
Italy's Sovereign Risk;
Residual Risk;

Settlement and Delivery Risk;
Risk arising from Securitisation Transactions;
Equity risk.

Financial Risks Area:

Market risk;
The credit valuation adjustment risk.

Other types of Risk Area:

• Risk of excessive leverage.

The Banca Ifis Group carries out continuous updating activities in relation to the systems and processes used in order to improve its risk management system.

The Risk Management function has the task of ensuring protection and the integrated management of risks by ensuring the development and improvement of measurement methods and models.

For appropriate risk management, the Group's internal control system plays a key role to ensure proper disclosure and suitable audit coverage of all activities and, in particular, in the areas featuring greater corporate risk. Audits involve, with different roles, the Corporate Bodies of the Group companies, the Parent Company's Management and the Group's personnel. One of the main players of the internal control system is the Control and Risks Committee whose task is to support the assessments and decisions taken by the Board of Directors.

The Risk Appetite Framework is to be understood as the reference framework that regulates, in line with the business model and the strategic plan, the propensity to accept risk, the tolerance thresholds, the risk limits, as well as bringing together in a single "point" the synthesis of the risk management policies and the reference processes necessary to define and implement them.

As part of the RAF, the Body with Strategic Oversight Function (hereinafter OFSS) defines the strategic indicators required to monitor the Group's strategic and financial objectives.

For the Banca Ifis Group, the following two categories of indicators have been defined:

strategic indicators: defined by the Strategic Supervisory Body (hereinafter also OFSS from the Italian Organismo con Funzione di Supervisione Strategica) and necessary for the monitoring of the strategic financial objectives of the Group, as described in the Risk Appetite Framework;
risk indicators: approved by the OFSS, which operationally define a set of limits for each type of risk, aimed at strengthening risk control in a more granular manner; they are defined in the various company risk management policies.

The categories of indicators described above are subject to regular monitoring by the Risk Management Function and are notified to both Corporate Bodies and the other business structures, based on the relevant types.

With reference to strategic indicators, they are divided into strategic indicators with regulatory restrictions, measured according to consolidated logics, and strategic indicators for which no regulatory restriction has been defined and are measured at the single BU or Entity level, where necessary. The strategic indicators are mainly attributable to the size of, capital and capital adequacy, liquidity, profitability, asset quality.

The reason that led to this distinction is to be found in the fact that for strategic indicators with no constraints expressly provided for by the regulator, the consequence of exceeding the attention and warning thresholds could have potential impacts on the sustainability of the Group's business model, without, however, suddenly jeopardising the capital or liquidity vulnerability.

The following concepts relevant to RAF have been defined for each indicator:

Risk Profile (actual risk): represents the risk actually undertaken, measured at a given moment in time;
Risk Appetite (risk objective): the level of risk, overall and by type, which the Group intends to assume to fulfil its strategic objectives;
Risk Tolerance (tolerance threshold): the maximum allowed deviation from Risk Appetite; the tolerance threshold is fixed in such a manner as to provide the Group with sufficient margins to operate in every case, even under stress, within the maximum risk that can be assumed;
Warning: a threshold defined only for strategic indicators, free of regulatory restrictions, it is the maximum level of risk that the Group intends to assume in order to reach its strategic objectives;
Risk Capacity (maximum assumable risk): a threshold defined only for the strategic indicators involving regulatory restrictions, it represents the maximum risk level that the Group is technically capable of assuming without breaching the regulatory requirements or other restrictions set by the Supervisory Authority (also taking into account any additional specific capital requirements imposed as a result of the SREP Process).

In the event of violation of the above thresholds, an articulated escalation process is activated, which requires the timely definition of the procedures and management actions to be activated in order to reach the tolerance threshold, following an analysis of the reasons for exceeding the thresholds.

Financial leverage risk

The leverage ratio (or "Leverage Ratio"), calculated as the ratio of Tier 1 capital to the institution's total exposure, measures the degree to which capital is covered relative to total exposures (this includes On-Balance Exposures, net of any deductions from Tier 1 Capital and Off-Balance Sheet Exposures). The objective of the indicator is to ensure a low level of indebtedness compared to the level of equity: it accurately measures the degree of leverage by controlling the risk of excessive financial leverage.

Liquidity risk

Liquidity risk is the risk that the Group will be unable to meet its ordinary and extraordinary payment obligations or incur significant increases in costs to meet those obligations. The Internal Liquidity Adequacy Assessment Process (ILAAP) is adopted in order to identify, measure and monitor liquidity risk by ensuring that the imbalance between incoming and outgoing liquidity flows is sustainable for the Group and sufficient to withstand both short and medium to long-term periods of stress. To this end, the liquidity reserves are to be understood as a means of mitigating risk and managing such imbalances.

Credit risk

Given the particular business of the Group's companies, credit risk is the most important element to consider as far as the general risks assumed by the Group are concerned. Maintaining an effective credit risk management is a strategic objective for the Banca Ifis Group, pursued by adopting integrated tools and processes that ensure proper credit risk management at all stages (preparation, lending, monitoring and management, and interventions on troubled loans).

Asset Encumbrance

The Asset Encumbrance Ratio represents the ratio between the proportion of assets committed and/or used and those available; assets include not only balance sheet assets but also financial instruments received as collateral and reusable. The objective of the ratio is to provide information to the public and creditors on the level of assets committed by the Bank and therefore not available, and thus implicitly an indication of the Bank's future ability to raise funds in a smooth and convenient manner through secured funding.

Counterparty risk

The counterparty risk is the risk that the counterparty to a transaction involving financial instruments defaults before the final settlement of the transaction cash flows.

Counterparty risk is currently focused on derivative transactions generated by the Proprietary Finance activity, an area belonging to the Capital Markets Department and responsible for identifying, implementing and realising investment strategies for the Proprietary Portfolio of Banca Ifis; there is also a residual portfolio of derivative products, mainly on interest rates, deriving from Corporate activities in which derivative contracts were offered to customers to hedge the financial risks assumed by the latter; all outstanding transactions are hedged with back-to-back transactions, in which a position opposite to that sold to corporate customers was taken with external market counterparties.

Operational risk

Operational risk is defined as the risk of suffering losses resulting from the inadequacy or malfunction of processes and information systems, from human errors or from external events. The Group adopts the Basic Indicator Approach ("BIA") for calculating the capital requirement for operational risk by applying the regulatory ratio of 15% of the three-year average of

the relevant indicator. Operational risks are monitored at the level of the Parent Company and the main subsidiaries by the Operational Risk Management structure, which is part of the Risk Management department.

Interest rate risk on the banking portfolio

The assumption of interest rate risk is a normal part of banking and can be an important source of income and asset value. However, adverse movements in market interest rates can have negative effects on both the level of profits and the value of the capital of the Bank and its subsidiaries: changes in interest rates affect in fact the current income level through variations in interest margins and at the same time also affect the value of the assets, liabilities and off-balance sheet items. Therefore, an effective risk management system that maintains exposure to interest rate risk within acceptable levels is essential for the safety and financial soundness of the Group.

The interest rate risk on the banking portfolio is a transversal risk that affects all the Group companies and whose management is centralised at the Parent Company. The assumption of significant interest rate risks is in principle unrelated to the management of the Bank and the Group.

Market risks

Market risk represents the risk of loss due to adverse movements in market prices (share prices, interest rates, foreign exchange rates, commodity prices, volatility of risk factors, and so on) in connection with the trading book for Supervisory purposes (position, settlement and concentration risks) and with the Bank's entire budget (exchange rate and position risk on commodities).

Concentration risk

Risk arising from exposures to counterparties, including central counterparties, groups of connected counterparties, and counterparties operating in the same economic sector, in the same geographic region or that perform the same activity or deal with the same merchandise, as well as from the application of credit risk mitigation techniques, including, in particular, risks related to indirect exposures, such as, for example, to individual providers of guarantees.

Other Risks

Country risk

Country risk represents an additional component of the risk of insolvency of individual borrowers, measured in the context of the Group's credit risk control systems.

Most of the Group's exposures are concentrated in Italy; the remaining exposures to non-domestic customers mainly refer to counterparties resident in Poland, other European Union countries, the United Kingdom, Switzerland and the USA, with a relative weight of 1% or less.

The majority of net credit exposures refer to domestic customers. In light of the above, it is considered that the potential relevance of the aforementioned risk at Group level is "low".

Transfer risk

The transfer risk has an impact on the operations generated by the Group, especially in the context of import/export operations, i.e. foreign-to-foreign factoring.

The evaluation of the incidence of transfer risk is qualitative, the driver considered is the number of counterparties that are financed with a different currency than the one in which they receive the main sources of income.

The potential relevance of the transfer risk at Group level is assessed as "low".

Residual risk

The residual risk is linked to the possibility that recognised techniques for credit risk mitigation used to reduce the capital requirement turn out to be less effective than expected. This generates, in the guaranteed exposures, losses greater than those covered by the corresponding capital requirements calculated by the Group in accordance with the standardised method for measuring the credit risk of the banking portfolio.

The residual risk is assessed qualitatively by formulating an opinion on the adequacy of the procedures for managing CRM instruments, bearing in mind the general and specific requirements of the regulations for their recognition for prudential purposes.

The acquired NPL portfolios, albeit with a non-direct impact on CRM techniques, include positions secured by mortgages on properties with a lower level of risk than the total portfolio acquired. The potential relevance of the residual risk at Group level is assessed as "low".

Settlement and Delivery Risk

Settlement and delivery risk is inherent in transactions in financial instruments, so this risk potentially affects the processes managed by the Capital Markets Department. The potential relevance of the settlement and delivery risk at Group level is assessed as "low".

Model Risk

A model can be defined as "a system, a quantitative methodology or an approach that applies statistical, economic, financial techniques or mathematical theories and assumptions in order to process input data and obtain quantitative estimates". According to the Banca Ifis Group, the model risk involves the use of internal models even if used exclusively for management purposes. In particular, by order of relevance, we refer to the models that can be used by the Bank and/or the Group for the valuation of balance sheet items, the calculation of capital requirements and the parameters related to the quantification of the liquidity position for strategic plans and business plans.

To cover this type of risk, no internal capital is allocated, however dedicated controls are defined, carried out by the Validation function, for which the Chief Risk Officer is responsible.

IT Risk

The main sources of this risk are in the following areas:

ICT governance and strategy, i.e., defining the ICT internal control system, aligning ICT strategy with overall business strategy, and the use of outsourcing and third-party vendors.
Information security, i.e., risks to the confidentiality, integrity and availability of data and information, both in terms of logical and physical security.
ICT operations management, i.e., routine maintenance of systems, service monitoring and control activities, and management of incidents and operational and security issues.
ICT project and change management, with a focus on ICT project management, acquisition and development of new ICT systems and change management.
Business continuity management, aimed at maximising the ability to provide services on an ongoing basis and limiting losses in the event of major business disruptions.

The Banca Ifis Group maintains an organisational, methodological and procedural framework for the IT risk analysis process: policies, organisational procedures and operational notes are periodically updated with the aim of increasing resilience to the adversities of the IT system and to monitor emerging ICT risks over time. The main internal legislation of reference is:

the "Group Policy for the assessment and management of IT risk", where the principles and scope of application are defined. The document is being updated primarily to incorporate internal organisational changes.
The "Methodological manual for the assessment and management of IT risk", which describes the rules and elements to be considered in the annual assessment of ICT risks. The methodology has been designed with the support of a leading consulting firm according to the reference standards (ISO 31000 and ISO 27005).

During 2021, with a significant investment commitment, the Bank initiated the Cyber Security Plan to increase the overall maturity level of its cyber security. The initiative, undertaken following an initial assessment, is realised through different project streams and is monitored by a Steering Committee specifically established. Cybersecurity maturity level growth is measured through indices mapped to NIST domains (Governance, Predict, Prevent, Detect and Respond) and is compared to the financial industry benchmark.

Since August 2021, Risk Management has increased its structure with the inclusion of new professionals dedicated to the management of this risk. These controls are being strengthened and are aimed at ensuring continuous control of risk exposure by means of:

• annual IT Risk Assessment, aimed at identifying any risks present in the systems, identifying the corresponding corrective actions and monitoring their implementation;

analysis of cyber risk in the most significant ICT project initiatives;
the definition and calculation of operational and strategic specific risk indicators and the periodic verification of compliance with the relative monitoring thresholds (these indicators are reported quarterly in the periodic reporting to the corporate bodies or in specific reports addressed to the structures concerned).

Reputational risk

Reputational risk is a transversal risk that impacts all those entities of the Group which, due to their operations, have relations with external entities. Reputational risk is considered a second-level risk, as it is generated by the occurrence of other types of risk, such as the risk of non-compliance, strategic risk and in particular, operational risks.

To assess the incidence of reputational risk, both external and internal factors that could create reputational damage to the Group and the stakeholders impacted from time to time are considered.

The main endogenous factors include:

operational risk events;
the violation of external rules (laws and regulations) and self-regulation rules (codes of conduct, codes of ethics);
the materialisation of other risks (e.g. market risk, liquidity risk, legal risk or strategic risk) not adequately kept in check;
ineffective or incorrect management of internal or external communication;
the behaviour of corporate officers, employees or collaborators.

The main external factors include comments and debates developed on the media, social networks, blogs, and/or other digital communication tools, regarding information or opinions that damage the reputation of the Group and/or the companies that make it up.

Various stakeholders may be affected:

Supervisory Authorities: decline or loss of trust in/respect for the Group among Supervisory Authorities due to omissions or negligence deriving from the failure to comply with legal and regulatory obligations;
shareholders and investors: decline or loss of trust in/respect for the company among shareholders and market participants because of, for instance, perceived inability to deliver satisfactory results, conduct inconsistent with ethical standards, perceived lack of managerial integrity, etc.;
customers: the fiduciary component inherent in the relationship with the public due, for example, to inefficiencies in operating practices or commercial forcing is affected;
suppliers and counterparties: decline or loss of trust in/respect for the company among suppliers and counterparties;

employees and collaborators: decline or loss of trust in/respect for the company among employees and collaborators resulting, for example, from events relating to employment law;
local community and society: decline or loss of trust in/respect for the company among local communities and opinion makers.

The effects of the occurrence of reputational events can be:

staff turnover and loss of highly skilled workers;
customer dissatisfaction and reduction in number;
complaints and disputes;
legal disputes;
administrative/civil/criminal penalties;
change in the rating given by outside agencies;
perception of rumours about the Group;
negative articles in local, national or international media;
posting of negative comments on social networks.

The Group has focused its reputational risk management and monitoring activities on the areas of operations that stakeholders may perceive as negative factors for assessment; specifically:

development dynamics and characteristics of online collection represent a high reputational risk in terms of retail customer deposits;
the large number of borrowers related to operations in the Distressed Retail Loans segment and the involvement of parties outside the Group for recovery activities are potentially relevant factors in terms of reputation;
in addition, the Leasing segment uses a network of external agents for business development, which may also harm the Group's reputation.

The Group has defined and adopted an overall framework for the governance and management of the reputational risk, divided into the following phases:

identification of the threats to reputation which affect the operations carried out by the Group;
assessment and monitoring of exposure to reputational risk by: (i) conducting a periodic risk self-assessment exercise; (ii) defining and calculating specific risk indicators as well as checking compliance with their monitoring thresholds; (iii) the audit, in the context of the Loss Data Collection activity of the operational risk management process, of any reputational effects resulting from operational risk events;
reputational risk mitigation through the identification and execution of corrective interventions or adjustments aimed at preventing and mitigating exposure to reputational risk;

• implementation of periodical information flows aimed at collecting and reporting any evidence resulting from the activities provided for by the reputational risk management process.

In particular, the Risk Self-Assessment methodology in terms of reputational risk is based on the identification of the list of threats to reputation, starting from the operational risks identified in the RSA; these threats are then evaluated at individual organisational unit level, in order to trace:

the reputational impact, that is the reputational consequences that may occur;
the frequency, intended in terms of number of probabilities that the potential threat to reputation actually occurs;
current checks or the level of mitigation present.

The assessment process leads to a summary judgement related to reputational risk expressed on an ordinal scale. Internal capital is not allocated to cover this type of risk.

As in the case of operational risk, reputational risk management is ensured by the Parent company's Risk Management, which defines the Group's overall framework - in line with specific regulatory requirements and segment best practices - for managing reputational risk aimed at identifying, assessing and monitoring reputational risks assumed or to be assumed by the various Group companies and organisational units. The framework involves collecting reputational risk events as they occur, conducting a forward-looking Reputational Risk Self-Assessment, and monitoring a set of risk measures over time. In the first half of 2021, the periodic Risk Self Assessment campaign was completed. It had been launched in the final quarter of 2020. Following the campaign, together with the work carried out in the area of operational risk, the areas most exposed to reputational risk were identified and, as a result, specific mitigation measures were defined and started in order to further strengthen the existing controls.

Strategic Risk

Strategic risk is of particular importance as part of the process of assessing the sustainability of the Group's business model.

As specified in the document "Group Policy for Strategic Planning", the definition of the Group's overall business model and the identification of business strategies are the responsibility of the Board of Directors and the Chief Executive Officer of the Parent Company.

Following a process of sharing with the General Manager and the heads of the various operating units, the Business Plan Governance, Planning and Management Control Department prepared the budget for 2021 containing the strategic objectives defined by the Board of Directors and assessed the risks and sustainability in terms of capital endowment. In addition, the Board of Directors assessed the implementation risk, that is the degree of vulnerability of the corporate strategy and of the Group's capital position.

Strategic risk management is therefore the responsibility of the Management and Strategic Supervisory Bodies of the Parent Company. The Strategic Supervisory Body of each individual Group company, as part of the Group's strategic planning process, having made the appropriate assessments for the best protection of the company's interests and within the scope

of the prescriptions received, implements the Group Strategic Plan and the Group business model, with particular reference to the component for which it is responsible.

The Parent Company's Risk Management function supports the corporate bodies in assessing the sustainability of business strategies and the impact of strategic risk through appropriate safeguards, such as:

monitoring the objectives set out by the strategic plan, which regularly updates the development guidelines in relation to the progress of management;
the ongoing verification of the capital sustainability of the strategic plan, through the monitoring of strategic indicators and the related thresholds for risk appetite, risk tolerance, alert thresholds and risk capacity;
verification of the profitability at risk of the capital invested.

The verification and the quarterly reporting of the company positioning with reference to the identified indicators is integrated in the periodic reporting system for top management (Tableau de Bord).

This type of risk is difficult to quantify and, due to its qualitative nature, is one of the non-measurable risks.

1.3. Monitoring and Reporting

Monitoring the risk objectives aims at identifying any criticality of the moments of corporate planning and management of the risks and is preparatory to the implementation of corrective and realignment actions, in compliance with the general principles of sound and prudent management.

This activity is managed by the Risk Management department that has the task of ensuring protection and the integrated management of risks by ensuring the development and improvement of measurement methods and models.

The Risk Management function, assisted by specialist organisational units and other organisational control units, produces periodic reports to the Bodies and business units in order to allow verification of the consistency between the implementation of the RAF, the strategic objectives and the approved thresholds (see the section on reporting flows).

Relevant update documents, among others, are drawn up annually: (i) the determination of the Group's risk appetite (Risk Appetite Framework - RAF); (ii) the assessment of capital adequacy (Internal Capital Adequacy Assessment Process - ICAAP) and liquidity (Internal Liquidity Adequacy Assessment Process - ILAAP); (iii) the contingency plan to deal with adverse situations in raising funds and for the prompt settlement of any liquidity shortfalls (Contingency Funding and Recovery Plan - CFRP).

In 2021 the Group also drew up the Group's Recovery Plan, a document containing preparatory measures aimed at preventing and resolving any crisis situations in a timely manner; it describes how the Group intends to restore balance sheet and financial equilibrium in conditions of severe technical deterioration (near to default).

In addition, on a quarterly basis, the Risk Management function prepares suitable reports for the Board of Directors (Tableau de Bord), which enables monitoring not only of strategic indicators but also of management risk indicators. Lastly, a detailed periodic report is also prepared to support the Group's business structures.

1.4. Governance System

The Articles of Association provide that the Company shall be administered by a Board of Directors consisting of a minimum of five to a maximum of fifteen members elected by the Shareholders' Meeting whose term of office shall not exceed three financial years, established at the time of appointment, and shall expire on the date of the Shareholders' Meeting called to approve the financial statements for the last financial year of their office. Directors are appointed based on the mechanism of voting lists by the shareholders' assembly, in compliance with the applicable legal and regulatory provisions and with the composition criteria that relate to the presence of minority and independent directors, and with respect for gender balance.

To encourage the nomination of the best candidates for the renewal of the Administrative Body, in support of shareholders and in compliance with the Vigilance Provisions for banks in matters of Corporate Governance, the Board of Directors identifies in advance what it deems to be its optimal composition, in terms of numbers and quality, identifying and justifying the theoretical profile of candidates. The analyses conducted, reported in the document "Optimal quali-quantitative composition of the Board of Directors of Banca Ifis", are published on the Bank's website.

At the Shareholders' Meeting held on 19 March 2019, the shareholders appointed the Board of Directors in office for the three-year period 2019-2021 by electing 12 directors, respecting the qualitative-quantitative composition of the Body adequate in terms of gender diversification (the female component increased from 3 to 4 elements compared to the previous term of office) and the role assigned to the directors (the number of independent directors increased from 4 to 7); as well as adequate for the complexity and the works of the Body and in line with the current guidelines that favour a non-plethoric composition of the Body with an adequate degree of heterogeneity to allow the Directors to effectively contribute to the Board's activities.

The Board, with the support of the Appointments Committee, in compliance with the Supervisory Instructions for banks (Title II, Chapter 2, Sections I and II) on 9 May 2019, within thirty days of the appointment, carried out the verification for each of its members of the possession of the professionalism and honourableness requirements pursuant to articles 1, 3, 4 and 5 of Italian Ministerial Decree no. 161/98, the non-existence of the causes of suspension pursuant to article 6 of the same Italian Ministerial Decree no. 161/98 as well as the absence of offices in competing companies or groups of companies. Moreover, in compliance with the provisions contained in the Borsa Italiana Code of Conduct, it carried out the necessary assessments concerning the possession of independence requirements.

30 The Board verifies the permanence of the above-mentioned requirements on an annual basis, close to the start of the selfassessment process provided for by the Bank of Italy Circular no. 285/2013 (Title IV, Chapter 1). This process is designed to ensure that the correct and effective functioning of the body and its adequate composition are verified, to identify the

main points of weakness, to promote discussion thereof within the body and to define the corrective actions to be taken, as well as to strengthen the relationships of collaboration and trust between the individual members.

More information regarding the selection process for Board members, the number of directorships granted to members of the management body and additional governance-related information is provided in the "2021 Report on Corporate Governance and Ownership Structure".

In accordance with the provisions of Circular no. 285/2013 and the Corporate Governance Code, the Board of Directors set up its own Control and Risks Committee composed of four of the nine members of the Board of Directors chosen from among the non-executive directors, who are all independent.

During 2021, the Committee met 21 times, five of which were joint meetings with the Board of Statutory Auditors. From the beginning of 2021 until the date of approval of this document, the Committee met six times, two of which jointly with the Board of Statutory Auditors. The Control and Risk Committee has the task of supporting the Board's assessments and decisions relating to the internal control and risk system, the approval of periodic financial and non-financial reports and supporting the Board in analysing issues relevant to the generation of long-term value with a view to sustainable success. With particular reference to the tasks related to risk management and control, the Committee carries out support functions for the body charged with strategic supervision:

in the definition and adoption of the strategic guidelines and risk management policies. As part of the RAF, the Audit and Risk Committee performs the evaluation and proposal activity necessary for the Board of Directors to define and approve the risk objectives and tolerance threshold;
in verifying the correct implementation of strategies, and management policies for risks and the RAF;
in the definition of policies and processes for the assessment of company activities, including verification that the price and conditions of transactions with customers are consistent with the business model and strategies concerning risks.

The information flow on risks for the Board of Directors is identified by means of a specific internal regulation and mainly consists in documents prepared by the control functions concerning the planning of activities and the related reporting (annual reports and quarterly Tableau de Bord, subsequently submitted to the Bank of Italy) as well as other verifications required by the legislation in force (reports on relevant risks undertaken by the Group, disclosure on checks concerning governance and management of liquidity risk, report on important operating functions outsourced, RAF, ICAAP and ILAAP reports, Recovery Plan, etc.).

2.Scope of Application

Qualitative disclosure

The Board of Directors of the Holding Company of the "La Scogliera" Banking Group, which met in an extraordinary meeting on 27 December 2021, having acknowledged the fulfilment of the conditions precedent attached to the resolution of the extraordinary meeting on 18 June 2021, resolved to approve the transfer of the registered office outside the European Union (Switzerland with Lausanne office) and the related change of name to La Scogliera SA with the secondary office remaining in Italy.

On the basis of the changes made at corporate level recorded early 2022, the consolidated capital requirements were calculated without the inclusion of La Scogliera Holding.

The disclosure requirements set out in this document apply to Banca Ifis S.p.A. Parent company of the Banca Ifis Banking Group registered in the Register of Banking Groups.

For prudential purposes, consolidation policies provided for by the Bank of Italy's Circular no. 285 of 17 December 2013 (and subsequent updates) - "Supervisory Provisions for Banks" were adopted. In particular, the line-by-line consolidation was adopted for the banking, financial and instrumental companies belonging to the banking group.

Quantitative information

EU model LI1: differences between the scope of accounting consolidation and that of regulatory consolidation and association of financial statements categories with regulatory risk categories

Table EU LI1 shows, with reference to 31 December 2021, the reconciliation of the Consolidated Balance Sheet data (Published Financial Statements) with the Balance Sheet data according to the Regulatory Perimeter, as well as the breakdown of financial statements items among regulatory risk categories. The differences between the financial statements values for the accounting perimeter and the financial statements values for the regulatory perimeter are attributable to the deconsolidation of the companies that are not part of the Banking Group and their consolidation using the equity method in the prudential perimeter.

		Book values reported in the published financial statements	Book values within the scope of prudential consolidation	subject to the credit risk framework	subject to the CCR framework	Book values of the elements subject to the securitisation framework	subject to the market risk framework	not subject to own funds requirements or subject to deduction from own funds
Financial
10	Cash and cash equivalents	355	349	349

		Book values reported in the published financial statements	Book values within the scope of prudential consolidation	Book values of the elements
				subject to the credit risk framework	subject to the CCR framework	subject to the securitisation framework	subject to the market risk framework	not subject to own funds requirements or subject to deduction from own funds
20	Financial assets measured at fair value through profit or loss	153	153	142	7	3	8
30	Financial assets measured at fair value through other comprehensive income	614	614	614
40	Financial assets measured at amortised cost	10.857	10.695	10.500		195
50	Hedging derivatives
60	Value adjustment of financial assets generically hedged
70	Equity investments		175	175
80	Technical provisions by reinsurers
90	Property, plant and equipment	120	120	120
100	Intangible assets	62	62	8				54
110	Tax assets	330	324	294				30
120	Non-current assets and disposal groups
130	Other assets	487	486	486
	Total assets	12.978	12.978	12.687	7	198	8	84
			Liabilities
10	Financial liabilities measured at amortised cost	10.786	10.790		218			400
20	Financial liabilities held for trading	6	6		6		6
30	Financial liabilities measured at fair value
40	Hedging derivatives
50	Value adjustment of financial liabilities hedged
60	Tax liabilities	49	49					32
70	Liabilities associated with assets held for sale
80	Other liabilities	436	432
90	Post-employment benefits	9	9
100	Provisions for risks and charges	67	67
110	Technical provisions
120	Valuation reserves	-25	- 25					-25
130	Reimbursable shares

		Book values reported in the published financial statements	Book values within the scope of prudential consolidation	Book values of the elements
				subject to the credit risk framework	subject to the CCR framework	subject to the securitisation framework	subject to the market risk framework	not subject to own funds requirements or subject to deduction from own funds
140	Equity instruments
150	Reserves	1.367	1.375					1.375
160	Share premium	103	103					103
170	Share capital	54	54					54
180	Treasury shares	- 3	-3					- 3
190	Equity attributable to minorities	28	28					14
200	Profit for the year	101	93					42
	Total liabilities and equity	12.978	12.978		224		6	1.992

EU LI2 model: main sources of differences between exposure amounts determined for regulatory purposes and book values in the financial statements

Table EU LI2 shows the reconciliation between the total amount based on the regulatory scope of consolidation (Book values) and the exposure value subject to capital requirements, for each type of risk. The main differences between the book values determined on the basis of regulatory consolidation and the exposure amounts determined for regulatory purposes, as far as credit risk is concerned, can be attributed to the following phenomena:

		Total	Exposures subject to
			credit risk	securitisation	CCR framework	market risk
1	Book value of assets within the scope of regulatory consolidation (as in model LI1)	12.901	framework 12.687	framework 198	7	framework 8
2	Book value of liabilities within the scope of regulatory consolidation (as in model LI1)	230	0	0	224	6
3	Total net amount under regulatory consolidation	13.131	12.687	198	231	14
4	Off-balance sheet amounts		584
5	Valuation differences				78
6	Differences due to compensation rules other than those already included in line 2		11
7	Differences due to the treatment of value adjustments		19
8	Differences due to the use of credit risk mitigation (CRM) techniques		72	-72
9	Differences due to credit conversion factors
10	Differences due to securitisation with risk transfer		8	-8

		Total	Exposures subject to
			credit risk	securitisation		market risk
			framework	framework	CCR framework	framework
11	Other differences				40
12	Amounts of exposures considered for regulatory purposes	13.848	13.381	119	349

Model EU LI3: description of differences between consolidation areas (subject by subject)

		Prudential consolidation method
Subject name	Accounting consolidation method	Line-by-line consolidation	Proportional consolidation	Equity method	Neither consolidated nor deducted	Deducted	Description of the subject
BANCA IFIS SPA	Line-by-line	X					Credit institution
IFIS FINANCE SP ZOO	Line-by-line	X					Financial entity
IFIS FINANCE IFN	Line-by-line	X					Financial entity
IFIS RENTAL SERVICES S.R.L.	Line-by-line			X			Furniture rental company
CAP.ITAL.FIN S.P.A.	Line-by-line	X					Financial entity
CREDIFARMA S.P.A.	Line-by-line	X					Financial entity
FARBANCA S.P.A.	Line-by-line	X					Credit institution
IFIS NPL INVESTING S.P.A.	Line-by-line	X					Financial entity
IFIS NPL SERVICING S.P.A.	Line-by-line	X					Financial entity
IFIS REAL ESTATE S.P.A.	Line-by-line					X	Insurance financial services company
IFIS ABC PROGRAMME S.R.L. (*)	Line-by-line	X					Vehicle company
INDIGO LEASE S.R.L. (*)	Line-by-line	X					Vehicle company
EMMA SPV S.R.L. (*)	Line-by-line	X					Vehicle company
URANO SPV S.R.L. (*)	Line-by-line	X					Vehicle company
IFIS NPL 2021-1 SPV S.R.L.	Line-by-line	X					Vehicle company

(*) Special Purpose Vehicles, not legally part of the Banca Ifis Group, set up for securitisation transactions for which a controlling relationship has been assessed in accordance with IFRS 10

Please note that there are no obstacles within the Group that might hinder the quick transfer of capital resources or funds.

3.Composition of Own Funds

Qualitative disclosure

The Board of Directors of the Parent Company of La Scogliera S.p.A., which met in an extraordinary meeting on 27 December 2021, having acknowledged the fulfilment of the conditions precedent attached to the resolution of the extraordinary meeting on 18 June 2021, resolved to approve the transfer of the registered office outside the European Union (Switzerland with Lausanne office) and the related change of name to La Scogliera SA with the secondary office remaining in Italy.

On the basis of the changes made at corporate level recorded early 2022, the consolidated capital requirements were calculated without the inclusion of La Scogliera Holding.

OWN FUNDS AND CAPITAL ADEQUACY RATIOS	AMOUNTS AT
	31.12.2021	31.12.2020
Common Equity Tier 1 Capital (CET1)	1.487	1.039
Tier 1 Capital (TIER1)	1.489	1.092
Total Own Funds	1.891	1.366
Total RWAs	9.633	9.204
CET1 ratio	15,44%	11,29%
TIER1 ratio	15,45%	11,86%
Total Capital Ratio	19,63%	14,85%

The CET1, TIER1 and Total Capital include earnings generated by the Banking Group at 31 December 2021, net of the estimated dividend.

Comparative figures refer to the scope of prudential consolidation at 31 December 2020, including La Scogliera S.p.A. The same figures, restated on a like-for-like basis on a conservative basis at 31 December 2021 would be: CET1 15,47%, TIER1 15,49% and Total Capital 19,87%.

Consolidated own funds, risk-weighted assets and prudential ratios at 31 December 2021 were calculated based on the regulatory changes introduced by Directive no. 2019/878/EU (CRD V) and Regulation (EU) no. 876/2019 (CRR2), which amended the regulatory principles set out in Directive no. 2013/36/EU (CRD IV) and Regulation (EU) no. 575/2013 (CRR), as subsequently amended, which were transposed in the Bank of Italy's Circulars no. 285 and no. 286.

For the purposes of calculating capital requirements at 31 December 2021, in continuity with what has been done since 30 June 2020, the Group has applied the temporary support provisions set out in EU Regulation no. 873/2020 (the "quick-fix"). EU Regulation no. 873/2020, relative to the transitional provisions aimed at attenuating the impact of the introduction of IFRS 9 on Own funds - defines for entities the possibility of including in their common equity tier 1 a portion of the accruals

gained for expected credit losses, through different operating methods of the transitional period of reference (1 January 2018 - 31 December 2019 and 1 January 2020 - 31 December 2024).

At the time, Banca Ifis had already informed the Bank of Italy of its decision to apply the transitional provisions for the entire period.

Said portion will be included in CET1 gradually and by applying the following factors:

TEMPORARY TREATMENT IFRS 9 2018-2019	TEMPORARY TREATMENT IFRS 9 2020-2024
0,70 from 1 January 2020 to 31 December 2020	1,00 from 1 January 2020 to 31 December 2020
0,50 from 1 January 2021 to 31 December 2021	1,00 from 1 January 2021 to 31 December 2021
0,25 from 1 January 2022 to 31 December 2022	0,75 from 1 January 2022 to 31 December 2022
0,00 from 1 January 2023 to 31 December 2023	0,50 from 1 January 2023 to 31 December 2023
0,00 from 1 January 2024 to 31 December 2024	0,25 from 1 January 2024 to 31 December 2024

Again with reference to the new provisions introduced by EU Regulation no. 873/2020 with a potential impact on CET1, please note the temporary treatment of unrealised profit and losses due to changes in the fair value of debt instruments issued by the central, regional and local administrations; Banca Ifis has informed the Bank of Italy of its decision to apply the new transitional provisions starting 31 December 2020.

Said portion will be included in CET1 gradually and by applying the following factors.

TEMPORARY TREATMENT FOR OCI RESERVE
1,00 from 1 January 2020 to 31 December 2020
0,70 from 1 January 2021 to 31 December 2021
0,40 from 1 January 2022 to 31 December 2022

Disclosure on IFRS 9 adjustments (article 473 bis CRR) and temporary treatment for OCI reserve (article 468 CRR)

Effective 1 January 2018, the Group adopted the new accounting standard "IFRS 9 Financial Instruments" (IFRS 9). With reference to the introduction of IFRS 9, on 12 December 2017, the European Parliament issued Regulation (EU) no. 2017/2395, which updates the CRR, inserting the new article 473 bis, "Introduction of IFRS 9", which offers the option for banks to mitigate the impacts on own funds resulting from the introduction of the new accounting standard; in particular, the transitional provisions define the option for institutions of including in their Tier 1 capital a portion of the accrued provisions for expected credit losses, in application of IFRS 9 and up to the end of the transitional period extended by Regulation (EU) no. 2020/873 until 31 December 2024.

In this regard, Banca Ifis had informed the Bank of Italy of their decision to apply the transitional provisions for the entire period. Banks that adopt a transitional treatment with reference to the IFRS 9 impact are required to provide a comparison of own funds and capital and leverage ratios with and without the application of the related transitional provisions.

Common Equity Tier 1 Capital (CET1) Common Equity Tier 1 capital (CET1) as if IFRS 9 transitional provisions or similar expected credit losses had not been applied Common Equity Tier 1 capital (CET1) as if the temporary treatment under article 468 CRR for unrealised gains and losses,	1.487 1.455


measured at fair value through other comprehensive income, had not been applied	1.427
Tier 1 capital 3
Tier 1 capital (CET1) as if IFRS 9 transitional provisions or similar expected credit losses had not been applied	1.457
Tier 1 capital as if the temporary treatment under article 468 CRR for unrealised gains and losses, measured at fair value through other comprehensive income, had not been applied	1.429
Total capital	1.891
Total capital as if IFRS 9 or analogous ECLs transitional arrangements had not been applied	1.859
Total capital as if the temporary treatment under article 468 CRR for unrealised gains and losses, measured at fair value through other comprehensive income, had not been applied	1.831
Risk-weighted assets (amounts)
Total risk-weighted assets	9.633
Total risk-weighted assets, as if IFRS 9 transitional provisions or similar expected credit losses had not been applied	9.614
Capital ratios
Common Equity Tier 1 capital (as a percentage of the total risk exposure)	15,44%
Common Equity Tier 1 capital (as a percentage of risk exposure amount) as if IFRS 9 or analogous ECLs transitional arrangements had not been applied	15,13%
Common Tier 1 capital (as a percentage of the risk exposure amount) as if the temporary treatment under article 468 CRR for unrealised gains and losses, measured at fair value through other comprehensive income, did not apply	14,81%
Tier 1 capital (as a percentage of risk exposure amount)	15,45%
Tier 1 capital (as a percentage of risk exposure amount) as if IFRS 9 or analogous ECLs transitional arrangements had not been applied	15,15%
Common Tier 1 capital (as a percentage of the risk exposure amount) as if the temporary treatment under article 468 CRR for unrealised gains and losses, measured at fair value through other comprehensive income, did not apply	14,83%
Total capital (as a percentage of the total risk exposure)	19,63%

	Capital ratios
14	Total capital (as a percentage of risk exposure amount) as if IFRS 9 or similar ECLs transitional arrangements had not been	19,34%
14a	applied Total capital (as a percentage of the risk exposure amount) as if the temporary treatment under article 468 CRR for unrealised gains and losses, measured at fair value through other comprehensive income, had not been applied	19,01%
	Financial leverage coefficient
15	Measurement of the total exposure of the leverage ratio	13.716
16	Financial leverage coefficient	10,86%
17	Leverage ratio as if IFRS 9 transitional provisions or similar expected credit losses had not been applied	10,62%
17a	Leverage ratio as if the temporary treatment under CRR article 468 for unrealised gains and losses, measured at fair value through other comprehensive income, had not been applied	10,41%

At 31 December 2021, taking into account the transitional treatment adopted to mitigate the impacts of IFRS 9 on CET 1 and the prudential filter for unrealised gains and losses on financial assets at fair value, Equity amounted to 1.891 million Euro.

The deconsolidation of the parent company La Scogliera resulted in an increase in Equity of 461 million Euro and a minimal impact on RWA of 9 million Euro.

Consolidated equity includes:

IFRS 9 transitional adjustments, pursuant to Article 473 bis of the CRR, which amount to 31,9 million Euro;
the positive prudential filter relating to unrealised gains and losses measured at fair value from 31 December 2019, amounts to 2,5 million Euro;
the exemption to the deduction of intangible assets attributable to software from the elements of CET1 for the portion of prudential amortisation calculated over three years in excess of the book amortisation; at 31 December 2021, the portion not deducted amounted to 8,2 million Euro;
the negative impact of the application of Calendar Provisioning is 2 million Euro.

The 524,9 million Euro increase in Own Funds compared to 31 December 2020 was largely attributable to the following components:

the positive effect of the deconsolidation of the parent company, La Scogliera, amounting to 461 million Euro;
41,8 million Euro arising from the inclusion of the profit for the year, net of the estimated dividends;
the increase of profit reserves for 10,5 million Euro;

the lower 100% deduction from CET1 of "deferred tax assets that rely on future profitability and do not arise from temporary differences" totalling 25,3 million Euro - compared to 63,5 million Euro deducted at 31 December 2020; in this regard, please note that this deduction will be further absorbed by the future use of such deferred tax assets;
the greater deduction of other income statement items attributable to the valuation reserve for equities designated at fair value with an impact on comprehensive income of 6 million Euro;
the deduction of the maximum ceiling of treasury shares that may be purchased to support the LTI plan, amounting to 20,9 million Euro.

The change in own funds due to the above-described phenomena has meant that at 31 December 2021, the Total capital ratio is 19,63%, up from the results achieved at 31 December 2020 of 14,85%; this trend was also reported for the CET1 ratio now 15,44%, compared to the figure at 31 December 2020, of 11,29%.

At 31 December 2021, not considering the filter related to the IFRS 9 transitional regime nor taking into account the prudential filter for exposures to central governments classified in the FVOCI category, Fully Loaded Own Funds amounted to 1.856,9 million Euro and consequently the RWA when fully applied, come to 9.615,5 million Euro.

OWN FUNDS AND CAPITAL ADEQUACY RATIOS WITHOUT IFRS 9 TRANSITIONAL ARRANGEMENTS		AMOUNTS AT
		31.12.2020
Common Equity Tier 1 Capital (CET1)	1.452	1.015
Tier 1 Capital (TIER1)	1.454	1.068
Total Own Funds	1.857	1.343
Total RWAs	9.615	9.189
CET1 ratio	15,10%	11,04%
TIER1 ratio	15,12%	11,62%
Total Capital Ratio	19,31%	14,61%

Common Equity Tier 1, Tier 1 Capital, and total Own Funds included the profits generated by the Banking Group at 31 December 2021 net of the estimated dividend.

At 31 December 2021, taking into account the transitional treatment adopted to mitigate the impact of IFRS 9, risk-weighted assets amounted to 9.633 million Euro, arising from credit and counterparty risk of 8.638 million Euro, operational risk of 878 million Euro, market risk of 82 million Euro and credit valuation adjustment risk of 35 million Euro.

Model EU CC1: breakdown of regulatory own funds

		Amounts	Source based on numbers/balance sheet reference letters within the scope of regulatory consolidation
	Common Equity Tier 1 Capital (CET1): instruments and reserves
	Capital instruments and the related share premium accounts	157	160/170
1	Of which instrument type 1	157	160/170
	Of which instrument type 2
	Of which instrument type 3
2	Retained earnings	725	150
3	Accumulated other comprehensive income (and other reserves)	625	120/150
EU-3a	Provisions for general banking risks
4	Amount of admissible items under article 484, paragraph 3 CRR and related share premium reserves subject to phase-out from CET1
5	Minority interests (amount permitted in consolidated CET1)	9	190
EU-5a	Independently reviewed interim profits net of any foreseeable charge or dividend	42	200
6	Common Equity Tier 1 (CET1) capital before regulatory adjustments	1.557
	Common Equity Tier 1 (CET 1) capital: regulatory adjustments
7	Additional value adjustments (negative amount)	-1	1
8	Intangible assets (net of related tax liabilities) (negative amount)	-53	100
9	Not applicable
	Deferred tax assets dependent on future profitability, excluding those arising from
10	temporary differences (net of related tax liabilities for which the conditions of article 38,	-25	110/60
	paragraph 3, of the CRR are met) (negative amount) Fair value reserves related to gains and losses generated from cash flow hedges of
11	financial instruments that are not measured at fair value
12	Negative amounts resulting from the calculation of expected loss amounts
13	Any increase in equity that results from securitised assets (negative amount)
14	Gains or losses on the institution's liabilities measured at fair value due to changes in creditworthiness
15	Defined benefit pension fund assets (negative amount)
16	Own CET1 instruments held by the entity directly, indirectly or synthetically (negative amount)	-24	180/30
17	CET1 instruments of financial sector entities held directly, indirectly, or synthetically, when such entities hold a reciprocal cross-holding with the institution designed to artificially inflate the institution's own funds (negative amount)
18	CET1 instruments of financial sector entities held by the institution directly, indirectly or synthetically, when the institution does not have a significant investment in such entities

		Amounts	Source based on numbers/balance sheet reference letters within the scope of regulatory consolidation
	(amount above the 10 percent threshold and net of admissible short positions) (negative amount)
19	CET1 instruments of financial sector entities held by the institution directly, indirectly or synthetically, when the institution has a significant investment in such entities (amount above the 10 percent threshold and net of admissible short positions) (negative amount)
20	Not applicable
EU-20a	Amount of exposure of the following items that qualify to receive a 1250% risk weight when the institution opts for deduction
EU-20b	Of which: qualifying holdings outside the financial sector (negative amount)
EU-20c	Of which: securitisation positions (negative amount)
EU-20d	Of which: free deliveries (negative amount)
21	Deferred tax assets arising from temporary differences (amount above the 10 % threshold, net of related tax liabilities for which the conditions of article 38, paragraph 3 of the CRR are met) (negative amount)
22	Amount exceeding the threshold of 17.65% (negative amount)
23	Of which CET1 instruments of financial sector entities held by the institution directly, indirectly and synthetically, when the institution has a significant investment in such entities
24	Not applicable
25	Of which: deferred tax assets arising from temporary differences
EU-25a	Losses relating to the current year (negative amount)
EU-25b	Foreseeable charges related to CET1 elements, except where the institution adjusts the amount of CET1 elements accordingly to the extent that such charges reduce the amount up to which these elements may be allocated to cover risks or losses (negative amount)
26	Not applicable
27	Admissible deductions from additional tier 1 (AT1) capital that exceed the institution's AT1 elements (negative amount)
27a	Other regulatory adjustments	33	2/4
28	Total regulatory adjustments to the Common Equity Tier 1 (CET1)
29	Common Equity Tier 1 Capital (CET1)	1.487
	Additional Tier 1 (AT1): instruments
30	Capital instruments and the related share premium accounts
31	Of which classified as equity in accordance with applicable accounting standards
32	Of which classified as liabilities in accordance with applicable accounting standards
33	Amount of admissible items under article 484, paragraph 4, CRR and related share premium reserves subject to phase-out from AT1

		Amounts	Source based on numbers/balance sheet reference letters within the scope of regulatory consolidation
EU-33a	Amount of admissible items under article 494 bis, paragraph 1 of the CRR subject to gradual phase-out from AT1
EU-33b	Amount of admissible items under article 494 ter, paragraph 1 of the CRR subject to gradual phase-out from AT1
34	Admissible Tier 1 capital included in consolidated AT1 capital (including non-controlling interests not included in line 5) issued by subsidiaries and held by third parties	2	190
35	of which: instruments issued by affiliates subject to phase out
36	Additional Tier 1 capital (AT1) net of regulatory adjustments	2
	Additional Tier 1 (AT1) capital: regulatory adjustments
37	Own AT1 instruments held by the entity directly, indirectly or synthetically (negative amount)
38	AT1 instruments of financial sector entities held directly, indirectly, or synthetically, when such entities hold a reciprocal cross-holding with the institution designed to artificially inflate the institution's own funds (negative amount)
39	AT1 instruments of financial sector entities held directly, indirectly or synthetically, when the institution does not have a significant investment in such entities (amount above the 10 percent threshold and net of admissible short positions) (negative amount)
40	AT1 instruments of financial sector entities held by the institution directly, indirectly or synthetically, when the institution has a significant investment in such entities (net of admissible short positions) (negative amount)
41	Not applicable
42	Admissible deductions from tier 2 (T2) capital that exceed the institution's T2 elements (negative amount)
42a	Other regulatory capital adjustments AT1
43	Total regulatory adjustments to Additional Tier 1 capital (AT1)
44	Additional Tier 1 (AT1)	2
45	Tier 1 capital (T1 = CET1 + AT1)	1.489
	Tier 2 Capital (T2) instruments
46	Capital instruments and the related share premium accounts	400	10
47	Amount of admissible items under article 484, paragraph 5 CRR and related share premium reserves subject to phase-out from T2 under article 486, paragraph 4 CRR
EU-47a	Amount of admissible items under article 494 bis, paragraph 2 of the CRR subject to gradual phase-out from T2
EU-47b	Amount of admissible items under article 494 ter, paragraph 2 of the CRR subject to gradual phase-out from T2
48	Admissible own funds instruments included in consolidated T2 capital (including minority interests and AT1 instruments not included in line 5 or line 34) issued by subsidiaries and held by third parties	3	190
49	of which: instruments issued by affiliates subject to phase out
50	Impairment of loans

		Amounts
51	Tier 2 (T2) capital before regulatory adjustments	403
	Tier 2 (T2) capital: regulatory adjustments
52	T2 own instruments and subordinated loans held by the entity directly, indirectly or synthetically (negative amount)
53	T2 instruments and subordinated loans of financial sector entities held directly, indirectly, or synthetically, when such entities have a reciprocal cross-holding with the institution designed to artificially inflate the institution's own funds (negative amount)
54	T2 instruments and subordinated loans of financial sector entities held directly, indirectly or synthetically, when the institution does not have a significant investment in such entities (amount above the 10 percent threshold and net of admissible short positions) (negative amount)
54a	Not applicable
55	T2 instruments and subordinated loans of financial sector entities held by the institution directly, indirectly or synthetically, when the institution has a significant investment in such entities (net of admissible short positions) (negative amount)
56	Not applicable
EU-56a	Admissible liability deductions that exceed the entity's admissible liability elements (negative amount)
EU-56b	Other regulatory capital adjustments T2
57	Total regulatory adjustments of Tier 2 capital (T2)
58	Tier 2 capital (T2)	403
59	Total capital (TC = T1 + T2)	1.891
60	Total as a percentage of the total risk exposure amount	9.633
	Capital ratios and requirements, including capital reserves
61	Common Equity Tier 1 capital	15,44%
62	Tier 1 capital	15,45%
63	Total capital	19,63%
64	Total capital requirements CET1 of the institution	8,12%
65	Of which: capital conservation buffer requirement	2,50%
66	Of which: countercyclical buffer requirement
67	Of which: systemic risk buffer requirement
EU-67a	Of which: global systemically important institution (G-SII) or other systemically important institution (O-SII) capital buffer requirement
EU-67b	Of which: additional capital requirements to address risks other than excessive leverage risk	1,12%

68	Common Equity Tier 1 capital (as a percentage of risk exposure amount) available after meeting minimum capital requirements	Amounts 7,32%
	National minimum (if different from Basel III)
69	Not applicable
70	Not applicable
71	Not applicable
	Amounts below the deduction thresholds (before risk-weighting)
72	Own funds and admissible liabilities of financial sector entities held directly or indirectly, when the institution does not have a significant investment in such entities (amount less than the 10% threshold and net of admissible short positions)	24
73	CET1 instruments of financial sector entities held by the institution directly or indirectly, when the institution has a significant investment in such entities (amount less than the 17.65% threshold and net of admissible short positions)	15
74	Not applicable
75	Deferred tax assets arising from temporary differences (amount below the 17.65 % threshold, net of related tax liabilities for which the conditions of article 38, paragraph 3 of the CRR are met)
	Applicable caps for the inclusion of provisions in Tier 2 capital
76	Credit value adjustments included in T2 in relation to exposures subject to the standardised approach (before application of the cap)
77	Cap for the inclusion of credit value adjustments in T2 under the standardised approach
78	Credit value adjustments included in T2 in relation to exposures subject to the internal ratings-based approach (before application of the cap)
79	Cap for the inclusion of credit value adjustments in T2 under the internal ratings-based approach
	Equity instruments subject to phase-out (applicable only between 1 January 2014 and 1 January 2022)
80	Current cap on CET1 instruments subject to phase-out
81	Amount excluded from CET1 due to cap (exceeding cap after repayments and maturities)
82	Current cap on AT1 instruments subject to phase-out
83	Amount excluded from AT1 due to cap (exceeded cap after repayments and maturities)
84	Current cap on T2 instruments subject to phase-out
85	Amount excluded from T2 due to ceiling (exceeding ceiling after repayments and maturities)

Model EU CC2: reconciliation of regulatory capital to balance sheet in audited financial statements

		Balance sheet			Ref. Table "EU
		included in	In the context of	Amount	CC1 -
		the published	prudential	relevant for	Composition of
		financial	consolidation	Own Funds	own funds
		statements			Regulatory line"
		At the end of	At the end of the
		the year	year
	Financial
100	Intangible assets	62	61	-53	8
110	Deferred tax: b) assets	284	279	-39	10
	Total assets	346	340	-92
	Liabilities
10	Financial liabilities measured at amortised cost: c) Issued securities	400	400	400	46
60	Deferred tax: b) liabilities	32	32	14	10
120	Valuation reserves	-25	-25	-25	3
150	Reserves	1.367	1.375	1.375	2, 30
160	Share premium	103	103	103	1
170	Share capital	54	54	54	1
180	Treasury shares (-)	-3	-3	-3	16
190	Equity attributable to minorities (+/-)	28	28	14	5, 34 , 48
200	Profit (Loss) for the year (+/-)	101	93	42	EU 5a
	Total liabilities	2.057	2.057	1.974
	Equity
1	(-) Value adjustments due to prudent valuation requirements			-1	7
2	Transient Filters			34	27a
3	(-) Actual or potential obligations to purchase Common equity tier 1 capital instruments			-21	16
4	(-) Insufficient coverage for non-performing exposures			-2	27°
	Total equity			1.891

Model EU CCA: main characteristics of regulatory capital instruments and admissible liability instruments

		Qualitative or quantitative information
1	Issuer:	BANCA IFIS SPA
2	Unique identifier (e.g. CUSIP, ISIN or Bloomberg identifier for private placements)	IT0003188064
2a	Public or private placement	Public
3	Legislation applicable to the instrument	Italian law
3a	Contractual recognition of resolution authorities' write-down and conversion powers	N/A
	Regulatory treatment
4	Current treatment taking into account, where applicable, the transitional provisions of the CRR	Common Equity Tier 1 capital
5	CRR post-transition provisions	Common Equity Tier 1 capital
6	Admissible at solo/(sub-)consolidated level / solo & (sub-)consolidated level	Single entity and consolidated
7	Type of instrument (types must be specified for each jurisdiction)	Ordinary shares
8	Amount recognised in regulatory capital or admissible liabilities (currency in millions, as of most recent reporting date)	54
9	Nominal amount of the instrument	54
EU-9a	Issue price	54
EU-9b	Redemption price	N/A
10	Accounting classification	Shareholders' Equity
11	Original issue date	07/10/2003
12	Irredeemable or due	Irredeemable
13	Original expiration date	N/A
14	Early redemption at issuer's discretion subject to prior supervisory approval	N/A
15	Optional call date, contingent call dates and redemption amount	N/A
16	Subsequent early redemption dates, if applicable	N/A
	Coupons/dividends
17	Fixed or variable dividends/fees	Variable
18	Coupon rate and possible linked index	N/A
19	Existence of a dividend stopper	NO
EU-20a	Fully discretionary, partially discretionary or mandatory (in terms of time)	N/A
EU-20b	Fully discretionary, partially discretionary or mandatory (in terms of amount)	N/A

		Qualitative or quantitative
		information
21	Existence of step up or other incentive to redeem	N/A
22	Non-cumulative or cumulative	N/A
23	Convertible or non-convertible	N/A
24	If convertible, event(s) triggering conversion	N/A
25	Whether convertible, in whole or in part	N/A
26	If convertible, conversion rate	N/A
27	If convertible, mandatory or optional conversion	N/A
28	If convertible, specify the type of instrument into which conversion is possible	N/A
29	If convertible, specify the issuer of the instrument into which it is converted	N/A
30	Write-down features	NO
31	In case of impairment, event(s) causing it	N/A
32	In case of impairment, total or partial impairment	N/A
33	In the event of impairment, permanent or temporary impairment	N/A
34	In the case of temporary impairment, description of the revaluation mechanism	N/A
34a	Subordination type (only for admissible liabilities)	N/A
EU-34b	Instrument rank in ordinary insolvency proceedings	N/A
35	Position in the subordination hierarchy in the event of liquidation (specify the type of instrument ranking immediately above (senior))	N/A
36	Non-conforming characteristics subject to transitional arrangements	NO
37	If yes, please specify the non-conforming characteristics	N/A
37a	Link to the full version of the terms and conditions of the instrument (signposting)	N/A

4.Capital adequacy

Qualitative disclosure

The Group pays particular attention to monitoring its capital adequacy in order to ensure that its capital allocation is consistent with its risk appetite and supervisory requirements. As part of the ICAAP process, the Group assesses its capital adequacy by considering the capital requirements arising from its exposure to significant first and second pillar risks to which the Group is or could be exposed in carrying out its current and prospective operations. Sensitivity analyses are also carried out in order to assess the impact of particularly adverse economic conditions on the capital requirements deriving from exposure to the main risks (so-called "stress tests"), in order to assess its capital endowment even under extreme conditions.

The assessment of capital adequacy is substantiated by the production of the ICAAP Report, which is sent annually to the Bank of Italy, together with the resolutions and reports with which the Corporate Bodies have expressed their views on the matter, in accordance with their respective powers and attributions.

When comparing the results, please note that the Bank of Italy, following the Supervisory Review and Evaluation Process (SREP) to review the capitalisation targets of the system's largest intermediaries, notified the Banca Ifis Group that it needed to meet the following consolidated capital requirements in 2021, just like in 2020, including a 2,5% capital conservation buffer:

Common Equity Tier 1 (CET1) capital ratio of 8,12%, with a required minimum of 5,62%;
Tier 1 Capital Ratio of 10,0%, with a required minimum of 7,5%;
Total Capital Ratio of 12,5%, with a required minimum of 10,0%.

At 31 December 2021, the Banca Ifis Group met the above prudential requirements.

In the third quarter of 2021, the Bank of Italy notified the Parent company Banca Ifis S.p.A. and its subsidiary Farbanca S.p.A. of the conclusion of the process to determine the minimum requirement for eligible capital and liabilities (MREL). The minimum requirements to be met at 1 January 2022 are as follows:

MREL REQUIREMENT
BANCA IFIS	FARBANCA
10% of Total Risk Exposure Amount	8% of Total Risk Exposure Amount
3% of Leverage Ratio Exposure	3% of Leverage Ratio Exposure

At 31 December 2021, following the monitoring process, both indicators for both entities were met above the predefined limit.

Quantitative information

Model EU KM1: main metrics

		31/12/2021	30/06/2021
	Available own funds (amounts)
1	Common Equity Tier 1 Capital (CET1)	1.487	1.066
2	Tier 1 capital	1.489	1.124
3	Total capital	1.891	1.405
	Risk-weighted exposure amounts
4	Total as a percentage of the total risk exposure amount	9.633	9.320
	Capital ratios (as a percentage of the risk-weighted exposure amount)
5	Common Equity Tier 1 capital ratio (%)	15,44%	11,44%
6	Tier 1 capital ratio (%)	15,45%	12,06%
7	Total capital ratio (in %)	19,63%	15,08%
	Additional own funds requirements to address risks other than the risk of excessive leverage (as a percentage of risk-weighted exposure amount)
EU 7a	Additional capital requirements to address risks other than excessive leverage (in %)	2,00%	2,00%
EU 7b	Of which capital CET1 (percentage points)	1,12%	1,12%
EU 7c	Of which tier 1 capital (percentage points)	1,50%	1,50%
EU 7d	Total SREP capital requirements (%)	10,00%	10,00%
	Combined buffer and overall capital requirement (as a percentage of risk-weighted exposure amount)
8	Capital conservation reserve (%)	2,50%	2,50%
EU 8a	Conservation reserve due to macro-prudential or systemic risk identified at the level of a Member State (%)		-
9	Institution-specific countercyclical capital reserve (%)		-
EU 9a	Capital buffer against systemic risk (%)		-
10	Reserve of systemically important institutions at global level (%)		-
EU 10a	Reserve of other systemically important entities (%)		-
11	Combined buffer requirement (%)	2,50%	2,50%
EU 11a	Total capital requirements (%)	12,50%	12,50%
12	CET1 available after meeting total SREP capital requirements (%)	705	309
Leverage ratio
13	Total exposure measure	13.367	12.874
14	Financial leverage coefficient (%)	11,14%	8,73%

		31/12/2021	30/06/2021
	Additional own funds requirements to address the risk of excessive leverage (as a percentage of total exposure measure)
EU 14a	Additional capital requirements to address the risk of excessive financial leverage (in %)
EU 14b	of which capital CET1 (percentage points)
EU 14c	Total SREP financial leverage ratio requirements (%)	3,18%	3,18%
	Leverage ratio buffer and overall leverage ratio requirement (as a percentage of total exposure measure)
EU 14d	Financial leverage coefficient reserve requirement (%)
EU 14e	Total financial leverage coefficient reserve requirement (%)	3,18%	3,18%
	Liquidity Coverage Ratio
15	Total high-quality liquid assets (HQLA) (weighted value - average)	1.032	1.908
EU 16a	Cash outflows - Total weighted value	415	447
EU 16b	Cash inflows - Total weighted value	728	784
16	Total net cash outflows (adjusted value)	104	112
17	Liquidity coverage ratio (%)	995,62%	1.708,12%
Net Stable Funding Ratio
18	Total available stable funding	10.902	10.943
19	Total required stable funding	8.092	7.918
20	NSFR coefficient (%)	134,73%	138,21%

Model EU OV1: overview of total risk exposure amounts

		Total Risk Exposure Amounts		Total own funds
		(TREA)		requirements
		31/12/2021	31/12/2020	T
1	Credit risk (excluding CCR)	8.476	8.183	678
2	Of which standardised method	8.476	8.183	678
3	Of which basic IRB method (F-IRB)
4	Of which allocation method
EU 4a	Of which equity instruments subject to the simple weighting method
5	Of which advanced IRB method (A-IRB)
6	Counterparty risk (CCR)	114	14	9
7	Of which standardised method
8	Of which Internal Model Method (IMM)

		Total Risk Exposure Amounts		Total own funds
		(TREA)		requirements
		31/12/2021	31/12/2020	T
EU 8a	Of which exposures to a CCP
EU 8b	Of which credit valuation adjustment risk (CVA)	35	4	3
9	Of which other CCR	79	10	6
10	Not applicable
11	Not applicable
12	Not applicable
13	Not applicable
14	Not applicable
15	Regulatory risk
16	Exposures to securitisations outside the trading portfolio (taking into account the cap)	83	79	7
17	Of which SEC-IRBA method
18	Of which SEC-ERBA method (including IAA)		57
19	Of which SEC-SA method	83	22	7
EU 19a	Of which 1250% / deduction
20	Position, exchange rate and commodity risks (market risk)	82	58	7
21	Of which standardised method	82	58	7
22	Of which IMA
EU 22a	Major exposures
23	Operational risk	878	870	70
EU 23a	Of which basic method	878	870	70
EU 23b	Of which standardised method
EU 23c	Of which advanced measurement method
24	Amount below thresholds for deduction (subject to 250 % risk weight)	39	18	3
25	Not applicable
26	Not applicable
27	Not applicable
28	Not applicable
29	Total	9.633	9.204	771

Unlike the capital conservation buffer, the countercyclical capital buffer is only imposed during periods of credit growth and is calculated according to the provisions of the CRD IV by the competent national authorities.

In this regard, the Banca Ifis Group, with reference to the date of 31 December 2021, has no significant risk exposure to countries to which a specific countercyclical coefficient close to zero is attributed.

Model EU CCyB1: Geographical distribution of credit exposures relevant for the calculation of the countercyclical capital buffer (1/2)

		Generic credit exposures		Significant credit exposures - Market risk	Exposure value of exposures to	Total exposure
		Exposure value according to the standardised method	Exposure value according to IRB method	Sum of long and short positions of the exposures contained in the trading portfolio according to the standardised method	Value of exposures in the trading portfolio according to internal models	securitisation outside the trading portfolio	value
010	Breakdown by country:	10	20	30	40	55
	ITALY	9.072,87		0,76		387,51	9.461,13
	POLAND	165,73					165,73
	SWITZERLAND	73,08					73,08
	UNITED STATES	65,99					65,99
	FRANCE	64,93					64,93
	ROMANIA	41,18					41,18
	SAUDI ARABIA	40,11					40,11
	GERMANY	39,76					39,76
	UNITED KINGDOM	32,30					32,30
	IRELAND	21,28					21,28
	SPAIN	20,43					20,43
	LUXEMBOURG	16,88					16,88
	PORTUGAL	15,47					15,47
	Other countries	79,46					79,46
020	Total	9.749,45		0,76		387,51	10.137,72

Model EU CCyB1: Geographical distribution of credit exposures relevant for the calculation of the countercyclical capital buffer (2/2)

			Own funds requirements			Risk	Weighting factors for weighted own funds	Countercyclical
		Significant credit exposures - Credit risk	Significant credit exposures - Market risk	Significant credit exposures - Positions towards securitisation outside the trading portfolio	Total	exposure amounts	requirement (%)	Coefficient (%)
010	Breakdown by country:	80	90	100	70		110 COL 20	120 COL 20
	ITALY	586,83	0,06	28,16	615,05	7.688,14	0,91926
	POLAND	13,35			13,35	166,83	0,01995
	SWITZERLAND	5,85			5,85	73,11	0,00874
	UNITED STATES	4,77			4,77	59,58	0,00712
	FRANCE	5,24			5,24	65,50	0,00783
	ROMANIA	3,31			3,31	41,36	0,00495
	SAUDI ARABIA	3,21			3,21	40,11	0,00480
	GERMANY	3,18			3,18	39,79	0,00476
	UNITED KINGDOM	2,83			2,83	35,34	0,00423
	IRELAND	1,70			1,70	21,28	0,00254
	SPAIN	1,64			1,64	20,48	0,00245
	LUXEMBOURG	1,51			1,51	18,88	0,00226	0,00500
	PORTUGAL	1,10			1,10	13,79	0,00165
	Other countries	6,34			6,34	79,20	from 0,00001 to 0,00147
020	Total	640,85		28,16	669,07	8.363,38

Model EU CCyB2: amount of institution-specific countercyclical capital buffer

		a
1	Total as a percentage of the total risk exposure amount	9.633
2	Institution's specific CCyB rate	0,00
3	Institution's specific countercyclical capital buffer requirement	0,2

5.Financial leverage

Qualitative information

Risk that a particularly high level of indebtedness in relation to the Group's capital endowment will make it vulnerable, so that it needs to adopt corrective measures to its business plan, including the sale of assets with the recording of losses that could lead to adjustments to the value of the remaining assets.

As part of the Basel 3 regulatory framework, the leverage ratio was introduced, starting from 1 January 2015, as an additional requirement with respect to the risk-based capital requirements. The inclusion of the leverage index in the regulatory framework meets the following objectives:

restricting the expansion of overall exposures to the availability of an adequate capital base and containing, in the expansive phases of the economic cycle, the level of bank indebtedness, thus helping to reduce the risk of deleveraging processes in crisis situations;
introducing an additional safeguard against model risk through a simple non risk-based measure with a backstop function for the risk-based capital requirement.

The indicator derives from the ratio of own funds for the component represented by the elements and instruments of Tier 1 capital and the size of the assets at risk of the Banking Group, on and off balance sheet, appropriately calibrated in application of specific conversion factors. For regulatory purposes, the measurement of the leverage ratio is carried out using IT procedures dedicated to the periodic production of statistical reports and consolidated prudential supervision. The leverage ratio is produced on a quarterly basis. The indicator is subject to monitoring both at individual and Banking Group level.

The indicator, calculated on a quarterly basis on the data at the end of the quarter at both an individual and Group level, is monitored and is a reference metric within the Risk Appetite Framework for monitoring the Group's risks and capital adequacy. Only for information purposes, with the entry into force of CRR2, it is required, within the scope of prudential reporting, to also provide information on the average values of exposures in Secured Financial Transaction, without impacting, however, on the ratio which continues to be calculated with the punctual data.

At regulatory level, the risk of financial leverage does not contribute to the definition of the total internal capital adequacy assessment process (ICAAP) performed annually by the Banking Group.

The potential relevance of the financial leverage risk at Group level is assessed as "low".

Quantitative information

The leverage risk is subject to quantitative limits: there is no first pillar capital requirement, nor does the risk contribute to the definition of the overall internal capital. Risk is monitored on a quarterly basis through the calculation of the leverage ratio in line with the regulatory leverage ratio and calculated as the ratio of Tier 1 capital to a measure of total exposure that includes on-balance sheet and off-balance sheet items not deducted.

The risk of financial leverage is included in the RAF and therefore is subject to the procedures and control mechanisms included therein. The Leverage Ratio is one of the Key Risk Indicators monitored within the RAF for the year 2021; during 2021 it was approximately three times higher than the minimum EBA value of 3% coinciding with the Risk Capacity defined in the RAF.

Model EU LR1 - LRSum: summary of reconciliation between accounting assets and financial leverage ratio exposures

Applicable amount
1	Total assets as per published financial statements	12.978
2	Adjustment for entities consolidated for accounting purposes but excluded from the scope of regulatory consolidation
3	(Adjustment for securitised exposures that meet operational requirements for risk transfer recognition)
4	(Adjustment for temporary exemption of central bank exposures (if applicable))	-349
5	(Adjustment for fiduciary assets recognised in the financial statements under applicable accounting rules but excluded from the measure of
	total exposure in accordance with article 429 bis, paragraph 1, letter i) of the CRR)
6	Adjustment for standardised purchases and sales of financial assets subject to trade date recording
7	Adjustment for admissible centralised treasury operations
8	Adjustment for derivative financial instruments	33
9	Adjustment for securities financing transactions (SFTs)	66
10	Adjustment for off-balance sheet items (conversion to credit equivalent amounts of off-balance sheet exposures)	713
11	(Adjustment for prudent valuation adjustments and specific and general provisions that reduced Tier 1 capital)
EU-11a	(Adjustment for exposures excluded from the measure of total exposure in accordance with article 429 bis, paragraph 1, letter c) of the CRR)
EU-11b	(Adjustment for exposures excluded from the measure of total exposure in accordance with article 429 bis, paragraph 1, letter j) of the CRR)
12	Other adjustments	275
13	Total exposure measure	13.716

Model EU LR2 - LRCom: Financial leverage coefficient common disclosure

		Financial leverage
			coefficient exposures
			(CRR)
		31/12/2021	30/06/2021
	On-balance sheet exposures (excluding derivatives and SFTs)
1	On-balance sheet items (excluding derivatives, SFTs, but including collateral)	12.925	13.248
2	Premium for derivatives collateral provided where deducted from the balance sheet assets pursuant to the applicable accounting framework
3	(Deductions of receivables assets for cash variation margin provided in derivatives transactions)
4	(Adjustment for securities received under securities financing transactions that are recorded as assets)
5	(Value adjustments on general receivables of items in the financial statements)
6	(Asset amounts deducted in determining Tier 1 capital)	-28	-111
7	Total on-balance sheet exposures (excluding derivatives and SFT)	12.897	13.137
	Exposures on derivatives
8	Replacement cost associated with SA-CCR derivative transactions (net of admissible cash variation margin)
EU-8a	Derogation for derivatives: contribution to replacement costs under the simplified standardised approach
9	Amounts of surcharges for potential future exposures associated with SA-CCR derivative transactions
EU-9a	Derogation for derivatives: contribution to potential future exposure under the simplified standardised approach
EU-9b	Exposure calculated under Original Exposure Method	40	35
10	(Exempt CCP leg of trading exposures cleared on behalf of the customer) (SA-CCR)
EU-10a	(Exempt CCP component of netted trading exposures) (simplified standardised approach)
EU-10b	(Exempt CCP component of netted trading exposures) (original exposure approach)
11	Adjusted effective notional amount of written credit derivatives
12	(Adjusted effective notional offsets and add-on deductions for written credit derivatives)
13	Total derivative exposures	40	35
Exposures on securities financing transactions (SFT)
14	Gross SFT assets (without recognition of compensation) after adjusting for transactions accounted for as sales
15	(Offset amounts resulting from cash payables and receivables of gross SFT assets)
16	Exposure to counterparty risk for SFT activities
EU-16a	SFT waiver: counterparty risk exposure in accordance with article 429 sexies, paragraph 5 and article 222 of the CRR.	66	64
17	Exposures on operations carried out as an agent
EU-17a	(Exempt CCP leg of SFT exposures cleared on behalf of the customer)

		Financial leverage coefficient exposures

			(CRR)
		31/12/2021	30/06/2021
18	Total exposures on securities financing transactions	66	64
	Other off-balance sheet exposures
19	Gross notional amount of off-balance sheet exposures	1.595	1.302
20	(Adjustments for conversion to credit equivalent amounts)	-882	-577
21	(General provisions deducted in the determination of Tier 1 capital and specific provisions associated with off balance sheet exposures)
22	Off-balance sheet exposures	713	725
	Excluded exposures
EU-22a	(Exposures excluded from the measure of total exposure in accordance with article 429 bis, paragraph 1, letter c) of the CRR)
EU-22b	(Exempt exposures in accordance with article 429 bis, paragraph 1, letter j) of the CRR) (on and off-balance sheet))
EU-22c	(Exposures of public development banks (or units) excluded - Public sector investment)
EU-22d	(Exposures of public development banks (or units) excluded - Subsidised loans)
EU-22e	(Excluded exposures arising from transfers (pass-through) of subsidised loans from an entity other than a public development bank (or unit))
EU-22f	(Secured parts excluding exposures arising from export credits)
EU-22g	(Excess collateral deposited with triparty agents excluded)
EU-22h	(CSD-related services of CSD/entities excluded in accordance with article 429 bis, paragraph 1, letter o) of the CRR)
EU-22i	(Services related to a CSD of designated institutions excluded in accordance with article 429 bis, paragraph 1, letter p) of the CRR)
EU-22j	(Reduction in the exposure value of pre-funding loans or intermediate loans)
EU-22k	(Total exposures excluded)
	Capital and total exposure measure
23	Tier 1 capital	1.489	1.124
24	Total exposure measure	13.716	13.962
Financial leverage coefficient
25	Financial leverage coefficient (%)	10,86%	8,05%
EU-25	Leverage ratio (excluding the impact of the exemption of public sector investment and subsidised loans) (%)	10,86%	8,05%
25a	Leverage ratio (excluding the impact of any applicable temporary exemption of central bank reserves) (%)	10,59%	7,47%
26	Regulatory requirement of minimum leverage ratio (%)	3,18%	3,18%
EU-26a	Additional capital requirements to address the risk of excessive leverage (%)

		Financial leverage
			coefficient exposures
		(CRR)
		31/12/2021	30/06/2021
EU-26b	Of which made up of capital CET1
27	Financial leverage coefficient reserve requirement (%)
EU-27a	Total financial leverage coefficient reserve requirement (%)	3,18%	3,18%
	Choice on transitional arrangements and material exposures
EU-27b	Choice on transitional arrangements for the definition of the capital measure
	Information on average values
28	Average daily values of gross SFT assets, after adjustments for sales accounting transactions and net of associated cash payables and receivables
29	Quarter-end value of gross SFT assets, after adjustments for sales accounting transactions and net of associated cash payables and receivables
30	Measure of total exposure (including the impact of any applicable temporary exemption of central bank reserves) comprising the average values of line 28 gross SFT assets (after adjustment for sales accounting transactions and net of associated cash payables and receivables)	13.716	13.962
30a	Measure of total exposure (excluding the impact of any applicable temporary exemption of central bank reserves) comprising the average values of line 28 gross SFT assets (after adjustment for sales accounting transactions and net of associated cash payables and receivables)	13.367	15.051
31	Leverage ratio (including the impact of any applicable temporary exemption of central bank reserves) comprising the average values of line 28 gross SFT assets (after adjustment for sales accounting transactions and net of associated cash payables and receivables)	10,86%	8,05%
31a	Leverage ratio (excluding the impact of any applicable temporary exemption of central bank reserves) comprising the average values of line 28 gross SFT assets (after adjustment for sales accounting transactions and net of associated cash payables and receivables)	11,14%	7,47%

Model EU LR3 - LRSpl: Breakdown of on-balance sheet exposures (excluding derivatives, SFT and exempted exposures)

		Financial leverage coefficient
		exposures (CRR)
EU-1	Total on-balance sheet exposures (excluding derivatives, SFTs and exempted exposures), of which	12.576
EU-2	Trading portfolio exposures	1
EU-3	Banking portfolio exposures, of which	12.575
EU-4	Covered bonds
EU-5	Exposures treated as sovereigns	2.902
EU-6	Exposures to regional governments, multilateral development banks, international organisations, and public sector entities not treated as sovereigns	510
EU-7	Exposures to institutions	485
EU-8	Exposures secured by mortgages on immovable property	212
EU-9	Retail exposures	1.955
EU-10	Exposures to companies	3.834
EU-11	Exposures in default	1.760
EU-12	Other exposures (e.g. in equity instruments, securitisations and other assets other than receivables)	916

6.Liquidity risk

Liquidity risk management policies and objectives

The liquidity risk refers to the possibility that the Group fails to service its debt obligations due to the inability to raise funds or sell enough assets on the market to address liquidity needs. The liquidity risk also refers to the inability to secure new adequate financial resources, in terms of amount and cost, to meet its operating needs and opportunities, hence forcing the Group to either slow down or stop its operations, or incur excessive funding costs in order to service its obligations, significantly affecting its profitability.

The purpose of short-term liquidity risk management is to manage events that impact the Group's operating liquidity position with the primary objective of maintaining the Group's ability to meet ordinary and extraordinary payment commitments while minimising costs.

The management of structural liquidity, i.e. the events that impact on the Group's liquidity position in the time horizon beyond one year, has the primary objective of maintaining an adequate ratio between medium/long-term liabilities and assets, avoiding pressure on current and prospective sources of short-term liquidity, while optimising the cost of funding. The management of the mentioned risks is carried out at an integrated level for all companies included in the scope.

The Banca Ifis Group's liquidity and funding risk management model has the following objectives:

enable the Group to be solvent both in the normal course of business and in stressed conditions;
ensure the financial balance of the structure by maturity over the medium and long term, in order to avoid pressure on current and prospective short-term sources;
implement the indications of the Supervisory Authority, taking into account their own operational specificities;
ensure a clear separation between risk management and risk control functions.

During 2021, in line with the strategy defined in the funding plan, the Group increased the securitised funding component, both placed directly with institutional investors and used indirectly as collateral in medium-term repo transactions with institutional investors. The other main forms of funding (funding from customers, Eurosystem, bond issues) remained substantially stable.

At 31 December 2021, the main funding sources were equity, on-line retail funding - consisting of on-demand and term deposits - medium/long-term bonds issued as part of the EMTN programme, funding from the Eurosystem (TLTRO) and medium/long-term securitisation transactions from the Abaco channel at the Bank of Italy.

The Group's operations consist in factoring operations, which focus mainly on trade receivables and receivables due from Italy's public administration maturing within the year, and medium/long-term receivables deriving mainly from leasing, corporate banking, structured finance, and work-out and recovery operations.

As for the Group's operations concerning the NPL Segment and the purchases of tax receivables arising from insolvency proceedings, the characteristics of the business model imply a high level of variability concerning both the amount collected

and the date of actual collection. Therefore, the timely and careful management of cash flows is particularly important. To ensure expected cash flows are correctly assessed, also with a view to correctly pricing the transactions undertaken, the Group carefully monitors the trend in collections compared to expected flows.

The amount of high-quality liquidity reserves (mainly held by the Group in its account with the Bank of Italy and government bonds forming part of the intra-day reserve) makes it possible to meet regulatory requirements (with respect to the limits of LCR and NSFR) and internal requirements relating to prudent management of liquidity risk both with reference to the shortterm (operational liquidity) and medium-long term (structural liquidity) horizon.

The Group is constantly striving to improve the state of its financial resources, in terms of both size and cost, of the structural balance between assets and liabilities in terms of duration, so as to have available liquidity reserves adequate for current and future business volumes.

The corporate functions of the Parent Company responsible for ensuring the correct application of the liquidity policy refer to the Central Capital Markets Department, in relation to the direct and centralised management of liquidity, and to the Risk Management function, which contributes to the definition of policies, processes and instruments for the identification, assessment, monitoring, mitigation and reporting of the Group with regard to liquidity risk. Risk Management also checks compliance with the limits imposed on the various company departments and proposes risk mitigation initiatives to the Board of Directors and the CEO. The Risk Management function is also responsible for proposing the risk appetite, selecting the most appropriate risk indicators and monitoring them with reference to pre-set limits, as well as supporting Top Management; and the Top Management, which every year, aided by the Capital Markets Central Management, shall make proposals to the Board of Directors regarding policies on funding and the management of liquidity risk, as well as suggest appropriate actions during the year in order to ensure that operations are conducted consistently with the risk policies approved.

The Risk Management function periodically reports to the Bank's Board of Directors on the liquidity risk position by means of a Dashboard prepared for the Bank's management.

As part of the continuous process to update procedures and policies concerning liquidity risk, and taking into account the changes in the relevant prudential regulations, the Parent uses an internal liquidity risk governance, monitoring, and management framework at the Group level.

In terms of the scope and measurement of liquidity risk, the Group guarantees an adequate and balanced level of liquidity, such as to ensure the constant availability of sufficient funds to meet daily payment commitments (intraday liquidity) and in the short and long term, as briefly described below.

Management of the Group's intra-day liquidity is the responsibility of the Capital Markets Central Management Office, which at the same time carries out first-level control activities, ensuring that operational actions are taken to ensure that the outflows planned during the day are adequately monitored and that there is sufficient liquidity to execute them. In addition,

the measurement of intraday liquidity reserve levels, understood as assets that can be readily repaid or sold even under stressed conditions, is performed daily by Risk Management through counterbalancing capacity.

Risk Management carries out a daily review of the cash inflows and outflows, both certain and expected - and of the resulting imbalances or surpluses - in the various maturity bands that make up the Maturity Ladder. The granularity of the maturities taken into consideration and set within the operating maturity ladder adopted by the Group is consistent with the operating characteristics of the business and, therefore, with the duration of the company's assets and liabilities (in relation to the short-term horizon that characterises operating liquidity). As part of the measurement of operating liquidity, the objective is to ensure the adequacy and balance of incoming and outgoing cash flows with certain or estimated maturities within a 12 month time horizon.

Risk Management measures structural liquidity in order to ensure the balance and stability of the liquidity profile over the time horizon of more than 12 months and the link with short-term liquidity management. In particular, the measurement of structural liquidity has the primary objective of guaranteeing the maintenance of an adequate ratio between medium/longterm liabilities and assets, avoiding pressure on current and prospective sources of short-term liquidity and simultaneously optimising the cost of funding.

The management of the aforementioned risks is carried out at an integrated level by the Banca IFIS Group for all the companies included in the perimeter.

Risk Management defines a set of risk indicators capable of promptly highlighting the onset of vulnerabilities in the Group's liquidity and defines the related system of limits (operational with reference to the strategic indicators defined in the RAF and management limits for other types of indicators) which entails the activation of specific escalation processes depending on the seriousness of the situation detected. The overall system of limits is reviewed at least once a year and more frequently if there are specific requirements arising, for example, from changes in the Group's structure and/or business model, changes in the strategic plan and budgets, prudential regulations or risk measurement methods.

The Group's liquidity position is monitored on a daily basis under both normal course of business and stressed conditions. The framework used envisages the simulation of temporary and therefore short-term stresses impacting on operating liquidity. The simulation horizon measured in the various scenarios is therefore one year. With regard to structural liquidity, the purpose of which is to check the medium/long-term financial balance, the stress scenarios to be used are defined within the related strategic planning processes.

The stress tests carried out are conducted at Group level and not at individual company level since, as previously mentioned, the Banca Ifis Group's liquidity management model is centralised at Group level.

The results of the stress tests are made available to the Corporate Bodies and Functions on a monthly basis, in particular to:

• Board of Directors, as part of monthly reporting;

Finance Committee;
ALM and Liquidity Technical Committee.

Stress testing analyses provide information against which operational actions may possibly be taken to:

plan/anticipate collection operations to offset potential expected outflows;
intervene on the liquidity profile of the assets and/or on the overall composition of the balance sheet.

In general, the outcomes resulting from the application of stress tests are used to verify:

whether the Group holds sufficient reserves to overcome the stresses being simulated (survival period in line with the defined risk appetite level);
the potential funding requirements in the event of a crisis;
the robustness of the recalibration of the defined limits under assumptions of normal course of business;
the consistency of the strategic plan with the level of risk appetite and the limits in force;
potential vulnerabilities so that the necessary corrective actions can be taken.

In addition, evidence from stress test scenarios is used in both strategic liquidity planning and in setting operational and RAF limits.

The roles and responsibilities as well as the methods for the application of stress tests and the frequency for the production and reporting to the corporate bodies and departments of the evidence deriving from the stress tests are formalised within the internal regulations that govern the internal framework for the governance and management of liquidity risk.

In compliance with supervisory provisions, the Bank also has a Contingency Funding Plan aimed at protecting the banking Group from losses or threats arising from a potential liquidity crisis and guaranteeing business continuity even in the midst of a serious emergency arising from its own internal organisation and/or the market situation. Contingency Funding Plan courses of action may be either to generate cash reserves or to hold back outflows. The above lines of action can be activated depending on the nature (systemic or specific) and status (alert or crisis). Interventions are primarily focused on increasing available liquidity reserves, both through actions aimed at rapidly increasing available funding (e.g. interventions on direct funding) and reducing, where possible, the future amount of disbursements.

With reference to foreign investees (Poland and Romania), treasury operations are coordinated by the Parent Company.

More detailed information of a quantitative nature is provided in section E of the notes to the consolidated financial statements of the Banca Ifis Banking Group.

In the period of greatest market turbulence, following the Covid-19 pandemic, the available, readily usable liquidity reserves remained plentiful in respect of the Group's obligations, constantly noting, for the regulatory indicators LCR and NSFR, values significantly higher than the thresholds required. Also in terms of survival period, which considers the onset of a severe combined stress scenario, values were recorded that are in line with the defined risk appetite.

With regard to the evolution of funding volumes attributable to the effects of the pandemic during 2021, available liquidity remained at levels significantly above regulatory and internal limits and higher than the average level at the end of 2020.

In line with the strategy described in terms of management and risk appetite, despite the exceptional nature of the pandemic, during 2021, no violations were seen to the risk thresholds assigned internally.

Quantitative information

Model EU LIQ1: quantitative information of the LCR

			Total non-weighted value (average)					Total weighted value (average)
EU 1a	Quarter ending (DD Month YYYY)	31/12/21	30/09/21	30/06/21	31/03/21	31/12/21	30/09/21	30/06/21	31/03/21
EU 1b	Number of data points used to calculate averages	12	12	12	12	12	12	12	12
	HIGH-QUALITY LIQUID ASSETS
1	Total High-Quality Liquid Assets (HQLA)					1.531	1.477	1.326	1.219
	CASH OUTFLOWS
2	Retail and small business deposits, of which	4.551	3.784	3.626	3.460	113	108	102	98
3	Stable deposits	168	153	115	88	8	8	6	4
4	Less stable deposits	1.025	990	952	931	104	100	96	94
5	Unsecured wholesale financing	423	388	345	327	180	168	156	166
6	Operating deposits (all counterparties) and deposits in cooperative bank networks
7	Non-operating deposits (all counterparties)	420	384	342	299	177	164	153	138
8	Unsecured debt	3	3	3	28	3	3	3	28
9	Secured wholesale financing
10	Additional obligations	79	75	72	71	9	1	1	7
11	Outflows related to derivative exposures and other collateral obligations	1	1	1	1	1	1	1	1
12	Outflows related to loss of financing on debt products	1				1
13	Credit and liquidity facilities	77	74	71	70	7	7	6	6
14	Other contractual financing obligations	162	174	172	148	129	139	136	111
15	Other contingent financing obligations	14	12	6		2	2	2
16	TOTAL CASH OUTFLOWS					433	426	402	383
	CASH INFLOWS
17	Secured loans (e.g. repurchase agreements)
18	Inflows from fully performing exposures	1.178	1.189	1.193	1.199	712	731	739	736
19	Other cash inflows	94	86	77	60	24	21	19	16

		Total non-weighted value (average)					Total weighted value (average)
EU 19a	(Difference between total weighted inflows and total weighted outflows from transactions in third countries where transfer restrictions apply or that are denominated in non-convertible currencies)
EU 19b	(Excess inflows from a related specialty lending institution)
20	TOTAL CASH INFLOWS	1.272	1.274	1.270	1.259	736	752	758	752
EU 20a	Totally exempt inflows
EU 20b	Inflows subject to the 90 % cap
EU 20c	Inflows subject to the 75 % cap	1.272	1.274	1.270	1.259	736	752	758	752
EU 21	LIQUIDITY RESERVE					1.531	1.384	1.326	1.219
22	TOTAL NET CASH OUTFLOWS					108	96	101	96
23	LIQUIDITY COVERAGE RATIO					1.414%	1.434%	1.318%	1.274%

The table shows the quantitative information relating to the Liquidity Coverage Ratio (LCR) of the Group, measured in accordance with European regulatory requirements (CRR and CRD IV) and subject to monthly reporting to the competent supervisory authority (this indicator includes the prudential estimate of "additional outflows for other products and services" in compliance with article 23 of Delegated Regulation (EU) no. 2015/61). The data shown are calculated as a simple average of the month-end observations taken during the 12 months preceding the end of each quarter. The average is stable over time and the indicator stands at 1.274%, perfectly in line with the limits of the regulation.

Model EU LIQ2: Net Stable Funding Ratio

		Non-weighted value by residual
			duration
	(Amount in currency)			from 6		Weighted
		expiry	< 6	months	≥ 1	amount
		date	months	to < 1	year
				year
	Available Stable Funding Elements (ASF)
1	Capital elements and instruments	1.608				2.008
2	Own funds	1.608			400	2.008
3	Other capital instruments
4	Retail deposits		2.501	402	1.850	4.471
5	Stable deposits		161	2	2	157
6	Less stable deposits		2.340	401	1.848	4.314
7	Wholesale Financing:		1.477	54	3.588	4.047
8	Operational deposits
9	Other wholesale financing		1.477	915	4.434	864
10	Related liabilities
11	Other liabilities:		1.074	9	371	376
12	NSFR derivatives liabilities
13	All other liabilities and other equity instruments not included in the above categories		1.074	9	371	376
14	Total available stable funding (ASF)					10.902
	Required Stable Funding Elements (RSF)
15	Total High-Quality Liquid Assets (HQLA)					8.083
EU 15a	Restricted assets with a remaining maturity of one year or more in a hedging aggregate
16	Deposits held with other financial institutions for operational purposes
17	Performing Loans and Securities:		3.543	517	3.822	4.421
18	Performing securities financing transactions with financial customers secured by Level 1 HQLA subject to a 0% haircut coefficient
19	Performing securities financing transactions with financial customers secured by other assets and loans and advances to financial institutions		428	5	68	113
20	Performing loans to customers consisting of non-financial corporations, retail customers and small businesses and loans to sovereign issuers and public sector entities, of which		627	317	2.746	3.021
21	With a risk weight factor of 35 % or less under the Basel II standardised approach for credit risk		169	61	710	765
22	Performing residential mortgage loans, of which		2	2	74

			Non-weighted value by residual duration
(Amount in currency)		No expiry date	< 6 months	from 6 months to < 1 year	≥ 1 year	Weighted amount
23	With a risk weight factor of 35 % or less under the Basel II standardised approach for credit risk		1	1	71
24	Other loans and securities that are not in default and do not qualify as HQLA, including market traded equity instruments and on-balance sheet products related to trade finance		2.486	194	934	1.286
25	Related assets
26	Other assets:		1.209	54	1.700	2.601
27	Physically traded goods
28	Assets provided as initial margin for derivative contracts and as a contribution to CCP guarantee funds				4	3
29	NSFR derivative assets		6			6
30	NSFR derivative liabilities before deduction of variation margin provided		3			0
31	All other assets not included in the above categories		1.200	54	1.696	2.592
32	Off-balance sheet items		243	6	11	24
33	Total RSF					8.083
34	Net Stable Funding Ratio (%)					134,73%

Table EU LIQ2 sets out the quantitative information inherent in the Group's net stable funding ratio (NSFR). The indicator stands at a level of 135%, above the regulatory limit of 100%. Although the indicator signals a sufficiently capacious level of highly liquid assets, the indicator is highly concentrated on Level 1 assets issued by sovereigns.

7.Credit risk

7.1. General information

Objectives and credit risk management policies

In accordance with the guidelines approved by the Parent company's Governing Body and the changes in the supervisory regulatory framework, the Group seeks to strengthen its competitive position in the market offered to small and medium businesses. The aim is to increase its market share in the following segments: trade receivables—including for entities with specialist needs such as pharmacies—leasing, tax receivables, and distressed loans, providing high-quality and highly customisable financial services while keeping credit risk under control and profitability in line with the level of quality offered.

7.1.1. Details by business segment

Organisational aspects

Within the Banca Ifis Group, a fundamental role in the management and control of credit risk is played by the Corporate Bodies of the Bank and its subsidiaries, which, in accordance with their respective responsibilities, ensure adequate control of credit risk by identifying strategic guidelines, risk management and control policies, continuously monitoring their efficiency and effectiveness and defining the tasks and responsibilities of the corporate functions involved in the related processes.

Under the current organisational structure, specific central areas are involved in credit risk management and governance, ensuring, with the appropriate level of segregation, the performance of management operations as well as first and second line of defence controls by adopting adequate processes and IT applications.

Overall, despite some differences deriving from the various products/portfolios, the lending process follows a shared organisational approach with various operational stages and roles, responsibilities, and controls at different levels.

The organisational structure is therefore divided into the following business areas broken down by type of activity:

Commercial Network Italy, an organisational unit dedicated to the provision of financing services to domestic and foreign companies and to the care of the correct relationship with the counterparties developed directly or indirectly, as well as the debtors (domestic or foreign) acquired as part of the operations carried out;
Pharmacies, organisational unit dedicated to the provision of financing services to Italian pharmacies, both internally developed and reported by the commercial network of the subsidiary Credifarma;

Tax Receivables, organisational unit dedicated to purchasing tax receivables, mainly from companies in insolvency proceedings or liquidation;
Corporate Finance, organisational unit dedicated to structured finance transactions or investments in performing non-financial companies and intermediaries;
Leasing and Rental, the organisational unit dedicated to offering and managing leasing and renting products;
Insurance Development, the organisational unit dedicated to the supply of insurance products;
Marketing and Business Strategy, organisational unit that deals with the planning and monitoring of the commercial production and development of specific commercial campaigns, identifying the relevant target, the contact channels and monitoring tools;
Operations Assessment, organisational unit which, with regard to both the initial granting of credit and renewal and review activities, is responsible for: i) assessing the creditworthiness of the counterparties as well as the risk inherent in the transactions; ii) approving credit facilities in compliance with the powers assigned to it by the Board of Directors and formalised in the Group's System of Delegated Authorities for the assumption of credit risk;
Pharma: organisational unit dedicated to the pharmaceutical market that operates by providing specialist support to sales networks (e.g. Italy Sales Network), independently developing business relationships with pharmaceutical companies and/or operators in the sector.

In addition, at the reporting date the lending process included the lending operations of the subsidiaries:

Ifis NPL Investing S.p.A., company dedicated to the acquisition, management and transfer of non-performing loans, mainly originated by financial institutions and banks;
Ifis NPL Servicing S.p.A., company specialising in the management of NPLs and servicing and recovery activities on behalf of third parties;
Cap.Ital.Fin. S.p.A., company operating in the sector of salary-/pension-backed loans, payment delegations and in the distribution of financial products such as mortgages and personal loans;
Credifarma S.p.A., reference company for pharmacies for the granting of advances, medium and long-term loans, leases and financial services;
Ifis Finance Sp. z o.o., a factoring company operating in Poland;
Ifis Finance I.F.N. S.A., a financial company operating in Romania;
Farbanca S.p.A., banking operator mainly targeting the world of pharmacies and health.

Each organisational unit develops and manages business relationships and opportunities in its respective segment by working together with the Branches located throughout Italy, in accordance with the strategic guidelines and objectives set by the Board of Directors.

As for the lending process, each business area identifies the opportunities for new transactions in accordance with the lending policies in force and the defined risk appetite; in this context, it examines loan applications and formalises a proposal

to be submitted to the competent decision-making bodies, ensuring lending policies and controls are implemented correctly and analysing the applicant's creditworthiness in accordance with existing internal regulations.

The proposals to grant lines of credit and/or purchase receivables are submitted to the competent decision-making bodies, which, based on the powers delegated to them, express their decision - which always refers to the overall exposure towards the counterparty (or any related groups).

Banca Ifis S.p.A. Branches have no independent decision-making power for the purposes of assuming credit risk; Branches manage ordinary operations with customers under the constant monitoring of the central structures in accordance with the limits and procedures established by the Head Office's competent bodies.

In carrying out their operations, the subsidiaries can independently take certain decisions within the operational and organisational limits defined by the Parent Company Banca Ifis.

The line of credit is then finalised, which involves stipulation of the contract, obtaining guarantees, if any, and granting the credit line. Throughout these stages, the business areas are aided by specific supporting units responsible for preparing the agreement in accordance with the terms of the approval as well as ensuring all activities leading to the granting of the credit facility are properly carried out.

The process for the acquisition of non-performing loan portfolios adopted by the structures of the NPL Segment consists of similar stages that can be summarised as follows:

Origination: the Bank identifies the counterparties from which it plans to purchase the portfolios and assesses the economic expediency of said transactions;
due diligence, as part of which highly-skilled analysts assess the quality of the portfolio being transferred and the relevant organisational impact. Once the due diligence is completed, the Group sets the terms and conditions for offering/acquiring the receivables portfolio and how to manage it (individual or collective method), assessing the relevant impact on operating structures;
resolutions, with the activities necessary for the preparation of the appraisal file, the assumption, adoption and implementation of the resolution by the competent decision-maker;
finalisation: the parties prepare and finalise the purchase agreement, and the relevant consideration is paid.

The operational management of receivables, carried out for performing customers, mainly consists in monitoring and ordinary management conducted by dedicated structures at each of the Group's companies with the aim of constantly and pro-actively reviewing borrowers. This activity is supported by a monitoring activity carried out at Group level by a specific organisational unit set up at the Parent company, in order to identify counterparties with anomalous performance, to anticipate the occurrence of problematic cases and to provide adequate reporting to the competent corporate functions.

If the credit position is in an objective situation of distress, it is transferred to specific functions specialised per product in managing the recovery of non-performing exposures.

Collection operations for receivables deriving from purchases of distressed retail loans are the responsibility of resources within the subsidiary Ifis NPL Investing S.p.A. and Ifis NPL Servicing S.p.A., as well as of a broad and proven network of debt collection companies and financial agents operating across Italy. The non-judicial operations consist mainly in the activation of the credit through the debtor's subscription of bills of exchange or voluntary settlement plans; the judicial operations consist, instead, in the transformation through legal action aimed at obtaining from the court the garnishment order of onefifth of the pension or salary (the existence of which is the necessary prerequisite for the start of this form of transformation) or the sale on the market of the asset to guarantee the credit (secured management).

Finally, there is also an assessment of the expediency of selling non-performing loan portfolios, mainly represented by processing codes, to be submitted for approval to the competent decision-making bodies, consistently with the established profitability targets and after analysing the relevant accounting, reporting, legal, and operational impacts. To do so, it relies on the in-depth inquiries conducted by the Parent company's competent business functions within their area of expertise.

During 2020, in order to incorporate the impacts of the health emergency caused by the Covid-19 pandemic into the accounting valuation models used for NPLs, analyses were performed and new prudent logics implemented, as well as the institutional measures introduced to temporarily support the national economy, still valid for 2021.

The Italian Government, in order to continue to support SMEs from a financial point of view by alleviating the liquidity tensions caused by the Covid-19 emergency, has issued the Italian Decree Law 25 May 2021 no. 73 (the "Sostegni-Bis Decree") which contains the following measures:

with regard to guarantees on portfolios of new medium/long-term loans intended for companies with no more than 499 employees for the implementation of research, development and innovation projects and/or investment programmes, an increase in the investment portfolios to 500 million Euro is granted, provided that the duration is between a minimum of 6 years and a maximum of 15 years and at least 60% of the loans are for research, development and innovation projects and/or investment programmes;
extension to 31 December 2021 of temporary measures to support business liquidity and extension to 10 years of the maximum duration of loans with public guarantee (Sace), compared to the previous limit of 6 years;
extension to 31 December 2021 of the moratorium for SMEs, for revocable credit facilities and for loans granted against advances on loans existing on 29 February 2020 or, if higher, for both the drawn and the unused portion.

These measures also mitigate any negative impact on the credit quality of banks.

More specifically, for the Npl Segment, during the period of health emergency, recovery activities through telephone collection have been strengthened as door to door activities of the agent network have been temporarily suspended. Restrictions imposed as a result of the spread of Covid-19 have been partially overcome in the first half of 2021, with a substantial return of court activity to pre-pandemic levels.

In order to incorporate the effects linked to the temporary closure of production activities, corrections were made to the forecasting models that entailed, with reference to amicable management, a limited decline in collections expected for FYs 2021 and 2022, in line with the general macroeconomic forecasts used for the medium-term estimates.

Consistently with the legislation released, certain corrections have been made to the models that cover both the secured Npl positions, as a result of the extension of collection times due to the suspension in proceeding with the attachment of properties received as collateral and for positions for which bankruptcy proceedings are in progress.

As regards loans to private customers in the form of salary- and pension-backed loans granted through the subsidiary Cap.Ital.Fin. S.p.A., the Group suffered the effect of the closure and block to production of numerous companies that, in many cases, applied for the social shock absorber of derogation temporary lay-off fund; this led to the disbursement of salaries directly by INPS, often resulting in delays in the disbursement of funds and, consequently, in the receipt of payments.

The Group chose to selectively freeze instalments of the amortisation plan for the entire duration of the contribution mechanism. As of December 2021, there are no longer any positions affected by this suspension, and the related overall economic and financial effects produced during the period of suspension are to be considered immaterial.

In the Corporate area, following the Covid-19 emergency, the Banca Ifis Group has taken various actions to best address the emergency in line with the new regulations. More specifically, it has adhered to the "Cura Italia" Decree, to the ABI credit agreement and the Liquidity Decree, with the consequent concession of moratoriums and the disbursement of new loans backed by the Central Fund.

Starting 2020, the Banca Ifis Group, in line with the "Cura Italia" Decree and subsequent amendments, implemented the following supporting measures for micro, small and medium enterprises based in Italy, which were classified as performing and had a lack of liquidity due to the Covid-19 epidemic:

limitation to the revocation of overdrafts until 31 December 2021;
extension to 31 December 2021 of non-instalment loans with earlier contractual due date.
suspension until 31 December 2021 and breaking down into instalments of mortgages and lease charges.

At 31 December 2021, the positions subject to the moratorium were individually reviewed and, where the conditions were met, classified as forborne.

With reference to Credifarma, at 31 December 2021 there are 14 counterparties (for a total exposure of 1,7 million Euro) that have benefited from the extension of the suspension of the capital share pursuant to the "Cura Italia" Decree.

With reference to Farbanca, at 31 December 2021 there are 127 counterparties that have benefited from the extension of the suspension of the capital share pursuant to the "Cura Italia" Decree, for an equivalent value of approximately 3,0 million Euro.

With reference to the entry into force of the new rules on the "Classification in Default of Counterparties" with effect from 1 January 2021 (the "New DoD - Definition of Default"), with the exception of that set out below regarding exposures towards entities of the National Health Service it is believed that it has not had a significant impact in terms of deterioration of the quality of the Banca Ifis Group's credit assets.

With reference to the specific sector of NHS bodies, the counting of the days of backlog in application of the New DoD was substantially suspended as a result of the emergency legislative interventions related to the Covid-19 pandemic and, in particular, following the introduction of art. 117, paragraph 4, of Italian Decree Law no. 34 of 19 May 2020, which provided for the suspension of executions and the ineffectiveness of attachment orders against NHS bodies (the so-called block on executions) until 31 December 2020, subsequently extended until 31 December 2021 by virtue of art. 3, paragraph 8, of Italian Decree Law no. 183 of 31 December 2020.

Indeed, in the Bank's view, the stay on execution orders has:

aimed to allow the NHS bodies not to pay their debts (albeit temporarily) for the purposes of the realisation of higher public interests also linked to the health emergency; and consequently
suspended the counting of days in arrears pursuant to art. 178 CRR in relation to the local health authorities' exposures to the Bank.

Therefore, the new methods of handling past due receivables, with reference to the specific and unique case of trade receivables from NHS entities acquired by the Group on a non-recourse basis, would have been applied from 1 January 2022.

It was only on 8 December 2021 that the Constitutional Court issued judgement no. 236/2021 (Sentence), which declared the extension of the block on executions provided for by art. 3, paragraph 8, of the above-mentioned Italian Decree Law no. 183/2021 to be constitutionally illegitimate.

In this context, when completing and closing the financial statements as of 31 December 2021, taking into account the "late" issuance of the judgement, the Bank launched an analysis process aimed at identifying an approach, based on responsibility and reasonableness, to represent the factual reality of the reference contexts and provide a correct representation, also in terms of credit risk and the classification of exposures to NHS bodies.

In the light, amongst other things, of the absence of established market practices or indications from authorities or trade associations regarding the effects the Sentence on the date from which to start counting days overdue on exposures to NHS bodies (i.e. from 1 January 2021 or 7 December 2021, date of publication of the Ruling), the Group, therefore, has adopted a substantive approach in classifying as of 31 December 2021, exposures related to trade receivables acquired without recourse and on a non-recourse basis, where the debtor is an NHS entity.

The approach adopted by the Bank, subject to further refinements which may also be made as a result of any clarifications in this regard by the competent Authorities, provides that, in relation to the exposures in question to debtor counterparties in respect of which the Group has accrued direct, independent, objective, consolidated and solid evidence demonstrating constant payment, year by year of a substantial portion of the receivables acquired, regardless of the relative timing, the delay in the payment of the relative receivables by a counterparty that meets the above criteria, is objectively and clearly connected to a dispute that is relevant for the purposes of suspending the counting of days in arrears pursuant to the New DoD, even if not yet specifically formalised (the "implicit challenge").

Based on this approach, the Group has classified approximately 65 million Euro of receivables for exposures to NHS entities as non-performing past due exposures.

Management, measurement, control and reporting systems

Credit risk is constantly monitored by means of procedures and instruments that can rapidly identify particular anomalies.

Over time, the Banca Ifis Group has implemented instruments and procedures allowing to specifically evaluate and monitor risks for each type of customer and product.

If the applicant passes the evaluation process and is granted a credit facility, the Group starts monitoring the credit risk on an ongoing basis, ensuring repayments are made on time and the relationship remains regular, reviewing the information that the Italian banking system reports to the Central Credit Register or select databases as well as the reputational profile, and examining the underlying causes for each one of these aspects.

Concerning portfolio monitoring operations, as previously mentioned, receivables due from customers are monitored by specific units within the mentioned business areas that are responsible for constantly and proactively reviewing borrowers (first line of defence); a specific organisational unit conducts additional monitoring at a centralised level, using mainly performance analysis models - including models developed by the Parent's Risk Management function - to identify any potential issues through specific early warning indicators.

Credit risk exposures to companies are assigned a rating based on models developed in-house. These models were brought into production early 2021 and are differentiated by segment to ensure that appropriate models are applied on homogeneous population from the point of view of characteristics and risk level. There are therefore models for corporations, differentiated by two size clusters, and a model for partnerships and sole proprietorships. The rating models are composed of different modules that investigate different areas of information depending on the type of counterparty and are integrated with qualitative information of different nature. The extension of the use of the models to all operations with companies of the Parent Company has allowed, by increasing the coverage of the models, the achievement of homogeneity objectives in terms of risk measurement along the credit process. The provisioning process saw the expansion of the population to which it is possible to apply the stage allocation criterion for a significant increase in credit risk, by comparing the rating at the time of granting and the current rating, with a view to compliance with the requirements of accounting standard IFRS 9.

Risk Management plays a crucial role as part of the second line of defence in measuring and monitoring operations.

Concerning credit risks, the Risk Management function:

oversees, monitors and assesses credit risks, carrying out audits and analysis in accordance with the relevant guidelines; specifically, it: (i) assesses credit quality, ensuring compliance with lending strategies and guidelines by monitoring credit risk indicators on an ongoing basis; (ii) constantly monitors the exposure to credit risk as well as compliance with the operational limits assigned to the different structures with reference to the assumption of credit risk; (iii) ensures, through second line of defence controls, that the performance of individual exposures, and specifically non-performing ones, is properly monitored, and assesses the consistency of the classifications as well as the level of provisions; (iv) monitors the exposure to concentration risk as well as the performance of Major Exposures;
performs quantitative analyses to support the business units in using risk measures;
oversees the supervision of the value of collateral as well as personal and financial guarantees. Concerning the credit risk associated with bond and equity investments, the Bank constantly monitors credit quality, and the Banca Ifis Board of Directors and Top Management receive regular reports on this matter.

Within the framework of the Basel 3 principles, Banca Ifis has chosen to use the standardised method in order to determine the capital requirement against first pillar credit risks.

In order to assess its vulnerabilities in terms of capital and liquidity management, the Parent company Banca Ifis has developed quantitative and qualitative techniques with which it assesses its exposure to exceptional but plausible events. These analyses, known as stress tests, measure the impact in terms of risk deriving from a combination of changes in economic-financial variables under adverse scenarios on the Banks and its subsidiaries. These analyses significantly concern credit risk.

Stress analyses make it possible to verify the Group's resilience, simulating and estimating the impacts of adverse situations, and provide important indications regarding its exposure to risks and instruments, the adequacy of the related mitigation and control systems and its ability to cope with unexpected losses, also from a prospective and planning perspective.

For regulatory purposes, the Parent company Banca Ifis conducts stress tests when defining the Risk Appetite Framework and preparing the Recovery Plan as well as the ICAAP and ILAAP report at least on an annual basis, as required by applicable prudential supervisory regulations. In this context, it assesses, among other things, the sustainability of lending strategies under adverse market conditions.

Credit risk mitigation techniques

Credit risk mitigation techniques include instruments that contribute to reducing the loss that the Group would incur in the event of counterparty default; specifically, they refer to guarantees received from customers, both collateral and personal, and to any contracts that may lead to a reduction in credit risk.

In general, as part of the process of granting and managing credit, for certain types of lines, the release by customers of suitable guarantees to reduce their risk is encouraged. They can be represented by collaterals on assets, such as pledges on financial assets, mortgages on real estate (residential/non-residential) and/or personal guarantees (typically sureties) on a third party where the person (natural or legal) is the guarantor of the customer's debt position in the event of insolvency. In particular:

as part of factoring operations, when the type and/or quality of factored receivables do not fully satisfy requirements or, more generally, the invoice seller is not sufficiently creditworthy, the bank's established practice is to hedge the credit risk assumed by the Group by obtaining additional surety bonds from the shareholders or directors of the invoice seller. As for the account debtors in factoring relationships, wherever the Bank believes that the elements available to assess the account debtor do not allow to properly measure/assume the related credit risk, or the proposed amount of risk exceeds the limits identified during the debtor's assessment, the Bank adequately hedges the risk of default of the account debtor. Guarantees issued by correspondent factors and/or insurance policies underwritten with specialised operators are the main hedge against non-domestic account debtors in non-recourse operations;
in loans to businesses, where possible, suitable guarantees are acquired from the Central Guarantee Fund or other companies coming under the public scope, such as SACE S.p.A.;
in regard to Structured Finance, collateral is acquired according to the counterparty's standing as well as the term and type of the facility. Said collateral includes mortgage guarantees, liens on plant and equipment, pledges, surety bonds, credit insurance, and collateral deposits;
as for finance leases, the credit risk is mitigated by the leased asset. The lessor maintains the ownership until the purchase option is exercised, ensuring a higher recovery rate in the event the client defaults;
as for operations concerning distressed loans and purchases of tax receivables arising from insolvency proceedings, as well as the relevant business model, generally no action is implemented to hedge credit risks;
salary-backed loans certainly have low risk, considering the particular characteristics of this product: it requires having insurance against the customer's risk of death and/or loss of employment as well as imposing a lien on the Post-employment benefits earned by the customer as additional collateral for the loan;
lending to pharmacies involves an advance as well as a transfer or debt collection mandate, with the possibility of deducting subsequent advances from existing credit facilities.

In line with that established by the Liquidity Decree (Italian Decree Law no. 23 of 8 April 2020) and subsequently with Decree Law 25 May 2021 no. 73 (Sostegni bis decree), the Group has benefited from the guarantees offered by the state Guarantee Fund for the type of customer and loans envisaged by the Decree, with cover that can reach 100%. This guarantee enables a reduction in the RWAs relative to the credit risk, proportionally to the share of exposure covered by the Fund.

The acquired NPL portfolios include positions secured by mortgages on properties with a lower level of risk than the total portfolio acquired.

When calculating the overall credit limit for an individual customer and/or legal and economic group, the Bank considers specific criteria when weighing the different categories of risks and guarantees. Specifically, when measuring collateral, it applies prudential "spreads" differentiated by type of guarantee.

Banca Ifis S.p.A. continuously verifies the quality and adequacy of the guarantees acquired on the loan portfolio, with second level monitoring carried out by the Bank's Risk Management Department and carried out under the scope of the Single File Review.

7.1.2. Methodologies used to determine impairment losses

Non-performing credit exposures

Non-performing loans are classified according to the Bank of Italy's criteria.

The positions that have deteriorated or present significant problems are handled directly by specific organisational units established at each company of the Banking Group, which:

assess the counterparty's willingness and ability to repay the debt in order to establish the most appropriate recovery strategy;
manage judicial and non-judicial proceedings concerning debt collection operations;
define potential modifications to the administrative status as well as the quantification of "doubtful individual outcomes" for the positions assigned to it, submitting them to the competent decision maker;
monitor the amount of exposures classified as bad loans and the relevant debt collection operations.

"Acquired impaired assets" include loans acquired by the subsidiaries Ifis Npl Investing S.p.A. and Ifis Npl Servicing S.p.A. acquired at values significantly lower than their nominal amount, as well as non-performing assets resulting from the various IFRS 3 business combinations carried out by the Banca Ifis Group (such as those relating to the former GE Capital Interbanca Group, the former Fbs Group, the companies Credifarma S.p.A., Cap.Ital.Fin. S.p.A. and Farbanca S.p.A. as well as the former Aigis Banca business). These non-performing assets are included within the POCI perimeter on the basis of the existence, for each individual relationship, of non-performing credit quality at the time of the relative acquisition, as required by IFRS 9.

The Group's goal is twofold:

constant efforts to improve not only the processes for selecting and granting loans, but also the processes for managing performing loans, referring, where appropriate, to the commercial and/or selection policies of individual transactions, in order to contain the generation of non-performing loans in the best possible way;
the definition of quantitative objectives (such as maximum limits) in terms of non-performing exposures as well as pre-established actions to be implemented according to appropriate application criteria and priorities, in order to ensure compliance with the established limits over time.

In managing these aspects, the Group must, however, necessarily take into account the different segments of business and related types of credit, classifying solutions and actions consistent with the specificities of the individual segments, in order to ensure the best result in terms of value protection and speed of solution.

In view of the above, the Group has maintained the following two indicators as performance indicators and explicit objectives to be pursued with careful and proactive management when updating its annual operating plan for the management of short and medium/long-term NPLs, presented to the Supervisory Authority in March 2021:

"gross npe ratio", consisting of the ratio of "gross non-performing exposures" to "total receivables due from customers";
"net npe ratio", consisting of the ratio of "non-performing exposures net of related adjustments" to "total receivables due from customers".

With reference to receivables due from customers for cash in place at 31 December 2021, excluding the positions stemming from the acquisition and management of non-performing exposures of third party originators managed by the subsidiaries Ifis Npl Investing S.p.A. and Ifis Npl Servicing S.p.A., as well as the portfolios of retail loans, also in consideration of the economic impacts deriving from the COVID-19 emergency situation, the levels of NPE ratio are in line with respect to the objectives set when defining the projections of the 2022-2024 Business Plan.

Regardless of the current outlook, the pursuit of the objective of a general containment in the stock of medium/long-term non-performing loans remains and is expected to take place through a differentiated strategy in relation to the specificity of the individual portfolios concerned (taking into account the type of counterparty and the specificity of the individual products). In general, the action that will be taken is essentially based on the following goals, which it has been pursuing for some time now:

containment of the default rate in order to reduce the inflow of non-performing positions by extending and strengthening the monitoring of lending aimed at anticipating, and possibly preventing, deterioration of positions;
improvement of the "performing" rates of return through use of granting measures in relation to counterparties that show signs of financial difficulty;
leveraging the expertise within the Banca Ifis Group and the virtuous collection processes currently in place to maximise collection rates;
reducing the stock of non-performing loans by considering selective sales of individual significant positions as well as applying existing write-off policies.

The positions that have deteriorated or present significant problems are handled directly by specific organisational units established at each company of the Group, which:

• assess the counterparty's willingness and ability to repay the debt in order to establish the most appropriate recovery strategy;

manage judicial and non-judicial proceedings concerning debt collection operations;
define potential modifications to the administrative status as well as the quantification of "doubtful individual outcomes" for the positions assigned to it, submitting them to the competent decision maker;
monitor the amount of exposures classified as bad loans and the relevant debt collection operations.

Definition of non-performing loans used for accounting purposes

The definition of "non-performing" loans adopted by the Banca Ifis Group for accounting purposes is the same as the one used for supervisory purposes. In particular, Circular no. 272 of 30 July 2008 and subsequent updates, "Matrix of accounts", as part of the definition of credit quality parameters, establishes:

"non-performing" credit exposures are defined as on-balance sheet (loans and debt securities) and off-balance sheet (guarantees issued, irrevocable and revocable commitments to disburse funds, etc.) to debtors that fall into the "Nonperforming" category pursuant to Regulation no. 630/2019 amending Regulation (EU) no. 575/2013 and Commission Implementing Regulation (EU) no. 680/2014, as amended and supplemented (Implementing Technical Standards; hereinafter, ITS). For the purposes of supervisory reporting, non-performing credit exposures are divided into the categories of non-performing loans, probable defaults, past due and/or impaired past due exposures. The classification of exposures in the three categories must be univocal among the subjects included in the perimeter of the supervisory reports on a consolidated basis, on the basis of a shared assessment of the state of deterioration of the customer (including insolvency) which takes into account all the information available to the group".

Methodologies used to determine impairment losses

Under IFRS 9, the relevant impairment provisions apply to financial assets measured at amortised cost, financial assets at fair value through other comprehensive income that are not equity securities, and loan commitments and guarantees granted that are not measured at fair value through profit or loss.

"Expected Credit Losses" (ECLs) are calculated based on whether the financial instrument's credit risk has significantly increased since initial recognition.

The general impairment model requires allocating the financial instruments within the scope of IFRS 9. The three Stages, which reflect the deterioration in credit quality:

Stage 1: financial instruments that have not had a significant increase in credit risk since initial recognition or that have low credit risk at the reporting date;
Stage 2: financial instruments that have had a significant increase in credit risk since initial recognition (unless they have low credit risk at the reporting date) but that individually do not have objective evidence of impairment;
Stage 3: financial assets that have had a significant increase in credit risk since initial recognition with objective evidence of impairment at the reporting date. This coincides with non-performing exposures, i.e. those classified as bad loans, unlikely to pay, or non-performing past due exposures.

To identify the significant increase in credit risk, the Banca Ifis Group applies the following quantitative and qualitative transfer criteria to the loan portfolio according to the type of counterparty defined by segmenting receivables into portfolios:

The only quantitative transfer criterion is the Significant Deterioration for which, to identify the significant increase in credit risk on exposures within rated portfolios (Italian companies), the Group used an approach backed by quantitative analyses, under which the exposure is allocated to Stage 2 if the change in the one-year PD between the origination and the measurement date exceeds a given threshold.
Qualitative transfer criteria

"Rebuttable presumption – 30 days past due": the Standard establishes that, regardless of how the entity assesses significant increases in credit risk, there is a rebuttable presumption that the credit risk on a financial asset has increased significantly since initial recognition when contractual payments are more than 30 days past due. The entity can rebut this presumption if it has reasonable and supportable information that demonstrates that the credit risk has not increased significant since initial recognition even though the contractual payments are more than 30 days past due. However, the Ifis Group has not pursued this option;

Forbearance: according to this criterion, a financial instrument is allocated to Stage 2 when the Group classifies the exposure as forborne;

"Watch list": it identifies qualitative deterioration criteria defined by the Group as part of the process for defining especially risky positions during credit monitoring.

According to IFRS 9, an entity may assume that the credit risk on a financial instrument has not increased significantly since initial recognition if the financial instrument is determined to have low credit risk at the reporting date, that is:

it has a low risk of default;
the borrower is considered, in the short term, to have a strong capacity to meet its obligations;
the lender expects, in the longer term, that adverse changes in economic and business conditions might reduce the ability of the borrower to fulfil its obligations.

The measurement of expected credit losses (ECLs) accounts for cash shortfalls, the probability of default, and the time value of money. Specifically, the Group measures the loss allowance for the financial instrument as:

expected losses at 12 months for positions that have not suffered a significant deterioration in creditworthiness (Stage 1); i.e. an estimate of the non-payments resulting from possible default events in the following 12 months, weighted by the probability that such events will occur;
expected "Lifetime" losses for positions that have suffered a significant deterioration in creditworthiness (Stage 2); in this case, it estimates the cash shortfalls resulting from default events that are possible over the expected life of the financial instrument, weighted by the probability of that default occurring and discounted at the measurement date (ECL).

To ensure its collective impairment calculations are in the closest possible compliance with regulatory requirements, the Group has defined a specific methodological framework. This involved developing quantitative methods and analyses based on proprietary datasets as well as qualitative methods and analyses to essentially model the following risk parameters and the methodological aspects relevant to the calculation of impairment under IFRS 9:

estimated Probability of Default (PD);
estimated Loss Given Default (LGD);
estimated Exposure at Default (EAD);
definition of the stage allocation transfer logic;
calculation of the expected credit losses including point-in-time factors;
calculation of the expected credit losses including forward-looking elements.

As for the securities portfolio, considering the methodological complexity associated with developing a dedicated model, the Group decided to use the calculation of impairment under IFRS 9, provided at consortium level by the information system outsourcer (i.e. estimating risk parameters, calculating the Stage allocation and ECLs). Specifically, the formula used to calculate the impairment of the tranches allocated to Stage 1 and 2 is consistent with the approach to credit exposures. The Stage allocation of performing debt securities requires using an external rating of the issue or, if this is not available, the issuer; in short, the securities are allocated to the different Stages based on specific transfer criteria associated with this type of portfolio. Exposures are allocated to Stage 3 if credit risk has deteriorated to the point that the security is considered impaired, i.e. classified as non-performing, including in the case of financial instruments in default.

In developing the above methods, the Group has considered multiple solutions, the current and prospective complexity of its portfolio, as well as how to maintain and update risk parameters.

A multi-period approach to risk parameters has been developed exclusively for the PD; the other credit risk parameters (LGD and CCF) are applied on a constant basis until maturity. The LGD has been estimated based on historical proprietary evidence, except in the case of Banks, Central Governments and Local Administrations (excluding municipalities) and operations where there is no sufficiently deep database to estimate the recovery of non-performing positions for which, for lack of any objective historical data, an LGD was used equal to the regulatory floor.

The Group has adopted econometric models (based on the stress test framework - "satellite" models), aimed at forecasting the evolution of the Institute's risk factors (i.e. mainly PD, LGD, EAD and migrations between statuses for credit risk) on the basis of a joint forecast of the evolution of the economic and financial indicators (see macroeconomic scenario).

The satellite models meet the need to identify the existence of a significant relationship between the general economic conditions (i.e. macroeconomic and financial variables) and a proxy variable of the risk factor (i.e. target variable) e.g. the credit rating of counterparties (which represents the respectively probability of default as a summary of the PD factor) and the recovery rates (summarising the LGD factor for bad loans).

Non-performing loans are individually or jointly assessed and the amount of the impairment loss is measured as the difference between the asset's carrying amount (measured at amortised cost) at the time of assessment and the present value of estimated future cash flows discounted at the financial asset's original effective interest rate. Expected cash flows are calculated taking into account the expected recovery times, the estimated realisable value of guarantees, if any, and the costs expected to be incurred to recover the exposure.

The original effective interest rate of each loan does not change over time even if a restructuring involved changing the contractual rate or the loan no longer bears contractual interest in practice. Any impairment loss is recognised through profit or loss. The impairment loss is reversed in the following years to the extent that the reason for the impairment no longer exists, provided this assessment can be related objectively to an event occurring after the impairment was recognised. The reversal is recognised through profit or loss and shall not exceed the amortised cost that the loan would have had if the impairment had not been recognised.

Bad loans, excluding those referring to leasing and retail portfolios of personal loans or mortgages, with an outstanding gross amount of more than 100 thousand Euro are individually evaluated, whereas bad loans with an outstanding gross amount of less than 100 thousand Euro as well as bad loans with an outstanding gross amount of more than 100 thousand Euro but that were classified as such over 10 years prior to the reporting date are written off.

Unlikely to pay, excluding those referring to leasing or retail portfolios of personal loans or mortgages, with an amount of more than 100 thousand Euro are individually evaluated, whereas those with an amount of less than 100 thousand Euro are collectively tested for impairment.

For Stage 3 exposures that are not individually tested for impairment, the Group defines a lifetime provision in line with the concept of expected credit loss. Specifically concerning LGD, to calculate the collective losses for Stage 3 exposures (mainly non-performing past due and unlikely-to-pay), the Group made certain adjustments to ensure consistency with the measures used for performing loans.

Quantitative information

Model EU CR1: Performing and non-performing exposures and related provisions (1/2)

		Gross book value/nominal amount
			Performing exposures		Non-performing exposures
			Of which phase 1	Of which phase 2		Of which phase 2	Of which phase 3
005	Balances with central banks and other sight deposits	699	699
010	Loans and advances	6.554	5.970	524	1.937		436
020	Central Banks

		Gross book value/nominal amount
			Performing exposures		Non-performing exposures
			Of which phase 1	Of which phase 2		Of which phase 2	Of which phase 3
030	Public Administrations	616	452	163	87		86
040	Credit institutions	36	36
050	Other financial companies	141	137	1	10		9
060	Non-financial companies	5.044	4.712	298	480		300
070	Of which PMI	2.539	2.351	177	82		71
080	Households	374	327	29	82		71
090	Debt securities	2.677	2.661
100	Central Banks
110	Public Administrations	2.146	2.146
120	Credit institutions	149	149
130	Other financial companies	276	261
140	Non-financial companies	105	105		0
150	Off-balance sheet exposures	1.512	1470	42	65		65
160	Central Banks
170	Public Administrations
180	Credit institutions
190	Other financial companies	132	132		2		2
200	Non-financial companies	1.083	1.044		62		62
210	Households	297	294		2		2
220	Total	11.442	10.800	566	2.003		502

Model EU CR1: Performing and non-performing exposures and related provisions (2/2)

				Accumulated impairment, accumulated negative changes in fair			Real and financial
		value due to credit risk and provisions						Accumulated partial cancellations		guarantees received
			Non-performing exposures - Performing exposures -
			Accumulated impairment,				On		On non
			Accumulated impairment losses and provisions			accumulated negative changes			performing	performing
						in fair value due to credit risk			exposures	exposures
			Of
			which	Of		Of which	Of which
			phase	which		phase 2	phase 3
			1	phase 2
005	Balances with central banks and other sight	-1	-1
	deposits
010	Loans and advances	-77	-59		-187		-187	-64	2.947	234
020	Central Banks
030	Public Administrations	-2	-1		-9		-9	-44
040	Credit institutions
050	Other financial companies	-3	-3		-1		-1		49	7
060	Non-financial companies	-63	-50		-159		-159	-13	2.386	139
070	Of which PMI	-26	-18		-31		-31		1.439	29
080	Households	-12	-7		-18		-18	-6	281	37
090	Debt securities	-2	-2						72
100	Central Banks
110	Public Administrations
120	Credit institutions
130	Other financial companies	-1	-1						72
140	Non-financial companies
150	Off-balance sheet exposures	5	3		7		7		35	2
160	Central Banks
170	Public Administrations
180	Credit institutions
190	Other financial companies	1
200	Non-financial companies	4			6		6		31	2
210	Households								5
220	Total	-75	-59		-181		-180	-63,72	3.055	236

Model EU CR1-A: Exposure duration

		Net exposure value
		On request	<= 1 year	> 1 year <= 5 years	> 5 years	No duration indicated	Total
1	Loans and advances	25	4.473	2.375	1.209	1.260	9.342
2	Debt securities		778	1.049	848		2.675
3	Total	25	5.251	3.424	2.057	1.260	12.017

Model EU CR2: Changes in the stock of non-performing loans and advances

		Gross carrying amount
010	Opening stock of non-performing loans and advances	1.841
020	Inflows to non-performing portfolios	1.515
030	Outflows from non-performing portfolios	-1.419
040	Outflow due to cancellations	-127
050	Outflow due to other situations	-1.416
060	Final stock of non-performing loans and advances	1.937

Model EU CQ1: Credit quality of exposures subject to forbearance

				Gross book value / nominal amount of exposures subject to forbearance			Accumulated impairment, accumulated negative changes in fair value due to credit risk and provisions	Collateral and financial guarantees received on exposures subject to forbearance
				Non-performing subject to forbearance					Of which collateral
		Performing subject to forbearance		of which in default	of which impaired	On performing exposures subject to forbearance	On non performing exposures subject to forbearance		and financial guarantees received on non performing exposures subject to forbearance
005	Balances with central banks and other sight deposits
010	Loans and advances	99	307	307	72	-6	-27	111	38
020	Central Banks
030	Public Administrations	1
040	Credit institutions
050	Other financial companies
060	Non-financial companies	78	71	71	60	-5	-23	81	26
070	Households	20	236	236	12	-1	-4	30	12
080	Debt securities
090	Commitments to provide funding given		2	2	2
100	Total	99	309	309	74	-6	-27	111	38

Model EU CQ3: credit quality of performing and non-performing exposures subdivided by days in arrears

			Gross book value/nominal amount
			Performing exposures	Non-performing exposures
			Not past due or past due ≤ 30 days	Past due > 30 days ≤ 90 days	Probable defaults that are not past due or past due ≤ 90 days	Past due > 90 days ≤ 180 days	Past due > 180 days ≤ 1 year	Past due > 1 year ≤ 2 years	Past due > 2 years <= 5 years	Past due > 5 years <= 7 years	Past due > 7 years	Of which in default
005	Balances with central banks and other sight deposits	699	699

		Gross book value/nominal amount
			Performing exposures			Non-performing exposures
			Not past due or past due ≤ 30 days	Past due > 30 days ≤ 90 days		Probable defaults that are not past due or past due ≤ 90 days	Past due > 90 days ≤ 180 days	Past due > 180 days ≤ 1 year	Past due > 1 year ≤ 2 years	Past due > 2 years <= 5 years	Past due > 5 years <= 7 years	Past due > 7 years	Of which in default
010	Loans and advances	6.553	6.326	227	1.936	701	50	37	213	553	279	104	1.936
020	Central Banks
030	Public Administrations	615	453	162	87	33	2	4	10	30	8		87
040	Credit institutions	35	35
050	Other financial companies	141	141		9		8			1			10
060	Non-financial companies	5.045	4.996	49	479	154	12	15	58	189	29	22	479
070	Of which PMI	2.539	2.519	20	81	38	5	4	4	24	1	5	81
080	Households	717	701	16	1.360	514	28	18	145	333	242	82	1.360
090	Debt securities	2.677	2.677
100	Central Banks
110	Public Administrations	2.146	2.146
120	Credit institutions	149	149
130	Other financial companies	276	276
140	Non-financial companies	105	105
150	Off-balance sheet exposures	1.512			66								66
160	Central Banks
170	Public Administrations
180	Credit institutions
190	Other financial companies	132			2								2
200	Non-financial companies	1.083			62								62

		Gross book value/nominal amount
			Performing exposures	Non-performing exposures
			Not past due or past due ≤ 30 days	Past due > 30 days ≤ 90 days		Probable defaults that are not past due or past due ≤ 90 days	Past due > 90 days ≤ 180 days	Past due > 180 days ≤ 1 year	Past due > 1 year ≤ 2 years	Past due Past due > 2 years > 5 years <= 5 <= 7 years years		Past due > 7 years	Of which in default
210	Households	297			2								2
220	Total	11.442	9.702	227	2.002	701	50	37	213	553	279	104	2.002

Model EU CQ5: Credit quality of loans and advances to non-financial companies by economic sector

				Gross carrying amount		Accumulated
		Of which non performing			Accumulated	negative changes in fair value due to
			Of which in default	Of which loans and advances subject to impairment	impairment	credit risk on non performing exposures
010	Agriculture, forestry and fishing	10		61
020	Mining activity	1		9
030	Manufacturing activity	132		2.071
040	Electricity, gas, steam and air conditioning supply	4		133
050	Water supply	2		47
060	Construction	90		408
070	Wholesale and retail trade	120		1.520
080	Transport and storage	25		378
090	Accommodation and food services	21		58
100	Information and communication services	3		88
105	Financial and insurance activities			1
110	Real estate activities	21		87
120	Professional, scientific and technical activities	14		164
130	Administrative and support services activities	27		230
140	Public administration and defence, compulsory social security			5
150	Education			5

			Gross carrying amount Of which loans and advances subject to impairment
160	Health and social work service activities	4	99
170	Artistic, entertainment and fun activities	2	118
180	Other services	2	22
190	Total	478	5.504

Exposure to sovereign credit risk

The securities portfolio in the banking book has a total value of 2.8 billion Euro and consists primarily of financial instruments with a risk for Italy of 2.1 billion Euro.

In 2021, the Group increased its exposure to the Italian state for investments in government securities.

The Group avails itself of the option to neutralise (partially) unrealised gains and losses in the measures provided for by article 468 of Regulation no. 575/2013; it should also be noted that, in addition to the management strategies adopted for the purposes of risk containment, the component of Italian government bonds classified in HTCS and therefore whose changes in market value may determine potential impacts on the capital is equal to 22% of the total Italian government bonds in the portfolio.

It should be noted that, with respect to total assets, the portion of liquidity invested in Italian government securities is approximately 16% at the end of 2021.

Exposures subject to the measures applied in response to the Covid-19 crisis

With a communication of 30 June 2020, the Bank of Italy implemented the EBA Guidelines on reporting and public disclosure requirements for exposures subject to measures applied in light of the Covid-19 crisis (EBA/GL/2020/07). The objective of the guidelines is to monitor, on a European level and to a harmonised extent, the moratoria granted to support customers in response to the crisis triggered by Covid-19 as well as to provide an adequate and suitable understanding of the risk profile of supervised institutions, consistent with the information related to the consolidated Finrep reporting. To this end, entities are required to publish information regarding:

exposures subject to legislative and non-legislative moratoria applied in light of the Covid-19 crisis (EBA/GL/2020/02);
exposures subject to forbearance measures applied as a result of the Covid-19 crisis;
new exposures subject to the public guarantee schemes introduced in the Member States.

The three new tables provided for in Annex 3 (EBA/GL/2020/07) are shown below.

Table 1: Information on loans and advances subject to legislative and non-legislative moratoriums

This table provides an overview of the credit quality of loans and advances subject to loan repayment moratoria applied in light of the crisis per Covid-19 (EBA/GL/2020/07, EBA/GL/2020/02). This only includes exposures subject to a moratorium that has not yet expired, thus excluding extinguished exposures for which the period of suspension of payments has expired.

		Gross carrying amount
				Performing		Non-performing
				Of which: forborne exposures	Of which: instruments with significant increase in credit risk since initial recognition but performing (Phase 2)		Of which: forborne exposures	Of which: unlikely to pay that are not past due or past due <= 90 days
1	Loans and advances subject to moratorium	90	90	2	2
2	of which: to families	21	21	1	1
3	of which: secured by residential real estate as collateral	9	9	1	1
4	of which: non-financial companies	70	70	1	1
5	of which: to small and medium-sized enterprises	59	59	1	1
6	of which: secured by non residential real estate as collateral	34	34	0	0

			Accumulated impairment, accumulated negative changes in fair value due to credit risk
				Performing
				Of which: forborne exposures	Of which: instruments with significant increase in credit risk since initial recognition but performing (Phase 2)	Of which: forborne exposures	Of which: unlikely to pay that are not past due or past due <= 90 days	Inflows to non performing exposures
1	Loans and advances subject to moratorium	-1	-1
2	of which: to families
3	of which: secured by residential real estate as collateral
4	of which: non financial companies
5	of which: to small and medium-sized enterprises
6	of which: secured by non-residential real estate as collateral

Table 2: Breakdown of loans of advances subject to legislative and non-legislative moratoriums by residual duration of moratoriums

The following table gives details of the exposures that have been subject to moratoria in the course of their existence on the basis of the EBA/GL/2020/02 guidelines. Therefore, positions for which the period of suspension of payments has lapsed or which over time have lost compliance with the requirements established by the EBA are also included.

			Gross carrying amount
					Residual duration of moratoriums
		Number of debtors		Of which: legislative moratoriums	Of which: past due	<= 3 months	> 3 months <= 6 months	> 6 months <= 9 months	> 9 months <= 12 months	> 1 year
1	Loans and advances for which a moratorium has been offered	9.717	696
2	Loans and advances subject to moratorium (granted)	9.713	693	688	602	90
3	of which: to families		92	92	72	21
4	of which: secured by residential real estate as collateral		14	14	5	9

			Gross carrying amount
						Residual duration of moratoriums
		Number of debtors		Of which: legislative moratoriums	Of which: past due	<= 3 months	> 3 months <= 6 months	> 6 months <= 9 months	> 9 months <= 12 months	> 1 year
5	of which: non-financial companies		597	592	527	69
6	of which: to small and medium-sized enterprises		436	432	378	58
7	of which: secured by non residential real estate as collateral		70	68	36	34

Table 3: Information on new loans and advances subject to newly applied public guarantee schemes introduced in response to the Covid-19 crisis

The table provides an overview of the stock of new disbursements supported by government guarantees introduced to help businesses cope with the crisis caused by the Covid-19 epidemic.

			Gross carrying amount	Maximum amount of the guarantee that can be considered	Gross carrying amount
			of which: forborne	Public guarantees received	Inflows to non-performing exposures
1	New loans and advances subject to public guarantee schemes	472		405	3
2	of which: to families	11
3	of which: secured by residential real estate as collateral
4	of which: non-financial companies	460		397	3
5	of which: to small and medium-sized enterprises	352
6	of which: secured by non-residential real estate as collateral

7.2. Use of ECAI

The Banca Ifis Group, for the purpose of calculating the capital requirement against credit and counterparty risk, avails itself of the services provided by external credit assessment institution (ECAI) "Fitch Ratings" for the positions included in the class "Exposures to central governments and central banks"; for the other asset classes, no external ratings are used. The assessments of the ECAI selected apply to the following classes of activity:

Regulatory classes	ECA/ECAI	Characteristics of the rating
Exposures to central governments and central banks	Fitch Ratings	Solicited/Unsolicited
Exposures to regional governments or local authorities	-	-
Exposures to public sector bodies	-	-
Exposures to institutions	-	-
Exposures to companies	Cerved	Solicited/Unsolicited
Retail exposures	-	-
Exposures in default	-	-
Exposures associated with particularly high risk	-	-
Equity exposures	-	-

Model EU CR4 - Standardised Approach: Credit risk exposure and CRM effects

		Pre-CCF and pre-CRM exposures		Post-CCF and post-CRM exposures	RWA and RWA Density
	Exposure classes	On-balance sheet exposures	Off-balance sheet exposures	On-balance sheet exposures	Off-balance sheet exposures	RWA	RWA Density (%)
1	Central governments or central banks	3.220	-	4.025	-	244	6,06%
2	Regional governments or local authorities	24	-	24	-	5	20,00%
3	Public sector bodies	486	0	486	-	192	39,41%
4	Multilateral development banks	-	-	-	-	-
5	International organisations	-	-	-	-	-
6	Bodies	539	2	539	2	234	43,21%
7	Enterprises	3.821	743	3.441	481	3.596	91,66%
8	Retail	1.955	692	1.620	28	970	58,83%
9	Secured by mortgages on property	212	0	212	0	74	34,62%
10	Exposures in default	1.760	58	1.741	47	2.366	132,31%
11	Exposures associated with particularly high risk	40	-	40	-	61	150,00%
12	Covered bonds	-	-	-	-	-
13	Entities and companies with short term credit ratings	-	-	-	-	-
14	Collective Investment Schemes	79	45	79	23	145	141,47%
15	Equity instruments	274	-	275	-	284	103,43%
16	Other items	315	-	315	3	309	97,15%
17	TOTAL	12.725	1.540	12.795	584	8.478	63,34%

Model EU CR5: standardised method

		Risk weighting factors													Total	Of which non-rated
	Exposure classes	0%	2%	4%	10%	20%	35%	50%	70%	75%	100%	150%	250%	370%	1250%	Othe rs
1	Central governments or central banks	3.804									205		15				4.024	4.024
2	Regional governments or local authorities					24											24	24
3	Public sector bodies					368					118						486	486
4	Multilateral development banks
5	International organisations
6	Bodies	2				381					158						541	541
7	Enterprises					13		314			3.484	112					3.923	2.347
8	Retail exposures						28			1.620							1.648	1.648
9	Exposures secured by mortgages on immovable property						145	67									212	199
10	Exposures in default										632	1.155					1.788	1.788
11	Exposures associated with particularly high risk											40					40	40
12	Covered bonds
13	Exposures to institutions and companies with short-term credit rating
14	Units or shares in collective investment schemes					5					26	48			1	23	102	102
15	Equity exposures										268		6				274	274
16	Other items	4				7					308						319	319
17	TOTAL	3.810				798	173	381		1.620	5.199	1.355	21		1	23	13.381	11.792

8.Encumbered assets

Objectives and policies for managing the risk associated with the proportion of restricted and unrestricted assets

An asset is defined as "restricted" or "encumbered" if it has been assigned as collateral or, for any reason, has been used to cover the credit received and therefore cannot be freely used. What exceeds the credit received - technically overcollateralisation - is not considered restricted. The Asset Encumbrance Ratio represents, at Group level, the ratio between: on the Numerator, the portion of committed balance sheet assets added to the portion of collateral received and reused and, on the Denominator, the total balance sheet assets (restricted and non) added to the collateral received (restricted and non). While the objective of the Asset Encumbrance Ratio is to provide information to the public and creditors on the level of the Group's committed, and therefore unavailable, assets, it also provides a valuable indication of an institution's funding strategy and its prospective ability to raise, at reasonable prices, through secured funding. Conversely, and more generally, the indicator provides a summary measure of the health of the unsecured market. Properly analysed, and if accompanied by indications of the duration of the constraint, it can provide further useful information on refinancing risk (technically rollover risk), liquidity risk and operational risk.

The risk connected to the quota of encumbered assets determines:

the reduction in the share of assets available to creditors and unsecured depositors;
the increase in funding and liquidity risk, as the share of assets involved reduces the possibility of obtaining new secured deposits and, in the case of high-quality assets, the amount of available liquidity reserves.

The operations for which the Group normally binds part of its financial assets fall within the following categories:

deposit with the Bank of Italy as a minimum reserve;
transactions in derivative contracts;
term deposits given as a guarantee to banks in syndicated transactions (iblor deposit);
debt securities given as a guarantee to the Bank of Italy related to intraday advances;
debt securities given as a guarantee to the European Central Bank for TLTRO operations;
eligible receivables for collateralisation with the Bank of Italy through the ABACO program;
assets used for securitisation transactions.

To monitor the level of exposure to this risk the Group uses the so-called "asset encumbrance ratio"'.

The operational management of the risk related to the portion of encumbered assets is held by the Capital Markets Directorate.

To cover this type of risk, no internal capital is allocated; however, dedicated control activities are defined by the Bank's Risk Management function. These controls take the form of weekly stress tests on the value of the assets pledged as collateral

for funding operations provided by the European Central Bank and are designed to verify the potential impact of their impairment in the context of liquidity risk.

Furthermore, within the strategic planning process and definition of the Funding Plan, the Risk Management unit measures the prospective share of encumbered assets and assesses its overall level and its sustainability with respect to the market benchmark, by subjecting them also to stress tests based on the defined scenarios.

On the basis of the final figures, it should be noted that the portion of assets restricted during 2021, in line with the diversification of funding sources carried out, was significantly higher than the previous year.

Quantitative information

Model EU AE1: restricted and unrestricted assets

		Book value of restricted assets		Fair value of restricted assets		Book value of unrestricted assets	Fair value of unrestricted assets
		of which EHQLA and HQLA notionally admissible		of which EHQLA and HQLA notionally admissible		of which EHQLA and HQLA		of which EHQLA and HQLA
	010	030	040	050	060	080	090	100
Activities of the reporting entity	3.942	1.542			9.604	580
Capital instruments					198	349	190
Debt securities	1.924	1.542	1.948	1.566	615		922	416
of which covered bonds						412
of which securitisations	214		214		242		239
of which issued by public administrations	1.564	1.542	1.589	1.566	484		488	416
of which issued by financial companies	272		274		373	412	372
of which issued by non financial companies	24		25		67		67
Other assets	2.017				7.952

Model EU AE2: collateral received and debt securities of own issue

			Fair value of collateral received or debt securities issued by the Company that are restricted		Unrestricted Fair value of collateral received or debt securities of own issue that can be restricted
			of which EHQLA and HQLA notionally admissible		of which EHQLA and HQLA
		010	030	040	060
130	Collateral received by the disclosing entity			101
140	Loans on demand
150	Capital instruments
160	Debt securities			101
170	of which covered bonds
180	of which securitisations
190	of which issued by public administrations			101
200	of which issued by financial companies
210	of which issued by non-financial companies
220	Loans and advances other than demand financing
230	Other collateral received
240	Debt securities of own issue other than covered bonds or own securitisations			49
241	Secured bonds and securitisations of own issue not yet pledged as collateral
250	TOTAL COLLATERAL RECEIVED AND DEBT SECURITIES OF OWN ISSUE	3.942	1.542

Model EU AE3: sources of encumbrance

		Corresponding liabilities, contingent liabilities or securities lending	Assets, collateral received and debt securities of own issuance other than covered bonds and securitisations, restricted
		010	030
010	Book value of selected financial liabilities	3.264	3.825

9.Counterparty risk

Qualitative information

The counterparty risk is the risk that the counterparty to a transaction involving financial instruments defaults before the final settlement of the transaction cash flows.

Moreover, in 2021, with regard to counterparty risk, a derivative transaction (purchase of a put option from a leading financial counterparty) was put in place to hedge the interest rate component of the self-securitisation transaction carried out by IFIS NPL Investing. This derivative transaction, if the interest rate strikes defined by the option were to be exceeded on the scheduled settlement dates, would mean that the counterparty selling the option in question would be indebted to IFIS NPL Investing. Organisationally, the Capital Markets Department is responsible for managing operations in financial instruments in accordance with the policies defined and the guidelines assigned according to operational and risk limits and profitability targets.

Prospectively speaking, the impact on this risk is not expected to be significant in relation to the type of transactions, the nature of the counterparties and the margining systems envisaged.

With regard to counterparty risk connected to repos, its monitoring consists in a precise and constant verification of the structure and quality of the securities portfolio as the underlying risk is directly connected to the creditworthiness of the counterparties with which the collateralised financing operations are carried out (generally central counterparties such as Cassa di Compensazione e Garanzia and the European Central Bank) and is proportional to the price volatility of portfolio securities provided as a guarantee. There is only one repo transaction with central counterparty at the end of the fiscal year.

In relation to both the low level of exposure of the derivative product portfolio and the low incidence of absorbed internal capital connected to counterparty risk (CCR) on the total absorbed internal capital on risks, it is considered that the potential relevance of the aforementioned risk at Group level is "low".

The Group, for the measurement of counterparty risk and the measurement of the related internal capital, is based on the methodologies prescribed by Regulation (EU) no. 575/2013 of 26 June 2013 - Part Three, Title II, Chapter 6 (CCR) and for its application in Italy by Circular no. 285/2013, for the purposes of calculating the relevant regulatory capital requirements.

Quantitative information

Model EU CCR1: analysis of CCR exposure by method

		Replacement Cost (RC)	Potential Future Exposure (PFE)	Alpha used to calculate exposure value for regulatory purposes	Pre-CRM exposure value	Post-CRM exposure value	Exposure value	RWEA
EU 1	EU - Original Exposure Method (for derivatives)	3	26	1.4	40	40	40	13
EU 2	EU - Simplified SA-CCR (for derivatives)			1.4
1	SA-CCR (for derivatives)			1.4
2	IMM (for derivatives and SFT)
2a	of which netting sets containing securities financing transactions
2b	of which pools of assets subject to clearing containing derivatives and transactions with long-term settlement
2c	of which from sets of assets subject to contractual netting agreement between different products
3	Simplified method for the treatment of financial collateral (for SFTs)				267	267	267	66
4	Full method for the treatment of financial collateral (for SFTs)
5	VaR for SFTs
6	Total				307	307	307	79

Model EU CCR2: Transactions subject to own funds requirements for CVA risk

		Exposure value	RWEA
1	Total transactions subject to the advanced method
2	i) VaR component (including 3× multiplier)
3	ii) VaR component under stressed conditions (including 3× multiplier)
4	Transactions subject to the standardised method	40	35
EU-4	Transactions subject to the alternative method (based on the original exposure method)
5	Total transactions subject to own funds requirements for CVA risk	40	35

Model EU CCR3 - Standardised Approach: exposures subject to CCR by regulatory exposure class and risk weight

Exposure classes		Risk weighting factor
		0%	2%	4%	10%	20%	50%	70%	75%	100%	150%	Others	Total exposure value
1	Central governments or central banks
2	Regional governments or local authorities
3	Public sector bodies
4	Multilateral development banks
5	International organisations
6	Bodies					203				20			223
7	Enterprises									2			2
8	Retail
9	Entities and companies with short term credit ratings
10	Other positions (*)					83							83
11	Total exposure value					286				22			307

Model EU CCR5: composition of collateral for exposures subject to CCR

Collateral Type			Collateral used in derivative transactions			Collateral used in SFT
		Fair value of collateral received			Fair value of collateral provided		Fair value of collateral received	Fair value of collateral provided
		Separate	Not separate	Separate	Not separate	Separate	Not separate	Separate	Not separate
1	Cash - Domestic currency						218
2	Cash - Other currencies
3	National sovereign debt
4	Other sovereign debt
5	Public agency debt
6	Corporate Bonds								267
7	Equity securities
8	Other collateral guarantees
9	Total						218		267

Credit valuation adjustment risk

This risks refers to an interim market valuation adjustment of the portfolio of transactions with a counterparty, referring to OTC derivatives. This adjustment reflects the current market value of the entity's counterparty risk but it does not reflect the current market value of the entity's credit risk in relation to the counterparty.

The Credit Value Adjustment (CVA) risk is on the same portfolio subject to the counterparty risk previously analysed. It reflects the current market value to the risk itself.

For the measurement of credit valuation adjustment risks and its internal capital, the Bank follows the method prescribed by Regulation (EU) no. 575/2013 of 26 June 2013 - Part Three, Title VI and Circular no. 285/2013, for its application in Italy, for the purposes of calculating the relevant regulatory capital requirement. In particular, for transactions involving derivatives, it adopts the "standardised method" (article 384 CRR) in order to measure the credit valuation adjustment risk.

In relation to both the low level of exposure of the derivative product portfolio and the low incidence of internal capital absorbed connected to the credit valuation adjustment risk (CVA) on the total internal capital absorbed on the risks, the potential relevance of the aforementioned risk at Group level is considered to be "low".

10. Risk mitigation techniques

Qualitative information

The strategies pursued by the Banking Group require credit lines to be preferably backed by suitable guarantees and risk mitigation instruments.

The guarantees for their ability to split the credit risk, if managed in an integrated manner with the knowledge of the customer, become the main and most effective instrument for the effective mitigation of the risk.

The Banca Ifis Group has implemented the requirements of Regulation (EU) no. 575/2013 for the purpose of recognising the effects of credit risk mitigation produced by the presence of collateral and personal guarantees for the protection of credit.

The process of controlling the acquisition of guarantees and the use of credit risk mitigation techniques focuses on the definition of suitable controls, instruments and processes aimed at guaranteeing firstly the verification of alignment with Supervisory requirements, distinguishing between:

"general requirements", such as legal certainty, the speed of implementation and organisational requirements;
"specific requirements", with particular attention to the revaluation and monitoring of the value of the guarantees and the verification of the absence of a significant correlation between the debtor's ability to repay/creditworthiness and the guarantee.

The Bank's Risk Management function constantly monitors the quality and adequacy of the procedures for assessing collateral to provide central oversight over the assessment and monitoring of collateral for the Banca Ifis Group's loan portfolio.

Compensation policies and processes

The Bank does not apply processes for offsetting credit risk exposures with counter entries in the balance sheet or "offbalance sheet".

Main types of guarantors and counterparties in credit derivative transactions and their creditworthiness

The Banking Group has no credit derivative transactions.

Information on concentrations of market or credit risk within the credit risk mitigation instruments adopted

There are no concentration levels of significant risks within the credit risk mitigation instruments adopted.

Quantitative information

Model EU CR3 - CRM Techniques - Overview: Disclosure on the use of credit risk mitigation techniques

		Book value not guaranteed	Book value guaranteed	of which guaranteed by collateral	of which guaranteed by financial guarantees
1	Loans and advances	5.808	3.181	2.003	1.178
2	Debt securities	2.605	72		72
3	Total	8.413	3.253	2.003	1.250
4	of which non-performing exposures	1.703	234	165	69
EU-5	of which in default	1.703	234	165	69

11. Securitisation transactions

Qualitative information

Risk arising from securitisation transactions is the risk that the economic aspect of the securitisation transaction is not fully reflected in the risk assessment and management decisions.

This section describes the Group's exposures towards securitisation transactions in which it is involved as originator, sponsor, or investor.

The Group has a "Securitisation management policy" that governs the management of securitisation transactions in which it is involved as "investor" (i.e. the buyer of the notes) or "sponsor" (i.e. the party that establishes the transaction). For each potential case, the policy sets out the responsibilities of the organisational units and bodies with reference to both the due diligence process and the ongoing monitoring of the transaction.

During 2021, the Group carried out a receivables sale transaction involving a portfolio of receivables arising from loans to debtors classified as "non-performing". This sale was part of a securitisation transaction involving a pool of banks that sold their respective portfolios; part of the notes relating to the securitisation were subscribed by the Group.

In this regard, during 2021 the GACS guarantee was activated for the securitisation executed at the end of 2020, while the GACS guarantee for the 2021 securitisation is awaited.

The Group also has exposures to securitisations originated by third parties of limited amount, acquired for investment purposes with the aim of generating a profit margin and achieving an appreciable medium/long-term return on capital. These transactions may be originated by the Bank's Business Units, with the support and coordination of the Securitisation & Structured Solutions unit reporting to the Capital Markets function, based on the characteristics of the underlying portfolio - - performing or non-performing -- or as part of liquidity investments.

For funding purposes (without the transfer of risks and benefits) there are securitisation transactions having as underlying some technical forms of assets (trade receivables, medium-long term loans) as well as some self-securitisation transactions on leasing, on the Parent Company Banca Ifis and on the subsidiary Farbanca, to which was added, during 2021, the transaction carried out on the non-performing portfolios previously acquired by IFIS NPL Investing.

The acquisition, control and mitigation activities are carried out in accordance with the policies and procedures relating to credit risk, and in particular with the "Policy for the management of securitisation transactions", and in compliance with the propensity to risk established within the Risk Appetite Framework. The Group invests in securitisations of which it is able to value, on the basis of its experience, the relevant underlying assets. In particular, after identifying the investment opportunity, the unit that proposes the transaction conducts a due diligence review to estimate future cash flows and determine whether the price is fair, coordinating the organisational units concerned from time to time and formalising the relevant findings to be submitted to the competent decision-making body. Subsequent to the purchase, the investment is constantly monitored based on the performance indicators of the underlying exposures and whether cash flows are in line with the estimates

made at the time of the acquisition. For the purposes of improving the governance framework relating to this issue, it should be noted that in 2021, the "Committee for Investments in Illiquid Financial Assets" was also set up, and the scope of activity was defined and updated, in this regard, of the Securitisation & Structured Solutions unit.

The potential relevance of the risk arising from securitisation transactions at Group level is assessed as "low".

More detailed information of said operations is provided in section E of the notes to the consolidated financial statements of the Banca Ifis Banking Group.

Quantitative information

Model EU SEC1: Securitisation exposures outside the trading portfolio2

		The institution acts as an investor
		Traditional			Sub-total
		STS	Non-STS	Synthetic
1	Total exposures	4	114		118
2	Retail (total)
3	Mortgage on residential property
4	Credit cards
5	Other retail exposures	4	62		66
6	Re-securitisation
7	Wholesale (total)
8	Loans to companies
9	Mortgage on non-residential properties
10	Leasing and credits
11	Other wholesale
12	Re-securitisation

² Portion of EU SEC1 table relevant to the Group.

Model EU SEC4 - Securitisation exposures outside the trading portfolio and related regulatory capital requirements: entity acts as investor (1/2)

				Exposure values			Exposure values
				(by band of RW/deduction)			(by regulatory method)
		≤20% RW	from >20% to 50% RW	from >50% to 100% RW	from >100% to <1250% RW	1250% RW/ded uctions	SEC-IRBA	SEC-ERBA (including IAA)	SEC-SA	1250% RW/deductions
1	Total exposures	45	15	47	12				118
2	Traditional securitisation	45	15	47	12				118
3	Securitisation	45	15	47	12				118
4	Retail underlying
5	of which STS
6	Wholesale
7	of which STS
8	Re-securitisation
9	Synthetic securitisation
10	Securitisation
11	Retail underlying
12	Wholesale
13	Re-securitisation

Model EU SEC4 - Securitisation exposures outside the trading portfolio and related regulatory capital requirements: entity acts as investor (2/2)

					RWEA (by regulatory method)	Capital requirement after application of the cap
		SEC-IRBA	SEC-ERBA (including IAA)	SEC-SA	1250% RW/deductions	SEC IRBA	SEC-ERBA (including IAA)	SEC-SA	1250% RW/deductions
1	Total exposures			87	1			7
2	Traditional securitisation			87	1			7
3	Securitisation			87	1			7
4	Retail underlying
5	of which STS
6	Wholesale

					RWEA (by regulatory method)	Capital requirement after application of the cap
		SEC-IRBA	SEC-ERBA (including IAA)	SEC-SA	1250% RW/deductions	SEC IRBA	SEC-ERBA (including IAA)	SEC-SA	1250% RW/deductions
7	of which STS
8	Re-securitisation
9	Synthetic securitisation
10	Securitisation
11	Retail underlying
12	Wholesale
13	Re-securitisation

Model EU SEC5 - Exposures securitised by the entity: Exposures in default and specific loan impairments

		Exposures securitised by the institution - The institution acts as an originator or promoter
			Total outstanding nominal amount	Total amount of value adjustments on specific receivables carried out in
			of which exposures in default	the period
1	Total exposures	767	11	12
2	Retail (total)
3	Mortgage on residential property
4	Credit cards
5	Other retail exposures
6	Re-securitisation
7	Wholesale (total)
8	Loans to companies
9	Mortgage on non-residential properties
10	Leasing and credits
11	Other wholesale
12	Re-securitisation

12. Operational risk

Objectives and management policies of operational risk

The Banca Ifis Group has adopted for a while now - consistently with the relevant regulatory provisions and industry best practices - an operational risk management framework. This consists in a set of rules, procedures, resources (human, technological and organisational), and controls aiming to identify, assess, monitor, prevent or mitigate all existing or potential operational risks in the various organisational units, as well as to communicate them to the competent levels. The key processes for the correct management of operational risk include loss data collection (LDC) and the forward-looking selfassessment of exposure to operational risk (Risk Self-Assessment - RSA). In addition, the adequate training of resources is another key element of the operational risk governance and management process. Indeed, the Banca Ifis Group is constantly committed to the professional training and growth of its human resources.

The operational risk monitoring aims at ensuring a continuous control of the exposure to this type of risk and is carried out through:

analysis of the evidence emerging from the Risk Self-Assessment and Loss Data Collection activities; if the results should reveal significant criticalities, the appropriate remediation actions are identified, shared and subsequently planned with the various operational units impacted and responsible;
the definition and calculation of specific risk indicators and the periodic verification of compliance with the relative monitoring thresholds (these indicators are reported quarterly in the periodic reporting to the corporate bodies or in specific reports addressed to the structures concerned).

More specifically, in the first half of 2021, the periodic Risk Self Assessment campaign was completed. It had been launched in the final quarter of 2020. Following the exercise, the main operational issues were identified and specific mitigation measures to bolster operational risk controls were subsequently defined and launched.

The same period also saw conclusion of the Model Risk Self Assessment campaign, carried out considering the organisational units as Model Owners present at the Parent company and the Subsidiary Ifis Npl Investing, insofar as the responsibility for the development and maintenance of the models is attributed to the Parent company Risk Management. Following the campaign, the models most exposed to the risk were identified and reported to the Validation department in order to define the suitable mitigating actions.

According to its operational risk management framework, the Group also defines a set of risk measures that can promptly identify the presence of vulnerabilities in the exposure of the Bank and its subsidiaries to operational risks. These measures are continuously monitored and disclosed in periodic reports that are shared with the competent structures and bodies: events such as the breach of certain thresholds or the emergence of anomalies trigger specific escalation processes aimed at defining and implementing appropriate mitigation actions. Considering the development of the business and the internal

and external operating context in which the Group operates, the indicators are subject to a periodical update/review. In the last quarter of 2021, in fact, the project for the adjustment and complete revision of the Group Policy for the Management of Operational and Reputation Risks was completed, approved and published and in January 2022, in which all Key Risk Indicators developed are outlined operationally.

In order to prevent and manage operational risk, the Parent company's Risk Management department, in collaboration with the other corporate functions, is involved in assessing the outsourcing of operational functions and in assessing the risks associated with the introduction of new products and services by means of specific product testing. Finally, it helps monitor IT risk as well as the effectiveness of the measures intended to protect ICT resources.

The operational risk mitigation stage involves identifying and carrying out actions aimed at preventing and mitigating exposure to operational risk (for example, through corrective initiatives or adjustments to processes, systems, etc.). In particular, mitigation actions are assessed and, if necessary, activated when specific areas of vulnerability are identified on the basis of an analysis of the evidence resulting from LDC and RSA activities or from violations of the thresholds set for risk indicators; the stages can be summarised as follows:

review and share the proposals for corrective actions applicable to corporate processes with a significant level of operational risk;
define the implementation plan for the proposed interventions, identifying priorities, timing and resources involved;
rationalise and optimise the mitigation actions in terms of costs/benefits;
verify, on an on-going basis, the progress and efficacy of the undertaken actions.

Concerning the companies of the Banca Ifis Group, please note that currently the management of operational risks is guaranteed by the strong involvement of the Parent company, which makes decisions in terms of strategies and risk management. The overall operational risk management framework was therefore extended, on the basis of the principle of proportionality, by adopting the same methodological approach and IT tools developed at the Parent Company.

Various types of risks fall within the scope of operational risks. In this regard, the following:

• the risk of fraud understood as the risk that in the performance of its activity as a financial intermediary the Business will commit unlawful acts such as alterations, counterfeiting, documentary forgery, misappropriation and/or nondelivery of goods, identity theft, carousel fraud and/or generated by collusion between parties involved in the contracts concluded for the financed products. The detection, study and analysis of the cases of fraud suffered, the evaluation of processes, the identification of weaknesses and the identification of fraud risk mitigation measures, are ordinary and daily activities that allow the Anti-Fraud function to refine existing measures to identify the socalled "anti-fraud red flags" (fraud risk indicators) and to create new ones if necessary. This activity is supported by the use of databases (Cerved, Crif, Assilea) and dedicated IT tools (Scipafi, fraud detection systems for payment instruments) and by the people in the teams of the functions involved (e.g. Payments and E-money and Account Products, etc.) to which information is given on any cases detected. The risk mitigation activity is completed through

the provision of specific Anti-fraud training to the different operating and non-operating structures of the group that may be involved - daily - in the fraud prevention process. Particular attention is paid to support should anomalies be found that require in-depth analysis and subsequent preventive action, such as the inclusion of names classified as potentially fraudulent on the anti-fraud black list or the blocking of transactions under evaluation.

IT risk is the risk of loss due to breaches of confidentiality, the lack of integrity of systems and data, the inadequacy or unavailability of systems and data, or the inability to replace information technology (IT) within reasonable time and cost constraints if the requirements of the external environment or business change. This includes security risks arising from inadequate or flawed internal processes or external events, including cyber attacks or inadequate physical security.
the risk of non-compliance, that is the risk of incurring legal or administrative sanctions, significant financial losses or reputational damage as a result of violations of mandatory rules (of law or regulations) or of self-regulation. In this regard, the Group has adopted a qualitative method for assessing this, which specifically provides for: i) the performance of compliance audits, according to a risk-based approach, which makes it possible to assess the completeness and adequacy of the processes as well as the functionality and reliability of the safeguards put in place in order to ensure proper management of the risk of non-compliance; ii) the performance of ongoing controls by means of which the effectiveness of the safeguards in place is tested; iii) the map of ongoing controls is updated in order to include additional controls designed to examine the safeguards identified and/or required as part of its own audits. The Compliance department oversees, according to a risk-based approach, the management of noncompliance risk in connection with the entire Group activity.
the risk of money laundering and terrorist financing, i.e. the current or prospective risk of losses resulting from the repercussions, including reputational ones, of money laundering and terrorist financing activities. In this regard, the Group carries out a risk self-assessment exercise in line with the provisions of article 15 of Italian Legislative Decree no. 231/2007 and with the "Provisions on the organisation, procedures and internal controls aimed at preventing the use of intermediaries for money laundering and terrorist financing" issued by the Bank of Italy on 27 March 2019. This self-assessment exercise is based on a qualitative-quantitative methodology aimed at identifying the potential level of risk exposure as well as measuring the vulnerability of the existing safeguard systems. The drivers used to assess the incidence of money laundering and terrorist financing risk relate to the following categories: customers, products and services, transactions and distribution channels. For each driver, specific risk factors are identified, individually measured in terms of frequency and impact for each operating unit of the Group. The Anti-money laundering function is responsible for managing the risk of money laundering and terrorism financing on behalf of the Group;
the risk of incorrect financial reporting, understood as a voluntary or involuntary action potentially generating errors in the Group's financial statements. The internally developed assessment process is inspired by the principles and guidelines defined by the Internal Control - Integrated Framework issued by the Committee of Sponsoring Organisations of the Treadway Commission (known as CoSO) and by the Control Objectives for Information and

related Technology (known like CobiT), considered as reference models accepted internationally. The analyses carried out seek to identify and mitigate the main risks to which the company is exposed in the execution of the relevant transactions which generate the information contained in the financial statements and in general in any other information of a financial nature. The Financial Reporting and Monitoring function is responsible for the setting up and monitoring of adequate safeguards.

The risks of non-compliance, money laundering and terrorist financing, and financial misinformation, although they fall under the definition of operational risk and are therefore considered in the normal assessment processes, given their importance, are assessed and represented in a more vertical manner by the respective competent units. Fraud and IT risks are assessed as part of the broader operational risk management process and, given their specific nature and importance, specific monitoring activities are dedicated to them (fraud prevention and detection; annual ICT Risk Self Assessment).

For the measurement of operational risk and of internal capital, the Banking Group, in consideration of the size and the limited operational complexity, has followed the "basic method" governed by Regulation (EU) no. 575/2013 of 26 June 2013 - Part Three, Title III and Circular no. 285/2013 for its application in Italy, for the purpose of calculating the regulatory capital requirement. In particular, it calculates the mandatory minimum capital requirement for operational risks by using the Basic Indicator Approach (BIA). This method quantifies capital absorption to the amount of 15% of the average of the last three financial years of "relevant indicator" values referred to in Art. 316 Regulation (EU) no. 575/2013 of 26 June 2013 which are representative of the company operating volumes.

With reference to the impacts of the Covid-19 emergency, in 2020, the operational and reputational risk management strategies had changed, both following specific requests in this respect by the regulator and in order to recalibrate the internal control system in order to make the monitoring activities more in line with the altered procedures for carrying out certain types of business following the restrictions imposed. Following the easing of restrictive measures and the subsequent resumption of business activities on an ordinary operating scale, the strategies for managing operational and reputational risks were also gradually readjusted. In particular, the methods of carrying out risk management activities relating to monitoring and reporting in the various areas (e.g., disputes, NPLs, etc.), as well as the key risk indicators, which had been reshuffled with a view to making controls more consistent with the various operating conditions and business needs, were restored to regular levels and have not undergone any further changes determined therefrom in 2021.

Qualitative information

In particular, it calculates the mandatory minimum capital requirement for operational risks by using the Basic Indicator Approach (BIA). This method quantifies capital absorption to the amount of 15% of the average of the last three financial years of "relevant indicator" values referred to in Art. 316 Regulation (EU) no. 575/2013 of 26 June 2013 which are representative of the company operating volumes.

For regulatory purposes, the measurement of operational risk is carried out using IT procedures dedicated to the periodic production of statistical reports and consolidated prudential supervision.

The Banca Ifis Group has adopted for a while now - consistently with the relevant regulatory provisions and industry best practices - an operational risk management framework. This consists in a set of rules, procedures, resources (human, technological and organisational), and controls aiming to identify, assess, monitor, prevent or mitigate all existing or potential operational risks in the various organisational units, as well as to communicate them to the competent levels. The key processes for correct operational risk management consist of Loss Data Collection (LDC), and prospective self-assessment of exposure to operational risk (Risk Self-Assessment - RSA) and self-assessment of the degree of exposure to the model risk, i.e. the risk of incurring financial losses or incorrect strategic decisions deriving from an improper or incorrect use of the results and reports produced by the models used (Model Risk Self Assessment).

With regard to the Internal Loss Data Collection process in use, operating losses are classified according to the risk categories defined by the Supervisory regulations and listed below:

(a) internal fraud: losses due to unauthorised activity, fraud, embezzlement or violation of laws, regulations or company directives that involve at least one internal intermediary resource;
(b) external fraud: losses due to fraud, embezzlement, or violation of laws by subjects external to the intermediary;
(c) employment relationships and occupational safety: losses due to acts that are in non-compliance with the laws or agreements on employment, health and safety at work, the payment of compensation for personal injury or incidents of discrimination or diversity;
(d) customers, products and operating practices: losses resulting from non-fulfilment of professional obligations towards customers or from the nature or characteristics of the product or service provided;
(e) damage to tangible assets: losses resulting from external events, such as natural disasters, vandalism, terrorism, etc.;
(f) interruptions to operations and system malfunctions: losses due to interruptions to operations, malfunctions or unavailability of systems;
(g) execution, delivery and management of processes: losses due to shortcomings in the completion of transactions or in the management of processes, as well as losses due to relations with commercial counterparties, vendors, suppliers.

The results of the operational losses data collection of the Banking Group in 2021 are shown in the graph below, which shows the percentage distribution of the number of registered events divided into the risk classes listed above. For

completeness, the graph below shows the percentage distribution of the actual loss of the operational risk events recorded divided into the 7 regulatory risk classes.

For completeness, it is noted that the Risk Control Self-Assessment process carried out in 2021 highlighted the potential risks to which the Banking Group is exposed on a prospective basis based on the self-assessments carried out by the main company process owners. Appropriate information on the identified areas for improvement and on the actions agreed for mitigation of potential risks is provided to the competent corporate bodies.

Quantitative information

The adoption of the "basic method" by the Bank resulted in a consolidated capital requirement on 31 December 2021 of approximately 70,2 million Euro, which was considered capable of coping with the unexpected financial impacts of potential risky events that could occur during 2022.

Model EU OR1: own funds requirements for operational risk and risk-weighted exposure amounts

				Relevant indicator	Own funds	Amount of risk exposure
	Banking assets	Year 3	Year 2	Last year	requirements
1	Banking assets subject to the basic method (BIA)	473	456	476	70	878
2	Banking assets subject to the standardised approach (TSA) / the alternative standardised approach (ASA)
3	Subject to TSA method
4	Subject to ASA method
5	Banking assets subject to advanced measurement methods (AMA)

13. Equity exposures: information on positions included in the banking portfolio

It is the risk of a loss in value of the investment (in financial and non-financial companies) held by the Group arising from the possibility of incurring capital losses, of achieving a lower yield than expected and/or of having to sustain fixed assets for periods exceeding initial expectations. This risk includes potential conflicts of interest and inadequate organisational or corporate separation between the investment activity and the remaining banking activity.

The investment risk is generated by transactions of a different nature, including:

equity investment activities of industrial, commercial or service companies under development or maturity;
additional equity investment positions arising from restructuring transactions of customers in temporary difficulty in the context of which the conversion of the debt into capital or similar equity instruments was requested;
new investment opportunities expected in accordance with the strategic guidelines defined by the Board of Directors of the Parent Company;
the subsidiaries Ifis Rental Services S.r.l. and Ifis Real Estate S.p.A. excluded from the scope of the banking group and that of the prudential consolidation, as it is a non-financial company exercising an associated activity.

The monitoring of equity investment risk is carried out by the Corporate Finance Area, a unit dedicated, among other things, to the offer of investment transactions in performing financial companies or in shares of intermediary organisations. In this context, it analyses the return prospects inherent in the investment and verifies its appropriateness with respect to the overall risk profile, assesses the convenience for the Group of making the investment and, lastly, manages the transactions in the Group's investment portfolio on an ongoing basis.

The Risk Management function oversees the monitoring or control of compliance with the regulatory limits in terms of holding equity investments, while the potential significance of the risk from equity investments at Group level is assessed as "low".

As of 31 December 20201, the Group holds in its portfolio equity investment assets attributable to minority shareholdings classified either under "Financial assets at fair value with impact on comprehensive income" or under "Financial assets obligatorily measured at fair value with impact on the income statement". In particular, the Group classifies among the "Financial assets at fair value with impact on overall profitability", equity instruments not held for trading purposes, for which the option to designate at fair value is exercised at the time of initial recognition with impact on overall profitability (so-called "OCI Option"). On the other hand, the equity instruments for which the Group does not apply this option are classified under "Financial assets mandatorily at fair value with impact on the income statement".

Recognition criteria

Financial assets measured at fair value through other comprehensive income

The initial recognition of financial assets takes place on the settlement date. These assets are initially recognised at fair value, including transaction costs directly attributable to the instruments, if any.

Financial assets mandatorily measured at fair value through profit or loss

The initial recognition of financial assets takes place on the settlement date. At initial recognition, financial assets held for trading are measured at cost, that is the instrument's fair value, excluding the expenses and income directly attributable to the instrument, which are recognised in profit or loss.

Measurement criteria

Financial assets measured at fair value through other comprehensive income

The equity instruments the Group elected to classify within this category are measured at fair value, and the amounts recognised through equity (Statement of comprehensive income) are not to be subsequently reclassified to profit or loss including in the event of their disposal. The relevant dividends represent the only component of the equity securities concerned that is recognised through profit or loss.

The fair value of the financial instruments included in this portfolio is calculated based on quoted prices in active markets, prices provided by market participants, or internal valuation models generally used for pricing financial instruments that take into account all relevant risk factors and are based on observable market data.

Financial assets mandatorily measured at fair value through profit or loss

Even after initial recognition, financial assets are measured at fair value, and the impact of the application of this method is recognised through profit or loss. Fair value is determined on the basis of the criteria already illustrated for the financial assets measured at fair value with impact on overall profitability.

	Carrying amount			Fair Value		Market Value	Profit/losses in the period	Plus/Minus suspended in equity	Plus/Minus suspended in shareholders' equity and booked to Own Funds
	Level 1	Level 2	Level 3	Level 1	Level 2	Level 3	Level 1
Equity securities
Financial assets mandatorily measured at fair value	-	-	26	-	-	26,5	-	4,5
Financial assets measured at fair value through other comprehensive income	60,1	-	39	60,1	-	38,7	-	1,6	(12,50)	(12,50)
Total	60,1	-	65	60,1	-	65,2	-	6,1	(12,50)	(12,50)

Banking portfolio: cash exposures in equity securities and UCITS

14. Interest rate risk

Interest rate risk management policies and objectives

Exposure to this risk is analysed through the sensitivity of the interest margin and the economic value to changes in interest rates. The analyses regarding the sensitivity of the interest margin are used at management level to verify the positioning of the Group in the short term, while the economic value approach is by its nature of medium to long term relevance.

Interest rate risk monitoring uses a series of risk indicators that are verified and reported quarterly in the group's periodic reporting addressed to top management. Mitigation actions are evaluated and activated where appropriate to cover the interest rate risk on exceeding the set thresholds.

The corporate department appointed to guarantee the rate risk management is the Capital Markets Central Department, which, in line with the risk appetite established, defines what action is necessary to pursue this. The Risk Management Department is responsible for proposing the risk appetite, identifying the most appropriate risk indicators and monitoring the relevant performance of the assets and liabilities in connection with the pre-set limits. Top Management makes annual proposals to the Bank Board as to the policies on lending, funding and the management of interest rate risk, as well as suggesting appropriate actions by which to ensure that operations are carried out consistently with the risk policies approved by the Bank.

The interest rate risk position is subject to periodic reporting to the Bank's Board of Directors both as part of the quarterly Tableau de Bord prepared by the Risk Management function for top management, and in terms of specific monthly reporting.

For the purposes of the business assessment of capital adequacy, Class 2, banking groups, and therefore our Banca Ifis Group, are required to establish adequate measurement, control and mitigation systems to assess the interest rate risk on the banking portfolio, in terms of changes in economic value and the interest margin.

The Banking Group, for the measurement of interest rate risk relating to the "banking portfolio" for the purposes of calculating the relevant regulatory capital requirement, has been guided by the simplified method prescribed by Circular no. 285/2013 - Part One - Title III "Process of prudential control" - Chapter 1 - Annex C. (changes in economic value)

The Group procures mainly through retail funding, at a fixed rate for time deposits and at a non-indexed variable rate, unilaterally revisable by the Parent Company, for on-demand and on-call deposits. The Group's offer includes the option of tying up the sums for a maximum duration of up to five years. Other significant funding components are self-securitisations, characterised by an indexed rate, of trade receivables and medium/long-term loans, Eurosystem funding (TLTRO) and the issue of bonds, generally at a fixed rate and reserved for qualified investors.

The Group's assets in respect of loans to customers mainly consist of variable-rate transactions relating to trade credit, corporate lending, leasing and medium/long-term loans. The main component of fixed-rate assets relates to the NPL segment and a significant portion of the proprietary securities portfolio.

During 2021, the Banca Ifis Group's exposure to interest rate risk remained at low levels and in line with the defined risk appetite values.

The assumption of a significant interest rate risk is in principle unrelated to the management of the Group. In terms of breakdown of the balance sheet with reference to the types of risk in question, in respect of the liabilities, the main funding source is still the on-line savings account "Rendimax", the fixed-rate customer deposits for the restricted component and the non index-linked variable rate that can be unilaterally revised by the Bank in respect of the rules and contracts, for unrestricted demand and on-call deposits. The other main components of funding concern mainly fixed-rate bond funding, variable-rate self-securitisation operations and loans with the Eurosystem (TLTRO).

As for the assets, loans to customers still largely have floating rates as far as both trade receivables and corporate financing are concerned.

As for the operations concerning distressed retail loans (carried out by the subsidiaries Ifis NPL Investing S.p.A. and Ifis NPL Servicing S.p.A.), for which the business model focuses on acquiring receivables at prices lower than their nominal amount, there is a potential interest rate risk also associated with the uncertainty about when the receivables will be collected.

At 31 December 2021, the comprehensive bond portfolio mainly comprises government securities for a percentage of approximately 87%; the comprehensive average modified duration is approximately 2,5 years.

suggesting appropriate actions by which to ensure that operations are carried out consistently with the risk policies approved by the Bank.

The Risk Management function periodically reports to the Bank's Board of Directors on the interest rate risk position by means of a specific monthly report prepared for the Bank's management.

The interest rate risk falls under the category of second-pillar risks. The guidelines on the assumption and monitoring of market risk are laid out on a Group level in the "Group Banking Book Interest Rate Risk Management Policy", which also indicates, for the purpose of a more rigorous and detailed representation of the process activities, the metrics used for the measuring and monitoring of the risk in question. Monitoring is performed at the consolidated level.

Considering the extent of the risk assumed, the Banca Ifis Group does not normally use specific interest rate risk hedges.

Quantitative information

For the measurement of interest rate risk related to the "banking portfolio", the Banking Group followed the simplified method prescribed by the Circular no. 285/2013 - Part One - Title III "Prudential Control Process" - Chapter 1 - Annexes C and C bis.

Interest rate risk interest rate risk on the banking portfolio in terms of changes in economic value

The simplified methodology, set out in Annex C of Circular no. 285/2013, recently amended by the Bank of Italy in transposition of the EBA/GL/2018/02, guidelines, provides that all assets and liabilities are classified in 19 time bands based on their residual life if they are placed at a fixed rate and on the repricing date if they are placed at a floating rate. Within each band, the net exposure is calculated, obtained by offsetting assets and liabilities. The net exposures in each band are then multiplied by the weighting factors obtained from the product of the hypothetical change in rates chosen and the modified duration approximation relative to each band provided. The weighted exposures of the different bands are added together. The net weighted exposure obtained approximates the change in the present value of balance sheet items in the event of the assumed rate shock.

A brief overview of the measurements developed during the quantification of the internal capital absorbed by interest rate risk, in terms of changes in economic value, at 31 December 2021, is shown in the table below. The capital requirement on own funds required for interest rate risk on the banking portfolio at the reporting date was 14.403 thousand Euro.

	ASSETS	LIABILITIES	Net Position	Weighting factor	Weighted exposure
On demand or revocation	1.603	-672	932	0,00%	0,00
Up to 1 month	2.845	-1.899	946	0,00%	0,00
from over 1 month to 3 months	2.159	-643	1.516	0,01%	0,13
from over 3 months to 6 months	1.722	-375	1.347	0,03%	0,43
from over 6 months to 9 months	130	-310	-180	0,04%	-0,08
from over 9 months to 1 year	124	-705	-581	0,07%	-0,41
from over 1 year to 1.5 years	212	-878	-666	0,14%	-0,93
from over 1.5 years to 2 years	219	-530	-311	0,33%	-1,01
from over 2 years to 3 years	520	-3.440	-2.920	0,70%	-20,51
from over 3 years to 4 years	454	-707	-253	1,22%	-3,08
from over 4 years to 5 years	465	-566	-101	1,72%	-1,74
from over 5 years to 6 years	338	-28	310	2,33%	7,23
from over 6 years to 7 years	165	-1	164	2,94%	4,82
from over 7 years to 8 years	136	0	136	3,56%	4,84
from over 8 years to 9 years	197	0	197	4,13%	8,12
from over 9 years to 10 years	187	0	187	4,73%	8,83
from over 10 years to 15 years	82	0	82	6,70%	5,48
from over 15 years to 20 years	17	0	17	9,15%	1,53
from over 20 years	6	0	6	11,71%	0,76

Interest rate risk interest rate risk on the banking portfolio in terms of changes in economic value

Interest rate risk on the banking portfolio in terms of changes in interest margin or expected profits

The simplified methodology, set out in Annex C-bis of Circular no. 285/2013, recently introduced by the Bank of Italy in transposition of the EBA/GL/2018/02, guidelines, provides that all assets and liabilities are classified in 9 time bands based on their residual life if they are placed at a fixed rate and on the repricing date if they are placed at a floating rate. Within each band, the net exposure is calculated, obtained by offsetting assets and liabilities. The net exposures in each band are then multiplied by specific weighting factors specified by the regulator over a reference time horizon of three years. Total exposure is determined by the sum of the exposures by band. The value thus obtained represents the change in the interest margin in relation to the hypothetical scenario regarding interest rates.

A summary of the measurements developed in terms of changes in net interest income at 31 December 2021 is shown in the table below, in which no floor is applied to the negative shock. This measurement does not currently impose any obligation on the intermediary.

Banca Ifis is implementing a new system of interest rate risk management monitoring in line with market best practices.

Interest rate risk interest rate risk on the banking portfolio in terms of changes in interest margin

	ASSETS	LIABILITIES	Net Position	Time weight	Positive shock	Negative shock	Upward shock	Downward shock
On demand or revocation	1.603	-672	932	3,00	2,00%	-2,00%	56	-56
Up to 1 month	2.845	-1.899	946	2,96	2,00%	-2,00%	56	-56
from over 1 month to 3 months	2.159	-643	1.516	2,83	2,00%	-2,00%	86	-86
from over 3 months to 6 months	1.722	-375	1.347	2,62	2,00%	-2,00%	71	-71
from over 6 months to 9 months	130	-310	-180	2,37	2,00%	-2,00%	-9	9
from over 9 months to 1 year	124	-705	-581	2,12	2,00%	-2,00%	-25	25
from over 1 year to 1.5 years	212	-878	-666	1,75	2,00%	-2,00%	-23	23
from over 1.5 years to 2 years	219	-530	-311	1,25	2,00%	-2,00%	-8	8
from over 2 years to 3 years	520	-3.440	-2.920	0,50	2,00%	-2,00%	-29	29
Change in interest margin							175	-175

15. Market risk

Qualitative information

During 2021, the overall investment strategy of the Group's proprietary portfolio, governed by the "Management Policy for the Banca Ifis Proprietary Portfolio", continued to be characterised, consistently with the risk propensity formulated by the Board of Directors and outlined in the "Group Policy for the Management of Market Risks", by a conservative stance, mainly consisting of a low-risk portfolio characterised by high liquidity and a strategy of steady returns in the medium term.

In this context, the component relating to the "trading portfolio" from which the market risk in question originates was marginal both in absolute terms of the risk values recorded and with respect to the established limits. The trading portfolio mainly comprises optional components mainly deriving from hedging transactions and ancillary enhancements to the investment strategy in assets that are part of the "banking book" and "discretionary trading" portfolio, characterised by shortterm speculation.

From an internal management point of view, from a broader viewpoint and in general relating to operations on financial markets, the banking portfolio is also prudentially monitored according to the logic of market risks and subject to specific limits, i.e. the positions posted in HTC&S and accounted for as FVOCI, whose variations in value could have a significant impact on reserves and consequently on the Bank's capital values.

In addition to the above, market risk-generating assets include foreign currency positions subject to exchange rate risk and derivative contracts entered into with corporate counterparties regarding a legacy portfolio currently in the run-off phase.

In relation to exchange rate risk, currency transactions mainly consist of:

transactions carried out with customers, normally related to typical factoring and lending activities, originating from both the Italian Business Units and the foreign subsidiaries (in Poland and Romania) for which the exchange rate risk is mitigated from the start by using funds in the same original currency;
transactions that are part of the typical Treasury activity for the management of mismatching between uses by customers and the related currency purchases made on the market.

For measuring market risks in the trading portfolio for supervisory purposes and for measuring exchange rate risk, the Bank follows the methods prescribed by Regulation (EU) no. 575/2013 of 26 June 2013 - Part Three, Title IV, and Circular no. 285/2013 for its application in Italy, for the calculation of the relevant regulatory capital requirement.

In particular, the standardised method makes it possible to calculate the overall capital requirement on the basis of the socalled "building-block approach", according to which the overall requirement is obtained as the sum of the capital requirements against the following risks:

position risk, which expresses the risk deriving from fluctuations in the price of securities due to factors connected with market trends and the situation of the issuing company; in this context it is important to note, where present, the basic risk, which expresses the risk of losses caused by non-aligned changes in the values of similar but not identical positions;
settlement risk, which reflects the risk of loss resulting from the failure to settle transactions in debt securities, equity securities, derivative contracts, currencies and commodities;
concentration risk, which represents any additional capital cover required in the event of temporarily exceeding the individual credit limit as a result of risk positions relating to the trading portfolio;
exchange rate risk, which represents the risk of incurring losses due to adverse changes in the prices of foreign currencies on the positions held, regardless of the allocation portfolio (trading portfolio for supervisory purposes and trading portfolio).

At management level, the guidelines on the assumption and monitoring of market risk are set out at Group level in the "Group Market Risk Management Policy", in which, for the purposes of a more rigorous and detailed representation of process activities, the metrics for measuring and monitoring the risk in question have also been indicated.

The risk appetite level is defined in the Risk Appetite Framework, laid out over the main investment and management strategies defined in the "Banca Ifis Proprietary Portfolio Management Policy".

In particular, the measurement and evaluation of market risks is based on the different characteristics (in terms of time horizon, investment instruments, etc.) of the investment strategies of Banca Ifis's Proprietary Portfolio. This is consistent with the "Banca IFIS Proprietary Portfolio Management Policy", which defines and details the strategies to be pursued in terms of portfolio structure, operative instruments and assets.

Under this scope, the monitoring of the consistency of the Group's portfolio risk profiles in respect of the risk/return objectives is based on a system of limits (both strategic and operational), which envisages the combined use of various different indicators. More specifically, the following are defined:

Maximum Acceptable Loss;
Maximum negative gross financial impact;
VaR limit;
Limits of sensitivity and Greeks;
Any limits to the type of financial instruments admitted;
Any composition limits.

Respect for the limits assigned to each portfolio is checked daily.

The summary management indicator used to assess exposure to the risks in question is the Value at Risk (VaR), which is a statistical measure that allows the loss that may be suffered following adverse changes to risk factors, to be estimated.

The VaR is measured using a confidence interval of 99% and a holding period of 1 day; it expresses the "threshold" of daily losses that, on the basis of probabilistic hypotheses may only be surpassed in 1% of cases. The method used to calculate the VaR is historical simulation. With this approach, the portfolio is re-valued, applying all variations to the risk factors recorded the previous year (256 observations). The values thus obtained are compared with the current portfolio value, determining the relevant series of hypothetical gains or losses. The VaR is the average of the second and third worst results.

The VaR is also divided, for monitoring purposes, amongst the risk factors referring to the portfolio.

In addition to the risk indications deriving from the VaR, the Expected Shortfall (ES), which expresses average daily loss that exceeds the VaR figure, and the Stressed VaR, which represents a VaR calculated in a particularly turbulent historical period, which in the specific case corresponds to the Italian debt crisis of 2011-2012, are also used for monitoring purposes.

The forecasting capacity of the risk measurement model used, is verified through a daily backtesting analysis in which the VaR for the positions in the portfolio at t-1 is compared with the profit and loss generated by such positions at t.

The positioning with respect to market risks is periodically reported by Risk Management to the Board of Directors, both in terms of specific monthly reports and as part of the quarterly Tableau de Bord.

In light of the above, the potential relevance of market risks at Group level is considered to be "low".

In 2021, the effects of the Covid-19 pandemic relative to the market risk concerning the items that are part of the trading book, were characterised by intangible impacts, in line with the margins and dimension of that portfolio with respect to the total portfolio owned by the Group, as ruled internally by the Risk Appetite Framework.

The operations in question, on the other hand, revealed an operative picture constantly characterised by an accurate, stringent control of risk operatively laid out both through a careful use of derivatives for hedging (economic, not accounting) and the economic enhancement of the banking book and a marginal allocation of liquidity relative to the trading book and established in terms of potential investment.

In line with the management strategy mentioned, during 2021, no violations were seen to the risk thresholds assigned internally.

Quantitative information

The own funds requirement for exchange rate risk is 4,4 million Euro.

Model EU MR1: market risk based on the standardised approach

		RWEA
	Outright products
1	Interest rate risk (generic and specific)	4
2	Equity risk (generic and specific)	23
3	Currency risk	55
4	Risk of commodity positions
	Options
5	Simplified method
6	Delta plus method
7	Scenario method
8	Securitisation (specific risk)
9	Total	82

16. Concentration risk and large exposures

Concentration risk management objectives and policies

The Banca Ifis Group pays particular attention to the concentration of credit risk with reference to all the Group's companies, both at an individual and consolidated level. Banca Ifis's Board of Directors has mandated the Top Management to take action to contain major risks. In line with the directives of the Board, those positions that are at risk and engage the Group to a considerable extent are subject to systematic monitoring.

In line with supervisory requirements in the credit process, for the purposes of managing and controlling concentration risk, two different phases can be distinguished: the first is represented by the granting of credit, in particular at the time of taking on "Large Exposures" and the second is identifiable in the continuous monitoring of the quality of existing exposures, especially of larger amounts.

The Banca Ifis Group, with methods related to the nature of the products/customers handled, has adopted internal procedures consistent with the taking on and monitoring of "large exposures", to be applied as a precautionary measure also to loans which, although not identified as "large exposures", have dimensions such as to have significant effects on the financial soundness of the lending company in the event of a crisis of the entrusted subject/group. In particular, the Banking Group companies, relying first of all on the information provided by the Bank's database which identifies existing relationships and any legal and economic ties for all Banking Group customers, acquire during the preliminary investigation for the granting of a new loan or the monitoring of the position, all the data and information deemed necessary to evaluate the individual transaction in the overall amount of the exposure with the group to which the counterpart belongs, the composition of which is kept updated over time.

The Risk Management function periodically monitors the composition of customers and the relative degree of concentration, with particular focus on highly significant borrowers, in order to maintain, as far as possible, a satisfactory spread of credit risk and to limit potential losses in the event of insolvency of counterparties with significant debt exposures. With regard to retail portfolios, the monitoring activity on the subject of concentration is based on portfolio logics and through differentiated cases in relation to the type of product and management.

For the purposes of the reporting of large exposures provided for by CRR2, the limit provided for is 10% of the Tier 1 capital (relating to the nominal value of the exposures), while the concentration limit is 25% of the same Tier 1 capital (in this case relating to the weighted value after application of the translations and CRM for the purposes of credit risk on the basis of the method applied by the Group (line-by-line method in the case of financial collateral).

The Bank ensures constant compliance with the regulatory limits on risk concentration both on an individual and consolidated basis, as well as compliance with the most stringent regulatory limits referring to related parties. The results of the checks are reported on a quarterly basis to Top Management within the Tableau de Bord.

In order to perform a complete measurement of the risks to which the Group is exposed, in the second pillar Banca Ifis calculates the capital add-on against the single-name and geosectorial concentration risk.

Quantitative information

A quantitative representation of the "Large exposures" in place on 31 December 2021 is shown in section E of the notes to the consolidated financial statements of the Banca Ifis Banking Group. The overall weighted amount of major exposures at 31 December 2021 consisted of 255 million Euro in tax assets and 180 million Euro in exposures to counterparties not included in the prudential scope of consolidation.

17. Compensation and incentive systems and practice

The Report on remuneration policy and remuneration paid (hereinafter also the Report) has been prepared for the Banca IFIS Group in accordance with:

article 123 ter of the TUF, rubric "Report on remuneration policy and remuneration paid";
article 114-bis of CFA/TUF, entitled "Disclosure of information to the market on awards of financial instruments to corporate officers, employees or contractors";
Consob Regulation no. 11971/1999 as updated with the amendments made by resolution no. 21623 of 10 December 2020 (hereinafter also referred to as the Issuers' Regulation), with particular reference to article 84 quater, entitled "Report on remuneration", and 84 bis, entitled "Information on the allocation of financial instruments to corporate officers, employees or collaborators", as well as Annex 3A, Schedule no. 7 bis "Report on the remuneration policy and on the remuneration paid", of the Issuers' Regulation and Scheme no. 7 "Information document forming the subject of the illustrative report of the administrative body for the shareholders' meeting called to resolve on remuneration plans based on financial instruments";
the Provisions on "Remuneration and incentive policies and practices" currently in force, issued by the Bank of Italy and contained in Circular no. 285 of 17 December 2013 (hereinafter, the "Supervisory Provisions");
the Bank of Italy Correctness of relations between intermediaries and customers, published by the Bank of Italy with Provision of 19 March 2019 in implementation of the European Banking Authority's Guidelines on remuneration policies and practices for personnel responsible for offering banking products and third-party sales network personnel;
the relevant European legislation and, in particular, of Delegated Regulation (EU) no. 604 of 4 March 2014,³ which identifies regulatory technical standards relating to the qualitative and quantitative criteria appropriate for identifying the categories of personnel whose professional activities have a substantial impact on the risk profile of the institution (so-called Key Personnel or Risk Takers) and Regulation (EU) no. 575 of 26 June 2013, with respect to provisions regarding remuneration policy.

³ With the 37th update of 24 November 2021 of Circular no. 285/2013, the Bank of Italy published the new supervisory provisions on "Remuneration and incentive policies and practices" aimed at implementing the changes introduced by the CRDV (Directive no. 2019/878/EU) on the subject and complying with the Guidelines for sound remuneration policies of the European Banking Authority implementing the aforementioned Directive. The above-mentioned directive introduces some important changes, including the criteria for the identification of personnel who assume significant risks for the bank or the group to which it belongs, the so-called key personnel or risktakers. Unlike the previous legislation, which did not include the list of risk-takers in the directive and referred to specific EBA Standard Regulatory Requirements (RTS) for the definition of criteria for their identification, the CRDV identifies a non-exhaustive list of staff members who must be considered risk-takers and gives the EBA the power to clarify certain definitions for the correct identification of these subjects, as well as to define criteria for the identification of further subjects whose activities have a significant impact on the risk profile of the institution.

The provisions of the "Corporate Governance Code" and the format of Borsa Italiana S.p.A. were also considered for the Report on Corporate Governance and Shareholding Structure in accordance with article 123 b of CFA/TUF.

The Report is available on the bank's website at: www.bancaifis.it.

a) Information regarding the bodies responsible for supervising remuneration

The Board of Directors was appointed by the Shareholders' Meeting on 19 April 2019 and shall remain in office until the approval of the financial statements at 31 December 2021 (April 2022). The Board of Directors of Banca Ifis (Parent Company) is made up of 12 members (including 5 female directors out of 12): Sebastien Egon Furstenberg (Chair), Ernesto Furstenberg Fassio (Vice Chair), Frederik Geertman (CEO), Riccardo Preve, Simona Arduini, Antonella Malinconico, Beatrice Colleoni, Monica Billio, Daniele Umberto Santosuosso, Roberto Diacetti, Luca Lo Giudice, Monica Regazzi.

The Remuneration Committee is composed of three members chosen from among the non-executive members of the Parent Company's Board of Directors, the majority of whom are independent.

As approved by the Board of Directors at its meeting of 19 April 2019, the members of the Committee - who remain in office until the approval of the financial statements at 31 December 2021 - are:

Antonella Malinconico (Non-executive and Independent Director);
Beatrice Colleoni (Non-executive and Independent Director);
Luca Lo Giudice (Non-executive and Non-independent Director).

The Remuneration Committee is chaired by Director Antonella Malinconico.

The Committee may use and/or request attendance:

of external consultants who are experts in remuneration policies, who may also be chosen from among the members of the Board of Directors of the Parent Company, provided that such experts do not at the same time provide Human Resources, Executive Directors or Key Executives of the Parent Company and/or other companies in the Group with services of such significance as to compromise the independence of judgement of the consultants;
of any corporate officer or employee of the Parent Company or any other company in the Group.

The remuneration and incentive policies set out in the Report on remuneration policy and remuneration paid are applied to all Group Companies with registered offices in Italy and to Companies with registered offices abroad (where compatible with local legislation). The same policies contain a focus on the more detailed provisions laid down for only those members of staff who have a substantial impact on the Group's risk profile (so-called key personnel, PPR).

As the Parent Company, pursuant to the Supervisory Provisions, the Bank is in fact required to identify the key personnel for the Group, taking into account all the Group companies, whether or not they are subject to this obligation on an individual basis.

The scope of the analysis therefore considers the personnel of the Group as a whole. This perimeter was identified on the basis of the results of the assessment carried out by the Parent Company, including all Group companies in the analysis and taking into account the specific nature of the Group's current organisational model, according to which the Parent Company performs strategic management, coordination and control functions.

b) Information regarding the characteristics and structure of the remuneration system for key personnel.

The main bodies and individuals of the Parent Company involved in the preparation, approval and possible revision of the remuneration and incentive policy are: the Shareholders' Meeting, the Board of Directors, the Remuneration Committee, the CEO, the General Manager, Human Resources, the Control Functions and the Business Plan, Planning and Management Control Department.

The Parent Company, in the exercise of its management and coordination powers, defines this Group remuneration and incentive policy in line with the characteristics of the Group and of each subsidiary and in compliance with the provisions in force. The remuneration policy shall be in effect for one year.

The remuneration and incentive policy is defined by the Parent Company with a view to attracting, motivating and retaining people with the professional qualities required to profitably pursue, in accordance with the Company's values and according to a prudent risk management policy (in line with the provisions of the prudential control process) short- and/or medium/long-term objectives, correlated with the Group's strategic objectives, thus contributing to the achievement of results aimed at strengthening the Company's operational, economic and financial solidity in the long term and safeguarding the sustainability of the Banca Ifis Group.

The Banca Ifis Group's remuneration and incentive system aims, in particular, to:

promote sound and effective risk management by not encouraging risk taking above the tolerated level of risk;
promote the competitiveness and good governance of the Group;
attract and retain in the company individuals with professionalism and skills suitable for the Group's needs, especially when they play important roles within the company organisation;
encourage compliance with all legal and regulatory provisions, as well as transparency and correctness in relations with customers, discouraging any violation and/or unfair commercial practice;
make corporate objectives consistent with the Group's sustainable growth objectives;
seek the best alignment between the interests of different stakeholders;
focus on risk containment policies;
avoid altering or undermining the risk alignment effects inherent in compensation arrangements;
avoid creating situations of conflict of interest.

The structure of the variable remuneration component must be compatible with the risk analyses undertaken by the banking group and, in order to be sustainable, must be compatible with the levels of capital and liquidity in the medium and long term.

The variable component is subject to malus mechanisms which reduce, up to zero, the amount previously determined before payment.

The above-mentioned criteria are checked in each of the three financial years closed after the determination of the variable component (accrual period) and applied when the above-mentioned conditions occur, taking into account the worst result recorded in the reference period. Thus, merely by way of example, the malus condition with respect to the 2021 variable bonus will be tested in each of the three years ending after the variable component is determined (and, therefore, 2022, 2023 and 2024) and will be applied upon the occurrence of such conditions in at least one of the three years of observation.

Moreover, the Bank reserves the right to promote the appropriate actions for the restitution (so-called clawback mechanism) of the variable component paid and/or acknowledged to the staff if the subject has determined or contributed to determining certain conditions.

Ex post correction mechanisms may not lead to an increase in the variable compensation initially awarded nor in the variable compensation previously reduced or zeroed out as a result of the application of claw back. These criteria are also verified in each of the three years⁴ closed subsequent to the determination of the variable component (accrual period) and applied when the conditions set out above occur, with the exception of the key personnel for whom this verification must be carried out in each of the next five closed years.

In 2021, the Shareholders' Meeting met three times:

on 22 April 2021 to approve the Group's remuneration and incentive policies for 2021;
on 28 July 2021 (i) to make a number of amendments to the Articles of Association, including the one that determined the power of the Ordinary Shareholders' Meeting, when approving the remuneration policies, to resolve on a ratio between the variable and fixed components of the individual remuneration of personnel in excess of 100% (ratio of 1:1), but in any event not exceeding the limit provided for, pursuant to the applicable pro tempore legislative and regulatory provisions in force and currently equal to 200% (ratio of 2:1) as well as (ii) to update the Report on Remuneration Policy and Remuneration Paid with the approval of an Addendum aimed at adjusting the remuneration policies of the Banca Ifis Group in order to incentivise the retention of the CEO and any other Top Managers of the

⁴ A sufficient condition for application of the corrective mechanisms is the occurrence of one of the above-mentioned conditions in at least one of the three years of observation (accrual period).

Bank through the provision of a long-term incentive plan for the three-year period 2021-2023, entirely based on financial instruments (iii) for the approval of the remuneration plan based on financial instruments for certain corporate figures as set out in the related information document prepared pursuant to article 114-bis of Italian Legislative Decree 24 February 1998, no. 58 and subsequent amendments and additions, and the related implementing rules (iii) for the authorisation to purchase and dispose of treasury shares, pursuant to articles 2357 and 2357-ter of the Italian Civil Code, article 132 of Italian Legislative Decree 24 February 1998, no. 58 and subsequent amendments and additions, and article 144-bis of the Consob Regulation adopted by resolution no. 11971 of 14 May 1999 and subsequent amendments and additions.

• on 21 December 2021, for the authorisation to increase the maximum ratio between the variable and fixed components of the CEO alone, with effect from 2022, from 1:1 to 1,5:1.

The remuneration package for key personnel belonging to the control functions (Risk Management, Compliance, Internal Audit, Anti-Money Laundering and the Financial Reporting Officer) and the Human Resources function is structured with a prevalent fixed component and a contained variable part allocated annually on the basis of qualitative and efficiency criteria, in compliance with the Supervisory Provisions.

At the time of hiring, without prejudice to the advisory and proposal role of the Remuneration Committee, the determination of remuneration is the responsibility of:

the Board of Directors, for the key personnel of the control functions reporting to the Board itself or to the CEO; for operational fluidity requirements, the Board of Directors, when analysing the possible candidates and having consulted the Remuneration Committee, may delegate the CEO to define the contract, indicating the reference parameters. Once formalised, the CEO informs the Remuneration Committee and the Board;
of the Chief Executive Officer for key personnel in the Human Resources function. Once defined, the Chief Executive Officer informs the Remuneration Committee and the Board.

Then, at least once a year, the Remuneration Committee analyses the individual positions and, having consulted the CEO and the General Manager, with reference to the Managers of the control functions and the Human Resources function, expresses its opinion and makes any proposal to the Board of Directors.

The limit between the variable and fixed component may not exceed a ratio of 1 to 3.

In determining the remuneration of key personnel belonging to the control functions and the Human Resources function, incentive mechanisms linked to the economic results of both Banca Ifis and the Group as a whole are in any event excluded.

Guaranteed variable compensation is not allowed because it does not meet the objectives of the relevant regulations. However, the same legislation provides that only in exceptional cases is it permitted for the recruitment of new staff and

limited to the first year of employment. It cannot be recognised more than once to the same person, either by the bank or by other companies in the banking group. It is not subject to the variable compensation structure rules; it contributes to the limit on the variable/fixed compensation ratio for the first year unless paid in a lump sum at the time of hire.

With regard to the recognition of severance indemnities, the relevant legal and contractual provisions apply.

c) Description of how current and future risks are factored into remuneration processes. The information shall include a summary of key risks, how they are measured, and how these measures affect compensation.

Access to the variable portion for all personnel is subject to compliance with the conditions for access (so-called "gate") provided for by the following indicators measured at year-end:

on the basis of a measure of risk-adjusted profitability, such as RORAC (return on risk-adjusted capital) defined as the ratio between Net Profit and Capital absorbed by first-pillar risks (i.e. 8% Pillar 1 Risk Weighted Asset (RWA)), the [RORAC/RORAC*] indicator, where RORAC* is the RORAC defined by the Board of Directors for the reporting year, must be no less than 80%. This indicator allows profits to be weighted by the underlying risks in terms of regulatory capital absorbed.
compliance with the tolerance threshold, above the regulatory minimum of 100%, of the Group's short-term Liquidity Coverage Ratio (LCR), as measured on a quarterly basis during the year of reference. The tolerance threshold is defined annually in the Banca Ifis Group's Risk Appetite Framework (RAF) at a consolidated level, in compliance with current prudential supervisory regulations.
compliance with the tolerance threshold, above the regulatory minimum of 100%, for the Group's medium/long-term liquidity indicator, the Net Stable Funding Ratio (NSFR). The tolerance threshold is defined annually in the Banca Ifis Group's Risk Appetite Framework (RAF) at a consolidated level, in compliance with current prudential supervisory regulations.
The consolidated Total Own Funds Capital Ratio above the tolerance threshold provided by the current RAF and thus, exceeding the Overall Capital Requirement announced by the Supervisory Body as part of the "Capital Decisions" following the periodic Supervisory Review and Evaluation Process (SREP).
Gross NPL ratio and net NPL ratio below the alert threshold provided for the current RAF. These indicators are calculated excluding the NPL segment⁵ .

⁵ "NPL segment" means the NPLs acquired from outside by IFIS NPL Investing and managed in IFIS NPL Servicing

Failure to achieve more than one of the above parameters in two different areas, with the exception of capital solvency (i.e. Consolidated ratio of total own funds) and failure to respect the regulatory minimums, which must be respected at all times, will prevent payment of the variable component.

The variable component is also recognised on the condition that the beneficiary is still in office/employee of the Group and not in a notice period due to voluntary resignation or dismissal, at the time of disbursement, with the exception of retirement and the natural expiry of the director's term of office. Payment of the variable component is also suspended in the event of disciplinary proceedings in progress for fraudulent or grossly negligent conduct to the detriment of the Bank or for conduct that may lead to the dismissal of the person for just cause. 6

d) The ratios between the fixed and variable components of remuneration established in accordance with article 94, paragraph 1, letter g) of the CRD⁷ .

The remuneration of key personnel is made up of an all-inclusive annual remuneration (RAL) and a variable component defined in advance for each individual, in relation to the role held. The limit on the variable/fixed ratio is 1:1, subject to the limit on the variable/fixed ratio with respect to control functions being 1:1/3 (of fixed compensation).

e) Description of how the institution seeks to link the performance noted during the evaluation period to compensation levels

The third pillar (MBO) on which the determination of the variable remuneration of key personnel is based, has a different weighting for each professional category and is broken down into specific parameters according to the role covered, with the exception of the Heads of Control Functions and the Head of the Human Resources Department.

With the exception of those who, in view of their role, only have qualitative objectives within the third pillar, all the others belonging to the category of Key Personnel are assigned more quantitative objectives, the achievement of which allows the payment of the respective variable quota.

For 2021, what is set forth in Budget 2021 is used as a reference in setting these goals. Based on the Operating Income Statement and the 2021 year-end data, compared with the Budget forecast, the bonus due will be determined.

On the basis of the size of its assets, its structure, its riskiness and the complexity of its activities, the Banca Ifis Group can be traced back to the group of intermediate-sized banks.

⁶ See also information under (b) above with regard to ex-post correction mechanisms

⁷ See also information under c) above

This classification requires the application of the discipline envisaged for key personnel only, allowing for the application of percentages, deferment and retention periods at least equal to half of those indicated for the largest banks and increasing according to the characteristics of the banking group.

That said, the Banca Ifis Group maintains a variable remuneration structure that is in any case stricter and more rigorous than the minimum regulatory limit envisaged for intermediate banks. Moreover, the deferment quota, the deferment period and the balancing quota of the variable remuneration for persons with particularly high variable remuneration are aligned with those already envisaged for other persons who fall within the category of key personnel. The variable component may not exceed a ratio of 1:1 to the fixed component and is determined at the time of approval of the Financial Statements for the year ended 31 December of the preceding year.

The portion of the variable remuneration to be deferred is equal to 40% and is paid as follows:
- o 50% in shares of Banca Ifis S.p.A. which will be assigned after the expiry of the vesting period ⁸ of three years and which will be exercisable at the end of the retention period of a further year to which the shares are subject⁹ ;
- o the remaining 50% of deferred variable remuneration shall be paid in cash after three years and is subject to annual revaluation at the legal interest rate applicable from time to time.
The variable component paid upfront (the remaining 60%) shall be paid as follows:
- o 50% in cash;
- o the remaining 50% in the form of shares in the Parent Company available following a three-year retention period, in line with the strategic planning time horizon.

The number of shares to be awarded is calculated by relying on the average share price for the three months before the variable pay for the period is determined -- which shall occur at the date of the Meeting convened for the approval of the Financial Statements -- as the fair value of the share. The number of shares shall be determined by rounding to the nearest whole number.

Consistent with market practice, it is deemed appropriate to apply these rules of deferral and partial payment in the Bank's own shares if the variable remuneration exceeds 70.000 Euro (materiality threshold).

f) Description of how the institution seeks to adjust compensation to reflect long-term performance¹⁰ .

With regard to ex-post correction mechanisms, the following should be noted.

⁸ Period after which shares may be awarded.

⁹ Period during which there is a prohibition on the sale of shares.

¹⁰ See also information under c) above

The deferred variable component is subject to the following malus mechanisms, which reduce, up to zero, the previously determined amount before payment, according to the criteria shown in the following table:

		Ratio Total Own Funds consolidated[2]
		<=12,50%	12,50%< <=13,00%	13,00%< =13,50%	>13,50%
	≥ 12%	-100%	-20%	-10%	---
Group RORAC	8%< < 12%	-100%	-30%	-20%	---
	< 8%	-100%	-40%	-30%	-20%

Without prejudice to the provisions of the relevant CCNL on the rights and duties of employees and of the Disciplinary Code and the Code of Ethics in force, the variable component is also reduced to zero if the person has determined or contributed to determining:

violations of the obligations imposed pursuant to article 26 or, when the person is an interested party, of article 53, paragraphs 4 and following, of the Consolidated Banking Act or of the obligations relating to remuneration and incentives;
conduct that does not comply with legal, regulatory, or statutory provisions or any Codes of Ethics or Conduct applicable to the Bank resulting in a significant loss to the Group¹¹ or customers¹²;
further conduct that does not comply with the provisions of the law, regulations or the Articles of Association, or with any Codes of Ethics or Codes of Conduct applicable to the Bank in the cases envisaged by the latter;
fraudulent conduct or gross negligence to the detriment of the Group;

or if,

the consolidated Total Own Funds Capital Ratio is less than or equal to the Overall Capital Requirement announced by the Supervisory Body as part of the "Capital Decisions" following the periodic Supervisory Review and Evaluation Process (SREP);
the Shareholders' Meeting has resolved to revoke the appointment for just cause, or the Board of Directors has resolved to terminate the employment contract for just cause.

¹¹ Loss equal to or greater than 5% of equity.

¹² The Parent Company identifies as a "significant loss" to customers, any loss resulting from conduct that deviates from or otherwise fails to comply with legal, regulatory, statutory or ethical standards applicable to the Group. In particular, reference is made to cases of internal fraud, complaints upheld for improper conduct, and intentional non-compliance with the delegation system, where such cases have an effect on customers. It is understood that if these events are found to have occurred, all the investigations required by the disciplinary procedures provided for by law and by the relevant National Collective Labour Agreement applicable to these cases will be carried out and, if the conditions are met, the most appropriate disciplinary measures will be applied depending on the seriousness found and the extent of the loss suffered.

The above-mentioned criteria are checked in each of the three financial years¹³ closed after the determination of the variable component (accrual period) and applied when the above-mentioned conditions occur, taking into account the worst result recorded in the reference period. Thus, merely by way of example, the malus condition with respect to the 2021 variable bonus will be tested in each of the three years ending after the variable component is determined (and, therefore, 2022, 2023 and 2024) and will be applied upon the occurrence of such conditions in at least one of the three years of observation.

Moreover, without prejudice to the provisions of the relevant CCNL on the rights and duties of employees and the Disciplinary Code and the Code of Ethics in force from time to time, the Group reserves the right to promote the appropriate actions for the restitution (so-called clawback mechanism) of the variable component recognised and/or paid to the staff if the subject has determined or contributed to determine:

violations of the obligations imposed pursuant to article 26 CBA/TUB or, when the person is an interested party, of article 53, paragraphs 4 and following, of the Consolidated Banking Act or of the obligations relating to remuneration and incentives;
conduct that does not comply with legal, regulatory, or statutory provisions or any Codes of Ethics or Conduct applicable to the Bank resulting in a significant loss to the Group¹⁴ or customers¹⁵;
further conduct that does not comply with the provisions of the law, regulations or the Articles of Association, or with any Codes of Ethics or Codes of Conduct applicable to the Bank in the cases envisaged by the latter;
fraud or gross misconduct on the part of the beneficiary to the detriment of the Group, or if the consolidated Total Own Funds Capital Ratio is less than or equal to the Overall Capital Requirement announced by the Supervisory Body as part of the "Capital Decisions" following the periodic Supervisory Review and Evaluation Process (SREP).

¹³ A sufficient condition for application of the corrective mechanisms is the occurrence of the above-mentioned conditions in at least one of the three years of observation (accrual period).

¹⁴ Loss equal to or greater than 5% of Shareholders' Equity, to be calculated net of elements deriving from extraordinary operations such as: capital increases, company mergers, demergers, acquisitions or any other non-recurring operation that the Board of Directors may decide upon and which may modify the value of the indicator.

¹⁵The Parent Company identifies as a "significant loss" to customers, any loss resulting from conduct that deviates from or otherwise fails to comply with legal, regulatory, statutory or ethical standards applicable to the Group. In particular, reference is made to cases of internal fraud, complaints upheld for improper conduct, and intentional non-compliance with the delegation system, where such cases have an effect on customers. It is understood that if these events are found to have occurred, all the investigations required by the disciplinary procedures provided for by law and by the relevant National Collective Labour Agreement applicable to these cases will be carried out and, if the conditions are met, the most appropriate disciplinary measures will be applied depending on the seriousness found and the extent of the loss suffered.

¹⁶ A sufficient condition for application of the corrective mechanisms is the occurrence of one of the above-mentioned conditions in at least one of the three years of observation (accrual period).

when the conditions set out above occur, with the exception of the key personnel for whom this verification must be carried out in each of the next five closed years.

Finally, it is expressly forbidden for individual employees to engage in personal hedging or insurance strategies on remuneration or other aspects that may alter or affect the effects of alignment with the company risk inherent in the remuneration mechanisms envisaged.

In particular, the Parent Company, in order to ensure that its key personnel are not remunerated or receive payments or other benefits in any way that circumvents the supervisory provisions on remuneration and incentive policies and practices, prepares specific individual agreements through which the recipients undertake to:

1. not make use of personal hedging strategies and/or resort to remuneration insurance or any other initiative aimed at altering and/or invalidating the risk alignment effects inherent in remuneration mechanisms;
1. communicate the existence or opening of custody and administration accounts with other intermediaries the information relating to the transactions carried out from time to time.

The types of transactions and financial investments made by key personnel that could affect the risk alignment mechanisms and, more generally, the pursuit of the aims of the regulations on remuneration and incentive policies and practices are transactions and investments in financial instruments issued by the bank, including derivatives that have such instruments as their underlying.

g) A description of the key parameters and rationale for any variable compensation scheme and any other non-cash benefits in accordance with article 450, paragraph 1, letter f) CRR¹⁷ .

Variable remuneration is determined and paid in relation to the performance achieved in the reference period on the basis of the level of achievement of the objectives (KPIs) assigned, which also include qualitative objectives.

h) At the request of the relevant member state or authority, the total compensation for each member of the governing body or senior management.

¹⁷ See also information in e) above

Model EU REM1: remuneration recognised for the year

			Board of Directors - strategic supervision function	Board of Directors - management function	Other members of senior managemen t	Other key personnel
1		Number of key personnel	11	2	28	23
2		Total fixed remuneration	2.285	0.858	4.406	2.867
3		Of which cash	2.285	0.858	4.406	2.867
4		(Not applicable in the EU)
EU-4a		Of which shares or equivalent equity investments
5	Fixed remuneration	Of which equity-linked or equivalent non cash instruments
EU-5x		Of which other instruments
6		(Not applicable in the EU)
7		Of which other forms
8		(Not applicable in the EU)
9		Number of key personnel		2	19	23
10		Total variable remuneration		1.1191	2.0625	1.1192
11		Of which cash		1.119	2.062	1.119
12		Of which deferred		0.196	0.346	0.103
EU-13a		Of which shares or equivalent equity investments		0.131	0.230	0.069
EU-14a		Of which deferred		0.196	0.346	0.103
EU-13b	Variable remuneration	Of which equity-linked or equivalent non cash instruments
EU-14b		Of which deferred
EU-14x		Of which other instruments
EU-14y		Of which deferred
15		Of which other forms
16		Of which deferred
17	Total remuneration (2 + 10)		2.29	1.98	6.47	3.99

Model EU REM2: special payments to personnel whose professional activities have a significant impact on the institution's risk profile (key personnel)

		Board of Directors - management function
	Bonuses forming part of guaranteed variable remuneration
1	Bonuses forming part of guaranteed variable remuneration - Number of key personnel
2	Bonuses forming part of guaranteed variable remuneration - Total amount
3	Of which bonuses as part of guaranteed variable remuneration paid during the year not taken into account in the bonus cap
	Employee severance indemnities recognised in prior periods that were paid during the year
4	Employee severance indemnities recognised in prior periods that were paid during the year - Number of key personnel
5	Employee severance indemnities recognised in prior periods that were paid during the year - Total amount
	Employee severance indemnities paid during the year
6	Employee severance indemnities recognised during the year - Number of key personnel	1
7	Employee severance indemnities recognised during the year - Total amount	0.125
8	Of which paid during the year
9	Of which deferred	0.125
10	Of which employee severance indemnities paid during the year not considered in the bonus cap
11	Of which the highest amount awarded to a single person

Model EU REM3: deferred remuneration

		Total amount of deferred remuneration recognised for prior benefit periods	Of which amounts accruing during the year	Of which amounts accruing in subsequent years	Amount of performance adjustment, made during the year, on deferred remuneration that should have been accrued during the year	Amount of performance adjustment, made during the year, on deferred remuneration that should have been accrued in subsequent performance	Total amount of deferred remuneration recognised prior to the year, actually paid during the year	Total amount of deferred remuneration recognised for the prior benefit period that was accrued but is subject to retention periods
1	Board of Directors - strategic supervision function					years
2	Cash
3	Shares or equivalent equity investments
4	Equity-linked or equivalent non-cash instruments
5	Other instruments
6	Other forms
7	Board of Directors - management function
8	Cash	0.06	0.030	0.030	0.007	0.007	0.030	0.030
9	Shares or equivalent equity investments	0.09	0.030	0.059	0.007	0.015	0.037	0.059
10	Equity-linked or equivalent non-cash instruments
11	Other instruments
12	Other forms
13	Other members of senior management
14	Cash	0.03		0.027		0.003		0.027
15	Shares or equivalent equity investments	0.03		0.027		0.003		0.027
16	Equity-linked or equivalent non-cash instruments
17	Other instruments
18	Other forms
19	Other key personnel
20	Cash	0.01		0.012		0.003		0.012
21	Shares or equivalent equity investments	0.01		0.012		0.003		0.012
22	Equity-linked or equivalent non-cash instruments
23	Other instruments
24	Other forms
25	Total amount	0.23	0.06	0.17	0.01	0.03	0.07	0.17

Model EU REM4: remuneration of 1 million Euro or more per financial year

		Key personnel who have high remuneration under article 450, letter i) of the CRR
1	From 1 000 000 to less than 1 500 000	1
2	From 1 500 000 to less than 2 000 000
3	From 2 000 000 to less than 2 500 000
4	From 2 500 000 to less than 3 000 000
5	From 3 000 000 to less than 3 500 000
6	From 3 500 000 to less than 4 000 000
7	From 4 000 000 to less than 4 500 000
8	From 4 500 000 to less than 5 000 000
9	From 5 000 000 to less than 6 000 000
10	From 6 000 000 to less than 7 000 000
11	From 7 000 000 to less than 8 000 000

Model EU REM5: information on the remuneration of personnel whose professional activities have a material impact on the institution's risk profile (key personnel)

		Remuneration of the Board of Directors			Business Areas
		Board of Directors - strategic supervision function	Board of Directors - management function	Total Board of Directors	Corporate functions	Independen t internal control functions	All others
1	Total key personnel
2	Of which members of the Board of Directors	11	2	13
3	Of which other members of top management				9	5	37
4	Of which other key personnel
5	Total remuneration of key personnel	2.29	1.98	4.26	2.38	1.04	7.03
6	Of which variable remuneration		1.12	1.12	0.91	0.23	2.04
7	Of which fixed remuneration	2.29	0.86	3.14	1.47	0.81	4.98

18. CEO declaration pursuant to article 435, letters e) and f) of Regulation (EU) no. 575/2013

The Chief Executive Officer, Frederik Geertman, acting on behalf of the Board of Directors, declares, pursuant to article 435, paragraph 1, letters e) and f) of Regulation no. 575/2013 (CRR) that:

the risk management systems implemented by the Banca Ifis Group and described in the document "Public Disclosure at 31 December 2021 - Pillar 3", are in line with the Group's profile and strategy;
the above-mentioned document, approved by the Board of Directors of the Parent Company, represents the Group's overall risk profiles and is consistent with and linked to the corporate strategy.

Venice, 10 March 2022

The CEO

19. Declaration by the Manager charged with preparing the Company's financial reports

Pursuant to article 154 bis, paragraph 2 of Italy's "Consolidated Law on Financial Intermediation", the Corporate Chief Financial Officer of Banca IFIS SpA, Mariacristina Taormina, declares that the accounting information contained in this "Public Disclosure at 31 December 2021 - Pillar 3" corresponds to the company's accounting records, books and entries.

Venice, 10 March 2022

Financial Reporting Officer Mariacristina Taormina

AI Terminal

Banca Ifis

4153_cgr_2022-03-31_9790033c-074b-4798-9db2-4343046b692a.pdf

Public Disclosure

Background

References to regulatory reporting requirements

Reference to EBA requirements - Regulation (EU) no. 637/2021, EBA/GL/2020/07 and EBA/GL/2020/12

1.General Information Requirement

The Banca Ifis Group

Mission and social responsibility

Commercial and Corporate Banking Segment

NPL Segment

Governance & Non-Core Services Segment

Strategic governance, management and control bodies

Internal Control System

1.1. Organisation of the Risk Management organisational unit

Mission of the Parent Company's Risk Management department

Organisational positioning of the Parent Company's Risk Management Department

Main activities

1.2. Risk profile and risk management and measurement systems

Determination of risk appetite and processes for managing relevant risks

Credit Risk Area:

Financial Risks Area:

Other types of Risk Area:

Financial leverage risk

Liquidity risk

Credit risk

Asset Encumbrance

Counterparty risk

Operational risk

Interest rate risk on the banking portfolio

Market risks

Concentration risk

Other Risks

Country risk

Transfer risk

Residual risk

Settlement and Delivery Risk

Model Risk

IT Risk

Reputational risk

Strategic Risk

1.3. Monitoring and Reporting

1.4. Governance System

2.Scope of Application

Qualitative disclosure

Quantitative information

EU model LI1: differences between the scope of accounting consolidation and that of regulatory consolidation and association of financial statements categories with regulatory risk categories

EU LI2 model: main sources of differences between exposure amounts determined for regulatory purposes and book values in the financial statements

Model EU LI3: description of differences between consolidation areas (subject by subject)

3.Composition of Own Funds

Qualitative disclosure

Disclosure on IFRS 9 adjustments (article 473 bis CRR) and temporary treatment for OCI reserve (article 468 CRR)

Consolidated equity includes:

Model EU CC1: breakdown of regulatory own funds

Model EU CC2: reconciliation of regulatory capital to balance sheet in audited financial statements

Model EU CCA: main characteristics of regulatory capital instruments and admissible liability instruments

4.Capital adequacy

Qualitative disclosure

Quantitative information

Model EU KM1: main metrics

Model EU OV1: overview of total risk exposure amounts

Model EU CCyB2: amount of institution-specific countercyclical capital buffer

5.Financial leverage

Qualitative information

Quantitative information

Model EU LR1 - LRSum: summary of reconciliation between accounting assets and financial leverage ratio exposures

Model EU LR2 - LRCom: Financial leverage coefficient common disclosure

Model EU LR3 - LRSpl: Breakdown of on-balance sheet exposures (excluding derivatives, SFT and exempted exposures)

6.Liquidity risk

Liquidity risk management policies and objectives

Quantitative information

Model EU LIQ1: quantitative information of the LCR

Model EU LIQ2: Net Stable Funding Ratio

7.Credit risk

7.1. General information

Objectives and credit risk management policies

7.1.1. Details by business segment

Organisational aspects

Management, measurement, control and reporting systems